Marta Rybczynska [Fri, 18 Feb 2022 10:05:22 +0000 (11:05 +0100)]
grub: add structure initialization in zstd
This patch adds initialization of a structure in grub's zstd, which
might be left uninitialized by the compiler. It is a part of a security
series [1].
Marta Rybczynska [Fri, 18 Feb 2022 10:05:13 +0000 (11:05 +0100)]
grub: add a fix for malformed device path handling
This change fixes the malformed device paths in EFI handling.
Device paths of length 4 or shorter could cause different
kinds of unexpected behaviours.
This patch is NOT a part of [1], but is a dependency of one
of the patches included in the series.
Chee Yang Lee [Wed, 23 Feb 2022 06:17:30 +0000 (14:17 +0800)]
ruby: 2.7.4 -> 2.7.5
This release includes security fixes.
CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods
CVE-2021-41816: Buffer Overrun in CGI.escape_html
CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add a patch to fix CVE-2021-4160
The issue only affects OpenSSL on MIPS platforms. Link: https://security-tracker.debian.org/tracker/CVE-2021-4160 Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 20 Feb 2022 14:51:40 +0000 (14:51 +0000)]
vim: Upgrade 8.2.4314 -> 8.2.4424
License file had some grammar fixes.
Includes CVE-2022-0554.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a8d0a4026359c2c8a445dba9456f8a05470293c1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 6 Feb 2022 20:52:43 +0000 (20:52 +0000)]
vim: Upgrade 4269 -> 4134
License text underwent changes on how to submit Uganda donations, switch from http
to https urls and an update date change but the license itself is unchanged.
Also, add an entry for the top level license file. This is also the vim license
so LICENSE is unchanged but we should monitor it too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d195005e415b0b2d7c8b0b65c0aef888d4d6fc8e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Mon, 31 Jan 2022 12:44:07 +0000 (12:44 +0000)]
vim: upgrade to patch 4269
Upgrade to the latest patch release to fix the following CVEs:
- CVE-2022-0261
- CVE-2022-0318
- CVE-2022-0319
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96442e681c3acd82b09e3becd78e902709945f1f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Also remove the explicit whitelisting of CVE-2021-3968 as this is now
handled with an accurate CPE specifying the fixed version.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 764519ad0da6b881918667ca272fcc273b56168a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
vim: do not report upstream version check as broken
As upstream tags point releases with every commit and
the version check still reports 8.2, it should not be considered
broken (e.g. current version newer than latest version)
until 8.3 is released.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 11d8ee09b1bdec4824203dc0169093b2ae9d101a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Mon, 6 Dec 2021 14:49:53 +0000 (14:49 +0000)]
vim: upgrade to 8.2 patch 3752
There's a fairly constant flow of CVEs being fixed in Vim, which are
getting increasing non-trivial to backport.
Instead of trying to backport (and potentially introduce more bugs), or
just ignoring them entirely, upgrade vim to the latest patch in the hope
that vim 8.3 will be released before we release Kirkstone.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 78a4796de27d710f97c336d288d797557a58694e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Tue, 30 Nov 2021 16:53:13 +0000 (16:53 +0000)]
vim: set PACKAGECONFIG idiomatically
Don't set an empty default value and them immediately assign to it.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d7565241437487618a57d8f3f21da6fed69f6b8a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Konrad Weihmann [Tue, 15 Feb 2022 10:14:32 +0000 (11:14 +0100)]
ruby: fix DEPENDS append
recent change create a blank scope of DEPENDS for class-target,
basically leaving out all general dependencies, leading to the effect
that ruby will be shipped without the runtime dependencies of zlib,
openssl and libffi, making the corresponding gems unusable at runtime.
As the class-target scope should be appended only the correct override
is append:class-target
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8f92444d388d2406be7d317578908975784d3f22) Signed-off-by: Steve Sakoman <steve@sakoman.com>
In particular libffi was missing from native, which
led to linking with host libffi instead.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 293c9f879252a814107579542e8fca9af9dde599) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 11 Feb 2022 17:42:03 +0000 (17:42 +0000)]
default-distrovars.inc: Switch connectivity check to a yoctoproject.org page
example.com is proving unreliable at present so switch to our own connectivity
page instead. That page is very simple avoiding app overhead on our web server
which was an original reason for switching to example.com.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dc6b043cb75c5751b5a98afd2201aa31f9b4b9f6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
The generated relocate_sdk.sh shell script contains then an extra
newline and segfaults during SDK relocation.
Limit the search depth to 1, to avoid finding the file in the .debug
directory.
Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit baec04b936ab6b3d2039978fd568c3824cd0a501) Signed-off-by: Steve Sakoman <steve@sakoman.com>
License-Update:
Version of some driver files updated
Added files for some drivers
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1a2a64082d2a4845bebe802afed2a65dac994043) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Wed, 9 Feb 2022 23:03:51 +0000 (18:03 -0500)]
linux-yocto/5.4: update to v5.4.176
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
2570bb2729c7 Linux 5.4.176 5e2a4d02252f mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip() 6cbf4c731d78 block: Fix wrong offset in bio_truncate() 33a9ba52d5ea fsnotify: invalidate dcache before IN_DELETE event b52103cbb659 dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config e913171594ea ipv4: remove sparse error in ip_neigh_gw4() c30ecdba9e5a ipv4: tcp: send zero IPID in SYNACK messages 51dde4ae5a37 ipv4: raw: lock the socket in raw_bind() 2d334469c29e net: hns3: handle empty unknown interrupt for VF 7afc09c8915b yam: fix a memory leak in yam_siocdevprivate() 51edc483af6c drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy a15ed3e9887f ibmvnic: don't spin in tasklet c09702f43a6a ibmvnic: init ->running_cap_crqs early 86217a4ebd18 hwmon: (lm90) Mark alert as broken for MAX6654 18684bb996f3 rxrpc: Adjust retransmission backoff f39027cbada4 phylib: fix potential use-after-free 218cccb52124 net: phy: broadcom: hook up soft_reset for BCM54616S 0d26470b25d2 netfilter: conntrack: don't increment invalid counter on NF_REPEAT abcb9d80a4a5 NFS: Ensure the server has an up to date ctime before renaming 30965c768217 NFS: Ensure the server has an up to date ctime before hardlinking cdfaf8e985f8 ipv6: annotate accesses to fn->fn_sernum 581317b1f001 drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable b3e3d584f0f1 drm/msm/dsi: Fix missing put_device() call in dsi_get_phy 4abd2a7735e1 drm/msm: Fix wrong size calculation 9f0a6acac4a1 net-procfs: show net devices bound packet types 4fd45ff2b404 NFSv4: nfs_atomic_open() can race when looking up a non-regular file 0dfacee40021 NFSv4: Handle case where the lookup of a directory fails c27abaa040f3 hwmon: (lm90) Reduce maximum conversion rate for G781 1f748455a8f0 ipv4: avoid using shared IP generator for