| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following CVEs:
- CVE-2022-2257
- CVE-2022-2264
- CVE-2022-2284
- CVE-2022-2285
- CVE-2022-2286
- CVE-2022-2287
(From OE-Core rev: 3230e5f734f69acfe05219da104e8818445c9eff)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 03c044a81a76b7505b9d5bf0d936dde75b51905e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms (CVE-2022-2097)
(From OE-Core rev: 6031eecee8ac8bed1c43a04ecf06ed08014346f2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Autobuilder workers were non-deterministically enabling capstone
depending on whether the worker had libcapstone installed.
Add PACKAGECONFIG for capstone with default off, since qemu does not
require capstone support.
Qemu version in dunfell has capstone in the source tree as a submodule
and has configure options to enable it using that source code or using
the system libcapstone.
Qemu versions in master and kirkstone have removed the capstone
submodule and configure options, but added libcapstone autodetection to
meson.
In all cases using PACKAGECONFIG will allow a deterministic build.
(From OE-Core rev: af25fff399fa623b4fd6efbca21e01ea6b4d1fd7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 052ef1f14d1e6a5ee34f742f65e51b20b416f79f)
Signed-off-by: Steve Sakoman <steve@sakoman.com
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[YOCTO #14851]
Under some circumstances it is not desirable to create a combined locale
archive (/usr/lib/locale/locale-archive).
The new variable IMAGE_LOCALES_ARCHIVE defaults to '1', so the default
behaviour is not changed.
Modified to work with code before move to lib/oe/package_manager
(From OE-Core rev: af32908dfcebbc0f617ad828d895f504c37ee2d1)
Signed-off-by: Michael Thalmeier <michael.thalmeier@hale.at>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8d78b819c2ec33fce3a34254fa90864ee5fa7617)
Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Otherwise the SDK fails to build as the main openssh and dropbear packages
conflict with each other
(From OE-Core rev: 7bc7d4d24ee05a3bbb9a82ff1089da5d162c8497)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 4667abcc925ae0c430cccb480ec530506f6201ae)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Otherwise the SDK fails to build as the main openssh and dropbear packages
conflict with each other
(From OE-Core rev: e863fc060940d11cd6fd58f0f314333ed419cf54)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit f90647e9dd95cfd29b5bdb8d7dcd688a10fc060c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Seems sad to have to do this but openssh is moving to use sftp instead
of scp to move files. This means scp from Fedora 36 will no longer be
able to move files to/from a dropbear based image. This breaks a number
of our key QA tests and I suspect will cause users pain too.
The sftp server from openssh is small (200kb uncompressed) and standalone
so adding it to the packagegroup seems to be the best way to preserve user
sanity. If people really don't want it, they can just use dropbear instead
of the packageground.
(From OE-Core rev: 93796b2787c410385d3176495e5307327449d2f7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a98188e83b2c027d99cc38e3367e1ec2a98efbb0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fedora is switching to use sftp as the backend for scp. This means the
scp test fails on Fedora 36 hosts with a dropbear target as dropbear
doesn't support sftp. This change is in the upstream openssh code, other
distros have not yet changed the default but probably will follow.
The easiest way to resolve test failures in dropbear images is to stop
testing this against dropbear as it is no longer expected to work and will
likely spread as the change filters through other distros.
(From OE-Core rev: e7fb95c0b22b52b253f8d0ff10426bee9967854e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a71fc7d455400f406b0d607be712a1133fe91166)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Upstream has changed branch name to main from master. Change SRC_URI
accordingly.
(From OE-Core rev: f7af3c555d9ddef54264fa7da911507bca3eecb4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest korg -stable release that comprises
the following commits:
871cbc208bf0 Linux 5.4.203
572cc34503d4 crypto: arm/ghash-ce - define fpu before fpu registers are referenced
3bf992f9d9a8 crypto: arm - use Kconfig based compiler checks for crypto opcodes
1b43c30cd5d5 ARM: 9029/1: Make iwmmxt.S support Clang's integrated assembler
9e00e5d195ed ARM: OMAP2+: drop unnecessary adrl
3657432a75e3 ARM: 8929/1: use APSR_nzcv instead of r15 as mrc operand
02c200fdba46 ARM: 8933/1: replace Sun/Solaris style flag on section directive
54e6ecd5b7ca crypto: arm/sha512-neon - avoid ADRL pseudo instruction
5e6f80033286 crypto: arm/sha256-neon - avoid ADRL pseudo instruction
e120403c0e7c ARM: 8971/1: replace the sole use of a symbol with its definition
0a43679016f0 ARM: 8990/1: use VFP assembler mnemonics in register load/store macros
472671eec98a ARM: 8989/1: use .fpu assembler directives instead of assembler arguments
2bfb0d43a47c net: mscc: ocelot: allow unregistered IP multicast flooding
223d551a6681 kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
ab3ed204a146 powerpc/ftrace: Remove ftrace init tramp once kernel init is complete
77e2ad091850 drm: remove drm_fb_helper_modinit
9ef3ad40a81f Linux 5.4.202
ceda71d49f6b powerpc/pseries: wire up rng during setup_arch()
ece983890287 kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt)
2a81e813141e random: update comment from copy_to_user() -> copy_to_iter()
80f0038d757e modpost: fix section mismatch check for exported init/exit sections
d1359e4129ad ARM: cns3xxx: Fix refcount leak in cns3xxx_init
29ca9c4efacc ARM: Fix refcount leak in axxia_boot_secondary
734a4d15142b soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
f9b77a529375 ARM: exynos: Fix refcount leak in exynos_map_pmu
615907ccc421 ARM: dts: imx6qdl: correct PU regulator ramp delay
93e6137d2a5b powerpc/powernv: wire up rng during setup_arch
97808c781721 powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
b6232979320a powerpc: Enable execve syscall exit tracepoint
e0701f150b28 parisc: Enable ARCH_HAS_STRICT_MODULE_RWX
e5234a9d64a9 xtensa: Fix refcount leak bug in time.c
a52972ee706b xtensa: xtfpga: Fix refcount leak bug in setup
f0fc7cdf5f19 iio: adc: axp288: Override TS pin bias current for some models
11c7ea38be91 iio: adc: stm32: fix maximum clock rate for stm32mp15x
5e39397d60da iio: trigger: sysfs: fix use-after-free on remove
6d2e68d02171 iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
1ad6d668543d iio: accel: mma8452: ignore the return value of reset operation
a391bced8404 iio:accel:mxc4005: rearrange iio trigger get and register
23c158caa032 iio:accel:bma180: rearrange iio trigger get and register
8ea16a64aafc iio:chemical:ccs811: rearrange iio trigger get and register
2333db14d875 usb: chipidea: udc: check request status before setting device address
47e41b4dabbf xhci: turn off port power in shutdown
d62d1c606db0 iio: adc: vf610: fix conversion mode sysfs node name
741b6c8363c2 s390/cpumf: Handle events cycles and instructions identical
4837d1c81223 gpio: winbond: Fix error code in winbond_gpio_get()
bb18ad00c0b7 Revert "net/tls: fix tls_sk_proto_close executed repeatedly"
8c7a32b7c155 virtio_net: fix xdp_rxq_info bug after suspend/resume
28a78414f21e igb: Make DMA faster when CPU is active on the PCIe link
a5ed066bc246 regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
844168a5dabf ice: ethtool: advertise 1000M speeds properly
e3a232e57670 afs: Fix dynamic root getattr
cacab1e620e0 MIPS: Remove repetitive increase irq_err_count
788c954f194c x86/xen: Remove undefined behavior in setup_features()
c7bdaad9cbfe udmabuf: add back sanity check
05c6c36c7931 net/tls: fix tls_sk_proto_close executed repeatedly
02da602bc2f3 erspan: do not assume transport header is always set
d1592d3e362c drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
f1f9c2a5a3d9 net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
47d31b97bf47 bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
104a59b74577 phy: aquantia: Fix AN when higher speeds than 1G are not advertised
8ffe2e50e967 bpf: Fix request_sock leak in sk lookup helpers
f074ab253988 USB: serial: option: add Quectel RM500K module support
ea7b23eadebc USB: serial: option: add Quectel EM05-G modem
613c849d73df USB: serial: option: add Telit LE910Cx 0x1250 composition
ae183969bd66 random: quiet urandom warning ratelimit suppression message
06a24ddba93a dm mirror log: clear log bits up to BITS_PER_LONG boundary
1f350f3cf0c1 dm era: commit metadata in postsuspend after worker stops
0e75acbe1b76 ata: libata: add qc->flags in ata_qc_complete_template tracepoint
71c76f56b97c mtd: rawnand: gpmi: Fix setting busy timeout setting
c8d37e6ca180 mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
af28f602df74 net: openvswitch: fix parsing of nw_proto for IPv6 fragments
6fda65dabd3e ALSA: hda/realtek: Add quirk for Clevo PD70PNT
5fbad99e76c0 ALSA: hda/realtek - ALC897 headset MIC no sound
cf81f367cf81 ALSA: hda/conexant: Fix missing beep setup
eca9b5e36e24 ALSA: hda/via: Fix missing beep setup
1df5178fdebe random: schedule mix_interrupt_randomness() less often
c87e851b23e5 vt: drop old FONT ioctls
23db944f754e Linux 5.4.201
3994d2ee55e2 Revert "hwmon: Make chip parameter for with_info API mandatory"
7b9c3bfbad25 arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
2e1591c27b95 tcp: drop the hash_32() part from the index calculation
c26e1addf157 tcp: increase source port perturb table to 2^16
77d29f3b18c4 tcp: dynamically allocate the perturb table used by source ports
7c0a777b7dbd tcp: add small random increments to the source port
53c5de3092ad tcp: use different parts of the port_offset for index and offset
95921a3bab76 tcp: add some entropy in __inet_hash_connect()
bdcbf2602feb usb: gadget: u_ether: fix regression in setting fixed MAC address
2577d67a9a8a dm: remove special-casing of bio-based immutable singleton target on NVMe
4143503b486a s390/mm: use non-quiescing sske for KVM switch to keyed guest
f0c280af0ec7 Linux 5.4.200
ab8dff4b716e powerpc/mm: Switch obsolete dssall to .long
1a48a41f1422 riscv: Less inefficient gcc tishift helpers (and export their symbols)
2464a1c0de53 RISC-V: fix barrier() use in <vdso/processor.h>
490a02cd8205 arm64: kprobes: Use BRK instead of single-step when executing instructions out-of-line
