From patchwork Fri Jun 30 02:33:14 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26708
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id DB5E6C0015E
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-qk1-f174.google.com (mail-qk1-f174.google.com
 [209.85.222.174])
 by mx.groups.io with SMTP id smtpd.web11.3927.1688092414589912756
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:34 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=OCKdFFOy;
 spf=softfail (domain: sakoman.com, ip: 209.85.222.174,
 mailfrom: steve@sakoman.com)
Received: by mail-qk1-f174.google.com with SMTP id
 af79cd13be357-76571dae5feso123829785a.1
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092413;
 x=1690684413;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=csuN/xFFdBk+WY/xS8Dredq82tLQ3wDCcdvzgWcA8Go=;
        b=OCKdFFOywVPHQbFky0QG+fZEQJJpX38/xda3zwN7uiphARZ2G2dZ/SkScVEpd70DEZ
         mXqSZzuMVMoz651BeIAEJzuQWyohmF6icw5brKR1Xd/ishsZZmM7Dbt2/9ne1eRT/Y5j
         7XP0fa3C98eKVwsNN0YKEyLLsFqs70ByCPJ7ubWb9yh+C5AzJES6K46XIJ/3DdzZxgYR
         Cdrvyv0afhX4d8XJy4+zZR8GJZY/JE87Y/TW7QWEHVg2sLV6iBgYiwZupkJwfUWhQm1r
         XwNL9nhBETiGyEXH1wO2bRqnBbGCq0AB5q8OGdKXLxWciBwOIEvqX7rg+rNIMipcxbuR
         lL3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092413; x=1690684413;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=csuN/xFFdBk+WY/xS8Dredq82tLQ3wDCcdvzgWcA8Go=;
        b=JzxSvl4k0+UP2Uu1KiU8wDIizzjR1Ts8kqbrdfSWJ6SzO28VMbRuAYf5IR0UA/bKPz
         DUxU4OjuxgWjM8kWnxYmyn83iOIVhBDZ/q/yEX3T8AepL/j7HCZYurjU9HGBaAZsVJ+k
         +4Bnm+6A9Cn64Df1NOXLuGTTcAt/O223ZstlujkmIKreOSZH3yM/2Nt5YRruu65dz6FM
         zNUglKitNRfZg21PEGy+lGustU7dRDrUvL2IogIHjuK3TAgGt3Bkn46w35bnEj209W/q
         g/yTrvDIy+gOa8X4dd8JcmtA9MnU/VeHRkHpyswEw7N7sRetNe8pK27zWR/73o/wsX3Z
         zUww==
X-Gm-Message-State: AC+VfDyOpQM8zCvs4B5jESc1M1wnlwFYivuhhW/N9UV37M5rLLtJ0yc8
	zZME4/tA4zr1uPVCFrgtQpmDyTRLc9FaK5j3FaGHkQ==
X-Google-Smtp-Source: 
 ACHHUZ6OxroxlFaiTPOkOR6uv0uschQH35gfTkIP7/P0tJiURytaY5XwJ+WR1FR5Nr5k7Pi9lhLyRg==
X-Received: by 2002:a05:620a:1aa4:b0:765:8478:11ed with SMTP id
 bl36-20020a05620a1aa400b00765847811edmr1326634qkb.23.1688092412843;
        Thu, 29 Jun 2023 19:33:32 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.31
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:32 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 01/10] libjpeg-turbo: CVE-2020-35538 Null pointer
 dereference in jcopy_sample_rows() function
Date: Thu, 29 Jun 2023 16:33:14 -1000
Message-Id: 
 <345ffb433060f017d212135a5b2383017f32d321.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183672

From: Vijay Anusuri <vanusuri@mvista.com>

Upstream-Status: Backport
[https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30
&
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/a46c111d9f3642f0ef3819e7298846ccc61869e0]

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../jpeg/files/CVE-2020-35538-1.patch         | 457 ++++++++++++++++++
 .../jpeg/files/CVE-2020-35538-2.patch         | 400 +++++++++++++++
 .../jpeg/libjpeg-turbo_2.0.4.bb               |   2 +
 3 files changed, 859 insertions(+)
 create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2020-35538-1.patch
 create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2020-35538-2.patch