connected sockets ca5355771ca8 ping: fix the sk_bound_dev_if match in ping_lookup 0b567a24addc hwmon: (lm90) Mark alert as broken for MAX6680 b63031651a05 hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649 e372ecd455b6 net: fix information leakage in /proc/net/ptype 20b7af413153 ipv6_tunnel: Rate limit warning messages bf2bd892a0cb scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() d380beb5e58d rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev da27b834c1e0 rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev cb24af19e5a7 i40e: fix unsigned stat widths be6998f232b8 i40e: Fix queues reservation for XDP b16f1a078d63 i40e: Fix issue when maximum queues is exceeded f18aadbdf6ad i40e: Increase delay to 1 s after global EMP reset 7e94539448ed powerpc/32: Fix boot failure with GCC latent entropy plugin ff19d70b665d net: sfp: ignore disabled SFP node 5ede72d48cab ucsi_ccg: Check DEV_INT bit only when starting CCG4 3922b6e1c9ea usb: typec: tcpm: Do not disconnect while receiving VBUS off 9c61fce322ac USB: core: Fix hang in usb_kill_urb by adding memory barriers 4fc6519bdecb usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS 64e671a22163 usb: common: ulpi: Fix crash in ulpi_match() d66dc656c5f9 usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge a06cba5ad125 tty: Add support for Brainboxes UC cards. f5e6c946732a tty: n_gsm: fix SW flow control encoding/handling 05b330118888 serial: stm32: fix software flow control transfer 0b92eda2d801 serial: 8250: of: Fix mapped region size when using reg-offset property 2bf7dee6f423 netfilter: nft_payload: do not update layer 4 checksum when mangling fragments a6d588572568 arm64: errata: Fix exec handling in erratum 1418040 workaround 5cbcd1f5a20a drm/etnaviv: relax submit size limits 5463cfd83397 fsnotify: fix fsnotify hooks in pseudo filesystems 1614bd844eef tracing: Don't inc err_log entry count if entry allocation fails 8a8878ebb596 tracing/histogram: Fix a potential memory leak for kstrdup() 73578a9b2b72 PM: wakeup: simplify the output logic of pm_show_wakelocks() 31136e5467f3 udf: Fix NULL ptr deref when converting from inline format 86bcc670d300 udf: Restore i_lenAlloc when inode expansion fails c54445af64ca scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices 4d041e75c4c4 s390/hypfs: include z/VM guests with access control group set 835d37068525 Bluetooth: refactor malicious adv data check 7cdf2951f80d Linux 5.4.175 84b1259fe36a drm/vmwgfx: Fix stale file descriptors on failed usercopy 16895e4eac36 select: Fix indefinitely sleeping task in poll_schedule_timeout() 53d5b08d8e98 mmc: sdhci-esdhc-imx: disable CMDQ support c3fa7ce43cdd ARM: dts: gpio-ranges property is now required 75278f1aff5e pinctrl: bcm2835: Change init order for gpio hogs 0d006bb08d76 pinctrl: bcm2835: Add support for wake-up interrupts 08fd6274380a pinctrl: bcm2835: Match BCM7211 compatible string ac3daf50c150 pinctrl: bcm2835: Add support for all GPIOs on BCM2711 e5237171117c pinctrl: bcm2835: Refactor platform data 33e48b5305eb pinctrl: bcm2835: Drop unused define 75ca9c1d96c7 rcu: Tighten rcu_advance_cbs_nowake() checks 1b5553c79d52 drm/i915: Flush TLBs before releasing backing store 411d8da1c843 Linux 5.4.174 2c9650faa19c Revert "ia64: kprobes: Use generic kretprobe trampoline handler" d106693dfd21 mtd: nand: bbt: Fix corner case in bad block table handling 0c1b20381926 lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test a836180fc53a lib82596: Fix IRQ check in sni_82596_probe 3903f65a5a9f scripts/dtc: dtx_diff: remove broken example from help text b0e5b352fe12 dt-bindings: display: meson-vpu: Add missing amlogic,canvas property e3e561707c28 dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix property 810d3fac215d net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config() e81d42e5445a bcmgenet: add WOL IRQ check 3bd7629eb8b2 net_sched: restore "mpu xxx" handling 918b3dbf0315 arm64: dts: qcom: msm8996: drop not documented adreno properties 1e0e01eb2589 dmaengine: at_xdmac: Fix at_xdmac_lld struct definition ca48aa7de702 dmaengine: at_xdmac: Fix lld view setting 0366901b7b02 dmaengine: at_xdmac: Fix concurrency over xfers_list d56e1fcb7b5b dmaengine: at_xdmac: Print debug message after realeasing the lock 7163076f252e dmaengine: at_xdmac: Don't start transactions at tx_submit level 9fbe8ea8df20 perf script: Fix hex dump character output e7e3f9634ae6 libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() 91e58091a6bd gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst() 1e06cb37febe xfrm: Don't accidentally set RTO_ONLINK in decode_session4() d6bfcc8d9541 netns: add schedule point in ops_exit_list() 577d3c5291dc inet: frags: annotate races around fqdir->dead and fqdir->high_thresh 967ec4b05918 rtc: pxa: fix null pointer dereference 1623e00e407c net: axienet: increase default TX ring size to 128 88d7727796a6 net: axienet: fix number of TX ring slots for available check d2765d89fe38 net: axienet: limit minimum TX ring size 2612e3567665 clk: si5341: Fix clock HW provider cleanup 7a831993a9a8 af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress fdc1ce979061 f2fs: fix to reserve space for IO align feature f852afb6c072 parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries d25fe9c255b6 net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module 682a1e0ecbda ipv4: avoid quadratic behavior in netns dismantle e6669fba04ad bpftool: Remove inclusion of utilities.mak from Makefiles 9e5a74b6326b powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses 461aedcf68e0 powerpc/cell: Fix clang -Wimplicit-fallthrough warning 261f9917648e Revert "net/mlx5: Add retry mechanism to the command entry index allocation" 6926d427941a dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK d2d453940b62 RDMA/rxe: Fix a typo in opcode name 1a3f263e05d1 RDMA/hns: Modify the mapping attribute of doorbell to device 0cb05af4bf87 scsi: core: Show SCMD_LAST in text form 59c7ff950915 Documentation: fix firewire.rst ABI file path error dafbd79e423e Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization 2ecbe50b2b8e Documentation: ACPI: Fix data node reference documentation 49daee55004b Documentation: dmaengine: Correctly describe dmatest with channel unset 05594394dc27 media: rcar-csi2: Optimize the selection PHTW register 547ea2d23ec6 firmware: Update Kconfig help text for Google firmware 515ca9f56833 of: base: Improve argument length mismatch error 227afbfe47b5 drm/radeon: fix error handling in radeon_driver_open_kms d820cb636563 ext4: don't use the orphan list when migrating an inode 85c121cf17fd ext4: Fix BUG_ON in ext4_bread when write quota data b985c8521dac ext4: set csum seed in tmp inode while migrating to extents 6e23e0bb1a11 ext4: make sure quota gets properly shutdown on error 86be63aea2b1 ext4: make sure to reset inode lockdep class when quota enabling fails e5999c49cd90 btrfs: respect the max size in the header when activating swap file 85dc4aac7e99 btrfs: check the root node for uptodate before returning it eeec77bb53a5 btrfs: fix deadlock between quota enable and other quota operations e89514082668 xfrm: fix policy lookup for ipv6 gre packets 09af149541d9 PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device e904b46073a1 PCI: pci-bridge-emul: Correctly set PCIe capabilities ab57ac7299e2 PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space db531b57cb50 drm/bridge: analogix_dp: Make PSR-exit block less 17d492d39e17 drm/nouveau/kms/nv04: use vzalloc for nv04_display 0d0e56a1a945 drm/etnaviv: limit submit sizes 72a953efcbd6 s390/mm: fix 2KB pgtable release race da4e1facccc7 iwlwifi: mvm: Increase the scan timeout guard to 30 seconds 11604a3a6bed tracing/kprobes: 'nmissed' not showed correctly for kretprobe ae2e0b2f2ba3 cputime, cpuacct: Include guest time in user time in cpuacct.stat c526d53edd21 serial: Fix incorrect rs485 polarity on uart open 19a61f92fa6b fuse: Pass correct lend value to filemap_write_and_wait_range() 8130a1c0bf8a ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers 011024b0f695 crypto: caam - replace this_cpu_ptr with raw_cpu_ptr 973669290ad3 crypto: stm32/crc32 - Fix kernel BUG triggered in probe() 0c0fd11c9c77 crypto: omap-aes - Fix broken pm_runtime_and_get() usage b728b5295d1b rpmsg: core: Clean up resources on announce_create failure. 