[OE-core][scarthgap 00/21] Patch review

[OE-core][scarthgap 00/21] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Monday, July 8

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7104

The following changes since commit 9abcb18014020804738dfc7d278d7097679f4d19:

  classes/create-spdx-2.2: Fix SPDX Namespace Prefix (2024-06-28 06:28:58 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Antonin Godard (1):
  devtool: ide-sdk: correct help typo

Archana Polampalli (1):
  gstreamer: upgrade 1.22.11 -> 1.22.12

Bruce Ashfield (3):
  linux-yocto/6.6: update to v6.6.34
  linux-yocto/6.6: update to v6.6.35
  linux-yocto/6.6: fix AMD boot trace

Deepthi Hemraj (1):
  llvm: Fix CVE-2024-0151

Guðni Már Gilbert (4):
  python3-requests: cleanup RDEPENDS
  python3-setuptools: drop python3-2to3 from RDEPENDS
  python3-bcrypt: drop python3-six from RDEPENDS
  python3-pyopenssl: drop python3-six from RDEPENDS

Hitendra Prajapati (1):
  QEMU: Fix CVE-2024-3446 & CVE-2024-3567

Jose Quaresma (1):
  openssh: fix CVE-2024-6387

Khem Raj (1):
  pcmanfm: Disable incompatible-pointer-types warning as error

Martin Jansa (1):
  rng-tools: ignore incompatible-pointer-types errors for now

Mingli Yu (1):
  ruby: Fix CVE-2023-36617

Richard Purdie (3):
  python3-jinja2: Upgrade 3.1.3 -> 3.1.4
  oeqa/selftest/recipetool: Fix for usrmerge in DISTRO_FEATURES
  oeqa/selftest/devtool: Fix for usrmerge in DISTRO_FEATURES

Ross Burton (1):
  curl: locale-base-en-us isn't glibc-specific

Siddharth Doshi (1):
  OpenSSL: Security fix for CVE-2024-5535

Yi Zhao (1):
  libpam: fix runtime error in pam_pwhistory moudle

 meta/lib/oeqa/selftest/cases/devtool.py       |    2 +
 meta/lib/oeqa/selftest/cases/recipetool.py    |   16 +-
 .../openssh/openssh/CVE-2024-6387.patch       |   27 +
 .../openssh/openssh_9.6p1.bb                  |    1 +
 .../openssl/openssl/CVE-2024-5535_1.patch     |  113 ++
 .../openssl/openssl/CVE-2024-5535_10.patch    |  203 +++
 .../openssl/openssl/CVE-2024-5535_2.patch     |   43 +
 .../openssl/openssl/CVE-2024-5535_3.patch     |   38 +
 .../openssl/openssl/CVE-2024-5535_4.patch     |   82 ++
 .../openssl/openssl/CVE-2024-5535_5.patch     |  176 +++
 .../openssl/openssl/CVE-2024-5535_6.patch     | 1173 +++++++++++++++++
 .../openssl/openssl/CVE-2024-5535_7.patch     |   43 +
 .../openssl/openssl/CVE-2024-5535_8.patch     |   66 +
 .../openssl/openssl/CVE-2024-5535_9.patch     |  271 ++++
 .../openssl/openssl_3.2.2.bb                  |   10 +
 .../llvm/0002-llvm-Fix-CVE-2024-0151.patch    | 1086 +++++++++++++++
 meta/recipes-devtools/llvm/llvm_18.1.5.bb     |    1 +
 .../python/python3-bcrypt_4.1.2.bb            |    1 -
 ...inja2_3.1.3.bb => python3-jinja2_3.1.4.bb} |    8 +-
 .../python/python3-pyopenssl_24.0.0.bb        |    1 -
 .../python/python3-requests_2.31.0.bb         |    6 +-
 .../python/python3-setuptools_69.1.1.bb       |    1 -
 meta/recipes-devtools/qemu/qemu.inc           |    5 +
 .../qemu/qemu/CVE-2024-3446-01.patch          |   73 +
 .../qemu/qemu/CVE-2024-3446-02.patch          |   48 +
 .../qemu/qemu/CVE-2024-3446-03.patch          |   47 +
 .../qemu/qemu/CVE-2024-3446-04.patch          |   52 +
 .../qemu/qemu/CVE-2024-3567.patch             |   48 +
 .../ruby/ruby/CVE-2023-36617_1.patch          |   56 +
 .../ruby/ruby/CVE-2023-36617_2.patch          |   52 +
 meta/recipes-devtools/ruby/ruby_3.2.2.bb      |    2 +
 ...x-passing-NULL-filename-argument-to-.patch |   69 +
 meta/recipes-extended/pam/libpam_1.5.3.bb     |    1 +
 .../linux/linux-yocto-rt_6.6.bb               |    6 +-
 .../linux/linux-yocto-tiny_6.6.bb             |    6 +-
 meta/recipes-kernel/linux/linux-yocto_6.6.bb  |   28 +-
 ...ols_1.22.11.bb => gst-devtools_1.22.12.bb} |    2 +-
 ...22.11.bb => gstreamer1.0-libav_1.22.12.bb} |    2 +-
 ...1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} |    2 +-
 ...bb => gstreamer1.0-plugins-bad_1.22.12.bb} |    2 +-
 ...b => gstreamer1.0-plugins-base_1.22.12.bb} |    2 +-
 ...b => gstreamer1.0-plugins-good_1.22.12.bb} |    2 +-
 ...b => gstreamer1.0-plugins-ugly_1.22.12.bb} |    2 +-
 ...2.11.bb => gstreamer1.0-python_1.22.12.bb} |    2 +-
 ...bb => gstreamer1.0-rtsp-server_1.22.12.bb} |    2 +-
 ...22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} |    2 +-
 ...1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} |    2 +-
 meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb    |    2 +
 meta/recipes-support/curl/curl_8.7.1.bb       |    2 +-
 .../rng-tools/rng-tools_6.16.bb               |    4 +
 scripts/lib/devtool/ide_sdk.py                |    2 +-
 51 files changed, 3844 insertions(+), 49 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch
 create mode 100644 meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch
 rename meta/recipes-devtools/python/{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} (79%)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.11.bb => gst-devtools_1.22.12.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.11.bb => gstreamer1.0-libav_1.22.12.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.11.bb => gstreamer1.0-plugins-bad_1.22.12.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.11.bb => gstreamer1.0-plugins-base_1.22.12.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.11.bb => gstreamer1.0-plugins-good_1.22.12.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.11.bb => gstreamer1.0-plugins-ugly_1.22.12.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.11.bb => gstreamer1.0-python_1.22.12.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.11.bb => gstreamer1.0-rtsp-server_1.22.12.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} (97%)

-- 
2.34.1

[OE-core][scarthgap 01/21] llvm: Fix CVE-2024-0151

[Steve Sakoman]

From: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>

Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../llvm/0002-llvm-Fix-CVE-2024-0151.patch    | 1086 +++++++++++++++++
 meta/recipes-devtools/llvm/llvm_18.1.5.bb     |    1 +
 2 files changed, 1087 insertions(+)
 create mode 100644 meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch

diff --git a/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch b/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch
new file mode 100644
index 0000000000..c05685e64d
--- /dev/null
+++ b/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch
@@ -0,0 +1,1086 @@
+commit 78ff617d3f573fb3a9b2fef180fa0fd43d5584ea
+Author: Lucas Duarte Prates <lucas.prates@arm.com>
+Date:   Thu Jun 20 10:22:01 2024 +0100
+
+    [ARM] CMSE security mitigation on function arguments and returned values (#89944)
+
+    The ABI mandates two things related to function calls:
+     - Function arguments must be sign- or zero-extended to the register
+       size by the caller.
+     - Return values must be sign- or zero-extended to the register size by
+       the callee.
+
+    As consequence, callees can assume that function arguments have been
+    extended and so can callers with regards to return values.
+
+    Here lies the problem: Nonsecure code might deliberately ignore this
+    mandate with the intent of attempting an exploit. It might try to pass
+    values that lie outside the expected type's value range in order to
+    trigger undefined behaviour, e.g. out of bounds access.
+
+    With the mitigation implemented, Secure code always performs extension
+    of values passed by Nonsecure code.
+
+    This addresses the vulnerability described in CVE-2024-0151.
+
+    Patches by Victor Campos.
+
+    ---------
+
+    Co-authored-by: Victor Campos <victor.campos@arm.com>
+
+Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/78ff617d3f573fb3a9b2fef180fa0fd43d5584ea]
+CVE: CVE-2024-0151
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+---
+diff --git a/llvm/lib/Target/ARM/ARMISelLowering.cpp b/llvm/lib/Target/ARM/ARMISelLowering.cpp
+index bfe137b95602..5490c3c9df6c 100644
+--- a/llvm/lib/Target/ARM/ARMISelLowering.cpp
++++ b/llvm/lib/Target/ARM/ARMISelLowering.cpp
+@@ -156,6 +156,17 @@ static const MCPhysReg GPRArgRegs[] = {
+   ARM::R0, ARM::R1, ARM::R2, ARM::R3
+ };
+ 
++static SDValue handleCMSEValue(const SDValue &Value, const ISD::InputArg &Arg,
++                               SelectionDAG &DAG, const SDLoc &DL) {
++  assert(Arg.ArgVT.isScalarInteger());
++  assert(Arg.ArgVT.bitsLT(MVT::i32));
++  SDValue Trunc = DAG.getNode(ISD::TRUNCATE, DL, Arg.ArgVT, Value);
++  SDValue Ext =
++      DAG.getNode(Arg.Flags.isSExt() ? ISD::SIGN_EXTEND : ISD::ZERO_EXTEND, DL,
++                  MVT::i32, Trunc);
++  return Ext;
++}
++
+ void ARMTargetLowering::addTypeForNEON(MVT VT, MVT PromotedLdStVT) {
+   if (VT != PromotedLdStVT) {
+     setOperationAction(ISD::LOAD, VT, Promote);
+@@ -2196,7 +2207,7 @@ SDValue ARMTargetLowering::LowerCallResult(
+     SDValue Chain, SDValue InGlue, CallingConv::ID CallConv, bool isVarArg,
+     const SmallVectorImpl<ISD::InputArg> &Ins, const SDLoc &dl,
+     SelectionDAG &DAG, SmallVectorImpl<SDValue> &InVals, bool isThisReturn,
+-    SDValue ThisVal) const {
++    SDValue ThisVal, bool isCmseNSCall) const {
+   // Assign locations to each value returned by this call.
+   SmallVector<CCValAssign, 16> RVLocs;
+   CCState CCInfo(CallConv, isVarArg, DAG.getMachineFunction(), RVLocs,
+@@ -2274,6 +2285,15 @@ SDValue ARMTargetLowering::LowerCallResult(
+         (VA.getValVT() == MVT::f16 || VA.getValVT() == MVT::bf16))
+       Val = MoveToHPR(dl, DAG, VA.getLocVT(), VA.getValVT(), Val);
+ 
++    // On CMSE Non-secure Calls, call results (returned values) whose bitwidth
++    // is less than 32 bits must be sign- or zero-extended after the call for
++    // security reasons. Although the ABI mandates an extension done by the
++    // callee, the latter cannot be trusted to follow the rules of the ABI.
++    const ISD::InputArg &Arg = Ins[VA.getValNo()];
++    if (isCmseNSCall && Arg.ArgVT.isScalarInteger() &&
++        VA.getLocVT().isScalarInteger() && Arg.ArgVT.bitsLT(MVT::i32))
++      Val = handleCMSEValue(Val, Arg, DAG, dl);
++
+     InVals.push_back(Val);
+   }
+ 
+@@ -2888,7 +2908,7 @@ ARMTargetLowering::LowerCall(TargetLowering::CallLoweringInfo &CLI,
+   // return.
+   return LowerCallResult(Chain, InGlue, CallConv, isVarArg, Ins, dl, DAG,
+                          InVals, isThisReturn,
+-                         isThisReturn ? OutVals[0] : SDValue());
++                         isThisReturn ? OutVals[0] : SDValue(), isCmseNSCall);
+ }
+ 
+ /// HandleByVal - Every parameter *after* a byval parameter is passed
+@@ -4485,8 +4505,6 @@ SDValue ARMTargetLowering::LowerFormalArguments(
+                  *DAG.getContext());
+   CCInfo.AnalyzeFormalArguments(Ins, CCAssignFnForCall(CallConv, isVarArg));
+ 
+-  SmallVector<SDValue, 16> ArgValues;
+-  SDValue ArgValue;
+   Function::const_arg_iterator CurOrigArg = MF.getFunction().arg_begin();
+   unsigned CurArgIdx = 0;
+ 
+@@ -4541,6 +4559,7 @@ SDValue ARMTargetLowering::LowerFormalArguments(
+     // Arguments stored in registers.
+     if (VA.isRegLoc()) {
+       EVT RegVT = VA.getLocVT();
++      SDValue ArgValue;
+ 
+       if (VA.needsCustom() && VA.getLocVT() == MVT::v2f64) {
+         // f64 and vector types are split up into multiple registers or
+@@ -4604,16 +4623,6 @@ SDValue ARMTargetLowering::LowerFormalArguments(
+       case CCValAssign::BCvt:
+         ArgValue = DAG.getNode(ISD::BITCAST, dl, VA.getValVT(), ArgValue);
+         break;
+-      case CCValAssign::SExt:
+-        ArgValue = DAG.getNode(ISD::AssertSext, dl, RegVT, ArgValue,
+-                               DAG.getValueType(VA.getValVT()));
+-        ArgValue = DAG.getNode(ISD::TRUNCATE, dl, VA.getValVT(), ArgValue);
+-        break;
+-      case CCValAssign::ZExt:
+-        ArgValue = DAG.getNode(ISD::AssertZext, dl, RegVT, ArgValue,
+-                               DAG.getValueType(VA.getValVT()));
+-        ArgValue = DAG.getNode(ISD::TRUNCATE, dl, VA.getValVT(), ArgValue);
+-        break;
+       }
+ 
+       // f16 arguments have their size extended to 4 bytes and passed as if they
+@@ -4623,6 +4632,15 @@ SDValue ARMTargetLowering::LowerFormalArguments(
+           (VA.getValVT() == MVT::f16 || VA.getValVT() == MVT::bf16))
+         ArgValue = MoveToHPR(dl, DAG, VA.getLocVT(), VA.getValVT(), ArgValue);
+ 
++      // On CMSE Entry Functions, formal integer arguments whose bitwidth is
++      // less than 32 bits must be sign- or zero-extended in the callee for
++      // security reasons. Although the ABI mandates an extension done by the
++      // caller, the latter cannot be trusted to follow the rules of the ABI.
++      const ISD::InputArg &Arg = Ins[VA.getValNo()];
++      if (AFI->isCmseNSEntryFunction() && Arg.ArgVT.isScalarInteger() &&
++          RegVT.isScalarInteger() && Arg.ArgVT.bitsLT(MVT::i32))
++        ArgValue = handleCMSEValue(ArgValue, Arg, DAG, dl);
++
+       InVals.push_back(ArgValue);
+     } else { // VA.isRegLoc()
+       // Only arguments passed on the stack should make it here.
+diff --git a/llvm/lib/Target/ARM/ARMISelLowering.h b/llvm/lib/Target/ARM/ARMISelLowering.h
+index 62a52bdb03f7..a255e9b6fc36 100644
+--- a/llvm/lib/Target/ARM/ARMISelLowering.h
++++ b/llvm/lib/Target/ARM/ARMISelLowering.h
+@@ -891,7 +891,7 @@ class VectorType;
+                             const SmallVectorImpl<ISD::InputArg> &Ins,
+                             const SDLoc &dl, SelectionDAG &DAG,
+                             SmallVectorImpl<SDValue> &InVals, bool isThisReturn,
+-                            SDValue ThisVal) const;
++                            SDValue ThisVal, bool isCmseNSCall) const;
+ 
+     bool supportSplitCSR(MachineFunction *MF) const override {
+       return MF->getFunction().getCallingConv() == CallingConv::CXX_FAST_TLS &&
+diff --git a/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll b/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll
+new file mode 100644
+index 0000000000..58eef443c25e
+--- /dev/null
++++ b/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll
+@@ -0,0 +1,552 @@
++; RUN: llc %s -mtriple=thumbv8m.main     -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-LE
++; RUN: llc %s -mtriple=thumbebv8m.main   -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-BE
++; RUN: llc %s -mtriple=thumbv8.1m.main   -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-LE
++; RUN: llc %s -mtriple=thumbebv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-BE
++
++@get_idx = hidden local_unnamed_addr global ptr null, align 4
++@arr = hidden local_unnamed_addr global [256 x i32] zeroinitializer, align 4
++
++define i32 @access_i16() {
++; V8M-COMMON-LABEL: access_i16:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    sxth r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_i16:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    sxth r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call signext i16 %0() "cmse_nonsecure_call"
++  %idxprom = sext i16 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_u16() {
++; V8M-COMMON-LABEL: access_u16:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    uxth r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_u16:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    uxth r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call zeroext i16 %0() "cmse_nonsecure_call"
++  %idxprom = zext i16 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_i8() {
++; V8M-COMMON-LABEL: access_i8:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    sxtb r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_i8:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    sxtb r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call signext i8 %0() "cmse_nonsecure_call"
++  %idxprom = sext i8 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_u8() {
++; V8M-COMMON-LABEL: access_u8:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    uxtb r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_u8:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    uxtb r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call zeroext i8 %0() "cmse_nonsecure_call"
++  %idxprom = zext i8 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_i1() {
++; V8M-COMMON-LABEL: access_i1:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    and r0, r0, #1
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_i1:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    and r0, r0, #1
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call zeroext i1 %0() "cmse_nonsecure_call"
++  %idxprom = zext i1 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_i5() {
++; V8M-COMMON-LABEL: access_i5:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    sbfx r0, r0, #0, #5
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_i5:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    sbfx r0, r0, #0, #5
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call signext i5 %0() "cmse_nonsecure_call"
++  %idxprom = sext i5 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_u5() {
++; V8M-COMMON-LABEL: access_u5:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V8M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V8M-COMMON-NEXT:    ldr r0, [r0]
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    and r0, r0, #31
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_u5:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    movw r0, :lower16:get_idx
++; V81M-COMMON-NEXT:    movt r0, :upper16:get_idx
++; V81M-COMMON-NEXT:    ldr r0, [r0]
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    and r0, r0, #31
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %0 = load ptr, ptr @get_idx, align 4
++  %call = tail call zeroext i5 %0() "cmse_nonsecure_call"
++  %idxprom = zext i5 %call to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %1 = load i32, ptr %arrayidx, align 4
++  ret i32 %1
++}
++
++define i32 @access_i33(ptr %f) {
++; V8M-COMMON-LABEL: access_i33:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-LE-NEXT:        and r0, r1, #1
++; V8M-BE-NEXT:        and r0, r0, #1
++; V8M-COMMON-NEXT:    rsb.w r0, r0, #0
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_i33:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-LE-NEXT:        and r0, r1, #1
++; V81M-BE-NEXT:        and r0, r0, #1
++; V81M-COMMON-NEXT:    rsb.w r0, r0, #0
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %call = tail call i33 %f() "cmse_nonsecure_call"
++  %shr = ashr i33 %call, 32
++  %conv = trunc nsw i33 %shr to i32
++  ret i32 %conv
++}
++
++define i32 @access_u33(ptr %f) {
++; V8M-COMMON-LABEL: access_u33:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    push {r7, lr}
++; V8M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-COMMON-NEXT:    bic r0, r0, #1
++; V8M-COMMON-NEXT:    sub sp, #136
++; V8M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    mov r1, r0
++; V8M-COMMON-NEXT:    mov r2, r0
++; V8M-COMMON-NEXT:    mov r3, r0
++; V8M-COMMON-NEXT:    mov r4, r0
++; V8M-COMMON-NEXT:    mov r5, r0
++; V8M-COMMON-NEXT:    mov r6, r0
++; V8M-COMMON-NEXT:    mov r7, r0
++; V8M-COMMON-NEXT:    mov r8, r0
++; V8M-COMMON-NEXT:    mov r9, r0
++; V8M-COMMON-NEXT:    mov r10, r0
++; V8M-COMMON-NEXT:    mov r11, r0
++; V8M-COMMON-NEXT:    mov r12, r0
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, r0
++; V8M-COMMON-NEXT:    blxns r0
++; V8M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V8M-COMMON-NEXT:    add sp, #136
++; V8M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V8M-LE-NEXT:        and r0, r1, #1
++; V8M-BE-NEXT:        and r0, r0, #1
++; V8M-COMMON-NEXT:    pop {r7, pc}
++;
++; V81M-COMMON-LABEL: access_u33:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    push {r7, lr}
++; V81M-COMMON-NEXT:    push.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-COMMON-NEXT:    bic r0, r0, #1
++; V81M-COMMON-NEXT:    sub sp, #136
++; V81M-COMMON-NEXT:    vlstm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
++; V81M-COMMON-NEXT:    blxns r0
++; V81M-COMMON-NEXT:    vlldm sp, {d0 - d15}
++; V81M-COMMON-NEXT:    add sp, #136
++; V81M-COMMON-NEXT:    pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
++; V81M-LE-NEXT:        and r0, r1, #1
++; V81M-BE-NEXT:        and r0, r0, #1
++; V81M-COMMON-NEXT:    pop {r7, pc}
++entry:
++  %call = tail call i33 %f() "cmse_nonsecure_call"
++  %shr = lshr i33 %call, 32
++  %conv = trunc nuw nsw i33 %shr to i32
++  ret i32 %conv
++}
+diff --git a/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll b/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll
+new file mode 100644
+index 0000000000..c66ab00566dd
+--- /dev/null
++++ b/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll
+@@ -0,0 +1,368 @@
++; RUN: llc %s -mtriple=thumbv8m.main     -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-LE
++; RUN: llc %s -mtriple=thumbebv8m.main   -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-BE
++; RUN: llc %s -mtriple=thumbv8.1m.main   -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-LE
++; RUN: llc %s -mtriple=thumbebv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-BE
++
++@arr = hidden local_unnamed_addr global [256 x i32] zeroinitializer, align 4
++
++define i32 @access_i16(i16 signext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_i16:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    sxth r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_i16:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    sxth r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = sext i16 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_u16(i16 zeroext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_u16:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    uxth r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_u16:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    uxth r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = zext i16 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_i8(i8 signext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_i8:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    sxtb r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_i8:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    sxtb r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = sext i8 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_u8(i8 zeroext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_u8:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    uxtb r0, r0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_u8:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    uxtb r0, r0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = zext i8 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_i1(i1 signext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_i1:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    and r0, r0, #1
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    rsbs r0, r0, #0
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    and r0, r0, #1
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_i1:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    and r0, r0, #1
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    rsbs r0, r0, #0
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    and r0, r0, #1
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = zext i1 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_i5(i5 signext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_i5:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    sbfx r0, r0, #0, #5
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_i5:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    sbfx r0, r0, #0, #5
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = sext i5 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_u5(i5 zeroext %idx) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_u5:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    movw r1, :lower16:arr
++; V8M-COMMON-NEXT:    and r0, r0, #31
++; V8M-COMMON-NEXT:    movt r1, :upper16:arr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_u5:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    movw r1, :lower16:arr
++; V81M-COMMON-NEXT:    and r0, r0, #31
++; V81M-COMMON-NEXT:    movt r1, :upper16:arr
++; V81M-COMMON-NEXT:    ldr.w r0, [r1, r0, lsl #2]
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %idxprom = zext i5 %idx to i32
++  %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom
++  %0 = load i32, ptr %arrayidx, align 4
++  ret i32 %0
++}
++
++define i32 @access_i33(i33 %arg) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_i33:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-LE-NEXT:        and r0, r1, #1
++; V8M-BE-NEXT:        and r0, r0, #1
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    rsbs r0, r0, #0
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_i33:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-LE-NEXT:        and r0, r1, #1
++; V81M-BE-NEXT:        and r0, r0, #1
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    rsbs r0, r0, #0
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %shr = ashr i33 %arg, 32
++  %conv = trunc nsw i33 %shr to i32
++  ret i32 %conv
++}
++
++define i32 @access_u33(i33 %arg) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_u33:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-LE-NEXT:        and r0, r1, #1
++; V8M-BE-NEXT:        and r0, r0, #1
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_u33:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-LE-NEXT:        and r0, r1, #1
++; V81M-BE-NEXT:        and r0, r0, #1
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %shr = lshr i33 %arg, 32
++  %conv = trunc nuw nsw i33 %shr to i32
++  ret i32 %conv
++}
++
++define i32 @access_i65(ptr byval(i65) %0) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_i65:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    sub sp, #16
++; V8M-COMMON-NEXT:    stm.w sp, {r0, r1, r2, r3}
++; V8M-LE-NEXT:        ldrb.w r0, [sp, #8]
++; V8M-LE-NEXT:        and r0, r0, #1
++; V8M-LE-NEXT:        rsbs r0, r0, #0
++; V8M-BE-NEXT:        movs r1, #0
++; V8M-BE-NEXT:        sub.w r0, r1, r0, lsr #24
++; V8M-COMMON-NEXT:    add sp, #16
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_i65:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    sub sp, #16
++; V81M-COMMON-NEXT:    add sp, #4
++; V81M-COMMON-NEXT:    stm.w sp, {r0, r1, r2, r3}
++; V81M-LE-NEXT:        ldrb.w r0, [sp, #8]
++; V81M-LE-NEXT:        and r0, r0, #1
++; V81M-LE-NEXT:        rsbs r0, r0, #0
++; V81M-BE-NEXT:        movs r1, #0
++; V81M-BE-NEXT:        sub.w r0, r1, r0, lsr #24
++; V81M-COMMON-NEXT:    sub sp, #4
++; V81M-COMMON-NEXT:    add sp, #16
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %arg = load i65, ptr %0, align 8
++  %shr = ashr i65 %arg, 64
++  %conv = trunc nsw i65 %shr to i32
++  ret i32 %conv
++}
++
++define i32 @access_u65(ptr byval(i65) %0) "cmse_nonsecure_entry" {
++; V8M-COMMON-LABEL: access_u65:
++; V8M-COMMON:       @ %bb.0: @ %entry
++; V8M-COMMON-NEXT:    sub sp, #16
++; V8M-COMMON-NEXT:    stm.w sp, {r0, r1, r2, r3}
++; V8M-LE-NEXT:        ldrb.w r0, [sp, #8]
++; V8M-BE-NEXT:        lsrs r0, r0, #24
++; V8M-COMMON-NEXT:    add sp, #16
++; V8M-COMMON-NEXT:    mov r1, lr
++; V8M-COMMON-NEXT:    mov r2, lr
++; V8M-COMMON-NEXT:    mov r3, lr
++; V8M-COMMON-NEXT:    mov r12, lr
++; V8M-COMMON-NEXT:    msr apsr_nzcvq, lr
++; V8M-COMMON-NEXT:    bxns lr
++;
++; V81M-COMMON-LABEL: access_u65:
++; V81M-COMMON:       @ %bb.0: @ %entry
++; V81M-COMMON-NEXT:    vstr fpcxtns, [sp, #-4]!
++; V81M-COMMON-NEXT:    sub sp, #16
++; V81M-COMMON-NEXT:    add sp, #4
++; V81M-COMMON-NEXT:    stm.w sp, {r0, r1, r2, r3}
++; V81M-LE-NEXT:        ldrb.w r0, [sp, #8]
++; V81M-BE-NEXT:        lsrs r0, r0, #24
++; V81M-COMMON-NEXT:    sub sp, #4
++; V81M-COMMON-NEXT:    add sp, #16
++; V81M-COMMON-NEXT:    vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr}
++; V81M-COMMON-NEXT:    vldr fpcxtns, [sp], #4
++; V81M-COMMON-NEXT:    clrm {r1, r2, r3, r12, apsr}
++; V81M-COMMON-NEXT:    bxns lr
++entry:
++  %arg = load i65, ptr %0, align 8
++  %shr = lshr i65 %arg, 64
++  %conv = trunc nuw nsw i65 %shr to i32
++  ret i32 %conv
++}
diff --git a/meta/recipes-devtools/llvm/llvm_18.1.5.bb b/meta/recipes-devtools/llvm/llvm_18.1.5.bb
index 4b6763e580..b03cf1465e 100644
--- a/meta/recipes-devtools/llvm/llvm_18.1.5.bb
+++ b/meta/recipes-devtools/llvm/llvm_18.1.5.bb
@@ -25,6 +25,7 @@ LLVM_RELEASE = "${PV}"
 SRC_URI = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz \
            file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \
            file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \
+           file://0002-llvm-Fix-CVE-2024-0151.patch;striplevel=2 \
            file://llvm-config \
            "
 SRC_URI[sha256sum] = "3591a52761a7d390ede51af01ea73abfecc4b1d16445f9d019b67a57edd7de56"
-- 
2.34.1

[OE-core][scarthgap 02/21] ruby: Fix CVE-2023-36617

[Steve Sakoman]

From: Mingli Yu <mingli.yu@windriver.com>

Backport two patches [1] [2] to fix CVE-2023-36617 [3].

[1] https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1
[2] https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8
[3] https://www.ruby-lang.org/en/news/2023/06/29/redos-in-uri-CVE-2023-36617/

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ruby/ruby/CVE-2023-36617_1.patch          | 56 +++++++++++++++++++
 .../ruby/ruby/CVE-2023-36617_2.patch          | 52 +++++++++++++++++
 meta/recipes-devtools/ruby/ruby_3.2.2.bb      |  2 +
 3 files changed, 110 insertions(+)
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch
 create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch

diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch
new file mode 100644
index 0000000000..17c7e30176
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch
@@ -0,0 +1,56 @@
+From 2ebb50d2dc302917a6f57c1239dc9e700dfe0e34 Mon Sep 17 00:00:00 2001
+From: Nobuyoshi Nakada <nobu@ruby-lang.org>
+Date: Thu, 27 Jul 2023 15:53:01 +0800
+Subject: [PATCH] Fix quadratic backtracking on invalid relative URI
+
+https://hackerone.com/reports/1958260
+
+CVE: CVE-2023-36617
+
+Upstream-Status: Backport [https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/uri/rfc2396_parser.rb |  4 ++--
+ test/uri/test_parser.rb   | 12 ++++++++++++
+ 2 files changed, 14 insertions(+), 2 deletions(-)
+
+diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb
+index 76a8f99..00c66cf 100644
+--- a/lib/uri/rfc2396_parser.rb
++++ b/lib/uri/rfc2396_parser.rb
+@@ -497,8 +497,8 @@ module URI
+       ret = {}
+ 
+       # for URI::split
+-      ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
+-      ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
++      ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
++      ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
+ 
+       # for URI::extract
+       ret[:URI_REF]     = Regexp.new(pattern[:URI_REF])
+diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb
+index 72fb590..721e05e 100644
+--- a/test/uri/test_parser.rb
++++ b/test/uri/test_parser.rb
+@@ -79,4 +79,16 @@ class URI::TestParser < Test::Unit::TestCase
+     assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com"))
+     assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]"))
+   end
++
++  def test_rfc2822_parse_relative_uri
++    pre = ->(length) {
++      " " * length + "\0"
++    }
++    parser = URI::RFC2396_Parser.new
++    assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri|
++      assert_raise(URI::InvalidURIError) do
++        parser.split(uri)
++      end
++    end
++  end
+ end
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch
new file mode 100644
index 0000000000..7c51deaa42
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch
@@ -0,0 +1,52 @@
+From eea5868120509c245216c4b5c2d4b5db1c593d0e Mon Sep 17 00:00:00 2001
+From: Nobuyoshi Nakada <nobu@ruby-lang.org>
+Date: Thu, 27 Jul 2023 16:16:30 +0800
+Subject: [PATCH] Fix quadratic backtracking on invalid port number
+
+https://hackerone.com/reports/1958260
+
+CVE: CVE-2023-36617
+
+Upstream-Status: Backport [https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/uri/rfc3986_parser.rb |  2 +-
+ test/uri/test_parser.rb   | 10 ++++++++++
+ 2 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb
+index dd24a40..9b1663d 100644
+--- a/lib/uri/rfc3986_parser.rb
++++ b/lib/uri/rfc3986_parser.rb
+@@ -100,7 +100,7 @@ module URI
+         QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
+         FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
+         OPAQUE: /\A(?:[^\/].*)?\z/,
+-        PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
++        PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
+       }
+     end
+ 
+diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb
+index 721e05e..cee0acb 100644
+--- a/test/uri/test_parser.rb
++++ b/test/uri/test_parser.rb
+@@ -91,4 +91,14 @@ class URI::TestParser < Test::Unit::TestCase
+       end
+     end
+   end
++
++  def test_rfc3986_port_check
++    pre = ->(length) {"\t" * length + "a"}
++    uri = URI.parse("http://my.example.com")
++    assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port|
++      assert_raise(URI::InvalidComponentError) do
++        uri.port = port
++      end
++    end
++  end
+ end
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/ruby/ruby_3.2.2.bb b/meta/recipes-devtools/ruby/ruby_3.2.2.bb
index 481fe7c23d..d1359e388c 100644
--- a/meta/recipes-devtools/ruby/ruby_3.2.2.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.2.2.bb
@@ -31,6 +31,8 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \
            file://0006-Make-gemspecs-reproducible.patch \
            file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \
            file://0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch \
+           file://CVE-2023-36617_1.patch \
+           file://CVE-2023-36617_2.patch \
            "
 UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/"
 
-- 
2.34.1

[OE-core][scarthgap 03/21] openssh: fix CVE-2024-6387

[Steve Sakoman]

From: Jose Quaresma <quaresma.jose@gmail.com>

sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive).
Race condition resulting in potential remote code execution.
A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems.
This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config)
though this makes denial-of service against sshd(8) considerably easier.
For more information, please refer to the release notes [1] and the
report from the Qualys Security Advisory Team [2] who discovered the bug.

