There's a (second) overhead factor applied in images generated with Wic,
and this is already documented in the .wks reference. However, the
IMAGE_OVERHEAD_FACTOR entry does not mention it, and by looking at the
partition sizes (e.g. with parted) one may find it confusing that they
don't match with the expected rootfs size (e.g. in a scenario where the
extra space is "0" and IMAGE_OVERHEAD_FACTOR="1.0").
This second overhead is already documented, though:
https://docs.yoctoproject.org/ref-manual/kickstart.html#command-part-or-partition
Mention the '--overhead-factor' option in the glossary entry and add a
reference to the wks documentation.
(From yocto-docs rev: 71a3933c609ce73ff07e5be48d9e7b03f22ef8d7)
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit b9040e20b015e9b02683ec3014e4ade5eb59d41a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
`src-uri-bad` is missing the required call to `oe.qa.exit_if_errors` so
the corresponding task is not marked as failed when the QA check is
classified as an error.
This issue was fixed by the introduction of the do_recipe_qa task in
OE-core (e0c71367ab59021fc430ef215bbfc3b525036ba4) which is not part
of kirkstone yet.
(From OE-Core rev: 4b593ea8df9b1d3dda0adf38786845168360311f)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Currently, whilst patch errors or warnings are shown, the errors don't stop builds.
The configuration isn't very configurable from WARN_QA and ERROR_QA either.
This patch:
* Uses the standard mechanisms to handle the patch fuzz warnings/errors
* Makes Upstream-Status checking configurable from WARN/ERROR_QA
* Allows that checking to be used with non-core layers
* Makes patch-fuzz an error by default
(From OE-Core rev: 76a685bfcf927593eac67157762a53259089ea8a)
(From OE-Core rev: 4899961965d70281e63582234f0ed299431eff32)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3c3fd6a65e)
The backported commit was modified to not mark "patch-fuzz" as an error
by default (which retains compatibility with kirkstone behaviour).
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
During backporting the patch, accidentally a variable was removed.
In case the recipe is compiled for 32-bit Arm target, compilation
fails with the following error:
3.0.1-r0/git/llvm/lib/Target/ARM/ARMISelLowering.cpp:4481:13: error: 'RegVT' was not declared in this scope
| 4481 | if (RegVT == MVT::f16 || RegVT == MVT::bf16)
| | ^~~~~
This patch corrects the patch, and adds back the removed RegVT variable.
(From OE-Core rev: 77f29f8fea58de40459186952d25279877ce4994)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1.
This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c
of the component AAC Encoder. The manipulation leads to stack-based buffer overflow.
It is possible to initiate the attack remotely. The exploit has been disclosed to
the public and may be used.
(From OE-Core rev: 5a922eb95da7d373ee2bc3018065448fa128e69a)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2023-6605:
A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET
requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.
CVE-2023-6604:
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load
and storage consumption, potentially leading to degraded performance or denial of service
via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.
CVE-2023-6602:
flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration
via improper parsing of non-TTY-compliant input files in HLS playlists.
(From OE-Core rev: aa68992ddc5744bb4fdbb3a3cd0636b303449be2)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since pulseaudio-server requires the audio group, we explicitly add it.
When use useradd-staticids or do not use the default group in
base-passwd, an error will occur because the audio group is not defined.
NOTE: pulseaudio: Performing useradd with [--root
TOPDIR/tmp/work/cortexa72-poky-linux/pulseaudio/17.0/recipe-sysroot
--home-dir /var/run/pulse --gid 998 --groups audio,pulse
--no-create-home --system --shell /bin/false --uid 998 pulse]
useradd: group 'audio' does not exist
ERROR: pulseaudio: useradd command did not succeed.
(From OE-Core rev: 71ed9d8394f7e625270ee66f9c2816bba4aa2016)
Signed-off-by: Kyungjik Min <dpmin7@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The default CONNECTIVITY_CHECK_URIS uses "https://yoctoproject.org/connectivity.html"
which redirect to "https://www.yoctoproject.org/connectivity.html".
Some network configurations with proxies or restricted internet access
don't handle HTTP redirects properly during the sanity check phase,
causing build failures with:
ERROR: OE-core's config sanity checker detected a potential misconfiguration.
Either fix the cause of this error or at your own risk disable the checker (see sanity.conf).
Following is the list of potential problems / advisories:
Fetcher failure for URL: 'https://yoctoproject.org/connectivity.html'. URL doesn't work.
Updated the default URL to use the final destination directly to avoid
redirect-related connectivity check failures.
Also updated SDK test cases in https.py to use the corrected URL for
consistency.
(From OE-Core rev: aceb2920fbdef43db7b0b698865358e288901610)
Signed-off-by: Deepak Rathore <deeratho@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 60cdf960a3560f391babd559737f1afb31fb2c5c)
Signed-off-by: Deepak Rathore <deeratho@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This comment should not have been merged.
It shows that the license did not change.
(From OE-Core rev: 652986a4c67fc5d1c69cd3c2cb0d7f197b960be6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158.
Changes between 9.1.1198 -> 9.1.1652
====================================
https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652
Refresh patches.
Disable newly introduced wayland support (in patch version 1485).
To this belongs also adding recursion in delete command for dir auto
which was newly failing as there is wayland directory inside now.
If someone is interested, this can be probably enabled, but without
additional work it results in compilation error due to function
redefinition conflicts.
(From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094)
(From OE-Core rev: bd2dc808baec7e940a09f80afa2c2997efe7cbfe)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
After the below commit introduced, the shebang size of native scripts
is also checked, so rework the patch to fix the gap.
377fe11bc0 insane.bbclass: Make do_qa_staging check shebangs
Fixes:
ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/mve.awk maximum shebang size exceeded, the maximum size is 128. [shebang-size]
ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/efm_perl.pl maximum shebang size exceeded, the maximum size is 128. [shebang-size]
(From OE-Core rev: 79232458b9cdc741a2049d83839af73f58a5554c)
(From OE-Core rev: 671f8cec8ef463d75e9393c5fc03cf913ef9edf6)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Git is a fast, scalable, distributed revision control system with an
unusually rich command set that provides both high-level operations
and full access to internals. When reading a config value, Git strips
any trailing carriage return and line feed (CRLF). When writing a
config entry, values with a trailing CR are not quoted, causing the CR
to be lost when the config is later read. When initializing a
submodule, if the submodule path contains a trailing CR, the altered
path is read resulting in the submodule being checked out to an
incorrect location. If a symlink exists that points the altered path
to the submodule hooks directory, and the submodule contains an
executable post-checkout hook, the script may be unintentionally
executed after checkout. This vulnerability is fixed in v2.43.7,
v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-48384
Upstream-patch:
05e9cd64ee
(From OE-Core rev: 34cb9674a5ce337a75af0dc415706d0323c427a6)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was determined in LibTIFF up to 4.5.1. Affected
by this issue is the function readSeparateStripsetoBuffer of the
file tools/tiffcrop.c of the component tiffcrop. The manipulation
leads to stack-based buffer overflow. Local access is required to
approach this attack. The patch is identified as
8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to
apply a patch to fix this issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-8851
Upstream patch:
8a7a48d7a6
(From OE-Core rev: 1ced84bbd4ab15f0f16176e367744b496a0ea97c)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability classified as problematic was found in libtiff
4.6.0. This vulnerability affects the function PS_Lvl2page of
the file tools/tiff2ps.c of the component tiff2ps. The
manipulation leads to null pointer dereference. It is possible
to launch the attack on the local host. The complexity of an
attack is rather high. The exploitation appears to be difficult.
The exploit has been disclosed to the public and may be used.
The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b.
It is recommended to apply a patch to fix this issue. One of the
maintainers explains, that "[t]his error only occurs if
DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD")
option is used."
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-8534
Upstream patch:
6ba36f159f
(From OE-Core rev: c897368cd363d3e50372ab1fc95bc31f1a883dc4)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared
as problematic. Affected by this vulnerability is the function
t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps.
The manipulation leads to null pointer dereference. The attack needs to
be approached locally. The complexity of an attack is rather high. The
exploitation appears to be difficult. The patch is named
2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a
patch to fix this issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-13978
Upstream patch:
2ebfffb0e8
(From OE-Core rev: f6ff692be6b08290845b6c6c27eaf5d676476464)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We have found that since this patch SELECT queries with
COUNT(DISTINCT(column)) seem to cause sqlite to segfault
This reverts commit 4d5093e5103016c08b3a32fd83b1ec9edd87cd5a.
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE is for virtio-snd which was introduced in 8.2.0.
Therefore ignore this CVE for version 6.2.0.
(From OE-Core rev: 93545ef00c4930dd297649934bee0e95c520ee16)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in m2crypto. This issue may allow a remote attacker to
decrypt captured messages in TLS servers that use RSA key exchanges,
which may lead to exposure of confidential or sensitive data.
The CVE-2023-50781 in M2Crypto is addressed by modifying OpenSSL because
M2Crypto relies on OpenSSL for its cryptographic operations.The issue
stems from OpenSSL’s RSA PKCS#1 v1.5 padding verification being
vulnerable to Bleichenbacher-type attacks.To mitigate this, OpenSSL
introduced an implicit rejection mechanism in the RSA PKCS#1 v1.5
padding.Therefore, resolving the vulnerability requires changes within
OpenSSL itself to ensure M2Crypto’s security.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-50781https://github.com/openssl/openssl/pull/13817/commitshttps://todo.sr.ht/~mcepl/m2crypto/342?__goaway_challenge=meta-refresh&__goaway_id=45a03d6accb7b343867110db1f7fb334
(From OE-Core rev: d24c4923d6f7a25bdc3ec5d4ac6bee32bb0bae88)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix:
../recipe-sysroot/usr/include/libuboot.h:29:2: error: unknown type name 'size_t'
size_t envsize;
^
This error can be avoided by using CXXFLAGS:append = " -include cstddef"
but this way would be needed in all recipes that use libuboot.h.
Therefore, Backport the patch to include <cstddef> in C++ builds.
(From OE-Core rev: e401a16d8e26d25cec95fcea98d6530036cffca1)
Signed-off-by: Youngseok Jeong <youngseok1.jeong@lge.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous fix missed another cherry-pick that fixed building
manpages after the coredump patch. The version-info.xml file doesn't
exist in 250. It was introduced later, so remove the reference to
it.
(From OE-Core rev: 0a383ef579ffe5f5c4ef2c78040540f1332e4ea6)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This class has been in OE-Core for a while but never documented in the
reference manual. Add some description for it and link to the existing
documentation on it.
(From yocto-docs rev: 1576091585f8ffdcadd8b8eee525614ab16b6fa0)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 362a331255525fc853dab3af4ec905c417fabb0b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This variable is part of uboot-sign but not documented.
(From yocto-docs rev: 1a07897a273867b4cf26759e88e423c552a09c4a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 05eb461cb1da76ad9cbaf634da7f47447b3f6765)
[fix minor conflicts in classes.rst]
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update the distributions to match the list of workers on the
Autobuilder. This list was generated with the help of
yocto-autobuilder-helper/scripts/yocto-supported-distros.
Also:
- Sort the lists alphabetically.
- Fill the second list with EOL distros still running on the
Autobuilder.
(From yocto-docs rev: 207477ddfead183f9df06215b1acb453138708cb)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The example repo doesn't seem to have ever been under MIT to begin with
but rather Apache-2.0.
The license file exists in the sources, so use that one instead of
taking it from the OE-Core license directory.
License-Update: Incorrect license is now proper
(From OE-Core rev: 3d1c037a7cb7858a4e3c33a94f5d343a81aac5f7)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
By default, the tests are built and run at do_compile and we can see
errors like below in log.do_compile:
gnupg-2.3.7/tests/cms/inittests: line 99: ../../sm/gpgsm: cannot execute binary file: Exec format error
Note that the do_compile process still succeeds. However, we'd better avoid
executing these target binaries at build time.
(From OE-Core rev: b02f99a0b82ed55a07c00b32805ad676c04ee4ab)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(master rev: 74d48497470ce209bc6bdf49c2e2cfda67dce6ae)
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick 2 commits as in scarthgap branch plus one additional precondition
to apply those.
(From OE-Core rev: e43507dad134c5036be1c79a37f73c34f4fb6292)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in LibTIFF up to 4.7.0. It has been
rated as critical. This issue affects the function setrow of the
file tools/thumbnail.c. The manipulation leads to buffer overflow.
An attack has to be approached locally. The patch is named
e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to
apply a patch to fix this issue. This vulnerability only affects
products that are no longer supported by the maintainer.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-8177
Upstream patch:
e8de4dc1f9
(From OE-Core rev: fbf3238630c104c9e17d6e902986358cea5986ff)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in LibTIFF up to 4.7.0. It has
been declared as critical. This vulnerability affects the
function get_histogram of the file tools/tiffmedian.c. The
manipulation leads to use after free. The attack needs to
be approached locally. The exploit has been disclosed to
the public and may be used. The patch is identified as
fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended
to apply a patch to fix this issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-8176
Upstream patches:
3994cf3b3bce46f002ececc4ddbf1f
(From OE-Core rev: 5dbc4ccce8676b016de8c1393c2f0d0f74eb9337)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is a single commit bump containing only CVE fix
$ git log --oneline d80401002011f470d9c6eb604bf734715e9b3a8c..a66bc3941ff298e474d5f02d0c3303401951141f
a66bc3941f posix: Fix double-free after allocation failure in regcomp (bug 33185)
Test results didn't change except newly added test succeeding.
(tst-regcomp-bracket-free)
Also add CVE-2025-0395 ignore which was already included in previous
hash bumps.
Also drop an unreferenced patch.
(From OE-Core rev: 3921549f6420e44a250d06cdef2c9d423fb6e39f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit referencing this CVE from 2.13 branch.
(From OE-Core rev: 9418c88c964dffc21abe6a056db72c3c81e25137)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick relevant commit from 3.8.10 release MR [1].
The MR contains referece to undiscoled issue, so any security relevant
patch should be picked.
Binary test file was added as separate file as binary diffs are not
supported.
[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
(From OE-Core rev: 990bd6fab5c6004b9fbcdb9c76bcb3a96ba5887a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick relevant commit from 3.8.10 release MR [1].
The ME contains referece to undiscoled issue, so any security relevant
patch should be picked.
Binary test file was added as separate file as binary diffs are not
supported.
[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
(From OE-Core rev: 33181e3e8c7427fc823f750e936732b69e247987)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE patch [1] as mentioned in [2] relies on several patches not yet
available in version 2020.81 we have in kirkstone.
The good folks from Debian did the hard work identifying them as they
have the same version in bullseye release.
The commits were picked from [3] and they have their references to
dropbear upstream commits.
[1] e5a0ef27c2
[2] https://security-tracker.debian.org/tracker/CVE-2025-47203
[3] 7f48e75892
(From OE-Core rev: 91eeffaf14917c7c994a8de794b915231e69c5d6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* many configure tests (which might not fail before) are failing with gcc-14:
# grep implicit build/config.log
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
conftest.c:50:17: error: implicit declaration of function 'exit' [-Wimplicit-function-declaration]
conftest.c:50:17: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch]
conftest.c:53:9: error: implicit declaration of function 'msem_init' [-Wimplicit-function-declaration]
conftest.c:54:9: error: implicit declaration of function 'msem_lock' [-Wimplicit-function-declaration]
conftest.c:55:9: error: implicit declaration of function 'msem_unlock' [-Wimplicit-function-declaration]
conftest.c:56:9: error: implicit declaration of function 'exit' [-Wimplicit-function-declaration]
conftest.c:56:9: warning: incompatible implicit declaration of built-in function 'exit' [-Wbuiltin-declaration-mismatch]
conftest.c:50:9: error: implicit declaration of function '_spin_lock_try' [-Wimplicit-function-declaration]
conftest.c:51:9: error: implicit declaration of function '_spin_unlock' [-Wimplicit-function-declaration]
* I have noticed this on db-native build on host with gcc-14
where it caused fatal do_configure error:
http://errors.yoctoproject.org/Errors/Details/784164/
checking for mutexes... UNIX/fcntl
configure: error: Support for FCNTL mutexes was removed in BDB 4.8.
the config.log confirms it's because implicit-int:
configure:22798: checking for mutexes
configure:22925: gcc -o conftest -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/include -O2 -pipe -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/include -D_GNU_SOURCE -D_REENTRANT -L/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/lib -L/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/lib -Wl,--enable-new-dtags -Wl,-rpath-link,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/lib -Wl,-rpath-link,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/lib -Wl,-rpath,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/usr/lib -Wl,-rpath,/OE/build/oe-core/tmp-glibc/work/x86_64-linux/db-native/5.3.28/recipe-sysroot-native/lib -Wl,-O1 conftest.c -lpthread >&5
conftest.c:47:1: error: return type defaults to 'int' [-Wimplicit-int]
47 | main() {
| ^~~~
configure:22925: $? = 1
configure: program exited with status 1
* comparing target db with and without this change shows following diff
in log.do_configure:
db $ diff 5.3.28*/temp/log.do_configure
268c268
< checking for mutexes... POSIX/pthreads/library
---
> checking for mutexes... POSIX/pthreads/library/x86_64/gcc-assembly
271c271
< checking for atomic operations... no
---
> checking for atomic operations... x86/gcc-assembly
(From OE-Core rev: 4d3ce333c10fadf746b6d8b55a88777c97e11ffa)
(From OE-Core rev: 277b5ec3c0212ca8600dd89d0a33f784a060131f)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6108da955e7c553247ff5356cf1c990b3d334edf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update to the 4.0.28 release of the 4.0 series for buildtools
(From OE-Core rev: 8e59118164d6468443db211d9ade058402f21add)
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic@zeiss.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on glibc-2.35 stable branch are updated.
git log --oneline d2febe7c407665c18cfea1930c65f41899ab3aa3..80401002011f470d9c6eb604bf734715e9b3a8c2
8040100201 Fix error reporting (false negatives) in SGID tests
c6ec750be5 support: Pick group in support_capture_subprogram_self_sgid if UID == 0
c9e44b6467 support: Don't fail on fchown when spawning sgid processes
621c65ccf1 elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
c7ff2bc297 Revert "elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static"
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
08aea7712d support: Add support_record_failure_barrier
901e24b128 support: Use const char * argument in support_capture_subprogram_self_sgid
bff3b0f16c elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
Dropped :
0025-CVE-2025-4802.patch
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
Test results:
Before after diff
PASS 4833 4839 +6
XPASS 6 6 0
FAIL 133 130 -3
XFAIL 16 16 0
UNSUPPORTED 200 197 -3
Following commits improved test results:
8040100201 Fix error reporting (false negatives) in SGID tests
Improved SGID test handling by unifying error reporting and using secure temporary directories.
Replaced non-standard exit codes and fixed premature exits to avoid masking failures.
These changes reduced false negatives, increasing overall test pass rates.
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
Fixed tst-dlopen-sgid false positives by correctly handling subprocess exit status (bug 32987).
Ensured test fails on abnormal or non-zero child exits.
This commit restores reliability in SGID testing and is the first step toward centralized SGID test error handling.
UNSUPPORTED tests changes
-UNSUPPORTED: elf/tst-env-setuid
-UNSUPPORTED: elf/tst-env-setuid-tunables
-UNSUPPORTED: stdlib/tst-secure-getenv
FAILed tests changes
-FAIL: elf/tst-dlopen-sgid
-FAIL: misc/tst-error1
-FAIL: resolv/tst-resolv-aliases
PASSed tests changes
+PASS: elf/tst-env-setuid
+PASS: elf/tst-env-setuid-tunables
+PASS: stdlib/tst-secure-getenv
+PASS: elf/tst-dlopen-sgid
+PASS: misc/tst-error1
+PASS: resolv/tst-resolv-aliases
(From OE-Core rev: 2ea1d2d9bc6d173a8a586542d47a7f8a443d24c1)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous fix for CVE-2024-43398 did not include patches
to provide context for the changes it made.
This caused an exception at run-time when ruby parsed
rexml/parsers/baseparser.rb. This was first observed when using
ruby-native to build the sdformat recipe.
With these additional backports, the sdformat build proceeds
successfully. The REXML library was also tested manually on-target
with a script that used REXML::Document.new file to parse an
XML file.
(From OE-Core rev: 6bf00fde2d4043c6b558733a33041ce5694342d3)
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These two CVEs were fixed via the 5.0.3 release, and the
backported patches that fixed them were subsequently left
behind (although not deleted) by dadb16481810 ("ffmpeg:
upgrade 5.0.1 -> 5.0.3")
* CVE-2022-3109: An issue was discovered in the FFmpeg
package, where vp3_decode_frame in libavcodec/vp3.c lacks
check of the return value of av_malloc() and will cause a
null pointer dereference, impacting availability.
* CVE-2022-3341: A null pointer dereference issue was
discovered in 'FFmpeg' in decode_main_header() function of
libavformat/nutdec.c file. The flaw occurs because the
function lacks check of the return value of
avformat_new_stream() and triggers the null pointer
dereference error, causing an application to crash.
`bitbake ffmpeg` reports these two as "Unpatched".
Ignore them for now, until the NVD updates the versions where
these do not affect anymore.
