summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* libnss-nis: upgrade 3.1 -> 3.2Wang Mingyu2023-08-151-2/+2
| | | | | | | | | | | | | | | | Changelog: * Do not call malloc_usable_size This is a namespace violation, and interposed malloc implementations are not required to interpose malloc_usable_size [bsc#1207551]. (From OE-Core rev: cabadc004bd6ee6501166aac086ea8faa85da502) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5cd967503c0574f45b814572da9503182556b431) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-certifi: upgrade 2022.12.7 -> 2023.7.22Narpat Mali2023-08-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | python3-certifi 2023.7.22 contains the CVE-2023-37920 fix. No changelog provided. Commits: 8fb96ed (tag: 2023.07.22) 2023.07.22 afe7722 Bump actions/setup-python from 4.6.1 to 4.7.0 (#230) 2038739 Bump dessant/lock-threads from 3.0.0 to 4.0.1 (#229) 44df761 Hash pin Actions and enable dependabot (#228) 8b3d7ba (tag: 2023.05.07) 2023.05.07 53da240 ci: Add Python 3.12-dev to the testing (#224) c2fc3b1 Create a Security Policy (#222) c211ef4 Set up permissions to github workflows (#218) 2087de5 Don't let deprecation warning fail CI (#219) e0b9fc5 remove paragraphs about 1024-bit roots from README 9427a5a fix CI fed4048 get CI passing again 9e9e840 (tag: 2022.12.07) 2022.12.07 (From OE-Core rev: ec5e5ae6b304dee9b323bd20f3db25152a083398) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go: update 1.20.5 -> 1.20.6Jose Quaresma2023-08-158-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade to latest 1.20.x release [1]: $ git log --oneline go1.20.5..go1.20.6 origin/release-branch.go1.20 2c358ffe97 (tag: go1.20.6, origin/release-branch.go1.20) [release-branch.go1.20] go1.20.6 312920c00a [release-branch.go1.20] net/http: validate Host header before sending 4db13d762b [release-branch.go1.20] runtime: set raceignore to zero when starting a new goroutine 08a58dd8b6 [release-branch.go1.20] runtime: allow for 5 more threads in TestWindowsStackMemory* 65092835c5 [release-branch.go1.20] cmd/go: skip TestScript/gccgo_link_ldflags on aix/ppc64 bca817594c [release-branch.go1.20] crypto/x509: tolerate multiple matching chains in testVerify b8e67d1ddd [release-branch.go1.20] cmd/go/internal/test: don't wait for previous test actions when interrupted 3db4f8146c [release-branch.go1.20] runtime: resolve checkdead panic by refining `startm` lock handling in caller context 6b45fb7b73 [release-branch.go1.20] runtime: fallback to TEB arbitrary pointer when TLS slots are full be30960e58 [release-branch.go1.20] runtime: use 1-byte load for address checking in racecallatomic b59efe6c34 [release-branch.go1.20] net/mail: permit more characters in mail headers c32f1afb41 [release-branch.go1.20] all: make safe for new vet analyzer c7b145655b [release-branch.go1.20] cmd/go: fix tests for new builder environment 03063101a2 [release-branch.go1.20] text/template: set variables correctly in range assignment d51e322a3f [release-branch.go1.20] go/printer: error out of Fprint when it would write a '//line' directive with a multiline file path 49594244d3 [release-branch.go1.20] cmd/cover: error out if a requested source file contains a newline 4719048211 [release-branch.go1.20] cmd/cgo: error out if the source path used in line directives would contain a newline 6c606fc191 [release-branch.go1.20] cmd/go: fix TestScript/build_cwd_newline with CGO_ENABLED=0 63ad2b5811 [release-branch.go1.20] cmd/compile: do not report division by error during typecheck 95f377daad [release-branch.go1.20] cmd/go: retain extra roots to disambiguate imports in 'go mod tidy' a7a48fad7e [release-branch.go1.20] crypto/ecdsa: properly truncate P-521 hashes f5172dcd38 [release-branch.go1.20] go/build: check for invalid import paths again 8b3acefcbe [release-branch.go1.20] cmd/go: omit checksums for go.mod files needed for go version lines more often in pre-1.21 modules 1008486a9f [release-branch.go1.20] cmd/cgo: correct _cgo_flags output [1] https://github.com/golang/go/compare/go1.20.5...go1.20.6 (From OE-Core rev: 944b186eeb6821654ce6ef56df7ac0f2829696f5) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8d8216d8c4d37cc0d9508eb644653f94fff8989c) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ncurses: fix CVE-2023-29491Chen Qi2023-08-152-0/+463
| | | | | | | | | | | | | | Backport patch to fix CVE-2023-29491. (From OE-Core rev: f1c95ae70f7aac574daf5b935a02bbba0d6f8a16) (From OE-Core rev: cdb5d9d498d3c1917b286fba03ce7527f23f9953) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libarchive: ignore CVE-2023-30571Peter Marko2023-08-151-0/+3
| | | | | | | | | | | | | | | | | | | | | This issue was reported and discusses under [1] which is linked in NVD CVE report. It was already documented that some parts or libarchive are thread safe and some not. [2] was now merged to document that also reported function is not thread safe. So this CVE *now* reports thread race condition for non-thread-safe function. And as such the CVE report is now invalid. The issue is still not closed for 2 reasons: * better document what is and what is not thread safe * request to public if someone could make these functions thread safe This should however not invalidate above statment about ignoring this CVE. [1] https://github.com/libarchive/libarchive/issues/1876 [2] https://github.com/libarchive/libarchive/pull/1875 (From OE-Core rev: ffa8f92aa6f8405d8fea117af2f212ba190de393) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* util-linux: add alternative links for ipcs,ipcrmBenjamin Bouvier2023-08-011-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | When enabling ipcs and ipcrm configuration into busybox, both tools are built and then deployed during do_rootfs. These operation lead to below issue (similar behavior happens for ipcs): do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot, then please place them into pkg_postinst_ontarget:${PN} (). update-alternatives: Error: not linking .../build/tmp/work/board-poky-linux/board-image/1.0-r0/rootfs/usr/bin/ipcrm to /bin/busybox since .../build/tmp/work/board-poky-linux/board-image/1.0-r0/rootfs/usr/bin/ipcrm exists and is not a link Binaries enter in conflict with same named util-linux utilities during do_rootfs step. Adding ALTERNATIVE_LINK_NAME for both tools fix the issue. (From OE-Core rev: dc4099307100de817110958c9426ced4189fd0ac) Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e4d60408b869c9cc2ccff794d4e271d993ec8a97) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: use a glob on the PERLEXTERNAL to track updates on the pathJose Quaresma2023-08-011-1/+1