[1] https://www.openssh.com/txt/release-9.8
[2] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

References:
https://www.openssh.com/security.html

Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../openssh/openssh/CVE-2024-6387.patch       | 27 +++++++++++++++++++
 .../openssh/openssh_9.6p1.bb                  |  1 +
 2 files changed, 28 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch

diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch
new file mode 100644
index 0000000000..3e7c707100
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch
@@ -0,0 +1,27 @@
+Description: fix signal handler race condition
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2070497
+
+CVE: CVE-2024-6387
+
+Upstream-Status: Backport
+https://git.launchpad.net/ubuntu/+source/openssh/commit/?h=applied/ubuntu/jammy-devel&id=b059bcfa928df4ff2d103ae2e8f4e3136ee03efc
+
+Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
+
+--- a/log.c
++++ b/log.c
+@@ -452,12 +452,14 @@ void
+ sshsigdie(const char *file, const char *func, int line, int showfunc,
+     LogLevel level, const char *suffix, const char *fmt, ...)
+ {
++#if 0
+ 	va_list args;
+ 
+ 	va_start(args, fmt);
+ 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
+ 	    suffix, fmt, args);
+ 	va_end(args);
++#endif
+ 	_exit(1);
+ }
+ 
diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
index d941664b41..3cdf0327b0 100644
--- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
@@ -27,6 +27,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
            file://add-test-support-for-busybox.patch \
            file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \
            file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \
+           file://CVE-2024-6387.patch \
            "
 SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c"
 
-- 
2.34.1

[OE-core][scarthgap 04/21] OpenSSL: Security fix for CVE-2024-5535

[Steve Sakoman]

From: Siddharth Doshi <sdoshi@mvista.com>

Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e]

CVE's Fixed:
CVE-2024-5535 openssl: SSL_select_next_proto buffer overread

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../openssl/openssl/CVE-2024-5535_1.patch     |  113 ++
 .../openssl/openssl/CVE-2024-5535_10.patch    |  203 +++
 .../openssl/openssl/CVE-2024-5535_2.patch     |   43 +
 .../openssl/openssl/CVE-2024-5535_3.patch     |   38 +
 .../openssl/openssl/CVE-2024-5535_4.patch     |   82 ++
 .../openssl/openssl/CVE-2024-5535_5.patch     |  176 +++
 .../openssl/openssl/CVE-2024-5535_6.patch     | 1173 +++++++++++++++++
 .../openssl/openssl/CVE-2024-5535_7.patch     |   43 +
 .../openssl/openssl/CVE-2024-5535_8.patch     |   66 +
 .../openssl/openssl/CVE-2024-5535_9.patch     |  271 ++++
 .../openssl/openssl_3.2.2.bb                  |   10 +
 11 files changed, 2218 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch

diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch
new file mode 100644
index 0000000000..d5c178eeab
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch
@@ -0,0 +1,113 @@
+From b63b4db52e10677db4ab46b608aabd55a44668aa Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 31 May 2024 11:14:33 +0100
+Subject: [PATCH 01/10] Fix SSL_select_next_proto
+
+Ensure that the provided client list is non-NULL and starts with a valid
+entry. When called from the ALPN callback the client list should already
+have been validated by OpenSSL so this should not cause a problem. When
+called from the NPN callback the client list is locally configured and
+will not have already been validated. Therefore SSL_select_next_proto
+should not assume that it is correctly formatted.
+
+We implement stricter checking of the client protocol list. We also do the
+same for the server list while we are about it.
+
+CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ ssl/ssl_lib.c | 63 ++++++++++++++++++++++++++++++++-------------------
+ 1 file changed, 40 insertions(+), 23 deletions(-)
+
+diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
+index 016135f..cf52b31 100644
+--- a/ssl/ssl_lib.c
++++ b/ssl/ssl_lib.c
+@@ -3518,37 +3518,54 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           unsigned int server_len,
+                           const unsigned char *client, unsigned int client_len)
+ {
+-    unsigned int i, j;
+-    const unsigned char *result;
+-    int status = OPENSSL_NPN_UNSUPPORTED;
++    PACKET cpkt, csubpkt, spkt, ssubpkt;
++
++    if (!PACKET_buf_init(&cpkt, client, client_len)
++            || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt)
++            || PACKET_remaining(&csubpkt) == 0) {
++        *out = NULL;
++        *outlen = 0;
++        return OPENSSL_NPN_NO_OVERLAP;
++    }
++
++    /*
++     * Set the default opportunistic protocol. Will be overwritten if we find
++     * a match.
++     */
++    *out = (unsigned char *)PACKET_data(&csubpkt);
++    *outlen = (unsigned char)PACKET_remaining(&csubpkt);
+ 
+     /*
+      * For each protocol in server preference order, see if we support it.
+      */
+-    for (i = 0; i < server_len;) {
+-        for (j = 0; j < client_len;) {
+-            if (server[i] == client[j] &&
+-                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+-                /* We found a match */
+-                result = &server[i];
+-                status = OPENSSL_NPN_NEGOTIATED;
+-                goto found;
++    if (PACKET_buf_init(&spkt, server, server_len)) {
++        while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) {
++            if (PACKET_remaining(&ssubpkt) == 0)
++                continue; /* Invalid - ignore it */
++            if (PACKET_buf_init(&cpkt, client, client_len)) {
++                while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) {
++                    if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt),
++                                     PACKET_remaining(&ssubpkt))) {
++                        /* We found a match */
++                        *out = (unsigned char *)PACKET_data(&ssubpkt);
++                        *outlen = (unsigned char)PACKET_remaining(&ssubpkt);
++                        return OPENSSL_NPN_NEGOTIATED;
++                    }
++                }
++                /* Ignore spurious trailing bytes in the client list */
++            } else {
++                /* This should never happen */
++                return OPENSSL_NPN_NO_OVERLAP;
+             }
+-            j += client[j];
+-            j++;
+         }
+-        i += server[i];
+-        i++;
++        /* Ignore spurious trailing bytes in the server list */
+     }
+ 
+-    /* There's no overlap between our protocols and the server's list. */
+-    result = client;
+-    status = OPENSSL_NPN_NO_OVERLAP;
+-
+- found:
+-    *out = (unsigned char *)result + 1;
+-    *outlen = result[0];
+-    return status;
++    /*
++     * There's no overlap between our protocols and the server's list. We use
++     * the default opportunistic protocol selected earlier
++     */
++    return OPENSSL_NPN_NO_OVERLAP;
+ }
+ 
+ #ifndef OPENSSL_NO_NEXTPROTONEG
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch
new file mode 100644
index 0000000000..7cc36f20ab
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch
@@ -0,0 +1,203 @@
+From 61cad53901703944d22f1cd6a1b57460f2270599 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 21 Jun 2024 14:29:26 +0100
+Subject: [PATCH 10/10] Add a test for an empty NextProto message
+
+It is valid according to the spec for a NextProto message to have no
+protocols listed in it. The OpenSSL implementation however does not allow
+us to create such a message. In order to check that we work as expected
+when communicating with a client that does generate such messages we have
+to use a TLSProxy test.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/301b870546d1c7b2d8f0d66e04a2596142f0399f]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ test/recipes/70-test_npn.t      | 73 +++++++++++++++++++++++++++++++++
+ util/perl/TLSProxy/Message.pm   |  9 ++++
+ util/perl/TLSProxy/NextProto.pm | 54 ++++++++++++++++++++++++
+ util/perl/TLSProxy/Proxy.pm     |  1 +
+ 4 files changed, 137 insertions(+)
+ create mode 100644 test/recipes/70-test_npn.t
+ create mode 100644 util/perl/TLSProxy/NextProto.pm
+
+diff --git a/test/recipes/70-test_npn.t b/test/recipes/70-test_npn.t
+new file mode 100644
+index 0000000..f82e71a
+--- /dev/null
++++ b/test/recipes/70-test_npn.t
+@@ -0,0 +1,73 @@
++#! /usr/bin/env perl
++# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the Apache License 2.0 (the "License").  You may not use
++# this file except in compliance with the License.  You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++use strict;
++use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file/;
++use OpenSSL::Test::Utils;
++
++use TLSProxy::Proxy;
++
++my $test_name = "test_npn";
++setup($test_name);
++
++plan skip_all => "TLSProxy isn't usable on $^O"
++    if $^O =~ /^(VMS)$/;
++
++plan skip_all => "$test_name needs the dynamic engine feature enabled"
++    if disabled("engine") || disabled("dynamic-engine");
++
++plan skip_all => "$test_name needs the sock feature enabled"
++    if disabled("sock");
++
++plan skip_all => "$test_name needs NPN enabled"
++    if disabled("nextprotoneg");
++
++plan skip_all => "$test_name needs TLSv1.2 enabled"
++    if disabled("tls1_2");
++
++my $proxy = TLSProxy::Proxy->new(
++    undef,
++    cmdstr(app(["openssl"]), display => 1),
++    srctop_file("apps", "server.pem"),
++    (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
++);
++
++$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
++plan tests => 1;
++
++my $npnseen = 0;
++
++# Test 1: Check sending an empty NextProto message from the client works. This is
++#         valid as per the spec, but OpenSSL does not allow you to send it.
++#         Therefore we must be prepared to receive such a message but we cannot
++#         generate it except via TLSProxy
++$proxy->clear();
++$proxy->filter(\&npn_filter);
++$proxy->clientflags("-nextprotoneg foo -no_tls1_3");
++$proxy->serverflags("-nextprotoneg foo");
++$proxy->start();
++ok($npnseen && TLSProxy::Message->success(), "Empty NPN message");
++
++sub npn_filter
++{
++    my $proxy = shift;
++    my $message;
++
++    # The NextProto message always appears in flight 2
++    return if $proxy->flight != 2;
++
++    foreach my $message (@{$proxy->message_list}) {
++        if ($message->mt == TLSProxy::Message::MT_NEXT_PROTO) {
++            # Our TLSproxy NextProto message support doesn't support parsing of
++            # the message. If we repack it just creates an empty NextProto
++            # message - which is exactly the scenario we want to test here.
++            $message->repack();
++            $npnseen = 1;
++        }
++    }
++}
+diff --git a/util/perl/TLSProxy/Message.pm b/util/perl/TLSProxy/Message.pm
+index ce22187..fb41b2f 100644
+--- a/util/perl/TLSProxy/Message.pm
++++ b/util/perl/TLSProxy/Message.pm
+@@ -384,6 +384,15 @@ sub create_message
+             [@message_frag_lens]
+         );
+         $message->parse();
++    }  elsif ($mt == MT_NEXT_PROTO) {
++        $message = TLSProxy::NextProto->new(
++            $server,
++            $data,
++            [@message_rec_list],
++            $startoffset,
++            [@message_frag_lens]
++        );
++        $message->parse();
+     } else {
+         #Unknown message type
+         $message = TLSProxy::Message->new(
+diff --git a/util/perl/TLSProxy/NextProto.pm b/util/perl/TLSProxy/NextProto.pm
+new file mode 100644
+index 0000000..0e18347
+--- /dev/null
++++ b/util/perl/TLSProxy/NextProto.pm
+@@ -0,0 +1,54 @@
++# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the Apache License 2.0 (the "License").  You may not use
++# this file except in compliance with the License.  You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++use strict;
++
++package TLSProxy::NextProto;
++
++use vars '@ISA';
++push @ISA, 'TLSProxy::Message';
++
++sub new
++{
++    my $class = shift;
++    my ($server,
++        $data,
++        $records,
++        $startoffset,
++        $message_frag_lens) = @_;
++
++    my $self = $class->SUPER::new(
++        $server,
++        TLSProxy::Message::MT_NEXT_PROTO,
++        $data,
++        $records,
++        $startoffset,
++        $message_frag_lens);
++
++    return $self;
++}
++
++sub parse
++{
++    # We don't support parsing at the moment
++}
++
++# This is supposed to reconstruct the on-the-wire message data following changes.
++# For now though since we don't support parsing we just create an empty NextProto
++# message - this capability is used in test_npn
++sub set_message_contents
++{
++    my $self = shift;
++    my $data;
++
++    $data = pack("C32", 0x00, 0x1e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
++                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
++                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
++                 0x00, 0x00, 0x00);
++    $self->data($data);
++}
++1;
+diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm
+index 3de10ec..b707722 100644
+--- a/util/perl/TLSProxy/Proxy.pm
++++ b/util/perl/TLSProxy/Proxy.pm
+@@ -23,6 +23,7 @@ use TLSProxy::CertificateRequest;
+ use TLSProxy::CertificateVerify;
+ use TLSProxy::ServerKeyExchange;
+ use TLSProxy::NewSessionTicket;
++use TLSProxy::NextProto;
+ 
+ my $have_IPv6;
+ my $IP_factory;
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch
new file mode 100644
index 0000000000..768304f00b
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch
@@ -0,0 +1,43 @@
+From 6de1d37cd129b0af5b4a247c76f97b98e70b108b Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 31 May 2024 11:18:27 +0100
+Subject: [PATCH 02/10] More correctly handle a selected_len of 0 when
+ processing NPN
+
+In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but
+the selected_len is 0 we should fail. Previously this would fail with an
+internal_error alert because calling OPENSSL_malloc(selected_len) will
+return NULL when selected_len is 0. We make this error detection more
+explicit and return a handshake failure alert.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/015255851371757d54c2560643eb3b3a88123cf1]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ ssl/statem/extensions_clnt.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
+index 381a6c9..1ab3c13 100644
+--- a/ssl/statem/extensions_clnt.c
++++ b/ssl/statem/extensions_clnt.c
+@@ -1560,8 +1560,8 @@ int tls_parse_stoc_npn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
+     if (sctx->ext.npn_select_cb(SSL_CONNECTION_GET_SSL(s),
+                                 &selected, &selected_len,
+                                 PACKET_data(pkt), PACKET_remaining(pkt),
+-                                sctx->ext.npn_select_cb_arg) !=
+-             SSL_TLSEXT_ERR_OK) {
++                                sctx->ext.npn_select_cb_arg) != SSL_TLSEXT_ERR_OK
++            || selected_len == 0) {
+         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_EXTENSION);
+         return 0;
+     }
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch
new file mode 100644
index 0000000000..d6d4d869be
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch
@@ -0,0 +1,38 @@
+From 4f9334a33da89949f97927c8fe7df1003c42cda4 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 31 May 2024 11:22:13 +0100
+Subject: [PATCH 03/10] Use correctly formatted ALPN data in tserver
+
+The QUIC test server was using incorrectly formatted ALPN data. With the
+previous implementation of SSL_select_next_proto this went unnoticed. With
+the new stricter implemenation it was failing.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/6cc511826f09e513b4ec066d9b95acaf4f86d991]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ ssl/quic/quic_tserver.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ssl/quic/quic_tserver.c b/ssl/quic/quic_tserver.c
+index 86187d0..15694e7 100644
+--- a/ssl/quic/quic_tserver.c
++++ b/ssl/quic/quic_tserver.c
+@@ -58,7 +58,7 @@ static int alpn_select_cb(SSL *ssl, const unsigned char **out,
+ 
+     if (srv->args.alpn == NULL) {
+         alpn = alpndeflt;
+-        alpnlen = sizeof(alpn);
++        alpnlen = sizeof(alpndeflt);
+     } else {
+         alpn = srv->args.alpn;
+         alpnlen = srv->args.alpnlen;
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch
new file mode 100644
index 0000000000..03fc1168f9
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch
@@ -0,0 +1,82 @@
+From 5145a1f50e44c9f86127a76f01519a9f25157290 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 31 May 2024 11:46:38 +0100
+Subject: [PATCH 04/10] Clarify the SSL_select_next_proto() documentation
+
+We clarify the input preconditions and the expected behaviour in the event
+of no overlap.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/8e81c57adbbf703dfb63955f65599765fdacc741]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ doc/man3/SSL_CTX_set_alpn_select_cb.pod | 26 +++++++++++++++++--------
+ 1 file changed, 18 insertions(+), 8 deletions(-)
+
+diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
+index 05fee2f..79e1a25 100644
+--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod
++++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod
+@@ -52,7 +52,8 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated
+ SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to
+ set the list of protocols available to be negotiated. The B<protos> must be in
+ protocol-list format, described below. The length of B<protos> is specified in
+-B<protos_len>.
++B<protos_len>. Setting B<protos_len> to 0 clears any existing list of ALPN
++protocols and no ALPN extension will be sent to the server.
+ 
+ SSL_CTX_set_alpn_select_cb() sets the application callback B<cb> used by a
+ server to select which protocol to use for the incoming connection. When B<cb>
+@@ -73,9 +74,16 @@ B<server_len> and B<client>, B<client_len> must be in the protocol-list format
+ described below. The first item in the B<server>, B<server_len> list that
+ matches an item in the B<client>, B<client_len> list is selected, and returned
+ in B<out>, B<outlen>. The B<out> value will point into either B<server> or
+-B<client>, so it should be copied immediately. If no match is found, the first
+-item in B<client>, B<client_len> is returned in B<out>, B<outlen>. This
+-function can also be used in the NPN callback.
++B<client>, so it should be copied immediately. The client list must include at
++least one valid (nonempty) protocol entry in the list.
++
++The SSL_select_next_proto() helper function can be useful from either the ALPN
++callback or the NPN callback (described below). If no match is found, the first
++item in B<client>, B<client_len> is returned in B<out>, B<outlen> and
++B<OPENSSL_NPN_NO_OVERLAP> is returned. This can be useful when implementating
++the NPN callback. In the ALPN case, the value returned in B<out> and B<outlen>
++must be ignored if B<OPENSSL_NPN_NO_OVERLAP> has been returned from
++SSL_select_next_proto().
+ 
+ SSL_CTX_set_next_proto_select_cb() sets a callback B<cb> that is called when a
+ client needs to select a protocol from the server's provided list, and a
+@@ -85,9 +93,10 @@ must be set to point to the selected protocol (which may be within B<in>).
+ The length of the protocol name must be written into B<outlen>. The
+ server's advertised protocols are provided in B<in> and B<inlen>. The
+ callback can assume that B<in> is syntactically valid. The client must
+-select a protocol. It is fatal to the connection if this callback returns
+-a value other than B<SSL_TLSEXT_ERR_OK>. The B<arg> parameter is the pointer
+-set via SSL_CTX_set_next_proto_select_cb().
++select a protocol (although it may be an empty, zero length protocol). It is
++fatal to the connection if this callback returns a value other than
++B<SSL_TLSEXT_ERR_OK> or if the zero length protocol is selected. The B<arg>
++parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().
+ 
+ SSL_CTX_set_next_protos_advertised_cb() sets a callback B<cb> that is called
+ when a TLS server needs a list of supported protocols for Next Protocol
+@@ -154,7 +163,8 @@ A match was found and is returned in B<out>, B<outlen>.
+ =item OPENSSL_NPN_NO_OVERLAP
+ 
+ No match was found. The first item in B<client>, B<client_len> is returned in
+-B<out>, B<outlen>.
++B<out>, B<outlen> (or B<NULL> and 0 in the case where the first entry in
++B<client> is invalid).
+ 
+ =back
+ 
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch
new file mode 100644
index 0000000000..e439d9b59a
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch
@@ -0,0 +1,176 @@
+From 01d44bc7f50670002cad495654fd99a6371d7662 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 31 May 2024 16:35:16 +0100
+Subject: [PATCH 05/10] Add a test for SSL_select_next_proto
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/add5c52a25c549cec4a730cdf96e2252f0a1862d]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ test/sslapitest.c | 137 ++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 137 insertions(+)
+
+diff --git a/test/sslapitest.c b/test/sslapitest.c
+index ce16332..15cb906 100644
+--- a/test/sslapitest.c
++++ b/test/sslapitest.c
+@@ -11741,6 +11741,142 @@ static int test_multi_resume(int idx)
+     return testresult;
+ }
+ 
++static struct next_proto_st {
++    int serverlen;
++    unsigned char server[40];
++    int clientlen;
++    unsigned char client[40];
++    int expected_ret;
++    size_t selectedlen;
++    unsigned char selected[40];
++} next_proto_tests[] = {
++    {
++        4, { 3, 'a', 'b', 'c' },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        7, { 3, 'a', 'b', 'c', 2, 'a', 'b' },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        7, { 2, 'a', 'b', 3, 'a', 'b', 'c', },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        4, { 3, 'a', 'b', 'c' },
++        7, { 3, 'a', 'b', 'c', 2, 'a', 'b', },
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        4, { 3, 'a', 'b', 'c' },
++        7, { 2, 'a', 'b', 3, 'a', 'b', 'c'},
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        7, { 2, 'b', 'c', 3, 'a', 'b', 'c' },
++        7, { 2, 'a', 'b', 3, 'a', 'b', 'c'},
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        10, { 2, 'b', 'c', 3, 'a', 'b', 'c', 2, 'a', 'b' },
++        7, { 2, 'a', 'b', 3, 'a', 'b', 'c'},
++        OPENSSL_NPN_NEGOTIATED,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        4, { 3, 'b', 'c', 'd' },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NO_OVERLAP,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        0, { 0 },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NO_OVERLAP,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        -1, { 0 },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NO_OVERLAP,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        4, { 3, 'a', 'b', 'c' },
++        0, { 0 },
++        OPENSSL_NPN_NO_OVERLAP,
++        0, { 0 }
++    },
++    {
++        4, { 3, 'a', 'b', 'c' },
++        -1, { 0 },
++        OPENSSL_NPN_NO_OVERLAP,
++        0, { 0 }
++    },
++    {
++        3, { 3, 'a', 'b', 'c' },
++        4, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NO_OVERLAP,
++        3, { 'a', 'b', 'c' }
++    },
++    {
++        4, { 3, 'a', 'b', 'c' },
++        3, { 3, 'a', 'b', 'c' },
++        OPENSSL_NPN_NO_OVERLAP,
++        0, { 0 }
++    }
++};
++
++static int test_select_next_proto(int idx)
++{
++    struct next_proto_st *np = &next_proto_tests[idx];
++    int ret = 0;
++    unsigned char *out, *client, *server;
++    unsigned char outlen;
++    unsigned int clientlen, serverlen;
++
++    if (np->clientlen == -1) {
++        client = NULL;
++        clientlen = 0;
++    } else {
++        client = np->client;
++        clientlen = (unsigned int)np->clientlen;
++    }
++    if (np->serverlen == -1) {
++        server = NULL;
++        serverlen = 0;
++    } else {
++        server = np->server;
++        serverlen = (unsigned int)np->serverlen;
++    }
++
++    if (!TEST_int_eq(SSL_select_next_proto(&out, &outlen, server, serverlen,
++                                           client, clientlen),
++                     np->expected_ret))
++        goto err;
++
++    if (np->selectedlen == 0) {
++        if (!TEST_ptr_null(out) || !TEST_uchar_eq(outlen, 0))
++            goto err;
++    } else {
++        if (!TEST_mem_eq(out, outlen, np->selected, np->selectedlen))
++            goto err;
++    }
++
++    ret = 1;
++ err:
++    return ret;
++}
++
+ OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n")
+ 
+ int setup_tests(void)
+@@ -12053,6 +12189,7 @@ int setup_tests(void)
+     ADD_ALL_TESTS(test_handshake_retry, 16);
+     ADD_TEST(test_data_retry);
+     ADD_ALL_TESTS(test_multi_resume, 5);
++    ADD_ALL_TESTS(test_select_next_proto, OSSL_NELEM(next_proto_tests));
+     return 1;
+ 
+  err:
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch
new file mode 100644
index 0000000000..df24702fa6
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch
@@ -0,0 +1,1173 @@
+From e344d0b5860560ffa59415ea4028ba7760b2a773 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Tue, 4 Jun 2024 15:47:32 +0100
+Subject: [PATCH 06/10] Allow an empty NPN/ALPN protocol list in the tests
+
+Allow ourselves to configure an empty NPN/ALPN protocol list and test what
+happens if we do.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/7ea1f6a85b299b976cb3f756b2a7f0153f31b2b6]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ test/helpers/handshake.c      |   6 +
+ test/ssl-tests/08-npn.cnf     | 553 +++++++++++++++++++---------------
+ test/ssl-tests/08-npn.cnf.in  |  35 +++
+ test/ssl-tests/09-alpn.cnf    |  66 +++-
+ test/ssl-tests/09-alpn.cnf.in |  33 ++
+ 5 files changed, 449 insertions(+), 244 deletions(-)
+
+diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c
+index ae2ad59..b66b2f5 100644
+--- a/test/helpers/handshake.c
++++ b/test/helpers/handshake.c
+@@ -444,6 +444,12 @@ static int parse_protos(const char *protos, unsigned char **out, size_t *outlen)
+ 
+     len = strlen(protos);
+ 
++    if (len == 0) {
++        *out = NULL;
++        *outlen = 0;
++        return 1;
++    }
++
+     /* Should never have reuse. */
+     if (!TEST_ptr_null(*out)
+             /* Test values are small, so we omit length limit checks. */
+diff --git a/test/ssl-tests/08-npn.cnf b/test/ssl-tests/08-npn.cnf
+index f38b3f6..1931d02 100644
+--- a/test/ssl-tests/08-npn.cnf
++++ b/test/ssl-tests/08-npn.cnf
+@@ -1,6 +1,6 @@
+ # Generated with generate_ssl_tests.pl
+ 
+-num_tests = 20
++num_tests = 22
+ 
+ test-0 = 0-npn-simple
+ test-1 = 1-npn-client-finds-match
+@@ -8,20 +8,22 @@ test-2 = 2-npn-client-honours-server-pref
+ test-3 = 3-npn-client-first-pref-on-mismatch
+ test-4 = 4-npn-no-server-support
+ test-5 = 5-npn-no-client-support
+-test-6 = 6-npn-with-sni-no-context-switch
+-test-7 = 7-npn-with-sni-context-switch
+-test-8 = 8-npn-selected-sni-server-supports-npn
+-test-9 = 9-npn-selected-sni-server-does-not-support-npn
+-test-10 = 10-alpn-preferred-over-npn
+-test-11 = 11-sni-npn-preferred-over-alpn
+-test-12 = 12-npn-simple-resumption
+-test-13 = 13-npn-server-switch-resumption
+-test-14 = 14-npn-client-switch-resumption
+-test-15 = 15-npn-client-first-pref-on-mismatch-resumption
+-test-16 = 16-npn-no-server-support-resumption
+-test-17 = 17-npn-no-client-support-resumption
+-test-18 = 18-alpn-preferred-over-npn-resumption
+-test-19 = 19-npn-used-if-alpn-not-supported-resumption
++test-6 = 6-npn-empty-client-list
++test-7 = 7-npn-empty-server-list
++test-8 = 8-npn-with-sni-no-context-switch
++test-9 = 9-npn-with-sni-context-switch
++test-10 = 10-npn-selected-sni-server-supports-npn
++test-11 = 11-npn-selected-sni-server-does-not-support-npn
++test-12 = 12-alpn-preferred-over-npn
++test-13 = 13-sni-npn-preferred-over-alpn
++test-14 = 14-npn-simple-resumption
++test-15 = 15-npn-server-switch-resumption
++test-16 = 16-npn-client-switch-resumption
++test-17 = 17-npn-client-first-pref-on-mismatch-resumption
++test-18 = 18-npn-no-server-support-resumption
++test-19 = 19-npn-no-client-support-resumption
++test-20 = 20-alpn-preferred-over-npn-resumption
++test-21 = 21-npn-used-if-alpn-not-supported-resumption
+ # ===========================================================
+ 
+ [0-npn-simple]
+@@ -206,253 +208,318 @@ NPNProtocols = foo
+ 
+ # ===========================================================
+ 
+-[6-npn-with-sni-no-context-switch]
+-ssl_conf = 6-npn-with-sni-no-context-switch-ssl
++[6-npn-empty-client-list]
++ssl_conf = 6-npn-empty-client-list-ssl
+ 
+-[6-npn-with-sni-no-context-switch-ssl]
+-server = 6-npn-with-sni-no-context-switch-server
+-client = 6-npn-with-sni-no-context-switch-client
+-server2 = 6-npn-with-sni-no-context-switch-server2
++[6-npn-empty-client-list-ssl]
++server = 6-npn-empty-client-list-server
++client = 6-npn-empty-client-list-client
+ 
+-[6-npn-with-sni-no-context-switch-server]
++[6-npn-empty-client-list-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[6-npn-with-sni-no-context-switch-server2]
++[6-npn-empty-client-list-client]
++CipherString = DEFAULT
++MaxProtocol = TLSv1.2
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++[test-6]
++ExpectedClientAlert = HandshakeFailure
++ExpectedResult = ClientFail
++server = 6-npn-empty-client-list-server-extra
++client = 6-npn-empty-client-list-client-extra
++
++[6-npn-empty-client-list-server-extra]
++NPNProtocols = foo
++
++[6-npn-empty-client-list-client-extra]
++NPNProtocols = 
++
++
++# ===========================================================
++
++[7-npn-empty-server-list]
++ssl_conf = 7-npn-empty-server-list-ssl
++
++[7-npn-empty-server-list-ssl]
++server = 7-npn-empty-server-list-server
++client = 7-npn-empty-server-list-client
++
++[7-npn-empty-server-list-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[6-npn-with-sni-no-context-switch-client]
++[7-npn-empty-server-list-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-6]
++[test-7]
++ExpectedNPNProtocol = foo
++server = 7-npn-empty-server-list-server-extra
++client = 7-npn-empty-server-list-client-extra
++
++[7-npn-empty-server-list-server-extra]
++NPNProtocols = 
++
++[7-npn-empty-server-list-client-extra]
++NPNProtocols = foo
++
++
++# ===========================================================
++
++[8-npn-with-sni-no-context-switch]
++ssl_conf = 8-npn-with-sni-no-context-switch-ssl
++
++[8-npn-with-sni-no-context-switch-ssl]
++server = 8-npn-with-sni-no-context-switch-server
++client = 8-npn-with-sni-no-context-switch-client
++server2 = 8-npn-with-sni-no-context-switch-server2
++
++[8-npn-with-sni-no-context-switch-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++[8-npn-with-sni-no-context-switch-server2]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++[8-npn-with-sni-no-context-switch-client]
++CipherString = DEFAULT
++MaxProtocol = TLSv1.2
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++[test-8]
+ ExpectedNPNProtocol = foo
+ ExpectedServerName = server1
+-server = 6-npn-with-sni-no-context-switch-server-extra
+-server2 = 6-npn-with-sni-no-context-switch-server2-extra
+-client = 6-npn-with-sni-no-context-switch-client-extra
++server = 8-npn-with-sni-no-context-switch-server-extra
++server2 = 8-npn-with-sni-no-context-switch-server2-extra
++client = 8-npn-with-sni-no-context-switch-client-extra
+ 
+-[6-npn-with-sni-no-context-switch-server-extra]
++[8-npn-with-sni-no-context-switch-server-extra]
+ NPNProtocols = foo
+ ServerNameCallback = IgnoreMismatch
+ 
+-[6-npn-with-sni-no-context-switch-server2-extra]
++[8-npn-with-sni-no-context-switch-server2-extra]
+ NPNProtocols = bar
+ 
+-[6-npn-with-sni-no-context-switch-client-extra]
++[8-npn-with-sni-no-context-switch-client-extra]
+ NPNProtocols = foo,bar
+ ServerName = server1
+ 
+ 
+ # ===========================================================
+ 
+-[7-npn-with-sni-context-switch]
+-ssl_conf = 7-npn-with-sni-context-switch-ssl
++[9-npn-with-sni-context-switch]
++ssl_conf = 9-npn-with-sni-context-switch-ssl
+ 
+-[7-npn-with-sni-context-switch-ssl]
+-server = 7-npn-with-sni-context-switch-server
+-client = 7-npn-with-sni-context-switch-client
+-server2 = 7-npn-with-sni-context-switch-server2
++[9-npn-with-sni-context-switch-ssl]
++server = 9-npn-with-sni-context-switch-server
++client = 9-npn-with-sni-context-switch-client
++server2 = 9-npn-with-sni-context-switch-server2
+ 
+-[7-npn-with-sni-context-switch-server]
++[9-npn-with-sni-context-switch-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[7-npn-with-sni-context-switch-server2]
++[9-npn-with-sni-context-switch-server2]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[7-npn-with-sni-context-switch-client]
++[9-npn-with-sni-context-switch-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-7]
++[test-9]
+ ExpectedNPNProtocol = bar
+ ExpectedServerName = server2
+-server = 7-npn-with-sni-context-switch-server-extra
+-server2 = 7-npn-with-sni-context-switch-server2-extra
+-client = 7-npn-with-sni-context-switch-client-extra
++server = 9-npn-with-sni-context-switch-server-extra
++server2 = 9-npn-with-sni-context-switch-server2-extra
++client = 9-npn-with-sni-context-switch-client-extra
+ 
+-[7-npn-with-sni-context-switch-server-extra]
++[9-npn-with-sni-context-switch-server-extra]
+ NPNProtocols = foo
+ ServerNameCallback = IgnoreMismatch
+ 
+-[7-npn-with-sni-context-switch-server2-extra]
++[9-npn-with-sni-context-switch-server2-extra]
+ NPNProtocols = bar
+ 
+-[7-npn-with-sni-context-switch-client-extra]
++[9-npn-with-sni-context-switch-client-extra]
+ NPNProtocols = foo,bar
+ ServerName = server2
+ 
+ 
+ # ===========================================================
+ 
+-[8-npn-selected-sni-server-supports-npn]
+-ssl_conf = 8-npn-selected-sni-server-supports-npn-ssl
++[10-npn-selected-sni-server-supports-npn]
++ssl_conf = 10-npn-selected-sni-server-supports-npn-ssl
+ 
+-[8-npn-selected-sni-server-supports-npn-ssl]
+-server = 8-npn-selected-sni-server-supports-npn-server
+-client = 8-npn-selected-sni-server-supports-npn-client
+-server2 = 8-npn-selected-sni-server-supports-npn-server2
++[10-npn-selected-sni-server-supports-npn-ssl]
++server = 10-npn-selected-sni-server-supports-npn-server
++client = 10-npn-selected-sni-server-supports-npn-client
++server2 = 10-npn-selected-sni-server-supports-npn-server2
+ 
+-[8-npn-selected-sni-server-supports-npn-server]
++[10-npn-selected-sni-server-supports-npn-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[8-npn-selected-sni-server-supports-npn-server2]
++[10-npn-selected-sni-server-supports-npn-server2]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[8-npn-selected-sni-server-supports-npn-client]
++[10-npn-selected-sni-server-supports-npn-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-8]
++[test-10]
+ ExpectedNPNProtocol = bar
+ ExpectedServerName = server2
+-server = 8-npn-selected-sni-server-supports-npn-server-extra
+-server2 = 8-npn-selected-sni-server-supports-npn-server2-extra
+-client = 8-npn-selected-sni-server-supports-npn-client-extra
++server = 10-npn-selected-sni-server-supports-npn-server-extra
++server2 = 10-npn-selected-sni-server-supports-npn-server2-extra
++client = 10-npn-selected-sni-server-supports-npn-client-extra
+ 
+-[8-npn-selected-sni-server-supports-npn-server-extra]
++[10-npn-selected-sni-server-supports-npn-server-extra]
+ ServerNameCallback = IgnoreMismatch
+ 
+-[8-npn-selected-sni-server-supports-npn-server2-extra]
++[10-npn-selected-sni-server-supports-npn-server2-extra]
+ NPNProtocols = bar
+ 
+-[8-npn-selected-sni-server-supports-npn-client-extra]
++[10-npn-selected-sni-server-supports-npn-client-extra]
+ NPNProtocols = foo,bar
+ ServerName = server2
+ 
+ 
+ # ===========================================================
+ 
+-[9-npn-selected-sni-server-does-not-support-npn]
+-ssl_conf = 9-npn-selected-sni-server-does-not-support-npn-ssl
++[11-npn-selected-sni-server-does-not-support-npn]
++ssl_conf = 11-npn-selected-sni-server-does-not-support-npn-ssl
+ 
+-[9-npn-selected-sni-server-does-not-support-npn-ssl]
+-server = 9-npn-selected-sni-server-does-not-support-npn-server
+-client = 9-npn-selected-sni-server-does-not-support-npn-client
+-server2 = 9-npn-selected-sni-server-does-not-support-npn-server2
++[11-npn-selected-sni-server-does-not-support-npn-ssl]
++server = 11-npn-selected-sni-server-does-not-support-npn-server
++client = 11-npn-selected-sni-server-does-not-support-npn-client
++server2 = 11-npn-selected-sni-server-does-not-support-npn-server2
+ 
+-[9-npn-selected-sni-server-does-not-support-npn-server]
++[11-npn-selected-sni-server-does-not-support-npn-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[9-npn-selected-sni-server-does-not-support-npn-server2]
++[11-npn-selected-sni-server-does-not-support-npn-server2]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[9-npn-selected-sni-server-does-not-support-npn-client]
++[11-npn-selected-sni-server-does-not-support-npn-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-9]
++[test-11]
+ ExpectedServerName = server2
+-server = 9-npn-selected-sni-server-does-not-support-npn-server-extra
+-client = 9-npn-selected-sni-server-does-not-support-npn-client-extra
++server = 11-npn-selected-sni-server-does-not-support-npn-server-extra
++client = 11-npn-selected-sni-server-does-not-support-npn-client-extra
+ 
+-[9-npn-selected-sni-server-does-not-support-npn-server-extra]
++[11-npn-selected-sni-server-does-not-support-npn-server-extra]
+ NPNProtocols = bar
+ ServerNameCallback = IgnoreMismatch
+ 
+-[9-npn-selected-sni-server-does-not-support-npn-client-extra]
++[11-npn-selected-sni-server-does-not-support-npn-client-extra]
+ NPNProtocols = foo,bar
+ ServerName = server2
+ 
+ 
+ # ===========================================================
+ 
+-[10-alpn-preferred-over-npn]
+-ssl_conf = 10-alpn-preferred-over-npn-ssl
++[12-alpn-preferred-over-npn]
++ssl_conf = 12-alpn-preferred-over-npn-ssl
+ 
+-[10-alpn-preferred-over-npn-ssl]
+-server = 10-alpn-preferred-over-npn-server
+-client = 10-alpn-preferred-over-npn-client
++[12-alpn-preferred-over-npn-ssl]
++server = 12-alpn-preferred-over-npn-server
++client = 12-alpn-preferred-over-npn-client
+ 
+-[10-alpn-preferred-over-npn-server]
++[12-alpn-preferred-over-npn-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[10-alpn-preferred-over-npn-client]
++[12-alpn-preferred-over-npn-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-10]
++[test-12]
+ ExpectedALPNProtocol = foo
+-server = 10-alpn-preferred-over-npn-server-extra
+-client = 10-alpn-preferred-over-npn-client-extra
++server = 12-alpn-preferred-over-npn-server-extra
++client = 12-alpn-preferred-over-npn-client-extra
+ 
+-[10-alpn-preferred-over-npn-server-extra]
++[12-alpn-preferred-over-npn-server-extra]
+ ALPNProtocols = foo
+ NPNProtocols = bar
+ 
+-[10-alpn-preferred-over-npn-client-extra]
++[12-alpn-preferred-over-npn-client-extra]
