The Parse function permits values other than IPv6 addresses to be included
in square brackets within the host component of a URL. RFC 3986 permits
IPv6 addresses to be included within the host component, enclosed within
square brackets. For example: "http://[::1]/". IPv4 addresses and hostnames
must not appear within square brackets. Parse did not enforce this requirement.
(From OE-Core rev: c5fc59eb87d0f92ba8596b7848d16d59773582a0)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When Conn.Handshake fails during ALPN negotiation the error contains attacker
controlled information (the ALPN protocols sent by the client) which is not escaped.
(From OE-Core rev: e734cf62f24640d116c901dd97e09ddbb1f0cc4f)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Validating certificate chains which contain DSA public keys can cause
programs to panic, due to a interface cast that assumes they implement
the Equal method. This affects programs which validate arbitrary certificate chains.
(From OE-Core rev: b532fa208d0b102326642a2fba8b17661a14307e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Due to the design of the name constraint checking algorithm, the processing
time of some inputs scals non-linearly with respect to the size of the certificate.
This affects programs which validate arbitrary certificate chains.
(From OE-Core rev: ce1626d1f1e232bc6da81e89088d0c0f5f3c52b4)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Parsing a maliciously crafted DER payload could allocate large amounts of memory,
causing memory exhaustion.
(From OE-Core rev: f27acc863ee34b56e2c49dc96ad2b58fb35e2d46)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When recreating the uri in wget's checkstatus method, we only use the
scheme, host and path. This completely strips the query parameters from
the final URI and potentially breaks the checking functionality for
URLs that require query parameters (such as the AZ fetcher with SAS
token).
This bug was resolved on master in
`096301250455e2a83bdd818a56317c62436c9981`.
This patch is adapted to the scarthgap branch.
CC: Steve Sakoman <steve@sakoman.com>
(Bitbake rev: 8dcf084522b9c66a6639b5f117f554fde9b6b45a)
Signed-off-by: Philippe-Alexandre Mathieu <pamathieu@poum.ca>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There is the following warning when executing to bitbake linux-yocto:
bitbake/lib/bb/fetch2/__init__.py:464: DeprecationWarning: 'count' is passed as positional argument
This is because the 4th parameter of re.sub(pattern, repl, string, count=0, flags=0)
is a keyword parameter. We use keyword arguments for parameters that are not positional.
(Bitbake rev: c2a54aceab4c75cea6f8be16fe6d0caed12b32c4)
Signed-off-by: Bin Lan <bin.lan.cn@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
kernel commit bfb713ea53c7 ("perf tools: Fix arm64 build by generating unistd_64.h")
introduces a new dependency on source files for arm64, specifically
include/uapi/asm-generic.
Build fails with:
[..]/perf/1.0/perf-1.0/scripts/Makefile.asm-headers:33: [...]/perf/1.0/perf-1.0/include/uapi/asm-generic/Kbuild: No such file or directory
make[4]: *** No rule to make target '[...]/perf/1.0/perf-1.0/include/uapi/asm-generic/Kbuild'. Stop.
Add the directory to PERF_SRC.
Fix whitespace error while at it.
(From OE-Core rev: 06d4981313ce67a8d53b1c14be9845b4b5a9f4cf)
Signed-off-by: Yannic Moog <y.moog@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Passing params as numbers to hwclock is broken in util-linux 2.39.3 due
to wrong pointer handling. So backport the fix from upstream included
since util-linux 2.41.
(From OE-Core rev: 3d8f88906f5560286462eaf55226b872e2805df7)
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An error occurred in backport commit
649147913e89cd8f7390cb17cd0be94c9710ffa6. The test file
is empty and has no functionality at all.
(From OE-Core rev: 0539a7869c4a3e28b3e7d0ab93fe07bfb9462d13)
Signed-off-by: Michael Haener <michael.haener@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick patches as listed in NVD CVE report.
Note that Debian lists one of the patches as introducing the
vulnerability. This is against what the original report [1] says.
Also the commit messages provide hints that the first patch fixes this
issue and second is fixing problem with the first patch.