| | | | | | | | | | | | | | The Text-Template was updated from 1.46 to 1.56 | ERROR: openssl-native-3.1.1-r0 do_configure: PERLEXTERNAL '/build/tmp/work/x86_64-linux/openssl-native/3.1.1-r0/openssl-3.1.1/external/perl/Text-Template-1.46/lib' not found! (From OE-Core rev: e50a2298b10107b8ee66b2efd52c9d51d7a99fa5) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b9a7739b01e31d0cc8358d99255e3e1b02a0a1a8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: add PERLEXTERNAL path to test its existenceJose Quaresma2023-08-011-1/+3
| | | | | | | | | | | | | When upstream change is better to fail or removing the PERL5LIB if they are not need anymore. (From OE-Core rev: 2dda294698ea6bb797531cb4796af263fbf2f6be) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 337ac1159644678508990927923ef8af30f34cd7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa/selftest/devtool: add unit test for "devtool add -b"Yoann Congal2023-08-011-0/+32
| | | | | | | | | | | | Fix [Yocto #15085] Co-authored-by: Fawzi KHABER <fawzi.khaber@smile.fr> (From OE-Core rev: 2dca7cba28a08d63e0ca88bb9897e01661e177ef) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d5eedf8ca689ccb433c2f5d0b324378f966dd627) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* rootfs_rpm: don't depend on opkg-native for update-alternativesRoss Burton2023-08-011-3/+1
| | | | | | | | | | | | | | | opkg-native hasn't provided update-alternatives since 2014[1] so this is the wrong dependency, and image.bbclass depends on the virtual provider virtual/update-alternatives-native already. [1] oe-core 1e2c38ce13f8e4b25d8656d237343380cbc970aa (From OE-Core rev: 49be8045a6595cb98413519d2e65e94345f026c1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 51004376be9a6b9a4c38585d14d2516d90138319) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure caseRoss Burton2023-08-011-2/+2
| | | | | | | | | | | | | | str.format() doesn't use % notation, update the formatting to work. assertTrue() is a member of self not a global, and assertTrue(True) will always pass. Change this to just self.fail() as this is the failure case. (From OE-Core rev: c88b9eedc81529c67f2e628ae5e7325daff2535e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 017f3a0b1265c1a3b69c20bdb56bbf446111977e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* systemd-systemctl: fix errors in instance name expansionYuta Hayama2023-08-011-1/+1
| | | | | | | | | | | | | | If the instance name indicated by %i begins with a number, the meaning of the replacement string "\\1{}".format(instance) is ambiguous. To indicate group number 1 regardless of the instance name, use "\g<1>". (From OE-Core rev: 70107f1bc33b45da794b7a24b7325eb476516fdf) Signed-off-by: Yuta Hayama <hayama@lineo.co.jp> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d18b939fb08b37380ce95934da38e6522392621c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* meson.bbclass: Point to llvm-config from native sysrootKhem Raj2023-08-011-0/+1
| | | | | | | | | | | | | | | Default search in meson would grok /usr/bin for llvm-config and if found will use it, which might add wrong paths into cflags/ldflags, since we depend on llvm-native when building gallium support ( thats when llvm-config is effective), its better to point llvm-config into native sysroot so it can add correct paths into compiler/linker cmdline (From OE-Core rev: aa91fb2f0af1a32809ab1755598da5986b2dd06d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cc73360b9728812ed6123e30559b77d8e89cc21c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: fix missing comma in get_module_deps3.pyRoss Burton2023-08-011-1/+1
| | | | | | | | | | | | | | | Wes Tarro <wes.tarro@azuresummit.com> noticed a missing comma in a preplace() call, add it. That said, calling replace() with one argument results in a TypeError, so this is obviously dead code. (From OE-Core rev: f24236b7b52dd753d7170bac9c38dff1133db76e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b2e2c8d809e7ca34451ec9702b029a00dfb410b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* mdadm: re-add mdadm-ptest to PTESTS_SLOWOvidiu Panait2023-08-012-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ptest problems reported in e21021dc00ec ("mdadm: drop from PTESTS_SLOW") should now be fixed, so mdadm can be added back to PTESTS_SLOW (a qemux86-64 test run takes about ~12 minutes to execute with kvm). root@qemux86-64:~# ptest-runner mdadm START: ptest-runner 2023-06-30T08:25 BEGIN: /usr/lib/mdadm/ptest PASS: /usr/lib/mdadm/ptest/tests/00linear PASS: /usr/lib/mdadm/ptest/tests/00multipath ... PASS: /usr/lib/mdadm/ptest/tests/19repair-does-not-destroy PASS: /usr/lib/mdadm/ptest/tests/20raid5journal PASS: /usr/lib/mdadm/ptest/tests/21raid5cache DURATION: 723 END: /usr/lib/mdadm/ptest 2023-06-30T09:16 STOP: ptest-runner TOTAL: 1 FAIL: 0 For the testcases to run correctly, there must be enough rootfs space to create 13 loop devices. Similar to strace and lttng-tools, add a new IMAGE_ROOTFS_EXTRA_SPACE entry for mdadm-ptest. (From OE-Core rev: 174ef92965acd605e5aa5ed26afb3f8d556e98b2) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dfefff63c547adb1add0c8e3a308b2d0bd6cfc8c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* mdadm: skip running known broken ptestsOvidiu Panait2023-08-014-1/+585
| | | | | | | | | | | | | | | | | | | Upstream marked some testcases as "KNOWN BROKEN" and introduced the "--skip-broken" flag to ignore them when running the testsuite (commits [1] and [2]). Backport these two commits to get rid of the last remaining ptest failures. Also, add the "--skip-broken" option to the run-ptest script. [1] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=28520bf114b3 [2] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=daa86d663476 (From OE-Core rev: 153357be5c74393febaccbe37b0ff514401a52cd) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 62148b978b26b5fcd1a2fa3a0ff82ef814f4e7ec) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* mdadm: fix segfaults when running ptestsOvidiu Panait2023-08-015-0/+341
| | | | | | | | | | | | | | | | | | | | | | | Currently, some segfaults are reported when running ptest: mdadm[12333]: segfault at 0 ip 00007fe855924060 sp 00007ffc4d6caf88 error 4 in libc.so.6[7f) Code: d2 0f 84 b7 0f 00 00 48 83 fa 01 0f 84 b9 0f 00 00 49 89 d3 89 f1 89 f8 48 83 e1 3f 4f Backport the following upstream commits to fix them: 679bd9508a30 ("DDF: Cleanup validate_geometry_ddf_container()") 2b93288a5650 ("DDF: Fix NULL pointer dereference in validate_geometry_ddf()") 548e9b916f86 ("mdadm/Grow: Fix use after close bug by closing after fork") 9ae62977b51d ("monitor: Avoid segfault when calling NULL get_bad_blocks") The fixes are part of the "Bug fixes and testing improvments" patchset [1]. [1] https://www.spinics.net/lists/raid/msg70621.html (From OE-Core rev: eca27903d0217d9e8b1ddc0c9db9857831a915f3) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9585009e3e505b361cd32b14e0e85e77e7822878) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* mdadm: fix 07revert-inplace ptestOvidiu Panait2023-08-011-1/+1
