mirror of
https://git.yoctoproject.org/poky
synced 2026-05-08 05:09:24 +00:00
7397fefc2f1abc8c35d38c48c62f34dd1bf7b9db
68295 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Bruce Ashfield
|
7397fefc2f |
linux-yocto/5.15: update to v5.15.160
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
c61bd26ae81a Linux 5.15.160
0df819cac13e docs: kernel_include.py: Cope with docutils 0.21
1786e0c96af1 admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
96f650995c70 KEYS: trusted: Do not use WARN when encode fails
00548ac6b144 remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
da6504c63f78 serial: kgdboc: Fix NMI-safety problems from keyboard reset code
1768f29972cd usb: typec: ucsi: displayport: Fix potential deadlock
ddbcd7d36e38 binder: fix max_thread type inconsistency
7e6d6f27522b drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()
c9f2b6d88e65 KVM: x86: Clear "has_error_code", not "error_code", for RM exception injection
2750d7641d08 netlink: annotate data-races around sk->sk_err
7cff4103be7c netlink: annotate lockless accesses to nlk->max_recvmsg_len
3ade391adc58 net: tls: handle backlogging of crypto requests
f17d21ea7391 tls: fix race between async notify and socket close
94afddde1e92 net: tls: factor out tls_*crypt_async_wait()
fb782814bf09 tls: extract context alloc/initialization out of tls_set_sw_offload
704402f913b8 tls: rx: simplify async wait
cc4fac519d28 net: bcmgenet: synchronize UMAC_CMD access
1d5d18efc181 net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
52c4287f23c8 Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
1e6914fa8e77 KEYS: trusted: Fix memory leak in tpm2_key_encode()
9b8a8e5e8129 nfsd: don't allow nfsd threads to be signalled.
44889eacfe1f pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin()
a32c8f951c8a drm/amd/display: Fix division by zero in setup_dsc_config
83655231580b Linux 5.15.159
f3a1787dc482 md: fix kmemleak of rdev->serial
ed79b93f725c keys: Fix overwrite of key expiration on instantiation
580bcd6bf24f Bluetooth: qca: fix firmware check error path
b91390f4e828 Bluetooth: qca: fix NVM configuration parsing
ed53949cc92e Bluetooth: qca: add missing firmware sanity checks
d68dbfb837c0 regulator: core: fix debugfs creation regression
1a6be4e70790 hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us
9518b79bfd2f net: fix out-of-bounds access in ops_init
b7bab33c4623 drm/vmwgfx: Fix invalid reads in fence signaled events
c3d84a764ed1 mei: me: add lunar lake point M DID
2a47da1cd81f slimbus: qcom-ngd-ctrl: Add timeout for wait operation
ba3c118cff7b dyndbg: fix old BUG_ON in >control parser
866d84456494 ASoC: ti: davinci-mcasp: Fix race condition during probe
40098e3fd40d ASoC: tegra: Fix DSPK 16-bit playback
1cbe6d8999db net: bcmgenet: synchronize use of bcmgenet_set_rx_mode()
66116556076f tipc: fix UAF in error path
2a512ca151da iio: accel: mxc4005: Interrupt handling fixes
93cfed3aea7c iio:imu: adis16475: Fix sync mode setting
eeee7fc41562 dt-bindings: iio: health: maxim,max30102: fix compatible check
dc941fec0719 mptcp: ensure snd_nxt is properly initialized on connect
c5ee5f184da9 btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
f1f364ffe274 ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
2ddbb35a01e7 usb: dwc3: core: Prevent phy suspend during init
f78ff8825eb8 usb: xhci-plat: Don't include xhci.h
bad094bd0827 usb: gadget: f_fs: Fix a race condition when processing setup packets.
0bbb498b8e3e usb: gadget: composite: fix OS descriptors w_value logic
855717130362 usb: ohci: Prevent missed ohci interrupts
f157133326cc usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device
a6b9bffbcbb8 usb: typec: ucsi: Fix connector check on init
5f499d7421ac usb: typec: ucsi: Check for notifications after init
9f112211cc54 arm64: dts: qcom: Fix 'interrupt-map' parent address cells
4a89ac4b0921 Reapply "drm/qxl: simplify qxl_fence_wait"
79f988d3ffc1 firewire: nosy: ensure user_length is taken into account when fetching packet contents
5ef9681f73b8 btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send()
890d39f6d974 ACPI: CPPC: Fix access width used for PCC registers
7fcaa31c0047 ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro
6dfd79ed04c5 Revert "Revert "ACPI: CPPC: Use access_width over bit_width for system memory accesses""
3c7013a87124 drm/amd/display: Atom Integrated System Info v2_2 for DCN35
edf5238df340 drm/connector: Add \n to message about demoting connector force-probes
5a5cc5ca725c drm/meson: dw-hdmi: add bandgap setting for g12
f8229be8d627 drm/meson: dw-hdmi: power up phy on device init
c5c8616b3534 net: hns3: fix port vlan filter not disabled issue
2720b9792a52 net: hns3: split function hclge_init_vlan_config()
45b6316f2373 net: hns3: use appropriate barrier function after setting a bit value
f37df6f9b5f6 net: hns3: change type of numa_node_mask as nodemask_t
1e91931e316d net: hns3: refactor hclge_cmd_send with new hclge_comm_cmd_send API
f9315f3ad186 net: hns3: create new set of unified hclge_comm_cmd_send APIs
dd69c1c99a54 net: hns3: create new cmdq hardware description structure hclge_comm_hw
ed3c393fb24f net: hns3: refactor hns3 makefile to support hns3_common module
50964654df19 net: hns3: direct return when receive a unknown mailbox message
5789bfcb9ff9 net: hns3: refactor function hclge_mbx_handler()
52acec0106be net: hns3: add query vf ring and vector map relation
bc8fb44566ff net: hns3: add log for workqueue scheduled late
fee4a1e6564c net: hns3: using user configure after hardware reset
35f8ee4d43ee net: hns3: PF support get unicast MAC address space assigned by firmware
35297fc68de3 ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
21d85ee2d388 net: bridge: fix corrupted ethernet header on multicast-to-unicast
4ff334cade9d phonet: fix rtm_phonet_notify() skb allocation
bb739796564a hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
073ca0c27b36 hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event()
6e6644c0a4f8 hwmon: (corsair-cpro) Use a separate buffer for sending commands
f3c1bf3054f9 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
e97e16433eb4 Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
6a18eeb1b3bb Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
27b0284d8be1 tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
2552c9d9440f tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
20ac71bee028 ARM: 9381/1: kasan: clear stale stack poison
624cd60d6413 xfrm: Preserve vlan tags for transport mode software GRO
24dd9b08df71 qibfs: fix dentry leak
ab5b5e322d12 bpf, sockmap: Improved check for empty queue
d908a8a3de94 bpf, sockmap: Reschedule is now done through backlog
657cfb194cdb bpf, sockmap: Convert schedule_work into delayed_work
bbf2ed06757f bpf, sockmap: Handle fin correctly
ab3128de6edb bpf, sockmap: TCP data stall on recv before accept
4105f0c9af39 net:usb:qmi_wwan: support Rolling modules
90850083ceec drm/nouveau/dp: Don't probe eDP ports twice harder
859e2448be41 fs/9p: drop inodes immediately on non-.L too
4d36b9b7ec4f clk: Don't hold prepare_lock when calling kref_put()
7ca04b83c109 gpio: crystalcove: Use -ENOTSUPP consistently
c5ad5c7a1eed gpio: wcove: Use -ENOTSUPP consistently
d6a15d3bb81c 9p: explicitly deny setlease attempts
2b493bd0da9b fs/9p: translate O_TRUNC into OTRUNC
ad4f65328661 fs/9p: only translate RWX permissions for plain 9P2000
3931e927d551 iommu: mtk: fix module autoloading
12a2ca67f946 selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior
78f459dce4e3 MIPS: scall: Save thread_info.syscall unconditionally on entry
5d3392552087 gpu: host1x: Do not setup DMA for virtual devices
844fc023e9f1 blk-iocost: avoid out of bounds shift
a95798aa08ac scsi: target: Fix SELinux error when systemd-modules loads the target module
546e3bc295ce btrfs: always clear PERTRANS metadata during commit
8b40803c9615 btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve
a362afd5f2a5 tools/power turbostat: Fix Bzy_MHz documentation typo
b582c9ffcb69 tools/power turbostat: Fix added raw MSR output
4f9cc355c328 firewire: ohci: mask bus reset interrupts between ISR and bottom half
6f6aa8c58de4 ata: sata_gemini: Check clk_enable() result
c4fa8b793ddb net: bcmgenet: Reset RBUF on first open
9a41f5e19f27 ALSA: line6: Zero-initialize message buffers
d1b93d4017c4 kbuild: Disable KCSAN for autogenerated *.mod.c intermediaries
8943a256b06e btrfs: return accurate error code on open failure in open_fs_devices()
93aa5ccc4478 scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
c259a4102c84 net: mark racy access on sk->sk_rcvbuf
5490a385b48d wifi: cfg80211: fix rdev_dump_mpp() arguments order
5396e63b73e3 wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
f5d95eead358 gfs2: Fix invalid metadata access in punch_hole
4cab23bbcb98 scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
e5dcdf60c9a8 scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
f2c7f029051e scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
17db92da8be5 KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
5ee5997a085e KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
f1fa9a981620 clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
83ac89e3797d net: gro: add flush check in udp_gro_receive_segment
1b127feac247 drm/panel: ili9341: Use predefined error codes
9de7f6864aa8 drm/panel: ili9341: Respect deferred probe
8792b557eb50 s390/qeth: Fix kernel panic after setting hsuid
b2973b79d5d0 s390/qeth: don't keep track of Input Queue count
42c8471b0566 tipc: fix a possible memleak in tipc_buf_append
c7af99cc2192 net: core: reject skb_copy(_expand) for fraglist GSO skbs
bfd62ca7c87b net: bridge: fix multicast-to-unicast with fraglist GSO
9672bf3eac4f net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341
19275de18b2f cxgb4: Properly lock TX queue for the selftest.