ef6f9ce0a79a net: openvswitch: fix leak of nested actions
6bb3c77c74f5 net: openvswitch: fix misuse of the cached connection on tuple changes
b47319b4aa21 net/sched: act_police: more accurate MTU policing
13fbdea1184b virtio-pci: Remove wrong address verification in vp_del_vqs()
80e4d8a27451 ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
119e0268cc1c ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8
fba542891767 ext4: add reserved GDT blocks check
4ca0d2f1e04e ext4: make variable "count" signed
a6b31616e5af ext4: fix bug_on ext4_mb_use_inode_pa
ae4603128751 dm mirror log: round up region bitmap size to BITS_PER_LONG
64d2df648003 serial: 8250: Store to lsr_save_flags after lsr read
b75bddfcc181 usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
6506aff2dc2f usb: dwc2: Fix memory leak in dwc2_hcd_init
940653b51c33 USB: serial: io_ti: add Agilent E5805A support
31363b2b868e USB: serial: option: add support for Cinterion MV31 with new baseline
d0c3730f2763 comedi: vmk80xx: fix expression for tx buffer size
bf833c484881 i2c: designware: Use standard optional ref clock implementation
8d884c08eeb8 irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions
58e67c81e229 irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions
56526c3883fc irqchip/gic/realview: Fix refcount leak in realview_gic_of_init
4695bafabf5b faddr2line: Fix overlapping text section failures, the sequel
1b34d6a93832 certs/blacklist_hashes.c: fix const confusion in certs blacklist
fb775ee3cfff arm64: ftrace: fix branch range checks
0e21311ba459 net: bgmac: Fix an erroneous kfree() in bgmac_remove()
c19cdd72b3ec mlxsw: spectrum_cnt: Reorder counter pools
c03304dc4234 misc: atmel-ssc: Fix IRQ check in ssc_probe
f7183c76d500 tty: goldfish: Fix free_irq() on remove
ff6e03fe84bc i40e: Fix call trace in setup_tx_descriptors
4b94408e1617 i40e: Fix calculating the number of queue pairs
43f65970eeb2 i40e: Fix adding ADQ filter to TC0
cff3a7ce6e81 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()
11c870c0b532 pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
e32fe87afcfe random: credit cpu and bootloader seeds by default
9e4cab02b7ec net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag
2f42389d270f ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
6b4d8b44e716 nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
786428a1dec2 virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed
aacb264d54c4 ALSA: hda/realtek - Add HW8326 support
ff882404dff7 scsi: pmcraid: Fix missing resource cleanup in error case
c48119223618 scsi: ipr: Fix missing/incorrect resource cleanup in error case
fe0855944a64 scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion
1f1be79189fd scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
001de3d8ce82 scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
9e3a0d3fc71c ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put()
bc046649c5d6 ASoC: es8328: Fix event generation for deemphasis control
a81f5a7f7a20 ASoC: wm8962: Fix suspend while playing music
253334f84c81 ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
052cd621acbf ASoC: cs42l56: Correct typo in minimum level for SX volume controls
6d180913b3ab ASoC: cs42l52: Correct TLV for Bypass Volume
385a031c56a9 ASoC: cs53l30: Correct number of volume levels on SX controls
675b6a49cf70 ASoC: cs35l36: Update digital volume TLV
b00f63dba5b8 ASoC: cs42l52: Fix TLV scales for mixer controls
cd8c1e6c01f1 dma-debug: make things less spammy under memory pressure
a45e19fd6ed8 ASoC: nau8822: Add operation for internal PLL off and on
348831a9e8aa powerpc/kasan: Silence KASAN warnings in __get_wchan()
5624055c8f4b random: account for arch randomness in bits
c0bf6bfce70a random: mark bootloader randomness code as __init
f96250197b43 random: avoid checking crng_ready() twice in random_init()
072cd87d12a8 crypto: drbg - make reseeding from get_random_bytes() synchronous
e9eb0c4741a7 crypto: drbg - always try to free Jitter RNG instance
f284afc3a9ca crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
babba4bf53a6 crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
1b93b302e942 crypto: drbg - prepare for more fine-grained tracking of seeding state
98e574a73414 crypto: drbg - always seeded with SP800-90B compliant noise source
61f87ea3f957 Revert "random: use static branch for crng_ready()"
3faf33a85650 random: check for signals after page of pool writes
2177cef53ec9 random: wire up fops->splice_{read,write}_iter()
35db2a073118 random: convert to using fops->write_iter()
43e62db84a99 random: convert to using fops->read_iter()
c23188facd10 random: unify batched entropy implementations
1aeedbe02b5c random: move randomize_page() into mm where it belongs
ceaf1feefe6e random: move initialization functions out of hot pages
d3bf98d61fb6 random: make consistent use of buf and len
70fce7f105bb random: use proper return types on get_random_{int,long}_wait()
d05948dc23e6 random: remove extern from functions in header
d8b4296417ea random: use static branch for crng_ready()
087a14b9cf9b random: credit architectural init the exact amount
ac48f7bee198 random: handle latent entropy and command line from random_init()
736a22645d98 random: use proper jiffies comparison macro
3266fba20661 random: remove ratelimiting for in-kernel unseeded randomness
c5373bd6e4fb random: move initialization out of reseeding hot path
0747ad152fa1 random: avoid initializing twice in credit race
0baeec0effc7 random: use symbolic constants for crng_init states
55d64df3ad5b siphash: use one source of truth for siphash permutations
e4e8a9f8a616 random: help compiler out with fast_mix() by using simpler arguments
bf3b51eb0f13 random: do not use input pool from hard IRQs
6d4203a2cddc random: order timer entropy functions below interrupt functions
58da574f105a random: do not pretend to handle premature next security model
e739d5bd1466 random: use first 128 bits of input as fast init
c44f8b386376 random: do not use batches when !crng_ready()
e247ea8d97bf random: insist on random_get_entropy() existing in order to simplify
9bfbcb37e5f6 xtensa: use fallback for random_get_entropy() instead of zero
fa15650b51f6 sparc: use fallback for random_get_entropy() instead of zero
9dfc14590c5d um: use fallback for random_get_entropy() instead of zero
0cc41e2c73f7 x86/tsc: Use fallback for random_get_entropy() instead of zero
f2a6e8727084 nios2: use fallback for random_get_entropy() instead of zero
db1d13fe4c80 arm: use fallback for random_get_entropy() instead of zero
6fa912f987fa mips: use fallback for random_get_entropy() instead of just c0 random
36f38f838c5b m68k: use fallback for random_get_entropy() instead of zero
a7d04ca9da61 timekeeping: Add raw clock fallback for random_get_entropy()
eb2f9d72f32a powerpc: define get_cycles macro for arch-override
10455a367c33 alpha: define get_cycles macro for arch-override
5f0b77ca1978 parisc: define get_cycles macro for arch-override
80459abc9fee s390: define get_cycles macro for arch-override
73385644490a ia64: define get_cycles macro for arch-override
5fac86663976 init: call time_init() before rand_initialize()
b88ae87b100c random: fix sysctl documentation nits
465425748359 random: document crng_fast_key_erasure() destination possibility
ec07b3494517 random: make random_get_entropy() return an unsigned long
fe156368f987 random: allow partial reads if later user copies fail
70788723da70 random: check for signals every PAGE_SIZE chunk of /dev/[u]random
2ce859d91fe9 random: check for signal_pending() outside of need_resched() check
0e8030c9e03d random: do not allow user to keep crng key around on stack
95aed891f7be random: do not split fast init input in add_hwgenerator_randomness()
1d53d5a0973e random: mix build-time latent entropy into pool at init
0aba75c6173d random: re-add removed comment about get_random_{u32,u64} reseeding
81ea8a609b48 random: treat bootloader trust toggle the same way as cpu trust toggle
a08d52a6081b random: skip fast_init if hwrng provides large chunk of entropy
8320bc665c29 random: check for signal and try earlier when generating entropy
3a53b818bb0e random: reseed more often immediately after booting
905759e0fc17 random: make consistent usage of crng_ready()
ad4c6bd98c54 random: use SipHash as interrupt entropy accumulator
631503001ccf random: replace custom notifier chain with standard one
1ae73fb2a635 random: don't let 644 read-only sysctls be written to
ed409757100b random: give sysctl_random_min_urandom_seed a more sensible value
75d95c1b5dea random: do crng pre-init loading in worker rather than irq
219c84fe93e5 random: unify cycles_t and jiffies usage and types
673637c4c9e0 random: cleanup UUID handling
4d5151cc288a random: only wake up writers after zap if threshold was passed
ac0081dec7d6 random: round-robin registers as ulong, not u32
62cd795e465a random: clear fast pool, crng, and batches in cpuhp bring up
a7f8f385bb6f random: pull add_hwgenerator_randomness() declaration into random.h
ff607fc7607d random: check for crng_init == 0 in add_device_randomness()
20788eb4ce70 random: unify early init crng load accounting
49567f947735 random: do not take pool spinlock at boot
4a61bf7f9b18 random: defer fast pool mixing to worker
944d1bd0e5be random: rewrite header introductory comment
c0e35949c736 random: group sysctl functions
d946084180ee random: group userspace read/write functions
565a66043bdf random: group entropy collection functions
f2d587c493fc random: group entropy extraction functions
a8786d54762f random: group crng functions
c12dfec1aacf random: group initialization wait functions
22e3db57ab94 random: remove whitespace and reorder includes
cee64be60591 random: remove useless header comment
904e6123c400 random: introduce drain_entropy() helper to declutter crng_reseed()
47c56790d51c random: deobfuscate irq u32/u64 contributions
e280b79c3127 random: add proper SPDX header
776927dfd4ac random: remove unused tracepoints
d68883956d36 random: remove ifdef'd out interrupt bench
4a14a5a6969a random: tie batched entropy generation to base_crng generation
d8a6684950c1 random: fix locking for crng_init in crng_reseed()
b1d561138150 random: zero buffer after reading entropy from userspace
21da00f8cb3a random: remove outdated INT_MAX >> 6 check in urandom_read()
b530684129b2 random: make more consistent use of integer types
3eed6af93ecd random: use hash function for crng_slow_load()
cee3c7056900 random: use simpler fast key erasure flow on per-cpu keys
