Updating to the latest korg -stable release that comprises
the following commits:
58f42ed1cd31 Linux 5.4.241
879593643717 xfs: force log and push AIL to clear pinned inodes when aborting mount
c76dd368759a xfs: don't reuse busy extents on extent trim
4679b73a8ed4 xfs: consider shutdown in bmapbt cursor delete assert
9355fd118b4e xfs: shut down the filesystem if we screw up quota reservation
48f75df5b3bb xfs: report corruption only as a regular error
3cce34ceb2ef xfs: set inode size after creating symlink
e76bd6da5123 xfs: fix up non-directory creation in SGID directories
ad6613c98463 xfs: remove the di_version field from struct icdinode
ca4533c951e1 xfs: simplify a check in xfs_ioctl_setattr_check_cowextsize
e078b3de3e41 xfs: simplify di_flags2 inheritance in xfs_ialloc
0c553917b61a xfs: only check the superblock version for dinode size calculation
90aab52d062c xfs: add a new xfs_sb_version_has_v3inode helper
edd36a57b4a6 xfs: remove the kuid/kgid conversion wrappers
3ef81874f71c xfs: remove the icdinode di_uid/di_gid members
cc508a41ae48 xfs: ensure that the inode uid/gid match values match the icdinode ones
7a9dc7977140 xfs: merge the projid fields in struct xfs_icdinode
4f3252e7e132 xfs: show the proper user quota options
799cafa4f304 coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
440bdc49f744 watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
70ca826d3ddb i2c: ocores: generate stop condition after timeout in polling mode
5fb5bdcdcd5a ubi: Fix deadlock caused by recursively holding work_sem
0b27716f2d44 mtd: ubi: wl: Fix a couple of kernel-doc issues
e55588c44255 ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
a652c30fa2ba asymmetric_keys: log on fatal failures in PE/pkcs7
5809dbacc431 verify_pefile: relax wrapper length check
0213f027d030 drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
b3052e5d468b efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
02a78e653933 i2c: imx-lpi2c: clean rx/tx buffers upon new message
1ef56397449e power: supply: cros_usbpd: reclassify "default case!" as debug
7169d1638824 net: macb: fix a memory corruption in extended buffer descriptor mode
c39fa0398a30 udp6: fix potential access to stale information
9c46c49ad3ff RDMA/core: Fix GID entry ref leak when create_ah fails
ad831a7079c9 sctp: fix a potential overflow in sctp_ifwdtsn_skip
afffe0d1e6b9 qlcnic: check pci_reset_function result
a841f6a0a39d niu: Fix missing unwind goto in niu_alloc_channels()
fcd084e199b9 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
1b77cb6f5e4a mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
4c1d882b53a3 mtd: rawnand: meson: fix bitmask for length in command word
266746003439 mtdblock: tolerate corrected bit-flips
50dbfd9dacda btrfs: fix fast csum implementation detection
c6db5f2a31cd btrfs: print checksum type and implementation at mount time
8a99e6200c38 Bluetooth: Fix race condition in hidp_session_thread
c02421992505 Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
9025cea8e03b ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
4d419195d6b8 ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex()
fe158eeccc38 ALSA: i2c/cs8427: fix iec958 mixer control deactivation
aa23fa32e5ff ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
62ccf2e0b106 ALSA: emu10k1: fix capture interrupt handler unlinking
9a3ba7b24d08 Revert "pinctrl: amd: Disable and mask interrupts on resume"
2945f948aa84 irqdomain: Fix mapping-creation race
e8f3aea716d2 irqdomain: Refactor __irq_domain_alloc_irqs()
3804f265c1bf irqdomain: Look for existing mapping only once
e7bba7ddb431 mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
fd644712bccd ring-buffer: Fix race while reader and writer are on the same page
c208b4321e8f drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
c381527918b1 net_sched: prevent NULL dereference if default qdisc setup failed
987f599fc556 tracing: Free error logs of tracing instances
d2136f05690c can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
5a74a75fc3d3 ftrace: Mark get_lock_parent_ip() __always_inline
95bbfeb4ff0e perf/core: Fix the same task check in perf_event_set_output
666c25d35e5e ALSA: hda/realtek: Add quirk for Clevo X370SNW
83b16a60e413 nilfs2: fix sysfs interface lifetime
613bf23c070d nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
aa8e50688d44 tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty
aabba4440409 tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
209ab5c234c5 tty: serial: sh-sci: Fix transmit end interrupt handler
