Integrating the following commit(s) to linux-yocto/.:
0816d0a6984 qemuarma15: add ARM_PATCH_PHYS_VIRT
(From OE-Core rev: 80dd08fb9685ae04e4c9f99d9dd32d9044efe8f2)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 732d1ee4bc824cb52fab4327601efdb1558b6d9c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating to the latest korg -stable release that comprises
the following commits:
ecda77b46871 Linux 6.1.56
8c515d4f2d66 ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL
a3c1da448353 mm, memcg: reconsider kmem.limit_in_bytes deprecation
b8901b6c2e9b memcg: drop kmem.limit_in_bytes
ee335e0094ad drm/meson: fix memory leak on ->hpd_notify callback
b60028c81e46 drm/amdkfd: Use gpu_offset for user queue's wptr
48a22f13fb1b fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
69e61ee8ea8a power: supply: ab8500: Set typing and props
c038ebffbb48 power: supply: rk817: Add missing module alias
69dd84470b4d drm/i915/gt: Fix reservation address in ggtt_reserve_guc_top
60d2e06ad6e3 ata: libata-sata: increase PMP SRST timeout to 10s
886f387db1e6 ata: libata-core: Do not register PM operations for SAS ports
5cfbe6da8354 ata: libata-core: Fix port and device removal
0b7aaf2058ba ata: libata-core: Fix ata_port_request_pm() locking
f555a508087a fs/smb/client: Reset password pointer to NULL
1983fd78701a net: thunderbolt: Fix TCPv6 GSO checksum calculation
4fb56e82d939 bpf: Fix BTF_ID symbol generation collision in tools/
4f1e3e02777b bpf: Fix BTF_ID symbol generation collision
b1041cab4726 bpf: Add override check to kprobe multi link attach
09635bf4cdd4 media: uvcvideo: Fix OOB read
d6a749e4cab2 btrfs: properly report 0 avail for very full file systems
f3ad8874541d ring-buffer: Update "shortest_full" in polling
6bacdb914a99 mm: memcontrol: fix GFP_NOFS recursion in memory.high enforcement
a5569bb18752 mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy()
9a4fe81a8644 mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()
68a63a077e02 arm64: defconfig: remove CONFIG_COMMON_CLK_NPCM8XX=y
b29756aefe03 drm/tests: Fix incorrect argument in drm_test_mm_insert_range
a90eafbf165f timers: Tag (hr)timer softirq as hotplug safe
f32340c70eb9 Revert "SUNRPC dont update timeout value on connection reset"
1e4c03d530d8 netfilter: nf_tables: fix kdoc warnings after gc rework
49903f70d728 sched/rt: Fix live lock between select_fallback_rq() and RT push
787256ec9b44 kernel/sched: Modify initial boot task idle setup
afa2bbd682c7 ASoC: amd: yc: Fix non-functional mic on Lenovo 82QF and 82UG
829ff08be566 i2c: i801: unregister tco_pdev in i801_probe() error path
75c307d9f2fb io_uring/fs: remove sqe->rw_flags checking from LINKAT
06fba8a8dea2 ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES
476fd029e700 ata: libata-scsi: link ata port and scsi device
490f3b805ee3 LoongArch: numa: Fix high_memory calculation
7bc8585aa071 LoongArch: Define relocation types for ABI v2.10
f04ded9ae268 ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre M70q
9af8bb2afea3 netfilter: nf_tables: disallow rule removal from chain binding
980663f1d189 nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
e14f68a48fd4 serial: 8250_port: Check IRQ data before use
c61d0b87a702 Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux"
37435ddfadc6 misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to probe
5d6613ed2b7d mptcp: fix bogus receive window shrinkage with multiple subflows
00c27bffdba6 KVM: x86/mmu: Do not filter address spaces in for_each_tdp_mmu_root_yield_safe()
