[OE-core][kirkstone 00/32] Patch review

[OE-core][kirkstone 00/32] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4815

The following changes since commit 34de16fd86775c0f2ede1670fec90217e4d11776:

  gtk-icon-cache: Fix GTKIC_CMD if-else condition (2023-01-16 04:41:29 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alex Kiernan (1):
  classes: image: Set empty weak default IMAGE_LINGUAS

Alexander Kanavin (5):
  libksba: update 1.6.2 -> 1.6.3
  linux-firmware: upgrade 20221109 -> 20221214
  xwayland: upgrade 22.1.5 -> 22.1.7
  xserver-xorg: upgrade 21.1.4 -> 21.1.6
  selftest/virgl: use pkg-config from the host

Antonin Godard (2):
  busybox: always start do_compile with orig config files
  busybox: rm temporary files if do_compile was interrupted

Benoît Mauduit (1):
  lib/oe/reproducible: Use git log without gpg signature

Bruce Ashfield (5):
  linux-yocto/5.15: ltp and squashfs fixes
  linux-yocto/5.15: fix perf build with clang
  linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off
  linux-yocto/5.15: update to v5.15.84
  linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user
    copy

Chen Qi (2):
  dhcpcd: backport two patches to fix runtime error
  libseccomp: fix typo in DESCRIPTION

He Zhe (1):
  lttng-modules: update 2.13.7 -> 2.13.8

Hitendra Prajapati (1):
  go: fix CVE-2022-41717 Excessive memory use in got server

Jan Kircher (1):
  toolchain-scripts: compatibility with unbound variable protection

Jermain Horsman (1):
  cve-check: write the cve manifest to IMGDEPLOYDIR

Khem Raj (1):
  tiff: Add packageconfig knob for webp

Marta Rybczynska (1):
  cve-update-db-native: avoid incomplete updates

Narpat Mali (1):
  ffmpeg: fix for CVE-2022-3341

Pavel Zhukov (1):
  gcc: Refactor linker patches and fix linker on arm with usrmerge

Petr Kubizňák (1):
  harfbuzz: remove bindir only if it exists

Quentin Schulz (1):
  cairo: fix CVE patches assigned wrong CVE number

Randy MacLeod (1):
  vim: upgrade 9.0.0947 -> 9.0.1211

Ross Burton (1):
  cve-update-db-native: show IP on failure

Sandeep Gundlupet Raju (2):
  kernel-fitimage: Adjust order of dtb/dtbo files
  kernel-fitimage: Allow user to select dtb when multiple dtb exists

Saul Wold (1):
  at: Change when files are copied

Steve Sakoman (1):
  Revert "libksba: fix CVE-2022-47629"

 meta/classes/cve-check.bbclass                |   6 +-
 meta/classes/image.bbclass                    |   3 +-
 meta/classes/kernel-fitimage.bbclass          |  21 +-
 meta/classes/toolchain-scripts.bbclass        |   2 +-
 meta/lib/oe/reproducible.py                   |   3 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +-
 .../dhcpcd/dhcpcd_9.4.1.bb                    |   2 +
 ...low-getrandom-sysctl-for-newer-glibc.patch |  30 ++
 ...sep-Allow-newfstatat-syscall-as-well.patch |  31 ++
 meta/recipes-core/busybox/busybox.inc         |  26 +-
 .../recipes-core/meta/cve-update-db-native.bb |  88 ++++--
 meta/recipes-devtools/gcc/gcc-11.3.inc        |   1 -
 ...rm-add-armv9-a-architecture-to-march.patch |  89 +++---
 ...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 269 +++++++++++++-----
 ...s-fix-v4bx-to-linker-to-support-EABI.patch |  10 +-
 ...019-nios2-Define-MUSL_DYNAMIC_LINKER.patch |  25 --
 meta/recipes-devtools/go/go-1.17.13.inc       |   1 +
 .../go/go-1.18/CVE-2022-41717.patch           |  89 ++++++
 meta/recipes-extended/at/at_3.2.5.bb          |   6 +-
 .../cairo/cairo/CVE-2019-6461.patch           |  46 +--
 .../cairo/cairo/CVE-2019-6462.patch           |  46 ++-
 .../harfbuzz/harfbuzz_4.0.1.bb                |   6 +-
 ...possible-memleaks-in-XkbGetKbdByName.patch |  63 ----
 ...ntedString-against-request-length-at.patch |  38 ---
 ...-xorg_21.1.4.bb => xserver-xorg_21.1.6.bb} |   4 +-
 ...{xwayland_22.1.5.bb => xwayland_22.1.7.bb} |   2 +-
 ...20221109.bb => linux-firmware_20221214.bb} |   4 +-
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +-
 ...ules_2.13.7.bb => lttng-modules_2.13.8.bb} |   2 +-
 ...ec-Add-check-for-avformat_new_stream.patch |  67 +++++
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb |   3 +-
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb |   1 +
 ...overflow-in-the-CRL-signature-parser.patch |  72 -----
 .../libksba/ksba-add-pkgconfig-support.patch  |   6 +-
 .../{libksba_1.6.2.bb => libksba_1.6.3.bb}    |   5 +-
 .../libseccomp/libseccomp_2.5.3.bb            |   2 +-
 meta/recipes-support/vim/vim.inc              |   4 +-
 39 files changed, 662 insertions(+), 451 deletions(-)
 create mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-privsep-Allow-getrandom-sysctl-for-newer-glibc.patch
 create mode 100644 meta/recipes-connectivity/dhcpcd/files/0002-privsep-Allow-newfstatat-syscall-as-well.patch
 delete mode 100644 meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2022-41717.patch
 delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
 delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.4.bb => xserver-xorg_21.1.6.bb} (80%)
 rename meta/recipes-graphics/xwayland/{xwayland_22.1.5.bb => xwayland_22.1.7.bb} (95%)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20221109.bb => linux-firmware_20221214.bb} (99%)
 rename meta/recipes-kernel/lttng/{lttng-modules_2.13.7.bb => lttng-modules_2.13.8.bb} (94%)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch
 delete mode 100644 meta/recipes-support/libksba/libksba/0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch
 rename meta/recipes-support/libksba/{libksba_1.6.2.bb => libksba_1.6.3.bb} (86%)

-- 
2.25.1

[OE-core][kirkstone 01/32] go: fix CVE-2022-41717 Excessive memory use in got server

[Steve Sakoman]

From: Hitendra Prajapati <hprajapati@mvista.com>

Upstream-Status: Backport from https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-1.17.13.inc       |  1 +
 .../go/go-1.18/CVE-2022-41717.patch           | 89 +++++++++++++++++++
 2 files changed, 90 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2022-41717.patch

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc
index a1942e9f15..99662bd298 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -19,6 +19,7 @@ SRC_URI += "\
     file://CVE-2022-27664.patch \
     file://0001-net-http-httputil-avoid-query-parameter-smuggling.patch \
     file://CVE-2022-41715.patch \
+    file://CVE-2022-41717.patch \
 "
 SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 
diff --git a/meta/recipes-devtools/go/go-1.18/CVE-2022-41717.patch b/meta/recipes-devtools/go/go-1.18/CVE-2022-41717.patch
new file mode 100644
index 0000000000..e2ab92ed00
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.18/CVE-2022-41717.patch
@@ -0,0 +1,89 @@
+From 618120c165669c00a1606505defea6ca755cdc27 Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Wed, 30 Nov 2022 16:46:33 -0500
+Subject: [PATCH] [release-branch.go1.19] net/http: update bundled
+ golang.org/x/net/http2
+
+Disable cmd/internal/moddeps test, since this update includes PRIVATE
+track fixes.
+
+For #56350.
+For #57009.
+Fixes CVE-2022-41717.
+
+Change-Id: I5c6ce546add81f361dcf0d5123fa4eaaf8f0a03b
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1663835
+Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/455363
+TryBot-Result: Gopher Robot <gobot@golang.org>
+Run-TryBot: Jenny Rakoczy <jenny@golang.org>
+Reviewed-by: Michael Pratt <mpratt@google.com>
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27]
+CVE: CVE-2022-41717
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/cmd/internal/moddeps/moddeps_test.go |  1 +
+ src/net/http/h2_bundle.go                | 18 +++++++++++-------
+ 2 files changed, 12 insertions(+), 7 deletions(-)
+
+diff --git a/src/cmd/internal/moddeps/moddeps_test.go b/src/cmd/internal/moddeps/moddeps_test.go
+index 3306e29..d48d43f 100644
+--- a/src/cmd/internal/moddeps/moddeps_test.go
++++ b/src/cmd/internal/moddeps/moddeps_test.go
+@@ -34,6 +34,7 @@ import (
+ // See issues 36852, 41409, and 43687.
+ // (Also see golang.org/issue/27348.)
+ func TestAllDependencies(t *testing.T) {
++	t.Skip("TODO(#57009): 1.19.4 contains unreleased changes from vendored modules")
+ 	t.Skip("TODO(#53977): 1.18.5 contains unreleased changes from vendored modules")
+ 
+ 	goBin := testenv.GoToolPath(t)
+diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
+index 6e2ef30..9d6abd8 100644
+--- a/src/net/http/h2_bundle.go
++++ b/src/net/http/h2_bundle.go
+@@ -4189,6 +4189,7 @@ type http2serverConn struct {
+ 	headerTableSize             uint32
+ 	peerMaxHeaderListSize       uint32            // zero means unknown (default)
+ 	canonHeader                 map[string]string // http2-lower-case -> Go-Canonical-Case
++	canonHeaderKeysSize         int               // canonHeader keys size in bytes
+ 	writingFrame                bool              // started writing a frame (on serve goroutine or separate)
+ 	writingFrameAsync           bool              // started a frame on its own goroutine but haven't heard back on wroteFrameCh
+ 	needsFrameFlush             bool              // last frame write wasn't a flush
+@@ -4368,6 +4369,13 @@ func (sc *http2serverConn) condlogf(err error, format string, args ...interface{
+ 	}
+ }
+ 
++// maxCachedCanonicalHeadersKeysSize is an arbitrarily-chosen limit on the size
++// of the entries in the canonHeader cache.
++// This should be larger than the size of unique, uncommon header keys likely to
++// be sent by the peer, while not so high as to permit unreasonable memory usage
++// if the peer sends an unbounded number of unique header keys.
++const http2maxCachedCanonicalHeadersKeysSize = 2048
++
+ func (sc *http2serverConn) canonicalHeader(v string) string {
+ 	sc.serveG.check()
+ 	http2buildCommonHeaderMapsOnce()
+@@ -4383,14 +4391,10 @@ func (sc *http2serverConn) canonicalHeader(v string) string {
+ 		sc.canonHeader = make(map[string]string)
+ 	}
+ 	cv = CanonicalHeaderKey(v)
+-	// maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of
+-	// entries in the canonHeader cache. This should be larger than the number
+-	// of unique, uncommon header keys likely to be sent by the peer, while not
+-	// so high as to permit unreaasonable memory usage if the peer sends an unbounded
+-	// number of unique header keys.
+-	const maxCachedCanonicalHeaders = 32
+-	if len(sc.canonHeader) < maxCachedCanonicalHeaders {
++	size := 100 + len(v)*2 // 100 bytes of map overhead + key + value
++	if sc.canonHeaderKeysSize+size <= http2maxCachedCanonicalHeadersKeysSize {
+ 		sc.canonHeader[v] = cv
++		sc.canonHeaderKeysSize += size
+ 	}
+ 	return cv
+ }
+-- 
+2.25.1
+
-- 
2.25.1

[OE-core][kirkstone 02/32] ffmpeg: fix for CVE-2022-3341

[Steve Sakoman]

From: Narpat Mali <narpat.mali@windriver.com>

avformat/nutdec: Add check for avformat_new_stream
Check for failure of avformat_new_stream() and propagate
the error code.