9a2a6443d655 iio: dac: cio-dac: Fix max DAC write value check for 12-bit
e469ebb28dbe iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
abc5b4f8cdff USB: serial: option: add Quectel RM500U-CN modem
b9c11537efcf USB: serial: option: add Telit FE990 compositions
38c00a22d67b usb: typec: altmodes/displayport: Fix configure initial pin assignment
f417d3fea3de USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
47132be17d7b xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
5fccf2c546ed NFSD: callback request does not use correct credential for AUTH_SYS
3686380d9d60 sunrpc: only free unix grouplist after RCU settles
1627119153d9 gpio: davinci: Add irq chip flag to skip set wake
0cf600ca1bdf ipv6: Fix an uninit variable access bug in __ip6_make_skb()
0443fff49d63 sctp: check send stream number after wait_for_sndbuf
93f3885211ae net: don't let netpoll invoke NAPI if in xmit context
0d2fa30078af icmp: guard against too small mtu
a3593082e0da wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
4220f83b9f03 pwm: sprd: Explicitly set .polarity in .get_state()
6e1f29397dea pwm: cros-ec: Explicitly set .polarity in .get_state()
dbd764e9d422 pinctrl: amd: Disable and mask interrupts on resume
dd7e19f97f71 pinctrl: amd: disable and mask interrupts on probe
3f3e4bd3f0cc pinctrl: amd: Use irqchip template
387236b9e002 smb3: fix problem with null cifs super block with previous patch
2e64d7b182c6 treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
199197660bdd Revert "treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()"
522af69af24f cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
4311ae04b386 x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
110d425cdfb1 scsi: ses: Handle enclosure with just a primary component gracefully
(From OE-Core rev: 41eacaf738d753632fb17031e58dc898f2290a61)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating to the latest korg -stable release that comprises
the following commits:
32bea3bac5ca Linux 5.4.240
4d4cb7663613 gfs2: Always check inode size of inline inodes
928240c36891 firmware: arm_scmi: Fix device node validation for mailbox transport
0f5c0e0a4c0b net: sched: fix race condition in qdisc_graft()
22d95b544924 net_sched: add __rcu annotation to netdev->qdisc
14b6ad56df25 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
9b189af3577e btrfs: scan device in non-exclusive mode
45a9877d6cc3 s390/uaccess: add missing earlyclobber annotations to __clear_user()
0c6df5364798 drm/etnaviv: fix reference leak when mmaping imported buffer
37958ac31fe2 ALSA: usb-audio: Fix regression on detection of Roland VS-100
6dabafd82968 ALSA: hda/conexant: Partial revert of a quirk for Lenovo
f3a67268784c NFSv4: Fix hangs when recovering open state after a server reboot
c81e2965a9e0 pinctrl: at91-pio4: fix domain name assignment
82c25ac3a258 xen/netback: don't do grant copy across page boundary
99c8ba920fc2 Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
657d7c215ca9 cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
03af69bd674d cifs: prevent infinite recursion in CIFSGetDFSRefer()
51d657371106 Input: focaltech - use explicitly signed char type
f0f85f5e402b Input: alps - fix compatibility with -funsigned-char
7e71d4d190df pinctrl: ocelot: Fix alt mode for ocelot
70728d639efb net: mvneta: make tx buffer array agnostic
704e06b97920 net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
fd7cff506614 bnxt_en: Fix typo in PCI id to device description string mapping
58279cea0b10 i40e: fix registers dump after run ethtool adapter self test
5195de1d5f66 s390/vfio-ap: fix memory leak in vfio_ap device driver
78bc7f0ab994 can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
105cc2683282 net/net_failover: fix txq exceeding warning
e633fd26abfd regulator: Handle deferred clk
be7b622cd63f regulator: fix spelling mistake "Cant" -> "Can't"
46c4993a1514 ptp_qoriq: fix memory leak in probe()
c122daa0fa4c scsi: megaraid_sas: Fix crash after a double completion
317c07d382b1 mtd: rawnand: meson: invalidate cache on polling ECC bit
d65de5ee8b72 mips: bmips: BCM6358: disable RAC flush for TP1
9690e34f2247 dma-mapping: drop the dev argument to arch_sync_dma_for_*
f6e2d76aa362 ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()
856fb74f601a fbdev: au1200fb: Fix potential divide by zero
deef33c08104 fbdev: lxfb: Fix potential divide by zero
4f5cc5ffa8c5 fbdev: intelfb: Fix potential divide by zero
868f247e47ef fbdev: nvidia: Fix potential divide by zero