cd41db6cb285 KVM: x86/mmu: Open code leaf invalidation from mmu_notifier
733d7a5451fc KVM: SVM: Fix TSC_AUX virtualization setup
e86a3a622633 KVM: SVM: INTERCEPT_RDTSCP is never intercepted anyway
6ce2f297a716 x86/srso: Add SRSO mitigation for Hygon processors
811ba2ef0cb6 x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race
f90f4c562003 iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range
a09446ac0414 smack: Retrieve transmuting information in smack_inode_getsecurity()
cbb16d0f4996 smack: Record transmuting in smk_transmuted
4b8ef68e39d2 nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
1d7bc76b5849 scsi: qla2xxx: Fix NULL pointer dereference in target mode
1a51d35ba729 wifi: ath11k: Don't drop tx_status when peer cannot be found
a60768c05b58 nvme-pci: do not set the NUMA node of device if it has none
6b2165cae403 nvme-pci: factor out a nvme_pci_alloc_dev helper
69bc295d0e0b nvme-pci: factor the iod mempool creation into a helper
9ebee88a8911 perf build: Define YYNOMEM as YYNOABORT for bison < 3.81
8e85af2c682e fbdev/sh7760fb: Depend on FB=y
f105e893a8ed LoongArch: Set all reserved memblocks on Node#0 at initialization
146ba159f5a6 tsnep: Fix NAPI polling with budget 0
78ac1e7dec24 tsnep: Fix NAPI scheduling
b09c1359e4f0 net: hsr: Add __packed to struct hsr_sup_tlv.
97788f0757bd ncsi: Propagate carrier gain/loss events to the NCSI controller
c93aa8cfaec4 powerpc/watchpoints: Annotate atomic context in more places
3632e9fd82d0 powerpc/watchpoint: Disable pagefaults when getting user instruction
16722418cbe3 powerpc/watchpoints: Disable preemption in thread_change_pc()
ee8bbb2a31d3 ASoC: SOF: Intel: MTL: Reduce the DSP init timeout
3608be186ae5 NFSv4.1: fix zero value filehandle in post open getattr
e9f05ae6f636 media: vb2: frame_vector.c: replace WARN_ONCE with a comment
28c369324922 ASoC: imx-rpmsg: Set ignore_pmdown_time for dai_link
1c88886587d3 memblock tests: fix warning ‘struct seq_file’ declared inside parameter list
729757fe9718 memblock tests: fix warning: "__ALIGN_KERNEL" redefined
53618d56bfe4 firmware: cirrus: cs_dsp: Only log list of algorithms in debug build
110e6f575028 ASoC: cs42l42: Don't rely on GPIOD_OUT_LOW to set RESET initially low
cbc43ddd5ce2 ASoC: cs42l42: Ensure a reset pulse meets minimum pulse width.
019f01f81887 ALSA: hda: intel-sdw-acpi: Use u8 type for link index
92f24f98d5ff bpf: Clarify error expectations from bpf_clone_redirect
60446b5e7486 spi: intel-pci: Add support for Granite Rapids SPI serial flash
12716449289e ASoC: fsl: imx-pcm-rpmsg: Add SNDRV_PCM_INFO_BATCH flag
85ca138f922c spi: stm32: add a delay before SPI disable
84592ec591be spi: nxp-fspi: reset the FLSHxCR1 registers
d5ae9d9f0c41 ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
2132ea3f9f5a smb3: correct places where ENOTSUPP is used instead of preferred EOPNOTSUPP
2259e1901b2d scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command
82f575a7e811 scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command
6e392ff88476 riscv: errata: fix T-Head dcache.cva encoding
91b6845ef387 drm/amdgpu: Handle null atom context in VBIOS info ioctl
ad3c37f90bae drm/amdgpu/nbio4.3: set proper rmmio_remap.reg_offset for SR-IOV
cca15a827907 drm/amdgpu/soc21: don't remap HDP registers for SR-IOV
b9971393d4c9 drm/amd/display: Don't check registers, if using AUX BL control
49bdfc83c74a thermal/of: add missing of_node_put()
d6a68f163246 platform/x86: asus-wmi: Support 2023 ROG X16 tablet mode
d1f916c6eb0c platform/mellanox: mlxbf-bootctl: add NET dependency into Kconfig