+ ALPNProtocols = foo
+ NPNProtocols = bar
+ 
+ 
+ # ===========================================================
+ 
+-[11-sni-npn-preferred-over-alpn]
+-ssl_conf = 11-sni-npn-preferred-over-alpn-ssl
++[13-sni-npn-preferred-over-alpn]
++ssl_conf = 13-sni-npn-preferred-over-alpn-ssl
+ 
+-[11-sni-npn-preferred-over-alpn-ssl]
+-server = 11-sni-npn-preferred-over-alpn-server
+-client = 11-sni-npn-preferred-over-alpn-client
+-server2 = 11-sni-npn-preferred-over-alpn-server2
++[13-sni-npn-preferred-over-alpn-ssl]
++server = 13-sni-npn-preferred-over-alpn-server
++client = 13-sni-npn-preferred-over-alpn-client
++server2 = 13-sni-npn-preferred-over-alpn-server2
+ 
+-[11-sni-npn-preferred-over-alpn-server]
++[13-sni-npn-preferred-over-alpn-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[11-sni-npn-preferred-over-alpn-server2]
++[13-sni-npn-preferred-over-alpn-server2]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[11-sni-npn-preferred-over-alpn-client]
++[13-sni-npn-preferred-over-alpn-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-11]
++[test-13]
+ ExpectedNPNProtocol = bar
+ ExpectedServerName = server2
+-server = 11-sni-npn-preferred-over-alpn-server-extra
+-server2 = 11-sni-npn-preferred-over-alpn-server2-extra
+-client = 11-sni-npn-preferred-over-alpn-client-extra
++server = 13-sni-npn-preferred-over-alpn-server-extra
++server2 = 13-sni-npn-preferred-over-alpn-server2-extra
++client = 13-sni-npn-preferred-over-alpn-client-extra
+ 
+-[11-sni-npn-preferred-over-alpn-server-extra]
++[13-sni-npn-preferred-over-alpn-server-extra]
+ ALPNProtocols = foo
+ ServerNameCallback = IgnoreMismatch
+ 
+-[11-sni-npn-preferred-over-alpn-server2-extra]
++[13-sni-npn-preferred-over-alpn-server2-extra]
+ NPNProtocols = bar
+ 
+-[11-sni-npn-preferred-over-alpn-client-extra]
++[13-sni-npn-preferred-over-alpn-client-extra]
+ ALPNProtocols = foo
+ NPNProtocols = bar
+ ServerName = server2
+@@ -460,356 +527,356 @@ ServerName = server2
+ 
+ # ===========================================================
+ 
+-[12-npn-simple-resumption]
+-ssl_conf = 12-npn-simple-resumption-ssl
++[14-npn-simple-resumption]
++ssl_conf = 14-npn-simple-resumption-ssl
+ 
+-[12-npn-simple-resumption-ssl]
+-server = 12-npn-simple-resumption-server
+-client = 12-npn-simple-resumption-client
+-resume-server = 12-npn-simple-resumption-server
+-resume-client = 12-npn-simple-resumption-client
++[14-npn-simple-resumption-ssl]
++server = 14-npn-simple-resumption-server
++client = 14-npn-simple-resumption-client
++resume-server = 14-npn-simple-resumption-server
++resume-client = 14-npn-simple-resumption-client
+ 
+-[12-npn-simple-resumption-server]
++[14-npn-simple-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[12-npn-simple-resumption-client]
++[14-npn-simple-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-12]
++[test-14]
+ ExpectedNPNProtocol = foo
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 12-npn-simple-resumption-server-extra
+-resume-server = 12-npn-simple-resumption-server-extra
+-client = 12-npn-simple-resumption-client-extra
+-resume-client = 12-npn-simple-resumption-client-extra
++server = 14-npn-simple-resumption-server-extra
++resume-server = 14-npn-simple-resumption-server-extra
++client = 14-npn-simple-resumption-client-extra
++resume-client = 14-npn-simple-resumption-client-extra
+ 
+-[12-npn-simple-resumption-server-extra]
++[14-npn-simple-resumption-server-extra]
+ NPNProtocols = foo
+ 
+-[12-npn-simple-resumption-client-extra]
++[14-npn-simple-resumption-client-extra]
+ NPNProtocols = foo
+ 
+ 
+ # ===========================================================
+ 
+-[13-npn-server-switch-resumption]
+-ssl_conf = 13-npn-server-switch-resumption-ssl
++[15-npn-server-switch-resumption]
++ssl_conf = 15-npn-server-switch-resumption-ssl
+ 
+-[13-npn-server-switch-resumption-ssl]
+-server = 13-npn-server-switch-resumption-server
+-client = 13-npn-server-switch-resumption-client
+-resume-server = 13-npn-server-switch-resumption-resume-server
+-resume-client = 13-npn-server-switch-resumption-client
++[15-npn-server-switch-resumption-ssl]
++server = 15-npn-server-switch-resumption-server
++client = 15-npn-server-switch-resumption-client
++resume-server = 15-npn-server-switch-resumption-resume-server
++resume-client = 15-npn-server-switch-resumption-client
+ 
+-[13-npn-server-switch-resumption-server]
++[15-npn-server-switch-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[13-npn-server-switch-resumption-resume-server]
++[15-npn-server-switch-resumption-resume-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[13-npn-server-switch-resumption-client]
++[15-npn-server-switch-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-13]
++[test-15]
+ ExpectedNPNProtocol = baz
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 13-npn-server-switch-resumption-server-extra
+-resume-server = 13-npn-server-switch-resumption-resume-server-extra
+-client = 13-npn-server-switch-resumption-client-extra
+-resume-client = 13-npn-server-switch-resumption-client-extra
++server = 15-npn-server-switch-resumption-server-extra
++resume-server = 15-npn-server-switch-resumption-resume-server-extra
++client = 15-npn-server-switch-resumption-client-extra
++resume-client = 15-npn-server-switch-resumption-client-extra
+ 
+-[13-npn-server-switch-resumption-server-extra]
++[15-npn-server-switch-resumption-server-extra]
+ NPNProtocols = bar,foo
+ 
+-[13-npn-server-switch-resumption-resume-server-extra]
++[15-npn-server-switch-resumption-resume-server-extra]
+ NPNProtocols = baz,foo
+ 
+-[13-npn-server-switch-resumption-client-extra]
++[15-npn-server-switch-resumption-client-extra]
+ NPNProtocols = foo,bar,baz
+ 
+ 
+ # ===========================================================
+ 
+-[14-npn-client-switch-resumption]
+-ssl_conf = 14-npn-client-switch-resumption-ssl
++[16-npn-client-switch-resumption]
++ssl_conf = 16-npn-client-switch-resumption-ssl
+ 
+-[14-npn-client-switch-resumption-ssl]
+-server = 14-npn-client-switch-resumption-server
+-client = 14-npn-client-switch-resumption-client
+-resume-server = 14-npn-client-switch-resumption-server
+-resume-client = 14-npn-client-switch-resumption-resume-client
++[16-npn-client-switch-resumption-ssl]
++server = 16-npn-client-switch-resumption-server
++client = 16-npn-client-switch-resumption-client
++resume-server = 16-npn-client-switch-resumption-server
++resume-client = 16-npn-client-switch-resumption-resume-client
+ 
+-[14-npn-client-switch-resumption-server]
++[16-npn-client-switch-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[14-npn-client-switch-resumption-client]
++[16-npn-client-switch-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[14-npn-client-switch-resumption-resume-client]
++[16-npn-client-switch-resumption-resume-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-14]
++[test-16]
+ ExpectedNPNProtocol = bar
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 14-npn-client-switch-resumption-server-extra
+-resume-server = 14-npn-client-switch-resumption-server-extra
+-client = 14-npn-client-switch-resumption-client-extra
+-resume-client = 14-npn-client-switch-resumption-resume-client-extra
++server = 16-npn-client-switch-resumption-server-extra
++resume-server = 16-npn-client-switch-resumption-server-extra
++client = 16-npn-client-switch-resumption-client-extra
++resume-client = 16-npn-client-switch-resumption-resume-client-extra
+ 
+-[14-npn-client-switch-resumption-server-extra]
++[16-npn-client-switch-resumption-server-extra]
+ NPNProtocols = foo,bar,baz
+ 
+-[14-npn-client-switch-resumption-client-extra]
++[16-npn-client-switch-resumption-client-extra]
+ NPNProtocols = foo,baz
+ 
+-[14-npn-client-switch-resumption-resume-client-extra]
++[16-npn-client-switch-resumption-resume-client-extra]
+ NPNProtocols = bar,baz
+ 
+ 
+ # ===========================================================
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption]
+-ssl_conf = 15-npn-client-first-pref-on-mismatch-resumption-ssl
++[17-npn-client-first-pref-on-mismatch-resumption]
++ssl_conf = 17-npn-client-first-pref-on-mismatch-resumption-ssl
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-ssl]
+-server = 15-npn-client-first-pref-on-mismatch-resumption-server
+-client = 15-npn-client-first-pref-on-mismatch-resumption-client
+-resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server
+-resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client
++[17-npn-client-first-pref-on-mismatch-resumption-ssl]
++server = 17-npn-client-first-pref-on-mismatch-resumption-server
++client = 17-npn-client-first-pref-on-mismatch-resumption-client
++resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server
++resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-server]
++[17-npn-client-first-pref-on-mismatch-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-resume-server]
++[17-npn-client-first-pref-on-mismatch-resumption-resume-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-client]
++[17-npn-client-first-pref-on-mismatch-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-15]
++[test-17]
+ ExpectedNPNProtocol = foo
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 15-npn-client-first-pref-on-mismatch-resumption-server-extra
+-resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra
+-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra
+-resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra
++server = 17-npn-client-first-pref-on-mismatch-resumption-server-extra
++resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra
++client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra
++resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-server-extra]
++[17-npn-client-first-pref-on-mismatch-resumption-server-extra]
+ NPNProtocols = bar
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra]
++[17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra]
+ NPNProtocols = baz
+ 
+-[15-npn-client-first-pref-on-mismatch-resumption-client-extra]
++[17-npn-client-first-pref-on-mismatch-resumption-client-extra]
+ NPNProtocols = foo,bar
+ 
+ 
+ # ===========================================================
+ 
+-[16-npn-no-server-support-resumption]
+-ssl_conf = 16-npn-no-server-support-resumption-ssl
++[18-npn-no-server-support-resumption]
++ssl_conf = 18-npn-no-server-support-resumption-ssl
+ 
+-[16-npn-no-server-support-resumption-ssl]
+-server = 16-npn-no-server-support-resumption-server
+-client = 16-npn-no-server-support-resumption-client
+-resume-server = 16-npn-no-server-support-resumption-resume-server
+-resume-client = 16-npn-no-server-support-resumption-client
++[18-npn-no-server-support-resumption-ssl]
++server = 18-npn-no-server-support-resumption-server
++client = 18-npn-no-server-support-resumption-client
++resume-server = 18-npn-no-server-support-resumption-resume-server
++resume-client = 18-npn-no-server-support-resumption-client
+ 
+-[16-npn-no-server-support-resumption-server]
++[18-npn-no-server-support-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[16-npn-no-server-support-resumption-resume-server]
++[18-npn-no-server-support-resumption-resume-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[16-npn-no-server-support-resumption-client]
++[18-npn-no-server-support-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-16]
++[test-18]
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 16-npn-no-server-support-resumption-server-extra
+-client = 16-npn-no-server-support-resumption-client-extra
+-resume-client = 16-npn-no-server-support-resumption-client-extra
++server = 18-npn-no-server-support-resumption-server-extra
++client = 18-npn-no-server-support-resumption-client-extra
++resume-client = 18-npn-no-server-support-resumption-client-extra
+ 
+-[16-npn-no-server-support-resumption-server-extra]
++[18-npn-no-server-support-resumption-server-extra]
+ NPNProtocols = foo
+ 
+-[16-npn-no-server-support-resumption-client-extra]
++[18-npn-no-server-support-resumption-client-extra]
+ NPNProtocols = foo
+ 
+ 
+ # ===========================================================
+ 
+-[17-npn-no-client-support-resumption]
+-ssl_conf = 17-npn-no-client-support-resumption-ssl
++[19-npn-no-client-support-resumption]
++ssl_conf = 19-npn-no-client-support-resumption-ssl
+ 
+-[17-npn-no-client-support-resumption-ssl]
+-server = 17-npn-no-client-support-resumption-server
+-client = 17-npn-no-client-support-resumption-client
+-resume-server = 17-npn-no-client-support-resumption-server
+-resume-client = 17-npn-no-client-support-resumption-resume-client
++[19-npn-no-client-support-resumption-ssl]
++server = 19-npn-no-client-support-resumption-server
++client = 19-npn-no-client-support-resumption-client
++resume-server = 19-npn-no-client-support-resumption-server
++resume-client = 19-npn-no-client-support-resumption-resume-client
+ 
+-[17-npn-no-client-support-resumption-server]
++[19-npn-no-client-support-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[17-npn-no-client-support-resumption-client]
++[19-npn-no-client-support-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[17-npn-no-client-support-resumption-resume-client]
++[19-npn-no-client-support-resumption-resume-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-17]
++[test-19]
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 17-npn-no-client-support-resumption-server-extra
+-resume-server = 17-npn-no-client-support-resumption-server-extra
+-client = 17-npn-no-client-support-resumption-client-extra
++server = 19-npn-no-client-support-resumption-server-extra
++resume-server = 19-npn-no-client-support-resumption-server-extra
++client = 19-npn-no-client-support-resumption-client-extra
+ 
+-[17-npn-no-client-support-resumption-server-extra]
++[19-npn-no-client-support-resumption-server-extra]
+ NPNProtocols = foo
+ 
+-[17-npn-no-client-support-resumption-client-extra]
++[19-npn-no-client-support-resumption-client-extra]
+ NPNProtocols = foo
+ 
+ 
+ # ===========================================================
+ 
+-[18-alpn-preferred-over-npn-resumption]
+-ssl_conf = 18-alpn-preferred-over-npn-resumption-ssl
++[20-alpn-preferred-over-npn-resumption]
++ssl_conf = 20-alpn-preferred-over-npn-resumption-ssl
+ 
+-[18-alpn-preferred-over-npn-resumption-ssl]
+-server = 18-alpn-preferred-over-npn-resumption-server
+-client = 18-alpn-preferred-over-npn-resumption-client
+-resume-server = 18-alpn-preferred-over-npn-resumption-resume-server
+-resume-client = 18-alpn-preferred-over-npn-resumption-client
++[20-alpn-preferred-over-npn-resumption-ssl]
++server = 20-alpn-preferred-over-npn-resumption-server
++client = 20-alpn-preferred-over-npn-resumption-client
++resume-server = 20-alpn-preferred-over-npn-resumption-resume-server
++resume-client = 20-alpn-preferred-over-npn-resumption-client
+ 
+-[18-alpn-preferred-over-npn-resumption-server]
++[20-alpn-preferred-over-npn-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[18-alpn-preferred-over-npn-resumption-resume-server]
++[20-alpn-preferred-over-npn-resumption-resume-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[18-alpn-preferred-over-npn-resumption-client]
++[20-alpn-preferred-over-npn-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-18]
++[test-20]
+ ExpectedALPNProtocol = foo
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 18-alpn-preferred-over-npn-resumption-server-extra
+-resume-server = 18-alpn-preferred-over-npn-resumption-resume-server-extra
+-client = 18-alpn-preferred-over-npn-resumption-client-extra
+-resume-client = 18-alpn-preferred-over-npn-resumption-client-extra
++server = 20-alpn-preferred-over-npn-resumption-server-extra
++resume-server = 20-alpn-preferred-over-npn-resumption-resume-server-extra
++client = 20-alpn-preferred-over-npn-resumption-client-extra
++resume-client = 20-alpn-preferred-over-npn-resumption-client-extra
+ 
+-[18-alpn-preferred-over-npn-resumption-server-extra]
++[20-alpn-preferred-over-npn-resumption-server-extra]
+ NPNProtocols = bar
+ 
+-[18-alpn-preferred-over-npn-resumption-resume-server-extra]
++[20-alpn-preferred-over-npn-resumption-resume-server-extra]
+ ALPNProtocols = foo
+ NPNProtocols = baz
+ 
+-[18-alpn-preferred-over-npn-resumption-client-extra]
++[20-alpn-preferred-over-npn-resumption-client-extra]
+ ALPNProtocols = foo
+ NPNProtocols = bar,baz
+ 
+ 
+ # ===========================================================
+ 
+-[19-npn-used-if-alpn-not-supported-resumption]
+-ssl_conf = 19-npn-used-if-alpn-not-supported-resumption-ssl
++[21-npn-used-if-alpn-not-supported-resumption]
++ssl_conf = 21-npn-used-if-alpn-not-supported-resumption-ssl
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-ssl]
+-server = 19-npn-used-if-alpn-not-supported-resumption-server
+-client = 19-npn-used-if-alpn-not-supported-resumption-client
+-resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server
+-resume-client = 19-npn-used-if-alpn-not-supported-resumption-client
++[21-npn-used-if-alpn-not-supported-resumption-ssl]
++server = 21-npn-used-if-alpn-not-supported-resumption-server
++client = 21-npn-used-if-alpn-not-supported-resumption-client
++resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server
++resume-client = 21-npn-used-if-alpn-not-supported-resumption-client
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-server]
++[21-npn-used-if-alpn-not-supported-resumption-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-resume-server]
++[21-npn-used-if-alpn-not-supported-resumption-resume-server]
+ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+ CipherString = DEFAULT
+ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-client]
++[21-npn-used-if-alpn-not-supported-resumption-client]
+ CipherString = DEFAULT
+ MaxProtocol = TLSv1.2
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+-[test-19]
++[test-21]
+ ExpectedNPNProtocol = baz
+ HandshakeMode = Resume
+ ResumptionExpected = Yes
+-server = 19-npn-used-if-alpn-not-supported-resumption-server-extra
+-resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server-extra
+-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra
+-resume-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra
++server = 21-npn-used-if-alpn-not-supported-resumption-server-extra
++resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server-extra
++client = 21-npn-used-if-alpn-not-supported-resumption-client-extra
++resume-client = 21-npn-used-if-alpn-not-supported-resumption-client-extra
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-server-extra]
++[21-npn-used-if-alpn-not-supported-resumption-server-extra]
+ ALPNProtocols = foo
+ NPNProtocols = bar
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-resume-server-extra]
++[21-npn-used-if-alpn-not-supported-resumption-resume-server-extra]
+ NPNProtocols = baz
+ 
+-[19-npn-used-if-alpn-not-supported-resumption-client-extra]
++[21-npn-used-if-alpn-not-supported-resumption-client-extra]
+ ALPNProtocols = foo
+ NPNProtocols = bar,baz
+ 
+diff --git a/test/ssl-tests/08-npn.cnf.in b/test/ssl-tests/08-npn.cnf.in
+index 30783e4..1dc2704 100644
+--- a/test/ssl-tests/08-npn.cnf.in
++++ b/test/ssl-tests/08-npn.cnf.in
+@@ -110,6 +110,41 @@ our @tests = (
+             "ExpectedNPNProtocol" => undef,
+         },
+     },
++    {
++        name => "npn-empty-client-list",
++        server => {
++            extra => {
++                "NPNProtocols" => "foo",
++            },
++        },
++        client => {
++            extra => {
++                "NPNProtocols" => "",
++            },
++            "MaxProtocol" => "TLSv1.2"
++        },
++        test => {
++            "ExpectedResult" => "ClientFail",
++            "ExpectedClientAlert" => "HandshakeFailure"
++        },
++    },
++    {
++        name => "npn-empty-server-list",
++        server => {
++            extra => {
++                "NPNProtocols" => "",
++            },
++        },
++        client => {
++            extra => {
++                "NPNProtocols" => "foo",
++            },
++            "MaxProtocol" => "TLSv1.2"
++        },
++        test => {
++            "ExpectedNPNProtocol" => "foo"
++        },
++    },
+     {
+         name => "npn-with-sni-no-context-switch",
+         server => {
+diff --git a/test/ssl-tests/09-alpn.cnf b/test/ssl-tests/09-alpn.cnf
+index e7e6cb9..dd66873 100644
+--- a/test/ssl-tests/09-alpn.cnf
++++ b/test/ssl-tests/09-alpn.cnf
+@@ -1,6 +1,6 @@
+ # Generated with generate_ssl_tests.pl
+ 
+-num_tests = 16
++num_tests = 18
+ 
+ test-0 = 0-alpn-simple
+ test-1 = 1-alpn-server-finds-match
+@@ -18,6 +18,8 @@ test-12 = 12-alpn-client-switch-resumption
+ test-13 = 13-alpn-alert-on-mismatch-resumption
+ test-14 = 14-alpn-no-server-support-resumption
+ test-15 = 15-alpn-no-client-support-resumption
++test-16 = 16-alpn-empty-client-list
++test-17 = 17-alpn-empty-server-list
+ # ===========================================================
+ 
+ [0-alpn-simple]
+@@ -617,3 +619,65 @@ ALPNProtocols = foo
+ ALPNProtocols = foo
+ 
+ 
++# ===========================================================
++
++[16-alpn-empty-client-list]
++ssl_conf = 16-alpn-empty-client-list-ssl
++
++[16-alpn-empty-client-list-ssl]
++server = 16-alpn-empty-client-list-server
++client = 16-alpn-empty-client-list-client
++
++[16-alpn-empty-client-list-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++[16-alpn-empty-client-list-client]
++CipherString = DEFAULT
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++[test-16]
++server = 16-alpn-empty-client-list-server-extra
++client = 16-alpn-empty-client-list-client-extra
++
++[16-alpn-empty-client-list-server-extra]
++ALPNProtocols = foo
++
++[16-alpn-empty-client-list-client-extra]
++ALPNProtocols = 
++
++
++# ===========================================================
++
++[17-alpn-empty-server-list]
++ssl_conf = 17-alpn-empty-server-list-ssl
++
++[17-alpn-empty-server-list-ssl]
++server = 17-alpn-empty-server-list-server
++client = 17-alpn-empty-server-list-client
++
++[17-alpn-empty-server-list-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++[17-alpn-empty-server-list-client]
++CipherString = DEFAULT
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++[test-17]
++ExpectedResult = ServerFail
++ExpectedServerAlert = NoApplicationProtocol
++server = 17-alpn-empty-server-list-server-extra
++client = 17-alpn-empty-server-list-client-extra
++
++[17-alpn-empty-server-list-server-extra]
++ALPNProtocols = 
++
++[17-alpn-empty-server-list-client-extra]
++ALPNProtocols = foo
++
++
+diff --git a/test/ssl-tests/09-alpn.cnf.in b/test/ssl-tests/09-alpn.cnf.in
+index 8133075..322b709 100644
+--- a/test/ssl-tests/09-alpn.cnf.in
++++ b/test/ssl-tests/09-alpn.cnf.in
+@@ -322,4 +322,37 @@ our @tests = (
+             "ExpectedALPNProtocol" => undef,
+         },
+     },
++    {
++        name => "alpn-empty-client-list",
++        server => {
++            extra => {
++                "ALPNProtocols" => "foo",
++            },
++        },
++        client => {
++            extra => {
++                "ALPNProtocols" => "",
++            },
++        },
++        test => {
++            "ExpectedALPNProtocol" => undef,
++        },
++    },
++    {
++        name => "alpn-empty-server-list",
++        server => {
++            extra => {
++                "ALPNProtocols" => "",
++            },
++        },
++        client => {
++            extra => {
++                "ALPNProtocols" => "foo",
++            },
++        },
++        test => {
++            "ExpectedResult" => "ServerFail",
++            "ExpectedServerAlert" => "NoApplicationProtocol",
++        },
++    },
+ );
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch
new file mode 100644
index 0000000000..7319d27bb8
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch
@@ -0,0 +1,43 @@
+From 86351b8dd4c499de7a0c02313ee54966e978150f Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 21 Jun 2024 10:41:55 +0100
+Subject: [PATCH 07/10] Correct return values for
+ tls_construct_stoc_next_proto_neg
+
+Return EXT_RETURN_NOT_SENT in the event that we don't send the extension,
+rather than EXT_RETURN_SENT. This actually makes no difference at all to
+the current control flow since this return value is ignored in this case
+anyway. But lets make it correct anyway.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/53f5677f358c4a4f69830d944ea40e71950673b8]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ ssl/statem/extensions_srvr.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
+index 64ccb3e..b821c7c 100644
+--- a/ssl/statem/extensions_srvr.c
++++ b/ssl/statem/extensions_srvr.c
+@@ -1496,9 +1496,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL_CONNECTION *s, WPACKET *pkt,
+             return EXT_RETURN_FAIL;
+         }
+         s->s3.npn_seen = 1;
++        return EXT_RETURN_SENT;
+     }
+ 
+-    return EXT_RETURN_SENT;
++    return EXT_RETURN_NOT_SENT;
+ }
+ #endif
+ 
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch
new file mode 100644
index 0000000000..f64938a5ca
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch
@@ -0,0 +1,66 @@
+From 29f860914824cde6b0aea6ad818b93132930137f Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 21 Jun 2024 11:51:54 +0100
+Subject: [PATCH 08/10] Add ALPN validation in the client
+
+The ALPN protocol selected by the server must be one that we originally
+advertised. We should verify that it is.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/195e15421df113d7283aab2ccff8b8fb06df5465]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ ssl/statem/extensions_clnt.c | 24 ++++++++++++++++++++++++
+ 1 file changed, 24 insertions(+)
+
+diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
+index 1ab3c13..ff9c009 100644
+--- a/ssl/statem/extensions_clnt.c
++++ b/ssl/statem/extensions_clnt.c
+@@ -1590,6 +1590,8 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
+                         X509 *x, size_t chainidx)
+ {
+     size_t len;
++    PACKET confpkt, protpkt;
++    int valid = 0;
+ 
+     /* We must have requested it. */
+     if (!s->s3.alpn_sent) {
+@@ -1608,6 +1610,28 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
+         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
+         return 0;
+     }
++
++    /* It must be a protocol that we sent */
++    if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) {
++        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
++        return 0;
++    }
++    while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) {
++        if (PACKET_remaining(&protpkt) != len)
++            continue;
++        if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) {
++            /* Valid protocol found */
++            valid = 1;
++            break;
++        }
++    }
++
++    if (!valid) {
++        /* The protocol sent from the server does not match one we advertised */
++        SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
++        return 0;
++    }
++
+     OPENSSL_free(s->s3.alpn_selected);
+     s->s3.alpn_selected = OPENSSL_malloc(len);
+     if (s->s3.alpn_selected == NULL) {
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch
new file mode 100644
index 0000000000..fb1cef5067
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch
@@ -0,0 +1,271 @@
+From 6a5484b0d3fcf9a868c7e3e5b62e5eedc90b6080 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 21 Jun 2024 10:09:41 +0100
+Subject: [PATCH 09/10] Add explicit testing of ALN and NPN in sslapitest
+
+We already had some tests elsewhere - but this extends that testing with
+additional tests.
+
+Follow on from CVE-2024-5535
+
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24717)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/7c95191434415d1c9b7fe9b130df13cce630b6b5]
+CVE: CVE-2024-5535
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ test/sslapitest.c | 229 ++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 229 insertions(+)
+
+diff --git a/test/sslapitest.c b/test/sslapitest.c
+index 15cb906..7a55a2b 100644
+--- a/test/sslapitest.c
++++ b/test/sslapitest.c
+@@ -11877,6 +11877,231 @@ static int test_select_next_proto(int idx)
+     return ret;
+ }
+ 
++static const unsigned char fooprot[] = {3, 'f', 'o', 'o' };
++static const unsigned char barprot[] = {3, 'b', 'a', 'r' };
++
++#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG)
++static int npn_advert_cb(SSL *ssl, const unsigned char **out,
++                         unsigned int *outlen, void *arg)
++{
++    int *idx = (int *)arg;
++
++    switch (*idx) {
++    default:
++    case 0:
++        *out = fooprot;
++        *outlen = sizeof(fooprot);
++        return SSL_TLSEXT_ERR_OK;
++
++    case 1:
++        *outlen = 0;
++        return SSL_TLSEXT_ERR_OK;
++
++    case 2:
++        return SSL_TLSEXT_ERR_NOACK;
++    }
++}
++
++static int npn_select_cb(SSL *s, unsigned char **out, unsigned char *outlen,
++                         const unsigned char *in, unsigned int inlen, void *arg)
++{
++    int *idx = (int *)arg;
++
++    switch (*idx) {
++    case 0:
++    case 1:
++        *out = (unsigned char *)(fooprot + 1);
++        *outlen = *fooprot;
++        return SSL_TLSEXT_ERR_OK;
++
++    case 3:
++        *out = (unsigned char *)(barprot + 1);
++        *outlen = *barprot;
++        return SSL_TLSEXT_ERR_OK;
++
++    case 4:
++        *outlen = 0;
++        return SSL_TLSEXT_ERR_OK;
++
++    default:
++    case 2:
++        return SSL_TLSEXT_ERR_ALERT_FATAL;
++    }
++}
++
++/*
++ * Test the NPN callbacks
++ * Test 0: advert = foo, select = foo
++ * Test 1: advert = <empty>, select = foo
++ * Test 2: no advert
++ * Test 3: advert = foo, select = bar
++ * Test 4: advert = foo, select = <empty> (should fail)
++ */
++static int test_npn(int idx)
++{
++    SSL_CTX *sctx = NULL, *cctx = NULL;
++    SSL *serverssl = NULL, *clientssl = NULL;
++    int testresult = 0;
++
++    if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
++                                       TLS_client_method(), 0, TLS1_2_VERSION,
++                                       &sctx, &cctx, cert, privkey)))
++        goto end;
++
++    SSL_CTX_set_next_protos_advertised_cb(sctx, npn_advert_cb, &idx);
++    SSL_CTX_set_next_proto_select_cb(cctx, npn_select_cb, &idx);
++
++    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL,
++                                      NULL)))
++        goto end;
++
++    if (idx == 4) {
++        /* We don't allow empty selection of NPN, so this should fail */
++        if (!TEST_false(create_ssl_connection(serverssl, clientssl,
++                                              SSL_ERROR_NONE)))
++            goto end;
++    } else {
++        const unsigned char *prot;
++        unsigned int protlen;
++
++        if (!TEST_true(create_ssl_connection(serverssl, clientssl,
++                                             SSL_ERROR_NONE)))
++            goto end;
++
++        SSL_get0_next_proto_negotiated(serverssl, &prot, &protlen);
++        switch (idx) {
++        case 0:
++        case 1:
++            if (!TEST_mem_eq(prot, protlen, fooprot + 1, *fooprot))
++                goto end;
++            break;
++        case 2:
++            if (!TEST_uint_eq(protlen, 0))
++                goto end;
++            break;
++        case 3:
++            if (!TEST_mem_eq(prot, protlen, barprot + 1, *barprot))
++                goto end;
++            break;
++        default:
++            TEST_error("Should not get here");
++            goto end;
++        }
++    }
++
++    testresult = 1;
++ end:
++    SSL_free(serverssl);
++    SSL_free(clientssl);
++    SSL_CTX_free(sctx);
++    SSL_CTX_free(cctx);
++
++    return testresult;
++}
++#endif /* !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) */
++
++static int alpn_select_cb2(SSL *ssl, const unsigned char **out,
++                           unsigned char *outlen, const unsigned char *in,
++                           unsigned int inlen, void *arg)
++{
++    int *idx = (int *)arg;
++
++    switch (*idx) {
++    case 0:
++        *out = (unsigned char *)(fooprot + 1);
++        *outlen = *fooprot;
++        return SSL_TLSEXT_ERR_OK;
++
++    case 2:
++        *out = (unsigned char *)(barprot + 1);
++        *outlen = *barprot;
++        return SSL_TLSEXT_ERR_OK;
++
++    case 3:
++        *outlen = 0;
++        return SSL_TLSEXT_ERR_OK;
++
++    default:
++    case 1:
++        return SSL_TLSEXT_ERR_ALERT_FATAL;
++    }
++    return 0;
++}
++
++/*
++ * Test the ALPN callbacks
++ * Test 0: client = foo, select = foo
++ * Test 1: client = <empty>, select = none
++ * Test 2: client = foo, select = bar (should fail)
++ * Test 3: client = foo, select = <empty> (should fail)
++ */
++static int test_alpn(int idx)
++{
++    SSL_CTX *sctx = NULL, *cctx = NULL;
++    SSL *serverssl = NULL, *clientssl = NULL;
++    int testresult = 0;
++    const unsigned char *prots = fooprot;
++    unsigned int protslen = sizeof(fooprot);
++
++    if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
++                                       TLS_client_method(), 0, 0,
++                                       &sctx, &cctx, cert, privkey)))
++        goto end;
++
++    SSL_CTX_set_alpn_select_cb(sctx, alpn_select_cb2, &idx);
++
++    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL,
++                                      NULL)))
++        goto end;
++
++    if (idx == 1) {
++        prots = NULL;
++        protslen = 0;
++    }
++
++    /* SSL_set_alpn_protos returns 0 for success! */
++    if (!TEST_false(SSL_set_alpn_protos(clientssl, prots, protslen)))
++        goto end;
++
++    if (idx == 2 || idx == 3) {
++        /* We don't allow empty selection of NPN, so this should fail */
++        if (!TEST_false(create_ssl_connection(serverssl, clientssl,
++                                              SSL_ERROR_NONE)))
++            goto end;
++    } else {
++        const unsigned char *prot;
++        unsigned int protlen;
++
++        if (!TEST_true(create_ssl_connection(serverssl, clientssl,
++                                             SSL_ERROR_NONE)))
++            goto end;
++
++        SSL_get0_alpn_selected(clientssl, &prot, &protlen);
++        switch (idx) {
++        case 0:
++            if (!TEST_mem_eq(prot, protlen, fooprot + 1, *fooprot))
++                goto end;
++            break;
++        case 1:
++            if (!TEST_uint_eq(protlen, 0))
++                goto end;
++            break;
++        default:
++            TEST_error("Should not get here");
++            goto end;
++        }
++    }
++
++    testresult = 1;
++ end:
++    SSL_free(serverssl);
++    SSL_free(clientssl);
++    SSL_CTX_free(sctx);
++    SSL_CTX_free(cctx);
++
++    return testresult;
++}
++
+ OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n")
+ 
+ int setup_tests(void)
+@@ -12190,6 +12415,10 @@ int setup_tests(void)
+     ADD_TEST(test_data_retry);
+     ADD_ALL_TESTS(test_multi_resume, 5);
+     ADD_ALL_TESTS(test_select_next_proto, OSSL_NELEM(next_proto_tests));
++#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG)
++    ADD_ALL_TESTS(test_npn, 5);
++#endif
++    ADD_ALL_TESTS(test_alpn, 4);
+     return 1;
+ 
+  err:
+-- 
+2.44.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.2.bb b/meta/recipes-connectivity/openssl/openssl_3.2.2.bb
index 1c92707144..3242dd69c6 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.2.2.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.2.2.bb
@@ -12,6 +12,16 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
            file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
            file://0001-Configure-do-not-tweak-mips-cflags.patch \
            file://0001-Added-handshake-history-reporting-when-test-fails.patch \
+           file://CVE-2024-5535_1.patch \
+           file://CVE-2024-5535_2.patch \
+           file://CVE-2024-5535_3.patch \
+           file://CVE-2024-5535_4.patch \
+           file://CVE-2024-5535_5.patch \
+           file://CVE-2024-5535_6.patch \
+           file://CVE-2024-5535_7.patch \
+           file://CVE-2024-5535_8.patch \
+           file://CVE-2024-5535_9.patch \
+           file://CVE-2024-5535_10.patch \
            "
 