(From OE-Core rev: 78aef4b1002c515aa2c1a64fea5bb013c9bc86a8)
Signed-off-by: Daniel Díaz <daniel.diaz@sonos.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There are new CVEs reported for this recipe which are not for this
componene, but for a component with same name from apache.
sqlite> select vendor, product, id, count(*) from products where product like 'orc' group by vendor, product, id;
apache|orc|CVE-2018-8015|1
apache|orc|CVE-2025-47436|4
gstreamer|orc|CVE-2024-40897|1
(From OE-Core rev: c31dec7b32fe34fafd61dd593a2884eee13084fb)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The upstream servers are having issues so switch to our own shadow copy
of the repo.
(Bitbake rev: 8e2d1f8de055549b2101614d85454fcd1d0f94b2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The SRC_URI is changed to git://gitlab.eclipse.org/eclipse/tcf/tcf.agent.git
(From OE-Core rev: d9f424921179a52ffe053411c44f20e44e7deba1)
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There are already decorators to skip on the value of MACHINE, but for
flexibility it's better to skip based on the target architecture. This
means, for example, the ISO image tests could skip if the architecture
isn't x86.
(From OE-Core rev: a8381f4b7d7c294d9ad8a9d3f0b1f7c409753716)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 0c21ff0a92906b6b4820eb8beddf8762fe70653d)
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commit on binutils-2.38 stable branch are updated.
9bee8d65d32 x86: Check MODRM for call and jmp in binutils older than 2.45
Before After Diff
No. of expected passes 280 280 0
No. of unexpected failures 2 2 0
No. of untested testcases 1 1 0
No. of unsupported tests 7 7 0
Testing was done and there were no regressions found
(From OE-Core rev: 7ac807166dfb6723f4e0b53c21f434e21d25563e)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
* Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified
when running a command or editing a file. This could enable a
local privilege escalation attack if the sudoers file allows the
user to run commands on a different host.
* Fixed CVE-2025-32463. An attacker can leverage sudo's -R
(--chroot) option to run arbitrary commands as root, even if
they are not listed in the sudoers file. The chroot support has
been deprecated an will be removed entirely in a future release.
License-Update: Copyright updated to 2025
0001-sudo.conf.in-fix-conflict-with-multilib.patch refreshed for 1.9.17
(From OE-Core rev: f8343726bca7f884213436cda3f51684c22ad3f1)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function
(io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing
maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding,
allowing out-of-bounds reads from heap memory, potentially causing application crashes or
arbitrary code execution.
(From OE-Core rev: 1803f965e4990be3fbdcd52544f0080e9c83800d)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit referencing this CVE.
(From OE-Core rev: 49ccf7b56a0598f84dcac2532c462aa2c285f66c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug
is triggered within the decode_deliver_report() function during the SMS decoding.
It is assumed that the attack scenario is accessible from a compromised modem,
a malicious base station, or just SMS. There is a bound check for this memcpy
length in decode_submit(), but it was forgotten in decode_deliver_report().
(From OE-Core rev: 3a3519324ec390044ff9f97c0f32027782699124)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug
is triggered within the decode_status_report() function during the SMS decoding.
It is assumed that the attack scenario is accessible from a compromised modem,
a malicious base station, or just SMS. There is a bound check for this memcpy
length in decode_submit(), but it was forgotten in decode_status_report().
(From OE-Core rev: 02005c81a55930d9f57d44674cdc5eb6171c8c76)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol,
when an approved safe prime is used, allows remote attackers (from the client side) to
trigger unnecessarily expensive server-side DHE modular-exponentiation calculations.
The client may cause asymmetric resource consumption. The basic attack scenario is that
the client must claim that it can only communicate with DHE, and the server must be
configured to allow DHE and validate the order of the public key.
Reference:
https://github.com/openssl/openssl/pull/25088
(From OE-Core rev: 635fc639a13a6b28cac5c67cff23b7f4477bc41c)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There are two "new" CVEs reported for python3, their CPEs are:
* CVE-2020-1171: cpe:2.3🅰️microsoft:python:*:*:*:*:*:visual_studio_code:*:* (< 2020.5.0)
* CVE-2020-1192: cpe:2.3🅰️microsoft:python:*:*:*:*:*:visual_studio_code:*:* (< 2020.5.0)
These are for "Visual Studio Code Python extension".
Solve this by addding CVE vendor to python CVE product to avoid
confusion with Microsoft as vendor.
Examining CVE DB for historical python entries shows:
sqlite> select vendor, product, count(*) from products where product = 'python' or product = 'cpython'
...> or product like 'python%3' group by vendor, product;
microsoft|python|2
python|python|1054
python_software_foundation|python|2
(From OE-Core rev: 06f615e6939a22bc8f12b30d8dea582ab3ccebe6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version. And the test case is
also adjusted to avoid using valgrind. valgrind in kirkstone is
reporting errors for coreutils' sort utility with/without this patch.
To avoid ptest failure, we disable valgrind explicitly.
(From OE-Core rev: bb7dbb195b55d9aaa0180906843f5af2dcf7509f)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
While search queries already handled words with hyphens correctly, they
did not do so for words with dots.
To fix this, we
- enhance the word tokenizer to treat both dots ('.') and hyphens ('-')
as valid characters within words.
(For robustness, explicitly exclude dots/hyphens at the start or end
of a word from indexing.)
- adjust query processing to avoid splitting on dots in search input
This allows search queries to correctly match terms such as
'local.conf', 'site.conf', and similar ones now.
Fixes: [YOCTO #14534]
(From yocto-docs rev: 02cc810c17e37563a206629d703dc21fc4280cbf)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 80084a4cabdf7f61c7e93eda8ddbd5bc7d54e041)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Replace the hardcoded /usr/bin by ${bindir}, as it should be.
Reported-by: Thomas Perrot <thomas.perrot@bootlin.com>
(From yocto-docs rev: 574aff4830ba20ee4471e15656ca5de22a743c37)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 576677eae6960dbc2d2ececeba0fde5bba7bb69f)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
3dea0e7f549e Linux 5.15.186
e3ff9f86cdb7 scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops
8e31c6cc3cba scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
92750bfe7b0d arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
a9f6aab7910a perf: Fix sample vs do_exit()
4be8065eace7 s390/pci: Fix __pcilg_mio_inuser() inline assembly
6d7fcd8a7a42 bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
f02c9c448e50 net: Fix checksum update for ILA adj-transport
ecbea1a5fec5 ext4: avoid remount errors with 'abort' mount option
1578f57a3fc3 ext4: make 'abort' mount option handling standard
ef5706bed97e mm/huge_memory: fix dereferencing invalid pmd migration entry
956b5aebb349 net_sched: sch_sfq: reject invalid perturb period
6c589aa31802 net_sched: sch_sfq: move the limit validation
6b96d7a9e8e7 net_sched: sch_sfq: use a temporary work area for validating configuration
1b562b7f9231 net_sched: sch_sfq: don't allow 1 packet limit
548cf048b426 net_sched: sch_sfq: handle bigger packets
8a1eca898580 net_sched: sch_sfq: annotate data-races around q->perturb_period
98236b25d03f arm64: proton-pack: Add new CPUs 'k' values for branch mitigation
df53d4187092 arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users
993f63239c21 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
d759395f25ca arm64: spectre: increase parameters that can be used to turn off bhb mitigation individually
fc061c32e327 arm64: proton-pack: Expose whether the branchy loop k value
005f3b7bd378 arm64: proton-pack: Expose whether the platform is mitigated by firmware
3af65d4123fe arm64: insn: Add support for encoding DSB
803228bb5ad9 arm64: insn: add encoders for atomic operations
0fc6db6d17bb arm64: move AARCH64_BREAK_FAULT into insn-def.h
cebd765ba328 Revert "cpufreq: tegra186: Share policy per cluster"
9051e4373dd1 serial: sh-sci: Increment the runtime usage counter for the earlycon device
ee195051be2d ARM: dts: am335x-bone-common: Increase MDIO reset deassert delay to 50ms
1a233520de8c ARM: dts: am335x-bone-common: Increase MDIO reset deassert time
57a00096a11b ARM: dts: am335x-bone-common: Add GPIO PHY reset on revision C3 board
ca3829c18c8d net: atm: fix /proc/net/atm/lec handling
17e156a94e94 net: atm: add lec_mutex
dc724bd34d56 calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
8595350615f9 tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
d54e0c077b7c tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
1b0ad1870491 atm: atmtcp: Free invalid length skb in atmtcp_c_send().
d8cd847fb862 mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
527fad1ae32f wifi: carl9170: do not ping device which has failed to load firmware
5adc79cfdd21 ptp: fix breakage after ptp_vclock_in_use() rework
b52215848977 net: ice: Perform accurate aRFS flow match
ef0b5bbbed7f aoe: clean device rq_list in aoedev_downdev()
f90220fc4a5f pldmfw: Select CRC32 when PLDMFW is selected
ef3f3face5d0 hwmon: (occ) fix unaligned accesses
a5537ce4a98a hwmon: (occ) Rework attribute registration for stack usage
6e757e3c5728 hwmon: (occ) Add soft minimum power cap attribute
f4999111956a drm/nouveau/bl: increase buffer size to avoid truncate warning
3fc1401476cb drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
760e9efae70f erofs: remove unused trace event erofs_destroy_inode
a3d864c901a3 mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
8410996eb6fe mm: hugetlb: independent PMD page table shared count
366298f2b04d mm/hugetlb: unshare page tables during VMA split, not before
37d49f91e523 iio: accel: fxls8962af: Fix temperature calculation
8f5fcf574eed ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
639b31e38853 ALSA: hda/intel: Add Thinkpad E15 to PM deny list
a8aec0d35e93 ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
a4a4abc818de Input: sparcspkr - avoid unannotated fall-through
add2a8e193f3 block: default BLOCK_LEGACY_AUTOLOAD to y
1df80d748f98 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()
287b4f085d2c atm: Revert atm_account_tx() if copy_from_iter_full() fails.
6500f360a435 selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
06780dbaa929 selftests/x86: Add a test to detect infinite SIGTRAP handler loop
9d83ca27a634 udmabuf: use sgtable-based scatterlist wrappers
3f6e9a24abeb scsi: s390: zfcp: Ensure synchronous unit_add
f65f2291e795 scsi: storvsc: Increase the timeouts to storvsc_timeout
f41c62532877 jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
4adee34098a6 jffs2: check that raw node were preallocated before writing summary
58f664614f8c drivers/rapidio/rio_cm.c: prevent possible heap overwrite
a41f447cb27a Revert "x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2" on v6.6 and older
96baba48722b powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
25375f0d0b6c platform/x86: dell_rbu: Stop overwriting data buffer
07d7b8e7ef7d platform/x86: dell_rbu: Fix list usage
b90dd5b12152 Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
dd89a7e18c9c tee: Prevent size calculation wraparound on 32-bit kernels
a5cc6ccac4d9 ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
73f3d6261ac4 bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
04584bba3249 watchdog: da9052_wdt: respect TWDMIN
5e615cecf32e octeontx2-pf: Add error log forcn10k_map_unmap_rq_policer()
5badeca146b2 bpf, sockmap: Fix data lost during EAGAIN retries
fecb2fc3fc10 i40e: fix MMIO write access to an invalid page in i40e_clear_hw
cafc3c567e4e sock: Correct error checking condition for (assign|release)_proto_idx()
d34f2384d6df scsi: lpfc: Use memcpy() for BIOS version
eb295874a43c pinctrl: mcp23s08: Reset all pins to input at probe
56ce76e8d406 software node: Correct a OOB check in software_node_get_reference_args()
9d9513b44446 vxlan: Do not treat dst cache initialization errors as fatal
410a033bfa8c net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions
c9bfb30b75c3 iommu/amd: Ensure GA log notifier callbacks finish running before module unload
7cf3c7bd83ee scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
2fc2e9e865cc libbpf: Add identical pointer detection to btf_dedup_is_equiv()
59bbff4eedff clk: rockchip: rk3036: mark ddrphy as critical
d7ef254e7207 wifi: mac80211: do not offer a mesh path if forwarding is disabled
0d4a81c341eb net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
4bcc11448b16 pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
c871d2b85c57 pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
0245c91f4fdc pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
017035aaff2b pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
fbab07112a9e net: atlantic: generate software timestamp just before the doorbell
c1ee5f16757a ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
97033659fc83 tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
a7d4705f60b6 tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
8ce9d65726d5 net: dlink: add synchronization for stats update
ef1b88325c74 i2c: npcm: Add clock toggle recovery
b08e4cebc034 cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
c0952a626fd9 sctp: Do not wake readers in __sctp_write_space()
70da1f7eb88a wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
add1804ea2e0 emulex/benet: correct command version selection in be_cmd_get_stats()
b0e79c9cc207 i2c: designware: Invoke runtime suspend on quick slave re-registration
d99e45521ebb tipc: use kfree_sensitive() for aead cleanup
722e716966c2 net: macb: Check return value of dma_set_mask_and_coherent()
1cf0a6f43399 cpufreq: Force sync policy boost with global boost on sysfs update
ca41c10be569 thermal/drivers/qcom/tsens: Update conditions to strictly evaluate for IP v2+
9a317e436265 pmdomain: ti: Fix STANDBY handling of PER power domain
794b0efb20a8 nios2: force update_mmu_cache on spurious tlb-permission--related pagefaults
febbe1ce4c77 media: i2c: imx334: update mode_3840x2160_regs array
bb97dfab7615 media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()
7a209e4b6b2a media: tc358743: ignore video while HPD is low
ba5026e805cb drm/amdkfd: Set SDMA_RLCx_IB_CNTL/SWITCH_INSIDE_IB
0a51b85b9960 drm/msm/dpu: don't select single flush for active CTL blocks
4a8cb9908b51 jfs: Fix null-ptr-deref in jfs_ioc_trim
258c755b28f6 drm/amdgpu/gfx9: fix CSIB handling
7715a25c8930 drm/amdgpu/gfx8: fix CSIB handling
603c8dd458da ext4: prevent stale extent cache entries caused by concurrent get es_cache
05aba2d316db sunrpc: fix race in cache cleanup causing stale nextcheck time
979408dbd76f media: rkvdec: Initialize the m2m context before the controls
f29503cd7a1e media: ti: cal: Fix wrong goto on error path
44618bee303b jfs: fix array-index-out-of-bounds read in add_missing_indices
e3bb0c5a3071 ext4: ext4: unify EXT4_EX_NOCACHE|NOFAIL flags in ext4_ext_remove_space()
5179d4cf092e drm/amdgpu/gfx7: fix CSIB handling
9cb5da9c83a8 media: uapi: v4l: Change V4L2_TYPE_IS_CAPTURE condition
dc2aa8079d78 media: ccs-pll: Better validate VT PLL branch
b6fa8b7b8a64 drm/amdgpu/gfx10: fix CSIB handling
1db83a0b4f1f media: i2c: imx334: Fix runtime PM handling in remove function
498e95513b5b drm/msm/a6xx: Increase HFI response timeout
6a4d3708dec4 drm/amd/display: Add NULL pointer checks in dm_force_atomic_commit()
bc487c490b75 media: uapi: v4l: Fix V4L2_TYPE_IS_OUTPUT condition
b905b9926ee1 drm/msm/hdmi: add runtime PM calls to DDC transfer function
fce2d5e2b3ce media: i2c: imx334: Enable runtime PM before sub-device registration
bcc8724b34c5 drm/bridge: anx7625: change the gpiod_set_value API
66e84439ec2a exfat: fix double free in delayed_free
3742e777735a drm/bridge: analogix_dp: Add irq flag IRQF_NO_AUTOEN instead of calling disable_irq()
fbee3fe40ca2 sunrpc: update nextcheck time when adding new cache entries
767e4d5300ea drm/amdgpu/gfx6: fix CSIB handling
767af6fc3787 ACPI: battery: negate current when discharging
abd7d5fb3394 PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
82608027b6e7 ASoC: tegra210_ahub: Add check to of_device_get_match_data()
64cc1a4a4440 ACPICA: utilities: Fix overflow check in vsnprintf()
6336d96ae88f power: supply: bq27xxx: Retrieve again when busy
960236150cd3 ACPICA: fix acpi parse and parseext cache leaks
49047b184f2b ACPI: bus: Bail out if acpi_kobj registration fails
15fa571eedf1 ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
6448774d5889 ACPICA: Avoid sequence overread in call to strncmp()
106a648780bf clocksource: Fix the CPUs' choice in the watchdog per CPU verification
5a68893b594e ACPICA: fix acpi operand cache leak in dswstate.c
bf68c0f4c75f iio: adc: ad7606_spi: fix reg write value mask
4b2fac04ed6f iio: imu: inv_icm42600: Fix temperature calculation
e401d55901a8 iio: accel: fxls8962af: Fix temperature scan element sign
fe551adf4bd3 PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit()
ff1283be679c PCI: Fix lock symmetry in pci_slot_unlock()
a040e7effbb6 PCI: Add ACS quirk for Loongson PCIe
2fd7537ffd9c PCI: cadence-ep: Correct PBA offset in .set_msix() callback
8ec133fb054a uio_hv_generic: Use correct size for interrupt and monitor pages
3562c09feeb8 remoteproc: core: Release rproc->clean_table after rproc_attach() fails
c56d6ef2711e remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()
fbf3da023bd2 regulator: max14577: Add error check for max14577_read_reg()
5155f04287e5 mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
2ec9fda98d1a staging: iio: ad5933: Correct settling cycles encoding per datasheet
9da3e442714f net: ch9200: fix uninitialised access during mii_nway_restart
6805582abb72 ftrace: Fix UAF when lookup kallsym after ftrace disabled
445e7055a68d dm-mirror: fix a tiny race condition
ee3639385312 mtd: nand: sunxi: Add randomizer configuration before randomizer enable
45413b242513 mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
6fe586c14d8f mm: fix ratelimit_pages update error in dirty_ratio_handler()
3b4a50d733ac RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
74bc813d11c3 ipc: fix to protect IPCS lookups using RCU
b0dba0c78323 clk: meson-g12a: add missing fclk_div2 to spicc
1fd94aa3fff0 parisc: fix building with gcc-15
bf9c07864765 vgacon: Add check for vc_origin address range in vgacon_scroll()
1a10d91766eb fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
1ee9bab20949 EDAC/altera: Use correct write width with the INTTEST register
ac6992f72bd8 NFC: nci: uart: Set tty->disc_data only in success path
38ef48a8afef f2fs: fix to do sanity check on sit_bitmap_size
fbfe8446cd32 f2fs: prevent kernel warning due to negative i_nlink from corrupted image
e5a2481dc2a0 Input: ims-pcu - check record size in ims_pcu_flash_firmware()
a597a609bfd4 ext4: ensure i_size is smaller than maxbytes
9004a1cc5cfc ext4: factor out ext4_get_maxbytes()
c6187eb191a2 ext4: fix calculation of credits for extent tree modification
9d1d1c5bf4fc ext4: inline: fix len overflow in ext4_prepare_inline_data
01cf92dfced5 bus: fsl-mc: fix GET/SET_TAILDROP command ids
0997566153bd bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
7fc89c218fc9 ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
312c121beb9c can: tcan4x5x: fix power regulator retrieval during probe
516fdd430171 bus: mhi: host: Fix conflict between power_up and SYSERR
0e8878685902 ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
22441bf144ad ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
b592691f650c media: uvcvideo: Fix deferred probing error
739359516f96 media: uvcvideo: Send control events for partial succeeds
e1019ff183fb media: uvcvideo: Return the number of processed controls
89b5ab822bf6 media: vivid: Change the siize of the composing
7e62be1f3b24 media: vidtv: Terminating the subsequent process of initialization failure
230c37b5948d media: videobuf2: use sgtable-based scatterlist wrappers
42f3fdd39fbd media: venus: Fix probe error handling
8b451a9a46f2 media: v4l2-dev: fix error handling in __video_register_device()
a4c47df59539 media: gspca: Add error handling for stv06xx_read_sensor()
41807a5f6742 media: cxusb: no longer judge rbuf when the write fails
6f79b25ddfe9 media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case
0220fe256b44 media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div
64f7f8c362ab media: ccs-pll: Start OP pre-PLL multiplier search from correct value
fe52765d1c90 media: ccs-pll: Start VT pre-PLL multiplier search from correct value
7fce1722991d media: ov8856: suppress probe deferral errors
55fed78e52fe wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
43d5e3bb5f1d jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
0fccf5f01ed2 nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
425efc6b3292 nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
1f7f8168abe8 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
8d5510e94dab net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
ea4b1cb6561e net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
b0e86598e073 powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states
2023dea8dd9b ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
190dcc1e3f6b ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
5a16ebe0050e gfs2: move msleep to sleepable context
e4da95e1246f crypto: marvell/cesa - Do not chain submitted requests
8cb51a55b26e configfs: Do not override creating attribute file failure in populate_attrs()
4ad892bdacb6 xfs: allow inode inactivation during a ro mount log recovery
7eac413a3ea3 kbuild: hdrcheck: fix cross build with clang
1b8763684529 kbuild: userprogs: fix bitsize and target detection on clang
117ea3f4e59c drm/meson: Use 1000ULL when operating with mode->clock
56e5419b5f5c net: usb: aqc111: debug info before sanitation
3f77ba79a36d calipso: unlock rcu before returning -EAFNOSUPPORT
2dace5e016c9 x86/iopl: Cure TIF_IO_BITMAP inconsistencies
2a04a591170f xen/arm: call uaccess_ttbr0_enable for dm_op hypercall
e67c0dac405a usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx()
8bc30532b978 usb: Flush altsetting 0 endpoints before reinitializating them after reset.