dfbcef80dda9 ata: sata_mv: Fix incorrect string length computation in mv_dump_mem()
797d75bd575c net/smc: bugfix for smcr v2 server connect success statistic
b08a4938229d ring-buffer: Do not attempt to read past "commit"
baa1634bc936 selftests: fix dependency checker script
45ad79c9cb50 btrfs: assert delayed node locked when removing delayed item
11054f0b889f ring-buffer: Avoid softlockup in ring_buffer_resize()
a687e817d814 selftests/ftrace: Correctly enable event in instance-event.tc
5fb322df090e scsi: ufs: core: Poll HCS.UCRDY before issuing a UIC command
81a6cdfcfd23 scsi: ufs: core: Move __ufshcd_send_uic_cmd() outside host_lock
843348f9e4aa scsi: qedf: Add synchronization between I/O completions and abort
655e9d209c06 parisc: irq: Make irq_stack_union static to avoid sparse warning
8a2c2630e18d parisc: drivers: Fix sparse warning
60caeaf090d5 parisc: iosapic.c: Fix sparse warnings
632e0fcf409b parisc: sba: Fix compile warning wrt list of SBA devices
be90c9e29dd5 nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid()
36b29974a7ad spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain
e15bb292b246 spi: sun6i: reduce DMA RX transfer width to single byte
5685f8a6fae1 bpf: Annotate bpf_long_memcpy with data_race
be8f49029eca dma-debug: don't call __dma_entry_alloc_check_leak() under free_entries_lock
89744b649144 ceph: drop messages from MDS when unmounting
1375d9600c38 x86/reboot: VMCLEAR active VMCSes before emergency reboot
85fafa7ef0ac i2c: npcm7xx: Fix callback completion ordering
0d6c2f0942c3 gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip
e578a26084eb firmware: arm_ffa: Don't set the memory region attributes for MEM_LEND
099cfc6e5d1b arm64: dts: imx: Add imx8mm-prt8mm.dtb to build
328efccc7847 soc: imx8m: Enable OCOTP clock for imx8mm before reading registers
aab681bcb13a selftests/powerpc: Fix emit_tests to work with run_kselftest.sh
763f029f8c0f selftests/powerpc: Pass make context to children
b9dc3d6b761d selftests/powerpc: Use CLEAN macro to fix make warning
fe6406238d5a power: supply: rk817: Fix node refcount leak
1005010b732b xtensa: boot/lib: fix function prototypes
6438653ad1f2 xtensa: umulsidi3: fix conditional expression
45661247d117 xtensa: boot: don't add include-dirs
fca1b09645e5 xtensa: iss/network: make functions static
b4e666fa38fd xtensa: add default definition for XCHAL_HAVE_DIV32
7cad56459964 firmware: imx-dsp: Fix an error handling path in imx_dsp_setup_channels()
33ed60d8b961 power: supply: ucs1002: fix error code in ucs1002_get_property()
1ec48a9fac7d bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart wake-up
dd19672aaac4 ARM: dts: ti: omap: motorola-mapphone: Fix abe_clkctrl warning on boot
fe1379c0f61d ARM: dts: Unify pinctrl-single pin group nodes for omap4
16455bed4f86 ARM: dts: Unify pwm-omap-dmtimer node names
4ccb05618b4d ARM: dts: ti: omap: Fix bandgap thermal cells addressing for omap3/4
fe4da07a7f1b ARM: dts: omap: correct indentation
ea4efaf54685 clk: tegra: fix error return case for recalc_rate
efad31b6c062 clk: sprd: Fix thm_parents incorrect configuration
1ea6975aa68a power: supply: mt6370: Fix missing error code in mt6370_chg_toggle_cfo()
64adb41644fc firmware: arm_scmi: Fixup perf power-cost/microwatt support
a135c8813815 firmware: arm_scmi: Harden perf domain info access
3a21635aed62 bus: ti-sysc: Fix missing AM35xx SoC matching
771eb7c3f3fb bus: ti-sysc: Use fsleep() instead of usleep_range() in sysc_reset()
e6389d61b720 drm/bridge: ti-sn65dsi83: Do not generate HFP/HBP/HSA and EOT packet
