From patchwork Thu Jul 4 12:26:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46001 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7909C41513 for ; Thu, 4 Jul 2024 12:27:25 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web10.8980.1720096042544855150 for ; Thu, 04 Jul 2024 05:27:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=p+jKhQjH; spf=softfail (domain: sakoman.com, ip: 209.85.214.176, mailfrom: steve@sakoman.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-1fb0d88fdc8so2731875ad.2 for ; Thu, 04 Jul 2024 05:27:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096042; x=1720700842; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=fZE+WLY8WKpGuQHVYWpt5a1JETT32tLaY50yK8pqe1k=; b=p+jKhQjHlmX1uZqjTsg5M/ufi72m9nQAEQAUKElLtnzRDEsdpDWS3oKUhiB5YD/5cD TjTJW837eTJiKS1lbeVoay+LUkjZLLln5REUO0LJMvXQaL1hW7v0b7xromP33YOI9Ryf nTZf7LZFYbK62gmX2pvhcL+yN3JWjzJfA6tDWiTE2L4GJo9Qa3SAFXcfd/lxUCbxbW48 ENQ7m5bN7vdclpkvFHo0HqzOAKHEV/yiOcyzAz9HP5flPA0JyLrVl68Wy9hb3HwJO5cF bvq5FQdtIuiIu4rXIMKImQMLLtcD7RFMbKWJHojFfgeCljIkvVTfizt7D1G9x1Hfjh5s 6tdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096042; x=1720700842; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fZE+WLY8WKpGuQHVYWpt5a1JETT32tLaY50yK8pqe1k=; b=Xw8qQ65HsxBTmdKjLkvDuO/pVq01fo8ZR/Y4YDNRT16PfOtBd/rU3n0ioNaIqBYnHD kmUigWobwd+hH2wtIePofCqlgiNSaFTO9/VMxH4xJNZzd8U81Uv0b3A87seQXYep6zB5 mCDxVTWDt5o1cyiHuJFevAeP3JQ7UraVEYmfPqOlwuFqC1P7QQ5SM3QLsvbXC9TkSOAj I4fbUNU19sP1eVDNd9QG06IYM5XVIBgXJ0ro5ZU8YFEXpcJEN1s4tex9S4lzHLc5gIut lwsChUAyM6VvR4MFqf2Qc51ZfR4H8MBUWsIIjWAnOzF0NrA4VbHo+0qmwIiQOgvR6Ks8 GuuQ== X-Gm-Message-State: AOJu0YwUGPQhezkcsJvkhnpS9KoWkGEBXnNmUbiUflq49Wmqx3D03iuH +OgdRmAozx/MtLVZIeI5Inb/huejzIaHje+BAbUUGb41edWPI3zawihbdVZf3JASRSR0ZMxiIC+ x X-Google-Smtp-Source: AGHT+IFvrj/NjnPh7k9nkj0CDdOylpezCHNsj2BdtIODspJKrKKRYOr8qbYa6xSzJEhKGGoKI2Ewbw== X-Received: by 2002:a17:903:1cb:b0:1f7:11d6:27c6 with SMTP id d9443c01a7336-1fb33e61ac4mr12656685ad.29.1720096041270; Thu, 04 Jul 2024 05:27:21 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:20 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 01/21] llvm: Fix CVE-2024-0151 Date: Thu, 4 Jul 2024 05:26:53 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:25 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201544 From: Deepthi Hemraj Signed-off-by: Deepthi Hemraj Signed-off-by: Steve Sakoman --- .../llvm/0002-llvm-Fix-CVE-2024-0151.patch | 1086 +++++++++++++++++ meta/recipes-devtools/llvm/llvm_18.1.5.bb | 1 + 2 files changed, 1087 insertions(+) create mode 100644 meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch diff --git a/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch b/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch new file mode 100644 index 0000000000..c05685e64d --- /dev/null +++ b/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch @@ -0,0 +1,1086 @@ +commit 78ff617d3f573fb3a9b2fef180fa0fd43d5584ea +Author: Lucas Duarte Prates +Date: Thu Jun 20 10:22:01 2024 +0100 + + [ARM] CMSE security mitigation on function arguments and returned values (#89944) + + The ABI mandates two things related to function calls: + - Function arguments must be sign- or zero-extended to the register + size by the caller. + - Return values must be sign- or zero-extended to the register size by + the callee. + + As consequence, callees can assume that function arguments have been + extended and so can callers with regards to return values. + + Here lies the problem: Nonsecure code might deliberately ignore this + mandate with the intent of attempting an exploit. It might try to pass + values that lie outside the expected type's value range in order to + trigger undefined behaviour, e.g. out of bounds access. + + With the mitigation implemented, Secure code always performs extension + of values passed by Nonsecure code. + + This addresses the vulnerability described in CVE-2024-0151. + + Patches by Victor Campos. + + --------- + + Co-authored-by: Victor Campos + +Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/78ff617d3f573fb3a9b2fef180fa0fd43d5584ea] +CVE: CVE-2024-0151 +Signed-off-by: Deepthi Hemraj +--- +diff --git a/llvm/lib/Target/ARM/ARMISelLowering.cpp b/llvm/lib/Target/ARM/ARMISelLowering.cpp +index bfe137b95602..5490c3c9df6c 100644 +--- a/llvm/lib/Target/ARM/ARMISelLowering.cpp ++++ b/llvm/lib/Target/ARM/ARMISelLowering.cpp +@@ -156,6 +156,17 @@ static const MCPhysReg GPRArgRegs[] = { + ARM::R0, ARM::R1, ARM::R2, ARM::R3 + }; + ++static SDValue handleCMSEValue(const SDValue &Value, const ISD::InputArg &Arg, ++ SelectionDAG &DAG, const SDLoc &DL) { ++ assert(Arg.ArgVT.isScalarInteger()); ++ assert(Arg.ArgVT.bitsLT(MVT::i32)); ++ SDValue Trunc = DAG.getNode(ISD::TRUNCATE, DL, Arg.ArgVT, Value); ++ SDValue Ext = ++ DAG.getNode(Arg.Flags.isSExt() ? ISD::SIGN_EXTEND : ISD::ZERO_EXTEND, DL, ++ MVT::i32, Trunc); ++ return Ext; ++} ++ + void ARMTargetLowering::addTypeForNEON(MVT VT, MVT PromotedLdStVT) { + if (VT != PromotedLdStVT) { + setOperationAction(ISD::LOAD, VT, Promote); +@@ -2196,7 +2207,7 @@ SDValue ARMTargetLowering::LowerCallResult( + SDValue Chain, SDValue InGlue, CallingConv::ID CallConv, bool isVarArg, + const SmallVectorImpl &Ins, const SDLoc &dl, + SelectionDAG &DAG, SmallVectorImpl &InVals, bool isThisReturn, +- SDValue ThisVal) const { ++ SDValue ThisVal, bool isCmseNSCall) const { + // Assign locations to each value returned by this call. + SmallVector RVLocs; + CCState CCInfo(CallConv, isVarArg, DAG.getMachineFunction(), RVLocs, +@@ -2274,6 +2285,15 @@ SDValue ARMTargetLowering::LowerCallResult( + (VA.getValVT() == MVT::f16 || VA.getValVT() == MVT::bf16)) + Val = MoveToHPR(dl, DAG, VA.getLocVT(), VA.getValVT(), Val); + ++ // On CMSE Non-secure Calls, call results (returned values) whose bitwidth ++ // is less than 32 bits must be sign- or zero-extended after the call for ++ // security reasons. Although the ABI mandates an extension done by the ++ // callee, the latter cannot be trusted to follow the rules of the ABI. ++ const ISD::InputArg &Arg = Ins[VA.getValNo()]; ++ if (isCmseNSCall && Arg.ArgVT.isScalarInteger() && ++ VA.getLocVT().isScalarInteger() && Arg.ArgVT.bitsLT(MVT::i32)) ++ Val = handleCMSEValue(Val, Arg, DAG, dl); ++ + InVals.push_back(Val); + } + +@@ -2888,7 +2908,7 @@ ARMTargetLowering::LowerCall(TargetLowering::CallLoweringInfo &CLI, + // return. + return LowerCallResult(Chain, InGlue, CallConv, isVarArg, Ins, dl, DAG, + InVals, isThisReturn, +- isThisReturn ? OutVals[0] : SDValue()); ++ isThisReturn ? OutVals[0] : SDValue(), isCmseNSCall); + } + + /// HandleByVal - Every parameter *after* a byval parameter is passed +@@ -4485,8 +4505,6 @@ SDValue ARMTargetLowering::LowerFormalArguments( + *DAG.getContext()); + CCInfo.AnalyzeFormalArguments(Ins, CCAssignFnForCall(CallConv, isVarArg)); + +- SmallVector ArgValues; +- SDValue ArgValue; + Function::const_arg_iterator CurOrigArg = MF.getFunction().arg_begin(); + unsigned CurArgIdx = 0; + +@@ -4541,6 +4559,7 @@ SDValue ARMTargetLowering::LowerFormalArguments( + // Arguments stored in registers. + if (VA.isRegLoc()) { + EVT RegVT = VA.getLocVT(); ++ SDValue ArgValue; + + if (VA.needsCustom() && VA.getLocVT() == MVT::v2f64) { + // f64 and vector types are split up into multiple registers or +@@ -4604,16 +4623,6 @@ SDValue ARMTargetLowering::LowerFormalArguments( + case CCValAssign::BCvt: + ArgValue = DAG.getNode(ISD::BITCAST, dl, VA.getValVT(), ArgValue); + break; +- case CCValAssign::SExt: +- ArgValue = DAG.getNode(ISD::AssertSext, dl, RegVT, ArgValue, +- DAG.getValueType(VA.getValVT())); +- ArgValue = DAG.getNode(ISD::TRUNCATE, dl, VA.getValVT(), ArgValue); +- break; +- case CCValAssign::ZExt: +- ArgValue = DAG.getNode(ISD::AssertZext, dl, RegVT, ArgValue, +- DAG.getValueType(VA.getValVT())); +- ArgValue = DAG.getNode(ISD::TRUNCATE, dl, VA.getValVT(), ArgValue); +- break; + } + + // f16 arguments have their size extended to 4 bytes and passed as if they +@@ -4623,6 +4632,15 @@ SDValue ARMTargetLowering::LowerFormalArguments( + (VA.getValVT() == MVT::f16 || VA.getValVT() == MVT::bf16)) + ArgValue = MoveToHPR(dl, DAG, VA.getLocVT(), VA.getValVT(), ArgValue); + ++ // On CMSE Entry Functions, formal integer arguments whose bitwidth is ++ // less than 32 bits must be sign- or zero-extended in the callee for ++ // security reasons. Although the ABI mandates an extension done by the ++ // caller, the latter cannot be trusted to follow the rules of the ABI. ++ const ISD::InputArg &Arg = Ins[VA.getValNo()]; ++ if (AFI->isCmseNSEntryFunction() && Arg.ArgVT.isScalarInteger() && ++ RegVT.isScalarInteger() && Arg.ArgVT.bitsLT(MVT::i32)) ++ ArgValue = handleCMSEValue(ArgValue, Arg, DAG, dl); ++ + InVals.push_back(ArgValue); + } else { // VA.isRegLoc() + // Only arguments passed on the stack should make it here. +diff --git a/llvm/lib/Target/ARM/ARMISelLowering.h b/llvm/lib/Target/ARM/ARMISelLowering.h +index 62a52bdb03f7..a255e9b6fc36 100644 +--- a/llvm/lib/Target/ARM/ARMISelLowering.h ++++ b/llvm/lib/Target/ARM/ARMISelLowering.h +@@ -891,7 +891,7 @@ class VectorType; + const SmallVectorImpl &Ins, + const SDLoc &dl, SelectionDAG &DAG, + SmallVectorImpl &InVals, bool isThisReturn, +- SDValue ThisVal) const; ++ SDValue ThisVal, bool isCmseNSCall) const; + + bool supportSplitCSR(MachineFunction *MF) const override { + return MF->getFunction().getCallingConv() == CallingConv::CXX_FAST_TLS && +diff --git a/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll b/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll +new file mode 100644 +index 0000000000..58eef443c25e +--- /dev/null ++++ b/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll +@@ -0,0 +1,552 @@ ++; RUN: llc %s -mtriple=thumbv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-LE ++; RUN: llc %s -mtriple=thumbebv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-BE ++; RUN: llc %s -mtriple=thumbv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-LE ++; RUN: llc %s -mtriple=thumbebv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-BE ++ ++@get_idx = hidden local_unnamed_addr global ptr null, align 4 ++@arr = hidden local_unnamed_addr global [256 x i32] zeroinitializer, align 4 ++ ++define i32 @access_i16() { ++; V8M-COMMON-LABEL: access_i16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call signext i16 %0() "cmse_nonsecure_call" ++ %idxprom = sext i16 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_u16() { ++; V8M-COMMON-LABEL: access_u16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i16 %0() "cmse_nonsecure_call" ++ %idxprom = zext i16 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i8() { ++; V8M-COMMON-LABEL: access_i8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call signext i8 %0() "cmse_nonsecure_call" ++ %idxprom = sext i8 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_u8() { ++; V8M-COMMON-LABEL: access_u8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i8 %0() "cmse_nonsecure_call" ++ %idxprom = zext i8 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i1() { ++; V8M-COMMON-LABEL: access_i1: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i1: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i1 %0() "cmse_nonsecure_call" ++ %idxprom = zext i1 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i5() { ++; V8M-COMMON-LABEL: access_i5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call signext i5 %0() "cmse_nonsecure_call" ++ %idxprom = sext i5 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_u5() { ++; V8M-COMMON-LABEL: access_u5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: and r0, r0, #31 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: and r0, r0, #31 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i5 %0() "cmse_nonsecure_call" ++ %idxprom = zext i5 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i33(ptr %f) { ++; V8M-COMMON-LABEL: access_i33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: rsb.w r0, r0, #0 ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: rsb.w r0, r0, #0 ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %call = tail call i33 %f() "cmse_nonsecure_call" ++ %shr = ashr i33 %call, 32 ++ %conv = trunc nsw i33 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_u33(ptr %f) { ++; V8M-COMMON-LABEL: access_u33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %call = tail call i33 %f() "cmse_nonsecure_call" ++ %shr = lshr i33 %call, 32 ++ %conv = trunc nuw nsw i33 %shr to i32 ++ ret i32 %conv ++} +diff --git a/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll b/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll +new file mode 100644 +index 0000000000..c66ab00566dd +--- /dev/null ++++ b/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll +@@ -0,0 +1,368 @@ ++; RUN: llc %s -mtriple=thumbv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-LE ++; RUN: llc %s -mtriple=thumbebv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-BE ++; RUN: llc %s -mtriple=thumbv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-LE ++; RUN: llc %s -mtriple=thumbebv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-BE ++ ++@arr = hidden local_unnamed_addr global [256 x i32] zeroinitializer, align 4 ++ ++define i32 @access_i16(i16 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = sext i16 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_u16(i16 zeroext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i16 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i8(i8 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = sext i8 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_u8(i8 zeroext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i8 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i1(i1 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i1: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: rsbs r0, r0, #0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i1: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: rsbs r0, r0, #0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i1 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i5(i5 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = sext i5 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_u5(i5 zeroext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: and r0, r0, #31 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: and r0, r0, #31 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i5 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i33(i33 %arg) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: rsbs r0, r0, #0 ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: rsbs r0, r0, #0 ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %shr = ashr i33 %arg, 32 ++ %conv = trunc nsw i33 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_u33(i33 %arg) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %shr = lshr i33 %arg, 32 ++ %conv = trunc nuw nsw i33 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_i65(ptr byval(i65) %0) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i65: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: sub sp, #16 ++; V8M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V8M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V8M-LE-NEXT: and r0, r0, #1 ++; V8M-LE-NEXT: rsbs r0, r0, #0 ++; V8M-BE-NEXT: movs r1, #0 ++; V8M-BE-NEXT: sub.w r0, r1, r0, lsr #24 ++; V8M-COMMON-NEXT: add sp, #16 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i65: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: sub sp, #16 ++; V81M-COMMON-NEXT: add sp, #4 ++; V81M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V81M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V81M-LE-NEXT: and r0, r0, #1 ++; V81M-LE-NEXT: rsbs r0, r0, #0 ++; V81M-BE-NEXT: movs r1, #0 ++; V81M-BE-NEXT: sub.w r0, r1, r0, lsr #24 ++; V81M-COMMON-NEXT: sub sp, #4 ++; V81M-COMMON-NEXT: add sp, #16 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %arg = load i65, ptr %0, align 8 ++ %shr = ashr i65 %arg, 64 ++ %conv = trunc nsw i65 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_u65(ptr byval(i65) %0) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u65: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: sub sp, #16 ++; V8M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V8M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V8M-BE-NEXT: lsrs r0, r0, #24 ++; V8M-COMMON-NEXT: add sp, #16 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u65: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: sub sp, #16 ++; V81M-COMMON-NEXT: add sp, #4 ++; V81M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V81M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V81M-BE-NEXT: lsrs r0, r0, #24 ++; V81M-COMMON-NEXT: sub sp, #4 ++; V81M-COMMON-NEXT: add sp, #16 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %arg = load i65, ptr %0, align 8 ++ %shr = lshr i65 %arg, 64 ++ %conv = trunc nuw nsw i65 %shr to i32 ++ ret i32 %conv ++} diff --git a/meta/recipes-devtools/llvm/llvm_18.1.5.bb b/meta/recipes-devtools/llvm/llvm_18.1.5.bb index 4b6763e580..b03cf1465e 100644 --- a/meta/recipes-devtools/llvm/llvm_18.1.5.bb +++ b/meta/recipes-devtools/llvm/llvm_18.1.5.bb @@ -25,6 +25,7 @@ LLVM_RELEASE = "${PV}" SRC_URI = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz \ file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \ file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \ + file://0002-llvm-Fix-CVE-2024-0151.patch;striplevel=2 \ file://llvm-config \ " SRC_URI[sha256sum] = "3591a52761a7d390ede51af01ea73abfecc4b1d16445f9d019b67a57edd7de56" From patchwork Thu Jul 4 12:26:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46003 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09BD4C30653 for ; Thu, 4 Jul 2024 12:27:26 +0000 (UTC) Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web11.8881.1720096043736990615 for ; Thu, 04 Jul 2024 05:27:23 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=kU41EZXM; spf=softfail (domain: sakoman.com, ip: 209.85.214.171, mailfrom: steve@sakoman.com) Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1fb3cf78fcaso1944265ad.1 for ; Thu, 04 Jul 2024 05:27:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096043; x=1720700843; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OT7RBzCxelSWL4Fo+gOMx+jqhO7ELbbMyJxPsBO/cec=; b=kU41EZXM4dJez38BKJGqjLp/lLSch21H+Iz337n2jRdHE+JFD85CUEqA6HBsQSBhFO wB4QM5w3rarf7PqAL83OA19eEfqKqO94PfWPRUPkj8Hc34fezjN0Z8ThkGEl01yTRAKf o9GqcXJgk+av2CsLeXJ1dZZre/Y5Or2qx7IPycJPgiBByMVijuUU0rAFIPxVY1Dpz+CO 62xjou13yocC5ZK8LR0j1VhYd+iIxzCeft69m6FyDfVC6TxL/elPu/McUJ4mcgjuyjVv pGfBZdQJ0cJ77/CphdIX4j9gjH/HCErm+r4Y5jrtWVQEyddZNjQndtHy0IAlRlIdwLQn WIHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096043; x=1720700843; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OT7RBzCxelSWL4Fo+gOMx+jqhO7ELbbMyJxPsBO/cec=; b=Tf3QjKjyBECl9lox0fyI8u/7jsiXkPVKmmE61oQX2lxXtbv0/Ne4oikteqh1jCXCj3 PLrz+CgLR/j8hFDX2qWveTk7+T0ViAUTaHL3bIYrnxeLHXh0RFwoLMaSLqe/Ale290dy 5IPFcAR2DBT9RVy1PXNVV/szzeqWDcX4fOG2cLON1K6DWAfe7dRfFjJ9mF8PT69vvY8j VtbALKce+FcoC3sggiRb6EQoFtumtapYdIzXKDKNtJsKN4yIyc4anrAQt42uKOdgRD0x 9OehtrfxfDhEnNI0OYX/D+Nz39tjTXfN1xGQBdvPG56HawW3O7ZYpoEHB2+pb3dSFjNK v03Q== X-Gm-Message-State: AOJu0YxLia/2HtmdoxkLxLpQx6y+EFND7wudY1SJvXw6vDpA0Bwmijnc InMHYR9fwWPsepZcxzQhpUSuaksHCmOhx0GvmryDVhth4QkRkvsz62NJXMCozoVFpEuxd19uGmL x X-Google-Smtp-Source: AGHT+IGAcE9g0UQOdut31fI8cEMz3eQh/UJ/Q+9vtdJLIvwlrbc3QtL2bzlSgaqpse9dUL05TWp9RQ== X-Received: by 2002:a17:903:11d0:b0:1f6:e4ab:a1f4 with SMTP id d9443c01a7336-1fb33e051c1mr14840415ad.12.1720096042813; Thu, 04 Jul 2024 05:27:22 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:22 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 02/21] ruby: Fix CVE-2023-36617 Date: Thu, 4 Jul 2024 05:26:54 -0700 Message-Id: <959b2e5deae18969ffe1e9d90c901928bc47e332.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:26 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201545 From: Mingli Yu Backport two patches [1] [2] to fix CVE-2023-36617 [3]. [1] https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1 [2] https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8 [3] https://www.ruby-lang.org/en/news/2023/06/29/redos-in-uri-CVE-2023-36617/ Signed-off-by: Mingli Yu Signed-off-by: Steve Sakoman --- .../ruby/ruby/CVE-2023-36617_1.patch | 56 +++++++++++++++++++ .../ruby/ruby/CVE-2023-36617_2.patch | 52 +++++++++++++++++ meta/recipes-devtools/ruby/ruby_3.2.2.bb | 2 + 3 files changed, 110 insertions(+) create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch new file mode 100644 index 0000000000..17c7e30176 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch @@ -0,0 +1,56 @@ +From 2ebb50d2dc302917a6f57c1239dc9e700dfe0e34 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada +Date: Thu, 27 Jul 2023 15:53:01 +0800 +Subject: [PATCH] Fix quadratic backtracking on invalid relative URI + +https://hackerone.com/reports/1958260 + +CVE: CVE-2023-36617 + +Upstream-Status: Backport [https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1] + +Signed-off-by: Mingli Yu +--- + lib/uri/rfc2396_parser.rb | 4 ++-- + test/uri/test_parser.rb | 12 ++++++++++++ + 2 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb +index 76a8f99..00c66cf 100644 +--- a/lib/uri/rfc2396_parser.rb ++++ b/lib/uri/rfc2396_parser.rb +@@ -497,8 +497,8 @@ module URI + ret = {} + + # for URI::split +- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) +- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) ++ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) ++ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) + + # for URI::extract + ret[:URI_REF] = Regexp.new(pattern[:URI_REF]) +diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb +index 72fb590..721e05e 100644 +--- a/test/uri/test_parser.rb ++++ b/test/uri/test_parser.rb +@@ -79,4 +79,16 @@ class URI::TestParser < Test::Unit::TestCase + assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com")) + assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]")) + end ++ ++ def test_rfc2822_parse_relative_uri ++ pre = ->(length) { ++ " " * length + "\0" ++ } ++ parser = URI::RFC2396_Parser.new ++ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri| ++ assert_raise(URI::InvalidURIError) do ++ parser.split(uri) ++ end ++ end ++ end + end +-- +2.25.1 + diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch new file mode 100644 index 0000000000..7c51deaa42 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch @@ -0,0 +1,52 @@ +From eea5868120509c245216c4b5c2d4b5db1c593d0e Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada +Date: Thu, 27 Jul 2023 16:16:30 +0800 +Subject: [PATCH] Fix quadratic backtracking on invalid port number + +https://hackerone.com/reports/1958260 + +CVE: CVE-2023-36617 + +Upstream-Status: Backport [https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8] + +Signed-off-by: Mingli Yu +--- + lib/uri/rfc3986_parser.rb | 2 +- + test/uri/test_parser.rb | 10 ++++++++++ + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb +index dd24a40..9b1663d 100644 +--- a/lib/uri/rfc3986_parser.rb ++++ b/lib/uri/rfc3986_parser.rb +@@ -100,7 +100,7 @@ module URI + QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, + FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, + OPAQUE: /\A(?:[^\/].*)?\z/, +- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/, ++ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/, + } + end + +diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb +index 721e05e..cee0acb 100644 +--- a/test/uri/test_parser.rb ++++ b/test/uri/test_parser.rb +@@ -91,4 +91,14 @@ class URI::TestParser < Test::Unit::TestCase + end + end + end ++ ++ def test_rfc3986_port_check ++ pre = ->(length) {"\t" * length + "a"} ++ uri = URI.parse("http://my.example.com") ++ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port| ++ assert_raise(URI::InvalidComponentError) do ++ uri.port = port ++ end ++ end ++ end + end +-- +2.25.1 + diff --git a/meta/recipes-devtools/ruby/ruby_3.2.2.bb b/meta/recipes-devtools/ruby/ruby_3.2.2.bb index 481fe7c23d..d1359e388c 100644 --- a/meta/recipes-devtools/ruby/ruby_3.2.2.bb +++ b/meta/recipes-devtools/ruby/ruby_3.2.2.bb @@ -31,6 +31,8 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://0006-Make-gemspecs-reproducible.patch \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ file://0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch \ + file://CVE-2023-36617_1.patch \ + file://CVE-2023-36617_2.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/" From patchwork Thu Jul 4 12:26:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46002 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D54BC3271E for ; Thu, 4 Jul 2024 12:27:26 +0000 (UTC) Received: from mail-pg1-f171.google.com (mail-pg1-f171.google.com [209.85.215.171]) by mx.groups.io with SMTP id smtpd.web10.8982.1720096045418174752 for ; Thu, 04 Jul 2024 05:27:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Qe9d+I+4; spf=softfail (domain: sakoman.com, ip: 209.85.215.171, mailfrom: steve@sakoman.com) Received: by mail-pg1-f171.google.com with SMTP id 41be03b00d2f7-70df2135426so336170a12.2 for ; Thu, 04 Jul 2024 05:27:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096045; x=1720700845; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GKdXdVdR1Dk6VprNbBYH+9K3POqDgQB5T28ISlNJRm4=; b=Qe9d+I+40wkMx9m/tx6W1IYmbkZZCm57aq64Odl2jyCtBhJm7AYPrG0h26f+DeQz94 FC3eGOiSgjulQr1iJ4JEL+crxm2U5u1nRoIH2++lw/800l3EFs3QmyJsIL1w+iZ9Ug5e 3x9sUGmTwrwNnGkgoDghh/AdxdtBxBacHngOedstevDbz5Y8tjYlRgsOUhBKwELHSvJJ OvBtOcSwHdpsHoX6R8zpelMAvLlUxPRb0Y3KiCxGyx34qdFMTnq+Zk3/n5jUnFCNi+Gp nzSz4zgwfEEGazYdyyI01OiTYaz4AioyYOGYSPKz4u4gPQ2W6sbsgKEqwWURM7jICNnd fxuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096045; x=1720700845; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GKdXdVdR1Dk6VprNbBYH+9K3POqDgQB5T28ISlNJRm4=; b=BV87lH5d827WlYgAz9EIjvdpU0IQSGm9TjI2ETB14vP9ewXhpU/o5z4ZzN0/u8IO2Z 8Hcc8DKeYXooQcMQ5I7YSfsxbcF1WyNLuGQbYDLz3Q952bhCm/G2Ea3yTpq4mdCsVxg7 oKODrYMyetc4GGwQ8waZyX5niUXCir7K9lLXFdM7xEwj9umoO33chxT19Hvzy39u2hBO 8PwTbktzASmSzjOBwWHTY62xFy5M3ZtIgoT/g4hWvOOB7PM/1MPgA8kXGo9w2sKiaIu8 vc03hp154WxMp1aNFVjMSjmdffh7I3yF22jL+rrmK12JW1I7kMFpc9G7NJZmYYxAW+Re NCqw== X-Gm-Message-State: AOJu0YzLsQBBlbotHr+4EU1xIE193GVDswaVu1W62VsJfglF68zPt2LG aq4vPxDb3Dcii9A3hcHME6t4CiiQcrJ6Q38slLoJY5VP1L8J6daSCGcYuambCcPbL49G+WCsl8c x X-Google-Smtp-Source: AGHT+IG7gmQPtVXIzWFQit4r0qKnjMpaBwYH2n7msTghMg7AplaIlomPmX6X7+MmlWzfgDZ+kkuGQQ== X-Received: by 2002:a05:6a20:da84:b0:1be:d74c:dd5a with SMTP id adf61e73a8af0-1c0cc74bdaamr1213792637.23.1720096044494; Thu, 04 Jul 2024 05:27:24 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:24 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 03/21] openssh: fix CVE-2024-6387 Date: Thu, 4 Jul 2024 05:26:55 -0700 Message-Id: <39537bf4f9c0e25c63e984da367e6915da986ff5.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:26 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201546 From: Jose Quaresma sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive). Race condition resulting in potential remote code execution. A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems. This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config) though this makes denial-of service against sshd(8) considerably easier. For more information, please refer to the release notes [1] and the report from the Qualys Security Advisory Team [2] who discovered the bug. [1] https://www.openssh.com/txt/release-9.8 [2] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt References: https://www.openssh.com/security.html Signed-off-by: Jose Quaresma Signed-off-by: Steve Sakoman --- .../openssh/openssh/CVE-2024-6387.patch | 27 +++++++++++++++++++ .../openssh/openssh_9.6p1.bb | 1 + 2 files changed, 28 insertions(+) create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch new file mode 100644 index 0000000000..3e7c707100 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch @@ -0,0 +1,27 @@ +Description: fix signal handler race condition +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2070497 + +CVE: CVE-2024-6387 + +Upstream-Status: Backport +https://git.launchpad.net/ubuntu/+source/openssh/commit/?h=applied/ubuntu/jammy-devel&id=b059bcfa928df4ff2d103ae2e8f4e3136ee03efc + +Signed-off-by: Jose Quaresma + +--- a/log.c ++++ b/log.c +@@ -452,12 +452,14 @@ void + sshsigdie(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) + { ++#if 0 + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, + suffix, fmt, args); + va_end(args); ++#endif + _exit(1); + } + diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb index d941664b41..3cdf0327b0 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb @@ -27,6 +27,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://add-test-support-for-busybox.patch \ file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ + file://CVE-2024-6387.patch \ " SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" From patchwork Thu Jul 4 12:26:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46006 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1A591C3271E for ; Thu, 4 Jul 2024 12:27:36 +0000 (UTC) Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) by mx.groups.io with SMTP id smtpd.web11.8885.1720096048768532570 for ; Thu, 04 Jul 2024 05:27:28 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=YBNABf0O; spf=softfail (domain: sakoman.com, ip: 209.85.215.174, mailfrom: steve@sakoman.com) Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-71871d5e087so355662a12.1 for ; Thu, 04 Jul 2024 05:27:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096048; x=1720700848; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Lq+tuQseRB9JZ5B5RTIUdyFm3vK+YolSZKnp4StdQpQ=; b=YBNABf0ORsljmAKhzB5+RdlbH9Xv+97oTrsh4XOjIaxnyCWmrpdpWUzQ0+zFFO7iMw zKG4onpQeDtPZvF4himpT7pFZA9pRokyxS260pTVLDOZY1uTXGxHAIttivzRVg2VZ5Ig Z64Rt/nlfHMYI8uRc+dzd76b6UD76iCdXUbxKWGaJvbI7u3Lld5wor+GRZ8gBgTDNk+l si8Cn46zIlyhS+nR3go/A23rZmX9nyiG39sllCG5XSsR/vQoAjJvEjqHRMkfKYfxbZ8b IbsbQc7mon2ExsldhOh3+Yb7PBrNsi1oxkF8suyoENAVN0/XU/E27d4W9wPnhZhR6o/o 1t/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096048; x=1720700848; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Lq+tuQseRB9JZ5B5RTIUdyFm3vK+YolSZKnp4StdQpQ=; b=WBOUJmbMuTQbVvL5Xa2YQSOgn+x2HhK6QBBHpm2exeN4qfgM/0hCyyVtFBeoUO3z3n tX3qazGQRQkjLXETXRMHMWQ2fj9zsdUYiTIvnako7n+csBR464Cih6+2Yn0bgSaAZzqD dg+q+ec//TWS/vvG5MNAyRVS0+5LHxvZp6MUeKuV7ujLezedh0cPNMk7vi5L54uR1rBI dUFZ5Recr9+znBs0PPlW/WH3NJYoYxz9PMIrpaMzYbmwsPra6Y8dcP8M9oj5ktf3hrLq oN5IkgrSs5a958OJb1McltsproKhcfksYMU+wFrgXFmxRCiF5aZiYaFpEdszXrbTBB5X 3ZqA== X-Gm-Message-State: AOJu0YylWCd2YwpVadhsNagchNhLjdgia0EU2DMV8kzGXHvgUU6ybdGH CF2Ml7prL27ZczV0f/1N6fNN2uP+28Xq60IkuWwNREvUDVCGNdsPag+VIBDt4Pvny1cfogvZu4P h X-Google-Smtp-Source: AGHT+IH+K8xPg3LVXvGTGCT2yYFlzkcIRmdOUSrPcOGm+l5Au+cWGON0YrGg4cXOR4W7/11Oly0zMQ== X-Received: by 2002:a05:6a20:258c:b0:1bd:27d4:afd1 with SMTP id adf61e73a8af0-1c0cc727e04mr1650871637.10.1720096046508; Thu, 04 Jul 2024 05:27:26 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:26 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 04/21] OpenSSL: Security fix for CVE-2024-5535 Date: Thu, 4 Jul 2024 05:26:56 -0700 Message-Id: <7d270bfe23cb5a543851ff6d3c9e273732a30865.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201547 From: Siddharth Doshi Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e] CVE's Fixed: CVE-2024-5535 openssl: SSL_select_next_proto buffer overread Signed-off-by: Siddharth Doshi Signed-off-by: Steve Sakoman --- .../openssl/openssl/CVE-2024-5535_1.patch | 113 ++ .../openssl/openssl/CVE-2024-5535_10.patch | 203 +++ .../openssl/openssl/CVE-2024-5535_2.patch | 43 + .../openssl/openssl/CVE-2024-5535_3.patch | 38 + .../openssl/openssl/CVE-2024-5535_4.patch | 82 ++ .../openssl/openssl/CVE-2024-5535_5.patch | 176 +++ .../openssl/openssl/CVE-2024-5535_6.patch | 1173 +++++++++++++++++ .../openssl/openssl/CVE-2024-5535_7.patch | 43 + .../openssl/openssl/CVE-2024-5535_8.patch | 66 + .../openssl/openssl/CVE-2024-5535_9.patch | 271 ++++ .../openssl/openssl_3.2.2.bb | 10 + 11 files changed, 2218 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch new file mode 100644 index 0000000000..d5c178eeab --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch @@ -0,0 +1,113 @@ +From b63b4db52e10677db4ab46b608aabd55a44668aa Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 31 May 2024 11:14:33 +0100 +Subject: [PATCH 01/10] Fix SSL_select_next_proto + +Ensure that the provided client list is non-NULL and starts with a valid +entry. When called from the ALPN callback the client list should already +have been validated by OpenSSL so this should not cause a problem. When +called from the NPN callback the client list is locally configured and +will not have already been validated. Therefore SSL_select_next_proto +should not assume that it is correctly formatted. + +We implement stricter checking of the client protocol list. We also do the +same for the server list while we are about it. + +CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + ssl/ssl_lib.c | 63 ++++++++++++++++++++++++++++++++------------------- + 1 file changed, 40 insertions(+), 23 deletions(-) + +diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c +index 016135f..cf52b31 100644 +--- a/ssl/ssl_lib.c ++++ b/ssl/ssl_lib.c +@@ -3518,37 +3518,54 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, + unsigned int server_len, + const unsigned char *client, unsigned int client_len) + { +- unsigned int i, j; +- const unsigned char *result; +- int status = OPENSSL_NPN_UNSUPPORTED; ++ PACKET cpkt, csubpkt, spkt, ssubpkt; ++ ++ if (!PACKET_buf_init(&cpkt, client, client_len) ++ || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt) ++ || PACKET_remaining(&csubpkt) == 0) { ++ *out = NULL; ++ *outlen = 0; ++ return OPENSSL_NPN_NO_OVERLAP; ++ } ++ ++ /* ++ * Set the default opportunistic protocol. Will be overwritten if we find ++ * a match. ++ */ ++ *out = (unsigned char *)PACKET_data(&csubpkt); ++ *outlen = (unsigned char)PACKET_remaining(&csubpkt); + + /* + * For each protocol in server preference order, see if we support it. + */ +- for (i = 0; i < server_len;) { +- for (j = 0; j < client_len;) { +- if (server[i] == client[j] && +- memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) { +- /* We found a match */ +- result = &server[i]; +- status = OPENSSL_NPN_NEGOTIATED; +- goto found; ++ if (PACKET_buf_init(&spkt, server, server_len)) { ++ while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) { ++ if (PACKET_remaining(&ssubpkt) == 0) ++ continue; /* Invalid - ignore it */ ++ if (PACKET_buf_init(&cpkt, client, client_len)) { ++ while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) { ++ if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt), ++ PACKET_remaining(&ssubpkt))) { ++ /* We found a match */ ++ *out = (unsigned char *)PACKET_data(&ssubpkt); ++ *outlen = (unsigned char)PACKET_remaining(&ssubpkt); ++ return OPENSSL_NPN_NEGOTIATED; ++ } ++ } ++ /* Ignore spurious trailing bytes in the client list */ ++ } else { ++ /* This should never happen */ ++ return OPENSSL_NPN_NO_OVERLAP; + } +- j += client[j]; +- j++; + } +- i += server[i]; +- i++; ++ /* Ignore spurious trailing bytes in the server list */ + } + +- /* There's no overlap between our protocols and the server's list. */ +- result = client; +- status = OPENSSL_NPN_NO_OVERLAP; +- +- found: +- *out = (unsigned char *)result + 1; +- *outlen = result[0]; +- return status; ++ /* ++ * There's no overlap between our protocols and the server's list. We use ++ * the default opportunistic protocol selected earlier ++ */ ++ return OPENSSL_NPN_NO_OVERLAP; + } + + #ifndef OPENSSL_NO_NEXTPROTONEG +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch new file mode 100644 index 0000000000..7cc36f20ab --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch @@ -0,0 +1,203 @@ +From 61cad53901703944d22f1cd6a1b57460f2270599 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 21 Jun 2024 14:29:26 +0100 +Subject: [PATCH 10/10] Add a test for an empty NextProto message + +It is valid according to the spec for a NextProto message to have no +protocols listed in it. The OpenSSL implementation however does not allow +us to create such a message. In order to check that we work as expected +when communicating with a client that does generate such messages we have +to use a TLSProxy test. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/301b870546d1c7b2d8f0d66e04a2596142f0399f] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + test/recipes/70-test_npn.t | 73 +++++++++++++++++++++++++++++++++ + util/perl/TLSProxy/Message.pm | 9 ++++ + util/perl/TLSProxy/NextProto.pm | 54 ++++++++++++++++++++++++ + util/perl/TLSProxy/Proxy.pm | 1 + + 4 files changed, 137 insertions(+) + create mode 100644 test/recipes/70-test_npn.t + create mode 100644 util/perl/TLSProxy/NextProto.pm + +diff --git a/test/recipes/70-test_npn.t b/test/recipes/70-test_npn.t +new file mode 100644 +index 0000000..f82e71a +--- /dev/null ++++ b/test/recipes/70-test_npn.t +@@ -0,0 +1,73 @@ ++#! /usr/bin/env perl ++# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++use strict; ++use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file/; ++use OpenSSL::Test::Utils; ++ ++use TLSProxy::Proxy; ++ ++my $test_name = "test_npn"; ++setup($test_name); ++ ++plan skip_all => "TLSProxy isn't usable on $^O" ++ if $^O =~ /^(VMS)$/; ++ ++plan skip_all => "$test_name needs the dynamic engine feature enabled" ++ if disabled("engine") || disabled("dynamic-engine"); ++ ++plan skip_all => "$test_name needs the sock feature enabled" ++ if disabled("sock"); ++ ++plan skip_all => "$test_name needs NPN enabled" ++ if disabled("nextprotoneg"); ++ ++plan skip_all => "$test_name needs TLSv1.2 enabled" ++ if disabled("tls1_2"); ++ ++my $proxy = TLSProxy::Proxy->new( ++ undef, ++ cmdstr(app(["openssl"]), display => 1), ++ srctop_file("apps", "server.pem"), ++ (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ++); ++ ++$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; ++plan tests => 1; ++ ++my $npnseen = 0; ++ ++# Test 1: Check sending an empty NextProto message from the client works. This is ++# valid as per the spec, but OpenSSL does not allow you to send it. ++# Therefore we must be prepared to receive such a message but we cannot ++# generate it except via TLSProxy ++$proxy->clear(); ++$proxy->filter(\&npn_filter); ++$proxy->clientflags("-nextprotoneg foo -no_tls1_3"); ++$proxy->serverflags("-nextprotoneg foo"); ++$proxy->start(); ++ok($npnseen && TLSProxy::Message->success(), "Empty NPN message"); ++ ++sub npn_filter ++{ ++ my $proxy = shift; ++ my $message; ++ ++ # The NextProto message always appears in flight 2 ++ return if $proxy->flight != 2; ++ ++ foreach my $message (@{$proxy->message_list}) { ++ if ($message->mt == TLSProxy::Message::MT_NEXT_PROTO) { ++ # Our TLSproxy NextProto message support doesn't support parsing of ++ # the message. If we repack it just creates an empty NextProto ++ # message - which is exactly the scenario we want to test here. ++ $message->repack(); ++ $npnseen = 1; ++ } ++ } ++} +diff --git a/util/perl/TLSProxy/Message.pm b/util/perl/TLSProxy/Message.pm +index ce22187..fb41b2f 100644 +--- a/util/perl/TLSProxy/Message.pm ++++ b/util/perl/TLSProxy/Message.pm +@@ -384,6 +384,15 @@ sub create_message + [@message_frag_lens] + ); + $message->parse(); ++ } elsif ($mt == MT_NEXT_PROTO) { ++ $message = TLSProxy::NextProto->new( ++ $server, ++ $data, ++ [@message_rec_list], ++ $startoffset, ++ [@message_frag_lens] ++ ); ++ $message->parse(); + } else { + #Unknown message type + $message = TLSProxy::Message->new( +diff --git a/util/perl/TLSProxy/NextProto.pm b/util/perl/TLSProxy/NextProto.pm +new file mode 100644 +index 0000000..0e18347 +--- /dev/null ++++ b/util/perl/TLSProxy/NextProto.pm +@@ -0,0 +1,54 @@ ++# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++use strict; ++ ++package TLSProxy::NextProto; ++ ++use vars '@ISA'; ++push @ISA, 'TLSProxy::Message'; ++ ++sub new ++{ ++ my $class = shift; ++ my ($server, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens) = @_; ++ ++ my $self = $class->SUPER::new( ++ $server, ++ TLSProxy::Message::MT_NEXT_PROTO, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens); ++ ++ return $self; ++} ++ ++sub parse ++{ ++ # We don't support parsing at the moment ++} ++ ++# This is supposed to reconstruct the on-the-wire message data following changes. ++# For now though since we don't support parsing we just create an empty NextProto ++# message - this capability is used in test_npn ++sub set_message_contents ++{ ++ my $self = shift; ++ my $data; ++ ++ $data = pack("C32", 0x00, 0x1e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00); ++ $self->data($data); ++} ++1; +diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm +index 3de10ec..b707722 100644 +--- a/util/perl/TLSProxy/Proxy.pm ++++ b/util/perl/TLSProxy/Proxy.pm +@@ -23,6 +23,7 @@ use TLSProxy::CertificateRequest; + use TLSProxy::CertificateVerify; + use TLSProxy::ServerKeyExchange; + use TLSProxy::NewSessionTicket; ++use TLSProxy::NextProto; + + my $have_IPv6; + my $IP_factory; +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch new file mode 100644 index 0000000000..768304f00b --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch @@ -0,0 +1,43 @@ +From 6de1d37cd129b0af5b4a247c76f97b98e70b108b Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 31 May 2024 11:18:27 +0100 +Subject: [PATCH 02/10] More correctly handle a selected_len of 0 when + processing NPN + +In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but +the selected_len is 0 we should fail. Previously this would fail with an +internal_error alert because calling OPENSSL_malloc(selected_len) will +return NULL when selected_len is 0. We make this error detection more +explicit and return a handshake failure alert. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/015255851371757d54c2560643eb3b3a88123cf1] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + ssl/statem/extensions_clnt.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c +index 381a6c9..1ab3c13 100644 +--- a/ssl/statem/extensions_clnt.c ++++ b/ssl/statem/extensions_clnt.c +@@ -1560,8 +1560,8 @@ int tls_parse_stoc_npn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, + if (sctx->ext.npn_select_cb(SSL_CONNECTION_GET_SSL(s), + &selected, &selected_len, + PACKET_data(pkt), PACKET_remaining(pkt), +- sctx->ext.npn_select_cb_arg) != +- SSL_TLSEXT_ERR_OK) { ++ sctx->ext.npn_select_cb_arg) != SSL_TLSEXT_ERR_OK ++ || selected_len == 0) { + SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_EXTENSION); + return 0; + } +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch new file mode 100644 index 0000000000..d6d4d869be --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch @@ -0,0 +1,38 @@ +From 4f9334a33da89949f97927c8fe7df1003c42cda4 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 31 May 2024 11:22:13 +0100 +Subject: [PATCH 03/10] Use correctly formatted ALPN data in tserver + +The QUIC test server was using incorrectly formatted ALPN data. With the +previous implementation of SSL_select_next_proto this went unnoticed. With +the new stricter implemenation it was failing. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/6cc511826f09e513b4ec066d9b95acaf4f86d991] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + ssl/quic/quic_tserver.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/quic/quic_tserver.c b/ssl/quic/quic_tserver.c +index 86187d0..15694e7 100644 +--- a/ssl/quic/quic_tserver.c ++++ b/ssl/quic/quic_tserver.c +@@ -58,7 +58,7 @@ static int alpn_select_cb(SSL *ssl, const unsigned char **out, + + if (srv->args.alpn == NULL) { + alpn = alpndeflt; +- alpnlen = sizeof(alpn); ++ alpnlen = sizeof(alpndeflt); + } else { + alpn = srv->args.alpn; + alpnlen = srv->args.alpnlen; +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch new file mode 100644 index 0000000000..03fc1168f9 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch @@ -0,0 +1,82 @@ +From 5145a1f50e44c9f86127a76f01519a9f25157290 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 31 May 2024 11:46:38 +0100 +Subject: [PATCH 04/10] Clarify the SSL_select_next_proto() documentation + +We clarify the input preconditions and the expected behaviour in the event +of no overlap. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/8e81c57adbbf703dfb63955f65599765fdacc741] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + doc/man3/SSL_CTX_set_alpn_select_cb.pod | 26 +++++++++++++++++-------- + 1 file changed, 18 insertions(+), 8 deletions(-) + +diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod +index 05fee2f..79e1a25 100644 +--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod ++++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod +@@ -52,7 +52,8 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated + SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to + set the list of protocols available to be negotiated. The B must be in + protocol-list format, described below. The length of B is specified in +-B. ++B. Setting B to 0 clears any existing list of ALPN ++protocols and no ALPN extension will be sent to the server. + + SSL_CTX_set_alpn_select_cb() sets the application callback B used by a + server to select which protocol to use for the incoming connection. When B +@@ -73,9 +74,16 @@ B and B, B must be in the protocol-list format + described below. The first item in the B, B list that + matches an item in the B, B list is selected, and returned + in B, B. The B value will point into either B or +-B, so it should be copied immediately. If no match is found, the first +-item in B, B is returned in B, B. This +-function can also be used in the NPN callback. ++B, so it should be copied immediately. The client list must include at ++least one valid (nonempty) protocol entry in the list. ++ ++The SSL_select_next_proto() helper function can be useful from either the ALPN ++callback or the NPN callback (described below). If no match is found, the first ++item in B, B is returned in B, B and ++B is returned. This can be useful when implementating ++the NPN callback. In the ALPN case, the value returned in B and B ++must be ignored if B has been returned from ++SSL_select_next_proto(). + + SSL_CTX_set_next_proto_select_cb() sets a callback B that is called when a + client needs to select a protocol from the server's provided list, and a +@@ -85,9 +93,10 @@ must be set to point to the selected protocol (which may be within B). + The length of the protocol name must be written into B. The + server's advertised protocols are provided in B and B. The + callback can assume that B is syntactically valid. The client must +-select a protocol. It is fatal to the connection if this callback returns +-a value other than B. The B parameter is the pointer +-set via SSL_CTX_set_next_proto_select_cb(). ++select a protocol (although it may be an empty, zero length protocol). It is ++fatal to the connection if this callback returns a value other than ++B or if the zero length protocol is selected. The B ++parameter is the pointer set via SSL_CTX_set_next_proto_select_cb(). + + SSL_CTX_set_next_protos_advertised_cb() sets a callback B that is called + when a TLS server needs a list of supported protocols for Next Protocol +@@ -154,7 +163,8 @@ A match was found and is returned in B, B. + =item OPENSSL_NPN_NO_OVERLAP + + No match was found. The first item in B, B is returned in +-B, B. ++B, B (or B and 0 in the case where the first entry in ++B is invalid). + + =back + +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch new file mode 100644 index 0000000000..e439d9b59a --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch @@ -0,0 +1,176 @@ +From 01d44bc7f50670002cad495654fd99a6371d7662 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 31 May 2024 16:35:16 +0100 +Subject: [PATCH 05/10] Add a test for SSL_select_next_proto + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/add5c52a25c549cec4a730cdf96e2252f0a1862d] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + test/sslapitest.c | 137 ++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 137 insertions(+) + +diff --git a/test/sslapitest.c b/test/sslapitest.c +index ce16332..15cb906 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -11741,6 +11741,142 @@ static int test_multi_resume(int idx) + return testresult; + } + ++static struct next_proto_st { ++ int serverlen; ++ unsigned char server[40]; ++ int clientlen; ++ unsigned char client[40]; ++ int expected_ret; ++ size_t selectedlen; ++ unsigned char selected[40]; ++} next_proto_tests[] = { ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 7, { 3, 'a', 'b', 'c', 2, 'a', 'b' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c', }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 7, { 3, 'a', 'b', 'c', 2, 'a', 'b', }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c'}, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 7, { 2, 'b', 'c', 3, 'a', 'b', 'c' }, ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c'}, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 10, { 2, 'b', 'c', 3, 'a', 'b', 'c', 2, 'a', 'b' }, ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c'}, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'b', 'c', 'd' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 0, { 0 }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ -1, { 0 }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 0, { 0 }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 0, { 0 } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ -1, { 0 }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 0, { 0 } ++ }, ++ { ++ 3, { 3, 'a', 'b', 'c' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 3, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 0, { 0 } ++ } ++}; ++ ++static int test_select_next_proto(int idx) ++{ ++ struct next_proto_st *np = &next_proto_tests[idx]; ++ int ret = 0; ++ unsigned char *out, *client, *server; ++ unsigned char outlen; ++ unsigned int clientlen, serverlen; ++ ++ if (np->clientlen == -1) { ++ client = NULL; ++ clientlen = 0; ++ } else { ++ client = np->client; ++ clientlen = (unsigned int)np->clientlen; ++ } ++ if (np->serverlen == -1) { ++ server = NULL; ++ serverlen = 0; ++ } else { ++ server = np->server; ++ serverlen = (unsigned int)np->serverlen; ++ } ++ ++ if (!TEST_int_eq(SSL_select_next_proto(&out, &outlen, server, serverlen, ++ client, clientlen), ++ np->expected_ret)) ++ goto err; ++ ++ if (np->selectedlen == 0) { ++ if (!TEST_ptr_null(out) || !TEST_uchar_eq(outlen, 0)) ++ goto err; ++ } else { ++ if (!TEST_mem_eq(out, outlen, np->selected, np->selectedlen)) ++ goto err; ++ } ++ ++ ret = 1; ++ err: ++ return ret; ++} ++ + OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n") + + int setup_tests(void) +@@ -12053,6 +12189,7 @@ int setup_tests(void) + ADD_ALL_TESTS(test_handshake_retry, 16); + ADD_TEST(test_data_retry); + ADD_ALL_TESTS(test_multi_resume, 5); ++ ADD_ALL_TESTS(test_select_next_proto, OSSL_NELEM(next_proto_tests)); + return 1; + + err: +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch new file mode 100644 index 0000000000..df24702fa6 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch @@ -0,0 +1,1173 @@ +From e344d0b5860560ffa59415ea4028ba7760b2a773 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 4 Jun 2024 15:47:32 +0100 +Subject: [PATCH 06/10] Allow an empty NPN/ALPN protocol list in the tests + +Allow ourselves to configure an empty NPN/ALPN protocol list and test what +happens if we do. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/7ea1f6a85b299b976cb3f756b2a7f0153f31b2b6] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + test/helpers/handshake.c | 6 + + test/ssl-tests/08-npn.cnf | 553 +++++++++++++++++++--------------- + test/ssl-tests/08-npn.cnf.in | 35 +++ + test/ssl-tests/09-alpn.cnf | 66 +++- + test/ssl-tests/09-alpn.cnf.in | 33 ++ + 5 files changed, 449 insertions(+), 244 deletions(-) + +diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c +index ae2ad59..b66b2f5 100644 +--- a/test/helpers/handshake.c ++++ b/test/helpers/handshake.c +@@ -444,6 +444,12 @@ static int parse_protos(const char *protos, unsigned char **out, size_t *outlen) + + len = strlen(protos); + ++ if (len == 0) { ++ *out = NULL; ++ *outlen = 0; ++ return 1; ++ } ++ + /* Should never have reuse. */ + if (!TEST_ptr_null(*out) + /* Test values are small, so we omit length limit checks. */ +diff --git a/test/ssl-tests/08-npn.cnf b/test/ssl-tests/08-npn.cnf +index f38b3f6..1931d02 100644 +--- a/test/ssl-tests/08-npn.cnf ++++ b/test/ssl-tests/08-npn.cnf +@@ -1,6 +1,6 @@ + # Generated with generate_ssl_tests.pl + +-num_tests = 20 ++num_tests = 22 + + test-0 = 0-npn-simple + test-1 = 1-npn-client-finds-match +@@ -8,20 +8,22 @@ test-2 = 2-npn-client-honours-server-pref + test-3 = 3-npn-client-first-pref-on-mismatch + test-4 = 4-npn-no-server-support + test-5 = 5-npn-no-client-support +-test-6 = 6-npn-with-sni-no-context-switch +-test-7 = 7-npn-with-sni-context-switch +-test-8 = 8-npn-selected-sni-server-supports-npn +-test-9 = 9-npn-selected-sni-server-does-not-support-npn +-test-10 = 10-alpn-preferred-over-npn +-test-11 = 11-sni-npn-preferred-over-alpn +-test-12 = 12-npn-simple-resumption +-test-13 = 13-npn-server-switch-resumption +-test-14 = 14-npn-client-switch-resumption +-test-15 = 15-npn-client-first-pref-on-mismatch-resumption +-test-16 = 16-npn-no-server-support-resumption +-test-17 = 17-npn-no-client-support-resumption +-test-18 = 18-alpn-preferred-over-npn-resumption +-test-19 = 19-npn-used-if-alpn-not-supported-resumption ++test-6 = 6-npn-empty-client-list ++test-7 = 7-npn-empty-server-list ++test-8 = 8-npn-with-sni-no-context-switch ++test-9 = 9-npn-with-sni-context-switch ++test-10 = 10-npn-selected-sni-server-supports-npn ++test-11 = 11-npn-selected-sni-server-does-not-support-npn ++test-12 = 12-alpn-preferred-over-npn ++test-13 = 13-sni-npn-preferred-over-alpn ++test-14 = 14-npn-simple-resumption ++test-15 = 15-npn-server-switch-resumption ++test-16 = 16-npn-client-switch-resumption ++test-17 = 17-npn-client-first-pref-on-mismatch-resumption ++test-18 = 18-npn-no-server-support-resumption ++test-19 = 19-npn-no-client-support-resumption ++test-20 = 20-alpn-preferred-over-npn-resumption ++test-21 = 21-npn-used-if-alpn-not-supported-resumption + # =========================================================== + + [0-npn-simple] +@@ -206,253 +208,318 @@ NPNProtocols = foo + + # =========================================================== + +-[6-npn-with-sni-no-context-switch] +-ssl_conf = 6-npn-with-sni-no-context-switch-ssl ++[6-npn-empty-client-list] ++ssl_conf = 6-npn-empty-client-list-ssl + +-[6-npn-with-sni-no-context-switch-ssl] +-server = 6-npn-with-sni-no-context-switch-server +-client = 6-npn-with-sni-no-context-switch-client +-server2 = 6-npn-with-sni-no-context-switch-server2 ++[6-npn-empty-client-list-ssl] ++server = 6-npn-empty-client-list-server ++client = 6-npn-empty-client-list-client + +-[6-npn-with-sni-no-context-switch-server] ++[6-npn-empty-client-list-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[6-npn-with-sni-no-context-switch-server2] ++[6-npn-empty-client-list-client] ++CipherString = DEFAULT ++MaxProtocol = TLSv1.2 ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-6] ++ExpectedClientAlert = HandshakeFailure ++ExpectedResult = ClientFail ++server = 6-npn-empty-client-list-server-extra ++client = 6-npn-empty-client-list-client-extra ++ ++[6-npn-empty-client-list-server-extra] ++NPNProtocols = foo ++ ++[6-npn-empty-client-list-client-extra] ++NPNProtocols = ++ ++ ++# =========================================================== ++ ++[7-npn-empty-server-list] ++ssl_conf = 7-npn-empty-server-list-ssl ++ ++[7-npn-empty-server-list-ssl] ++server = 7-npn-empty-server-list-server ++client = 7-npn-empty-server-list-client ++ ++[7-npn-empty-server-list-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[6-npn-with-sni-no-context-switch-client] ++[7-npn-empty-server-list-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-6] ++[test-7] ++ExpectedNPNProtocol = foo ++server = 7-npn-empty-server-list-server-extra ++client = 7-npn-empty-server-list-client-extra ++ ++[7-npn-empty-server-list-server-extra] ++NPNProtocols = ++ ++[7-npn-empty-server-list-client-extra] ++NPNProtocols = foo ++ ++ ++# =========================================================== ++ ++[8-npn-with-sni-no-context-switch] ++ssl_conf = 8-npn-with-sni-no-context-switch-ssl ++ ++[8-npn-with-sni-no-context-switch-ssl] ++server = 8-npn-with-sni-no-context-switch-server ++client = 8-npn-with-sni-no-context-switch-client ++server2 = 8-npn-with-sni-no-context-switch-server2 ++ ++[8-npn-with-sni-no-context-switch-server] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[8-npn-with-sni-no-context-switch-server2] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[8-npn-with-sni-no-context-switch-client] ++CipherString = DEFAULT ++MaxProtocol = TLSv1.2 ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-8] + ExpectedNPNProtocol = foo + ExpectedServerName = server1 +-server = 6-npn-with-sni-no-context-switch-server-extra +-server2 = 6-npn-with-sni-no-context-switch-server2-extra +-client = 6-npn-with-sni-no-context-switch-client-extra ++server = 8-npn-with-sni-no-context-switch-server-extra ++server2 = 8-npn-with-sni-no-context-switch-server2-extra ++client = 8-npn-with-sni-no-context-switch-client-extra + +-[6-npn-with-sni-no-context-switch-server-extra] ++[8-npn-with-sni-no-context-switch-server-extra] + NPNProtocols = foo + ServerNameCallback = IgnoreMismatch + +-[6-npn-with-sni-no-context-switch-server2-extra] ++[8-npn-with-sni-no-context-switch-server2-extra] + NPNProtocols = bar + +-[6-npn-with-sni-no-context-switch-client-extra] ++[8-npn-with-sni-no-context-switch-client-extra] + NPNProtocols = foo,bar + ServerName = server1 + + + # =========================================================== + +-[7-npn-with-sni-context-switch] +-ssl_conf = 7-npn-with-sni-context-switch-ssl ++[9-npn-with-sni-context-switch] ++ssl_conf = 9-npn-with-sni-context-switch-ssl + +-[7-npn-with-sni-context-switch-ssl] +-server = 7-npn-with-sni-context-switch-server +-client = 7-npn-with-sni-context-switch-client +-server2 = 7-npn-with-sni-context-switch-server2 ++[9-npn-with-sni-context-switch-ssl] ++server = 9-npn-with-sni-context-switch-server ++client = 9-npn-with-sni-context-switch-client ++server2 = 9-npn-with-sni-context-switch-server2 + +-[7-npn-with-sni-context-switch-server] ++[9-npn-with-sni-context-switch-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[7-npn-with-sni-context-switch-server2] ++[9-npn-with-sni-context-switch-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[7-npn-with-sni-context-switch-client] ++[9-npn-with-sni-context-switch-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-7] ++[test-9] + ExpectedNPNProtocol = bar + ExpectedServerName = server2 +-server = 7-npn-with-sni-context-switch-server-extra +-server2 = 7-npn-with-sni-context-switch-server2-extra +-client = 7-npn-with-sni-context-switch-client-extra ++server = 9-npn-with-sni-context-switch-server-extra ++server2 = 9-npn-with-sni-context-switch-server2-extra ++client = 9-npn-with-sni-context-switch-client-extra + +-[7-npn-with-sni-context-switch-server-extra] ++[9-npn-with-sni-context-switch-server-extra] + NPNProtocols = foo + ServerNameCallback = IgnoreMismatch + +-[7-npn-with-sni-context-switch-server2-extra] ++[9-npn-with-sni-context-switch-server2-extra] + NPNProtocols = bar + +-[7-npn-with-sni-context-switch-client-extra] ++[9-npn-with-sni-context-switch-client-extra] + NPNProtocols = foo,bar + ServerName = server2 + + + # =========================================================== + +-[8-npn-selected-sni-server-supports-npn] +-ssl_conf = 8-npn-selected-sni-server-supports-npn-ssl ++[10-npn-selected-sni-server-supports-npn] ++ssl_conf = 10-npn-selected-sni-server-supports-npn-ssl + +-[8-npn-selected-sni-server-supports-npn-ssl] +-server = 8-npn-selected-sni-server-supports-npn-server +-client = 8-npn-selected-sni-server-supports-npn-client +-server2 = 8-npn-selected-sni-server-supports-npn-server2 ++[10-npn-selected-sni-server-supports-npn-ssl] ++server = 10-npn-selected-sni-server-supports-npn-server ++client = 10-npn-selected-sni-server-supports-npn-client ++server2 = 10-npn-selected-sni-server-supports-npn-server2 + +-[8-npn-selected-sni-server-supports-npn-server] ++[10-npn-selected-sni-server-supports-npn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[8-npn-selected-sni-server-supports-npn-server2] ++[10-npn-selected-sni-server-supports-npn-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[8-npn-selected-sni-server-supports-npn-client] ++[10-npn-selected-sni-server-supports-npn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-8] ++[test-10] + ExpectedNPNProtocol = bar + ExpectedServerName = server2 +-server = 8-npn-selected-sni-server-supports-npn-server-extra +-server2 = 8-npn-selected-sni-server-supports-npn-server2-extra +-client = 8-npn-selected-sni-server-supports-npn-client-extra ++server = 10-npn-selected-sni-server-supports-npn-server-extra ++server2 = 10-npn-selected-sni-server-supports-npn-server2-extra ++client = 10-npn-selected-sni-server-supports-npn-client-extra + +-[8-npn-selected-sni-server-supports-npn-server-extra] ++[10-npn-selected-sni-server-supports-npn-server-extra] + ServerNameCallback = IgnoreMismatch + +-[8-npn-selected-sni-server-supports-npn-server2-extra] ++[10-npn-selected-sni-server-supports-npn-server2-extra] + NPNProtocols = bar + +-[8-npn-selected-sni-server-supports-npn-client-extra] ++[10-npn-selected-sni-server-supports-npn-client-extra] + NPNProtocols = foo,bar + ServerName = server2 + + + # =========================================================== + +-[9-npn-selected-sni-server-does-not-support-npn] +-ssl_conf = 9-npn-selected-sni-server-does-not-support-npn-ssl ++[11-npn-selected-sni-server-does-not-support-npn] ++ssl_conf = 11-npn-selected-sni-server-does-not-support-npn-ssl + +-[9-npn-selected-sni-server-does-not-support-npn-ssl] +-server = 9-npn-selected-sni-server-does-not-support-npn-server +-client = 9-npn-selected-sni-server-does-not-support-npn-client +-server2 = 9-npn-selected-sni-server-does-not-support-npn-server2 ++[11-npn-selected-sni-server-does-not-support-npn-ssl] ++server = 11-npn-selected-sni-server-does-not-support-npn-server ++client = 11-npn-selected-sni-server-does-not-support-npn-client ++server2 = 11-npn-selected-sni-server-does-not-support-npn-server2 + +-[9-npn-selected-sni-server-does-not-support-npn-server] ++[11-npn-selected-sni-server-does-not-support-npn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[9-npn-selected-sni-server-does-not-support-npn-server2] ++[11-npn-selected-sni-server-does-not-support-npn-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[9-npn-selected-sni-server-does-not-support-npn-client] ++[11-npn-selected-sni-server-does-not-support-npn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-9] ++[test-11] + ExpectedServerName = server2 +-server = 9-npn-selected-sni-server-does-not-support-npn-server-extra +-client = 9-npn-selected-sni-server-does-not-support-npn-client-extra ++server = 11-npn-selected-sni-server-does-not-support-npn-server-extra ++client = 11-npn-selected-sni-server-does-not-support-npn-client-extra + +-[9-npn-selected-sni-server-does-not-support-npn-server-extra] ++[11-npn-selected-sni-server-does-not-support-npn-server-extra] + NPNProtocols = bar + ServerNameCallback = IgnoreMismatch + +-[9-npn-selected-sni-server-does-not-support-npn-client-extra] ++[11-npn-selected-sni-server-does-not-support-npn-client-extra] + NPNProtocols = foo,bar + ServerName = server2 + + + # =========================================================== + +-[10-alpn-preferred-over-npn] +-ssl_conf = 10-alpn-preferred-over-npn-ssl ++[12-alpn-preferred-over-npn] ++ssl_conf = 12-alpn-preferred-over-npn-ssl + +-[10-alpn-preferred-over-npn-ssl] +-server = 10-alpn-preferred-over-npn-server +-client = 10-alpn-preferred-over-npn-client ++[12-alpn-preferred-over-npn-ssl] ++server = 12-alpn-preferred-over-npn-server ++client = 12-alpn-preferred-over-npn-client + +-[10-alpn-preferred-over-npn-server] ++[12-alpn-preferred-over-npn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[10-alpn-preferred-over-npn-client] ++[12-alpn-preferred-over-npn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-10] ++[test-12] + ExpectedALPNProtocol = foo +-server = 10-alpn-preferred-over-npn-server-extra +-client = 10-alpn-preferred-over-npn-client-extra ++server = 12-alpn-preferred-over-npn-server-extra ++client = 12-alpn-preferred-over-npn-client-extra + +-[10-alpn-preferred-over-npn-server-extra] ++[12-alpn-preferred-over-npn-server-extra] + ALPNProtocols = foo + NPNProtocols = bar + +-[10-alpn-preferred-over-npn-client-extra] ++[12-alpn-preferred-over-npn-client-extra] + ALPNProtocols = foo + NPNProtocols = bar + + + # =========================================================== + +-[11-sni-npn-preferred-over-alpn] +-ssl_conf = 11-sni-npn-preferred-over-alpn-ssl ++[13-sni-npn-preferred-over-alpn] ++ssl_conf = 13-sni-npn-preferred-over-alpn-ssl + +-[11-sni-npn-preferred-over-alpn-ssl] +-server = 11-sni-npn-preferred-over-alpn-server +-client = 11-sni-npn-preferred-over-alpn-client +-server2 = 11-sni-npn-preferred-over-alpn-server2 ++[13-sni-npn-preferred-over-alpn-ssl] ++server = 13-sni-npn-preferred-over-alpn-server ++client = 13-sni-npn-preferred-over-alpn-client ++server2 = 13-sni-npn-preferred-over-alpn-server2 + +-[11-sni-npn-preferred-over-alpn-server] ++[13-sni-npn-preferred-over-alpn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[11-sni-npn-preferred-over-alpn-server2] ++[13-sni-npn-preferred-over-alpn-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[11-sni-npn-preferred-over-alpn-client] ++[13-sni-npn-preferred-over-alpn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-11] ++[test-13] + ExpectedNPNProtocol = bar + ExpectedServerName = server2 +-server = 11-sni-npn-preferred-over-alpn-server-extra +-server2 = 11-sni-npn-preferred-over-alpn-server2-extra +-client = 11-sni-npn-preferred-over-alpn-client-extra ++server = 13-sni-npn-preferred-over-alpn-server-extra ++server2 = 13-sni-npn-preferred-over-alpn-server2-extra ++client = 13-sni-npn-preferred-over-alpn-client-extra + +-[11-sni-npn-preferred-over-alpn-server-extra] ++[13-sni-npn-preferred-over-alpn-server-extra] + ALPNProtocols = foo + ServerNameCallback = IgnoreMismatch + +-[11-sni-npn-preferred-over-alpn-server2-extra] ++[13-sni-npn-preferred-over-alpn-server2-extra] + NPNProtocols = bar + +-[11-sni-npn-preferred-over-alpn-client-extra] ++[13-sni-npn-preferred-over-alpn-client-extra] + ALPNProtocols = foo + NPNProtocols = bar + ServerName = server2 +@@ -460,356 +527,356 @@ ServerName = server2 + + # =========================================================== + +-[12-npn-simple-resumption] +-ssl_conf = 12-npn-simple-resumption-ssl ++[14-npn-simple-resumption] ++ssl_conf = 14-npn-simple-resumption-ssl + +-[12-npn-simple-resumption-ssl] +-server = 12-npn-simple-resumption-server +-client = 12-npn-simple-resumption-client +-resume-server = 12-npn-simple-resumption-server +-resume-client = 12-npn-simple-resumption-client ++[14-npn-simple-resumption-ssl] ++server = 14-npn-simple-resumption-server ++client = 14-npn-simple-resumption-client ++resume-server = 14-npn-simple-resumption-server ++resume-client = 14-npn-simple-resumption-client + +-[12-npn-simple-resumption-server] ++[14-npn-simple-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[12-npn-simple-resumption-client] ++[14-npn-simple-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-12] ++[test-14] + ExpectedNPNProtocol = foo + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 12-npn-simple-resumption-server-extra +-resume-server = 12-npn-simple-resumption-server-extra +-client = 12-npn-simple-resumption-client-extra +-resume-client = 12-npn-simple-resumption-client-extra ++server = 14-npn-simple-resumption-server-extra ++resume-server = 14-npn-simple-resumption-server-extra ++client = 14-npn-simple-resumption-client-extra ++resume-client = 14-npn-simple-resumption-client-extra + +-[12-npn-simple-resumption-server-extra] ++[14-npn-simple-resumption-server-extra] + NPNProtocols = foo + +-[12-npn-simple-resumption-client-extra] ++[14-npn-simple-resumption-client-extra] + NPNProtocols = foo + + + # =========================================================== + +-[13-npn-server-switch-resumption] +-ssl_conf = 13-npn-server-switch-resumption-ssl ++[15-npn-server-switch-resumption] ++ssl_conf = 15-npn-server-switch-resumption-ssl + +-[13-npn-server-switch-resumption-ssl] +-server = 13-npn-server-switch-resumption-server +-client = 13-npn-server-switch-resumption-client +-resume-server = 13-npn-server-switch-resumption-resume-server +-resume-client = 13-npn-server-switch-resumption-client ++[15-npn-server-switch-resumption-ssl] ++server = 15-npn-server-switch-resumption-server ++client = 15-npn-server-switch-resumption-client ++resume-server = 15-npn-server-switch-resumption-resume-server ++resume-client = 15-npn-server-switch-resumption-client + +-[13-npn-server-switch-resumption-server] ++[15-npn-server-switch-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[13-npn-server-switch-resumption-resume-server] ++[15-npn-server-switch-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[13-npn-server-switch-resumption-client] ++[15-npn-server-switch-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-13] ++[test-15] + ExpectedNPNProtocol = baz + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 13-npn-server-switch-resumption-server-extra +-resume-server = 13-npn-server-switch-resumption-resume-server-extra +-client = 13-npn-server-switch-resumption-client-extra +-resume-client = 13-npn-server-switch-resumption-client-extra ++server = 15-npn-server-switch-resumption-server-extra ++resume-server = 15-npn-server-switch-resumption-resume-server-extra ++client = 15-npn-server-switch-resumption-client-extra ++resume-client = 15-npn-server-switch-resumption-client-extra + +-[13-npn-server-switch-resumption-server-extra] ++[15-npn-server-switch-resumption-server-extra] + NPNProtocols = bar,foo + +-[13-npn-server-switch-resumption-resume-server-extra] ++[15-npn-server-switch-resumption-resume-server-extra] + NPNProtocols = baz,foo + +-[13-npn-server-switch-resumption-client-extra] ++[15-npn-server-switch-resumption-client-extra] + NPNProtocols = foo,bar,baz + + + # =========================================================== + +-[14-npn-client-switch-resumption] +-ssl_conf = 14-npn-client-switch-resumption-ssl ++[16-npn-client-switch-resumption] ++ssl_conf = 16-npn-client-switch-resumption-ssl + +-[14-npn-client-switch-resumption-ssl] +-server = 14-npn-client-switch-resumption-server +-client = 14-npn-client-switch-resumption-client +-resume-server = 14-npn-client-switch-resumption-server +-resume-client = 14-npn-client-switch-resumption-resume-client ++[16-npn-client-switch-resumption-ssl] ++server = 16-npn-client-switch-resumption-server ++client = 16-npn-client-switch-resumption-client ++resume-server = 16-npn-client-switch-resumption-server ++resume-client = 16-npn-client-switch-resumption-resume-client + +-[14-npn-client-switch-resumption-server] ++[16-npn-client-switch-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[14-npn-client-switch-resumption-client] ++[16-npn-client-switch-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[14-npn-client-switch-resumption-resume-client] ++[16-npn-client-switch-resumption-resume-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-14] ++[test-16] + ExpectedNPNProtocol = bar + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 14-npn-client-switch-resumption-server-extra +-resume-server = 14-npn-client-switch-resumption-server-extra +-client = 14-npn-client-switch-resumption-client-extra +-resume-client = 14-npn-client-switch-resumption-resume-client-extra ++server = 16-npn-client-switch-resumption-server-extra ++resume-server = 16-npn-client-switch-resumption-server-extra ++client = 16-npn-client-switch-resumption-client-extra ++resume-client = 16-npn-client-switch-resumption-resume-client-extra + +-[14-npn-client-switch-resumption-server-extra] ++[16-npn-client-switch-resumption-server-extra] + NPNProtocols = foo,bar,baz + +-[14-npn-client-switch-resumption-client-extra] ++[16-npn-client-switch-resumption-client-extra] + NPNProtocols = foo,baz + +-[14-npn-client-switch-resumption-resume-client-extra] ++[16-npn-client-switch-resumption-resume-client-extra] + NPNProtocols = bar,baz + + + # =========================================================== + +-[15-npn-client-first-pref-on-mismatch-resumption] +-ssl_conf = 15-npn-client-first-pref-on-mismatch-resumption-ssl ++[17-npn-client-first-pref-on-mismatch-resumption] ++ssl_conf = 17-npn-client-first-pref-on-mismatch-resumption-ssl + +-[15-npn-client-first-pref-on-mismatch-resumption-ssl] +-server = 15-npn-client-first-pref-on-mismatch-resumption-server +-client = 15-npn-client-first-pref-on-mismatch-resumption-client +-resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server +-resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client ++[17-npn-client-first-pref-on-mismatch-resumption-ssl] ++server = 17-npn-client-first-pref-on-mismatch-resumption-server ++client = 17-npn-client-first-pref-on-mismatch-resumption-client ++resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server ++resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client + +-[15-npn-client-first-pref-on-mismatch-resumption-server] ++[17-npn-client-first-pref-on-mismatch-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[15-npn-client-first-pref-on-mismatch-resumption-resume-server] ++[17-npn-client-first-pref-on-mismatch-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[15-npn-client-first-pref-on-mismatch-resumption-client] ++[17-npn-client-first-pref-on-mismatch-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-15] ++[test-17] + ExpectedNPNProtocol = foo + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 15-npn-client-first-pref-on-mismatch-resumption-server-extra +-resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra +-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra +-resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra ++server = 17-npn-client-first-pref-on-mismatch-resumption-server-extra ++resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra ++client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra ++resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra + +-[15-npn-client-first-pref-on-mismatch-resumption-server-extra] ++[17-npn-client-first-pref-on-mismatch-resumption-server-extra] + NPNProtocols = bar + +-[15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra] ++[17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra] + NPNProtocols = baz + +-[15-npn-client-first-pref-on-mismatch-resumption-client-extra] ++[17-npn-client-first-pref-on-mismatch-resumption-client-extra] + NPNProtocols = foo,bar + + + # =========================================================== + +-[16-npn-no-server-support-resumption] +-ssl_conf = 16-npn-no-server-support-resumption-ssl ++[18-npn-no-server-support-resumption] ++ssl_conf = 18-npn-no-server-support-resumption-ssl + +-[16-npn-no-server-support-resumption-ssl] +-server = 16-npn-no-server-support-resumption-server +-client = 16-npn-no-server-support-resumption-client +-resume-server = 16-npn-no-server-support-resumption-resume-server +-resume-client = 16-npn-no-server-support-resumption-client ++[18-npn-no-server-support-resumption-ssl] ++server = 18-npn-no-server-support-resumption-server ++client = 18-npn-no-server-support-resumption-client ++resume-server = 18-npn-no-server-support-resumption-resume-server ++resume-client = 18-npn-no-server-support-resumption-client + +-[16-npn-no-server-support-resumption-server] ++[18-npn-no-server-support-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[16-npn-no-server-support-resumption-resume-server] ++[18-npn-no-server-support-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[16-npn-no-server-support-resumption-client] ++[18-npn-no-server-support-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-16] ++[test-18] + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 16-npn-no-server-support-resumption-server-extra +-client = 16-npn-no-server-support-resumption-client-extra +-resume-client = 16-npn-no-server-support-resumption-client-extra ++server = 18-npn-no-server-support-resumption-server-extra ++client = 18-npn-no-server-support-resumption-client-extra ++resume-client = 18-npn-no-server-support-resumption-client-extra + +-[16-npn-no-server-support-resumption-server-extra] ++[18-npn-no-server-support-resumption-server-extra] + NPNProtocols = foo + +-[16-npn-no-server-support-resumption-client-extra] ++[18-npn-no-server-support-resumption-client-extra] + NPNProtocols = foo + + + # =========================================================== + +-[17-npn-no-client-support-resumption] +-ssl_conf = 17-npn-no-client-support-resumption-ssl ++[19-npn-no-client-support-resumption] ++ssl_conf = 19-npn-no-client-support-resumption-ssl + +-[17-npn-no-client-support-resumption-ssl] +-server = 17-npn-no-client-support-resumption-server +-client = 17-npn-no-client-support-resumption-client +-resume-server = 17-npn-no-client-support-resumption-server +-resume-client = 17-npn-no-client-support-resumption-resume-client ++[19-npn-no-client-support-resumption-ssl] ++server = 19-npn-no-client-support-resumption-server ++client = 19-npn-no-client-support-resumption-client ++resume-server = 19-npn-no-client-support-resumption-server ++resume-client = 19-npn-no-client-support-resumption-resume-client + +-[17-npn-no-client-support-resumption-server] ++[19-npn-no-client-support-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[17-npn-no-client-support-resumption-client] ++[19-npn-no-client-support-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[17-npn-no-client-support-resumption-resume-client] ++[19-npn-no-client-support-resumption-resume-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-17] ++[test-19] + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 17-npn-no-client-support-resumption-server-extra +-resume-server = 17-npn-no-client-support-resumption-server-extra +-client = 17-npn-no-client-support-resumption-client-extra ++server = 19-npn-no-client-support-resumption-server-extra ++resume-server = 19-npn-no-client-support-resumption-server-extra ++client = 19-npn-no-client-support-resumption-client-extra + +-[17-npn-no-client-support-resumption-server-extra] ++[19-npn-no-client-support-resumption-server-extra] + NPNProtocols = foo + +-[17-npn-no-client-support-resumption-client-extra] ++[19-npn-no-client-support-resumption-client-extra] + NPNProtocols = foo + + + # =========================================================== + +-[18-alpn-preferred-over-npn-resumption] +-ssl_conf = 18-alpn-preferred-over-npn-resumption-ssl ++[20-alpn-preferred-over-npn-resumption] ++ssl_conf = 20-alpn-preferred-over-npn-resumption-ssl + +-[18-alpn-preferred-over-npn-resumption-ssl] +-server = 18-alpn-preferred-over-npn-resumption-server +-client = 18-alpn-preferred-over-npn-resumption-client +-resume-server = 18-alpn-preferred-over-npn-resumption-resume-server +-resume-client = 18-alpn-preferred-over-npn-resumption-client ++[20-alpn-preferred-over-npn-resumption-ssl] ++server = 20-alpn-preferred-over-npn-resumption-server ++client = 20-alpn-preferred-over-npn-resumption-client ++resume-server = 20-alpn-preferred-over-npn-resumption-resume-server ++resume-client = 20-alpn-preferred-over-npn-resumption-client + +-[18-alpn-preferred-over-npn-resumption-server] ++[20-alpn-preferred-over-npn-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[18-alpn-preferred-over-npn-resumption-resume-server] ++[20-alpn-preferred-over-npn-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[18-alpn-preferred-over-npn-resumption-client] ++[20-alpn-preferred-over-npn-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-18] ++[test-20] + ExpectedALPNProtocol = foo + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 18-alpn-preferred-over-npn-resumption-server-extra +-resume-server = 18-alpn-preferred-over-npn-resumption-resume-server-extra +-client = 18-alpn-preferred-over-npn-resumption-client-extra +-resume-client = 18-alpn-preferred-over-npn-resumption-client-extra ++server = 20-alpn-preferred-over-npn-resumption-server-extra ++resume-server = 20-alpn-preferred-over-npn-resumption-resume-server-extra ++client = 20-alpn-preferred-over-npn-resumption-client-extra ++resume-client = 20-alpn-preferred-over-npn-resumption-client-extra + +-[18-alpn-preferred-over-npn-resumption-server-extra] ++[20-alpn-preferred-over-npn-resumption-server-extra] + NPNProtocols = bar + +-[18-alpn-preferred-over-npn-resumption-resume-server-extra] ++[20-alpn-preferred-over-npn-resumption-resume-server-extra] + ALPNProtocols = foo + NPNProtocols = baz + +-[18-alpn-preferred-over-npn-resumption-client-extra] ++[20-alpn-preferred-over-npn-resumption-client-extra] + ALPNProtocols = foo + NPNProtocols = bar,baz + + + # =========================================================== + +-[19-npn-used-if-alpn-not-supported-resumption] +-ssl_conf = 19-npn-used-if-alpn-not-supported-resumption-ssl ++[21-npn-used-if-alpn-not-supported-resumption] ++ssl_conf = 21-npn-used-if-alpn-not-supported-resumption-ssl + +-[19-npn-used-if-alpn-not-supported-resumption-ssl] +-server = 19-npn-used-if-alpn-not-supported-resumption-server +-client = 19-npn-used-if-alpn-not-supported-resumption-client +-resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server +-resume-client = 19-npn-used-if-alpn-not-supported-resumption-client ++[21-npn-used-if-alpn-not-supported-resumption-ssl] ++server = 21-npn-used-if-alpn-not-supported-resumption-server ++client = 21-npn-used-if-alpn-not-supported-resumption-client ++resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server ++resume-client = 21-npn-used-if-alpn-not-supported-resumption-client + +-[19-npn-used-if-alpn-not-supported-resumption-server] ++[21-npn-used-if-alpn-not-supported-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[19-npn-used-if-alpn-not-supported-resumption-resume-server] ++[21-npn-used-if-alpn-not-supported-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[19-npn-used-if-alpn-not-supported-resumption-client] ++[21-npn-used-if-alpn-not-supported-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-19] ++[test-21] + ExpectedNPNProtocol = baz + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 19-npn-used-if-alpn-not-supported-resumption-server-extra +-resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server-extra +-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra +-resume-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra ++server = 21-npn-used-if-alpn-not-supported-resumption-server-extra ++resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server-extra ++client = 21-npn-used-if-alpn-not-supported-resumption-client-extra ++resume-client = 21-npn-used-if-alpn-not-supported-resumption-client-extra + +-[19-npn-used-if-alpn-not-supported-resumption-server-extra] ++[21-npn-used-if-alpn-not-supported-resumption-server-extra] + ALPNProtocols = foo + NPNProtocols = bar + +-[19-npn-used-if-alpn-not-supported-resumption-resume-server-extra] ++[21-npn-used-if-alpn-not-supported-resumption-resume-server-extra] + NPNProtocols = baz + +-[19-npn-used-if-alpn-not-supported-resumption-client-extra] ++[21-npn-used-if-alpn-not-supported-resumption-client-extra] + ALPNProtocols = foo + NPNProtocols = bar,baz + +diff --git a/test/ssl-tests/08-npn.cnf.in b/test/ssl-tests/08-npn.cnf.in +index 30783e4..1dc2704 100644 +--- a/test/ssl-tests/08-npn.cnf.in ++++ b/test/ssl-tests/08-npn.cnf.in +@@ -110,6 +110,41 @@ our @tests = ( + "ExpectedNPNProtocol" => undef, + }, + }, ++ { ++ name => "npn-empty-client-list", ++ server => { ++ extra => { ++ "NPNProtocols" => "foo", ++ }, ++ }, ++ client => { ++ extra => { ++ "NPNProtocols" => "", ++ }, ++ "MaxProtocol" => "TLSv1.2" ++ }, ++ test => { ++ "ExpectedResult" => "ClientFail", ++ "ExpectedClientAlert" => "HandshakeFailure" ++ }, ++ }, ++ { ++ name => "npn-empty-server-list", ++ server => { ++ extra => { ++ "NPNProtocols" => "", ++ }, ++ }, ++ client => { ++ extra => { ++ "NPNProtocols" => "foo", ++ }, ++ "MaxProtocol" => "TLSv1.2" ++ }, ++ test => { ++ "ExpectedNPNProtocol" => "foo" ++ }, ++ }, + { + name => "npn-with-sni-no-context-switch", + server => { +diff --git a/test/ssl-tests/09-alpn.cnf b/test/ssl-tests/09-alpn.cnf +index e7e6cb9..dd66873 100644 +--- a/test/ssl-tests/09-alpn.cnf ++++ b/test/ssl-tests/09-alpn.cnf +@@ -1,6 +1,6 @@ + # Generated with generate_ssl_tests.pl + +-num_tests = 16 ++num_tests = 18 + + test-0 = 0-alpn-simple + test-1 = 1-alpn-server-finds-match +@@ -18,6 +18,8 @@ test-12 = 12-alpn-client-switch-resumption + test-13 = 13-alpn-alert-on-mismatch-resumption + test-14 = 14-alpn-no-server-support-resumption + test-15 = 15-alpn-no-client-support-resumption ++test-16 = 16-alpn-empty-client-list ++test-17 = 17-alpn-empty-server-list + # =========================================================== + + [0-alpn-simple] +@@ -617,3 +619,65 @@ ALPNProtocols = foo + ALPNProtocols = foo + + ++# =========================================================== ++ ++[16-alpn-empty-client-list] ++ssl_conf = 16-alpn-empty-client-list-ssl ++ ++[16-alpn-empty-client-list-ssl] ++server = 16-alpn-empty-client-list-server ++client = 16-alpn-empty-client-list-client ++ ++[16-alpn-empty-client-list-server] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[16-alpn-empty-client-list-client] ++CipherString = DEFAULT ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-16] ++server = 16-alpn-empty-client-list-server-extra ++client = 16-alpn-empty-client-list-client-extra ++ ++[16-alpn-empty-client-list-server-extra] ++ALPNProtocols = foo ++ ++[16-alpn-empty-client-list-client-extra] ++ALPNProtocols = ++ ++ ++# =========================================================== ++ ++[17-alpn-empty-server-list] ++ssl_conf = 17-alpn-empty-server-list-ssl ++ ++[17-alpn-empty-server-list-ssl] ++server = 17-alpn-empty-server-list-server ++client = 17-alpn-empty-server-list-client ++ ++[17-alpn-empty-server-list-server] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[17-alpn-empty-server-list-client] ++CipherString = DEFAULT ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-17] ++ExpectedResult = ServerFail ++ExpectedServerAlert = NoApplicationProtocol ++server = 17-alpn-empty-server-list-server-extra ++client = 17-alpn-empty-server-list-client-extra ++ ++[17-alpn-empty-server-list-server-extra] ++ALPNProtocols = ++ ++[17-alpn-empty-server-list-client-extra] ++ALPNProtocols = foo ++ ++ +diff --git a/test/ssl-tests/09-alpn.cnf.in b/test/ssl-tests/09-alpn.cnf.in +index 8133075..322b709 100644 +--- a/test/ssl-tests/09-alpn.cnf.in ++++ b/test/ssl-tests/09-alpn.cnf.in +@@ -322,4 +322,37 @@ our @tests = ( + "ExpectedALPNProtocol" => undef, + }, + }, ++ { ++ name => "alpn-empty-client-list", ++ server => { ++ extra => { ++ "ALPNProtocols" => "foo", ++ }, ++ }, ++ client => { ++ extra => { ++ "ALPNProtocols" => "", ++ }, ++ }, ++ test => { ++ "ExpectedALPNProtocol" => undef, ++ }, ++ }, ++ { ++ name => "alpn-empty-server-list", ++ server => { ++ extra => { ++ "ALPNProtocols" => "", ++ }, ++ }, ++ client => { ++ extra => { ++ "ALPNProtocols" => "foo", ++ }, ++ }, ++ test => { ++ "ExpectedResult" => "ServerFail", ++ "ExpectedServerAlert" => "NoApplicationProtocol", ++ }, ++ }, + ); +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch new file mode 100644 index 0000000000..7319d27bb8 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch @@ -0,0 +1,43 @@ +From 86351b8dd4c499de7a0c02313ee54966e978150f Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 21 Jun 2024 10:41:55 +0100 +Subject: [PATCH 07/10] Correct return values for + tls_construct_stoc_next_proto_neg + +Return EXT_RETURN_NOT_SENT in the event that we don't send the extension, +rather than EXT_RETURN_SENT. This actually makes no difference at all to +the current control flow since this return value is ignored in this case +anyway. But lets make it correct anyway. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/53f5677f358c4a4f69830d944ea40e71950673b8] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + ssl/statem/extensions_srvr.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c +index 64ccb3e..b821c7c 100644 +--- a/ssl/statem/extensions_srvr.c ++++ b/ssl/statem/extensions_srvr.c +@@ -1496,9 +1496,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL_CONNECTION *s, WPACKET *pkt, + return EXT_RETURN_FAIL; + } + s->s3.npn_seen = 1; ++ return EXT_RETURN_SENT; + } + +- return EXT_RETURN_SENT; ++ return EXT_RETURN_NOT_SENT; + } + #endif + +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch new file mode 100644 index 0000000000..f64938a5ca --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch @@ -0,0 +1,66 @@ +From 29f860914824cde6b0aea6ad818b93132930137f Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 21 Jun 2024 11:51:54 +0100 +Subject: [PATCH 08/10] Add ALPN validation in the client + +The ALPN protocol selected by the server must be one that we originally +advertised. We should verify that it is. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/195e15421df113d7283aab2ccff8b8fb06df5465] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + ssl/statem/extensions_clnt.c | 24 ++++++++++++++++++++++++ + 1 file changed, 24 insertions(+) + +diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c +index 1ab3c13..ff9c009 100644 +--- a/ssl/statem/extensions_clnt.c ++++ b/ssl/statem/extensions_clnt.c +@@ -1590,6 +1590,8 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, + X509 *x, size_t chainidx) + { + size_t len; ++ PACKET confpkt, protpkt; ++ int valid = 0; + + /* We must have requested it. */ + if (!s->s3.alpn_sent) { +@@ -1608,6 +1610,28 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, + SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION); + return 0; + } ++ ++ /* It must be a protocol that we sent */ ++ if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) { ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) { ++ if (PACKET_remaining(&protpkt) != len) ++ continue; ++ if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) { ++ /* Valid protocol found */ ++ valid = 1; ++ break; ++ } ++ } ++ ++ if (!valid) { ++ /* The protocol sent from the server does not match one we advertised */ ++ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION); ++ return 0; ++ } ++ + OPENSSL_free(s->s3.alpn_selected); + s->s3.alpn_selected = OPENSSL_malloc(len); + if (s->s3.alpn_selected == NULL) { +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch new file mode 100644 index 0000000000..fb1cef5067 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch @@ -0,0 +1,271 @@ +From 6a5484b0d3fcf9a868c7e3e5b62e5eedc90b6080 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 21 Jun 2024 10:09:41 +0100 +Subject: [PATCH 09/10] Add explicit testing of ALN and NPN in sslapitest + +We already had some tests elsewhere - but this extends that testing with +additional tests. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/7c95191434415d1c9b7fe9b130df13cce630b6b5] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi +--- + test/sslapitest.c | 229 ++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 229 insertions(+) + +diff --git a/test/sslapitest.c b/test/sslapitest.c +index 15cb906..7a55a2b 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -11877,6 +11877,231 @@ static int test_select_next_proto(int idx) + return ret; + } + ++static const unsigned char fooprot[] = {3, 'f', 'o', 'o' }; ++static const unsigned char barprot[] = {3, 'b', 'a', 'r' }; ++ ++#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) ++static int npn_advert_cb(SSL *ssl, const unsigned char **out, ++ unsigned int *outlen, void *arg) ++{ ++ int *idx = (int *)arg; ++ ++ switch (*idx) { ++ default: ++ case 0: ++ *out = fooprot; ++ *outlen = sizeof(fooprot); ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 1: ++ *outlen = 0; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 2: ++ return SSL_TLSEXT_ERR_NOACK; ++ } ++} ++ ++static int npn_select_cb(SSL *s, unsigned char **out, unsigned char *outlen, ++ const unsigned char *in, unsigned int inlen, void *arg) ++{ ++ int *idx = (int *)arg; ++ ++ switch (*idx) { ++ case 0: ++ case 1: ++ *out = (unsigned char *)(fooprot + 1); ++ *outlen = *fooprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 3: ++ *out = (unsigned char *)(barprot + 1); ++ *outlen = *barprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 4: ++ *outlen = 0; ++ return SSL_TLSEXT_ERR_OK; ++ ++ default: ++ case 2: ++ return SSL_TLSEXT_ERR_ALERT_FATAL; ++ } ++} ++ ++/* ++ * Test the NPN callbacks ++ * Test 0: advert = foo, select = foo ++ * Test 1: advert = , select = foo ++ * Test 2: no advert ++ * Test 3: advert = foo, select = bar ++ * Test 4: advert = foo, select = (should fail) ++ */ ++static int test_npn(int idx) ++{ ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *serverssl = NULL, *clientssl = NULL; ++ int testresult = 0; ++ ++ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), ++ TLS_client_method(), 0, TLS1_2_VERSION, ++ &sctx, &cctx, cert, privkey))) ++ goto end; ++ ++ SSL_CTX_set_next_protos_advertised_cb(sctx, npn_advert_cb, &idx); ++ SSL_CTX_set_next_proto_select_cb(cctx, npn_select_cb, &idx); ++ ++ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, ++ NULL))) ++ goto end; ++ ++ if (idx == 4) { ++ /* We don't allow empty selection of NPN, so this should fail */ ++ if (!TEST_false(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ } else { ++ const unsigned char *prot; ++ unsigned int protlen; ++ ++ if (!TEST_true(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ ++ SSL_get0_next_proto_negotiated(serverssl, &prot, &protlen); ++ switch (idx) { ++ case 0: ++ case 1: ++ if (!TEST_mem_eq(prot, protlen, fooprot + 1, *fooprot)) ++ goto end; ++ break; ++ case 2: ++ if (!TEST_uint_eq(protlen, 0)) ++ goto end; ++ break; ++ case 3: ++ if (!TEST_mem_eq(prot, protlen, barprot + 1, *barprot)) ++ goto end; ++ break; ++ default: ++ TEST_error("Should not get here"); ++ goto end; ++ } ++ } ++ ++ testresult = 1; ++ end: ++ SSL_free(serverssl); ++ SSL_free(clientssl); ++ SSL_CTX_free(sctx); ++ SSL_CTX_free(cctx); ++ ++ return testresult; ++} ++#endif /* !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) */ ++ ++static int alpn_select_cb2(SSL *ssl, const unsigned char **out, ++ unsigned char *outlen, const unsigned char *in, ++ unsigned int inlen, void *arg) ++{ ++ int *idx = (int *)arg; ++ ++ switch (*idx) { ++ case 0: ++ *out = (unsigned char *)(fooprot + 1); ++ *outlen = *fooprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 2: ++ *out = (unsigned char *)(barprot + 1); ++ *outlen = *barprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 3: ++ *outlen = 0; ++ return SSL_TLSEXT_ERR_OK; ++ ++ default: ++ case 1: ++ return SSL_TLSEXT_ERR_ALERT_FATAL; ++ } ++ return 0; ++} ++ ++/* ++ * Test the ALPN callbacks ++ * Test 0: client = foo, select = foo ++ * Test 1: client = , select = none ++ * Test 2: client = foo, select = bar (should fail) ++ * Test 3: client = foo, select = (should fail) ++ */ ++static int test_alpn(int idx) ++{ ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *serverssl = NULL, *clientssl = NULL; ++ int testresult = 0; ++ const unsigned char *prots = fooprot; ++ unsigned int protslen = sizeof(fooprot); ++ ++ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), ++ TLS_client_method(), 0, 0, ++ &sctx, &cctx, cert, privkey))) ++ goto end; ++ ++ SSL_CTX_set_alpn_select_cb(sctx, alpn_select_cb2, &idx); ++ ++ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, ++ NULL))) ++ goto end; ++ ++ if (idx == 1) { ++ prots = NULL; ++ protslen = 0; ++ } ++ ++ /* SSL_set_alpn_protos returns 0 for success! */ ++ if (!TEST_false(SSL_set_alpn_protos(clientssl, prots, protslen))) ++ goto end; ++ ++ if (idx == 2 || idx == 3) { ++ /* We don't allow empty selection of NPN, so this should fail */ ++ if (!TEST_false(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ } else { ++ const unsigned char *prot; ++ unsigned int protlen; ++ ++ if (!TEST_true(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ ++ SSL_get0_alpn_selected(clientssl, &prot, &protlen); ++ switch (idx) { ++ case 0: ++ if (!TEST_mem_eq(prot, protlen, fooprot + 1, *fooprot)) ++ goto end; ++ break; ++ case 1: ++ if (!TEST_uint_eq(protlen, 0)) ++ goto end; ++ break; ++ default: ++ TEST_error("Should not get here"); ++ goto end; ++ } ++ } ++ ++ testresult = 1; ++ end: ++ SSL_free(serverssl); ++ SSL_free(clientssl); ++ SSL_CTX_free(sctx); ++ SSL_CTX_free(cctx); ++ ++ return testresult; ++} ++ + OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n") + + int setup_tests(void) +@@ -12190,6 +12415,10 @@ int setup_tests(void) + ADD_TEST(test_data_retry); + ADD_ALL_TESTS(test_multi_resume, 5); + ADD_ALL_TESTS(test_select_next_proto, OSSL_NELEM(next_proto_tests)); ++#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) ++ ADD_ALL_TESTS(test_npn, 5); ++#endif ++ ADD_ALL_TESTS(test_alpn, 4); + return 1; + + err: +-- +2.44.0 + diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.2.bb b/meta/recipes-connectivity/openssl/openssl_3.2.2.bb index 1c92707144..3242dd69c6 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.2.2.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.2.2.bb @@ -12,6 +12,16 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://0001-Configure-do-not-tweak-mips-cflags.patch \ file://0001-Added-handshake-history-reporting-when-test-fails.patch \ + file://CVE-2024-5535_1.patch \ + file://CVE-2024-5535_2.patch \ + file://CVE-2024-5535_3.patch \ + file://CVE-2024-5535_4.patch \ + file://CVE-2024-5535_5.patch \ + file://CVE-2024-5535_6.patch \ + file://CVE-2024-5535_7.patch \ + file://CVE-2024-5535_8.patch \ + file://CVE-2024-5535_9.patch \ + file://CVE-2024-5535_10.patch \ " SRC_URI:append:class-nativesdk = " \ From patchwork Thu Jul 4 12:26:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46019 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7CA1FC3DA41 for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web10.9000.1720096074769873439 for ; Thu, 04 Jul 2024 05:27:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=kIqxzmEU; spf=softfail (domain: sakoman.com, ip: 209.85.214.182, mailfrom: steve@sakoman.com) Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1fb1c69e936so3250495ad.3 for ; Thu, 04 Jul 2024 05:27:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096074; x=1720700874; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TcYddQTs557WaY8VXLd9hjs1Dbhe1xGWiPt0JGCgizs=; b=kIqxzmEUPcOYjkabwBeFrS8uEJiTpHGSVms6UIglu9WHJ/Rgo4nM/36bp4Z/nsviCP a1VszdrPsAQ3YNc9JykqWUgPx1yT50sTHn2wdM3HmY9naXIpoN6eAGzokmR/0h29jpAM ZamPrvfCHvItYJjZY5jU9v4i8Ztd7jgslMWLY8cVMmyMpLuRirbjKylBQ0QCYa/Qmk6e kM0nppdCbBEnYP6u2S/OXpRhJKeAjbz+eN+Org8Ep3AJh4XPzy9V2ZpPw5pzgNVB2qZa 8N2fLwMwFjUSJlcM27PgQKyTL2MQ3gORyu0mzQgp2/xPEUb4HOjosqZsjMxKocBJzrD6 pMSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096074; x=1720700874; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TcYddQTs557WaY8VXLd9hjs1Dbhe1xGWiPt0JGCgizs=; b=TSxjee24nXNQOP3rI9bIeQoXA8CzzcMcXa8WfRTEMKaZiAmhX62NdLvjvbVAMtlN7z Wb0ygo1lEkgQXJ7eaHzpdIzKVXfn8kmY8Ae5hKhXVGziCSFbk9wb4bSxhBn2duONjAes HhW4qOFOUcIBo8KlcEF3ZozeslZMSRqLR4Ld9uON7RtaQYZjb7nK0bAh6GjpZw/51iXT J8sC7uy4NGkBInhteBysNZpxYt+ms5IDTx7V8zhlyz6mYnHYyGy6wOZ3W/hV5zpX6+X6 yGQXq/9st1uD0YyvlALx+iqfOXPe1P377V6IjHDMYmyF6NX9hemrarSwYjA6btO2DQCy cTEg== X-Gm-Message-State: AOJu0YyRpIKTD+47D7k8sSYSbB0LWcIWRkstfXi0JvPhiSJwe8mUV6X0 D411abW9t/4lViy+GGHMpRNgQND00Gm6pfSujSmrVPRjuEs0a1G2vBgDIYjXIByAZvQIymY7ooz X X-Google-Smtp-Source: AGHT+IGjurNsFK9loOcD9dH06O0OMVmil3VWeo0TJkFV0c6olIHqb3Ju2FDQByrci51UQkEkJVM2HA== X-Received: by 2002:a17:903:1111:b0:1fa:2e4:204d with SMTP id d9443c01a7336-1fb33edfd04mr10980065ad.43.1720096048218; Thu, 04 Jul 2024 05:27:28 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:27 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 05/21] QEMU: Fix CVE-2024-3446 & CVE-2024-3567 Date: Thu, 4 Jul 2024 05:26:57 -0700 Message-Id: <9e22481ec84800b97d8908d57aed118895b16224.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201561 From: Hitendra Prajapati Backport fixes for: * CVE-2024-3446 - Upstream-Status: Backport from https://gitlab.com/qemu-project/qemu/-/commit/eb546a3f49f45e6870ec91d792cd09f8a662c16e && https://gitlab.com/qemu-project/qemu/-/commit/4f01537ced3e787bd985b8f8de5869b92657160a && https://gitlab.com/qemu-project/qemu/-/commit/fbeb0a160cbcc067c0e1f0d380cea4a31de213e3 && https://gitlab.com/qemu-project/qemu/-/commit/1b2a52712b249e14d246cd9c7db126088e6e64db * CVE-2024-3567 - Upstream-Status: Backport from https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719 Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 5 ++ .../qemu/qemu/CVE-2024-3446-01.patch | 73 +++++++++++++++++++ .../qemu/qemu/CVE-2024-3446-02.patch | 48 ++++++++++++ .../qemu/qemu/CVE-2024-3446-03.patch | 47 ++++++++++++ .../qemu/qemu/CVE-2024-3446-04.patch | 52 +++++++++++++ .../qemu/qemu/CVE-2024-3567.patch | 48 ++++++++++++ 6 files changed, 273 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 4501f84c2b..d22bc31ce3 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -42,6 +42,11 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2023-6683.patch \ file://qemu-guest-agent.init \ file://qemu-guest-agent.udev \ + file://CVE-2024-3446-01.patch \ + file://CVE-2024-3446-02.patch \ + file://CVE-2024-3446-03.patch \ + file://CVE-2024-3446-04.patch \ + file://CVE-2024-3567.