ea9941fd6e26 random: absorb fast pool into input pool after fast load
a3562bf4e8c9 random: do not xor RDRAND when writing into /dev/random
574c8839504b random: ensure early RDSEED goes through mixer on init
d3d3c1c214c3 random: inline leaves of rand_initialize()
817315517af9 random: get rid of secondary crngs
c15fc80b7df0 random: use RDSEED instead of RDRAND in entropy extraction
72db8151c889 random: fix locking in crng_fast_load()
7229c6d90a1a random: remove batched entropy locking
6c8911579221 random: remove use_input_pool parameter from crng_reseed()
4ef908fb81d9 random: make credit_entropy_bits() always safe
42a9a7e80750 random: always wake up entropy writers after extraction
373ef51f3e8a random: use linear min-entropy accumulation crediting
a1a2bae5ef93 random: simplify entropy debiting
4e5814bd2e75 random: use computational hash for entropy extraction
99a0f8e22d4c random: only call crng_finalize_init() for primary_crng
88609b892fdd random: access primary_pool directly rather than through pointer
0b9f9b94f1ea random: continually use hwgenerator randomness
811e333c4eb2 random: simplify arithmetic function flow in account()
56de23dcf9d0 random: selectively clang-format where it makes sense
86eac12b1cf5 random: access input_pool_data directly rather than through pointer
4f5400ca7fc1 random: cleanup fractional entropy shift constants
1b6f1d32a858 random: prepend remaining pool constants with POOL_
0fe4a64fd946 random: de-duplicate INPUT_POOL constants
e35576c4cb18 random: remove unused OUTPUT_POOL constants
74cb3093f2de random: rather than entropy_store abstraction, use global
14652d864280 random: remove unused extract_entropy() reserved argument
12f17e3f3a14 random: remove incomplete last_data logic
adcbbb44ccc1 random: cleanup integer types
4ac4c7f057ff random: cleanup poolinfo abstraction
5c3818e3bd7b random: fix typo in comments
0a7e65810269 random: don't reset crng_init_cnt on urandom_read()
8d7c55563ed0 random: avoid superfluous call to RDRAND in CRNG extraction
8b4695640bc5 random: early initialization of ChaCha constants
cfc69065005e random: initialize ChaCha20 constants with correct endianness
922d082e3363 random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
565b3af16894 random: harmonize "crng init done" messages
346c4a697c29 random: mix bootloader randomness into pool
afce74c0c04f random: do not re-init if crng_reseed completes before primary init
d76758c71209 random: do not sign extend bytes for rotation when mixing
c2f0a89cd1d5 random: use BLAKE2s instead of SHA1 in extraction
6e6ae70c1eac random: remove unused irq_flags argument from add_interrupt_randomness()
2580b0b3fd5a random: document add_hwgenerator_randomness() with other input functions
3cc36a4aa1ca crypto: blake2s - adjust include guard naming
09342a544c4b crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
f850f3643d6b MAINTAINERS: co-maintain random.c
967e3a136f9b random: remove dead code left over from blocking pool
610f0b439a6b random: avoid arch_get_random_seed_long() when collecting IRQ randomness
ad3fce669105 random: add arch_get_random_*long_early()
41b0d3e86c50 powerpc: Use bool in archrandom.h
89533373e11c linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
0222f9f1d168 linux/random.h: Use false with bool
15f93060b718 linux/random.h: Remove arch_has_random, arch_has_random_seed
a95ed04e21da s390: Remove arch_has_random, arch_has_random_seed
aab52172d9f9 powerpc: Remove arch_has_random, arch_has_random_seed
35e28a05f659 x86: Remove arch_has_random, arch_has_random_seed
98f749e29728 random: avoid warnings for !CONFIG_NUMA builds
c13b9c3627d8 random: split primary/secondary crng init paths
c070b07aaf34 random: remove some dead code of poolinfo
898498bb4414 random: fix typo in add_timer_randomness()
2c53d6d6a7be random: Add and use pr_fmt()
f3375cfe31bc random: convert to ENTROPY_BITS for better code readability
9f757cad20b7 random: remove unnecessary unlikely()
4431c366fe23 random: remove kernel.random.read_wakeup_threshold
ec134003cc39 random: delete code to pull data into pools
a9564e14c6dd random: remove the blocking pool
940cbc47b369 random: make /dev/random be almost like /dev/urandom
c4edc1055c11 random: ignore GRND_RANDOM in getentropy(2)
7f9f864af021 random: add GRND_INSECURE to return best-effort non-cryptographic bytes
479d39707ff7 random: Add a urandom_read_nowait() for random APIs that don't warn
69441ba56f13 random: Don't wake crng_init_wait when crng_init == 1
69ef3109d422 random: don't forget compat_ioctl on urandom
927fc225af29 compat_ioctl: remove /dev/random commands
996fba14fa35 lib/crypto: sha1: re-roll loops to reduce code size
c4f48374407b lib/crypto: blake2s: move hmac construction into wireguard
97126d2f65b3 crypto: blake2s - generic C library implementation and selftest
76101f1b7f59 nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
e804587ecdcd bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
f91da317e6fa 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
(From OE-Core rev: 6126f40a7ce1c55638277e45c084b82364a654b6)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest korg -stable release that comprises
the following commits:
a31bd366116c Linux 5.4.199
4cc40b1022bb x86/speculation/mmio: Print SMT warning
d49c22094e6f KVM: x86/speculation: Disable Fill buffer clear within guests
d96159263593 x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
bc64f38b5a38 x86/speculation/srbds: Update SRBDS mitigation selection
020ce7495cfc x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
8d25482fc96a x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
7f898baa2044 x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
0800f1b45bf6 x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
ae649e0cbf76 x86/speculation: Add a common function for MD_CLEAR mitigation update
814ccb673035 x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
91f8147c8371 Documentation: Add documentation for Processor MMIO Stale Data
1e9f4e8a7aa9 x86/cpu: Add another Alder Lake CPU to the Intel family
45e744de251c x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family
79568d551570 x86/cpu: Add Jasper Lake to Intel family
9e2efaa5dd10 cpu/speculation: Add prototype for cpu_show_srbds()
9d6e67bf5090 Linux 5.4.198
602b338e3c3c tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
b35e08edb2c2 mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
0c12d7625502 md/raid0: Ignore RAID0 layout if the second zone has only one device
0c4bc0a2f825 powerpc/32: Fix overread/overwrite of thread_struct via ptrace
3c953d47eb1e Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
6ec537c50033 ixgbe: fix unexpected VLAN Rx in promisc mode on VF
24030768a7b4 ixgbe: fix bcast packets Rx on VF after promisc removal
3eca2c42daa4 nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
31f9c39b4a37 nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
4f4ab5004633 mmc: block: Fix CQE recovery reset success
0245434e381e ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
b651f70ed3a8 cifs: return errors during session setup during reconnects
850965edc861 ALSA: hda/conexant - Fix loopback issue with CX20632
6c04a2ae039b scripts/gdb: change kernel config dumping method
1a36f77dc23c vringh: Fix loop descriptors check in the indirect cases
a3f9b0afd8b4 nodemask: Fix return values to be unsigned
9b306339a511 cifs: version operations for smb20 unneeded when legacy support disabled
5cb13cdc180a s390/gmap: voluntarily schedule during key setting
69893d6d7f5c nbd: fix io hung while disconnecting device
8a7da4ced236 nbd: fix race between nbd_alloc_config() and module removal
1be608e1ee1f nbd: call genl_unregister_family() first in nbd_cleanup()
045045b522c6 x86/cpu: Elide KCSAN for cpu_has() and friends
460083de66c4 modpost: fix undefined behavior of is_arm_mapping_symbol()
28fd384c78d7 drm/radeon: fix a possible null pointer dereference
9223144fdd64 ceph: allow ceph.dir.rctime xattr to be updatable
7df12bee5415 Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
0331d261c398 scsi: myrb: Fix up null pointer access on myrb_cleanup()
cf6b9316879f md: protect md_unregister_thread from reentrancy
99e4c67a5581 watchdog: wdat_wdt: Stop watchdog when rebooting the system
6fd031799e7b kernfs: Separate kernfs_pr_cont_buf and rename_lock.
19f4b51b836d serial: msm_serial: disable interrupts in __msm_console_write()
52a0d88c3280 staging: rtl8712: fix uninit-value in r871xu_drv_init()
58762f1c63c7 staging: rtl8712: fix uninit-value in usb_read8() and friends
1bcfb95de192 clocksource/drivers/sp804: Avoid error on multiple instances
d472c78cc829 extcon: Modify extcon device to be created after driver data is set
fa0b2dd6829d misc: rtsx: set NULL intfdata when probe fails
d232ca0bbc7d usb: dwc2: gadget: don't reset gadget's driver->bus
3a7170a3de62 USB: hcd-pci: Fully suspend across freeze/thaw cycle
2dcec0bc142b drivers: usb: host: Fix deadlock in oxu_bus_suspend()
09a5958a2452 drivers: tty: serial: Fix deadlock in sa1100_set_termios()
c91a74b1f0f2 USB: host: isp116x: check return value after calling platform_get_resource()
64b05fa212c7 drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
1fbe033c5248 drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
8c014373f178 tty: Fix a possible resource leak in icom_probe
f6e07eb7ebec tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
1b04c934e1e6 lkdtm/usercopy: Expand size of "out of frame" object
ca2498cce875 iio: st_sensors: Add a local lock for protecting odr
ab75e02366e1 iio: dummy: iio_simple_dummy: check the return value of kstrdup()
36acb4d9ce55 drm: imx: fix compiler warning with gcc-12
8174acbef87b net: altera: Fix refcount leak in altera_tse_mdio_create
3d08bc3a5d9b ip_gre: test csum_start instead of transport header
957d298526b5 net/mlx5: fs, fail conflicting actions
8a6740fdc562 net/mlx5: Rearm the FW tracer after each tracer event
317260b3eb63 net: ipv6: unexport __init-annotated seg6_hmac_init()
ef6d2354de23 net: xfrm: unexport __init-annotated xfrm4_protocol_init()
6a90a44d5342 net: mdio: unexport __init-annotated mdio_bus_init()
978dcc55cf36 SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
180473e8e42a net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
7c8df6fad43d net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
e412b3d178ea bpf, arm64: Clear prog->jited_len along prog->jited
556720013c36 af_unix: Fix a data-race in unix_dgram_peer_wake_me().