404b8bc41872 spi: spi-gxp: BUG: Correct spi write return value
d3dc8acb60f8 MIPS: Alchemy: only build mmc support helpers if au1xmmc is enabled
c01b2e0ee22e vfio/mdev: Fix a null-ptr-deref bug for mdev_unregister_parent()
cca10592ffd5 btrfs: reset destination buffer when read_extent_buffer() gets invalid range
cdfcaa4e8043 drm/amdkfd: Insert missing TLB flush on GFX10 and later
9becfff9f91e drm/amdkfd: Flush TLB after unmapping for GFX v9.4.3
52c7b41ad6ee scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()
35c02a333d52 scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called
3a8ac77a70cc wifi: ath11k: Cleanup mac80211 references on failure during tx_complete
1cccd28aa591 wifi: ath11k: fix tx status reporting in encap offload mode
dc1ab6577475 arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved
03b808058a88 s390/pkey: fix PKEY_TYPE_EP11_AES handling in PKEY_CLR2SECK2 IOCTL
a84ac8995ac7 f2fs: get out of a repeat loop when getting a locked data page
8b3b859bf8be f2fs: optimize iteration over sparse directories
3134156e3421 ARM: dts: qcom: msm8974pro-castor: correct touchscreen syna,nosleep-mode
064f57151dff ARM: dts: qcom: msm8974pro-castor: correct touchscreen function names
21e5e3c3f71c ARM: dts: qcom: msm8974pro-castor: correct inverted X of touchscreen
05951f5c26b4 ARM: dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
226590fbd967 ARM: dts: BCM5301X: Extend RAM to full 256MB for Linksys EA6500 V2
70a1df9e0b44 i2c: xiic: Correct return value check for xiic_reinit()
fb9cfb28bdde i2c: mux: gpio: Add missing fwnode_handle_put()
976c8c1c4073 i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
50a096aab61f gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
908b3b5e97d2 cifs: Fix UAF in cifs_demultiplex_thread()
7e4f49cd2bd7 proc: nommu: fix empty /proc/<pid>/maps
1d45e6d9951d proc: nommu: /proc/<pid>/maps: release mmap read lock
c5c9ee388723 igc: Expose tx-usecs coalesce setting to user
cae59ae73106 octeontx2-pf: Do xdp_do_flush() after redirects.
98ebbdefe490 bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
26f1829c8538 net: ena: Flush XDP packets on error.
d64e738adc5c locking/seqlock: Do the lockdep annotation before locking in do_write_seqcount_begin_nested()
987a7f5311ba i915/pmu: Move execlist stats initialization to execlist specific setup
ea5a61d58886 netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
c4b0facd5c20 netfilter: nf_tables: disable toggling dormant table state more than once
51fa66024a5e net: rds: Fix possible NULL-pointer dereference
2f0acb0736ec team: fix null-ptr-deref when team device type is changed
89f9f20b1cbd net: bridge: use DEV_STATS_INC()
69d7eef31ee1 net: hns3: add 5ms delay before clear firmware reset irq source
b1b85b3d767e net: hns3: fix fail to delete tc flower rules during reset issue
d3f7af41de52 net: hns3: only enable unicast promisc when mac table full
ed6a0b21b6ac net: hns3: fix GRE checksum offload issue
430f18eed1c1 net: hns3: add cmdq check for vf periodic service task
adbcec23c842 x86/srso: Fix SBPB enablement for spec_rstack_overflow=off
755195b2d2df x86/srso: Fix srso_show_state() side effect
7f301aa243b9 platform/x86: intel_scu_ipc: Fail IPC send if still busy
b34121a8fec1 platform/x86: intel_scu_ipc: Don't override scu in intel_scu_ipc_dev_simple_command()
962444595841 platform/x86: intel_scu_ipc: Check status upon timeout in ipc_wait_for_interrupt()
98a5a7f344fa platform/x86: intel_scu_ipc: Check status after timeout in busy_loop()
8ef5cc6b4ef0 net: hsr: Properly parse HSRv1 supervisor frames.