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch new file mode 100644 index 0000000000..15dbca92cd --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch @@ -0,0 +1,73 @@ +rom eb546a3f49f45e6870ec91d792cd09f8a662c16e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Thu, 4 Apr 2024 20:56:11 +0200 +Subject: [PATCH] hw/virtio: Introduce virtio_bh_new_guarded() helper +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Introduce virtio_bh_new_guarded(), similar to qemu_bh_new_guarded() +but using the transport memory guard, instead of the device one +(there can only be one virtio device per virtio bus). + +Inspired-by: Gerd Hoffmann +Reviewed-by: Gerd Hoffmann +Acked-by: Michael S. Tsirkin +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Michael S. Tsirkin +Message-Id: <20240409105537.18308-2-philmd@linaro.org> +(cherry picked from commit ec0504b989ca61e03636384d3602b7bf07ffe4da) +Signed-off-by: Michael Tokarev + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/eb546a3f49f45e6870ec91d792cd09f8a662c16e] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati +--- + hw/virtio/virtio.c | 10 ++++++++++ + include/hw/virtio/virtio.h | 7 +++++++ + 2 files changed, 17 insertions(+) + +diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c +index 3a160f86e..8590b8971 100644 +--- a/hw/virtio/virtio.c ++++ b/hw/virtio/virtio.c +@@ -4095,3 +4095,13 @@ static void virtio_register_types(void) + } + + type_init(virtio_register_types) ++ ++QEMUBH *virtio_bh_new_guarded_full(DeviceState *dev, ++ QEMUBHFunc *cb, void *opaque, ++ const char *name) ++{ ++ DeviceState *transport = qdev_get_parent_bus(dev)->parent; ++ ++ return qemu_bh_new_full(cb, opaque, name, ++ &transport->mem_reentrancy_guard); ++} +diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h +index c8f72850b..7d5ffdc14 100644 +--- a/include/hw/virtio/virtio.h ++++ b/include/hw/virtio/virtio.h +@@ -22,6 +22,7 @@ + #include "standard-headers/linux/virtio_config.h" + #include "standard-headers/linux/virtio_ring.h" + #include "qom/object.h" ++#include "block/aio.h" + + /* + * A guest should never accept this. It implies negotiation is broken +@@ -508,4 +509,10 @@ static inline bool virtio_device_disabled(VirtIODevice *vdev) + bool virtio_legacy_allowed(VirtIODevice *vdev); + bool virtio_legacy_check_disabled(VirtIODevice *vdev); + ++QEMUBH *virtio_bh_new_guarded_full(DeviceState *dev, ++ QEMUBHFunc *cb, void *opaque, ++ const char *name); ++#define virtio_bh_new_guarded(dev, cb, opaque) \ ++ virtio_bh_new_guarded_full((dev), (cb), (opaque), (stringify(cb))) ++ + #endif +-- +2.25.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch new file mode 100644 index 0000000000..843ed43ba8 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch @@ -0,0 +1,48 @@ +From 4f01537ced3e787bd985b8f8de5869b92657160a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Thu, 4 Apr 2024 20:56:41 +0200 +Subject: [PATCH] hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Replace qemu_bh_new_guarded() by virtio_bh_new_guarded() +so the bus and device use the same guard. Otherwise the +DMA-reentrancy protection can be bypassed. + +Fixes: CVE-2024-3446 +Cc: qemu-stable@nongnu.org +Suggested-by: Alexander Bulekov +Reviewed-by: Gerd Hoffmann +Acked-by: Michael S. Tsirkin +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Michael S. Tsirkin +Message-Id: <20240409105537.18308-5-philmd@linaro.org> +(cherry picked from commit f4729ec39ad97a42ceaa7b5697f84f440ea6e5dc) +Signed-off-by: Michael Tokarev + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/4f01537ced3e787bd985b8f8de5869b92657160a] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati +--- + hw/virtio/virtio-crypto.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c +index 0e2cc8d5a..4aaced74b 100644 +--- a/hw/virtio/virtio-crypto.c ++++ b/hw/virtio/virtio-crypto.c +@@ -1080,8 +1080,8 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp) + vcrypto->vqs[i].dataq = + virtio_add_queue(vdev, 1024, virtio_crypto_handle_dataq_bh); + vcrypto->vqs[i].dataq_bh = +- qemu_bh_new_guarded(virtio_crypto_dataq_bh, &vcrypto->vqs[i], +- &dev->mem_reentrancy_guard); ++ virtio_bh_new_guarded(dev, virtio_crypto_dataq_bh, ++ &vcrypto->vqs[i]); + vcrypto->vqs[i].vcrypto = vcrypto; + } + +-- +2.25.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch new file mode 100644 index 0000000000..a24652dea3 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch @@ -0,0 +1,47 @@ +From fbeb0a160cbcc067c0e1f0d380cea4a31de213e3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Thu, 4 Apr 2024 20:56:35 +0200 +Subject: [PATCH] hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Replace qemu_bh_new_guarded() by virtio_bh_new_guarded() +so the bus and device use the same guard. Otherwise the +DMA-reentrancy protection can be bypassed. + +Fixes: CVE-2024-3446 +Cc: qemu-stable@nongnu.org +Suggested-by: Alexander Bulekov +Reviewed-by: Gerd Hoffmann +Acked-by: Michael S. Tsirkin +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Michael S. Tsirkin +Message-Id: <20240409105537.18308-4-philmd@linaro.org> +(cherry picked from commit b4295bff25f7b50de1d9cc94a9c6effd40056bca) +Signed-off-by: Michael Tokarev + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/fbeb0a160cbcc067c0e1f0d380cea4a31de213e3] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati +--- + hw/char/virtio-serial-bus.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c +index dd619f073..1221fb7f1 100644 +--- a/hw/char/virtio-serial-bus.c ++++ b/hw/char/virtio-serial-bus.c +@@ -985,8 +985,7 @@ static void virtser_port_device_realize(DeviceState *dev, Error **errp) + return; + } + +- port->bh = qemu_bh_new_guarded(flush_queued_data_bh, port, +- &dev->mem_reentrancy_guard); ++ port->bh = virtio_bh_new_guarded(dev, flush_queued_data_bh, port); + port->elem = NULL; + } + +-- +2.25.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch new file mode 100644 index 0000000000..7f0293242d --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch @@ -0,0 +1,52 @@ +From 1b2a52712b249e14d246cd9c7db126088e6e64db Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Thu, 4 Apr 2024 20:56:27 +0200 +Subject: [PATCH] hw/display/virtio-gpu: Protect from DMA re-entrancy bugs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +qemu-system-i386: warning: Blocked re-entrant IO on MemoryRegion: virtio-pci-common-virtio-gpu at addr: 0x6 + +Fixes: CVE-2024-3446 +Cc: qemu-stable@nongnu.org +Reported-by: Alexander Bulekov +Reported-by: Yongkang Jia +Reported-by: Xiao Lei +Reported-by: Yiming Tao +Buglink: https://bugs.launchpad.net/qemu/+bug/1888606 +Reviewed-by: Gerd Hoffmann +Acked-by: Michael S. Tsirkin +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Michael S. Tsirkin +Message-Id: <20240409105537.18308-3-philmd@linaro.org> +(cherry picked from commit ba28e0ff4d95b56dc334aac2730ab3651ffc3132) +Signed-off-by: Michael Tokarev + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1b2a52712b249e14d246cd9c7db126088e6e64db] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati +--- + hw/display/virtio-gpu.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c +index b016d3bac..a7b16ba07 100644 +--- a/hw/display/virtio-gpu.c ++++ b/hw/display/virtio-gpu.c +@@ -1463,10 +1463,8 @@ void virtio_gpu_device_realize(DeviceState *qdev, Error **errp) + + g->ctrl_vq = virtio_get_queue(vdev, 0); + g->cursor_vq = virtio_get_queue(vdev, 1); +- g->ctrl_bh = qemu_bh_new_guarded(virtio_gpu_ctrl_bh, g, +- &qdev->mem_reentrancy_guard); +- g->cursor_bh = qemu_bh_new_guarded(virtio_gpu_cursor_bh, g, +- &qdev->mem_reentrancy_guard); ++ g->ctrl_bh = virtio_bh_new_guarded(qdev, virtio_gpu_ctrl_bh, g); ++ g->cursor_bh = virtio_bh_new_guarded(qdev, virtio_gpu_cursor_bh, g); + g->reset_bh = qemu_bh_new(virtio_gpu_reset_bh, g); + qemu_cond_init(&g->reset_cond); + QTAILQ_INIT(&g->reslist); +-- +2.25.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch b/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch new file mode 100644 index 0000000000..f14178f881 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch @@ -0,0 +1,48 @@ +From 1cfe45956e03070f894e91b304e233b4d5b99719 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Tue, 9 Apr 2024 19:54:05 +0200 +Subject: [PATCH] hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If a fragmented packet size is too short, do not try to +calculate its checksum. + +Fixes: CVE-2024-3567 +Cc: qemu-stable@nongnu.org +Reported-by: Zheyu Ma +Fixes: f199b13bc1 ("igb: Implement Tx SCTP CSO") +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2273 +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Akihiko Odaki +Acked-by: Jason Wang +Message-Id: <20240410070459.49112-1-philmd@linaro.org> +(cherry picked from commit 83ddb3dbba2ee0f1767442ae6ee665058aeb1093) +Signed-off-by: Michael Tokarev + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719] +CVE: CVE-2024-3567 +Signed-off-by: Hitendra Prajapati +--- + hw/net/net_tx_pkt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c +index 2e5f58b3c..d40d508a1 100644 +--- a/hw/net/net_tx_pkt.c ++++ b/hw/net/net_tx_pkt.c +@@ -141,6 +141,10 @@ bool net_tx_pkt_update_sctp_checksum(struct NetTxPkt *pkt) + uint32_t csum = 0; + struct iovec *pl_start_frag = pkt->vec + NET_TX_PKT_PL_START_FRAG; + ++ if (iov_size(pl_start_frag, pkt->payload_frags) < 8 + sizeof(csum)) { ++ return false; ++ } ++ + if (iov_from_buf(pl_start_frag, pkt->payload_frags, 8, &csum, sizeof(csum)) < sizeof(csum)) { + return false; + } +-- +2.25.1 + From patchwork Thu Jul 4 12:26:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46005 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0C88EC30653 for ; Thu, 4 Jul 2024 12:27:36 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web10.8985.1720096050732077034 for ; Thu, 04 Jul 2024 05:27:30 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=p5DVRYDM; spf=softfail (domain: sakoman.com, ip: 209.85.214.181, mailfrom: steve@sakoman.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1fb3b7d0d3aso1904395ad.2 for ; Thu, 04 Jul 2024 05:27:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096050; x=1720700850; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=HSNKiZrDffS37nRXJ6DPt38Up2PmLp6dSsA/8qMKB20=; b=p5DVRYDM7e57TTRfmc9r+E9CLVhsnQ/nbZty/Hr42+gVW2b+ckG3QTR1eWeXusfA0u Z35p9/FBpns44oNnQNLKn250qE7JYrKzUCYRsMjVr33WbrJlUKpIepFDxAKIzgln+/YN tcPuybUILG5p0fBfZI+72M4A55Nx9YgNQyr2CTGBvgkOk5TccQScX2JdpVaoW8yt5xKo DIsJehAXqNL8C6ghLb9s5KdNjH91tcXwsPCULpbwQCiZKgtid6sKAa3+mdmKLi3y7Omq r+4/9MHFfXlRoaZSCuFib3qzcfqIb+J9sER347k89b+nz3EbjeptqZepTJQ8YcYHotev Jqgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096050; x=1720700850; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HSNKiZrDffS37nRXJ6DPt38Up2PmLp6dSsA/8qMKB20=; b=twp1aZd1aeYgtQ6umh6Q0a2Q8Gyg/I+C5gdxattahFNEtrC8RvFEJ8oU9RjWD/i2by JxlxyLwtfBdXJzdM09Nnft6DYsLtYJm7l/Vx3BGXyz3LKs2vkfNcBtIxWfgwU/mIO4Qb UuQTZBRrQPr9j+WXbNsRKS97/RjSTsuD4BoJ29dpzx7m4oT2qI/ZhHZS+7CmUGQYdjLR mqsM8IWhYyuC29f+1aL15lsAlb5Wh5pNvp10q35Fl/PHFiktikQ5Iif7zyNOBSexHZ53 fS0P+POcF1aUGY1MiCVKm4o6Ma1WWMlmKmQ3B20tkFJN9odFcCwB+F4fYYU3B3/RdeS1 aLhg== X-Gm-Message-State: AOJu0Yyh5frw6TQD13TXra1/bwxz/hQKypvXw7votClmke5IOpyYhOXx KpPwg0w6krCQ2YusvfmZGGNQY3Km6bgc2XW19TcD7lU/hLtlWVO8qRWQl3Y5PKGxUv7BR592jet 4 X-Google-Smtp-Source: AGHT+IFL800rlZOFAckgoUiwoIaRPpG8ewhfYxqenvvQeJYk4NkTKhAOg5wQeCaUkAExJA/F2O3WHg== X-Received: by 2002:a17:903:1c8:b0:1fb:396c:7532 with SMTP id d9443c01a7336-1fb396c786cmr8571995ad.56.1720096049806; Thu, 04 Jul 2024 05:27:29 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:29 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 06/21] gstreamer: upgrade 1.22.11 -> 1.22.12 Date: Thu, 4 Jul 2024 05:26:58 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201548 From: Archana Polampalli https://gstreamer.freedesktop.org/releases/1.22/#1.22.12 Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- .../{gst-devtools_1.22.11.bb => gst-devtools_1.22.12.bb} | 2 +- ...reamer1.0-libav_1.22.11.bb => gstreamer1.0-libav_1.22.12.bb} | 2 +- ...{gstreamer1.0-omx_1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} | 2 +- ...ugins-bad_1.22.11.bb => gstreamer1.0-plugins-bad_1.22.12.bb} | 2 +- ...ins-base_1.22.11.bb => gstreamer1.0-plugins-base_1.22.12.bb} | 2 +- ...ins-good_1.22.11.bb => gstreamer1.0-plugins-good_1.22.12.bb} | 2 +- ...ins-ugly_1.22.11.bb => gstreamer1.0-plugins-ugly_1.22.12.bb} | 2 +- ...amer1.0-python_1.22.11.bb => gstreamer1.0-python_1.22.12.bb} | 2 +- ...sp-server_1.22.11.bb => gstreamer1.0-rtsp-server_1.22.12.bb} | 2 +- ...reamer1.0-vaapi_1.22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} | 2 +- .../{gstreamer1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.11.bb => gst-devtools_1.22.12.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.11.bb => gstreamer1.0-libav_1.22.12.bb} (91%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.11.bb => gstreamer1.0-plugins-bad_1.22.12.bb} (98%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.11.bb => gstreamer1.0-plugins-base_1.22.12.bb} (98%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.11.bb => gstreamer1.0-plugins-good_1.22.12.bb} (97%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.11.bb => gstreamer1.0-plugins-ugly_1.22.12.bb} (94%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.11.bb => gstreamer1.0-python_1.22.12.bb} (91%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.11.bb => gstreamer1.0-rtsp-server_1.22.12.bb} (90%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} (97%) diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb similarity index 95% rename from meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb index 2be406192f..c30341d1f0 100644 --- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV} file://0001-connect-has-a-different-signature-on-musl.patch \ " -SRC_URI[sha256sum] = "07766425ecb5bf857ab5ad3962321c55cd89f9386b720843f9df71c0a455eb9b" +SRC_URI[sha256sum] = "015ff62789dab423edafe979b019c7de4c849a2b7e74912b20b74a70e5b68f72" DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base" RRECOMMENDS:${PN} = "git" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb similarity index 91% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb index f3287efa96..bd9ae2464e 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \ " SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz" -SRC_URI[sha256sum] = "6b13dcc9332ef27a7c1e7005c0196883874f91622f8aa6e52f218b05b15d2bf5" +SRC_URI[sha256sum] = "3b60d4cac2fbcd085a93e9389ca23e0443bee1ca75574d31d4f12bb1bbecab48" S = "${WORKDIR}/gst-libav-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb similarity index 95% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb index 97348fb398..4db16ed10b 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz" -SRC_URI[sha256sum] = "18dfdf5f6b773d67e62a315c6cf6247da320b83603a5819493f53c69ed2eeef6" +SRC_URI[sha256sum] = "6b0685b92ac735032d7987d1028afaeab0a98ab726e0c51e5b9bfc8f2da7c8b1" S = "${WORKDIR}/gst-omx-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb similarity index 98% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb index 523ee7a5ae..01c95ac85f 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb @@ -10,7 +10,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad file://0002-avoid-including-sys-poll.h-directly.patch \ file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \ " -SRC_URI[sha256sum] = "808d3b33fc4c71aeb2561c364a87c2e8a3e2343319a83244c8391be4b09499c8" +SRC_URI[sha256sum] = "388b4c4412f42e36a38b17cc34119bc11879bd4d9fbd4ff6d03b2c7fc6b4d494" S = "${WORKDIR}/gst-plugins-bad-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb similarity index 98% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb index 7aa10eb646..5905c2d5b1 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba file://0003-viv-fb-Make-sure-config.h-is-included.patch \ file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \ " -SRC_URI[sha256sum] = "65eaf72296cc5edc985695a4d80affc931e64a79f4879d05615854f7a2cf5bd1" +SRC_URI[sha256sum] = "73cfadc3a6ffe77ed974cfd6fb391c605e4531f48db21dd6b9f42b8cb69bd8c1" S = "${WORKDIR}/gst-plugins-base-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb similarity index 97% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb index 85143aa1b9..8099d70791 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb @@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \ file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch" -SRC_URI[sha256sum] = "6ddd032381827d31820540735f0004b429436b0bdac19aaeab44fa22faad52e2" +SRC_URI[sha256sum] = "9c1913f981900bd8867182639b20907b28ed78ef7a222cfbf2d8ba9dab992fa7" S = "${WORKDIR}/gst-plugins-good-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb similarity index 94% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb index 61f46fbf7e..714ee178d8 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb @@ -15,7 +15,7 @@ SRC_URI = " \ https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "7758b7decfd20c00cae5700822bcbbf03f98c723e33e17634db2e07ca1da60bf" +SRC_URI[sha256sum] = "d59a1aaf8dd2cc416dc5b5c0b7aecd02b1811bf1229aa724e6c2a503d3799083" S = "${WORKDIR}/gst-plugins-ugly-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb similarity index 91% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb index 0fbb03f757..2eee5aee5e 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb @@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "f7a5450d93fd81bf46060dca7f4a048d095b6717961fec211731a11a994c99a7" +SRC_URI[sha256sum] = "d98d3226efea20d5c440a28988a20319a953f7c594895df2bba4538633108e9f" DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb similarity index 90% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb index 554ed9ec8f..c89c22f334 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb @@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "ec49d474750a6ff6729c85b448abc607fb6840b21717ad7abc967e2adbf07a24" +SRC_URI[sha256sum] = "bf6c7871e7cf3528e4ec87ddc2f2949691cd269f98e536482ae744c1405cf451" S = "${WORKDIR}/${PNREAL}-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb similarity index 95% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb index 87eb8484a1..ef75ed64b3 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "6eae1360658302b9b512fa46b4d06f5b818dfce5f2f43d7d710ca8142719d8ad" +SRC_URI[sha256sum] = "013ad729b2fe4fccda559bddc626bcb14230cfb90a2271049f8466bfec5d80df" S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb similarity index 97% rename from meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb rename to meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb index 8965497d01..f4acb0977b 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb @@ -22,7 +22,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x file://0003-tests-use-a-dictionaries-for-environment.patch \ file://0004-tests-add-helper-script-to-run-the-installed_tests.patch \ " -SRC_URI[sha256sum] = "3d16259e9dab8b002c57ce208a09b350d8282f5b0197306c0cdba9a0d0799744" +SRC_URI[sha256sum] = "ac352f3d02caa67f3b169daa9aa78b04dea0fc08a727de73cb28d89bd54c6f61" PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \ check \ From patchwork Thu Jul 4 12:26:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46004 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29D53C41513 for ; Thu, 4 Jul 2024 12:27:36 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web11.8890.1720096053645897084 for ; Thu, 04 Jul 2024 05:27:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=fgnArbBQ; spf=softfail (domain: sakoman.com, ip: 209.85.214.181, mailfrom: steve@sakoman.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1f9e2affc8cso3508555ad.2 for ; Thu, 04 Jul 2024 05:27:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096053; x=1720700853; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=vGGdJK08O2c9GP/fS+ERQbsQm6U7DSf8v1MqgGOpnco=; b=fgnArbBQIXabOcEzVtva+DPVhexRkl5JtlypKjuIPjEVJKBFdHjR4SixtcCz4rW66g 4zAUsvVfH+tyk0MndGN46DEyEL5bH5Mply8qeQVfHGympr4MnIR1AT5kv97CuS3jDQZM zkTntTY1i9KvFr8zAnzd1D5RUTt08KgPnA5vD+und7AzTQmZR192Som88U1eEqUm9bhu wUxTn84O/VZTJ2bRe24O4+nnj6l2atUvuxh88Ey+1YThsdyN7Y+vPKcRQb32GlK20xxr NRuZRPjBJm4Smdjfmu8bbc/wVsGR1feylLJGYhFanKnR7v1LX6BA4WZCtOf2JhM1QDhu /Msg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096053; x=1720700853; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vGGdJK08O2c9GP/fS+ERQbsQm6U7DSf8v1MqgGOpnco=; b=dCgLDtZ4tYTXVQ7lMv2EyawwWLrXq2y+um7DbGNLV0o0O5sHa9eILfhg8Z4MgiG0Zt InyasN8thdFiTEvFbleUV15dZN/EFR4uSxCD8kPXc2xIwdaGGrgzr5YQJxJrghsHbsjV 8AORefQnBKW0XbGTzX4V/wMVhXyaDUyzThUmPevAWYcLU2RlBNwJ1hB2PV2vXOq0vmyS SvHoVbxr/DZDAPfHSLbUdXVw9qrvUvBoh7XvMXGV3rT6jm3ADKbxAYqK+QaSdVPT3thD 6M/uotcjPuaHyNAKKp7Fi8Qr95DEDGnAk/fPKQ1pG2M3IlWLaRZKv59Pe44rS5Lbdxzc dVhA== X-Gm-Message-State: AOJu0Yxr2DjSORUTm1uJLi54THSgetimQ32TSRIsRisUGQbdxNIBXlOY VEndSIK94iKa28F/XdTjoWIFq5ZmoVhxapzfQgllGuPOHThvxnvts26P7T+kFEIdVJScwI2nvNh u X-Google-Smtp-Source: AGHT+IE3AxGZC3xGi14EFLpVrSKYtrFnOVeW7GvNkrbU/78VypDbHHN38z7DTWrBowcxhfTJ3H9QAA== X-Received: by 2002:a17:903:244c:b0:1f9:c8cc:9e0f with SMTP id d9443c01a7336-1fb33e49fadmr10137515ad.18.1720096051513; Thu, 04 Jul 2024 05:27:31 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:31 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 07/21] python3-jinja2: Upgrade 3.1.3 -> 3.1.4 Date: Thu, 4 Jul 2024 05:26:59 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201549 From: Richard Purdie Switch to use flit core since upstream changed. They also changed the capitalisation under pypi. The license didn't change but the file was renamed, probably as it wasn't rst. Signed-off-by: Richard Purdie (cherry picked from commit e352680528b18c3cdae26233bef7cddc2771d42d) Signed-off-by: Steve Sakoman --- .../{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/python/{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} (79%) diff --git a/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb similarity index 79% rename from meta/recipes-devtools/python/python3-jinja2_3.1.3.bb rename to meta/recipes-devtools/python/python3-jinja2_3.1.4.bb index 636fb35811..2c02037011 100644 --- a/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb +++ b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb @@ -2,17 +2,17 @@ SUMMARY = "Python Jinja2: A small but fast and easy to use stand-alone template HOMEPAGE = "https://pypi.org/project/Jinja2/" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" -SRC_URI[sha256sum] = "ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90" +SRC_URI[sha256sum] = "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369" -PYPI_PACKAGE = "Jinja2" +PYPI_PACKAGE = "jinja2" CVE_PRODUCT = "jinja2 jinja" CLEANBROKEN = "1" -inherit pypi setuptools3 ptest +inherit pypi python_flit_core ptest SRC_URI += " \ file://run-ptest \ From patchwork Thu Jul 4 12:27:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46012 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FA4BC41513 for ; Thu, 4 Jul 2024 12:27:46 +0000 (UTC) Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web10.8990.1720096058175232415 for ; Thu, 04 Jul 2024 05:27:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=zkPt2Pcc; spf=softfail (domain: sakoman.com, ip: 209.85.214.177, mailfrom: steve@sakoman.com) Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-1fa9f540f45so3152925ad.1 for ; Thu, 04 Jul 2024 05:27:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096057; x=1720700857; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=E0lTaeBiHYI8ZdffVkUy5itAhpYwQooeNHVSmMVohbQ=; b=zkPt2PccOHJ+nCVtFqwBeaDb/HJ2h2SkM8GCsbvjKReoyxPJeiGshGpfLDjAc/r0Ur tgmjfqHU+Hr+jEEPrY1Je0Uc8EgHd8u/kYfJoMdT3zSRrqzRAvmT/mCljaz8Fj4qWJxN YHyGE8gGJWUvEzZzvUBBdzg/FOYtJfzavdEIVLuHwOGUAdyAuU3rj9Ly0RHNaobiIveH gZF6OwbjFpMO0HNYKuOzQe3DM/FTM5wed9Y4qxn3ev1DUuc+WL4zC6V2wPm4Iets8omt 2753wdtNNaG5pq9VH/m6Zukq495FkrGwCnYdahYZjaEVa2sUPZnIy+hu1loDVbtzbRpg yANw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096057; x=1720700857; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E0lTaeBiHYI8ZdffVkUy5itAhpYwQooeNHVSmMVohbQ=; b=SnijMX9BdhuUaZOlFhougPkCaZgp2bW+s2sKeIj5wviyW1hbWQUQCR1vcBsRvpwmf7 s178SAR7zyETW9MZEI7BjwcQAHQe1h8Sl1ljXGHwsmMZAmKoYgdk3gPDczIYTH0NUzFF C+gp7BHAJsXIJYxggtXRqiCNqfnYmuh05+P8TO2QrZdgy/PjBdaWTD5XQfnllKYLfEbI bUBII8D8ZMsWtEUj4WtMcv5ty/W5GG4Xga7OqAZA5DcUCVCCY2Rt+CtZomISlQ6cBGjW 1lT1DyAaMALb+d+rMZZztkXySQbOq6jaRjU4Jn+QJ5wdus4Kg9bMQd+wM2EpPxMT1eeX 5mvw== X-Gm-Message-State: AOJu0Yyii1BqmHKsu1650+gUjPm54c5LafbUvoqIVFsyKPa5X3ZdKop1 uqZLDboR0WTvQPUgaclcgUNOS9qt1np6ZvKfTzpT0I845WNaiOUMo57C8IjPxnMxPEWYn1i6xC/ D X-Google-Smtp-Source: AGHT+IFXjccK/GL+v0S8XtQbTwJTZBld4WGyfzsqSEvIaMvCjI7b/mrXIETN3aGn7Z8CI+psTqBvaQ== X-Received: by 2002:a17:902:e84d:b0:1f9:fca9:742a with SMTP id d9443c01a7336-1fb33f0b447mr10570195ad.57.1720096055415; Thu, 04 Jul 2024 05:27:35 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:34 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 08/21] linux-yocto/6.6: update to v6.6.34 Date: Thu, 4 Jul 2024 05:27:00 -0700 Message-Id: <537149dc41df976f504512c99e7bb5deafdd283c.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201550 From: Bruce Ashfield Updating linux-yocto/6.6 to the latest korg -stable release that comprises the following commits: 64ebf485c56b usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock 76d42e596d89 Linux 6.6.34 8353b7f70dd2 smp: Provide 'setup_max_cpus' definition on UP too 50f3931746b5 selftests: net: more strict check in net_helper 225de871ddf9 smb: client: fix deadlock in smb2_find_smb_tcon() 9c3095ad40f9 powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH b48f81d2c3dc ALSA: seq: Fix incorrect UMP type for system messages 44bc51c08d64 btrfs: fix leak of qgroup extent records after transaction abort 3d08c52ba188 btrfs: fix crash on racing fsync and size-extending write into prealloc e5104cbb146f tracefs: Clear EVENT_INODE flag in tracefs_drop_inode() 4e84ead3f60a eventfs: Keep the directories from having the same inode number as files 5ade5fbdbbb1 eventfs: Fix a possible null pointer dereference in eventfs_find_events() cbc4dacaa5b1 NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS d6ea0e12befb nfs: fix undefined behavior in nfs_block_bits() 9191b574d7dc EDAC/igen6: Convert PCIBIOS_* return codes to errnos 8f84ae504348 EDAC/amd64: Convert PCIBIOS_* return codes to errnos 0a9007271e3f ALSA: ump: Don't accept an invalid UMP protocol number 3113ff8e496c ALSA: ump: Don't clear bank selection after sending a program change e3ae00ee238b ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension 1c7891812d85 genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() aed55acbb929 i3c: master: svc: fix invalidate IBI type and miss call client IBI handler e049845096e9 s390/cpacf: Make use of invalid opcode produce a link error ab278ff72afc s390/cpacf: Split and rework cpacf query functions 4c0bfb4e867c s390/ap: Fix crash in AP internal function modify_bitmap() b2b685c77ee3 parisc: Define sigset_t in parisc uapi header 6de4da0f1a5f parisc: Define HAVE_ARCH_HUGETLB_UNMAPPED_AREA eea3545abf60 ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat 1a48d7cf6ee5 ARM: dts: samsung: smdk4412: fix keypad no-autorepeat 0da0e880b8c7 ARM: dts: samsung: smdkv310: fix keypad no-autorepeat f7f84721fd77 riscv: dts: starfive: Remove PMIC interrupt info for Visionfive 2 board a95df6f04f2c ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() b0b47084f5d3 ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow 3093e586b019 ext4: Fixes len calculation in mpage_journal_page_buffers 3194771798ef drm/amdkfd: handle duplicate BOs in reserve_bo_and_cond_vms 58ce0788c75f sparc: move struct termio to asm/termios.h 5af198c38712 net: fix __dst_negative_advice() race ea303a7af85b kdb: Use format-specifiers rather than memset() for padding in kdb_read() e00ec562b0e0 kdb: Merge identical case statements in kdb_read() 958ba65a3590 kdb: Fix console handling when editing and tab-completing commands d373d3c633dc kdb: Use format-strings rather than '\0' injection in kdb_read() 107e825cc448 kdb: Fix buffer overflow during tab-complete 4c09df400284 wifi: ath10k: fix QCOM_RPROC_COMMON dependency f07224c16678 bonding: fix oops during rmmod 8b732150f2e3 watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin 766975238305 selftests/mm: fix build warnings on ppc64 0eb43c377af5 selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages c55d3564ad25 mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL 2eeff6e36cd3 mm: /proc/pid/smaps_rollup: avoid skipping vma after getting mmap_lock again cb3ea7684a43 mm/hugetlb: pass correct order_per_bit to cma_declare_contiguous_nid f317e97da981 mm/cma: drop incorrect alignment check in cma_init_reserved_mem 3e64c37fe391 sparc64: Fix number of online CPUs 35c8cf7b8a71 rtla/timerlat: Fix histogram report when a cpu count is 0 bb5afc42c42c intel_th: pci: Add Meteor Lake-S CPU support 8f893e52b9e0 cpufreq: amd-pstate: Fix the inconsistency in max frequency units b54d24eb4a67 tpm_tis: Do *not* flush uninitialized work 19e85d939001 kmsan: do not wipe out origin when doing partial unpoisoning 99ed145f4611 mm/ksm: fix ksm_zero_pages accounting 0a82b46a0172 mm/ksm: fix ksm_pages_scanned accounting 6c1791130b78 net/9p: fix uninit-value in p9_client_rpc() 400b8fb66c74 net/ipv6: Fix route deleting failure when metric equals 0 a19b2bc5d0c4 scsi: core: Handle devices which return an unusually large VPD page count 6d458d0dcca9 HID: i2c-hid: elan: fix reset suspend current leakage 90dd0592b3b0 i2c: acpi: Unbind mux adapters before delete 9ee7a77c150b iomap: fault in smaller chunks for non-large folio mappings 1f3988ca0d7a filemap: add helper mapping_max_folio_size() be0ce3f6ffea mm: fix race between __split_huge_pmd_locked() and GUP-fast 2e083ef23431 kbuild: Remove support for Clang's ThinLTO caching c2d443aa1ae3 crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak d14104360c27 crypto: ecrdsa - Fix module auto-load on add_key cc3306fb04b1 crypto: ecdsa - Fix module auto-load on add-key a68c0c55fa4c clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs 9562dbe5cdbb clk: bcm: rpi: Assign ->num before accessing ->hws 0dc913217fb7 clk: bcm: dvp: Assign ->num before accessing ->hws ca6d6d872a8b LoongArch: Override higher address bits in JUMP_VIRT_ADDR ae9e39a2fbf5 LoongArch: Add all CPUs enabled by fdt to NUMA node 0 93ca96f098f8 KVM: arm64: AArch32: Fix spurious trapping of conditional instructions 5bff951fedac KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode 6660e152e5eb KVM: arm64: Fix AArch32 register narrowing on userspace write f79edaf73709 KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked bb430ea4ba31 Revert "drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices" 7bc52dce0732 drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms f0c5c944c6d8 9p: add missing locking around taking dentry fid list 4eff07025c84 drm/amdgpu/atomfirmware: add intergrated info v2.3 table b8385ff814ca fbdev: savage: Handle err return when savagefb_check_var failed bd2ad553f18c drm/fbdev-generic: Do not set physical framebuffer address 22d04790d656 mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA b5636348f324 mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A e000578a3ad3 mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working e236bb53fd6b mmc: sdhci-acpi: Sort DMI quirks alphabetically d9ae0aa8ff8f mmc: sdhci: Add support for "Tuning Error" interrupts c0a16ff432fe mmc: core: Add mmc_gpiod_set_cd_config() function 7590da4c04dd mmc: davinci: Don't strip remove function when driver is builtin a80d1da923f6 media: v4l: async: Fix notifier list entry init 001b4825c93b media: v4l: async: Don't set notifier's V4L2 device if registering fails 87100b092462 media: v4l: async: Properly re-initialise notifier entry in unregister dde33147c93a media: v4l2-core: hold videodev_lock until dev reg, finishes 3e7eeba0d345 media: mxl5xx: Move xpt structures off stack 77c4cd7e0b38 media: mc: mark the media devnode as registered from the, start e80d9db99b7b media: mc: Fix graph walk in media_pipeline_start 2a24da4cf675 arm64: dts: ti: verdin-am62: Set memory size to 2gb 3f03a4a9e2f5 arm64: dts: hi3798cv200: fix the size of GICR ea17c9aeb6c3 arm64: dts: qcom: sc8280xp: add missing PCIe minimum OPP 4c59282ad9d3 wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path 50ebdaa25932 wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE 96e544378e16 wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power 8539d0b03919 wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU 7994e88dabcb wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command cd2538e5af49 md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING f9e0a4ec4b5d arm64: dts: qcom: qcs404: fix bluetooth device address 49c23519d698 arm64: tegra: Correct Tegra132 I2C alias 17695c8d5049 ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx 6a283d64b486 soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request 0a47ba94ec3d thermal/drivers/qcom/lmh: Check for SCM availability at probe 3d22872e7740 platform/chrome: cros_ec: Handle events during suspend after resume completion 0c08b92f9827 proc: Move fdinfo PTRACE_MODE_READ check into the inode .permission operation d171c85d74c6 fsverity: use register_sysctl_init() to avoid kmemleak warning c5a39f16436a ata: pata_legacy: make legacy_exit() work again 91d930732554 wifi: rtw89: correct aSIFSTime for 6GHz band 6479b9f41583 bcache: fix variable length array abuse in btree_iter 5b0a3dc3e878 drm/amdgpu: add error handle to avoid out-of-bounds 7d12e918f299 media: lgdt3306a: Add a check against null-pointer-def be0155202e43 f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() 2c66a89962a0 drm/sun4i: hdmi: Move mode_set into enable 8474d4b41617 drm/sun4i: hdmi: Convert encoder to atomic 68de50dc581c selftests: net: List helper scripts in TEST_FILES Makefile variable d7e2ad42a056 selftests: net: included needed helper in the install targets a38459118746 selftests/net: synchronize udpgro tests' tx and rx connection 461db4b51c29 vxlan: Fix regression when dropping packets due to invalid src addresses 417dbd7be383 mm: ratelimit stat flush from workingset shrinker 15cc248e7efa erofs: avoid allocating DEFLATE streams before mounting 184873af8791 mptcp: fix full TCP keep-alive support 89e11fe49fee mptcp: cleanup SOL_TCP handling 41089d9c8a45 mptcp: avoid some duplicate code in socket option handling 0af20700561e riscv: signal: handle syscall restart before get_signal 9399baa02e4b net: sfp-bus: fix SFP mode detect from bitrate ed2d2ead1779 afs: Don't cross .backup mountpoint from backup volume b8d50770ec03 mmc: core: Do not force a retune before RPMB switch cfa73607eb21 drm/i915/hwmon: Get rid of devm 140cf97204b5 Linux 6.6.33 c273cae03895 riscv: stacktrace: fixed walk_stackframe() 3090c06d50ea riscv: prevent pt_regs corruption for secondary idle threads af628d43a822 SUNRPC: Fix loop termination condition in gss_free_in_token_pages() c775ffab3e53 f2fs: use f2fs_{err,info}_ratelimited() for cleanup 4647876e7e4e f2fs: write missing last sum blk of file pinning section 98ed486436a0 perf sched timehist: Fix -g/--call-graph option failure fdc455cd0204 drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible 2948c1e5d5f4 media: vsp1: Remove unbalanced .s_stream(0) calls c353aa21f256 nouveau: report byte usage in VRAM usage. d0afcca9ced4 RDMA/bnxt_re: Fix the sparse warnings f33052802e3d perf evlist: Add perf_evlist__go_system_wide() helper 95e33c0f617b perf util: Add a function for replacing characters in a string 1a705491f35c platform/x86/intel-uncore-freq: Don't present root domain on error 31729546c144 platform/x86/intel/tpmi: Handle error from tpmi_process_info() 59f86a290838 genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline 66c92af813bc KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID d6873acc3e09 x86/pci: Skip early E820 check for ECAM region 9dce01f386c9 efi: libstub: only free priv.runtime_map when allocated 2a2f9b87c477 x86/efistub: Omit physical KASLR when memory reservations exist 2c95241ac5fc ALSA: timer: Set lower bound of start tick time b7c4ef7ba313 ALSA: seq: ump: Fix swapped song position pointer data e67cae4255e9 hwmon: (shtc1) Fix property misspelling d800e1868f3d hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor e0216316828f drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel 042adfbfe8dc drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel 442b5ee91a5e drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel 81c52c0ccc6a powerpc/pseries/lparcfg: drop error message from guest name lookup 5f1b01a8c8a5 ALSA: seq: Fix yet another spot for system message conversion 54213c09801e ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound 659ef6fd4934 net: ena: Fix redundant device NUMA node override 26668c2d449d net: ena: Reduce lines with longer column width boundary f826701d02f8 net: dsa: microchip: fix RGMII error in KSZ DSA driver 2c2e3247e898 spi: stm32: Don't warn about spurious interrupts db9312853608 kheaders: use `command -v` to test for existence of `cpio` 0b01a41e2ce4 drm/i915/gt: Fix CCS id's calculation for CCS mode setting d154613d2b3d drm/i915/guc: avoid FIELD_PREP warning 2b6e818fc609 kconfig: fix comparison to constant symbols, 'm', 'n' b939d1e04a90 net/sched: taprio: extend minimum interval restriction to entire cycle too aa311596411b net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() 61134e41db23 netfilter: nft_fib: allow from forward/input without iif selector 570b4c52096e netfilter: tproxy: bail out if IP has been disabled on the device c4f77480e569 netfilter: nft_payload: skbuff vlan metadata mangle support 75bc6bc559b9 net: ti: icssg-prueth: Fix start counter for ft1 filter 4448b5eaab86 ALSA: seq: Don't clear bank selection at event -> UMP MIDI2 conversion 5c3df8c4f45b ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion 562f8862baea selftests: mptcp: join: mark 'fail' tests as flaky 99ac814eb13f selftests: mptcp: add ms units for tc-netem delay 052c9f0c140c selftests: mptcp: simult flows: mark 'unbalanced' tests as flaky 71e61511c3a5 ice: fix accounting if a VLAN already exists 98101ca23a35 net: micrel: Fix lan8841_config_intr after getting out of sleep mode f0c58df7719f net:fec: Add fec_enet_deinit() 000a65bf1dc0 bpf: Allow delete from sockmap/sockhash only if update is allowed 5da6d51d4837 ASoC: cs42l43: Only restrict 44.1kHz for the ASP ec361a0ffc33 net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM 208d04341c8f Octeontx2-pf: Free send queue buffers incase of leaf to inner ac325c7f8944 af_unix: Read sk->sk_hash under bindlock during bind(). 