9e2c8bd78488 power: bq25890: Enable continuous conversion for ADC at charging f16a5bce3fd3 ASoC: mediatek: mt8173: fix device_node leak 5d635c25983e scsi: sr: Don't use GFP_DMA 1785538d273c MIPS: Octeon: Fix build errors using clang bb7d1de681f9 i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters 6abdf6722cd2 MIPS: OCTEON: add put_device() after of_find_device_by_node() 2a8870f5cb2a powerpc: handle kdump appropriately with crash_kexec_post_notifiers option 2dbb618e241a ALSA: seq: Set upper limit of processed events 1ad4f94630c0 scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup 73ed9127b8e8 w1: Misuse of get_user()/put_user() reported by sparse b8e5376c273c KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST aecdb1d24210 powerpc/powermac: Add missing lockdep_register_key() 2c146cf97bcb clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB e441d3cb760b i2c: mpc: Correct I2C reset procedure f231d1d22bad powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING aca56c298e2a i2c: i801: Don't silently correct invalid transfer size aea9d368480f powerpc/watchdog: Fix missed watchdog reset due to memory ordering race 5a3cda54ffd0 powerpc/btext: add missing of_node_put fd0135fc6f0a powerpc/cell: add missing of_node_put 67329fb6a8e2 powerpc/powernv: add missing of_node_put 5bea763aec17 powerpc/6xx: add missing of_node_put ecfe73aec681 parisc: Avoid calling faulthandler_disabled() twice 5e126f68808c random: do not throw away excess input to crng_fast_load 8f6cecfff36c serial: core: Keep mctrl register state and cached copy in sync 6f7bd9f7c893 serial: pl010: Drop CR register reset on set_termios c5e156a62744 regulator: qcom_smd: Align probe function with rpmh-regulator 4a55b02b647e net: gemini: allow any RGMII interface mode 4bee2316c574 net: phy: marvell: configure RGMII delays for 88E1118 b3fbe7565f8e dm space map common: add bounds check to sm_ll_lookup_bitmap() 052f64013701 dm btree: add a defensive bounds check to insert_at() aaefb1833309 mac80211: allow non-standard VHT MCS-10/11 5253794b19f6 net: mdio: Demote probed message to debug print 8508caebe60e btrfs: remove BUG_ON(!eie) in find_parent_nodes 7d4f4075e78b btrfs: remove BUG_ON() in find_parent_nodes() ba72fa2cb2f2 ACPI: battery: Add the ThinkPad "Not Charging" quirk 7c366d75a44a drm/amdgpu: fixup bad vram size on gmc v8 88b5abc0c61d ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 de85f5861894 ACPICA: Fix wrong interpretation of PCC address 1fa8e71d0022 ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() aee78b668ef5 ACPICA: Utilities: Avoid deleting the same object twice in a row a4c6cde223d2 ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions 56c308c7302b jffs2: GC deadlock reading a page that is used in jffs2_write_begin() c02454b3c85b um: registers: Rename function names to avoid conflicts and build problems 51b44e9b14a6 iwlwifi: mvm: Fix calculation of frame length 95017cf0a367 iwlwifi: remove module loading failure message 0446cafa843e iwlwifi: fix leaks/bad data after failed firmware load c8fe499c4565 ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream 46fdba26cdff usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 8ac2cf0253a5 cpufreq: Fix initialization of min and max frequency QoS requests bfcc1e9c2e00 arm64: tegra: Adjust length of CCPLEX cluster MMIO region 65816c103476 arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus dcf1d9f76f71 audit: ensure userspace is penalized the same as the kernel when under pressure 5cc8a367851b mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO 3a7f37eb2083 media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() 71b6d05db553 media: igorplugusb: receiver overflow should be reported 1af9e1d4885a HID: quirks: Allow inverting the absolute X/Y values 75f7885dc257 bpf: Do not WARN in bpf_warn_invalid_xdp_action() 086181b0ffde net: bonding: debug: avoid printing debug logs when bond is not notifying peers fcd7e8ccc437 x86/mce: Mark mce_read_aux() noinstr a0d171398dcd x86/mce: Mark mce_end() noinstr bca5aa920274 x86/mce: Mark mce_panic() noinstr 2481ee0ce59c gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock 743911a2bf8b net: phy: prefer 1000baseT over 1000baseKX a5d8e6189b13 net-sysfs: update the queue counts in the unregistration path d08cc0223a78 ath10k: Fix tx hanging 054281b3548d iwlwifi: mvm: synchronize with FW after multicast commands fe791612afab media: m920x: don't use stack on USB reads a821532ce5ec media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() b867a9c3de09 media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. ff867910e87c x86/mm: Flush global TLB when switching to trampoline page-table 16f2ef98cccf floppy: Add max size check for user space request 3ad5c9e50263 usb: uhci: add aspeed ast2600 uhci support c27a52321190 rsi: Fix out-of-bounds read in rsi_read_pkt() 51ad4c448611 rsi: Fix use-after-free in rsi_rx_done_handler() ae56c5524a75 mwifiex: Fix skb_over_panic in mwifiex_usb_recv() 4ff69cf3b1c8 HSI: core: Fix return freed object in hsi_new_client 009d6d9fea8c gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use 50ad94f8654a drm/bridge: megachips: Ensure both bridges are probed before registration c640dc459b7e mlxsw: pci: Add shutdown method in PCI driver f6b650941942 EDAC/synopsys: Use the quirk for version instead of ddr version 2134ebc2d0ad media: b2c2: Add missing check in flexcop_pci_isr: 2933aa510907 HID: apple: Do not reset quirks when the Fn key is not found a62523988129 drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L 0cba42c09ac8 usb: gadget: f_fs: Use stream_open() for endpoint files c7e4004b38aa batman-adv: allow netlink usage in unprivileged containers c93a934f812e ARM: shmobile: rcar-gen2: Add missing of_node_put() c9ec3d85c0ee drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR 3642493839af ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply c7186605d878 drm/lima: fix warning when CONFIG_DEBUG_SG=y & CONFIG_DMA_API_DEBUG=y 58cddfe67745 fs: dlm: filter user dlm messages for kernel locks fa4ca508c25c Bluetooth: Fix debugfs entry leak in hci_register_dev() 2b09cb8d92a5 of: base: Fix phandle argument length mismatch error message f88ccfb3f2d9 RDMA/cxgb4: Set queue pair state when being queried 38d97204a24b mips: bcm63xx: add support for clk_set_parent() d12b5cfab493 mips: lantiq: add support for clk_set_parent() 770e92dbc9f6 misc: lattice-ecp3-config: Fix task hung when firmware load failed 458c253b2577 ASoC: samsung: idma: Check of ioremap return value 8b894d503ed7 ASoC: mediatek: Check for error clk pointer 41d2dc9110e0 phy: uniphier-usb3ss: fix unintended writing zeros to PHY register dc03527ca12b iommu/iova: Fix race between FQ timeout and teardown 86233ee4b4b9 dmaengine: pxa/mmp: stop referencing config->slave_id 741a26cf3134 clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system enter shell 35d7be242cd9 ASoC: rt5663: Handle device_property_read_u32_array error codes 200f00382f08 RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry 6314e22a998e RDMA/core: Let ib_find_gid() continue search even after empty entry 2e89a39fd702 powerpc/powermac: Add additional missing lockdep_register_key() 9367675e76b8 PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() 27a90275e8f7 scsi: ufs: Fix race conditions related to driver data b9b691de3c99 iommu/io-pgtable-arm: Fix table descriptor paddr formatting 48fc8eebd174 binder: fix handling of error during copy f3c2c7f3f884 char/mwave: Adjust io port register size e607cd712d5d ALSA: oss: fix compile error when OSS_DEBUG is enabled 5daf39257079 ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA 7e2ce332aacc powerpc/prom_init: Fix improper check of prom_getprop() 506184ded655 clk: imx8mn: Fix imx8mn_clko1_sels 852f447ce0c1 RDMA/hns: Validate the pkey index 9927848b1ce5 ALSA: hda: Add missing rwsem around snd_ctl_remove() calls 79b89d3ab5a9 ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls 86fecb7f50b5 ALSA: jack: Add missing rwsem around snd_ctl_remove() calls 970d9082043d ext4: avoid trim error on fs with small groups 2e5f08a5f8b5 net: mcs7830: handle usb read errors properly ff09d5951b81 pcmcia: fix setting of kthread task states f56b423bce1e can: xilinx_can: xcan_probe(): check for error irq 58533bbd5cf1 can: softing: softing_startstop(): fix set but not used variable warning 13af3a9b1ba6 tpm: add request_locality before write TPM_INT_ENABLE 5d5223beb6e2 spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe 74dd45122b84 net/mlx5: Set command entry semaphore up once got index free 2b7816b1e90e Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels" 2f2336ca68b9 net/mlx5e: Don't block routes with nexthop objects in SW fca92bb20ced debugfs: lockdown: Allow reading debugfs files that are not world readable 46541f21de5c HID: hid-uclogic-params: Invalid parameter check in uclogic_params_frame_init_v1_buttonpad f6fbc6a0502c HID: hid-uclogic-params: Invalid parameter check in uclogic_params_huion_init 1f660b3ff5d6 HID: hid-uclogic-params: Invalid parameter check in uclogic_params_get_str_desc 3f4823c651bd HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init 1b7443f4ebf1 Bluetooth: hci_bcm: Check for error irq 4ceb319006e8 fsl/fman: Check for null pointer after calling devm_ioremap e2e1ceb8ca7a staging: greybus: audio: Check null pointer b78473575fbe rocker: fix a sleeping in atomic bug 385b8fe39802 ppp: ensure minimum packet size in ppp_write() c7a99af48c55 bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt(). 4e8307203d73 netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() ad6674562819 pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() 17162e260178 pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() 6cdbf5b6e4cf ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes d49992de0077 x86/mce/inject: Avoid out-of-bounds write when setting flags a259c73dddb3 bpftool: Enable line buffering for stdout eb599bf3bae5 selinux: fix potential memleak in selinux_add_opt() 8fe5e6ed36a5 mmc: meson-mx-sdio: add IRQ check db6eb2f94ad7 ARM: dts: armada-38x: Add generic compatible to UART nodes 1b10eb460dc1 usb: ftdi-elan: fix memory leak on device disconnect 3f8edc28c02b ARM: 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding 25dfc85fceeb xfrm: state and policy should fail if XFRMA_IF_ID 0 b34fadb521c9 xfrm: interface with if_id 0 should return error ba7d5b3e33a5 media: hantro: Fix probe func error path 26cf595abd9a drm/bridge: ti-sn65dsi86: Set max register for regmap a6d408452c16 drm/msm/dpu: fix safe status debugfs file 036fcde6c7d0 media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes 7089b97b46b6 media: msi001: fix possible null-ptr-deref in msi001_probe() 04691afdbc34 media: dw2102: Fix use after free b153346f0ffe ARM: dts: gemini: NAS4220-B: fis-index-block with 128 KiB sectors 4c66717867b9 crypto: stm32/cryp - fix lrw chaining mode 46d85cdd472a crypto: stm32/cryp - fix double pm exit 17bb09710c6b crypto: stm32/cryp - fix xts and race condition in crypto_engine requests fe211ebe8e14 xfrm: fix a small bug in xfrm_sa_len() b3e50e041b68 mwifiex: Fix possible ABBA deadlock 236399a60ec9 rcu/exp: Mark current CPU as exp-QS in IPI loop second pass b67881059f8f sched/rt: Try to restart rt period timer when rt runtime exceeded a26a338f4df6 media: si2157: Fix "warm" tuner state detection dc3b4b60a0d6 media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() f39bd2900fd4 media: dib8000: Fix a memleak in dib8000_init() 62bff2a806b0 Bluetooth: btmtksdio: fix resume failure 80f81e4bcc2a staging: rtl8192e: rtllib_module: fix error handle case in alloc_rtllib() 9f49cf5196d9 staging: rtl8192e: return error code from rtllib_softmac_init() 84e568531b9e floppy: Fix hang in watchdog when disk is ejected 6a4160c9f2ec serial: amba-pl011: do not request memory region twice 96591a7e66ba tty: serial: uartlite: allow 64 bit address d3aee4338f1d arm64: dts: ti: k3-j721e: Fix the L2 cache sets 15115464eba2 drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() 46ec86ea0d02 drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() 77af47f26987 ACPI: EC: Rework flushing of EC work while suspended to idle f996dab1a846 arm64: dts: qcom: msm8916: fix MMC controller aliases 54b5ab456e00 netfilter: bridge: add support for pppoe filtering 04bb89f51cba media: venus: core: Fix a resource leak in the error handling path of 'venus_probe()' 8034d6c40e43 media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released f77b90341055 media: si470x-i2c: fix possible memory leak in si470x_i2c_probe() a3c5386a515f media: imx-pxp: Initialize the spinlock prior to using it 0410f7ac04b3 media: rcar-csi2: Correct the selection of hsfreqrange 62866d6542ea tty: serial: atmel: Call dma_async_issue_pending() cd867ffa14a8 tty: serial: atmel: Check return code of dmaengine_submit() 06d6f696873b arm64: dts: ti: k3-j721e: correct cache-sets info ac718d92b6dc crypto: qce - fix uaf on qce_ahash_register_one be6ee09c9ece media: dmxdev: fix UAF when dvb_register_device() fails da0b42d1c3fb tee: fix put order in teedev_close_context() 24161b9c43de Bluetooth: stop proccessing malicious adv data 50a981742363 arm64: dts: meson-gxbb-wetek: fix missing GPIO binding e48e1d3e0f85 arm64: dts: meson-gxbb-wetek: fix HDMI in early boot 1221b3adf539 media: aspeed: Update signal status immediately to ensure sane hw state 15df887c6248 media: em28xx: fix memory leak in em28xx_init_dev 58f08f024c72 media: aspeed: fix mode-detect always time out at 2nd run dc644dd8a00c media: videobuf2: Fix the size printk format e51b0099c870 wcn36xx: Release DMA channel descriptor allocations 2aa2da3fb522 wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND 457b05f39116 clk: bcm-2835: Remove rounding up the dividers aac1ed30597c clk: bcm-2835: Pick the closest clock rate ba4cc4968917 Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails 141a9a9cae28 drm/rockchip: dsi: Fix unbalanced clock on probe error bcd6bfe12be0 drm/panel: innolux-p079zca: Delete panel on attach() failure 4c255e98aa05 drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure 5cc7480e63a3 drm/rockchip: dsi: Reconfigure hardware on resume() 0620aabea8d8 drm/rockchip: dsi: Hold pm-runtime across bind/unbind 6264d0fef906 shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode 9d8fb273d5ee mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages 7ad300800c43 mm_zone: add function to