f78b3fdd2c7f usb: cdnsp: Fix issue with detecting USB 3.2 speed
8c65ca53c2e6 usb: cdnsp: Fix issue with detecting command completion event
b4209e4b778e VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify
6d929bef6bda usb: usbtmc: Fix read_stb function and get_stb ioctl
4751118c3ed8 drm/amd/display: Do not add '-mhard-float' to dcn2{1,0}_resource.o for clang
510ce6a1393c kbuild: Add KBUILD_CPPFLAGS to as-option invocation
0690824cc325 kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS
f85d6a08cc9f kbuild: Add CLANG_FLAGS to as-instr
d36719f29376 mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation
d08146795689 drm/amd/display: Do not add '-mhard-float' to dml_ccflags for clang
cefb372db498 kbuild: Update assembler calls to use proper flags and language target
3b68784d1439 MIPS: Prefer cc-option for additions to cflags
3ef47d2b7a41 MIPS: Move '-Wa,-msoft-float' check from as-option to cc-option
aaf384815bc1 x86/boot/compressed: prefer cc-option for CFLAGS additions
2f3daa04a932 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
c8c4f0c2684a ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1
4a07125cc40d perf: Ensure bpf_perf_link path is properly serialized
929d62e86f0c nvmet-fcloop: access fcpreq only when holding reqlock
64007aab1cf6 fs/filesystems: Fix potential unsigned integer underflow in fs_name()
0b479d0aa488 net_sched: ets: fix a race in ets_qdisc_change()
52247723c300 sch_ets: make est_qlen_notify() idempotent
852d27f773a7 net_sched: tbf: fix a race in tbf_change()
110a47efcf23 net_sched: red: fix a race in __red_change()
20f68e6a9e41 net_sched: prio: fix a race in prio_tune()
dc84c55f121d net/mlx5: Fix return value when searching for existing flow group
7ec31c2003f9 net/mlx5: Ensure fw pages are always allocated on same NUMA
014ad9210373 net/mdiobus: Fix potential out-of-bounds read/write access
694456462ed6 net: mdio: C22 is now optional, EOPNOTSUPP if not provided
268625b73e4c macsec: MACsec SCI assignment for ES = 0
6fa68d7eab34 net: Fix TOCTOU issue in sk_is_readable()
15e46043bc46 i40e: retry VFLR handling if there is ongoing VF reset
5008c550c634 i40e: return false from i40e_reset_vf if reset is in progress
597b481ca1ce drm/meson: fix more rounding issues with 59.94Hz modes
bd27ff504e4d drm/meson: use vclk_freq instead of pixel_freq in debug print
f5d21eae4d7c drm/meson: fix debug log statement when setting the HDMI clocks
363e63997798 drm/meson: use unsigned long long / Hz for frequency types
7298df96179b powerpc/vas: Return -EINVAL if the offset is non-zero in mmap()
81260c41b518 powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap
5814a7fc3abb net_sched: sch_sfq: fix a potential crash on gso_skb handling
75ad1ca646ee scsi: iscsi: Fix incorrect error path labels for flashnode operations
5c89dc8c3461 ath10k: snoc: fix unbalanced IRQ enable in crash recovery
5d217e7031a5 ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()
f592eb12b43f scsi: core: ufs: Fix a hang in the error handler
5f30a81fc188 serial: sh-sci: Clean sci_ports[0] after at earlycon exit
b7f05abd60f0 serial: sh-sci: Move runtime PM enable to sci_probe_single()
7857505af578 serial: sh-sci: Check if TX data was written to device in .tx_empty()
e82d6c45db4f arm64: dts: ti: k3-am65-main: Add missing taps to sdhci0
c3b4bc986af5 arm64: dts: ti: k3-am65-main: Fix sdhci node properties
29f0cd61d6b5 arm64: dts: ti: k3-am65-main: Drop deprecated ti,otap-del-sel property
f3c2b179b413 Input: synaptics-rmi - fix crash with unsupported versions of F34
17e5ca8ef81c Input: synaptics-rmi4 - convert to use sysfs_emit() APIs
ef0c767a559b pmdomain: core: Fix error checking in genpd_dev_pm_attach_by_id()
432a171d6005 do_change_type(): refuse to operate on unmounted/not ours mounts
eb34dc108e3e fix propagation graph breakage by MOVE_MOUNT_SET_GROUP move_mount(2)
668923c47460 seg6: Fix validation of nexthop addresses
18e65229a328 wireguard: device: enable threaded NAPI
b5ad58285f92 netfilter: nf_set_pipapo_avx2: fix initial map fill
ae98a1787fdc gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO
277006dd681e PM: sleep: Fix power.is_suspended cleanup for direct-complete devices
61f418cd4ea5 vmxnet3: correctly report gso type for UDP tunnels
6ef8dfb1b68f net: dsa: tag_brcm: legacy: fix pskb_may_pull length
d94c6f53b0a7 ice: create new Tx scheduler nodes for new queues only
96bc5ce57b16 Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION
02f56169e6eb spi: bcm63xx-hsspi: fix shared reset
bb9c9e989a80 spi: bcm63xx-spi: fix shared reset
417e17c44f3d net/mlx4_en: Prevent potential integer overflow calculating Hz
605f09ae583e driver: net: ethernet: mtk_star_emac: fix suspend/resume issue
e0b11227c4e8 net: tipc: fix refcount warning in tipc_aead_encrypt
54e7ce239d69 gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt
28dd08343cc5 net: stmmac: platform: guarantee uniqueness of bus_id
dae5b8818593 vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl()
38c5712df50d MIPS: Loongson64: Add missing '#interrupt-cells' for loongson64c_ls7a
2659abc74cb3 iio: adc: ad7124: Fix 3dB filter frequency reading
19fd9f5a6936 serial: Fix potential null-ptr-deref in mlb_usio_probe()
0a1e16a6cbf4 usb: renesas_usbhs: Reorder clock handling and power management in probe
6c1344a5bb1c PCI/DPC: Initialize aer_err_info before using it
9f133e04c622 dmaengine: ti: Add NULL check in udma_probe()
3e7061f62bd7 PCI: cadence: Fix runtime atomic count underflow
19f0d83e1450 rtc: sh: assign correct interrupts with DT
92270f14a8c1 nfs: ignore SB_RDONLY when remounting nfs
3293cc462518 nfs: clear SB_RDONLY before getting superblock
477c4882e53e perf record: Fix incorrect --user-regs comments
00b96ed79bce perf tests switch-tracking: Fix timestamp comparison
f93ea1e5e185 mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE
f79f8d8dda3a mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove()
e009779acc04 rpmsg: qcom_smd: Fix uninitialized return variable in __qcom_smd_send()
e8461ec67a36 remoteproc: qcom_wcnss_iris: Add missing put_device() on error in probe
8d39a6fd9843 perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3
9d06ac32c202 backlight: pm8941: Add NULL check in wled_configure()
07a4014cc66b perf ui browser hists: Set actions->thread before calling do_zoom_thread()
c6dbaf7e31cb perf build: Warn when libdebuginfod devel files are not available
2d63433e8eaa fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
1fd889c14572 soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()
0fab016dc4aa soc: aspeed: lpc: Fix impossible judgment condition
3a2249e91547 arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou
26e868438691 ARM: dts: qcom: apq8064 merge hw splinlock into corresponding syscon device
7002b954c4a8 bus: fsl-mc: fix double-free on mc_dev
1ce784ddfb31 nilfs2: do not propagate ENOENT error from nilfs_btree_propagate()
c155d46ff02c nilfs2: add pointer check for nilfs_direct_propagate()
1a955db41131 ocfs2: fix possible memory leak in ocfs2_finish_quota_recovery
5c51aa862cbe Squashfs: check return result of sb_min_blocksize
ca87e905ff3c arm64: dts: imx8mn-beacon: Fix RTC capacitive load
485f23661881 arm64: dts: imx8mm-beacon: Fix RTC capacitive load
d274c1372926 ARM: dts: at91: at91sam9263: fix NAND chip selects
dac5dfede03f ARM: dts: at91: usb_a9263: fix GPIO for Dataflash chip select
8636cafb2c67 f2fs: fix to correct check conditions in f2fs_cross_rename
e61079985c54 f2fs: use d_inode(dentry) cleanup dentry->d_inode
92dd2d870e7b net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames
ad17eb86d042 net: openvswitch: Fix the dead loop of MPLS parse
26ce90f1ce60 calipso: Don't call calipso functions for AF_INET sk.
7d589b470f39 net: lan743x: rename lan743x_reset_phy to lan743x_hw_reset_phy
e7fb4ebee6e9 bpf: Avoid __bpf_prog_ret0_warn when jit fails
f398d2dfe450 net: usb: aqc111: fix error handling of usbnet read calls
42a44e25eee4 netfilter: nft_tunnel: fix geneve_opt dump
4edb40b05cb6 bpf, sockmap: Avoid using sk_socket after free when sending
d796723b1481 vfio/type1: Fix error unwind in migration dirty bitmap allocation
83c1ed5c83ca netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
7ee3fb6258da wifi: ath9k_htc: Abort software beacon handling if disabled
1ee8ea6937d1 wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
7f9efa13f2af s390/bpf: Store backchain even for leaf progs
2b901bf2fa23 clk: qcom: gcc-msm8939: Fix mclk0 & mclk1 for 24 MHz
ee90be48edb3 bpf: Fix WARN() in get_bpf_raw_tp_regs
2ecafe59668d pinctrl: at91: Fix possible out-of-boundary access
12cda7fcc4cf libbpf: Use proper errno value in nlattr
2fef0e86682f ktls, sockmap: Fix missing uncharge operation
54ce9bcdaee5 clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()
c22099a64880 clk: qcom: gcc-sm6350: Add *_wait_val values for GDSCs
9c5268e5d633 bpf: Fix uninitialized values in BPF_{CORE,PROBE}_READ
f9784da76ad7 RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction
e9022196bdbe netfilter: nft_quota: match correctly when the quota just depleted
ba18b0b9272f netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it
c6c7e7ab962b libbpf: Use proper errno value in linker
a6412e93cf4a f2fs: fix to detect gcing page in f2fs_is_cp_guaranteed()
ce6849b76dad f2fs: clean up w/ fscrypt_is_bounce_page()
65b935d4e5c4 iommu: Protect against overflow in iommu_pgsize()
5c3e52ab7887 RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h
f1ba4e35fb3f wifi: rtw88: do not ignore hardware read error during DPK
6dfe62db59f3 libbpf: Fix buffer overflow in bpf_object__init_prog
f4b0ce074bd6 net: ncsi: Fix GCPS 64-bit member variables
6a324d77f7ea f2fs: fix to do sanity check on sbi->total_valid_block_count
d6181bd1dfa1 bpf, sockmap: fix duplicated data transmission
2160dcc38acf IB/cm: use rwlock for MAD agent lock
f9507cf2dd0e wifi: ath11k: fix node corruption in ar->arvifs list
e74b9a7269aa firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES
809b522315a0 drm/tegra: rgb: Fix the unbound reference count
afc9153b1e57 drm/vkms: Adjust vkms_state->active_planes allocation type
58d0e3088812 drm: rcar-du: Fix memory leak in rcar_du_vsps_init()
39044a10d912 selftests/seccomp: fix syscall_restart test for arm compat
7287af1ec4d3 firmware: psci: Fix refcount leak in psci_dt_init
1b6780143d59 m68k: mac: Fix macintosh_config for Mac II
5390b3d4c6d4 fs/ntfs3: handle hdr_first_de() return value
892a242ca5b1 media: rkvdec: Fix frame size enumeration
85cdcb834fb4 drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table
259b74c2b329 spi: sh-msiof: Fix maximum DMA transfer size
cfc61c34077e ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions"
92322500c1aa x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges()
3319b48d1ba2 PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks()
b227c27359a0 power: reset: at91-reset: Optimize at91_reset()
bf6a8502a5f4 EDAC/skx_common: Fix general protection fault
03657814c828 crypto: sun8i-ce - move fallback ahash_request to the end of the struct
02b661940874 crypto: xts - Only add ecb if it is not already there
200b752c0066 crypto: lrw - Only add ecb if it is not already there
9bacddcf6886 crypto: marvell/cesa - Avoid empty transfer descriptor
e1cc69da6195 crypto: marvell/cesa - Handle zero-length skcipher requests
c798023fa973 x86/cpu: Sanitize CPUID(0x80000000) output
ada335e8475d crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions
fb2671376bbf perf/core: Fix broken throttling when max_samples_per_tick=1
333f2d85b615 gfs2: gfs2_create_inode error handling fix
2f62eda4d974 thunderbolt: Do not double dequeue a configuration request
2e74fd21b845 usb: usbtmc: Fix timeout value in get_stb
547f3e678922 USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB
3f1aac91fc36 usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device
cfd327ad2e00 usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE
0188c74bf3ac rtc: Fix offset calculation for .start_secs < 0
c360f8ff1bef rtc: Make rtc_time64_to_tm() support dates before 1970
6df0e243e757 acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio()
e0a83d422a18 pinctrl: armada-37xx: set GPIO output value before setting direction
bb9578e9f35f pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31
ebf6f96c7993 tracing: Fix compilation warning on arm32
1c700860e8bc Linux 5.15.185
dcbee1061a46 perf/arm-cmn: Initialise cmn->cpu earlier
dcb08fd2c6cb platform/x86: thinkpad_acpi: Ignore battery threshold change event notification
dbc155cf4e70 platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys
961caaf8ad35 tpm: tis: Double the timeout B to 4s
1706ef825254 nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro
128b5f020651 spi: spi-sun4i: fix early activation
4916624695c0 um: let 'make clean' properly clean underlying SUBARCH as well
13108bf19da5 platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS
49c13288c919 nfs: don't share pNFS DS connections between net namespaces
5c46ec760d3b HID: quirks: Add ADATA XPG alpha wireless mouse support
1686594d7285 coredump: hand a pidfd to the usermode coredump helper
5ff7313a1f45 fork: use pidfd_prepare()
7f8c3fd203fd pid: add pidfd_prepare()
b06450fb3e73 coredump: fix error handling for replace_fd()
2c928b3a0b04 net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
cc6790f4b085 arm64: dts: qcom: sm8350: Fix typo in pil_camera_mem node
9fdb86f0bf65 smb: client: Reset all search buffer pointers when releasing buffer
1b197931fbc8 smb: client: Fix use-after-free in cifs_fill_dirent
5492aaea844e x86/its: Fix undefined reference to cpu_wants_rethunk_at()
8f8637b9d26d drm/i915/gvt: fix unterminated-string-initialization warning
3c2729dfcf30 xen/swiotlb: relax alignment requirements
34901631e6e3 i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work()
9d678b2976ec kbuild: Disable -Wdefault-const-init-unsafe
0e0cf836cfe4 spi: spi-fsl-dspi: Reset SR flags before sending a new message
a3a147ef6d02 spi: spi-fsl-dspi: Halt the module after a new message transfer
0e989441cfbc spi: spi-fsl-dspi: restrict register range for regmap access
6fd4a4cb3ca1 Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC connection"
c6da28bc4e1f mm/page_alloc.c: avoid infinite retries caused by cpuset race
5dcdbb69aa3a memcg: always call cond_resched() after fn()
ff887e77b777 Revert "drm/amd: Keep display off while going into S4"
26d20ea0f233 drm/edid: fixed the bug that hdr metadata was not reset
fb7cde625872 platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()
0f5d93ee3f8b llc: fix data loss when reading from a socket in llc_ui_recvmsg()
10217da9644a ALSA: pcm: Fix race of buffer access at PCM OSS layer
0622846db728 can: bcm: add missing rcu read protection for procfs content
fbd8fdc2b218 can: bcm: add locking for bcm_op runtime updates
1a426abdf1c8 padata: do not leak refcount in reorder_work
c3059d58f79f crypto: algif_hash - fix double free in hash_accept
24f942d9820b octeontx2-af: Set LMT_ENA bit for APR table entries
f5c2c4eaaa5a net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done
89c301e929a0 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
207dabae49b2 net: dwmac-sun8i: Use parsed internal PHY address instead of 1
ec180b032459 bridge: netfilter: Fix forwarding of fragmented packets
069cbc318de5 Bluetooth: L2CAP: Fix not checking l2cap_chan security level
0995986ffd5e xfrm: Sanitize marks before insert
6a39058059f6 remoteproc: qcom_wcnss: Fix on platforms without fallback regulators
f6d45fd92f62 __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock
769dd92ef97e xenbus: Allow PVH dom0 a non-local xenstore
a876703894a6 btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref
fc01b547c3f8 nvmet-tcp: don't restore null sk_state_change
7bd0049e9699 ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx
e3bf273d9ad7 ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013
2568cf939a64 pinctrl: meson: define the pull up/down resistor value as 60 kOhm
64ca70dee2cc ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of()
39db9b5a1673 drm: Add valid clones check
85a8dfc77227 drm/atomic: clarify the rules around drm_atomic_state->allow_modeset
a0d2f4905b16 wifi: ath9k: return by of_get_mac_address
8d278ad829c2 regulator: ad5398: Add device tree support
8ed3d1784774 spi: zynqmp-gqspi: Always acknowledge interrupts
d2c65c8be7a1 wifi: rtw88: Don't use static local variable in rtw8822b_set_tx_power_index_by_rate
3b61fb788954 perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt
15c799f7f8e1 bpftool: Fix readlink usage in get_fd_type
164beeabcb1b drm/ast: Find VBIOS mode from regular display size
d6fd1eee0767 HID: usbkbd: Fix the bit shift number for LED_KANA
2c6387f545be scsi: st: Restore some drive settings after reset
7e25573e1ac5 scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine
1f66789ad7de net/mana: fix warning in the writer of client oob
39ea4ca9d39a rcu: fix header guard for rcu_all_qs()
b4d9a18fc87f rcu: handle quiescent states for PREEMPT_RCU=n, PREEMPT_COUNT=y
41097ac64d0d r8169: don't scan PHY addresses > 0
e033da39fc6a vxlan: Annotate FDB data races
4d20b4a861af media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available
eae500bc8dcc hwmon: (xgene-hwmon) use appropriate type for the latency value
7b99233dda9b clk: qcom: camcc-sm8250: Use clk_rcg2_shared_ops for some RCGs
3373abfa5d29 wifi: rtw88: Fix download_firmware_validate() for RTL8814AU
c47f92ee6cfb r8152: add vendor/device ID pair for Dell Alienware AW1022z
14298c88e2dd ip: fib_rules: Fetch net from fib_rule in fib[46]_rule_configure().
4d87acf13f28 arch/powerpc/perf: Check the instruction type before creating sample with perf_mem_data_src
711734c77fe4 wifi: mac80211: remove misplaced drv_mgd_complete_tx() call
11ab6d6ee7d8 wifi: mac80211: don't unconditionally call drv_mgd_complete_tx()
e42329d27770 net/mlx5e: reduce rep rxq depth to 256 for ECPF
a411de3091f6 net/mlx5e: set the tx_queue_len for pfifo_fast
c74b91453b8c net/mlx5: Extend Ethtool loopback selftest to support non-linear SKB
99b713f4b7df drm/amd/display: Initial psr_version with correct setting
cc958022666c drm/amdgpu: reset psp->cmd to NULL after releasing the buffer
c48f7855988f phy: core: don't require set_mode() callback for phy_get_mode() to work
c8128c04193b net/mlx4_core: Avoid impossible mlx4_db_alloc() order value
485dc9ef39f7 media: v4l: Memset argument to 0 before calling get_mbus_config pad op
b4e81a758035 smack: recognize ipv4 CIPSO w/o categories
8de1d394e31e pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map
b45a50fc1f4e ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot()
d95e6cf0df39 ASoC: tas2764: Power up/down amp on mute ops
c1f0a98342d4 ASoC: ops: Enforce platform maximum on initial value
d5db6ffb03fa net/mlx5: Apply rate-limiting to high temperature warning
937b9c41cc71 net/mlx5: Modify LSB bitmask in temperature event to include only the first bit
5611b5f79836 ACPI: HED: Always initialize before evged
94afbd920a51 PCI: Fix old_size lower bound in calculate_iosize() too
af8431851b8e eth: mlx4: don't try to complete XDP frames in netpoll
30064eee8fe7 can: c_can: Use of_property_present() to test existence of DT property
fc173cada345 RDMA/core: Fix best page size finding when it can cross SG entries
288813ddcc21 EDAC/ie31200: work around false positive build warning
128cdb617a87 net: pktgen: fix access outside of user given buffer in pktgen_thread_write()
b2334244a421 wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31
211539ee8d46 wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU
94ba815f5110 wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU
f0b5f65aebcc scsi: mpt3sas: Send a diag reset if target reset fails
85cd3f245c15 clocksource: mips-gic-timer: Enable counter when CPUs start
51d70446278a MIPS: pm-cps: Use per-CPU variables as per-CPU, not per-core
6fd978a7117e MIPS: Use arch specific syscall name match function
9a3f2d08291b x86/kaslr: Reduce KASLR entropy on most x86 systems
17cf6821b758 libbpf: Fix out-of-bound read
14790abc8779 cpuidle: menu: Avoid discarding useful information
2579ca741b84 x86/nmi: Add an emergency handler in nmi_desc & use it in nmi_shootdown_cpus()
5eb9da3b7d2e drm/amd/display: handle max_downscale_src_width fail check
eee2fb58449f x86/build: Fix broken copy command in genimage.sh when making isoimage
db5833217f13 soc: ti: k3-socinfo: Do not use syscon helper to build regmap
32de1542f467 bonding: report duplicate MAC address in all situations
5fe40d499f50 net: xgene-v2: remove incorrect ACPI_PTR annotation
cfc5a07f9330 drm/amdkfd: KFD release_work possible circular locking
2e04e067d4d6 selftests/net: have `gro.sh -t` return a correct exit code
2c48a122fa0a net/mlx5: Avoid report two health errors on same syndrome
97bab02f0b64 firmware: arm_ffa: Set dma_mask for ffa devices
f5b5945c0bf2 PCI: brcmstb: Add a softdep to MIP MSI-X driver
ee8274d80151 PCI: brcmstb: Expand inbound window size up to 64GB
0a9022295477 fpga: altera-cvp: Increase credit timeout
55883a34d309 drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence
b5c0bd07a48f ARM: at91: pm: fix at91_suspend_finish for ZQ calibration
e62a64a000ba hwmon: (gpio-fan) Add missing mutex locks
4fc2d289b3cc x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2
c953cea9035c clk: imx8mp: inform CCF of maximum frequency of clocks
1bd5406866d0 media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map
e88247716dd7 ipv4: fib: Move fib_valid_key_len() to rtm_to_fib_config().