c9d48ce16330 s390/cio: Ensure the copied buf is NUL terminated
bd2d9641a39e ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
fd7dcd658154 ASoC: meson: cards: select SND_DYNAMIC_MINORS
a4ae1c3692ac ASoC: meson: axg-tdm-interface: manage formatters in trigger
fd824a1721eb ASoC: meson: axg-card: make links nonatomic
9719b354f7d4 ASoC: meson: axg-fifo: use threaded irq to check periods
c3b36cd49217 ASoC: meson: axg-fifo: use FIELD helpers
56c44b7f7201 net: qede: use return from qede_parse_actions()
62ad7f87e40b net: qede: use return from qede_parse_flow_attr() for flow_spec
ccf2317b1565 net: qede: use return from qede_parse_flow_attr() for flower
3a6929a6f00c net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
97005a10bf39 s390/vdso: Add CFI for RA register to asm macro vdso_func
e97e0051056b net l2tp: drop flow hash on forward
5a4603fbc285 nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().
ec697fbd38cb octeontx2-af: avoid off-by-one read from userspace
0f560240b4cc bna: ensure the copied buf is NUL terminated
12481f30128f xdp: use flags field to disambiguate broadcast redirect
b6a7077c0ffe xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
a174aa99bae8 xdp: Move conversion to xdp_frame out of map functions
7038794bbfe1 s390/mm: Fix clearing storage keys for huge pages
e27a0db41537 s390/mm: Fix storage key clearing for guest huge pages
fef735072de8 spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
396df2b93943 bpf: Fix a verifier verbose message
5965bc7535fb bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
16c6e4179041 bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
64ea2f585e3c regulator: mt6360: De-capitalize devicetree regulator subnodes
76aa2440deb9 pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
fe881e793fbd power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
e2ebfee0833d power: rt9455: hide unused rt9455_boost_voltage_values
ea6ce93327bd nfs: Handle error of rpc_proc_register() in nfs_net_init().
7ceb89f4016e nfs: make the rpc_stat per net namespace
0bbd42926082 nfs: expose /proc/net/sunrpc/nfs in net namespaces
9e644ff63b2d sunrpc: add a struct rpc_stats arg to rpc_create_args
764e752bf321 pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
35d704f2b9b9 pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
5505e5578621 pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
41f88ef8ba38 pinctrl: core: delete incorrect free in pinctrl_enable()
34674f754960 pinctrl/meson: fix typo in PDM's pin name
ffa6e4d2d5ba pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
26d32bec4c6d eeprom: at24: fix memory corruption race condition
c4137dee8e81 eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
6f35227dcd22 eeprom: at24: Use dev_err_probe for nvmem register failure
91c6dcbc2bab ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
8f3d0bf1d0c6 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
da2140137260 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
ad12c74e953b wifi: nl80211: don't free NULL coalescing rule
714794ed7a8b dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
79a61bfe2ff3 dmaengine: pl330: issue_pending waits until WFP state
b8086c3c1548 reiserfs: Avoid touching renamed directory if parent does not change
ea091017ef62 ipv6: Fix data races around sk->sk_prot.
ff8710da80ee ipv6: annotate some data-races around sk->sk_prot
e8c2eafaaa6a tcp: Fix data races around icsk->icsk_af_ops.
8d1bab770956 locking/rwsem: Disable preemption while trying for rwsem lock
7c82dac02886 block, loop: support partitions without scanning
45f504f301d4 bpftool: Fix pretty print dump for maps without BTF loaded
1f24338cb789 jbd2: Drop the merge conflicted hunk
e1d0e3c51bde tpm: tis_i2c: Limit write bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
1abe841fe331 tpm: tis_i2c: Limit read bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
6224acfc1d56 tpm: Add flag to use default cancellation policy
1cd19d48fb90 tpm: tis_i2c: Fix sanity check interrupt enable mask
a883da132fa8 tpm: Add tpm_tis_i2c backend for tpm_tis_core
a742ac8a1c51 tpm: Add tpm_tis_verify_crc to the tpm_tis_phy_ops protocol layer
ef495c5f45f2 tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops
1f3be2e23aa6 gcc-plugins: Reorganize gimple includes for GCC 13
24615a3b932a ata: ahci: fix enum constants for gcc-13
5d6cb145541a net: stmmac: Enable mac_managed_pm phylink config
fd93aabb4287 tools/resolve_btfids: Use pkg-config to locate libelf
130f9da78406 tools/resolve_btfids: Build with host flags
00f2f1a782f9 tools/resolve_btfids: Support cross-building the kernel with clang
17776a4ba9c2 tools/resolve_btfids: Install libbpf headers when building
7c9808380d70 libbpf: Make libbpf_version.h non-auto-generated
37ae1ba791ac libbpf: Add LIBBPF_DEPRECATED_SINCE macro for scheduling API deprecations
a2667e6d7314 drm/radeon: free iio for atombios when driver shutdown
f100c753aa1f powerpc: Fix reschedule bug in KUAP-unlocked user copy
da5513f30187 libbpf: Fix build warning on ref_ctr_off
4c5a089621a8 perf python: Account for multiple words in CC
1c5699ee85d4 fs: move S_ISGID stripping into the vfs_*() helpers
838f5d0701d8 fs: add mode_strip_sgid() helper
d97172683641 squashfs: provide backing_dev_info in order to disable read-ahead
ed037d7be40c irq_work: use kasan_record_aux_stack_noalloc() record callstack
1363bd7dbde3 ixgbevf: add disable link state
e5601ae2bd24 ixgbe: add improvement for MDD response functionality
caa57cd80575 ixgbe: add the ability for the PF to disable VF link state
16a77bfcc7df Check /dev/console using init_stat()
04574fd5579a tracing/arm: Have max stack tracer handle the case of return address after data
0e51e5717018 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
1e6b7da6ddba drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
493160901320 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
04224f725aa3 irqchip/gic-v3-its: Skip HP notifier when no ITS is registered
6f6c2996a81c irqchip/gic-v3-its: Postpone LPI pending table freeing and memreserve
1fa94473423f irqchip/gic-v3-its: Give the percpu rdist struct its own flags field
6013d1ae5feb cert host tools: Stop complaining about deprecated OpenSSL functions
efe20512212b init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
a40d2daf2795 pnmtologo: use relocatable file name
3b40d5b41155 of: configfs: remove unused variable overlay_lock
6c085baf1838 tools: use basename to identify file in gen-mach-types
2fca0fd71981 lib/build_OID_registry: fix reproducibility issues
0f586f4ee8ad vt/conmakehash: improve reproducibility
a75774679f28 OF: DT-Overlay configfs interface (v8)
d179c639b30b x86/boot: Wrap literal addresses in absolute_pointer()
856ec356cf91 ACPI: thermal: drop an always true check