 SRC_URI:append:class-nativesdk = " \
-- 
2.34.1

[OE-core][scarthgap 05/21] QEMU: Fix CVE-2024-3446 & CVE-2024-3567

[Steve Sakoman]

From: Hitendra Prajapati <hprajapati@mvista.com>

Backport fixes for:

* CVE-2024-3446 - Upstream-Status: Backport from https://gitlab.com/qemu-project/qemu/-/commit/eb546a3f49f45e6870ec91d792cd09f8a662c16e  && https://gitlab.com/qemu-project/qemu/-/commit/4f01537ced3e787bd985b8f8de5869b92657160a && https://gitlab.com/qemu-project/qemu/-/commit/fbeb0a160cbcc067c0e1f0d380cea4a31de213e3 && https://gitlab.com/qemu-project/qemu/-/commit/1b2a52712b249e14d246cd9c7db126088e6e64db

* CVE-2024-3567 - Upstream-Status: Backport from https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc           |  5 ++
 .../qemu/qemu/CVE-2024-3446-01.patch          | 73 +++++++++++++++++++
 .../qemu/qemu/CVE-2024-3446-02.patch          | 48 ++++++++++++
 .../qemu/qemu/CVE-2024-3446-03.patch          | 47 ++++++++++++
 .../qemu/qemu/CVE-2024-3446-04.patch          | 52 +++++++++++++
 .../qemu/qemu/CVE-2024-3567.patch             | 48 ++++++++++++
 6 files changed, 273 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 4501f84c2b..d22bc31ce3 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -42,6 +42,11 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
            file://CVE-2023-6683.patch \
            file://qemu-guest-agent.init \
            file://qemu-guest-agent.udev \
+           file://CVE-2024-3446-01.patch \
+           file://CVE-2024-3446-02.patch \
+           file://CVE-2024-3446-03.patch \
+           file://CVE-2024-3446-04.patch \
+           file://CVE-2024-3567.patch \
            "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch
new file mode 100644
index 0000000000..15dbca92cd
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch
@@ -0,0 +1,73 @@
+rom eb546a3f49f45e6870ec91d792cd09f8a662c16e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
+Date: Thu, 4 Apr 2024 20:56:11 +0200
+Subject: [PATCH] hw/virtio: Introduce virtio_bh_new_guarded() helper
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Introduce virtio_bh_new_guarded(), similar to qemu_bh_new_guarded()
+but using the transport memory guard, instead of the device one
+(there can only be one virtio device per virtio bus).
+
+Inspired-by: Gerd Hoffmann <kraxel@redhat.com>
+Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
+Acked-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Message-Id: <20240409105537.18308-2-philmd@linaro.org>
+(cherry picked from commit ec0504b989ca61e03636384d3602b7bf07ffe4da)
+Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
+
+Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/eb546a3f49f45e6870ec91d792cd09f8a662c16e]
+CVE: CVE-2024-3446
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ hw/virtio/virtio.c         | 10 ++++++++++
+ include/hw/virtio/virtio.h |  7 +++++++
+ 2 files changed, 17 insertions(+)
+
+diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
+index 3a160f86e..8590b8971 100644
+--- a/hw/virtio/virtio.c
++++ b/hw/virtio/virtio.c
+@@ -4095,3 +4095,13 @@ static void virtio_register_types(void)
+ }
+ 
+ type_init(virtio_register_types)
++
++QEMUBH *virtio_bh_new_guarded_full(DeviceState *dev,
++                                   QEMUBHFunc *cb, void *opaque,
++                                   const char *name)
++{
++    DeviceState *transport = qdev_get_parent_bus(dev)->parent;
++
++    return qemu_bh_new_full(cb, opaque, name,
++                            &transport->mem_reentrancy_guard);
++}
+diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
+index c8f72850b..7d5ffdc14 100644
+--- a/include/hw/virtio/virtio.h
++++ b/include/hw/virtio/virtio.h
+@@ -22,6 +22,7 @@
+ #include "standard-headers/linux/virtio_config.h"
+ #include "standard-headers/linux/virtio_ring.h"
+ #include "qom/object.h"
++#include "block/aio.h"
+ 
+ /*
+  * A guest should never accept this. It implies negotiation is broken
+@@ -508,4 +509,10 @@ static inline bool virtio_device_disabled(VirtIODevice *vdev)
+ bool virtio_legacy_allowed(VirtIODevice *vdev);
+ bool virtio_legacy_check_disabled(VirtIODevice *vdev);
+ 
++QEMUBH *virtio_bh_new_guarded_full(DeviceState *dev,
++                                   QEMUBHFunc *cb, void *opaque,
++                                   const char *name);
++#define virtio_bh_new_guarded(dev, cb, opaque) \
++    virtio_bh_new_guarded_full((dev), (cb), (opaque), (stringify(cb)))
++
+ #endif
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch
new file mode 100644
index 0000000000..843ed43ba8
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch
@@ -0,0 +1,48 @@
+From 4f01537ced3e787bd985b8f8de5869b92657160a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
+Date: Thu, 4 Apr 2024 20:56:41 +0200
+Subject: [PATCH] hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
+so the bus and device use the same guard. Otherwise the
+DMA-reentrancy protection can be bypassed.
+
+Fixes: CVE-2024-3446
+Cc: qemu-stable@nongnu.org
+Suggested-by: Alexander Bulekov <alxndr@bu.edu>
+Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
+Acked-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Message-Id: <20240409105537.18308-5-philmd@linaro.org>
+(cherry picked from commit f4729ec39ad97a42ceaa7b5697f84f440ea6e5dc)
+Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
+
+Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/4f01537ced3e787bd985b8f8de5869b92657160a]
+CVE: CVE-2024-3446
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ hw/virtio/virtio-crypto.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
+index 0e2cc8d5a..4aaced74b 100644
+--- a/hw/virtio/virtio-crypto.c
++++ b/hw/virtio/virtio-crypto.c
+@@ -1080,8 +1080,8 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
+         vcrypto->vqs[i].dataq =
+                  virtio_add_queue(vdev, 1024, virtio_crypto_handle_dataq_bh);
+         vcrypto->vqs[i].dataq_bh =
+-                 qemu_bh_new_guarded(virtio_crypto_dataq_bh, &vcrypto->vqs[i],
+-                                     &dev->mem_reentrancy_guard);
++                 virtio_bh_new_guarded(dev, virtio_crypto_dataq_bh,
++                                       &vcrypto->vqs[i]);
+         vcrypto->vqs[i].vcrypto = vcrypto;
+     }
+ 
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch
new file mode 100644
index 0000000000..a24652dea3
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch
@@ -0,0 +1,47 @@
+From fbeb0a160cbcc067c0e1f0d380cea4a31de213e3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
+Date: Thu, 4 Apr 2024 20:56:35 +0200
+Subject: [PATCH] hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
+so the bus and device use the same guard. Otherwise the
+DMA-reentrancy protection can be bypassed.
+
+Fixes: CVE-2024-3446
+Cc: qemu-stable@nongnu.org
+Suggested-by: Alexander Bulekov <alxndr@bu.edu>
+Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
+Acked-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Message-Id: <20240409105537.18308-4-philmd@linaro.org>
+(cherry picked from commit b4295bff25f7b50de1d9cc94a9c6effd40056bca)
+Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
+
+Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/fbeb0a160cbcc067c0e1f0d380cea4a31de213e3]
+CVE: CVE-2024-3446
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ hw/char/virtio-serial-bus.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c
+index dd619f073..1221fb7f1 100644
+--- a/hw/char/virtio-serial-bus.c
++++ b/hw/char/virtio-serial-bus.c
+@@ -985,8 +985,7 @@ static void virtser_port_device_realize(DeviceState *dev, Error **errp)
+         return;
+     }
+ 
+-    port->bh = qemu_bh_new_guarded(flush_queued_data_bh, port,
+-                                   &dev->mem_reentrancy_guard);
++    port->bh = virtio_bh_new_guarded(dev, flush_queued_data_bh, port);
+     port->elem = NULL;
+ }
+ 
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch
new file mode 100644
index 0000000000..7f0293242d
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch
@@ -0,0 +1,52 @@
+From 1b2a52712b249e14d246cd9c7db126088e6e64db Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
+Date: Thu, 4 Apr 2024 20:56:27 +0200
+Subject: [PATCH] hw/display/virtio-gpu: Protect from DMA re-entrancy bugs
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+qemu-system-i386: warning: Blocked re-entrant IO on MemoryRegion: virtio-pci-common-virtio-gpu at addr: 0x6
+
+Fixes: CVE-2024-3446
+Cc: qemu-stable@nongnu.org
+Reported-by: Alexander Bulekov <alxndr@bu.edu>
+Reported-by: Yongkang Jia <kangel@zju.edu.cn>
+Reported-by: Xiao Lei <nop.leixiao@gmail.com>
+Reported-by: Yiming Tao <taoym@zju.edu.cn>
+Buglink: https://bugs.launchpad.net/qemu/+bug/1888606
+Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
+Acked-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Message-Id: <20240409105537.18308-3-philmd@linaro.org>
+(cherry picked from commit ba28e0ff4d95b56dc334aac2730ab3651ffc3132)
+Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
+
+Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1b2a52712b249e14d246cd9c7db126088e6e64db]
+CVE: CVE-2024-3446
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ hw/display/virtio-gpu.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
+index b016d3bac..a7b16ba07 100644
+--- a/hw/display/virtio-gpu.c
++++ b/hw/display/virtio-gpu.c
+@@ -1463,10 +1463,8 @@ void virtio_gpu_device_realize(DeviceState *qdev, Error **errp)
+ 
+     g->ctrl_vq = virtio_get_queue(vdev, 0);
+     g->cursor_vq = virtio_get_queue(vdev, 1);
+-    g->ctrl_bh = qemu_bh_new_guarded(virtio_gpu_ctrl_bh, g,
+-                                     &qdev->mem_reentrancy_guard);
+-    g->cursor_bh = qemu_bh_new_guarded(virtio_gpu_cursor_bh, g,
+-                                       &qdev->mem_reentrancy_guard);
++    g->ctrl_bh = virtio_bh_new_guarded(qdev, virtio_gpu_ctrl_bh, g);
++    g->cursor_bh = virtio_bh_new_guarded(qdev, virtio_gpu_cursor_bh, g);
+     g->reset_bh = qemu_bh_new(virtio_gpu_reset_bh, g);
+     qemu_cond_init(&g->reset_cond);
+     QTAILQ_INIT(&g->reslist);
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch
new file mode 100644
index 0000000000..f14178f881
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch
@@ -0,0 +1,48 @@
+From 1cfe45956e03070f894e91b304e233b4d5b99719 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>
+Date: Tue, 9 Apr 2024 19:54:05 +0200
+Subject: [PATCH] hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If a fragmented packet size is too short, do not try to
+calculate its checksum.
+
+Fixes: CVE-2024-3567
+Cc: qemu-stable@nongnu.org
+Reported-by: Zheyu Ma <zheyuma97@gmail.com>
+Fixes: f199b13bc1 ("igb: Implement Tx SCTP CSO")
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2273
+Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
+Acked-by: Jason Wang <jasowang@redhat.com>
+Message-Id: <20240410070459.49112-1-philmd@linaro.org>
+(cherry picked from commit 83ddb3dbba2ee0f1767442ae6ee665058aeb1093)
+Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
+
+Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719]
+CVE: CVE-2024-3567
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ hw/net/net_tx_pkt.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
+index 2e5f58b3c..d40d508a1 100644
+--- a/hw/net/net_tx_pkt.c
++++ b/hw/net/net_tx_pkt.c
+@@ -141,6 +141,10 @@ bool net_tx_pkt_update_sctp_checksum(struct NetTxPkt *pkt)
+     uint32_t csum = 0;
+     struct iovec *pl_start_frag = pkt->vec + NET_TX_PKT_PL_START_FRAG;
+ 
++    if (iov_size(pl_start_frag, pkt->payload_frags) < 8 + sizeof(csum)) {
++        return false;
++    }
++
+     if (iov_from_buf(pl_start_frag, pkt->payload_frags, 8, &csum, sizeof(csum)) < sizeof(csum)) {
+         return false;
+     }
+-- 
+2.25.1
+
-- 
2.34.1

[OE-core][scarthgap 06/21] gstreamer: upgrade 1.22.11 -> 1.22.12

[Steve Sakoman]

From: Archana Polampalli <archana.polampalli@windriver.com>

https://gstreamer.freedesktop.org/releases/1.22/#1.22.12

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../{gst-devtools_1.22.11.bb => gst-devtools_1.22.12.bb}        | 2 +-
 ...reamer1.0-libav_1.22.11.bb => gstreamer1.0-libav_1.22.12.bb} | 2 +-
 ...{gstreamer1.0-omx_1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} | 2 +-
 ...ugins-bad_1.22.11.bb => gstreamer1.0-plugins-bad_1.22.12.bb} | 2 +-
 ...ins-base_1.22.11.bb => gstreamer1.0-plugins-base_1.22.12.bb} | 2 +-
 ...ins-good_1.22.11.bb => gstreamer1.0-plugins-good_1.22.12.bb} | 2 +-
 ...ins-ugly_1.22.11.bb => gstreamer1.0-plugins-ugly_1.22.12.bb} | 2 +-
 ...amer1.0-python_1.22.11.bb => gstreamer1.0-python_1.22.12.bb} | 2 +-
 ...sp-server_1.22.11.bb => gstreamer1.0-rtsp-server_1.22.12.bb} | 2 +-
 ...reamer1.0-vaapi_1.22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} | 2 +-
 .../{gstreamer1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb}        | 2 +-
 11 files changed, 11 insertions(+), 11 deletions(-)
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.11.bb => gst-devtools_1.22.12.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.11.bb => gstreamer1.0-libav_1.22.12.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.11.bb => gstreamer1.0-plugins-bad_1.22.12.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.11.bb => gstreamer1.0-plugins-base_1.22.12.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.11.bb => gstreamer1.0-plugins-good_1.22.12.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.11.bb => gstreamer1.0-plugins-ugly_1.22.12.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.11.bb => gstreamer1.0-python_1.22.12.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.11.bb => gstreamer1.0-rtsp-server_1.22.12.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} (97%)

diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb
index 2be406192f..c30341d1f0 100644
--- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb
@@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV}
            file://0001-connect-has-a-different-signature-on-musl.patch \
            "
 
-SRC_URI[sha256sum] = "07766425ecb5bf857ab5ad3962321c55cd89f9386b720843f9df71c0a455eb9b"
+SRC_URI[sha256sum] = "015ff62789dab423edafe979b019c7de4c849a2b7e74912b20b74a70e5b68f72"
 
 DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
 RRECOMMENDS:${PN} = "git"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb
similarity index 91%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb
index f3287efa96..bd9ae2464e 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb
@@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \
                     "
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "6b13dcc9332ef27a7c1e7005c0196883874f91622f8aa6e52f218b05b15d2bf5"
+SRC_URI[sha256sum] = "3b60d4cac2fbcd085a93e9389ca23e0443bee1ca75574d31d4f12bb1bbecab48"
 
 S = "${WORKDIR}/gst-libav-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb
index 97348fb398..4db16ed10b 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "18dfdf5f6b773d67e62a315c6cf6247da320b83603a5819493f53c69ed2eeef6"
+SRC_URI[sha256sum] = "6b0685b92ac735032d7987d1028afaeab0a98ab726e0c51e5b9bfc8f2da7c8b1"
 
 S = "${WORKDIR}/gst-omx-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb
similarity index 98%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb
index 523ee7a5ae..01c95ac85f 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb
@@ -10,7 +10,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad
            file://0002-avoid-including-sys-poll.h-directly.patch \
            file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
            "
-SRC_URI[sha256sum] = "808d3b33fc4c71aeb2561c364a87c2e8a3e2343319a83244c8391be4b09499c8"
+SRC_URI[sha256sum] = "388b4c4412f42e36a38b17cc34119bc11879bd4d9fbd4ff6d03b2c7fc6b4d494"
 
 S = "${WORKDIR}/gst-plugins-bad-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb
similarity index 98%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb
index 7aa10eb646..5905c2d5b1 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba
            file://0003-viv-fb-Make-sure-config.h-is-included.patch \
            file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
            "
-SRC_URI[sha256sum] = "65eaf72296cc5edc985695a4d80affc931e64a79f4879d05615854f7a2cf5bd1"
+SRC_URI[sha256sum] = "73cfadc3a6ffe77ed974cfd6fb391c605e4531f48db21dd6b9f42b8cb69bd8c1"
 
 S = "${WORKDIR}/gst-plugins-base-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb
index 85143aa1b9..8099d70791 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb
@@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go
            file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
            file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch"
 
-SRC_URI[sha256sum] = "6ddd032381827d31820540735f0004b429436b0bdac19aaeab44fa22faad52e2"
+SRC_URI[sha256sum] = "9c1913f981900bd8867182639b20907b28ed78ef7a222cfbf2d8ba9dab992fa7"
 
 S = "${WORKDIR}/gst-plugins-good-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb
similarity index 94%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb
index 61f46fbf7e..714ee178d8 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb
@@ -15,7 +15,7 @@ SRC_URI = " \
             https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
             "
 
-SRC_URI[sha256sum] = "7758b7decfd20c00cae5700822bcbbf03f98c723e33e17634db2e07ca1da60bf"
+SRC_URI[sha256sum] = "d59a1aaf8dd2cc416dc5b5c0b7aecd02b1811bf1229aa724e6c2a503d3799083"
 
 S = "${WORKDIR}/gst-plugins-ugly-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb
similarity index 91%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb
index 0fbb03f757..2eee5aee5e 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb
@@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "f7a5450d93fd81bf46060dca7f4a048d095b6717961fec211731a11a994c99a7"
+SRC_URI[sha256sum] = "d98d3226efea20d5c440a28988a20319a953f7c594895df2bba4538633108e9f"
 
 DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
 RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb
similarity index 90%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb
index 554ed9ec8f..c89c22f334 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb
@@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "ec49d474750a6ff6729c85b448abc607fb6840b21717ad7abc967e2adbf07a24"
+SRC_URI[sha256sum] = "bf6c7871e7cf3528e4ec87ddc2f2949691cd269f98e536482ae744c1405cf451"
 
 S = "${WORKDIR}/${PNREAL}-${PV}"
 
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb
index 87eb8484a1..ef75ed64b3 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "6eae1360658302b9b512fa46b4d06f5b818dfce5f2f43d7d710ca8142719d8ad"
+SRC_URI[sha256sum] = "013ad729b2fe4fccda559bddc626bcb14230cfb90a2271049f8466bfec5d80df"
 
 S = "${WORKDIR}/${REALPN}-${PV}"
 DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb
index 8965497d01..f4acb0977b 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb
@@ -22,7 +22,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x
            file://0003-tests-use-a-dictionaries-for-environment.patch \
            file://0004-tests-add-helper-script-to-run-the-installed_tests.patch \
            "
-SRC_URI[sha256sum] = "3d16259e9dab8b002c57ce208a09b350d8282f5b0197306c0cdba9a0d0799744"
+SRC_URI[sha256sum] = "ac352f3d02caa67f3b169daa9aa78b04dea0fc08a727de73cb28d89bd54c6f61"
 
 PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
                    check \
-- 
2.34.1

[OE-core][scarthgap 07/21] python3-jinja2: Upgrade 3.1.3 -> 3.1.4

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Switch to use flit core since upstream changed.

They also changed the capitalisation under pypi.

The license didn't change but the file was renamed, probably as it wasn't
rst.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e352680528b18c3cdae26233bef7cddc2771d42d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb}  | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 rename meta/recipes-devtools/python/{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} (79%)

diff --git a/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb
similarity index 79%
rename from meta/recipes-devtools/python/python3-jinja2_3.1.3.bb
rename to meta/recipes-devtools/python/python3-jinja2_3.1.4.bb
index 636fb35811..2c02037011 100644
--- a/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb
+++ b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb
@@ -2,17 +2,17 @@ SUMMARY = "Python Jinja2: A small but fast and easy to use stand-alone template
 HOMEPAGE = "https://pypi.org/project/Jinja2/"
 
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462"
 
-SRC_URI[sha256sum] = "ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90"
+SRC_URI[sha256sum] = "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369"
 
-PYPI_PACKAGE = "Jinja2"
+PYPI_PACKAGE = "jinja2"
 
 CVE_PRODUCT = "jinja2 jinja"
 
 CLEANBROKEN = "1"
 
-inherit pypi setuptools3 ptest
+inherit pypi python_flit_core ptest
 
 SRC_URI += " \
 	file://run-ptest \
-- 
2.34.1

[OE-core][scarthgap 08/21] linux-yocto/6.6: update to v6.6.34

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.6 to the latest korg -stable release that comprises
the following commits:

    64ebf485c56b usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock
    76d42e596d89 Linux 6.6.34
    8353b7f70dd2 smp: Provide 'setup_max_cpus' definition on UP too
    50f3931746b5 selftests: net: more strict check in net_helper
    225de871ddf9 smb: client: fix deadlock in smb2_find_smb_tcon()
    9c3095ad40f9 powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH
    b48f81d2c3dc ALSA: seq: Fix incorrect UMP type for system messages
    44bc51c08d64 btrfs: fix leak of qgroup extent records after transaction abort
    3d08c52ba188 btrfs: fix crash on racing fsync and size-extending write into prealloc
    e5104cbb146f tracefs: Clear EVENT_INODE flag in tracefs_drop_inode()
    4e84ead3f60a eventfs: Keep the directories from having the same inode number as files
    5ade5fbdbbb1 eventfs: Fix a possible null pointer dereference in eventfs_find_events()
    cbc4dacaa5b1 NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS
    d6ea0e12befb nfs: fix undefined behavior in nfs_block_bits()
    9191b574d7dc EDAC/igen6: Convert PCIBIOS_* return codes to errnos
    8f84ae504348 EDAC/amd64: Convert PCIBIOS_* return codes to errnos
    0a9007271e3f ALSA: ump: Don't accept an invalid UMP protocol number
    3113ff8e496c ALSA: ump: Don't clear bank selection after sending a program change
    e3ae00ee238b ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
    1c7891812d85 genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()
    aed55acbb929 i3c: master: svc: fix invalidate IBI type and miss call client IBI handler
    e049845096e9 s390/cpacf: Make use of invalid opcode produce a link error
    ab278ff72afc s390/cpacf: Split and rework cpacf query functions
    4c0bfb4e867c s390/ap: Fix crash in AP internal function modify_bitmap()
    b2b685c77ee3 parisc: Define sigset_t in parisc uapi header
    6de4da0f1a5f parisc: Define HAVE_ARCH_HUGETLB_UNMAPPED_AREA
    eea3545abf60 ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat
    1a48d7cf6ee5 ARM: dts: samsung: smdk4412: fix keypad no-autorepeat
    0da0e880b8c7 ARM: dts: samsung: smdkv310: fix keypad no-autorepeat
    f7f84721fd77 riscv: dts: starfive: Remove PMIC interrupt info for Visionfive 2 board
    a95df6f04f2c ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
    b0b47084f5d3 ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow
    3093e586b019 ext4: Fixes len calculation in mpage_journal_page_buffers
    3194771798ef drm/amdkfd: handle duplicate BOs in reserve_bo_and_cond_vms
    58ce0788c75f sparc: move struct termio to asm/termios.h
    5af198c38712 net: fix __dst_negative_advice() race
    ea303a7af85b kdb: Use format-specifiers rather than memset() for padding in kdb_read()
    e00ec562b0e0 kdb: Merge identical case statements in kdb_read()
    958ba65a3590 kdb: Fix console handling when editing and tab-completing commands
    d373d3c633dc kdb: Use format-strings rather than '\0' injection in kdb_read()
    107e825cc448 kdb: Fix buffer overflow during tab-complete
    4c09df400284 wifi: ath10k: fix QCOM_RPROC_COMMON dependency
    f07224c16678 bonding: fix oops during rmmod
    8b732150f2e3 watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin
    766975238305 selftests/mm: fix build warnings on ppc64
    0eb43c377af5 selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages
    c55d3564ad25 mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL
    2eeff6e36cd3 mm: /proc/pid/smaps_rollup: avoid skipping vma after getting mmap_lock again
    cb3ea7684a43 mm/hugetlb: pass correct order_per_bit to cma_declare_contiguous_nid
    f317e97da981 mm/cma: drop incorrect alignment check in cma_init_reserved_mem
    3e64c37fe391 sparc64: Fix number of online CPUs
    35c8cf7b8a71 rtla/timerlat: Fix histogram report when a cpu count is 0
    bb5afc42c42c intel_th: pci: Add Meteor Lake-S CPU support
    8f893e52b9e0 cpufreq: amd-pstate: Fix the inconsistency in max frequency units
    b54d24eb4a67 tpm_tis: Do *not* flush uninitialized work
    19e85d939001 kmsan: do not wipe out origin when doing partial unpoisoning
    99ed145f4611 mm/ksm: fix ksm_zero_pages accounting
    0a82b46a0172 mm/ksm: fix ksm_pages_scanned accounting
    6c1791130b78 net/9p: fix uninit-value in p9_client_rpc()
    400b8fb66c74 net/ipv6: Fix route deleting failure when metric equals 0
    a19b2bc5d0c4 scsi: core: Handle devices which return an unusually large VPD page count
    6d458d0dcca9 HID: i2c-hid: elan: fix reset suspend current leakage
    90dd0592b3b0 i2c: acpi: Unbind mux adapters before delete
    9ee7a77c150b iomap: fault in smaller chunks for non-large folio mappings
    1f3988ca0d7a filemap: add helper mapping_max_folio_size()
    be0ce3f6ffea mm: fix race between __split_huge_pmd_locked() and GUP-fast
    2e083ef23431 kbuild: Remove support for Clang's ThinLTO caching
    c2d443aa1ae3 crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
    d14104360c27 crypto: ecrdsa - Fix module auto-load on add_key
    cc3306fb04b1 crypto: ecdsa - Fix module auto-load on add-key
    a68c0c55fa4c clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs
    9562dbe5cdbb clk: bcm: rpi: Assign ->num before accessing ->hws
    0dc913217fb7 clk: bcm: dvp: Assign ->num before accessing ->hws
    ca6d6d872a8b LoongArch: Override higher address bits in JUMP_VIRT_ADDR
    ae9e39a2fbf5 LoongArch: Add all CPUs enabled by fdt to NUMA node 0
    93ca96f098f8 KVM: arm64: AArch32: Fix spurious trapping of conditional instructions
    5bff951fedac KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
    6660e152e5eb KVM: arm64: Fix AArch32 register narrowing on userspace write
    f79edaf73709 KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked
    bb430ea4ba31 Revert "drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices"
    7bc52dce0732 drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms
    f0c5c944c6d8 9p: add missing locking around taking dentry fid list
    4eff07025c84 drm/amdgpu/atomfirmware: add intergrated info v2.3 table
    b8385ff814ca fbdev: savage: Handle err return when savagefb_check_var failed
    bd2ad553f18c drm/fbdev-generic: Do not set physical framebuffer address
    22d04790d656 mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA
    b5636348f324 mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A
    e000578a3ad3 mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working
    e236bb53fd6b mmc: sdhci-acpi: Sort DMI quirks alphabetically
    d9ae0aa8ff8f mmc: sdhci: Add support for "Tuning Error" interrupts
    c0a16ff432fe mmc: core: Add mmc_gpiod_set_cd_config() function
    7590da4c04dd mmc: davinci: Don't strip remove function when driver is builtin
    a80d1da923f6 media: v4l: async: Fix notifier list entry init
    001b4825c93b media: v4l: async: Don't set notifier's V4L2 device if registering fails
    87100b092462 media: v4l: async: Properly re-initialise notifier entry in unregister
    dde33147c93a media: v4l2-core: hold videodev_lock until dev reg, finishes
    3e7eeba0d345 media: mxl5xx: Move xpt structures off stack
    77c4cd7e0b38 media: mc: mark the media devnode as registered from the, start
    e80d9db99b7b media: mc: Fix graph walk in media_pipeline_start
    2a24da4cf675 arm64: dts: ti: verdin-am62: Set memory size to 2gb
    3f03a4a9e2f5 arm64: dts: hi3798cv200: fix the size of GICR
    ea17c9aeb6c3 arm64: dts: qcom: sc8280xp: add missing PCIe minimum OPP
    4c59282ad9d3 wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path
    50ebdaa25932 wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE
    96e544378e16 wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power
    8539d0b03919 wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU
    7994e88dabcb wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command
    cd2538e5af49 md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING
    f9e0a4ec4b5d arm64: dts: qcom: qcs404: fix bluetooth device address
    49c23519d698 arm64: tegra: Correct Tegra132 I2C alias
    17695c8d5049 ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx
    6a283d64b486 soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request
    0a47ba94ec3d thermal/drivers/qcom/lmh: Check for SCM availability at probe
    3d22872e7740 platform/chrome: cros_ec: Handle events during suspend after resume completion
    0c08b92f9827 proc: Move fdinfo PTRACE_MODE_READ check into the inode .permission operation
    d171c85d74c6 fsverity: use register_sysctl_init() to avoid kmemleak warning
    c5a39f16436a ata: pata_legacy: make legacy_exit() work again
    91d930732554 wifi: rtw89: correct aSIFSTime for 6GHz band
    6479b9f41583 bcache: fix variable length array abuse in btree_iter
    5b0a3dc3e878 drm/amdgpu: add error handle to avoid out-of-bounds
    7d12e918f299 media: lgdt3306a: Add a check against null-pointer-def
    be0155202e43 f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
    2c66a89962a0 drm/sun4i: hdmi: Move mode_set into enable
    8474d4b41617 drm/sun4i: hdmi: Convert encoder to atomic
    68de50dc581c selftests: net: List helper scripts in TEST_FILES Makefile variable
    d7e2ad42a056 selftests: net: included needed helper in the install targets
    a38459118746 selftests/net: synchronize udpgro tests' tx and rx connection
    461db4b51c29 vxlan: Fix regression when dropping packets due to invalid src addresses
    417dbd7be383 mm: ratelimit stat flush from workingset shrinker
    15cc248e7efa erofs: avoid allocating DEFLATE streams before mounting
    184873af8791 mptcp: fix full TCP keep-alive support
    89e11fe49fee mptcp: cleanup SOL_TCP handling
    41089d9c8a45 mptcp: avoid some duplicate code in socket option handling
    0af20700561e riscv: signal: handle syscall restart before get_signal
    9399baa02e4b net: sfp-bus: fix SFP mode detect from bitrate
    ed2d2ead1779 afs: Don't cross .backup mountpoint from backup volume
    b8d50770ec03 mmc: core: Do not force a retune before RPMB switch
    cfa73607eb21 drm/i915/hwmon: Get rid of devm
    140cf97204b5 Linux 6.6.33
    c273cae03895 riscv: stacktrace: fixed walk_stackframe()
    3090c06d50ea riscv: prevent pt_regs corruption for secondary idle threads
    af628d43a822 SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
    c775ffab3e53 f2fs: use f2fs_{err,info}_ratelimited() for cleanup
    4647876e7e4e f2fs: write missing last sum blk of file pinning section
    98ed486436a0 perf sched timehist: Fix -g/--call-graph option failure
    fdc455cd0204 drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible
    2948c1e5d5f4 media: vsp1: Remove unbalanced .s_stream(0) calls
    c353aa21f256 nouveau: report byte usage in VRAM usage.
    d0afcca9ced4 RDMA/bnxt_re: Fix the sparse warnings
    f33052802e3d perf evlist: Add perf_evlist__go_system_wide() helper
    95e33c0f617b perf util: Add a function for replacing characters in a string
    1a705491f35c platform/x86/intel-uncore-freq: Don't present root domain on error
    31729546c144 platform/x86/intel/tpmi: Handle error from tpmi_process_info()
    59f86a290838 genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
    66c92af813bc KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID
    d6873acc3e09 x86/pci: Skip early E820 check for ECAM region
    9dce01f386c9 efi: libstub: only free priv.runtime_map when allocated
    2a2f9b87c477 x86/efistub: Omit physical KASLR when memory reservations exist
    2c95241ac5fc ALSA: timer: Set lower bound of start tick time
    b7c4ef7ba313 ALSA: seq: ump: Fix swapped song position pointer data
    e67cae4255e9 hwmon: (shtc1) Fix property misspelling
    d800e1868f3d hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor
    e0216316828f drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel
    042adfbfe8dc drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel
    442b5ee91a5e drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel
    81c52c0ccc6a powerpc/pseries/lparcfg: drop error message from guest name lookup
    5f1b01a8c8a5 ALSA: seq: Fix yet another spot for system message conversion
    54213c09801e ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
    659ef6fd4934 net: ena: Fix redundant device NUMA node override
    26668c2d449d net: ena: Reduce lines with longer column width boundary
    f826701d02f8 net: dsa: microchip: fix RGMII error in KSZ DSA driver
    2c2e3247e898 spi: stm32: Don't warn about spurious interrupts
    db9312853608 kheaders: use `command -v` to test for existence of `cpio`
    0b01a41e2ce4 drm/i915/gt: Fix CCS id's calculation for CCS mode setting
    d154613d2b3d drm/i915/guc: avoid FIELD_PREP warning
    2b6e818fc609 kconfig: fix comparison to constant symbols, 'm', 'n'
    b939d1e04a90 net/sched: taprio: extend minimum interval restriction to entire cycle too
    aa311596411b net/sched: taprio: make q->picos_per_byte available to fill_sched_entry()
    61134e41db23 netfilter: nft_fib: allow from forward/input without iif selector
    570b4c52096e netfilter: tproxy: bail out if IP has been disabled on the device
    c4f77480e569 netfilter: nft_payload: skbuff vlan metadata mangle support
    75bc6bc559b9 net: ti: icssg-prueth: Fix start counter for ft1 filter
    4448b5eaab86 ALSA: seq: Don't clear bank selection at event -> UMP MIDI2 conversion
    5c3df8c4f45b ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion
    562f8862baea selftests: mptcp: join: mark 'fail' tests as flaky
    99ac814eb13f selftests: mptcp: add ms units for tc-netem delay
    052c9f0c140c selftests: mptcp: simult flows: mark 'unbalanced' tests as flaky
    71e61511c3a5 ice: fix accounting if a VLAN already exists
    98101ca23a35 net: micrel: Fix lan8841_config_intr after getting out of sleep mode
    f0c58df7719f net:fec: Add fec_enet_deinit()
    000a65bf1dc0 bpf: Allow delete from sockmap/sockhash only if update is allowed
    5da6d51d4837 ASoC: cs42l43: Only restrict 44.1kHz for the ASP
    ec361a0ffc33 net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
    208d04341c8f Octeontx2-pf: Free send queue buffers incase of leaf to inner
    ac325c7f8944 af_unix: Read sk->sk_hash under bindlock during bind().
    302fe8dd147b af_unix: Annotate data-race around unix_sk(sk)->addr.
    f6638e955ca0 enic: Validate length of nl attributes in enic_set_vf_port
    07bbe6668e1e ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp
    cb9c2bd4ec8c ALSA: core: Remove debugfs at disconnection
    b26e0fa2cf8c ALSA: jack: Use guard() for locking
    f58eec14685a bpf: Fix potential integer overflow in resolve_btfids
    a4ee78244445 dma-buf/sw-sync: don't enable IRQ from sync_print_obj()
    de1a0a2d9db8 net/mlx5e: Fix UDP GSO for encapsulated packets
    33933f006d2e net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion
    aa60de63fdd1 net/mlx5e: Fix IPsec tunnel mode offload feature check
    b0a15cde37a8 net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules
    fb035aa9a3f8 net/mlx5: Fix MTMP register capability offset in MCAM register
    e5bdf4eeeb1d net/mlx5: Lag, do bond only if slaves agree on roce state
    07327fcbec97 net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061
    dedc1dfaa6df drm/amd/display: Enable colorspace property for MST connectors
    ca3b4293dcca nvmet: fix ns enable/disable possible hang
    36989c682505 nvme-multipath: fix io accounting on failover
    87d78f7eb76b nvme-tcp: add definitions for TLS cipher suites
    5a91116b0031 dma-mapping: benchmark: handle NUMA_NO_NODE correctly
    34a816d8735f dma-mapping: benchmark: fix node id validation
    856dc7eb7fbc dma-mapping: benchmark: fix up kthread-related error handling
    a9da6ddaef9e kthread: add kthread_stop_put
    1b5234b2241a spi: Don't mark message DMA mapped when no transfer in it is
    0889e6f20986 netfilter: nft_payload: restore vlan q-in-q match support
    5278e4354a5b netfilter: ipset: Add list flush to cancel_gc
    8f365564af89 netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()
    1547183852dc tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer
    ad4b202da2c4 tracing/probes: fix error check in parse_btf_field()
    c3e439cb04cf kasan, fortify: properly rename memintrinsics
    d346e1475703 ice: Interpret .set_channels() input differently
    e155741ec4f5 drivers/xen: Improve the late XenStore init protocol
    46e72ebc6b35 nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
    87bdc9f6f58b net: relax socket state check at accept time.
    ab67c2fd3d07 tls: fix missing memory barrier in tls_init
    d470a8090476 net: fec: avoid lock evasion when reading pps_enable
    11f1fb814994 Revert "ixgbe: Manual AN-37 for troublesome link partners for X550 SFI"
    20da5bfd669b i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame
    3dc730aa1b1e i3c: master: svc: return actual transfer data len
    46fb7121fc42 i3c: master: svc: rename read_len as actual_len
    fe52ab31f050 i3c: add actual_len in i3c_priv_xfer
    04207a9c64e0 virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
    7871f32b4564 net: lan966x: Remove ptp traps in case the ptp is not enabled.
    c5caa03d86a7 rv: Update rv_en(dis)able_monitor doc to match kernel-doc
    9f2ad88f9b34 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
    69c47b3763af openvswitch: Set the skbuff pkt_type for proper pmtud support.
    ae08aea3f517 pNFS/filelayout: fixup pNfs allocation modes
    02261d3f9dc7 tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
    ef633ecb5452 regulator: tps6594-regulator: Correct multi-phase configuration
    0e44d6cbe8de ipv6: sr: fix memleak in seg6_hmac_init_algo
    d59ae9314b97 af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock.
    35db7c9d01d9 regulator: tps6287x: Force writing VSEL bit
    f46695d3b08e regulator: pickable ranges: don't always cache vsel
    706dff4ff7a4 rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL
    f3a8f8670fa6 sunrpc: fix NFSACL RPC retry on soft mount
    511811a7d39c nfs: keep server info for remounts
    0d317bcf81a1 NFSv4: Fixup smatch warning for ambiguous return
    57847c2ec5fb ASoC: tas2781: Fix wrong loading calibrated data sequence
    92503b5caab6 ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
    e53a7f8afcbd nfc: nci: Fix uninit-value in nci_rx_work
    f354dc8c7d32 selftests: net: kill smcrouted in the cleanup logic in amt.sh
    f4df8c7670a7 ipv6: sr: fix missing sk_buff release in seg6_input_core
    521d21fa65cb net: Always descend into dsa/ folder with CONFIG_NET_DSA enabled
    1d95dbaa6ee7 x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y
    3a487e3cab05 perf/arm-dmc620: Fix lockdep assert in ->event_init()
    01f5809c78e6 xen/x86: add extra pages to unpopulated-alloc if available
    d08e87998339 regulator: bd71828: Don't overwrite runtime voltages
    b1bee9931287 blk-cgroup: Properly propagate the iostat update up the hierarchy
    714e59b5456e blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
    d4a60298ac34 blk-cgroup: fix list corruption from resetting io stat
    3652ac87c993 drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations
    6446c1ca2dd2 nouveau: add an ioctl to report vram usage
    929eaf32dde4 nouveau: add an ioctl to return vram bar size.
    38c2fd9aeddc ASoC: mediatek: mt8192: fix register configuration for tdm
    9054c474f9c2 ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance
    f95fde17ed53 ALSA: hda: cs35l56: Initialize all ASP1 registers
    3fd715d61716 ASoC: cs35l56: Fix to ensure ASP1 registers match cache
    6e359be49750 ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup
    1b5cfb411b73 null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
    2d062f7468c8 ASoC: tas2781: Fix a warning reported by robot kernel test
    a1955a6df913 drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails
    2a09eb7e36cc selftests/powerpc/dexcr: Add -no-pie to hashchk tests
    6ead3eccf67b drm: zynqmp_dpsub: Always register bridge
    f33888b9b686 Revert "drm/bridge: ti-sn65dsi83: Fix enable error path"
    89af84e6514a media: cec: core: avoid confusing "transmit timed out" message
    1af4790bc117 media: cec: core: avoid recursive cec_claim_log_addrs
    cceda163b711 media: cec: cec-api: add locking in cec_release()
    8f40b92f5480 media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
    75aafce64a3a media: sunxi: a83-mips-csi2: also select GENERIC_PHY
    24b9362c9fa5 cxl/region: Fix cxlr_pmem leaks
    d5ac654babea cxl/trace: Correct DPA field masks for general_media & dram events
    8a328396a5fb um: Fix the declaration of kasan_map_memory
    a5cd85608738 um: Fix the -Wmissing-prototypes warning for get_thread_reg
    59e34e390cfd um: Fix the -Wmissing-prototypes warning for __switch_mm
    adb1c558c610 powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp
    3d50e4cef2e6 media: flexcop-usb: fix sanity check of bNumEndpoints
    408facc7965e platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit()
    ec653f4474d7 tools/arch/x86/intel_sdsi: Fix meter_certificate decoding
    8af4923b045b tools/arch/x86/intel_sdsi: Fix meter_show display
    42adfac5d2c7 tools/arch/x86/intel_sdsi: Fix maximum meter bundle length
    c73d3273272b media: mediatek: vcodec: fix possible unbalanced PM counter
    f29a42642069 media: mediatek: vcodec: add encoder power management helper functions
    19bd9537b6bc drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode()
    bdd5bbe96782 drm/amdgpu: init microcode chip name from ip versions
    a4c638ab2578 Input: cyapa - add missing input core locking to suspend/resume functions
    d410017a7181 media: stk1160: fix bounds checking in stk1160_copy_video()
    3fe7b95312b3 drm/bridge: tc358775: fix support for jeida-18 and jeida-24
    873f67699114 drm/msm/dpu: Add callback function pointer check before its call
    04c2fca45506 drm/msm/dpu: stop using raw IRQ indices in the kernel output
    3bbe257c466f drm/msm/dpu: make the irq table size static
    a70ce2bb1d46 drm/msm/dpu: add helper to get IRQ-related data
    186a82662d13 drm/msm/dpu: extract dpu_core_irq_is_valid() helper
    50cf1608f184 drm/msm/dpu: remove irq_idx argument from IRQ callbacks
    1fe1c9dc21ee fs/ntfs3: Use variable length array instead of fixed size
    109d85a98345 fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow
    6c8054d59066 fs/ntfs3: Check 'folio' pointer for NULL
    92ce7359f988 um: vector: fix bpfflash parameter evaluation
    434a06c38ee1 um: Add winch to winch_handlers before registering winch IRQ
    e98f29bf0b5f um: Fix return value in ubd_init()
    900d54bced61 drm/meson: gate px_clk when setting rate
    22432baba48a drm/mediatek: dp: Fix mtk_dp_aux_transfer return value
    3f388ca6a434 drm/msm/dpu: Always flush the slave INTF on the CTL
    01d8692b0c34 drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk
    755575a42c4f media: ov2680: Do not fail if data-lanes property is absent
    08754dd758d5 media: ov2680: Allow probing if link-frequencies is absent
    a7e0a70ac6d3 media: ov2680: Clear the 'ret' variable on success
    9a496f7d1828 media: v4l: Don't turn on privacy LED if streamon fails
    35556d0e1c61 media: v4l2-subdev: Document and enforce .s_stream() requirements
    4031c57f024a Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
    063d89156f2d mmc: sdhci_am654: Fix ITAPDLY for HS400 timing
    2b8d2a6e5363 mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock
    3433a340630e mmc: sdhci_am654: Add OTAP/ITAP delay enable
    3525baf3a929 mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel
    fa9a2c696ad1 mmc: sdhci_am654: Write ITAPDLY for DDR52 timing
    57205cf9c18a mmc: sdhci_am654: Add tuning algorithm for delay chain
    b003b8c15cbb Input: ims-pcu - fix printf string overflow
    69f245b86cef dt-bindings: adc: axi-adc: add clocks property
    a291998f8a09 dt-bindings: adc: axi-adc: update bindings for backend framework
    51a2049a2c08 eventfs: Have "events" directory get permissions from its parent
    281eaee393c7 eventfs: Free all of the eventfs_inode after RCU
    14aa4f3efc6e eventfs/tracing: Add callback for release of an eventfs_inode
    e5c80b23523b eventfs: Create eventfs_root_inode to store dentry
    11244a432850 serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
    f0eb53ffd8d9 serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
    c6fecd07435f misc/pvpanic-pci: register attributes via pci_driver
    e9194a954c44 misc/pvpanic: deduplicate common code
    f68f3e3f5c9c iio: accel: mxc4005: Reset chip on probe() and resume()
    43424f70535b iio: accel: mxc4005: allow module autoloading via OF compatible
    e26405d5b266 eventfs: Do not differentiate the toplevel events directory
    64a9a930afe9 drm/amd/display: Revert Remove pixle rate limit for subvp
    242f11be47ab drm/amd/display: Remove pixle rate limit for subvp
    cb9f455e27ed gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match
    b3b8ba37529c dt-bindings: PCI: rockchip,rk3399-pcie: Add missing maxItems to ep-gpios
    916cf5d6ae97 s390/boot: Remove alt_stfle_fac_list from decompressor
    2102692eb23f s390/ipl: Fix incorrect initialization of nvme dump block
    b34ea5b97561 s390/ipl: Fix incorrect initialization of len fields in nvme reipl block
    2028823f1d71 s390/vdso: Use standard stack frame layout
    0e035cb818c5 s390/vdso: Create .build-id links for unstripped vdso files
    07423c9b4375 kbuild: fix build ID symlinks to installed debug VDSO files
    adacfc6dec4c kbuild: unify vdso_install rules
    a422869153dd s390/vdso: Generate unwind information for C modules
    6bd72dd0f70c s390/vdso64: filter out munaligned-symbols flag for vdso
    379ec9d95c89 LoongArch: Fix callchain parse error with kernel tracepoint events again
    5af155f9b168 perf pmu: Count sys and cpuid JSON events separately
    4ac93db3dd4d perf pmu: Assume sysfs events are always the same case
    930e16ac95b0 perf tools: Add/use PMU reverse lookup from config to name
    923b83bc8692 perf tools: Use pmus to describe type from attribute
    c5aaeae250d3 perf pmu: "Compat" supports regular expression matching identifiers
    f989dc009070 perf pmu: Move pmu__find_core_pmu() to pmus.c
    d37e53e8c826 perf test: Add a test for strcmp_cpuid_str() expression
    a46c6144117a perf stat: Don't display metric header for non-leader uncore events
    7723485af6de usb: fotg210: Add missing kernel doc description
    f0cdc3e248e3 f2fs: fix to add missing iput() in gc_data_segment()
    1003d16ea271 perf daemon: Fix file leak in daemon_session__control
    c546fef47cd5 libsubcmd: Fix parse-options memory leak
    70d6dca40318 serial: sh-sci: protect invalidating RXDMA on shutdown
    9f9341064a9b f2fs: compress: don't allow unaligned truncation on released compress inode
    8d2fc8ae670a f2fs: fix to release node block count in error path of f2fs_new_node_page()
    329edb7c9e3b f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock
    81c975902b15 f2fs: compress: fix error path of inc_valid_block_count()
    b8a742a8bd6d f2fs: introduce get_available_block_count() for cleanup
    5f8e5a096e2b f2fs: deprecate io_bits
    92b24f04d3e5 f2fs: compress: fix to update i_compr_blocks correctly
    9ec45f857a01 perf symbols: Fix ownership of string in dso__load_vmlinux()
    c3cc46563103 perf maps: Move symbol maps functions to maps.c
    c5314cfa9287 perf thread: Fixes to thread__new() related to initializing comm
    9029a775f0d7 perf report: Avoid SEGV in report__setup_sample_type()
    e50576c7e61f perf ui browser: Avoid SEGV on title
    6902179a415a f2fs: fix block migration when section is not aligned to pow2
    40d76c393cca f2fs: support file pinning for zoned devices
    066cec37094d f2fs: kill heap-based allocation
    61330214b227 f2fs: separate f2fs_gc_range() to use GC for a range
    f0248ba6b640 f2fs: use BLKS_PER_SEG, BLKS_PER_SEC, and SEGS_PER_SEC
    42d48304f64e f2fs: support printk_ratelimited() in f2fs_printk()
    6496d63a1641 f2fs: Clean up errors in segment.h
    e02a267a69aa PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
    84ae90ba37c1 PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
    787b7ddf434f dt-bindings: spmi: hisilicon,hisi-spmi-controller: fix binding references
    913a00ec6b09 extcon: max8997: select IRQ_DOMAIN instead of depending on it
    a8860002cae5 perf ui browser: Don't save pointer to stack memory
    88b88dd7d8c2 perf bench internals inject-build-id: Fix trap divide when collecting just one DSO
    cd99864e1f7f i2c: synquacer: Fix an error handling path in synquacer_i2c_probe()
    bb220136ae51 i2c: cadence: Avoid fifo clear after start
    ec3468221efe ppdev: Add an error check in register_device
    b596340b8552 ppdev: Remove usage of the deprecated ida_simple_xx() API
    370c480410f6 stm class: Fix a double free in stm_register_device()
    4e125b96e333 usb: gadget: u_audio: Clear uac pointer when freed.
    453d3fa9266e usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.
    9eb15f24a0b9 dmaengine: idxd: Avoid unnecessary destruction of file_ida
    4ef5468e84d5 dt-bindings: phy: qcom,usb-snps-femto-v2: use correct fallback for sc8180x
    6357221b68e0 dt-bindings: phy: qcom,sc8280xp-qmp-ufs-phy: fix msm899[68] power-domains
    dc14f0a2c61b watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe()
    d47f51eb1fc3 watchdog: bd9576: Drop "always-running" property
    9b1c063ffc07 watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
    cd283810f6ae pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs
    dedf17b3af39 dt-bindings: pinctrl: mediatek: mt7622: fix array properties
    6954ae017718 VMCI: Fix an error handling path in vmci_guest_probe_device()
    b5f31d1470c4 PCI: of_property: Return error for int_map allocation failure
    97ba21401b89 ovl: remove upper umask handling from ovl_create_upper()
    034968dbd867 leds: pwm: Disable PWM when going to suspend
    a10c3d5ff9a3 pwm: Rename pwm_apply_state() to pwm_apply_might_sleep()
    6bb1efff9b17 perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer)
    0053891e2f4f PCI: Wait for Link Training==0 before starting Link retrain
    65ce3fad7d59 microblaze: Remove early printk call from cpuinfo-static.c
    6240bd8981c6 microblaze: Remove gcc flag for non existing early_printk.c file
    a758e99cd644 udf: Convert udf_expand_file_adinicb() to use a folio
    7745b1b785aa udf: Remove GFP_NOFS allocation in udf_expand_file_adinicb()
    4d7d12b643c0 fpga: region: add owner module and take its refcount
    0bd22a4966d5 vfio/pci: fix potential memory leak in vfio_intx_enable()
    e642622550c8 i915: make inject_virtual_interrupt() void
    bb6f7de21d4c coresight: etm4x: Fix access to resource selector registers
    3840a3f37a67 coresight: etm4x: Safe access for TRCQCLTR
    0c575997dee0 coresight: etm4x: Do not save/restore Data trace control registers
    42f016cd8593 coresight: etm4x: Do not hardcode IOMEM access for register restore
    720d27664d7c iio: adc: adi-axi-adc: only error out in major version mismatch
    d3513f1261a0 iio: adc: adi-axi-adc: move to backend framework
    184b2967d578 iio: adc: ad9467: convert to backend framework
    5fc4f0c01cb2 iio: add the IIO backend framework
    e1fc56c40068 iio: buffer-dmaengine: export buffer alloc and free functions
    b70042e4dc7f iio: adc: adi-axi-adc: convert to regmap
    864b42f8b3f3 iio: adc: ad9467: use chip_info variables instead of array
    a679a40bd2ec iio: adc: ad9467: use spi_get_device_match_data()
    08f5bd2032c0 iio: pressure: dps310: support negative temperature values
    d3ced099f31d perf test shell arm_coresight: Increase buffer size for Coresight basic tests
    e61cb35f56f9 perf docs: Document bpf event modifier
    0688c4f7c5e8 coresight: etm4x: Fix unbalanced pm_runtime_enable()
    1083681ea208 riscv: dts: starfive: visionfive 2: Remove non-existing TDM hardware
    1145fda91f70 iio: adc: stm32: Fixing err code to not indicate success
    f84122681853 f2fs: fix to check pinfile flag in f2fs_move_file_range()
    5632bdb4e9be f2fs: fix to relocate check condition in f2fs_fallocate()
    116d824f953a f2fs: compress: fix to relocate check condition in f2fs_ioc_{,de}compress_file()
    1d59aa23a3fa f2fs: compress: fix to relocate check condition in f2fs_{release,reserve}_compress_blocks()
    ff9504c045b5 perf bench uprobe: Remove lib64 from libc.so.6 binary path
    f56632928a6d dt-bindings: PCI: rcar-pci-host: Add missing IOMMU properties
    479e4daae636 dt-bindings: PCI: rcar-pci-host: Add optional regulators
    829afc132f63 perf record: Fix debug message placement for test consumption
    aa4158e31612 perf record: Move setting tracking events before record__init_thread_masks()
    e024e98e81f9 perf evlist: Add evlist__findnew_tracking_event() helper
    28a50a15d1b8 perf tests: Apply attributes to all events in object code reading test
    fca6659b4edc perf tests: Make "test data symbol" more robust on Neoverse N1
    bf386f268b29 arm64: dts: meson: fix S4 power-controller node
    e21a398d22e6 interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment
    28f5a08600d0 module: don't ignore sysfs_create_link() failures
    3431d265eab2 serial: sc16is7xx: add proper sched.h include for sched_set_fifo()
    967cb01d0a80 PCI: tegra194: Fix probe path for Endpoint mode
    46c6fc133dc1 greybus: arche-ctrl: move device table to its right location
    749603af8faa serial: max3100: Fix bitwise types
    e8a10089eddb serial: max3100: Update uart_driver_registered on driver removal
    93df2fba6c7d serial: max3100: Lock port->lock when calling uart_handle_cts_change()
    73c6ddb499bb perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline()
    80e06e547d42 perf annotate: Use global annotation_options
    1157abdc2e03 perf top: Convert to the global annotation_options
    e0af85d60b7a perf report: Convert to the global annotation_options
    dfd02119aef9 perf annotate: Introduce global annotation_options
    260de04387c0 perf annotate: Split branch stack cycles information out of 'struct annotation_line'
    4ddf437cae2c perf machine thread: Remove exited threads by default
    7adc363bc29e perf record: Lazy load kernel symbols
    1f428149492f firmware: dmi-id: add a release callback function
    59767d1e3019 dmaengine: idma64: Add check for dma_set_max_seg_size
    7eeef1e935d2 soundwire: cadence: fix invalid PDI offset
    6ee4ad5dfb15 perf stat: Do not fail on metrics on s390 z/VM systems
    32f615e0a580 usb: typec: ucsi: simplify partner's PD caps registration
    ad864c123b7a usb: typec: ucsi: always register a link to USB PD device
    1ec229afd45c perf annotate: Get rid of duplicate --group option item
    30dc493b8195 counter: linux/counter.h: fix Excess kernel-doc description warning
    d7c4081c54a1 fpga: bridge: add owner module and take its refcount
    2da62a139a62 fpga: manager: add owner module and take its refcount
    4b3609e6c805 f2fs: fix to wait on page writeback in __clone_blkaddrs()
    2b2611a42462 f2fs: multidev: fix to recognize valid zero block address
    ac12df6b9729 phy: qcom: qmp-combo: fix duplicate return in qmp_v4_configure_dp_phy
    518e2c46b5db greybus: lights: check return of get_channel_from_mode
    fe92a949b264 iio: core: Leave private pointer NULL when no private data supplied
    5c53a28ab253 perf probe: Add missing libgen.h header needed for using basename()
    834e603dbe28 perf record: Delete session after stopping sideband thread
    2f593fd9d3cc net: wangxun: fix to change Rx features
    941e1c6d8683 sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write()
    4d9d099ab291 sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level
    ee3577c5d33c af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
    f28bdc2ee5d9 netrom: fix possible dead-lock in nr_rt_ioctl()
    57fa96c04ef9 net: qrtr: ns: Fix module refcnt
    4488617e5e99 net: bridge: mst: fix vlan use-after-free
    76282afa17e9 selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval
    1abb37114790 net: bridge: xmit: make sure we have at least eth header len bytes
    00ea83bfb496 modules: Drop the .export_symbol section from the final modules
    4aa2d5fd7ee0 tracing/user_events: Fix non-spaced field matching
    4c40e1b76e6e tracing/user_events: Prepare find/delete for same name events
    2fc3d0ac097b tracing/user_events: Allow events to persist for perfmon_capable users
    3eb127dc408b RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw
    e011ea687f2f RDMA/IPoIB: Fix format truncation compilation errors
    382494aa8881 selftests/kcmp: remove unused open mode
    c1d8c429e4d2 SUNRPC: Fix gss_free_in_token_pages()
    a658f011d89d bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
    29feea56dedf RDMA/bnxt_re: Adds MSN table capability for Gen P7 adapters
    9a54460b3394 RDMA/bnxt_re: Update the HW interface definitions
    e300b1b95c93 RDMA/bnxt_re: Remove roundup_pow_of_two depth for all hardware queue resources
    f52e649e933a RDMA/bnxt_re: Refactor the queue index update
    0b0d5701a8bf of: module: add buffer overflow check in of_modalias()
    370a86dc97ef ext4: remove the redundant folio_wait_stable()
    07fa88b0f340 ext4: fix potential unnitialized variable
    f4fb561d52e1 sunrpc: removed redundant procp check
    e873f36ec890 drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()
    d5c75ededb2d virt: acrn: stop using follow_pfn
    c7cca4c61f44 ext4: avoid excessive credit estimate in ext4_tmpfile()
    caaee1b858c2 x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS
    3d22be008bd1 x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map
    6973cb78f0ca clk: qcom: mmcc-msm8998: fix venus clock issue
    631c54f07d78 clk: qcom: dispcc-sm8550: fix DisplayPort clocks
    e91d89de5e71 clk: qcom: dispcc-sm6350: fix DisplayPort clocks
    7ef714778dd0 clk: qcom: dispcc-sm8450: fix DisplayPort clocks
    65e528a69cb3 lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure
    6d06fc4edfb0 clk: renesas: r9a07g043: Add clock and reset entry for PLIC
    6c7455605a30 clk: renesas: r8a779a0: Fix CANFD parent clock
    8696be3a5f66 IB/mlx5: Use __iowrite64_copy() for write combining stores
    03ff3e23adca RDMA/rxe: Fix incorrect rxe_put in error path
    13c7bb72d372 RDMA/rxe: Allow good work requests to be executed
    21b4c6d4d890 RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt
    63cbb3e7044f clk: qcom: clk-alpha-pll: remove invalid Stromer register offset
    1a91f05ca280 clk: rs9: fix wrong default value for clock amplitude
    dd4b239184ee clk: mediatek: mt8365-mm: fix DPI0 parent
    6f541a89ced8 RDMA/hns: Modify the print level of CQE error
    571f79eb1aae RDMA/hns: Use complete parentheses in macros
    b7f2f6d227ce RDMA/hns: Fix GMV table pagesize
    63da190eeb5c RDMA/hns: Fix UAF for cq async event
    22c915af31bd RDMA/hns: Fix deadlock on SRQ async events.
    db415a39ffdb RDMA/hns: Fix return value in hns_roce_map_mr_sg
    6b4f69399291 iommu: Undo pasid attachment only for the devices that have succeeded
    888b03fcd122 clk: mediatek: pllfh: Don't log error for missing fhctl node
    499569c8ab7f RDMA/mlx5: Adding remote atomic access flag to updatable flags
    5880d8ca57d5 RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent
    73c5f64cfa85 clk: samsung: exynosautov9: fix wrong pll clock id value
    205b6dd5b799 media: cadence: csi2rx: configure DPHY before starting source stream
    6040fcea4605 drm/edid: Parse topology block for all DispID structure v1.x
    b4c508666981 drm/rockchip: vop2: Do not divide height twice for YUV
    4b3421c2f6f8 media: uvcvideo: Add quirk for Logitech Rally Bar
    dda6efae161d drm/mipi-dsi: use correct return type for the DSC functions
    04b001fa8b79 drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector
    bd4fb19e33c8 drm/bridge: anx7625: Update audio status while detecting
    587acea97512 drm/panel: novatek-nt35950: Don't log an error when DSI host can't be found
    7962ae5aadd5 drm/bridge: dpc3433: Don't log an error when DSI host can't be found
    52334bb44f10 drm/bridge: tc358775: Don't log an error when DSI host can't be found
    30cb32c7ec5e drm/bridge: lt9611uxc: Don't log an error when DSI host can't be found
    ae2ac0aef901 drm/bridge: lt9611: Don't log an error when DSI host can't be found
    95b5eba76efe drm/bridge: lt8912b: Don't log an error when DSI host can't be found
    95f959193c32 drm/bridge: icn6211: Don't log an error when DSI host can't be found
    4486576578db drm/bridge: anx7625: Don't log an error when DSI host can't be found
    656fb206aee2 ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
    42c22b63056c drm: vc4: Fix possible null pointer dereference
    335cc45ef2b8 drm/arm/malidp: fix a possible null pointer dereference
    cc20c87b04db media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries
    1cc6b956ad36 fbdev: sh7760fb: allow modular build
    983e91ad759e media: v4l2-subdev: Fix stream handling for crop API
    c1a3803e5bb9 media: i2c: et8ek8: Don't strip remove function when driver is builtin
    dd271f136601 media: dt-bindings: ovti,ov2680: Fix the power supply names
    db572c397399 media: ipu3-cio2: Request IRQ earlier
    525be5dc8ee0 drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected
    554484e46383 drm/msm/dp: allow voltage swing / pre emphasis of 3
    dcf53e6103b2 drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
    0f070f0c3b54 media: radio-shark2: Avoid led_names truncations
    d8076c9e02bb media: rcar-vin: work around -Wenum-compare-conditional warning
    f987b53c28eb media: ngene: Add dvb_ca_en50221_init return value check
    750e384b9b7b ASoC: Intel: avs: Test result of avs_get_module_entry()
    a1780d8a7c26 ASoC: Intel: avs: Fix potential integer overflow
    7976b78631ee ASoC: Intel: avs: Fix ASRC module initialization
    c81b6d64962a selftests: cgroup: skip test_cgcore_lesser_ns_open when cgroup2 mounted without nsdelegate
    be84945440c9 fbdev: sisfb: hide unused variables
    28049d5a74a8 ASoC: SOF: Intel: mtl: Implement firmware boot state check
    f0bf72d1b49e ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed
    02be4ce0d0be ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails
    6bdadbee34d9 ASoC: SOF: Intel: lnl: Correct rom_status_reg
    8aeb3dc8b3cd ASoC: SOF: Intel: mtl: Correct rom_status_reg
    368017b1bff7 ASoC: SOF: Intel: pci-mtl: fix ARL-S definitions
    1ef8f0b414ce ASoC: SOF: Intel: pci-mtl: use ARL specific firmware definitions
    46c15b7130fe ASoC: Intel: common: add ACPI matching tables for Arrow Lake
    f0b4617d80c3 powerpc/fsl-soc: hide unused const variable
    af26ea99019c drm/mediatek: Add 0 size check to mtk_drm_gem_obj
    d5689998a093 drm/meson: vclk: fix calculation of 59.94 fractional rates
    1a7254525ca7 ASoC: kirkwood: Fix potential NULL dereference
    4a1dc9721275 fbdev: shmobile: fix snprintf truncation
    87b8dca6e06f ASoC: mediatek: Assign dummy when codec not specified for a DAI link
    9ceb5bd746e1 mtd: rawnand: hynix: fixed typo
    adbd5da08ec6 mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add()
    a6498eac492b ASoC: Intel: avs: ssm4567: Do not ignore route checks
    48f3fe137323 ASoC: Intel: Disable route checks for Skylake boards
    4e8c8b37ee84 drm/amd/display: Fix potential index out of bounds in color transformation function
    859da9472b4f drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD doesn't assert
    9429b12dfcbd drm/dp: Don't attempt AUX transfers when eDP panels are not powered
    e71399aa6ce1 drm/lcdif: Do not disable clocks on already suspended hardware
    fc49f4d1a15f dev_printk: Add and use dev_no_printk()
    34d80802cb8e printk: Let no_printk() use _printk()
    5fdc39e02494 drm/omapdrm: Fix console with deferred ops
    c00e8fd74950 fbdev: Provide I/O-memory helpers as module
    e79f933ad162 drm/omapdrm: Fix console by implementing fb_dirty
    ec1723175a5f drm/ci: update device type for volteer devices
    aa03f049d453 drm/ci: add subset-1-gfx to LAVA_TAGS and adjust shards
    101bbe559da5 drm/ci: uprev mesa version: fix container build & crosvm
    45755ef11f03 drm/bridge: Fix improper bridge init order with pre_enable_prev_first
    5af2e235b0d5 Bluetooth: HCI: Remove HCI_AMP support
    75d7ac5e225e Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS
    0a8af30a8672 Bluetooth: Remove usage of the deprecated ida_simple_xx() API
    f03d3322a785 Bluetooth: ISO: Fix BIS cleanup
    dfde465d8907 Bluetooth: qca: Fix error code in qca_read_fw_build_info()
    e231034377bc Bluetooth: compute LE flow credits based on recvbuf space
    3ddf170e4a60 net: micrel: Fix receiving the timestamp in the frame for lan8841
    5f9d2dcf7130 mptcp: SO_KEEPALIVE: fix getsockopt support
    d38625f71950 net: fec: remove .ndo_poll_controller to avoid deadlocks
    965d940fb741 ax25: Fix reference count leak issue of net_device
    38eb01edfdaa ax25: Fix reference count leak issues of ax25_dev
    39da6f09e110 ax25: Use kernel universal linked list to implement ax25_dev_list
    a1bf04458311 riscv, bpf: make some atomic operations fully ordered
    46f17e7d4fb5 s390/bpf: Emit a barrier for BPF_FETCH instructions
    1337ec94bc5a net/mlx5: Discard command completions in internal error
    f9caccdd42e9 net/mlx5: Add a timeout to acquire the command queue semaphore
    e93fc8d959e5 net/mlx5: Reload only IB representors upon lag disable/enable
    66a5f6e09c63 net/mlx5: Enable 4 ports multiport E-switch
    3398a40dccb8 ipv6: sr: fix invalid unregister error path
    6c6b74edc911 ipv6: sr: fix incorrect unregister order
    58fd673b0532 ipv6: sr: add missing seg6_local_exit
    78741b4caae1 net: openvswitch: fix overwriting ct original tuple for ICMPv6
    108ec8bf6483 net: usb: smsc95xx: stop lying about skb->truesize
    0688d4e499be af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
    8f6f82d6a205 net: ethernet: cortina: Locking fixes
    1ebaa96f97cd selftests: net: move amt to socat for better compatibility
    9d601b81f1fc selftests: net: add missing config for amt.sh
    229d4a32b53e selftests: net: add more missing kernel config
    5de5aeb98f9a eth: sungem: remove .ndo_poll_controller to avoid deadlocks
    11dd90c11ad0 net: ipv6: fix wrong start position when receive hop-by-hop fragment
    68d38724cf53 m68k: mac: Fix reboot hang on Mac IIci
    f3baf0f4f92a m68k: Fix spinlock race in kernel thread creation
    979d764ebdcd net: usb: sr9700: stop lying about skb->truesize
    80cb2f61a613 usb: aqc111: stop lying about skb->truesize
    18f59aab33bc HID: amd_sfh: Handle "no sensors" in PM operations
    9d08e7fd44ca wifi: mwl8k: initialize cmd->addr[] properly
    db9214833e58 x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks()
    4c62c6c8a006 kernel/numa.c: Move logging out of numa.h
    0d5cfcede0c9 scsi: qla2xxx: Fix debugfs output for fw_resource_count
    563e60927592 scsi: qedf: Ensure the copied buf is NUL terminated
    204714e68015 scsi: bfa: Ensure the copied buf is NUL terminated
    5386f6734dbc HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
    c3ae972a22f2 selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect
    1ec7ccb4cd4b kunit: Fix kthread reference
    2d43d30aafb8 selftests: default to host arch for LLVM builds
    381079197e80 selftests/resctrl: fix clang build failure: use LOCAL_HDRS
    3af6ed233a60 selftests/binderfs: use the Makefile's rules, not Make's implicit rules
    ed74398642fc wifi: nl80211: Avoid address calculations via out of bounds array indexing
    166c9d2eef74 libbpf: Fix error message in attach_kprobe_multi
    35e001ce8492 wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset
    bdd2255fcfe5 wifi: mt76: mt7603: fix tx queue of loopback packets
    1f29d8571fa1 Revert "sh: Handle calling csum_partial with misaligned data"
    78a12934b721 sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe()
    6675c541f540 bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
    b33a81e4ecfb wifi: ar5523: enable proper endpoint verification
    39f8a29330f4 bpf: Fix verifier assumptions about socket->sk
    62eb07923f36 wifi: carl9170: add a proper sanity check for endpoints
    d43a8c7ec084 macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"
    7a44f4944b05 net: give more chances to rcu in netdev_wait_allrefs_any()
    a7678a16c25b drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()
    be1fa711e59c drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group
    8e9aab249217 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
    a80814fe9181 pwm: sti: Simplify probe function using devm functions
    cedd7e536935 pwm: sti: Prepare removing pwm_chip from driver data
    00bb933578ac tcp: avoid premature drops in tcp_add_backlog()
    a47027919d69 net: dsa: mv88e6xxx: Avoid EEPROM timeout without EEPROM on 88E6250-family switches
    d1e3dc19d50f net: dsa: mv88e6xxx: Add support for model-specific pre- and post-reset handlers
    d0e874a34863 wifi: ath10k: populate board data for WCN3990
    abd2e7118519 cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations
    e1dcff6e299f scsi: ufs: core: mcq: Fix ufshcd_mcq_sqe_search()
    51929a8db813 selftests/bpf: Fix a fd leak in error paths in open_netns
    e19681ae6cf9 gfs2: do_xmote fixes
    b68b9dd723db gfs2: finish_xmote cleanup
    d6b412c510ac gfs2: Rename gfs2_withdrawn to gfs2_withdrawing_or_withdrawn
    7c2bc932b60d gfs2: Mark withdraws as unlikely
    0636b34b4458 gfs2: Fix potential glock use-after-free on unmount
    18dfb29644a4 gfs2: Remove ill-placed consistency check
    d312fbf6a24e gfs2: No longer use 'extern' in function declarations
    0db3b4e50241 gfs2: Rename gfs2_lookup_{ simple => meta }
    9db1bdd71441 gfs2: Convert gfs2_internal_read to folios
    d92445b23932 gfs2: Get rid of gfs2_alloc_blocks generation parameter
    09f8c676e4b4 wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger()
    55c54269fbd3 dt-bindings: thermal: loongson,ls2k-thermal: Fix incorrect compatible definition
    5b996de139b3 dt-bindings: thermal: loongson,ls2k-thermal: Add Loongson-2K0500 compatible
    27cacfc0818f dt-bindings: thermal: loongson,ls2k-thermal: Fix binding check issues
    2d5ca6e4a287 thermal/drivers/tsens: Fix null pointer dereference
    95575de7dede wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()
    6ae55c7fa6be x86/purgatory: Switch to the position-independent small code model
    6c6c0afd3510 scsi: hpsa: Fix allocation size for Scsi_Host private data
    52c266b486ee scsi: libsas: Fix the failure of adding phy with zero-address to port
    1ea06a34f79c wifi: iwlwifi: mvm: init vif works only once
    f84b9b25d045 cppc_cpufreq: Fix possible null pointer dereference
    c0ed9a711e33 openrisc: traps: Don't send signals to kernel mode threads
    71d865be7c2f udp: Avoid call to compute_score on multiple sites
    edcdeb8a4fdf x86/pat: Fix W^X violation false-positives when running as Xen PV guest
    29681171ff21 x86/pat: Restructure _lookup_address_cpa()
    308fba77bc23 x86/pat: Introduce lookup_address_in_pgd_attr()
    3e99f060cfd2 cpufreq: exit() callback is optional
    99f3af0a1afd tcp: increase the default TCP scaling ratio
    ca19418abcf7 tcp: define initial scaling factor value as a macro
    a7fba17a0596 selftests/bpf: Fix umount cgroup2 error in test_sockmap
    dc03a3755358 x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57
    abea81e6a722 gfs2: Fix "ignore unlock failures after withdraw"
    21d78e4c3661 gfs2: Don't forget to complete delayed withdraw
    673f7120a6e5 ACPI: disable -Wstringop-truncation
    acb5503dbb9c irqchip/loongson-pch-msi: Fix off-by-one on allocation error path
    a9bbafa46c16 irqchip/alpine-msi: Fix off-by-one in allocation error path
    1d4e1fa2f29a locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128()
    040c3a00247d ACPI: LPSS: Advertise number of chip selects via property
    776bad0b1f63 scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
    92374b6a5af1 scsi: ufs: core: Perform read back after disabling interrupts
    bfd29d5ea6ea scsi: ufs: core: Perform read back after writing UTP_TASK_REQ_LIST_BASE_H
    872f68019bc6 scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV
    8e5ede836b74 scsi: ufs: qcom: Perform read back after writing CGC enable
    d2741b23b1b4 scsi: ufs: qcom: Perform read back after writing unipro mode
    32402b2a9c0b scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US
    8f01dda10c65 scsi: ufs: qcom: Perform read back after writing reset bit
    b17592380f9d bpf: prevent r10 register from being marked as precise
    7a7d4237e338 bpf: Pack struct bpf_fib_lookup
    f92aebf17026 bpftool: Mount bpffs on provided dir instead of parent dir
    875864670982 wifi: carl9170: re-fix fortified-memset warning
    bc236ebc2ab5 dlm: fix user space lock decision to copy lvb
    0fdbbe7ee7f4 bitops: add missing prototype check
    f3531ac07b4e mlx5: stop warning for 64KB pages
    7dd2a9bb7b75 mlx5: avoid truncating error message
    6541f8ea7623 qed: avoid truncating work queue length
    997a53102a3b enetc: avoid truncating error message
    c5202a38897d ACPI: Fix Generic Initiator Affinity _OSC bit
    2bd572d421e3 sched/fair: Add EAS checks before updating root_domain::overutilized
    c078f2b4921b wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask
    f0fe67ca7550 wifi: iwlwifi: reconfigure TLC during HW restart
    adde9190997e wifi: iwlwifi: mvm: select STA mask only for active links
    29caa342391c wifi: iwlwifi: mvm: allocate STA links only for active links
    6c166d1646ca wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok()
    9fa391354a40 x86/boot: Ignore relocations in .notes sections in walk_relocs() too
    22c3d94cd445 wifi: mt76: mt7915: workaround too long expansion sparse warnings
    9cf8052afc94 wifi: ath12k: use correct flag field for 320 MHz channels
    ba3647aa16ae bpftool: Fix missing pids during link show
    424e5ac9761f wifi: ath11k: don't force enable power save on non-running vdevs
    c37466406f07 wifi: brcmfmac: pcie: handle randbuf allocation failure
    014e4e9275de wifi: ath10k: poll service ready message before failing
    e5d98cc3311f block: support to account io_ticks precisely
    99bbbd9aea05 block: fix and simplify blkdevparts= cmdline parsing
    910717920c8c block: refine the EOF check in blkdev_iomap_begin
    e8d340f80977 crypto: qat - specify firmware files for 402xx
    c9566b812c8f md: fix resync softlockup when bitmap size is less than array size
    1fc82121d038 lkdtm: Disable CFI checking for perms functions
    fbadcde1572f soc: qcom: pmic_glink: Make client-lock non-sleeping
    7880dbf4eafe kunit/fortify: Fix mismatched kvalloc()/vfree() usage
    fe3a28db0361 null_blk: Fix missing mutex_destroy() at module removal
    19e9452d731a soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE
    0cac39347f4e firmware: qcom: scm: Fix __scm and waitq completion variable initialization
    8fc7934635bb soc: qcom: pmic_glink: notify clients about the current state
    d02c6eb5d3df soc: qcom: pmic_glink: don't traverse clients list without a lock
    840565b1351a s390/mm: Re-enable the shared zeropage for !PV and !skeys KVM guests
    b410a6c84d84 mm/userfaultfd: Do not place zeropages when zeropages are disallowed
    f32f810dcc19 io-wq: write next_work before dropping acct_lock
    af82d8d2179b jffs2: prevent xattr node from overflowing the eraseblock
    c4f49d3fc18a ARM: configs: sunxi: Enable DRM_DW_HDMI
    afb39909bfb5 rcu: Fix buffer overflow in print_cpu_stall_info()
    32d988f48ed2 rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
    1319dbd64b73 io_uring: use the right type for work_llist empty check
    a750b846c136 s390/cio: fix tracepoint subchannel type field
    b39d0d661752 crypto: x86/sha512-avx2 - add missing vzeroupper
    1c5bce29d0d9 crypto: x86/sha256-avx2 - add missing vzeroupper
    ba0aa694c332 crypto: x86/nh-avx2 - add missing vzeroupper
    4e9293d660bf crypto: ccp - drop platform ifdef checks
    45b92921759a parisc: add missing export of __cmpxchg_u8()
    fd848dc7e2cf nilfs2: fix out-of-range warning
    2ed750b7ae1b ecryptfs: Fix buffer size for tag 66 packet
    25edcae667c3 firmware: raspberrypi: Use correct device for DMA mappings
    d8c42a6e61d8 mm/slub, kunit: Use inverted data to corrupt kmem cache
    d0f14ae223c2 crypto: bcm - Fix pointer arithmetic
    d142957377c2 openpromfs: finish conversion to the new mount API
    396bc5e54b4f nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists()
    daa27fd2e17d ksmbd: fix uninitialized symbol 'share' in smb2_tree_connect()
    4f65f4defe4e epoll: be better about file lifetimes
    71de5fc303a7 nvmet: fix nvme status code when namespace is disabled
    ae451994ba9c nvmet-tcp: fix possible memory leak when tearing down a controller
    b6eaa53f95c2 nvme: cancel pending I/O if nvme controller is in terminal state
    2ab74bf2827b nvmet-auth: replace pr_debug() with pr_err() to report an error.
    57a23adbc4f7 nvmet-auth: return the error code to the nvmet_auth_host_hash() callers
    8871cab467a5 nvme: find numa distance only if controller has valid numa id
    214301d0be27 x86/mm: Remove broken vsyscall emulation code from the page fault code
    6c49ba4025ee drm/amdkfd: Flush the process wq before creating a kfd_process
    de23d906b265 drm/amd/display: Disable seamless boot on 128b/132b encoding
    fefcd1c75baf drm/amd/display: Fix DC mode screen flickering on DCN321
    b6fab47b64f6 drm/amd/display: Add VCO speed parameter for DCN31 FPU
    53a7d15331b0 drm/amd/display: Allocate zero bw after bw alloc enable
    e0760e38474c drm/amd/display: Add dtbclk access to dcn315
    422f3259ac65 drm/amdgpu: Fix VRAM memory accounting
    cc73306bf4bb ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection
    9973c0587149 ASoC: da7219-aad: fix usage of device_get_named_child_node()
    ae14ac3bc076 platform/x86: ISST: Add Grand Ridge to HPM CPU list
    3a83d0d284b9 softirq: Fix suspicious RCU usage in __do_softirq()
    107c893e0a5b ALSA: emu10k1: make E-MU FPGA writes potentially more reliable
    af8dc212f74a bpf, x86: Fix PROBE_MEM runtime load check
    37c275727aef fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card
    964794778606 Input: xpad - add support for ASUS ROG RAIKIRI
    59e9cd63a528 KVM: selftests: Add test for uaccesses to non-existent vgic-v2 CPUIF
    02c36fe48100 ASoC: rt715-sdca: volume step modification
    be91170bee15 ASoC: rt715: add vendor clear control register
    91a0bd4e9c60 ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config
    968f6983d41e regulator: vqmmc-ipq4019: fix module autoloading
    5c0b06dca44b regulator: qcom-refgen: fix module autoloading
    b084d3f57748 ASoC: rt722-sdca: add headset microphone vrefo setting
    dace61d6dc59 ASoC: rt722-sdca: modify channel number to support 4 channels
    b642f447cfde ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
    7904b066296a ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
    f6bb8d6c2a64 ASoC: acp: Support microphone from device Acer 315-24p
    58872c444adc ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3
    a73f1e25d581 ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot()
    3ad4d29b6554 regulator: irq_helpers: duplicate IRQ name
    08133330692c ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too
    02580c6afd15 sched/isolation: Fix boot crash when maxcpus < first housekeeping CPU
    1bb875147883 selftests: sud_test: return correct emulated syscall value on RISC-V
    9208e9c8bd0f drm/etnaviv: fix tx clock gating on some GC7000 variants
    b2959fdd3af2 LoongArch: Lately init pmu after smp is online
    976b74fa6084 cpu: Ignore "mitigations" kernel parameter if CPU_MITIGATIONS=n
    d4ed9984871c Revert "net: txgbe: fix clk_name exceed MAX_DEV_ID limits"
    d6a2007376ca Revert "net: txgbe: fix i2c dev name cannot match clkdev"
    39cfce75168c drm/amdgpu/mes: fix use-after-free issue
    67aa2a7b83be drm/amdgpu: Fix the ring buffer size for queue VM flush
    bdbb7611dd2e drm/amdkfd: Add VRAM accounting for SVM migration
    7e1247995853 drm/amd/pm: Restore config space after reset
    04cf241fe5e5 drm/amdgpu: Update BO eviction priorities
    17f689f10fc0 drm/amd/display: Set color_mgmt_changed to true on unsuspend
    85f0812b6d5c net: usb: qmi_wwan: add Telit FN920C04 compositions
    ca2da54610f0 HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled
    e26d4063d223 dt-bindings: rockchip: grf: Add missing type to 'pcie-phy' node
    125c0dcc000f wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class
    ea2121cdc7ab wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field
    0cfadb49ef90 wifi: mac80211: don't use rate mask for scanning
    09133f4b5651 KEYS: asymmetric: Add missing dependencies of FIPS_SIGNATURE_SELFTEST
    21c7e4587e29 KEYS: asymmetric: Add missing dependency on CRYPTO_SIG
    2f103287ef79 ALSA: Fix deadlocks with kctl removals at disconnection
    e644036a3e2b ALSA: core: Fix NULL module pointer assignment at card init
    8d04efceb46f ALSA: hda/realtek: fix mute/micmute LEDs don't work for ProBook 440/460 G11.
    5698ba69326c ksmbd: ignore trailing slashes in share paths
    6772584945b6 ksmbd: avoid to send duplicate oplock break notifications
    579a0c69794b fs/ntfs3: Break dir enumeration if directory contents error
    84906740dc56 fs/ntfs3: Fix case when index is reused during tree transformation
    e4fd2dce71fb fs/ntfs3: Taking DOS names into account during link counting
    df1f6ed23b51 fs/ntfs3: Remove max link count info display during driver init
    a8799662fed1 nilfs2: fix potential hang in nilfs_detach_log_writer()
    f81fd0061066 nilfs2: fix unexpected freezing of nilfs_segctor_sync()
    f9186bba4ea2 nilfs2: fix use-after-free of timer for log writer thread
    d65984358ac0 net: smc91x: Fix m68k kernel compilation for ColdFire CPU
    77237eabdcd9 net: lan966x: remove debugfs directory in probe() error path
    5cd17f0e74cb net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()
    f678c3c33655 tools/nolibc/stdlib: fix memory error in realloc()
    64f0c3bd2dd7 tools/latency-collector: Fix -Wformat-security compile warns
    622ab95fdcfa net: mana: Fix the extra HZ in mana_hwc_send_request
    af3274905b31 ring-buffer: Fix a race between readers and resize checks
    68222d7b4b72 r8169: Fix possible ring buffer corruption on fragmented Tx packets.
    766e3bacc7f9 Revert "r8169: don't try to disable interrupts if NAPI is, scheduled already"
    a9886aad5dfd io_uring: fail NOP if non-zero op flags is passed in
    68a767dd690b Input: try trimming too long modalias strings
    e4a1d0aa0d4d serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup
    7e16930d4671 serial: 8250_bcm7271: use default_mux_rate if possible
    c6e1650cf5df speakup: Fix sizeof() vs ARRAY_SIZE() bug
    62c3763dcb03 tty: n_gsm: fix missing receive state reset after mode switch
    774d83b008ec tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
    7b4881da5b19 ftrace: Fix possible use-after-free issue in ftrace_location()
    775de4e954cb selftests/ftrace: Fix BTFARG testcase to check fprobe is enabled correctly
    b1c2d09a40a5 x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
    7c76aad68f6d kselftest: Add a ksft_perror() helper
    06644f0d7193 drm/tilcdc: Set preferred depth
    ff7ae7b32324 crypto: jitter - add RCT/APT support for different OSRs
    50cd24ddb6f0 arm64: defconfig: remove CONFIG_IPQ_APSS_5018
    58e5c91d6701 x86/alternatives: Disable interrupts and sync when optimizing NOPs in place
    c878fd2d4c79 x86/alternatives: Sync core before enabling interrupts
    c2d64b9f52b6 qemux86: add configuration symbol to select values
    630c33229e6d sched/isolation: really align nohz_full with rcu_nocbs
    0e5e0f68e2e6 clear_warn_once: add a clear_warn_once= boot parameter
    46934791b902 clear_warn_once: bind a timer to written reset value
    cdee9e38ff32 clear_warn_once: expand debugfs to include read support
    82b562b81841 tools: Remove some options from CLANG_CROSS_FLAGS
    36dc380b776b libbpf: Fix build warning on ref_ctr_off
    9e3e1fe20982 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
    e497a4a5da65 perf: x86-32: explicitly include <errno.h>
    7b57ddd89565 perf: mips64: Convert __u64 to unsigned long long
    1cfc19423dc7 perf: fix bench numa compilation
    98bc2815fade perf: add SLANG_INC for slang.h
    17209a70b9b3 perf: add sgidefs.h to for mips builds
    9cd4258d910a perf: change --root to --prefix for python install
    8110a4f26628 perf: add 'libperl not found' warning
    bc89d5e08f77 perf: force include of <stdbool.h>
    4f6c760cc876 fat: Replace prandom_u32() with get_random_u32()
    bc53117b12b2 fat: don't use obsolete random32 call in namei_vfat
    30b2236ab378 FAT: Added FAT_NO_83NAME
    cef98d22b4ed FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
    0bbd7daba9e1 FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
    5883fc340084 aufs6: adapt to v6.6 i_op->ctime changes
    c4342d979bf2 aufs6: fix magic.mk include path
    35266bc2dc81 aufs6: adapt to v6.6
    8edede4e98be aufs6: core
    712248233ebe aufs6: standalone
    3b71a8a848d8 aufs6: mmap
    3e2924871f37 aufs6: base
    7f4907a93101 aufs6: kbuild
    d2f7b03e4aa7 yaffs2: update VFS ctime operations to 6.6+
    bcd6cfcd1aa0 yaffs2: v6.5 fixups
    cc615704b5f5 yaffs2: Fix miscalculation of devname buffer length
    8ef2e22dcf91 yaffs2: convert user_namespace to mnt_idmap
    c9c749f9f7d3 yaffs2: replace bdevname call with sprintf
    395b01cdc39d yaffs2: convert read_page -> readfolio
    d98b07e43ba6 yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
    613c6d50fdbe yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
    622c4648936f yaffs2: v5.12+ build fixups (not runtime tested)
    7562133d4090 yaffs: include blkdev.h
    dbd44252cd59 yaffs: fix misplaced variable declaration
    c223a10b1ac0 yaffs2: v5.6 build fixups
    90f6007cfbf4 yaffs2: fix memory leak when /proc/yaffs is read
    37ee169c5ea1 yaffs: add strict check when call yaffs_internal_read_super
    b6e007b8abb6 yaffs: repair yaffs_get_mtd_device
    fb98f65a466a yaffs: Fix build failure by handling inode i_version with proper atomic API
    51e0aac75ea2 yaffs2: fix memory leak in mount/umount
    2b74a0cae7b0 yaffs: Avoid setting any ACL releated xattr
    ff4130a9c376 Yaffs:check oob size before auto selecting Yaffs1
    ba95b409c67c fs: yaffs2: replace CURRENT_TIME by other appropriate apis
    8fa35eba9056 yaffs2: adjust to proper location of MS_RDONLY
    1eb5deaad8c4 yaffs2: import git revision b4ce1bb (jan, 2020)
    4dce67c1e8c8 initramfs: allow an optional wrapper script around initramfs generation
    2f603d83fcc4 pnmtologo: use relocatable file name
    664a6a0a484b tools: use basename to identify file in gen-mach-types
    9de64bc0c185 lib/build_OID_registry: fix reproducibility issues
    ae9b80797295 vt/conmakehash: improve reproducibility
    a972323151bd iwlwifi: select MAC80211_LEDS conditionally
    15d2adcc0198 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
    5556a6c04b19 arm64/perf: Fix wrong cast that may cause wrong truncation
    5552dc768ffc defconfigs: drop obselete options
    00fe4152df31 arm64/perf: fix backtrace for AAPCS with FP enabled
    3888d0652edf linux-yocto: Handle /bin/awk issues
    3d55d299f23a uvesafb: provide option to specify timeout for task completion
    23c068c080be uvesafb: print error message when task timeout occurs
    edbfc939266e compiler.h: Undef before redefining __attribute_const__
    c99ae7e2a19a vmware: include jiffies.h
    572d84d928c8 Resolve jiffies wrapping about arp
    fdcd47cac843 nfs: Allow default io size to be configured.
    927d48801098 check console device file on fs when booting
    57cc27f821dd mount_root: clarify error messages for when no rootfs found
    1b53d82a8152 mconf: fix output of cflags and libraries
    1811da09f42c menuconfig,mconf-cfg: Allow specification of ncurses location
    83c2e0c6eb1f modpost: mask trivial warnings
    6de673039484 kbuild: exclude meta directory from distclean processing
    6decd32815f5 powerpc: serialize image targets
    f6b683b38318 arm: serialize build targets
    e798b09ebf57 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
    dc8a1e5a88f8 x86_64_defconfig: Fix warnings
    68491e5f72b6 powerpc/ptrace: Disable array-bounds warning with gcc8
    d71ebfce3004 powerpc: Disable attribute-alias warnings from gcc8
    62f50884b8b1 powerpc: kexec fix for powerpc64
    da6871c62c37 powerpc: Add unwind information for SPE registers of E500 core
    f161c880c11d mips: make current_cpu_data preempt safe
    5e94a8247ce7 mips: vdso: fix 'jalr $t9' crash in vdso code
    19e36714b1c7 mips: Kconfig: add QEMUMIPS64 option
    e2e537db3cbd 4kc cache tlb hazard: tlbp cache coherency
    aee9870611e5 malta uhci quirks: make allowance for slow 4k(e)c
    881948cd1517 drm/fb-helper: move zeroing code to drm_fb_helper_fill_var
    98ec1963fcb7 arm64: defconfig: cleanup config options
    f1727c537ba8 vexpress: Pass LOADADDR to Makefile
    4474c32dc24a arm: ARM EABI socketcall
    75e31a2b70fd ARM: LPAE: Invalidate the TLB for module addresses during translation fault