f3359f5fc9b7 sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
521877bf2651 fbdev: tgafb: Fix potential divide by zero
7f12f99b8017 ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
9155a5958ed0 ALSA: asihpi: check pao in control_message()
88a3c63a9635 md: avoid signed overflow in slot_store()
9966fc59d3a0 bus: imx-weim: fix branch condition evaluates to a garbage value
d121f7883a17 fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
4c24eb49ab44 ocfs2: fix data corruption after failed write
0c0e566f0387 tun: avoid double free in tun_free_netdev
d253120a580a sched/fair: Sanitize vruntime of entity being migrated
c23928c70bc8 sched/fair: sanitize vruntime of entity being placed
885c28ceae7d dm crypt: add cond_resched() to dmcrypt_write()
4a32a9a818a8 dm stats: check for and propagate alloc_percpu failure
f8cbad984b16 i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
8f5cbf6a8c0e nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
4ae966a7f6a7 wifi: mac80211: fix qos on mesh interfaces
f558789a886c usb: chipidea: core: fix possible concurrent when switch role
6b3287b14739 usb: chipdea: core: fix return -EINVAL if request role is the same with current role
0b2a56fe4659 usb: cdns3: Fix issue with using incorrect PCI device function
e9e93fdfcefb dm thin: fix deadlock when swapping to thin device
cd1e320ac095 igb: revert rtnl_lock() that causes deadlock
123698a5c619 fsverity: Remove WQ_UNBOUND from fsverity read workqueue
0eda2004f38d usb: gadget: u_audio: don't let userspace block driver unbind
44f080d7d75a scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
223274d5c310 cifs: empty interface list when server doesn't support query interfaces
299a309b98df sh: sanitize the flags on sigreturn
f4c610f6ca13 net: usb: qmi_wwan: add Telit 0x1080 composition
e6b1fa6d0626 net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
04f4a1aa9410 scsi: lpfc: Avoid usage of list iterator variable after loop
11cdced6a03d scsi: ufs: core: Add soft dependency on governor_simpleondemand
54ec697e3ca8 scsi: target: iscsi: Fix an error message in iscsi_check_key()
97115221912c selftests/bpf: check that modifier resolves after pointer
2100e374251a m68k: Only force 030 bus error if PC not in exception table
d2b3bd0d4cad ca8210: fix mac_len negative array access
9e7723b684c0 riscv: Bump COMMAND_LINE_SIZE value to 1024
32518cd0fcc0 thunderbolt: Use const qualifier for `ring_interrupt_index`
b40fe2e1f91b uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2
9189f20b4c53 scsi: qla2xxx: Perform lockless command completion in abort path
da0383f0e86c hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
13493ad6a220 platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
a18fb433ceb5 Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work
b517808795d3 Bluetooth: btqcomsmd: Fix command timeout after setting BD address
dcd4d3646221 net: mdio: thunder: Add missing fwnode_handle_put()
707335918f73 hvc/xen: prevent concurrent accesses to the shared ring
83e442eba39b nvme-tcp: fix nvme_tcp_term_pdu to match spec
d673ae18406e net/sonic: use dma_mapping_error() for error check
b72f453e886a erspan: do not use skb_mac_header() in ndo_start_xmit()
82e07cc5a6ca atm: idt77252: fix kmemleak when rmmod idt77252
fd6f643dea07 net/mlx5: Read the TC mapping of all priorities on ETS query
d69c2ded95b1 bpf: Adjust insufficient default bpf_jit_limit
97674f4cd05e keys: Do not cache key in task struct if key is requested from kernel thread
f8ee2c8b0d0c net/ps3_gelic_net: Use dma_mapping_error
6d7e18b1d00a net/ps3_gelic_net: Fix RX sk_buff length
0e5c7d00ec4f net: qcom/emac: Fix use after free bug in emac_remove due to race condition
a07ec453e86a xirc2ps_cs: Fix use after free bug in xirc2ps_detach
42d72c6d1edc qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
f2111c791d88 net: usb: smsc95xx: Limit packet length to skb->len
5c4d71424df3 scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
283fdc5cfbeb i2c: imx-lpi2c: check only for enabled interrupt flags
90116b8289fd igbvf: Regard vf reset nack as success
584771762c3e intel/igbvf: free irq on the error path in igbvf_request_msix()
6999f854184e iavf: fix non-tunneled IPv6 UDP packet type and hashing
4e752d2baea3 iavf: fix inverted Rx hash condition leading to disabled hash
6fe078c2864b power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
754838aa0205 net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
09b1a76e7879 Linux 5.4.239
f0c95f229a67 selftests: Fix the executable permissions for fib_tests.sh