7614af249993 xfs: Fix -Werror=dangling-pointer work-around for older GCC
41470215f97e xfs: Work around GCC 12 -Werror=dangling-pointer for xfs_attr_remote.o
44a445c1922d virtio-pci: Remove wrong address verification in vp_del_vqs()
77aa9e489eaf bpf: Disallow unprivileged bpf by default
ebfb1822e9f9 fs/aufs: fixup 5.15.36 fixups
4eba9348d3e2 Revert "Revert "fbdev: Hot-unplug firmware fb devices on forced removal""
5df6d1b00f95 jbd2: fix use-after-free of transaction_t race
2d83e8196487 jbd2: refactor wait logic for transaction updates into a common function
07a63f760793 netfilter: conntrack: avoid useless indirection during conntrack destruction
4e7122625996 Revert "fbdev: Hot-unplug firmware fb devices on forced removal"
7ba4cb36fd4f rcu: Avoid alloc_pages() when recording stack
f78574dee71e kasan: test: silence intentional read overflow warnings
d313cb89b6b1 kasan: arm64: fix pcpu_page_first_chunk crash with KASAN_VMALLOC
5e279d5647cc arm64: support page mapping percpu first chunk allocator
e5bf16752dca vmalloc: choose a better start address in vm_area_register_early()
660b3d21b46f kasan: test: bypass __alloc_size checks
00aa7573e53a kasan: test: add memcpy test that avoids out-of-bounds write
67becf0b1bd4 kasan: fix tag for large allocations when using CONFIG_SLAB
bedf1e033213 workqueue, kasan: avoid alloc_pages() when recording stack
7195b67ce69b kasan: generic: introduce kasan_record_aux_stack_noalloc()
bdff763f0e29 kasan: common: provide can_alloc in kasan_save_stack()
51423ebb36ad lib/stackdepot: introduce __stack_depot_save()
85373e66d847 lib/stackdepot: remove unused function argument
5b6cc9b251f3 lib/stackdepot: include gfp.h
c9f3902d8069 aufs: reduce overhead for "code present but disabled" use case.
b98d189df02c aufs: bugfix, umount passes NULL to ->parse_monolithic()
13b883cbbbd9 aufs standalone: cosmetic, missing copyright sentence
21f8b0d81898 aufs: 5.15.5-20220117 ---> 5.15.5-20220221
6199fd896645 aufs: tiny, headers after fs_context
8ddb40e31c29 aufs: fs_context 7/7, finally remount
69035f71c6fd aufs: fs_context 6/7, now mount
bc841b970697 aufs: fs_context 5/7, parse all other mount options
435188053da2 aufs: fs_context 4/7, parse xino options
9af1f1825cbd aufs: fs_context 3/7, parse the branch-management options
1c05eb767f8c aufs: fs_context 2/7, parse "br" mount option
a8488f603134 aufs: fs_context 1/7, skelton of the new shceme
8e32e0015564 aufs: pre fs_context, convert a static flag to a macro
f90cb4144aec aufs: pre fs_context, support the incomplete sb and sbinfo case
948762ef859c aufs: pre fs_context, convert the type of alloc_sbinfo()
77151a08776b aufs: 5.15.5-20211129 ---> 5.15.5-20220117
2539adbbbe1e aufs: 5.14-20211018 ---> 5.15.5-20211129
7d32b25193c4 aufs: for v5.15-rc1, sync_inode() is gone
66ec0c509225 aufs: for v5.15-rc1, new param 'rcu' for ->get_acl()
69709dc518cd aufs: for v5.15-rc1, no mand-lock anymore
ada8fe9543e5 aufs: 5.14-20210906 ---> 5.14-20211018
b77f7f3f394a Revert "aufs: adjust to v5.15 fs changes"
81bdce5b5876 tick/nohz: WARN_ON --> WARN_ON_ONCE to prevent console saturation
97c963889222 sched/isolation: really align nohz_full with rcu_nocbs
871f23ad3627 Revert "ARM: defconfig: Enable ax88796c driver for Exynos boards"
ffad0783dd5b ARM: config: multi v7: Regenerate defconifg
5c1e1a1ff2d3 ARM: config: multi v7: Add renamed symbols
badaf96564fe ARM: config: multi v7: Clean up enabled by default options
34996040fc9b ARM: config: multi v7: Drop unavailable options
7f685244afb3 powerpc/mm: Switch obsolete dssall to .long
20301aeb1a64 riscv: fix build with binutils 2.38
9df58d070506 powerpc/lib/sstep: fix 'ptesync' build error
720b61fc400b x86_64_defconfig: Fix warnings
02bf23d26bc4 arm64: defconfig: cleanup config options
05914e2c87e5 arm: defconfig: drop unused POWER_AVS option
ffb532fa19b9 aufs5: fix build against v5.15.3+
a4b3abf4d96d qemux86: add configuration symbol to select values
fee94ee09154 clear_warn_once: add a clear_warn_once= boot parameter
3d8762d900d9 clear_warn_once: bind a timer to written reset value
95faacac47e8 clear_warn_once: expand debugfs to include read support
de20c4240018 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
0e4aacead9c1 perf: x86-32: explicitly include <errno.h>
9ad92c11468e perf: mips64: Convert __u64 to unsigned long long
09e7efe3e68a perf: fix bench numa compilation
e79becc44fa6 perf: add SLANG_INC for slang.h
b1033b588681 perf: add sgidefs.h to for mips builds
cf9db484ac0b perf: change --root to --prefix for python install
7fd052c2c562 perf: add 'libperl not found' warning
27a437cdd469 perf: force include of <stdbool.h>
3b99d21bec2f fat: don't use obsolete random32 call in namei_vfat
a7e9293b506b FAT: Added FAT_NO_83NAME
6fd0e71d9e5c FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
c379b0d324ae FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
538be0fdb124 aufs: adjust to v5.15 fs changes
f45da75c8759 aufs5: core
047f57e07e01 aufs5: standalone
029fc15574c8 aufs5: mmap
610d0192ee94 aufs5: base
d4e428d0ec5f aufs5: kbuild
eb067eca251a yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
286af18d0875 yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
24d59a4e26a6 yaffs2: v5.12+ build fixups (not runtime tested)
22c73536d5d7 yaffs: include blkdev.h
506b7251bfb8 yaffs: fix misplaced variable declaration
a0e26ff364dc yaffs2: v5.6 build fixups
b10b1b2d169e yaffs2: fix memory leak when /proc/yaffs is read
ad9adccbb214 yaffs: add strict check when call yaffs_internal_read_super
2e3c3aec8279 yaffs: repair yaffs_get_mtd_device
d662538516a7 yaffs: Fix build failure by handling inode i_version with proper atomic API
70a6113ee2c7 yaffs2: fix memory leak in mount/umount
3378e4a9e404 yaffs: Avoid setting any ACL releated xattr
ec2284edddef Yaffs:check oob size before auto selecting Yaffs1
c2a49874051c fs: yaffs2: replace CURRENT_TIME by other appropriate apis
e9a5105a3e73 yaffs2: adjust to proper location of MS_RDONLY
608807406f13 yaffs2: import git revision b4ce1bb (jan, 2020)
89e660ece42c initramfs: allow an optional wrapper script around initramfs generation
b179dbc9aa10 iwlwifi: select MAC80211_LEDS conditionally
3fd5ca3673d0 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
d1f6edbf0188 arm64/perf: Fix wrong cast that may cause wrong truncation
d202fb2caf33 defconfigs: drop obselete options
9a27e3b5f4e7 arm64/perf: fix backtrace for AAPCS with FP enabled
e20d8cf019b4 linux-yocto: Handle /bin/awk issues
b6d2a3dbbd3a uvesafb: provide option to specify timeout for task completion
adb40f1e6a1a uvesafb: print error message when task timeout occurs
f280a1ed0962 compiler.h: Undef before redefining __attribute_const__
4352732f268c vmware: include jiffies.h
7954a677968d Resolve jiffies wrapping about arp
5f28a1035d95 nfs: Allow default io size to be configured.