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b5d18e5da09b889578fb1f004e41869a81e10081)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_6.6.bb               |  6 ++--
 .../linux/linux-yocto-tiny_6.6.bb             |  6 ++--
 meta/recipes-kernel/linux/linux-yocto_6.6.bb  | 28 +++++++++----------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
index f8d47a9dba..50f4fe0eb6 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "59b2635b04e2ef8162e52f82e848b81073cea708"
-SRCREV_meta ?= "66bebb6789d02e775d4c93d7ca4bf79c2ead4b28"
+SRCREV_machine ?= "e88fd5bf97b83b10f7e93c2af4100cd16d59db63"
+SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.6.32"
+LINUX_VERSION ?= "6.6.34"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
index 7378a37521..a330e14468 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.6.inc
 
-LINUX_VERSION ?= "6.6.32"
+LINUX_VERSION ?= "6.6.34"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_meta ?= "66bebb6789d02e775d4c93d7ca4bf79c2ead4b28"
+SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/meta/recipes-kernel/linux/linux-yocto_6.6.bb
index b64ac78fd1..f67d73d2e6 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.6.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.6/standard/base"
 KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "6e4ec0ec5052e3a107ec7e5977ea9282d3642ea7"
-SRCREV_machine:qemuarm64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemuloongarch64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemumips ?= "cab976b23497344b74b7e4cbcb5df732f8630150"
-SRCREV_machine:qemuppc ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemuriscv64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemuriscv32 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemux86 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemux86-64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_machine:qemumips64 ?= "aa0c0197b3a0628992e959708a2ad015603e93ad"
-SRCREV_machine ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a"
-SRCREV_meta ?= "66bebb6789d02e775d4c93d7ca4bf79c2ead4b28"
+SRCREV_machine:qemuarm ?= "a12679d200785775317fb7b7fe9b145cd77187eb"
+SRCREV_machine:qemuarm64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemuloongarch64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemumips ?= "f0ff71ea239e1395c9318d4edd2213a702aa8d19"
+SRCREV_machine:qemuppc ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemuriscv64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemuriscv32 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemux86 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemux86-64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_machine:qemumips64 ?= "39f86019c95a6efb4aa3bf4d0185f05bb184d29b"
+SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
+SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "91de249b6804473d49984030836381c3b9b3cfb0"
+SRCREV_machine:class-devupstream ?= "76d42e596d895c53abf86daca4e5877fe0088145"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.6/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.6.32"
+LINUX_VERSION ?= "6.6.34"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.34.1

[OE-core][scarthgap 09/21] linux-yocto/6.6: update to v6.6.35

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.6 to the latest korg -stable release that comprises
the following commits:

    5f2d0708acd0 Linux 6.6.35
    3466abafa9f4 zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING
    2fd6cfb2a4e6 i2c: designware: Fix the functionality flags of the slave-only interface
    572afd43c959 i2c: at91: Fix the functionality flags of the slave-only interface
    a4cd6074aed6 misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe()
    2cc32639ec34 usb-storage: alauda: Check whether the media is initialized
    3a03ef31c1e9 serial: 8250_dw: Don't use struct dw8250_data outside of 8250_dw
    836e1a9fd8eb serial: 8250_dw: Replace ACPI device check by a quirk
    1d98b6a0b90c serial: 8250_dw: Switch to use uart_read_port_properties()
    f59e2391d3a9 serial: port: Introduce a common helper to read properties
    68a53d1212ed serial: core: Add UPIO_UNKNOWN constant for unknown port type
    1006d1b5eb01 device property: Implement device_is_big_endian()
    dd431c3ac1fc ima: Fix use-after-free on a dentry's dname.name
    0b8fba38bdfb greybus: Fix use-after-free bug in gb_interface_release due to race condition.
    aefd8f343d90 selftests: net: lib: avoid error removing empty netns name
    44bdef23572c selftests: net: lib: support errexit with busywait
    1d650d2c9bcc selftests/net/lib: no need to record ns name if it already exist
    d722ed2530e1 selftests/net/lib: update busywait timeout value
    8a73c08e00fe cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode
    3beccb6a326d remoteproc: k3-r5: Jump to error handling labels in start/stop errors
    bb2f3187e310 selftests: forwarding: Avoid failures to source net/lib.sh
    2a969959b94f selftests/net: add variable NS_LIST for lib.sh
    04f7b9b4d7f8 selftests/net: add lib.sh
    dd782da47076 Revert "fork: defer linking file vma until vma is fully initialized"
    72b5c7f3b358 serial: 8250_pxa: Configure tx_loadsz to match FIFO IRQ level
    0d73477af964 mm/huge_memory: don't unpoison huge_zero_folio
    93d61e1bac0a tick/nohz_full: Don't abuse smp_call_function_single() in tick_setup_device()
    614d397be0cf nilfs2: fix potential kernel bug due to lack of writeback flag waiting
    f8474caf39bd swiotlb: extend buffer pre-padding to alloc_align_mask if necessary
    6c385c1fa0a7 swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE
    6033fc9522d2 swiotlb: Enforce page alignment in swiotlb_alloc()
    9f2050106f37 xfs: allow cross-linking special files without project quota
    8bb0402836d0 xfs: don't use current->journal_info
    79ba47df4e98 xfs: allow sunit mount option to repair bad primary sb stripe values
    ae609281ecae xfs: ensure submit buffers on LSN boundaries in error handlers
    04fa4269089b xfs: shrink failure needs to hold AGI buffer
    ea365e606231 xfs: fix SEEK_HOLE/DATA for regions with active COW extents
    7f0e5af2690a xfs: fix scrub stats file permissions
    20bccdb03a7b xfs: fix imprecise logic in xchk_btree_check_block_owner
    092571ef9a81 btrfs: zoned: fix use-after-free due to race with dev replace
    069e0cc343da btrfs: zoned: factor out DUP bg handling from btrfs_load_block_group_zone_info
    68713bc70dab btrfs: zoned: factor out single bg handling from btrfs_load_block_group_zone_info
    a139ad664240 btrfs: zoned: factor out per-zone logic from btrfs_load_block_group_zone_info
    f9526760879a btrfs: zoned: introduce a zone_info struct in btrfs_load_block_group_zone_info
    a3be677629e4 pmdomain: ti-sci: Fix duplicate PD referrals
    6fd062713d99 intel_th: pci: Add Lunar Lake support
    ebcef9116484 intel_th: pci: Add Meteor Lake-S support
    c8727ddde12c intel_th: pci: Add Sapphire Rapids SOC support
    37eb9f7cc719 intel_th: pci: Add Granite Rapids SOC support
    3b08df88b00d intel_th: pci: Add Granite Rapids support
    f287b1e34f1d drm/i915: Fix audio component initialization
    7a9883be3b98 drm/i915/dpt: Make DPT object unshrinkable
    1b4a8b89bf67 drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)
    1d2f1123a05e drm/i915/gt: Disarm breadcrumbs if engines are already idle
    42524cc5feef rtla/auto-analysis: Replace \t with spaces
    d32f12e15732 rtla/timerlat: Simplify "no value" printing on top
    8661a7af0499 riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context
    6ee0c842d4ad iio: invensense: fix interrupt timestamp alignment
    955c824d543c iio: adc: axi-adc: make sure AXI clock is enabled
    33187fa1a8bb remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs
    2494bc856e7c remoteproc: k3-r5: Wait for core0 power-up before powering up core1
    aa81c7b078e0 dmaengine: axi-dmac: fix possible race in remove()
    4145835ec209 PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
    3c361f313d69 ocfs2: fix races between hole punching and AIO+DIO
    7ec0e3b86f5a ocfs2: use coarse time for new created files
    518fbd644dab fs/proc: fix softlockup in __read_vmcore
    ba04b459efd1 knfsd: LOOKUP can return an illegal error value
    591d5b12f814 spmi: hisi-spmi-controller: Do not override device identifier
    e293c6b38ac9 vmci: prevent speculation leaks by sanitizing event in event_deliver()
    2d11505e79c7 dma-buf: handle testing kthreads creation failure
    e946428439a0 sock_map: avoid race between sock_map_close and sk_psock_put
    2c581ca0d68f null_blk: Print correct max open zones limit in null_init_zoned_dev()
    5fc6b708ef20 kheaders: explicitly define file modes for archived headers
    fcb88dc66b72 tracing/selftests: Fix kprobe event name test for .isra. functions
    d63e501ac6da riscv: fix overlap of allocated page and PTR_ERR
    7063f15d2ae2 perf auxtrace: Fix multiple use of --itrace option
    809a2ed17179 perf/core: Fix missing wakeup when waiting for context reference
    348008f0043c x86/amd_nb: Check for invalid SMN reads
    d91ddd050826 x86/kexec: Fix bug with call depth tracking
    5c0fb9cb404a irqchip/gic-v3-its: Fix potential race condition in its_vlpi_prop_update()
    6d0881a00d4c clkdev: Update clkdev id usage to allow for longer names
    dbf0787c2f45 mptcp: pm: update add_addr counters after connect
    09469a081715 mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID
    f1f0a46f8bb8 mptcp: ensure snd_una is properly initialized on connect
    35bcf16b4a28 drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found
    a269c5701244 drm/exynos/vidi: fix memory leak in .get_modes()
    fd880577c6d4 ACPI: x86: Force StorageD3Enable on more products
    5bf196f1936b parisc: Try to fix random segmentation faults in package builds
    a42b0060d6ff drivers: core: synchronize really_probe() and dev_uevent()
    e57c84e156e7 iio: imu: inv_icm42600: delete unneeded update watermark call
    aaf6b327a386 iio: invensense: fix odr switching to same value
    8e472061a32c iio: dac: ad5592r: fix temperature channel scaling value
    24ff87bb9f0b iio: adc: ad9467: fix scan type sign
    d4f3861893f9 x86/boot: Don't add the EFI stub to targets, again
    db20d4e4872b ksmbd: fix missing use of get_write in in smb2_set_ea()
    13b38f9262f5 ksmbd: move leading slash check to smb2_get_name()
    86c9713602f7 misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe()
    ca6660c95624 bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
    185c72f6b9eb af_unix: Read with MSG_PEEK loops if the first unread byte is OOB
    183ebc167a8a ionic: fix use after netif_napi_del()
    7caefa277172 net: bridge: mst: fix suspicious rcu usage in br_mst_set_state
    a6cc9e9a651b net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state
    96d3265fc4f1 net/ipv6: Fix the RT cache flush via sysctl using a previous delay
    9a3eb4816ab9 nvmet-passthru: propagate status from id override functions
    fe1e395563cc block: fix request.queuelist usage in flush
    6b7155458ed2 block: sed-opal: avoid possible wrong address reference in read_sed_opal_key()
    35119b1139e7 net: stmmac: replace priv->speed with the portTransmitRate from the tc-cbs parameters
    d01f39f73bed gve: ignore nonrelevant GSO type bits when processing TSO headers
    b0c95cefd9b6 net: pse-pd: Use EOPNOTSUPP error code instead of ENOTSUPP
    2ad10c2aadb7 scsi: ufs: core: Quiesce request queues before checking pending cmds
    567cfc59e468 x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking
    5396ce9a5e68 x86/asm: Use %c/%n instead of %P operand modifier in asm templates
    2ba35b37f780 netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
    b30669fdea0c netfilter: nft_inner: validate mandatory meta and payload
    7ccca396e989 Bluetooth: fix connection setup in l2cap_connect
    599a28fa9ecd Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
    110764a0713e net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets
    bb5c1b0fbd98 geneve: Fix incorrect inner network header offset when innerprotoinherit is set
    c72660999c17 net dsa: qca8k: fix usages of device_get_named_child_node()
    d61808ac9947 tcp: fix race in tcp_v6_syn_recv_sock()
    b5c8ffc8cfde drm/bridge/panel: Fix runtime warning on panel bridge release
    9460961d8213 drm/komeda: check for error-valued pointer
    f100031fd6a5 net: stmmac: dwmac-qcom-ethqos: Configure host DMA width
    fd2b613bc4c5 liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
    47016dcb50e9 net: hns3: add cond_resched() to hns3 ring buffer init process
    689de7c3bfc7 net: hns3: fix kernel crash problem in concurrent scenario
    ef01c26d6f7a net: sfp: Always call `sfp_sm_mod_remove()` on remove
    6797259d9b92 modpost: do not warn about missing MODULE_DESCRIPTION() for vmlinux.o
    6fdc1152afae af_unix: Annotate data-race of sk->sk_state in unix_accept().
    b82c97a79b8e drm/vmwgfx: Don't memcmp equivalent pointers
    ce48b688a8d2 drm/vmwgfx: Remove STDU logic from generic mode_valid function
    15a875ecfc2f drm/vmwgfx: 3D disabled should not effect STDU memory limits
    3ca8e582e03e drm/vmwgfx: Filter modes which exceed graphics memory
    b0b05171de1f drm/vmwgfx: Refactor drm connector probing for display modes
    f677ca8cfefe HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
    1bbadf953fad io_uring/io-wq: avoid garbage value of 'match' in io_wq_enqueue()
    ab702c3483db io_uring/io-wq: Use set_bit() and test_bit() at worker->flags
    7388ae6f26c0 iommu: Return right value in iommu_sva_bind_device()
    c344d7030717 iommu/amd: Fix sysfs leak in iommu init
    30f76bc468b9 HID: core: remove unnecessary WARN_ON() in implement()
    17a6806f606f gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type
    12043e85bd71 gpio: tqmx86: store IRQ trigger type and unmask status separately
    01aa7b7a3dd7 gpio: tqmx86: introduce shadow register for GPIO output value
    d69079010813 gpio: tqmx86: fix typo in Kconfig label
    b07a62f8c843 platform/x86: dell-smbios: Fix wrong token data in sysfs
    2c82e21bbc05 drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation
    ca060e255794 nvme: fix nvme_pr_* status code parsing
    beb2dde5e1b9 selftests/tracing: Fix event filter test to retry up to 10 times
    b21cae468849 NFS: add barriers when testing for NFS_FSDATA_BLOCKED
    b1a6e884de15 SUNRPC: return proper error from gss_wrap_req_priv
    c30988e06b15 NFSv4.1 enforce rootpath check in fs_location query
    a9aa5a49c8ed clk: sifive: Do not register clkdevs for PRCI clocks
    dff9b2238969 selftests/ftrace: Fix to check required event file
    3bf0b8030296 cachefiles: flush all requests after setting CACHEFILES_DEAD
    d2d3eb377a5d cachefiles: defer exposing anon_fd until after copy_to_user() succeeds
    527db1cb4cd6 cachefiles: never get a new anonymous fd if ondemand_id is valid
    1d95e5010ce8 cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read()
    3958679c4915 cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read()
    a6de82765e12 cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd()
    9f5fa40f0924 cachefiles: add restore command to recover inflight ondemand read requests
    e564e48ca299 cachefiles: add spin_lock for cachefiles_ondemand_info
    f740fd943bb1 cachefiles: resend an open request if the read request's object is closed
    33d21f0658cf cachefiles: extract ondemand info field from cachefiles_object
    955190e1851a cachefiles: introduce object ondemand state
    50d0e55356ba cachefiles: remove requests from xarray during flushing requests
    19133f53f199 cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd
    d8316838aa06 cxl/region: Fix memregion leaks in devm_cxl_add_region()
    09b4aa2815bf cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c
    b3f206985a33 HID: nvidia-shield: Add missing check for input_ff_create_memless
    af4cff0dd640 powerpc/uaccess: Fix build errors seen with GCC 13/14
    2ce5341c3699 gve: Clear napi->skb before dev_kfree_skb_any()
    323d2563bde0 scsi: sd: Use READ(16) when reading block zero on large capacity disks
    9079338c5a0d scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
    da097dccaece scsi: mpi3mr: Fix ATA NCQ priority support
    3e9785d3e92b scsi: core: Disable CDL by default
    d5ceeb0b6a71 thunderbolt: debugfs: Fix margin debugfs node creation condition
    d4121290b427 xhci: Apply broken streams quirk to Etron EJ188 xHCI host
    949be4ec5835 xhci: Handle TD clearing for multiple streams case
    0a834fb6dbd8 xhci: Apply reset resume quirk to Etron EJ188 xHCI host
    834c57876cc2 xhci: Set correct transferred length for cancelled bulk transfers
    4598233d9748 jfs: xattr: fix buffer overflow for invalid xattr
    cc30d05b34f9 landlock: Fix d_parent walk
    3380fa014a89 serial: port: Don't block system suspend even if bytes are left to xmit
    b895a1b981cf tty: n_tty: Fix buffer offsets when lookahead is used
    ce356d8d7e91 mei: me: release irq in mei_me_pci_resume error path
    ad47b23e4704 usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state
    04c05d50fa79 usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps
    b641889cc1cf USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected
    72a3fe36cf9f USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
    43cfac7b88ad io_uring: check for non-NULL file pointer in io_file_can_poll()
    0c9df3df0c88 io_uring/rsrc: don't lock while !TASK_RUNNING
    d18b05eda7fa nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
    8394dce13573 nilfs2: return the mapped address from nilfs_get_page()
    39a143a2b072 bpf: fix multi-uprobe PID filtering logic
    7ec535ed8724 eventfs: Update all the eventfs_inodes from the events descriptor
    1c88d94a7a33 irqchip/riscv-intc: Prevent memory leak when riscv_intc_init_common() fails
    85ca483e729d irqchip/riscv-intc: Introduce Andes hart-level interrupt controller
    482095341313 irqchip/riscv-intc: Allow large non-standard interrupt number
    01c987b8282c selftests/mm: compaction_test: fix bogus test success on Aarch64
    3f6ccd40afc4 selftests/mm: log a consistent test name for check_compaction
    d39532e9186a selftests/mm: conform test to TAP format output
    bb9bb13ce64c mm/memory-failure: fix handling of dissolved but not taken off from buddy pages
    fe01748ca6d6 memory-failure: use a folio in me_huge_page()
    130b4b9478c3 firmware: qcom_scm: disable clocks if qcom_scm_bw_enable() fails
    16ece7c5645a ksmbd: use rwsem instead of rwlock for lease break
    6548d543a274 net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool()
    7e796c3fefa8 ipv6: fix possible race in __fib6_drop_pcpu_from()
    d8011254e9b1 af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
    60db0759c4f5 af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
    471ec7b77a8d af_unix: Use skb_queue_empty_lockless() in unix_release_sock().
    f1683d07ebd1 af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
    29fce603b14b af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
    996ec22ff576 af_unix: Annotate data-races around sk->sk_sndbuf.
    4398f59518ce af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
    0ede400c32ae af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb().
    776fcc45e3f4 af_unix: Annotate data-races around sk->sk_state in sendmsg() and recvmsg().
    3d25de6486f4 af_unix: Annotate data-race of sk->sk_state in unix_stream_connect().
    484e036e1a2c af_unix: Annotate data-races around sk->sk_state in unix_write_space() and poll().
    4e38d6c04943 af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
    45733e981e8c af_unix: Annodate data-races around sk->sk_state for writers.
    8003545ca10d af_unix: Set sk->sk_state under unix_state_lock() for truly disconencted peer.
    040d93848703 net: wwan: iosm: Fix tainted pointer delete is case of region creation fail
    649b63f5daf6 ice: add flag to distinguish reset from .ndo_bpf in XDP rings config
    eab834acb474 ice: remove af_xdp_zc_qps bitmap
    3201ba7d1c8c ice: fix iteration of TLVs in Preserved Fields Area
    b21bb09f8be6 ptp: Fix error message on failed pin verification
    724050ae4b76 net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    d857df86837a net/mlx5: Fix tainted pointer delete is case of flow rules creation fail
    6ccada6ffb42 net/mlx5: Always stop health timer during driver removal
    e3001df36cd6 net/mlx5: Stop waiting for PCI if pci channel is offline
    3dd41669b300 mptcp: count CLOSE-WAIT sockets for MPTCP_MIB_CURRESTAB
    acdf17546ef8 tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
    924f7bbfc5cf vxlan: Fix regression when dropping packets due to invalid src addresses
    54c2c171c11a net: sched: sch_multiq: fix possible OOB write in multiq_tune()
    cba5467442b2 net: phy: Micrel KSZ8061: fix errata solution not taking effect problem
    b03255294e88 net/smc: avoid overwriting when adjusting sock bufsizes
    2d7912f3ac65 octeontx2-af: Always allocate PF entries from low prioriy zone
    d387805d4b4a bpf: Set run context for rawtp test_run callback
    50569d12945f net: tls: fix marking packets as decrypted
    f8dd092e8b47 ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
    db21c1ee6b6d ipv6: ioam: block BH from ioam6_output()
    9ee14af24e67 vmxnet3: disable rx data ring on dma allocation failure
    834aa2c34b8f KVM: SEV-ES: Delegate LBR virtualization to the processor
    b6e4076ca94b KVM: SEV: Do not intercept accesses to MSR_IA32_XSS for SEV-ES guests
    2128bae4ecab KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent
    91cff53136da bpf: Fix a potential use-after-free in bpf_link_free()
    2ad2f2edb944 bpf: Optimize the free of inner map
    5aa03dd388d1 bpf: Store ref_ctr_offsets values in bpf_uprobe array
    02a255723e6b net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume
    645e643eeb9a net/ncsi: Fix the multi thread manner of NCSI driver
    d7dd9d1f02b2 net/ncsi: Simplify Kconfig/dts control flow
    87cc2514162f ax25: Replace kfree() in ax25_dev_free() with ax25_dev_put()
    52100fd74ad0 ax25: Fix refcount imbalance on inbound connections
    909dc098a754 RISC-V: KVM: Fix incorrect reg_subtype labels in kvm_riscv_vcpu_set_reg_isa_ext function
    5d8622f61ef1 RISC-V: KVM: No need to use mask when hart-index-bit is 0
    b2b1043ac1f5 scsi: ufs: mcq: Fix error output and clean up ufshcd_mcq_abort()
    2f467fefdfae wifi: mac80211: correctly parse Spatial Reuse Parameter Set element
    a05018739a5e wifi: iwlwifi: mvm: don't read past the mfuart notifcation
    29a18d56bd64 wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
    f7773fff6dda wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef
    bdfa7cf3281b wifi: iwlwifi: mvm: set properly mac header
    1ef2671de723 wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64
    1fd3f32695af wifi: iwlwifi: mvm: don't initialize csa_work twice
    ff2b4dc81e67 wifi: cfg80211: pmsr: use correct nla_get_uX functions
    0ccc63958d83 wifi: cfg80211: Lock wiphy in cfg80211_get_station
    46b7eff59a32 wifi: cfg80211: fully move wiphy work to unbound workqueue
    456bbb8a31e4 wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
    63d5f89bb566 wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
    c31365597a17 powerpc/uaccess: Fix build errors seen with GCC 13/14
    64ebf485c56b usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock
    7c76aad68f6d kselftest: Add a ksft_perror() helper
    06644f0d7193 drm/tilcdc: Set preferred depth
    ff7ae7b32324 crypto: jitter - add RCT/APT support for different OSRs
    50cd24ddb6f0 arm64: defconfig: remove CONFIG_IPQ_APSS_5018
    58e5c91d6701 x86/alternatives: Disable interrupts and sync when optimizing NOPs in place
    c878fd2d4c79 x86/alternatives: Sync core before enabling interrupts
    c2d64b9f52b6 qemux86: add configuration symbol to select values
    630c33229e6d sched/isolation: really align nohz_full with rcu_nocbs
    0e5e0f68e2e6 clear_warn_once: add a clear_warn_once= boot parameter
    46934791b902 clear_warn_once: bind a timer to written reset value
    cdee9e38ff32 clear_warn_once: expand debugfs to include read support
    82b562b81841 tools: Remove some options from CLANG_CROSS_FLAGS
    36dc380b776b libbpf: Fix build warning on ref_ctr_off
    9e3e1fe20982 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
    e497a4a5da65 perf: x86-32: explicitly include <errno.h>
    7b57ddd89565 perf: mips64: Convert __u64 to unsigned long long
    1cfc19423dc7 perf: fix bench numa compilation
    98bc2815fade perf: add SLANG_INC for slang.h
    17209a70b9b3 perf: add sgidefs.h to for mips builds
    9cd4258d910a perf: change --root to --prefix for python install
    8110a4f26628 perf: add 'libperl not found' warning
    bc89d5e08f77 perf: force include of <stdbool.h>
    4f6c760cc876 fat: Replace prandom_u32() with get_random_u32()
    bc53117b12b2 fat: don't use obsolete random32 call in namei_vfat
    30b2236ab378 FAT: Added FAT_NO_83NAME
    cef98d22b4ed FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
    0bbd7daba9e1 FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
    5883fc340084 aufs6: adapt to v6.6 i_op->ctime changes
    c4342d979bf2 aufs6: fix magic.mk include path
    35266bc2dc81 aufs6: adapt to v6.6
    8edede4e98be aufs6: core
    712248233ebe aufs6: standalone
    3b71a8a848d8 aufs6: mmap
    3e2924871f37 aufs6: base
    7f4907a93101 aufs6: kbuild
    d2f7b03e4aa7 yaffs2: update VFS ctime operations to 6.6+
    bcd6cfcd1aa0 yaffs2: v6.5 fixups
    cc615704b5f5 yaffs2: Fix miscalculation of devname buffer length
    8ef2e22dcf91 yaffs2: convert user_namespace to mnt_idmap
    c9c749f9f7d3 yaffs2: replace bdevname call with sprintf
    395b01cdc39d yaffs2: convert read_page -> readfolio
    d98b07e43ba6 yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
    613c6d50fdbe yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
    622c4648936f yaffs2: v5.12+ build fixups (not runtime tested)
    7562133d4090 yaffs: include blkdev.h
    dbd44252cd59 yaffs: fix misplaced variable declaration
    c223a10b1ac0 yaffs2: v5.6 build fixups
    90f6007cfbf4 yaffs2: fix memory leak when /proc/yaffs is read
    37ee169c5ea1 yaffs: add strict check when call yaffs_internal_read_super
    b6e007b8abb6 yaffs: repair yaffs_get_mtd_device
    fb98f65a466a yaffs: Fix build failure by handling inode i_version with proper atomic API
    51e0aac75ea2 yaffs2: fix memory leak in mount/umount
    2b74a0cae7b0 yaffs: Avoid setting any ACL releated xattr
    ff4130a9c376 Yaffs:check oob size before auto selecting Yaffs1
    ba95b409c67c fs: yaffs2: replace CURRENT_TIME by other appropriate apis
    8fa35eba9056 yaffs2: adjust to proper location of MS_RDONLY
    1eb5deaad8c4 yaffs2: import git revision b4ce1bb (jan, 2020)
    4dce67c1e8c8 initramfs: allow an optional wrapper script around initramfs generation
    2f603d83fcc4 pnmtologo: use relocatable file name
    664a6a0a484b tools: use basename to identify file in gen-mach-types
    9de64bc0c185 lib/build_OID_registry: fix reproducibility issues
    ae9b80797295 vt/conmakehash: improve reproducibility
    a972323151bd iwlwifi: select MAC80211_LEDS conditionally
    15d2adcc0198 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
    5556a6c04b19 arm64/perf: Fix wrong cast that may cause wrong truncation
    5552dc768ffc defconfigs: drop obselete options
    00fe4152df31 arm64/perf: fix backtrace for AAPCS with FP enabled
    3888d0652edf linux-yocto: Handle /bin/awk issues
    3d55d299f23a uvesafb: provide option to specify timeout for task completion
    23c068c080be uvesafb: print error message when task timeout occurs
    edbfc939266e compiler.h: Undef before redefining __attribute_const__
    c99ae7e2a19a vmware: include jiffies.h
    572d84d928c8 Resolve jiffies wrapping about arp
    fdcd47cac843 nfs: Allow default io size to be configured.
    927d48801098 check console device file on fs when booting
    57cc27f821dd mount_root: clarify error messages for when no rootfs found
    1b53d82a8152 mconf: fix output of cflags and libraries
    1811da09f42c menuconfig,mconf-cfg: Allow specification of ncurses location
    83c2e0c6eb1f modpost: mask trivial warnings
    6de673039484 kbuild: exclude meta directory from distclean processing
    6decd32815f5 powerpc: serialize image targets
    f6b683b38318 arm: serialize build targets
    e798b09ebf57 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
    dc8a1e5a88f8 x86_64_defconfig: Fix warnings
    68491e5f72b6 powerpc/ptrace: Disable array-bounds warning with gcc8
    d71ebfce3004 powerpc: Disable attribute-alias warnings from gcc8
    62f50884b8b1 powerpc: kexec fix for powerpc64
    da6871c62c37 powerpc: Add unwind information for SPE registers of E500 core
    f161c880c11d mips: make current_cpu_data preempt safe
    5e94a8247ce7 mips: vdso: fix 'jalr $t9' crash in vdso code
    19e36714b1c7 mips: Kconfig: add QEMUMIPS64 option
    e2e537db3cbd 4kc cache tlb hazard: tlbp cache coherency
    aee9870611e5 malta uhci quirks: make allowance for slow 4k(e)c
    881948cd1517 drm/fb-helper: move zeroing code to drm_fb_helper_fill_var
    98ec1963fcb7 arm64: defconfig: cleanup config options
    f1727c537ba8 vexpress: Pass LOADADDR to Makefile
    4474c32dc24a arm: ARM EABI socketcall
    75e31a2b70fd ARM: LPAE: Invalidate the TLB for module addresses during translation fault

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c404775afcb500aa931ace1289df7a194f0778ba)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_6.6.bb               |  6 ++--
 .../linux/linux-yocto-tiny_6.6.bb             |  6 ++--
 meta/recipes-kernel/linux/linux-yocto_6.6.bb  | 28 +++++++++----------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
index 50f4fe0eb6..3900690c74 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "e88fd5bf97b83b10f7e93c2af4100cd16d59db63"
-SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0"
+SRCREV_machine ?= "1d96726faac7f57c1bb3466edc283d929fc183b6"
+SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.6.34"
+LINUX_VERSION ?= "6.6.35"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
index a330e14468..0a9b96753c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.6.inc
 
-LINUX_VERSION ?= "6.6.34"
+LINUX_VERSION ?= "6.6.35"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0"
+SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/meta/recipes-kernel/linux/linux-yocto_6.6.bb
index f67d73d2e6..808561f45a 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.6.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.6/standard/base"
 KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "a12679d200785775317fb7b7fe9b145cd77187eb"
-SRCREV_machine:qemuarm64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemuloongarch64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemumips ?= "f0ff71ea239e1395c9318d4edd2213a702aa8d19"
-SRCREV_machine:qemuppc ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemuriscv64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemuriscv32 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemux86 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemux86-64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_machine:qemumips64 ?= "39f86019c95a6efb4aa3bf4d0185f05bb184d29b"
-SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0"
-SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0"
+SRCREV_machine:qemuarm ?= "7e5d1df22352c96c1d63d81d59457ff30e82e2d9"
+SRCREV_machine:qemuarm64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemuloongarch64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemumips ?= "f26493dbcd22b4d89beed4eabdc52d124d59658a"
+SRCREV_machine:qemuppc ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemuriscv64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemuriscv32 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemux86 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemux86-64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_machine:qemumips64 ?= "1ef0c6554b95984a5fc9e7cd3bb27ab617204149"
+SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
+SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "76d42e596d895c53abf86daca4e5877fe0088145"
+SRCREV_machine:class-devupstream ?= "5f2d0708acd0e1d2475d73c61819053de284bcc4"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.6/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.6.34"
+LINUX_VERSION ?= "6.6.35"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.34.1

[OE-core][scarthgap 10/21] linux-yocto/6.6: fix AMD boot trace

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/6.6:

1/1 [
    Author: Bruce Ashfield
    Email: bruce.ashfield@gmail.com
    Subject: cpu/amd: inhibit SMP check for qemux86
    Date: Fri, 28 Jun 2024 12:55:18 -0400

    When booting with kvm enabled on a AMD host, the following
    trace is thrown:

      [    0.084519] ------------[ cut here ]------------
      [    0.084519] WARNING: This combination of AMD processors is not suitable for SMP.
      [    0.084519] WARNING: CPU: 1 PID: 0 at /arch/x86/kernel/cpu/amd.c:341 init_amd+0xaee/0xbcc
      [    0.084519] Modules linked in:
      [    0.084519] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.32-yocto-standard #1
      [    0.084519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014

    This warning is not valid in our configuration and is unnecesarily
    causing issue with debug.

    This has been know for some time (10+ years), but no acceptable
    solutioon has been found upstream:

       https://lists.gnu.org/archive/html/qemu-devel/2010-03/msg01428.html
       https://lkml.org/lkml/2010/3/30/397

    We have a configuration CONFIG_QEMUX86 that has been added for
    situations like this. When that value is defined, we inhibit the
    warning, but leave it as-is for other BSPs.