[1] https://jvn.jp/en/jp/JVN19358384/
(From OE-Core rev: a157719ab349d9393d5a640bb2e45fc2489d5338)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Added by commit e478550c8cd8 ("openssl/fontconfig/bzip2: Use relative
symlinks instead of absolute ones (using a new class)") in OE-Core.
(From yocto-docs rev: a8687e4bb2e822670b6ad110613a12fa02943d3d)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c0dc554eba7d421023ecc68a70b7a19df38628b0)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Mention the use of USE_NLS, INHIBIT_DEFAULT_DEPS and the cross-canadian
class.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: b16f19e8004d571e7a6eadfa34983781ba6a7634)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit d877e54f1c85cefc00dd674d60f2db81446bd95a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Part of bitbake.conf, this variable allowing to enable or disable
translation was undocumented. Add a entry to the glossary.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: 675b776390c8079deb8f1912dac44b574688a9c7)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 92a55345a56b5038c0344669daaa7a3a99dd0fc0)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Can be used in recipes that want to explicitly skip Ccache support when
the ccache class is enabled.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: e4fb6cd20955046a397b63bfe57f6cb4020b9cbb)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit b1b4adc8d4d9d23ff6fd91bca632bb0f5277e72b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
- drop references to obsolete tar packaging format
- add references to apt and dpkg utilities for .deb packaging
- add reference to alternative "dnf" .rpm packaging
(From yocto-docs rev: d1331418317576b569ea2b046adf46ec7af8a15a)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit d4374ac86ebe7980908ed905018ccfb773ac666e)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This variable does not apply to the scope of a single recipe, but rather
to the scope of the entire layer.
(From yocto-docs rev: a86f2e5d291b86dbf56aefab08f4d3b0e5529801)
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit eec26e11adb6e3a9c4f53f825b9a1730c9ddee12)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The current autobuilder cluster is at valkyrie.yocto.io, published files
on autobuilder.yocto.io will be missing or out-of-date.
(From yocto-docs rev: b3b95e590248025d59a7cef311bb0abf207e72fb)
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 9ed06c070e309b52f1dbf8877867dcede79f4cb6)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE is for the tool which is removed in v4.6.0 via [1] and
re-introduced again in v4.7.0 via [2].
[1] eab89a627f
[2] 9ab54a8580
(From OE-Core rev: 1ff4b39374a5b328069a928e7234c3397769dc6f)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE: CVE-2025-8225
It is possible with fuzzed files to have num_debug_info_entries zero
after allocating space for debug_information, leading to multiple
allocations.
* dwarf.c (process_debug_info): Don't test num_debug_info_entries
to determine whether debug_information has been allocated,
test alloc_num_debug_info_entries.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4]
(From OE-Core rev: 7feed679262025b8405488d064e2c546a3ed7a0c)
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Prevent attackers to cause a denial of service (application crash) or
possibly have unspecified other impact when the application processes
untrusted LZ4 frames. For example, LZ4F_createCDict_advanced in
lib/lz4frame.c mishandles NULL checks.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-62813
Upstream patch:
f64efec011
(From OE-Core rev: 0a63e3e120cc6958e2963a3ad510ec7c03f1adae)
Signed-off-by: David Nyström <david.nystrom@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In native/nativesdk builds, sysconfdir refers to a recipe sysroot
directory, which will disappear once the workdir is cleaned up, breaking
libcurl's HTTPS connections.
By simply not setting --with-ca-bundle at all in non-target builds, curl
defaults to the host system's CA certificates, which is desirable anyways
to allow builds in environments that require local CA certificates.
(From OE-Core rev: 4909a46e93ba774c960c3d3c277e2a669af3fea6)
(From OE-Core rev: 0f98fecda8a0436f760e6fd9f3b7eb510e5258b8)
Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When building an image including iptable built with the libnftnl
PACKAGECONFIG, one hits
Downloading file:.../oe-rootfs-repo/armv8a/libkmod2 * check_data_file_clashes: Package iptables wants to install file .../rootfs/etc/ethertypes
But that file is already provided by package * netbase
This used to be handled by
0003-Makefile.am-do-not-install-etc-ethertypes.patch, but that patch
got removed with the 1.8.9->1.8.10 upgrade (commit 4616ada82e70).