| | | | | | | | | | | | | | | | | Testcase 07revert-inplace fails if strace is not installed: ... strace -o /tmp/str ./mdadm -A /dev/md0 --update=revert-reshape /dev/<...> tests/07revert-inplace: line 40: strace: command not found Add strace to mdadm-ptest RDEPENDS to make sure the testcase passes even with a core-image-minimal build. (From OE-Core rev: 56485bbb1ccb9042a914f1ed477fc96323d39fdf) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 7d9386663ac52ab69812867a0823c6055aedbc18) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* mdadm: fix util-linux ptest dependencyOvidiu Panait2023-08-011-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | Trying to run mdadm-ptest in a core-image-minimal build will result in: root@qemux86-64:~# ptest-runner mdadm START: ptest-runner BEGIN: /usr/lib/mdadm/ptest which: no lsblk in (/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin) lsblk command not found! DURATION: 0 END: /usr/lib/mdadm/ptest 2023-06-28T10:14 STOP: ptest-runner TOTAL: 1 FAIL: 0 Remove util-linux from RRECOMMENDS and only add util-linux-lsblk and util-linux-losetup to RDEPENDS. (From OE-Core rev: 45bf9f5c18a1dec0d3c1a134285e71660dd9d890) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3004f7589974c135cc82630d980ea281b97ecd83) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* uboot-extlinux-config.bbclass: fix old override syntax in commentQuentin Schulz2023-08-011-4/+4
| | | | | | | | | | | | | | | | | The comment specifies how to use the variables but uses the older and now unsupported override syntax. Let's update to match the newer syntax. Cc: Quentin Schulz <foss+yocto@0leil.net> (From OE-Core rev: 0a381eea4d50ff1c6e7c7d0d4df62eb581454b48) (From OE-Core rev: 0bbafc8b4d0c401a2af7c4b80e86d3e3fe01bed5) Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bb64f3fed29b9532e6ddc9a2ba0283d373622d87) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* kernel-module-split add systemd modulesloaddir and modprobedir configJose Quaresma2023-08-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Because busybox doesn't support other path than /etc [1] we can't change the default path unconditionally so change it only for systemd. The modules-load.d [2] - Configure kernel modules to load at boot should install their configuration files in /usr/lib/modules-load.d. The modprobe.d [3] - Configuration directory for modprobe should install their configuration files in /lib/modprobe.d [1] https://git.busybox.net/busybox/tree/modutils/modprobe.c?id=669c40ed8ebf480c95ce36135104e474e361a7e6#n658 [2] https://man7.org/linux/man-pages/man5/modules-load.d.5.html [3] https://man7.org/linux/man-pages/man5/modprobe.d.5.html [YOCTO #12212] https://bugzilla.yoctoproject.org/show_bug.cgi?id=12212 (From OE-Core rev: 174b446b7c8167934b13ec679407093924d324e3) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 075c309bd28bc8e19a82569a2e75da14fa5795dd) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* pkgconf: update SRC_URIRoss Burton2023-08-011-1/+1
| | | | | | | | | | | | | | dereferenced.org is now longer controlled by the pkgconf maintainers[1], so use the the new hosting location. [1] https://github.com/pkgconf/pkgconf/commit/437c2a3218bfcb1cae7fa38a4ccd0cb29575ff07 (From OE-Core rev: 7b50737b787311216670aa4b83b0a363d9a12aa3) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c3df4594513410c7a6352e62aa928c42982eac13) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* scripts/oe-setup-builddir: copy conf-notes.txt to build dirStéphane Veyret2023-08-011-5/+9
| | | | | | | | | | | | | | | | | Since commit 569d4cd325, if one is using a custom template directory containing a conf-notes.txt, this file is only displayed when creating a new environment. When entering an already existing environment, only the default poky conf-notes.txt is displayed. This patch copies the conf-notes.txt to display to the build directory, so that the good file is shown, even when templateconf.cfg is not used. (From OE-Core rev: 99e814215d164274cb29ba34ab06c11172dbe9f0) Signed-off-by: Stéphane Veyret <sveyret@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 845e8292f218d740ee653fa68bc3110aec1af3c5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libwebp: upgrade 1.3.0 -> 1.3.1Wang Mingyu2023-08-012-60/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2023-1999.patch removed since it's included in 1.3.1 Changelog: ========== This is a binary compatible release. * security fixes for lossless encoder (#603, chromium: #1420107, #1455619, CVE-2023-1999) * improve error reporting through WebPPicture error codes * fix upsampling for RGB565 and RGBA4444 in NEON builds * img2webp: add -sharp_yuv & -near_lossless * Windows builds: - fix compatibility with clang-cl (#607) - improve Arm64 performance with cl.exe - add Arm64EC support * fix webp_js with emcc >= 3.1.27 (stack size change, #614) * CMake fixes (#592, #610, #612) * further updates to the container and lossless bitstream docs (#581, #611) (From OE-Core rev: 6d6d103cfba013f54d567f96095a64034e568890) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 15411fb32b5a3c0ac9c06ff89db5664799f55d77) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* taglib: upgrade 1.13 -> 1.13.1Wang Mingyu2023-08-011-1/+1
| | | | | | | | | | | | | | | | | | | | | Changelog: =========== * Fixed parsing of TXXX frames without description. * Detect MP4 atoms with invalid length or type. * Do not miss ID3v2 frames when an extended header is present. * Use property "DISCSUBTITLE" for ID3v2 "TSST" frame. * Build system improvements: Use absolute path for macOS dylib install name, support --define-prefix when using pkg-config, fixed minimum required CppUnit version. * Code clean up using clang-tidy. (From OE-Core rev: 5eb1b017cfc136d23631b2008b417b82993ce4d8) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 69477347a21cc810851fd231659f73c6b4661d03) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-yocto/6.1: update to v6.1.38Bruce Ashfield2023-08-013-20/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | Updating to the latest korg -stable release that comprises the following commits: 61fd484b2cf6 Linux 6.1.38 c50065a39279 drm/amd/display: Ensure vmin and vmax adjust for DCE 9d0b2afadfd7 drm/amdgpu: Validate VM ioctl flags. fe56f507a11a docs: Set minimal gtags / GNU GLOBAL version to 6.6.5 c437b26bc3ae scripts/tags.sh: Resolve gtags empty index generation 50e36c2897ba perf symbols: Symbol lookup with kcore can fail if multiple segments match stext 67e3b5230cef nubus: Partially revert proc_create_single_data() conversion 296927dbae7d execve: always mark stack as growing down during early stack setup d856e6f8a0b4 PCI/ACPI: Call _REG when transitioning D-states 788c76c33df9 PCI/ACPI: Validate acpi_pci_set_power_state() parameter a905b0b318ad drm/amd/display: Do not update DRR while BW optimizations pending dd6d6f9d47ae drm/amd/display: Remove optimization for VRR updates 6b2849b3e05d xtensa: fix lock_mm_and_find_vma in case VMA not found (From OE-Core rev: eb74b5cc85c7c9172b7b944af160ac7e3701e858) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b4a4354fff41ffe61a1638b216e3a17e50b5c0e2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-yocto/6.1: update to v6.1.37Bruce Ashfield2023-08-013-20/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating to the latest korg -stable release that comprises the following commits: 0f4ac6b4c5f0 Linux 6.1.37 323846590c55 xtensa: fix NOMMU build with lock_mm_and_find_vma() conversion c2d89256de75 csky: fix up lock_mm_and_find_vma() conversion 4a1db15878aa parisc: fix expand_stack() conversion 0a1da2dde461 sparc32: fix lock_mm_and_find_vma() conversion 00f04a3385f7 Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe" a536383ef030 HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651. d89750b19681 HID: wacom: Use ktime_t rather than int when dealing with timestamps 879e79c3aead HID: hidraw: fix data race on device refcount cae854249578 fbdev: fix potential OOB read in fast_imageblit() e6bbad75712a mm: always expand the stack with the mmap write lock held c4b31d1b694e execve: expand new process stack manually ahead of time 6a6b5616c3d0 mm: make find_extend_vma() fail if write lock not held 48c232819e77 powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma() 21ee33d51bf9 mm/fault: convert remaining simple cases to lock_mm_and_find_vma() 1f4197f050de arm/mm: Convert to using lock_mm_and_find_vma() ac764deea709 riscv/mm: Convert to using lock_mm_and_find_vma() 7227d70acc78 mips/mm: Convert to using lock_mm_and_find_vma() 82972ea17b47 powerpc/mm: Convert to using lock_mm_and_find_vma() b92cd80e5f0b arm64/mm: Convert to using lock_mm_and_find_vma() 755aa1bc6aaf mm: make the page fault mmap locking killable d6a5c7a1a6e5 mm: introduce new 'lock_mm_and_find_vma()' page fault helper 4e2ad53ababe maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() 31cde3bdadca can: isotp: isotp_sendmsg(): fix return error fix on TX path 0af4750eaaed x86/smp: Cure kexec() vs. mwait_play_dead() breakage 6d3b2e0aef6c x86/smp: Use dedicated cache-line for mwait_play_dead() 50a1abc67702 x86/smp: Remove pointless wmb()s from native_stop_other_cpus() e47037d28b73 x86/smp: Dont access non-existing CPUID leaf edadebb349e8 x86/smp: Make stop_other_cpus() more robust 94a69d699941 x86/microcode/AMD: Load late on both threads too 84f077802e56 mm, hwpoison: when copy-on-write hits poison, take page offline 4af5960d7cd4 mm, hwpoison: try to recover from copy-on write faults 69925a346acb mptcp: ensure listener is unhashed before updating the sk status 42a018a796d1 mm/mmap: Fix error return in do_vmi_align_munmap() a149174ff8bb mm/mmap: Fix error path in do_vmi_align_munmap() (From OE-Core rev: 4abc100a81401373edaa3c5859e4bf94e8dc3d0d) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4d43c9ebcb0308d9178f6f44c02cac13de126c92) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-yocto/6.1: update to v6.1.36Bruce Ashfield2023-08-013-20/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating to the latest korg -stable release that comprises the following commits: a1c449d00ff8 Linux 6.1.36 29429a1f5871 smb: move client and server files to common directory fs/smb 9d3e4bca4b92 i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle 81d4078f7a42 x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys 679354bea008 KVM: arm64: Restore GICv2-on-GICv3 functionality 6ab9468d3eea vhost_net: revert upend_idx only on retriable error 454e4f391a14 vhost_vdpa: tell vqs about the negotiated 1af1cd7be370 drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl 022f2306d94f drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl aa88042218aa drm/exynos: vidi: fix a wrong error return 711f727f7bab null_blk: Fix: memory release when memory_backed=1 f6076a1386c9 ARM: dts: Fix erroneous ADS touchscreen polarities 1d1baefacdb4 i2c: mchp-pci1xxxx: Avoid cast to incompatible function type 8e3257599409 ALSA: hda/realtek: Add "Intel Reference board" and "NUC 13" SSID in the ALC256 cfa01235b5ed ASoC: fsl_sai: Enable BCI bit if SAI works on synchronous mode with BYP asserted 570583c6251a s390/purgatory: disable branch profiling c2888c460db2 gfs2: Don't get stuck writing page onto itself under direct I/O 878dad66b9b5 ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x 1c97025d441f ASoC: nau8824: Add quirk to active-high jack-detect 5cc506e9b3e5 soundwire: qcom: add proper error paths in qcom_swrm_startup() 2839e0b64e65 soundwire: dmi-quirks: add new mapping for HP Spectre x360 ee4d36a14d3f ASoC: simple-card: Add missing of_node_put() in case of error e701fb0a5d5b ASoC: codecs: wcd938x-sdw: do not set can_multi_write flag 06b9522ca831 spi: lpspi: disable lpspi module irq in DMA mode 39a77f005f8a s390/cio: unregister device when the only path is gone 552a24eb7168 arm64: dts: qcom: sc7280-qcard: drop incorrect dai-cells from WCD938x SDW 4de58b7c14c0 arm64: dts: qcom: sc7280-idp: drop incorrect dai-cells from WCD938x SDW 2e8ebf1a44cb Input: soc_button_array - add invalid acpi_index DMI quirk handling ba0cc7a2e508 nvme: improve handling of long keep alives 06d9ec407f76 nvme: check IO start time when deciding to defer KA 8a72260619ca nvme: double KA polling frequency to avoid KATO with TBKAS on c8f988c37a6b usb: gadget: udc: fix NULL dereference in remove() 3f6391062d0b btrfs: fix an uninitialized variable warning in btrfs_log_inode a2c3e9bfc02c nfcsim.c: Fix error checking for debugfs_create_dir a05df0643120 media: cec: core: don't set last_initiator if tx in progress f37956a140d1 media: cec: core: disable adapter in cec_devnode_unregister 9d8ac2726cff smb3: missing null check in SMB2_change_notify 3e8458c5b205 arm64: Add missing Set/Way CMO encodings 8428f4c00d8c HID: wacom: Add error check to wacom_parse_and_register() aaa50510adb7 scsi: target: iscsi: Prevent login threads from racing between each other 0357259cb103 gpiolib: Fix irq_domain resource tracking for gpiochip_irqchip_add_domain() 8592ada80ea5 gpio: sifive: add missing check for platform_get_irq cb1108e17493 gpiolib: Fix GPIO chip IRQ initialization restriction 90714f7ed760 arm64: dts: rockchip: fix nEXTRST on SOQuartz e51abd4808f9 arm64: dts: rockchip: Enable GPU on SOQuartz CM4 ec3d0f12e728 revert "net: align SO_RCVMARK required privileges with SO_MARK" b2e2f9c0939f sch_netem: acquire qdisc lock in netem_change() 0434277b72a4 platform/x86/amd/pmf: Register notify handler only if SPS is enabled 2d580c73afdc selftests: forwarding: Fix race condition in mirror installation eff07bf11841 io_uring/net: use the correct msghdr union member in io_sendmsg_copy_hdr 1b7b048c228e bpf: Force kprobe multi expected_attach_type for kprobe_multi link fc3afb337814 bpf/btf: Accept function names that contain dots 22cc989f2b10 Revert "net: phy: dp83867: perform soft reset and retain established link" 3e04743dbacf netfilter: nfnetlink_osf: fix module autoload abd3afddbf9e netfilter: nf_tables: disallow updates of anonymous sets c34b22038543 netfilter: nf_tables: reject unbound chain set before commit phase 46f801ab5fb9 netfilter: nf_tables: reject unbound anonymous set before commit phase b60c0ce0ff31 netfilter: nf_tables: disallow element updates of bound anonymous sets 0d836f917520 netfilter: nft_set_pipapo: .walk does not deal with generations d60be2da67d1 netfilter: nf_tables: drop map element references from preparation phase df27be7c1530 netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain 891cd2edddc7 netfilter: nf_tables: fix chain binding transaction logic f5b6dbec26f1 be2net: Extend xmit workaround to BE3 chip 50f689918db4 net: dsa: mt7530: fix handling of LLDP frames a50f84af215e net: dsa: mt7530: fix handling of BPDUs on MT7530 switch a4e4c7190126 net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch 7fd2e9a69e83 ipvs: align inner_mac_header for encapsulation 6d1eec1f2dd7 mmc: usdhi60rol0: fix deferred probing 7e10fff13353 mmc: sh_mmcif: fix deferred probing 565b8bd2905d mmc: sdhci-acpi: fix deferred probing 645f89ee3e3e mmc: owl: fix deferred probing 251101c32a01 mmc: omap_hsmmc: fix deferred probing 0057a905de5c mmc: omap: fix deferred probing f73b380518b2 mmc: mvsdio: fix deferred probing 4806f6b6b7a3 mmc: mtk-sd: fix deferred probing d28b7a87332f net: qca_spi: Avoid high load if QCA7000 is not available 1d4dd09f13a9 sfc: use budget for TX completions 0bbb8164ed07 net/mlx5: DR, Fix wrong action data allocation in decap action b062caf4f73b xfrm: Linearize the skb after offloading if needed. fff9a18e0128 selftests: net: fcnal-test: check if FIPS mode is enabled 0793ead2ff2c selftests: net: vrf-xfrm-tests: change authentication and encryption algos 6919634176cd selftests: net: tls: check if FIPS mode is enabled ac5671d10060 bpf: Fix a bpf_jit_dump issue for x86_64 with sysctl bpf_jit_enable. 8bb51cdc4fc2 xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets d9a0b1a53c79 bpf: Fix verifier id tracking of scalars on spill 461fc3391c52 bpf: track immediate values written to stack by BPF_ST instruction b36ba84f09a1 KVM: arm64: PMU: Restore the host's PMUSERENR_EL0 c803e91600be xfrm: Ensure policies always checked on XFRM-I input path 94e81817f080 xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c 8ea03341f78a xfrm: Treat already-verified secpath entries as optional 43489b2cba5a ieee802154: hwsim: Fix possible memory leaks caddcdf2a999 mmc: meson-gx: fix deferred probing 1a2793a25a60 memfd: check for non-NULL file_seals in memfd_create() syscall 364fdcbb035b x86/mm: Avoid using set_pgd() outside of real PGD pages cbfee3d9d5c0 nilfs2: prevent general protection fault in nilfs_clear_dirty_page() 24f473769e7e io_uring/poll: serialize poll linked timer start with poll removal 2d80c85fa404 arm64: dts: rockchip: Fix rk356x PCIe register and range mappings 277a7c23b590 regmap: spi-avmm: Fix regmap_bus max_raw_write b385b1d28e4e regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK ad5daeaa3d57 spi: spi-geni-qcom: correctly handle -EPROBE_DEFER from dma_request_chan() 21945b7a868f wifi: iwlwifi: pcie: Handle SO-F device for PCI id 0x7AF0 1dfca388fc7c bpf: ensure main program has an extable 03b2149d5aca mmc: sunxi: fix deferred probing 8b8756324c5b mmc: bcm2835: fix deferred probing 1db5a39a904e mmc: sdhci-spear: fix deferred probing f1b17198e45b mmc: mmci: stm32: fix max busy timeout calculation 6c2af0fd8301 mmc: meson-gx: remove redundant mmc_request_done() call from irq context 687d34c57807 mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 3dd0041c41da mmc: litex_mmc: set PROBE_PREFER_ASYNCHRONOUS 0d7a4e6589a0 cgroup,freezer: hold cpu_hotplug_lock before freezer_mutex in freezer_css_{online,offline}() 7b162a18d332 cgroup: Do not corrupt task iteration when rebinding subsystem c2c46a70282f mptcp: consolidate fallback and non fallback state machine 1d3127542665 mptcp: fix possible list corruption on passive MPJ b747e755986a mptcp: fix possible divide by zero in recvmsg() b7bb71dfb541 mptcp: handle correctly disconnect() failures 1d9dc9bed999 io_uring/net: disable partial retries for recvmsg with cmsg 4d729cc67b05 io_uring/net: clear msg_controllen on partial sendmsg retry 4db49d59a89c PCI: hv: Add a per-bus mutex state_lock 091d03d19859 PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic 5c09925b1879 PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev da2fff20d92d Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally" a74a9d9b756a PCI: hv: Fix a race condition bug in hv_pci_query_relations() ba803d7ac18a Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs 191cb913293a Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails 4f7e702b74f7 KVM: Avoid illegal stage2 mapping on invalid memory slot 390aeb5ae7c0 ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep() 8e63b1fd24a8 nilfs2: fix buffer corruption due to concurrent device reads d5d7cde2ad19 scripts: fix the gfp flags header path in gfp-translate 4a89bfb1a142 writeback: fix dereferencing NULL mapping->host on writeback_page_template 1fed1f851346 selftests: mptcp: join: fix "userspace pm add & remove address" 53e096bcaeac selftests: mptcp: join: skip fail tests if not supported f17459121c37 selftests: mptcp: join: skip userspace PM tests if not supported f40a7ded34c9 selftests: mptcp: join: skip test if iptables/tc cmds fail bce23d125434 selftests: mptcp: sockopt: skip TCP_INQ checks if not supported 157dcb20000b selftests: mptcp: diag: skip listen tests if not supported 755c8857abde selftests/mount_setattr: fix redefine struct mount_attr build error 94851666aff4 selftests: mptcp: join: skip MPC backups tests if not supported fe1f28db73f7 selftests: mptcp: join: skip fullmesh flag tests if not supported 6313c493e3c9 selftests: mptcp: join: skip backup if set flag on ID not supported efb4f6c2dd4c selftests: mptcp: join: skip implicit tests if not supported dd6c284a3430 selftests: mptcp: join: support RM_ADDR for used endpoints or not 695cce2f2cf5 selftests: mptcp: join: skip Fastclose tests if not supported 0381f30735e2 selftests: mptcp: join: support local endpoint being tracked or not 1c0d9b4b4745 selftests: mptcp: join: skip check if MIB counter not supported e35edb09e53e selftests: mptcp: join: helpers to skip tests 4d65ec947d24 selftests: mptcp: join: use 'iptables-legacy' if available 