eef16bfdb212 x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer()
73be49248a04 dccp: fix dccp_v4_err()/dccp_v6_err() again
c2019f0a6816 powerpc/perf/hv-24x7: Update domain value check
5734d22c9ea0 scsi: iscsi_tcp: restrict to TCP sockets
2712545e535d ipv4: fix null-deref in ipv4_link_failure
54228157fb57 igc: Fix infinite initialization loop with early XDP redirect
40b5032c9951 ionic: fix 16bit math issue when PAGE_SIZE >= 64KB
f2c6e5945da5 netfilter, bpf: Adjust timeouts of non-confirmed CTs in bpf_ct_insert_entry()
d98bad2998fd i40e: Fix VF VLAN offloading when port VLAN is configured
0546cd573404 iavf: schedule a request immediately after add/delete vlan
00bbedbd7c5a iavf: add iavf_schedule_aq_request() helper
16fd3c37d1ca ASoC: SOF: core: Only call sof_ops_free() on remove if the probe was successful
211aac2ef6ff iavf: do not process adminq tasks when __IAVF_IN_REMOVE_TASK is set
65976385d49f octeon_ep: fix tx dma unmap len values in SG
66823a9025bc ASoC: imx-audmix: Fix return error with devm_clk_get()
ee79256b1615 ASoC: hdaudio.c: Add missing check for devm_kstrdup
488ea2a3e266 net/core: Fix ETH_P_1588 flow dissector
bf560c8a83ca selftests: tls: swap the TX and RX sockets in some tests
f5a75b3d31d3 netfilter: conntrack: fix extension size table
09424e88126e ALSA: hda/realtek: Splitting the UX3402 into two separate models
1698854b03a5 ASoC: rt5640: Fix IRQ not being free-ed for HDA jack detect mode
293e4920f715 ASoC: rt5640: Revert "Fix sleep in atomic context"
e388671635ac bpf: Avoid deadlock when using queue and stack maps from NMI
1e01b127685f netfilter: nf_tables: disallow element removal on anonymous sets
7a7fd891022a ASoC: meson: spdifin: start hw on dai probe
7e5d732e6902 netfilter: nf_tables: fix memleak when more than 255 elements expired
be4fbbbcd2f2 netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
973288e9d988 netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
8c643a8e040d netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
92b4b4bde940 netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
9a8c544158f6 netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
a42ac74c9666 netfilter: nf_tables: defer gc run if previous batch is still pending
620e594be334 netfilter: nf_tables: use correct lock to protect gc_list
5d319f7a8143 netfilter: nf_tables: GC transaction race with abort path
afa584c35065 netfilter: nf_tables: GC transaction race with netns dismantle
41113aa5698a netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
59ee68c437c5 netfilter: nf_tables: don't fail inserts if duplicate has expired
0b9af4860a61 netfilter: nf_tables: remove busy mark and gc batch API
4ead4f74b3a9 netfilter: nft_set_hash: mark set element as dead when deleting from packet path
df650d6a4bf4 netfilter: nf_tables: adapt set backend to use GC transaction API
ea3eb9f2192e netfilter: nf_tables: GC transaction API to avoid race with control plane
59dab3bf0b8f netfilter: nf_tables: don't skip expired elements during walk
6bb88a0344c0 ext4: do not let fstrim block system suspend
b4d5db1c77fa ext4: move setting of trimmed bit into ext4_try_to_trim_range()
1e3c25df7d40 ext4: replace the traditional ternary conditional operator with with max()/min()
39c4a9522db0 btrfs: remove BUG() after failure to insert delayed dir index item
0d1a761dec22 btrfs: improve error message after failure to add delayed dir index item
dbf1a7198505 dm: fix a race condition in retrieve_deps
df9950d37df1 netfs: Only call folio_start_fscache() one time for each folio
2d9757480b43 media: via: Use correct dependency for camera sensor drivers
ae68541d5285 media: v4l: Use correct dependency for camera sensor drivers
a997d583571b NFSv4.1: fix pnfs MDS=DS session trunking
f86a2c2ea085 NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
839e07de9a0a SUNRPC: Mark the cred for revalidation if the server rejects it
13acbca81eee NFS/pNFS: Report EINVAL errors from connect() to the server
edd1f0614510 NFS: More fixes for nfs_direct_write_reschedule_io()
d4729af1c73c NFS: Use the correct commit info in nfs_join_page_group()
1f49386d6779 NFS: More O_DIRECT accounting fixes for error paths