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ec-Add-check-for-avformat_new_stream.patch | 67 +++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb |  3 +-
 2 files changed, 69 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch
new file mode 100644
index 0000000000..41d5884f88
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch
@@ -0,0 +1,67 @@
+From 9cf652cef49d74afe3d454f27d49eb1a1394951e Mon Sep 17 00:00:00 2001
+From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
+Date: Wed, 23 Feb 2022 10:31:59 +0800
+Subject: [PATCH] avformat/nutdec: Add check for avformat_new_stream
+
+Check for failure of avformat_new_stream() and propagate
+the error code.
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2022-3341
+
+Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e]
+
+Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
+---
+ libavformat/nutdec.c | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c
+index 0a8a700acf..f9ad2c0af1 100644
+--- a/libavformat/nutdec.c
++++ b/libavformat/nutdec.c
+@@ -351,8 +351,12 @@ static int decode_main_header(NUTContext *nut)
+         ret = AVERROR(ENOMEM);
+         goto fail;
+     }
+-    for (i = 0; i < stream_count; i++)
+-        avformat_new_stream(s, NULL);
++    for (i = 0; i < stream_count; i++) {
++        if (!avformat_new_stream(s, NULL)) {
++            ret = AVERROR(ENOMEM);
++            goto fail;
++        }
++    }
+ 
+     return 0;
+ fail:
+@@ -800,19 +804,23 @@ static int nut_read_header(AVFormatContext *s)
+     NUTContext *nut = s->priv_data;
+     AVIOContext *bc = s->pb;
+     int64_t pos;
+-    int initialized_stream_count;
++    int initialized_stream_count, ret;
+ 
+     nut->avf = s;
+ 
+     /* main header */
+     pos = 0;
++    ret = 0;
+     do {
++        if (ret == AVERROR(ENOMEM))
++            return ret;
++
+         pos = find_startcode(bc, MAIN_STARTCODE, pos) + 1;
+         if (pos < 0 + 1) {
+             av_log(s, AV_LOG_ERROR, "No main startcode found.\n");
+             return AVERROR_INVALIDDATA;
+         }
+-    } while (decode_main_header(nut) < 0);
++    } while ((ret = decode_main_header(nut)) < 0);
+ 
+     /* stream headers */
+     pos = 0;
+-- 
+2.34.1
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
index c5bebe9c2d..4bcbda9976 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
@@ -27,7 +27,8 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
            file://0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch \
            file://0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch \
            file://0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch \
-          "
+           file://0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch \
+           "
 
 SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b"
 
-- 
2.25.1

[OE-core][kirkstone 03/32] cve-update-db-native: avoid incomplete updates

[Steve Sakoman]

From: Marta Rybczynska <rybczynska@gmail.com>

The database update has been done on the original file. In case of
network connection issues, temporary outage of the NVD server or
a similar situation, the function could exit with incomplete data
in the database. This patch solves the issue by performing the update
on a copy of the database. It replaces the main one only if the whole
update was successful.

See https://bugzilla.yoctoproject.org/show_bug.cgi?id=14929

Reported-by: Alberto Pianon <alberto@pianon.eu>
Signed-off-by: Marta Rybczynska <marta.rybczynska@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8efe99214d8b005f0ecac690ce5ba17b31758f92)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../recipes-core/meta/cve-update-db-native.bb | 83 ++++++++++++++-----
 1 file changed, 61 insertions(+), 22 deletions(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 9b9dbbd75f..079f062f79 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -21,6 +21,8 @@ CVE_DB_UPDATE_INTERVAL ?= "86400"
 # Timeout for blocking socket operations, such as the connection attempt.
 CVE_SOCKET_TIMEOUT ?= "60"
 
+CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_1.1.db"
+
 python () {
     if not bb.data.inherits_class("cve-check", d):
         raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.")
@@ -32,25 +34,15 @@ python do_fetch() {
     """
     import bb.utils
     import bb.progress
-    import sqlite3, urllib, urllib.parse, gzip
-    from datetime import date
+    import shutil
 
     bb.utils.export_proxies(d)
 
-    YEAR_START = 2002
-
     db_file = d.getVar("CVE_CHECK_DB_FILE")
     db_dir = os.path.dirname(db_file)
+    db_tmp_file = d.getVar("CVE_DB_TEMP_FILE")
 
-    cve_socket_timeout = int(d.getVar("CVE_SOCKET_TIMEOUT"))
-
-    if os.path.exists("{0}-journal".format(db_file)):
-        # If a journal is present the last update might have been interrupted. In that case,
-        # just wipe any leftovers and force the DB to be recreated.
-        os.remove("{0}-journal".format(db_file))
-
-        if os.path.exists(db_file):
-            os.remove(db_file)
+    cleanup_db_download(db_file, db_tmp_file)
 
     # The NVD database changes once a day, so no need to update more frequently
     # Allow the user to force-update
@@ -68,9 +60,60 @@ python do_fetch() {
         pass
 
     bb.utils.mkdirhier(db_dir)
+    if os.path.exists(db_file):
+        shutil.copy2(db_file, db_tmp_file)
+
+    if update_db_file(db_tmp_file, d) == True:
+        # Update downloaded correctly, can swap files
+        shutil.move(db_tmp_file, db_file)
+    else:
+        # Update failed, do not modify the database
+        bb.note("CVE database update failed")
+        os.remove(db_tmp_file)
+}
+
+do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
+do_fetch[file-checksums] = ""
+do_fetch[vardeps] = ""
+
+def cleanup_db_download(db_file, db_tmp_file):
+    """
+    Cleanup the download space from possible failed downloads
+    """
+
+    # Clean up the updates done on the main file
+    # Remove it only if a journal file exists - it means a complete re-download
+    if os.path.exists("{0}-journal".format(db_file)):
+        # If a journal is present the last update might have been interrupted. In that case,
+        # just wipe any leftovers and force the DB to be recreated.
+        os.remove("{0}-journal".format(db_file))
+
+        if os.path.exists(db_file):
+            os.remove(db_file)
+
+    # Clean-up the temporary file downloads, we can remove both journal
+    # and the temporary database
+    if os.path.exists("{0}-journal".format(db_tmp_file)):
+        # If a journal is present the last update might have been interrupted. In that case,
+        # just wipe any leftovers and force the DB to be recreated.
+        os.remove("{0}-journal".format(db_tmp_file))
+
+    if os.path.exists(db_tmp_file):
+        os.remove(db_tmp_file)
+
+def update_db_file(db_tmp_file, d):
+    """
+    Update the given database file
+    """
+    import bb.utils, bb.progress
+    from datetime import date
+    import urllib, gzip, sqlite3
+
+    YEAR_START = 2002
+    cve_socket_timeout = int(d.getVar("CVE_SOCKET_TIMEOUT"))
 
     # Connect to database
-    conn = sqlite3.connect(db_file)
+    conn = sqlite3.connect(db_tmp_file)
     initialize_db(conn)
 
     with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f:
@@ -88,7 +131,7 @@ python do_fetch() {
             except urllib.error.URLError as e:
                 cve_f.write('Warning: CVE db update error, Unable to fetch CVE data.\n\n')
                 bb.warn("Failed to fetch CVE data (%s)" % e.reason)
-                return
+                return False
 
             if response:
                 for l in response.read().decode("utf-8").splitlines():
@@ -98,7 +141,7 @@ python do_fetch() {
                         break
                 else:
                     bb.warn("Cannot parse CVE metadata, update failed")
-                    return
+                    return False
 
             # Compare with current db last modified date
             cursor = conn.execute("select DATE from META where YEAR = ?", (year,))
@@ -119,7 +162,7 @@ python do_fetch() {
                 except urllib.error.URLError as e:
                     cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
                     bb.warn("Cannot parse CVE data (%s), update failed" % e.reason)
-                    return
+                    return False
             else:
                 bb.debug(2, "Already up to date (last modified %s)" % last_modified)
             # Update success, set the date to cve_check file.
@@ -128,11 +171,7 @@ python do_fetch() {
 
         conn.commit()
         conn.close()
-}
-
-do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
-do_fetch[file-checksums] = ""
-do_fetch[vardeps] = ""
+        return True
 
 def initialize_db(conn):
     with conn:
-- 
2.25.1

[OE-core][kirkstone 04/32] cve-update-db-native: show IP on failure

[Steve Sakoman]

From: Ross Burton <ross.burton@arm.com>

We get random SSL failures when fetching the CVE database, and it's
notable that the NVD server is behind a DNS round-robin or geographically
diverse servers.

On a hunch that there is one misconfigured server, dump the IP that we
connected to.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91f46d431dc8f40e8c6475c800bb61cb08b82b0a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 079f062f79..e042e67b09 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -130,7 +130,10 @@ def update_db_file(db_tmp_file, d):
                 response = urllib.request.urlopen(meta_url, timeout=cve_socket_timeout)
             except urllib.error.URLError as e:
                 cve_f.write('Warning: CVE db update error, Unable to fetch CVE data.\n\n')
-                bb.warn("Failed to fetch CVE data (%s)" % e.reason)
+                bb.warn("Failed to fetch CVE data (%s)" % e)
+                import socket
+                result = socket.getaddrinfo("nvd.nist.gov", 443, proto=socket.IPPROTO_TCP)
+                bb.warn("Host IPs are %s" % (", ".join(t[4][0] for t in result)))
                 return False
 
             if response:
-- 
2.25.1

[OE-core][kirkstone 05/32] cve-check: write the cve manifest to IMGDEPLOYDIR

[Steve Sakoman]

From: Jermain Horsman <jermain.horsman@nedap.com>

When building an image cve_check_write_rootfs_manifest() would sometimes fail
with a FileNotFoundError when writing the manifest.cve due to the parent
directory (DEPLOY_DIR_IMAGE) not (yet) existing.

The image task will provide the manifest in the deploy directory afterwards,
so other recipes depending on the manifest being in DEPLOY_DIR_IMAGE should
continue to function properly.

Signed-off-by: Jermain Horsman <jermain.horsman@nedap.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00fb2aae22ce0d7ff5f3f8766fa770eeb4e73483)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/cve-check.bbclass | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 16466586a7..b9c0bfd6d8 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -42,8 +42,8 @@ CVE_CHECK_LOG_JSON ?= "${T}/cve.json"
 CVE_CHECK_DIR ??= "${DEPLOY_DIR}/cve"
 CVE_CHECK_RECIPE_FILE ?= "${CVE_CHECK_DIR}/${PN}"
 CVE_CHECK_RECIPE_FILE_JSON ?= "${CVE_CHECK_DIR}/${PN}_cve.json"
-CVE_CHECK_MANIFEST ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve"
-CVE_CHECK_MANIFEST_JSON ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.json"
+CVE_CHECK_MANIFEST ?= "${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve"
+CVE_CHECK_MANIFEST_JSON ?= "${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.json"
 CVE_CHECK_COPY_FILES ??= "1"
 CVE_CHECK_CREATE_MANIFEST ??= "1"
 
@@ -196,7 +196,7 @@ python cve_check_write_rootfs_manifest () {
         recipies.add(pkg_data["PN"])
 
     bb.note("Writing rootfs CVE manifest")
-    deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
+    deploy_dir = d.getVar("IMGDEPLOYDIR")
     link_name = d.getVar("IMAGE_LINK_NAME")
 
     json_data = {"version":"1", "package": []}
-- 
2.25.1

[OE-core][kirkstone 06/32] cairo: fix CVE patches assigned wrong CVE number

[Steve Sakoman]

From: Quentin Schulz <quentin.schulz@theobroma-systems.com>

CVE-2019-6461 and CVE-2019-6462 are fixed, but the reporting is
incorrect as the patch for CVE-2019-6461 is actually for CVE-2019-6462
and vice-versa.