0d7260ad7106 check console device file on fs when booting
900a12e37e0a mount_root: clarify error messages for when no rootfs found
7b878cbea726 menuconfig,mconf-cfg: Allow specification of ncurses location
6604fc1763b3 modpost: mask trivial warnings
0d294adb09cb kbuild: exclude meta directory from distclean processing
a097cdd95a9e powerpc: serialize image targets
5db6ec39a0a3 arm: serialize build targets
cbabca27905e crtsavres: fixups for 5.4+
7fc7656ed403 powerpc/ptrace: Disable array-bounds warning with gcc8
a5faac5a19a2 powerpc: Disable attribute-alias warnings from gcc8
186c54665b67 powerpc: add crtsavres.o to archprepare for kbuild
d1ea862964ca powerpc: kexec fix for powerpc64
2ac35b89a0f9 powerpc: Add unwind information for SPE registers of E500 core
2e1c348a28bb mips: vdso: fix 'jalr $t9' crash in vdso code
ec57870b303a mips: Kconfig: add QEMUMIPS64 option
6a81b3c08107 4kc cache tlb hazard: tlbp cache coherency
74e3b2a21e54 malta uhci quirks: make allowance for slow 4k(e)c
22e65b63d3b4 arm/Makefile: Fix systemtap
b7f1ab59f19e vexpress: Pass LOADADDR to Makefile
ce2800c73bf7 arm: ARM EABI socketcall
019d142fd956 ARM: LPAE: Invalidate the TLB for module addresses during translation fault
(From OE-Core rev: 973963d56804139193e40fb960aae0b76ed0de46)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
||
|
Bruce Ashfield
|
2ccf694440 |
linux-yocto/5.15: update to v5.15.158
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
284087d4f7d5 Linux 5.15.158
802cab68a6d5 serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
e6a488ae31ce udp: preserve the connected status if only UDP cmsg
93ba36238db6 bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
b65fb50e04a9 HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
b93bdfcf41f2 fbdev: fix incorrect address computation in deferred IO
5a09eae9a7db i2c: smbus: fix NULL function pointer dereference
52e8a42b1107 riscv: Fix TASK_SIZE on 64-bit NOMMU
83c5c0e3cd08 riscv: fix VMALLOC_START definition
9edd3aa34d50 dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
0ccac964520a dma: xilinx_dpdma: Fix locking
dd946e8e57c0 idma64: Don't try to serve interrupts when device is powered off
f5db31e59fd8 dmaengine: owl: fix register access functions
4fa0befa92f2 tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
214a2dfbb84f tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
5be39f901169 mtd: diskonchip: work around ubsan link failure
ec8d0ee88079 stackdepot: respect __GFP_NOLOCKDEP allocation flag
018c4ea7002f net: b44: set pause params only when interface is up
d35fb1664eb2 ethernet: Add helper for assigning packet type when dest address does not match device address
5dbdbe113391 irqchip/gic-v3-its: Prevent double free on error
9d0580ded513 drm/amdgpu: Fix leak when GPU memory allocation fails
7e350ee649e0 drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
1a1dc37c23aa arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
36b32816fbab cpu: Re-enable CPU mitigations by default for !X86 architectures
e58047553a4e btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
1200481cd606 mmc: sdhci-msm: pervent access to suspended controller
52f9041deaca Bluetooth: qca: fix NULL-deref on non-serdev suspend
b3b2f2ed7d56 Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
46c105b178b9 Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
2cb0b9aaa0fe x86/cpu: Fix check for RDPKRU in __show_regs()
b8511fbf03fb tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together
1ea85ae08e39 tracing: Show size of requested perf buffer
605a9eb70e92 net/mlx5e: Fix a race in command alloc flow
7e44291e9615 Revert "crypto: api - Disallow identical driver names"
51256394970e drm/vmwgfx: Fix crtc's atomic check conditional
7c3461b6b1dc drm-print: add drm_dbg_driver to improve namespace symmetry
479244d68f5d serial: mxs-auart: add spinlock around changing cts state
5c92a4517cc9 serial: core: Provide port lock wrappers
2e29ff824b47 af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc().
0b289962c482 net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
2418d3f348d5 iavf: Fix TC config comparison with existing adapter TC config
69ae07c7ad82 i40e: Report MFS in decimal base instead of hex
ff7431f898dd i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
5c45feb3c288 netfilter: nf_tables: honor table dormant flag from netdev release event path
63d814d93c5c mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
64435b64e43d mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
039992b6d2df mlxsw: spectrum_acl_tcam: Fix warning during rehash
413a01886c39 mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
7adc29af50f7 mlxsw: spectrum_acl_tcam: Rate limit error message
4c89642ca47f mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
c17976b42d54 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
2943fb714d83 mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
9048616553c6 net: openvswitch: Fix Use-After-Free in ovs_ct_exit
8ece90ac97eb ipvs: Fix checksumming on GSO of SCTP packets
2e74b3fd6bf5 net: gtp: Fix Use-After-Free in gtp_dellink
dd602fb3526d net: usb: ax88179_178a: stop lying about skb->truesize
03b5a9b2b526 ipv4: check for NULL idev in ip_route_use_hint()
55da4788ceed NFC: trf7970a: disable all regulators on removal
f41fbb4ff219 bridge/br_netlink.c: no need to return void function
23b7ee4a8d55 icmp: prevent possible NULL dereferences from icmp_build_probe()
8bdd3cf01490 mlxsw: core: Unregister EMAD trap using FORWARD action
7336b6aa825f vxlan: drop packets from invalid src-address
66384a7399f9 wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
f5aa109c94ec wifi: iwlwifi: mvm: remove old PASN station when adding a new one
0f530ed87266 ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
7acd2d7b7603 arm64: dts: mediatek: mt2712: fix validation errors
203e81849bd9 arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
7b0a487bce51 arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
d856ae10cdcf arm64: dts: mediatek: mt7622: fix IR nodename
0434c99bf3f1 arm64: dts: mediatek: mt7622: fix clock controllers
2f83d3d2cc3c arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
506ac5538498 arm64: dts: mediatek: mt7622: add support for coherent DMA
a897ecbb5779 arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
daf284595e6f arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
91eb350da992 arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
c5ff64a50037 arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
938cf022b72c arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
d69ccea6041e HID: logitech-dj: allow mice to use all types of reports
9fd9468d1c5e HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
e054770d566b cifs: reinstate original behavior again for forceuid/forcegid
929ba00702cf smb: client: fix rename(2) regression against samba
b8086c3c1548 reiserfs: Avoid touching renamed directory if parent does not change
ea091017ef62 ipv6: Fix data races around sk->sk_prot.
ff8710da80ee ipv6: annotate some data-races around sk->sk_prot
e8c2eafaaa6a tcp: Fix data races around icsk->icsk_af_ops.