44d3366bf4b9 selftests: mptcp: lib: skip if not below kernel version c5bdd8eb8e7d selftests: mptcp: userspace pm: skip if not supported 733bf9d80d95 selftests: mptcp: userspace pm: skip if 'ip' tool is unavailable bfe225dec643 selftests: mptcp: sockopt: skip getsockopt checks if not supported 103b4e62de32 selftests: mptcp: sockopt: relax expected returned size 61c1bf0666a9 selftests: mptcp: pm nl: skip fullmesh flag checks if not supported 41f7f7f6e43e selftests: mptcp: pm nl: remove hardcoded default limits e79e5e7642ad selftests: mptcp: connect: skip disconnect tests if not supported cba0db9c1586 selftests: mptcp: connect: skip transp tests if not supported 9ead68270b29 selftests: mptcp: lib: skip if missing symbol 4bed22c6876b selftests: mptcp: join: fix ShellCheck warnings a032ccca15e1 selftests: mptcp: remove duplicated entries in usage 0c6552f83725 tick/common: Align tick period during sched_timer setup 854156d12caa ksmbd: validate session id and tree id in the compound request c86211159bc3 ksmbd: fix out-of-bound read in smb2_write 9650cf70ec9d ksmbd: validate command payload size 0fd4ac3773c3 tpm_crb: Add support for CRB devices based on Pluton a46fa5696613 tpm, tpm_tis: Claim locality in interrupt handler 2e7ad879e1b0 mm: Fix copy_from_user_nofault(). 4ed740c6482f ata: libata-scsi: Avoid deadlock on rescan after device resume c4465bff4d2f tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A 17732fed852a tty: serial: fsl_lpuart: make rx_watermark configurable for different platforms 9bcac453890b drm/amd/display: fix the system hang while disable PSR e538342002cb drm/amd/display: Add wrapper to call planes and stream update 8d855bc67630 drm/amd/display: Use dc_update_planes_and_stream (From OE-Core rev: a15a00443a7a7d78586a5b4e18d03ef0bdef6b7e) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 326b34c6cef90a88cf5bb9538a0d93595e7c4c9c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ruby: Fix CVE-2023-36617Mingli Yu2023-08-013-0/+110
| | | | | | | | | | | | | Backport two patches [1] [2] to fix CVE-2023-36617 [3]. [1] https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1 [2] https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8 [3] https://www.ruby-lang.org/en/news/2023/06/29/redos-in-uri-CVE-2023-36617/ (From OE-Core rev: 403a24f02600e2462e8ccfbb42651e15e002bd2e) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cups: Fix CVE-2023-34241Mingli Yu2023-08-012-0/+71
| | | | | | | | | | | Backport patch [1] to fix CVE-2023-34241. [1] https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2 (From OE-Core rev: 0048a87ec9442f1f9480d57ccfeeaa79ec171f04) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: ignore CVE-2023-36632Peter Marko2023-08-011-0/+2
| | | | | | | | | | | | | | This CVE shouldn't have been filed as the "exploit" is described in the documentation as how the library behaves. (From OE-Core rev: 3e7f736fa07a132d4fe42a59baaabe565238da21) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c652f094d86c4efb7ff99accba63b8169493ab18) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libjpeg-turbo: patch CVE-2023-2804Peter Marko2023-08-013-0/+180
| | | | | | | | | | | | | | Relevant links: * linked fronm NVD: * https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118 * follow-up analysis: * https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1496473989 * picked commits fix all issues mentioned in this analysis (From OE-Core rev: 473058bf65ac98f644b1ffd4d5190ee782b824a5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual: LTS releases now supported for 4 yearsMichael Opdenacker2023-07-262-12/+11
| | | | | | | (From yocto-docs rev: 60bcf303631054a1caa7ed1e22516a261b884fde) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* migration-guides: add release notes for 4.0.11Lee Chee Yang2023-07-262-0/+215
| | | | | | | | (From yocto-docs rev: 2487fb9065f497a3cd7f5077665a6f4815a7faef) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* migration-guides: add release notes for 4.0.10Lee Chee Yang2023-07-262-0/+181
| | | | | | | | (From yocto-docs rev: c8c20ff5267669b712628408967c087dac179563) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* conf.py: add macro for Mitre CVE linksMichael Opdenacker2023-07-261-0/+1
| | | | | | | | | Useful for CVEs that are not found (yet) on https://nvd.nist.gov/ (From yocto-docs rev: 4b8f2dddf85ca4be6bacad65f3893c9f593f7e18) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* acpica: Update SRC_URIMingli Yu2023-07-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the SRC_URI to fix the do_fetch warning. $ wget https://acpica.org/sites/acpica/files/acpica-unix-20220331.tar.gz --2023-07-19 02:45:33-- https://acpica.org/sites/acpica/files/acpica-unix-20220331.tar.gz Resolving acpica.org... 20.29.206.128 Connecting to acpica.org|20.29.206.128|:443... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/overview.html [following] --2023-07-19 02:45:33-- https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/overview.html Resolving www.intel.com... 23.72.14.54 Connecting to www.intel.com|23.72.14.54|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2023-07-19 02:45:34 ERROR 403: Forbidden. $ wget https://downloadmirror.intel.com/774879/acpica-unix-20220331.tar.gz --2023-07-19 02:46:04-- https://downloadmirror.intel.com/774879/acpica-unix-20220331.tar.gz Resolving downloadmirror.intel.com... 18.164.154.85, 18.164.154.5, 18.164.154.74, ... Connecting to downloadmirror.intel.com|18.164.154.85|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1911044 (1.8M) [application/gzip] Saving to: ‘acpica-unix-20220331.tar.gz’ acpica-unix-20220331.tar.gz 100%[=========================================================================>] 1.82M 1.61MB/s in 1.1s 2023-07-19 02:46:06 (1.61 MB/s) - ‘acpica-unix-20220331.tar.gz’ saved [1911044/1911044] (From OE-Core rev: 4724b382d183a2b3b8426c77c23b368f509411e7) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcc-testsuite: Fix ppc cpu specificationRichard Purdie2023-07-261-2/+3
| | | | | | | | | | | | | | | | | After this change in qemu: https://gitlab.com/qemu-project/qemu/-/commit/c7e89de13224c1e6409152602ac760ac91f606b4 there is no 'max' cpu model on ppc. Drop it to clean up ppc gcc testsuite failures. In order for this to work we do need to pull in the alternative cpu option from QEMU_EXTRAOPTIONS on powerpc. (From OE-Core rev: ea3143b243bb979f9b89f01fc2e7826cac0a7d75) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c447f2b21b20fb2b1829d540af2cc0bf8242700c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* machine/arch-arm64: add -mbranch-protection=standardRoss Burton2023-07-261-0/+5