302fe8dd147b af_unix: Annotate data-race around unix_sk(sk)->addr. f6638e955ca0 enic: Validate length of nl attributes in enic_set_vf_port 07bbe6668e1e ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp cb9c2bd4ec8c ALSA: core: Remove debugfs at disconnection b26e0fa2cf8c ALSA: jack: Use guard() for locking f58eec14685a bpf: Fix potential integer overflow in resolve_btfids a4ee78244445 dma-buf/sw-sync: don't enable IRQ from sync_print_obj() de1a0a2d9db8 net/mlx5e: Fix UDP GSO for encapsulated packets 33933f006d2e net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion aa60de63fdd1 net/mlx5e: Fix IPsec tunnel mode offload feature check b0a15cde37a8 net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules fb035aa9a3f8 net/mlx5: Fix MTMP register capability offset in MCAM register e5bdf4eeeb1d net/mlx5: Lag, do bond only if slaves agree on roce state 07327fcbec97 net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 dedc1dfaa6df drm/amd/display: Enable colorspace property for MST connectors ca3b4293dcca nvmet: fix ns enable/disable possible hang 36989c682505 nvme-multipath: fix io accounting on failover 87d78f7eb76b nvme-tcp: add definitions for TLS cipher suites 5a91116b0031 dma-mapping: benchmark: handle NUMA_NO_NODE correctly 34a816d8735f dma-mapping: benchmark: fix node id validation 856dc7eb7fbc dma-mapping: benchmark: fix up kthread-related error handling a9da6ddaef9e kthread: add kthread_stop_put 1b5234b2241a spi: Don't mark message DMA mapped when no transfer in it is 0889e6f20986 netfilter: nft_payload: restore vlan q-in-q match support 5278e4354a5b netfilter: ipset: Add list flush to cancel_gc 8f365564af89 netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() 1547183852dc tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer ad4b202da2c4 tracing/probes: fix error check in parse_btf_field() c3e439cb04cf kasan, fortify: properly rename memintrinsics d346e1475703 ice: Interpret .set_channels() input differently e155741ec4f5 drivers/xen: Improve the late XenStore init protocol 46e72ebc6b35 nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() 87bdc9f6f58b net: relax socket state check at accept time. ab67c2fd3d07 tls: fix missing memory barrier in tls_init d470a8090476 net: fec: avoid lock evasion when reading pps_enable 11f1fb814994 Revert "ixgbe: Manual AN-37 for troublesome link partners for X550 SFI" 20da5bfd669b i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame 3dc730aa1b1e i3c: master: svc: return actual transfer data len 46fb7121fc42 i3c: master: svc: rename read_len as actual_len fe52ab31f050 i3c: add actual_len in i3c_priv_xfer 04207a9c64e0 virtio: delete vq in vp_find_vqs_msix() when request_irq() fails 7871f32b4564 net: lan966x: Remove ptp traps in case the ptp is not enabled. c5caa03d86a7 rv: Update rv_en(dis)able_monitor doc to match kernel-doc 9f2ad88f9b34 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY 69c47b3763af openvswitch: Set the skbuff pkt_type for proper pmtud support. ae08aea3f517 pNFS/filelayout: fixup pNfs allocation modes 02261d3f9dc7 tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). ef633ecb5452 regulator: tps6594-regulator: Correct multi-phase configuration 0e44d6cbe8de ipv6: sr: fix memleak in seg6_hmac_init_algo d59ae9314b97 af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. 35db7c9d01d9 regulator: tps6287x: Force writing VSEL bit f46695d3b08e regulator: pickable ranges: don't always cache vsel 706dff4ff7a4 rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL f3a8f8670fa6 sunrpc: fix NFSACL RPC retry on soft mount 511811a7d39c nfs: keep server info for remounts 0d317bcf81a1 NFSv4: Fixup smatch warning for ambiguous return 57847c2ec5fb ASoC: tas2781: Fix wrong loading calibrated data sequence 92503b5caab6 ASoC: tas2552: Add TX path for capturing AUDIO-OUT data e53a7f8afcbd nfc: nci: Fix uninit-value in nci_rx_work f354dc8c7d32 selftests: net: kill smcrouted in the cleanup logic in amt.sh f4df8c7670a7 ipv6: sr: fix missing sk_buff release in seg6_input_core 521d21fa65cb net: Always descend into dsa/ folder with CONFIG_NET_DSA enabled 1d95dbaa6ee7 x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y 3a487e3cab05 perf/arm-dmc620: Fix lockdep assert in ->event_init() 01f5809c78e6 xen/x86: add extra pages to unpopulated-alloc if available d08e87998339 regulator: bd71828: Don't overwrite runtime voltages b1bee9931287 blk-cgroup: Properly propagate the iostat update up the hierarchy 714e59b5456e blk-cgroup: fix list corruption from reorder of WRITE ->lqueued d4a60298ac34 blk-cgroup: fix list corruption from resetting io stat 3652ac87c993 drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations 6446c1ca2dd2 nouveau: add an ioctl to report vram usage 929eaf32dde4 nouveau: add an ioctl to return vram bar size. 38c2fd9aeddc ASoC: mediatek: mt8192: fix register configuration for tdm 9054c474f9c2 ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance f95fde17ed53 ALSA: hda: cs35l56: Initialize all ASP1 registers 3fd715d61716 ASoC: cs35l56: Fix to ensure ASP1 registers match cache 6e359be49750 ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup 1b5cfb411b73 null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() 2d062f7468c8 ASoC: tas2781: Fix a warning reported by robot kernel test a1955a6df913 drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails 2a09eb7e36cc selftests/powerpc/dexcr: Add -no-pie to hashchk tests 6ead3eccf67b drm: zynqmp_dpsub: Always register bridge f33888b9b686 Revert "drm/bridge: ti-sn65dsi83: Fix enable error path" 89af84e6514a media: cec: core: avoid confusing "transmit timed out" message 1af4790bc117 media: cec: core: avoid recursive cec_claim_log_addrs cceda163b711 media: cec: cec-api: add locking in cec_release() 8f40b92f5480 media: cec: cec-adap: always cancel work in cec_transmit_msg_fh 75aafce64a3a media: sunxi: a83-mips-csi2: also select GENERIC_PHY 24b9362c9fa5 cxl/region: Fix cxlr_pmem leaks d5ac654babea cxl/trace: Correct DPA field masks for general_media & dram events 8a328396a5fb um: Fix the declaration of kasan_map_memory a5cd85608738 um: Fix the -Wmissing-prototypes warning for get_thread_reg 59e34e390cfd um: Fix the -Wmissing-prototypes warning for __switch_mm adb1c558c610 powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp 3d50e4cef2e6 media: flexcop-usb: fix sanity check of bNumEndpoints 408facc7965e platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() ec653f4474d7 tools/arch/x86/intel_sdsi: Fix meter_certificate decoding 8af4923b045b tools/arch/x86/intel_sdsi: Fix meter_show display 42adfac5d2c7 tools/arch/x86/intel_sdsi: Fix maximum meter bundle length c73d3273272b media: mediatek: vcodec: fix possible unbalanced PM counter f29a42642069 media: mediatek: vcodec: add encoder power management helper functions 19bd9537b6bc drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() bdd5bbe96782 drm/amdgpu: init microcode chip name from ip versions a4c638ab2578 Input: cyapa - add missing input core locking to suspend/resume functions d410017a7181 media: stk1160: fix bounds checking in stk1160_copy_video() 3fe7b95312b3 drm/bridge: tc358775: fix support for jeida-18 and jeida-24 873f67699114 drm/msm/dpu: Add callback function pointer check before its call 04c2fca45506 drm/msm/dpu: stop using raw IRQ indices in the kernel output 3bbe257c466f drm/msm/dpu: make the irq table size static a70ce2bb1d46 drm/msm/dpu: add helper to get IRQ-related data 186a82662d13 drm/msm/dpu: extract dpu_core_irq_is_valid() helper 50cf1608f184 drm/msm/dpu: remove irq_idx argument from IRQ callbacks 1fe1c9dc21ee fs/ntfs3: Use variable length array instead of fixed size 109d85a98345 fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow 6c8054d59066 fs/ntfs3: Check 'folio' pointer for NULL 92ce7359f988 um: vector: fix bpfflash parameter evaluation 434a06c38ee1 um: Add winch to winch_handlers before registering winch IRQ e98f29bf0b5f um: Fix return value in ubd_init() 900d54bced61 drm/meson: gate px_clk when setting rate 22432baba48a drm/mediatek: dp: Fix mtk_dp_aux_transfer return value 3f388ca6a434 drm/msm/dpu: Always flush the slave INTF on the CTL 01d8692b0c34 drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk 755575a42c4f media: ov2680: Do not fail if data-lanes property is absent 08754dd758d5 media: ov2680: Allow probing if link-frequencies is absent a7e0a70ac6d3 media: ov2680: Clear the 'ret' variable on success 9a496f7d1828 media: v4l: Don't turn on privacy LED if streamon fails 35556d0e1c61 media: v4l2-subdev: Document and enforce .s_stream() requirements 4031c57f024a Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation 063d89156f2d mmc: sdhci_am654: Fix ITAPDLY for HS400 timing 2b8d2a6e5363 mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock 3433a340630e mmc: sdhci_am654: Add OTAP/ITAP delay enable 3525baf3a929 mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel fa9a2c696ad1 mmc: sdhci_am654: Write ITAPDLY for DDR52 timing 57205cf9c18a mmc: sdhci_am654: Add tuning algorithm for delay chain b003b8c15cbb Input: ims-pcu - fix printf string overflow 69f245b86cef dt-bindings: adc: axi-adc: add clocks property a291998f8a09 dt-bindings: adc: axi-adc: update bindings for backend framework 51a2049a2c08 eventfs: Have "events" directory get permissions from its parent 281eaee393c7 eventfs: Free all of the eventfs_inode after RCU 14aa4f3efc6e eventfs/tracing: Add callback for release of an eventfs_inode e5c80b23523b eventfs: Create eventfs_root_inode to store dentry 11244a432850 serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler f0eb53ffd8d9 serial: sc16is7xx: replace hardcoded divisor value with BIT() macro c6fecd07435f misc/pvpanic-pci: register attributes via pci_driver e9194a954c44 misc/pvpanic: deduplicate common code f68f3e3f5c9c iio: accel: mxc4005: Reset chip on probe() and resume() 43424f70535b iio: accel: mxc4005: allow module autoloading via OF compatible e26405d5b266 eventfs: Do not differentiate the toplevel events directory 64a9a930afe9 drm/amd/display: Revert Remove pixle rate limit for subvp 242f11be47ab drm/amd/display: Remove pixle rate limit for subvp cb9f455e27ed gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match b3b8ba37529c dt-bindings: PCI: rockchip,rk3399-pcie: Add missing maxItems to ep-gpios 916cf5d6ae97 s390/boot: Remove alt_stfle_fac_list from decompressor 2102692eb23f s390/ipl: Fix incorrect initialization of nvme dump block b34ea5b97561 s390/ipl: Fix incorrect initialization of len fields in nvme reipl block 2028823f1d71 s390/vdso: Use standard stack frame layout 0e035cb818c5 s390/vdso: Create .build-id links for unstripped vdso files 07423c9b4375 kbuild: fix build ID symlinks to installed debug VDSO files adacfc6dec4c kbuild: unify vdso_install rules a422869153dd s390/vdso: Generate unwind information for C modules 6bd72dd0f70c s390/vdso64: filter out munaligned-symbols flag for vdso 379ec9d95c89 LoongArch: Fix callchain parse error with kernel tracepoint events again 5af155f9b168 perf pmu: Count sys and cpuid JSON events separately 4ac93db3dd4d perf pmu: Assume sysfs events are always the same case 930e16ac95b0 perf tools: Add/use PMU reverse lookup from config to name 923b83bc8692 perf tools: Use pmus to describe type from attribute c5aaeae250d3 perf pmu: "Compat" supports regular expression matching identifiers f989dc009070 perf pmu: Move pmu__find_core_pmu() to pmus.c d37e53e8c826 perf test: Add a test for strcmp_cpuid_str() expression a46c6144117a perf stat: Don't display metric header for non-leader uncore events 7723485af6de usb: fotg210: Add missing kernel doc description f0cdc3e248e3 f2fs: fix to add missing iput() in gc_data_segment() 1003d16ea271 perf daemon: Fix file leak in daemon_session__control c546fef47cd5 libsubcmd: Fix parse-options memory leak 70d6dca40318 serial: sh-sci: protect invalidating RXDMA on shutdown 9f9341064a9b f2fs: compress: don't allow unaligned truncation on released compress inode 8d2fc8ae670a f2fs: fix to release node block count in error path of f2fs_new_node_page() 329edb7c9e3b f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock 81c975902b15 f2fs: compress: fix error path of inc_valid_block_count() b8a742a8bd6d f2fs: introduce get_available_block_count() for cleanup 5f8e5a096e2b f2fs: deprecate io_bits 92b24f04d3e5 f2fs: compress: fix to update i_compr_blocks correctly 9ec45f857a01 perf symbols: Fix ownership of string in dso__load_vmlinux() c3cc46563103 perf maps: Move symbol maps functions to maps.c c5314cfa9287 perf thread: Fixes to thread__new() related to initializing comm 9029a775f0d7 perf report: Avoid SEGV in report__setup_sample_type() e50576c7e61f perf ui browser: Avoid SEGV on title 6902179a415a f2fs: fix block migration when section is not aligned to pow2 40d76c393cca f2fs: support file pinning for zoned devices 066cec37094d f2fs: kill heap-based allocation 61330214b227 f2fs: separate f2fs_gc_range() to use GC for a range f0248ba6b640 f2fs: use BLKS_PER_SEG, BLKS_PER_SEC, and SEGS_PER_SEC 42d48304f64e f2fs: support printk_ratelimited() in f2fs_printk() 6496d63a1641 f2fs: Clean up errors in segment.h e02a267a69aa PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 84ae90ba37c1 PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 787b7ddf434f dt-bindings: spmi: hisilicon,hisi-spmi-controller: fix binding references 913a00ec6b09 extcon: max8997: select IRQ_DOMAIN instead of depending on it a8860002cae5 perf ui browser: Don't save pointer to stack memory 88b88dd7d8c2 perf bench internals inject-build-id: Fix trap divide when collecting just one DSO cd99864e1f7f i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() bb220136ae51 i2c: cadence: Avoid fifo clear after start ec3468221efe ppdev: Add an error check in register_device b596340b8552 ppdev: Remove usage of the deprecated ida_simple_xx() API 370c480410f6 stm class: Fix a double free in stm_register_device() 4e125b96e333 usb: gadget: u_audio: Clear uac pointer when freed. 453d3fa9266e usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind. 9eb15f24a0b9 dmaengine: idxd: Avoid unnecessary destruction of file_ida 4ef5468e84d5 dt-bindings: phy: qcom,usb-snps-femto-v2: use correct fallback for sc8180x 6357221b68e0 dt-bindings: phy: qcom,sc8280xp-qmp-ufs-phy: fix msm899[68] power-domains dc14f0a2c61b watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() d47f51eb1fc3 watchdog: bd9576: Drop "always-running" property 9b1c063ffc07 watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger cd283810f6ae pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs dedf17b3af39 dt-bindings: pinctrl: mediatek: mt7622: fix array properties 6954ae017718 VMCI: Fix an error handling path in vmci_guest_probe_device() b5f31d1470c4 PCI: of_property: Return error for int_map allocation failure 97ba21401b89 ovl: remove upper umask handling from ovl_create_upper() 034968dbd867 leds: pwm: Disable PWM when going to suspend a10c3d5ff9a3 pwm: Rename pwm_apply_state() to pwm_apply_might_sleep() 6bb1efff9b17 perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) 0053891e2f4f PCI: Wait for Link Training==0 before starting Link retrain 65ce3fad7d59 microblaze: Remove early printk call from cpuinfo-static.c 6240bd8981c6 microblaze: Remove gcc flag for non existing early_printk.c file a758e99cd644 udf: Convert udf_expand_file_adinicb() to use a folio 7745b1b785aa udf: Remove GFP_NOFS allocation in udf_expand_file_adinicb() 4d7d12b643c0 fpga: region: add owner module and take its refcount 0bd22a4966d5 vfio/pci: fix potential memory leak in vfio_intx_enable() e642622550c8 i915: make inject_virtual_interrupt() void bb6f7de21d4c coresight: etm4x: Fix access to resource selector registers 3840a3f37a67 coresight: etm4x: Safe access for TRCQCLTR 0c575997dee0 coresight: etm4x: Do not save/restore Data trace control registers 42f016cd8593 coresight: etm4x: Do not hardcode IOMEM access for register restore 720d27664d7c iio: adc: adi-axi-adc: only error out in major version mismatch d3513f1261a0 iio: adc: adi-axi-adc: move to backend framework 184b2967d578 iio: adc: ad9467: convert to backend framework 5fc4f0c01cb2 iio: add the IIO backend framework e1fc56c40068 iio: buffer-dmaengine: export buffer alloc and free functions b70042e4dc7f iio: adc: adi-axi-adc: convert to regmap 864b42f8b3f3 iio: adc: ad9467: use chip_info variables instead of array a679a40bd2ec iio: adc: ad9467: use spi_get_device_match_data() 08f5bd2032c0 iio: pressure: dps310: support negative temperature values d3ced099f31d perf test shell arm_coresight: Increase buffer size for Coresight basic tests e61cb35f56f9 perf docs: Document bpf event modifier 0688c4f7c5e8 coresight: etm4x: Fix unbalanced pm_runtime_enable() 1083681ea208 riscv: dts: starfive: visionfive 2: Remove non-existing TDM hardware 1145fda91f70 iio: adc: stm32: Fixing err code to not indicate success f84122681853 f2fs: fix to check pinfile flag in f2fs_move_file_range() 5632bdb4e9be f2fs: fix to relocate check condition in f2fs_fallocate() 116d824f953a f2fs: compress: fix to relocate check condition in f2fs_ioc_{,de}compress_file() 1d59aa23a3fa f2fs: compress: fix to relocate check condition in f2fs_{release,reserve}_compress_blocks() ff9504c045b5 perf bench uprobe: Remove lib64 from libc.so.6 binary path f56632928a6d dt-bindings: PCI: rcar-pci-host: Add missing IOMMU properties 479e4daae636 dt-bindings: PCI: rcar-pci-host: Add optional regulators 829afc132f63 perf record: Fix debug message placement for test consumption aa4158e31612 perf record: Move setting tracking events before record__init_thread_masks() e024e98e81f9 perf evlist: Add evlist__findnew_tracking_event() helper 28a50a15d1b8 perf tests: Apply attributes to all events in object code reading test fca6659b4edc perf tests: Make "test data symbol" more robust on Neoverse N1 bf386f268b29 arm64: dts: meson: fix S4 power-controller node e21a398d22e6 interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment 28f5a08600d0 module: don't ignore sysfs_create_link() failures 3431d265eab2 serial: sc16is7xx: add proper sched.h include for sched_set_fifo() 967cb01d0a80 PCI: tegra194: Fix probe path for Endpoint mode 46c6fc133dc1 greybus: arche-ctrl: move device table to its right location 749603af8faa serial: max3100: Fix bitwise types e8a10089eddb serial: max3100: Update uart_driver_registered on driver removal 93df2fba6c7d serial: max3100: Lock port->lock when calling uart_handle_cts_change() 73c6ddb499bb perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() 80e06e547d42 perf annotate: Use global annotation_options 1157abdc2e03 perf top: Convert to the global annotation_options e0af85d60b7a perf report: Convert to the global annotation_options dfd02119aef9 perf annotate: Introduce global annotation_options 260de04387c0 perf annotate: Split branch stack cycles information out of 'struct annotation_line' 4ddf437cae2c perf machine thread: Remove exited threads by default 7adc363bc29e perf record: Lazy load kernel symbols 1f428149492f firmware: dmi-id: add a release callback function 59767d1e3019 dmaengine: idma64: Add check for dma_set_max_seg_size 7eeef1e935d2 soundwire: cadence: fix invalid PDI offset 6ee4ad5dfb15 perf stat: Do not fail on metrics on s390 z/VM systems 32f615e0a580 usb: typec: ucsi: simplify partner's PD caps registration ad864c123b7a usb: typec: ucsi: always register a link to USB PD device 1ec229afd45c perf annotate: Get rid of duplicate --group option item 30dc493b8195 counter: linux/counter.h: fix Excess kernel-doc description warning d7c4081c54a1 fpga: bridge: add owner module and take its refcount 2da62a139a62 fpga: manager: add owner module and take its refcount 4b3609e6c805 f2fs: fix to wait on page writeback in __clone_blkaddrs() 2b2611a42462 f2fs: multidev: fix to recognize valid zero block address ac12df6b9729 phy: qcom: qmp-combo: fix duplicate return in qmp_v4_configure_dp_phy 518e2c46b5db greybus: lights: check return of get_channel_from_mode fe92a949b264 iio: core: Leave private pointer NULL when no private data supplied 5c53a28ab253 perf probe: Add missing libgen.h header needed for using basename() 834e603dbe28 perf record: Delete session after stopping sideband thread 2f593fd9d3cc net: wangxun: fix to change Rx features 941e1c6d8683 sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() 4d9d099ab291 sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level ee3577c5d33c af_packet: do not call packet_read_pending() from tpacket_destruct_skb() f28bdc2ee5d9 netrom: fix possible dead-lock in nr_rt_ioctl() 57fa96c04ef9 net: qrtr: ns: Fix module refcnt 4488617e5e99 net: bridge: mst: fix vlan use-after-free 76282afa17e9 selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval 1abb37114790 net: bridge: xmit: make sure we have at least eth header len bytes 00ea83bfb496 modules: Drop the .export_symbol section from the final modules 4aa2d5fd7ee0 tracing/user_events: Fix non-spaced field matching 4c40e1b76e6e tracing/user_events: Prepare find/delete for same name events 2fc3d0ac097b tracing/user_events: Allow events to persist for perfmon_capable users 3eb127dc408b RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw e011ea687f2f RDMA/IPoIB: Fix format truncation compilation errors 382494aa8881 selftests/kcmp: remove unused open mode c1d8c429e4d2 SUNRPC: Fix gss_free_in_token_pages() a658f011d89d bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq 29feea56dedf RDMA/bnxt_re: Adds MSN table capability for Gen P7 adapters 9a54460b3394 RDMA/bnxt_re: Update the HW interface definitions e300b1b95c93 RDMA/bnxt_re: Remove roundup_pow_of_two depth for all hardware queue resources f52e649e933a RDMA/bnxt_re: Refactor the queue index update 0b0d5701a8bf of: module: add buffer overflow check in of_modalias() 370a86dc97ef ext4: remove the redundant folio_wait_stable() 07fa88b0f340 ext4: fix potential unnitialized variable f4fb561d52e1 sunrpc: removed redundant procp check e873f36ec890 drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() d5c75ededb2d virt: acrn: stop using follow_pfn c7cca4c61f44 ext4: avoid excessive credit estimate in ext4_tmpfile() caaee1b858c2 x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS 3d22be008bd1 x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map 6973cb78f0ca clk: qcom: mmcc-msm8998: fix venus clock issue 631c54f07d78 clk: qcom: dispcc-sm8550: fix DisplayPort clocks e91d89de5e71 clk: qcom: dispcc-sm6350: fix DisplayPort clocks 7ef714778dd0 clk: qcom: dispcc-sm8450: fix DisplayPort clocks 65e528a69cb3 lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure 6d06fc4edfb0 clk: renesas: r9a07g043: Add clock and reset entry for PLIC 6c7455605a30 clk: renesas: r8a779a0: Fix CANFD parent clock 8696be3a5f66 IB/mlx5: Use __iowrite64_copy() for write combining stores 03ff3e23adca RDMA/rxe: Fix incorrect rxe_put in error path 13c7bb72d372 RDMA/rxe: Allow good work requests to be executed 21b4c6d4d890 RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt 63cbb3e7044f clk: qcom: clk-alpha-pll: remove invalid Stromer register offset 1a91f05ca280 clk: rs9: fix wrong default value for clock amplitude dd4b239184ee clk: mediatek: mt8365-mm: fix DPI0 parent 6f541a89ced8 RDMA/hns: Modify the print level of CQE error 571f79eb1aae RDMA/hns: Use complete parentheses in macros b7f2f6d227ce RDMA/hns: Fix GMV table pagesize 63da190eeb5c RDMA/hns: Fix UAF for cq async event 22c915af31bd RDMA/hns: Fix deadlock on SRQ async events. db415a39ffdb RDMA/hns: Fix return value in hns_roce_map_mr_sg 6b4f69399291 iommu: Undo pasid attachment only for the devices that have succeeded 888b03fcd122 clk: mediatek: pllfh: Don't log error for missing fhctl node 499569c8ab7f RDMA/mlx5: Adding remote atomic access flag to updatable flags 5880d8ca57d5 RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent 73c5f64cfa85 clk: samsung: exynosautov9: fix wrong pll clock id value 205b6dd5b799 media: cadence: csi2rx: configure DPHY before starting source stream 6040fcea4605 drm/edid: Parse topology block for all DispID structure v1.x b4c508666981 drm/rockchip: vop2: Do not divide height twice for YUV 4b3421c2f6f8 media: uvcvideo: Add quirk for Logitech Rally Bar dda6efae161d drm/mipi-dsi: use correct return type for the DSC functions 04b001fa8b79 drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector bd4fb19e33c8 drm/bridge: anx7625: Update audio status while detecting 587acea97512 drm/panel: novatek-nt35950: Don't log an error when DSI host can't be found 7962ae5aadd5 drm/bridge: dpc3433: Don't log an error when DSI host can't be found 52334bb44f10 drm/bridge: tc358775: Don't log an error when DSI host can't be found 30cb32c7ec5e drm/bridge: lt9611uxc: Don't log an error when DSI host can't be found ae2ac0aef901 drm/bridge: lt9611: Don't log an error when DSI host can't be found 95b5eba76efe drm/bridge: lt8912b: Don't log an error when DSI host can't be found 95f959193c32 drm/bridge: icn6211: Don't log an error when DSI host can't be found 4486576578db drm/bridge: anx7625: Don't log an error when DSI host can't be found 656fb206aee2 ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value 42c22b63056c drm: vc4: Fix possible null pointer dereference 335cc45ef2b8 drm/arm/malidp: fix a possible null pointer dereference cc20c87b04db media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries 1cc6b956ad36 fbdev: sh7760fb: allow modular build 983e91ad759e media: v4l2-subdev: Fix stream handling for crop API c1a3803e5bb9 media: i2c: et8ek8: Don't strip remove function when driver is builtin dd271f136601 media: dt-bindings: ovti,ov2680: Fix the power supply names db572c397399 media: ipu3-cio2: Request IRQ earlier 525be5dc8ee0 drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected 554484e46383 drm/msm/dp: allow voltage swing / pre emphasis of 3 dcf53e6103b2 drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference 0f070f0c3b54 media: radio-shark2: Avoid led_names truncations d8076c9e02bb media: rcar-vin: work around -Wenum-compare-conditional warning f987b53c28eb media: ngene: Add dvb_ca_en50221_init return value check 750e384b9b7b ASoC: Intel: avs: Test result of avs_get_module_entry() a1780d8a7c26 ASoC: Intel: avs: Fix potential integer overflow 7976b78631ee ASoC: Intel: avs: Fix ASRC module initialization c81b6d64962a selftests: cgroup: skip test_cgcore_lesser_ns_open when cgroup2 mounted without nsdelegate be84945440c9 fbdev: sisfb: hide unused variables 28049d5a74a8 ASoC: SOF: Intel: mtl: Implement firmware boot state check f0bf72d1b49e ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed 02be4ce0d0be ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails 6bdadbee34d9 ASoC: SOF: Intel: lnl: Correct rom_status_reg 8aeb3dc8b3cd ASoC: SOF: Intel: mtl: Correct rom_status_reg 368017b1bff7 ASoC: SOF: Intel: pci-mtl: fix ARL-S definitions 1ef8f0b414ce ASoC: SOF: Intel: pci-mtl: use ARL specific firmware definitions 46c15b7130fe ASoC: Intel: common: add ACPI matching tables for Arrow Lake f0b4617d80c3 powerpc/fsl-soc: hide unused const variable af26ea99019c drm/mediatek: Add 0 size check to mtk_drm_gem_obj d5689998a093 drm/meson: vclk: fix calculation of 59.94 fractional rates 1a7254525ca7 ASoC: kirkwood: Fix potential NULL dereference 4a1dc9721275 fbdev: shmobile: fix snprintf truncation 87b8dca6e06f ASoC: mediatek: Assign dummy when codec not specified for a DAI link 9ceb5bd746e1 mtd: rawnand: hynix: fixed typo adbd5da08ec6 mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() a6498eac492b ASoC: Intel: avs: ssm4567: Do not ignore route checks 48f3fe137323 ASoC: Intel: Disable route checks for Skylake boards 4e8c8b37ee84 drm/amd/display: Fix potential index out of bounds in color transformation function 859da9472b4f drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD doesn't assert 9429b12dfcbd drm/dp: Don't attempt AUX transfers when eDP panels are not powered e71399aa6ce1 drm/lcdif: Do not disable clocks on already suspended hardware fc49f4d1a15f dev_printk: Add and use dev_no_printk() 34d80802cb8e printk: Let no_printk() use _printk() 5fdc39e02494 drm/omapdrm: Fix console with deferred ops c00e8fd74950 fbdev: Provide I/O-memory helpers as module e79f933ad162 drm/omapdrm: Fix console by implementing fb_dirty ec1723175a5f drm/ci: update device type for volteer devices aa03f049d453 drm/ci: add subset-1-gfx to LAVA_TAGS and adjust shards 101bbe559da5 drm/ci: uprev mesa version: fix container build & crosvm 45755ef11f03 drm/bridge: Fix improper bridge init order with pre_enable_prev_first 5af2e235b0d5 Bluetooth: HCI: Remove HCI_AMP support 75d7ac5e225e Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS 0a8af30a8672 Bluetooth: Remove usage of the deprecated ida_simple_xx() API f03d3322a785 Bluetooth: ISO: Fix BIS cleanup dfde465d8907 Bluetooth: qca: Fix error code in qca_read_fw_build_info() e231034377bc Bluetooth: compute LE flow credits based on recvbuf space 3ddf170e4a60 net: micrel: Fix receiving the timestamp in the frame for lan8841 5f9d2dcf7130 mptcp: SO_KEEPALIVE: fix getsockopt support d38625f71950 net: fec: remove .ndo_poll_controller to avoid deadlocks 965d940fb741 ax25: Fix reference count leak issue of net_device 38eb01edfdaa ax25: Fix reference count leak issues of ax25_dev 39da6f09e110 ax25: Use kernel universal linked list to implement ax25_dev_list a1bf04458311 riscv, bpf: make some atomic operations fully ordered 46f17e7d4fb5 s390/bpf: Emit a barrier for BPF_FETCH instructions 1337ec94bc5a net/mlx5: Discard command completions in internal error f9caccdd42e9 net/mlx5: Add a timeout to acquire the command queue semaphore e93fc8d959e5 net/mlx5: Reload only IB representors upon lag disable/enable 66a5f6e09c63 net/mlx5: Enable 4 ports multiport E-switch 3398a40dccb8 ipv6: sr: fix invalid unregister error path 6c6b74edc911 ipv6: sr: fix incorrect unregister order 58fd673b0532 ipv6: sr: add missing seg6_local_exit 78741b4caae1 net: openvswitch: fix overwriting ct original tuple for ICMPv6 108ec8bf6483 net: usb: smsc95xx: stop lying about skb->truesize 0688d4e499be af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg 8f6f82d6a205 net: ethernet: cortina: Locking fixes 1ebaa96f97cd selftests: net: move amt to socat for better compatibility 9d601b81f1fc selftests: net: add missing config for amt.sh 229d4a32b53e selftests: net: add more missing kernel config 5de5aeb98f9a eth: sungem: remove .ndo_poll_controller to avoid deadlocks 11dd90c11ad0 net: ipv6: fix wrong start position when receive hop-by-hop fragment 68d38724cf53 m68k: mac: Fix reboot hang on Mac IIci f3baf0f4f92a m68k: Fix spinlock race in kernel thread creation 979d764ebdcd net: usb: sr9700: stop lying about skb->truesize 80cb2f61a613 usb: aqc111: stop lying about skb->truesize 18f59aab33bc HID: amd_sfh: Handle "no sensors" in PM operations 9d08e7fd44ca wifi: mwl8k: initialize cmd->addr[] properly db9214833e58 x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() 4c62c6c8a006 kernel/numa.c: Move logging out of numa.h 0d5cfcede0c9 scsi: qla2xxx: Fix debugfs output for fw_resource_count 563e60927592 scsi: qedf: Ensure the copied buf is NUL terminated 204714e68015 