I think the rationale for dropping the patch was wrong; the commit log
talks about xtables.conf, which is indeed gone from upstream, but said
patch didn't change anything about xtables.conf, it did
-dist_conf_DATA = etc/ethertypes etc/xtables.conf
+dist_conf_DATA = etc/xtables.conf
However, instead of patching iptables to not install ethertypes, and
having to forward-port that patch, it is much simpler to just remove
the file in this do_install:append.
(From OE-Core rev: a970b6c927fb4c04473484f6e4b0a9853c8a5896)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@baylibre.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There is a bug in GStreamer 1.22 that prevents video playback when
some of the v4l2codecs are paired with sinks that do not support
GstVideoMeta. This is the case of the Qt 6.9 sink used by some
of the Qt components.
For example, when the v4l2codecs-vp8dec decoder is paired with
QMediaPlayer, video playback fails to start with the following error:
WARN videodecoder gstvideodecoder.c:4409:gst_video_decoder_negotiate_pool: Subclass failed to decide allocation
ERROR videodecoder gstvideodecoder.c:4635:gst_video_decoder_allocate_output_buffer: Failed to allocate the buffer..
WARN videodecoder gstvideodecoder.c:4409:gst_video_decoder_negotiate_pool: Subclass failed to decide allocation
WARN matroskademux matroska-demux.c:6131:gst_matroska_demux_loop: error: Internal data stream error.
WARN matroskademux matroska-demux.c:6131:gst_matroska_demux_loop: error: streaming stopped, reason not-negotiated (-4)
This problem is already fixed in GStreamer 1.24, so backport the fix.
This fixes the buffer allocation failure for H.264, H.265, and VP8.
CC: Steve Sakoman <steve@sakoman.com>
CC: Anuj Mittal <anuj.mittal@intel.com>
(From OE-Core rev: 1be0de000bb852f1acc9644c1cb702336d7fdd61)
Signed-off-by: Daniel Semkowicz <dse@thaumatec.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability, which was classified as problematic, has been found in GNU elfutils
0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the
component eu-strip. The manipulation leads to denial of service. The attack needs to
be approached locally. The exploit has been disclosed to the public and may be used.
The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is
recommended to apply a patch to fix this issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-1377
Upstream patch:
https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba
(From OE-Core rev: ae89d0c2ca49c40429f787577d280b5886f42cc1)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability classified as problematic was found in GNU elfutils 0.192. This
vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c
of the component eu-strip. The manipulation leads to denial of service. It is
possible to launch the attack on the local host. The complexity of an attack is
rather high. The exploitation appears to be difficult. The exploit has been
disclosed to the public and may be used. The name of the patch is
b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to
fix this issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-1376
Upstream patch:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918
(From OE-Core rev: 06e3cd0891f553b0ed036d9247dfa7c5ed814d78)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick patch from PR mentioning this CVE [1]
It's a complex patch so I have checked diff of 2.6.4 and commit before
these patches landed. There were no changes in memory allocations.
Also version in scarthgap is still not that much different from current
upstream master.
Ptests pass.
Also picked one documentation commit (-00) to resolve patch conflict.
Following conflicts were resolved manually:
* commit "mass-cppcheck.sh: Activate in-code suppression comments" was
skipped as it only edited github actions not yet available in 2.6.4
* commit "lib: Implement tracking of dynamic memory allocations"
ale had conflict in github actions not yet available in 2.6.4
* commit "fuzz: Be robust towards NULL return from XML_ExternalEntityParserCreate"
edited file "expat/fuzz/xml_lpm_fuzzer.cpp" which is not present in
our version yet. Since we're not using fuzzying, this is not needed.
* the final changelog commit needed lot conflict resolution actions
Finally picked PR fixing regression [2] together with two minor commits
to have a clean cherry-picks.
Also here the Changes commit needed conflict resolution.
[1] https://github.com/libexpat/libexpat/pull/1034
[2] https://github.com/libexpat/libexpat/pull/1048
(From OE-Core rev: 684d3cdbc08ce41dc1f92e1f228eee34bc2bc1fe)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2025-6018 is a local privilege escalation in PAM that requires
`user_readenv=1` to be enabled in the PAM configuration. The default
configuration does not enable reading user environment files (user_readenv
is 0 by default). Hence this vulnerability cannot be exploited using the
default configuration.