| | | | | | | | | | | | | | Enable branch protection (PAC/BTI) for all aarch64 builds. This was previously enabled at a global level in the GCC build, but that breaks the gcc test suite. (From OE-Core rev: 63ce207e15bdee7708754a178a19fca64c4c0ee9) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8905639d1cdc5ce809cc5ecd9672f5e86bf8a579) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcc: don't pass --enable-standard-branch-protectionRoss Burton2023-07-261-1/+0
| | | | | | | | | | | | | | | | | | | | | | By changing the default code generation of GCC we're inadvertently breaking the GCC test suite, which has ~120K+ more failures when run for aarch64 compared to x86-64. This was because the generated code fragments included the BTI instructions, which the test case wasn't expecting. We can't tell the tests globally to run without branch protection, as that will break the tests which also turn it on. Remove the enabling of branch protection by standard in GCC, we'll enable it in the tune files instead. (From OE-Core rev: 81351d984bc6238e9b901ae83c0de6e3d3463c77) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bb4b9017db6a893ed054a2d2ad4cc671dec09c42) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* tiff: upgrade to 4.5.1Ross Burton2023-07-265-338/+2
| | | | | | | | | | | | | | | | Also remove old CVE_CHECK_IGNOREs which are no longer needed due to CPE updates. This is a backport from master. Mickledore had one extra CVE patch that was not on master at the time of upgrade, so it had to be manually removed here. (From OE-Core rev: 309b58071d14406ccdf90342f0a33285dc83c87c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Natasha Bailey <nat.bailey@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: upgrade 9.0.1527 -> 9.0.1592Trevor Gamblin2023-07-261-2/+2
| | | | | | | | | | | | | | | | | Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2609 d1ae836 patch 9.0.1531: crash when register contents ends up being invalid https://nvd.nist.gov/vuln/detail/CVE-2023-2610 ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text (From OE-Core rev: 5893c605060983db08a4b2d19b1dbfef23f9910d) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-yocto/5.15: update to v5.15.120Bruce Ashfield2023-07-263-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating to the latest korg -stable release that comprises the following commits: d54cfc420586 Linux 5.15.120 c06edf13f4cf nubus: Partially revert proc_create_single_data() conversion 6e65fa33edf5 parisc: Delete redundant register definitions in <asm/assembly.h> b4d8f8900021 drm/amdgpu: Validate VM ioctl flags. 26eb191bf5a0 scripts/tags.sh: Resolve gtags empty index generation 989b4a753c7e perf symbols: Symbol lookup with kcore can fail if multiple segments match stext 87f51cf60e3e Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe" 6a28f3490d3d HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651. 67ce7724637c HID: wacom: Use ktime_t rather than int when dealing with timestamps 347732317749 bpf: ensure main program has an extable d874cf9799a9 can: isotp: isotp_sendmsg(): fix return error fix on TX path 27d03d15bb8b x86/smp: Use dedicated cache-line for mwait_play_dead() d6c745ca4fc5 x86/microcode/AMD: Load late on both threads too 9052349685e9 drm/amdgpu: Set vmbo destroy after pt bo is created 796481bedc3e mm, hwpoison: when copy-on-write hits poison, take page offline 6713b8f11aa0 mm, hwpoison: try to recover from copy-on write faults b46021ab8304 mptcp: consolidate fallback and non fallback state machine 42ff95b4bd11 mptcp: fix possible divide by zero in recvmsg() (From OE-Core rev: 5209c9db1a918aa06c5d37163742efc59bb4503b) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-yocto/5.15: update to v5.15.119Bruce Ashfield2023-07-263-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating to the latest korg -stable release that comprises the following commits: 4af60700a60c Linux 5.15.119 10fbd2e04e40 act_mirred: remove unneded merge conflict markers 2230b3f874d9 i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle 907a069ec38f x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys 7949f83f7ecc vhost_net: revert upend_idx only on retriable error fdac0aa4a175 drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl f012d3037c15 drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl a44b4230d2ba drm/exynos: vidi: fix a wrong error return 79b4125bce96 ARM: dts: Fix erroneous ADS touchscreen polarities 9684c4fdeeca s390/purgatory: disable branch profiling 3c4d87e9fa8a ASoC: nau8824: Add quirk to active-high jack-detect d77eac1b14e0 soundwire: dmi-quirks: add new mapping for HP Spectre x360 53ad4af4ec90 ASoC: simple-card: Add missing of_node_put() in case of error bb45dc7b67c5 spi: lpspi: disable lpspi module irq in DMA mode f8d9d8f1727d s390/cio: unregister device when the only path is gone e10d15fdfced Input: soc_button_array - add invalid acpi_index DMI quirk handling 26bde09a1512 nvme: double KA polling frequency to avoid KATO with TBKAS on e3bbc148377d usb: gadget: udc: fix NULL dereference in remove() cce681383d34 nfcsim.c: Fix error checking for debugfs_create_dir 8a5ddd1430d4 media: cec: core: don't set last_initiator if tx in progress 01cf989090da arm64: Add missing Set/Way CMO encodings f97b16c0a538 HID: wacom: Add error check to wacom_parse_and_register() e8bdb1f88699 scsi: target: iscsi: Prevent login threads from racing between each other 1cc379d53b66 gpio: sifive: add missing check for platform_get_irq 497d40140865 gpiolib: Fix GPIO chip IRQ initialization restriction 7973c4b3b97d gpio: Allow per-parent interrupt data c1a2b52d999e sch_netem: acquire qdisc lock in netem_change() 3138c85031e8 selftests: forwarding: Fix race condition in mirror installation b7db41a86541 bpf/btf: Accept function names that contain dots 0f8d81254fd6 Revert "net: phy: dp83867: perform soft reset and retain established link" 57130334da4e netfilter: nfnetlink_osf: fix module autoload 53defc6ecff4 netfilter: nf_tables: disallow updates of anonymous sets 2f2f9eaa6da1 netfilter: nf_tables: reject unbound chain set before commit phase 2938e7d582d7 netfilter: nf_tables: reject unbound anonymous set before commit phase baa3ec1b31f5 netfilter: nf_tables: disallow element updates of bound anonymous sets 45eb6944d0f5 netfilter: nft_set_pipapo: .walk does not deal with generations 4004f12aaca8 netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain 314a8697d080 netfilter: nf_tables: fix chain binding transaction logic 1328e8d4c3ee be2net: Extend xmit workaround to BE3 chip 768f94c5f639 net: dsa: mt7530: fix handling of BPDUs on MT7530 switch aa528e7d379f net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch efea112a87b6 ipvs: align inner_mac_header for encapsulation 24d7d9aee03d mmc: usdhi60rol0: fix deferred probing d1e08bed0307 mmc: sh_mmcif: fix deferred probing 34c4906b9a06 mmc: sdhci-acpi: fix deferred probing 41f1e8dab08d mmc: owl: fix