diff --git a/meta/recipes-graphics/jpeg/files/CVE-2020-35538-1.patch b/meta/recipes-graphics/jpeg/files/CVE-2020-35538-1.patch
new file mode 100644
index 0000000000..8a52ed01e9
--- /dev/null
+++ b/meta/recipes-graphics/jpeg/files/CVE-2020-35538-1.patch
@@ -0,0 +1,457 @@
+From 9120a247436e84c0b4eea828cb11e8f665fcde30 Mon Sep 17 00:00:00 2001
+From: DRC <information@libjpeg-turbo.org>
+Date: Thu, 23 Jul 2020 21:24:38 -0500
+Subject: [PATCH] Fix jpeg_skip_scanlines() segfault w/merged upsamp
+
+The additional segfault mentioned in #244 was due to the fact that
+the merged upsamplers use a different private structure than the
+non-merged upsamplers.  jpeg_skip_scanlines() was assuming the latter, so
+when merged upsampling was enabled, jpeg_skip_scanlines() clobbered one
+of the IDCT method pointers in the merged upsampler's private structure.
+
+For reasons unknown, the test image in #441 did not encounter this
+segfault (too small?), but it encountered an issue similar to the one
+fixed in 5bc43c7821df982f65aa1c738f67fbf7cba8bd69, whereby it was
+necessary to set up a dummy postprocessing function in
+read_and_discard_scanlines() when merged upsampling was enabled.
+Failing to do so caused either a segfault in merged_2v_upsample() (due
+to a NULL pointer being passed to jcopy_sample_rows()) or an error
+("Corrupt JPEG data: premature end of data segment"), depending on the
+number of scanlines skipped and whether the first scanline skipped was
+an odd- or even-numbered row.
+
+Fixes #441
+Fixes #244 (for real this time)
+
+Upstream-Status: Backport [https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30]
+CVE: CVE-2020-35538
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ ChangeLog.md |  7 +++++
+ jdapistd.c   | 72 ++++++++++++++++++++++++++++++++++++++++++++++------
+ jdmerge.c    | 46 +++++++--------------------------
+ jdmerge.h    | 47 ++++++++++++++++++++++++++++++++++
+ jdmrg565.c   | 10 ++++----
+ jdmrgext.c   |  6 ++---
+ 6 files changed, 135 insertions(+), 53 deletions(-)
+ create mode 100644 jdmerge.h
+
+diff --git a/ChangeLog.md b/ChangeLog.md
+index 2ebfe71..19d18fa 100644
+--- a/ChangeLog.md
++++ b/ChangeLog.md
+@@ -54,6 +54,13 @@ a 16-bit binary PGM file into an RGB image buffer.
+ generated when using the `tjLoadImage()` function to load a 16-bit binary PPM
+ file into an extended RGB image buffer.
+ 
++2. Fixed segfaults or "Corrupt JPEG data: premature end of data segment" errors
++in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or 4:2:0 JPEG
++images using the merged (non-fancy) upsampling algorithms (that is, when
++setting `cinfo.do_fancy_upsampling` to `FALSE`.)  2.0.0[6] was a similar fix,
++but it did not cover all cases.
++
++
+ 2.0.3
+ =====
+ 
+diff --git a/jdapistd.c b/jdapistd.c
+index 2c808fa..91da642 100644
+--- a/jdapistd.c
++++ b/jdapistd.c
+@@ -4,7 +4,7 @@
+  * This file was part of the Independent JPEG Group's software:
+  * Copyright (C) 1994-1996, Thomas G. Lane.
+  * libjpeg-turbo Modifications:
+- * Copyright (C) 2010, 2015-2018, D. R. Commander.
++ * Copyright (C) 2010, 2015-2018, 2020, D. R. Commander.
+  * Copyright (C) 2015, Google, Inc.
+  * For conditions of distribution and use, see the accompanying README.ijg
+  * file.
+@@ -21,6 +21,8 @@
+ #include "jinclude.h"
+ #include "jdmainct.h"
+ #include "jdcoefct.h"
++#include "jdmaster.h"
++#include "jdmerge.h"
+ #include "jdsample.h"
+ #include "jmemsys.h"
+ 
+@@ -304,6 +306,16 @@ noop_quantize(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
+ }
+ 
+ 
++/* Dummy postprocessing function used by jpeg_skip_scanlines() */
++LOCAL(void)
++noop_post_process (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
++                   JDIMENSION *in_row_group_ctr,
++                   JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
++                   JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
++{
++}
++
++
+ /*
+  * In some cases, it is best to call jpeg_read_scanlines() and discard the
+  * output, rather than skipping the scanlines, because this allows us to
+@@ -316,11 +328,17 @@ LOCAL(void)
+ read_and_discard_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+ {
+   JDIMENSION n;
++  my_master_ptr master = (my_master_ptr)cinfo->master;
+   void (*color_convert) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                          JDIMENSION input_row, JSAMPARRAY output_buf,
+                          int num_rows) = NULL;
+   void (*color_quantize) (j_decompress_ptr cinfo, JSAMPARRAY input_buf,
+                           JSAMPARRAY output_buf, int num_rows) = NULL;
++  void (*post_process_data) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
++                             JDIMENSION *in_row_group_ctr,
++                             JDIMENSION in_row_groups_avail,
++                             JSAMPARRAY output_buf, JDIMENSION *out_row_ctr,
++                             JDIMENSION out_rows_avail) = NULL;
+ 
+   if (cinfo->cconvert && cinfo->cconvert->color_convert) {
+     color_convert = cinfo->cconvert->color_convert;
+@@ -332,6 +350,12 @@ read_and_discard_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+     cinfo->cquantize->color_quantize = noop_quantize;
+   }
+ 
++  if (master->using_merged_upsample && cinfo->post &&
++      cinfo->post->post_process_data) {
++    post_process_data = cinfo->post->post_process_data;
++    cinfo->post->post_process_data = noop_post_process;
++  }
++
+   for (n = 0; n < num_lines; n++)
+     jpeg_read_scanlines(cinfo, NULL, 1);
+ 
+@@ -340,6 +364,9 @@ read_and_discard_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+ 
+   if (color_quantize)
+     cinfo->cquantize->color_quantize = color_quantize;
++
++  if (post_process_data)
++    cinfo->post->post_process_data = post_process_data;
+ }
+ 
+ 
+@@ -382,7 +409,7 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+ {
+   my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
+   my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_master_ptr master = (my_master_ptr)cinfo->master;
+   JDIMENSION i, x;
+   int y;
+   JDIMENSION lines_per_iMCU_row, lines_left_in_iMCU_row, lines_after_iMCU_row;
+@@ -445,8 +472,16 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+     main_ptr->buffer_full = FALSE;
+     main_ptr->rowgroup_ctr = 0;
+     main_ptr->context_state = CTX_PREPARE_FOR_IMCU;
+-    upsample->next_row_out = cinfo->max_v_samp_factor;
+-    upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++    if (master->using_merged_upsample) {
++      my_merged_upsample_ptr upsample =
++        (my_merged_upsample_ptr)cinfo->upsample;
++      upsample->spare_full = FALSE;
++      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++    } else {
++      my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++      upsample->next_row_out = cinfo->max_v_samp_factor;
++      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++    }
+   }
+ 
+   /* Skipping is much simpler when context rows are not required. */
+@@ -458,8 +493,16 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+       cinfo->output_scanline += lines_left_in_iMCU_row;
+       main_ptr->buffer_full = FALSE;
+       main_ptr->rowgroup_ctr = 0;
+-      upsample->next_row_out = cinfo->max_v_samp_factor;
+-      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++      if (master->using_merged_upsample) {
++        my_merged_upsample_ptr upsample =
++          (my_merged_upsample_ptr)cinfo->upsample;
++        upsample->spare_full = FALSE;
++        upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++      } else {
++        my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++        upsample->next_row_out = cinfo->max_v_samp_factor;
++        upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++      }
+     }
+   }
+ 
+@@ -494,7 +537,14 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+       cinfo->output_iMCU_row += lines_to_skip / lines_per_iMCU_row;
+       increment_simple_rowgroup_ctr(cinfo, lines_to_read);
+     }
+-    upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++    if (master->using_merged_upsample) {
++      my_merged_upsample_ptr upsample =
++        (my_merged_upsample_ptr)cinfo->upsample;
++      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++    } else {
++      my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++    }
+     return num_lines;
+   }
+ 
+@@ -535,7 +585,13 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+    * bit odd, since "rows_to_go" seems to be redundantly keeping track of
+    * output_scanline.
+    */
+-  upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++  if (master->using_merged_upsample) {
++    my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
++    upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++  } else {
++    my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++    upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
++  }
+ 
+   /* Always skip the requested number of lines. */
+   return num_lines;
+diff --git a/jdmerge.c b/jdmerge.c
+index dff5a35..833ad67 100644
+--- a/jdmerge.c
++++ b/jdmerge.c
+@@ -5,7 +5,7 @@
+  * Copyright (C) 1994-1996, Thomas G. Lane.
+  * libjpeg-turbo Modifications:
+  * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
+- * Copyright (C) 2009, 2011, 2014-2015, D. R. Commander.
++ * Copyright (C) 2009, 2011, 2014-2015, 2020, D. R. Commander.
+  * Copyright (C) 2013, Linaro Limited.
+  * For conditions of distribution and use, see the accompanying README.ijg
+  * file.
+@@ -40,41 +40,13 @@
+ #define JPEG_INTERNALS
+ #include "jinclude.h"
+ #include "jpeglib.h"
++#include "jdmerge.h"
+ #include "jsimd.h"
+ #include "jconfigint.h"
+ 
+ #ifdef UPSAMPLE_MERGING_SUPPORTED
+ 
+ 
+-/* Private subobject */
+-
+-typedef struct {
+-  struct jpeg_upsampler pub;    /* public fields */
+-
+-  /* Pointer to routine to do actual upsampling/conversion of one row group */
+-  void (*upmethod) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+-                    JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf);
+-
+-  /* Private state for YCC->RGB conversion */
+-  int *Cr_r_tab;                /* => table for Cr to R conversion */
+-  int *Cb_b_tab;                /* => table for Cb to B conversion */
+-  JLONG *Cr_g_tab;              /* => table for Cr to G conversion */
+-  JLONG *Cb_g_tab;              /* => table for Cb to G conversion */
+-
+-  /* For 2:1 vertical sampling, we produce two output rows at a time.
+-   * We need a "spare" row buffer to hold the second output row if the
+-   * application provides just a one-row buffer; we also use the spare
+-   * to discard the dummy last row if the image height is odd.
+-   */
+-  JSAMPROW spare_row;
+-  boolean spare_full;           /* T if spare buffer is occupied */
+-
+-  JDIMENSION out_row_width;     /* samples per output row */
+-  JDIMENSION rows_to_go;        /* counts rows remaining in image */
+-} my_upsampler;
+-
+-typedef my_upsampler *my_upsample_ptr;
+-
+ #define SCALEBITS       16      /* speediest right-shift on some machines */
+ #define ONE_HALF        ((JLONG)1 << (SCALEBITS - 1))
+ #define FIX(x)          ((JLONG)((x) * (1L << SCALEBITS) + 0.5))
+@@ -189,7 +161,7 @@ typedef my_upsampler *my_upsample_ptr;
+ LOCAL(void)
+ build_ycc_rgb_table(j_decompress_ptr cinfo)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   int i;
+   JLONG x;
+   SHIFT_TEMPS
+@@ -232,7 +204,7 @@ build_ycc_rgb_table(j_decompress_ptr cinfo)
+ METHODDEF(void)
+ start_pass_merged_upsample(j_decompress_ptr cinfo)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+ 
+   /* Mark the spare buffer empty */
+   upsample->spare_full = FALSE;
+@@ -254,7 +226,7 @@ merged_2v_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                    JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
+ /* 2:1 vertical sampling case: may need a spare row. */
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   JSAMPROW work_ptrs[2];
+   JDIMENSION num_rows;          /* number of rows returned to caller */
+ 
+@@ -305,7 +277,7 @@ merged_1v_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                    JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
+ /* 1:1 vertical sampling case: much easier, never need a spare row. */
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+ 
+   /* Just do the upsampling. */
+   (*upsample->upmethod) (cinfo, input_buf, *in_row_group_ctr,
+@@ -566,11 +538,11 @@ h2v2_merged_upsample_565D(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+ GLOBAL(void)
+ jinit_merged_upsampler(j_decompress_ptr cinfo)
+ {
+-  my_upsample_ptr upsample;
++  my_merged_upsample_ptr upsample;
+ 
+-  upsample = (my_upsample_ptr)
++  upsample = (my_merged_upsample_ptr)
+     (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
+-                                sizeof(my_upsampler));
++                                sizeof(my_merged_upsampler));
+   cinfo->upsample = (struct jpeg_upsampler *)upsample;
+   upsample->pub.start_pass = start_pass_merged_upsample;
+   upsample->pub.need_context_rows = FALSE;
+diff --git a/jdmerge.h b/jdmerge.h
+new file mode 100644
+index 0000000..b583396
+--- /dev/null
++++ b/jdmerge.h
+@@ -0,0 +1,47 @@
++/*
++ * jdmerge.h
++ *
++ * This file was part of the Independent JPEG Group's software:
++ * Copyright (C) 1994-1996, Thomas G. Lane.
++ * libjpeg-turbo Modifications:
++ * Copyright (C) 2020, D. R. Commander.
++ * For conditions of distribution and use, see the accompanying README.ijg
++ * file.
++ */
++
++#define JPEG_INTERNALS
++#include "jpeglib.h"
++
++#ifdef UPSAMPLE_MERGING_SUPPORTED
++
++
++/* Private subobject */
++
++typedef struct {
++  struct jpeg_upsampler pub;    /* public fields */
++
++  /* Pointer to routine to do actual upsampling/conversion of one row group */
++  void (*upmethod) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
++                    JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf);
++
++  /* Private state for YCC->RGB conversion */
++  int *Cr_r_tab;                /* => table for Cr to R conversion */
++  int *Cb_b_tab;                /* => table for Cb to B conversion */
++  JLONG *Cr_g_tab;              /* => table for Cr to G conversion */
++  JLONG *Cb_g_tab;              /* => table for Cb to G conversion */
++
++  /* For 2:1 vertical sampling, we produce two output rows at a time.
++   * We need a "spare" row buffer to hold the second output row if the
++   * application provides just a one-row buffer; we also use the spare
++   * to discard the dummy last row if the image height is odd.
++   */
++  JSAMPROW spare_row;
++  boolean spare_full;           /* T if spare buffer is occupied */
++
++  JDIMENSION out_row_width;     /* samples per output row */
++  JDIMENSION rows_to_go;        /* counts rows remaining in image */
++} my_merged_upsampler;
++
++typedef my_merged_upsampler *my_merged_upsample_ptr;
++
++#endif /* UPSAMPLE_MERGING_SUPPORTED */
+diff --git a/jdmrg565.c b/jdmrg565.c
+index 1b87e37..53f1e16 100644
+--- a/jdmrg565.c
++++ b/jdmrg565.c
+@@ -5,7 +5,7 @@
+  * Copyright (C) 1994-1996, Thomas G. Lane.
+  * libjpeg-turbo Modifications:
+  * Copyright (C) 2013, Linaro Limited.
+- * Copyright (C) 2014-2015, 2018, D. R. Commander.
++ * Copyright (C) 2014-2015, 2018, 2020, D. R. Commander.
+  * For conditions of distribution and use, see the accompanying README.ijg
+  * file.
+  *
+@@ -19,7 +19,7 @@ h2v1_merged_upsample_565_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                                   JDIMENSION in_row_group_ctr,
+                                   JSAMPARRAY output_buf)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   register int y, cred, cgreen, cblue;
+   int cb, cr;
+   register JSAMPROW outptr;
+@@ -90,7 +90,7 @@ h2v1_merged_upsample_565D_internal(j_decompress_ptr cinfo,
+                                    JDIMENSION in_row_group_ctr,
+                                    JSAMPARRAY output_buf)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   register int y, cred, cgreen, cblue;
+   int cb, cr;
+   register JSAMPROW outptr;
+@@ -163,7 +163,7 @@ h2v2_merged_upsample_565_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                                   JDIMENSION in_row_group_ctr,
+                                   JSAMPARRAY output_buf)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   register int y, cred, cgreen, cblue;
+   int cb, cr;
+   register JSAMPROW outptr0, outptr1;
+@@ -259,7 +259,7 @@ h2v2_merged_upsample_565D_internal(j_decompress_ptr cinfo,
+                                    JDIMENSION in_row_group_ctr,
+                                    JSAMPARRAY output_buf)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   register int y, cred, cgreen, cblue;
+   int cb, cr;
+   register JSAMPROW outptr0, outptr1;
+diff --git a/jdmrgext.c b/jdmrgext.c
+index b1c27df..c9a44d8 100644
+--- a/jdmrgext.c
++++ b/jdmrgext.c
+@@ -4,7 +4,7 @@
+  * This file was part of the Independent JPEG Group's software:
+  * Copyright (C) 1994-1996, Thomas G. Lane.
+  * libjpeg-turbo Modifications:
+- * Copyright (C) 2011, 2015, D. R. Commander.
++ * Copyright (C) 2011, 2015, 2020, D. R. Commander.
+  * For conditions of distribution and use, see the accompanying README.ijg
+  * file.
+  *
+@@ -25,7 +25,7 @@ h2v1_merged_upsample_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                               JDIMENSION in_row_group_ctr,
+                               JSAMPARRAY output_buf)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   register int y, cred, cgreen, cblue;
+   int cb, cr;
+   register JSAMPROW outptr;
+@@ -97,7 +97,7 @@ h2v2_merged_upsample_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                               JDIMENSION in_row_group_ctr,
+                               JSAMPARRAY output_buf)
+ {
+-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
+   register int y, cred, cgreen, cblue;
+   int cb, cr;
+   register JSAMPROW outptr0, outptr1;
+-- 
+2.25.1
+
diff --git a/meta/recipes-graphics/jpeg/files/CVE-2020-35538-2.patch b/meta/recipes-graphics/jpeg/files/CVE-2020-35538-2.patch
new file mode 100644
index 0000000000..f86175dff0
--- /dev/null
+++ b/meta/recipes-graphics/jpeg/files/CVE-2020-35538-2.patch
@@ -0,0 +1,400 @@
+From a46c111d9f3642f0ef3819e7298846ccc61869e0 Mon Sep 17 00:00:00 2001
+From: DRC <information@libjpeg-turbo.org>
+Date: Mon, 27 Jul 2020 14:21:23 -0500
+Subject: [PATCH] Further jpeg_skip_scanlines() fixes
+
+- Introduce a partial image decompression regression test script that
+  validates the correctness of jpeg_skip_scanlines() and
+  jpeg_crop_scanlines() for a variety of cropping regions and libjpeg
+  settings.
+
+  This regression test catches the following issues:
+  #182, fixed in 5bc43c7
+  #237, fixed in 6e95c08
+  #244, fixed in 398c1e9
+  #441, fully fixed in this commit
+
+  It does not catch the following issues:
+  #194, fixed in 773040f
+  #244 (additional segfault), fixed in
+       9120a24
+
+- Modify the libjpeg-turbo regression test suite (make test) so that it
+  checks for the issue reported in #441 (segfault in
+  jpeg_skip_scanlines() when used with 4:2:0 merged upsampling/color
+  conversion.)
+
+- Fix issues in jpeg_skip_scanlines() that caused incorrect output with
+  h2v2 (4:2:0) merged upsampling/color conversion.  The previous commit
+  fixed the segfault reported in #441, but that was a symptom of a
+  larger problem.  Because merged 4:2:0 upsampling uses a "spare row"
+  buffer, it is necessary to allow the upsampler to run when skipping
+  rows (fancy 4:2:0 upsampling, which uses context rows, also requires
+  this.)  Otherwise, if skipping starts at an odd-numbered row, the
+  output image will be incorrect.
+
+- Throw an error if jpeg_skip_scanlines() is called with two-pass color
+  quantization enabled.  With two-pass color quantization, the first
+  pass occurs within jpeg_start_decompress(), so subsequent calls to
+  jpeg_skip_scanlines() interfere with the multipass state and prevent
+  the second pass from occurring during subsequent calls to
+  jpeg_read_scanlines().
+
+Upstream-Status: Backport [https://github.com/libjpeg-turbo/libjpeg-turbo/commit/a46c111d9f3642f0ef3819e7298846ccc61869e0]
+CVE: CVE-2020-35538
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ CMakeLists.txt |  9 +++--
+ ChangeLog.md   | 15 +++++---
+ croptest.in    | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++
+ jdapistd.c     | 70 +++++++++++--------------------------
+ libjpeg.txt    |  6 ++--
+ 5 files changed, 136 insertions(+), 59 deletions(-)
+ create mode 100755 croptest.in
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index aee74c9..de451f4 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -753,7 +753,7 @@ else()
+   set(MD5_PPM_3x2_IFAST fd283664b3b49127984af0a7f118fccd)
+   set(MD5_JPEG_420_ISLOW_ARI e986fb0a637a8d833d96e8a6d6d84ea1)
+   set(MD5_JPEG_444_ISLOW_PROGARI 0a8f1c8f66e113c3cf635df0a475a617)
+-  set(MD5_PPM_420M_IFAST_ARI 72b59a99bcf1de24c5b27d151bde2437)
++  set(MD5_PPM_420M_IFAST_ARI 57251da28a35b46eecb7177d82d10e0e)
+   set(MD5_JPEG_420_ISLOW 9a68f56bc76e466aa7e52f415d0f4a5f)
+   set(MD5_PPM_420M_ISLOW_2_1 9f9de8c0612f8d06869b960b05abf9c9)
+   set(MD5_PPM_420M_ISLOW_15_8 b6875bc070720b899566cc06459b63b7)
+@@ -1131,7 +1131,7 @@ foreach(libtype ${TEST_LIBTYPES})
+ 
+   if(WITH_ARITH_DEC)
+     # CC: RGB->YCC  SAMP: h2v2 merged  IDCT: ifast  ENT: arith
+-    add_bittest(djpeg 420m-ifast-ari "-fast;-ppm"
++    add_bittest(djpeg 420m-ifast-ari "-fast;-skip;1,20;-ppm"
+       testout_420m_ifast_ari.ppm ${TESTIMAGES}/testimgari.jpg
+       ${MD5_PPM_420M_IFAST_ARI})
+ 
+@@ -1266,6 +1266,11 @@ endforeach()
+ add_custom_target(testclean COMMAND ${CMAKE_COMMAND} -P
+   ${CMAKE_CURRENT_SOURCE_DIR}/cmakescripts/testclean.cmake)
+ 
++configure_file(croptest.in croptest @ONLY)
++add_custom_target(croptest
++  COMMAND echo croptest
++  COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/croptest)
++
+ if(WITH_TURBOJPEG)
+   configure_file(tjbenchtest.in tjbenchtest @ONLY)
+   configure_file(tjexampletest.in tjexampletest @ONLY)
+diff --git a/ChangeLog.md b/ChangeLog.md
+index 19d18fa..4562eff 100644
+--- a/ChangeLog.md
++++ b/ChangeLog.md
+@@ -54,11 +54,16 @@ a 16-bit binary PGM file into an RGB image buffer.
+ generated when using the `tjLoadImage()` function to load a 16-bit binary PPM
+ file into an extended RGB image buffer.
+ 
+-2. Fixed segfaults or "Corrupt JPEG data: premature end of data segment" errors
+-in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or 4:2:0 JPEG
+-images using the merged (non-fancy) upsampling algorithms (that is, when
+-setting `cinfo.do_fancy_upsampling` to `FALSE`.)  2.0.0[6] was a similar fix,
+-but it did not cover all cases.
++2. Fixed or worked around multiple issues with `jpeg_skip_scanlines()`:
++
++     - Fixed segfaults or "Corrupt JPEG data: premature end of data segment"
++errors in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or
++4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that
++is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.)  2.0.0[6] was a
++similar fix, but it did not cover all cases.
++     - `jpeg_skip_scanlines()` now throws an error if two-pass color
++quantization is enabled.  Two-pass color quantization never worked properly
++with `jpeg_skip_scanlines()`, and the issues could not readily be fixed.
+ 
+ 
+ 2.0.3
+diff --git a/croptest.in b/croptest.in
+new file mode 100755
+index 0000000..7e3c293
+--- /dev/null
++++ b/croptest.in
+@@ -0,0 +1,95 @@
++#!/bin/bash
++
++set -u
++set -e
++trap onexit INT
++trap onexit TERM
++trap onexit EXIT
++
++onexit()
++{
++	if [ -d $OUTDIR ]; then
++		rm -rf $OUTDIR
++	fi
++}
++
++runme()
++{
++	echo \*\*\* $*
++	$*
++}
++
++IMAGE=vgl_6548_0026a.bmp
++WIDTH=128
++HEIGHT=95
++IMGDIR=@CMAKE_CURRENT_SOURCE_DIR@/testimages
++OUTDIR=`mktemp -d /tmp/__croptest_output.XXXXXX`
++EXEDIR=@CMAKE_CURRENT_BINARY_DIR@
++
++if [ -d $OUTDIR ]; then
++	rm -rf $OUTDIR
++fi
++mkdir -p $OUTDIR
++
++exec >$EXEDIR/croptest.log
++
++echo "============================================================"
++echo "$IMAGE ($WIDTH x $HEIGHT)"
++echo "============================================================"
++echo
++
++for PROGARG in "" -progressive; do
++
++	cp $IMGDIR/$IMAGE $OUTDIR
++	basename=`basename $IMAGE .bmp`
++	echo "------------------------------------------------------------"
++	echo "Generating test images"
++	echo "------------------------------------------------------------"
++	echo
++	runme $EXEDIR/cjpeg $PROGARG -grayscale -outfile $OUTDIR/${basename}_GRAY.jpg $IMGDIR/${basename}.bmp
++	runme $EXEDIR/cjpeg $PROGARG -sample 2x2 -outfile $OUTDIR/${basename}_420.jpg $IMGDIR/${basename}.bmp
++	runme $EXEDIR/cjpeg $PROGARG -sample 2x1 -outfile $OUTDIR/${basename}_422.jpg $IMGDIR/${basename}.bmp
++	runme $EXEDIR/cjpeg $PROGARG -sample 1x2 -outfile $OUTDIR/${basename}_440.jpg $IMGDIR/${basename}.bmp
++	runme $EXEDIR/cjpeg $PROGARG -sample 1x1 -outfile $OUTDIR/${basename}_444.jpg $IMGDIR/${basename}.bmp
++	echo
++
++	for NSARG in "" -nosmooth; do
++
++		for COLORSARG in "" "-colors 256 -dither none -onepass"; do
++
++			for Y in {0..16}; do
++
++				for H in {1..16}; do
++
++					X=$(( (Y*16)%128 ))
++					W=$(( WIDTH-X-7 ))
++					if [ $Y -le 15 ]; then
++						CROPSPEC="${W}x${H}+${X}+${Y}"
++					else
++						Y2=$(( HEIGHT-H ));
++						CROPSPEC="${W}x${H}+${X}+${Y2}"
++					fi
++
++					echo "------------------------------------------------------------"
++					echo $PROGARG $NSARG $COLORSARG -crop $CROPSPEC
++					echo "------------------------------------------------------------"
++					echo
++					for samp in GRAY 420 422 440 444; do
++						$EXEDIR/djpeg $NSARG $COLORSARG -rgb -outfile $OUTDIR/${basename}_${samp}_full.ppm $OUTDIR/${basename}_${samp}.jpg
++						convert -crop $CROPSPEC $OUTDIR/${basename}_${samp}_full.ppm $OUTDIR/${basename}_${samp}_ref.ppm
++						runme $EXEDIR/djpeg $NSARG $COLORSARG -crop $CROPSPEC -rgb -outfile $OUTDIR/${basename}_${samp}.ppm $OUTDIR/${basename}_${samp}.jpg
++						runme cmp $OUTDIR/${basename}_${samp}.ppm $OUTDIR/${basename}_${samp}_ref.ppm
++					done
++					echo
++
++				done
++
++			done
++
++		done
++
++	done
++
++done
++
++echo SUCCESS!
+diff --git a/jdapistd.c b/jdapistd.c
+index 91da642..c502909 100644
+--- a/jdapistd.c
++++ b/jdapistd.c
+@@ -306,16 +306,6 @@ noop_quantize(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
+ }
+ 
+ 
+-/* Dummy postprocessing function used by jpeg_skip_scanlines() */
+-LOCAL(void)
+-noop_post_process (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+-                   JDIMENSION *in_row_group_ctr,
+-                   JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
+-                   JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
+-{
+-}
+-
+-
+ /*
+  * In some cases, it is best to call jpeg_read_scanlines() and discard the
+  * output, rather than skipping the scanlines, because this allows us to
+@@ -329,16 +319,12 @@ read_and_discard_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+ {
+   JDIMENSION n;
+   my_master_ptr master = (my_master_ptr)cinfo->master;
++  JSAMPARRAY scanlines = NULL;
+   void (*color_convert) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+                          JDIMENSION input_row, JSAMPARRAY output_buf,
+                          int num_rows) = NULL;
+   void (*color_quantize) (j_decompress_ptr cinfo, JSAMPARRAY input_buf,
+                           JSAMPARRAY output_buf, int num_rows) = NULL;
+-  void (*post_process_data) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
+-                             JDIMENSION *in_row_group_ctr,
+-                             JDIMENSION in_row_groups_avail,
+-                             JSAMPARRAY output_buf, JDIMENSION *out_row_ctr,
+-                             JDIMENSION out_rows_avail) = NULL;
+ 
+   if (cinfo->cconvert && cinfo->cconvert->color_convert) {
+     color_convert = cinfo->cconvert->color_convert;
+@@ -350,23 +336,19 @@ read_and_discard_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+     cinfo->cquantize->color_quantize = noop_quantize;
+   }
+ 
+-  if (master->using_merged_upsample && cinfo->post &&
+-      cinfo->post->post_process_data) {
+-    post_process_data = cinfo->post->post_process_data;
+-    cinfo->post->post_process_data = noop_post_process;
++  if (master->using_merged_upsample && cinfo->max_v_samp_factor == 2) {
++    my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
++    scanlines = &upsample->spare_row;
+   }
+ 
+   for (n = 0; n < num_lines; n++)
+-    jpeg_read_scanlines(cinfo, NULL, 1);
++    jpeg_read_scanlines(cinfo, scanlines, 1);
+ 
+   if (color_convert)
+     cinfo->cconvert->color_convert = color_convert;
+ 
+   if (color_quantize)
+     cinfo->cquantize->color_quantize = color_quantize;
+-
+-  if (post_process_data)
+-    cinfo->post->post_process_data = post_process_data;
+ }
+ 
+ 
+@@ -380,6 +362,12 @@ increment_simple_rowgroup_ctr(j_decompress_ptr cinfo, JDIMENSION rows)
+ {
+   JDIMENSION rows_left;
+   my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
++  my_master_ptr master = (my_master_ptr)cinfo->master;
++
++  if (master->using_merged_upsample && cinfo->max_v_samp_factor == 2) {
++    read_and_discard_scanlines(cinfo, rows);
++    return;
++  }
+ 
+   /* Increment the counter to the next row group after the skipped rows. */
+   main_ptr->rowgroup_ctr += rows / cinfo->max_v_samp_factor;
+@@ -410,11 +398,16 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+   my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
+   my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
+   my_master_ptr master = (my_master_ptr)cinfo->master;
++  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
+   JDIMENSION i, x;
+   int y;
+   JDIMENSION lines_per_iMCU_row, lines_left_in_iMCU_row, lines_after_iMCU_row;
+   JDIMENSION lines_to_skip, lines_to_read;
+ 
++  /* Two-pass color quantization is not supported. */
++  if (cinfo->quantize_colors && cinfo->two_pass_quantize)
++    ERREXIT(cinfo, JERR_NOTIMPL);
++
+   if (cinfo->global_state != DSTATE_SCANNING)
+     ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
+ 
+@@ -472,13 +465,7 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+     main_ptr->buffer_full = FALSE;
+     main_ptr->rowgroup_ctr = 0;
+     main_ptr->context_state = CTX_PREPARE_FOR_IMCU;
+-    if (master->using_merged_upsample) {
+-      my_merged_upsample_ptr upsample =
+-        (my_merged_upsample_ptr)cinfo->upsample;
+-      upsample->spare_full = FALSE;
+-      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+-    } else {
+-      my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++    if (!master->using_merged_upsample) {
+       upsample->next_row_out = cinfo->max_v_samp_factor;
+       upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+     }
+@@ -493,13 +480,7 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+       cinfo->output_scanline += lines_left_in_iMCU_row;
+       main_ptr->buffer_full = FALSE;
+       main_ptr->rowgroup_ctr = 0;
+-      if (master->using_merged_upsample) {
+-        my_merged_upsample_ptr upsample =
+-          (my_merged_upsample_ptr)cinfo->upsample;
+-        upsample->spare_full = FALSE;
+-        upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+-      } else {
+-        my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++      if (!master->using_merged_upsample) {
+         upsample->next_row_out = cinfo->max_v_samp_factor;
+         upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+       }
+@@ -537,14 +518,8 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+       cinfo->output_iMCU_row += lines_to_skip / lines_per_iMCU_row;
+       increment_simple_rowgroup_ctr(cinfo, lines_to_read);
+     }
+-    if (master->using_merged_upsample) {
+-      my_merged_upsample_ptr upsample =
+-        (my_merged_upsample_ptr)cinfo->upsample;
+-      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+-    } else {
+-      my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
++    if (!master->using_merged_upsample)
+       upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+-    }
+     return num_lines;
+   }
+ 
+@@ -585,13 +560,8 @@ jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
+    * bit odd, since "rows_to_go" seems to be redundantly keeping track of
+    * output_scanline.
+    */
+-  if (master->using_merged_upsample) {
+-    my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
++  if (!master->using_merged_upsample)
+     upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+-  } else {
+-    my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
+-    upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
+-  }
+ 
+   /* Always skip the requested number of lines. */
+   return num_lines;
+diff --git a/libjpeg.txt b/libjpeg.txt
+index c50cf90..c233ecb 100644
+--- a/libjpeg.txt
++++ b/libjpeg.txt
+@@ -3,7 +3,7 @@ USING THE IJG JPEG LIBRARY
+ This file was part of the Independent JPEG Group's software:
+ Copyright (C) 1994-2013, Thomas G. Lane, Guido Vollbeding.
+ libjpeg-turbo Modifications:
+-Copyright (C) 2010, 2014-2018, D. R. Commander.
++Copyright (C) 2010, 2014-2018, 2020, D. R. Commander.
+ Copyright (C) 2015, Google, Inc.
+ For conditions of distribution and use, see the accompanying README.ijg file.
+ 
+@@ -750,7 +750,9 @@ multiple rows in the JPEG image.
+ 
+ Suspending data sources are not supported by this function.  Calling
+ jpeg_skip_scanlines() with a suspending data source will result in undefined
+-behavior.
++behavior.  Two-pass color quantization is also not supported by this function.
++Calling jpeg_skip_scanlines() with two-pass color quantization enabled will
++result in an error.
+ 
+ jpeg_skip_scanlines() will not allow skipping past the bottom of the image.  If
+ the value of num_lines is large enough to skip past the bottom of the image,
+-- 
+2.25.1
+
diff --git a/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb b/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb
index 6575582b0c..630b20300f 100644
--- a/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb
+++ b/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb
@@ -14,6 +14,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \
            file://0001-libjpeg-turbo-fix-package_qa-error.patch \
            file://CVE-2020-13790.patch \
            file://CVE-2021-46822.patch \
+           file://CVE-2020-35538-1.patch \
+           file://CVE-2020-35538-2.patch \
            "
 