check if managed dma zone exists c4212d52f926 PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller 9e5bb22beb3c dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled() e12f983c4a3c iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure 81a026b9c33d lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() 3cead5b7a88c can: softing_cs: softingcs_probe(): fix memleak on registration failure 38e28033a56b media: stk1160: fix control-message timeouts 0ac3d5f6f956 media: pvrusb2: fix control-message timeouts d1c57f558d24 media: redrat3: fix control-message timeouts 7a9d34be181f media: dib0700: fix undefined behavior in tuner shutdown f64b379bde39 media: s2255: fix control-message timeouts 3a49cd738b07 media: cpia2: fix control-message timeouts c9ef6e1d5025 media: em28xx: fix control-message timeouts c89df039e811 media: mceusb: fix control-message timeouts 22325141e94c media: flexcop-usb: fix control-message timeouts 7458b0189e87 media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE 023357dd2eaf rtc: cmos: take rtc_lock while reading from CMOS 9a82bfb442b7 tools/nolibc: fix incorrect truncation of exit code 2e83886c0420 tools/nolibc: i386: fix initial stack alignment aca2988eddb9 tools/nolibc: x86-64: Fix startup code bug a4b5d9af4af5 x86/gpu: Reserve stolen memory for first integrated Intel GPU f55dbf729872 mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 29218853877a mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings ba2539b5f958 nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() eb116c891ba1 f2fs: fix to do sanity check in is_alive() bf9e52c0a9d9 HID: wacom: Avoid using stale array indicies to read contact count 5d1023f33c6d HID: wacom: Ignore the confidence flag when a touch is removed 60257988d6f9 HID: wacom: Reset expected and received contact counts at the same time 898e69caad0f HID: uhid: Fix worker destroying device without any protection
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Wed, 9 Feb 2022 23:03:50 +0000 (18:03 -0500)]
linux-yocto/5.4: update to v5.4.173
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
4aa2e7393e14 Linux 5.4.173 e245aaefef39 ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD d40f6eeaf513 mtd: fixup CFI on ixp4xx 1451deb164e1 ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows 7b98f61b8388 KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all 5c69ba9e80f0 firmware: qemu_fw_cfg: fix kobject leak in probe error path 1cc36ed56138 firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries b543e4141570 firmware: qemu_fw_cfg: fix sysfs information leak b25e9ef29d8f rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled 8716657b1b4b media: uvcvideo: fix division by zero at stream start 70ae85ca124e KVM: s390: Clarify SIGP orders versus STOP/RESTART 9b45f2007ea3 perf: Protect perf_guest_cbs with RCU bd2aed0464ae vfs: fs_context: fix up param length parsing in legacy_parse_param c2f067d4ad4a orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() 5d6af67307e8 devtmpfs regression fix: reconfigure on each mount c117b116e6b3 kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Martin Beeger [Fri, 11 Feb 2022 12:57:14 +0000 (13:57 +0100)]
cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain file
As discussion in [YOCTO #14717] cmake contains a OEToolchainConfig.cmake
file to configure the toolchain correctly in cross-compile build for recipes
using cmake. The variable CMAKE_LDFLAGS_FLAGS is spelled incorrectly, cmake expects
CMAKE_SHARED_LINKER_FLAGS, CMAKE_STATIC_LINKER_FLAGS, CMAKE_EXE_LINKER_FLAGS and
CMAKE_MODULE_LINKER_FLAGS to be set instead. As cmake already correctly initializes
these from environment there is no need to specify the linker flags in the toolchain
file at all. So this just removes the variable, as its value was also set wrong.
Signed-off-by: Martin Beeger <martin.beeger@online.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 52e59a5b37f55905ee693a99f9ffc34ed41b4283) Signed-off-by: Steve Sakoman <steve@sakoman.com>
rpm: fix intermittent compression failure in do_package_write_rpm
rpmbuild can start processing random memory when processing the value
provided by XZ_THREADS, and unintentionally disable encoding for a
file descriptor that in fact requires encoding to be enabled in order
for lzwrite() to actually create an rpm.
When the encoding bit gets cleared on the LZFILE* struct, lzwrite() then
rightfully complains when it detects !lzfile->encoding, which then gets
bubbled up as a write failure when we go to create the archive.
This fix is available in the rpm 4.17-release.
Signed-off-by: Kyle Russell <bkylerussell@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Saul Wold [Thu, 3 Feb 2022 19:43:48 +0000 (11:43 -0800)]
recipetool: Fix circular reference in SRC_URI
When creating a new recipe.bb file for a binary, don't use BP which
includes the version information, instead use BPN which is just the
name base Package Name.
Since PB is not specified, it takes the default:
PV = "1.0+git${SRCPV}"
But SRCPV is defined in terms of the SRC_URI, which leads to infinite
recursion (traceback below). Here are the pertinent variables which
cause the recursion:
cve-check: create directory of CVE_CHECK_MANIFEST before copy
Create directory of the CVE_CHECK_MANIFEST variable before copy to it,
so that the variable can use an arbitrary directory name.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9829c16301bf2dce39fa046401a984f112fa0322) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Steve Sakoman [Wed, 9 Feb 2022 14:27:25 +0000 (04:27 -1000)]
wpa-supplicant: fix CVE-2022-23303-4
The implementations of SAE in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side channel attacks as a result
of cache access patterns. NOTE: this issue exists because of an
incomplete fix for CVE-2019-9494.
Steve Sakoman [Mon, 7 Feb 2022 17:09:03 +0000 (07:09 -1000)]
connman: fix CVE-2021-33833
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based
buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or
RDLENGTH (for A or AAAA).
Steve Sakoman [Mon, 7 Feb 2022 16:26:40 +0000 (06:26 -1000)]
connman: fix CVE-2022-23096-7
An issue was discovered in the DNS proxy in Connman through 1.40.
The TCP server reply implementation lacks a check for the presence
of sufficient Header Data, leading to an out-of-bounds read (CVE-2022-23096)
An issue was discovered in the DNS proxy in Connman through 1.40.
forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds
read (CVE-2022-23097)
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d4c37ca1f1e97d53045521e9894dc9ed5b1c22a1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Rudolf J Streif [Wed, 26 Jan 2022 18:39:00 +0000 (10:39 -0800)]
linux-firmware: Add CLM blob to linux-firmware-bcm4373 package
The Country Local Matrix (CLM) blob brcmfmac4373-sdio.clm_blob was not
included with the files for the linux-firmware-bcm4373 package
but instead packaged with linux-firmware.
Signed-off-by: Rudolf J Streif <rudolf.streif@ibeeto.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 18ba64d4a12e7275381cf34fe72b757accbb1544) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Joshua Watt [Tue, 1 Feb 2022 07:28:31 +0000 (08:28 +0100)]
libcap: Use specific BSD license variant
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
Ross Burton [Tue, 1 Feb 2022 07:28:30 +0000 (08:28 +0100)]
shadow-sysroot: sync license with shadow
This recipe is just a single data file from shadow, but as we can't
easily tell what license that specific file is under just copy the full
license statement.