b49c884146e2 xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
5b8d63489c3b netfilter: nf_tables: memleak flow rule from commit path
d5a1e7f33c88 ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
e0212033ff68 netfilter: nat: really support inet nat without l3 address
da99331fa621 xprtrdma: treat all calls not a bcall when bc_serv is NULL
48dea4d3a11f video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()
a2b3be930e79 NFSv4: Don't hold the layoutget locks across multiple RPC calls
83960276ffc9 dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
4917e43bca50 m68knommu: fix undefined reference to `_init_sp'
f6bdafbb9b04 m68knommu: set ZERO_PAGE() to the allocated zeroed page
27fdb4572344 i2c: cadence: Increase timeout per message if necessary
0a7a1fc7e71e f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
23b2163b887f tracing: Avoid adding tracer option before update_tracer_options
48c6ee7d6c61 tracing: Fix sleeping function called from invalid context on RT kernel
cc0aed22d33c mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
ff66ae4359ff perf c2c: Fix sorting in percent_rmt_hitm_cmp()
8b91d0dfc839 tipc: check attribute length for bearer name
c2eba68d185b afs: Fix infinite loop found by xfstest generic/676
d05c2fdf8e10 tcp: tcp_rtx_synack() can be called from process context
1bd2f7f38bac net: sched: add barrier to fix packet stuck problem for lockless qdisc
77b954ce2d64 net/mlx5e: Update netdev features after changing XDP state
a4c52440acf4 net/mlx5: Don't use already freed action pointer
00803d30518f nfp: only report pause frame configuration for physical device
8302620aeb94 ubi: ubi_create_volume: Fix use-after-free when volume creation failed
d3a4fff1e7e4 jffs2: fix memory leak in jffs2_do_fill_super
acf92b525723 modpost: fix removing numeric suffixes
a101793994c0 net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
2bd1faedb74d net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
be73e3bf6862 net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
51ed32c1cfcf s390/crypto: fix scatterwalk_unmap() callers in AES-GCM
80f6712f241c clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
e5d479d73f21 ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
5b110d940417 watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
593b595332bd driver core: fix deadlock in __device_attach
5d709f58c743 driver: base: fix UAF when driver_attach failed
3157118c1795 bus: ti-sysc: Fix warnings for unbind for serial
a724634b2a49 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
c3a16e7c8624 serial: stm32-usart: Correct CSIZE, bits, and parity
29d963635ee6 serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
5c01c19f64c7 serial: sifive: Sanitize CSIZE and c_iflag
841cab744cc0 serial: sh-sci: Don't allow CS5-6
942aa88467b9 serial: txx9: Don't allow CS5-6
eb8de4bac35a serial: rda-uart: Don't allow CS5-6
0de3d2344ee0 serial: digicolor-usart: Don't allow CS5-6
035bc3b734aa serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
1b3ae6d85069 serial: meson: acquire port->lock in startup()
d77f28c1bc9d rtc: mt6397: check return value after calling platform_get_resource()
d041e885749f clocksource/drivers/riscv: Events are stopped during CPU suspend
69a30b2ed620 soc: rockchip: Fix refcount leak in rockchip_grf_init
0f91755514b8 coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
47e4c42faab9 serial: sifive: Report actual baud base rather than fixed 115200
f2a16af2ee0a phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
b6b0f8904bd6 rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
088f449d9d3c iio: adc: sc27xx: Fine tune the scale calibration values
e5d48301d1fc iio: adc: sc27xx: fix read big scale voltage not right
0f57d139300f iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
bec18bb00f11 firmware: stratix10-svc: fix a missing check on list iterator
8ad7b3d9f838 usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
1026ee392ba3 rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
89d1b9dfccce pwm: lp3943: Fix duty calculation in case period was clamped
8e9f3f508a9c staging: fieldbus: Fix the error handling path in anybuss_host_common_probe()
67c2aa77b40e usb: musb: Fix missing of_node_put() in omap2430_probe
b78499772fa7 USB: storage: karma: fix rio_karma_init return
72ab0f6f2ba8 usb: usbip: add missing device lock on tweak configuration cmd
2f0ae93ec33c usb: usbip: fix a refcount leak in stub_probe()
077f58e469a6 tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get
7320308b189c tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
9ae3d073f7db tty: goldfish: Use tty_port_destroy() to destroy port
d88fdea1477c iio: adc: ad7124: Remove shift from scan_type
1aa30dc88372 staging: greybus: codecs: fix type confusion of list iterator variable
6c8c536e0020 pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
4faa6308e1b8 md: bcache: check the return value of kzalloc() in detached_dev_do_request()
5f62b21b7c93 block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
ccddf8cd411c bfq: Make sure bfqg for which we are queueing requests is online
8afc13b958bd bfq: Get rid of __bio_blkcg() usage
be1b78f94992 bfq: Remove pointless bfq_init_rq() calls
f885f55033a1 bfq: Drop pointless unlock-lock pair
97be7d13fbd4 bfq: Avoid merging queues with different parents
54073410537f MIPS: IP27: Remove incorrect `cpu_has_fpu' override
427c3c7ebd5f RDMA/rxe: Generate a completion for unsupported/invalid opcode
4946cfd1c8f0 Kconfig: add config option for asm goto w/ outputs
7ac21b24af85 phy: qcom-qmp: fix reset-controller leak on probe errors
d19fa8f25200 blk-iolatency: Fix inflight count imbalances and IO hangs on offline
8a068913d19d dt-bindings: gpio: altera: correct interrupt-cells
3b8c37780d11 docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
da9634374d41 ARM: pxa: maybe fix gpio lookup tables
1668ad103679 phy: qcom-qmp: fix struct clk leak on probe errors
2040b6076544 arm64: dts: qcom: ipq8074: fix the sleep clock frequency
8dd2e5f9c1f1 gma500: fix an incorrect NULL check on list iterator
a62591e36100 tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
77ec584d3de0 serial: pch: don't overwrite xmit->buf[0] by x_char
f6cb1470ba22 carl9170: tx: fix an incorrect use of list iterator
2ea49d6310c9 ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
b8ce58ab80fa rtl818x: Prevent using not initialized queues
6f4a489d8458 hugetlb: fix huge_pmd_unshare address update
73bdb2359dbc nodemask.h: fix compilation error with GCC12
6e071eaf5002 iommu/msm: Fix an incorrect NULL check on list iterator
9caad70819ae um: Fix out-of-bounds read in LDT setup
6cbe83680f01 um: chan_user: Fix winch_tramp() return value
3466e4265244 mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
cf465ecfe3a8 irqchip: irq-xtensa-mx: fix initial IRQ affinity
36bab24bb81b irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x
8858284dd749 RDMA/hfi1: Fix potential integer multiplication overflow errors
64623236263f Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug
532aa3f7a50c media: coda: Add more H264 levels for CODA960
adcea1c8eea8 media: coda: Fix reported H264 profile
f2c2ad538e49 mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write
16e993ac7c81 md: fix an incorrect NULL check in md_reload_sb
d0bdc809f788 md: fix an incorrect NULL check in does_sb_need_changing
3623f833e19b drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
8fa6eb03e3f5 drm/nouveau/clk: Fix an incorrect NULL check on list iterator
19323b3671a8 drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
c12984cdb077 drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
8e105178c26a scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
494685db0023 scsi: dc395x: Fix a missing check on list iterator
82bf8e7271fa ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
17ea63484975 dlm: fix missing lkb refcount handling
49cd9eb7b9a7 dlm: fix plock invalid read
f160e7b4b02a mm, compaction: fast_find_migrateblock() should return pfn in the target zone
665602c83776 PCI: qcom: Fix unbalanced PHY init on probe errors
c3919b10c45f PCI: qcom: Fix runtime PM imbalance on probe errors
c99306cf5983 PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
c27f744ceefa tracing: Fix potential double free in create_var_ref()
742736dc9c01 ACPI: property: Release subnode properties with data nodes
e157c8f87e8f ext4: avoid cycles in directory h-tree
17034d45ec44 ext4: verify dir block before splitting it
73fd5b192851 ext4: fix bug_on in ext4_writepages
0ab308d72af7 ext4: fix warning in ext4_handle_inode_extension
eaecf7ebfd5d ext4: fix use-after-free in ext4_rename_dir_prepare
f36736fbd484 netfilter: nf_tables: disallow non-stateful expression in sets earlier
28a8060a0bd2 bfq: Track whether bfq_group is still online
da9f3025d595 bfq: Update cgroup information before merging bio
31326bf55126 bfq: Split shared queues on move between cgroups
b1cda6dd2c44 efi: Do not import certificates from UEFI Secure Boot for T2 Macs
440d345d0274 fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
e0dddab01f94 iwlwifi: mvm: fix assert 1F04 upon reconfig
265bec4779a3 wifi: mac80211: fix use-after-free in chanctx code
9259227605df f2fs: fix fallocate to use file_modified to update permissions consistently
1f926457c3e7 f2fs: don't need inode lock for system hidden quota
12ffc0044aba f2fs: fix deadloop in foreground GC
54c116615c99 f2fs: fix to clear dirty inode in f2fs_evict_inode()
7361c9f2bd6a f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
f8b3c3fcf331 f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
7f51f2734555 perf jevents: Fix event syntax error caused by ExtSel
9eb684dc41d8 perf c2c: Use stdio interface if slang is not supported
e23eb2f43f4d iommu/amd: Increase timeout waiting for GA log enablement
db7ea8b261ef dmaengine: stm32-mdma: remove GISR1 register
8db59df7f582 video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
dcc00106c325 NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
3d216510f8af NFS: Don't report errors from nfs_pageio_complete() more than once
55f0fc32b2f2 NFS: Do not report flush errors in nfs_write_end()
59137943af75 NFS: Do not report EINTR/ERESTARTSYS as mapping errors
4826af9a07cf i2c: at91: Initialize dma_buf in at91_twi_xfer()
d77a0f2842b3 i2c: at91: use dma safe buffers
e4db5f4b680a iommu/mediatek: Add list_del in mtk_iommu_remove
5e47a7add3dd f2fs: fix dereference of stale list iterator after loop body
c8735252f93f Input: stmfts - do not leave device disabled in stmfts_input_open
addb192000d8 RDMA/hfi1: Prevent use of lock before it is initialized
6d8b9f574bca mailbox: forward the hrtimer if not queued and under a lock
49c1e32e7b3f mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
bcb6c4c5eb48 powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
2631fe5b53b5 macintosh: via-pmu and via-cuda need RTC_LIB
bc21634ce430 powerpc/perf: Fix the threshold compare group constraint for power9
cf0b52858f74 powerpc/64: Only WARN if __pa()/__va() called with bad addresses
bbc2b0ce6042 Input: sparcspkr - fix refcount leak in bbc_beep_probe
6d7b2cf5c7ed crypto: cryptd - Protect per-CPU resource by disabling BH.