 SRC_URI[md5sum] = "d01d9e0c28c27bc0de9f4e2e8ff49855"

From patchwork Fri Jun 30 02:33:15 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26709
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EE1A9C001DF
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-qk1-f169.google.com (mail-qk1-f169.google.com
 [209.85.222.169])
 by mx.groups.io with SMTP id smtpd.web10.3936.1688092415751165793
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:35 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=oORpstYM;
 spf=softfail (domain: sakoman.com, ip: 209.85.222.169,
 mailfrom: steve@sakoman.com)
Received: by mail-qk1-f169.google.com with SMTP id
 af79cd13be357-765a4ff26cdso125903585a.0
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092414;
 x=1690684414;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=cj15mkQdLqwj6I5Y5HjNQOXrLwbN6vDc5lNMnaNm6+w=;
        b=oORpstYMtm8yxkwpLVgsK3/dCOvJawtpRCE1/DbyVAOvRqvD14VIB9iG/neO5ptsRm
         AxXo969N/zkDdCE5mNPkzsuTRu1bV16B+U2+Gv9Xulr5H4D4eLUkXIxlKoEidZ8rRSJ1
         Dwz1YUYgKgx/TV1wSZp9WqyNwm9kZh6iEIZUetVWujZsm+KaUHxbFgRxYu/xqxkwva5y
         A5dnddu+MTdWFDH4ojP8LNOhA80Htmj9eXpXIKu27AocECO2exW4qx3FXsytx3vDbgzT
         p8/kWciXeBtLeisoeEf9TrMggINVwuP+zKu779AzoTLLNTY4vZt131UQP1For4RMcPj7
         jRIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092414; x=1690684414;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=cj15mkQdLqwj6I5Y5HjNQOXrLwbN6vDc5lNMnaNm6+w=;
        b=KDVUpFe8a3FnPzRgydoX5tfKVU5G/Mg5IqzkA9qBCheT4FbIWeqPm0MIxCH/r10oY6
         f4du2Ipf88sflyCARR0q7cIKjM2/KQkwQGPqM+mM12Vg7SmVps/r3xPHq8kExTy6nRMB
         eeUjJhk8RkXMCzSEU8mgWPObXUWx+L8mQVlq9/QMKy5m8UBU4meCLpg6P9OkTSiqQhoT
         PKZuueci5xJNqSiWUmioQmSfNp/I3mZ2ft3K1Dvi63wL+qkMkzR288vNbU04130T65lY
         6fD5MJePsLbWaDN81xUqj9etneiQX8JGN7g2FNn21Fdi65M0kTTy/Ha93RxwrimCDSug
         O26Q==
X-Gm-Message-State: AC+VfDwp02feBjo6CkTUbwqNkWif7PxXrUezA2n8AAWGaxWtow1Qwsqz
	w2ayJOqw+kPSwwP6x/8nsZumBOKICug1dl26Q7KDhA==
X-Google-Smtp-Source: 
 ACHHUZ66b/Yfa8fJUifTP1sz29AJzHw4LuvD7F7TsECtgVoP29821+qE12Dv3ewWdKbHN1ukwwofNQ==
X-Received: by 2002:a05:620a:469e:b0:767:3fb8:12dd with SMTP id
 bq30-20020a05620a469e00b007673fb812ddmr1319739qkb.38.1688092414505;
        Thu, 29 Jun 2023 19:33:34 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.33
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:34 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 02/10] ninja: Whitelist CVE-2021-4336, wrong ninja
Date: Thu, 29 Jun 2023 16:33:15 -1000
Message-Id: 
 <a056017d8383686651de6a72b50d95213bacf226.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183673

From: Ross Burton <ross.burton@arm.com>

(From OE-Core rev: c2dd2c13ff26c3f046e35a2f6b8afeb099ef422a)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9a106486ad7900924a87c5869702903204a35b54)
Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/ninja/ninja_1.10.0.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/ninja/ninja_1.10.0.bb b/meta/recipes-devtools/ninja/ninja_1.10.0.bb
index ae3f3f1ea8..755b73a173 100644
--- a/meta/recipes-devtools/ninja/ninja_1.10.0.bb
+++ b/meta/recipes-devtools/ninja/ninja_1.10.0.bb
@@ -29,3 +29,6 @@ do_install() {
 }
 
 BBCLASSEXTEND = "native nativesdk"
+
+# This is a different Ninja
+CVE_CHECK_WHITELIST += "CVE-2021-4336"

From patchwork Fri Jun 30 02:33:16 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26707
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E0F66EB64DD
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-oi1-f178.google.com (mail-oi1-f178.google.com
 [209.85.167.178])
 by mx.groups.io with SMTP id smtpd.web10.3937.1688092417375616228
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:37 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=0MMTNz94;
 spf=softfail (domain: sakoman.com, ip: 209.85.167.178,
 mailfrom: steve@sakoman.com)
Received: by mail-oi1-f178.google.com with SMTP id
 5614622812f47-3a0423ea74eso1005287b6e.1
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092416;
 x=1690684416;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=/mevffEeB54poFSMTH1VSA3tQlUqvFElwE4Ps2ncRGo=;
        b=0MMTNz94xgCD6tu1eJPqWu0w7TwG+qAXOl0xPrt93QHjDT8ra6E9oSDS3jEXm/rg85
         06YcdfoOEmt83Mf3Pd8Spr8/Byh1zFSC57/kkZT1pxjDjrn/ApxVbXzAfzKbeQ6Zpw7F
         oFxiP1MA1F073V6VsLZC7LDdRVP7eAcV3bmVpNisUIjwasWUBqWZiFfuJ5U1vlozhr8s
         bE8QOw1VAT6NYLwOBNtzkD+e6PuP0K/eJsorJvJ2G/bHdHFvyRuotiIOfn0iAXHgNgNg
         7YWrpqkSnvHOLrr1ighTa02EbitoVabbLP/sNIp/X/PcrnKq/Fj2a/X0dcSHsZs/pRnQ
         ermg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092416; x=1690684416;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=/mevffEeB54poFSMTH1VSA3tQlUqvFElwE4Ps2ncRGo=;
        b=hbHcvD+QiSJS2/fZTlfPpUnt8NBtIHU9H1VeahLICWmEhvw8RvPOiGo/tAG7m8UEu4
         ukQQJNIXt5v36dY/Ybm6O/m2uCpzxx8F+Pgi2hL4Xp0kXCQa8QmZaboCTj3b1d1s3rP7
         RI3pWHBpR29A8m12aqfx54sqirtHTX5RI4gErRjadr50WEMzG3S8qimBcgdC4VFigOKs
         9sZAed7BcyqONajAOsEFFC5rl4NbUty7gARUq0xQVGudEflV8TzXz8zzIlfpBnLIZ6TO
         UmwoQQIi4hSVKxs7Uf/zncNSUfih+Y63pi0poi+dHztnQx5gJYEg4IfN10Xy20fFRD2k
         Rwjw==
X-Gm-Message-State: AC+VfDzpejQ/VgLizZf581F7cjcFkIFf/x0rgtwxC9koo11v9VHsy9/v
	rFe47wTivr2FmBNJrDpFMJaUwx8uwkl3gMMq5C73nA==
X-Google-Smtp-Source: 
 ACHHUZ6UAgts17zsxZEx5kG7NwDm58eeZ9ozf+Mw6CBBfM6OWIuKkaG0STnl/jldhyam+RirJ04EVQ==
X-Received: by 2002:a05:6808:1645:b0:3a3:7978:32ec with SMTP id
 az5-20020a056808164500b003a3797832ecmr1333444oib.1.1688092416199;
        Thu, 29 Jun 2023 19:33:36 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.35
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:35 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 03/10] go: Backport fix CVE-2023-29405
Date: Thu, 29 Jun 2023 16:33:16 -1000
Message-Id: 
 <ce213403b4e82f1b191fed4ef6494e9dee55c4f8.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183674

From: Ashish Sharma <asharma@mvista.com>

Upstream-Status: Backport
[https://github.com/golang/go/commit/fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4
&
https://github.com/golang/go/commit/1008486a9ff979dbd21c7466eeb6abf378f9c637]

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-1.14.inc          |   2 +
 .../go/go-1.14/CVE-2023-29405-1.patch         | 112 ++++++++++++++++++
 .../go/go-1.14/CVE-2023-29405-2.patch         |  38 ++++++
 3 files changed, 152 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index 2c500e8331..ed505c01b3 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -63,6 +63,8 @@ SRC_URI += "\
     file://CVE-2023-24538-3.patch \
     file://CVE-2023-24539.patch \
     file://CVE-2023-24540.patch \
+    file://CVE-2023-29405-1.patch \
+    file://CVE-2023-29405-2.patch \
 "
 
 SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
new file mode 100644
index 0000000000..70d50cc08a
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
@@ -0,0 +1,112 @@
+From fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4 Mon Sep 17 00:00:00 2001
+From: Ian Lance Taylor <iant@golang.org>
+Date: Thu, 4 May 2023 14:06:39 -0700
+Subject: [PATCH] [release-branch.go1.20] cmd/go,cmd/cgo: in _cgo_flags use one
+ line per flag
+
+The flags that we recorded in _cgo_flags did not use any quoting,
+so a flag containing embedded spaces was mishandled.
+Change the _cgo_flags format to put each flag on a separate line.
+That is a simple format that does not require any quoting.
+
+As far as I can tell only cmd/go uses _cgo_flags, and it is only
+used for gccgo. If this patch doesn't cause any trouble, then
+in the next release we can change to only using _cgo_flags for gccgo.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Updates #60306
+Fixes #60514
+Fixes CVE-2023-29405
+
+Change-Id: I36b6e188a44c80d7b9573efa577c386770bd2ba3
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1875094
+Reviewed-by: Damien Neil <dneil@google.com>
+Reviewed-by: Roland Shoemaker <bracewell@google.com>
+(cherry picked from commit bcdfcadd5612212089d958bc352a6f6c90742dcc)
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902228
+Run-TryBot: Roland Shoemaker <bracewell@google.com>
+TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com>
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904345
+Reviewed-by: Michael Knyszek <mknyszek@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501220
+TryBot-Result: Gopher Robot <gobot@golang.org>
+Run-TryBot: David Chase <drchase@google.com>
+Auto-Submit: Michael Knyszek <mknyszek@google.com>
+---
+Upstream-Status: Backport [https://github.com/golang/go/commit/fa60c381ed06c12f9c27a7b50ca44c5f84f7f0f4]
+CVE: CVE-2023-29405
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+
+ src/cmd/cgo/out.go                            |  4 +++-
+ src/cmd/go/internal/work/gccgo.go             | 14 ++++++-------
+ .../go/testdata/script/gccgo_link_ldflags.txt | 20 +++++++++++++++++++
+ 3 files changed, 29 insertions(+), 9 deletions(-)
+ create mode 100644 src/cmd/go/testdata/script/gccgo_link_ldflags.txt
+
+diff --git a/src/cmd/cgo/out.go b/src/cmd/cgo/out.go
+index d26f9e76a374a..d0c6fe3d4c2c2 100644
+--- a/src/cmd/cgo/out.go
++++ b/src/cmd/cgo/out.go
+@@ -47,7 +47,9 @@ func (p *Package) writeDefs() {
+ 
+ 	fflg := creat(*objDir + "_cgo_flags")
+ 	for k, v := range p.CgoFlags {
+-		fmt.Fprintf(fflg, "_CGO_%s=%s\n", k, strings.Join(v, " "))
++		for _, arg := range v {
++			fmt.Fprintf(fflg, "_CGO_%s=%s\n", arg)
++		}
+ 		if k == "LDFLAGS" && !*gccgo {
+ 			for _, arg := range v {
+ 				fmt.Fprintf(fgo2, "//go:cgo_ldflag %q\n", arg)
+diff --git a/src/cmd/go/internal/work/gccgo.go b/src/cmd/go/internal/work/gccgo.go
+index 08a4c2d8166c7..a048b7f4eecef 100644
+--- a/src/cmd/go/internal/work/gccgo.go
++++ b/src/cmd/go/internal/work/gccgo.go
+@@ -280,14 +280,12 @@ func (tools gccgoToolchain) link(b *Builder, root *Action, out, importcfg string
+ 		const ldflagsPrefix = "_CGO_LDFLAGS="
+ 		for _, line := range strings.Split(string(flags), "\n") {
+ 			if strings.HasPrefix(line, ldflagsPrefix) {
+-				newFlags := strings.Fields(line[len(ldflagsPrefix):])
+-				for _, flag := range newFlags {
+-					// Every _cgo_flags file has -g and -O2 in _CGO_LDFLAGS
+-					// but they don't mean anything to the linker so filter
+-					// them out.
+-					if flag != "-g" && !strings.HasPrefix(flag, "-O") {
+-						cgoldflags = append(cgoldflags, flag)
+-					}
++				flag := line[len(ldflagsPrefix):]
++				// Every _cgo_flags file has -g and -O2 in _CGO_LDFLAGS
++				// but they don't mean anything to the linker so filter
++				// them out.
++				if flag != "-g" && !strings.HasPrefix(flag, "-O") {
++					cgoldflags = append(cgoldflags, flag)
+ 				}
+ 			}
+ 		}
+diff --git a/src/cmd/go/testdata/script/gccgo_link_ldflags.txt b/src/cmd/go/testdata/script/gccgo_link_ldflags.txt
+new file mode 100644
+index 0000000000000..4e91ae56505b6
+--- /dev/null
++++ b/src/cmd/go/testdata/script/gccgo_link_ldflags.txt
+@@ -0,0 +1,20 @@
++# Test that #cgo LDFLAGS are properly quoted.
++# The #cgo LDFLAGS below should pass a string with spaces to -L,
++# as though searching a directory with a space in its name.
++# It should not pass --nosuchoption to the external linker.
++
++[!cgo] skip
++
++go build
++
++[!exec:gccgo] skip
++
++go build -compiler gccgo
++
++-- go.mod --
++module m
++-- cgo.go --
++package main
++// #cgo LDFLAGS: -L "./ -Wl,--nosuchoption"
++import "C"
++func main() {}
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch
new file mode 100644
index 0000000000..369eca581e
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch
@@ -0,0 +1,38 @@
+From 1008486a9ff979dbd21c7466eeb6abf378f9c637 Mon Sep 17 00:00:00 2001
+From: Ian Lance Taylor <iant@golang.org>
+Date: Tue, 6 Jun 2023 12:51:17 -0700
+Subject: [PATCH] [release-branch.go1.20] cmd/cgo: correct _cgo_flags output
+
+For #60306
+For #60514
+
+Change-Id: I3f5d14aee7d7195030e8872e42b1d97aa11d3582
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501298
+Run-TryBot: Ian Lance Taylor <iant@golang.org>
+TryBot-Result: Gopher Robot <gobot@golang.org>
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Reviewed-by: David Chase <drchase@google.com>
+Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
+---
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/1008486a9ff979dbd21c7466eeb6abf378f9c637]
+CVE: CVE-2023-29405
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+
+
+ src/cmd/cgo/out.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/cmd/cgo/out.go b/src/cmd/cgo/out.go
+index d0c6fe3d4c2c2..a48f52105628a 100644
+--- a/src/cmd/cgo/out.go
++++ b/src/cmd/cgo/out.go
+@@ -48,7 +48,7 @@ func (p *Package) writeDefs() {
+ 	fflg := creat(*objDir + "_cgo_flags")
+ 	for k, v := range p.CgoFlags {
+ 		for _, arg := range v {
+-			fmt.Fprintf(fflg, "_CGO_%s=%s\n", arg)
++			fmt.Fprintf(fflg, "_CGO_%s=%s\n", k, arg)
+ 		}
+ 		if k == "LDFLAGS" && !*gccgo {
+ 			for _, arg := range v {

From patchwork Fri Jun 30 02:33:17 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26711
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EBE51C001DB
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com
 [209.85.210.180])
 by mx.groups.io with SMTP id smtpd.web10.3939.1688092419080484051
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:39 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=KWr3iQ/n;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.180,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f180.google.com with SMTP id
 d2e1a72fcca58-6686708c986so1248478b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092418;
 x=1690684418;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=PotZZ/DcUdwkLGnG/RNEAB9Ju6K/HojbBQizUwLtUsE=;
        b=KWr3iQ/n6zYhn10yd94EBPWOytIJmAc+Er4jFPL+r1FLnEFWyqfEAfFjs0xP1EANfc
         jjZJ5X/UEAH9H2IK8s8CU8ocjNZX8W3rknSGvEkJ8iaje+/CmEXzOqgEXpgarfAlfAQK
         B31h8FuUvn+nMlhEYpgIgd4+HfITstR/clxHDvaRQ98mXdJjEDJo+MkE8cOKID5BjjDQ
         Cx/JvfTR4W60Skj7sUXfL+igwlqEtC/gRnFAbcVgbyPkjBOZWYTXWH0vhvG2S5NJwRjf
         2foz878ChFxDtvdCDCgmamb1kRiFcCQtMmUjj5e3BE4ax3qAmr7+2ZYk8Qv6WlEZLCYr
         98VA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092418; x=1690684418;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=PotZZ/DcUdwkLGnG/RNEAB9Ju6K/HojbBQizUwLtUsE=;
        b=TY50G2MYUcW9SNlj9yQmFMXTi/rqEsvnnDsvKAFAYM5Gu6G42ksqTczWjk8t1QZnG3
         SJ0FFt7BTI0fes5gz+MTsSs5fh1B2IqjygadW4k1m/XUlB3MbWMMIRnwsVfEShTVeDia
         Z3+h0IFsVCp+OMyfUSxsyi/EPz9E6y7UnuP22eVDav4uQ7r4CHELfDFttAI5DvZeRcy8
         whaAKkaNR8gRKL/neF0suzL7P8Z4dmllvp4gnnVhAN8VYv5F9/wCQoTCuR1J0h3mIY4X
         hsoYyblNuAqbDINBv13WxnkQjj3DsYQzJ/S7iJ1IjzeU5QrPw1c91L6EbtBcNyn8Bihb
         6K5g==
X-Gm-Message-State: AC+VfDyoDd8EXgMJcwaKm+WChydtNFlfrMrwh52An7wlF3U9GmKJY2/1
	FzyorRfCLpLATaOHK0DM1JkZpgHrIOKWwIBDj8EEhg==
X-Google-Smtp-Source: 
 ACHHUZ68UnwrWjS95gDCN3TmZWJ2a2d9FJ8Xzbv//hY1eSrI8QdRKXIIsAOk8JkSyjjXpjy57nRS5w==
X-Received: by 2002:a05:6a20:a10c:b0:11d:9307:8acb with SMTP id
 q12-20020a056a20a10c00b0011d93078acbmr1178886pzk.45.1688092417950;
        Thu, 29 Jun 2023 19:33:37 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.37
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:37 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 04/10] go: fix CVE-2023-29402 & CVE-2023-29404
Date: Thu, 29 Jun 2023 16:33:17 -1000
Message-Id: 
 <a4a989605d8cab3278d6c6e32eb882815ff36a28.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183675

From: Hitendra Prajapati <hprajapati@mvista.com>

Backport fixes for:
* CVE-2023-29402 - Upstream-Status: Backport from https://github.com/golang/go/commit/c160b49b6d328c86bd76ca2fff9009a71347333f
* CVE-2023-29404 - Upstream-Status: Backport from https://github.com/golang/go/commit/bf3c8ce03e175e870763901a3850bca01381a828

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-1.14.inc          |   2 +
 .../go/go-1.14/CVE-2023-29402.patch           | 201 ++++++++++++++++++
 .../go/go-1.14/CVE-2023-29404.patch           |  84 ++++++++
 3 files changed, 287 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index ed505c01b3..ea7b9ea80f 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -65,6 +65,8 @@ SRC_URI += "\
     file://CVE-2023-24540.patch \
     file://CVE-2023-29405-1.patch \
     file://CVE-2023-29405-2.patch \
+    file://CVE-2023-29402.patch \
+    file://CVE-2023-29404.patch \
 "
 
 SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
new file mode 100644
index 0000000000..01eed9fe1b
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
@@ -0,0 +1,201 @@
+rom c160b49b6d328c86bd76ca2fff9009a71347333f Mon Sep 17 00:00:00 2001
+From: "Bryan C. Mills" <bcmills@google.com>
+Date: Fri, 12 May 2023 14:15:16 -0400
+Subject: [PATCH] [release-branch.go1.19] cmd/go: disallow package directories
+ containing newlines
+
+Directory or file paths containing newlines may cause tools (such as
+cmd/cgo) that emit "//line" or "#line" -directives to write part of
+the path into non-comment lines in generated source code. If those
+lines contain valid Go code, it may be injected into the resulting
+binary.
+
+(Note that Go import paths and file paths within module zip files
+already could not contain newlines.)
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Updates #60167.
+Fixes #60515.
+Fixes CVE-2023-29402.
+
+Change-Id: If55d0400c02beb7a5da5eceac60f1abeac99f064
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1882606
+Reviewed-by: Roland Shoemaker <bracewell@google.com>
+Run-TryBot: Roland Shoemaker <bracewell@google.com>
+Reviewed-by: Russ Cox <rsc@google.com>
+Reviewed-by: Damien Neil <dneil@google.com>
+(cherry picked from commit 41f9046495564fc728d6f98384ab7276450ac7e2)
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902229
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904343
+Reviewed-by: Michael Knyszek <mknyszek@google.com>
+Reviewed-by: Bryan Mills <bcmills@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501218
+Run-TryBot: David Chase <drchase@google.com>
+Auto-Submit: Michael Knyszek <mknyszek@google.com>
+TryBot-Result: Gopher Robot <gobot@golang.org>
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/c160b49b6d328c86bd76ca2fff9009a71347333f]
+CVE: CVE-2023-29402
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/cmd/go/internal/load/pkg.go               |   4 +
+ src/cmd/go/internal/work/exec.go              |   6 ++
+ src/cmd/go/script_test.go                     |   1 +
+ .../go/testdata/script/build_cwd_newline.txt  | 100 ++++++++++++++++++
+ 4 files changed, 111 insertions(+)
+ create mode 100644 src/cmd/go/testdata/script/build_cwd_newline.txt
+
+diff --git a/src/cmd/go/internal/load/pkg.go b/src/cmd/go/internal/load/pkg.go
+index 369a79b..d2b63b0 100644
+--- a/src/cmd/go/internal/load/pkg.go
++++ b/src/cmd/go/internal/load/pkg.go
+@@ -1697,6 +1697,10 @@ func (p *Package) load(stk *ImportStack, bp *build.Package, err error) {
+ 		setError(ImportErrorf(p.ImportPath, "invalid import path %q", p.ImportPath))
+ 		return
+ 	}
++	if strings.ContainsAny(p.Dir, "\r\n") {
++		setError(fmt.Errorf("invalid package directory %q", p.Dir))
++		return
++	}
+ 
+ 	// Build list of imported packages and full dependency list.
+ 	imports := make([]*Package, 0, len(p.Imports))
+diff --git a/src/cmd/go/internal/work/exec.go b/src/cmd/go/internal/work/exec.go
+index 9a9650b..050b785 100644
+--- a/src/cmd/go/internal/work/exec.go
++++ b/src/cmd/go/internal/work/exec.go
+@@ -458,6 +458,12 @@ func (b *Builder) build(a *Action) (err error) {
+ 		b.Print(a.Package.ImportPath + "\n")
+ 	}
+ 
++	if p.Error != nil {
++		// Don't try to build anything for packages with errors. There may be a
++		// problem with the inputs that makes the package unsafe to build.
++		return p.Error
++	}
++
+ 	if a.Package.BinaryOnly {
+ 		p.Stale = true
+ 		p.StaleReason = "binary-only packages are no longer supported"
+diff --git a/src/cmd/go/script_test.go b/src/cmd/go/script_test.go
+index ec498bb..a1398ad 100644
+--- a/src/cmd/go/script_test.go
++++ b/src/cmd/go/script_test.go
+@@ -123,6 +123,7 @@ func (ts *testScript) setup() {
+ 		"devnull=" + os.DevNull,
+ 		"goversion=" + goVersion(ts),
+ 		":=" + string(os.PathListSeparator),
++                "newline=\n",
+ 	}
+ 
+ 	if runtime.GOOS == "plan9" {
+diff --git a/src/cmd/go/testdata/script/build_cwd_newline.txt b/src/cmd/go/testdata/script/build_cwd_newline.txt
+new file mode 100644
+index 0000000..61c6966
+--- /dev/null
++++ b/src/cmd/go/testdata/script/build_cwd_newline.txt
+@@ -0,0 +1,100 @@
++[windows] skip 'filesystem normalizes / to \'
++[plan9] skip 'filesystem disallows \n in paths'
++
++# If the directory path containing a package to be built includes a newline,
++# the go command should refuse to even try to build the package.
++
++env DIR=$WORK${/}${newline}'package main'${newline}'func main() { panic("uh-oh")'${newline}'/*'
++
++mkdir $DIR
++cd $DIR
++exec pwd
++cp $WORK/go.mod ./go.mod
++cp $WORK/main.go ./main.go
++cp $WORK/main_test.go ./main_test.go
++
++! go build -o $devnull .
++stderr 'package example: invalid package directory .*uh-oh'
++
++! go build -o $devnull main.go
++stderr 'package command-line-arguments: invalid package directory .*uh-oh'
++
++! go run .
++stderr 'package example: invalid package directory .*uh-oh'
++
++! go run main.go
++stderr 'package command-line-arguments: invalid package directory .*uh-oh'
++
++! go test .
++stderr 'package example: invalid package directory .*uh-oh'
++
++! go test -v main.go main_test.go
++stderr 'package command-line-arguments: invalid package directory .*uh-oh'
++
++
++# Since we do preserve $PWD (or set it appropriately) for commands, and we do
++# not resolve symlinks unnecessarily, referring to the contents of the unsafe
++# directory via a safe symlink should be ok, and should not inject the data from
++# the symlink target path.
++
++[!symlink] stop 'remainder of test checks symlink behavior'
++[short] stop 'links and runs binaries'
++
++symlink $WORK${/}link -> $DIR
++
++go run $WORK${/}link${/}main.go
++! stdout panic
++! stderr panic
++stderr '^ok$'
++
++go test -v $WORK${/}link${/}main.go $WORK${/}link${/}main_test.go
++! stdout panic
++! stderr panic
++stdout '^ok$'   # 'go test' combines the test's stdout into stderr
++
++cd $WORK/link
++
++! go run $DIR${/}main.go
++stderr 'package command-line-arguments: invalid package directory .*uh-oh'
++
++go run .
++! stdout panic
++! stderr panic
++stderr '^ok$'
++
++go run main.go
++! stdout panic
++! stderr panic
++stderr '^ok$'
++
++go test -v
++! stdout panic
++! stderr panic
++stdout '^ok$'  # 'go test' combines the test's stdout into stderr
++
++go test -v .
++! stdout panic
++! stderr panic
++stdout '^ok$'  # 'go test' combines the test's stdout into stderr
++
++
++-- $WORK/go.mod --
++module example
++go 1.19
++-- $WORK/main.go --
++package main
++
++import "C"
++
++func main() {
++	/* nothing here */
++	println("ok")
++}
++-- $WORK/main_test.go --
++package main
++
++import "testing"
++
++func TestMain(*testing.M) {
++	main()
++}
+-- 
+2.25.1
+
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch
new file mode 100644
index 0000000000..61336ee9ee
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch
@@ -0,0 +1,84 @@
+From bf3c8ce03e175e870763901a3850bca01381a828 Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker <bracewell@google.com>
+Date: Fri, 5 May 2023 13:10:34 -0700
+Subject: [PATCH] [release-branch.go1.19] cmd/go: enforce flags with
+ non-optional arguments
+
+Enforce that linker flags which expect arguments get them, otherwise it
+may be possible to smuggle unexpected flags through as the linker can
+consume what looks like a flag as an argument to a preceding flag (i.e.
+"-Wl,-O -Wl,-R,-bad-flag" is interpreted as "-O=-R -bad-flag"). Also be
+somewhat more restrictive in the general format of some flags.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Updates #60305
+Fixes #60511
+Fixes CVE-2023-29404
+
+Change-Id: Icdffef2c0f644da50261cace6f43742783931cff
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1876275
+Reviewed-by: Ian Lance Taylor <iant@google.com>
+Reviewed-by: Damien Neil <dneil@google.com>
+(cherry picked from commit 896779503cf754cbdac24b61d4cc953b50fe2dde)
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1902225
+Run-TryBot: Roland Shoemaker <bracewell@google.com>
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1904342
+Reviewed-by: Michael Knyszek <mknyszek@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/501217
+Auto-Submit: Michael Knyszek <mknyszek@google.com>
+Run-TryBot: David Chase <drchase@google.com>
+TryBot-Bypass: Michael Knyszek <mknyszek@google.com>
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/bf3c8ce03e175e870763901a3850bca01381a828]
+CVE: CVE-2023-29404
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/cmd/go/internal/work/security.go      | 6 +++---
+ src/cmd/go/internal/work/security_test.go | 5 +++++
+ 2 files changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/src/cmd/go/internal/work/security.go b/src/cmd/go/internal/work/security.go
+index a823b20..8acb6dc 100644
+--- a/src/cmd/go/internal/work/security.go
++++ b/src/cmd/go/internal/work/security.go
+@@ -177,17 +177,17 @@ var validLinkerFlags = []*lazyregexp.Regexp{
+ 	re(`-Wl,-Bdynamic`),
+ 	re(`-Wl,-berok`),
+ 	re(`-Wl,-Bstatic`),
+-	re(`-WL,-O([^@,\-][^,]*)?`),
++	re(`-Wl,-O[0-9]+`),
+ 	re(`-Wl,-d[ny]`),
+ 	re(`-Wl,--disable-new-dtags`),
+-	re(`-Wl,-e[=,][a-zA-Z0-9]*`),
++	re(`-Wl,-e[=,][a-zA-Z0-9]+`),
+ 	re(`-Wl,--enable-new-dtags`),
+ 	re(`-Wl,--end-group`),
+ 	re(`-Wl,--(no-)?export-dynamic`),
+ 	re(`-Wl,-framework,[^,@\-][^,]+`),
+ 	re(`-Wl,-headerpad_max_install_names`),
+ 	re(`-Wl,--no-undefined`),
+-	re(`-Wl,-R([^@\-][^,@]*$)`),
++	re(`-Wl,-R,?([^@\-,][^,@]*$)`),
+ 	re(`-Wl,--just-symbols[=,]([^,@\-][^,@]+)`),
+ 	re(`-Wl,-rpath(-link)?[=,]([^,@\-][^,]+)`),
+ 	re(`-Wl,-s`),
+diff --git a/src/cmd/go/internal/work/security_test.go b/src/cmd/go/internal/work/security_test.go
+index bd707ff..7b0b7d3 100644
+--- a/src/cmd/go/internal/work/security_test.go
++++ b/src/cmd/go/internal/work/security_test.go
+@@ -220,6 +220,11 @@ var badLinkerFlags = [][]string{
+ 	{"-Wl,-R,@foo"},
+ 	{"-Wl,--just-symbols,@foo"},
+ 	{"../x.o"},
++	{"-Wl,-R,"},
++	{"-Wl,-O"},
++	{"-Wl,-e="},
++	{"-Wl,-e,"},
++	{"-Wl,-R,-flag"},
+ }
+ 
+ func TestCheckLinkerFlags(t *testing.T) {
+-- 
+2.25.1
+