(From OE-Core rev: 3f2a9ad03326dc87681cf47ed5f73712ebaa624c)
Signed-off-by: Anders Heimer <anders.heimer@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The filename is outdated as its version was already bumped and there are
also different files for different feed choices.
Use glob to match any available file.
(From yocto-docs rev: 6cd7492bf83232744390f34e496367e94b63e701)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
If SLIRP is being used instead of TAP for networking to the guest then
the target IP will be localhost. There's no point in pinging localhost
to see if the target is up but whilst you'd think it is harmless, in
some containers ping doesn't actually have enough rights to work:
ping: socktype: SOCK_RAW
ping: socket: Operation not permitted
ping: => missing cap_net_raw+p capability or setuid?
Look at the target address and if it's localhost or 127.0.0.* return
immediately.
(Backport from OE-Core rev: a06ef43d2a50e16c32bd6edbdc7b32c3528687d5)
(From OE-Core rev: 649147913e89cd8f7390cb17cd0be94c9710ffa6)
Signed-off-by: Michael Haener <michael.haener@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There is a bug libicu that causes libicu to be installed incorrectly when
the build system uses long paths (more than 512 chars).
This condition is not very difficult to trigger on a OE build system
due to the long paths an the deep of the directories that are usually
generated by default.
Also the bug is very subtle and won't be detected by the QA post-install
processes because what this bug causes is that a different version of
libicudata.so.X.Y (one without data) is installed instead of the one
containing the data, but there won't be any file missed on the installation
(just that it installed the wrong one).
See: https://unicode-org.atlassian.net/browse/ICU-22813
This patch backports the fix from upstream/main
(From OE-Core rev: 67d1352873957decacde30ff208fb7bb635b0c5d)
(From OE-Core rev: 0860992436092f7651e22e2b894f0d0a365a9bb0)
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Benjamin Hahn <B.Hahn@phytec.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Drop upstreamed patch and refresh remaining patches.
Release information:
* https://www.python.org/downloads/release/python-31212/
* The release you're looking at is Python 3.12.12, a security bugfix
release for the legacy 3.12 series.
Handles CVE-2025-59375.
(From OE-Core rev: f1234b8451ba843b5f9ec1d2066c21f54d6bc3b8)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/6.6 to the latest korg -stable release that comprises
the following commits:
655054d2c3c1 Linux 6.6.111
3d3abf3f7e8b KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O
284e67a93b8c net/9p: fix double req put in p9_fd_cancelled
ab172f4f4262 crypto: rng - Ensure set_ent is always present
f5f235be7612 riscv: mm: Do not restrict mmap address based on hint
1602c9b4578a riscv: mm: Use hint address in mmap if available
e242e52fdfe4 driver core/PM: Set power.no_callbacks along with power.no_pm
e857421992ce staging: axis-fifo: flush RX FIFO on read errors
a3c71d6c8332 staging: axis-fifo: fix TX handling on copy_from_user() failure
6d953e9d3981 staging: axis-fifo: fix maximum TX packet length check
bfeea103cad9 serial: stm32: allow selecting console when the driver is module
cb7630e714d6 hid: fix I2C read buffer overflow in raw_event() for mcp2221
dc4874366cf6 ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free
647410a7da46 ALSA: usb-audio: Kill timer properly at removal
97e87f367c91 platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list
bf28f5db40d5 can: rcar_canfd: Fix controller mode setting
e93af787187e can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled
03510f5fce33 btrfs: ref-verify: handle damaged extent root tree
bcccd0220751 ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue
081f14b9a3eb perf subcmd: avoid crash in exclude_cmds when excludes is empty
6d59f7467f83 platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list
4b91d0c5781a dm-integrity: limit MAX_TAG_SIZE to 255
7f7187118bb5 ASoC: amd: acp: Adjust pdm gain value