    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f0c03000abb7665352cf107a600da15a112af5fa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_6.6.bb               |  4 ++--
 .../linux/linux-yocto-tiny_6.6.bb             |  4 ++--
 meta/recipes-kernel/linux/linux-yocto_6.6.bb  | 24 +++++++++----------
 3 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
index 3900690c74..dc1413ca94 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
@@ -14,8 +14,8 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "1d96726faac7f57c1bb3466edc283d929fc183b6"
-SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce"
+SRCREV_machine ?= "4209a548f26ad97f610f6c7acfee7fabe009dd3d"
+SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
index 0a9b96753c..f02a9c186a 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce"
+SRCREV_machine ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/meta/recipes-kernel/linux/linux-yocto_6.6.bb
index 808561f45a..ca7c4e978a 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.6.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.6.bb
@@ -18,18 +18,18 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.6/standard/base"
 KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "7e5d1df22352c96c1d63d81d59457ff30e82e2d9"
-SRCREV_machine:qemuarm64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemuloongarch64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemumips ?= "f26493dbcd22b4d89beed4eabdc52d124d59658a"
-SRCREV_machine:qemuppc ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemuriscv64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemuriscv32 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemux86 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemux86-64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_machine:qemumips64 ?= "1ef0c6554b95984a5fc9e7cd3bb27ab617204149"
-SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832"
-SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce"
+SRCREV_machine:qemuarm ?= "7558103b801174f277373aa9d7d7eedf3a30d5f8"
+SRCREV_machine:qemuarm64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemuloongarch64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemumips ?= "cd21dc96adcb1d60ad6cc57446464abf4dd338fc"
+SRCREV_machine:qemuppc ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemuriscv64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemuriscv32 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemux86 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemux86-64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_machine:qemumips64 ?= "6700dad2e55f71fea268db201a394b371ffdd78c"
+SRCREV_machine ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3"
+SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
-- 
2.34.1

[OE-core][scarthgap 11/21] python3-requests: cleanup RDEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudni.m.g@gmail.com>

Drop the following dependencies from RDEPENDS:
- python3-ndg-httpsclient
- python3-pyasn1
- python3-pyopenssl

Add a missing dependency into RDEPENDS:
- python3-certifi

Additional fix HOMEPAGE, the old link doesn't work

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3-requests_2.31.0.bb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-devtools/python/python3-requests_2.31.0.bb b/meta/recipes-devtools/python/python3-requests_2.31.0.bb
index df48cd54c3..287b4f8eee 100644
--- a/meta/recipes-devtools/python/python3-requests_2.31.0.bb
+++ b/meta/recipes-devtools/python/python3-requests_2.31.0.bb
@@ -1,5 +1,5 @@
 SUMMARY = "Python HTTP for Humans."
-HOMEPAGE = "http://python-requests.org"
+HOMEPAGE = "https://requests.readthedocs.io"
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658"
 
@@ -8,12 +8,10 @@ SRC_URI[sha256sum] = "942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd
 inherit pypi setuptools3
 
 RDEPENDS:${PN} += " \
+    python3-certifi \
     python3-email \
     python3-json \
-    python3-ndg-httpsclient \
     python3-netserver \
-    python3-pyasn1 \
-    python3-pyopenssl \
     python3-pysocks \
     python3-urllib3 \
     python3-chardet \
-- 
2.34.1

[OE-core][scarthgap 12/21] python3-setuptools: drop python3-2to3 from RDEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudni.m.g@gmail.com>

2to3 module was dropped as a dependency in setuptools 58.0

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3-setuptools_69.1.1.bb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb b/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb
index 77d4e0aa03..67475b68eb 100644
--- a/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb
+++ b/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb
@@ -16,7 +16,6 @@ SRC_URI[sha256sum] = "5c0806c7d9af348e6dd3777b4f4dbb42c7ad85b190104837488eab9a7c
 DEPENDS += "python3"
 
 RDEPENDS:${PN} = "\
-    python3-2to3 \
     python3-compile \
     python3-compression \
     python3-ctypes \
-- 
2.34.1

[OE-core][scarthgap 13/21] libpam: fix runtime error in pam_pwhistory moudle

[Steve Sakoman]

From: Yi Zhao <yi.zhao@windriver.com>

Backport a patch to fix runtime error in pam_pwhistory module when
selinux is enabled:

root@qemux86-64:~# passwd
passwd: System error
passwd: password unchanged

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...x-passing-NULL-filename-argument-to-.patch | 69 +++++++++++++++++++
 meta/recipes-extended/pam/libpam_1.5.3.bb     |  1 +
 2 files changed, 70 insertions(+)
 create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch

diff --git a/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch b/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch
new file mode 100644
index 0000000000..23d5646235
--- /dev/null
+++ b/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch
@@ -0,0 +1,69 @@
+From 80dc2d410595b5193d32f965185710df27f3984e Mon Sep 17 00:00:00 2001
+From: Md Zain Hasib <hasibm@vmware.com>
+Date: Sat, 29 Jul 2023 11:01:35 +0530
+Subject: [PATCH] pam_pwhistory: fix passing NULL filename argument to
+ pwhistory helper
+
+This change fixes a bug when pwhistory_helper is invoked from
+pam_pwhistory with an NULL filename, pwhistory_helper receives a short
+circuited argc count of 3, ignoring the rest of the arguments passed
+due to filename being NULL. To resolve the issue, an empty string is
+passed in case the filename is empty, which is later changed back to
+NULL in pwhistory_helper so that it can be passed to opasswd to read
+the default opasswd file.
+
+* modules/pam_pwhistory/pam_pwhistory.c (run_save_helper,
+run_check_helper): Replace NULL filename argument with an empty string.
+* modules/pam_pwhistory/pwhistory_helper.c (main): Replace empty string
+filename argument with NULL.
+
+Fixes: 11c35109a67f ("pam_pwhistory: Enable alternate location for password history file (#396)")
+Signed-off-by: Dmitry V. Levin <ldv@strace.io>
+
+Upstream-Status: Backport
+[https://github.com/linux-pam/linux-pam/commit/80dc2d410595b5193d32f965185710df27f3984e]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ modules/pam_pwhistory/pam_pwhistory.c    | 4 ++--
+ modules/pam_pwhistory/pwhistory_helper.c | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c
+index 5a7fb811..98ddffce 100644
+--- a/modules/pam_pwhistory/pam_pwhistory.c
++++ b/modules/pam_pwhistory/pam_pwhistory.c
+@@ -141,7 +141,7 @@ run_save_helper(pam_handle_t *pamh, const char *user,
+       args[0] = (char *)PWHISTORY_HELPER;
+       args[1] = (char *)"save";
+       args[2] = (char *)user;
+-      args[3] = (char *)filename;
++      args[3] = (char *)((filename != NULL) ? filename : "");
+       DIAG_POP_IGNORE_CAST_QUAL;
+       if (asprintf(&args[4], "%d", howmany) < 0 ||
+           asprintf(&args[5], "%d", debug) < 0)
+@@ -228,7 +228,7 @@ run_check_helper(pam_handle_t *pamh, const char *user,
+       args[0] = (char *)PWHISTORY_HELPER;
+       args[1] = (char *)"check";
+       args[2] = (char *)user;
+-      args[3] = (char *)filename;
++      args[3] = (char *)((filename != NULL) ? filename : "");
+       DIAG_POP_IGNORE_CAST_QUAL;
+       if (asprintf(&args[4], "%d", debug) < 0)
+         {
+diff --git a/modules/pam_pwhistory/pwhistory_helper.c b/modules/pam_pwhistory/pwhistory_helper.c
+index 469d95fa..fb9a1e31 100644
+--- a/modules/pam_pwhistory/pwhistory_helper.c
++++ b/modules/pam_pwhistory/pwhistory_helper.c
+@@ -108,7 +108,7 @@ main(int argc, char *argv[])
+ 
+   option = argv[1];
+   user = argv[2];
+-  filename = argv[3];
++  filename = (argv[3][0] != '\0') ? argv[3] : NULL;
+ 
+   if (strcmp(option, "check") == 0 && argc == 5)
+     return check_history(user, filename, argv[4]);
+-- 
+2.25.1
+
diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb
index 2a53bb4cc5..ef32d19f3d 100644
--- a/meta/recipes-extended/pam/libpam_1.5.3.bb
+++ b/meta/recipes-extended/pam/libpam_1.5.3.bb
@@ -25,6 +25,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
            file://run-ptest \
            file://pam-volatiles.conf \
            file://0001-pam_namespace-include-stdint-h.patch \
+           file://0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch \
            "
 
 SRC_URI[sha256sum] = "7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283"
-- 
2.34.1

[OE-core][scarthgap 14/21] rng-tools: ignore incompatible-pointer-types errors for now

[Steve Sakoman]

From: Martin Jansa <martin.jansa@gmail.com>

* causes libargp test to fail:

http://errors.yoctoproject.org/Errors/Details/766951/

| configure: error: in '/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build':
| configure: error: libargp disabled and libc does not have argp

config.log shows:

configure:8424: x86_64-webos-linux-gcc  -m64 -march=nehalem -mtune=generic -mfpmath=sse -msse4.2 --sysroot=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot -o conftest  -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map  -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16  -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot=  -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot=  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot-native=   -DJENT_CONF_ENABLE_INTERNAL_TIMER   -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map  -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16  -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot=  -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot=  -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot-native=  conftest.c -ljitterentropy  >&5
conftest.c: In function 'main':
conftest.c:51:52: error: passing argument 3 of 'argp_parse' from incompatible pointer type [-Wincompatible-pointer-types]
   51 | int argc=1; char *argv={"test"}; argp_parse(0,argc,argv,0,0,0); return 0;
      |                                                    ^~~~
      |                                                    |
      |                                                    char *
In file included from conftest.c:47:
/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot/usr/include/argp.h:371:58: note: expected 'char ** restrict' but argument is of type 'char *'
  371 |                            int __argc, char **__restrict __argv,
      |                                        ~~~~~~~~~~~~~~~~~~^~~~~~

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 78d9cad294f335f6e5b18b0ca790a9e5723f0c41)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/rng-tools/rng-tools_6.16.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-support/rng-tools/rng-tools_6.16.bb b/meta/recipes-support/rng-tools/rng-tools_6.16.bb
index f0aa3ff93f..5b66e3badf 100644
--- a/meta/recipes-support/rng-tools/rng-tools_6.16.bb
+++ b/meta/recipes-support/rng-tools/rng-tools_6.16.bb
@@ -67,3 +67,7 @@ do_install:append() {
             ${D}${systemd_system_unitdir}/rng-tools.service
     fi
 }
+
+# libargp detection fails
+# http://errors.yoctoproject.org/Errors/Details/766951/
+CFLAGS += "-Wno-error=incompatible-pointer-types"
-- 
2.34.1

[OE-core][scarthgap 15/21] pcmanfm: Disable incompatible-pointer-types warning as error

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit af1290104b58693df69457454ac2a0d35a7e8c60)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb b/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb
index 0c5ed5e55e..fc913c86b3 100644
--- a/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb
+++ b/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb
@@ -27,6 +27,8 @@ inherit autotools pkgconfig features_check mime-xdg
 REQUIRED_DISTRO_FEATURES = "x11"
 
 EXTRA_OECONF = "--with-gtk=3"
+# GCC 14 finds extra incompatible pointer type warnings which are treated as errors
+CFLAGS += "-Wno-error=incompatible-pointer-types"
 
 do_install:append () {
 	install -d ${D}/${datadir}
-- 
2.34.1

[OE-core][scarthgap 16/21] devtool: ide-sdk: correct help typo

[Steve Sakoman]

From: Antonin Godard <antoningodard@pm.me>

Signed-off-by: Antonin Godard <antoningodard@pm.me>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 50e043387a2f0f9a5c2f7a5f914c465c830d329b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 scripts/lib/devtool/ide_sdk.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/lib/devtool/ide_sdk.py b/scripts/lib/devtool/ide_sdk.py
index 7807b322b3..65873b088d 100755
--- a/scripts/lib/devtool/ide_sdk.py
+++ b/scripts/lib/devtool/ide_sdk.py
@@ -1052,7 +1052,7 @@ def register_commands(subparsers, context):
     parser_ide_sdk.add_argument(
         '-I', '--key', help='Specify ssh private key for connection to the target')
     parser_ide_sdk.add_argument(
-        '--skip-bitbake', help='Generate IDE configuration but skip calling bibtake to update the SDK.', action='store_true')
+        '--skip-bitbake', help='Generate IDE configuration but skip calling bitbake to update the SDK', action='store_true')
     parser_ide_sdk.add_argument(
         '-k', '--bitbake-k', help='Pass -k parameter to bitbake', action='store_true')
     parser_ide_sdk.add_argument(
-- 
2.34.1

[OE-core][scarthgap 17/21] oeqa/selftest/recipetool: Fix for usrmerge in DISTRO_FEATURES

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

If usrmerge is in DISTRO_FEATURES, assumptions in one of the tests would
fail. Improve the test so it works in both cases.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 68a27d307a7042e242c49cf3d069469f40e09902)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/recipetool.py | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py
index aebea42502..126906df50 100644
--- a/meta/lib/oeqa/selftest/cases/recipetool.py
+++ b/meta/lib/oeqa/selftest/cases/recipetool.py
@@ -120,9 +120,15 @@ class RecipetoolAppendTests(RecipetoolBase):
         self._try_recipetool_appendfile_fail('/dev/console', self.testfile, ['ERROR: /dev/console cannot be handled by this tool'])
 
     def test_recipetool_appendfile_alternatives(self):
+        lspath = '/bin/ls'
+        dirname = "base_bindir"
+        if "usrmerge" in get_bb_var('DISTRO_FEATURES'):
+            lspath = '/usr/bin/ls'
+            dirname = "bindir"
+
         # Now try with a file we know should be an alternative
         # (this is very much a fake example, but one we know is reliably an alternative)
-        self._try_recipetool_appendfile_fail('/bin/ls', self.testfile, ['ERROR: File /bin/ls is an alternative possibly provided by the following recipes:', 'coreutils', 'busybox'])
+        self._try_recipetool_appendfile_fail(lspath, self.testfile, ['ERROR: File %s is an alternative possibly provided by the following recipes:' % lspath, 'coreutils', 'busybox'])
         # Need a test file - should be executable
         testfile2 = os.path.join(self.corebase, 'oe-init-build-env')
         testfile2name = os.path.basename(testfile2)
@@ -131,12 +137,12 @@ class RecipetoolAppendTests(RecipetoolBase):
                          'SRC_URI += "file://%s"\n' % testfile2name,
                          '\n',
                          'do_install:append() {\n',
-                         '    install -d ${D}${base_bindir}\n',
-                         '    install -m 0755 ${WORKDIR}/%s ${D}${base_bindir}/ls\n' % testfile2name,
+                         '    install -d ${D}${%s}\n' % dirname,
+                         '    install -m 0755 ${WORKDIR}/%s ${D}${%s}/ls\n' % (testfile2name, dirname),
                          '}\n']
-        self._try_recipetool_appendfile('coreutils', '/bin/ls', testfile2, '-r coreutils', expectedlines, [testfile2name])
+        self._try_recipetool_appendfile('coreutils', lspath, testfile2, '-r coreutils', expectedlines, [testfile2name])
         # Now try bbappending the same file again, contents should not change
-        bbappendfile, _ = self._try_recipetool_appendfile('coreutils', '/bin/ls', self.testfile, '-r coreutils', expectedlines, [testfile2name])
+        bbappendfile, _ = self._try_recipetool_appendfile('coreutils', lspath, self.testfile, '-r coreutils', expectedlines, [testfile2name])
         # But file should have
         copiedfile = os.path.join(os.path.dirname(bbappendfile), 'coreutils', testfile2name)
         result = runCmd('diff -q %s %s' % (testfile2, copiedfile), ignore_status=True)
-- 
2.34.1

[OE-core][scarthgap 18/21] oeqa/selftest/devtool: Fix for usrmerge in DISTRO_FEATURES

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

If usrmerge is in DISTRO_FEATURES, assumptions in one of the tests would
fail. Improve the test so it works in both cases.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit afa211746a2aa1993a54cc5a5e1937679341da8e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/devtool.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py
index 44a2a50f2e..fc08906117 100644
--- a/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/meta/lib/oeqa/selftest/cases/devtool.py
@@ -1792,6 +1792,8 @@ class DevtoolExtractTests(DevtoolBase):
         # Definitions
         testrecipe = 'mdadm'
         testfile = '/sbin/mdadm'
+        if "usrmerge" in get_bb_var('DISTRO_FEATURES'):
+            testfile = '/usr/sbin/mdadm'
         testimage = 'oe-selftest-image'
         testcommand = '/sbin/mdadm --help'
         # Build an image to run
-- 
2.34.1

[OE-core][scarthgap 19/21] python3-bcrypt: drop python3-six from RDEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudnimar@noxmedical.com>

Python 2.7 support was dropped in version 3.2.0 and
python3-six dependency was subsequently dropped in version 3.2.1

Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 50757cc95b3062f11a7455af33e7a7e74ea1d0f7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb b/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb
index 93fa645f33..57b08b3700 100644
--- a/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb
+++ b/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb
@@ -33,5 +33,4 @@ RDEPENDS:${PN}:class-target += "\
     python3-cffi \
     python3-ctypes \
     python3-shell \
-    python3-six \
 "
-- 
2.34.1

[OE-core][scarthgap 20/21] python3-pyopenssl: drop python3-six from RDEPENDS

[Steve Sakoman]

From: Guðni Már Gilbert <gudnimar@noxmedical.com>

Python 2.7 support was dropped in version 22.0.0
python3-six was dropped as a dependency in 22.0.0

Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6eab37a0cdcc6071f79aa5c8198df0b2ba23dd7a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb b/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb
index 9ea3075482..116f214bfa 100644
--- a/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb
+++ b/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb
@@ -15,7 +15,6 @@ FILES:${PN}-tests = "${libdir}/${PYTHON_DIR}/site-packages/OpenSSL/test"
 
 RDEPENDS:${PN}:class-target = " \
     python3-cryptography \
-    python3-six \
     python3-threading \
 "
 RDEPENDS:${PN}-tests = "${PN}"
-- 
2.34.1

[OE-core][scarthgap 21/21] curl: locale-base-en-us isn't glibc-specific

[Steve Sakoman]

From: Ross Burton <ross.burton@arm.com>

The musl-locales package provides this too, so we can depend without a
libc override.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c8f1d51f4eb6df6c041707d38f60549d13ddab7f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/curl/curl_8.7.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb
index c74416d7e9..3fdad6a4cf 100644
--- a/meta/recipes-support/curl/curl_8.7.1.bb
+++ b/meta/recipes-support/curl/curl_8.7.1.bb
@@ -120,6 +120,7 @@ do_install_ptest() {
 
 RDEPENDS:${PN}-ptest += " \
 	bash \
+	locale-base-en-us \
 	perl-module-b \
 	perl-module-base \
 	perl-module-cwd \
@@ -135,7 +136,6 @@ RDEPENDS:${PN}-ptest += " \
 	perl-module-storable \
 	perl-module-time-hires \
 "
-RDEPENDS:${PN}-ptest:append:libc-glibc = " locale-base-en-us"
 
 PACKAGES =+ "lib${BPN}"
 
-- 
2.34.1

[OE-core][scarthgap 00/21] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, November 25

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2755

The following changes since commit 471adaa5f77fa3b974eab60a2ded48e360042828:

  build-appliance-image: Update to scarthgap head revision (2025-11-17 17:00:25 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Alexander Kanavin (1):
  goarch.bbclass: do not leak TUNE_FEATURES into crosssdk task
    signatures

Gyorgy Sarvari (2):
  musl: patch CVE-2025-26519
  glslang: fix compiling with gcc15

Hongxu Jia (1):
  spdx30: Provide software_packageUrl field in SPDX 3.0 SBOM

Hugo SIMELIERE (1):
  sqlite3: patch CVE-2025-7709

Osama Abdelkader (3):
  go: add sdk test
  go: extend runtime test
  go: remove duplicate arch map in sdk test

Ovidiu Panait (1):
  rust-target-config: fix nativesdk-libstd-rs build with baremetal

Peter Marko (4):
  spdx30: fix cve status for patch files in VEX
  oeqa: fix package detection in go sdk tests
  oeqa: drop unnecessary dependency from go runtime tests
  oeqa/sdk/buildepoxy: skip test in eSDK

Ross Burton (5):
  xserver-xorg: remove redundant patch
  xserver-xorg: fix CVE-2025-62229 CVE-2025-62230 CVE-2025-62231
  testsdk: allow user to specify which tests to run
  oe/sdk: fix empty SDK manifests
  lib/oe/go: document map_arch, and raise an error on unknown
    architecture

Yogita Urade (3):
  xwayland: fix CVE-2025-62229
  xwayland: fix CVE-2025-62230
  xwayland: fix CVE-2025-62231

 meta/classes-recipe/goarch.bbclass            |   3 +
 .../classes-recipe/rust-target-config.bbclass |   3 +-
 meta/classes-recipe/testsdk.bbclass           |   3 +
 meta/classes/create-spdx-3.0.bbclass          |   5 +
 meta/lib/oe/go.py                             |   6 +-
 meta/lib/oe/sdk.py                            |   3 +-
 meta/lib/oe/spdx30_tasks.py                   |  16 ++-
 meta/lib/oeqa/files/test.go                   |   7 ++
 meta/lib/oeqa/runtime/cases/go.py             |  66 +++++++++++
 meta/lib/oeqa/sdk/cases/buildepoxy.py         |   4 +
 meta/lib/oeqa/sdk/cases/go.py                 | 107 ++++++++++++++++++
 meta/lib/oeqa/sdk/testsdk.py                  |   3 +-
 meta/lib/oeqa/sdkext/testsdk.py               |   3 +-
 .../musl/musl/CVE-2025-26519-1.patch          |  39 +++++++
 .../musl/musl/CVE-2025-26519-2.patch          |  38 +++++++
 meta/recipes-core/musl/musl_git.bb            |   4 +-
 ...uilder.h-add-missing-cstdint-include.patch |  30 +++++
 .../glslang/glslang_1.3.275.0.bb              |   1 +
 ...-duplicate-definitions-of-IOPortBase.patch |  28 -----
 ...after-free-in-present_create_notifie.patch |  91 +++++++++++++++
 ...ke-the-RT_XKBCLIENT-resource-private.patch |  63 +++++++++++
 ...KB-resource-when-freeing-XkbInterest.patch |  92 +++++++++++++++
 ...-Prevent-overflow-in-XkbSetCompatMap.patch |  53 +++++++++
 .../xorg-xserver/xserver-xorg_21.1.18.bb      |   7 +-
 .../xwayland/xwayland/CVE-2025-62229.patch    |  89 +++++++++++++++
 .../xwayland/CVE-2025-62230-0001.patch        |  60 ++++++++++
 .../xwayland/CVE-2025-62230-0002.patch        |  89 +++++++++++++++
 .../xwayland/xwayland/CVE-2025-62231.patch    |  50 ++++++++
 .../xwayland/xwayland_23.2.5.bb               |   4 +
 .../sqlite/sqlite3/CVE-2025-7709.patch        |  33 ++++++
 meta/recipes-support/sqlite/sqlite3_3.45.3.bb |   1 +
 31 files changed, 964 insertions(+), 37 deletions(-)
 create mode 100644 meta/lib/oeqa/files/test.go
 create mode 100644 meta/lib/oeqa/sdk/cases/go.py
 create mode 100644 meta/recipes-core/musl/musl/CVE-2025-26519-1.patch
 create mode 100644 meta/recipes-core/musl/musl/CVE-2025-26519-2.patch
 create mode 100644 meta/recipes-graphics/glslang/glslang/0001-SPIRV-SpvBuilder.h-add-missing-cstdint-include.patch
 delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-Avoid-duplicate-definitions-of-IOPortBase.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-present-Fix-use-after-free-in-present_create_notifie.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0002-xkb-Make-the-RT_XKBCLIENT-resource-private.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0003-xkb-Free-the-XKB-resource-when-freeing-XkbInterest.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0004-xkb-Prevent-overflow-in-XkbSetCompatMap.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62229.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62230-0001.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62230-0002.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62231.patch
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch

-- 
2.43.0

[OE-core][scarthgap 00/21] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, June 4

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6993

with two exceptions, the first a known reproducibility issue also present
on master:

https://bugzilla.yoctoproject.org/show_bug.cgi?id=15491

and the second is a failure on meta-agl-core, which will require an update
to the ptest-runner override in meta-agl once "ptest-runner: Bump to 2.4.4 (95f528c)"
merges.


The following changes since commit 0795169be206f1d4d140fe378e2476a44d0ce02b:

  oeqa/selftest/debuginfod: use localpkgfeed to speed server startup (2024-05-19 13:50:01 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Archana Polampalli (5):
  ghostscript: fix CVE-2024-33870
  ghostscript: fix CVE-2024-33869
  ghostscript: fix CVE-2024-33871
  ghostscript: fix CVE-2024-29510
  xserver-xorg: upgrade 21.1.11 -> 21.1.12

Changqing Li (1):
  ptest-runner: Bump to 2.4.4 (95f528c)

Julien Stephan (2):
  devtool: standard: update-recipe/finish: fix update localfile in
    another layer
  oeqa/selftest/devtool: add test for updating local files into another
    layer

Khem Raj (3):
  llvm: Upgrade to 18.1.4
  llvm: Upgrade to 18.1.5
  llvm: Switch to using release tarballs

Marek Vasut (1):
  gstreamer1.0-plugins-good: Include qttools-native during the build
    with qt5 PACKAGECONFIG

Mark Hatle (1):
  gcc: Fix for CVE-2024-0151

Peter Marko (2):
  ttyrun: define CVE_PRODUCT
  update-rc.d: add +git to PV

Philip Lorenz (2):
  lib/package_manager/ipk: Do not hardcode payload compression algorithm
  ipk: Fix clean up of extracted IPK payload

Rasmus Villemoes (1):
  git: set --with-gitconfig=/etc/gitconfig for -native builds

Ricardo Simoes (1):
  libusb1: Set CVE_PRODUCT

Soumya Sambu (1):
  ncurses: Fix CVE-2023-45918

Yogita Urade (1):
  libarchive: upgrade 3.7.2 -> 3.7.4

 meta/lib/oe/package_manager/ipk/__init__.py   |  14 +-
 meta/lib/oeqa/selftest/cases/devtool.py       |  20 +-
 .../ncurses/files/CVE-2023-45918.patch        | 180 ++++++++++
 meta/recipes-core/ncurses/ncurses_6.4.bb      |   1 +
 meta/recipes-core/ttyrun/ttyrun_2.31.0.bb     |   2 +
 .../update-rc.d/update-rc.d_0.8.bb            |   1 +
 meta/recipes-devtools/gcc/gcc-13.2.inc        |   1 +
 .../gcc/gcc/CVE-2024-0151.patch               | 315 ++++++++++++++++++
 meta/recipes-devtools/git/git_2.44.0.bb       |   1 +
 .../llvm/{llvm_git.bb => llvm_18.1.5.bb}      |  13 +-
 .../ghostscript/CVE-2024-29510.patch          |  84 +++++
 .../ghostscript/CVE-2024-33869-0001.patch     |  39 +++
 .../ghostscript/CVE-2024-33869-0002.patch     |  52 +++
 .../ghostscript/CVE-2024-33870.patch          |  99 ++++++
 .../ghostscript/CVE-2024-33871.patch          |  43 +++
 .../ghostscript/ghostscript_10.02.1.bb        |   5 +
 .../libarchive/libarchive/configurehack.patch |  19 +-
 ...ibarchive_3.7.2.bb => libarchive_3.7.4.bb} |   2 +-
 ...org_21.1.11.bb => xserver-xorg_21.1.12.bb} |   2 +-
 .../gstreamer1.0-plugins-good_1.22.11.bb      |   2 +-
 meta/recipes-support/libusb/libusb1_1.0.27.bb |   2 +
 ...-runner_2.4.3.bb => ptest-runner_2.4.4.bb} |   2 +-
 scripts/lib/devtool/standard.py               |  23 +-
 23 files changed, 888 insertions(+), 34 deletions(-)
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-45918.patch
 create mode 100644 meta/recipes-devtools/gcc/gcc/CVE-2024-0151.patch
 rename meta/recipes-devtools/llvm/{llvm_git.bb => llvm_18.1.5.bb} (93%)
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871.patch
 rename meta/recipes-extended/libarchive/{libarchive_3.7.2.bb => libarchive_3.7.4.bb} (96%)
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.11.bb => xserver-xorg_21.1.12.bb} (92%)
 rename meta/recipes-support/ptest-runner/{ptest-runner_2.4.3.bb => ptest-runner_2.4.4.bb} (95%)

-- 
2.34.1

[OE-core][scarthgap 00/21] Patch review

[Steve Sakoman]

Please review this set of changes for scarthgap and have comments back by
end of day Wednesday, May 22

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6937

The following changes since commit 294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916:

  build-appliance-image: Update to scarthgap head revision (2024-05-09 04:47:57 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Adriaan Schmidt (1):
  libcgroup_3.1.0: fix build on non-systemd systems

Jose Quaresma (2):
  go: Drop the linkmode completely
  Revert "goarch: disable dynamic linking globally"

Kai Kang (1):
  webkitgtk: 2.44.0 -> 2.44.1

Martin Hundebøll (1):
  classes: image_types: apply EXTRA_IMAGECMD:squashfs* in
    oe_mksquashfs()

Mingli Yu (1):
  ncurses: Fix CVE-2023-50495

Peter Marko (6):
  openssl: patch CVE-2024-4603
  glib-2.0: Upgrade 2.78.4 -> 2.78.5
  glib-2.0: Upgrade 2.78.5 -> 2.78.6
  glibc: Update to latest on stable 2.39 branch
  glibc: Update to latest on stable 2.39 branch
  glibc: correct license

Ralph Siemsen (1):
  uboot-sign: fix loop in do_uboot_assemble_fitimage

Ross Burton (3):
  lib/oe/package-manager: allow including self in create_packages_dir
  selftest/classes: add localpkgfeed class
  oeqa/selftest/debuginfod: use localpkgfeed to speed server startup

Sven Schwermer (2):
  recipetool: Handle unclean response in go resolver
  recipetool: Handle several go-import tags in go resolver

Trevor Gamblin (1):
  patchtest: test_metadata: fix invalid escape sequences

Wang Mingyu (1):
  llvm: upgrade 18.1.2 -> 18.1.3

Zev Weiss (1):
  bash: Fix file-substitution error-handling bug

 meta-selftest/classes/localpkgfeed.bbclass    |  27 ++
 meta/classes-recipe/go.bbclass                |   2 -
 meta/classes-recipe/goarch.bbclass            |  14 +-
 meta/classes-recipe/image_types.bbclass       |  20 +-
 meta/classes-recipe/uboot-sign.bbclass        |   2 +-
 meta/lib/oe/package_manager/__init__.py       |   9 +-
 meta/lib/oeqa/selftest/cases/debuginfod.py    |  14 +-
 meta/lib/patchtest/tests/test_metadata.py     |   4 +-
 .../openssl/openssl/CVE-2024-4603.patch       | 179 +++++++++++
 .../openssl/openssl_3.2.1.bb                  |   1 +
 .../glib-2.0/glib-2.0/fix-regex.patch         |  54 ----
 ...{glib-2.0_2.78.4.bb => glib-2.0_2.78.6.bb} |   3 +-
 meta/recipes-core/glibc/glibc-common.inc      |   2 +-
 meta/recipes-core/glibc/glibc-version.inc     |   2 +-
 ...y-the-header-between-arm-and-aarch64.patch |  47 ++-
 ...e-Pass-mcpu-along-with-march-to-dete.patch |  62 ----
 ...ss.patch => 0023-qemu-stale-process.patch} |   0
 meta/recipes-core/glibc/glibc_2.39.bb         |   7 +-
 ...akefile-install-systemd.h-by-default.patch |  37 +++
 .../recipes-core/libcgroup/libcgroup_3.1.0.bb |   1 +
 .../ncurses/files/CVE-2023-50495.patch        | 301 ++++++++++++++++++
 meta/recipes-core/ncurses/ncurses_6.4.bb      |   1 +
 meta/recipes-devtools/go/go-runtime.inc       |   2 +-
 ...r-sort-ClassInfo-lists-by-name-as-we.patch |   6 +-
 .../bash/bash/fix-filesubst-errexit.patch     |  34 ++
 meta/recipes-extended/bash/bash_5.2.21.bb     |   1 +
 ...af379dc70b4b1a63b01d67179eb431f03ac4.patch |  38 ---
 ...ebkitgtk_2.44.0.bb => webkitgtk_2.44.1.bb} |   3 +-
 scripts/lib/recipetool/create_go.py           |  34 +-
 29 files changed, 685 insertions(+), 222 deletions(-)
 create mode 100644 meta-selftest/classes/localpkgfeed.bbclass
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch
 delete mode 100644 meta/recipes-core/glib-2.0/glib-2.0/fix-regex.patch
 rename meta/recipes-core/glib-2.0/{glib-2.0_2.78.4.bb => glib-2.0_2.78.6.bb} (95%)
 delete mode 100644 meta/recipes-core/glibc/glibc/0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch
 rename meta/recipes-core/glibc/glibc/{0024-qemu-stale-process.patch => 0023-qemu-stale-process.patch} (100%)
 create mode 100644 meta/recipes-core/libcgroup/libcgroup/0001-include-Makefile-install-systemd.h-by-default.patch
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch
 create mode 100644 meta/recipes-extended/bash/bash/fix-filesubst-errexit.patch
 delete mode 100644 meta/recipes-sato/webkit/webkitgtk/2922af379dc70b4b1a63b01d67179eb431f03ac4.patch
 rename meta/recipes-sato/webkit/{webkitgtk_2.44.0.bb => webkitgtk_2.44.1.bb} (98%)

-- 
2.34.1