From patchwork Fri Jun 30 02:33:18 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26710
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E021AC001B3
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com
 [209.85.210.172])
 by mx.groups.io with SMTP id smtpd.web11.3929.1688092420723246166
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:40 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=H7VZ0MGt;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.172,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f172.google.com with SMTP id
 d2e1a72fcca58-66c729f5618so1276443b3a.1
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092420;
 x=1690684420;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=WpzV0LBgQbdtgclu6VTDOQGbjpBMtbJXdc5wcGZbssQ=;
        b=H7VZ0MGtmRbfWLz1MWR+CEC11A2E6C6EqUVUGgVwz0g26Bfk2ZytP81HwN360vFAwo
         zi5RyRa0a+3/u9CVrc1SUlzIki0/XZTJL8dO44WMZSrIJPlbGJnirGdYz9DYeBTnxbjL
         eKL/psf7DVftNm66CxezKI9TlvGWzSGpaq09vQEi5kbYz8IYnir5fIuMpD9TloFayrs9
         l758Ivux7ICK+uqu0vpjhsKtGZPBrG5Yn7M/Sol9E4f0uCtLrgjlQqwMRCKHrFBOG3CO
         piHjcQVjKaGZWzsfSXFktrpPqL8ILzI/imHi7sODxYMCXpoo/3sSQUpRqR/SIubTRuLJ
         LeRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092420; x=1690684420;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=WpzV0LBgQbdtgclu6VTDOQGbjpBMtbJXdc5wcGZbssQ=;
        b=jPWfm/uKBcqwrMXMmqzvQjfYBa4woZJ5LfMYZbxKHQTN0ztp4lGBr+j3JNC7RjWkk8
         pjJ7qt28JtrXXsk/31u/KISAuwb/FNPdXbuilFxPZ0Eb/1J+etHHQY9mClqfls/UgZaV
         LYo7OogdwEYcPbmuoKisGFQRtkUN1XtfCGqkvCgAsgL88sCv2u892Gc/gtZUZ8X7VU2G
         p4xXndrliRKR2Mww6l20q3HefQavJJz+dozkE8NWOxE+55ox3Gv/8DP+ey5otQ7YG4xd
         V3lz4n5I+eynBVj4/ogRcOwlZFN5TVpCRHb4P66IBgQ+pqd76ZxlnyKgWi+ImVzDvGRI
         R+IA==
X-Gm-Message-State: ABy/qLbmFo7qpZ+dAuV1ggGuc4QOFfTMd+z8TKl83LN4K7oHkebtIoNz
	MG8B2FSg2e42L9BtdiExSs7SAeYlgHOjovjp0Wbwlg==
X-Google-Smtp-Source: 
 APBJJlH/FTgPSlYqp7A5TiXFVh0GB3dbPAKbkfzCa2arsZKGaKyY5izCYgspO3OKEvAQjQWxVQ3Ueg==
X-Received: by 2002:a05:6a00:17aa:b0:676:ad06:29d7 with SMTP id
 s42-20020a056a0017aa00b00676ad0629d7mr2295035pfg.15.1688092419752;
        Thu, 29 Jun 2023 19:33:39 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.38
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:39 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 05/10] libcap: backport Debian patches to fix
 CVE-2023-2602 and CVE-2023-2603
Date: Thu, 29 Jun 2023 16:33:18 -1000
Message-Id: 
 <d0718a43a00223aa074f14e769214ba11d4f8ef2.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183676

From: Vijay Anusuri <vanusuri@mvista.com>

import patches from ubuntu to fix
 CVE-2023-2602
 CVE-2023-2603

Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/libcap2/tree/debian/patches?h=ubuntu/focal-security
Upstream commit
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb
&
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18]

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libcap/files/CVE-2023-2602.patch          | 52 +++++++++++++++++
 .../libcap/files/CVE-2023-2603.patch          | 58 +++++++++++++++++++
 meta/recipes-support/libcap/libcap_2.32.bb    |  2 +
 3 files changed, 112 insertions(+)
 create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2602.patch
 create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch

diff --git a/meta/recipes-support/libcap/files/CVE-2023-2602.patch b/meta/recipes-support/libcap/files/CVE-2023-2602.patch
new file mode 100644
index 0000000000..ca04d7297a
--- /dev/null
+++ b/meta/recipes-support/libcap/files/CVE-2023-2602.patch
@@ -0,0 +1,52 @@
+Backport of:
+
+From bc6b36682f188020ee4770fae1d41bde5b2c97bb Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" <morgan@kernel.org>
+Date: Wed, 3 May 2023 19:18:36 -0700
+Subject: Correct the check of pthread_create()'s return value.
+
+This function returns a positive number (errno) on error, so the code
+wasn't previously freeing some memory in this situation.
+
+Discussion:
+
+  https://stackoverflow.com/a/3581020/14760867
+
+Credit for finding this bug in libpsx goes to David Gstir of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security
+audit of the libcap source code in April of 2023. The audit
+was sponsored by the Open Source Technology Improvement Fund
+(https://ostif.org/).
+
+Audit ref: LCAP-CR-23-01 (CVE-2023-2602)
+
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+
+Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/libcap2/tree/debian/patches/CVE-2023-2602.patch?h=ubuntu/focal-security
+Upstream commit https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb]
+CVE: CVE-2023-2602
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ psx/psx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libcap/psx.c
++++ b/libcap/psx.c
+@@ -272,7 +272,7 @@ int psx_pthread_create(pthread_t *thread
+ 
+     psx_wait_for_idle();
+     int ret = pthread_create(thread, attr, start_routine, arg);
+-    if (ret != -1) {
++    if (ret == 0) {
+ 	psx_do_registration(*thread);
+     }
+     psx_resume_idle();
+@@ -287,7 +287,7 @@ int __wrap_pthread_create(pthread_t *thr
+ 			  void *(*start_routine) (void *), void *arg) {
+     psx_wait_for_idle();
+     int ret = __real_pthread_create(thread, attr, start_routine, arg);
+-    if (ret != -1) {
++    if (ret == 0) {
+ 	psx_do_registration(*thread);
+     }
+     psx_resume_idle();
diff --git a/meta/recipes-support/libcap/files/CVE-2023-2603.patch b/meta/recipes-support/libcap/files/CVE-2023-2603.patch
new file mode 100644
index 0000000000..cf86ac2a46
--- /dev/null
+++ b/meta/recipes-support/libcap/files/CVE-2023-2603.patch
@@ -0,0 +1,58 @@
+Backport of:
+
+From 422bec25ae4a1ab03fd4d6f728695ed279173b18 Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" <morgan@kernel.org>
+Date: Wed, 3 May 2023 19:44:22 -0700
+Subject: Large strings can confuse libcap's internal strdup code.
+
+Avoid something subtle with really long strings: 1073741823 should
+be enough for anybody. This is an improved fix over something attempted
+in libcap-2.55 to address some static analysis findings.
+
+Reviewing the library, cap_proc_root() and cap_launcher_set_chroot()
+are the only two calls where the library is potentially exposed to a
+user controlled string input.
+
+Credit for finding this bug in libcap goes to Richard Weinberger of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security audit
+of the libcap source code in April of 2023. The audit was sponsored
+by the Open Source Technology Improvement Fund (https://ostif.org/).
+
+Audit ref: LCAP-CR-23-02 (CVE-2023-2603)
+
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+
+Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/libcap2/tree/debian/patches/CVE-2023-2603.patch?h=ubuntu/focal-security
+Upstream commit https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18]
+CVE: CVE-2023-2603
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ libcap/cap_alloc.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/libcap/cap_alloc.c
++++ b/libcap/cap_alloc.c
+@@ -76,13 +76,22 @@ cap_t cap_init(void)
+ char *_libcap_strdup(const char *old)
+ {
+     __u32 *raw_data;
++    size_t len;
+ 
+     if (old == NULL) {
+ 	errno = EINVAL;
+ 	return NULL;
+     }
+ 
+-    raw_data = malloc( sizeof(__u32) + strlen(old) + 1 );
++    len = strlen(old);
++    if ((len & 0x3fffffff) != len) {
++	_cap_debug("len is too long for libcap to manage");
++	errno = EINVAL;
++	return NULL;
++    }
++    len += sizeof(__u32) + 1;
++
++    raw_data = malloc(len);
+     if (raw_data == NULL) {
+ 	errno = ENOMEM;
+ 	return NULL;
diff --git a/meta/recipes-support/libcap/libcap_2.32.bb b/meta/recipes-support/libcap/libcap_2.32.bb
index d67babb5e9..64d5190aa7 100644
--- a/meta/recipes-support/libcap/libcap_2.32.bb
+++ b/meta/recipes-support/libcap/libcap_2.32.bb
@@ -13,6 +13,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/libs/security/linux-privs/${BPN}2/${BPN}-${
            file://0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch \
            file://0002-tests-do-not-run-target-executables.patch \
            file://0001-tests-do-not-statically-link-a-test.patch \
+           file://CVE-2023-2602.patch \
+           file://CVE-2023-2603.patch \
            "
 SRC_URI[md5sum] = "7416119c9fdcfd0e8dd190a432c668e9"
 SRC_URI[sha256sum] = "1005e3d227f2340ad1e3360ef8b69d15e3c72a29c09f4894d7aac038bd26e2be"

From patchwork Fri Jun 30 02:33:19 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26712
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D2E70EB64D9
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com
 [209.85.210.177])
 by mx.groups.io with SMTP id smtpd.web11.3930.1688092422790106276
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:42 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=ZlGVbxOF;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.177,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f177.google.com with SMTP id
 d2e1a72fcca58-67ef5af0ce8so1268131b3a.2
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092422;
 x=1690684422;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=syVbqJVkOpNl4vvDPvGjyitLVp6BGUZ9L6X3AVtTXfs=;
        b=ZlGVbxOFDK8kzg4MusGTyhFlz+TxShEeqoV3tNUo9XcicVLEIHqQ7okEJEw5ChyEvn
         v8z2I2//aRwICAoRMi61vxUJ8KRv2Xmul29RY9vPlIw2mf2NU8LR3/3q+py24Pp6qSE+
         b803OEOxPiak40qAter1ScmFMVAwZNdbSMeomkFxPQcemBkYZVctibug10i9GpBxEHVO
         u9qY4wmcIeWfcX+5LLq3uDiBtHFerJxPTlibsLhV7pRSZHNbm/su0XEqpEn/rjD4rJZX
         IbaBm286XqWNS0Wzz5/Ws/OHdwhic8iV0Ytq1KTXJB0bjafqW7il69N+4wAnrzkrIWXj
         Wk0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092422; x=1690684422;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=syVbqJVkOpNl4vvDPvGjyitLVp6BGUZ9L6X3AVtTXfs=;
        b=WZuvdCArSpmYamOcn2CDp0r88k0rsRNtsDzDVrNO57r1B7e46TLdWBSl7epoWuMHYX
         v9mvjodE/+jP0aLRyzGBvk4Ba69MpaeEndyWz9nhX8DAPA3n0ewvyVf3KNBIDc3B7R4d
         i2XHqxdgqg6XM2OytGtaBDsQTGEkCIC1Me/tIbr1I1HHv9thl7xYY9r5SbwlrCWEURBy
         /5kXtjBMP8EYM/GTcjL7OlkFcSfHSTwA8hAYOD1zaGcEJ0R2IaucTPVPfWl6qXas0Xdf
         XATLsvv7LIydZvmEBcog6saaSShx1c4EdFluxLed0GVYunCuiQOUSyHEJ9dmaUulLoZj
         7PyQ==
X-Gm-Message-State: ABy/qLagrY6sYSQbZaswBgau9PwuZdlakZ6KhyZbvyXWQibDIWko263R
	RgHGtm/fNSE6A34PFAp54GZ1rXLooVbj9TkCNEkKBg==
X-Google-Smtp-Source: 
 APBJJlHZ2BGekRD+fRVpnAJs7zXQfF478bWPXcsvJX17+liaSX0UAthpwiUrH85m2cOEXivEl9W1Gw==
X-Received: by 2002:a05:6a00:24c9:b0:682:537f:2cb8 with SMTP id
 d9-20020a056a0024c900b00682537f2cb8mr1826948pfv.26.1688092421424;
        Thu, 29 Jun 2023 19:33:41 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.40
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:41 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 06/10] linux-yocto/5.4: update to v5.4.246
Date: Thu, 29 Jun 2023 16:33:19 -1000
Message-Id: 
 <bc75da82987e243bdfe3e1192bb715438b3a7378.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183677