3219ac364ac3 tty: fix deadlock caused by calling printk() under tty_port->lock
ded067f24b90 PCI: imx6: Fix PERST# start-up sequence
0b35a685d911 ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
203537caad3c proc: fix dentry/inode overinstantiating under /proc/${pid}/net
6cdb6582b566 powerpc/4xx/cpm: Fix return value of __setup() handler
337eef19aad8 powerpc/idle: Fix return value of __setup() handler
1d83f304215b powerpc/8xx: export 'cpm_setbrg' for modules
662b70a45b32 dax: fix cache flush on PMD-mapped pages
386e69e06817 drivers/base/node.c: fix compaction sysfs file leak
d1f908bd0100 pinctrl: mvebu: Fix irq_of_parse_and_map() return value
9282496aac8b nvdimm: Allow overwrite in the presence of disabled dimms
b0e4bafac896 firmware: arm_scmi: Fix list protocols enumeration in the base protocol
ffd3bed66b54 scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
829ea474876f mfd: ipaq-micro: Fix error check return value of platform_get_irq()
8c4eeab72608 powerpc/fadump: fix PT_LOAD segment for boot memory area
bbf58e97426d arm: mediatek: select arch timer for mt7629
e7a0d0c2802f crypto: marvell/cesa - ECB does not IV
de65c32ace9a misc: ocxl: fix possible double free in ocxl_file_register_afu
7f287d0c7001 ARM: dts: bcm2835-rpi-b: Fix GPIO line names
3a37022d48a5 ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
fd1c098b3bdd ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
e0bf7f084412 ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
e4594ca90b4e can: xilinx_can: mark bit timing constants as const
6077a1e637b3 KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry
9cccb3f6ed9a PCI: rockchip: Fix find_first_zero_bit() limit
f063429ac33f PCI: cadence: Fix find_first_zero_bit() limit
5543752a48ad soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
669575521633 soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
56b8d748ec43 ARM: dts: suniv: F1C100: fix watchdog compatible
754ef324b70b arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
60546c0b4b46 net/smc: postpone sk_refcnt increment in connect()
91121ee57414 rxrpc: Fix decision on when to generate an IDLE ACK
d7b16ee15fc6 rxrpc: Don't let ack.previousPacket regress
2fd958ae29fd rxrpc: Fix overlapping ACK accounting
5aa14dafd2b0 rxrpc: Don't try to resend the request if we're receiving the reply
91b34bf0409f rxrpc: Fix listen() setting the bar too high for the prealloc rings
0bfaff00d1a7 NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
9934025c4d66 ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()
b3461ccaa5d2 thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
449374565f34 drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
6832e36f156e drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
48d331a03b0d ext4: reject the 'commit' option on ext2 filesystems
3dc032375595 media: ov7670: remove ov7670_power_off from ov7670_remove
dc794fa2b3c4 sctp: read sk->sk_bound_dev_if once in sctp_rcv()
d43a87d66039 m68k: math-emu: Fix dependencies of math emulation support
6f55fac0af35 Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
c3c8c7e409d0 media: vsp1: Fix offset calculation for plane cropping
1310fc3538dc media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
83345b536599 media: exynos4-is: Change clk_disable to clk_disable_unprepare
b87d3a043b32 media: st-delta: Fix PM disable depth imbalance in delta_probe
12480f757810 media: aspeed: Fix an error handling path in aspeed_video_probe()
d2b1dc3a0432 scripts/faddr2line: Fix overlapping text section failures
0be5d9da5743 regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
18b907ff0ae4 ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
96fc3da6184a ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
ddb1a77f94d7 perf/amd/ibs: Use interrupt regs ip for stack unwinding
f2e2e934d2b6 Revert "cpufreq: Fix possible race in cpufreq online error path"
1253811c71e0 iomap: iomap_write_failed fix
6b8291e574a8 media: uvcvideo: Fix missing check to determine if element is found in list
ab888b1a9a6d drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
22d8424913b1 drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
b2aa2c4efe93 drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
cd4cfd99ec14 regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
db5a21f2dd62 x86/mm: Cleanup the control_va_addr_alignment() __setup handler
d2476a1fc50b irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
b97eb924a234 irqchip/exiu: Fix acknowledgment of edge triggered interrupts
9777de28cfea x86: Fix return value of __setup handlers
ee3901d7c7f4 virtio_blk: fix the discard_granularity and discard_alignment queue limits
a9b4599665e4 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
35d9a84e3b35 drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
2b3ed7547b1a drm/msm/hdmi: check return value after calling platform_get_resource_byname()
11709592b350 drm/msm/dsi: fix error checks and return values for DSI xmit functions
ef10d0c68e86 drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
db681127e96d perf tools: Add missing headers needed by util/data.h
31de06ef06a8 ASoC: rk3328: fix disabling mclk on pclk probe failure
ed8d5cf1dcad x86/speculation: Add missing prototype for unpriv_ebpf_notify()
1d0c4bc628ca x86/pm: Fix false positive kmemleak report in msr_build_context()
b889619eba6f scsi: ufs: core: Exclude UECxx from SFR dump list
e120d31d04bf of: overlay: do not break notify on NOTIFY_{OK|STOP}
b0be017bc59d fsnotify: fix wrong lockdep annotations
60d159e0d084 inotify: show inotify mask flags in proc fdinfo
2326d398ccd4 ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix
cd1f386120d0 cpufreq: Fix possible race in cpufreq online error path
e7f0fd6f2566 spi: img-spfi: Fix pm_runtime_get_sync() error checking
735b57a96088 sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
55fddbb1e278 drm/bridge: Fix error handling in analogix_dp_probe
f1d4f19a7965 HID: elan: Fix potential double free in elan_input_configured
75a89bc1baee HID: hid-led: fix maximum brightness for Dream Cheeky
3caa2d7943ca drbd: fix duplicate array initializer
65065f96d53e efi: Add missing prototype for efi_capsule_setup_info
fbf9c4c714d3 NFC: NULL out the dev->rfkill to prevent UAF
2c59535b6be0 spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
fa0d7ba25a53 drm: mali-dp: potential dereference of null pointer
797f8ee35f03 drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
1a994f1f1841 nl80211: show SSID for P2P_GO interfaces
93c0f9d78ddd bpf: Fix excessive memory allocation in stack_map_alloc()
c398c2149b17 drm/vc4: txp: Force alpha to be 0xff if it's disabled
8a60b54e41c9 drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
a0c890c0ae9f drm/mediatek: Fix mtk_cec_mask()
ea8b2ecc920d x86/delay: Fix the wrong asm constraint in delay_loop()
c71494f5f2b4 ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
23f340ed906c ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
e92b927fffb6 drm/bridge: adv7511: clean up CEC adapter when probe fails
224e1eef0386 drm/edid: fix invalid EDID extension block filtering
657734866839 ath9k: fix ar9003_get_eepmisc
ebede9aadfa3 drm: fix EDID struct for old ARM OABI format
e60ad83f645e RDMA/hfi1: Prevent panic when SDMA is disabled
cb4f2dc513e9 powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
6557555a86f3 macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
793b82d1c424 powerpc/powernv: fix missing of_node_put in uv_init()
537a317e5ff4 powerpc/xics: fix refcount leak in icp_opal_init()
a910e9613130 tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
c9a81f9ed6ae PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
e10905816513 ARM: hisi: Add missing of_node_put after of_find_compatible_node
2f46a955b6f5 ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
fcd1999ba974 ARM: versatile: Add missing of_node_put in dcscb_init
fd48cf8f972f fat: add ratelimit to fat*_ent_bread()
60ce637c194b powerpc/fadump: Fix fadump to work with a different endian capture kernel
41c7096286aa ARM: OMAP1: clock: Fix UART rate reporting algorithm
e54fd01178eb fs: jfs: fix possible NULL pointer dereference in dbFree()
a0180e324a9a PM / devfreq: rk3399_dmc: Disable edev on remove()
1995a60be7cb ARM: dts: ox820: align interrupt controller node name with dtschema
58e55f4f5a2a IB/rdmavt: add missing locks in rvt_ruc_loopback
56fd9dcfe10c selftests/bpf: fix btf_dump/btf_dump due to recent clang change
063d945795a0 eth: tg3: silence the GCC 12 array-bounds warning
88d730463e9b rxrpc: Return an error to sendmsg if call failed
1ec0bc72f5da hwmon: Make chip parameter for with_info API mandatory
a7a41dd47303 ASoC: max98357a: remove dependency on GPIOLIB
3cf43978ffd1 media: exynos4-is: Fix compile warning
1e5fbfc2a6f3 net: phy: micrel: Allow probing without .driver_data
9d1764b9266b nbd: Fix hung on disconnect request if socket is closed before
abe7554da62c ASoC: rt5645: Fix errorenous cleanup order
f76729662650 nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
69edf28d2c42 openrisc: start CPU timer early in boot
67fb49438858 media: cec-adap.c: fix is_configuring state
4172a34ef93f media: coda: limit frame interval enumeration to supported encoder frame sizes
8f2a5721cdc3 rtlwifi: Use pr_warn instead of WARN_ONCE
2d966c94adce ipmi: Fix pr_fmt to avoid compilation issues
2064a1eab2ec ipmi:ssif: Check for NULL msg when handling events and messages
17cfc9455830 ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
5a71f14a9b2e dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
6583d0d6ad6d spi: stm32-qspi: Fix wait_cmd timeout in APM mode
1651a95517fb s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES
890b16b4709d ASoC: tscs454: Add endianness flag in snd_soc_component_driver
00771de7cc28 HID: bigben: fix slab-out-of-bounds Write in bigben_probe
0d7074792bb9 drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
2317f3bfda6d mlxsw: spectrum_dcb: Do not warn about priority changes
121f56a9a832 ASoC: dapm: Don't fold register value changes into notifications
430af81135d5 net/mlx5: fs, delete the FTE when there are no rules attached to it
f857855a8a83 ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
b507f067e9fc drm: msm: fix error check return value of irq_of_parse_and_map()
efd183d988b4 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
a610cfe56c38 drm/amd/pm: fix the compile warning
1e29d829ad51 drm/plane: Move range check for format_count earlier
e1599ced6be1 scsi: megaraid: Fix error check return value of register_chrdev()
7923f95997a7 mmc: jz4740: Apply DMA engine limits to maximum segment size
0959aa00f976 md/bitmap: don't set sb values if can't pass sanity check
222292930c8e media: cx25821: Fix the warning when removing the module
fa636e9ee444 media: pci: cx23885: Fix the error handling in cx23885_initdev()
0ac84ab50712 media: venus: hfi: avoid null dereference in deinit
de16cdf0b73d ath9k: fix QCA9561 PA bias level
af832028af6f drm/amd/pm: fix double free in si_parse_power_table()
7bd0ac1e2345 tools/power turbostat: fix ICX DRAM power numbers
6266ab1f31fa spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction
f68bed124c76 ALSA: jack: Access input_dev under mutex
aea748501d09 drm/komeda: return early if drm_universal_plane_init() fails.