674b969287f4 net: pktgen: fix mpls maximum labels list parsing
c3a1354b631d net: ethernet: ti: cpsw_new: populate netdev of_node
b91a5652610b pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned"
c91447e35b9b media: cx231xx: set device_caps for 417
fb26963bd247 drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c
654c295f9079 remoteproc: qcom_wcnss: Handle platforms with only single power domain
5111227d7f1f orangefs: Do not truncate file size
025c8f477625 dm cache: prevent BUG_ON by blocking retries on failed device resumes
246346230486 media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe()
5753a20bf23c ARM: tegra: Switch DSI-B clock parent to PLLD on Tegra114
8f12fab5a765 ieee802154: ca8210: Use proper setters and getters for bitwise types
cc29d05861d0 rtc: ds1307: stop disabling alarms on probe
f7dd2a729049 tcp: bring back NUMA dispersion in inet_ehash_locks_alloc()
5cb296e94210 powerpc/prom_init: Fixup missing #size-cells on PowerBook6,7
d3bb3258d105 arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator
4b173bb2c466 crypto: lzo - Fix compression buffer overrun
2592aeda794c cpufreq: tegra186: Share policy per cluster
f6535bc6556d ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup()
bc23966b90d9 auxdisplay: charlcd: Partially revert "Move hwidth and bwidth to struct hd44780_common"
2b572c409811 ipv6: save dontfrag in cork
1acb22d09f5c mmc: sdhci: Disable SD card clock before changing parameters
8d52676f791d arm64/mm: Check PUD_TYPE_TABLE in pud_bad()
066675bb11ab netfilter: conntrack: Bound nf_conntrack sysctl writes
3695ade72a9b timer_list: Don't use %pK through printk()
1351995ba665 posix-timers: Add cond_resched() to posix_timer_add() search loop
1a8df82d201e RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject()
7258b92ceff3 xen: Add support for XenServer 6.1 platform device
8dbcb21f0926 dm: restrict dm device size to 2^63-512 bytes
91628988aca3 crypto: octeontx2 - suppress auth failure screaming due to negative tests
49a99ccec1c8 kbuild: fix argument parsing in scripts/config
ac8fbc318cec ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect
317615342d2a rtc: rv3032: fix EERD location
fe5a5b9d1441 tcp: reorganize tcp_in_ack_event() and tcp_count_delivered()
fa7183cc13dd vfio/pci: Handle INTx IRQ_NOTCONNECTED
8f070ca005e4 scsi: st: ERASE does not change tape location
84e7b679f8d6 scsi: st: Tighten the page format heuristics with MODE SELECT
db03d5b2db5c ext4: reorder capability check last
1ad3d069cf4d um: Update min_low_pfn to match changes in uml_reserved
3eac35c34a98 um: Store full CSGSFS and SS register from mcontext
fdcd142d310c dlm: make tcp still work in multi-link env
30748ce7e156 i3c: master: svc: Fix missing STOP for master request
ce8d1993b122 btrfs: send: return -ENAMETOOLONG when attempting a path that is too long
0175d448b2f8 btrfs: get zone unusable bytes while holding lock at btrfs_reclaim_bgs_work()
23a2379b0dd9 btrfs: avoid linker error in btrfs_find_create_tree_block()
e98cb12ba84d btrfs: make btrfs_discard_workfn() block_group ref explicit
74314f8937ea i2c: pxa: fix call balance of i2c->clk handling routines
d18963f219b3 i2c: qup: Vote for interconnect bandwidth to DRAM
7887df0fe9ec wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2
4b62412e985c mmc: host: Wait for Vdd to settle on card power off
f49c337037df libnvdimm/labels: Fix divide error in nd_label_data_init()
c7af649198dc PCI: vmd: Disable MSI remapping bypass under Xen
18282d8518bf pNFS/flexfiles: Report ENETDOWN as a connection error
0ea65822090b tools/build: Don't pass test log files to linker
11c24ad1ffde PCI: dwc: ep: Ensure proper iteration over outbound map windows
ed30141557d1 lockdep: Fix wait context check on softirq for PREEMPT_RT
0a474eaf3574 dql: Fix dql->limit value when reset.
897a205ffc43 thermal/drivers/qoriq: Power down TMU on system suspend
2328a3bf513c SUNRPC: rpcbind should never reset the port to the value '0'
8a72549eaf12 SUNRPC: rpc_clnt_set_transport() must not change the autobind setting
01d50dfae8e9 NFSv4: Treat ENETUNREACH errors as fatal for state recovery
552baa350a2f fbdev: core: tileblit: Implement missing margin clearing for tileblit
442192330096 fbcon: Use correct erase colour for clearing in fbcon
5caaec485f37 fbdev: fsl-diu-fb: add missing device_remove_file()
84a2fccac8c8 mailbox: use error ret code of of_parse_phandle_with_args()
236bad68c007 tracing: Mark binary printing functions with __printf() attribute
2272e75d7a80 NFSv4: Check for delegation validity in nfs_start_delegation_return_locked()
f41f9ce3c709 kconfig: merge_config: use an empty file as initfile
bc9f8527198a samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora
af8a8fce197b bpf: fix possible endless loop in BPF map iteration
2391dc87e84a net: enetc: refactor bulk flipping of RX buffers to separate function
0b18c3a17bc7 cgroup: Fix compilation issue due to cgroup_mutex not being exported
41c810a06470 dma-mapping: avoid potential unused data compilation warning
02d2d6caee3a virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN
019ca2804f3f scsi: target: iscsi: Fix timeout on deleted connection
(From OE-Core rev: a7cea8a5c91d26ba7c3f72448f0897f5c2f81fd1)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-
one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-
byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, lea
ding to unpredictable program behavior, crashes, or in specific circumstances, could be lever
aged as a building block for more sophisticated exploitation.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5917
Upstream-patch:
7c02cde37a
(From OE-Core rev: 2b2a2fce345c9bfcad44cc8ef3419f43dd07b022)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability has been identified in the libarchive library. This flaw
involves an integer overflow that can be triggered when processing a Web
Archive (WARC) file that claims to have more than INT64_MAX - 4 content
bytes. An attacker could craft a malicious WARC archive to induce this
overflow, potentially leading to unpredictable program behavior, memory
corruption, or a denial-of-service condition within applications that
process such archives using libarchive.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5916
Upstream-patch:
ef09372952
(From OE-Core rev: 0e939bf5fc7412c7357fcd7d8ae760f023ac40eb)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap b
uffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer
-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memo
ry buffer, which can result in unpredictable program behavior, crashes (denial of service), o
r the disclosure of sensitive information from adjacent memory regions.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5915
Upstream-patches:
a612bf62f8
(From OE-Core rev: 41e7be4aa28481530d5e259d0f25b238b86c012d)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When asked to use a `.netrc` file for credentials *and* to
follow HTTP redirects, curl could leak the password used
for the first host to the followed-to host under certain
circumstances.
This flaw only manifests itself if the netrc file has a
`default` entry that omits both login and password. A
rare circumstance.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-0167
Upstream patch:
0e120c5b92
(From OE-Core rev: 7c5aee3066e4c8056d994cd50b26c18a16316c96)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version.
(From OE-Core rev: 4e55668ef07d99d8c1141c2f4270f43f5b280159)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the RandR extension, where the RRChangeProviderProperty function
does not properly validate input. This issue leads to an integer overflow when
computing the total size to allocate.
(From OE-Core rev: 78055e8b6a9ea5063658886c5b5d22821d689fc5)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore'
in a client's request can cause the server to skip processing another client's
request, potentially leading to a denial of service.
(From OE-Core rev: 589bf97e1aa236477d895c227446966d0a278f3c)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore'
in a client's request can cause the server to skip processing another client's
request, potentially leading to a denial of service.
(From OE-Core rev: 9ab0fb0deebd4abb22dbfc6b40fe962cb3388fbd)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler
does not validate the request length, allowing a client to read unintended memory
from previous requests
(From OE-Core rev: 89dde7f86e1c2e61ed71ecf92e908dbe402a2668)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the Big Requests extension. The request length is multiplied
by 4 before checking against the maximum allowed size, potentially causing an
integer overflow and bypassing the size check.
(From OE-Core rev: 17033023d679a597e31964b0fed2b2e89cdf61ec)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the X Rendering extension's handling of animated cursors.
If a client provides no cursors, the server assumes at least one is present,
leading to an out-of-bounds read and potential crash.
(From OE-Core rev: 2c8e82f860792e7fb99c78c512be57ce74774a34)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
urllib3 is a user-friendly HTTP client library for Python. Prior to
2.5.0, it is possible to disable redirects for all requests by
instantiating a PoolManager and specifying retries in a way that
disable redirects. By default, requests and botocore users are not
affected. An application attempting to mitigate SSRF or open redirect
vulnerabilities by disabling redirects at the PoolManager level will
remain vulnerable. This issue has been patched in version 2.5.0.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-50181
Upstream patch:
f05b132912
(From OE-Core rev: 574146765ea3f9b36532abf4ebc8bd2976396f0b)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Patch 0003 is the actual patch to fix CVE.
Patch 0002 is a preparation patch which systemd upstream uses for
all actively maintained branches in preparation for patch 0003.
Patch 0001 is a bug fix patch and is needed to avoid conflict introduced
by patch 0002. Note that patch 0002 claims itself to be of no functional
change, so this patch 0001 is really needed for patch 0002.
Patch 0004 is a compilation fix patch which adds a macro needed by
previous 0002 patch.
(From OE-Core rev: a2e75ca4fa01d5005906fb88d28d52ea951def00)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Adds patch to backport fix for CVE-2025-5914.
(From OE-Core rev: 4a4c6e0382834e03480e07f30ed5efa23f6c6fe2)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The patch for CVE-2022-48434 was removed when ffmpeg was updated to
5.0.3. The CVE was fixed in 5.0.2, but NVD has not updated the affected
versions yet. Added an ignore for this CVE to mark as fixed.
(From OE-Core rev: a8c6e2da68c9fc6c692b41c7370ec937680f788c)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ctest automatically optimizes the order of (parallel) test execution based on
historic test case runtime via the COST property (see [0]), which can have a
significant impact on overall test run times. Sadly this feature is broken in
CMake < 4.0.0 for test cases that have spaces in their name (see [1]).
This commit is a backport of f24178f3 (which itself backports the upstream fix).
the patch was adapted slightly to apply cleanly to the older CMake version in
kirkstone. As repeated test runs are expected to mainly take place inside the
SDK, the patch is only applied to 'nativesdk' builds.
[0]: https://cmake.org/cmake/help/latest/prop_test/COST.html
[1]: https://gitlab.kitware.com/cmake/cmake/-/issues/26594
Reported-By: John Drouhard <john@drouhard.dev>
(From OE-Core rev: f6a160f7ea57af6dfeca003e6c05aa42419fb755)
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Explicitly set Python-related flags to use sysroot-staged headers and tools.
(From OE-Core rev: 85a5d7b1d2c8600f30e38e034f828e5897d9a093)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
NVD ([1]) tracks this as:
cpe:2.3🅰️golang:go:*:*:*:*:*:*:*:*
Running on/with
cpe:2.3⭕microsoft:windows:-:*:*:*:*:*:*:*
Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566
(From OE-Core rev: 571fd82e29fe809c63a5743e534ed7816d787963)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
To accompany earlier updating of kernel version, update this lonely
reference to be consistent.
(From yocto-docs rev: 97cd3ee7f3bf1de8454708d1852ea9cdbd45c39b)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit e26c2018cd663de91ee08e0cba55eda1a4c30210)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Change the sample kernel version being used from 4.4 to a more modern
6.12.
(From yocto-docs rev: 4894e00cc69cf499d28b90a991d4bac0cecb97e7)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 1bad12b6ccfe1c0d26918926176a0c743568de26)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The nativesdk- prefix to the recipe filename should only be used when
using the inherit method as the BBCLASSEXTEND method will do some magic
when generating the "implicit" name of the recipe.
This matches the instructions for the native class.
(From yocto-docs rev: 84ab43b9766e0415e090c6af404ce1c61316f384)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 15fe239e1e62b9add737aa732dd7f5e9948ee03d)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We explain how to create a native (nativesdk) recipe in two different
ways via a bullet list but reading quickly the instructions may mislead
one into doing both options whereas they are incompatible.
This rewords both the nativesdk and native sections so that the second
bullet point starts with an Or and explicit that this applies to target
recipes.
(From yocto-docs rev: c2e814ba75524225390ecad0d3615e48f866374a)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 6d0d338a5f2686ddeee5eed7b6e05f3db800d33a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In embedded box, sed might be provided another providers like Busybox,
hence use generic options whenever possible.
/bin/sed -> /etc/alternatives/sed
/etc/alternatives/sed -> /bin/busybox.nosuid
Here used 'sed -u' option is not necessary, hence removed it.
Fixes below error:
sed: invalid option -- 'u'
Also added 'set -eux' option which halts execution of the script
on any failures.
(From OE-Core rev: 5b3b290baa0a83f493b7ca25d5ffa5ff279bcc69)
(From OE-Core rev: fe7fa1ec7d005d858ccbdd81eb6f7bfab04b7e46)
Signed-off-by: Aditya Tayade <Aditya.Tayade@kpit.com>
Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 07caee1829d2a61bc018fe0e37ecd482922179ee)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit d2da6b5c56)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update LICENSE defined for xz packages to match the license
information provided in the xz COPYING file.
The License information from PACKAGERS file of xz mentions
packages with lzma files are in public domain.They ask to
use GPLv2+, if only it's not possible to mention "PD and GPLv2+".
Include PD license with GPLv2 to packages with lzma content:
xz-dev package contains lzma header
xz-doc package contains lzma man pages
xz packages contains lzma binaries
Links: https://github.com/tukaani-project/xz/blob/v5.4.6/COPYINGhttps://github.com/tukaani-project/xz/blob/v5.4.6/PACKAGERS
(From OE-Core rev: d511c41dac048fbdd93a54136e93b0623a18a83d)
(From OE-Core rev: a9b751f211ccfc1c8d58aba290dc8b4de5383acc)
Signed-off-by: Bhabu Bindu <bindu.bhabu@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4e5b955def5d9f305f5aba2c68b73287c03fd163)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Install libpng test-suite to run it as a ptest.
As the test-suite takes more than 30 seconds to run,
add libpng-ptest to PTESTS_SLOW in ptest-packagelists.inc
(From OE-Core rev: 5835b803acc255c227213670588dd01c5168c266)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The old SRC_URIs are not available and need to update.
(From OE-Core rev: 94d24ff01573dc1d65078c92150dc252b3e9b145)
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Update to the 4.0.27 release of the 4.0.27 series for buildtools
(From OE-Core rev: 9277fae3c81a269994faa6ba6f6c9bdfc74e11bd)
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic@zeiss.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Currently, CVE_PRODUCT only detects vulnerabilities where the product is "ffmpeg".
However, there are also vulnerabilities where the product is "libswresample",
and "libavcodec" as shown below.
https://app.opencve.io/vendors/?vendor=ffmpeg
Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect vulnerabilities
where the product is "libswresample libavcodec" as well.
(From OE-Core rev: 9684eba5c543de229108008e29afd1dd021a9799)
(From OE-Core rev: 34df694e0cdf4c1e3dfc99502a9e615b8c802cdb)
Signed-off-by: aszh07 <mail2szahir@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Naman Jain <namanj1@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2025-1373 does not appear to affect ffmpeg 5.0.3. The CVE has been
added to the ignore list.
(From OE-Core rev: 99cda92e387ca071c4235c14a137510a4fb481c2)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport patch for this CVE and also patch for its regression.
(From OE-Core rev: 7f2ce7ea6bd3397e4a4f3f7bb6957d14838f66c5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Requests is a HTTP library. Due to a URL parsing issue, Requests
releases prior to 2.32.4 may leak .netrc credentials to third parties
for specific maliciously-crafted URLs. Users should upgrade to version
2.32.4 to receive a fix. For older versions of Requests, use of the
.netrc file can be disabled with `trust_env=False` on one's Requests
Session.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-47081
Upstream patch:
96ba401c12
(From OE-Core rev: 37d746033710509ffabc244e0130d20fd81d9673)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The js_splitter_code string contains backslashes that Python tries to
use as escape sequence but doesn't manage to, hence the following
SyntaxWarning message:
documentation/conf.py:188: SyntaxWarning: invalid escape sequence '\p'
.split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}-]+/gu)
Considering that we want this to be sent verbatim to the JS, let's make
this a raw string instead.
Fixes: d4a98ee19e0c ("conf.py: tweak SearchEnglish to be hyphen-friendly")
(From yocto-docs rev: 92bc958301d0aeab0a19e75b8604f01770358195)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c1056672ef45b197136eb8815728d426337a5901)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This repository is partially included in another repository: poky.
However its README isn't making it, so documentation/README pointing at
the README at the root of the git repository would lead the contributor
nowhere.
Instead, let's include the appropriate information directly in
documentation/README which does make it to the poky git repo.
(From yocto-docs rev: acad3d63501d1ee8bd0759438f456488ca7869bf)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 0298318cea2947e65754eab97255164e64a862de)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
KCONFIG_MODE defaults to 'allnoconfig' when not set, regardless of whether
KBUILD_DEFCONFIG points to an in-tree or a meta-layer defconfig.
(From yocto-docs rev: 5a35f8bd19cca200c6b271f049fb94543de79f06)
Signed-off-by: Carlos Sánchez de La Lama <csanchezdll@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit f374b9c426f6c10710e011a4ad660231ee26efb8)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The project is switching the way handle our CDN provision of sstate objects,
update the URL accordingly.
(cherry picked from commit 406e8a8e30404c0538f5aa46f211540bae2b206b)
(From yocto-docs rev: 5c9336284c0664e0d56cf602751a9ffef6303002)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* -image and -base change PKG to:
PKG:${KERNEL_PACKAGE_NAME}-image = "${KERNEL_PACKAGE_NAME}-image-${@legitimize_package_name(d.getVar(KERNEL_VERSION))}"
PKG:${KERNEL_PACKAGE_NAME}-base = "${KERNEL_PACKAGE_NAME}-${@legitimize_package_name(d.getVar(KERNEL_VERSION))}"
* but only when debian.bbclass is inheritted they add the original package name into RPROVIDES by:
https://git.openembedded.org/openembedded-core/commit/?id=3409c4379559afbb1d1d29045582995147a33bbc
* fixes the build if some packagegroup or something RDEPENDS on kernel-image or kernel-base
and the DISTRO doesn't inherit debian.bbclass
* as shown in pkgdata:
linux-raspberrypi $ egrep "^(PKG:)|(RPRO)" 6.6.36+git-*/pkgdata/runtime/kernel-image
6.6.36+git-debian/pkgdata/runtime/kernel-image:RPROVIDES:kernel-image: kernel-image (=6.6.36+git@PRSERV_PV_AUTOINC@+733366844f_769634f344)
6.6.36+git-debian/pkgdata/runtime/kernel-image:PKG:kernel-image: kernel-image-6.6.36-v8
6.6.36+git-without-debian/pkgdata/runtime/kernel-image:PKG:kernel-image: kernel-image-6.6.36-v8
linux-raspberrypi $ egrep "^(PKG:)|(RPRO)" 6.6.36+git-*/pkgdata/runtime/kernel-image-image
6.6.36+git-debian/pkgdata/runtime/kernel-image-image:RPROVIDES:kernel-image-image: kernel-image-image (=6.6.36+git@PRSERV_PV_AUTOINC@+733366844f_769634f344)
6.6.36+git-debian/pkgdata/runtime/kernel-image-image:PKG:kernel-image-image: kernel-image-image-6.6.36-v8
6.6.36+git-without-debian/pkgdata/runtime/kernel-image-image:PKG:kernel-image-image: kernel-image-image-6.6.36-v8
(From OE-Core rev: 05498781657a3f8b38b000f91594ecd78850ce47)
(From OE-Core rev: 350513959f6800eef6579153c2ae95960ca24ea7)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9cb954884b)
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Drop upstreamed patch and refresh remaining patches.