4d98038e5bd9 NFS: Fix O_DIRECT locking issues
f16fd0b11f0f NFS: Fix error handling for O_DIRECT write scheduling
(From OE-Core rev: c7fa56add3c55d17f1b2242602d9833461e14b7c)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5d66067b39e7f9d442d44d8025fe20a0fa7efba7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This release fixes the following CVEs:
- CVE-2023-43788
- CVE-2023-43789
(From OE-Core rev: b4596281de1f96fdf6533ab4caa957f1eaeff756)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 46dd8ce41756dbc2aa0f9001416f208cced1c8d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This incorporates fixes for the following CVEs:
- CVE-2023-43785
- CVE-2023-43786
- CVE-2023-43787
(From OE-Core rev: 79f9c062df37ca15649d41bb6501e6fab2d73114)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a1534bb34b680bfc5cb2f35b5fd5a0c2afed6368)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
1.26.17 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests
when redirecting to a different host. As before, different headers can
be set via Retry.remove_headers_on_redirect. (CVE-2023-43804)
1.26.16 (2023-05-23)
Fixed thread-safety issue where accessing a PoolManager with many
distinct origins would cause connection pools to be closed while
requests are in progress (#2954)
(From OE-Core rev: 7466db00ca2f884cf58504c3910b858a87f33128)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This allows building detailed vulnerability analysis tools without
relying on external resources.
(From OE-Core rev: 587ae7bc85fc471d927308d866821d463799023d)
Signed-off-by: Antoine Lubineau <antoine.lubineau@easymile.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 048ff0ad927f4d37cc5547ebeba9e0c221687ea6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(From OE-Core rev: 7300254fdb6659c0a7462c64133f893d1a152850)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous CVE-2023-30630_1.patch picked only the patch
"dmidecode: Write the whole dump file at once" d8cfbc808f.
But there was a refactoring which does not allow to cherry-pick it fast
forward. Resolving this conflict was not correctly done. The patch was:
+ u32 len;
+ u8 *table;
...
- if (!(opt.flags & FLAG_QUIET))
- pr_comment("Writing %d bytes to %s.", crafted[0x05],
- opt.dumpfile);
- write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1);
+ dmi_table_dump(crafted, crafted[0x05], table, len);
It looks like the variables len and table have been added without
initialization.
Now this problem is solved by applying the previous refactoring as
well. Patch 1 gets replaced by Patch 1a and Patch 1b. Patch 2..4 are
rebased without changes.
This is basically the same patch as in kirkstone:
ea069a94a2 dmidecode: fixup for CVE-2023-30630
(From OE-Core rev: 0bc69dc078c39381a39789d3c5fff673d7da994c)
Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(From OE-Core rev: a1138dfc1e9394966dcca8f6259767a8ce5ca4cb)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add a SECURITY.md file with hints for security researchers and other
parties who might report potential security vulnerabilities.
(From meta-yocto rev: c8f27eaa00fdd1a2594aaa70695373f608ff30bb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a SECURITY.md file with hints for security researchers and other
parties who might report potential security vulnerabilities.
(Bitbake rev: 973aa73b9f1f542f4a636cf8eca733b4df5a778f)
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
TUI mode needs terminfo at runtime, which is required to be
explicitly stated in the respective PACKAGECONFIG variable.
Without this change /etc/terminfo/ might be missing, which
leads to a runtime error when trying to use tui, e.g.:
(gdb) tui enable
Cannot enable the TUI: error opening terminal [TERM=xterm-256color]
(From OE-Core rev: 266944eb216912b7b2a935360aa51cd79847a071)
Signed-off-by: Stefan Tauner <stefan.tauner@artech.at>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f17bc03a0c2d894e43c3c835fa38a24b1d5df64)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
assertTrue is a problematic call use in test cases since when it fails,
you just get an unhelpful "False is not True" message.