(From OE-Core rev: ff5d1f37b8a1bc7f51e95e5114890ee5185ff335)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating to the latest korg -stable release that comprises
the following commits:
6849d8c4a61a Linux 5.4.238
eb7716a054a6 HID: uhid: Over-ride the default maximum data buffer value with our own
b687ac70e66a HID: core: Provide new max_buffer_size attribute to over-ride the default
144019e81396 PCI: Unify delay handling for reset and resume
d2130f37a4a0 s390/ipl: add missing intersection check to ipl_report handling
3f5a833dca66 serial: 8250_em: Fix UART port type
c5afb97d1b51 drm/i915: Don't use stolen memory for ring buffers with LLC
8d26a4fecce5 x86/mm: Fix use of uninitialized buffer in sme_enable()
a976ff743eb1 fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
ac58b88ccbbb ftrace: Fix invalid address access in lookup_rec() when index is 0
65e4c9a6d0c9 KVM: nVMX: add missing consistency checks for CR0 and CR4
6fe55dce9dd6 tracing: Make tracepoint lockdep check actually test something
780f69a2685b tracing: Check field value in hist_field_name()
f1e3a20c6019 interconnect: fix mem leak when freeing nodes
325608ab60fa tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted
c16cbd8233d6 ext4: fix possible double unlock when moving a directory
6a1bd14d5e34 sh: intc: Avoid spurious sizeof-pointer-div warning
bbf5eada4334 drm/amdkfd: Fix an illegal memory access
2c96c52aeaa6 ext4: fix task hung in ext4_xattr_delete_inode
20ba6f8a8073 ext4: fail ext4_iget if special inode unallocated
ab519e29891d jffs2: correct logic when creating a hole in jffs2_write_begin
00bfc67c65a1 mmc: atmel-mci: fix race between stop command and start of next command
75f6faae2de6 media: m5mols: fix off-by-one loop termination error
9eb394919c97 hwmon: (ina3221) return prober error code
26c176ce9028 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition
13efd488d398 hwmon: (adt7475) Fix masking of hysteresis registers
0d3095e958f0 hwmon: (adt7475) Display smoothing attributes in correct order
674fce59d61d ethernet: sun: add check for the mdesc_grab()
71da5991b643 net/iucv: Fix size of interrupt data
e0d07a3203c3 net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
5c06bd3de134 ipv4: Fix incorrect table ID in IOCTL path
c4fcfbf80c3c block: sunvdc: add check for mdesc_grab() returning NULL
04c394208831 nvmet: avoid potential UAF in nvmet_req_complete()
9fabdd79051a net: usb: smsc75xx: Limit packet length to skb->len
b0c202a8dc63 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
668de67d4110 net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
5aaab217c8f5 net: tunnels: annotate lockless accesses to dev->needed_headroom
cba20ade78ef qed/qed_dev: guard against a possible division by zero
6e18f66b704b i40e: Fix kernel crash during reboot when adapter is in recovery mode
f0216046aeb8 ipvlan: Make skb->skb_iif track skb->dev for l3s mode
0f9c1f26d434 nfc: pn533: initialize struct pn533_out_arg properly
442aa78ed701 tcp: tcp_make_synack() can be called from process context
88c3d3bb6469 scsi: core: Fix a procfs host directory removal regression
4b4f5e34f08b scsi: core: Fix a comment in function scsi_host_dev_release()
0d59732f2a5b netfilter: nft_redir: correct value of inet type `.maxattrs`
90279211e96b ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
0b7057c52377 ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
5bb9fcaadb8c ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid
9efbdc743ded ALSA: hda - controller is in GPU on the DG1
fc52e51c2c30 ALSA: hda - add Intel DG1 PCI and HDMI ids
090305c36185 scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
b8849e31a056 docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate
9e45e4571576 clk: HI655X: select REGMAP instead of depending on it
dac08e46f0ad drm/meson: fix 1px pink line on GXM when scaling video overlay
d7e48aa17a81 cifs: Move the in_send statistic to __smb_send_rqst()
06c208002d0d drm/panfrost: Don't sync rpm suspension after mmu flushing
c9900d1d86f0 xfrm: Allow transport-mode states with AF_UNSPEC selector
4008fb9ad474 ext4: fix cgroup writeback accounting with fs-layer encryption
(From OE-Core rev: 175d05d717b972d9b6bf36f170bc6cfa69b57dce)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This test will fail any time the host has libdrm > 2.4.107
(From OE-Core rev: e4b98a42970574296e0da06842691b9fc1ffc9a1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This will use default values when no distribution is set.