scsi: bfa: Ensure the copied buf is NUL terminated 5386f6734dbc HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors c3ae972a22f2 selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect 1ec7ccb4cd4b kunit: Fix kthread reference 2d43d30aafb8 selftests: default to host arch for LLVM builds 381079197e80 selftests/resctrl: fix clang build failure: use LOCAL_HDRS 3af6ed233a60 selftests/binderfs: use the Makefile's rules, not Make's implicit rules ed74398642fc wifi: nl80211: Avoid address calculations via out of bounds array indexing 166c9d2eef74 libbpf: Fix error message in attach_kprobe_multi 35e001ce8492 wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset bdd2255fcfe5 wifi: mt76: mt7603: fix tx queue of loopback packets 1f29d8571fa1 Revert "sh: Handle calling csum_partial with misaligned data" 78a12934b721 sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe() 6675c541f540 bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE b33a81e4ecfb wifi: ar5523: enable proper endpoint verification 39f8a29330f4 bpf: Fix verifier assumptions about socket->sk 62eb07923f36 wifi: carl9170: add a proper sanity check for endpoints d43a8c7ec084 macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" 7a44f4944b05 net: give more chances to rcu in netdev_wait_allrefs_any() a7678a16c25b drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() be1fa711e59c drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group 8e9aab249217 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group a80814fe9181 pwm: sti: Simplify probe function using devm functions cedd7e536935 pwm: sti: Prepare removing pwm_chip from driver data 00bb933578ac tcp: avoid premature drops in tcp_add_backlog() a47027919d69 net: dsa: mv88e6xxx: Avoid EEPROM timeout without EEPROM on 88E6250-family switches d1e3dc19d50f net: dsa: mv88e6xxx: Add support for model-specific pre- and post-reset handlers d0e874a34863 wifi: ath10k: populate board data for WCN3990 abd2e7118519 cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations e1dcff6e299f scsi: ufs: core: mcq: Fix ufshcd_mcq_sqe_search() 51929a8db813 selftests/bpf: Fix a fd leak in error paths in open_netns e19681ae6cf9 gfs2: do_xmote fixes b68b9dd723db gfs2: finish_xmote cleanup d6b412c510ac gfs2: Rename gfs2_withdrawn to gfs2_withdrawing_or_withdrawn 7c2bc932b60d gfs2: Mark withdraws as unlikely 0636b34b4458 gfs2: Fix potential glock use-after-free on unmount 18dfb29644a4 gfs2: Remove ill-placed consistency check d312fbf6a24e gfs2: No longer use 'extern' in function declarations 0db3b4e50241 gfs2: Rename gfs2_lookup_{ simple => meta } 9db1bdd71441 gfs2: Convert gfs2_internal_read to folios d92445b23932 gfs2: Get rid of gfs2_alloc_blocks generation parameter 09f8c676e4b4 wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() 55c54269fbd3 dt-bindings: thermal: loongson,ls2k-thermal: Fix incorrect compatible definition 5b996de139b3 dt-bindings: thermal: loongson,ls2k-thermal: Add Loongson-2K0500 compatible 27cacfc0818f dt-bindings: thermal: loongson,ls2k-thermal: Fix binding check issues 2d5ca6e4a287 thermal/drivers/tsens: Fix null pointer dereference 95575de7dede wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() 6ae55c7fa6be x86/purgatory: Switch to the position-independent small code model 6c6c0afd3510 scsi: hpsa: Fix allocation size for Scsi_Host private data 52c266b486ee scsi: libsas: Fix the failure of adding phy with zero-address to port 1ea06a34f79c wifi: iwlwifi: mvm: init vif works only once f84b9b25d045 cppc_cpufreq: Fix possible null pointer dereference c0ed9a711e33 openrisc: traps: Don't send signals to kernel mode threads 71d865be7c2f udp: Avoid call to compute_score on multiple sites edcdeb8a4fdf x86/pat: Fix W^X violation false-positives when running as Xen PV guest 29681171ff21 x86/pat: Restructure _lookup_address_cpa() 308fba77bc23 x86/pat: Introduce lookup_address_in_pgd_attr() 3e99f060cfd2 cpufreq: exit() callback is optional 99f3af0a1afd tcp: increase the default TCP scaling ratio ca19418abcf7 tcp: define initial scaling factor value as a macro a7fba17a0596 selftests/bpf: Fix umount cgroup2 error in test_sockmap dc03a3755358 x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 abea81e6a722 gfs2: Fix "ignore unlock failures after withdraw" 21d78e4c3661 gfs2: Don't forget to complete delayed withdraw 673f7120a6e5 ACPI: disable -Wstringop-truncation acb5503dbb9c irqchip/loongson-pch-msi: Fix off-by-one on allocation error path a9bbafa46c16 irqchip/alpine-msi: Fix off-by-one in allocation error path 1d4e1fa2f29a locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() 040c3a00247d ACPI: LPSS: Advertise number of chip selects via property 776bad0b1f63 scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL 92374b6a5af1 scsi: ufs: core: Perform read back after disabling interrupts bfd29d5ea6ea scsi: ufs: core: Perform read back after writing UTP_TASK_REQ_LIST_BASE_H 872f68019bc6 scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV 8e5ede836b74 scsi: ufs: qcom: Perform read back after writing CGC enable d2741b23b1b4 scsi: ufs: qcom: Perform read back after writing unipro mode 32402b2a9c0b scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US 8f01dda10c65 scsi: ufs: qcom: Perform read back after writing reset bit b17592380f9d bpf: prevent r10 register from being marked as precise 7a7d4237e338 bpf: Pack struct bpf_fib_lookup f92aebf17026 bpftool: Mount bpffs on provided dir instead of parent dir 875864670982 wifi: carl9170: re-fix fortified-memset warning bc236ebc2ab5 dlm: fix user space lock decision to copy lvb 0fdbbe7ee7f4 bitops: add missing prototype check f3531ac07b4e mlx5: stop warning for 64KB pages 7dd2a9bb7b75 mlx5: avoid truncating error message 6541f8ea7623 qed: avoid truncating work queue length 997a53102a3b enetc: avoid truncating error message c5202a38897d ACPI: Fix Generic Initiator Affinity _OSC bit 2bd572d421e3 sched/fair: Add EAS checks before updating root_domain::overutilized c078f2b4921b wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask f0fe67ca7550 wifi: iwlwifi: reconfigure TLC during HW restart adde9190997e wifi: iwlwifi: mvm: select STA mask only for active links 29caa342391c wifi: iwlwifi: mvm: allocate STA links only for active links 6c166d1646ca wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() 9fa391354a40 x86/boot: Ignore relocations in .notes sections in walk_relocs() too 22c3d94cd445 wifi: mt76: mt7915: workaround too long expansion sparse warnings 9cf8052afc94 wifi: ath12k: use correct flag field for 320 MHz channels ba3647aa16ae bpftool: Fix missing pids during link show 424e5ac9761f wifi: ath11k: don't force enable power save on non-running vdevs c37466406f07 wifi: brcmfmac: pcie: handle randbuf allocation failure 014e4e9275de wifi: ath10k: poll service ready message before failing e5d98cc3311f block: support to account io_ticks precisely 99bbbd9aea05 block: fix and simplify blkdevparts= cmdline parsing 910717920c8c block: refine the EOF check in blkdev_iomap_begin e8d340f80977 crypto: qat - specify firmware files for 402xx c9566b812c8f md: fix resync softlockup when bitmap size is less than array size 1fc82121d038 lkdtm: Disable CFI checking for perms functions fbadcde1572f soc: qcom: pmic_glink: Make client-lock non-sleeping 7880dbf4eafe kunit/fortify: Fix mismatched kvalloc()/vfree() usage fe3a28db0361 null_blk: Fix missing mutex_destroy() at module removal 19e9452d731a soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE 0cac39347f4e firmware: qcom: scm: Fix __scm and waitq completion variable initialization 8fc7934635bb soc: qcom: pmic_glink: notify clients about the current state d02c6eb5d3df soc: qcom: pmic_glink: don't traverse clients list without a lock 840565b1351a s390/mm: Re-enable the shared zeropage for !PV and !skeys KVM guests b410a6c84d84 mm/userfaultfd: Do not place zeropages when zeropages are disallowed f32f810dcc19 io-wq: write next_work before dropping acct_lock af82d8d2179b jffs2: prevent xattr node from overflowing the eraseblock c4f49d3fc18a ARM: configs: sunxi: Enable DRM_DW_HDMI afb39909bfb5 rcu: Fix buffer overflow in print_cpu_stall_info() 32d988f48ed2 rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow 1319dbd64b73 io_uring: use the right type for work_llist empty check a750b846c136 s390/cio: fix tracepoint subchannel type field b39d0d661752 crypto: x86/sha512-avx2 - add missing vzeroupper 1c5bce29d0d9 crypto: x86/sha256-avx2 - add missing vzeroupper ba0aa694c332 crypto: x86/nh-avx2 - add missing vzeroupper 4e9293d660bf crypto: ccp - drop platform ifdef checks 45b92921759a parisc: add missing export of __cmpxchg_u8() fd848dc7e2cf nilfs2: fix out-of-range warning 2ed750b7ae1b ecryptfs: Fix buffer size for tag 66 packet 25edcae667c3 firmware: raspberrypi: Use correct device for DMA mappings d8c42a6e61d8 mm/slub, kunit: Use inverted data to corrupt kmem cache d0f14ae223c2 crypto: bcm - Fix pointer arithmetic d142957377c2 openpromfs: finish conversion to the new mount API 396bc5e54b4f nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() daa27fd2e17d ksmbd: fix uninitialized symbol 'share' in smb2_tree_connect() 4f65f4defe4e epoll: be better about file lifetimes 71de5fc303a7 nvmet: fix nvme status code when namespace is disabled ae451994ba9c nvmet-tcp: fix possible memory leak when tearing down a controller b6eaa53f95c2 nvme: cancel pending I/O if nvme controller is in terminal state 2ab74bf2827b nvmet-auth: replace pr_debug() with pr_err() to report an error. 57a23adbc4f7 nvmet-auth: return the error code to the nvmet_auth_host_hash() callers 8871cab467a5 nvme: find numa distance only if controller has valid numa id 214301d0be27 x86/mm: Remove broken vsyscall emulation code from the page fault code 6c49ba4025ee drm/amdkfd: Flush the process wq before creating a kfd_process de23d906b265 drm/amd/display: Disable seamless boot on 128b/132b encoding fefcd1c75baf drm/amd/display: Fix DC mode screen flickering on DCN321 b6fab47b64f6 drm/amd/display: Add VCO speed parameter for DCN31 FPU 53a7d15331b0 drm/amd/display: Allocate zero bw after bw alloc enable e0760e38474c drm/amd/display: Add dtbclk access to dcn315 422f3259ac65 drm/amdgpu: Fix VRAM memory accounting cc73306bf4bb ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection 9973c0587149 ASoC: da7219-aad: fix usage of device_get_named_child_node() ae14ac3bc076 platform/x86: ISST: Add Grand Ridge to HPM CPU list 3a83d0d284b9 softirq: Fix suspicious RCU usage in __do_softirq() 107c893e0a5b ALSA: emu10k1: make E-MU FPGA writes potentially more reliable af8dc212f74a bpf, x86: Fix PROBE_MEM runtime load check 37c275727aef fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card 964794778606 Input: xpad - add support for ASUS ROG RAIKIRI 59e9cd63a528 KVM: selftests: Add test for uaccesses to non-existent vgic-v2 CPUIF 02c36fe48100 ASoC: rt715-sdca: volume step modification be91170bee15 ASoC: rt715: add vendor clear control register 91a0bd4e9c60 ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config 968f6983d41e regulator: vqmmc-ipq4019: fix module autoloading 5c0b06dca44b regulator: qcom-refgen: fix module autoloading b084d3f57748 ASoC: rt722-sdca: add headset microphone vrefo setting dace61d6dc59 ASoC: rt722-sdca: modify channel number to support 4 channels b642f447cfde ASoC: dt-bindings: rt5645: add cbj sleeve gpio property 7904b066296a ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating f6bb8d6c2a64 ASoC: acp: Support microphone from device Acer 315-24p 58872c444adc ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 a73f1e25d581 ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() 3ad4d29b6554 regulator: irq_helpers: duplicate IRQ name 08133330692c ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too 02580c6afd15 sched/isolation: Fix boot crash when maxcpus < first housekeeping CPU 1bb875147883 selftests: sud_test: return correct emulated syscall value on RISC-V 9208e9c8bd0f drm/etnaviv: fix tx clock gating on some GC7000 variants b2959fdd3af2 LoongArch: Lately init pmu after smp is online 976b74fa6084 cpu: Ignore "mitigations" kernel parameter if CPU_MITIGATIONS=n d4ed9984871c Revert "net: txgbe: fix clk_name exceed MAX_DEV_ID limits" d6a2007376ca Revert "net: txgbe: fix i2c dev name cannot match clkdev" 39cfce75168c drm/amdgpu/mes: fix use-after-free issue 67aa2a7b83be drm/amdgpu: Fix the ring buffer size for queue VM flush bdbb7611dd2e drm/amdkfd: Add VRAM accounting for SVM migration 7e1247995853 drm/amd/pm: Restore config space after reset 04cf241fe5e5 drm/amdgpu: Update BO eviction priorities 17f689f10fc0 drm/amd/display: Set color_mgmt_changed to true on unsuspend 85f0812b6d5c net: usb: qmi_wwan: add Telit FN920C04 compositions ca2da54610f0 HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled e26d4063d223 dt-bindings: rockchip: grf: Add missing type to 'pcie-phy' node 125c0dcc000f wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class ea2121cdc7ab wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field 0cfadb49ef90 wifi: mac80211: don't use rate mask for scanning 09133f4b5651 KEYS: asymmetric: Add missing dependencies of FIPS_SIGNATURE_SELFTEST 21c7e4587e29 KEYS: asymmetric: Add missing dependency on CRYPTO_SIG 2f103287ef79 ALSA: Fix deadlocks with kctl removals at disconnection e644036a3e2b ALSA: core: Fix NULL module pointer assignment at card init 8d04efceb46f ALSA: hda/realtek: fix mute/micmute LEDs don't work for ProBook 440/460 G11. 5698ba69326c ksmbd: ignore trailing slashes in share paths 6772584945b6 ksmbd: avoid to send duplicate oplock break notifications 579a0c69794b fs/ntfs3: Break dir enumeration if directory contents error 84906740dc56 fs/ntfs3: Fix case when index is reused during tree transformation e4fd2dce71fb fs/ntfs3: Taking DOS names into account during link counting df1f6ed23b51 fs/ntfs3: Remove max link count info display during driver init a8799662fed1 nilfs2: fix potential hang in nilfs_detach_log_writer() f81fd0061066 nilfs2: fix unexpected freezing of nilfs_segctor_sync() f9186bba4ea2 nilfs2: fix use-after-free of timer for log writer thread d65984358ac0 net: smc91x: Fix m68k kernel compilation for ColdFire CPU 77237eabdcd9 net: lan966x: remove debugfs directory in probe() error path 5cd17f0e74cb net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe() f678c3c33655 tools/nolibc/stdlib: fix memory error in realloc() 64f0c3bd2dd7 tools/latency-collector: Fix -Wformat-security compile warns 622ab95fdcfa net: mana: Fix the extra HZ in mana_hwc_send_request af3274905b31 ring-buffer: Fix a race between readers and resize checks 68222d7b4b72 r8169: Fix possible ring buffer corruption on fragmented Tx packets. 766e3bacc7f9 Revert "r8169: don't try to disable interrupts if NAPI is, scheduled already" a9886aad5dfd io_uring: fail NOP if non-zero op flags is passed in 68a767dd690b Input: try trimming too long modalias strings e4a1d0aa0d4d serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup 7e16930d4671 serial: 8250_bcm7271: use default_mux_rate if possible c6e1650cf5df speakup: Fix sizeof() vs ARRAY_SIZE() bug 62c3763dcb03 tty: n_gsm: fix missing receive state reset after mode switch 774d83b008ec tty: n_gsm: fix possible out-of-bounds in gsm0_receive() 7b4881da5b19 ftrace: Fix possible use-after-free issue in ftrace_location() 775de4e954cb selftests/ftrace: Fix BTFARG testcase to check fprobe is enabled correctly b1c2d09a40a5 x86/tsc: Trust initial offset in architectural TSC-adjust MSRs 7c76aad68f6d kselftest: Add a ksft_perror() helper 06644f0d7193 drm/tilcdc: Set preferred depth ff7ae7b32324 crypto: jitter - add RCT/APT support for different OSRs 50cd24ddb6f0 arm64: defconfig: remove CONFIG_IPQ_APSS_5018 58e5c91d6701 x86/alternatives: Disable interrupts and sync when optimizing NOPs in place c878fd2d4c79 x86/alternatives: Sync core before enabling interrupts c2d64b9f52b6 qemux86: add configuration symbol to select values 630c33229e6d sched/isolation: really align nohz_full with rcu_nocbs 0e5e0f68e2e6 clear_warn_once: add a clear_warn_once= boot parameter 46934791b902 clear_warn_once: bind a timer to written reset value cdee9e38ff32 clear_warn_once: expand debugfs to include read support 82b562b81841 tools: Remove some options from CLANG_CROSS_FLAGS 36dc380b776b libbpf: Fix build warning on ref_ctr_off 9e3e1fe20982 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel. e497a4a5da65 perf: x86-32: explicitly include 7b57ddd89565 perf: mips64: Convert __u64 to unsigned long long 1cfc19423dc7 perf: fix bench numa compilation 98bc2815fade perf: add SLANG_INC for slang.h 17209a70b9b3 perf: add sgidefs.h to for mips builds 9cd4258d910a perf: change --root to --prefix for python install 8110a4f26628 perf: add 'libperl not found' warning bc89d5e08f77 perf: force include of 4f6c760cc876 fat: Replace prandom_u32() with get_random_u32() bc53117b12b2 fat: don't use obsolete random32 call in namei_vfat 30b2236ab378 FAT: Added FAT_NO_83NAME cef98d22b4ed FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option 0bbd7daba9e1 FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option 5883fc340084 aufs6: adapt to v6.6 i_op->ctime changes c4342d979bf2 aufs6: fix magic.mk include path 35266bc2dc81 aufs6: adapt to v6.6 8edede4e98be aufs6: core 712248233ebe aufs6: standalone 3b71a8a848d8 aufs6: mmap 3e2924871f37 aufs6: base 7f4907a93101 aufs6: kbuild d2f7b03e4aa7 yaffs2: update VFS ctime operations to 6.6+ bcd6cfcd1aa0 yaffs2: v6.5 fixups cc615704b5f5 yaffs2: Fix miscalculation of devname buffer length 8ef2e22dcf91 yaffs2: convert user_namespace to mnt_idmap c9c749f9f7d3 yaffs2: replace bdevname call with sprintf 395b01cdc39d yaffs2: convert read_page -> readfolio d98b07e43ba6 yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL 613c6d50fdbe yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name 622c4648936f yaffs2: v5.12+ build fixups (not runtime tested) 7562133d4090 yaffs: include blkdev.h dbd44252cd59 yaffs: fix misplaced variable declaration c223a10b1ac0 yaffs2: v5.6 build fixups 90f6007cfbf4 yaffs2: fix memory leak when /proc/yaffs is read 37ee169c5ea1 yaffs: add strict check when call yaffs_internal_read_super b6e007b8abb6 yaffs: repair yaffs_get_mtd_device fb98f65a466a yaffs: Fix build failure by handling inode i_version with proper atomic API 51e0aac75ea2 yaffs2: fix memory leak in mount/umount 2b74a0cae7b0 yaffs: Avoid setting any ACL releated xattr ff4130a9c376 Yaffs:check oob size before auto selecting Yaffs1 ba95b409c67c fs: yaffs2: replace CURRENT_TIME by other appropriate apis 8fa35eba9056 yaffs2: adjust to proper location of MS_RDONLY 1eb5deaad8c4 yaffs2: import git revision b4ce1bb (jan, 2020) 4dce67c1e8c8 initramfs: allow an optional wrapper script around initramfs generation 2f603d83fcc4 pnmtologo: use relocatable file name 664a6a0a484b tools: use basename to identify file in gen-mach-types 9de64bc0c185 lib/build_OID_registry: fix reproducibility issues ae9b80797295 vt/conmakehash: improve reproducibility a972323151bd iwlwifi: select MAC80211_LEDS conditionally 15d2adcc0198 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119) 5556a6c04b19 arm64/perf: Fix wrong cast that may cause wrong truncation 5552dc768ffc defconfigs: drop obselete options 00fe4152df31 arm64/perf: fix backtrace for AAPCS with FP enabled 3888d0652edf linux-yocto: Handle /bin/awk issues 3d55d299f23a uvesafb: provide option to specify timeout for task completion 23c068c080be uvesafb: print error message when task timeout occurs edbfc939266e compiler.h: Undef before redefining __attribute_const__ c99ae7e2a19a vmware: include jiffies.h 572d84d928c8 Resolve jiffies wrapping about arp fdcd47cac843 nfs: Allow default io size to be configured. 927d48801098 check console device file on fs when booting 57cc27f821dd mount_root: clarify error messages for when no rootfs found 1b53d82a8152 mconf: fix output of cflags and libraries 1811da09f42c menuconfig,mconf-cfg: Allow specification of ncurses location 83c2e0c6eb1f modpost: mask trivial warnings 6de673039484 kbuild: exclude meta directory from distclean processing 6decd32815f5 powerpc: serialize image targets f6b683b38318 arm: serialize build targets e798b09ebf57 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition dc8a1e5a88f8 x86_64_defconfig: Fix warnings 68491e5f72b6 powerpc/ptrace: Disable array-bounds warning with gcc8 d71ebfce3004 powerpc: Disable attribute-alias warnings from gcc8 62f50884b8b1 powerpc: kexec fix for powerpc64 da6871c62c37 powerpc: Add unwind information for SPE registers of E500 core f161c880c11d mips: make current_cpu_data preempt safe 5e94a8247ce7 mips: vdso: fix 'jalr $t9' crash in vdso code 19e36714b1c7 mips: Kconfig: add QEMUMIPS64 option e2e537db3cbd 4kc cache tlb hazard: tlbp cache coherency aee9870611e5 malta uhci quirks: make allowance for slow 4k(e)c 881948cd1517 drm/fb-helper: move zeroing code to drm_fb_helper_fill_var 98ec1963fcb7 arm64: defconfig: cleanup config options f1727c537ba8 vexpress: Pass LOADADDR to Makefile 4474c32dc24a arm: ARM EABI socketcall 75e31a2b70fd ARM: LPAE: Invalidate the TLB for module addresses during translation fault Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit b5d18e5da09b889578fb1f004e41869a81e10081) Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_6.6.bb | 6 ++-- .../linux/linux-yocto-tiny_6.6.bb | 6 ++-- meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +++++++++---------- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb index f8d47a9dba..50f4fe0eb6 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb @@ -14,13 +14,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "59b2635b04e2ef8162e52f82e848b81073cea708" -SRCREV_meta ?= "66bebb6789d02e775d4c93d7ca4bf79c2ead4b28" +SRCREV_machine ?= "e88fd5bf97b83b10f7e93c2af4100cd16d59db63" +SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "6.6.32" +LINUX_VERSION ?= "6.6.34" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb index 7378a37521..a330e14468 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb @@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc # CVE exclusions include recipes-kernel/linux/cve-exclusion_6.6.inc -LINUX_VERSION ?= "6.6.32" +LINUX_VERSION ?= "6.6.34" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_meta ?= "66bebb6789d02e775d4c93d7ca4bf79c2ead4b28" +SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0" PV = "${LINUX_VERSION}+git" diff --git a/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/meta/recipes-kernel/linux/linux-yocto_6.6.bb index b64ac78fd1..f67d73d2e6 100644 --- a/meta/recipes-kernel/linux/linux-yocto_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto_6.6.bb @@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base" KBRANCH:qemuloongarch64 ?= "v6.6/standard/base" KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "6e4ec0ec5052e3a107ec7e5977ea9282d3642ea7" -SRCREV_machine:qemuarm64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemuloongarch64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemumips ?= "cab976b23497344b74b7e4cbcb5df732f8630150" -SRCREV_machine:qemuppc ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemuriscv64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemuriscv32 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemux86 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemux86-64 ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_machine:qemumips64 ?= "aa0c0197b3a0628992e959708a2ad015603e93ad" -SRCREV_machine ?= "9576b5b9f8e3c78e6c315f475def18e5c29e475a" -SRCREV_meta ?= "66bebb6789d02e775d4c93d7ca4bf79c2ead4b28" +SRCREV_machine:qemuarm ?= "a12679d200785775317fb7b7fe9b145cd77187eb" +SRCREV_machine:qemuarm64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemuloongarch64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemumips ?= "f0ff71ea239e1395c9318d4edd2213a702aa8d19" +SRCREV_machine:qemuppc ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemuriscv64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemuriscv32 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemux86 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemux86-64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_machine:qemumips64 ?= "39f86019c95a6efb4aa3bf4d0185f05bb184d29b" +SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" +SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "91de249b6804473d49984030836381c3b9b3cfb0" +SRCREV_machine:class-devupstream ?= "76d42e596d895c53abf86daca4e5877fe0088145" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v6.6/base" @@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "6.6.32" +LINUX_VERSION ?= "6.6.34" PV = "${LINUX_VERSION}+git" From patchwork Thu Jul 4 12:27:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46008 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FA18C30653 for ; Thu, 4 Jul 2024 12:27:46 +0000 (UTC) Received: from mail-pg1-f178.google.com (mail-pg1-f178.google.com [209.85.215.178]) by mx.groups.io with SMTP id smtpd.web11.8894.1720096059680785934 for ; Thu, 04 Jul 2024 05:27:39 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=IjpM6Mcu; spf=softfail (domain: sakoman.com, ip: 209.85.215.178, mailfrom: steve@sakoman.com) Received: by mail-pg1-f178.google.com with SMTP id 41be03b00d2f7-6c5bcb8e8edso394230a12.2 for ; Thu, 04 Jul 2024 05:27:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096059; x=1720700859; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=7MBkXWhVJYKtp4L0gD9BGsvpn8tT56ncpZqZuqLSyWc=; b=IjpM6Mcu8Yr9V/pn1BfK0HmYQZIt/XSH0OcmS0wEO5TGMA7FCJNTORi63oV/yAX54v qin7SoXB5GAVfptKlcm3N2UQG3Uc5i1GgZ5zxt04R+C47Pk4PcuejJhyALf7XhD/zaEJ bqwobQIv8og1ce9dix4R8Rl+KvYod9MCoDw8/FwS9JRYAWHhAgKG+Kt4cKR+r+MErjvQ IFILDx8BSQlP7egY+bOCTTfRRmqpP5bWGO6Gv/lpziHI7+KcvLt5XBRXJ5lw4nTCLW4K RGYd9TWBjMZg4M5bLHLXg2AYYI58ZVnPsaRf+RIoZKmlGD8H2JV6VGkFjwhSgOhCyNH6 nU1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096059; x=1720700859; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7MBkXWhVJYKtp4L0gD9BGsvpn8tT56ncpZqZuqLSyWc=; b=wmk0A3+UHFA8SRYuBrKmL9u5nbosPzDyED+4Su1g6Qoz8gHISMdEE8TaQ0AjCaVA9+ uDEhentDo+pmAhbuQbfOVUMnaCc+B1lwaU5Ux/IhWsjaZX5GoVHAaJok6voxSxM/v3o3 LbWbPKPuPCIshjKOp2i+YcBhCwfkxKNJC/OVXdubaiDw/fyiMOYlTiVcviy3Ua/TJhJ2 ootyZP4LXQiMWasVoB3O13GIPEARDOPZP/rsiyl9KKf4gVWB2bGKEPjRFH1dGCQZ6vyi iP8BvjjIphlVe2p04/8Gef7u0hZT378hl+BNWAK8RhWpEV16oUU+QjsP4N1GuFH5HgKh PjrA== X-Gm-Message-State: AOJu0YwJNoH6kNSb4pzB2xm9FRY1hrSShfH3BgLZazKtYpvKHD99sbcN kSkxnLP9fr4sfiPtVDpZZ8lcUm3SJ9DSmpaOa42c952s8mcdCidHC//Dqgr19lOwjKtxnBFLEol O X-Google-Smtp-Source: AGHT+IHUv9VWTVDLAXjZItCpewQ+Bzp6Ay4GJ4FyoqS/YsRY0Iu8dyg1EnBhWaqMgz38rKPvYvAreA== X-Received: by 2002:a05:6a20:7286:b0:1be:c7f4:b42e with SMTP id adf61e73a8af0-1c0cc877561mr1737505637.20.1720096058464; Thu, 04 Jul 2024 05:27:38 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:38 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 09/21] linux-yocto/6.6: update to v6.6.35 Date: Thu, 4 Jul 2024 05:27:01 -0700 Message-Id: <9988063874c1105c8a762739c13c6db9b5e19bb0.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201551 From: Bruce Ashfield Updating linux-yocto/6.6 to the latest korg -stable release that comprises the following commits: 5f2d0708acd0 Linux 6.6.35 3466abafa9f4 zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING 2fd6cfb2a4e6 i2c: designware: Fix the functionality flags of the slave-only interface 572afd43c959 i2c: at91: Fix the functionality flags of the slave-only interface a4cd6074aed6 misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() 2cc32639ec34 usb-storage: alauda: Check whether the media is initialized 3a03ef31c1e9 serial: 8250_dw: Don't use struct dw8250_data outside of 8250_dw 836e1a9fd8eb serial: 8250_dw: Replace ACPI device check by a quirk 1d98b6a0b90c serial: 8250_dw: Switch to use uart_read_port_properties() f59e2391d3a9 serial: port: Introduce a common helper to read properties 68a53d1212ed serial: core: Add UPIO_UNKNOWN constant for unknown port type 1006d1b5eb01 device property: Implement device_is_big_endian() dd431c3ac1fc ima: Fix use-after-free on a dentry's dname.name 0b8fba38bdfb greybus: Fix use-after-free bug in gb_interface_release due to race condition. aefd8f343d90 selftests: net: lib: avoid error removing empty netns name 44bdef23572c selftests: net: lib: support errexit with busywait 1d650d2c9bcc selftests/net/lib: no need to record ns name if it already exist d722ed2530e1 selftests/net/lib: update busywait timeout value 8a73c08e00fe cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode 3beccb6a326d remoteproc: k3-r5: Jump to error handling labels in start/stop errors bb2f3187e310 selftests: forwarding: Avoid failures to source net/lib.sh 2a969959b94f selftests/net: add variable NS_LIST for lib.sh 04f7b9b4d7f8 selftests/net: add lib.sh dd782da47076 Revert "fork: defer linking file vma until vma is fully initialized" 72b5c7f3b358 serial: 8250_pxa: Configure tx_loadsz to match FIFO IRQ level 0d73477af964 mm/huge_memory: don't unpoison huge_zero_folio 93d61e1bac0a tick/nohz_full: Don't abuse smp_call_function_single() in tick_setup_device() 614d397be0cf nilfs2: fix potential kernel bug due to lack of writeback flag waiting f8474caf39bd swiotlb: extend buffer pre-padding to alloc_align_mask if necessary 6c385c1fa0a7 swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE 6033fc9522d2 swiotlb: Enforce page alignment in swiotlb_alloc() 9f2050106f37 xfs: allow cross-linking special files without project quota 8bb0402836d0 xfs: don't use current->journal_info 79ba47df4e98 xfs: allow sunit mount option to repair bad primary sb stripe values ae609281ecae xfs: ensure submit buffers on LSN boundaries in error handlers 04fa4269089b xfs: shrink failure needs to hold AGI buffer ea365e606231 xfs: fix SEEK_HOLE/DATA for regions with active COW extents 7f0e5af2690a xfs: fix scrub stats file permissions 20bccdb03a7b xfs: fix imprecise logic in xchk_btree_check_block_owner 092571ef9a81 btrfs: zoned: fix use-after-free due to race with dev replace 069e0cc343da btrfs: zoned: factor out DUP bg handling from btrfs_load_block_group_zone_info 68713bc70dab btrfs: zoned: factor out single bg handling from btrfs_load_block_group_zone_info a139ad664240 btrfs: zoned: factor out per-zone logic from btrfs_load_block_group_zone_info f9526760879a btrfs: zoned: introduce a zone_info struct in btrfs_load_block_group_zone_info a3be677629e4 pmdomain: ti-sci: Fix duplicate PD referrals 6fd062713d99 intel_th: pci: Add Lunar Lake support ebcef9116484 intel_th: pci: Add Meteor Lake-S support c8727ddde12c intel_th: pci: Add Sapphire Rapids SOC support 37eb9f7cc719 intel_th: pci: Add Granite Rapids SOC support 3b08df88b00d intel_th: pci: Add Granite Rapids support f287b1e34f1d drm/i915: Fix audio component initialization 7a9883be3b98 drm/i915/dpt: Make DPT object unshrinkable 1b4a8b89bf67 drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) 1d2f1123a05e drm/i915/gt: Disarm breadcrumbs if engines are already idle 42524cc5feef rtla/auto-analysis: Replace \t with spaces d32f12e15732 rtla/timerlat: Simplify "no value" printing on top 8661a7af0499 riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context 6ee0c842d4ad iio: invensense: fix interrupt timestamp alignment 955c824d543c iio: adc: axi-adc: make sure AXI clock is enabled 33187fa1a8bb remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs 2494bc856e7c remoteproc: k3-r5: Wait for core0 power-up before powering up core1 aa81c7b078e0 dmaengine: axi-dmac: fix possible race in remove() 4145835ec209 PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id 3c361f313d69 ocfs2: fix races between hole punching and AIO+DIO 7ec0e3b86f5a ocfs2: use coarse time for new created files 518fbd644dab fs/proc: fix softlockup in __read_vmcore ba04b459efd1 knfsd: LOOKUP can return an illegal error value 591d5b12f814 spmi: hisi-spmi-controller: Do not override device identifier e293c6b38ac9 vmci: prevent speculation leaks by sanitizing event in event_deliver() 2d11505e79c7 dma-buf: handle testing kthreads creation failure e946428439a0 sock_map: avoid race between sock_map_close and sk_psock_put 2c581ca0d68f null_blk: Print correct max open zones limit in null_init_zoned_dev() 5fc6b708ef20 kheaders: explicitly define file modes for archived headers fcb88dc66b72 tracing/selftests: Fix kprobe event name test for .isra. functions d63e501ac6da riscv: fix overlap of allocated page and PTR_ERR 7063f15d2ae2 perf auxtrace: Fix multiple use of --itrace option 809a2ed17179 perf/core: Fix missing wakeup when waiting for context reference 348008f0043c x86/amd_nb: Check for invalid SMN reads d91ddd050826 x86/kexec: Fix bug with call depth tracking 5c0fb9cb404a irqchip/gic-v3-its: Fix potential race condition in its_vlpi_prop_update() 6d0881a00d4c clkdev: Update clkdev id usage to allow for longer names dbf0787c2f45 mptcp: pm: update add_addr counters after connect 09469a081715 mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID f1f0a46f8bb8 mptcp: ensure snd_una is properly initialized on connect 35bcf16b4a28 drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found a269c5701244 drm/exynos/vidi: fix memory leak in .get_modes() fd880577c6d4 ACPI: x86: Force StorageD3Enable on more products 5bf196f1936b parisc: Try to fix random segmentation faults in package builds a42b0060d6ff drivers: core: synchronize really_probe() and dev_uevent() e57c84e156e7 iio: imu: inv_icm42600: delete unneeded update watermark call aaf6b327a386 iio: invensense: fix odr switching to same value 8e472061a32c iio: dac: ad5592r: fix temperature channel scaling value 24ff87bb9f0b iio: adc: ad9467: fix scan type sign d4f3861893f9 x86/boot: Don't add the EFI stub to targets, again db20d4e4872b ksmbd: fix missing use of get_write in in smb2_set_ea() 13b38f9262f5 ksmbd: move leading slash check to smb2_get_name() 86c9713602f7 misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() ca6660c95624 bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() 185c72f6b9eb af_unix: Read with MSG_PEEK loops if the first unread byte is OOB 183ebc167a8a ionic: fix use after netif_napi_del() 7caefa277172 net: bridge: mst: fix suspicious rcu usage in br_mst_set_state a6cc9e9a651b net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state 96d3265fc4f1 net/ipv6: Fix the RT cache flush via sysctl using a previous delay 9a3eb4816ab9 nvmet-passthru: propagate status from id override functions fe1e395563cc block: fix request.queuelist usage in flush 6b7155458ed2 block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() 35119b1139e7 net: stmmac: replace priv->speed with the portTransmitRate from the tc-cbs parameters d01f39f73bed gve: ignore nonrelevant GSO type bits when processing TSO headers b0c95cefd9b6 net: pse-pd: Use EOPNOTSUPP error code instead of ENOTSUPP 2ad10c2aadb7 scsi: ufs: core: Quiesce request queues before checking pending cmds 567cfc59e468 x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking 5396ce9a5e68 x86/asm: Use %c/%n instead of %P operand modifier in asm templates 2ba35b37f780 netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type b30669fdea0c netfilter: nft_inner: validate mandatory meta and payload 7ccca396e989 Bluetooth: fix connection setup in l2cap_connect 599a28fa9ecd Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ 110764a0713e net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets bb5c1b0fbd98 geneve: Fix incorrect inner network header offset when innerprotoinherit is set c72660999c17 net dsa: qca8k: fix usages of device_get_named_child_node() d61808ac9947 tcp: fix race in tcp_v6_syn_recv_sock() b5c8ffc8cfde drm/bridge/panel: Fix runtime warning on panel bridge release 9460961d8213 drm/komeda: check for error-valued pointer f100031fd6a5 net: stmmac: dwmac-qcom-ethqos: Configure host DMA width fd2b613bc4c5 liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet 47016dcb50e9 net: hns3: add cond_resched() to hns3 ring buffer init process 689de7c3bfc7 net: hns3: fix kernel crash problem in concurrent scenario ef01c26d6f7a net: sfp: Always call `sfp_sm_mod_remove()` on remove 6797259d9b92 modpost: do not warn about missing MODULE_DESCRIPTION() for vmlinux.o 6fdc1152afae af_unix: Annotate data-race of sk->sk_state in unix_accept(). b82c97a79b8e drm/vmwgfx: Don't memcmp equivalent pointers ce48b688a8d2 drm/vmwgfx: Remove STDU logic from generic mode_valid function 15a875ecfc2f drm/vmwgfx: 3D disabled should not effect STDU memory limits 3ca8e582e03e drm/vmwgfx: Filter modes which exceed graphics memory b0b05171de1f drm/vmwgfx: Refactor drm connector probing for display modes f677ca8cfefe HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() 1bbadf953fad io_uring/io-wq: avoid garbage value of 'match' in io_wq_enqueue() ab702c3483db io_uring/io-wq: Use set_bit() and test_bit() at worker->flags 7388ae6f26c0 iommu: Return right value in iommu_sva_bind_device() c344d7030717 iommu/amd: Fix sysfs leak in iommu init 30f76bc468b9 HID: core: remove unnecessary WARN_ON() in implement() 17a6806f606f gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type 12043e85bd71 gpio: tqmx86: store IRQ trigger type and unmask status separately 01aa7b7a3dd7 gpio: tqmx86: introduce shadow register for GPIO output value d69079010813 gpio: tqmx86: fix typo in Kconfig label b07a62f8c843 platform/x86: dell-smbios: Fix wrong token data in sysfs 2c82e21bbc05 drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation ca060e255794 nvme: fix nvme_pr_* status code parsing beb2dde5e1b9 selftests/tracing: Fix event filter test to retry up to 10 times b21cae468849 NFS: add barriers when testing for NFS_FSDATA_BLOCKED b1a6e884de15 SUNRPC: return proper error from gss_wrap_req_priv c30988e06b15 NFSv4.1 enforce rootpath check in fs_location query a9aa5a49c8ed clk: sifive: Do not register clkdevs for PRCI clocks dff9b2238969 selftests/ftrace: Fix to check required event file 3bf0b8030296 cachefiles: flush all requests after setting CACHEFILES_DEAD d2d3eb377a5d cachefiles: defer exposing anon_fd until after copy_to_user() succeeds 527db1cb4cd6 cachefiles: never get a new anonymous fd if ondemand_id is valid 1d95e5010ce8 cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() 3958679c4915 cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() a6de82765e12 cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() 9f5fa40f0924 cachefiles: add restore command to recover inflight ondemand read requests e564e48ca299 cachefiles: add spin_lock for cachefiles_ondemand_info f740fd943bb1 cachefiles: resend an open request if the read request's object is closed 33d21f0658cf cachefiles: extract ondemand info field from cachefiles_object 955190e1851a cachefiles: introduce object ondemand state 50d0e55356ba cachefiles: remove requests from xarray during flushing requests 19133f53f199 cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd d8316838aa06 cxl/region: Fix memregion leaks in devm_cxl_add_region() 09b4aa2815bf cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c b3f206985a33 HID: nvidia-shield: Add missing check for input_ff_create_memless af4cff0dd640 powerpc/uaccess: Fix build errors seen with GCC 13/14 2ce5341c3699 gve: Clear napi->skb before dev_kfree_skb_any() 323d2563bde0 scsi: sd: Use READ(16) when reading block zero on large capacity disks 9079338c5a0d scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory da097dccaece scsi: mpi3mr: Fix ATA NCQ priority support 3e9785d3e92b scsi: core: Disable CDL by default d5ceeb0b6a71 thunderbolt: debugfs: Fix margin debugfs node creation condition d4121290b427 xhci: Apply broken streams quirk to Etron EJ188 xHCI host 949be4ec5835 xhci: Handle TD clearing for multiple streams case 0a834fb6dbd8 xhci: Apply reset resume quirk to Etron EJ188 xHCI host 834c57876cc2 xhci: Set correct transferred length for cancelled bulk transfers 4598233d9748 jfs: xattr: fix buffer overflow for invalid xattr cc30d05b34f9 landlock: Fix d_parent walk 3380fa014a89 serial: port: Don't block system suspend even if bytes are left to xmit b895a1b981cf tty: n_tty: Fix buffer offsets when lookahead is used ce356d8d7e91 mei: me: release irq in mei_me_pci_resume error path ad47b23e4704 usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state 04c05d50fa79 usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps b641889cc1cf USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected 72a3fe36cf9f USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages 43cfac7b88ad io_uring: check for non-NULL file pointer in io_file_can_poll() 0c9df3df0c88 io_uring/rsrc: don't lock while !TASK_RUNNING d18b05eda7fa nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors 8394dce13573 nilfs2: return the mapped address from nilfs_get_page() 39a143a2b072 bpf: fix multi-uprobe PID filtering logic 7ec535ed8724 eventfs: Update all the eventfs_inodes from the events descriptor 1c88d94a7a33 irqchip/riscv-intc: Prevent memory leak when riscv_intc_init_common() fails 85ca483e729d irqchip/riscv-intc: Introduce Andes hart-level interrupt controller 482095341313 irqchip/riscv-intc: Allow large non-standard interrupt number 01c987b8282c selftests/mm: compaction_test: fix bogus test success on Aarch64 3f6ccd40afc4 selftests/mm: log a consistent test name for check_compaction d39532e9186a selftests/mm: conform test to TAP format output bb9bb13ce64c mm/memory-failure: fix handling of dissolved but not taken off from buddy pages fe01748ca6d6 memory-failure: use a folio in me_huge_page() 130b4b9478c3 firmware: qcom_scm: disable clocks if qcom_scm_bw_enable() fails 16ece7c5645a ksmbd: use rwsem instead of rwlock for lease break 6548d543a274 net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() 7e796c3fefa8 ipv6: fix possible race in __fib6_drop_pcpu_from() d8011254e9b1 af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill(). 60db0759c4f5 af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen(). 471ec7b77a8d af_unix: Use skb_queue_empty_lockless() in unix_release_sock(). f1683d07ebd1 af_unix: Use unix_recvq_full_lockless() in unix_stream_connect(). 29fce603b14b af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen. 996ec22ff576 af_unix: Annotate data-races around sk->sk_sndbuf. 4398f59518ce af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG. 0ede400c32ae af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb(). 776fcc45e3f4 af_unix: Annotate data-races around sk->sk_state in sendmsg() and recvmsg(). 3d25de6486f4 af_unix: Annotate data-race of sk->sk_state in unix_stream_connect(). 484e036e1a2c af_unix: Annotate data-races around sk->sk_state in unix_write_space() and poll(). 4e38d6c04943 af_unix: Annotate data-race of sk->sk_state in unix_inq_len(). 45733e981e8c af_unix: Annodate data-races around sk->sk_state for writers. 8003545ca10d af_unix: Set sk->sk_state under unix_state_lock() for truly disconencted peer. 040d93848703 net: wwan: iosm: Fix tainted pointer delete is case of region creation fail 649b63f5daf6 ice: add flag to distinguish reset from .ndo_bpf in XDP rings config eab834acb474 ice: remove af_xdp_zc_qps bitmap 3201ba7d1c8c ice: fix iteration of TLVs in Preserved Fields Area b21bb09f8be6 ptp: Fix error message on failed pin verification 724050ae4b76 net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP d857df86837a net/mlx5: Fix tainted pointer delete is case of flow rules creation fail 6ccada6ffb42 net/mlx5: Always stop health timer during driver removal e3001df36cd6 net/mlx5: Stop waiting for PCI if pci channel is offline 3dd41669b300 mptcp: count CLOSE-WAIT sockets for MPTCP_MIB_CURRESTAB acdf17546ef8 tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB 924f7bbfc5cf vxlan: Fix regression when dropping packets due to invalid src addresses 54c2c171c11a net: sched: sch_multiq: fix possible OOB write in multiq_tune() cba5467442b2 net: phy: Micrel KSZ8061: fix errata solution not taking effect problem b03255294e88 net/smc: avoid overwriting when adjusting sock bufsizes 2d7912f3ac65 octeontx2-af: Always allocate PF entries from low prioriy zone d387805d4b4a bpf: Set run context for rawtp test_run callback 50569d12945f net: tls: fix marking packets as decrypted f8dd092e8b47 ipv6: sr: block BH in seg6_output_core() and seg6_input_core() db21c1ee6b6d ipv6: ioam: block BH from ioam6_output() 9ee14af24e67 vmxnet3: disable rx data ring on dma allocation failure 834aa2c34b8f KVM: SEV-ES: Delegate LBR virtualization to the processor b6e4076ca94b KVM: SEV: Do not intercept accesses to MSR_IA32_XSS for SEV-ES guests 2128bae4ecab KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent 91cff53136da bpf: Fix a potential use-after-free in bpf_link_free() 2ad2f2edb944 bpf: Optimize the free of inner map 5aa03dd388d1 bpf: Store ref_ctr_offsets values in bpf_uprobe array 02a255723e6b net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume 645e643eeb9a net/ncsi: Fix the multi thread manner of NCSI driver d7dd9d1f02b2 net/ncsi: Simplify Kconfig/dts control flow 87cc2514162f ax25: Replace kfree() in ax25_dev_free() with ax25_dev_put() 52100fd74ad0 ax25: Fix refcount imbalance on inbound connections 909dc098a754 RISC-V: KVM: Fix incorrect reg_subtype labels in kvm_riscv_vcpu_set_reg_isa_ext function 5d8622f61ef1 RISC-V: KVM: No need to use mask when hart-index-bit is 0 b2b1043ac1f5 scsi: ufs: mcq: Fix error output and clean up ufshcd_mcq_abort() 2f467fefdfae wifi: mac80211: correctly parse Spatial Reuse Parameter Set element a05018739a5e wifi: iwlwifi: mvm: don't read past the mfuart notifcation 29a18d56bd64 wifi: iwlwifi: mvm: check n_ssids before accessing the ssids f7773fff6dda wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef bdfa7cf3281b wifi: iwlwifi: mvm: set properly mac header 1ef2671de723 wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 1fd3f32695af wifi: iwlwifi: mvm: don't initialize csa_work twice ff2b4dc81e67 wifi: cfg80211: pmsr: use correct nla_get_uX functions 0ccc63958d83 wifi: cfg80211: Lock wiphy in cfg80211_get_station 46b7eff59a32 wifi: cfg80211: fully move wiphy work to unbound workqueue 456bbb8a31e4 wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() 63d5f89bb566 wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects c31365597a17 powerpc/uaccess: Fix build errors seen with GCC 13/14 64ebf485c56b usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock 7c76aad68f6d kselftest: Add a ksft_perror() helper 06644f0d7193 drm/tilcdc: Set preferred depth ff7ae7b32324 crypto: jitter - add RCT/APT support for different OSRs 50cd24ddb6f0 arm64: defconfig: remove CONFIG_IPQ_APSS_5018 58e5c91d6701 x86/alternatives: Disable interrupts and sync when optimizing NOPs in place c878fd2d4c79 x86/alternatives: Sync core before enabling interrupts c2d64b9f52b6 qemux86: add configuration symbol to select values 630c33229e6d sched/isolation: really align nohz_full with rcu_nocbs 0e5e0f68e2e6 clear_warn_once: add a clear_warn_once= boot parameter 46934791b902 clear_warn_once: bind a timer to written reset value cdee9e38ff32 clear_warn_once: expand debugfs to include read support 82b562b81841 tools: Remove some options from CLANG_CROSS_FLAGS 36dc380b776b libbpf: Fix build warning on ref_ctr_off 9e3e1fe20982 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel. e497a4a5da65 perf: x86-32: explicitly include 7b57ddd89565 perf: mips64: Convert __u64 to unsigned long long 1cfc19423dc7 perf: fix bench numa compilation 98bc2815fade perf: add SLANG_INC for slang.h 17209a70b9b3 perf: add sgidefs.h to for mips builds 9cd4258d910a perf: change --root to --prefix for python install 8110a4f26628 perf: add 'libperl not found' warning bc89d5e08f77 perf: force include of 4f6c760cc876 fat: Replace prandom_u32() with get_random_u32() bc53117b12b2 fat: don't use obsolete random32 call in namei_vfat 30b2236ab378 FAT: Added FAT_NO_83NAME cef98d22b4ed FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option 0bbd7daba9e1 FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option 5883fc340084 aufs6: adapt to v6.6 i_op->ctime changes c4342d979bf2 aufs6: fix magic.mk include path 35266bc2dc81 aufs6: adapt to v6.6 8edede4e98be aufs6: core 712248233ebe aufs6: standalone 3b71a8a848d8 aufs6: mmap 3e2924871f37 aufs6: base 7f4907a93101 aufs6: kbuild d2f7b03e4aa7 yaffs2: update VFS ctime operations to 6.6+ bcd6cfcd1aa0 yaffs2: v6.5 fixups cc615704b5f5 yaffs2: Fix miscalculation of devname buffer length 8ef2e22dcf91 yaffs2: convert user_namespace to mnt_idmap c9c749f9f7d3 yaffs2: replace bdevname call with sprintf 395b01cdc39d yaffs2: convert read_page -> readfolio d98b07e43ba6 yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL 613c6d50fdbe yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name 622c4648936f yaffs2: v5.12+ build fixups (not runtime tested) 7562133d4090 yaffs: include blkdev.h dbd44252cd59 yaffs: fix misplaced variable declaration c223a10b1ac0 yaffs2: v5.6 build fixups 90f6007cfbf4 yaffs2: fix memory leak when /proc/yaffs is read 37ee169c5ea1 yaffs: add strict check when call yaffs_internal_read_super b6e007b8abb6 yaffs: repair yaffs_get_mtd_device fb98f65a466a yaffs: Fix build failure by handling inode i_version with proper atomic API 51e0aac75ea2 yaffs2: fix memory leak in mount/umount 2b74a0cae7b0 yaffs: Avoid setting any ACL releated xattr ff4130a9c376 Yaffs:check oob size before auto selecting Yaffs1 ba95b409c67c fs: yaffs2: replace CURRENT_TIME by other appropriate apis 8fa35eba9056 yaffs2: adjust to proper location of MS_RDONLY 1eb5deaad8c4 yaffs2: import git revision b4ce1bb (jan, 2020) 4dce67c1e8c8 initramfs: allow an optional wrapper script around initramfs generation 2f603d83fcc4 pnmtologo: use relocatable file name 664a6a0a484b tools: use basename to identify file in gen-mach-types 9de64bc0c185 lib/build_OID_registry: fix reproducibility issues ae9b80797295 vt/conmakehash: improve reproducibility a972323151bd iwlwifi: select MAC80211_LEDS conditionally 15d2adcc0198 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119) 5556a6c04b19 arm64/perf: Fix wrong cast that may cause wrong truncation 5552dc768ffc defconfigs: drop obselete options 00fe4152df31 arm64/perf: fix backtrace for AAPCS with FP enabled 3888d0652edf linux-yocto: Handle /bin/awk issues 3d55d299f23a uvesafb: provide option to specify timeout for task completion 23c068c080be uvesafb: print error message when task timeout occurs edbfc939266e compiler.h: Undef before redefining __attribute_const__ c99ae7e2a19a vmware: include jiffies.h 572d84d928c8 Resolve jiffies wrapping about arp fdcd47cac843 nfs: Allow default io size to be configured. 927d48801098 check console device file on fs when booting 57cc27f821dd mount_root: clarify error messages for when no rootfs found 1b53d82a8152 mconf: fix output of cflags and libraries 1811da09f42c menuconfig,mconf-cfg: Allow specification of ncurses location 83c2e0c6eb1f modpost: mask trivial warnings 6de673039484 kbuild: exclude meta directory from distclean processing 6decd32815f5 powerpc: serialize image targets f6b683b38318 arm: serialize build targets e798b09ebf57 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition dc8a1e5a88f8 x86_64_defconfig: Fix warnings 68491e5f72b6 powerpc/ptrace: Disable array-bounds warning with gcc8 d71ebfce3004 powerpc: Disable attribute-alias warnings from gcc8 62f50884b8b1 powerpc: kexec fix for powerpc64 da6871c62c37 powerpc: Add unwind information for SPE registers of E500 core f161c880c11d mips: make current_cpu_data preempt safe 5e94a8247ce7 mips: vdso: fix 'jalr $t9' crash in vdso code 19e36714b1c7 mips: Kconfig: add QEMUMIPS64 option e2e537db3cbd 4kc cache tlb hazard: tlbp cache coherency aee9870611e5 malta uhci quirks: make allowance for slow 4k(e)c 881948cd1517 drm/fb-helper: move zeroing code to drm_fb_helper_fill_var 98ec1963fcb7 arm64: defconfig: cleanup config options f1727c537ba8 vexpress: Pass LOADADDR to Makefile 4474c32dc24a arm: ARM EABI socketcall 75e31a2b70fd ARM: LPAE: Invalidate the TLB for module addresses during translation fault Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit c404775afcb500aa931ace1289df7a194f0778ba) Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_6.6.bb | 6 ++-- .../linux/linux-yocto-tiny_6.6.bb | 6 ++-- meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +++++++++---------- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb index 50f4fe0eb6..3900690c74 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb @@ -14,13 +14,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "e88fd5bf97b83b10f7e93c2af4100cd16d59db63" -SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0" +SRCREV_machine ?= "1d96726faac7f57c1bb3466edc283d929fc183b6" +SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "6.6.34" +LINUX_VERSION ?= "6.6.35" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb index a330e14468..0a9b96753c 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb @@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc # CVE exclusions include recipes-kernel/linux/cve-exclusion_6.6.inc -LINUX_VERSION ?= "6.6.34" +LINUX_VERSION ?= "6.6.35" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0" +SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce" PV = "${LINUX_VERSION}+git" diff --git a/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/meta/recipes-kernel/linux/linux-yocto_6.6.bb index f67d73d2e6..808561f45a 100644 --- a/meta/recipes-kernel/linux/linux-yocto_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto_6.6.bb @@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base" KBRANCH:qemuloongarch64 ?= "v6.6/standard/base" KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "a12679d200785775317fb7b7fe9b145cd77187eb" -SRCREV_machine:qemuarm64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemuloongarch64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemumips ?= "f0ff71ea239e1395c9318d4edd2213a702aa8d19" -SRCREV_machine:qemuppc ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemuriscv64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemuriscv32 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemux86 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemux86-64 ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_machine:qemumips64 ?= "39f86019c95a6efb4aa3bf4d0185f05bb184d29b" -SRCREV_machine ?= "64ebf485c56b5375d9196020b3ed92f857283ee0" -SRCREV_meta ?= "e48b725284bb2889c8c5da8d255ec277f44bf8a0" +SRCREV_machine:qemuarm ?= "7e5d1df22352c96c1d63d81d59457ff30e82e2d9" +SRCREV_machine:qemuarm64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemuloongarch64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemumips ?= "f26493dbcd22b4d89beed4eabdc52d124d59658a" +SRCREV_machine:qemuppc ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemuriscv64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemuriscv32 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemux86 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemux86-64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_machine:qemumips64 ?= "1ef0c6554b95984a5fc9e7cd3bb27ab617204149" +SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" +SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "76d42e596d895c53abf86daca4e5877fe0088145" +SRCREV_machine:class-devupstream ?= "5f2d0708acd0e1d2475d73c61819053de284bcc4" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v6.6/base" @@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "6.6.34" +LINUX_VERSION ?= "6.6.35" PV = "${LINUX_VERSION}+git" From patchwork Thu Jul 4 12:27:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46007 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 341F5C3271E for ; Thu, 4 Jul 2024 12:27:46 +0000 (UTC) Received: from mail-pg1-f169.google.com (mail-pg1-f169.google.com [209.85.215.169]) by mx.groups.io with SMTP id smtpd.web11.8895.1720096060666813852 for ; Thu, 04 Jul 2024 05:27:40 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=PMRLqFh5; spf=softfail (domain: sakoman.com, ip: 209.85.215.169, mailfrom: steve@sakoman.com) Received: by mail-pg1-f169.google.com with SMTP id 41be03b00d2f7-70b2421471aso327767a12.0 for ; Thu, 04 Jul 2024 05:27:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096060; x=1720700860; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=2xYr2xiZZxaUpNeaueC74sGuv0gpy70m8rgNI/U56AI=; b=PMRLqFh5DBeHvteyXKlakrpG84nwB1wEa7psfaLdnhgbYI0DT0cwvtFGQgRXX7R9Qa Rz9oKXVIV7EHDWiOExzM7SC3f2bsKfjhK45FaCOrFFZfStjzpQlDtIin97cLmqG2316a sKdTt4oxqzLJ4PzACNHh+AD8RTQdd25Wb8ufmJEnOndT+S625lpYehXaMij+gVbmWVgn nSgH6jhIJjHEhFg2qqDozyhN9Lcop/mK54L9AnyiXNsQ/K/5nYlMAU2mEdXvSqP+7Saq rvWAGOPq3QfIp3/WwgOvQJCr7chz09peLcKR6PFYyvSuZUxT9R2Lh7gRxR9RxDWw8CNS aAjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096060; x=1720700860; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2xYr2xiZZxaUpNeaueC74sGuv0gpy70m8rgNI/U56AI=; b=cEvJ5rW+deZsvi2l5NM+330fYEv/yQcwM0Ac2kTO8JYhTXHxd2Ebdu35u0Tqz1Mu95 +Shcze776dO3hKh/NGjduHZN0O5GhUQAOEW6E8gcg0YshMCncyggksn/wFPVbw09/V0+ S+EMGMHYCTr3HlBp/gLkXquQx8duq30yIcSILTQtQYh+IJpJO2JueqGzmWzkd5bf+tog nE0DGCFxe5b9QYmjWs+gBx8SKoFW9g8SdT2YFwnV193pWKttaglqrTXtng/Mi8tAeEcM BjV4h2tQOUTYsgPa9TJESflDNRHzscCVOCmKW6uqv6qbxe9/sN7zYKUMYt3sD0AGmomi xBjg== X-Gm-Message-State: AOJu0Yweu9lYiqxkl1TO77pOHhZBcVqcZNBu1Y/fM9vd2iE2CUhN5fh3 WXpXRGFFsVhhbGfZz1tiWiabG0gMh9bDRsXAulYeEbWlNPzVId36qs6jLisf1XK7ERK8DYxHTpD U X-Google-Smtp-Source: AGHT+IGl5cM5xq3jAR+5JvmfH8nCYIwpgf4eEjaOZ42oZ7O7Gprefr8NDujvWAGugEoRf7H0GPzSlg== X-Received: by 2002:a05:6a20:1594:b0:1bf:5ca2:a9b6 with SMTP id adf61e73a8af0-1c0cc8d4f84mr1328117637.50.1720096059815; Thu, 04 Jul 2024 05:27:39 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:39 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 10/21] linux-yocto/6.6: fix AMD boot trace Date: Thu, 4 Jul 2024 05:27:02 -0700 Message-Id: <1608b8a0303ed24fb5da7c168bb1bc2c81760697.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201552 From: Bruce Ashfield Integrating the following commit(s) to linux-yocto/6.6: 1/1 [ Author: Bruce Ashfield Email: bruce.ashfield@gmail.com Subject: cpu/amd: inhibit SMP check for qemux86 Date: Fri, 28 Jun 2024 12:55:18 -0400 When booting with kvm enabled on a AMD host, the following trace is thrown: [ 0.084519] ------------[ cut here ]------------ [ 0.084519] WARNING: This combination of AMD processors is not suitable for SMP. [ 0.084519] WARNING: CPU: 1 PID: 0 at /arch/x86/kernel/cpu/amd.c:341 init_amd+0xaee/0xbcc [ 0.084519] Modules linked in: [ 0.084519] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.32-yocto-standard #1 [ 0.084519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 This warning is not valid in our configuration and is unnecesarily causing issue with debug. This has been know for some time (10+ years), but no acceptable solutioon has been found upstream: https://lists.gnu.org/archive/html/qemu-devel/2010-03/msg01428.html https://lkml.org/lkml/2010/3/30/397 We have a configuration CONFIG_QEMUX86 that has been added for situations like this. When that value is defined, we inhibit the warning, but leave it as-is for other BSPs. Signed-off-by: Bruce Ashfield ] Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit f0c03000abb7665352cf107a600da15a112af5fa) Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_6.6.bb | 4 ++-- .../linux/linux-yocto-tiny_6.6.bb | 4 ++-- meta/recipes-kernel/linux/linux-yocto_6.6.bb | 24 +++++++++---------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb index 3900690c74..dc1413ca94 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb @@ -14,8 +14,8 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "1d96726faac7f57c1bb3466edc283d929fc183b6" -SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce" +SRCREV_machine ?= "4209a548f26ad97f610f6c7acfee7fabe009dd3d" +SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb index 0a9b96753c..f02a9c186a 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb @@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce" +SRCREV_machine ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8" PV = "${LINUX_VERSION}+git" diff --git a/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/meta/recipes-kernel/linux/linux-yocto_6.6.bb index 808561f45a..ca7c4e978a 100644 --- a/meta/recipes-kernel/linux/linux-yocto_6.6.bb +++ b/meta/recipes-kernel/linux/linux-yocto_6.6.bb @@ -18,18 +18,18 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base" KBRANCH:qemuloongarch64 ?= "v6.6/standard/base" KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "7e5d1df22352c96c1d63d81d59457ff30e82e2d9" -SRCREV_machine:qemuarm64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemuloongarch64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemumips ?= "f26493dbcd22b4d89beed4eabdc52d124d59658a" -SRCREV_machine:qemuppc ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemuriscv64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemuriscv32 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemux86 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemux86-64 ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_machine:qemumips64 ?= "1ef0c6554b95984a5fc9e7cd3bb27ab617204149" -SRCREV_machine ?= "4c1fbbd1c2b7c31e1755cfa83199cdfcb9707832" -SRCREV_meta ?= "fe550a76832d3c144e7af34ab78d5da0dcf092ce" +SRCREV_machine:qemuarm ?= "7558103b801174f277373aa9d7d7eedf3a30d5f8" +SRCREV_machine:qemuarm64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemuloongarch64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemumips ?= "cd21dc96adcb1d60ad6cc57446464abf4dd338fc" +SRCREV_machine:qemuppc ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemuriscv64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemuriscv32 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemux86 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemux86-64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemumips64 ?= "6700dad2e55f71fea268db201a394b371ffdd78c" +SRCREV_machine ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same From patchwork Thu Jul 4 12:27:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46010 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4606BC3DA40 for ; Thu, 4 Jul 2024 12:27:46 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web11.8896.1720096062344043481 for ; Thu, 04 Jul 2024 05:27:42 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=ZwbsYcmY; spf=softfail (domain: sakoman.com, ip: 209.85.214.178, mailfrom: steve@sakoman.com) Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1fb222a8eaeso4297455ad.3 for ; Thu, 04 Jul 2024 05:27:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096061; x=1720700861; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=neu8BO15xoMs1+SIEqXisIFm8p/2/lrQWHpiKtJKVh8=; b=ZwbsYcmY+6lU2IUjajbFLNZM+INgo6T5YjCHncgK/U3r/zbdY20PihY/+LPUc7oPO0 migeVhiti4suzxCZI8mz08hgMcCiehG8VsyvN8TCeMz1EFYD3cj2ZgxrJpsEQss3TlEx O8QZxNLw7EQbLATwEbsCt3WCSlSqiwLXFKaaULuFOAbDDHSX4W/wkxdr6Wz1L/EERGUx LojnK/fLtA23qRjv95n+ScLuz5KeTJ3EM1Vql7/RJvJEYsHRFYJ3f2iqylbAZSw1JteI nSXqSyjc3oM46GMThHoESQ9sIgM9ci4p4XumpGX/HyEoWqcdIINNUhwLbcQiQ7ra6WaL vQeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096061; x=1720700861; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=neu8BO15xoMs1+SIEqXisIFm8p/2/lrQWHpiKtJKVh8=; b=SIdOtE/8Pzuhp9YbdYBum/n+O9+/plAOzK1y9Mq3PIJ1hUnxRMsV/M3whskcdOju0/ xhrj0XqSMd+sNYMd3MJOn9IoRHZ3GCqmESaAIaE2kfIL53z7ugEVhjyN1QsZGYFmJmRk l9/eTtPpbuXY3dvz/BbfztKBD+QgxaNcx5WCMC+ux34OSwfEjzpDISCyb1qs4nzh40OH HmkMmhujn3xlUyjEHtVgVVru9U0o73YWcFoDWuYV0Ht87T+QOJzms8aG1GCxr4EkK8SM Ye65PcySqF9hToCSnk1FhbKH4dvTYkCVZjqfDwXMQz3oyf+qjukLCKIqAyRrUFSG+Tef sXeg== X-Gm-Message-State: AOJu0Ywl+g756I8gyl1Fyi6W4hFdGnyhnLBzYTS51RV5+dN3OveLR5Be mC4bI19dA2Qi1fs6Sp5oI0/jfuZ8Ze5MGixOXw+vfwyzjR+G0vSDlCU4K10D6ETVufJwTzRF0Wt r X-Google-Smtp-Source: AGHT+IF/K/IlMvoRFxVZUWbui7Pr05+kGKQII0gMFVT17dc0xaGcBJAPnbTCdlz2BhX66fvl4I0w1g== X-Received: by 2002:a17:902:f645:b0:1fb:1cc3:646d with SMTP id d9443c01a7336-1fb33e57fb8mr11853075ad.29.1720096061532; Thu, 04 Jul 2024 05:27:41 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:41 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 11/21] python3-requests: cleanup RDEPENDS Date: Thu, 4 Jul 2024 05:27:03 -0700 Message-Id: <3d9072c346bf7bdeecd6197df8b14e39399bdabd.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201553 From: Guðni Már Gilbert Drop the following dependencies from RDEPENDS: - python3-ndg-httpsclient - python3-pyasn1 - python3-pyopenssl Add a missing dependency into RDEPENDS: - python3-certifi Additional fix HOMEPAGE, the old link doesn't work Signed-off-by: Guðni Már Gilbert Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3-requests_2.31.0.bb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/meta/recipes-devtools/python/python3-requests_2.31.0.bb b/meta/recipes-devtools/python/python3-requests_2.31.0.bb index df48cd54c3..287b4f8eee 100644 --- a/meta/recipes-devtools/python/python3-requests_2.31.0.bb +++ b/meta/recipes-devtools/python/python3-requests_2.31.0.bb @@ -1,5 +1,5 @@ SUMMARY = "Python HTTP for Humans." -HOMEPAGE = "http://python-requests.org" +HOMEPAGE = "https://requests.readthedocs.io" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658" @@ -8,12 +8,10 @@ SRC_URI[sha256sum] = "942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd inherit pypi setuptools3 RDEPENDS:${PN} += " \ + python3-certifi \ python3-email \ python3-json \ - python3-ndg-httpsclient \ python3-netserver \ - python3-pyasn1 \ - python3-pyopenssl \ python3-pysocks \ python3-urllib3 \ python3-chardet \ From patchwork Thu Jul 4 12:27:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46009 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34229C38150 for ; Thu, 4 Jul 2024 12:27:46 +0000 (UTC) Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web11.8897.1720096063823148255 for ; Thu, 04 Jul 2024 05:27:43 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=BJm16uM8; spf=softfail (domain: sakoman.com, ip: 209.85.214.173, mailfrom: steve@sakoman.com) Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-1f9fb3ca81bso3452105ad.3 for ; Thu, 04 Jul 2024 05:27:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096063; x=1720700863; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GzQtVmdFKmD7PsTnhZ+6IrDMGahG11B5B7Ir+zi9B2Y=; b=BJm16uM8qF32Q4PFh6ho+TWv6TcwmMVaYhuGK7CRhNnY1trzcoR3EmVuu03hT6OEvC ImTapy5llyV3d9HzfmQpz/SaQo5gGbTHep2ZrfzTEU0yazR/aDUi/vFo60ivUTEeOWce fsvDqzrzTKLYk5OybRp7PdGM8gTKZCamnrZPFsHtDEs6yaNhowx6dqZpUThv/Rr42uVo pYenVPOHd31vdL9C5JK0UlxtohduLk5yPQkuS0qxDSgFoFL34CMNptmPKUhA0QP81giH h26yUURx4kKMXqUAKqeEZsgOFPhUtkHm6ubo+Hf1jx8tkFQKeJXmnb43bex3aBbhqYRn 9hQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096063; x=1720700863; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GzQtVmdFKmD7PsTnhZ+6IrDMGahG11B5B7Ir+zi9B2Y=; b=xIP3TDSJOdVuM+zFEzsUrXsvX7uyujuo6kU3VGxVj3TybtpHnCr7FAWnQ8QhLX1cL0 8BBCGqVNgfT0TkBGdWJhRSe9Ude+Bt4vjIPZmSQe+neAuJ5dHfrpn5+K0ra4OC1LYooZ HkcUh9Fh4Tz5GR5fiteX+TR6CyCnN8+r8gts70G2UFSAqNiv9D5Gjh6fCa8NZ4CnyNej Jf9mHOluVWCiY2y41mM6woCNbxAcPsTj/pFzDFS2jFYILNvSg7ZtVu9SYjKe6WALX6aS R+p82gFXh3PaASCZUkxIKdqY2uTwSxFGExUzF6YS6P2+OcM8yf0ZNZ35+E5PnXLVEpZn fIdg== X-Gm-Message-State: AOJu0Ywreya7UFCst/r5JeHPkzQ23g+qEibwCSYGxKCcIO108G5/tg6j 0XFMfw1G00rCQSWt8/31FG78sl4X9dBtJrrwTnsFTgi7uTUaDcd56Ps7H3pQ/FYiXbegtSwkNrX 8 X-Google-Smtp-Source: AGHT+IE2nNdWlylWBl7CuD8N5uhAVB8cGwcMShPLScqwzah1GOdfMMsoiUi3LejJ2ExkknpMlolAyA== X-Received: by 2002:a17:902:c403:b0:1f8:67e4:397f with SMTP id d9443c01a7336-1fb33df6110mr11912355ad.7.1720096063091; Thu, 04 Jul 2024 05:27:43 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:42 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 12/21] python3-setuptools: drop python3-2to3 from RDEPENDS Date: Thu, 4 Jul 2024 05:27:04 -0700 Message-Id: <0d5cd1d867a826cf83fcaee3e8390b9defec47d1.