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    f568a20f058f Linux 5.4.246
    6c0fc4725f6f drm/edid: fix objtool warning in drm_cvt_modes()
    914bf541c3bb wifi: rtlwifi: 8192de: correct checking of IQK reload
    58bc9baaef92 drm/edid: Fix uninitialized variable in drm_cvt_modes()
    77e442733faa RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds
    a616aa258e46 RDMA/bnxt_re: Remove set but not used variable 'dev_attr'
    4ffad598bff4 scsi: dpt_i2o: Do not process completions with invalid addresses
    e2897f133acd scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
    56a4a9dc5ed1 regmap: Account for register length when chunking
    94f3bc7e84af test_firmware: fix the memory leak of the allocated firmware buffer
    fb7dce686fd1 fbcon: Fix null-ptr-deref in soft_cursor
    5ea6122caf51 ext4: add lockdep annotations for i_data_sem for ea_inode's
    b06346ef5778 ext4: disallow ea_inodes with extended attributes
    ec2a04f8fc9f ext4: set lockdep subclass for the ea_inode in ext4_xattr_inode_cache_find()
    2e636c0c9344 ext4: add EA_INODE checking to ext4_iget()
    d9de088797a0 tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
    7df474125c37 selinux: don't use make's grouped targets feature yet
    b18bc3c9c2c5 tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of UARTCTRL_SBK
    ae7fb0c8bf80 mmc: vub300: fix invalid response handling
    9d8f5797d791 wifi: rtlwifi: remove always-true condition pointed out by GCC 12
    843f51766784 lib/dynamic_debug.c: use address-of operator on section symbols
    0638dcc7e75f treewide: Remove uninitialized_var() usage
    1eb88dccb827 kernel/extable.c: use address-of operator on section symbols
    d069c7ce3995 eth: sun: cassini: remove dead code
    d04adc383f32 gcc-12: disable '-Wdangling-pointer' warning for now
    253d70232573 ACPI: thermal: drop an always true check
    a010f8e64689 x86/boot: Wrap literal addresses in absolute_pointer()
    f0bb5135553c flow_dissector: work around stack frame size warning
    cd943425c6aa ata: libata-scsi: Use correct device no in ata_find_dev()
    76c67ff783ac scsi: stex: Fix gcc 13 warnings
    cd91ead608f0 misc: fastrpc: reject new invocations during device removal
    bf1d0b84dfd2 misc: fastrpc: return -EPIPE to invocations on device removal
    d5f183881529 usb: gadget: f_fs: Add unbind event before functionfs_unbind
    ac388cbbd97c net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
    e101e8160cf0 iio: dac: build ad5758 driver when AD5758 is selected
    a87236446a62 iio: dac: mcp4725: Fix i2c_master_send() return value handling
    c3b25245e3a8 iio: light: vcnl4035: fixed chip ID check
    711049e31e09 HID: wacom: avoid integer overflow in wacom_intuos_inout()
    4251ff7fd4a4 HID: google: add jewel USB id
    f3b4e2a636d1 iio: adc: mxs-lradc: fix the order of two cleanup operations
    030ca3f7b042 mailbox: mailbox-test: fix a locking issue in mbox_test_message_write()
    11b084412055 atm: hide unused procfs functions
    cea581b385ab ALSA: oss: avoid missing-prototype warnings
    384fd08858da netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
    f7e62f1b7229 wifi: b43: fix incorrect __packed annotation
    8a9035110288 scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
    f1e6a1097141 arm64/mm: mark private VM_FAULT_X defines as vm_fault_t
    c87334f4e705 ARM: dts: stm32: add pin map for CAN controller on stm32f7
    a39f24357fdc wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
    353fd22693a6 media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
    66a6d704c251 media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
    ed47886a73db media: dvb-core: Fix use-after-free due on race condition at dvb_net
    e9033a425ab2 media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table
    08b20cb8e5b9 media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
    46e8b0fe538b media: dvb_ca_en50221: fix a size write bug
    b66849f35462 media: netup_unidvb: fix irq init by register it at the end of probe
    88aef84eefb3 media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
    6b9a534ec5cf media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
    f3c8ed7366cd media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
    65033ab2f930 media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
    37e36b426197 media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
    64f1b8296bef media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
    d16f5dc3aa09 media: dvb_demux: fix a bug for the continuity counter
    a7c87057f259 ASoC: ssm2602: Add workaround for playback distortions
    619f008df14e xfrm: Check if_id in inbound policy/secpath match
    21ca81704611 ASoC: dwc: limit the number of overrun messages
    acd5f476c16e nbd: Fix debugfs_create_dir error checking
    19ce1e1f348d fbdev: stifb: Fix info entry in sti_struct on error path
    aa32f2fadb4c fbdev: modedb: Add 1920x1080 at 60 Hz video mode
    199f9c5430f9 media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE
    b950966b44f9 ARM: 9295/1: unwind:fix unwind abort for uleb128 case
    a823d8e0bb02 mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write()
    29bfbc8a63c4 watchdog: menz069_wdt: fix watchdog initialisation
    0018639be2d9 mtd: rawnand: marvell: don't set the NAND frequency select
    5f0043efdc24 mtd: rawnand: marvell: ensure timing values are written
    6c0aacf1b4e1 net: dsa: mv88e6xxx: Increase wait after reset deactivation
    94a00f1142c5 net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
    dd4b5a204dfa udp6: Fix race condition in udp6_sendmsg & connect
    cd4a37f0dcc9 net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
    cec562fbf8c5 ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use
    9e6bb63e5e66 net: sched: fix NULL pointer dereference in mq_attach
    2188c0f09532 net/sched: Prohibit regrafting ingress or clsact Qdiscs
    80b20d528a71 net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
    321f38375517 net/sched: sch_clsact: Only create under TC_H_CLSACT
    5f67d33c01b3 net/sched: sch_ingress: Only create under TC_H_INGRESS
    381a703220fb tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
    32e9a9ee285f tcp: deny tcp_disconnect() when threads are waiting
    26e830858a2b af_packet: do not use READ_ONCE() in packet_bind()
    43f1402dc2e9 mtd: rawnand: ingenic: fix empty stub helper definitions
    dd3773e8c8c9 amd-xgbe: fix the false linkup in xgbe_phy_status
    603eec060d14 af_packet: Fix data-races of pkt_sk(sk)->num.
    bab2f42d8d8a netrom: fix info-leak in nr_write_internal()
    d7aeb591b101 net/mlx5: fw_tracer, Fix event handling
    c7ac3ebf41ee dmaengine: pl330: rename _start to prevent build error
    17d70de57248 iommu/amd: Don't block updates to GATag if guest mode is on
    fa961ad9ef91 iommu/rockchip: Fix unwind goto issue
    5abb81b4d762 RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
    2bafc7f22db3 RDMA/bnxt_re: Refactor queue pair creation code
    56446791bccd RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series
    cc5a673d85a9 RDMA/efa: Fix unsupported page sizes in device
    cf0b1e5482ea Linux 5.4.245
    ec14c6e0a2e5 netfilter: ctnetlink: Support offloaded conntrack entry deletion
    5b7d4d91c047 ipv{4,6}/raw: fix output xfrm lookup wrt protocol
    6c88024cab83 binder: fix UAF caused by faulty buffer cleanup
    e6183912ee90 bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
    9ba28194ea50 io_uring: have io_kill_timeout() honor the request references
    6de3014d4bd8 io_uring: don't drop completion lock before timer is fully initialized
    b0bfceaa8c0e io_uring: always grab lock in io_cancel_async_work()
    00395fd7f9a0 cdc_ncm: Fix the build warning
    672e59995e70 net/mlx5: Devcom, serialize devcom registration
    f42feb29bad9 net/mlx5: devcom only supports 2 ports
    67637a7ee6bd fs: fix undefined behavior in bit shift for SB_NOUSER
    02281c23d069 power: supply: bq24190: Call power_supply_changed() after updating input current
    f6518954c146 power: supply: core: Refactor power_supply_set_input_current_limit_from_supplier()
    db00ef8fd609 power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to stabilize
    ff484163dfb6 net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
    a270ca35a949 cdc_ncm: Implement the 32-bit version of NCM Transfer Block
    51d0ac4577c2 Linux 5.4.244
    edec0d399907 3c589_cs: Fix an error handling path in tc589_probe()
    3dfc1004d9af net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
    c59106f8bca1 net/mlx5: Fix error message when failing to allocate device memory
    8680d838c98c forcedeth: Fix an error handling path in nv_probe()
    b8db4a4e2007 ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
    0099a29bc5a0 x86/show_trace_log_lvl: Ensure stack pointer is aligned, again
    c60f38c9bdcb xen/pvcalls-back: fix double frees with pvcalls_new_active_socket()
    9b13972e4f23 coresight: Fix signedness bug in tmc_etr_buf_insert_barrier_packet()
    f6b610730e8f power: supply: sbs-charger: Fix INHIBITED bit for Status reg
    0c5f4cec7596 power: supply: bq27xxx: Fix poll_interval handling and races on remove
    dafe9136be7b power: supply: bq27xxx: Fix I2C IRQ race on remove
    7b3b11964979 power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
    96bfafbc7d80 power: supply: leds: Fix blink to LED on transition
    011f47c8b838 ipv6: Fix out-of-bounds access in ipv6_find_tlv()
    120cdad8b2ae bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
    9928ce5225d6 selftests: fib_tests: mute cleanup error message
    58766252f6b2 net: fix skb leak in __skb_tstamp_tx()
    2b580d0f03c4 media: radio-shark: Add endpoint checks
    a730feb672c7 USB: sisusbvga: Add endpoint checks
    80100e0863e5 USB: core: Add routines for endpoint checks in old drivers
    7e3ae83371a4 udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
    9ea0c5f90a27 net: fix stack overflow when LRO is disabled for virtual interfaces
    1522dc58bff8 fbdev: udlfb: Fix endpoint check
    be646802b3dc debugobjects: Don't wake up kswapd from fill_pool()
    4e5a7181a6c3 x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
    6d091e0ddcf3 parisc: Fix flush_dcache_page() for usage from irq context
    b556618baca5 selftests/memfd: Fix unknown type name build failure
    04aee084a3fa x86/mm: Avoid incomplete Global INVLPG flushes
    a9f5423460a6 btrfs: use nofs when cleaning up aborted transactions
    4f92934d8073 gpio: mockup: Fix mode of debugfs files
    da8adda57984 parisc: Allow to reboot machine after system halt
    43ffe982a304 parisc: Handle kgdb breakpoints only in kernel context
    f7d19a366cd2 m68k: Move signal frame following exception on 68020/030
    8facb9cc168a ALSA: hda/realtek: Enable headset onLenovo M70/M90
    5cc3e698c2bb ALSA: hda/ca0132: add quirk for EVGA X299 DARK
    68e4c390173e mt76: mt7615: Fix build with older compilers
    b558275c1b04 spi: fsl-cpm: Use 16 bit mode for large transfers with even size
    d64a45c019ac spi: fsl-spi: Re-organise transfer bits_per_word adaptation
    aabe8ca79139 watchdog: sp5100_tco: Immediately trigger upon starting.
    aeff9e7e87c1 s390/qdio: fix do_sqbs() inline assembly constraint
    ab196fe70a18 s390/qdio: get rid of register asm
    a4e3c4c65ae8 vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
    74e644795d37 vc_screen: rewrite vcs_size to accept vc, not inode
    e9399d4ea5ee usb: gadget: u_ether: Fix host MAC address case
    939cafcdf7de usb: gadget: u_ether: Convert prints to device prints
    c8489e0fab18 lib/string_helpers: Introduce string_upper() and string_lower() helpers
    7e15602c5073 HID: wacom: add three styli to wacom_intuos_get_tool_type
    2a12339ce34f HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
    b5185f1b11c7 HID: wacom: Force pen out of prox if no events have been received in a while
    e0c1b35239d9 netfilter: nf_tables: hold mutex on netns pre_exit path
    6236af6936dd netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag
    05b4105e6852 netfilter: nf_tables: stricter validation of element data
    e832e4bae556 netfilter: nf_tables: allow up to 64 bytes in the set element data area
    28fe10236a64 netfilter: nf_tables: add nft_setelem_parse_key()
    eb5b579bd69f netfilter: nf_tables: validate registers coming from userspace.
    cfe1b9719cce netfilter: nftables: statify nft_parse_register()
    7c788393d453 netfilter: nftables: add nft_parse_register_store() and use it
    25336cd96b03 netfilter: nftables: add nft_parse_register_load() and use it
    116d53f09ff5 nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
    df89b1753eb1 powerpc/64s/radix: Fix soft dirty tracking
    60b9a9c8f370 tpm/tpm_tis: Disable interrupts for more Lenovo devices
    a33c172c1e34 ceph: force updating the msg pointer in non-split case
    6eb9ed0ab7b5 serial: Add support for Advantech PCI-1611U card
    21f107a95965 statfs: enforce statfs[64] structure initialization
    1eb3e32de7b1 KVM: x86: do not report a vCPU as preempted outside instruction boundaries
    a88638a95407 can: kvaser_pciefd: Disable interrupts in probe error path
    4579e2556767 can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt
    33d5a0a4985a can: kvaser_pciefd: Clear listen-only bit if not explicitly requested
    e5ac4f12074e can: kvaser_pciefd: Empty SRB buffer in probe
    c0e9fb21b612 can: kvaser_pciefd: Call request_irq() before enabling interrupts
    36cd7601e6b9 can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop()
    e65811289346 can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
    880482525101 ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
    57fd0d122edd ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
    739056188ad3 ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
    4ef155ddf957 ALSA: hda: Fix Oops by 9.1 surround channel names
    4f9c0a7c2726 usb: typec: altmodes/displayport: fix pin_assignment_show
    33b6648d27b8 usb: dwc3: debugfs: Resume dwc3 before accessing registers
    241491524ab0 USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value
    1f36dc41616b usb-storage: fix deadlock when a scsi command timeouts more than once
    7cef7681aa77 USB: usbtmc: Fix direction for 0-length ioctl control messages
    f662f856acec vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
    53bf7cda160b igb: fix bit_shift to be in [1..8] range
    e20105d967ab cassini: Fix a memory leak in the error handling path of cas_init_one()
    e519a404a5bb wifi: iwlwifi: mvm: don't trust firmware n_channels
    d0baaadd1c5e net: bcmgenet: Restore phy_stop() depending upon suspend/close
    2cca63d5bc4e net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
    435855b0831b net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
    ed50fcab1435 drm/exynos: fix g2d_open/close helper function definitions
    1550bcf2983a media: netup_unidvb: fix use-after-free at del_timer()
    69055f99900b net: hns3: fix reset delay time to avoid configuration timeout
    304e5cb77eb8 net: hns3: fix sending pfc frames after reset issue
    d1bcc606870e erspan: get the proto with the md version for collect_md
    f185ede016c9 ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
    0eb3ec0a3553 ip6_gre: Make o_seqno start from 0 in native mode
    304096241398 ip6_gre: Fix skb_under_panic in __gre6_xmit()
    7525aa211758 serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
    5a90309002cd vsock: avoid to close connected socket after the timeout
    5009aead17f0 ALSA: firewire-digi00x: prevent potential use after free
    b22b514209ff net: fec: Better handle pm_runtime_get() failing in .remove()
    033297ef3bba af_key: Reject optional tunnel/BEET mode templates in outbound policies
    912a6cff0db1 cpupower: Make TSC read per CPU for Mperf monitor
    131eb9c9b1a0 ASoC: fsl_micfil: register platform component before registering cpu dai
    a3714a47b401 btrfs: fix space cache inconsistency after error loading it from disk
    596898303745 btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
    1e453cb55014 mfd: dln2: Fix memory leak in dln2_probe()
    bdc33478d5d3 phy: st: miphy28lp: use _poll_timeout functions for waits
    e6e917e82de4 Input: xpad - add constants for GIP interface numbers
    9fcef1e37d54 iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
    4461f41ece4d clk: tegra20: fix gcc-7 constant overflow warning
    c23e6383d7fe RDMA/core: Fix multiple -Warray-bounds warnings
    3ed95a6f6c64 recordmcount: Fix memory leaks in the uwrite function
    38a118fd545b sched: Fix KCSAN noinstr violation
    cbe3063a9be1 mcb-pci: Reallocate memory region to avoid memory overlapping
    d5cd2928d310 serial: 8250: Reinit port->pm on port specific driver unbind
    ccb12585a735 usb: typec: tcpm: fix multiple times discover svids error
    c5405c767173 HID: wacom: generic: Set battery quirk only when we see battery data
    d3f32dc2ccc2 spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
    bf80dbd52899 HID: logitech-hidpp: Reconcile USB and Unifying serials
    e28f9de2d4d7 HID: logitech-hidpp: Don't use the USB serial for USB devices
    8a65476dd1ca staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
    2112c4c47d36 Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
    fa57021262e9 wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
    0ad8dd870aa1 wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
    f6f2d16c77f9 wifi: iwlwifi: pcie: fix possible NULL pointer dereference
    a7ec2f424f6e samples/bpf: Fix fout leak in hbm's run_bpf_prog
    4ceedc2f8bdf f2fs: fix to drop all dirty pages during umount() if cp_error is set
    8659c5f4ffaa ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
    cee78217a7ae ext4: set goal start correctly in ext4_mb_normalize_request
    d43b1bdb1005 gfs2: Fix inode height consistency check
    410e610a96c5 scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
    cc2d2b3dbfb0 lib: cpu_rmap: Avoid use after free on rmap->obj array entries
    89f5055f9b0b scsi: target: iscsit: Free cmds before session free
    67236cf14db3 net: Catch invalid index in XPS mapping
    92af9cb86ab0 net: pasemi: Fix return type of pasemi_mac_start_tx()
    644a9d5e2276 scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
    c4813f858e5c ext2: Check block size validity during mount
    56c7e9c39bd5 wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
    c409eb45f5dd ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
    710e09fd116e ACPICA: Avoid undefined behavior: applying zero offset to null pointer
    99c8f2e6f33a drm/tegra: Avoid potential 32-bit integer overflow
    ccae2233e993 ACPI: EC: Fix oops when removing custom query handlers
    48ac727ea4a3 firmware: arm_sdei: Fix sleep from invalid context BUG
    a2a5d3a584bf memstick: r592: Fix UAF bug in r592_remove due to race condition
    d73e8c47675e regmap: cache: Return error in cache sync operations for REGCACHE_NONE
    9b72cb394f96 drm/amd/display: Use DC_LOG_DC in the trasform pixel function
    a75d9211a07f fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
    196528ad4844 af_unix: Fix data races around sk->sk_shutdown.
    7d17bc2d4e75 af_unix: Fix a data race of sk->sk_receive_queue->qlen.
    699c9e7c9f66 net: datagram: fix data-races in datagram_poll()
    1aa872e967f2 ipvlan:Fix out-of-bounds caused by unclear skb->cb
    4188c5269475 net: add vlan_get_protocol_and_depth() helper
    57a269d82f2e net: tap: check vlan with eth_type_vlan() method
    1747aa98ab13 net: annotate sk->sk_err write from do_recvmmsg()
    a507022c862e netlink: annotate accesses to nlk->cb_running
    b47aae7038cc netfilter: conntrack: fix possible bug_on with enable_hooks=1
    d7343f8de019 net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
    42e1dafa65e2 linux/dim: Do nothing if no time delta between samples
    7460ac5a66fb ARM: 9296/1: HP Jornada 7XX: fix kernel-doc warnings
    22b8ac608af5 drm/mipi-dsi: Set the fwnode for mipi_dsi_device
    d4992b2b5c68 driver core: add a helper to setup both the of_node and fwnode of a device