* https://www.python.org/downloads/release/python-31017/
Security content in this release
* gh-131809: Upgrade vendored expat to 2.7.1
* gh-80222: Folding of quoted string in display_name violates RFC
* gh-121284: Invalid RFC 2047 address header after refolding with
email.policy.default
* gh-131261: Update libexpat to 2.7.0
* gh-105704: CVE-2025-0938 urlparse does not flag hostname containing
[ or ] as incorrect
* gh-119511: OOM vulnerability in the imaplib module
* https://www.python.org/downloads/release/python-31018/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
(From OE-Core rev: 838a8b5ca148dfa6c6c2c76f1705d1e358a31648)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Forgot to add CVE-2025-1182 patch file to SRC_URI in the following commit
https://lists.openembedded.org/g/openembedded-core/message/217350
After rebasing the CVE-2025-1180.patch, we encountered hunk errors while applying the
CVE-2025-1182.patch, so I have modified the patch accordingly.
(From OE-Core rev: 131f93b8efcddac984965a250b5391c43ca54ac8)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation
violation via the component /libavcodec/jpeg2000dec.c.
(From OE-Core rev: 948e3fe6d4a0762bcd56e1cc04c4100c46915669)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows
attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
(From OE-Core rev: 2494f863a163d13967d927618a101078f6980538)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Refreshed CVE-2024-36613.patch against to the current version
Removed below patches since already fixed in this version
0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch [1]
0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch [2]
0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch [3]
0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch [4]
CVE-2022-48434.patch [5]
[1] 1eb002596e
[2] 293dc39bca
[3] 2cdddcd6ec
[4] 481e81be12
[5] 3bc28e9d1a
(From OE-Core rev: dadb16481810ebda8091b36e3ee03713c90b5e7e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
TagLib before 2.0 allows a segmentation violation and application crash
during tag writing via a crafted WAV file in which an id3 chunk is the
only valid chunk.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-47466
Upstream patch:
dfa33bec08
(From OE-Core rev: bcf0102e0e9ecf55106eafcc4c2ad8b2e7ad762b)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
libsoup-2.74.2/tests/auth-test.c:1554:39: error: unknown type name 'SoupServerMessage'; did you mean 'SoupServerClass'?
Fix auth-test.c compilation failure caused by CVE-2025-32910 patch
Link: 9af7d0fc75
(From OE-Core rev: 05d14768b5edf41c89b05725e06fd86b5376e6fd)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1
lacks argument sanitization for the # case. A created PDF document includes
its password in cleartext.
(From OE-Core rev: 7052a81e4f9b19b5640b414c10b19f8232d81572)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since Linux v2.4 it has been possible to stop all NFS server by running
rpc.nfsd 0
i.e. by requesting that zero threads be running. This is preferred as
it doesn't risk killing some other process which happens to be called
"nfsd".
Since Linux v6.6 - and other stable kernels to which
Commit: 390390240145 ("nfsd: don't allow nfsd threads to be
signalled.")
has been backported - sending a signal no longer works to stop nfs server
threads.
This patch changes the nfsserver script to use "rpc.nfsd 0" to stop
server threads.
(From OE-Core rev: 415e73d53e5342f3f6ff6acd521ded2df3fbca1f)
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7b09ad289a36)
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
98f47d0e9b8c5 Linux 5.15.184
4ad2d3c4d3cc4 x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc()
618df75f2e30c ice: arfs: fix use-after-free when freeing @rx_cpu_rmap
b8d8f53e18581 netfilter: nf_tables: do not defer rule destruction via call_rcu
a394c160d57f4 netfilter: nf_tables: wait for rcu grace period on net_device removal
ba674db81a154 netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
7170875083254 btrfs: do not clean up repair bio if submit fails
d64807ded1b60 btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()
65ccb2793da74 sctp: add mutual exclusion in proc_sctp_do_udp_port()
ef3a6d3795068 selftests/mm: compaction_test: support platform with huge mount of memory
6dacd2514eb9f usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
e15fd96c0b701 usb: typec: fix potential array underflow in ucsi_ccg_sync_control()
9794ffd9d0c39 usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group
f4bd982563c2f usb: typec: ucsi: displayport: Fix deadlock
cec4f45bf51e0 clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable()
4f8244e0a2f4c block: fix direct io NOWAIT flag not work
d83e52750d9a1 dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups
7aa46ac359d34 dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines
e7320147cf618 dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy
0ea0433f822ed dmaengine: ti: k3-udma: Add missing locking
ca5b213bf4b42 wifi: mt76: disable napi on driver removal
6fe084205a537 phy: renesas: rcar-gen3-usb2: Set timing registers only once
35968b3f9538f phy: Fix error handling in tegra_xusb_port_init
72b4e7e9a1599 tracing: samples: Initialize trace_array_printk() with the correct function
560877a88d047 ftrace: Fix preemption accounting for stacktrace filter command
deea40f26b9de ftrace: Fix preemption accounting for stacktrace trigger command
466ef37d5545d ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera
e9600f67e8b9f ALSA: usb-audio: Add sample rate quirk for Audioengine D1
9a51bc5224421 ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2()
d993895c11c42 ACPI: PPTT: Fix processor subtable walk
d4175c6f96294 btrfs: fix discard worker infinite loop after disabling discard
530e67c4b0120 dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted"
cfcb2a5affbe8 x86/its: FineIBT-paranoid vs ITS
e7117657695bd x86/its: Fix build errors when CONFIG_MODULES=n
1b231a497756e x86/its: Use dynamic thunks for indirect branches
c9ec159fed9f5 x86/its: Align RETs in BHB clear sequence to avoid thunking
4804d7974301f x86/its: Add "vmexit" option to skip mitigation on some CPUs
e30bcefa93a64 x86/its: Enable Indirect Target Selection mitigation
5d19a0574b755 x86/its: Add support for ITS-safe return thunk
498afe80ce3ec x86/alternatives: Remove faulty optimization
a70424c61d5e6 x86/alternative: Optimize returns patching
858073be8899e x86/its: Add support for ITS-safe indirect thunk
34be1a3100b08 x86/its: Enumerate Indirect Target Selection (ITS) bug
da8db23e3c8dd Documentation: x86/bugs/its: Add ITS documentation
86a34f5eb24c9 x86/speculation: Remove the extra #ifdef around CALL_NOSPEC
2d69c40c820a4 x86/speculation: Add a conditional CS prefix to CALL_NOSPEC
175b3cb84685e x86/speculation: Simplify and make CALL_NOSPEC consistent
8595a7453a5f6 x86,nospec: Simplify {JMP,CALL}_NOSPEC
65346f970490e NFSv4/pnfs: Reset the layout state after a layoutreturn
1eccb3a2dfe2e qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd()
6d7a81a69af50 ALSA: sh: SND_AICA should depend on SH_DMA_API
c8fe73ea80b49 net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING
64675a9c00443 net: cadence: macb: Fix a possible deadlock in macb_halt_tx.
d3336f746f196 net_sched: Flush gso_skb list too during ->change()
894b06a72bd61 spi: loopback-test: Do not split 1024-byte hexdumps
72f552e00c50f nfs: handle failure of nfs_get_lock_context in unlock path
f8f470e3a7574 RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug
d91ab703438c6 iio: chemical: sps30: use aligned_s64 for timestamp
a7a49aaab5787 iio: adc: ad7768-1: Fix insufficient alignment of timestamp.
67c9081445295 tracing: probes: Fix a possible race in trace_probe_log APIs
cc64061b90937 platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection
e0bb89c44b56e efi: libstub: Use '-std=gnu11' to fix build with GCC 15
b5d500042eb33 usb: hcd-pci: remove the action of faking interrupt request
6f0605db50e2c clk: imx: Add check for kcalloc
5b837b9e1543e bpf: Fix the indention issue in grow_stack_state()
42b62697634d1 cifs: Fix the calling of smb_version_operations::calc_smb_size()
b14acf729e9dc f2fs: Add inline to f2fs_build_fault_attr() stub
7c317bec311f8 f2fs: check validation of fault attrs in f2fs_build_fault_attr()
81c12119c23f8 bpf: Fix accesses to uninit stack slots [ Upstream commit 6b4a64bafd107e521c01eec3453ce94a3fb38529 ]
c4fa05422d87c smb: client: fix potential OOB in smb2_dump_detail()
299ef3b5b00bf of: module: add buffer overflow check in of_modalias()
b8086c3c1548b reiserfs: Avoid touching renamed directory if parent does not change
ea091017ef62c ipv6: Fix data races around sk->sk_prot.
ff8710da80ee6 ipv6: annotate some data-races around sk->sk_prot
e8c2eafaaa6ac tcp: Fix data races around icsk->icsk_af_ops.
8d1bab7709564 locking/rwsem: Disable preemption while trying for rwsem lock
7c82dac028864 block, loop: support partitions without scanning
45f504f301d41 bpftool: Fix pretty print dump for maps without BTF loaded
1f24338cb789e jbd2: Drop the merge conflicted hunk
e1d0e3c51bde6 tpm: tis_i2c: Limit write bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
1abe841fe331a tpm: tis_i2c: Limit read bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
6224acfc1d56b tpm: Add flag to use default cancellation policy
1cd19d48fb909 tpm: tis_i2c: Fix sanity check interrupt enable mask
a883da132fa82 tpm: Add tpm_tis_i2c backend for tpm_tis_core
a742ac8a1c511 tpm: Add tpm_tis_verify_crc to the tpm_tis_phy_ops protocol layer
ef495c5f45f2e tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops
1f3be2e23aa6d gcc-plugins: Reorganize gimple includes for GCC 13
24615a3b932aa ata: ahci: fix enum constants for gcc-13
5d6cb145541aa net: stmmac: Enable mac_managed_pm phylink config
fd93aabb42872 tools/resolve_btfids: Use pkg-config to locate libelf
130f9da784063 tools/resolve_btfids: Build with host flags
00f2f1a782f9b tools/resolve_btfids: Support cross-building the kernel with clang
17776a4ba9c20 tools/resolve_btfids: Install libbpf headers when building
7c9808380d70c libbpf: Make libbpf_version.h non-auto-generated
37ae1ba791ac7 libbpf: Add LIBBPF_DEPRECATED_SINCE macro for scheduling API deprecations
a2667e6d7314d drm/radeon: free iio for atombios when driver shutdown
f100c753aa1f9 powerpc: Fix reschedule bug in KUAP-unlocked user copy
da5513f301871 libbpf: Fix build warning on ref_ctr_off
4c5a089621a8f perf python: Account for multiple words in CC
1c5699ee85d4f fs: move S_ISGID stripping into the vfs_*() helpers
838f5d0701d89 fs: add mode_strip_sgid() helper
d971726836412 squashfs: provide backing_dev_info in order to disable read-ahead
ed037d7be40c3 irq_work: use kasan_record_aux_stack_noalloc() record callstack
1363bd7dbde39 ixgbevf: add disable link state
e5601ae2bd249 ixgbe: add improvement for MDD response functionality
caa57cd80575d ixgbe: add the ability for the PF to disable VF link state
16a77bfcc7df1 Check /dev/console using init_stat()
04574fd5579a4 tracing/arm: Have max stack tracer handle the case of return address after data
0e51e57170184 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
1e6b7da6ddba7 drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
4931609013207 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
04224f725aa36 irqchip/gic-v3-its: Skip HP notifier when no ITS is registered
6f6c2996a81c1 irqchip/gic-v3-its: Postpone LPI pending table freeing and memreserve
1fa94473423ff irqchip/gic-v3-its: Give the percpu rdist struct its own flags field
6013d1ae5feb1 cert host tools: Stop complaining about deprecated OpenSSL functions
efe20512212b0 init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
a40d2daf2795d pnmtologo: use relocatable file name
3b40d5b41155f of: configfs: remove unused variable overlay_lock
6c085baf18386 tools: use basename to identify file in gen-mach-types
2fca0fd719812 lib/build_OID_registry: fix reproducibility issues
0f586f4ee8ada vt/conmakehash: improve reproducibility
a75774679f28c OF: DT-Overlay configfs interface (v8)
d179c639b30ba x86/boot: Wrap literal addresses in absolute_pointer()
856ec356cf91e ACPI: thermal: drop an always true check
7614af249993e xfs: Fix -Werror=dangling-pointer work-around for older GCC
41470215f97ee xfs: Work around GCC 12 -Werror=dangling-pointer for xfs_attr_remote.o
44a445c1922dc virtio-pci: Remove wrong address verification in vp_del_vqs()
77aa9e489eafd bpf: Disallow unprivileged bpf by default
ebfb1822e9f97 fs/aufs: fixup 5.15.36 fixups
4eba9348d3e2e Revert "Revert "fbdev: Hot-unplug firmware fb devices on forced removal""
5df6d1b00f95b jbd2: fix use-after-free of transaction_t race
2d83e8196487f jbd2: refactor wait logic for transaction updates into a common function
07a63f760793c netfilter: conntrack: avoid useless indirection during conntrack destruction
4e71226259962 Revert "fbdev: Hot-unplug firmware fb devices on forced removal"
7ba4cb36fd4f3 rcu: Avoid alloc_pages() when recording stack
f78574dee71e4 kasan: test: silence intentional read overflow warnings
d313cb89b6b1f kasan: arm64: fix pcpu_page_first_chunk crash with KASAN_VMALLOC
5e279d5647ccf arm64: support page mapping percpu first chunk allocator
e5bf16752dcac vmalloc: choose a better start address in vm_area_register_early()
660b3d21b46f3 kasan: test: bypass __alloc_size checks
00aa7573e53a2 kasan: test: add memcpy test that avoids out-of-bounds write
67becf0b1bd44 kasan: fix tag for large allocations when using CONFIG_SLAB
bedf1e033213c workqueue, kasan: avoid alloc_pages() when recording stack
7195b67ce69b3 kasan: generic: introduce kasan_record_aux_stack_noalloc()
bdff763f0e295 kasan: common: provide can_alloc in kasan_save_stack()
51423ebb36adb lib/stackdepot: introduce __stack_depot_save()
85373e66d8474 lib/stackdepot: remove unused function argument
5b6cc9b251f32 lib/stackdepot: include gfp.h
c9f3902d8069e aufs: reduce overhead for "code present but disabled" use case.
b98d189df02cc aufs: bugfix, umount passes NULL to ->parse_monolithic()
13b883cbbbd9f aufs standalone: cosmetic, missing copyright sentence
21f8b0d81898e aufs: 5.15.5-20220117 ---> 5.15.5-20220221
6199fd8966450 aufs: tiny, headers after fs_context
8ddb40e31c29b aufs: fs_context 7/7, finally remount
69035f71c6fd1 aufs: fs_context 6/7, now mount
bc841b9706977 aufs: fs_context 5/7, parse all other mount options
435188053da29 aufs: fs_context 4/7, parse xino options
9af1f1825cbd7 aufs: fs_context 3/7, parse the branch-management options
1c05eb767f8c3 aufs: fs_context 2/7, parse "br" mount option
a8488f603134a aufs: fs_context 1/7, skelton of the new shceme
8e32e0015564e aufs: pre fs_context, convert a static flag to a macro
f90cb4144aec4 aufs: pre fs_context, support the incomplete sb and sbinfo case
948762ef859c2 aufs: pre fs_context, convert the type of alloc_sbinfo()
77151a08776b1 aufs: 5.15.5-20211129 ---> 5.15.5-20220117
2539adbbbe1e4 aufs: 5.14-20211018 ---> 5.15.5-20211129
7d32b25193c4c aufs: for v5.15-rc1, sync_inode() is gone
66ec0c509225d aufs: for v5.15-rc1, new param 'rcu' for ->get_acl()
69709dc518cd8 aufs: for v5.15-rc1, no mand-lock anymore
ada8fe9543e50 aufs: 5.14-20210906 ---> 5.14-20211018
b77f7f3f394ad Revert "aufs: adjust to v5.15 fs changes"
81bdce5b58765 tick/nohz: WARN_ON --> WARN_ON_ONCE to prevent console saturation
97c9638892228 sched/isolation: really align nohz_full with rcu_nocbs
871f23ad36271 Revert "ARM: defconfig: Enable ax88796c driver for Exynos boards"
ffad0783dd5b2 ARM: config: multi v7: Regenerate defconifg
5c1e1a1ff2d39 ARM: config: multi v7: Add renamed symbols
badaf96564fe1 ARM: config: multi v7: Clean up enabled by default options
34996040fc9bd ARM: config: multi v7: Drop unavailable options
7f685244afb3a powerpc/mm: Switch obsolete dssall to .long
20301aeb1a641 riscv: fix build with binutils 2.38
9df58d0705069 powerpc/lib/sstep: fix 'ptesync' build error
720b61fc400b5 x86_64_defconfig: Fix warnings
02bf23d26bc4c arm64: defconfig: cleanup config options
05914e2c87e51 arm: defconfig: drop unused POWER_AVS option
ffb532fa19b90 aufs5: fix build against v5.15.3+
a4b3abf4d96d7 qemux86: add configuration symbol to select values
fee94ee091541 clear_warn_once: add a clear_warn_once= boot parameter
3d8762d900d93 clear_warn_once: bind a timer to written reset value
95faacac47e8d clear_warn_once: expand debugfs to include read support
de20c4240018c perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
0e4aacead9c15 perf: x86-32: explicitly include <errno.h>
9ad92c11468e2 perf: mips64: Convert __u64 to unsigned long long
09e7efe3e68a0 perf: fix bench numa compilation
e79becc44fa6b perf: add SLANG_INC for slang.h
b1033b5886819 perf: add sgidefs.h to for mips builds
cf9db484ac0b4 perf: change --root to --prefix for python install
7fd052c2c5624 perf: add 'libperl not found' warning
27a437cdd4691 perf: force include of <stdbool.h>
3b99d21bec2f6 fat: don't use obsolete random32 call in namei_vfat
a7e9293b506bb FAT: Added FAT_NO_83NAME
6fd0e71d9e5c1 FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
c379b0d324aeb FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
538be0fdb124f aufs: adjust to v5.15 fs changes
f45da75c8759b aufs5: core
047f57e07e01b aufs5: standalone
029fc15574c88 aufs5: mmap
610d0192ee94d aufs5: base
d4e428d0ec5f4 aufs5: kbuild
eb067eca251ab yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
286af18d0875e yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
24d59a4e26a67 yaffs2: v5.12+ build fixups (not runtime tested)
22c73536d5d7e yaffs: include blkdev.h
506b7251bfb81 yaffs: fix misplaced variable declaration
a0e26ff364dcc yaffs2: v5.6 build fixups
b10b1b2d169ef yaffs2: fix memory leak when /proc/yaffs is read
ad9adccbb2147 yaffs: add strict check when call yaffs_internal_read_super
2e3c3aec8279b yaffs: repair yaffs_get_mtd_device
d662538516a7c yaffs: Fix build failure by handling inode i_version with proper atomic API
70a6113ee2c7c yaffs2: fix memory leak in mount/umount
3378e4a9e4043 yaffs: Avoid setting any ACL releated xattr
ec2284edddef1 Yaffs:check oob size before auto selecting Yaffs1
c2a49874051cd fs: yaffs2: replace CURRENT_TIME by other appropriate apis
e9a5105a3e735 yaffs2: adjust to proper location of MS_RDONLY
608807406f138 yaffs2: import git revision b4ce1bb (jan, 2020)
89e660ece42c8 initramfs: allow an optional wrapper script around initramfs generation
b179dbc9aa109 iwlwifi: select MAC80211_LEDS conditionally
3fd5ca3673d03 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
d1f6edbf01883 arm64/perf: Fix wrong cast that may cause wrong truncation
d202fb2caf337 defconfigs: drop obselete options
9a27e3b5f4e73 arm64/perf: fix backtrace for AAPCS with FP enabled
e20d8cf019b42 linux-yocto: Handle /bin/awk issues
b6d2a3dbbd3a3 uvesafb: provide option to specify timeout for task completion
adb40f1e6a1a5 uvesafb: print error message when task timeout occurs
f280a1ed09626 compiler.h: Undef before redefining __attribute_const__
4352732f268c1 vmware: include jiffies.h
7954a677968dc Resolve jiffies wrapping about arp
5f28a1035d950 nfs: Allow default io size to be configured.