deferred probing b86ca9e08ca9 mmc: omap_hsmmc: fix deferred probing 445a9568dec1 mmc: omap: fix deferred probing 840deb8d1418 mmc: mvsdio: fix deferred probing 92f73c4f927c mmc: mtk-sd: fix deferred probing aedecd013d2c net: qca_spi: Avoid high load if QCA7000 is not available 156dd06fb337 xfrm: Linearize the skb after offloading if needed. d967bd7ea6cc selftests: net: fcnal-test: check if FIPS mode is enabled 964cfdfd4b4f xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets 25e89fa7b5a8 bpf: Fix verifier id tracking of scalars on spill 0b180495f6b0 bpf: track immediate values written to stack by BPF_ST instruction 3229a29e95f5 xfrm: Ensure policies always checked on XFRM-I input path d055ee18cab8 xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c 491ce3c1d98a xfrm: Treat already-verified secpath entries as optional 0ce3d0c068d9 ieee802154: hwsim: Fix possible memory leaks 29672dc47d99 mmc: meson-gx: fix deferred probing 9bac4a2b7326 memfd: check for non-NULL file_seals in memfd_create() syscall 103734b429b9 x86/mm: Avoid using set_pgd() outside of real PGD pages 793d0224bb60 nilfs2: prevent general protection fault in nilfs_clear_dirty_page() 96987c383c2b io_uring/net: disable partial retries for recvmsg with cmsg 25a543ca3005 io_uring/net: clear msg_controllen on partial sendmsg retry 34a7e5021a43 io_uring/net: save msghdr->msg_control for retries b07bb2914ada writeback: fix dereferencing NULL mapping->host on writeback_page_template 3c46a240ddba regmap: spi-avmm: Fix regmap_bus max_raw_write 4796d9b06917 regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK ba9952e2f50b ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN acee272283f4 mmc: mmci: stm32: fix max busy timeout calculation 999173f295cc mmc: meson-gx: remove redundant mmc_request_done() call from irq context 00010b52c705 mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 4a557910bbed cgroup: Do not corrupt task iteration when rebinding subsystem 815b24401165 PCI: hv: Add a per-bus mutex state_lock 34e21b8ff3e6 PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic 7d852ca7af37 PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev 5e0d33cc7813 Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally" ac0df91c7d98 PCI: hv: Fix a race condition bug in hv_pci_query_relations() 80c5d97b4aa1 Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs 4d31eb2e266c Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails 953dd7e2df81 KVM: Avoid illegal stage2 mapping on invalid memory slot 1d6c93206839 ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep() b12011cea56b nilfs2: fix buffer corruption due to concurrent device reads 485f6be2549c selftests: mptcp: join: skip check if MIB counter not supported 64cb73ea77ab selftests: mptcp: join: use 'iptables-legacy' if available 979a941d7ed3 selftests: mptcp: pm nl: remove hardcoded default limits ac65930751c4 selftests/mount_setattr: fix redefine struct mount_attr build error 726d033133e7 selftests: mptcp: lib: skip if not below kernel version b28fc26683b4 selftests: mptcp: lib: skip if missing symbol 024a24e5d4dd tick/common: Align tick period during sched_timer setup 3c1aa91b37f9 drm/amd/display: Add wrapper to call planes and stream update eea850c025b5 drm/amd/display: Use dc_update_planes_and_stream fb7c68bbccad drm/amd/display: Add minimal pipe split transition state b5f0e898f674 tpm, tpm_tis: Claim locality in interrupt handler 39e787253720 tracing: Add tracing_reset_all_online_cpus_unlocked() function 5a24be76af79 drm/amd/display: fix the system hang while disable PSR (From OE-Core rev: 35f0fb05f8be017e906626aa1060a81d4ca8e1c1) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* webkitgtk: 2.38.5 -> 2.38.6Kai Kang2023-07-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update webkitgtk from 2.38.5 to 2.38.6. It fixes CVE-2023-27932 and CVE-2023-27954. What’s new in the WebKitGTK 2.38.6 release? * Enable the Asynchronous Clipboard API to make certain pages work (e.g. GithHub started recently requiring it). * Support :has() CSS selectors in content filters. * Apply basic font properties as font variation settings. * The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. * Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. * Fix the build with journald support enabled when using elogind instead of the systemd libraries. * Fix the build with Link-Time Optimization enabled (-flto=auto). * Fix context menus not working in the remote Web Inspector. * Fix usage of the remote Web Inspector over HTTP. * Fix debug logs not being emitted in release builds. * Fix several crashes and rendering issues. (From OE-Core rev: 34bd08b121f1653907b45eb8d6192a77ef638005) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go: fix CVE-2023-24531Sakib Sajal2023-07-263-0/+315
| | | | | | | | | Backport required commits to fix CVE-2023-24531. (From OE-Core rev: 5d80e920c7ceaf091ccace8a3b6781b720abafbf) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* qemu: fix CVE-2023-0330Archana Polampalli2023-07-262-0/+76
| | | | | | | | | | | | | | | | | A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. References: https://nvd.nist.gov/vuln/detail/CVE-2023-0330 Upstream patches: https://gitlab.com/qemu-project/qemu/-/commit/b987718bbb1d0eabf95499b976212dd5f0120d75 (From OE-Core rev: 3be283237a9e473112430bcb614b25b7ff7e64b2) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* docs: ref-manual: terms: fix typos in SPDX termQuentin Schulz2023-07-201-2/+2
| | | | | | | | | | Fixes: 2c53ac40e99a ("ref-manual: terms.rst: add SBOM and SPDX terms") Cc: Quentin Schulz <foss+yocto@0leil.net> (From yocto-docs rev: a92b206cec9f17db4bb50eb8e7ca088e55a43e61) Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual: releases.svg: updatesMichael Opdenacker2023-07-201-92/+585
| | | | | | | | | | | - Kirkstone is now a 4 year LTS - Add future Scarthgap LTS - Update document metadata: license, title (From yocto-docs rev: 408b722ca330155e770262c7db8494ff897cfdb1) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* testimage/oeqa: Drop testimage_dump_host functionalityThomas Roos2023-07-207-74/+8
| | | | | | | | | | | | | | | | | | | The intent behind these functions was to dump the system state when issues occured but it has never really worked as we'd planned. Regular monitoring as the build runs has largely replaced this as that allows a trend to be seen rather than a spot value which was never really useful. The code is bitrotting and not functioning correctly so drop it. [YOCTO #13872] RP: Reword commit message (From OE-Core rev: 8d1bc34cffdd9f054e51db4e880747c79bf834fe) Signed-off-by: Thomas Roos <throos@amazon.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dea37ba49a236029da73d5cfbfc069bffc38b508) Signed-off-by: Steve Sakoman <steve@sakoman.com>