[YOCTO #15086]
(From OE-Core rev: 1a28c6cfe0e6c4b44d01778f8034231040c6d4ad)
Signed-off-by: Thomas Roos <throos@amazon.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 888fe63b46efceeff08dbe8c4f66fec33d06cb7a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* otherwise it ends '<unknown>' inside esdk, because of parsing order:
# $METADATA_REVISION [3 operations]
# set /OE/build/test-D/conf/local.conf:43
# "f2da54ef432eac89b0f18eaad68e602b6990b5de"
# immediate /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:9
# "${@oe.buildcfg.detect_revision(d)}"
# set /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:10
# [vardepvalue] "${METADATA_REVISION}"
# pre-expansion value:
# "<unknown>"
METADATA_REVISION="<unknown>"
* This causes base-files.do_install and following tasks to have different
signatures between esdk and the build directory where this esdk was created:
bitbake-diffsigs {test-D,poky/build-uninative-disabled}/tmp/stamps/qemux86_64-poky-linux/base-files/*do_install*sigdata*
NOTE: Starting bitbake server...
basehash changed from 5b6981cf58bfd57d416b0e31611b73a26baae635dd1ac31c08d46f95064c3ffc to dbdce042da4d7813d632b6d1cc87a16f728ad20e55fecbc392830e6acf72babd
Variable METADATA_REVISION value changed from '<unknown>' to 'f2da54ef432eac89b0f18eaad68e602b6990b5de'
and an warning from "python3 /OE/build/test-D/ext-sdk-prepare.py" when eSDK is being prepared for use:
WARNING: The base-files:do_install sig is computed to be 83b9c9a6ef1145baac5a1e0d08814b9156af239c58fc42df95c25a9cd8a7f201,
but the sig is locked to 3dc22233059075978e5503691e98e79e7cc60db94259dfcd886bca2291c0add7 in SIGGEN_LOCKEDSIGS_t-qemux86-64
[RP: Add commit about why we need the override for future reference]
(From OE-Core rev: 8f0e2e505d11697d0a1280b0a77a3fe8d72a4d49)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 675ea7281c17f77bf5dea17cfd4d9da0928382a0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is a bit of a compatibility issue more than anything. Some devices
get upset if the FAT file system contains less blocks than the
partition.
The fixed-size argument is currently respected by the partition creation
step but not by the file system creation step. Let's make it so the file
system respects this value as well.
(From OE-Core rev: 2126242c19b0c3dea12c605da8b24b08a9cb803f)
Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit d16301ccdfb97bf126738262eec594008c282df1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
perf has need for python setuptools when scripting is enabled
from 6.0.0 onwards it seems to throw an explicit error
(From OE-Core rev: cfdaa6afaca28dd91c9738a97bb21eab5dae2817)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit da3d00178809bbf7cc453401e0c5937796ebc2c1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Due to signedness, the checksum is not computed when filesize is bigger
a 2GB. Pick a fix for this problem from CPIO ML, where the fix has been
posted for 5 years. Since CPIO upstream is effectively unresponsive and
any and all attempts to communicate with the maintainer and get the fix
applied upstream failed, add the fix here instead.