This swaps both files and edit the CVE field to report the correct
identifier.

Cc: Quentin Schulz <foss+yocto@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f12c2a5ac94cb29f473f3c7e335463c7fb6d8a6e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../cairo/cairo/CVE-2019-6461.patch           | 46 ++++++-------------
 .../cairo/cairo/CVE-2019-6462.patch           | 46 +++++++++++++------
 2 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
index 0b7d9a0c36..a2dba6cb20 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
@@ -1,40 +1,20 @@
-CVE: CVE-2019-6461
-Upstream-Status: Backport
-Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
-
-From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001
-From: Heiko Lewin <hlewin@gmx.de>
-Date: Sun, 1 Aug 2021 11:16:03 +0000
-Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop
+There is an assertion in function _cairo_arc_in_direction().
 
----
- src/cairo-arc.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
+CVE: CVE-2019-6461
+Upstream-Status: Pending
+Signed-off-by: Ross Burton <ross.burton@intel.com>
 
 diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..1c891d1a0 100644
+index 390397bae..1bde774a4 100644
 --- a/src/cairo-arc.c
 +++ b/src/cairo-arc.c
-@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
- 	{ M_PI / 11.0,  9.81410988043554039085e-09 },
-     };
-     int table_size = ARRAY_LENGTH (table);
-+    const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
+@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
+     if (cairo_status (cr))
+         return;
  
-     for (i = 0; i < table_size; i++)
- 	if (table[i].error < tolerance)
- 	    return table[i].angle;
+-    assert (angle_max >= angle_min);
++    if (angle_max < angle_min)
++       return;
  
-     ++i;
-+
-     do {
- 	angle = M_PI / i++;
- 	error = _arc_error_normalized (angle);
--    } while (error > tolerance);
-+    } while (error > tolerance && i < max_segments);
- 
-     return angle;
- }
--- 
-2.38.1
-
+     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+ 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
index 4e4598c5b5..7c3209291b 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
@@ -1,20 +1,40 @@
-There is an assertion in function _cairo_arc_in_direction().
-
 CVE: CVE-2019-6462
-Upstream-Status: Pending
-Signed-off-by: Ross Burton <ross.burton@intel.com>
+Upstream-Status: Backport
+Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
+
+From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <hlewin@gmx.de>
+Date: Sun, 1 Aug 2021 11:16:03 +0000
+Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop
+
+---
+ src/cairo-arc.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
 
 diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..1bde774a4 100644
+index 390397bae..1c891d1a0 100644
 --- a/src/cairo-arc.c
 +++ b/src/cairo-arc.c
-@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
-     if (cairo_status (cr))
-         return;
+@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+ 	{ M_PI / 11.0,  9.81410988043554039085e-09 },
+     };
+     int table_size = ARRAY_LENGTH (table);
++    const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
  
--    assert (angle_max >= angle_min);
-+    if (angle_max < angle_min)
-+       return;
+     for (i = 0; i < table_size; i++)
+ 	if (table[i].error < tolerance)
+ 	    return table[i].angle;
  
-     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
- 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
+     ++i;
++
+     do {
+ 	angle = M_PI / i++;
+ 	error = _arc_error_normalized (angle);
+-    } while (error > tolerance);
++    } while (error > tolerance && i < max_segments);
+ 
+     return angle;
+ }
+-- 
+2.38.1
+
-- 
2.25.1

[OE-core][kirkstone 07/32] lttng-modules: update 2.13.7 -> 2.13.8

[Steve Sakoman]

From: He Zhe <zhe.he@windriver.com>

Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../lttng/{lttng-modules_2.13.7.bb => lttng-modules_2.13.8.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-kernel/lttng/{lttng-modules_2.13.7.bb => lttng-modules_2.13.8.bb} (94%)

diff --git a/meta/recipes-kernel/lttng/lttng-modules_2.13.7.bb b/meta/recipes-kernel/lttng/lttng-modules_2.13.8.bb
similarity index 94%
rename from meta/recipes-kernel/lttng/lttng-modules_2.13.7.bb
rename to meta/recipes-kernel/lttng/lttng-modules_2.13.8.bb
index 49c584dff4..542f42ae19 100644
--- a/meta/recipes-kernel/lttng/lttng-modules_2.13.7.bb
+++ b/meta/recipes-kernel/lttng/lttng-modules_2.13.8.bb
@@ -16,7 +16,7 @@ SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \
 # Use :append here so that the patch is applied also when using devupstream
 SRC_URI:append = " file://0001-src-Kbuild-change-missing-CONFIG_TRACEPOINTS-to-warn.patch"
 
-SRC_URI[sha256sum] = "5a99679df7903160cbde3918fee5af90ffafc90fc96ccdefaa57cf230492b234"
+SRC_URI[sha256sum] = "f525d3d48ea3a475cb535339c201666d0e4c75ec8c46d29837bcf381ea02cb19"
 
 export INSTALL_MOD_DIR="kernel/lttng-modules"
 
-- 
2.25.1

[OE-core][kirkstone 08/32] Revert "libksba: fix CVE-2022-47629"

[Steve Sakoman]

Prepare for stable version bump which includes this fix

This reverts commit e4cb0bf273ea556db91699594046a47514c8583c.
---
 ...overflow-in-the-CRL-signature-parser.patch | 72 -------------------
 meta/recipes-support/libksba/libksba_1.6.2.bb |  3 +-
 2 files changed, 1 insertion(+), 74 deletions(-)
 delete mode 100644 meta/recipes-support/libksba/libksba/0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch

diff --git a/meta/recipes-support/libksba/libksba/0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch b/meta/recipes-support/libksba/libksba/0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch
deleted file mode 100644
index 8c0080d56b..0000000000
--- a/meta/recipes-support/libksba/libksba/0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From f61a5ea4e0f6a80fd4b28ef0174bee77793cf070 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Tue, 22 Nov 2022 16:36:46 +0100
-Subject: [PATCH] Fix an integer overflow in the CRL signature parser.
-
-* src/crl.c (parse_signature): N+N2 now checked for overflow.
-
-* src/ocsp.c (parse_response_extensions): Do not accept too large
-values.
-(parse_single_extensions): Ditto.
---
-
-The second patch is an extra safegourd not related to the reported
-bug.
-
-CVE: CVE-2022-47629
-
-Upstream-Status: Backport [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f61a5ea4e0f6a80fd4b28ef0174bee77793cf070]
-
-GnuPG-bug-id: 6284
-Reported-by: Joseph Surin, elttam
----
- src/crl.c  |  2 +-
- src/ocsp.c | 12 ++++++++++++
- 2 files changed, 13 insertions(+), 1 deletion(-)
-
-diff --git a/src/crl.c b/src/crl.c
-index 9f71c85..2e6ca29 100644
---- a/src/crl.c
-+++ b/src/crl.c
-@@ -1349,7 +1349,7 @@ parse_signature (ksba_crl_t crl)
-          && !ti.is_constructed) )
-     return gpg_error (GPG_ERR_INV_CRL_OBJ);
-   n2 = ti.nhdr + ti.length;
--  if (n + n2 >= DIM(tmpbuf))
-+  if (n + n2 >= DIM(tmpbuf) || (n + n2) < n)
-     return gpg_error (GPG_ERR_TOO_LARGE);
-   memcpy (tmpbuf+n, ti.buf, ti.nhdr);
-   err = read_buffer (crl->reader, tmpbuf+n+ti.nhdr, ti.length);
-diff --git a/src/ocsp.c b/src/ocsp.c
-index d4cba04..657d15f 100644
---- a/src/ocsp.c
-+++ b/src/ocsp.c
-@@ -721,6 +721,12 @@ parse_response_extensions (ksba_ocsp_t ocsp,
-               || memcmp (ocsp->nonce, data, ti.length))
-             ocsp->bad_nonce = 1;
-         }
-+      if (ti.length > (1<<24))
-+        {
-+          /* Bail out on much too large objects.  */
-+          err = gpg_error (GPG_ERR_BAD_BER);
-+          goto leave;
-+        }
-       ex = xtrymalloc (sizeof *ex + strlen (oid) + ti.length);
-       if (!ex)
-         {
-@@ -788,6 +794,12 @@ parse_single_extensions (struct ocsp_reqitem_s *ri,
-       err = parse_octet_string (&data, &datalen, &ti);
-       if (err)
-         goto leave;
-+      if (ti.length > (1<<24))
-+        {
-+          /* Bail out on much too large objects.  */
-+          err = gpg_error (GPG_ERR_BAD_BER);
-+          goto leave;
-+        }
-       ex = xtrymalloc (sizeof *ex + strlen (oid) + ti.length);
-       if (!ex)
-         {
--- 
-2.32.0
-
diff --git a/meta/recipes-support/libksba/libksba_1.6.2.bb b/meta/recipes-support/libksba/libksba_1.6.2.bb
index d0ee8475f8..f6ecb9aec4 100644
--- a/meta/recipes-support/libksba/libksba_1.6.2.bb
+++ b/meta/recipes-support/libksba/libksba_1.6.2.bb
@@ -22,8 +22,7 @@ inherit autotools binconfig-disabled pkgconfig texinfo
 
 UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html"
 SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \
-           file://ksba-add-pkgconfig-support.patch \
-           file://0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch"
+           file://ksba-add-pkgconfig-support.patch"
 
 SRC_URI[sha256sum] = "fce01ccac59812bddadffacff017dac2e4762bdb6ebc6ffe06f6ed4f6192c971"
 
-- 
2.25.1

[OE-core][kirkstone 09/32] libksba: update 1.6.2 -> 1.6.3

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Noteworthy changes in version 1.6.3 (2022-12-06)

Fix another integer overflow in the CRL parser. [T6284,CVE-2022-47629]

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 83f3f21b1b84ab9e7b461ac966691c80f4ed4e97)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit f098cb5073051eb371f4142678b4b3d5e7b52426)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libksba/libksba/ksba-add-pkgconfig-support.patch        | 6 +++---
 .../libksba/{libksba_1.6.2.bb => libksba_1.6.3.bb}          | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)
 rename meta/recipes-support/libksba/{libksba_1.6.2.bb => libksba_1.6.3.bb} (94%)

diff --git a/meta/recipes-support/libksba/libksba/ksba-add-pkgconfig-support.patch b/meta/recipes-support/libksba/libksba/ksba-add-pkgconfig-support.patch
index af96bd57cd..bdb80ff34d 100644
--- a/meta/recipes-support/libksba/libksba/ksba-add-pkgconfig-support.patch
+++ b/meta/recipes-support/libksba/libksba/ksba-add-pkgconfig-support.patch
@@ -1,4 +1,4 @@
-From 6081640895b6d566fa21123e2de7d111eeab5c4c Mon Sep 17 00:00:00 2001
+From ca8174aa81d7bf364b33f7254a9e887735c4996d Mon Sep 17 00:00:00 2001
 From: Chen Qi <Qi.Chen@windriver.com>
 Date: Mon, 3 Dec 2012 18:17:31 +0800
 Subject: [PATCH] libksba: add pkgconfig support
@@ -16,7 +16,7 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
  1 file changed, 4 insertions(+), 86 deletions(-)
 
 diff --git a/src/ksba.m4 b/src/ksba.m4
-index 6b55bb8..6e7336f 100644
+index 452c245..aa96255 100644
 --- a/src/ksba.m4
 +++ b/src/ksba.m4
 @@ -23,37 +23,6 @@ dnl with a changed API.
@@ -44,7 +44,7 @@ index 6b55bb8..6e7336f 100644
 -  fi
 -
 -  use_gpgrt_config=""
--  if test x"$KSBA_CONFIG" = x -a x"$GPGRT_CONFIG" != x -a "$GPGRT_CONFIG" != "no"; then
+-  if test x"$GPGRT_CONFIG" != x -a "$GPGRT_CONFIG" != "no"; then
 -    if $GPGRT_CONFIG ksba --exists; then
 -      KSBA_CONFIG="$GPGRT_CONFIG ksba"
 -      AC_MSG_NOTICE([Use gpgrt-config as ksba-config])
diff --git a/meta/recipes-support/libksba/libksba_1.6.2.bb b/meta/recipes-support/libksba/libksba_1.6.3.bb
similarity index 94%
rename from meta/recipes-support/libksba/libksba_1.6.2.bb
rename to meta/recipes-support/libksba/libksba_1.6.3.bb
index f6ecb9aec4..dc39693be4 100644
--- a/meta/recipes-support/libksba/libksba_1.6.2.bb
+++ b/meta/recipes-support/libksba/libksba_1.6.3.bb
@@ -24,7 +24,7 @@ UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html"
 SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \
            file://ksba-add-pkgconfig-support.patch"
 