Replace some uses with assertIn/assertNotIn which will give more helpful results
and for the rest, add msg entries which given more helpful debugging.
For example, this patch would help debugging of #15176.
(From OE-Core rev: 52a2455ba7d91d404fc2c4568c805cf1fbe2b2ad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 35d4c39e0df1a304f557471151a03d1e4b0f30c7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The soup.cross file is only created when building for target so only
tell meson to read it when it exists. This allows libsoup-2.4-native to
be built again.
(From OE-Core rev: d52003dd13cb17e32ccfa717f8462c8301334dd1)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4acbd2269931b500846d56885c3304d244e514f8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Piping results through sed may mask failures that sed isn't catching.
(From OE-Core rev: 687989f2ee2204643157e04a976d3310018a3bb3)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2b1b0e9e4d5011e7c2fd1b59fc277a7cfdc41194)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This brings them from 15 minutes to just over 4.
(From OE-Core rev: 3cd99ff32da3bb85d7ee278fec69504a12c1f715)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9eeee78aa94aaa441da012aeb904a0f1cbcd4d91)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
strace is one of the slowest tests otherwise (can take 40 minutes or more),
and this brings it to under 10 minutes \0/
(From OE-Core rev: 30b6692ef4a12958419c94b96e3fc5a50e8a7ad6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c632b418a785494318d9f375a07d879772e8ced)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
I'm not sure if this was reported correctly before, but it
currently is not. Test that is stuck is an error in itself.
(From OE-Core rev: f2989e8f87b8793b03fe13254f8214e495008527)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 002e27c9932a83e46be0b03a5232594cfba7212c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Don't ignore return values from the git command lines. If something goes
wrong, fail the test right away.
(From OE-Core rev: 776053f4af19e9c2de7ce725e6ec94312028fa7f)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dfc178a70d6fa60e89d4716f05d68e2c72c6ecd3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Use correct HTTPService parameters like apt.py when setting up the repo
server. These work with qemu tun and slirp networking. Fixes test
failure with slirp networking when executing testimage.bbclass
selftests "oe-selftest -r runtime_test.TestImage".
(From OE-Core rev: 68f0100b779bac1788818320f8aa64d79e3db3c2)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
(cherry picked from commit 764424df2f4b6bf0e89fb20b4253a7601468f70d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The udev rule has been removed but the comment has kept, by
mistake. Remove it.
Fixes: dd83fb40f7 ("weston-init: Stop running weston as root")
Tested-by: Tom Hochstein <tom.hochstein@nxp.com>
(From OE-Core rev: 35367d029fedc78724396d94abd899e4bd8bef0c)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8aa3d43fa1c53cdce45ec88a49f27b076d3812ac)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
qemu itself is not helpful when render nodes exist, but can't be opened:
qemu-system-x86_64: egl: render node init failed
To fix this, users likely need to
* modprobe vgem (presence when physical graphic card is absent or has a driver without
support for render nodes, such as many older cards found in server machines)
* add their user to "render" group to write to /dev/dri/renderD* (permissions)
With this change runqemu should print hints for the above as appropriate from probing the nodes.
(From OE-Core rev: 12ae43abbc4e7d6184198a912487ace3a4e66e50)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit acd85925cb197b7a31a25b60e8de762e2c3697ef)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Services which broadcast an invalid service type will cause the browse
to fail. Instead of failing, replace the service type and continue.
(From OE-Core rev: 273aed0462728508506a4c65d367d583a86a54c3)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e581da6c4db21312833395e96b48e868a202f0f9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Running either of these ends up corrupting the os.execv args.
If we run:
./scripts/nativesdk-intercept/chown -R foo:foo bar
The loop here ends up missing the conversion of foo:foo to root:root because
it sees sys.argv[0] and assumes that it's the user:group argument and that we
should convert that. We end up a os.execv(path, args) that have the following
args:
['root:root', '-R', 'foo:foo', 'bar']
As os.execv ignores args[0], we can just populate it with sys.argv[0] and then
loop through sys.argv[1:]. As both chgrp and chown would have either flags and
USER[:GROUP] next, this fixes the issue.