0d7260ad71066 check console device file on fs when booting
900a12e37e0a2 mount_root: clarify error messages for when no rootfs found
7b878cbea7261 menuconfig,mconf-cfg: Allow specification of ncurses location
6604fc1763b3d modpost: mask trivial warnings
0d294adb09cbc kbuild: exclude meta directory from distclean processing
a097cdd95a9ef powerpc: serialize image targets
5db6ec39a0a3e arm: serialize build targets
cbabca27905e2 crtsavres: fixups for 5.4+
7fc7656ed403e powerpc/ptrace: Disable array-bounds warning with gcc8
a5faac5a19a2e powerpc: Disable attribute-alias warnings from gcc8
186c54665b676 powerpc: add crtsavres.o to archprepare for kbuild
d1ea862964cae powerpc: kexec fix for powerpc64
2ac35b89a0f90 powerpc: Add unwind information for SPE registers of E500 core
2e1c348a28bbc mips: vdso: fix 'jalr $t9' crash in vdso code
ec57870b303a8 mips: Kconfig: add QEMUMIPS64 option
6a81b3c081078 4kc cache tlb hazard: tlbp cache coherency
74e3b2a21e542 malta uhci quirks: make allowance for slow 4k(e)c
22e65b63d3b4c arm/Makefile: Fix systemtap
b7f1ab59f19e5 vexpress: Pass LOADADDR to Makefile
ce2800c73bf7e arm: ARM EABI socketcall
019d142fd956a ARM: LPAE: Invalidate the TLB for module addresses during translation fault
(From OE-Core rev: 471382b66a0f9f7001d80355c7a9128ff4b6b4b9)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
3b8db0e4f263 Linux 5.15.182
4226622647e3 scsi: target: Fix WRITE_SAME No Data Buffer crash
aaa763ab8cec dm: fix copying after src array boundaries
655e607898f8 iommu/arm-smmu-v3: Fix iommu_device_probe bug due to duplicated stream ids
6077d3a53d99 iommu/arm-smmu-v3: Use the new rb tree helpers
f95659affee3 irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()
073b77f8619f irqchip/gic-v2m: Mark a few functions __init
5883bcce0ca5 irqchip/gic-v2m: Add const to of_device_id
cdde591d23f4 Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates"
853e14cf36f6 net: phy: microchip: force IRQ polling mode for lan88xx
d7084c39aed6 ARM: dts: opos6ul: add ksz8081 phy properties
91ff1e9652fb firmware: arm_scmi: Balance device refcount when destroying devices
d9f609cb50eb net: hns3: fix deadlock issue when externel_lb and reset are executed together
c7f24b7d9454 of: module: add buffer overflow check in of_modalias()
cc826a9e1e4e PCI: imx6: Skip controller_id generation logic for i.MX7D
21491989477a net: hns3: defer calling ptp_clock_register()
19a68aa1b993 net: hns3: fixed debugfs tm_qset size
a059cef34d73 net: hns3: fix an interrupt residual problem
85fc1d802edf net: hns3: add support for external loopback test
796f64db86d1 net: hns3: store rx VLAN tag offload state for VF
6bed80284c17 net: fec: ERR007885 Workaround for conventional TX
df993daa4c96 net: lan743x: Fix memleak issue when GSO enabled
f21fb533fc3e nvme-tcp: fix premature queue removal and I/O failover
dd008c029fdb bnxt_en: Fix ethtool -d byte order for 32-bit values
69b10dd23ab8 bnxt_en: Fix out-of-bound memcpy() during ethtool -w
f4f30f64f7ae bnxt_en: Fix coredump logic to free allocated buffer
15cb7eab09fe net: ipv6: fix UDPv6 GSO segmentation with NAT
6b732322eb65 net: dlink: Correct endianness handling of led_mode
a32dcc3b8293 ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()
e06e4cdfb65e ice: Refactor promiscuous functions
0bf32d6fb1fc net_sched: qfq: Fix double list add in class with netem as child qdisc
554acc5a2ea9 net_sched: ets: Fix double list add in class with netem as child qdisc
e3e949a39a91 net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
2968632880f1 net_sched: drr: Fix double list add in class with netem as child qdisc
6884fc89d3fc net: ethernet: mtk-star-emac: rearm interrupts in rx_poll only when advised
bedd287fdd31 net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll
97da99868573 net: ethernet: mtk-star-emac: separate tx/rx handling with two NAPIs
688fff006fd1 net/mlx5: E-switch, Fix error handling for enabling roce
225ee358a4ed net/mlx5: E-Switch, Initialize MAC Address for Default GID
9d3ef89b6a5e net/sched: act_mirred: don't override retval if we already lost the skb
9efb2b99b96c KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop
1a3f9482b50b tracing: Fix oob write in trace_seq_to_buffer()
8ba0bfe23917 iommu/vt-d: Apply quirk_iommu_igfx for 8086:0044 (QM57/QS57)
466d9da26707 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid
4df67fb22782 dm: always update the array size in realloc_argv on success
526530ec0058 dm-integrity: fix a warning on invalid table line
508be7c00143 wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()
113304ce7e8a mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe
d5a69c78c9cc amd-xgbe: Fix to ensure dependent features are toggled with RX checksum offload
ec4584495868 parisc: Fix double SIGFPE crash
6266b3509b2c arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays
f0d2cca416c6 i2c: imx-lpi2c: Fix clock count when probe defers
b98f280fa8c1 EDAC/altera: Set DDR and SDMMC interrupt mask before registration
72d3974ed3a8 EDAC/altera: Test the correct error reg offset
2ec0f5f6d476 drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()
169346d866dc ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset
e0bb89c44b56 efi: libstub: Use '-std=gnu11' to fix build with GCC 15
b5d500042eb3 usb: hcd-pci: remove the action of faking interrupt request
6f0605db50e2 clk: imx: Add check for kcalloc
5b837b9e1543 bpf: Fix the indention issue in grow_stack_state()
42b62697634d cifs: Fix the calling of smb_version_operations::calc_smb_size()
b14acf729e9d f2fs: Add inline to f2fs_build_fault_attr() stub
7c317bec311f f2fs: check validation of fault attrs in f2fs_build_fault_attr()
81c12119c23f bpf: Fix accesses to uninit stack slots [ Upstream commit 6b4a64bafd107e521c01eec3453ce94a3fb38529 ]
c4fa05422d87 smb: client: fix potential OOB in smb2_dump_detail()
299ef3b5b00b of: module: add buffer overflow check in of_modalias()
b8086c3c1548 reiserfs: Avoid touching renamed directory if parent does not change
ea091017ef62 ipv6: Fix data races around sk->sk_prot.
ff8710da80ee ipv6: annotate some data-races around sk->sk_prot
e8c2eafaaa6a tcp: Fix data races around icsk->icsk_af_ops.
8d1bab770956 locking/rwsem: Disable preemption while trying for rwsem lock
7c82dac02886 block, loop: support partitions without scanning
45f504f301d4 bpftool: Fix pretty print dump for maps without BTF loaded
1f24338cb789 jbd2: Drop the merge conflicted hunk
e1d0e3c51bde tpm: tis_i2c: Limit write bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
1abe841fe331 tpm: tis_i2c: Limit read bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
6224acfc1d56 tpm: Add flag to use default cancellation policy
1cd19d48fb90 tpm: tis_i2c: Fix sanity check interrupt enable mask
a883da132fa8 tpm: Add tpm_tis_i2c backend for tpm_tis_core
a742ac8a1c51 tpm: Add tpm_tis_verify_crc to the tpm_tis_phy_ops protocol layer
ef495c5f45f2 tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops
1f3be2e23aa6 gcc-plugins: Reorganize gimple includes for GCC 13
24615a3b932a ata: ahci: fix enum constants for gcc-13
5d6cb145541a net: stmmac: Enable mac_managed_pm phylink config
fd93aabb4287 tools/resolve_btfids: Use pkg-config to locate libelf
130f9da78406 tools/resolve_btfids: Build with host flags
00f2f1a782f9 tools/resolve_btfids: Support cross-building the kernel with clang
17776a4ba9c2 tools/resolve_btfids: Install libbpf headers when building
7c9808380d70 libbpf: Make libbpf_version.h non-auto-generated
37ae1ba791ac libbpf: Add LIBBPF_DEPRECATED_SINCE macro for scheduling API deprecations
a2667e6d7314 drm/radeon: free iio for atombios when driver shutdown
f100c753aa1f powerpc: Fix reschedule bug in KUAP-unlocked user copy
da5513f30187 libbpf: Fix build warning on ref_ctr_off
4c5a089621a8 perf python: Account for multiple words in CC
1c5699ee85d4 fs: move S_ISGID stripping into the vfs_*() helpers
838f5d0701d8 fs: add mode_strip_sgid() helper
d97172683641 squashfs: provide backing_dev_info in order to disable read-ahead
ed037d7be40c irq_work: use kasan_record_aux_stack_noalloc() record callstack
1363bd7dbde3 ixgbevf: add disable link state
e5601ae2bd24 ixgbe: add improvement for MDD response functionality
caa57cd80575 ixgbe: add the ability for the PF to disable VF link state
16a77bfcc7df Check /dev/console using init_stat()
04574fd5579a tracing/arm: Have max stack tracer handle the case of return address after data
0e51e5717018 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
1e6b7da6ddba drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
493160901320 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
04224f725aa3 irqchip/gic-v3-its: Skip HP notifier when no ITS is registered
6f6c2996a81c irqchip/gic-v3-its: Postpone LPI pending table freeing and memreserve
1fa94473423f irqchip/gic-v3-its: Give the percpu rdist struct its own flags field
6013d1ae5feb cert host tools: Stop complaining about deprecated OpenSSL functions
efe20512212b init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
a40d2daf2795 pnmtologo: use relocatable file name
3b40d5b41155 of: configfs: remove unused variable overlay_lock
6c085baf1838 tools: use basename to identify file in gen-mach-types
2fca0fd71981 lib/build_OID_registry: fix reproducibility issues
0f586f4ee8ad vt/conmakehash: improve reproducibility
a75774679f28 OF: DT-Overlay configfs interface (v8)
d179c639b30b x86/boot: Wrap literal addresses in absolute_pointer()
856ec356cf91 ACPI: thermal: drop an always true check
7614af249993 xfs: Fix -Werror=dangling-pointer work-around for older GCC
41470215f97e xfs: Work around GCC 12 -Werror=dangling-pointer for xfs_attr_remote.o
44a445c1922d virtio-pci: Remove wrong address verification in vp_del_vqs()
77aa9e489eaf bpf: Disallow unprivileged bpf by default
ebfb1822e9f9 fs/aufs: fixup 5.15.36 fixups
4eba9348d3e2 Revert "Revert "fbdev: Hot-unplug firmware fb devices on forced removal""
5df6d1b00f95 jbd2: fix use-after-free of transaction_t race
2d83e8196487 jbd2: refactor wait logic for transaction updates into a common function
07a63f760793 netfilter: conntrack: avoid useless indirection during conntrack destruction
4e7122625996 Revert "fbdev: Hot-unplug firmware fb devices on forced removal"
7ba4cb36fd4f rcu: Avoid alloc_pages() when recording stack
f78574dee71e kasan: test: silence intentional read overflow warnings
d313cb89b6b1 kasan: arm64: fix pcpu_page_first_chunk crash with KASAN_VMALLOC
5e279d5647cc arm64: support page mapping percpu first chunk allocator
e5bf16752dca vmalloc: choose a better start address in vm_area_register_early()
660b3d21b46f kasan: test: bypass __alloc_size checks
00aa7573e53a kasan: test: add memcpy test that avoids out-of-bounds write
67becf0b1bd4 kasan: fix tag for large allocations when using CONFIG_SLAB
bedf1e033213 workqueue, kasan: avoid alloc_pages() when recording stack
7195b67ce69b kasan: generic: introduce kasan_record_aux_stack_noalloc()
bdff763f0e29 kasan: common: provide can_alloc in kasan_save_stack()
51423ebb36ad lib/stackdepot: introduce __stack_depot_save()
85373e66d847 lib/stackdepot: remove unused function argument
5b6cc9b251f3 lib/stackdepot: include gfp.h
c9f3902d8069 aufs: reduce overhead for "code present but disabled" use case.
b98d189df02c aufs: bugfix, umount passes NULL to ->parse_monolithic()
13b883cbbbd9 aufs standalone: cosmetic, missing copyright sentence
21f8b0d81898 aufs: 5.15.5-20220117 ---> 5.15.5-20220221
6199fd896645 aufs: tiny, headers after fs_context
8ddb40e31c29 aufs: fs_context 7/7, finally remount
69035f71c6fd aufs: fs_context 6/7, now mount
bc841b970697 aufs: fs_context 5/7, parse all other mount options
435188053da2 aufs: fs_context 4/7, parse xino options
9af1f1825cbd aufs: fs_context 3/7, parse the branch-management options
1c05eb767f8c aufs: fs_context 2/7, parse "br" mount option
a8488f603134 aufs: fs_context 1/7, skelton of the new shceme
8e32e0015564 aufs: pre fs_context, convert a static flag to a macro
f90cb4144aec aufs: pre fs_context, support the incomplete sb and sbinfo case
948762ef859c aufs: pre fs_context, convert the type of alloc_sbinfo()
77151a08776b aufs: 5.15.5-20211129 ---> 5.15.5-20220117
2539adbbbe1e aufs: 5.14-20211018 ---> 5.15.5-20211129
7d32b25193c4 aufs: for v5.15-rc1, sync_inode() is gone
66ec0c509225 aufs: for v5.15-rc1, new param 'rcu' for ->get_acl()
69709dc518cd aufs: for v5.15-rc1, no mand-lock anymore
ada8fe9543e5 aufs: 5.14-20210906 ---> 5.14-20211018
b77f7f3f394a Revert "aufs: adjust to v5.15 fs changes"
81bdce5b5876 tick/nohz: WARN_ON --> WARN_ON_ONCE to prevent console saturation
97c963889222 sched/isolation: really align nohz_full with rcu_nocbs
871f23ad3627 Revert "ARM: defconfig: Enable ax88796c driver for Exynos boards"
ffad0783dd5b ARM: config: multi v7: Regenerate defconifg
5c1e1a1ff2d3 ARM: config: multi v7: Add renamed symbols
badaf96564fe ARM: config: multi v7: Clean up enabled by default options
34996040fc9b ARM: config: multi v7: Drop unavailable options
7f685244afb3 powerpc/mm: Switch obsolete dssall to .long
20301aeb1a64 riscv: fix build with binutils 2.38
9df58d070506 powerpc/lib/sstep: fix 'ptesync' build error
720b61fc400b x86_64_defconfig: Fix warnings
02bf23d26bc4 arm64: defconfig: cleanup config options
05914e2c87e5 arm: defconfig: drop unused POWER_AVS option
ffb532fa19b9 aufs5: fix build against v5.15.3+
a4b3abf4d96d qemux86: add configuration symbol to select values
fee94ee09154 clear_warn_once: add a clear_warn_once= boot parameter
3d8762d900d9 clear_warn_once: bind a timer to written reset value
95faacac47e8 clear_warn_once: expand debugfs to include read support
de20c4240018 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
0e4aacead9c1 perf: x86-32: explicitly include <errno.h>
9ad92c11468e perf: mips64: Convert __u64 to unsigned long long
09e7efe3e68a perf: fix bench numa compilation
e79becc44fa6 perf: add SLANG_INC for slang.h
b1033b588681 perf: add sgidefs.h to for mips builds
cf9db484ac0b perf: change --root to --prefix for python install
7fd052c2c562 perf: add 'libperl not found' warning
27a437cdd469 perf: force include of <stdbool.h>
3b99d21bec2f fat: don't use obsolete random32 call in namei_vfat
a7e9293b506b FAT: Added FAT_NO_83NAME
6fd0e71d9e5c FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
c379b0d324ae FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
538be0fdb124 aufs: adjust to v5.15 fs changes
f45da75c8759 aufs5: core
047f57e07e01 aufs5: standalone
029fc15574c8 aufs5: mmap
610d0192ee94 aufs5: base
d4e428d0ec5f aufs5: kbuild
eb067eca251a yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
286af18d0875 yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
24d59a4e26a6 yaffs2: v5.12+ build fixups (not runtime tested)
22c73536d5d7 yaffs: include blkdev.h
506b7251bfb8 yaffs: fix misplaced variable declaration
a0e26ff364dc yaffs2: v5.6 build fixups
b10b1b2d169e yaffs2: fix memory leak when /proc/yaffs is read
ad9adccbb214 yaffs: add strict check when call yaffs_internal_read_super
2e3c3aec8279 yaffs: repair yaffs_get_mtd_device
d662538516a7 yaffs: Fix build failure by handling inode i_version with proper atomic API
70a6113ee2c7 yaffs2: fix memory leak in mount/umount
3378e4a9e404 yaffs: Avoid setting any ACL releated xattr
ec2284edddef Yaffs:check oob size before auto selecting Yaffs1
c2a49874051c fs: yaffs2: replace CURRENT_TIME by other appropriate apis
e9a5105a3e73 yaffs2: adjust to proper location of MS_RDONLY
608807406f13 yaffs2: import git revision b4ce1bb (jan, 2020)
89e660ece42c initramfs: allow an optional wrapper script around initramfs generation
b179dbc9aa10 iwlwifi: select MAC80211_LEDS conditionally
3fd5ca3673d0 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
d1f6edbf0188 arm64/perf: Fix wrong cast that may cause wrong truncation
d202fb2caf33 defconfigs: drop obselete options
9a27e3b5f4e7 arm64/perf: fix backtrace for AAPCS with FP enabled
e20d8cf019b4 linux-yocto: Handle /bin/awk issues
b6d2a3dbbd3a uvesafb: provide option to specify timeout for task completion
adb40f1e6a1a uvesafb: print error message when task timeout occurs
f280a1ed0962 compiler.h: Undef before redefining __attribute_const__
4352732f268c vmware: include jiffies.h
7954a677968d Resolve jiffies wrapping about arp
5f28a1035d95 nfs: Allow default io size to be configured.
0d7260ad7106 check console device file on fs when booting
900a12e37e0a mount_root: clarify error messages for when no rootfs found
7b878cbea726 menuconfig,mconf-cfg: Allow specification of ncurses location
6604fc1763b3 modpost: mask trivial warnings
0d294adb09cb kbuild: exclude meta directory from distclean processing
a097cdd95a9e powerpc: serialize image targets
5db6ec39a0a3 arm: serialize build targets
cbabca27905e crtsavres: fixups for 5.4+
7fc7656ed403 powerpc/ptrace: Disable array-bounds warning with gcc8
a5faac5a19a2 powerpc: Disable attribute-alias warnings from gcc8
186c54665b67 powerpc: add crtsavres.o to archprepare for kbuild
d1ea862964ca powerpc: kexec fix for powerpc64
2ac35b89a0f9 powerpc: Add unwind information for SPE registers of E500 core
2e1c348a28bb mips: vdso: fix 'jalr $t9' crash in vdso code
ec57870b303a mips: Kconfig: add QEMUMIPS64 option
6a81b3c08107 4kc cache tlb hazard: tlbp cache coherency
74e3b2a21e54 malta uhci quirks: make allowance for slow 4k(e)c
22e65b63d3b4 arm/Makefile: Fix systemtap
b7f1ab59f19e vexpress: Pass LOADADDR to Makefile
ce2800c73bf7 arm: ARM EABI socketcall
019d142fd956 ARM: LPAE: Invalidate the TLB for module addresses during translation fault
(From OE-Core rev: 514e700790ed3af0894ad114432aa44090ddb306)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
16fdf2c7111b Linux 5.15.181
26277a425020 PCI: Release resource invalidated by coalescing
e4af080f3ef6 PCI: Fix dropping valid root bus resources with .end = zero
ad367516b1c0 PCI: Fix use-after-free in pci_bus_release_domain_nr()
1f7fb4247d90 nvme: fixup scan failure for non-ANA multipath controllers
d2e15c2fd913 MIPS: cm: Fix warning if MIPS_CM is disabled
c82ca029b29f xdp: Reset bpf_redirect_info before running a xdp's BPF prog.