-SRC_URI[sha256sum] = "fce01ccac59812bddadffacff017dac2e4762bdb6ebc6ffe06f6ed4f6192c971"
+SRC_URI[sha256sum] = "3f72c68db30971ebbf14367527719423f0a4d5f8103fc9f4a1c01a9fa440de5c"
 
 do_configure:prepend () {
 	# Else these could be used in preference to those in aclocal-copy
-- 
2.25.1

[OE-core][kirkstone 10/32] linux-firmware: upgrade 20221109 -> 20221214

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

License-Update: additional files

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 15f3a9f6c4406ddc00f7dc0ca7e1beafe9c71a9f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...{linux-firmware_20221109.bb => linux-firmware_20221214.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20221109.bb => linux-firmware_20221214.bb} (99%)

diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20221109.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20221214.bb
similarity index 99%
rename from meta/recipes-kernel/linux-firmware/linux-firmware_20221109.bb
rename to meta/recipes-kernel/linux-firmware/linux-firmware_20221214.bb
index b05b960ebd..c2354e627f 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20221109.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20221214.bb
@@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
                     "
 # WHENCE checksum is defined separately to ease overriding it if
 # class-devupstream is selected.
-WHENCE_CHKSUM  = "ab4ba608dc4b757716871f9be033f0f1"
+WHENCE_CHKSUM  = "bf7c716d16e48fe118c6209f99b13253"
 
 # These are not common licenses, set NO_GENERIC_LICENSE for them
 # so that the license files will be copied from fetched source
@@ -209,7 +209,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw
 # Pin this to the 20220509 release, override this in local.conf
 SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae"
 
-SRC_URI[sha256sum] = "c0ddffbbcf30f2e015bddd5c6d3ce1f13976b906aceabda4a57e3c41a3190701"
+SRC_URI[sha256sum] = "e793783e92acbde549965521462d1d1327827360664cf242dbda08f075654331"
 
 inherit allarch
 
-- 
2.25.1

[OE-core][kirkstone 11/32] xwayland: upgrade 22.1.5 -> 22.1.7

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c37ec8b2d91605d6eb5228f0a447fb83f111edc3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../xwayland/{xwayland_22.1.5.bb => xwayland_22.1.7.bb}         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-graphics/xwayland/{xwayland_22.1.5.bb => xwayland_22.1.7.bb} (95%)

diff --git a/meta/recipes-graphics/xwayland/xwayland_22.1.5.bb b/meta/recipes-graphics/xwayland/xwayland_22.1.7.bb
similarity index 95%
rename from meta/recipes-graphics/xwayland/xwayland_22.1.5.bb
rename to meta/recipes-graphics/xwayland/xwayland_22.1.7.bb
index 51d847a093..dd32bd0111 100644
--- a/meta/recipes-graphics/xwayland/xwayland_22.1.5.bb
+++ b/meta/recipes-graphics/xwayland/xwayland_22.1.7.bb
@@ -10,7 +10,7 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYING;md5=5df87950af51ac2c5822094553ea1880"
 
 SRC_URI = "https://www.x.org/archive/individual/xserver/xwayland-${PV}.tar.xz"
-SRC_URI[sha256sum] = "e317ac1f119f8321654921761420901e4abd95585a8c763ce26af3b045ac1672"
+SRC_URI[sha256sum] = "d53afac6c71953f5cf66d03d289dacd8961da5bd309c1dff125d5955d9db5f76"
 
 UPSTREAM_CHECK_REGEX = "xwayland-(?P<pver>\d+(\.(?!90\d)\d+)+)\.tar"
 
-- 
2.25.1

[OE-core][kirkstone 12/32] xserver-xorg: upgrade 21.1.4 -> 21.1.6

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 009e8d6a292690a0c355d12be2368a9677c701f5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...possible-memleaks-in-XkbGetKbdByName.patch | 63 -------------------
 ...ntedString-against-request-length-at.patch | 38 -----------
 ...-xorg_21.1.4.bb => xserver-xorg_21.1.6.bb} |  4 +-
 3 files changed, 1 insertion(+), 104 deletions(-)
 delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
 delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.4.bb => xserver-xorg_21.1.6.bb} (80%)

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
deleted file mode 100644
index 0e61ec5953..0000000000
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-CVE: CVE-2022-3551
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 18f91b950e22c2a342a4fbc55e9ddf7534a707d2 Mon Sep 17 00:00:00 2001
-From: Peter Hutterer <peter.hutterer@who-t.net>
-Date: Wed, 13 Jul 2022 11:23:09 +1000
-Subject: [PATCH] xkb: fix some possible memleaks in XkbGetKbdByName
-
-GetComponentByName returns an allocated string, so let's free that if we
-fail somewhere.
-
-Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
----
- xkb/xkb.c | 26 ++++++++++++++++++++------
- 1 file changed, 20 insertions(+), 6 deletions(-)
-
-diff --git a/xkb/xkb.c b/xkb/xkb.c
-index 4692895db..b79a269e3 100644
---- a/xkb/xkb.c
-+++ b/xkb/xkb.c
-@@ -5935,18 +5935,32 @@ ProcXkbGetKbdByName(ClientPtr client)
-     xkb = dev->key->xkbInfo->desc;
-     status = Success;
-     str = (unsigned char *) &stuff[1];
--    if (GetComponentSpec(&str, TRUE, &status))  /* keymap, unsupported */
--        return BadMatch;
-+    {
-+        char *keymap = GetComponentSpec(&str, TRUE, &status);  /* keymap, unsupported */
-+        if (keymap) {
-+            free(keymap);
-+            return BadMatch;
-+        }
-+    }
-     names.keycodes = GetComponentSpec(&str, TRUE, &status);
-     names.types = GetComponentSpec(&str, TRUE, &status);
-     names.compat = GetComponentSpec(&str, TRUE, &status);
-     names.symbols = GetComponentSpec(&str, TRUE, &status);
-     names.geometry = GetComponentSpec(&str, TRUE, &status);
--    if (status != Success)
-+    if (status == Success) {
-+        len = str - ((unsigned char *) stuff);
-+        if ((XkbPaddedSize(len) / 4) != stuff->length)
-+            status = BadLength;
-+    }
-+
-+    if (status != Success) {
-+        free(names.keycodes);
-+        free(names.types);
-+        free(names.compat);
-+        free(names.symbols);
-+        free(names.geometry);
-         return status;
--    len = str - ((unsigned char *) stuff);
--    if ((XkbPaddedSize(len) / 4) != stuff->length)
--        return BadLength;
-+    }
- 
-     CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask);
-     CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask);
--- 
-2.34.1
-
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch
deleted file mode 100644
index 6f862e82f9..0000000000
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-CVE: CVE-2022-3550
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 11beef0b7f1ed290348e45618e5fa0d2bffcb72e Mon Sep 17 00:00:00 2001
-From: Peter Hutterer <peter.hutterer@who-t.net>
-Date: Tue, 5 Jul 2022 12:06:20 +1000
-Subject: [PATCH] xkb: proof GetCountedString against request length attacks
-
-GetCountedString did a check for the whole string to be within the
-request buffer but not for the initial 2 bytes that contain the length
-field. A swapped client could send a malformed request to trigger a
-swaps() on those bytes, writing into random memory.
-
-Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
----
- xkb/xkb.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/xkb/xkb.c b/xkb/xkb.c
-index f42f59ef3..1841cff26 100644
---- a/xkb/xkb.c
-+++ b/xkb/xkb.c
-@@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str)
-     CARD16 len;
- 
-     wire = *wire_inout;
-+
-+    if (client->req_len <
-+        bytes_to_int32(wire + 2 - (char *) client->requestBuffer))
-+        return BadValue;
-+
-     len = *(CARD16 *) wire;
-     if (client->swapped) {
-         swaps(&len);
--- 
-2.34.1
-
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.6.bb
similarity index 80%
rename from meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb
rename to meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.6.bb
index aba09afec3..256903ce5f 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.6.bb
@@ -2,10 +2,8 @@ require xserver-xorg.inc
 
 SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \
            file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
-           file://0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch \
-           file://0001-xkb-proof-GetCountedString-against-request-length-at.patch \
            "
-SRC_URI[sha256sum] = "5cc4be8ee47edb58d4a90e603a59d56b40291ad38371b0bd2471fc3cbee1c587"
+SRC_URI[sha256sum] = "1eb86ed674d042b6c8b1f9135e59395cbbca35ed551b122f73a7d8bb3bb22484"
 
 # These extensions are now integrated into the server, so declare the migration
 # path for in-place upgrades.
-- 
2.25.1

[OE-core][kirkstone 13/32] linux-yocto/5.15: ltp and squashfs fixes

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/5.15:

    1c5699ee85d4 fs: move S_ISGID stripping into the vfs_*() helpers
    838f5d0701d8 fs: add mode_strip_sgid() helper
    d97172683641 squashfs: provide backing_dev_info in order to disable read-ahead