8ded0af90e97 ACPICA: Avoid cache flush inside virtual machines
c7b41fd76ce2 fbcon: Consistently protect deferred_takeover with console_lock()
4460066eb248 ipv6: fix locking issues with loops over idev->addr_list
8fb1b9beb085 ipw2x00: Fix potential NULL dereference in libipw_xmit()
303380919df7 b43: Fix assigning negative value to unsigned variable
60d515fd8797 b43legacy: Fix assigning negative value to unsigned variable
92225d3c2241 mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
f85cb059fad0 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
670f5e40d7b3 btrfs: repair super block num_devices automatically
622ced791ed8 btrfs: add "0x" prefix for unsupported optional features
0ca511204740 ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
f5faa24137d7 ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
e10356eae1c2 ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP
00c93ce2665c perf/x86/intel: Fix event constraints for ICL
1b767500d151 usb: core: hcd: Add support for deferring roothub registration
114790876393 USB: new quirk for Dell Gen 2 devices
7c5a52dd4d91 USB: serial: option: add Quectel BG95 modem
6b3ecb2d92a0 ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
1c6cfb9e8a5c binfmt_flat: do not stop relocating GOT entries prematurely on riscv
35c6471fd2c1 Linux 5.4.197
e00c2f22fbfa bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
a2235bc65ade NFSD: Fix possible sleep during nfsd4_release_lockowner()
f5b6bc69a792 NFS: Memory allocation failures are not server fatal errors
0490cd2aee18 docs: submitting-patches: Fix crossref to 'The canonical patch format'
72ef5d01fe37 tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
7ecd237e5036 tpm: Fix buffer access in tpm2_get_tpm_pt()
396d1f51764d HID: multitouch: Add support for Google Whiskers Touchpad
25f0e9459f94 raid5: introduce MD_BROKEN
fd2f7e998485 dm verity: set DM_TARGET_IMMUTABLE feature flag
f00597350210 dm stats: add cond_resched when looping over entries
65e6282f0d75 dm crypt: make printing of the key constant-time
a4415f39e3e8 dm integrity: fix error code in dm_integrity_ctr()
fc658c083904 zsmalloc: fix races between asynchronous zspage free and page migration
7632451ad926 crypto: ecrdsa - Fix incorrect use of vli_cmp
b16bb373988d netfilter: conntrack: re-fetch conntrack after insertion
1fe82bfd9e4c exec: Force single empty string when argv is empty
241b566e0403 drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
3dbab9e37ca1 cfg80211: set custom regdomain after wiphy registration
039fa25d95ce assoc_array: Fix BUG_ON during garbage collect
8c668da61bd0 drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers
fdcbdb3d089a i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
827980029d0f net: ftgmac100: Disable hardware checksum on AST2600
e619506ed010 net: af_key: check encryption module availability consistency
fa77d2a3a755 pinctrl: sunxi: fix f1c100s uart2 function
2208c31d864e ACPI: sysfs: Fix BERT error region memory mapping
92d4b5e14830 ACPI: sysfs: Make sparse happy about address space in use
5a73bd4f4710 media: vim2m: initialize the media device earlier
b7248281afb1 media: vim2m: Register video device after setting up internals
ab5b00cfe050 secure_seq: use the 64 bits of the siphash for port offset calculation
80cca53a48c8 tcp: change source port randomizarion at connect() time
9ce35dad5a1a Input: goodix - fix spurious key release events
bdbc7ef3eb2c staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
4f0750839421 x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
8bb828229da9 lockdown: also lock down previous kgdb use
(From OE-Core rev: 5503425172d832dae12bad6af8ca22ece454e4b0)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The license checksum changed due to a major version change in the referenced file.
(From OE-Core rev: cc245b75ebd8dfc4925a21e3ff08d841fef77635)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 89f34d8aa4f4572d048dbb732ca4c83d443157fb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This security upgrade fixes CVE-2022-2068 as per below link
Link: https://www.openssl.org/news/cl111.txt
Also, remove 73db5d82489b3ec09ccc772dfcee14fef0e8e908.patch and
b7ce611887cfac633aacc052b2e71a7f195418b8.patch as these two are part
1.1.1p now
(From OE-Core rev: a8283f9251f59d86f93f9d7cfd4c7e29c61e4631)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cve-check class writes temporary files to preserve state across the
build, and cleans them up in a CookerExit handler.
However, in memory-resident builds the cooker won't exit in between
builds, so the state isn't cleared and the CVE report generation fails:
NOTE: Generating JSON CVE summary
ERROR: Error adding the same package twice
Easily solved by hooking to BuildCompleted, instead of CookerExit.
(From OE-Core rev: ee3270709158aff463fec6798f3b8968268b4d4b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fccdcfd301de281a427bfee48d8ff47fa07b7259)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove obsolete comments/data from the file. Add in three CVEs to ignore.
Two are qemu CVEs which upstream aren't particularly intersted in and aren't
serious issues. Also ignore the nasm CVE found from fuzzing as this isn't
a issue we'd expose from OE.
(From OE-Core rev: b82c95720488eea8ea4b5684c9f89e4931085fa5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 68291026aab2fa6ee1260ca95198dd1d568521e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current home path that is compared against is incorrect as it is missing the
package name, this patch adds it.
[YOCTO #14553]
(From OE-Core rev: b75caf4a985e3c20996531785125eaffdc832104)
Signed-off-by: Ahmed Hossam <Ahmed.Hossam@opensynergy.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit ae8f22d9e2694eea5ede3b31c6f3bca404ea4a5a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Operations such as mkfs fail on devices that are not
switched to the actual rootfs before switch_root is
called. The kernel interprets these devices as still
being used even after unmounting and errors such as
below are seen when the target is fully booted
root@v1000:~# umount /dev/sdb1
root@v1000:~# mkfs.ext4 /dev/sdb1
mke2fs 1.43.8 (1-Jan-2018)
/dev/sdb1 contains a ext4 file system
last mounted on Wed Nov 28 07:33:54 2018
Proceed anyway? (y,N) y
/dev/sdb1 is apparently in use by the system; will not make a filesystem here!
(From OE-Core rev: ce27982c24d2398c9eadb9d4d9e7475509424195)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Muhammad Hamza <muhammad_hamza@mentor.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit ec53ffd01972d1be2d6a28de828b3f0b80dc1e61)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Linux kernel commit 14c174633f349 ("random: remove unused tracepoints")
removed unused tracepoints and has been backported to stable Linux kernel
releases. This causes build failure of lttng-modules:
"
lttng-modules-2.11.6/probes/lttng-probe-random.c:18:10: fatal error: trace/events/random.h: No such file or directory
| 18 | #include <trace/events/random.h>
| | ^~~~~~~~~~~~~~~~~~~~~~~
| compilation terminated.
"
Backport patches from lttng-modules master branch to address the build
failure on all of Linux 5.18.y, 5.15.y 5.10.y, 5.4, 4.19, 4.14, and 4.9 kernel versions.
(From OE-Core rev: 9f301f5563df868626d624c2d0781dae1b81a4c0)
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: a0415549af8d10f4915c519433b49ce812bd2324)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4c27711292f93dfad1ffdeab6d715becad32a4ff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add testcases for partial reports with CVE_CHECK_REPORT_PATCHED and
Ignored CVEs.
(From OE-Core rev: 577d297babd7b399f631c8a95155265f08c5e193)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry-picked from 3f7639b90004973782a2e74925fd2e9a764c1090)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
user to read the file content
Source: https://git.savannah.gnu.org/cgit/grub.git/
MR: 116495
Type: Security Fix
Disposition: Backport from https://git.savannah.gnu.org/cgit/grub.git/diff/util/grub-mkconfig.in?id=0adec29674561034771c13e446069b41ef41e4d4
ChangeID: fce3d59e50320bef247bb981352051b8f953a4fc
Description:
CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content.
Affects "grub2 < 2.06"
(From OE-Core rev: fd9dc688ead5cf0225cba94c380a618e332d548f)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ignored CVEs aren't patched, but do not apply in our configuration
for some reason. Up till now they were only partially supported
and reported as "Patched".
This patch adds separate reporting of Ignored CVEs. The variable
CVE_CHECK_REPORT_PATCHED now manages reporting of both patched
and ignored CVEs.
(From OE-Core rev: 14b3c0ca46a0aa97565a24b7a5116306237d7cfe)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry-picked from c773102d4828fc4ddd1024f6115d577e23f1afe4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add two fixes from debian for two CVEs. From:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355
I wans't able to get the reproducers to work but the added error
checking isn't probably a bad thing.
(From OE-Core rev: 097469513f6dea7c678438e71a152f4e77fe670d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 054be00a632c2918dd1f973e76514e459fc6f017)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Avoid a null pointer dereference.
(From OE-Core rev: 357791da82f767ad695e4476aa12fea3d7db5e04)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 36db85b9b127e5a9f5d3d6e428168cf597ab95f3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reading a very large header
Source: https://github.com/argoheyard/lang-net
MR: 114874
Type: Security Fix
Disposition: Backport from https://github.com/argoheyard/lang-net/commit/701957006ef151feb43f86aa99c8a1f474f69282
ChangeID: bd3c4f9f44dd1c45e810172087004778522d28eb
Description:
CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header.
(From OE-Core rev: 2850ef58f2a39a5ab19b1062d1b50160fec4daa8)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://go-review.googlesource.com/c/go
MR: 117551
Type: Security Fix
Disposition: Backport from https://go-review.googlesource.com/c/go/+/399816/
ChangeID: 347f22f93e8eaecb3d39f8d6c0fe5a70c5cf7b7c
Description:
CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode.
(From OE-Core rev: 6625e24a6143765ce2e4e08d25e3fe021bc2cdf6)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop 0001-Makefile-replace-mkdir-by-install.patch merged upstream.
License-Update: additional files
(From OE-Core rev: c6f5fb5e7545636ef7948ad1562548b7b64dac35)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91cd99267157e860a108282aee13e162e8c10572)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit bcc5a22cd2b25c777315fe9d677fc0338ae2ab68)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In some cases it is useful to be able to test the snapshot of
linux-firmware (e.g. to test if the updated firmware works on the
particular hardware). Allow building the linux-firmware snapshots.
To switch to the most recent branch, add the following lines to the
local.conf file:
PREFERRED_VERSION_linux-firmware = "1:20220509+git%"
SRCREV:class-devupstream = "${AUTOREV}"
WHENCE_CHKSUM:class-devupstream:pn-linux-firmware = "4288aad55d189fa225d492526b8406d5"
(From OE-Core rev: 6654baf267003ac62bc886901e5197fc211239f4)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b023570ae1d239de14b50a0e827582d0e84ddf81)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add ability to parse instance-specific conf files when
enabling an instance of a templated unit during postinstall.
(From OE-Core rev: f2d59bf2240eaf4c483edc4feb6e5d66b8dc387f)
Signed-off-by: Nick Potenski <nick.potenski@garmin.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit baa0ecf3271008cf60cd830c54a71f191aebb81c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
update include fixes for CVE-2022-1664.
(From OE-Core rev: 12169c1104adbfd9f5196fdbdab16536e98fd43f)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/golang/go
MR: 114884
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/44a3fb49
ChangeID: 7b28553d4e23828b20c3357b1cca79ee3ca18058
Description:
CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error.