8d1bab770956 locking/rwsem: Disable preemption while trying for rwsem lock
7c82dac02886 block, loop: support partitions without scanning
45f504f301d4 bpftool: Fix pretty print dump for maps without BTF loaded
1f24338cb789 jbd2: Drop the merge conflicted hunk
e1d0e3c51bde tpm: tis_i2c: Limit write bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
1abe841fe331 tpm: tis_i2c: Limit read bursts to I2C_SMBUS_BLOCK_MAX (32) bytes
6224acfc1d56 tpm: Add flag to use default cancellation policy
1cd19d48fb90 tpm: tis_i2c: Fix sanity check interrupt enable mask
a883da132fa8 tpm: Add tpm_tis_i2c backend for tpm_tis_core
a742ac8a1c51 tpm: Add tpm_tis_verify_crc to the tpm_tis_phy_ops protocol layer
ef495c5f45f2 tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops
1f3be2e23aa6 gcc-plugins: Reorganize gimple includes for GCC 13
24615a3b932a ata: ahci: fix enum constants for gcc-13
5d6cb145541a net: stmmac: Enable mac_managed_pm phylink config
fd93aabb4287 tools/resolve_btfids: Use pkg-config to locate libelf
130f9da78406 tools/resolve_btfids: Build with host flags
00f2f1a782f9 tools/resolve_btfids: Support cross-building the kernel with clang
17776a4ba9c2 tools/resolve_btfids: Install libbpf headers when building
7c9808380d70 libbpf: Make libbpf_version.h non-auto-generated
37ae1ba791ac libbpf: Add LIBBPF_DEPRECATED_SINCE macro for scheduling API deprecations
a2667e6d7314 drm/radeon: free iio for atombios when driver shutdown
f100c753aa1f powerpc: Fix reschedule bug in KUAP-unlocked user copy
da5513f30187 libbpf: Fix build warning on ref_ctr_off
4c5a089621a8 perf python: Account for multiple words in CC
1c5699ee85d4 fs: move S_ISGID stripping into the vfs_*() helpers
838f5d0701d8 fs: add mode_strip_sgid() helper
d97172683641 squashfs: provide backing_dev_info in order to disable read-ahead
ed037d7be40c irq_work: use kasan_record_aux_stack_noalloc() record callstack
1363bd7dbde3 ixgbevf: add disable link state
e5601ae2bd24 ixgbe: add improvement for MDD response functionality
caa57cd80575 ixgbe: add the ability for the PF to disable VF link state
16a77bfcc7df Check /dev/console using init_stat()
04574fd5579a tracing/arm: Have max stack tracer handle the case of return address after data
0e51e5717018 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
1e6b7da6ddba drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
493160901320 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition
04224f725aa3 irqchip/gic-v3-its: Skip HP notifier when no ITS is registered
6f6c2996a81c irqchip/gic-v3-its: Postpone LPI pending table freeing and memreserve
1fa94473423f irqchip/gic-v3-its: Give the percpu rdist struct its own flags field
6013d1ae5feb cert host tools: Stop complaining about deprecated OpenSSL functions
efe20512212b init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
a40d2daf2795 pnmtologo: use relocatable file name
3b40d5b41155 of: configfs: remove unused variable overlay_lock
6c085baf1838 tools: use basename to identify file in gen-mach-types
2fca0fd71981 lib/build_OID_registry: fix reproducibility issues
0f586f4ee8ad vt/conmakehash: improve reproducibility
a75774679f28 OF: DT-Overlay configfs interface (v8)
d179c639b30b x86/boot: Wrap literal addresses in absolute_pointer()
856ec356cf91 ACPI: thermal: drop an always true check
7614af249993 xfs: Fix -Werror=dangling-pointer work-around for older GCC
41470215f97e xfs: Work around GCC 12 -Werror=dangling-pointer for xfs_attr_remote.o
44a445c1922d virtio-pci: Remove wrong address verification in vp_del_vqs()
77aa9e489eaf bpf: Disallow unprivileged bpf by default
ebfb1822e9f9 fs/aufs: fixup 5.15.36 fixups
4eba9348d3e2 Revert "Revert "fbdev: Hot-unplug firmware fb devices on forced removal""
5df6d1b00f95 jbd2: fix use-after-free of transaction_t race
2d83e8196487 jbd2: refactor wait logic for transaction updates into a common function
07a63f760793 netfilter: conntrack: avoid useless indirection during conntrack destruction
4e7122625996 Revert "fbdev: Hot-unplug firmware fb devices on forced removal"
7ba4cb36fd4f rcu: Avoid alloc_pages() when recording stack
f78574dee71e kasan: test: silence intentional read overflow warnings
d313cb89b6b1 kasan: arm64: fix pcpu_page_first_chunk crash with KASAN_VMALLOC
5e279d5647cc arm64: support page mapping percpu first chunk allocator
e5bf16752dca vmalloc: choose a better start address in vm_area_register_early()
660b3d21b46f kasan: test: bypass __alloc_size checks
00aa7573e53a kasan: test: add memcpy test that avoids out-of-bounds write
67becf0b1bd4 kasan: fix tag for large allocations when using CONFIG_SLAB
bedf1e033213 workqueue, kasan: avoid alloc_pages() when recording stack
7195b67ce69b kasan: generic: introduce kasan_record_aux_stack_noalloc()
bdff763f0e29 kasan: common: provide can_alloc in kasan_save_stack()
51423ebb36ad lib/stackdepot: introduce __stack_depot_save()
85373e66d847 lib/stackdepot: remove unused function argument
5b6cc9b251f3 lib/stackdepot: include gfp.h
c9f3902d8069 aufs: reduce overhead for "code present but disabled" use case.
b98d189df02c aufs: bugfix, umount passes NULL to ->parse_monolithic()
13b883cbbbd9 aufs standalone: cosmetic, missing copyright sentence
21f8b0d81898 aufs: 5.15.5-20220117 ---> 5.15.5-20220221
6199fd896645 aufs: tiny, headers after fs_context
8ddb40e31c29 aufs: fs_context 7/7, finally remount
69035f71c6fd aufs: fs_context 6/7, now mount
bc841b970697 aufs: fs_context 5/7, parse all other mount options
435188053da2 aufs: fs_context 4/7, parse xino options
9af1f1825cbd aufs: fs_context 3/7, parse the branch-management options
1c05eb767f8c aufs: fs_context 2/7, parse "br" mount option
a8488f603134 aufs: fs_context 1/7, skelton of the new shceme
8e32e0015564 aufs: pre fs_context, convert a static flag to a macro
f90cb4144aec aufs: pre fs_context, support the incomplete sb and sbinfo case
948762ef859c aufs: pre fs_context, convert the type of alloc_sbinfo()
77151a08776b aufs: 5.15.5-20211129 ---> 5.15.5-20220117
2539adbbbe1e aufs: 5.14-20211018 ---> 5.15.5-20211129
7d32b25193c4 aufs: for v5.15-rc1, sync_inode() is gone
66ec0c509225 aufs: for v5.15-rc1, new param 'rcu' for ->get_acl()
69709dc518cd aufs: for v5.15-rc1, no mand-lock anymore
ada8fe9543e5 aufs: 5.14-20210906 ---> 5.14-20211018
b77f7f3f394a Revert "aufs: adjust to v5.15 fs changes"
81bdce5b5876 tick/nohz: WARN_ON --> WARN_ON_ONCE to prevent console saturation
97c963889222 sched/isolation: really align nohz_full with rcu_nocbs
871f23ad3627 Revert "ARM: defconfig: Enable ax88796c driver for Exynos boards"
ffad0783dd5b ARM: config: multi v7: Regenerate defconifg
5c1e1a1ff2d3 ARM: config: multi v7: Add renamed symbols
badaf96564fe ARM: config: multi v7: Clean up enabled by default options
34996040fc9b ARM: config: multi v7: Drop unavailable options
7f685244afb3 powerpc/mm: Switch obsolete dssall to .long
20301aeb1a64 riscv: fix build with binutils 2.38
9df58d070506 powerpc/lib/sstep: fix 'ptesync' build error
720b61fc400b x86_64_defconfig: Fix warnings
02bf23d26bc4 arm64: defconfig: cleanup config options
05914e2c87e5 arm: defconfig: drop unused POWER_AVS option
ffb532fa19b9 aufs5: fix build against v5.15.3+
a4b3abf4d96d qemux86: add configuration symbol to select values
fee94ee09154 clear_warn_once: add a clear_warn_once= boot parameter
3d8762d900d9 clear_warn_once: bind a timer to written reset value
95faacac47e8 clear_warn_once: expand debugfs to include read support
de20c4240018 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel.