(From OE-Core rev: bfff138af4bdd356ac66571e6ad91c1a5599b935)
(From OE-Core rev: 0a8fb1c00e75e8434e0ef433d9074d54f038fba1)
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The CVE product name for PyPI packages is (usually) the same as the PyPI
package name (and not our recipe name), so use that as the default.
(From OE-Core rev: 1c37b96cd4fdfad21bf24b8b883e371c3bca56de)
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 61f6b0ad09bf87cdc2d3f08770b7c44cad1d0e58)
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The upstream patch for CVE-2023-27534 does three things:
1) creates new path with dynbuf(dynamic buffer)
2) solves the tilde error which causes CVE-2023-27534
3) modifies the below added functionality to not add a trailing "/" to the user home dir if it already ends with one with dynbuf.
dynbuf functionalities are added in curl in later versions and are not essential to fix the vulnerability but does add extra feature in later versions.
This patch completes the 3rd task of the patch which was implemented without using dynbuf
Upstream-Status: Backport from [6c51adeb71]
(From OE-Core rev: df489f644e41108cf0e2ff55af7ce5e9bca40471)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7,
2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding
specially crafted input to `git apply --reject`, a path outside the working
tree can be overwritten with partially controlled contents (corresponding to
the rejected hunk(s) from the given patch). A fix is available in versions
2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3,
and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying
patches from an untrusted source. Use `git apply --stat` to inspect a patch before
applying; avoid applying one that create a conflict where a link corresponding to
the `*.rej` file exists.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-25652
Upstream-Status: Backport from 9db05711c9
(From OE-Core rev: 6747482316b8f7839a09bf041d8c11b559f84b44)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8,
2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted
`.gitmodules` file with submodule URLs that are longer than 1024 characters can used
to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug
can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when
attempting to remove the configuration section associated with that submodule. When the
attacker injects configuration values which specify executables to run (such as
`core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code
execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8,
2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running
`git submodule deinit` on untrusted repositories or without prior inspection of any
submodule sections in `$GIT_DIR/config`.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29007
Upstream patches:
528290f8c629198213c9a5bb10fd5ee91cfe60853bb3d6bac5
(From OE-Core rev: db4c152441aebe4c04a7bb7aceb88d8941a6576b)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
If a package with a postsints script requires ldconfig, the package class adds
a ldconfig postinst fragment to initialize it before. Systemd has its own
ldconfig.service to initialize it and sometimes if both services are running
at the same time in the first boot, the first one will work, but the second
one will fail with the following error:
ldconfig[141]: /sbin/ldconfig: Renaming of /etc/ld.so.cache~ to /etc/ld.so.cache failed: No such file or directory
This commit adds a ordering dependency between them to make sure that only one
service is running at the same time.
(From OE-Core rev: 1bc254e7969f3d5470bacf9ad9f065d38b7b7fde)
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4e9d812e127dc6743f52f4881e509e8e2e833afe)
Signed-off-by: Jermain Horsman <jermain.horsman@nedap.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
BSD-4-Clause is only applicable to the {PN}-doc package as when I
check for the source code I find below files which only uses the
license BSD-4-Clause
~/sources/libbsd$ grep -rl "All advertising materials mentioning features or use of this software" *|grep -v \.1|grep -v \.5|grep -v \.8 | sort
COPYING
man/arc4random.3bsd
man/getprogname.3bsd
man/tree.3bsd
~/sources/libbsd$ grep -rnB6 "BSD-4"
COPYING-9-Files:
COPYING-10- man/arc4random.3bsd
COPYING-11- man/tree.3bsd
COPYING-12-Copyright:
COPYING-13- Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
COPYING-14- All rights reserved.
COPYING:15:License: BSD-4-clause-Niels-Provos
(From OE-Core rev: 187f1588240a0eb5cc753c2114fd6c0cef66e14f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Exclude CVEs that are fixed in current linux-yocto version v5.4.237.
To get the commit fixing a CVE, I used the Debian kernel-sec repo [1].
[1]: 86d5040aee
(From OE-Core rev: ec0f3e5869c596a308a164f93cb031e04034a8ed)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Avoid overwriting the read packet length after the initial test. Thus
move all the length checks which depends on the total length first
and do not use the total lenght from the IP packet afterwards.