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 474ddb758dd1b327540e48ccfe1500fb4231f30b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.15.bb              |  4 ++--
 .../linux/linux-yocto-tiny_5.15.bb            |  4 ++--
 meta/recipes-kernel/linux/linux-yocto_5.15.bb | 24 +++++++++----------
 3 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index fc1ccd9b39..bd57d7c47e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,8 +11,8 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "a0d36398b257c555381e735cd721cd8479d6762d"
-SRCREV_meta ?= "f475b1a9deddbde23f48d7d535abdd5fb133b837"
+SRCREV_machine ?= "9860fe27332e09dd4f0f3b303e40377de083be9a"
+SRCREV_meta ?= "c2d64b008142d2a2bc9c8cca8a3d579a62275122"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 087c30b5a5..8b83b5a8de 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "1c3448ff6cc6d24d16c6ef6065cb642245cac627"
-SRCREV_meta ?= "f475b1a9deddbde23f48d7d535abdd5fb133b837"
+SRCREV_machine ?= "86627fc3da74aefec1338724a597356e6b8ad88b"
+SRCREV_meta ?= "c2d64b008142d2a2bc9c8cca8a3d579a62275122"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index d5f21daf35..0b373c40fe 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86  ?= "v5.15/standard/base"
 KBRANCH:qemux86-64 ?= "v5.15/standard/base"
 KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "d3aa5916b2b02966ef37bfe3fc527c99754571ec"
-SRCREV_machine:qemuarm64 ?= "a1d364fbe3d8a916426a107f07b89fd0338923c7"
-SRCREV_machine:qemumips ?= "904de7b55a7e8edf4cd894fb0558efee799a314a"
-SRCREV_machine:qemuppc ?= "35d547b91124bef128a13402190ca05f54a2392e"
-SRCREV_machine:qemuriscv64 ?= "8cd3f1c8dc13e8fa2d9a25ce0285d3526705eea7"
-SRCREV_machine:qemuriscv32 ?= "8cd3f1c8dc13e8fa2d9a25ce0285d3526705eea7"
-SRCREV_machine:qemux86 ?= "8cd3f1c8dc13e8fa2d9a25ce0285d3526705eea7"
-SRCREV_machine:qemux86-64 ?= "8cd3f1c8dc13e8fa2d9a25ce0285d3526705eea7"
-SRCREV_machine:qemumips64 ?= "ae8ab2e3acaf9e14cd75a6c96f1ba43c66a1babd"
-SRCREV_machine ?= "8cd3f1c8dc13e8fa2d9a25ce0285d3526705eea7"
-SRCREV_meta ?= "f475b1a9deddbde23f48d7d535abdd5fb133b837"
+SRCREV_machine:qemuarm ?= "4915b05912ee7d15224eb9064ca63678f0bc6815"
+SRCREV_machine:qemuarm64 ?= "660bf605998f60fd77f24d3316b95b14ef2fa035"
+SRCREV_machine:qemumips ?= "38bf282c052b70c1c6dd79dc6ae49da1ec1c7de8"
+SRCREV_machine:qemuppc ?= "ac4a5d99364cede21dc1838213f7fb29e1735969"
+SRCREV_machine:qemuriscv64 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
+SRCREV_machine:qemuriscv32 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
+SRCREV_machine:qemux86 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
+SRCREV_machine:qemux86-64 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
+SRCREV_machine:qemumips64 ?= "2923c39cc815e2109c9bfc0985adcd8d342fc415"
+SRCREV_machine ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
+SRCREV_meta ?= "c2d64b008142d2a2bc9c8cca8a3d579a62275122"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "509a32764e1a5692935c4f26ed96fbe94c480186"
+SRCREV_machine:class-devupstream ?= "71e496bd338221709b180b60ba419fa542c2b320"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v5.15/base"
 
-- 
2.25.1

[OE-core][kirkstone 14/32] linux-yocto/5.15: fix perf build with clang

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/5.15:

    4c5a089621a8 perf python: Account for multiple words in CC

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1cf78a856beb42a2d68e6c49bfdbc33fea68ebb5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.15.bb              |  4 ++--
 .../linux/linux-yocto-tiny_5.15.bb            |  4 ++--
 meta/recipes-kernel/linux/linux-yocto_5.15.bb | 22 +++++++++----------
 3 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index bd57d7c47e..63294f5bb6 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,8 +11,8 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "9860fe27332e09dd4f0f3b303e40377de083be9a"
-SRCREV_meta ?= "c2d64b008142d2a2bc9c8cca8a3d579a62275122"
+SRCREV_machine ?= "dcd3b533c5f6bc4698d5b09aa83ce9a4695df3b0"
+SRCREV_meta ?= "66de7a6f2687cdaf5169ce5b57dd35f508be1682"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 8b83b5a8de..12e462228f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "86627fc3da74aefec1338724a597356e6b8ad88b"
-SRCREV_meta ?= "c2d64b008142d2a2bc9c8cca8a3d579a62275122"
+SRCREV_machine ?= "c7e10f06a33a546bcdd0b2e2909459b7572b5443"
+SRCREV_meta ?= "66de7a6f2687cdaf5169ce5b57dd35f508be1682"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 0b373c40fe..4e341713f6 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,17 +13,17 @@ KBRANCH:qemux86  ?= "v5.15/standard/base"
 KBRANCH:qemux86-64 ?= "v5.15/standard/base"
 KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "4915b05912ee7d15224eb9064ca63678f0bc6815"
-SRCREV_machine:qemuarm64 ?= "660bf605998f60fd77f24d3316b95b14ef2fa035"
-SRCREV_machine:qemumips ?= "38bf282c052b70c1c6dd79dc6ae49da1ec1c7de8"
-SRCREV_machine:qemuppc ?= "ac4a5d99364cede21dc1838213f7fb29e1735969"
-SRCREV_machine:qemuriscv64 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
-SRCREV_machine:qemuriscv32 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
-SRCREV_machine:qemux86 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
-SRCREV_machine:qemux86-64 ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
-SRCREV_machine:qemumips64 ?= "2923c39cc815e2109c9bfc0985adcd8d342fc415"
-SRCREV_machine ?= "1c5699ee85d4ffe1be2bea17f4587375bf3877f6"
-SRCREV_meta ?= "c2d64b008142d2a2bc9c8cca8a3d579a62275122"
+SRCREV_machine:qemuarm ?= "e5f2cf3560139bbaad54796c323d60e66cc19374"
+SRCREV_machine:qemuarm64 ?= "d8835a4d4e9d4ea835316cd1843d62e30c5fef33"
+SRCREV_machine:qemumips ?= "0f802d6525c21abe586c833074fece3e665a9ed9"
+SRCREV_machine:qemuppc ?= "84f529230ca9f2ec20517821f7422d62e43ab808"
+SRCREV_machine:qemuriscv64 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
+SRCREV_machine:qemuriscv32 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
+SRCREV_machine:qemux86 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
+SRCREV_machine:qemux86-64 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
+SRCREV_machine:qemumips64 ?= "ea2140a5f0cf7b8351982f60d3b30a4657ab0919"
+SRCREV_machine ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
+SRCREV_meta ?= "66de7a6f2687cdaf5169ce5b57dd35f508be1682"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
-- 
2.25.1

[OE-core][kirkstone 15/32] linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/5.15:

    da5513f30187 libbpf: Fix build warning on ref_ctr_off

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb75d561256c794baf6c89c1975967343145da87)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.15.bb              |  4 ++--
 .../linux/linux-yocto-tiny_5.15.bb            |  4 ++--
 meta/recipes-kernel/linux/linux-yocto_5.15.bb | 24 +++++++++----------
 3 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 63294f5bb6..3dac2fbcd2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,8 +11,8 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "dcd3b533c5f6bc4698d5b09aa83ce9a4695df3b0"
-SRCREV_meta ?= "66de7a6f2687cdaf5169ce5b57dd35f508be1682"
+SRCREV_machine ?= "6a972b54f014ca67588d73f32058c42af0bd856e"
+SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 12e462228f..3dd2ecdf6f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "c7e10f06a33a546bcdd0b2e2909459b7572b5443"
-SRCREV_meta ?= "66de7a6f2687cdaf5169ce5b57dd35f508be1682"
+SRCREV_machine ?= "6e85c80a960287ec238f53c91eeade3456044fa3"
+SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 4e341713f6..dabbb82822 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86  ?= "v5.15/standard/base"
 KBRANCH:qemux86-64 ?= "v5.15/standard/base"
 KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "e5f2cf3560139bbaad54796c323d60e66cc19374"
-SRCREV_machine:qemuarm64 ?= "d8835a4d4e9d4ea835316cd1843d62e30c5fef33"
-SRCREV_machine:qemumips ?= "0f802d6525c21abe586c833074fece3e665a9ed9"
-SRCREV_machine:qemuppc ?= "84f529230ca9f2ec20517821f7422d62e43ab808"
-SRCREV_machine:qemuriscv64 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
-SRCREV_machine:qemuriscv32 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
-SRCREV_machine:qemux86 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
-SRCREV_machine:qemux86-64 ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
-SRCREV_machine:qemumips64 ?= "ea2140a5f0cf7b8351982f60d3b30a4657ab0919"
-SRCREV_machine ?= "4c5a089621a8f395f020f6c2f4c578aafa155011"
-SRCREV_meta ?= "66de7a6f2687cdaf5169ce5b57dd35f508be1682"
+SRCREV_machine:qemuarm ?= "24c30a8e9f8385f6d74785aa345f5731321b6c41"
+SRCREV_machine:qemuarm64 ?= "c3caed57192735dc74adff939ea35af248a11177"
+SRCREV_machine:qemumips ?= "3bed92886dc9177ce0076dada5056cbe83ec11f0"
+SRCREV_machine:qemuppc ?= "45cbeb05d362ee51b7836a7faa07958670110c38"
+SRCREV_machine:qemuriscv64 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
+SRCREV_machine:qemuriscv32 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
+SRCREV_machine:qemux86 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
+SRCREV_machine:qemux86-64 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
+SRCREV_machine:qemumips64 ?= "2642cdd862a63f5a8c2774f372f3d3424991b1b9"
+SRCREV_machine ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
+SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "71e496bd338221709b180b60ba419fa542c2b320"
+SRCREV_machine:class-devupstream ?= "d68f50bfb00f6288e812be895ea5c77932a4b9dd"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v5.15/base"
 