0e4aacead9c1 perf: x86-32: explicitly include <errno.h>
9ad92c11468e perf: mips64: Convert __u64 to unsigned long long
09e7efe3e68a perf: fix bench numa compilation
e79becc44fa6 perf: add SLANG_INC for slang.h
b1033b588681 perf: add sgidefs.h to for mips builds
cf9db484ac0b perf: change --root to --prefix for python install
7fd052c2c562 perf: add 'libperl not found' warning
27a437cdd469 perf: force include of <stdbool.h>
3b99d21bec2f fat: don't use obsolete random32 call in namei_vfat
a7e9293b506b FAT: Added FAT_NO_83NAME
6fd0e71d9e5c FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option
c379b0d324ae FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option
538be0fdb124 aufs: adjust to v5.15 fs changes
f45da75c8759 aufs5: core
047f57e07e01 aufs5: standalone
029fc15574c8 aufs5: mmap
610d0192ee94 aufs5: base
d4e428d0ec5f aufs5: kbuild
eb067eca251a yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL
286af18d0875 yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name
24d59a4e26a6 yaffs2: v5.12+ build fixups (not runtime tested)
22c73536d5d7 yaffs: include blkdev.h
506b7251bfb8 yaffs: fix misplaced variable declaration
a0e26ff364dc yaffs2: v5.6 build fixups
b10b1b2d169e yaffs2: fix memory leak when /proc/yaffs is read
ad9adccbb214 yaffs: add strict check when call yaffs_internal_read_super
2e3c3aec8279 yaffs: repair yaffs_get_mtd_device
d662538516a7 yaffs: Fix build failure by handling inode i_version with proper atomic API
70a6113ee2c7 yaffs2: fix memory leak in mount/umount
3378e4a9e404 yaffs: Avoid setting any ACL releated xattr
ec2284edddef Yaffs:check oob size before auto selecting Yaffs1
c2a49874051c fs: yaffs2: replace CURRENT_TIME by other appropriate apis
e9a5105a3e73 yaffs2: adjust to proper location of MS_RDONLY
608807406f13 yaffs2: import git revision b4ce1bb (jan, 2020)
89e660ece42c initramfs: allow an optional wrapper script around initramfs generation
b179dbc9aa10 iwlwifi: select MAC80211_LEDS conditionally
3fd5ca3673d0 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)
d1f6edbf0188 arm64/perf: Fix wrong cast that may cause wrong truncation
d202fb2caf33 defconfigs: drop obselete options
9a27e3b5f4e7 arm64/perf: fix backtrace for AAPCS with FP enabled
e20d8cf019b4 linux-yocto: Handle /bin/awk issues
b6d2a3dbbd3a uvesafb: provide option to specify timeout for task completion
adb40f1e6a1a uvesafb: print error message when task timeout occurs
f280a1ed0962 compiler.h: Undef before redefining __attribute_const__
4352732f268c vmware: include jiffies.h
7954a677968d Resolve jiffies wrapping about arp
5f28a1035d95 nfs: Allow default io size to be configured.
0d7260ad7106 check console device file on fs when booting
900a12e37e0a mount_root: clarify error messages for when no rootfs found
7b878cbea726 menuconfig,mconf-cfg: Allow specification of ncurses location
6604fc1763b3 modpost: mask trivial warnings
0d294adb09cb kbuild: exclude meta directory from distclean processing
a097cdd95a9e powerpc: serialize image targets
5db6ec39a0a3 arm: serialize build targets
cbabca27905e crtsavres: fixups for 5.4+
7fc7656ed403 powerpc/ptrace: Disable array-bounds warning with gcc8
a5faac5a19a2 powerpc: Disable attribute-alias warnings from gcc8
186c54665b67 powerpc: add crtsavres.o to archprepare for kbuild
d1ea862964ca powerpc: kexec fix for powerpc64
2ac35b89a0f9 powerpc: Add unwind information for SPE registers of E500 core
2e1c348a28bb mips: vdso: fix 'jalr $t9' crash in vdso code
ec57870b303a mips: Kconfig: add QEMUMIPS64 option
6a81b3c08107 4kc cache tlb hazard: tlbp cache coherency
74e3b2a21e54 malta uhci quirks: make allowance for slow 4k(e)c
22e65b63d3b4 arm/Makefile: Fix systemtap
b7f1ab59f19e vexpress: Pass LOADADDR to Makefile
ce2800c73bf7 arm: ARM EABI socketcall
019d142fd956 ARM: LPAE: Invalidate the TLB for module addresses during translation fault
(From OE-Core rev: 88ec14db188d701168a6d6978475bd9fd61cb20b)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
||
 Soumya Sambu
|
7506cbff40 |
go: Fix CVE-2024-24789
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors. References: https://nvd.nist.gov/vuln/detail/CVE-2024-24789 Upstream-patch: https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (From OE-Core rev: f198fdc392c6e3b99431383ab6577749e83f1cb3) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Ashish Sharma
|
ae4a66db4b |
gtk+3 : backport fix for CVE-2024-6655
stop looking for modules in cwd in gtk/gtkmodules.c. Upstream-Status: Backport [https://launchpad.net/ubuntu/+source/gtk+3.0/3.24.33-1ubuntu2.2] (From OE-Core rev: 37b9eb01dc6342bc0308c9c970e3c379c83b706f) Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Peter Marko
|
93ef091fb2 |
gcc-runtime: remove bashism
Debian 12 no longer supports replacing dash with bash as default shell. Therefore to achieve compatibility with Debian 12, all bashisms need to be removed. Shell comparison via == gives an error with dash and thus the condition is always false. (From OE-Core rev: 3723b26f82219ff71823335d550dbf29086d63d4) (From OE-Core rev: c6cafd2aa50357c80fbab79741d575ff567c5766) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Wang Mingyu
|
0405a3b4f3 |
wireless-regdb: upgrade 2024.01.23 -> 2024.05.08
(From OE-Core rev: 0f9dae1adabb4fc22e8c4849eb2d52aecf21c19f) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0823e8ea83ac907b37bc9eb0ec7dc32862997eff) Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Deepthi Hemraj
|
2a6c675b9a |
llvm: Fix CVE-2024-31852
(From OE-Core rev: c001e2af10d8afa13c8f50632a074c5a9a00d7bb) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Deepthi Hemraj
|
e135227779 |
llvm: Fix CVE-2023-46049
[Bitcode] Add some missing GetTypeByID failure checks Print an error instead of crashing. (From OE-Core rev: 9cc4518226488693942ad325d6264e52006bd061) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Peter Marko
|
e781bf1095 |
wpa-supplicant: Patch CVE-2023-52160
PEAP client: Update Phase 2 authentication requirements. Also see https://www.top10vpn.com/research/wifi-vulnerabilities/ Patch is copied from scarthgap, the recipes differ too much for cherry-pick even if they have the same version. (From OE-Core rev: 5e1283f0afeaf0d0aa5e1c96fc571f69897e1ca8) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Florian Amstutz
|
322d4df8cb |
uboot-sign: Fix index error in concat_dtb_helper() with multiple configs
Commit
|
||
 Vijay Anusuri
|
b1b94b434d |
python3-jinja2: Upgrade 3.1.3 -> 3.1.4
Switch to use flit core since upstream changed. They also changed the capitalisation under pypi. The license didn't change but the file was renamed, probably as it wasn't rst. (From OE-Core rev: 58ee84c274b0c93902aad5d4f434daec5da55134) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e352680528b18c3cdae26233bef7cddc2771d42d) Upgrade fixes CVE-2024-34064 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Peter Marko
|
67e1f5404c |
libarchive: ignore CVE-2024-37407
History of code changes: * introduced: https://github.com/ilibarchive/libarchive/commit/390d83012fdba8c8db7fc9915338805882b0597a (v3.7.2-52-g390d8301) * reverted: 6https://github.com/libarchive/libarchive/commit/2c8caf6611a7d0662d80176c4fdb40f85794699 (v3.7.2-53-g62c8caf6) * re-introduced: 9https://github.com/libarchive/libarchive/commit/1f27004a5c88589658e38d68e46d223da6b75ca (v3.7.3-14-g91f27004) * fixed: bhttps://github.com/libarchive/libarchive/commit/6a979481b7d77c12fa17bbed94576b63bbcb0c0 (v3.7.3-24-gb6a97948) Since there is no release where this CVE was present, we can safely ignore it. (From OE-Core rev: 2b407f34df5a768c271fc7049e7272d1a79c04a0) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Peter Marko
|
3242d8234d |
busybox: Patch CVE-2021-42380
Backport patch for CVE-2021-42380. Move if before patch for CVE-2023-42363 because they touch the same code and they are in this order in git history so we avoid fuzz modifications. This will remove fuzz modifications from CVE-2023-42363 and both will apply cleanly without modifications (except line number changes and the first one also has little fuzz fix in tests). This will also make it equal to master/scarthgap patch order/content. (From OE-Core rev: af3c8ff64054e131b009545883cb87454ce04b64) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Ashish Sharma
|
6d58d0c4a2 |
ruby: backport fix for CVE-2024-27282
Upstream-Status: Backport [https://github.com/ruby/ruby/commit/989a2355808a63fc45367785c82ffd46d18c900a] (From OE-Core rev: 94a0350058e51c4b05bf5d4e02d048c2e6256725) Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Hitendra Prajapati
|
4bad38de6e |
busybox: Fix CVE-2023-42363
Upstream-Status: Backport from https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa (From OE-Core rev: 929deb4a80d65dc3a6e9a523f1aed12635ed7d53) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Steve Sakoman
|
6bd3969d32 |
build-appliance-image: Update to kirkstone head revision
(From OE-Core rev: 5d97b0576e98a2cf402abab1a1edcab223545d87) Signed-off-by: Steve Sakoman <steve@sakoman.com>kirkstone-4.0.20 yocto-4.0.20 |
||
|
Steve Sakoman
|
75ff26ce99 |
poky.conf: bump version for 4.0.20
(From meta-yocto rev: c4c74d1e575217ddc4b74759cd83186a70940ef9) Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Poonam Jadhav
|
be9285cbd9 |
glibc-tests: Add missing bash ptest dependency
The script has a bashism and needs bash to execute correctly. Mark it
as such and add the missing bash dependency so it executes in minimal
images.