(From OE-Core rev: b835c65845b1445e1bb547c192cb22c2db4c7e6f)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
references
Source: https://github.com/pypa/pip
MR: 113864
Type: Security Fix
Disposition: Backport from https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
ChangeID: 717948e217d6219d1f03afb4d984342d7dea4636
Description:
CVE-2021-3572 python-pip: Incorrect handling of unicode separators in git references.
(From OE-Core rev: 841a8fb5b6351f79a4d756232a544d1a6480c562)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using multiconfig with the same TMP folder we can have
races because the shared recipes like gcc-source run twice.
ARCHIVER_OUTDIR = ${ARCHIVER_TOPDIR}/${TARGET_SYS}/${PF}/
which includes TARGET_SYS and between the two different MACHINE values,
this changes from 'arm-poky-linux-gnueabi' to 'aarch64-poky-linux'.
This leads to the task running twice, once for each multiconfig.
To solve this we need to store the shared output in a common place
for all machines and in this way the stamps will be the same for each
machine so the gcc-source will on run once regardless of the machine used.
(From OE-Core rev: 135adeb82c9303c26193bb6f6bd3bc696793aa62)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5abe497aad39a6ce8d72556fcdda1938a0f8c1bc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some tasks may reference ${B} for gcc-source which in general would not exist.
It has dependencies on HOST_SYS and TARGET_SYS which are not appropriate for a
shared recipe like gcc-source. This causes problems for the archiver and
multiconfigs in particlar.
Set B to something else to avoid these task hash issues.
Acked-by: Jose Quaresma <jose.quaresma@foundries.io>
(From OE-Core rev: 14aa189c2e47a2c5a4a0099235a2605666651f74)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit beb2a76c591e985c6fc7ed473abd1bee27f955a2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Building busybox with CONFIG_LSATTR=y and installing that in the same
filesystem as e2fsprogs breaks:
ERROR: ... do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
Deferring to first boot via 'exit 1' is no longer supported.
Fix that by also alternatifying lsattr just as chattr already is.
(From OE-Core rev: 28090d32c88d99ea36a03f3bb723838746001e4b)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96703961eeb3460e9da26503d7942cc965d1e573)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When multilib enabled and add layers/meta-openembedded/meta-oe in
conf/bblayers.conf, it reports below error when run oe-selftest.
$ oe-selftest -r oescripts
[snip]
[20:36:33-0700] 2022-05-16 03:36:33,494 - oe-selftest - INFO - RESULTS - oescripts.OEListPackageconfigTests.test_packageconfig_flags_option_flags: FAILED (585.37s)
[snip]
It is because the output of "list-packageconfig-flags.py -f" as below:
$ ../scripts/contrib/list-packageconfig-flags.py -f
[snip]
qt lib32-pinentry lib32-wxwidgets nativesdk-pinentry pinentry pinentry-native wxwidgets wxwidgets-native
secret lib32-pinentry nativesdk-pinentry pinentry pinentry-native
[snip]
But the check logic as below:
class OEListPackageconfigTests(OEScriptTests):
#oe-core.scripts.List_all_the_PACKAGECONFIG's_flags
def check_endlines(self, results, expected_endlines):
for line in results.output.splitlines():
for el in expected_endlines:
if line.split() == el.split():
expected_endlines.remove(el)
break
def test_packageconfig_flags_option_flags(self):
results = runCmd('%s/contrib/list-packageconfig-flags.py -f' % self.scripts_dir)
expected_endlines = []
expected_endlines.append("PACKAGECONFIG FLAG RECIPE NAMES")
expected_endlines.append("qt nativesdk-pinentry pinentry pinentry-native")
expected_endlines.append("secret nativesdk-pinentry pinentry pinentry-native")
self.check_endlines(results, expected_endlines)
And the test will fail as line.split() doesn't equal el.split() as
line.split() is ['lib32-pinentry', 'lib32-wxwidgets', 'nativesdk-pinentry',
'pinentry', 'pinentry-native', 'wxwidgets', 'wxwidgets-native'] and
el.split() is ['nativesdk-pinentry', 'pinentry', 'pinentry-native'].
So change the compare logic to fix the gap.
(From OE-Core rev: 9eecfbfc957359b7933f1e1bde3aba1780dde202)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 239f22847bcae0cb31769adb0a42b5440173a7c5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: fd1ed873ec00fda2f58370770ad7aed039bdc470)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6420c8a6a8143f53ccad7ab2d56b2ba06db83099)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fixes:
oe-core/meta/lib/oe/rootfs.py:331: ResourceWarning: unclosed file <_io.TextIOWrapper name='pkgdata/mach/kernel-depmod/kernel-abiversion' mode='r' encoding='UTF-8'>
kernel_ver = open(kernel_abi_ver_file).read().strip(' \n')
(From OE-Core rev: b761150790231792b42a8eb534013f1e17b4efb3)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f9dd8ee063c1132265248457fcd628e1e93727be)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that begin_idx (i.e., beginline - 1) and end_idx (i.e.,
endline) are positive numbers in copy_license_files(). This makes sure
the same lines are copied as populate_lic_qa_checksum() uses when it
calculates the checksum. Before, beginline=0 would typically lead to
that no lines were copied at all.
(From OE-Core rev: 27cd074d747c5ef4b475c8a62a8ede2bbe58f996)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ab3cc3651d08d226675c461da760cda0bb6c0ce0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fix PACKAGECONFIG to refer to libavtp instead of avtp as this is what
the project and everything is really called everywhere.
(From OE-Core rev: a1b73bc6ba90fb079e514e4eeda8e231a950b9f4)
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8824d91fe2063195014c38c134b97946d3b429c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Several tasks deactivate exiting on non-zero return codes via set +e because
they run subcommands that have legitimate non-zero return codes. However when
appending to those tasks, this behavior is not expected and can lead to builds
silently proceeding in case of an error. Therefore reset the default behavior
at the end of the respective tasks via set -e.
(From OE-Core rev: 7777cc853db7200b819095be6f6a3561738ac94d)
Signed-off-by: Stefan Wiehler <stefan.wiehler@nokia.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 83a6f28d2e464f00202090e998a63045adba9e4e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Includes fixes for CVE-2022-1927, CVE-2022-1942.
(From OE-Core rev: 2bba60d687fb45a8367cb683a8e9d385384ad51a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e740b5c2227c0040621ae63436d06db4873670f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per debian, the issue is fixed by a feature called
"agent restriction" in openssh 8.9.
Urgency is unimportant as per debian, Hence this CVE is whitelisting.
Link:
https://security-tracker.debian.org/tracker/CVE-2021-36368
https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2
https://docs.ssh-mitm.at/trivialauth.html
(From OE-Core rev: 179b862e97d95ef57f8ee847e54a78b5f3f52ee7)
Signed-off-by: Pawan Badganchi <badganchipv@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In scheduler/cert.c the previous algorithm didn't expect the strings can
have a different length, so one string can be a substring of the other
and such substring was reported as equal to the longer string.
Backport patch from upstream to fix:
https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444
CVE: CVE-2022-26691
(From OE-Core rev: cc657868d31cc8b4218a07aa10fa098c379e473c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest korg -stable release that comprises
the following commits:
04b092e4a01a Linux 5.4.196
dba1941f5bc3 afs: Fix afs_getattr() to refetch file status if callback break occurred
ef5374d532ca i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe()
10a221e2d3d8 x86/xen: Mark cpu_bringup_and_idle() as dead_end_function
a12884ff4340 x86/xen: fix booting 32-bit pv guest
b2f140a9f980 Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
060f38b1dfb4 ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk
b38cf3cb17df firmware_loader: use kernel credentials when reading firmware
e14e3856e94d net: stmmac: disable Split Header (SPH) for Intel platforms
9ea8e6a8323e block: return ELEVATOR_DISCARD_MERGE if possible
36ac6caf742d Input: ili210x - fix reset timing
1c450bdf2e8c net: atlantic: verify hw_head_ lies within TX buffer ring
e5307704c4ad net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe()
91d8d7edf192 ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one()
dd5de66f5c8a selftests: add ping test with ping_group_range tuned
9919585e5f41 mac80211: fix rx reordering with non explicit / psmp ack policy
19e2cd737c16 scsi: qla2xxx: Fix missed DMA unmap for aborted commands
74168c2207a5 perf bench numa: Address compiler error on s390
d1915d9c9fa3 gpio: mvebu/pwm: Refuse requests with inverted polarity
3fdd67e83c42 gpio: gpio-vf610: do not touch other bits when set the target bit
1fe6dc5f5d19 net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.