(From OE-Core rev: e27982afaed33e5823962f7fefe6f709c10e9107)
Signed-off-by: Eilís 'pidge' Ní Fhlannagáin <pidge@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a75f647ec7696d353f4b09099d777ba53f34d36)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This includes CVE fix for CVE-2023-5441.
(From OE-Core rev: 7166f503211c39542d828aa3fef5006dccf2c07a)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* Support stop/parity bits on serial port
* Add needed system headers in checks and return values for implicit function declarations
* Fixes:
- Avoid zombies after shell exit
- Missed signal sending permission check on failed query messages (CVE-2023-24626)
- manpage fixes
- source code fixes during cleanup
- UTF-8 encoding can emit invalid UTF-8 sequences for out of range unicode values
Remove patches; they are merged upstream or backported.
(From OE-Core rev: 224f1929b92b38993e5f50100ce6306f63ee8ade)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2566f8e51d56848d8b28f37462160e90253b79fc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
==========
wireless-regdb: update regulatory database based on preceding changes
wireless-regdb: Update regulatory rules for Australia (AU) for June 2023
wireless-regdb: Update regulatory info for Türkiye (TR)
wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidel...
wireless-regdb: Update regulatory rules for Philippines (PH)
(From OE-Core rev: c1ae47b562460e82d94a94a2009c4cb50aa1daa9)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f5edb6904bf16a9c52a9b124aeb5297487cd716)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
• Avoid a dbus-daemon crash if re-creating a connection's policy fails.
• If getting the groups from a user ID fails, report the error correctly,
instead of logging "(null)"
• Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs
field for processes with a valid-but-empty supplementary group list
(From OE-Core rev: 67ddf87d3286007a68071685d28a8f9e1ce7f3fa)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit aeabd6dd4e65e5cc31f4c2acc5cc46ea03737bed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the Curl package. This flaw allows an attacker to insert
cookies into a running program using libcurl if the specific series of conditions are met.
(From OE-Core rev: a6c5931192a1315cfc5f708585d22bc7bed9f7fd)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.
(From OE-Core rev: 9b0867861a9c053f19bdb99bd6cba44ee5cb64e1)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The patch is copied from kirkstone. master has advanced
to ghostscript 10.02.0 which includes the fix.
(From OE-Core rev: 80a9b54ca94a9fe5818daa1cd03ae8035043e1e8)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Adds an additional note about some of the side effects that can occur if
recipes are not reproducible and hash equivalence is enabled.
(From yocto-docs rev: 968ac9807466df775f18fca050070170d3ed8585)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The proper way to inherit the testimage class is now
IMAGE_CLASSES += "testimage"
so change lines with 'INHERIT += "testimage"' to match. This makes the
dev-manual consistent with the migration guide, which already specifies
that the old way causes an error.
(From yocto-docs rev: 4d660551a6547ffe216e53402759baef424c4da2)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Explicitly disable the tests and vapi support instead of relying on
defaults and missing dependencies.
(From OE-Core rev: c451a9cb6adbc9480dacd81e935a0b9369f22e07)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 575e2e29e00bb4492e7ee7f10b753e3f17982caa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A dependency on coreutils was added to busybox-ptest in oe-core 658c5ed
to fix a test failure.
The failure is because one of the start-stop-daemon tests is known to
fail if /bin/false is busybox. Instead of failing, we can check if
/bin/false is a symlink to busybox and skip the test if so.
[ YOCTO #15068 ]
(From OE-Core rev: 12fc32351ff6e42d0b5f9ce679793a8875d3447a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 37482e404cf4dcf9360c29986ced8db78baf249b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
It's not a warning but a handled case and layer gets added
automatically. Very few build configs have this layer enabled
by default.
(From OE-Core rev: 70d2ceea48ef6ec04675e4e6a9c48ebc5bb78f52)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
(cherry picked from commit 9a2493ea83f0b30578a819de05108502aaadc7f5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
wayland-utils has optional libdrm support, so add a PACKAGECONFIG and
enable it.
(From OE-Core rev: 0ba10930f73e4b0c2896afd326229fc6ae460f51)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c6c488c259d1f38a05a71e576ca2f32d412413f1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