(From OE-Core rev: a1b5afac108d9c94e8fc2ad8cfebfee16f6f243b)
(From OE-Core rev: 8e650506885bc4465f9569b3ccdc327eb83d90db)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit
|
||
|
Poonam Jadhav
|
945b58b5ba |
glibc-tests: correctly pull in the actual tests when installing -ptest package
The tests are packaged into the main glibc-tests package which is fine,
but then glibc-tests-ptest package needs to depend on that.
Which is what this commit addresses.
(From OE-Core rev: d37c2d428b09b9d0cbb875f083c6a1e9883a7fed)
(From OE-Core rev: c09335a23025ff78a6d3eb41c483b5a479b1c3be)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit
|
||
 Jonas Gorski
|
b5381de5ba |
linuxloader: add -armhf on arm only for TARGET_FPU 'hard'
There are two types of soft FPU options for arm, soft and softfp, and if using the latter the wrong dynamic loader will be used. E.g. go will link against ld-linux-armhf.so.3, but libc6 will only ship a ld-linux.so.3, so go programs will fail to start. Fix this by instead checking for TARGET_FPU being 'hard' and then applying the suffix. (From OE-Core rev: c7426629245db2ea8d9f3cf25b575ac31b5a83b0) Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 07b4c7a2bd23f8645810e13439e814caaaf9cd94) Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Jose Quaresma
|
979f68bad0 |
openssh: fix CVE-2024-6387
sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive). Race condition resulting in potential remote code execution. A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems. This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config) though this makes denial-of service against sshd(8) considerably easier. For more information, please refer to the release notes [1] and the report from the Qualys Security Advisory Team [2] who discovered the bug. [1] https://www.openssh.com/txt/release-9.8 [2] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt References: https://www.openssh.com/security.html (From OE-Core rev: ddb998d16fd869acb00a1cd8038ada20fd32aa8b) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> v2: include the missing cve tag: CVE: CVE-2024-6387 v3: add the Signed-off-by on the CVE-2024-6387.patch Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Siddharth Doshi
|
9170d3f0f3 |
OpenSSL: Security fix for CVE-2024-5535
Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c] CVE's Fixed: CVE-2024-5535 openssl: SSL_select_next_proto buffer overread (From OE-Core rev: 2f4ac382a76e093a3eac6e74fbe2d136094cedf1) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Archana Polampalli
|
14065a801b |
gstreamer1.0-plugins-base: fix CVE-2024-4453
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-23896. (From OE-Core rev: 6708631c89d1cb0d7e0e1b888c51826b3939f8af) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Vijay Anusuri
|
6635675a68 |
wget: Fix for CVE-2024-38428
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/wget.git/commit/?id=ed0c7c7e0e8f7298352646b2fd6e06a11e242ace] (From OE-Core rev: 4f7fb1cf937b0cefa5b0079417859b56c3171c0a) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Changqing Li
|
cbac0f1bfc |
man-pages: remove conflict pages
Remove the pages which libxcrypt and shadow already have to avoid following conflicts during install man-pages and libxcrypt/shadow at the same time. Error: Transaction test error: file /usr/share/man/man3/crypt.3 from install of libcrypt-doc-4.4.33-r0.x86_64 conflicts with file from package man-pages-6.04-r0.x86_64 (From OE-Core rev: fbc8f5381e8e1da0d06f7f8e5b8c63a49b1858c2) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 605b4a91dc44d33bd4742841e71645275bc039e8) Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Thomas Perrot
|
7c5fc9fedc |
man-pages: add an alternative link name for crypt_r.3
Because crypt_r.3 is also provided by libxcrypt-doc. (From OE-Core rev: 5160fb6bf6ef49c0c33b000f377a56effd398fd0) Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ae5a8629ea72d6b3567047c7b858deae28623aba) Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Khem Raj
|
af50c9154c |
gobject-introspection: Do not hardcode objdump name
Use OBJDUMP variable in the script, this helps in using the lddwrapper with recipes which maybe using different objdump tools e.g.l llvm-objdump or vice-versa (From OE-Core rev: bbbb515f7df240b8679567cd3e04d6b4ccc65f6d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c04b3e0e371859c159b76bff87a5b1299b51d0c8) Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io> Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Siddharth
|
940a24ab8b |
openssl: Upgrade 3.0.13 -> 3.0.14
CVE's Fixed by upgrade: CVE-2024-4741: Fixed potential use after free after SSL_free_buffers() is called CVE-2024-4603: Fixed an issue where checking excessively long DSA keys or parameters may be very slow CVE-2024-2511: Fixed unbounded memory growth with session handling in TLSv1.3 Removed backports of CVE-2024-2511 and CVE-2024-4603 as they are already fixed. Detailed Information: https://github.com/openssl/openssl/blob/openssl-3.0/CHANGES.md#changes-between-3013-and-3014-4-jun-2024 (From OE-Core rev: 8f51bac2a05747ea186e928eda2358f2e6295883) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Deepthi Hemraj
|
14fe1f1319 |
glibc: stable 2.35 branch updates
Below commit on glibc-2.35 stable branch is updated. 72abffe225 Force DT_RPATH for --enable-hardcoded-path-in-tests (From OE-Core rev: 8accff90a850265ecc8570cfa15e8e5963d2a5d7) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Yogita Urade
|
52f1435174 |
ruby: fix CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-27280 (From OE-Core rev: 729310d17310dff955c51811ff3339fdbc017b95) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Yogita Urade
|
064e000b18 |
acpica: fix CVE-2024-24856
The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-24856 (From OE-Core rev: 0920aacb2a042e10e54db949428471ef9b20c96d) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Siddharth Doshi
|
e2366b9d09 |
libxml2: Security fix for CVE-2024-34459
Upstream-Status: Backport from [https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac5392a4e891b81e40e592c3ac6cb46016ce] CVE's Fixed: CVE-2024-34459 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c (From OE-Core rev: b9f46d058854c0a6104a928b7b0b30d65fb87c2e) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Peter Marko
|
f27a1997b6 |
glib-2.0: patch CVE-2024-34397
This is taken from https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4047 That MR was not merged as 2.72 is inactive branch now. But it can be used by distributions, like Ubuntu did under https://git.launchpad.net/ubuntu/+source/glib2.0/commit/?h=applied/ubuntu/jammy-security&id=94425c909b037c63c9dbbf72015f628ed4ad4aea (From OE-Core rev: 95e8507848e3143eca83621f6572439e22f60bd4) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Lee Chee Yang
|
35a517b7bd |
migration-guides: add release notes for 4.0.19
add release notes for 4.0.19. (From yocto-docs rev: b15b1d369edf33cd91232fefa0278e7e89653a01) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Reviewed-by: Michael Opdenacker <michael@opdenacker.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Steve Sakoman
|
4374c6dfab |
bitbake: tests/fetch: Tweak test to match upstream repo url change Upstream changed their urls, update our test to match.