622be11fa385 igb: skip phy status check where unavailable
eb92a8ecce23 ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
463a7b957db0 ARM: 9196/1: spectre-bhb: enable for Cortex-A15
1b93631c77c9 net: af_key: add check for pfkey_broadcast in function pfkey_process
c0be5fec786b net/mlx5e: Properly block LRO when XDP is enabled
3277789f332e NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc
b368e07fb44d net/qla3xxx: Fix a test in ql_reset_work()
d672eee9e404 clk: at91: generated: consider range when calculating best rate
8cb1a05fe38b ice: fix possible under reporting of ethtool Tx and Rx statistics
dc64e8874e87 net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
32f779e6fbbe net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
1eb2d7858155 net/sched: act_pedit: sanitize shift argument before usage
50f70ee30236 net: macb: Increment rx bd head after allocating skb and buffer
a42ffe88332c ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group
6493ff94c022 ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi
fe2a9469eca0 dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
8cf6c24ed488 drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
8be06f62b426 crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
f4a093215b8e KVM: x86/mmu: Update number of zapped pages even if page list is stable
de8745182749 PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
3a12b2c413b2 Fix double fget() in vhost_net_set_backend()
dd0ea88b0a0f perf: Fix sys_perf_event_open() race against self
c8a5e14cb407 ALSA: wavefront: Proper check of get_user() error
2f8f6c393b11 SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
975a0f14d5cd SUNRPC: Don't call connect() more than once on a TCP socket
aa4d71edd609 SUNRPC: Prevent immediate close+reconnect
2d6f096476e6 SUNRPC: Clean up scheduling of autoclose
f3fe8d13ac89 mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch()
def047ae1266 mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD
f10260f35992 mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC
1e93f939927d nilfs2: fix lockdep warnings during disk space reclamation
307d021b1a7f nilfs2: fix lockdep warnings in page operations for btree nodes
77b71a4c8767 ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame()
54f7358be14d platform/chrome: cros_ec_debugfs: detach log reader wq from devm
232128f6e60f drbd: remove usage of list iterator variable after loop
83abb076f473 MIPS: lantiq: check the return value of kzalloc()
e7947c031ffe rtc: mc146818-lib: Fix the AltCentury for AMD platforms
7be785032c05 nvme-multipath: fix hang when disk goes live over reconnect
ee0323cc8bbb ALSA: hda/realtek: Enable headset mic on Lenovo P360
c0d86f2a3c03 crypto: x86/chacha20 - Avoid spurious jumps to other functions
f0213894337a crypto: stm32 - fix reference leak in stm32_crc_remove
8c015cd52442 Input: stmfts - fix reference leak in stmfts_input_open
bb83a744bc67 Input: add bounds checking to input_set_capability()
4fd396695646 um: Cleanup syscall_handler_t definition/cast, fix warning
0c319b998835 rtc: fix use-after-free on device removal
05df3bdbc259 x86/xen: Make the secondary CPU idle tasks reliable
0d3817cb4ebe x86/xen: Make the boot CPU idle task reliable
67e2b62461b5 floppy: use a statically allocated error counter
0187300e6aa6 Linux 5.4.195
8fcefb43ecfc tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe()
6d80857c4fc7 ping: fix address binding wrt vrf
7845532adb53 arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map
c0b735fef2af net: phy: Fix race condition on link status change
a60def756821 MIPS: fix build with gcc-12
a3112d5da17c drm/vmwgfx: Initialize drm_mode_fb_cmd2
463c7431490d cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
f25145c37c4e i40e: i40e_main: fix a missing check on list iterator
17c744716af5 drm/nouveau/tegra: Stop using iommu_present()
c8f567c46543 serial: 8250_mtk: Fix register address for XON/XOFF character
aa3ea7451bd6 serial: 8250_mtk: Fix UART_EFR register address
031fda28d0a6 slimbus: qcom: Fix IRQ check in qcom_slim_probe
7de6f3059629 USB: serial: option: add Fibocom MA510 modem
65732f62f730 USB: serial: option: add Fibocom L610 modem
6c78537f3e29 USB: serial: qcserial: add support for Sierra Wireless EM7590
e40d00494712 USB: serial: pl2303: add device id for HP LM930 Display
056a56f8fbfe usb: typec: tcpci: Don't skip cleanup in .remove() on error
457d9401b8c1 usb: cdc-wdm: fix reading stuck on device close
4d93303fd877 tty: n_gsm: fix mux activation issues in gsm_config()
6e34ee5b5b92 tcp: resalt the secret every 10 seconds
39c26fe93c76 net: emaclite: Don't advertise 1000BASE-T and do auto negotiation
638bfbc84cca s390: disable -Warray-bounds
f66d3fa5089f ASoC: ops: Validate input values in snd_soc_put_volsw_range()
13b850a6cc80 ASoC: max98090: Generate notifications on changes for custom control
5c766c000a64 ASoC: max98090: Reject invalid values in custom control put()
22f6c68b4927 hwmon: (f71882fg) Fix negative temperature
208200e573bd gfs2: Fix filesystem block deallocation for short writes
42daae7d845c net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
e038c457bd12 net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending
2ec2dd7d51a9 net/sched: act_pedit: really ensure the skb is writable
48c6a40e2f25 s390/lcs: fix variable dereferenced before check
467ddbbe7e74 s390/ctcm: fix potential memory leak
2cbce0110070 s390/ctcm: fix variable dereferenced before check
1c40e85d0aa0 hwmon: (ltq-cputemp) restrict it to SOC_XWAY
0a778db9319f dim: initialize all struct fields
522986cc39c1 mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
0729594cb788 netlink: do not reset transport header in netlink_recvmsg()
33ce32587c44 drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name()
5809a1c53049 ipv4: drop dst in multicast routing path
c9d75e87f45b net: Fix features skip in for_each_netdev_feature()
5c9057670504 mac80211: Reset MBSSID parameters upon connection
cfe74fd41f18 hwmon: (tmp401) Add OF device ID table
3915341a935f batman-adv: Don't skb_split skbuffs with frag_list
90659487578c Linux 5.4.194
2f4e0bf651e3 mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic()
e4db0c3ce0c5 mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
ea9cad1c5d95 mm: fix missing cache flush for all tail pages of compound page
45c05171d6e3 Bluetooth: Fix the creation of hdev->name
f52c4c067aa5 KVM: x86/svm: Account for family 17h event renumberings in amd_pmc_perf_hw_id
c1bdf1e6e706 x86: kprobes: Prohibit probing on instruction which has emulate prefix
6af6427a9600 x86: xen: insn: Decode Xen and KVM emulate-prefix signature
c67a4a91f5e1 x86: xen: kvm: Gather the definition of emulate prefixes
4c39e1ace3dc x86/asm: Allow to pass macros to __ASM_FORM()
29afcd5af012 KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
ea65a7d76c00 arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
5755f946a89f can: grcan: only use the NAPI poll budget for RX
caba5c13a892 can: grcan: grcan_probe(): fix broken system id check for errata workaround needs
76b64c690f03 nfp: bpf: silence bitwise vs. logical OR warning
86ccefb83ede drm/i915: Cast remain to unsigned long in eb_relocate_vma
de542bd76541 drm/amd/display/dc/gpio/gpio_service: Pass around correct dce_{version, environment} types
e6ff94d31c53 block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
f668da98ad83 MIPS: Use address-of operator on section symbols
01565c91b789 Linux 5.4.193
8a7f92053dc9 mmc: rtsx: add 74 Clocks in power on flow
d789b9891761 PCI: aardvark: Fix reading MSI interrupt number
253bc43ca5b7 PCI: aardvark: Clear all MSIs at setup
786dc86c8434 dm: interlock pending dm_io and dm_wait_for_bios_completion
ad1393b92e50 dm: fix mempool NULL pointer race when completing IO
40bcd39a0093 tcp: make sure treq->af_specific is initialized
9661bf674d6a ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
37b12c16beb6 ALSA: pcm: Fix races among concurrent prealloc proc writes
2a559eec81ac ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
08d1807f097a ALSA: pcm: Fix races among concurrent read/write and buffer changes
fbeb492694ce ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
f098f8b9820f mm: fix unexpected zeroed page mapping with zram swap
c7337efd1d11 block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
9588ac2eddc2 net: ipv6: ensure we call ipv6_mc_down() at most once
367b49086b41 KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
c2fadf2d0ab4 x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
8b78939f4b0b kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU
f455c8e657e3 NFSv4: Don't invalidate inode attributes on delegation return
89e7a625ec5c drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
1d14c1c7a3bd net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
2b99ff4c3e3e btrfs: always log symlinks in full mode
dc4784489426 smsc911x: allow using IRQ0
cff6cb162f7a bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
64ece01adb42 selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is operational
52401926c863 net: emaclite: Add error handling for of_address_to_resource()
354cac1e392b net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux()
0510b6ccfb4f net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init()
102986592ffd RDMA/siw: Fix a condition race issue in MPA request processing
e6ae21eb948a ASoC: dmaengine: Restore NULL prepare_slave_config() callback
df3ea6cc1af5 hwmon: (adt7470) Fix warning on module removal
01d4363dd717 NFC: netlink: fix sleep in atomic bug when firmware download timeout
33d3e76fc7a7 nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs
85aecdef77f9 nfc: replace improper check device_is_registered() in netlink related functions
da9eb43b9a56 can: grcan: use ofdev->dev when allocating DMA memory
8b451b7d7e95 can: grcan: grcan_close(): fix deadlock
8f4246450a95 s390/dasd: Fix read inconsistency for ESE DASD devices
91193a2c2f4f s390/dasd: Fix read for ESE with blksize < 4k
1aa75808edd8 s390/dasd: prevent double format of tracks for ESE devices
061a424dd1c4 s390/dasd: fix data corruption for ESE devices
860db6cdc5be ASoC: meson: Fix event generation for G12A tohdmi mux
d4864e8c4ba8 ASoC: wm8958: Fix change notifications for DSP controls
6723ab2ed8bb ASoC: da7219: Fix change notifications for tone generator frequency
ac5894fb8626 genirq: Synchronize interrupt thread startup
8624e2c5af95 ACPICA: Always create namespace nodes using acpi_ns_create_node()
27183539cfac firewire: core: extend card->lock in fw_core_handle_bus_reset
2fefc6259861 firewire: remove check of list iterator against head past the loop body
34b9b9182911 firewire: fix potential uaf in outbound_phy_packet_callback()
f6b6e9336936 Revert "SUNRPC: attempt AF_LOCAL connect on setup"
d403ff32e566 gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
94842485b4ec ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
73ce49fa59a7 parisc: Merge model and model name into one line in /proc/cpuinfo
0d5bb59858c6 MIPS: Fix CP0 counter erratum detection for R4k CPUs
(From OE-Core rev: 7e056e79a5acce8261cb5124c172cc40ad608b82)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make it possible to disable the database update completely by using
a negative update interval CVE_DB_UPDATE_INTERVAL.
Disabling the update is useful when running multiple parallel builds
when we want to have a control on the database version. This allows
coherent cve-check results without an database update for only
some of the builds.
(From OE-Core rev: 487a53522a739b9a52720c4c40b93f88ad77d242)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b5c2269240327c2a8f93b9e55354698f52c976f3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now the CVE checker was giving information about CVEs found for
a product (or more products) contained in a recipe. However, there was
no easy way to find out which products or recipes have no CVEs. Having
no reported CVEs might mean there are simply none, but can also mean
a product name (CPE) mismatch.
This patch adds CVE_CHECK_COVERAGE option enabling a new type of
statistics. Then we use the new JSON format to report the information.
The legacy text mode report does not contain it.
This option is expected to help with an identification of recipes with
mismatched CPEs, issues in the database and more.
This work is based on [1], but adding the JSON format makes it easier
to implement, without additional result files.
[1] https://lists.openembedded.org/g/openembedded-core/message/159873
(From OE-Core rev: c63d06becc340270573bdef2630749db1f5230d4)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d1849a1facd64fa0bcf8336a0ed5fbf71b2e3cb5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the cve-check text mode output, we didn't write fragment
files if there are no CVEs (if CVE_CHECK_REPORT_PATCHED is 1),
or no unpached CVEs otherwise.
However, in a system after multiple builds,
cve_check_write_rootfs_manifest might find older files and use
them as current, what leads to incorrect reporting.
Fix it by always writing a fragment file, even if empty.
(From OE-Core rev: 4c10ee956f21ea2f805403704ac3c54b7f1be78c)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f1b7877acd0f6e3626faa57d9f89809cfcdfd0f1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Move the function to a library, it could be useful in other places.
(From OE-Core rev: c8a0e7ecee15985f7eed10ce9c86c48a77c5b7c5)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit debd37abcdde8788761ebdb4a05bc61f7394cbb8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Fix typo to properly whitelist CVE-2021-22945.
(From OE-Core rev: 7b2a1d908d3b63da5e9f072b61dd3c5fa91c7b8f)
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