-- 
2.25.1

[OE-core][kirkstone 16/32] linux-yocto/5.15: update to v5.15.84

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    d68f50bfb00f Linux 5.15.84
    972707bae3d7 net: fec: properly guard irq coalesce setup
    289721fe0993 ASoC: ops: Correct bounds check for second channel on SX controls
    de0866b94a64 nvme-pci: clear the prp2 field when not used
    8bffa95ac19f perf: Fix perf_pending_task() UaF
    825bd2af4227 ASoC: cs42l51: Correct PGA Volume minimum value
    91582b3a1ab2 net: fec: don't reset irq coalesce settings to defaults on "ip link up"
    c772dab247f1 can: mcba_usb: Fix termination command argument
    aa822de7de3b can: sja1000: fix size of OCR_MODE_MASK define
    09e08740d78c pinctrl: meditatek: Startup with the IRQs disabled
    172a95026f06 libbpf: Use page size as max_entries when probing ring buffer map
    cf611d786796 ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
    a74b88e17025 ASoC: fsl_micfil: explicitly clear CHnF flags
    afac1e7d78eb ASoC: fsl_micfil: explicitly clear software reset bit
    9d933af8fef3 nfp: fix use-after-free in area_cache_get()
    e1a4f5880d00 vfs: fix copy_file_range() averts filesystem freeze protection
    86e28ed25b00 x86/vdso: Conditionally export __vdso_sgx_enter_enclave()
    fd6d66840b42 Linux 5.15.83
    f895511de9d2 io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
    f435c66d2336 io_uring: move to separate directory
    d9e1e5d8a74c block: move CONFIG_BLOCK guard to top Makefile
    e5c0bc4ff5b0 can: esd_usb: Allow REC and TEC to return to zero
    db6343a5b0d9 s390/qeth: fix use-after-free in hsci
    a56c1cebe4a0 s390/qeth: fix various format strings
    a6dba316c93e macsec: add missing attribute validation for offload
    40500f1f4745 net: mvneta: Fix an out of bounds check
    b9274dbe3999 net: thunderbolt: fix memory leak in tbnet_open()
    7390c70bd431 ipv6: avoid use-after-free in ip6_fragment()
    1beb475892f7 net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq()
    b08412a9cf26 net: phy: mxl-gpy: fix version reporting
    dec5abd91abc xen/netback: fix build warning
    54d830e24247 dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove()
    c7adcbd0fd3f ethernet: aeroflex: fix potential skb leak in greth_init_rings()
    d962d42d6376 tipc: call tipc_lxc_xmit without holding node_read_lock
    f3b5dda26cd0 net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
    5dab6fa068d7 ipv4: Fix incorrect route flushing when table ID 0 is used
    ac566bd5770f ipv4: Fix incorrect route flushing when source address is deleted
    af4ccae4b704 tipc: Fix potential OOB in tipc_link_proto_rcv()
    b8ce0e6f9f88 net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
    16854177745a net: mdio: fix unbalanced fwnode reference count in mdio_device_release()
    6f4798ac9c9e net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
    114e65a22189 net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
    51c04945756a net: microchip: sparx5: Fix missing destroy_workqueue of mact_queue
    99eec0a766f9 ip_gre: do not report erspan version on GRE interface
    2891957853f2 net: stmmac: fix "snps,axi-config" node property parsing
    5cb8f1a784fd gpio/rockchip: fix refcount leak in rockchip_gpiolib_register()
    b8c2f0392d1d nvme initialize core quirks before calling nvme_init_subsystem
    908b2da426fe NFC: nci: Bounds check struct nfc_target arrays
    d841cc156304 i40e: Disallow ip4 and ip6 l4_4_bytes
    625a13850b31 i40e: Fix for VF MAC address 0
    5538794dbd42 i40e: Fix not setting default xps_cpus after reset
    a6b30598fec8 net: mvneta: Prevent out of bounds read in mvneta_config_rss()
    e6e897d4fe2f xen-netfront: Fix NULL sring after live migration
    eefd8953a748 octeontx2-pf: Fix potential memory leak in otx2_init_tc()
    f88acaed07b1 net: mdiobus: fix double put fwnode in the error path
    cc62d76928e0 net: mdiobus: fwnode_mdiobus_register_phy() rework error handling
    ea113b570eee net: encx24j600: Fix invalid logic in reading of MISTAT register
    8aae746d065c net: encx24j600: Add parentheses to fix precedence
    a110287ef4a4 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
    e046421bed5a selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload
    4fa8988a36d5 net: dsa: sja1105: Check return value
    b35be171dfe6 net: dsa: hellcreek: Check return value
    a4c342e645d6 net: dsa: ksz: Check return value
    edf7284a9829 Bluetooth: Fix not cleanup led when bt_init fails
    3322193949ac Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
    6c88c764e0c4 vmxnet3: use correct intrConf reference when using extended queues
    5ad0d85757f8 vmxnet3: correctly report encapsulated LRO packet
    5c014eb0ed6c af_unix: Get user_ns from in_skb in unix_diag_get_exact().
    807a01a32979 drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420
    eb96fd3983b2 net: broadcom: Add PTP_1588_CLOCK_OPTIONAL dependency for BCMGENET under ARCH_BCM2835
    16eb678bca8e igb: Allocate MSI-X vector when testing
    34c6367c946c e1000e: Fix TX dispatch condition
    4271515f189b gpio: amd8111: Fix PCI device reference count leak
    d57b60e9b355 drm/bridge: ti-sn65dsi86: Fix output polarity setting bug
    f8b29656013c netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark
    246bcd05ba6c ca8210: Fix crash by zero initializing data
    80dad8df5fc2 ieee802154: cc2520: Fix error return code in cc2520_hw_init()
    dd9dcfb85c65 drm/vmwgfx: Fix race issue calling pin_user_pages
    7b09ba9036b2 netfilter: nft_set_pipapo: Actually validate intervals in fields after the first one
    6daaa84b6214 gpiolib: fix memory leak in gpiochip_setup_dev()
    1a1075d37108 gpiolib: check the 'ngpios' property in core gpiolib code
    70c5515c1c30 gpiolib: improve coding style for local variables
    3b714f25fc59 clk: Fix pointer casting to prevent oops in devm_clk_release()
    c142cba37de2 can: af_can: fix NULL pointer dereference in can_rcv_filter
    104bb1f67e3c HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
    f755d11c55b2 HID: core: fix shift-out-of-bounds in hid_report_raw_event
    2d4b310c32d4 HID: hid-lg4ff: Add check for empty lbuf
    5e8021ae0865 HID: usbhid: Add ALWAYS_POLL quirk for some mice
    5e88c6f4aaa7 net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
    1074fefce9cc drm/shmem-helper: Avoid vm_open error paths
    83e3da8bb92f drm/shmem-helper: Remove errant put in error path
    249011f4c3b8 drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend
    1e4fe9a1546f drm/vmwgfx: Don't use screen objects when SEV is active
    f6550976fe22 KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field
    fe50a9bbeb1f net: mana: Fix race on per-CQ variable napi work_done
    a49894a5ac36 Bluetooth: Fix crash when replugging CSR fake controllers
    1dee2b504771 Bluetooth: btusb: Add debug message for CSR controllers
    3ac29732a2ff mm/gup: fix gup_pud_range() for dax
    aad8bbd17a1d memcg: fix possible use-after-free in memcg_write_event_control()
    6fb8bc29bfa8 media: v4l2-dv-timings.c: fix too strict blanking sanity checks
    a4c575541eeb Revert "ARM: dts: imx7: Fix NAND controller size-cells"
    28abc1145924 soundwire: intel: Initialize clock stop timeout
    22d800b378e4 media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
    5d0fa6fc8899 xen/netback: don't call kfree_skb() with interrupts disabled
    4422241ceffc xen/netback: do some code cleanup
    0fe29bd92594 xen/netback: Ensure protocol headers don't fall in the non-linear area
    f01677be31d1 drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read()
    ee2536830b16 cifs: fix use-after-free caused by invalid pointer `hostname`
    dc62f05f666c rtc: cmos: avoid UIP when reading alarm time
    48ea4199af85 rtc: cmos: avoid UIP when writing alarm time
    3f52afc6ed93 rtc: mc146818-lib: extract mc146818_avoid_UIP
    1a3f8c6cd29d mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
    79ad784c9d21 mm/khugepaged: fix GUP-fast interaction by sending IPI
    d15cd6de0123 mm/khugepaged: take the right locks for page table retraction
    26f084e55466 net: usb: qmi_wwan: add u-blox 0x1342 composition
    029a7f1c5d70 9p/xen: check logical size for buffer size
    b398832893c8 usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer
    e70a5724400a fbcon: Use kzalloc() in fbcon_prepare_logo()
    fd3768597d2a regulator: twl6030: fix get status of twl6032 regulators
    9f74b9aa8d58 ASoC: soc-pcm: Add NULL check in BE reparenting
    dae93f4168c4 btrfs: send: avoid unaligned encoded writes when attempting to clone range
    f54e1edf579d selftests/net: Find nettest in current directory
    fccd454129f6 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
    542a563bb751 regulator: slg51000: Wait after asserting CS pin
    3d1b5fde360e 9p/fd: Use P9_HDRSZ for header size
    fe2d44e86e96 ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions
    e945f3d809ed ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188
    c3b818c91a11 spi: mediatek: Fix DEVAPC Violation at KO Remove
    d9f0107be1a9 ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register
    7ae0262748e5 ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
    d81c62e3121f ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels
    66717ad03b80 fs: use acquire ordering in __fget_light()
    1222e2364ac7 ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name
    996fb29b06b6 arm64: dts: rockchip: fix ir-receiver node names
    752138ef89e8 ARM: dts: rockchip: fix ir-receiver node names
    8045971e40cd arm: dts: rockchip: remove clock-frequency from rtc
    5e9fb8013ac9 arm: dts: rockchip: fix node name for hym8563 rtc
    2ed7137e911a arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series
    5a1122e1a896 mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse()
    282f52c954a8 clk: Provide new devm_clk helpers for prepared and enabled clocks
    eb94a7a20f3c clk: generalize devm_clk_get() a bit
    d9790301361c Linux 5.15.82
    48642f94311b proc: proc_skip_spaces() shouldn't think it is working on C strings
    3eb9213f6612 proc: avoid integer type confusion in get_proc_long
    4a4073a2e2fe ipc/sem: Fix dangling sem_array access in semtimedop race
    53b9b1201e34 Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
    571b6bbbf54d char: tpm: Protect tpm_pm_suspend with locks
    f39891cfe79b Revert "clocksource/drivers/riscv: Events are stopped during CPU suspend"
    a759057af728 ACPI: HMAT: Fix initiator registration for single-initiator systems
    da8a794d71ec ACPI: HMAT: remove unnecessary variable initialization
    2d16161a2c98 i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
    950a05cb15e3 i2c: npcm7xx: Fix error handling in npcm_i2c_init()
    db3f8da033d9 serial: stm32: Deassert Transmit Enable on ->rs485_config()
    45f628f4fd81 serial: stm32: Use TC interrupt to deassert GPIO RTS in RS485 mode
    c60eae5b1d0b serial: stm32: Factor out GPIO RTS toggling into separate function
    041f8dc88292 ipv4: Fix route deletion when nexthop info is not specified
    25174d91e4a3 ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
    a0ad247e55ea selftests: net: fix nexthop warning cleanup double ip typo
    532847b69c29 selftests: net: add delete nexthop route warning test
    e0783558817d Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled
    723fa02e0e0a parisc: Increase FRAME_WARN to 2048 bytes on parisc
    b951ab4b35ba mm: migrate: fix THP's mapcount on isolation
    c5eda6029cf9 mm: __isolate_lru_page_prepare() in isolate_migratepages_block()
    bdb613ef179a iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
    b6eea8b2e858 iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
    787d81d4eb15 nvme: fix SRCU protection of nvme_ns_head list
    12f237200c16 riscv: kexec: Fixup irq controller broken in kexec crash path
    ac00301adb19 riscv: fix race when vmap stack overflow
    fa7a7d185ef3 riscv: Sync efi page table's kernel mappings before switching
    d86d69892545 pinctrl: single: Fix potential division by zero
    98b15c706644 ASoC: ops: Fix bounds check for _sx controls
    f88a6977f8b9 KVM: x86/mmu: Fix race condition in direct_page_fault
    df4b177b4851 io_uring/poll: fix poll_refs race with cancelation
    4b702b7d11ce io_uring: make poll refs more robust
    1d58849ac26f io_uring: cmpxchg for poll arm refs release
    cd1981a8c30d io_uring: fix tw losing poll events