Joshua Watt [Tue, 1 Feb 2022 07:28:29 +0000 (08:28 +0100)]
shadow: Use specific BSD license variant
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
Joshua Watt [Tue, 1 Feb 2022 07:28:28 +0000 (08:28 +0100)]
glib-2.0: Use specific BSD license variant
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
Joshua Watt [Tue, 1 Feb 2022 07:28:27 +0000 (08:28 +0100)]
e2fsprogs: Use specific BSD license variant
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
sstate: A third fix for for touching files inside pseudo
This continues where commit 676757f "sstate: fix touching files inside
pseudo" and commit 29fc8599 "sstate: another fix for touching files
inside pseudo" left off.
The previous changes switched from trying to check if the sstate file is
writable before touching it, to always touching the sstate file and
ignoring any errors. However, if the sstate file is actually a symbolic
link that links to nothing, this would actually result in an empty
sstate file being created. And this in turn leads to that future
setscene tasks will fail when they try to unpack the empty file.
Change the code so that if an sstate file linking to nothing already
exists, it is overwritten with the new sstate file. Also change it so
that the temporary file that is used is always removed, even if ln
fails to link the sstate file to it.
Change-Id: I3800f98d0f2a0dd076352df85fad7c81460e733d Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Marek Vasut [Sun, 23 Jan 2022 02:30:05 +0000 (03:30 +0100)]
binutils: Backport Include members in the variable table used when resolving DW_AT_specification tags.
Backport binutils upstream patch fixing sporadic link errors in c++ code.
This triggers at least on arm32 and aarch64 with qt5 based applications.
The ChangeLog part of the patch as well as space change is omitted.
Binutils bug report for this problem is here:
https://sourceware.org/bugzilla/show_bug.cgi?id=26520
Signed-off-by: Marek Vasut <marex@denx.de> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Steve Sakoman <steve@sakoman.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
util-linux: Fix for CVE-2021-3995 and CVE-2021-3996
Add patches to fix CVE-2021-3995 and CVE-2021-3996
Also, add support include-strutils-cleanup-strto-functions.patch to
solve compilation error where `ul_strtou64` function not found which is
used in CVE-2021-3995.patch
Marta Rybczynska [Wed, 26 Jan 2022 09:20:44 +0000 (10:20 +0100)]
grub: add a fix for CVE-2020-25647
Fix a grub issue with incorrect values from an usb device. From the official
description from NVD [1]:
During USB device initialization, descriptors are read with very little
bounds checking and assumes the USB device is providing sane values.
If properly exploited, an attacker could trigger memory corruption leading
to arbitrary code execution allowing a bypass of the Secure Boot mechanism.
This patch is a part of a bigger security collection for grub [2].
Marta Rybczynska [Wed, 26 Jan 2022 09:20:43 +0000 (10:20 +0100)]
grub: add a fix for CVE-2020-25632
Fix grub issue with module dereferencing. From the official description
from NVD [1]:
The rmmod implementation allows the unloading of a module used as
a dependency without checking if any other dependent module is still
loaded leading to a use-after-free scenario. This could allow
arbitrary code to be executed or a bypass of Secure Boot protections.
This patch is a part of a bigger security collection for grub [2].
Steve Sakoman [Wed, 26 Jan 2022 14:37:07 +0000 (04:37 -1000)]
glibc: update to lastest 2.31 release HEAD
Includes the following fixes:
3ef8be9b89 CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768) e5c8da9826 <shlib-compat.h>: Support compat_symbol_reference for _ISOMAC 412aaf1522 sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542) c4c833d3dd CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542) 547b63bf6d socket: Add the __sockaddr_un_set function b061e95277 Revert "Fix __minimal_malloc segfaults in __mmap due to stack-protector" 95e206b67f Fix __minimal_malloc segfaults in __mmap due to stack-protector e26a2db141 gconv: Do not emit spurious NUL character in ISO-2022-JP-3 (bug 28524) 094618d401 x86_64: Remove unneeded static PIE check for undefined weak diagnostic
Also add CVE-2022-23218 and CVE-2022-23219 to ignore list since they are fixed
by the above changes.
Marek Vasut [Wed, 19 Jan 2022 23:17:55 +0000 (00:17 +0100)]
Revert "weston: Use systemd notify,"
Commit 4efdcc1090 ("weston: Use systemd notify,") has non-trivial to
backport dependencies without which it cannot work, revert backport.
In oe-core dunfell, weston is still started using /usr/bin/weston-start
script in meta/recipes-graphics/wayland/weston-init/weston@.service .
Since 76ed534267 ("weston-init: Use weston-launch when starting weston
as the first windowing system"), the weston-start script starts weston
using weston-launch executable in case $DISPLAY is not set, i.e. when
weston is started as the primary compositor.
When weston is started via weston-launch, the notification to systemd
is not delivered, and weston service fails to start with the following:
"
weston@root.service: start operation timed out. Terminating.
"
The weston systemd service has been reworked considerably since oe-core
dunfell in commit c21fa5a291 ("weston-init: Redefine weston service and
add socket activation option"), which replaced the use of weston-start
in weston@.service with plain weston, and has been further improved in
commit dd83fb40f7 ("weston-init: Stop running weston as root") . The
commit reverted here, oe-core/master commit c8aa0222ce ("weston: wrapper
for weston modules argument"), landed only with the two aforementioned
reworks already in place, therefore the commit could have never been
tested with weston started via weston-launch executable and the timeout
at delivering systemd notification could not have happened in master.
Both c21fa5a291 ("weston-init: Redefine weston service and add socket
activation option") and dd83fb40f7 ("weston-init: Stop running weston
as root") are large feature patches and thus unsuitable for stable
backports, hence this revert seems to be the least problematic way.
Signed-off-by: Marek Vasut <marex@denx.de> Cc: Alexandre Belloni <alexandre.belloni@bootlin.com> Cc: Joshua Watt <JPEWhacker@gmail.com> Cc: Pavel Zhukov <pavel.zhukov@huawei.com> Cc: Steve Sakoman <steve@sakoman.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 19 Sep 2021 10:55:49 +0000 (11:55 +0100)]
lttng-tools: Add missing DEPENDS on bison-native
This was being provided by other pieces of the dependency chain but is
specifically required by configure and could fail if those pieces come
from sstate. Fix such builds by adding the missing dependency.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ba2587beb2a3fb0ef9139f846e161542d2c5c4ae) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Fri, 14 Jan 2022 13:22:24 +0000 (13:22 +0000)]
kernel: introduce python3-dtschema-wrapper
The 5.16 kernel introduced mandatory schema checking on any dtb file
built through the kernel.
That funcionality is provided via python3-dt-schema.
The dependencies to enable that functionality is not small, and may
not always be desired (in particular on architectures that do not
support dtbs, or in development cycles). It may also be useful for
allowing a non-conformant dts to be compiled.