8281c2a63bbc wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188
96dc17ae64b1 USB: serial: option: add SIMCom 8230C compositions
228d06c4cbfc media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe
71ed8b81a490 media: tuner: xc5000: Fix use-after-free in xc5000_release
f82dc869220d media: tunner: xc5000: Refactor firmware load
250b6e009ff9 KVM: arm64: Fix softirq masking in FPSIMD register saving sequence
(From OE-Core rev: 2a947cb13d0d46747f14aa6a1aa39a486459ee8a)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/6.6 to the latest korg -stable release that comprises
the following commits:
f34f16e5c6323 Linux 6.6.109
eb53056323f13 drm/i915/backlight: Return immediately when scale() finds invalid parameters
4529bb0b6be3d minmax.h: remove some #defines that are only expanded once
1a899044a0f5a minmax.h: simplify the variants of clamp()
9955044f552b5 minmax.h: move all the clamp() definitions after the min/max() ones
26c3d697becf3 minmax.h: use BUILD_BUG_ON_MSG() for the lo < hi test in clamp()
511e7d2e4d51f minmax.h: reduce the #define expansion of min(), max() and clamp()
85d619594313e minmax.h: update some comments
6012f69bf7495 minmax.h: add whitespace around operators and after commas
46648b94e6ebb minmax: fix up min3() and max3() too
f0be4c5dc213d minmax: improve macro expansion and type checking
7194a302345da minmax: don't use max() in situations that want a C constant expression
bb63c996c2db0 minmax: simplify min()/max()/clamp() implementation
6183c6579356a minmax: make generic MIN() and MAX() macros available everywhere
c0c83f4cd074b i40e: add validation for ring_len param
6e4251690710d i40e: increase max descriptors for XL710
7ea47a560a7a3 drm/ast: Use msleep instead of mdelay for edid read
ed6fa21f68973 gpiolib: Extend software-node support to support secondary software-nodes
457d2c5e112fd loop: Avoid updating block size under exclusive owner
78f579cb7d825 mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
e7a85efb873fa mm: migrate_device: use more folio in migrate_device_finalize()
684a9a995748c ARM: bcm: Select ARM_GIC_V3 for ARCH_BRCMSTB
53888cd32a3f6 s390/cpum_cf: Fix uninitialized warning after backport of ce971233242b
09e3bda3a7ba2 fbcon: Fix OOB access in font allocation
adac90bb1aaf4 fbcon: fix integer overflow in fbcon_do_set_font
c9c2a51f91aea mm/hugetlb: fix folio is still mapped when deleted
df1fa034c0fc2 kmsan: fix out-of-bounds access to shadow memory
cab278cead49a afs: Fix potential null pointer dereference in afs_put_server
58d304a89178d ARM: dts: socfpga: sodia: Fix mdio bus probe and PHY address
3887f3814c0e7 tracing: dynevent: Add a missing lockdown check on dynevent
8703940bd30b5 crypto: af_alg - Fix incorrect boolean values in af_alg_ctx
b769490521cf9 i40e: improve VF MAC filters accounting
b247cdd04750e i40e: add mask to apply valid bits for itr_idx
edecce7abd715 i40e: add max boundary check for VF filters
e748f1ee493f8 i40e: fix validation of VF state in get resources
3883e9702b6a4 i40e: fix input validation logic for action_meta
2cc26dac0518d i40e: fix idx validation in config queues msg
50a1e2f50f6c2 i40e: fix idx validation in i40e_validate_queue_map
3cefd898b7aa1 HID: asus: add support for missing PX series fn keys
ba7bcfd52c66d smb: client: fix wrong index reference in smb2_compound_op()
348736955ed6c futex: Prevent use-after-free during requeue-PI
6ffa6b5bc861a drm/gma500: Fix null dereference in hdmi teardown
df2c071061ed5 octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()
7b209698e648b net: dsa: lantiq_gswip: suppress -EINVAL errors for bridge FDB entries added to the CPU port
816d30afbad52 net: dsa: lantiq_gswip: move gswip_add_single_port_br() call to port_setup()
a7a2b29c1ee44 net: dsa: lantiq_gswip: do also enable or disable cpu port
be0bd592298f8 selftests: fib_nexthops: Fix creation of non-FDB nexthops
24046d31f6f92 nexthop: Forbid FDB status change while nexthop is in a group
31ae2fbc9fcb9 net: allow alloc_skb_with_frags() to use MAX_SKB_FRAGS
98a76bd96f382 bnxt_en: correct offset handling for IPv6 destination address
82a1463c968b1 vhost: Take a reference on the task in struct vhost_task.