43c296870740 drm/amd/display: fix double free issue during amdgpu module unload
bb6b2175b606 net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family
527978c76ef2 net: dsa: mv88e6xxx: enable PVT for 6321 switch
7a10a6b17401 net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family
3ea027203778 crypto: atmel-sha204a - Set hwrng quality to lowest possible
4e386645bc01 comedi: jr3_pci: Fix synchronous deletion of timer
a1166e98d80c jfs: define xtree root and page independently
2ddd4a7a8b0f md/raid1: Add check for missing source disk in process_checks()
e5e274f64f32 ubsan: Fix panic from test_ubsan_out_of_bounds
7dd6ab7f467c loop: aio inherit the ioprio of original request
1d8f9378cb48 scsi: pm80xx: Set phy_attached to zero when device is gone
47e8efd6c623 scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes
4b7bdc2efa11 ext4: make block validity check resistent to sb bh corruption
0773465fbe1b nvmet-fc: put ref when assoc->del_work is already scheduled
33acc9c2d1e4 nvmet-fc: take tgtport reference only once
b6a2cd26bcb9 x86/bugs: Don't fill RSB on context switch with eIBRS
a71d88ae28ef x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
56332c566f36 x86/bugs: Use SBPB in write_ibpb() if applicable
33f046d7c8d3 selftests/mincore: Allow read-ahead pages to reach the end of the file
3e70fa900584 objtool: Stop UNRET validation on UD2
d2830ae38358 nvme: re-read ANA log page after ns scan completes
26671f662eda ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
5a8389206cd4 nvme: requeue namespace scan on missed AENs
bbe7c3b33292 xen: Change xen-acpi-processor dom0 dependency
605de05255b3 selftests: ublk: fix test_stripe_04
373512760e13 udmabuf: fix a buf size overflow issue during udmabuf creation
4da2a94ed523 KVM: s390: Don't use %pK through tracepoints
20a3cec623fa sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP
40845d9146b9 ntb: reduce stack usage in idt_scan_mws
5fe708c5e3c8 qibfs: fix _another_ leak
1640c9b81d66 objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler()
d26a6093d529 usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
3a259d74f57a usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running
0725a991727d dmaengine: dmatest: Fix dmatest waiting less when interrupted
e03b10c45c76 sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
059d35a7393c usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield
423e146ed630 fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size
e10e634ee40f usb: host: max3421-hcd: Add missing spi_device_id table
d9ef9664e44e s390/tty: Fix a potential memory leak bug
e1e00dc45648 s390/sclp: Add check for get_zeroed_page()
6992fb10dff2 parisc: PDT: Fix missing prototype warning
aa36ec5d96c9 clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec()
1dd4a8561d85 crypto: null - Use spin lock instead of mutex
10829b24512a MIPS: cm: Detect CM quirks from device tree
809fce49f0b6 USB: wdm: add annotation
6261b99ef0ed USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
b02a3fef3e8c USB: wdm: close race between wdm_open and wdm_wwan_port_stop
17dd48b3f6f2 USB: wdm: handle IO errors in wdm_wwan_port_start
68be90d3d1aa USB: VLI disk crashes if LPM is used
394ff4699263 usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive
50d68345d467 usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
c0079630f268 usb: dwc3: gadget: check that event count does not exceed event buffer length
a143ed263d51 USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
3ec61fa704a4 usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling
24b808d7516f usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines
8060b719676e usb: chipidea: ci_hdrc_imx: fix usbmisc handling
b96239582531 usb: cdns3: Fix deadlock when using NCM gadget
94df04953061 USB: serial: simple: add OWON HDS200 series oscilloscope support
82e841dc1eaf USB: serial: option: add Sierra Wireless EM9291
184cdaa3ea5f USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe
b59c7fefded5 serial: sifive: lock port in startup()/shutdown() callbacks
116c7d35b8f7 KVM: x86: Reset IRTE to host control if *new* route isn't postable
26ccc791de50 mei: me: add panther lake H DID
843a6fc56e71 USB: storage: quirk for ADATA Portable HDD CH94
59f993cd36b6 mcb: fix a double free bug in chameleon_parse_gdd()
95a34125831e KVM: SVM: Allocate IR data using atomic allocation
aeba2e15c873 drm/amd/display: Fix gpu reset in multidisplay config
a14b254c35fe net: selftests: initialize TCP header and skb payload with zero
bef170d651d3 virtio_console: fix missing byte order handling for cols and rows
c71ab87a2523 iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE
da7936518996 net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
fcc8ede66356 net_sched: hfsc: Fix a UAF vulnerability in class handling
5fd464fd24de tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
663c3da86e80 net: phy: leds: fix memory leak
46a35fe74bae cpufreq: cppc: Fix invalid return value in .get() callback
8fbaa76690f6 cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
4e3d1c1925d8 cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
ad03f3f852df dma/contiguous: avoid warning about unused size_bytes
c049376c76d1 drm/msm/a6xx: Fix stale rpmh votes from GPU
cac1786e41b4 drm/msm/a6xx: Avoid gx gbit halt during rpm suspend
d5572d3d0034 drm/msm/a6xx: Handle GMU prepare-slumber hfi failure
c8064e9c334f drm/msm/a6xx: Improve gpu recovery sequence
14c96391dff0 string: Add load_unaligned_zeropad() code path to sized_strscpy()
039b1d64c8ea kmsan: disable strscpy() optimization under KMSAN
f124c35b4a36 selftests/mm: generate a temporary mountpoint for cgroup filesystem
fbf43c9e237c ksmbd: Prevent integer overflow in calculation of deadtime
3297497ad224 PCI: Fix reference leak in pci_register_host_bridge()
db273126bf54 PCI: Assign PCI domain IDs by ida_alloc()
fd168b7d1d7c PCI: Coalesce host bridge contiguous apertures
786474c9dadf gpio: tegra186: fix resource handling in ACPI probe path
bc121680d4eb gpio: tegra186: Force one interrupt per bank
32d554841024 cifs: fix integer overflow in match_server()
9c9000cb91b9 cifs: avoid NULL pointer dereference in dbg call
0f552a0a33db cifs: print TIDs as hex
74c7d67a3c30 backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()
28d49aeb7760 backlight: led_bl: Convert to platform remove callback returning void
9d708a3b72b0 iio: adc: ad7768-1: Fix conversion result sign
fda3b0b782c8 iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check
8ee067cf0cf8 soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()
c6f24e85919e soc: samsung: exynos-chipid: Pass revision reg offsets
75dd8356b681 soc: samsung: exynos-chipid: avoid soc_device_to_device()
f54829389feb net: dsa: mv88e6xxx: fix VTU methods for 6320 family
36771754d618 auxdisplay: hd44780: Fix an API misuse in hd44780.c
959b07fb28b0 auxdisplay: hd44780: Convert to platform remove callback returning void
f1d518c0bad0 media: streamzap: fix race between device disconnection and urb callback
a5d7d89ac48a media: streamzap: remove unused struct members
b608bd3b51c0 media: streamzap: less chatter
6dd4cf3ece54 media: streamzap: no need for usb pid/vid in device name
fa5fec7f1555 media: streamzap: remove unnecessary ir_raw_event_reset and handle
ed4ee9639b07 module: sign with sha512 instead of sha1 by default
74a466a15731 Bluetooth: SCO: Fix UAF on sco_sock_timeout
e7d3a0c7bf77 f2fs: Add inline to f2fs_build_fault_attr() stub
c7dc74ab7975 scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
984212fa6b4b pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
6e5b601706ce f2fs: check validation of fault attrs in f2fs_build_fault_attr()
eac1e7e1705f mm: fix apply_to_existing_page_range()
0c35d1914353 fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
7d21587d35bc drm/i915/gt: Cleanup partial engine discovery failures
d154b333a566 dm cache: fix flushing uninitialized delayed_work on cache_ctr error
4de2c04c3acd jfs: Fix shift-out-of-bounds in dbDiscardAG
500f00c80637 MIPS: ds1287: Match ds1287_set_base_clock() function types
9aad60a2e686 MIPS: cevt-ds1287: Add missing ds1287.h include
dd0e9415ff0c MIPS: dec: Declare which_prom() as static
dac465986a4a net: defer final 'struct net' free in netns dismantle
22018622e1e9 scsi: ufs: bsg: Set bsg_queue to NULL after removal
6e9ed2f4721e scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()
930268823f6b openvswitch: fix lockup on tx to unregistering netdev with carrier
5efcb301523b net: openvswitch: fix race on port output
211168339657 ipvs: properly dereference pe in ip_vs_add_service
22e9b83f0f33 ext4: fix timer use-after-free on failed mount
7d215e013d09 blk-iocost: do not WARN if iocg was already offlined
d20f28f00770 blk-cgroup: support to track if policy is online
3516f93cc63d bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
0d90d9e15414 bpf: avoid holding freeze_mutex during mmap operation
82e813b12b10 sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers
bb6570085826 smb: client: fix potential UAF in cifs_stats_proc_show()
ce49569079a9 smb: client: fix potential deadlock when releasing mids
878f32878351 smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
4a788ebbb10d smb: client: fix NULL ptr deref in crypto_aead_setkey()
ef51c0d544b1 smb: client: fix UAF in async decryption
ed3b36f351d9 cifs: Fix UAF in cifs_demultiplex_thread()
336a066990bb smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
58de45f4d663 net: make sock_inuse_add() available
480469f145e5 ksmbd: fix potencial out-of-bounds when buffer offset is invalid
d798fd98e356 smb: client: fix potential UAF in cifs_dump_full_key()
d54fdcf171f0 nvmet-fc: Remove unused functions
6955fd3a6fb9 landlock: Add the errata interface
3cc1116de109 drm/amdgpu: fix usage slab after free
fcf9d6a9f30e drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing
b19ca8425a4b drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'
e3cd0d8362de drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links
27fda36eedad wifi: ath10k: avoid NULL pointer error during sdio remove
c1cbf006feee phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
a262c2dc833f powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
d1c85e262c16 x86/pvh: Call C code via the kernel virtual mapping
386617efacab net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup
66a9937187ac bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
7d3914a477ee phonet/pep: fix racy skb_queue_empty() use
6cc52df69e84 filemap: Fix bounds checking in filemap_read()
90c8482a5d97 net: fix crash when config small gso_max_size/gso_ipv4_max_size
77aa9855a878 ipv6: release nexthop on device removal
f241e4a78f6a misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type
30f2cd70c4f9 misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error
54c9f299ad7d misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
980a236af12f mptcp: sockopt: fix getting IPV6_V6ONLY
8fbd9487f676 kbuild: Add '-fno-builtin-wcslen'
5d3779ceaac8 cpufreq: Reference count policy in cpufreq_update_limits()
93cc7c7f9b83 KVM: arm64: Eagerly switch ZCR_EL{1,2}
ec3efc04a6ce KVM: arm64: Calculate cptr_el2 traps on activating traps
52a473ba8330 KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN
08ce0d1ee622 KVM: arm64: Remove host FPSIMD saving for non-protected KVM
5289ac43b69c KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state
978c0ccf80ce arm64/fpsimd: Stop using TIF_SVE to manage register saving in KVM
6b3d37c9c61e arm64/fpsimd: Have KVM explicitly say which FP registers to save
8be8ba9cf1df arm64/fpsimd: Track the saved FPSIMD state type separately to TIF_SVE
c4ab60a86c5e KVM: arm64: Discard any SVE state when entering KVM guests
58ed930115b8 KVM: arm64: Always start with clearing SVE flag on load
a2231da36777 KVM: arm64: Get rid of host SVE tracking/saving
2f420df780c5 drm/sti: remove duplicate object names
ada78110b2d3 drm/nouveau: prime: fix ttm_bo_delayed_delete oops
4941966558a0 drm/amdgpu/dma_buf: fix page_link check
80814924260c drm/amd/pm/powerplay/hwmgr/vega20_thermal: Prevent division by zero
f2904fa2b9da drm/amd/pm/swsmu/smu13/smu_v13_0: Prevent division by zero
be0fffc4152a drm/amd/pm/powerplay/hwmgr/smu7_thermal: Prevent division by zero
0c02fcbe4a13 drm/amd/pm/powerplay: Prevent division by zero
b7c41df49137 drm/amd/pm: Prevent division by zero
c177517ea65c drm/repaper: fix integer overflows in repeat functions
3d81ec24e7db perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR
93c5be4da097 perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX
609ed2fcc9b5 perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR
b55b385b3938 perf/x86/intel: Allow to update user space GPRs from PEBS records
5ee09cdaf341 virtiofs: add filesystem context source name check
aac80c3e05cb tracing: Fix filter string testing
e5467a695337 riscv: Avoid fortify warning in syscall_get_arguments()
7596182dc17f mm/gup: fix wrongly calculated returned value in fault_in_safe_writeable()
6b563dc85fb3 loop: LOOP_SET_FD: send uevents for partitions
81565d0986a9 loop: properly send KOBJ_CHANGED uevent for disk device
63d5a3e207bf isofs: Prevent the use of too small fid
cd83035b6f2a i2c: cros-ec-tunnel: defer probe if parent EC is not present
a33c035df01d hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
877ee3ba2f78 crypto: caam/qi - Fix drv_ctx refcount bug
cdd459a58bb6 btrfs: correctly escape subvol in btrfs_show_options()
a70832d35559 nfsd: decrease sc_count directly if fail to queue dl_recall
bf5f65aebeaf nfs: add missing selections of CONFIG_CRC32
72f7ccad7ed5 nfs: move nfs_fhandle_hash to common include file
41a125eb52d6 asus-laptop: Fix an uninitialized variable
442a0ab6a4e9 ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels
1a19d2306753 ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate
440225ed4fbb Revert "PCI: Avoid reset when disabled via sysfs"
2b109b99d45f writeback: fix false warning in inode_to_wb()
9ac9ad08723d cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS
6bc390b02d4b riscv: KGDB: Remove ".option norvc/.option rvc" for kgdb_compiled_break
854d0f048ead riscv: KGDB: Do not inline arch_kgdb_breakpoint()
3c03e585860a riscv: Properly export reserved regions in /proc/iomem
9ea760991c11 net: dsa: avoid refcount warnings when ds->ops->tag_8021q_vlan_del() fails
8ccdf5e24b27 net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
f7b3bddffff2 net: b53: enable BPDU reception for management port
118d05b53034 cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path
a27526e6b48e net: openvswitch: fix nested key length validation in the set() action
5c1313b93c8c net: mctp: Set SOCK_RCU_FREE
18924cdfea58 igc: cleanup PTP module if probe fails
7d2d77e51371 igc: handle the IGC_PTP_ENABLED flag correctly
5572511776d4 igc: move ktime snapshot into PTM retry loop
c1f174edaccc igc: fix PTM cycle trigger logic
6d16d6cb212f Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
24b2cdfc16e9 Bluetooth: l2cap: Check encryption key size on incoming connection
2d7c60c2a38b Bluetooth: btrtl: Prevent potential NULL dereference
056f04935bd8 Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address
791daf8240ce RDMA/core: Silence oversized kvmalloc() warning
bb93bd4b9920 RDMA/hns: Fix wrong maximum DMA segment size
3af43d7282a8 RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe()
e2c440b23f21 md/raid10: fix missing discard IO accounting
f89ab86401c9 scsi: iscsi: Fix missing scsi_host_put() in error path
2996144be660 wifi: wl1251: fix memory leak in wl1251_tx_work
305741e7e632 wifi: mac80211: Purge vif txq in ieee80211_do_stop()
9d00c0a807a3 wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()
3c619aec1f53 wifi: at76c50x: fix use after free access in at76_disconnect
00999e369e9e scsi: hisi_sas: Enable force phy when SATA disk directly connected
31676d55028a scsi: libsas: Add struct sas_tmf_task
42bbb529955c scsi: libsas: Delete lldd_clear_aca callback
04bbb1b72b55 scsi: hisi_sas: Fix setting of hisi_sas_slot.is_internal
8b8e6d433bd9 scsi: hisi_sas: Factor out task prep and delivery code
6587850b8827 scsi: hisi_sas: Pass abort structure for internal abort
9ebfa3eb9d52 scsi: hisi_sas: Start delivery hisi_sas_task_exec() directly
9e5a0f577716 Bluetooth: hci_uart: Fix another race during initialization
e8ea4dd6659f x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions()
fb627b8fe4d7 ACPI: platform-profile: Fix CFI violation when accessing sysfs files
46e22de65eb4 arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists
72972552d0d0 HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
9242391c20b1 pinctrl: qcom: Clear latched interrupt status when changing IRQ type
40c4c64507fe PCI: Fix reference leak in pci_alloc_child_bus()
8730a3c6f0f1 PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe()
fa4d10970ea3 of/irq: Fix device node refcount leakages in of_irq_init()
90d3d651b985 of/irq: Fix device node refcount leakage in API irq_of_parse_and_map()
52f0888eff56 of/irq: Fix device node refcount leakages in of_irq_count()
bd8f17219533 ntb: use 64-bit arithmetic for the MSI doorbell mask
94c1cf839b7a gpio: zynq: Fix wakeup source leaks on device unbind
dd38803c9088 ftrace: Add cond_resched() to ftrace_graph_set_hash()
422dd984f7ef dm-integrity: set ti->error on memory allocation failure
9c5eedb065fa crypto: ccp - Fix check for the primary ASP device
2e794415ff7f thermal/drivers/rockchip: Add missing rk3328 mapping entry
0f7df4899299 sctp: detect and prevent references to a freed transport in sendmsg
20035e675ca0 mm/hwpoison: do not send SIGBUS to processes with recovered clean pages
f3509cecd0fd mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock
7de3726a3afd sparc/mm: disable preemption in lazy mmu mode
66a10239be04 arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string
2dd21fc16490 mtd: rawnand: Add status chack in r852_ready()
e7d6ceff95c5 mtd: inftlcore: Add error check for inftl_read_oob()
cef678a27711 mptcp: only inc MPJoinAckHMacFailure for HMAC failures
b3088bd2a679 mptcp: fix NULL pointer in can_accept_new_subflow
9ce88838fcea lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets
031b53078e88 locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class()
90ee23c2514a mfd: ene-kb3930: Fix a potential NULL pointer dereference
ad926f735b4d jbd2: remove wrong sb->s_sequence check
3ba402610843 i3c: Add NULL pointer check in i3c_master_queue_ibi()
c658e1302ee3 i3c: master: svc: Use readsb helper for reading MDB
5d74f8a5fb3c vdpa/mlx5: Fix oversized null mkey longer than 32bit
2883e9e74f73 ext4: fix off-by-one error in do_split
899d0353ea69 bus: mhi: host: Fix race between unprepare and queue_buf
65cc93278f69 ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path
9ae11b06c557 wifi: mac80211: fix integer overflow in hwmp_route_info_get()
977fb8126e5c wifi: mt76: Add check for devm_kstrdup()
8f80ade0f6ea clocksource/drivers/stm32-lptimer: Use wakeup capable instead of init wakeup
c1e3583fb61f mtd: Replace kcalloc() with devm_kcalloc()
ef922b40bb6d net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family
8f8ed592d8a1 mtd: Add check for devm_kcalloc()
f195e94c7af9 media: venus: hfi_parser: refactor hfi packet parsing logic
1ad6aa1464b8 media: venus: hfi_parser: add check to avoid out of bound access
08ac0e22e456 media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO
e8396890db79 media: i2c: ov7251: Set enable GPIO low in probe
7c3118db4998 media: i2c: ccs: Set the device's runtime PM status correctly in probe
5a6b5aa8ebc1 media: i2c: ccs: Set the device's runtime PM status correctly in remove
457a61c59856 media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf()
432f748824b6 media: streamzap: prevent processing IR data on URB failure
fbcb584efa5c mtd: rawnand: brcmnand: fix PM resume warning
b88004318aeb spi: cadence-qspi: Fix probe on AM62A LP SK
0b08172a635d arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe list
8cb58a817a45 arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre BHB
1a646a6206e0 arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list
f6ea5a8a5344 arm64: cputype: Add MIDR_CORTEX_A76AE
09a128539129 xenfs/xensyms: respect hypervisor's "next" indication
b98fbad6abda media: siano: Fix error handling in smsdvb_module_init()
680cc5303f7c media: vim2m: print device name after registering device
32af5c1fdb9b media: venus: hfi: add check to handle incorrect queue size
1b8fb257234e media: venus: hfi: add a check to handle OOB in sfr region
83724b88175c media: i2c: adv748x: Fix test pattern selection mask
84f2ca8d5f2d ext4: don't treat fhandle lookup of ea_inode as FS corruption
8273ae803009 bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags
831062d76d37 bpf: Add endian modifiers to fix endian warnings
ed6ff2d48873 pwm: fsl-ftm: Handle clk_get_rate() returning 0
1f45022f219b pwm: rcar: Improve register calculation
dc12f37acbc3 pwm: rcar: Simplify multiplication/shift logic
e3cf0c38d3ce pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
7fa3d93d4d29 ktest: Fix Test Failures Due to Missing LOG_FILE Directories
09dbf22fd68c fbdev: omapfb: Add 'plane' value check
c250262d6485 PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type
1690b4949247 drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off
25c299517d58 drm/amdkfd: Fix pqm_destroy_queue race with GPU reset
62b3040a1a29 drm/amdkfd: clamp queue size to minimum
0236f723b445 drivers: base: devres: Allow to release group on device release
e2dacf842095 drm/bridge: panel: forbid initializing a panel with unknown connector type
e33d1037fd89 drm: panel-orientation-quirks: Add new quirk for GPD Win 2
b60523a75c2b drm: panel-orientation-quirks: Add support for AYANEO 2S
cc301b9d48ab drm/amd/display: Update Cursor request mode to the beginning prefetch always
0a5ba5e28b7b drm: allow encoder mode_set even when connectors change for crtc
d71a57a34ab6 Bluetooth: hci_uart: fix race during initialization
effeecfe60fc tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER
523fa0979d84 net: vlan: don't propagate flags on open
5a194041bffd wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table
c6015d0f7a22 scsi: st: Fix array overflow in st_setup()
f737418b6de3 ext4: ignore xattrs past end
1648029cd302 ext4: protect ext4_release_dquot against freezing
fd4c73a2669c ahci: add PCI ID for Marvell 88SE9215 SATA Controller
67e16ccba74d f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
714036b176ba ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode
a741f29ac8b6 jfs: add sanity check for agwidth in dbMount
86bfeaa18f9e jfs: Prevent copying of nlink with value 0 from disk inode
3d8a45f87010 fs/jfs: Prevent integer overflow in AG size calculation
761e36cf8c86 fs/jfs: cast inactags to s64 to prevent potential overflow
4f10732712fc jfs: Fix uninit-value access of imap allocated in the diMount() function
91522aba56e9 page_pool: avoid infinite loop to schedule delayed worker
691d45955eda ALSA: usb-audio: Fix CME quirk for UF series keyboards
c30b45c78e1a ASoC: fsl_audmix: register card device depends on 'dais' property
81b19dc8ad80 ALSA: hda: intel: Fix Optimus when GPU has no sound
6b4449e4f033 HID: pidff: Fix null pointer dereference in pidff_find_fields
4c5f8e594657 HID: pidff: Do not send effect envelope if it's empty
b5d9c541ad33 HID: pidff: Convert infinite length from Linux API to PID standard
01e1c8a26ea3 xen/mcelog: Add __nonstring annotations for unterminated strings
595a9e7b8cda arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD
016cc0079e74 perf: arm_pmu: Don't disable counter in armpmu_add()
4162ed24d454 x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine
0e297a02e03d pm: cpupower: bench: Prevent NULL dereference on malloc failure
c2077a80caf2 umount: Allow superblock owners to force umount
d504882159a2 nft_set_pipapo: fix incorrect avx2 match of 5th field octet
99aa698dec34 net: ppp: Add bound checking for skb data on ppp_sync_txmung
e342ea4ce54f nvmet-fcloop: swap list_add_tail arguments
bea745327f00 ata: sata_sx4: Add error handling in pdc20621_i2c_read()
3c1c0a8c1a07 ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones
81a5174e64ce net: ethtool: Don't call .cleanup_data when prepare_data fails
ac91c6125468 net: tls: explicitly disallow disconnect
ed06675d3b8c tipc: fix memory leak in tipc_link_xmit
d0d720f92828 ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
e0bb89c44b56 efi: libstub: Use '-std=gnu11' to fix build with GCC 15
b5d500042eb3 usb: hcd-pci: remove the action of faking interrupt request
6f0605db50e2 clk: imx: Add check for kcalloc
5b837b9e1543 bpf: Fix the indention issue in grow_stack_state()
42b62697634d cifs: Fix the calling of smb_version_operations::calc_smb_size()
b14acf729e9d f2fs: Add inline to f2fs_build_fault_attr() stub
7c317bec311f f2fs: check validation of fault attrs in f2fs_build_fault_attr()
81c12119c23f bpf: Fix accesses to uninit stack slots [ Upstream commit 6b4a64bafd107e521c01eec3453ce94a3fb38529 ]
c4fa05422d87 smb: client: fix potential OOB in smb2_dump_detail()
299ef3b5b00b of: module: add buffer overflow check in of_modalias()
b8086c3c1548 reiserfs: Avoid touching renamed directory if parent does not change
ea091017ef62 ipv6: Fix data races around sk->sk_prot.
ff8710da80ee ipv6: annotate some data-races around sk->sk_prot
e8c2eafaaa6a tcp: Fix data races around icsk->icsk_af_ops.