Fixes CVE-2023-28488
Reported by Polina Smirnova <moe.hwr@gmail.com>
(From OE-Core rev: 47a9ae5592392bd10740e4571b06c8c739705058)
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c
(From OE-Core rev: 24c87e674db9c1d4a8922c3af78a0004c061e70f)
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add SDK_ZIP_OPTIONS to remove symbolic link creation in zip archive or add options, e.g. for encryption of the zip archive.
(From OE-Core rev: 04b62f9459b401c276255f166d0738b6f902a576)
(From OE-Core rev: b9e0c3ced645cab74b2488a26b8f656a94b2a6f5)
Signed-off-by: Christoph Lauer <christoph.lauer@xtronic.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A parsed MIME header is a map[string][]string. In the common case,
a header contains many one-element []string slices. To avoid
allocating a separate slice for each key, ReadMIMEHeader looks
ahead in the input to predict the number of keys that will be
parsed, and allocates a single []string of that length.
The individual slices are then allocated out of the larger one.
The prediction of the number of header keys was done by counting
newlines in the input buffer, which does not take into account
header continuation lines (where a header key/value spans multiple
lines) or the end of the header block and the start of the body.
This could lead to a substantial amount of overallocation, for
example when the body consists of nothing but a large block of
newlines.
Fix header key count prediction to take into account the end of
the headers (indicated by a blank line) and continuation lines
(starting with whitespace).
Thanks to Jakob Ackermann (@das7pad) for reporting this issue.
Fixes CVE-2023-24534
For #58975Fixes#59267
(From OE-Core rev: daa6aa9c7198a07322f1828a9db457fec86191cf)
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix CVE-2023-0464 for openssl
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit
this vulnerability by creating a malicious certificate chain that
triggers exponential use of computational resources, leading
to a denial-of-service(DoS) attack on affected systems.
Link: https://git.openssl.org/gitweb/?p=openssl.git;a=patch;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b
(From OE-Core rev: 0c50550e2c8fca3263776c2bb985a8c58b920b99)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Setting a large line or column number using a //line directive can cause
integer overflow even in small source files.
Limit line and column numbers in //line directives to 2^30-1, which
is small enough to avoid int32 overflow on all reasonbly-sized files.
(From OE-Core rev: d1943e6a0ec00653c81cd4c0bb0d6b7e0909094c)
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
encoding/xml: replace comments inside directives with a space
Backport from a9cfd55e2b
(From OE-Core rev: 76d855f3d2c250ac85ca6f24bf0e178fb32607f9)
Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE is specific to Microsoft Windows, ignore it.
Patch fixing it (https://go-review.googlesource.com/c/go/+/446916)
also adds a redundant check to generic os/exec which
could be backported but it should not be necessary as
backport always takes a small risk to break old code.
(From OE-Core rev: 4263f3fda59aacb4f159d2dffb52e5f66249b5e4)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below patch files to fix CVE-2023-26604
CVE-2023-26604-1.patch, CVE-2023-26604-2.patch and
CVE-2023-26604-3.patch and CVE-2023-26604-4.patch
make pager secure when under euid is changed or explicitly
requested
Reference:
CVE-2023-26604-1.patch:
612ebf6c91
CVE-2023-26604-2.patch:
1b5b507cd2
CVE-2023-26604-3.patch:
0a42426d79
CVE-2023-26604-4.patch:
b8f736b30e
(From OE-Core rev: 7880eb801dcee44a9e8920d249057492d1de6b12)
Signed-off-by: rajmohan r <rajmohan.r@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
path/filepath: do not Clean("a/../c:/b") into c:\b on Windows
Backport from bdf07c2e16
(From OE-Core rev: 70135bf04eb7173434a7240ddf11639d13aab003)
Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The patch for CVE-2021-3929 applied on dunfell returns a value for a
void function. This results in the following compiler warning/error:
hw/block/nvme.c:77:6: error: void function
'nvme_addr_read' should not return a value [-Wreturn-type]
return NVME_DATA_TRAS_ERROR;
^ ~~~~~~~~~~~~~~~~~~~~
In newer versions of qemu, the functions is changed to have a return
value, but that is not present in the version of qemu used in “dunfell”.
Backport some of the patches to correct this.
(From OE-Core rev: 4ad98f0b27615ad59ae61110657cf69004c61ef4)
Signed-off-by: Gaurav Gupta <gauragup@cisco.com>
Signed-off-by: Gaurav Gupta <gauragup@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