This commit introduces a set of wrapper scripts that when added
as a depenency to the kernel, can pass both the validation testing
and validation steps of a dts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backported from oe-core commit 2566563ad49d. Signed-off-by: Paul Barker <paul.barker@sancloud.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Mon, 17 Jan 2022 19:58:10 +0000 (14:58 -0500)]
linux-yocto/5.4: update to v5.4.172
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
b7f70762d158 Linux 5.4.172 f415409551b0 staging: greybus: fix stack size warning with UBSAN 65c2e7176f77 drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() 86ded7a6cf40 staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() a459686f986c media: Revert "media: uvcvideo: Set unique vdev name based in type" 7e07bedae159 random: fix crash on multiple early calls to add_bootloader_randomness() 517ab153f503 random: fix data race on crng init time 90ceecdaa062 random: fix data race on crng_node_pool a4fa4377c91b can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} e90a7524b5c8 can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data 9e9241d3345a drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions ada3805f1423 mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() d08a0a88db88 veth: Do not record rx queue hint in veth_xmit a6722b497401 mmc: sdhci-pci: Add PCI ID for Intel ADL 1199f0928488 USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status 43aac50196f3 USB: core: Fix bug in resuming hub's handling of wakeup requests ed5c2683b67b Bluetooth: bfusb: fix division by zero in send path 784e873af3dc Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() ad07b60837b2 workqueue: Fix unbind_workers() VS wq_worker_running() race
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Mon, 17 Jan 2022 19:58:09 +0000 (14:58 -0500)]
linux-yocto/5.4: update to v5.4.171
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
0a4ce4977bbe Linux 5.4.171 0101f118529d mISDN: change function names to avoid conflicts 34821931e18e atlantic: Fix buff_ring OOB in aq_ring_rx_clean 44065cc11797 net: udp: fix alignment problem in udp4_seq_show() 0ad45baead37 ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate 8b36aa5af4da scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() 6a3ffcc9ffd0 usb: mtu3: fix interval value for intr and isoc f0e57098243c ipv6: Do cleanup if attribute validation fails in multipath route c94999cfbbbe ipv6: Continue processing multipath route even if gateway attribute is invalid 2a6a811a45fd phonet: refcount leak in pep_sock_accep db0c834abbc1 rndis_host: support Hytera digital radios 72eb522ae6f1 power: reset: ltc2952: Fix use of floating point literals 159eaafee69b power: supply: core: Break capacity loop 102af6edfd3a xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate 10f2c336929d net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8081 c0db2e1e60c6 sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc bcbfc7780047 batman-adv: mcast: don't send link-local multicast to mcast routers 76936ddb4913 lwtunnel: Validate RTA_ENCAP_TYPE attribute length 2ebd777513d9 ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route a02d2be7eb48 ipv6: Check attribute length for RTA_GATEWAY in multipath route 34224e936a9d ipv4: Check attribute length for RTA_FLOW in multipath route 125d91f07233 ipv4: Check attribute length for RTA_GATEWAY in multipath route 1f46721836ee i40e: Fix incorrect netdev's real number of RX/TX queues f98acd3b4dcf i40e: Fix for displaying message regarding NVM version c340d45148c4 i40e: fix use-after-free in i40e_sync_filters_subtask() 38fbb1561d66 mac80211: initialize variable have_higher_than_11mbit 7646a340b25b RDMA/uverbs: Check for null return of kmalloc_array 5eb5d9c6591d RDMA/core: Don't infoleak GRH fields 415fc3f59595 iavf: Fix limit of total number of queues to active queues of VF 23ebe9cfda5e ieee802154: atusb: fix uninit value in atusb_set_extended_addr aa171d748a36 tracing: Tag trace_percpu_buffer as a percpu pointer db50ad6eec87 tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() cbbed1338d76 selftests: x86: fix [-Wstringop-overread] warn in test_process_vm_readv() 6904679c8400 Input: touchscreen - Fix backport of a02dcde595f7cbd240ccd64de96034ad91cffc40 6e80d2ee44c6 f2fs: quota: fix potential deadlock
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Mon, 17 Jan 2022 19:58:08 +0000 (14:58 -0500)]
linux-yocto/5.4: update to v5.4.170
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
047dedaa38ce Linux 5.4.170 2c3920c58e03 perf script: Fix CPU filtering of a script's switch events fe5838c22b98 net: fix use-after-free in tw_timer_handler 46556c4ecd63 Input: spaceball - fix parsing of movement data packets 975774ea7528 Input: appletouch - initialize work before device registration 436f6d0005d6 scsi: vmw_pvscsi: Set residual data length conditionally 103b16a8c51f binder: fix async_free_space accounting for empty parcels 98cde4dd5ec8 usb: mtu3: set interval of FS intr and isoc endpoint 585e2b244dda usb: mtu3: fix list_head check warning 50434eb6098f usb: mtu3: add memory barrier before set GPD's HWO 240fc586e83d usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. 20d80640fa61 xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. b364fcef9615 uapi: fix linux/nfc.h userspace compilation errors 245c5e43cd25 nfc: uapi: use kernel size_t to fix user-space builds 9e4a3f47eff4 i2c: validate user data in compat ioctl a7d3a1c6d9d9 fsl/fman: Fix missing put_device() call in fman_port_probe 2dc95e936414 net/ncsi: check for error return from call to nla_put_u32 ef01d63140f5 selftests/net: udpgso_bench_tx: fix dst ip argument 20f6896787c5 net/mlx5e: Fix wrong features assignment in case of error b85f87d30dba ionic: Initialize the 'lif->dbid_inuse' bitmap 1cd4063dbc91 NFC: st21nfca: Fix memory leak in device probe and remove 44cd64aa1c43 net: lantiq_xrx200: fix statistics of received bytes 3477f4b67ee4 net: usb: pegasus: Do not drop long Ethernet frames 831de271452b sctp: use call_rcu to free endpoint 3218d6bd6195 selftests: Calculate udpgso segment count without header adjustment 0a2e9f6a8f33 udp: using datalen to cap ipv6 udp max gso segments db484d35a948 net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources cc926b8f4d39 scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() 44937652afdb selinux: initialize proto variable in selinux_ip_postroute_compat() b536e357e73c recordmcount.pl: fix typo in s390 mcount regex 8d86b486e0de memblock: fix memblock_phys_alloc() section mismatch error 4606bfdaeb16 platform/x86: apple-gmux: use resource_size() with res 930d4986a432 tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok(). 7978ddae240b Input: i8042 - enable deferred probe quirk for ASUS UM325UA f93d5dca7d84 Input: i8042 - add deferred probe support 940e68e57ab6 tee: handle lookup of shm with reference count 0 4b38b12092b4 HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Mon, 17 Jan 2022 19:58:07 +0000 (14:58 -0500)]
linux-yocto/5.4: update to v5.4.169
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