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 01eca24a00..a604e08822 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "c705bb899d37bbd61a87a2f850e4d6f04613a908"
-SRCREV_meta ?= "c7d5b73674d53f51772862b951d8cc56683ef04f"
+SRCREV_machine ?= "5cc4655a187a2c5a1a30c6c2295fefab9c8c986d"
+SRCREV_meta ?= "e454f2ec4c69cd5afd7d13df74dd124b856e8765"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.243"
+LINUX_VERSION ?= "5.4.246"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index c3d4ff4608..0938c3d854 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.243"
+LINUX_VERSION ?= "5.4.246"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "140d4ff6bab1e5959377d4974ade490c837ef9cc"
-SRCREV_machine ?= "66990885cd865944a093b47ee7164ef2838f75a3"
-SRCREV_meta ?= "c7d5b73674d53f51772862b951d8cc56683ef04f"
+SRCREV_machine_qemuarm ?= "ffc4cd8db8b2c495a04a9f28e2da3b4c91f30711"
+SRCREV_machine ?= "9a992a65fe0346b8a7a86ffb2c491dadecada05a"
+SRCREV_meta ?= "e454f2ec4c69cd5afd7d13df74dd124b856e8765"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index c361f0c701..28ef51f883 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "3c105623bdba36118195e9c188d728edcc00345a"
-SRCREV_machine_qemuarm64 ?= "993c666984249097d093ee71eb3dffa0844fef6c"
-SRCREV_machine_qemumips ?= "2469bc35f1c2ef5ab2e85b7b705b32e33c6350c7"
-SRCREV_machine_qemuppc ?= "98229034b888ad319d7d030d279381a671c41dc0"
-SRCREV_machine_qemuriscv64 ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
-SRCREV_machine_qemux86 ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
-SRCREV_machine_qemux86-64 ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
-SRCREV_machine_qemumips64 ?= "fb1936fa93be6bfd1b18cd8568cfc5b279904fa5"
-SRCREV_machine ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
-SRCREV_meta ?= "c7d5b73674d53f51772862b951d8cc56683ef04f"
+SRCREV_machine_qemuarm ?= "0682b6432f4fb3931fc5a32938ae2957e97ad3fd"
+SRCREV_machine_qemuarm64 ?= "736062be272094d22416e228b92560302298f9fd"
+SRCREV_machine_qemumips ?= "db77f08d3d5176d1b079195beefd558a32e18b69"
+SRCREV_machine_qemuppc ?= "1dbaf2ab5019f7d114b2c309eb7539828f93f10b"
+SRCREV_machine_qemuriscv64 ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
+SRCREV_machine_qemux86 ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
+SRCREV_machine_qemux86-64 ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
+SRCREV_machine_qemumips64 ?= "19c1ba85d643f819cf3e62ee57d05eec2855e97e"
+SRCREV_machine ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
+SRCREV_meta ?= "e454f2ec4c69cd5afd7d13df74dd124b856e8765"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.243"
+LINUX_VERSION ?= "5.4.246"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"

From patchwork Fri Jun 30 02:33:20 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26713
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EF5A4C001DE
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:44 +0000 (UTC)
Received: from mail-oi1-f171.google.com (mail-oi1-f171.google.com
 [209.85.167.171])
 by mx.groups.io with SMTP id smtpd.web10.3943.1688092424472339075
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:44 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=bpEFa0Jj;
 spf=softfail (domain: sakoman.com, ip: 209.85.167.171,
 mailfrom: steve@sakoman.com)
Received: by mail-oi1-f171.google.com with SMTP id
 5614622812f47-392116ae103so960207b6e.0
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092423;
 x=1690684423;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=v0ZF1FahpB3DI7fLIFk3FhZ6EUKunVDhGVhXIo4Xh0E=;
        b=bpEFa0JjOvwSywElV/2JyalK5i3m7w2aIZUnp475Am/U2SzOSoye+AvDuYBoSD19Y9
         f1KVgaTKRoGmyFGgh/okvBLfe7PTXWbv27cKlPgTNqeRXHjTb+812PV3Ct3oXbVq4TUm
         psPkJYmY9nIKb3R67xSRhNgw6F3J3ToaFF9Y1RaO8cV22nw1t0CZvSuKMoN1JhUO+rJy
         Zu0urvAi81sJgxEYsaeiPtdl0pdxqE8W91t0CGA6plmoQmR0+vzL6VYnGYt5ZV84tchx
         1VJgldCf58A8xOitRhCiPuHp8D+WLhtWhf5+2Exu0yzePXFNIZygN3RML5WRMFikUmhb
         viAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092423; x=1690684423;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=v0ZF1FahpB3DI7fLIFk3FhZ6EUKunVDhGVhXIo4Xh0E=;
        b=LGHx8p+y6Vr8MMMa1excWtFJjpwf+cJTGL2cjlR165kWNvX0AGJ4njvEOazYVNygcZ
         S81fz5TUYvVR/2KFahRrfqihjDtg5ueLTYrJiIPxcpPumQyLLe3PAyjYpUPlDgM6uBHR
         p/sNbgSnKPDGZtf+/+ZWfNflWahFoDy5osLGHqCyBkKC9HsUtAD9KdFNjWll/QDlUsKc
         op/haua4LUfiLa4ZrL4C6qXtzV9R+Ywzmnw573UwK64KekZ+OmmZj5VSqgUoBhlizATe
         3b/kpfUKVQOnVh0VJopuuxFHJsnjd5NiVNvCrQ8GLoMJeen3TxSEg7U8U4fJ4RxbxSfc
         MW7w==
X-Gm-Message-State: AC+VfDwcG0LPVYW4TcEL0CUP9corw6DtBFuFLm1pNbUvtYM8UdK06EvK
	+2VJUkMs+z8W3c6WncDtHrUPFdHAOaihUgti8aj2lg==
X-Google-Smtp-Source: 
 ACHHUZ5LYT6ggNwEWJ8EC4LhIr+y6940XRkF8pMKKEqwSejqJx3iDSqBWx86n2HV81DR/w9Vep1uaA==
X-Received: by 2002:a05:6808:23c6:b0:3a3:654d:b2e5 with SMTP id
 bq6-20020a05680823c600b003a3654db2e5mr1371049oib.42.1688092423347;
        Thu, 29 Jun 2023 19:33:43 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.42
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:42 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 07/10] linux-yocto/5.4: update to v5.4.247
Date: Thu, 29 Jun 2023 16:33:20 -1000
Message-Id: 
 <e4928321624e5cd6eb587e6804173559531b7c4c.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:44 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183678

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    61a2f83e4762 Linux 5.4.247
    4b0199bc8189 Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE"
    85258ae30708 mtd: spinand: macronix: Add support for MX35LFxGE4AD
    8e546674031f btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
    4223d91ca1b5 btrfs: check return value of btrfs_commit_transaction in relocation
    a35d89d3605b rbd: get snapshot context after exclusive lock is ensured to be held
    52a40eaa55d6 drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
    2cc5d40e4d49 cifs: handle empty list of targets in cifs_reconnect()
    307ffb716282 cifs: get rid of unused parameter in reconn_setup_dfs_targets()
    73ed7996bbec ext4: only check dquot_initialize_needed() when debugging
    7d0a29c74a31 eeprom: at24: also select REGMAP
    0360652bf6ab i2c: sprd: Delete i2c adapter in .remove's error path
    c73f1c2f6816 bonding (gcc13): synchronize bond_{a,t}lb_xmit() types
    ec946898039a usb: usbfs: Use consistent mmap functions
    0147952d158b usb: usbfs: Enforce page requirements for mmap
    090878903dd3 pinctrl: meson-axg: add missing GPIOA_18 gpio group
    c6e842555050 rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
    69653f941619 Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
    953335a377b6 ceph: fix use-after-free bug for inodes when flushing capsnaps
    2416bac0e7b2 can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
    bf0245bd44c0 can: j1939: change j1939_netdev_lock type to mutex
    9eed68d62e2a can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in J1939 Socket
    2fc62d51d3e4 drm/amdgpu: fix xclk freq on CHIP_STONEY
    e752bb1c039f ALSA: hda/realtek: Add Lenovo P3 Tower platform
    ca599db7a5e0 ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
    d5ca4799e6d3 Input: psmouse - fix OOB access in Elantech protocol
    282a96e3f88f Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
    a3a99a069eb9 batman-adv: Broken sync while rescheduling delayed work
    df7044fc099b bnxt_en: Query default VLAN before VNIC setup on a VF
    a6ca81297392 lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
    198da74a4e8d net: sched: fix possible refcount leak in tc_chain_tmplt_add()
    8f7cbd6d5e39 net: sched: move rtm_tca_policy declaration to include file
    b8b90f92444b rfs: annotate lockless accesses to RFS sock flow table
    28ac3cf2ac21 rfs: annotate lockless accesses to sk->sk_rxhash
    a4c72805fda4 netfilter: ipset: Add schedule point in call_ad().
    0b705ed9d403 netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
    c2c6133eebaf Bluetooth: L2CAP: Add missing checks for invalid DCID
    0f841f80390d Bluetooth: Fix l2cap_disconnect_req deadlock
    b0b1b97702a5 net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
    7e0da73ce546 neighbour: fix unaligned access to pneigh_entry
    314713ff4c9b neighbour: Replace zero-length array with flexible-array member
    e96f52705a63 spi: qup: Request DMA before enabling clocks
    1cc6435cd704 i40e: fix build warnings in i40e_alloc.h
    fc75b8973de4 i40iw: fix build warning in i40iw_manage_apbvt()
    c425e71826e4 block/blk-iocost (gcc13): keep large values in a new enum
    ec97af8e8a36 blk-iocost: avoid 64-bit division in ioc_timer_fn

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index a604e08822..8e0f7ae217 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "5cc4655a187a2c5a1a30c6c2295fefab9c8c986d"
-SRCREV_meta ?= "e454f2ec4c69cd5afd7d13df74dd124b856e8765"
+SRCREV_machine ?= "3ec10d880e38eb58af39c33094e455da59afd42b"
+SRCREV_meta ?= "b09511ad6dbb6f38303add48d2da78906bab1380"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.246"
+LINUX_VERSION ?= "5.4.247"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 0938c3d854..6a6787a091 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.246"
+LINUX_VERSION ?= "5.4.247"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "ffc4cd8db8b2c495a04a9f28e2da3b4c91f30711"
-SRCREV_machine ?= "9a992a65fe0346b8a7a86ffb2c491dadecada05a"
-SRCREV_meta ?= "e454f2ec4c69cd5afd7d13df74dd124b856e8765"
+SRCREV_machine_qemuarm ?= "5780bc7b75d300e9b90b78c9297ff4717a78a893"
+SRCREV_machine ?= "45eaa635123abc1568c35d4abd0f31cc7c4f75a9"
+SRCREV_meta ?= "b09511ad6dbb6f38303add48d2da78906bab1380"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 28ef51f883..6c9cea6993 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "0682b6432f4fb3931fc5a32938ae2957e97ad3fd"
-SRCREV_machine_qemuarm64 ?= "736062be272094d22416e228b92560302298f9fd"
-SRCREV_machine_qemumips ?= "db77f08d3d5176d1b079195beefd558a32e18b69"
-SRCREV_machine_qemuppc ?= "1dbaf2ab5019f7d114b2c309eb7539828f93f10b"
-SRCREV_machine_qemuriscv64 ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
-SRCREV_machine_qemux86 ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
-SRCREV_machine_qemux86-64 ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
-SRCREV_machine_qemumips64 ?= "19c1ba85d643f819cf3e62ee57d05eec2855e97e"
-SRCREV_machine ?= "31ef22a71bebca6fda5592e2dec249886c29cfbb"
-SRCREV_meta ?= "e454f2ec4c69cd5afd7d13df74dd124b856e8765"
+SRCREV_machine_qemuarm ?= "5f8520357626b4a63278e222fa32b322f9811f34"
+SRCREV_machine_qemuarm64 ?= "5aae64158e118c7c96b6b2db41aa0c565d733c47"
+SRCREV_machine_qemumips ?= "50721182f0802cab035f92538c9fe60fa32e27a6"
+SRCREV_machine_qemuppc ?= "032f6844ab616a7c3c96a27a9f7c19c56e4b37a5"
+SRCREV_machine_qemuriscv64 ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
+SRCREV_machine_qemux86 ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
+SRCREV_machine_qemux86-64 ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
+SRCREV_machine_qemumips64 ?= "77a6c71bda43b4d11767ea3946385f6a5d2d24b6"
+SRCREV_machine ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
+SRCREV_meta ?= "b09511ad6dbb6f38303add48d2da78906bab1380"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.246"
+LINUX_VERSION ?= "5.4.247"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"

From patchwork Fri Jun 30 02:33:21 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26716
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E756CEB64DD
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:54 +0000 (UTC)
Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com
 [209.85.210.172])
 by mx.groups.io with SMTP id smtpd.web10.3946.1688092426058727234
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:46 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=GmqCWRlT;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.172,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f172.google.com with SMTP id
 d2e1a72fcca58-666edfc50deso873398b3a.0
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092425;
 x=1690684425;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=+guoK+tclAXIgd4z6ieJxVKcVuYE/9HfWA1VC5a9mmY=;
        b=GmqCWRlTFtHnz9fIM6jNK/4gv17HTpBMw8+f/7x1+9POd35TOp+utdznqfYeX6xqmy
         +UxnSeSztkJtY2UevT8WDLhr5iyrdgUEAWWg74mKT2GlVvg4iVNJLx14civ0VYql5pNj
         H2dEmhp3vITTzU/NZSorOKwccs96g+duuaZNIDF4Zjih7KHBV0U5VHDHsFngYpaW1wks
         +ZrCGz1bO8U/maeuQledTvw+icPf8ImVIhl+KQ2Y5w4GQJBohdP9hMeJKVPAKxoa8Hys
         C3c6YT4cmv288XXCH1B5CW+/gtqUiExP2Yjba4zADTTQkllsHWStYQ2iNiXXIioz09DV
         aFDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092425; x=1690684425;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=+guoK+tclAXIgd4z6ieJxVKcVuYE/9HfWA1VC5a9mmY=;
        b=HcOpCr2Wx/+t69LUQWxqa3FYSI4pFZPTcbyR8O4jjuoEDAapNgf3465sKu6gdXBjl4
         iblCyiCB2BEcBGVo+90frh9dmYorjY7oB7E2AWPQ6TJKM8xKkFvRyuyJi2dPd7/bQm2E
         +OPGG4560zPZu1E0Kq+x7Zqp9msYRixGlVSo0T2j534gQjOS+phEw6VphRHZtXAYxZPS
         7SfxNeL85tX8ONstvRrT5Stdpnr3fV1vRSRtgAKZa/r95m0tuKSIGhax9rmIRpd3LrhR
         VgNPi8uyHbS3nluD5QiPMM1NtQdjDyYdsCGnRRTxrkoW+klodBqVljcXWop5nTNCVKDy
         H68g==
X-Gm-Message-State: AC+VfDxAlIStOnelrKAL71XPyvmu0dnDHkbcml1DO0JBm8q7MTU28Btr
	h8NZPFPthsIhUbJUR08WcELb3PU3/3ZVnooMtEairA==
X-Google-Smtp-Source: 
 ACHHUZ6GT3Qv2/3KQoDYiVygxCleKV0ZXR44PH+bsZ+Sg+54Hrx1dwSnbL8sl4g0mVoGGrK7ry4CJg==
X-Received: by 2002:a05:6a00:1402:b0:67a:72d5:3365 with SMTP id
 l2-20020a056a00140200b0067a72d53365mr8630801pfu.6.1688092424979;
        Thu, 29 Jun 2023 19:33:44 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.44
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:44 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 08/10] linux-yocto/5.4: update to v5.4.248
Date: Thu, 29 Jun 2023 16:33:21 -1000
Message-Id: 
 <ff0f134daad2e1cae942355c9a8eb177be607d13.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:54 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183679