bcce99f613163 Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync
6a0070c5c3ad3 Bluetooth: hci_sync: Fix hci_resume_advertising_sync
c957284701353 ethernet: rvu-af: Remove slash from the driver name
17edec1830e48 can: peak_usb: fix shift-out-of-bounds issue
3664ae91b26d1 can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow
2e423e1990f39 can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow
be1b25005fd0f can: hi311x: populate ndo_change_mtu() to prevent buffer overflow
cbc1de71766f3 can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow
0baf92d0b1590 xfrm: xfrm_alloc_spi shouldn't use 0 as SPI
f64abeebf763c bpf: Reject bpf_timer for PREEMPT_RT
865eec09b6e44 can: rcar_can: rcar_can_resume(): fix s2ram with PSCI
210b91bfe355b wifi: virt_wifi: Fix page fault on connect
c5be7edd42602 smb: server: don't use delayed_work for post_recv_credits_work
6017196aabf1d cpufreq: Initialize cpufreq-based invariance before subsys
35bb271de241d ARM: dts: kirkwood: Fix sound DAI cells for OpenRD clients
ebe7a2e46d189 arm64: dts: imx8mp: Correct thermal sensor index
1744aff07b833 mm: folio_may_be_lru_cached() unless folio_test_large()
d37ec803b2813 mm/gup: local lru_add_drain() to avoid lru_add_drain_all()
768c44cc8b638 mm/gup: check ref_count instead of lru before migration
dc58ab1eb90c9 mm: add folio_expected_ref_count() for reference count calculation
4ed203f79821c mm/gup: revert "mm: gup: fix infinite loop within __get_longterm_locked"
df2580fbcedea IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions
943754ad81131 ALSA: usb-audio: Add mute TLV for playback volumes on more devices
0aac2fa4d0c75 ALSA: usb-audio: move mixer_quirks' min_mute into common quirk
ea6016c9ec61d ALSA: usb-audio: Add DSD support for Comtrue USB Audio device
b61b90b07416f i2c: designware: Add quirk for Intel Xe
41ea28a2de255 mmc: sdhci-cadence: add Mobileye eyeQ support
306697a775fbc usb: core: Add 0x prefix to quirks debug output
dc77154e83048 ALSA: usb-audio: Fix build with CONFIG_INPUT=n
a3961b1f7f79e ALSA: usb-audio: Convert comma to semicolon
d04d301614630 ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5
8fa69bd18148e ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks
9db2614986bd0 ALSA: usb-audio: Simplify NULL comparison in mixer_quirks
e8c605fece5b9 ALSA: usb-audio: Avoid multiple assignments in mixer_quirks
bafc648b82c3b ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks
08a96e22bd37f ALSA: usb-audio: Fix block comments in mixer_quirks
18f9e77de5272 firewire: core: fix overlooked update of subsystem ABI version
ca3e48e96816c scsi: ufs: mcq: Fix memory allocation checks for SQE and CQE
(From OE-Core rev: 5234d795417f97cfce7bcd891e7bdeabc6f36e9e)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/6.6 to the latest korg -stable release that comprises
the following commits:
147338df3487 Linux 6.6.108
42a6aeb4b238 Revert "loop: Avoid updating block size under exclusive owner"
06146c26f5cf minmax: add a few more MIN_T/MAX_T users
af8b531ecfd4 minmax: simplify and clarify min_t()/max_t() implementation
2d396aa8264d minmax: avoid overly complicated constant expressions in VM code
532733ff82b9 mptcp: propagate shutdown to subflows when possible
3ef938f6f0b3 rtc: pcf2127: fix SPI command byte for PCF2131 backport
075abf0b1a95 iommu/amd/pgtbl: Fix possible race while increase page table level
564f2312e2ff xhci: dbc: Fix full DbC transfer ring after several reconnects
3c6dd29a460f xhci: dbc: decouple endpoint allocation from initialization
27b04564f7a3 phy: ti: omap-usb2: fix device leak at unbind
34a8d5a198bb phy: Use device_get_match_data()
0ee0ef483aae selftests: mptcp: userspace pm: validate deny-join-id0 flag
650150cc9a3e mptcp: pm: nl: announce deny-join-id0 flag
a6157484bee3 vmxnet3: unregister xdp rxq info in the reset path
e7b7a9387955 smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path