4ca2eaf1d477 Linux 5.4.169 48c76fc53582 phonet/pep: refuse to enable an unbound pipe a5c6a13e9056 hamradio: improve the incomplete fix to avoid NPD ef5f7bfa19e3 hamradio: defer ax25 kfree after unregister_netdev df8f79bcc2e4 ax25: NPD bug when detaching AX25 device 0333eaf38500 hwmon: (lm90) Do not report 'busy' status bit as alarm bf260ff4a42f hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681 f373298e1bf0 pinctrl: mediatek: fix global-out-of-bounds issue bf04afb6137f mm: mempolicy: fix THP allocations escaping mempolicy restrictions f5db6bc93494 KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state 06c13e039d92 usb: gadget: u_ether: fix race in setting MAC address in setup phase b0406b5ef4e2 f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() 806142c805ca tee: optee: Fix incorrect page free bug 5478b90270a3 ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling 1c3d4122bec6 mmc: core: Disable card detect during shutdown e9db8fc6c7af mmc: sdhci-tegra: Fix switch to HS400ES mode d9031ce0b071 pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines c7b2e5850ba6 x86/pkey: Fix undefined behaviour with PKRU_WD_BIT ddc1d49e10a7 parisc: Correct completer in lws start 8467c8cb94a4 ipmi: fix initialization when workqueue allocation fails 8efd6a3391f7 ipmi: ssif: initialize ssif_info->client early cd24bafefc17 ipmi: bail out if init_srcu_struct fails 5525d80dc9dd Input: atmel_mxt_ts - fix double free in mxt_read_info_block 737a98d91b07 ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 8df036befbc3 ALSA: drivers: opl3: Fix incorrect use of vp->state fdaf41977d77 ALSA: jack: Check the return value of kstrdup() 44c743f63dd3 hwmon: (lm90) Drop critical attribute support for MAX6654 4615c9740575 hwmon: (lm90) Introduce flag indicating extended temperature support c2242478f28d hwmon: (lm90) Add basic support for TI TMP461 d939660eff62 hwmon: (lm90) Add max6654 support to lm90 driver 055ca98d48ba hwmon: (lm90) Fix usage of CONFIG2 register in detect function a7f95328c6f0 Input: elantech - fix stack out of bound access in elantech_change_report_id() e12dcd4aa7f4 sfc: falcon: Check null pointer of rx_queue->page_ring c11a41e26985 drivers: net: smc911x: Check for error irq 5d556b1437e1 fjes: Check for error irq d7024080db82 bonding: fix ad_actor_system option setting to default 992649b8b168 ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module 2460d96c19a8 net: skip virtio_net_hdr_set_proto if protocol already set 621d5536b452 net: accept UFOv6 packages in virtio_net_hdr_to_skb 0b01c51c4f47 qlcnic: potential dereference null pointer of rx_queue->page_ring 685fc8d22489 netfilter: fix regression in looped (broad|multi)cast's MAC handling 79dcbd817615 IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() 78874bca4f27 spi: change clk_disable_unprepare to clk_unprepare 0c0ac2547c87 arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode 6fa4e2992717 HID: holtek: fix mouse probing 2712816c10b3 serial: 8250_fintek: Fix garbled text for console 51c925a9bccc net: usb: lan78xx: add Allied Telesis AT29M2-AF 8f843cf57202 Linux 5.4.168 0d99b3c6bd39 xen/netback: don't queue unlimited number of packages 8bfcd0385211 xen/netback: fix rx queue stall detection 560e64413b4a xen/console: harden hvc_xen against event channel storms 3e68d099f09c xen/netfront: harden netfront against event channel storms 4ed9f5c511ce xen/blkfront: harden blkfront against event channel storms 192fe5739571 Revert "xsk: Do not sleep in poll() when need_wakeup set" e281b7199236 net: sched: Fix suspicious RCU usage while accessing tcf_tunnel_info 96a1550a2b43 mac80211: fix regression in SSN handling of addba tx 66aba15a144a rcu: Mark accesses to rcu_state.n_force_qs b847ecff8507 scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() f9f300a92297 ovl: fix warning in ovl_create_real() ba2a9d8f8ef1 fuse: annotate lock in fuse_reverse_inval_entry() 96f182c9f48b media: mxl111sf: change mutex_init() location 095ad3969b62 xsk: Do not sleep in poll() when need_wakeup set 29e9fdf7b681 ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name f6e9e7be9b80 Input: touchscreen - avoid bitwise vs logical OR warning 3d45573dfb6e mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO a19cf6844b50 mac80211: validate extended element ID is present e070c0c990d7 drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE c9ee8144e409 libata: if T_LENGTH is zero, dma direction should be DMA_NONE 62889094939c timekeeping: Really make sure wall_to_monotonic isn't positive 241d36219aaa USB: serial: option: add Telit FN990 compositions d2bb4378e2bb USB: serial: cp210x: fix CP2105 GPIO registration bae7f0808202 usb: xhci: Extend support for runtime power management for AMD's Yellow carp. 3dc6b5f2a4d5 PCI/MSI: Mask MSI-X vectors only on success c520e7cf82ac PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error ed31692a9758 USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) aae3448b78d9 USB: gadget: bRequestType is a bitfield, not a enum ad0ed314d616 sit: do not call ipip6_dev_free() from sit_init_net() c675256a7f13 net: systemport: Add global locking for descriptor lifecycle 2bf888fa4a5c net/smc: Prevent smc_release() from long blocking 56a6ffea18c2 net: Fix double 0x prefix print in SKB dump 027a13973dad net/packet: rx_owner_map depends on pg_vec 699e794c12a3 netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc a97e7dd4b713 ixgbe: set X550 MDIO speed before talking to PHY 8addba6cab94 igbvf: fix double free in `igbvf_probe` 36844e250a2e igb: Fix removal of unicast MAC filters of VFs bca4a53ea72c soc/tegra: fuse: Fix bitwise vs. logical OR warning 166f0adf7e75 rds: memory leak in __rds_conn_create() 9cb405ee5334 flow_offload: return EOPNOTSUPP for the unsupported mpls action type 066a637d1ce7 net: sched: lock action when translating it to flow_action infra e7660f9535ad mac80211: fix lookup when adding AddBA extension element f363af7c7045 mac80211: accept aggregation sessions on 6 GHz 1e6526148149 mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock ceb30f48d817 mac80211: agg-tx: refactor sending addba eeaf9c0609e0 selftest/net/forwarding: declare NETIFS p9 p10 2252220d9ebb dmaengine: st_fdma: fix MODULE_ALIAS 18203fe17643 selftests: Fix IPv6 address bind tests b46f0afa74e7 selftests: Fix raw socket bind tests with VRF 7b5596e53125 inet_diag: fix kernel-infoleak for UDP sockets 2c589cf07bd5 inet_diag: use jiffies_delta_to_msecs() 0d80462fbdca sch_cake: do not call cake_destroy() from cake_init() 2fba53ccfb1b s390/kexec_file: fix error handling when applying relocations b380bf012d2b selftests: net: Correct ping6 expected rc from 2 to 1 ec5c00be7836 clk: Don't parent clks until the parent is fully registered f83ed203c822 ARM: socfpga: dts: fix qspi node compatible 46b9e29db201 mac80211: track only QoS data frames for admission control a6f18191c6c1 arm64: dts: rockchip: fix audio-supply for Rock Pi 4 86f2789e3c15 arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply 4bb01424330d arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from rk3399-khadas-edge e0759696de68 nfsd: fix use-after-free due to delegation race 7243aa71509a iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda 0d3277eabd54 audit: improve robustness of the audit queue handling 501ecd90efdc dm btree remove: fix use after free in rebalance_children() b25e213522f6 recordmcount.pl: look for jgnop instruction as well as bcrl on s390 c0954f1010ad virtio_ring: Fix querying of maximum DMA mapping size for virtio device 802a1a850156 firmware: arm_scpi: Fix string overflow in SCPI genpd driver 33f0dfab3187 mac80211: send ADDBA requests using the tid/queue of the aggregation session 873e664a83ef mac80211: mark TX-during-stop for TX in in_reconfig ff3e3fdc737a KVM: selftests: Make sure kvm_create_max_vcpus test won't hit RLIMIT_NOFILE
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Kai Kang [Sun, 16 Jan 2022 16:23:58 +0000 (00:23 +0800)]
speex: fix CVE-2020-23903
Backport patch to fix CVE-2020-23903.
CVE: CVE-2020-23903
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b8f56e5e9eef32c1e01742f913e205d93548de1f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