    62321dc7b081 io_uring: update res mask in io_poll_check_events
    417d5ea6e735 tracing: Free buffers when a used dynamic event is removed
    52fc245d150c tracing: Fix race where histograms can be called before the event
    cb2b0612cd25 tracing/osnoise: Fix duration type
    615a996ff397 drm/i915: Never return 0 if not all requests retired
    01a2b25ef2cd drm/i915: Fix negative value passed as remaining time
    ff1591ba33b8 drm/amdgpu: enable Vangogh VCN indirect sram mode
    ac2d7fa90848 drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame
    57ee7bc4c60a mmc: sdhci: Fix voltage switch delay
    bb8f8095143e mmc: sdhci-sprd: Fix no reset data and command after voltage switch
    4c7681c1a52f mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
    01dbe4db590a mmc: core: Fix ambiguous TRIM and DISCARD arg
    738946e35504 mmc: mmc_test: Fix removal of debugfs file
    635d0517348e net: stmmac: Set MAC's flow control register to reflect current settings
    9132dcdf3bf6 v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
    76ad884be092 pinctrl: intel: Save and restore pins in "direct IRQ" mode
    41296b85fafa x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3
    33021419fd81 nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
    2e44dd9a8dd6 tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep"
    b60a8ad771fd error-injection: Add prompt for function error injection
    757eb00c4c40 ALSA: dice: fix regression for Lexicon I-ONIX FW810S
    a1a96a6f302c riscv: mm: Proper page permissions after initmem free
    823df3607d8b riscv: vdso: fix section overlapping under some conditions
    6e035d5a2a6b hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
    7692700ac818 hwmon: (coretemp) Check for null before removing sysfs attrs
    9b5836b9c4b0 net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed
    0dfb9a566327 sctp: fix memory leak in sctp_stream_outq_migrate()
    fcb3e0216156 packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
    04b995e96322 net: tun: Fix use-after-free in tun_detach()
    43ca0adf79e5 afs: Fix fileserver probe RTT handling
    543d917f691a net: mdiobus: fix unbalanced node reference count
    dca370e575d9 net: hsr: Fix potential use-after-free
    1daec0815655 tipc: re-fetch skb cb after tipc_msg_validate
    16a64dc26545 dsa: lan9303: Correct stat name
    766086ea8ca7 net: wwan: iosm: fix dma_alloc_coherent incompatible pointer type
    c667751a4265 net: wwan: iosm: fix kernel test robot reported error
    9c584d6d9cfb net: ethernet: nixge: fix NULL dereference
    8782b32ef867 net/9p: Fix a potential socket leak in p9_socket_open
    6fc9425bff4b net: net_netdev: Fix error handling in ntb_netdev_init_module()
    3bc893ef36f9 net: ethernet: ti: am65-cpsw: fix error handling in am65_cpsw_nuss_probe()
    7730904f50c7 net: phy: fix null-ptr-deref while probe() failed
    59b54f0563b6 wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
    dc0853f8b502 wifi: cfg80211: don't allow multi-BSSID in S1G
    88a6fe370788 wifi: cfg80211: fix buffer overflow in elem comparison
    08fff7aaeb7e aquantia: Do not purge addresses when setting the number of rings
    2a7aa52573da qlcnic: fix sleep-in-atomic-context bugs caused by msleep
    7b734d26f037 can: m_can: Add check for devm_clk_get
    ea8dc27bb044 can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods
    b1d2a8e02acc can: etas_es58x: es58x_init_netdev(): free netdev when register_candev()
    e53da04e37e4 can: cc770: cc770_isa_probe(): add missing free_cc770dev()
    d452a71995cb can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
    372eb550faa0 net/mlx5e: Fix use-after-free when reverting termination table
    839eeab03c83 net/mlx5: Fix uninitialized variable bug in outlen_write()
    34feea3bfb37 net/mlx5: DR, Fix uninitialized var warning
    3485ef2aabeb net/mlx5: DR, Rename list field in matcher struct to list_node
    9fc27d22cdb9 e100: Fix possible use after free in e100_xmit_prepare
    0d9f5bd54b91 iavf: Fix error handling in iavf_init_module()
    b0b2b9050c17 iavf: remove redundant ret variable
    69501d820508 fm10k: Fix error handling in fm10k_init_module()
    5e3657dede36 i40e: Fix error handling in i40e_init_module()
    7109e9410992 ixgbevf: Fix resource leak in ixgbevf_init_module()
    196ea810e21c of: property: decrement node refcount in of_fwnode_get_reference_args()
    36164db278a8 nvmem: rmem: Fix return value check in rmem_read()
    e3761831674a bpf: Do not copy spin lock field from user in bpf_selem_alloc
    45f6e8186374 hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
    a90251376c3e hwmon: (i5500_temp) fix missing pci_disable_device()
    eeb31b828daf hwmon: (ina3221) Fix shunt sum critical calculation
    9514b95cac51 hwmon: (ltc2947) fix temperature scaling
    0140e079a420 libbpf: Handle size overflow for ringbuf mmap
    06d5790e7df5 ARM: at91: rm9200: fix usb device clock id
    d074f173fbd1 scripts/faddr2line: Fix regression in name resolution on ppc64le
    ee3d37d79610 bpf, perf: Use subprog name when reporting subprog ksymbol
    ec02fc0a4101 iio: light: rpr0521: add missing Kconfig dependencies
    f7419fc42afc iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
    e7e76a77aabe iio: health: afe4403: Fix oob read in afe4403_read_raw
    ebdca90efbb5 drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read"
    c365d3c3e512 drm/amdgpu: update drm_display_info correctly when the edid is read
    df5346466e51 drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
    044da1a371a0 btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
    da86809ab822 btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker
    5d66eadc1cc3 spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock
    6b4544a13179 btrfs: free btrfs_path before copying inodes to userspace
    c7ae3becee72 btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
    acc2f40b980c erofs: fix order >= MAX_ORDER warning due to crafted negative i_size
    ca9f27448af0 drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
    c2f2972889eb drm/i915: Create a dummy object for gen6 ppgtt
    918002bdbe43 arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
    e4a7232c917c Linux 5.15.81
    5c5c563a0817 cifs: fix missed refcounting of ipc tcon
    ee2d04f23bbb drm/i915: fix TLB invalidation for Gen12 video and compute engines
    bef834845d89 drm/amdgpu: always register an MMU notifier for userptr
    7901de7aa833 drm/amdgpu: Enable Aldebaran devices to report CU Occupancy
    e7bf1fe53817 drm/amd/display: No display after resume from WB/CB
    5033cba00c71 drm/amd/dc/dce120: Fix audio register mapping, stop triggering KASAN
    b8dc24590923 btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
    914baca57af7 btrfs: use kvcalloc in btrfs_get_dev_zone_info
    c1e6d4bfdee3 btrfs: zoned: fix missing endianness conversion in sb_write_pointer
    d88bf6be02de btrfs: free btrfs_path before copying subvol info to userspace
    f218b404fc0e btrfs: free btrfs_path before copying fspath to userspace
    fea9397101c1 btrfs: free btrfs_path before copying root refs to userspace
    7d0c25b5fe54 genirq: Take the proposed affinity at face value if force==true
    f17657cce069 irqchip/gic-v3: Always trust the managed affinity provided by the core code
    52a93f2dcf6c genirq: Always limit the affinity to online CPUs
    599cf4b84526 genirq/msi: Shutdown managed interrupts with unsatifiable affinities
    7aed1dd5d221 wifi: wilc1000: validate number of channels
    e9de501cf70d wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
    143232cb5a4c wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
    cd9c4869710b wifi: wilc1000: validate pairwise and authentication suite offsets
    f2fb18d429c3 fuse: lock inode unconditionally in fuse_fallocate()
    bb1c33bdf409 dm integrity: clear the journal on suspend
    20ad31b09e98 dm integrity: flush the journal on suspend
    5ca2110ba5e3 gpu: host1x: Avoid trying to use GART on Tegra20
    97f47617e813 scsi: iscsi: Fix possible memory leak when device_register() failed
    56ab7f237e7e net: usb: qmi_wwan: add Telit 0x103a composition
    e2e33f213dea tcp: configurable source port perturb table size
    269928e5c7bb platform/x86: ideapad-laptop: Fix interrupt storm on fn-lock toggle on some Yoga laptops
    17d995dc69c8 platform/x86: hp-wmi: Ignore Smart Experience App event
    e85bdc78720c zonefs: fix zone report size in __zonefs_io_error()
    982fcd83fb16 drm/amdgpu: disable BACO support on more cards
    ea11f8197dad platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017)
    09af15e69196 platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr()
    ba040bea9deb xen/platform-pci: add missing free_irq() in error path
    6815b2087d23 xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
    4c13ddb74f2c ASoC: stm32: dfsdm: manage cb buffers cleanup
    dd82295a23bc Input: i8042 - apply probe defer to more ASUS ZenBook models
    e12e121feb63 Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[]
    9f5c167074d3 Input: soc_button_array - add use_low_level_irq module parameter
    aaef86eac9e2 Input: goodix - try resetting the controller when no config is set
    e2223f5fbbb8 serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios()
    4e208294de45 tools: iio: iio_generic_buffer: Fix read size
    0d0e2545fa92 ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
    e394cf9d7a83 Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
    96b5d1177752 x86/ioremap: Fix page aligned size calculation in __ioremap_caller()
    d048f7481524 x86/pm: Add enumeration check before spec MSRs save/restore setup
    070e3560bf04 x86/tsx: Add a feature bit for TSX control MSR support
    1430c98ebbe7 KVM: x86: remove exit_int_info warning in svm_handle_exit
    27550a5930bb KVM: x86: add kvm_leave_nested
    3e87cb0caa25 KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use
    6425c590d0cc KVM: x86: forcibly leave nested mode on vCPU reset
    f42ebf972a9f KVM: x86: nSVM: leave nested mode on vCPU free
    7b3c9405b272 mm: vmscan: fix extreme overreclaim and swap floods
    feb2eda5e11f gcov: clang: fix the buffer overflow issue
    ea6aa25c9ac0 nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
    9d97a9fbfc11 usb: dwc3: gadget: Clear ep descriptor last
    02632ea4dfaa usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
    765ca3e63f37 usb: dwc3: gadget: conditionally remove requests
    7945cbf8666a bus: ixp4xx: Don't touch bit 7 on IXP42x
    39c039018a2c iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails
    0791a5ddbac2 iio: light: apds9960: fix wrong register for gesture gain
    f0158b9bfcc2 arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency
    277d19ec283d ext4: fix use-after-free in ext4_ext_shift_extents
    c9d133100bce usb: cdnsp: fix issue with ZLP - added TD_SIZE = 1
    c2ad434cd4b2 usb: cdnsp: Fix issue with Clear Feature Halt Endpoint
    1d91c648874e usb: dwc3: exynos: Fix remove() function
    0a216625c3ab KVM: arm64: pkvm: Fixup boot mode to reflect that the kernel resumes from EL1
    f0044a4a31c9 mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI
    8e6940979bb8 mmc: sdhci-brcmstb: Enable Clock Gating to save power
    24b46bfa9661 mmc: sdhci-brcmstb: Re-organize flags
    227543ccacf8 nios2: add FORCE for vmlinuz.gz
    6a4ea16a6734 init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
    c4a9046c2735 lib/vdso: use "grep -E" instead of "egrep"
    5fefdceafb78 s390/crashdump: fix TOD programmable field size
    592b6fd74afd net: thunderx: Fix the ACPI memory leak
    697eb30a3534 octeontx2-af: Fix reference count issue in rvu_sdp_init()
    6ba1687ea102 octeontx2-pf: Add check for devm_kcalloc
    26c31e7c73d4 net: enetc: preserve TX ring priority across reconfiguration
    0e16bbf616cc net: enetc: cache accesses to &priv->si->hw
    68de40f66a5a net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled
    5c0858e1426b nfc: st-nci: fix incorrect sizing calculations in EVT_TRANSACTION
    e09243fb160b nfc: st-nci: fix memory leaks in EVT_TRANSACTION
    dca20b7a1959 nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
    67d638f8efc4 s390/dasd: fix no record found for raw_track_access
    88277853cf8a arcnet: fix potential memory leak in com20020_probe()
    1d44ec8507b7 ipv4: Fix error return code in fib_table_insert()
    918e83c6bfa7 dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