2374c11189ef crypto: af_alg - Set merge to zero early in af_alg_sendmsg
6a075f80f303 drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path
15a77e1ab0a9 drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ
e6b0616a360f ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message
7740da20a3a0 ASoC: wm8974: Correct PLL rate rounding
b4e8741955dc ASoC: wm8940: Correct typo in control name
b7e4884dd853 ASoC: wm8940: Correct PLL rate rounding
abc9f859a9ea io_uring: include dying ring in task_work "should cancel" state
c8e69b783bc4 io_uring: backport io_should_terminate_tw()
115e7d4d5ee8 ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx
0a3d5a4d4adc selftests: mptcp: avoid spurious errors on TCP disconnect
9ef1af5d4040 selftests: mptcp: connect: catch IO errors on listen side
666b49c848f1 rds: ib: Increment i_fastreg_wrs before bailing out
689aee35ce67 net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer
7e4c3cd7f0a1 KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active
6584e7ecfa7d mmc: mvsdio: Fix dma_unmap_sg() nents value
ac4e940dc7da ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S
411f7d4f7038 ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed
468bb23472b7 ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface
fc7bd02dadb8 btrfs: tree-checker: fix the incorrect inode ref size check
090b61b87420 iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page()
561eef41aaa3 LoongArch: Check the return value when creating kobj
2ff7ef2f71b4 LoongArch: Align ACPI structures if ARCH_STRICT_ALIGN enabled
fb6ee62d3082 LoongArch: Update help info of ARCH_STRICT_ALIGN
90c0ffa1e0d9 power: supply: bq27xxx: restrict no-battery detection to bq27000
84ac57c4bbfd power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery
7c4491b5644e crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg
ee74d69af170 nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/*
d3cb3f209d35 ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size
eb0378dde086 ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
d2cfefa14ce8 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()
8eeb2091e72d cnic: Fix use-after-free bugs in cnic_delete_task
cd093e8bdcfe net: liquidio: fix overflow in octeon_init_instr_queue()
13f57d484676 Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set"
4cefe5be7388 tls: make sure to abort the stream if headers are bogus
dfd06131107e tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().
97d797c5fc6f bonding: don't set oif to bond dev when getting NS target destination
2cb17c88edd3 net/mlx5e: Harden uplink netdev access against device unbind
fd74bd40f1a4 net/mlx5e: Consider aggregated port speed during rate configuration
a7f10a466d36 i40e: remove redundant memory barrier when cleaning Tx descs
0255c5100470 net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure
af114ef225e5 selftests: mptcp: sockopt: fix error messages
dedaa9bcf79c mptcp: tfo: record 'deny join id0' info
36d9f72e5d66 mptcp: set remote_deny_join_id0 on SYN recv
29a5fd482cd5 bonding: set random address only when slaves already exist
ea53e6a47e14 qed: Don't collect too many protection override GRC elements
2f4b68e7905e dpaa2-switch: fix buffer pool seeding for control traffic
4f364023ddcf um: virtio_uml: Fix use-after-free after put_device in probe
5d2c34ff78b8 btrfs: fix invalid extref key setup when replaying dentry
4a1e3ec28e80 cgroup: split cgroup_destroy_wq into 3 workqueues
9ba2b399dee2 pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch
eae22a2573a0 wifi: mac80211: fix incorrect type for ret
93e063f15e17 wifi: mac80211: increase scan_ies_len for S1G
0ffb49ba247c ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported
6085291a1a58 wifi: wilc1000: avoid buffer overflow in WID string configuration
(From OE-Core rev: 0b5c6e21160e54b3b571343d932614b23231e273)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