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201554 From: Guðni Már Gilbert 2to3 module was dropped as a dependency in setuptools 58.0 Signed-off-by: Guðni Már Gilbert Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3-setuptools_69.1.1.bb | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb b/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb index 77d4e0aa03..67475b68eb 100644 --- a/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb +++ b/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb @@ -16,7 +16,6 @@ SRC_URI[sha256sum] = "5c0806c7d9af348e6dd3777b4f4dbb42c7ad85b190104837488eab9a7c DEPENDS += "python3" RDEPENDS:${PN} = "\ - python3-2to3 \ python3-compile \ python3-compression \ python3-ctypes \ From patchwork Thu Jul 4 12:27:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46011 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5326FC3DA41 for ; Thu, 4 Jul 2024 12:27:46 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web10.8994.1720096065617027028 for ; Thu, 04 Jul 2024 05:27:45 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=pImTwRPx; spf=softfail (domain: sakoman.com, ip: 209.85.214.178, mailfrom: steve@sakoman.com) Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1fb3cf78ff3so2383785ad.0 for ; Thu, 04 Jul 2024 05:27:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096065; x=1720700865; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Qh77zKlPs7QNrgkFjvxPkFNe3Zv1DLNyCfsGXxmHYmk=; b=pImTwRPxniNkVBN6eIChzZ+/YHG4bSxvKwM5E3zghq2eHU5CJHWj3rOvqkTo/b0vcx rZaq4Or673PFfbpC2trgd/nhMRxyoxoWUpovy1ArnkJM4q9u27yqUthsZOwXnsC55Sie wtCImLKuIJDp0OdPVuiHc/A6pF33upx/FWW9fxs9VAcGijT0AcQOVW1lbIFGIbqovv++ PQyegbL+IEeUyBFdA7yOQNlClc/ZbBKWnxMj3Uxjbcn6vWOkAbvSSTfsJ6YppLuMH23M W1L50v0wVSIhqYZRTtlj/Cu9DhTvpgBX7T+xbffdRHIu3mEfFy6MGVBAHKqI0F4mumLT zPeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096065; x=1720700865; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Qh77zKlPs7QNrgkFjvxPkFNe3Zv1DLNyCfsGXxmHYmk=; b=keTq5eJUUZi/Xbcz8prjOakFryLA0OWCKLtstTKjWB171gDmkwBC1+h/Lt1aafZET4 jRFbQY/szXGrpABk7TbkulDb82m+ZqZQH7PYcHh/AafsRTm998pVCQBvTk1D2j97lc3h hMpf+bpnJNR2wedihI/un/E3ol7tJ/7GsoWHozGexm8iRSrOLdbgQlM39Ba/aykZvVoQ 6k/9XY1qdPhnejVbwEMWB/WhZPPKXBLdYA4jw4ux/wEO+ltxI8EUo7JQcFBJXsznFK5J ++zArQIwGVO4WOvR5Fnp9shczohrLOm8kxiv/Zwu6RVxk09kBaenVhVSFkoSmNueAeeR 5oqA== X-Gm-Message-State: AOJu0YxGhnSz1ewwDTEK0/BS6FgGPld+rfv5iHJ9gc+8/PZr52E4LGiR GkENeNohaRvNYKh8e2KiZhNSzZ4DCYJuQdckMrOI1Z56tnsstxmx/g4WHndCyMCRqodKaFVb0qk K X-Google-Smtp-Source: AGHT+IFQ9Tj/pYEjTbhTSKB2rgPYWDZM/R40Fc9PtnELpUidjYT++PR4eBE+KCDg5XUXPl3aUTRV2g== X-Received: by 2002:a17:902:6508:b0:1fb:3b61:45a4 with SMTP id d9443c01a7336-1fb3b614b34mr5152115ad.62.1720096064854; Thu, 04 Jul 2024 05:27:44 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:44 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 13/21] libpam: fix runtime error in pam_pwhistory moudle Date: Thu, 4 Jul 2024 05:27:05 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201555 From: Yi Zhao Backport a patch to fix runtime error in pam_pwhistory module when selinux is enabled: root@qemux86-64:~# passwd passwd: System error passwd: password unchanged Signed-off-by: Yi Zhao Signed-off-by: Steve Sakoman --- ...x-passing-NULL-filename-argument-to-.patch | 69 +++++++++++++++++++ meta/recipes-extended/pam/libpam_1.5.3.bb | 1 + 2 files changed, 70 insertions(+) create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch diff --git a/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch b/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch new file mode 100644 index 0000000000..23d5646235 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch @@ -0,0 +1,69 @@ +From 80dc2d410595b5193d32f965185710df27f3984e Mon Sep 17 00:00:00 2001 +From: Md Zain Hasib +Date: Sat, 29 Jul 2023 11:01:35 +0530 +Subject: [PATCH] pam_pwhistory: fix passing NULL filename argument to + pwhistory helper + +This change fixes a bug when pwhistory_helper is invoked from +pam_pwhistory with an NULL filename, pwhistory_helper receives a short +circuited argc count of 3, ignoring the rest of the arguments passed +due to filename being NULL. To resolve the issue, an empty string is +passed in case the filename is empty, which is later changed back to +NULL in pwhistory_helper so that it can be passed to opasswd to read +the default opasswd file. + +* modules/pam_pwhistory/pam_pwhistory.c (run_save_helper, +run_check_helper): Replace NULL filename argument with an empty string. +* modules/pam_pwhistory/pwhistory_helper.c (main): Replace empty string +filename argument with NULL. + +Fixes: 11c35109a67f ("pam_pwhistory: Enable alternate location for password history file (#396)") +Signed-off-by: Dmitry V. Levin + +Upstream-Status: Backport +[https://github.com/linux-pam/linux-pam/commit/80dc2d410595b5193d32f965185710df27f3984e] + +Signed-off-by: Yi Zhao +--- + modules/pam_pwhistory/pam_pwhistory.c | 4 ++-- + modules/pam_pwhistory/pwhistory_helper.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c +index 5a7fb811..98ddffce 100644 +--- a/modules/pam_pwhistory/pam_pwhistory.c ++++ b/modules/pam_pwhistory/pam_pwhistory.c +@@ -141,7 +141,7 @@ run_save_helper(pam_handle_t *pamh, const char *user, + args[0] = (char *)PWHISTORY_HELPER; + args[1] = (char *)"save"; + args[2] = (char *)user; +- args[3] = (char *)filename; ++ args[3] = (char *)((filename != NULL) ? filename : ""); + DIAG_POP_IGNORE_CAST_QUAL; + if (asprintf(&args[4], "%d", howmany) < 0 || + asprintf(&args[5], "%d", debug) < 0) +@@ -228,7 +228,7 @@ run_check_helper(pam_handle_t *pamh, const char *user, + args[0] = (char *)PWHISTORY_HELPER; + args[1] = (char *)"check"; + args[2] = (char *)user; +- args[3] = (char *)filename; ++ args[3] = (char *)((filename != NULL) ? filename : ""); + DIAG_POP_IGNORE_CAST_QUAL; + if (asprintf(&args[4], "%d", debug) < 0) + { +diff --git a/modules/pam_pwhistory/pwhistory_helper.c b/modules/pam_pwhistory/pwhistory_helper.c +index 469d95fa..fb9a1e31 100644 +--- a/modules/pam_pwhistory/pwhistory_helper.c ++++ b/modules/pam_pwhistory/pwhistory_helper.c +@@ -108,7 +108,7 @@ main(int argc, char *argv[]) + + option = argv[1]; + user = argv[2]; +- filename = argv[3]; ++ filename = (argv[3][0] != '\0') ? argv[3] : NULL; + + if (strcmp(option, "check") == 0 && argc == 5) + return check_history(user, filename, argv[4]); +-- +2.25.1 + diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb index 2a53bb4cc5..ef32d19f3d 100644 --- a/meta/recipes-extended/pam/libpam_1.5.3.bb +++ b/meta/recipes-extended/pam/libpam_1.5.3.bb @@ -25,6 +25,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \ file://run-ptest \ file://pam-volatiles.conf \ file://0001-pam_namespace-include-stdint-h.patch \ + file://0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch \ " SRC_URI[sha256sum] = "7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283" From patchwork Thu Jul 4 12:27:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46015 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 59986C41513 for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web10.8997.1720096070903153949 for ; Thu, 04 Jul 2024 05:27:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=1FnwMopm; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-706b53ee183so1195492b3a.1 for ; Thu, 04 Jul 2024 05:27:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096070; x=1720700870; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NHFO1sktGPQUKMZUjbtN0e9fkIYG7eZpFW9+mxQfOuE=; b=1FnwMopmJByO0Bw7RTb7Zp9rf+me6m9t+1ZVWNmmsdnNw1GvEmuEvtca6P4z9GCp8N c0LoO1G0yXDRodFA2oHZ9MdjABa6xC++6h6Wwoyf0/yPet+0RDNN754/U6iXuom3PO3A widtr5fGCcnFl20PmiRwMVe8FOmhqG4GHjIgP0sYRRr8SJ3xnufLKzokx7kY4GBj4H74 uxNhuD+7U6kZxtZ0GJAqSkukQE4TuztU8Zf8NQQ/0V/cg2x++aaLaXJPZmTgEC6BL1EO vz9It/+/CusV8v/lPveEeWJCeGYBRjee58Gqt3ocNTe797WoN8bViTJkHFC4cMWvTdgE 7sDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096070; x=1720700870; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NHFO1sktGPQUKMZUjbtN0e9fkIYG7eZpFW9+mxQfOuE=; b=ksa/MIT24iAtrntbWIbqvKNEo+Dw+JIqFCos24zCGeL6OGTRv3ABNqngaAIKFFb3uE 4Jt1azc3MBKX9sjqa8CW0rmrems+uzGQJ743+edkzp5V8jhq0v9K8/s56IEerw3SeMQi ahhdydVp/GP82Ld4bnD9k9HFCixuzVDNNTze+ijz9cMDcl4ayTW5lmpIh/inuFa826Fc MO9ddoSCYEM4FTpS2TESNi1zgoUMqt2ipcy3Elf2JVn1iuK9GFrMg+QLm2ATcCYFqFAb aaBYxJB4klObV1UogJbBT8V364fF7yRxEiKIYtYI/dKDkSJK4KQhRINszKFzWuRuEbQ5 4W2A== X-Gm-Message-State: AOJu0YzYh/Dj3gAvmIoeqDtAZDId4JfWIWKORN6aDAQm0T0ZUXgNpVAo ZGLuhAVFEmwaOZHyeUacDk9Mko3ULGhRrT43AXIFQnd/UFtAicGSMbqBMI+bbO00R6oywt9557K 7 X-Google-Smtp-Source: AGHT+IHrhQ4oHp46RufnyP+zvvRXutqkRS8cTlrqU7ymcj5T6pSM9vgb+smBRyyK1D8XWlomD4vhEw== X-Received: by 2002:a17:902:da87:b0:1f9:f6a7:9330 with SMTP id d9443c01a7336-1fb3702ed58mr20153905ad.9.1720096066561; Thu, 04 Jul 2024 05:27:46 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:46 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 14/21] rng-tools: ignore incompatible-pointer-types errors for now Date: Thu, 4 Jul 2024 05:27:06 -0700 Message-Id: <656b76a59f06e432d5dc6c9e8b76cdcda0113eb2.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201558 From: Martin Jansa * causes libargp test to fail: http://errors.yoctoproject.org/Errors/Details/766951/ | configure: error: in '/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build': | configure: error: libargp disabled and libc does not have argp config.log shows: configure:8424: x86_64-webos-linux-gcc -m64 -march=nehalem -mtune=generic -mfpmath=sse -msse4.2 --sysroot=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16 -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16 -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16 -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16 -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot= -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot= -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot-native= -DJENT_CONF_ENABLE_INTERNAL_TIMER -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16 -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/git=/usr/src/debug/rng-tools/6.16 -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16 -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/build=/usr/src/debug/rng-tools/6.16 -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot= -fmacro-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot= -fdebug-prefix-map=/OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot-native= conftest.c -ljitterentropy >&5 conftest.c: In function 'main': conftest.c:51:52: error: passing argument 3 of 'argp_parse' from incompatible pointer type [-Wincompatible-pointer-types] 51 | int argc=1; char *argv={"test"}; argp_parse(0,argc,argv,0,0,0); return 0; | ^~~~ | | | char * In file included from conftest.c:47: /OE/build/luneos-styhead/tmp-glibc/work/qemux86_64-webos-linux/rng-tools/6.16/recipe-sysroot/usr/include/argp.h:371:58: note: expected 'char ** restrict' but argument is of type 'char *' 371 | int __argc, char **__restrict __argv, | ~~~~~~~~~~~~~~~~~~^~~~~~ Signed-off-by: Martin Jansa Signed-off-by: Khem Raj Signed-off-by: Richard Purdie (cherry picked from commit 78d9cad294f335f6e5b18b0ca790a9e5723f0c41) Signed-off-by: Steve Sakoman --- meta/recipes-support/rng-tools/rng-tools_6.16.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-support/rng-tools/rng-tools_6.16.bb b/meta/recipes-support/rng-tools/rng-tools_6.16.bb index f0aa3ff93f..5b66e3badf 100644 --- a/meta/recipes-support/rng-tools/rng-tools_6.16.bb +++ b/meta/recipes-support/rng-tools/rng-tools_6.16.bb @@ -67,3 +67,7 @@ do_install:append() { ${D}${systemd_system_unitdir}/rng-tools.service fi } + +# libargp detection fails +# http://errors.yoctoproject.org/Errors/Details/766951/ +CFLAGS += "-Wno-error=incompatible-pointer-types" From patchwork Thu Jul 4 12:27:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46016 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 49FD8C3271E for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web10.8996.1720096068824205763 for ; Thu, 04 Jul 2024 05:27:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=SgepVgbW; spf=softfail (domain: sakoman.com, ip: 209.85.214.175, mailfrom: steve@sakoman.com) Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-1faad2f1967so12878325ad.0 for ; Thu, 04 Jul 2024 05:27:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096068; x=1720700868; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ctQd/PIORonbDusPeylzxe3ZeUXgwRLY+yX8Org3T6M=; b=SgepVgbWSQwRwuSReU65W6pLAqTLhdNkPvuKeX3iVtblrY5rFh4A9/lkTYgJqP+cjL LvcgPXZhY5yPsvIyK8qFjEyuioy9+8AmXOjgdWL/DxuxJanO5kVPmH9r5kNnN8BVo599 7UjXG6LfTGFAFCqKzXOx158LDcI1HZmdiae4Rdi8R4gx6jVnwxvDsizkpIlRWdB2VTA8 xuSuvTQjN6sA3cRqcjthlSPMvjetptOyzTtFfr5lw1a3o79eGZ0hg9S3z5x+rGvwRlZu xWI1gBAHGbSktbzcdf57UYaYuU09vrRvCyNIrXdU4udcL9eOZ0pGxqQ1bbbxrXTkh/Tc TFmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096068; x=1720700868; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ctQd/PIORonbDusPeylzxe3ZeUXgwRLY+yX8Org3T6M=; b=UED5z6LPWT5lZAZOAoKfB4Kb+y8njizxRsAw2B320unB1PO+ha4bpSetcmUB7YJ8dd k1bcWbtf8/uZpsNKY5s9UwHd/edYZ7iM/4VDgpKh/n9W72asVvBpi7KgaaxLu5Kqo7H+ 6SixHCzvAW6BsvgfXK+5JJoA114BTcpIv/9yPqpliGNkeoi6r+t686h10SHZ5thfH3uF cbbM5J+Y567oEDd7wG3MTtU1VZqUNdbGd9g/BoWnWJgEKm82XG/vSWQsp1cBGStLAB6O CVmIoCtmaUMXW+bKvfXgQSLp4sVLgKfk5F4Y3FSbVT/WKUhogp4HBNa0E0BBjw3INoVM E3mw== X-Gm-Message-State: AOJu0YyDtijqdVo+rx25hd+Zt4xVfH6YiMrrorbANbxarvh2eKyyDgy1 ylyb5nLz+lADFuXV4uefhqg0awHnxcn173MU3XoVUhsdFIah5ZjwI1y/gGz7PjEOQ7yX40mI9Lf 5 X-Google-Smtp-Source: AGHT+IGGg+Jnk/GvwJ2iRhPlKJw4uBuOh7zIhmlaDi27jsz4kkej9PkfmZAsHH58LiHmlVBZopFv8Q== X-Received: by 2002:a17:902:d2c1:b0:1fa:3a30:dc8b with SMTP id d9443c01a7336-1fb370162f3mr20546095ad.3.1720096068129; Thu, 04 Jul 2024 05:27:48 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:47 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 15/21] pcmanfm: Disable incompatible-pointer-types warning as error Date: Thu, 4 Jul 2024 05:27:07 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201556 From: Khem Raj Signed-off-by: Khem Raj Signed-off-by: Richard Purdie (cherry picked from commit af1290104b58693df69457454ac2a0d35a7e8c60) Signed-off-by: Steve Sakoman --- meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb b/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb index 0c5ed5e55e..fc913c86b3 100644 --- a/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb +++ b/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb @@ -27,6 +27,8 @@ inherit autotools pkgconfig features_check mime-xdg REQUIRED_DISTRO_FEATURES = "x11" EXTRA_OECONF = "--with-gtk=3" +# GCC 14 finds extra incompatible pointer type warnings which are treated as errors +CFLAGS += "-Wno-error=incompatible-pointer-types" do_install:append () { install -d ${D}/${datadir} From patchwork Thu Jul 4 12:27:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46013 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50A25C31D97 for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web11.8901.1720096070451327567 for ; Thu, 04 Jul 2024 05:27:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=G7xRBkim; spf=softfail (domain: sakoman.com, ip: 209.85.214.173, mailfrom: steve@sakoman.com) Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-1f64ecb1766so3481685ad.1 for ; Thu, 04 Jul 2024 05:27:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096070; x=1720700870; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=pajZPpOV0HchbD7CAVuoOKjnmZlBjNAcPHbBzTY32Pw=; b=G7xRBkim4CVTaO1pZOiu2Uq7zlOI6+i1o3+spq7BvJnWM6L3barWG84WbiZF/ZfT2B z+hVepISG/pKVPquyOFqA2uM+5dV+n7y/LyGLG8+MCGLtXMU8Hy7xTBYJKRlGYgDWBwc sKyR9b/6mEQ+qIReldaMbe+esZ6r5Pb20r+e2kl1A7UIJg3+2G5ACNzgSgAeZ0Zi9XMN ECkBXJaxjW2PRyV1zp5KOZ10UmySvmtAK3A9FxzFVblIil66LAVCpkNCOPR1ayx8ox9Q Z+r3ZggGTXHU911LhhDnY37f1ar7UT0ZCO3qpNOs0XUR4LWXqHC0TPbSgUZ3S5fOa5kh fzjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096070; x=1720700870; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pajZPpOV0HchbD7CAVuoOKjnmZlBjNAcPHbBzTY32Pw=; b=OugdMVSmBW75cB7r0CECVMSrsP6gTdiSqBtjwwlB9YQEwvN+YD60xlixzW8DXkDBzO S5Me6l9veOmRgZkWT5vAb0JqapM7/9b90ZAscUTuOxx4zDX8cECKtNeW9ZPvStSqm2iL JrVzPbHOBw5zGginqs10+W7pUUHxAqjpiJIcSNaRipRFaq1DSv8ECjijT2FBGLIBj25P yOY/JE3b+D1ZRxO8bfV+qLUdIatxdEqmRrehqvzH/743GMMNWr8+044gQviw6U7f003L dj1xcz2aUHAkZz8gubxmTKD5VZdDjYeBj8ShhNPjpysRH3F0R27K9wwLs8xrxvtGYQAy 8K/g== X-Gm-Message-State: AOJu0Ywb0Z9HqUbvAtWrIZc14xNlODghNLtoT0+QK+sLIe6a4ohYcNWC CWI0q+xX25LYrl2djKa5hE1FBI53It6k64V2zd79egnFJLOvMNG5nzulINbykunxq+V2NZxCHA/ S X-Google-Smtp-Source: AGHT+IHaNH8dCKoF+hCBU+u6nnGxqrl73GZEvFZvr8Mg0ibMXpZzyTfYLPI2Rb6zVGDk3JBsXnREFA== X-Received: by 2002:a17:902:7c88:b0:1fb:1bb5:4062 with SMTP id d9443c01a7336-1fb33e7f02amr9262365ad.33.1720096069740; Thu, 04 Jul 2024 05:27:49 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:49 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 16/21] devtool: ide-sdk: correct help typo Date: Thu, 4 Jul 2024 05:27:08 -0700 Message-Id: <149f79c877f476eabafc667629f89af335fcae34.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201557 From: Antonin Godard Signed-off-by: Antonin Godard Signed-off-by: Richard Purdie (cherry picked from commit 50e043387a2f0f9a5c2f7a5f914c465c830d329b) Signed-off-by: Steve Sakoman --- scripts/lib/devtool/ide_sdk.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lib/devtool/ide_sdk.py b/scripts/lib/devtool/ide_sdk.py index 7807b322b3..65873b088d 100755 --- a/scripts/lib/devtool/ide_sdk.py +++ b/scripts/lib/devtool/ide_sdk.py @@ -1052,7 +1052,7 @@ def register_commands(subparsers, context): parser_ide_sdk.add_argument( '-I', '--key', help='Specify ssh private key for connection to the target') parser_ide_sdk.add_argument( - '--skip-bitbake', help='Generate IDE configuration but skip calling bibtake to update the SDK.', action='store_true') + '--skip-bitbake', help='Generate IDE configuration but skip calling bitbake to update the SDK', action='store_true') parser_ide_sdk.add_argument( '-k', '--bitbake-k', help='Pass -k parameter to bitbake', action='store_true') parser_ide_sdk.add_argument( From patchwork Thu Jul 4 12:27:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46018 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CF6FC3DA40 for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web10.8998.1720096072526667185 for ; Thu, 04 Jul 2024 05:27:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=iPm9lJL1; spf=softfail (domain: sakoman.com, ip: 209.85.214.173, mailfrom: steve@sakoman.com) Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-1fb1c918860so10914085ad.1 for ; Thu, 04 Jul 2024 05:27:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096072; x=1720700872; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=4hhh8fA0O628Av/QvEUjkrV+EAw7w9MWz5Ux0g9fThA=; b=iPm9lJL1+uBABEOKW2JyBh8E59WAQbfZ0SpX8U0G0SzoVtgH4o1/FSTzvcupWeUghz KuOFTWNjM49ILJBZvC1OTpkuHbvvFMcNHequhRefuD5VFHRuhIK2K+f0Y4txYmvLPWBN ZL76eLCPBf8ib/t9T6FY8OCd5+fSxBI32byqV7o79Lx+D/AxmS142lsgKQQZsH9o2eTI 62Fas02okYlnwG5kqblsOGdKLlmRZbR9r/yHdtZthEmaAlLTEUqjUcWK2zyXLttIzPPd vyZTXoHLHR2XMmLUNJixbMBT2pwi0ZaDxUU+XWj12F+waQ9UTD528KQ1B+LTiz0gHCiu D7tQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096072; x=1720700872; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4hhh8fA0O628Av/QvEUjkrV+EAw7w9MWz5Ux0g9fThA=; b=P/RrHyTDMhz+ecxajbpsid5/hnj4mc6a/b6xuPWnkMGeQx4RbR2U8pSxXpDYo56iy3 dTtbFVrtQ2p49yLKCex/eZsrA0FFBwS8J44bjT3Bzkfof9FBjdlp0K+yZpqU/utecgOO Kwe8zBxJ4xLTJfDwmv9FFKUhRyVlckSUEzdbcoVT1bVydN8iA8KLkjzryGwZU8iU1rec IStOEx47Mjky/ngCtgbnBFj70XKDFj509qRlJI8u54fJucPXtDNVId/S9jj6hZne6KgC IPGVsQFG7xZXxkbKDUCU0vuRpGa+4Wwy8B30UdmiWAB8gIFB0GFCuOIZzd7eVHgP55D2 uKSQ== X-Gm-Message-State: AOJu0YzuBuCb19DtNoOJWNTj79ceJUif6/rDVSCCiq+TF5zLxfOuqMto MZir/2iqBTx40mN5F+1gaCS7+QezsOm4KFDBCpotqDzzyJbBnJmmMT0d0ju4DIruW4V8G9r8AU9 A X-Google-Smtp-Source: AGHT+IHWTUcwe7k2RNrKiEWtY/f9uKbB+HmK59LrRmbuO2rR05Ki7apLvN7c4a+zBFXtipGEBy416Q== X-Received: by 2002:a17:902:da87:b0:1f9:f6a7:9330 with SMTP id d9443c01a7336-1fb3702ed58mr20157375ad.9.1720096071754; Thu, 04 Jul 2024 05:27:51 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:51 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 17/21] oeqa/selftest/recipetool: Fix for usrmerge in DISTRO_FEATURES Date: Thu, 4 Jul 2024 05:27:09 -0700 Message-Id: <01ccccb949bd82e89dae4679ff5b30ada6672d9a.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201559 From: Richard Purdie If usrmerge is in DISTRO_FEATURES, assumptions in one of the tests would fail. Improve the test so it works in both cases. Signed-off-by: Richard Purdie (cherry picked from commit 68a27d307a7042e242c49cf3d069469f40e09902) Signed-off-by: Steve Sakoman --- meta/lib/oeqa/selftest/cases/recipetool.py | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py index aebea42502..126906df50 100644 --- a/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/meta/lib/oeqa/selftest/cases/recipetool.py @@ -120,9 +120,15 @@ class RecipetoolAppendTests(RecipetoolBase): self._try_recipetool_appendfile_fail('/dev/console', self.testfile, ['ERROR: /dev/console cannot be handled by this tool']) def test_recipetool_appendfile_alternatives(self): + lspath = '/bin/ls' + dirname = "base_bindir" + if "usrmerge" in get_bb_var('DISTRO_FEATURES'): + lspath = '/usr/bin/ls' + dirname = "bindir" + # Now try with a file we know should be an alternative # (this is very much a fake example, but one we know is reliably an alternative) - self._try_recipetool_appendfile_fail('/bin/ls', self.testfile, ['ERROR: File /bin/ls is an alternative possibly provided by the following recipes:', 'coreutils', 'busybox']) + self._try_recipetool_appendfile_fail(lspath, self.testfile, ['ERROR: File %s is an alternative possibly provided by the following recipes:' % lspath, 'coreutils', 'busybox']) # Need a test file - should be executable testfile2 = os.path.join(self.corebase, 'oe-init-build-env') testfile2name = os.path.basename(testfile2) @@ -131,12 +137,12 @@ class RecipetoolAppendTests(RecipetoolBase): 'SRC_URI += "file://%s"\n' % testfile2name, '\n', 'do_install:append() {\n', - ' install -d ${D}${base_bindir}\n', - ' install -m 0755 ${WORKDIR}/%s ${D}${base_bindir}/ls\n' % testfile2name, + ' install -d ${D}${%s}\n' % dirname, + ' install -m 0755 ${WORKDIR}/%s ${D}${%s}/ls\n' % (testfile2name, dirname), '}\n'] - self._try_recipetool_appendfile('coreutils', '/bin/ls', testfile2, '-r coreutils', expectedlines, [testfile2name]) + self._try_recipetool_appendfile('coreutils', lspath, testfile2, '-r coreutils', expectedlines, [testfile2name]) # Now try bbappending the same file again, contents should not change - bbappendfile, _ = self._try_recipetool_appendfile('coreutils', '/bin/ls', self.testfile, '-r coreutils', expectedlines, [testfile2name]) + bbappendfile, _ = self._try_recipetool_appendfile('coreutils', lspath, self.testfile, '-r coreutils', expectedlines, [testfile2name]) # But file should have copiedfile = os.path.join(os.path.dirname(bbappendfile), 'coreutils', testfile2name) result = runCmd('diff -q %s %s' % (testfile2, copiedfile), ignore_status=True) From patchwork Thu Jul 4 12:27:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46017 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F2CBC38150 for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web10.8999.1720096074397980150 for ; Thu, 04 Jul 2024 05:27:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=sZpQGsFC; spf=softfail (domain: sakoman.com, ip: 209.85.214.173, mailfrom: steve@sakoman.com) Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-1faad2f1967so12879265ad.0 for ; Thu, 04 Jul 2024 05:27:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096074; x=1720700874; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=+mqvoaL3nr52Mk7rVbNA07e6CoNIL78KHb4osQO5HnI=; b=sZpQGsFCci5Oq0VfMR/kaXdCfhXXak56ZqzSJv620rF+zh1/xeOIS8ZC9BrSNlicDe 8FZnJE9gHhJXyJCIjHi4sNI79hkBxGOGmkhzWoA7Syi+da7cy1+oGWu5SekkjNdCuuGC 87h39bb20tUwBbMMeLOldwsI8ZaDG4GEZiNTJQ7kP+2GOfZJQ9CRuGreBepAY38aTl20 aETWT8drWWBctga43zsseWLjlEQWlEQeHHLmnFbEBoCeJvTRQdGzwqtB+fXrD3U3zwZN rx687rX14TBRz+QevuwGNWPJuIisxxygX9HuXPGEs5R53TAQ2ZS0Ed2PjJjbr13jIkJM IoYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096074; x=1720700874; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+mqvoaL3nr52Mk7rVbNA07e6CoNIL78KHb4osQO5HnI=; b=PbGueugai8vzLhyoZBb/ybj3eovVpNrheNSs/bOP2u41uqtra9x0Kz5Xtm2TEIqOMJ PLBpmLetUO49WTudN2wC3fjrcRtdSE69EneHbWN1slmqKs0AspqFQdCzB6AZ2uWW6Dna hZ4vrQizi3kuty9o077IB0DuaEZmdksScyvR1KHxOviWeLbJ/DVjhRK3XxubXQgDfmCf 0+qHd7vVwfJfD/3/Zr6Nh2Xs62eXD/s65EUYRcXoIJdef3GU83LMI5xDJrUvmjHBvb2K hxNy1shLdRZpuK/uaXa3iS1uye80Ck98tLB1U0eaIKqnRY757wO3AWiR7pc6qLgO9BTN 7t4Q== X-Gm-Message-State: AOJu0YyVGpl00e0CllKWK6Mj8kxsOwPryMmxGxBLvPR46t8TSN29Rmtb 7EiOzfK2dwGe99NdPwHSjIQZqmfsmWtd01LokheV3k3sHlOK1cYACSe78MbtTmpFOk9pYMtbRtq A X-Google-Smtp-Source: AGHT+IHPsISb/UrneLHiHhUx1LI1xmRMDIAcaovFtlt2tyim1q/DCyfOCUXmEzVD94kxdR0EE9RWvA== X-Received: by 2002:a17:902:d58a:b0:1fb:24ea:fe29 with SMTP id d9443c01a7336-1fb37051fd6mr24094965ad.15.1720096073524; Thu, 04 Jul 2024 05:27:53 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:53 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 18/21] oeqa/selftest/devtool: Fix for usrmerge in DISTRO_FEATURES Date: Thu, 4 Jul 2024 05:27:10 -0700 Message-Id: <4dc35667143f19a369bdea9ce2f011a04132509c.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201560 From: Richard Purdie If usrmerge is in DISTRO_FEATURES, assumptions in one of the tests would fail. Improve the test so it works in both cases. Signed-off-by: Richard Purdie (cherry picked from commit afa211746a2aa1993a54cc5a5e1937679341da8e) Signed-off-by: Steve Sakoman --- meta/lib/oeqa/selftest/cases/devtool.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py index 44a2a50f2e..fc08906117 100644 --- a/meta/lib/oeqa/selftest/cases/devtool.py +++ b/meta/lib/oeqa/selftest/cases/devtool.py @@ -1792,6 +1792,8 @@ class DevtoolExtractTests(DevtoolBase): # Definitions testrecipe = 'mdadm' testfile = '/sbin/mdadm' + if "usrmerge" in get_bb_var('DISTRO_FEATURES'): + testfile = '/usr/sbin/mdadm' testimage = 'oe-selftest-image' testcommand = '/sbin/mdadm --help' # Build an image to run From patchwork Thu Jul 4 12:27:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46014 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 43C82C30653 for ; Thu, 4 Jul 2024 12:27:56 +0000 (UTC) Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web11.8906.1720096076137628574 for ; Thu, 04 Jul 2024 05:27:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=JZujQryL; spf=softfail (domain: sakoman.com, ip: 209.85.214.175, mailfrom: steve@sakoman.com) Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-1f64ecb1766so3482635ad.1 for ; Thu, 04 Jul 2024 05:27:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096075; x=1720700875; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DzxGkpBuE879S+4vDBHyuwhKyQFkwa2DmJqUXOmnQ2Y=; b=JZujQryLdLUFpzVE0W+RZFXjOoMlbmb0R1n5t2UwJy+lmYB+urDWNTx76sZXIoftYw yyAGWYqqhSsoSNgFI8UHC7iabBksZgasxruGH0aiy8pmEkVU+gRRNpxDLBkm0RtADjoW midKZ1q5jvcQsVZ5sbOpDriX7uv9E8FhCv9Vf7KBA0Df1Cv/wfDacHt/ALUiKzNlxJe6 ofcp7A/WAFZWH/f7kM6qtOmMsExcwUuzUtxcy/a+QQv3gecspZntl8PgREpsKSFT9ubF Z7mBJ43dr1pP0OGYmF4C3AFScV7+Gd7UhEPjifaATD4tee8ezxzFXcDTXjVFVz7XHTV8 dp+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096075; x=1720700875; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DzxGkpBuE879S+4vDBHyuwhKyQFkwa2DmJqUXOmnQ2Y=; b=bGMWzhY89L14L6l78UZPJdPm5QTS/L4TJrwxan1e0aGxJYzyH5NJmm9XLs/Ok9oIHS a+yD4CWzBPOO3eNAEq1Nc75H1oMbc2MYZUa1gbnDz8G4sIUVhIVfqgL6D+ZQA5hlNlI8 RmnfxMouAJxuQeb2lgXIrjUDdtt9ApbiGOBT8hKNQQJgVC0NImoqpPSA0gZ4vgB7i2zQ Ujffuma4BucOPATWSgVI8sYzknUYgjycUgQUN+yKfX31upz6OzbouX0ZwMHNsvbSe/Zh suF+TtT5AZZqwcW97yAOFIYaQUfjEuAmxXLba7zwV3COK5F9RZt1dMoQKHWz+PZCgkDd yNuA== X-Gm-Message-State: AOJu0YyMea9Imy7SX91WSgUtcIdqsDXgVz9m+SiwoJVgZJ/nv240uGvh XyM89VPIF4dXJYzi5vfO1df7WkfTfu3jJ8xHC/crDQontXMhYwYi/TCAVtz6wRNnnPd+WdJkp06 y X-Google-Smtp-Source: AGHT+IEQ56ulPAXUMrmbVJXLxA6btEmtwd4WVFLwkMiwzTvJl0tkW1jVPxVHIJShYnszuO513Ex00A== X-Received: by 2002:a17:903:186:b0:1f9:9e92:c070 with SMTP id d9443c01a7336-1fb33f0547fmr13243435ad.58.1720096075394; Thu, 04 Jul 2024 05:27:55 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 19/21] python3-bcrypt: drop python3-six from RDEPENDS Date: Thu, 4 Jul 2024 05:27:11 -0700 Message-Id: <214d41b73d235176123fd78143747845aa9c951e.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:27:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201562 From: Guðni Már Gilbert Python 2.7 support was dropped in version 3.2.0 and python3-six dependency was subsequently dropped in version 3.2.1 Signed-off-by: Guðni Már Gilbert Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 50757cc95b3062f11a7455af33e7a7e74ea1d0f7) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb b/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb index 93fa645f33..57b08b3700 100644 --- a/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb +++ b/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb @@ -33,5 +33,4 @@ RDEPENDS:${PN}:class-target += "\ python3-cffi \ python3-ctypes \ python3-shell \ - python3-six \ " From patchwork Thu Jul 4 12:27:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46021 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 74E41C30653 for ; Thu, 4 Jul 2024 12:28:06 +0000 (UTC) Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web11.8907.1720096077691474417 for ; Thu, 04 Jul 2024 05:27:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=2VGw2tTt; spf=softfail (domain: sakoman.com, ip: 209.85.214.179, mailfrom: steve@sakoman.com) Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-1fa2782a8ccso2690635ad.2 for ; Thu, 04 Jul 2024 05:27:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096077; x=1720700877; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=i+Tyo91SPkBmbBMqYBwJVX08zjYs2Gt6VQq+xlzNR2k=; b=2VGw2tTta7i+PBWu6AOM/hbuBufF48A3uEHR4BrGkgPBt49dpqHNb/vMip2i2VD5F/ ICjP3RJvW/AbY9ak6trSskxcieCTp5ds/ugB1u6U5zTpVKOfAgziKQnKKtFZ9to+sjGV NY9kP4IzWDnOYvKWyI7OBMNeczuT6AP8j9xB7fBtt/jVfhmRYQIoCIB9mIw9/C6zm6F+ KDqHUQoOFVmu6Gd1NmXiw1WtX1iDjJwIfVc+/vZnibD98BWtMWdkTndXH055k6Cl3io8 EET5fo4WiZm7DC+JG14FjQWvR8cnxVV50Aujru+LYsbzBHU6PWS234ygJO8YU9xywoGJ dohQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096077; x=1720700877; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=i+Tyo91SPkBmbBMqYBwJVX08zjYs2Gt6VQq+xlzNR2k=; b=XDOMUm9ZcxETn6GwBfDvbDsO0bjg1Yf4+sArCK5gXke7efoPwojCBmZ+dJ0D5365Hs nUrabqt8PdJqBD6a7w7nP6QrQHwUwfoVmWmFJx4Q97gI3FX4hnP4zTni21vEc/9Xl883 JNBcnXvhGia8y+NSDCXUbbVMypq4i0tI9QNC5AxyqEuic7LzQn/kKTNSvIucVr/ZNX56 66+IUtBjuPSq0HIM1w2UiLchbHgonLa/LhH1RWh7X6KwP5C+4i4nLTbw5H/qErMmFcYO LzkbK/RPibDZ9FUyr7j7aify5Zu7zvQWtF7FV/pyT8bMgS+4HFt3ixtUz1jhV07twmLy iadA== X-Gm-Message-State: AOJu0Yw8NgE4ZtRWdoPGe6JF1eNWoSzeZLGGk1SQyJ4/s1VFC7dZpOn4 RV+uXzDfnpzKk9cQlWTT7ThaI5gMEztCR3Sdc0DTp+AcoGNg2WIoUjSNyvBflN6coxHqqABEyrB C X-Google-Smtp-Source: AGHT+IGa9LHvtsInB/fjinG44VY2QO8W8dYQ7VMNzWdNQa2A3aGSW9B630CfKsEerlbRIptJmaTWEg== X-Received: by 2002:a17:902:680f:b0:1fb:2bed:6418 with SMTP id d9443c01a7336-1fb33f240c6mr9235015ad.57.1720096076946; Thu, 04 Jul 2024 05:27:56 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:56 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 20/21] python3-pyopenssl: drop python3-six from RDEPENDS Date: Thu, 4 Jul 2024 05:27:12 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:28:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201563 From: Guðni Már Gilbert Python 2.7 support was dropped in version 22.0.0 python3-six was dropped as a dependency in 22.0.0 Signed-off-by: Guðni Már Gilbert Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 6eab37a0cdcc6071f79aa5c8198df0b2ba23dd7a) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb b/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb index 9ea3075482..116f214bfa 100644 --- a/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb +++ b/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb @@ -15,7 +15,6 @@ FILES:${PN}-tests = "${libdir}/${PYTHON_DIR}/site-packages/OpenSSL/test" RDEPENDS:${PN}:class-target = " \ python3-cryptography \ - python3-six \ python3-threading \ " RDEPENDS:${PN}-tests = "${PN}" From patchwork Thu Jul 4 12:27:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46020 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B3ABC3271E for ; Thu, 4 Jul 2024 12:28:06 +0000 (UTC) Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web10.9002.1720096080449725046 for ; Thu, 04 Jul 2024 05:28:00 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=XYiZVwow; spf=softfail (domain: sakoman.com, ip: 209.85.214.182, mailfrom: steve@sakoman.com) Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1fa2782a8ccso2690865ad.2 for ; Thu, 04 Jul 2024 05:28:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1720096079; x=1720700879; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=8gIhE4O8MfuNkWqb96SL7LjnvtIGZA/B03ZtvMVZ0vw=; b=XYiZVwowgI9q/qcNywtYpoqidwGQCqhUleJDwyybl7Hka+Ewo+E38NFK3B0e8ZGTUi EjtHJxu+5outHryY0bYRp6q/xBjkWs0n75Tv1Rlc2pGt1gTGRJZVR15D3/LZ1rr4bb+F 3BmcMQOGWnaPS9H0/xhAk+fIBKsMh4muJ3XKwvqLqHmBVRcqwMslJYBuTZ8W1PowFw9H 6Iu5mw4HjgvEl31o2FwBaJYfpdNfM9r4HDiSVjInTvDsB/4+HqVddl1z5s/n7Kwcu8aG 2KM2bslf5B0g6yzhra/7W1RU/WaaWpgs3k4y66yM5bdZvK0E3iDJuNrmzflp+KH3N2cm h9TA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720096079; x=1720700879; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8gIhE4O8MfuNkWqb96SL7LjnvtIGZA/B03ZtvMVZ0vw=; b=LbquU+GPpsHNpqlFnTkWpY++1IEGX+9sFzZE7zTqCy8ZIlfn5Rzcw8tet2fSx/WTTC aI9LfN39rJKEiTJ1nJ8/Nhr0Nq8WHSoHcqsHkCjhGKrHspa3djJ4rPWqKEEgkRQq1MPy yeF/d7DzkVfctgj7sSbdWMZ0OGe+r+g1lZdfX7OVTURW5Png6XmCFc4mPidRK5sK8mwk r3k+59GPsmTssTcq7LFoM6kNev+CrpMX81+kE+IfinEak0HYXJ3m+PHkFpxVxejO/UMS A6m/GPiyemfLKNuZbqEt9+OyyGi4Lso5F0gEHKMusTXxlK48K4qKWHsxyz45Kp4qz2Ed r69Q== X-Gm-Message-State: AOJu0Yymnv5khBh+x+I8k/Z5zs16HjgELg5UgRZhDHBx02W/Z2lACQ3A rVe9/2FgrX1B7gktouSuhxSkEw0oNZpZyRZUf9F9odzjphc6JmsJu4g8IsVilgg7TOoGlsebqZX E X-Google-Smtp-Source: AGHT+IGk+2AkEcYqsywKVJgKoYYeEnOcxyWPgodWSt11jD8UPTrThogKRTQojTtGeKgbbDptDcmyvg== X-Received: by 2002:a17:903:1c4:b0:1f9:9a87:76f5 with SMTP id d9443c01a7336-1fb33e55a16mr12656065ad.27.1720096079118; Thu, 04 Jul 2024 05:27:59 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fb1c79682csm29416075ad.8.2024.07.04.05.27.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jul 2024 05:27:58 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 21/21] curl: locale-base-en-us isn't glibc-specific Date: Thu, 4 Jul 2024 05:27:13 -0700 Message-Id: <1cab8d06ce5df7a8d00cff8531965a84d90d265a.1720095886.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 04 Jul 2024 12:28:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/201564 From: Ross Burton The musl-locales package provides this too, so we can depend without a libc override. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit c8f1d51f4eb6df6c041707d38f60549d13ddab7f) Signed-off-by: Steve Sakoman --- meta/recipes-support/curl/curl_8.7.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index c74416d7e9..3fdad6a4cf 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -120,6 +120,7 @@ do_install_ptest() { RDEPENDS:${PN}-ptest += " \ bash \ + locale-base-en-us \ perl-module-b \ perl-module-base \ perl-module-cwd \ @@ -135,7 +136,6 @@ RDEPENDS:${PN}-ptest += " \ perl-module-storable \ perl-module-time-hires \ " -RDEPENDS:${PN}-ptest:append:libc-glibc = " locale-base-en-us" PACKAGES =+ "lib${BPN}"