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    f2b499c27a95 Linux 5.4.248
    1cdc48aaff18 mmc: block: ensure error propagation for non-blk
    de517032ee39 drm/nouveau/kms: Fix NULL pointer dereference in nouveau_connector_detect_depth
    d3f7f557d8a2 neighbour: delete neigh_lookup_nodev as not used
    a433b85d1750 net: Remove unused inline function dst_hold_and_use()
    fbc0209ae3a7 neighbour: Remove unused inline function neigh_key_eq16()
    bc1ea55bf1cf afs: Fix vlserver probe RTT handling
    98acd5f0ce10 selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
    1140f8bc29c2 net: tipc: resize nlattr array to correct size
    b83f86ba414c net: lapbether: only support ethernet devices
    ec694ad393cc net/sched: cls_api: Fix lockup on flushing explicitly created chain
    0456f470fa02 drm/nouveau: add nv_encoder pointer check for NULL
    b1d76d16af2a drm/nouveau/kms: Don't change EDID when it hasn't actually changed
    f654b8a1325f drm/nouveau/dp: check for NULL nv_connector->native_mode
    2ac7be7718a1 igb: fix nvm.ops.read() error handling
    44008337f80e sctp: fix an error code in sctp_sf_eat_auth()
    edd3d3dc4849 ipvlan: fix bound dev checking for IPv6 l3s mode
    6718478c18a4 IB/isert: Fix incorrect release of isert connection
    f8a91a024ab9 IB/isert: Fix possible list corruption in CMA handler
    8a867ab71302 IB/isert: Fix dead lock in ib_isert
    22125be516ef IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
    ea4cf04d3f19 iavf: remove mask from iavf_irq_enable_queues()
    19a500f530c2 RDMA/rxe: Fix the use-before-initialization error of resp_pkts
    42ab73534583 RDMA/rxe: Removed unused name from rxe_task struct
    f99b6de58b5e RDMA/rxe: Remove the unused variable obj
    46305daf8064 net/sched: cls_u32: Fix reference counter leak leading to overflow
    88d6c1958bc0 ping6: Fix send to link-local addresses with VRF.
    474e0adf29cf netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
    67cafcd3e661 spi: fsl-dspi: avoid SCK glitches with continuous transfers
    8231594e21d1 spi: spi-fsl-dspi: Remove unused chip->void_write_data
    9d8b388a24c6 usb: dwc3: gadget: Reset num TRBs before giving back the request
    94e52fac1519 serial: lantiq: add missing interrupt ack
    b577b74f8f83 USB: serial: option: add Quectel EM061KGL series
    6b1203ae83c3 Remove DECnet support from kernel
    aad6addc17ae ALSA: hda/realtek: Add a quirk for Compaq N14JP6
    def7e17c98f7 net: usb: qmi_wwan: add support for Compal RXM-G1
    74bd53737372 RDMA/uverbs: Restrict usage of privileged QKEYs
    a8997ffad359 nouveau: fix client work fence deletion race
    01fd784b0762 powerpc/purgatory: remove PGO flags
    b16bf76b3828 kexec: support purgatories with .text.hot sections
    b27a5fbe3c87 nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
    0dd2d8331eb4 nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
    e1fb47f13970 nios2: dts: Fix tse_mac "max-frame-size" property
    5e531f448e5a ocfs2: check new file size on fallocate call
    f6878da39f47 ocfs2: fix use-after-free when unmounting read-only filesystem
    82173fde61c7 drm:amd:amdgpu: Fix missing buffer object unlock in failure path
    63afd766211b xen/blkfront: Only check REQ_FUA for writes
    27447dada0b5 mips: Move initrd_start check after initrd address sanitisation.
    a365600bba27 MIPS: Alchemy: fix dbdma2
    6b39b06b8d5b parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
    de873bce06a8 parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
    28850d25a62c btrfs: handle memory allocation failure in btrfs_csum_one_bio
    b31586747bae power: supply: Fix logic checking if system is running from battery
    dd8804117d4b irqchip/meson-gpio: Mark OF related data as maybe unused
    30ade27dbe66 regulator: Fix error checking for debugfs_create_dir
    a12155f0b1b6 platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
    d26edc403c0a power: supply: Ratelimit no data debug output
    af44b2ddfc08 ARM: dts: vexpress: add missing cache properties
    bd725832eb50 power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() + schedule()
    82bfd14f1359 power: supply: sc27xx: Fix external_power_changed race
    66d5882dcc9f power: supply: ab8500: Fix external_power_changed race
    a8f286bfbc71 s390/dasd: Use correct lock while counting channel queue length
    d60be47f4357 dasd: refactor dasd_ioctl_information
    7f3bb75a0484 KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
    75d9e00f65cd test_firmware: fix a memory leak with reqs buffer

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 8e0f7ae217..a98a64110a 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "3ec10d880e38eb58af39c33094e455da59afd42b"
-SRCREV_meta ?= "b09511ad6dbb6f38303add48d2da78906bab1380"
+SRCREV_machine ?= "8472ed342e0ac3f529c10b474b12ef0e05995778"
+SRCREV_meta ?= "5c912968f2cb938ad084d457dae99bf8eb16032d"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.247"
+LINUX_VERSION ?= "5.4.248"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 6a6787a091..46a8856963 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.247"
+LINUX_VERSION ?= "5.4.248"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "5780bc7b75d300e9b90b78c9297ff4717a78a893"
-SRCREV_machine ?= "45eaa635123abc1568c35d4abd0f31cc7c4f75a9"
-SRCREV_meta ?= "b09511ad6dbb6f38303add48d2da78906bab1380"
+SRCREV_machine_qemuarm ?= "ca5368c73bab4eb276a8e721df28c02ceb8f3eeb"
+SRCREV_machine ?= "abb579170926348d1518bc1a2de8cb1cdf403808"
+SRCREV_meta ?= "5c912968f2cb938ad084d457dae99bf8eb16032d"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 6c9cea6993..fae2de5c72 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "5f8520357626b4a63278e222fa32b322f9811f34"
-SRCREV_machine_qemuarm64 ?= "5aae64158e118c7c96b6b2db41aa0c565d733c47"
-SRCREV_machine_qemumips ?= "50721182f0802cab035f92538c9fe60fa32e27a6"
-SRCREV_machine_qemuppc ?= "032f6844ab616a7c3c96a27a9f7c19c56e4b37a5"
-SRCREV_machine_qemuriscv64 ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
-SRCREV_machine_qemux86 ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
-SRCREV_machine_qemux86-64 ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
-SRCREV_machine_qemumips64 ?= "77a6c71bda43b4d11767ea3946385f6a5d2d24b6"
-SRCREV_machine ?= "2ded7ddaca7d93e0df26c4392b713dd7b016a402"
-SRCREV_meta ?= "b09511ad6dbb6f38303add48d2da78906bab1380"
+SRCREV_machine_qemuarm ?= "68775a8671944b96c6a1ee795809f81149951f2d"
+SRCREV_machine_qemuarm64 ?= "54bc3d459501d8df9baf093a34d8bb676c207a07"
+SRCREV_machine_qemumips ?= "ba2d346cc66307fa6332b9fb86eb8ca66f30ebcd"
+SRCREV_machine_qemuppc ?= "6703d4c7c75fab78e0c72227a98aba8071d5b1c3"
+SRCREV_machine_qemuriscv64 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
+SRCREV_machine_qemux86 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
+SRCREV_machine_qemux86-64 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
+SRCREV_machine_qemumips64 ?= "66cac7d41a43594760f6ac48e848d73315cc5dd3"
+SRCREV_machine ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
+SRCREV_meta ?= "5c912968f2cb938ad084d457dae99bf8eb16032d"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.247"
+LINUX_VERSION ?= "5.4.248"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"

From patchwork Fri Jun 30 02:33:22 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26715
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E7546EB64D9
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:54 +0000 (UTC)
Received: from mail-pg1-f175.google.com (mail-pg1-f175.google.com
 [209.85.215.175])
 by mx.groups.io with SMTP id smtpd.web11.3932.1688092427595505199
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:47 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=Q5AIlSUY;
 spf=softfail (domain: sakoman.com, ip: 209.85.215.175,
 mailfrom: steve@sakoman.com)
Received: by mail-pg1-f175.google.com with SMTP id
 41be03b00d2f7-55b1238a024so1088149a12.0
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092427;
 x=1690684427;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=dihvPXBMI62mp1gU+95BnjNQONOs5MGExxLAv6YEh8U=;
        b=Q5AIlSUYxy6fYt5vYMwP2sHEqIQvHJkITc6OwthkeHIypj1TY6oDdK3DeQorUbmztU
         RXwyG+FrN3+VaOscwpL/0fYR9v7s3znOlkE/yqtpBKMckD5h6Dn8jUIlQnCJf8vpjrM4
         xAgZl1pfJ6/UjQYWZO/uXgXoGy0qRnQNy4O3+D58zWTCTkEHSWSr5VGH7LOC2H6zD7CA
         BORh/dpps1PMd0RyTRv6J4xlo/rS/IeYmC6L1gccRIL/zjNXcpFx/s4SkdrAdN7rfSt0
         laPVHURmSyK6UyGdqDXOIkqi22Ap1ZG3M9xDn5WueFAOxaL32zYlrGvYnFuzY+iI0fbW
         6lxg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092427; x=1690684427;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=dihvPXBMI62mp1gU+95BnjNQONOs5MGExxLAv6YEh8U=;
        b=D3anBUDmEvMMVJNIT//63WI7EORpM0G3je8c+xZx2VhydU+ItmMSnq+bAb6dI7Ql/v
         PLXW9tUz/8uKD5Ox/W1ijMt3cRFjf7PgKhayq+pMSOtFKenLb5JYHOmUOhf2hYFkfYJd
         y+G+nTsR8xwTH34zFK86wut+I65fkAb0K4//FoVlZFMZDk2VtKMmLf2uRk2aYYlObSuo
         yEAcDdmefKcCJ/JZ8R3TgI4tMnfEk+DyeBzaSQ3WCehO4I3KG7TxCTR6BkZN9mBEsd3S
         63HwhNwmypEYzDJhuu5OjkmyroAiGwWB4DiB06i/KuKs9jKtycp5hPEhzoHtLUby2rYp
         c6CA==
X-Gm-Message-State: AC+VfDzQcDOYGENsP9VBpejjs0ojx0wjZcMzVlpaHXXXLhpM0837L5uD
	uiLKB1heP0jwttuFa5zMdLItMDxUrXd6+pH9twrl0Q==
X-Google-Smtp-Source: 
 ACHHUZ4B42OLwQ7DIaL378K3jzdx+aAQWzqAmUrezNILT4+jJXQEE7B3epuGDLl5SBhsyIbZd5ipWA==
X-Received: by 2002:a05:6a20:12cf:b0:126:df8b:e812 with SMTP id
 v15-20020a056a2012cf00b00126df8be812mr1718907pzg.25.1688092426649;
        Thu, 29 Jun 2023 19:33:46 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.45
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:46 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 09/10] linux-yocto-rt/54: fix 5.4-rt build breakage
Date: Thu, 29 Jun 2023 16:33:22 -1000
Message-Id: 
 <13add4fd84c2e8a14caad857fbadf83205758c31.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:54 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183680

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit:

    commit 8d8179549a233e7517523ac12887016451da2e20
    Author: Bruce Ashfield <bruce.ashfield@gmail.com>
    Date:   Tue Jun 27 10:13:01 2023 -0400

        rt: fix 5.4-stable introduced compile errors

        The 5.4 stable series brough back two elements removed
        by the -rt patch:

         - tick_period
         - deferred/safe printk

        We fix the build by dropping the use of the period and
        deferred printk

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 4 ++--
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index a98a64110a..541d169379 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,8 +11,8 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "8472ed342e0ac3f529c10b474b12ef0e05995778"
-SRCREV_meta ?= "5c912968f2cb938ad084d457dae99bf8eb16032d"
+SRCREV_machine ?= "8d8179549a233e7517523ac12887016451da2e20"
+SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 46a8856963..171ff8493c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "ca5368c73bab4eb276a8e721df28c02ceb8f3eeb"
 SRCREV_machine ?= "abb579170926348d1518bc1a2de8cb1cdf403808"
-SRCREV_meta ?= "5c912968f2cb938ad084d457dae99bf8eb16032d"
+SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index fae2de5c72..527728d9d0 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
 SRCREV_machine_qemux86-64 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
 SRCREV_machine_qemumips64 ?= "66cac7d41a43594760f6ac48e848d73315cc5dd3"
 SRCREV_machine ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
-SRCREV_meta ?= "5c912968f2cb938ad084d457dae99bf8eb16032d"
+SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"

From patchwork Fri Jun 30 02:33:23 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 26714
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EFB7BC001B3
	for <webhook@archiver.kernel.org>; Fri, 30 Jun 2023 02:33:54 +0000 (UTC)
Received: from mail-oi1-f181.google.com (mail-oi1-f181.google.com
 [209.85.167.181])
 by mx.groups.io with SMTP id smtpd.web10.3948.1688092429315787378
 for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:49 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="signature has expired"
 header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208
 header.b=cilxTFja;
 spf=softfail (domain: sakoman.com, ip: 209.85.167.181,
 mailfrom: steve@sakoman.com)
Received: by mail-oi1-f181.google.com with SMTP id
 5614622812f47-3a1c162cdfeso967575b6e.2
        for <openembedded-core@lists.openembedded.org>;
 Thu, 29 Jun 2023 19:33:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1688092428;
 x=1690684428;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=uQPGJtg9ZgrTIwlmtdMDyD0VOycpbQjIX1SJDTSLFZU=;
        b=cilxTFjaEffnmnPFKMxiHwGswHj5bmoOiyWeOX0uCh6YF6oYqKag2pa7+epguVk8lX
         kzO2VKX+VvTuemfh5cCGvfMNy4UdCPyUAmlyx+a5DwPk2a7LiTzWBLnZ+TdarBV04Pn4
         J2nAZgVlAxapp1TwPhcO0tkGEyItKvu9gnAfLUiNuFC1BDSMjZHDMbwHvjWEhFBM04Uu
         M7ELGRixDDPstFbzgkBo/uRSZzRwMAQhMm4goKEsiA0pFC8VvmAffaecd/CDvGKkxUp1
         DWmexmkAAOlGnbyTuOlzI9sdxzClQJefeE1Vwsnf3pCMh/aKe3LT8noLNPHeJOOo3wGw
         5rsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688092428; x=1690684428;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=uQPGJtg9ZgrTIwlmtdMDyD0VOycpbQjIX1SJDTSLFZU=;
        b=W6UP25oRnhyNwrYP8M8q+slsU/lQNB+cbtr08aQ7d/D8+IUDhZfaCjQJwxOIUcsjRU
         FFFprg6nNUe2W9sHdAYd/h6G0C+Fp8BxZusPHpR1H7U0SQOnVX3syqOR6KW07P96+mtQ
         rZy0ZxglT0qrSb3e3TTti5ooAYWVBba1KTtTtu9NeNJRhYASbAwD0iTUtAlZeRyhpmIL
         ktCU7E47tNaM/C/+b8+ap8U0dnfvY228Ia/yT2OF5Iy5d9CkuQz8EjDloxlI63t3cyDy
         LviCs0YhcOdOR059phO3pyiYe8CfZzDUvSRw6fW8C2XJbLtJ/3+sihYU4elCUxm63y3L
         kPQA==
X-Gm-Message-State: AC+VfDwKjnXwgVV1QUxQgue3+eCfLbqmh2+K95v8fAy9WbAwdGlko9Tw
	SZyySdm3PfujjHMEpqGzyel6LWVsAOUmk6SSMbegCg==
X-Google-Smtp-Source: 
 ACHHUZ4lnC89t6cE9D43iDlP5zlM6xkWmt10/avxBfvBDtDPXkfMemuCfUjdTVHhwfooVqojLSzZIA==
X-Received: by 2002:a05:6808:1824:b0:39e:c660:a5fa with SMTP id
 bh36-20020a056808182400b0039ec660a5famr1796318oib.10.1688092428285;
        Thu, 29 Jun 2023 19:33:48 -0700 (PDT)
Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net.
 [72.234.106.30])
        by smtp.gmail.com with ESMTPSA id
 l22-20020a62be16000000b006815fbe3245sm3028607pff.37.2023.06.29.19.33.47
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Jun 2023 19:33:47 -0700 (PDT)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 10/10] linux-yocto/5.4: cfg: fix DECNET
 configuration warning
Date: Thu, 29 Jun 2023 16:33:23 -1000
Message-Id: 
 <b7530e5360babbe9321ee4cf1e336412116a98cb.1688092252.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1688092252.git.steve@sakoman.com>
References: <cover.1688092252.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Fri, 30 Jun 2023 02:33:54 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/183681

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Dropping CONFIG_DECNET as it has been removed from -stable
and we now get a configuration warning.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 541d169379..d775a60e9f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "8d8179549a233e7517523ac12887016451da2e20"
-SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
+SRCREV_meta ?= "465d61ba36f5c7e32d1fddef078d5d2068fcc2cc"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 171ff8493c..5e2b2ab6cf 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "ca5368c73bab4eb276a8e721df28c02ceb8f3eeb"
 SRCREV_machine ?= "abb579170926348d1518bc1a2de8cb1cdf403808"
-SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
+SRCREV_meta ?= "465d61ba36f5c7e32d1fddef078d5d2068fcc2cc"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 527728d9d0..336e72eede 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
 SRCREV_machine_qemux86-64 ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
 SRCREV_machine_qemumips64 ?= "66cac7d41a43594760f6ac48e848d73315cc5dd3"
 SRCREV_machine ?= "d18af0e8acb7c4cb245739fa8165a44845ff2ba0"
-SRCREV_meta ?= "b6e41788aebaf8058d1f15f6cdcf55a6edb77755"
+SRCREV_meta ?= "465d61ba36f5c7e32d1fddef078d5d2068fcc2cc"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"