8d1bab770956 locking/rwsem: Disable preemption while trying for rwsem lock
7c82dac02886 block, loop: support partitions without scanning
45f504f301d4 bpftool: Fix pretty print dump for maps without BTF loaded
1f24338cb789 jbd2: Drop the merge conflicted hunk
e1d0e3c51bde tpm: tis_i2c: Limit write bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
1abe841fe331 tpm: tis_i2c: Limit read bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
6224acfc1d56 tpm: Add flag to use default cancellation policy
1cd19d48fb90 tpm: tis_i2c: Fix sanity check interrupt enable mask
a883da132fa8 tpm: Add tpm_tis_i2c backend for tpm_tis_core
a742ac8a1c51 tpm: Add tpm_tis_verify_crc to the tpm_tis_phy_ops protocol layer
ef495c5f45f2 tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops
1f3be2e23aa6 gcc-plugins: Reorganize gimple includes for GCC 13
24615a3b932a ata: ahci: fix enum constants for gcc-13
5d6cb145541a net: stmmac: Enable mac_managed_pm phylink config
fd93aabb4287 tools/resolve_btfids: Use pkg-config to locate libelf
130f9da78406 tools/resolve_btfids: Build with host flags
00f2f1a782f9 tools/resolve_btfids: Support cross-building the kernel with clang
17776a4ba9c2 tools/resolve_btfids: Install libbpf headers when building
7c9808380d70 libbpf: Make libbpf_version.h non-auto-generated
37ae1ba791ac libbpf: Add LIBBPF_DEPRECATED_SINCE macro for scheduling API deprecations
a2667e6d7314 drm/radeon: free iio for atombios when driver shutdown
f100c753aa1f powerpc: Fix reschedule bug in KUAP-unlocked user copy
da5513f30187 libbpf: Fix build warning on ref_ctr_off
4c5a089621a8 perf python: Account for multiple words in CC
1c5699ee85d4 fs: move S_ISGID stripping into the vfs_*() helpers
838f5d0701d8 fs: add mode_strip_sgid() helper
d97172683641 squashfs: provide backing_dev_info in order to disable read-ahead
ed037d7be40c irq_work: use kasan_record_aux_stack_noalloc() record callstack
1363bd7dbde3 ixgbevf: add disable link state
e5601ae2bd24 ixgbe: add improvement for MDD response functionality
caa57cd80575 ixgbe: add the ability for the PF to disable VF link state
16a77bfcc7df Check /dev/console using init_stat()
04574fd5579a tracing/arm: Have max stack tracer handle the case of return address after data
0e51e5717018 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
1e6b7da6ddba drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
493160901320 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
04224f725aa3 irqchip/gic-v3-its: Skip HP notifier when no ITS is registered
6f6c2996a81c irqchip/gic-v3-its: Postpone LPI pending table freeing and memreserve
1fa94473423f irqchip/gic-v3-its: Give the percpu rdist struct its own flags field
6013d1ae5feb cert host tools: Stop complaining about deprecated OpenSSL functions
efe20512212b init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
a40d2daf2795 pnmtologo: use relocatable file name
3b40d5b41155 of: configfs: remove unused variable overlay_lock
6c085baf1838 tools: use basename to identify file in gen-mach-types
2fca0fd71981 lib/build_OID_registry: fix reproducibility issues
0f586f4ee8ad vt/conmakehash: improve reproducibility
a75774679f28 OF: DT-Overlay configfs interface (v8)
d179c639b30b x86/boot: Wrap literal addresses in absolute_pointer()
856ec356cf91 ACPI: thermal: drop an always true check
7614af249993 xfs: Fix -Werror=dangling-pointer work-around for older GCC
41470215f97e xfs: Work around GCC 12 -Werror=dangling-pointer for xfs_attr_remote.o
44a445c1922d virtio-pci: Remove wrong address verification in vp_del_vqs()
77aa9e489eaf bpf: Disallow unprivileged bpf by default
ebfb1822e9f9 fs/aufs: fixup 5.15.36 fixups
4eba9348d3e2 Revert "Revert "fbdev: Hot-unplug firmware fb devices on forced removal""
5df6d1b00f95 jbd2: fix use-after-free of transaction_t race
2d83e8196487 jbd2: refactor wait logic for transaction updates into a common function
07a63f760793 netfilter: conntrack: avoid useless indirection during conntrack destruction
4e7122625996 Revert "fbdev: Hot-unplug firmware fb devices on forced removal"
7ba4cb36fd4f rcu: Avoid alloc_pages() when recording stack
f78574dee71e kasan: test: silence intentional read overflow warnings
d313cb89b6b1 kasan: arm64: fix pcpu_page_first_chunk crash with KASAN_VMALLOC
5e279d5647cc arm64: support page mapping percpu first chunk allocator
e5bf16752dca vmalloc: choose a better start address in vm_area_register_early()
660b3d21b46f kasan: test: bypass __alloc_size checks
00aa7573e53a kasan: test: add memcpy test that avoids out-of-bounds write
67becf0b1bd4 kasan: fix tag for large allocations when using CONFIG_SLAB
bedf1e033213 workqueue, kasan: avoid alloc_pages() when recording stack
7195b67ce69b kasan: generic: introduce kasan_record_aux_stack_noalloc()
bdff763f0e29 kasan: common: provide can_alloc in kasan_save_stack()
51423ebb36ad lib/stackdepot: introduce __stack_depot_save()
85373e66d847 lib/stackdepot: remove unused function argument
5b6cc9b251f3 lib/stackdepot: include gfp.h
c9f3902d8069 aufs: reduce overhead for "code present but disabled" use case.
b98d189df02c aufs: bugfix, umount passes NULL to ->parse_monolithic()
13b883cbbbd9 aufs standalone: cosmetic, missing copyright sentence
21f8b0d81898 aufs: 5.15.5-20220117 ---> 5.15.5-20220221
6199fd896645 aufs: tiny, headers after fs_context
8ddb40e31c29 aufs: fs_context 7/7, finally remount
69035f71c6fd aufs: fs_context 6/7, now mount
bc841b970697 aufs: fs_context 5/7, parse all other mount options
435188053da2 aufs: fs_context 4/7, parse xino options
9af1f1825cbd aufs: fs_context 3/7, parse the branch-management options
1c05eb767f8c aufs: fs_context 2/7, parse "br" mount option
a8488f603134 aufs: fs_context 1/7, skelton of the new shceme
8e32e0015564 aufs: pre fs_context, convert a static flag to a macro
f90cb4144aec aufs: pre fs_context, support the incomplete sb and sbinfo case
948762ef859c aufs: pre fs_context, convert the type of alloc_sbinfo()
77151a08776b aufs: 5.15.5-20211129 ---> 5.15.5-20220117
2539adbbbe1e aufs: 5.14-20211018 ---> 5.15.5-20211129
7d32b25193c4 aufs: for v5.15-rc1, sync_inode() is gone
66ec0c509225 aufs: for v5.15-rc1, new param 'rcu' for ->get_acl()
69709dc518cd aufs: for v5.15-rc1, no mand-lock anymore
ada8fe9543e5 aufs: 5.14-20210906 ---> 5.14-20211018
b77f7f3f394a Revert "aufs: adjust to v5.15 fs changes"
81bdce5b5876 tick/nohz: WARN_ON --> WARN_ON_ONCE to prevent console saturation
97c963889222 sched/isolation: really align nohz_full with rcu_nocbs
871f23ad3627 Revert "ARM: defconfig: Enable ax88796c driver for Exynos boards"
ffad0783dd5b ARM: config: multi v7: Regenerate defconifg
5c1e1a1ff2d3 ARM: config: multi v7: Add renamed symbols
badaf96564fe ARM: config: multi v7: Clean up enabled by default options
34996040fc9b ARM: config: multi v7: Drop unavailable options
7f685244afb3 powerpc/mm: Switch obsolete dssall to .long
20301aeb1a64 riscv: fix build with binutils 2.38
9df58d070506 powerpc/lib/sstep: fix 'ptesync' build error
720b61fc400b x86_64_defconfig: Fix warnings
02bf23d26bc4 arm64: defconfig: cleanup config options
05914e2c87e5 arm: defconfig: drop unused POWER_AVS option
ffb532fa19b9 aufs5: fix build against v5.15.3+
a4b3abf4d96d qemux86: add configuration symbol to select values
fee94ee09154 clear_warn_once: add a clear_warn_once= boot parameter
3d8762d900d9 clear_warn_once: bind a timer to written reset value
95faacac47e8 clear_warn_once: expand debugfs to include read support
de20c4240018 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
0e4aacead9c1 perf: x86-32: explicitly include <errno.h>
9ad92c11468e perf: mips64: Convert __u64 to unsigned long long
09e7efe3e68a perf: fix bench numa compilation
e79becc44fa6 perf: add SLANG_INC for slang.h
b1033b588681 perf: add sgidefs.h to for mips builds
cf9db484ac0b perf: change --root to --prefix for python install
7fd052c2c562 perf: add 'libperl not found' warning
27a437cdd469 perf: force include of <stdbool.h>
3b99d21bec2f fat: don't use obsolete random32 call in namei_vfat
a7e9293b506b FAT: Added FAT_NO_83NAME
6fd0e71d9e5c FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
c379b0d324ae FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
538be0fdb124 aufs: adjust to v5.15 fs changes
f45da75c8759 aufs5: core
047f57e07e01 aufs5: standalone
029fc15574c8 aufs5: mmap
610d0192ee94 aufs5: base
d4e428d0ec5f aufs5: kbuild
eb067eca251a yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
286af18d0875 yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
24d59a4e26a6 yaffs2: v5.12+ build fixups (not runtime tested)
22c73536d5d7 yaffs: include blkdev.h
506b7251bfb8 yaffs: fix misplaced variable declaration
a0e26ff364dc yaffs2: v5.6 build fixups
b10b1b2d169e yaffs2: fix memory leak when /proc/yaffs is read
ad9adccbb214 yaffs: add strict check when call yaffs_internal_read_super
2e3c3aec8279 yaffs: repair yaffs_get_mtd_device
d662538516a7 yaffs: Fix build failure by handling inode i_version with proper atomic API
70a6113ee2c7 yaffs2: fix memory leak in mount/umount
3378e4a9e404 yaffs: Avoid setting any ACL releated xattr
ec2284edddef Yaffs:check oob size before auto selecting Yaffs1
c2a49874051c fs: yaffs2: replace CURRENT_TIME by other appropriate apis
e9a5105a3e73 yaffs2: adjust to proper location of MS_RDONLY
608807406f13 yaffs2: import git revision b4ce1bb (jan, 2020)
89e660ece42c initramfs: allow an optional wrapper script around initramfs generation
b179dbc9aa10 iwlwifi: select MAC80211_LEDS conditionally
3fd5ca3673d0 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
d1f6edbf0188 arm64/perf: Fix wrong cast that may cause wrong truncation
d202fb2caf33 defconfigs: drop obselete options
9a27e3b5f4e7 arm64/perf: fix backtrace for AAPCS with FP enabled
e20d8cf019b4 linux-yocto: Handle /bin/awk issues
b6d2a3dbbd3a uvesafb: provide option to specify timeout for task completion
adb40f1e6a1a uvesafb: print error message when task timeout occurs
f280a1ed0962 compiler.h: Undef before redefining __attribute_const__
4352732f268c vmware: include jiffies.h
7954a677968d Resolve jiffies wrapping about arp
5f28a1035d95 nfs: Allow default io size to be configured.
0d7260ad7106 check console device file on fs when booting
900a12e37e0a mount_root: clarify error messages for when no rootfs found
7b878cbea726 menuconfig,mconf-cfg: Allow specification of ncurses location
6604fc1763b3 modpost: mask trivial warnings
0d294adb09cb kbuild: exclude meta directory from distclean processing
a097cdd95a9e powerpc: serialize image targets
5db6ec39a0a3 arm: serialize build targets
cbabca27905e crtsavres: fixups for 5.4+
7fc7656ed403 powerpc/ptrace: Disable array-bounds warning with gcc8
a5faac5a19a2 powerpc: Disable attribute-alias warnings from gcc8
186c54665b67 powerpc: add crtsavres.o to archprepare for kbuild
d1ea862964ca powerpc: kexec fix for powerpc64
2ac35b89a0f9 powerpc: Add unwind information for SPE registers of E500 core
2e1c348a28bb mips: vdso: fix 'jalr $t9' crash in vdso code
ec57870b303a mips: Kconfig: add QEMUMIPS64 option
6a81b3c08107 4kc cache tlb hazard: tlbp cache coherency
74e3b2a21e54 malta uhci quirks: make allowance for slow 4k(e)c
22e65b63d3b4 arm/Makefile: Fix systemtap
b7f1ab59f19e vexpress: Pass LOADADDR to Makefile
ce2800c73bf7 arm: ARM EABI socketcall
019d142fd956 ARM: LPAE: Invalidate the TLB for module addresses during translation fault
(From OE-Core rev: ce581f5cb80f1e6a405f70ba2fa23a09d9687e7c)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This modifies the default indexer split() and js splitQuery()
methods to support searching for words with hyphens.
While this might not be an ideal, rock solid, and fully future-proof
solution, it allows at least to search for strings inlcuding hyphens,
such as 'bitbake-layers', 'send-error-report', or 'oe-core'.
Below is a bit more detailed explanation of the two modifications done:
1) The default split regex in the sphinx-doc SearchLanguage base class
is:
| _word_re = re.compile(r'\w+')
which we simply extend to include hyphens '-'.
This will result in a searchindex.js that contains words with hyphens,
too.
2) The 'searchtool.js' code notes for its splitQuery() implementation:
| /**
| * Default splitQuery function. Can be overridden in ``sphinx.search`` with a
| * custom function per language.
| *
| * The regular expression works by splitting the string on consecutive characters
| * that are not Unicode letters, numbers, underscores, or emoji characters.
| * This is the same as ``\W+`` in Python, preserving the surrogate pair area.
| */
| if (typeof splitQuery === "undefined") {
| var splitQuery = (query) => query
| .split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}]+/gu)
| .filter(term => term) // remove remaining empty strings
| }
The hook for this is documented in the sphinx-docs 'SearchLanguage'
base class.
| .. attribute:: js_splitter_code
|
| Return splitter function of JavaScript version. The function should be
| named as ``splitQuery``. And it should take a string and return list of
| strings.
|
| .. versionadded:: 3.0
We use this to define a simplified splitQuery() function with a split
argument that splits on empty spaces only.
We extend SearchEnglish (which extends SearchLanguage) here to retain
the stemmer code and stopwords for English.
[YOCTO #14534]
(From yocto-docs rev: 72e70a6af6eb3d4ca41f9e64069d8d3f61b420a3)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit d4a98ee19e0cbd6be96923dc72faee143a6b294b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix as many instances of unbalanced-inline-literals-delimiters as reported
by 'make sphinx-lint' as possible. Sphinx and/or its linter seem to get
tripped up randomly when references contain links to heading which contain
literals enclosed in double-back-tics, and not all of them can be "fixed"
to pass both building and linting.
(From yocto-docs rev: 2c1e5b080ad5e62d8283d332cbc473fd2d59c6e6)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add a section after the 'git format-patch' information encouraging developers
to add patch version changelogs to their patch updates.
(From yocto-docs rev: a9f9d53fa4a29e3cf846868567190425ffed8bf0)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 2e3a37c4607b296956993e557d1786c4876e5722)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
- Add the future "Whinlatter" (5.3) and "Wrynose" (6.0) releases.
- Make the "Walnascar" release a current release.
- Update the month in Current.
(From yocto-docs rev: b60476dd7b056d7b5dd48ac7fce943b4e3542277)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit adb8573b54626e033921a9f4e3db259312b79207)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The version has changed now (3.10.12 as of writing). Avoid having to
maintain this information by removing the version info from the intro.
Also fix a typo ("uses now uses") and give a link to yocto-autobuilder2.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: c404868285bfeb64600e70650483c664a8eb9574)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 1ed64dbdf4a60b000305cdc2c67dc24f4bc97ef7)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This document was written with SPDX 3.0 in mind (create-spdx-3.0 class)
on OE-Core's master, but Kirkstone only supports SPDX 2.2 (named simply
create-spdx).
The create-spdx class only generate a tar.zst output, so remove the
other outputs listed here.
Also, ancillary outputs are not only deployed in tmp/deploy/spdx/MACHINE
but tmp/deploy/spdx in general.
(From yocto-docs rev: 25b5ec4c71c97228f8386f5b6c4fbe272c207ed6)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The cpymemdi/setmemdi implementation doesn't fully support strict alignment.
Block the expansion if the alignment is less than 16 with STRICT_ALIGNMENT.
Clean up the condition when to use MOPS. (PR103100)
The original patch for GCC 12 removed MOPS & SIMD conditionals for setmem and
cpymem expansions in aarch64.md file. However, this version for GCC 11 does not
backport the SIMD & MOPS-related changes and retains the conditions in aarch64.md
file to preserve correctness and compatibility with the GCC 11 backend.
All changes and outputs have been verified by the author.
Upstream-Status: Backport [https://gcc.gnu.org/cgit/gcc/commit/?id=b9d16d8361a9e3a82a2f21e759e760d235d43322]
(From OE-Core rev: a99a65632116955dc69809a14bf536b22582de72)
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
During ptest execution, util-linux adds mount entries in /etc/fstab
and runs `mount -a`, which mounts all available entries from
/etc/fstab. This can cause unintended mounts that are unrelated to
the test, leading to incorrect test behavior.
To avoid this, upstream util-linux introduced a mechanism using
CUSTOM_FSTAB,which isolates test-specific fstab entries. Only entries
listed in CUSTOM_FSTAB are mounted during test execution, ensuring
tests do not interfere with or depend on the system's /etc/fstab.
This commit backports below upstream changes to use CUSTOM_FSTAB.
ed3d33faffb1580bd7606aa8d17b6b
(From OE-Core rev: 94747fb63518bf907eb7c09fc2e146e39e235a7d)
Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2025-47268
ping in iputils through 20240905 allows a denial of service (application
error or incorrect data collection) via a crafted ICMP Echo Reply
packet, because of a signed 64-bit integer overflow in timestamp
multiplication.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-47268
Patch from:
070cfacd73
(From OE-Core rev: a463c8e3950ccf58316d48241c2cd82484f25fda)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
bb.error("Malformed Upstream-Status in patch\n%s\nPlease correct according to %s :\n%s" % (fullpath, guidelines, match_kinda.group(0)))
msg = "Malformed Upstream-Status in patch\n%s\nPlease correct according to %s :\n%s" % (fullpath, guidelines, match_kinda.group(0))
oe.qa.handle_error(patchtype, msg, d)
else:
bb.error("Missing Upstream-Status in patch\n%s\nPlease add according to %s ." % (fullpath, guidelines))
msg = "Missing Upstream-Status in patch\n%s\nPlease add according to %s ." % (fullpath, guidelines)
oe.qa.handle_error(patchtype, msg, d)
oe.qa.exit_if_errors(d)
}
python do_qa_configure() {
@@ -1331,6 +1338,7 @@ python do_qa_unpack() {
bb.warn('%s: the directory %s (%s) pointed to by the S variable doesn\'t exist - please set S within the recipe to point to where the source has been unpacked to' % (d.getVar('PN'), d.getVar('S', False), s_dir))
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