(Bitbake rev: 734b0ea3dfe45eb16ee60f0c2c388e22af4040e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Steve Sakoman
|
e139e9d0ce |
build-appliance-image: Update to kirkstone head revision
(From OE-Core rev: ab2649ef6c83f0ae7cac554a72e6bea4dcda0e99) Signed-off-by: Steve Sakoman <steve@sakoman.com>kirkstone-4.0.19 yocto-4.0.19 |
||
|
Steve Sakoman
|
4cf40d4608 |
poky.conf: bump version for 4.0.19
(From meta-yocto rev: 6518f291d692997632304451695b6c194fec6fa6) Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Soumya Sambu
|
d08e8d726d |
git: Fix multiple CVEs
CVE-2024-32002: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. CVE-2024-32004: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources. CVE-2024-32020: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a "proper" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. CVE-2024-32021: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. CVE-2024-32465: Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but vulnerabilities allow those protections to be bypassed. In the context of cloning local repositories owned by other users, this vulnerability has been covered in CVE-2024-32004. But there are circumstances where the fixes for CVE-2024-32004 are not enough: For example, when obtaining a `.zip` file containing a full copy of a Git repository, it should not be trusted by default to be safe, as e.g. hooks could be configured to run within the context of that repository. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid using Git in repositories that have been obtained via archives from untrusted sources. References: https://nvd.nist.gov/vuln/detail/CVE-2024-32002 https://nvd.nist.gov/vuln/detail/CVE-2024-32004 https://nvd.nist.gov/vuln/detail/CVE-2024-32020 https://nvd.nist.gov/vuln/detail/CVE-2024-32021 https://nvd.nist.gov/vuln/detail/CVE-2024-32465 (From OE-Core rev: 209c41377abf6853455b00af3923f1b244a3766b) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Soumya Sambu
|
ec87d3ca28 |
util-linux: Fix CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. CVE-2024-28085-0005 is the CVE fix and CVE-2024-28085-0001, CVE-2024-28085-0002, CVE-2024-28085-0003, CVE-2024-28085-0004 are dependent commits to fix the CVE. References: https://nvd.nist.gov/vuln/detail/CVE-2024-28085 (From OE-Core rev: 28d9f948536dfee2330e4cfd225c932d20d688f1) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Archana Polampalli
|
b0b5da10e1 |
ghostscript: fix CVE-2023-52722
(From OE-Core rev: 66228a9e8177e70a5653b61742836a3ad83e78af) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Archana Polampalli
|
2db6158ba5 |
ghostscript: fix CVE-2024-29510
(From OE-Core rev: 18e03cadcad0b416ef9fe65627e2e5c2924e3f26) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Archana Polampalli
|
c44a4b4958 |
ghostscript: fix CVE-2024-33871
Added dependent patch [1] for backporting this CVE [1] https://github.com/ArtifexSoftware/ghostpdl/commit/8b47f269b83b172b22606806fe5ec272d974e797 (From OE-Core rev: edcaa55aa53d51528ae77d1f4b544309c8e1e48e) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Archana Polampalli
|
acf74d7113 |
ghostscript: fix CVE-2024-33869
(From OE-Core rev: fb0271a2d4e847764816b673aa37ea03ee4b3325) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Archana Polampalli
|
f60be736e6 |
ghostscript: fix CVE-2024-33870
(From OE-Core rev: 9f0c63b568312da93daeb31eeb2874b98d1e3eea) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Colin McAllister
|
db3cb6f113 |
initscripts: Add custom mount args for /var/lib
Adds bitbake variable to set additional mount flags for the /var/lib overlayfs or bind mount when using a read-only root filesystem. This can be used to set additional options like "-o nodev". (From OE-Core rev: c3109e40e2c2c881996dd3fcc95fca74f098646d) (From OE-Core rev: e0a1ed7aa1f2b12d985414db9a75d6e151ae8d21) Signed-off-by: Colin McAllister <colin.mcallister@garmin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Bob Henz
|
95d2f8cf15 |
systemd-systemctl: Fix WantedBy processing
An empty string assignment to WantedBy should clear all prior WantedBy
settings. This matches behavior of the current systemd implementation.
(From OE-Core rev: 8ede0083c28fadf1e83c9256618190b931edd306)
(From OE-Core rev: 9e3a2e143ef2aaab335439ddbe1ab976aeeed35d)
Signed-off-by: Bob Henz <robert_henz@jabil.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit
|
||
 Stefan Herbrechtsmeier
|
96242e3146 |
classes: go-mod: do not pack go mod cache
Clean go module cache from builddir to prevent it of beeing packed. (From OE-Core rev: c850931590ff22da4d38756f957b88e04078c76c) Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 328bea56dec8f83b5c118f567e122510f9243087) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Dmitry Baryshkov
|
6ae41f83ca |
go.bbclass: fix path to linker in native Go builds
Building native Go tools results in the tool pointing to the wrong location of dynamic linker (see below). The linker is looked up in the temporary dir, which can be removed if rm_work is inherited. This results in being unable to execute the program with the 'No such file or directory' error. Override linker specificiation for native recipes (and let Go build environment to pick up a correct one on it's own). The error is observed in case the distro doesn't use uninative.bbclass. If uninative.bbclass is used, the binary will be patched automatically to use the uninative loader instead of the system one. Without this patch: $ ldd tmp-rpb-glibc/sysroots-components/x86_64/go-md2man-native/usr/bin/go-md2man linux-vdso.so.1 (0x00007ffe945ec000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f3a7490e000) /home/lumag/Projects/RPB/build-rpb/tmp-rpb-glibc/work/x86_64-linux/go-md2man-native/1.0.10+gitAUTOINC+f79a8a8ca6-r0/recipe-sysroot-native/usr/lib/ld-linux-x86-64.so.2 => /lib64/ld-linux-x86-64.so.2 (0x00007f3a74d13000) $ tmp-rpb-glibc/sysroots-components/x86_64/go-md2man-native/usr/bin/go-md2man --help -bash: tmp-rpb-glibc/sysroots-components/x86_64/go-md2man-native/usr/bin/go-md2man: No such file or directory With the patch $ ldd tmp-rpb-glibc/sysroots-components/x86_64/go-md2man-native/usr/bin/go-md2man linux-vdso.so.1 (0x00007ffd19dbf000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f2d44181000) /lib64/ld-linux-x86-64.so.2 (0x00007f2d44586000) $ tmp-rpb-glibc/sysroots-components/x86_64/go-md2man-native/usr/bin/go-md2man --help Usage of tmp-rpb-glibc/sysroots-components/x86_64/go-md2man-native/usr/bin/go-md2man: -in string Path to file to be processed (default: stdin) -out string Path to output processed file (default: stdout) (From OE-Core rev: b611c77e4883ad81a8f40cbee3fea006500735ed) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44b397daa68b4d0a461225fe9ff7db8b5fcfdb7b) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
 Joerg Vehlow
|
04b2e68c4f |
go: Always pass interpreter to linker
When gos internal linker is used, it uses hardcoded paths to the interpreter (dynamic linker). For x86_64 this hardcoded path is /lib64/ld-linux-x86-64.so.2, but yocto's default dynamic linker path is /lib64/ld-linux-x86-64.so.2. Most of the time, the internal linker is not used and binutils linker sets the correct path, but sometimes the internal linker is used and the resulting binary will not work on x86_64. To ensure the path is always correct, pass it to the linker. (From OE-Core rev: 69128ca66991b13358f2552fcd5a7cfa6dda4952) Signed-off-by: Joerg Vehlow <joerg.vehlow@aox.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6b54215074d7f3dbba07f096f16b9c0acf51527c) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Steve Sakoman <steve@sakoman.com> |
||
|
Vijay Anusuri
|
8d93dec85f |
binutils: Rename CVE-2022-38126 patch to CVE-2022-35205
CVE-2022-38126 has been marked "REJECT" in the CVE List by NVD. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-38126 As commit changes in 0016-CVE-2022-38126.patch fixes CVE-2022-35205. Hence renamed the patch. Link: https://ubuntu.com/security/CVE-2022-35205 (From OE-Core rev: d91af23e4fef0f1999c18fc3a43085b70e98dfd5) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> |