    8ce9b1c97fce fs: do not update freeing inode i_io_list
    8db9e60cdfda netfilter: flowtable_offload: add missing locking
    c1da3bfca111 netfilter: ipset: restore allowing 64 clashing elements in hash:net,iface
    606091b2f6dc dma-buf: fix racing conflict of dma_heap_add()
    8af9450befba bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
    251bcf6cfb35 regulator: twl6030: re-add TWL6032_SUBCLASS
    6258a8f91304 NFC: nci: fix memory leak in nci_rx_data_packet()
    ffe6021154ea net: sched: allow act_ct to be built without NF_NAT
    a05c0f9511d0 net: sparx5: fix error handling in sparx5_port_open()
    182ef20f0f1c sfc: fix potential memleak in __ef100_hard_start_xmit()
    2da022fac96d net: wwan: iosm: use ACPI_FREE() but not kfree() in ipc_pcie_read_bios_cfg()
    a48b345b87f9 xfrm: Fix ignored return value in xfrm6_init()
    19989e163595 xfrm: Fix oops in __xfrm_state_delete()
    46d450067fc0 tipc: check skb_linearize() return value in tipc_disc_rcv()
    33fb115a76ae tipc: add an extra conn_get in tipc_conn_alloc
    4ae907c45fca tipc: set con sock in tipc_conn_alloc
    ef866d9ea922 net/mlx5: Fix handling of entry refcount when command is not issued to FW
    3101318939f5 net/mlx5: Fix FW tracer timestamp calculation
    1eaabb5bbbb6 net/mlx5: Do not query pci info while pci disabled
    8180099b2aea netfilter: ipset: regression in ip_set_hash_ip.c
    448b6273706c Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register()
    082c31cb99d8 Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work()
    7fdd9daa5b12 macsec: Fix invalid error code set
    e8fb93a0792c nfp: add port from netdev validation for EEPROM access
    e44e424ed95f nfp: fill splittable of devlink_port_attrs correctly
    527046c13815 net: pch_gbe: fix pci device refcount leak while module exiting
    f77c84dd5b28 octeontx2-af: debugsfs: fix pci device refcount leak
    cd581ffd8dda net/qla3xxx: fix potential memleak in ql3xxx_send()
    a8976074e2cb net: mvpp2: fix possible invalid pointer dereference
    3a4cc56cd17d net/mlx4: Check retval of mlx4_bitmap_init
    c368220e1780 net: ethernet: mtk_eth_soc: fix error handling in mtk_open()
    d9729437b28f ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
    1c0b6a97c478 ARM: mxs: fix memory leak in mxs_machine_init()
    ecff08f3c469 iavf: Fix race condition between iavf_shutdown and iavf_remove
    31147d4e907c iavf: Do not restart Tx queues after reset task failure
    232942b26c54 iavf: Fix a crash during reset task
    0600615d010f netfilter: nf_tables: do not set up extensions for end interval
    60387731e69f netfilter: conntrack: Fix data-races around ct mark
    ee3ccd1abbe1 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
    131c2eeabc72 net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
    f58df483ff37 nfc/nci: fix race with opening and closing
    da22d7410afd net: dsa: sja1105: disallow C45 transactions on the BASE-TX MDIO bus
    38fe0988bd51 rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975]
    d92151b4659b rxrpc: Use refcount_t rather than atomic_t
    3c33e41fa5b3 rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc
    46cefa268958 net: liquidio: simplify if expression
    95500ee0b3bd selftests: mptcp: fix mibit vs mbit mix up
    f8c4da198eed selftests: mptcp: more stable simult_flows tests
    1c0efab08c9b ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl
    ade662f3f242 tee: optee: fix possible memory leak in optee_register_device()
    d1dd119134ba bus: sunxi-rsb: Support atomic transfers
    b1ed61e7066b bus: sunxi-rsb: Remove the shutdown callback
    61a41d1abc7c regulator: core: fix UAF in destroy_regulator()
    a85c0db3f5ad spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld()
    d9f9b3255b97 regulator: core: fix kobject release warning and memory leak in regulator_register()
    bd419c7c68bd ASoC: max98373: Add checks for devm_kcalloc
    f9bc4a18e7d5 scsi: storvsc: Fix handling of srb_status and capacity change events
    c2153fe2d0c6 x86/hyperv: Restore VP assist page after cpu offlining/onlining
    b2ddd7623712 ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
    dd62cb7e6fd4 ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
    d80ffd4823b6 ASoC: hdac_hda: fix hda pcm buffer overflow issue
    10bee7eb2a2f ARM: dts: am335x-pcm-953: Define fixed regulators in root node
    8fe533c0f909 af_key: Fix send_acquire race with pfkey_register
    0c69a4658e94 xfrm: replay: Fix ESN wrap around for GSO
    ecc6ce4fdf0d xfrm: fix "disable_policy" on ipv4 early demux
    5a792c1d4d77 MIPS: pic32: treat port as signed integer
    144452b42143 RISC-V: vdso: Do not add missing symbols to version section in linker script
    799970b8cc45 ALSA: usb-audio: add quirk to fix Hamedal C20 disconnect issue
    38b09dc14f7c Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10 properly""
    44d50fccf889 nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked
    5adc12d9e2b5 arm64/syscall: Include asm/ptrace.h in syscall_wrapper header.
    1340f02773ae block, bfq: fix null pointer dereference in bfq_bio_bfqg()
    86d4dca4a6ae drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
    b90e6234f57e scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
    cdbba6a4de39 scsi: ibmvfc: Avoid path failures during live migration
    6e8124a151bd platform/x86/intel/hid: Add some ACPI device IDs
    32735e24f47a platform/x86/intel/pmt: Sapphire Rapids PMT errata fix
    83a6823016f2 platform/x86: touchscreen_dmi: Add info for the RCA Cambio W101 v2 2-in-1
    f707986a1414 platform/x86: ideapad-laptop: Disable touchpad_switch
    5e38740ae545 Revert "net: macsec: report real_dev features when HW offloading is enabled"
    26b72202ee26 selftests/bpf: Add verifier test for release_reference()
    8395e3f98c4a spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run
    d04722f2809c wifi: ath11k: Fix QCN9074 firmware boot on x86
    9cc96a20a92a wifi: mac80211: Fix ack frame idr leak when mesh has no route
    86f90014e767 wifi: airo: do not assign -1 to unsigned char
    f5558fbda022 audit: fix undefined behavior in bit shift for AUDIT_BIT
    af5de982ffc9 riscv: dts: sifive unleashed: Add PWM controlled LEDs
    ee34a19dbe2a wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
    3513785dc13f wifi: mac80211: fix memory free error when registering wiphy fail
    855485d31e2a ceph: fix NULL pointer dereference for req->r_session
    729c9ad2940e ceph: Use kcalloc for allocating multiple elements
    d276fb4a7eb8 binder: validate alloc->mm in ->mmap() handler
    5277e3d633a5 x86/sgx: Add overflow check in sgx_validate_offset_length()
    b5a838ba47f2 x86/sgx: Create utility to validate user provided offset and length
    2f6e2de3a528 ceph: avoid putting the realm twice when decoding snaps fails
    8bef55d7934d ceph: do not update snapshot context when there is no new snapshot
    cdee3136c966 iio: pressure: ms5611: fixed value compensation bug
    5d6696e79d94 iio: ms5611: Simplify IO callback parameters
    f0ee88e83ce9 nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV7000
    a61716cd2401 nvme-pci: disable write zeroes on various Kingston SSD
    19b60f336317 nvme-pci: disable namespace identifiers for the MAXIO MAP1001
    d537e1930640 nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
    af03ce894c9c nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH
    c6803faa6a6d drm/display: Don't assume dual mode adaptors support i2c sub-addressing
    d2284fe43c63 ata: libata-core: do not issue non-internal commands once EH is pending
    e09583e83e4a ata: libata-scsi: simplify __ata_scsi_queuecmd()
    a9059e338fc0 cifs: Fix connections leak when tlink setup failed
    81d583baa5f1 cifs: support nested dfs links over reconnect
    dbc0ea91be28 cifs: split out dfs code from cifs_reconnect()
    b3ce844d234f cifs: introduce new helper for cifs_reconnect()
    2ea600b598dd sctp: clear out_curr if all frag chunks of current msg are pruned
    1f9f346fbb78 sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent
    e8915faa9f41 tty: serial: fsl_lpuart: don't break the on-going transfer when global reset
    bd19013935af serial: fsl_lpuart: Fill in rs485_supported
    87c81c19cda1 serial: Add rs485_supported to uart_port
    c08f4ea79f7a ASoC: fsl_asrc fsl_esai fsl_sai: allow CONFIG_PM=N
    d1e4288d2a63 ASoC: fsl_sai: use local device pointer
    71e496bd3382 Linux 5.15.80
    b63ddb3ba61e ntfs: check overflow when iterating ATTR_RECORDs
    ab6a1bb17e3c ntfs: fix out-of-bounds read in ntfs_attr_find()
    5330c423b862 ntfs: fix use-after-free in ntfs_attr_find()
    43bbadb7e463 net/9p: use a dedicated spinlock for trans_fd
    9357fca9dad7 mm: fs: initialize fsdata passed to write_begin/write_end interface
    b334ab4c3347 wifi: wext: use flex array destination for memcpy()
    0e07032b4b47 9p/trans_fd: always use O_NONBLOCK read/write
    7c7b7476b56e gfs2: Switch from strlcpy to strscpy
    28275a7c84d2 gfs2: Check sb_bsize_shift after reading superblock
    a4f1a01b2e81 9p: trans_fd/p9_conn_cancel: drop client lock earlier
    f7b0e95071bb kcm: close race conditions on sk_receive_queue
    27d706b0d394 kcm: avoid potential race in kcm_tx_work
    b49026d9c86f tcp: cdg: allow tcp_cdg_release() to be called multiple times
    e41cbf98df22 macvlan: enforce a consistent minimal mtu
    d5f7f6e63fed Input: i8042 - fix leaking of platform device on module removal
    c49cc2c059b5 kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
    71beab7119d0 scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
    a636772988ba scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
    cb7893c85ea8 net: use struct_group to copy ip/ipv6 header addresses
    9b8c0c88f414 tracing: Fix warning on variable 'struct trace_array'
    73cf0ff9a393 ring-buffer: Include dropped pages in counting dirty patches
    35c60b4e8ca7 perf: Improve missing SIGTRAP checking
    2ac6276864de serial: 8250_lpss: Use 16B DMA burst with Elkhart Lake
    b1a27b2aad93 nvme: ensure subsystem reset is single threaded
    bccece3c3331 nvme: restrict management ioctls to admin
    8cddb0d96b9c perf/x86/intel/pt: Fix sampling using single range output
    8e2f33c59837 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
    9a72a46cb01d docs: update mediator contact information in CoC doc
    a99a547658e5 mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
    4a1b6f7839d3 mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout
    fd285d421563 mmc: core: properly select voltage range without power cycle
    8a9bae5f1b53 firmware: coreboot: Register bus in module init
    052d0e79efe5 iommu/vt-d: Set SRE bit only when hardware has SRS cap
    c31a792a825a iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging entries
    11edbdee4399 scsi: zfcp: Fix double free of FSF request when qdio send fails
    fdf87b5b3087 net: phy: marvell: add sleep time after enabling the loopback bit
    9648d760edf4 maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault()
    fdd57c20d440 Input: iforce - invert valid length check when fetching device IDs
    0cafb719bed5 serial: 8250_lpss: Configure DMA also w/o DMA filter
    59f6596697f1 serial: 8250: Flush DMA Rx on RLSI
    118b52c2ae08 serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
    6ffce7a92ef5 dm ioctl: fix misbehavior if list_versions races with module loading
    2b104973f7fd iio: pressure: ms5611: changed hardcoded SPI speed to value limited
    1678d4abb2dc iio: adc: mp2629: fix potential array out of bound access
    bd22c232ead9 iio: adc: mp2629: fix wrong comparison of channel
    656f67061366 iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
    1bf8c0aff8fb iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
    afc0aea70261 usb: typec: mux: Enter safe mode only when pins need to be reconfigured
    8236628a549d usb: cdns3: host: fix endless superspeed hub port reset
    ead83b0db81f usb: chipidea: fix deadlock in ci_otg_del_timer
    cc9e6d8c55c9 usb: add NO_LPM quirk for Realforce 87U Keyboard
    70eca1d261b2 USB: serial: option: add Fibocom FM160 0x0111 composition
    1b6a54885c40 USB: serial: option: add u-blox LARA-L6 modem
    b0467d0059bc USB: serial: option: add u-blox LARA-R6 00B modem
    95688a8a5735 USB: serial: option: remove old LARA-R6 PID
    53dee78ea382 USB: serial: option: add Sierra Wireless EM9191
    e7764e88e6c4 USB: bcma: Make GPIO explicitly optional
    a190a83db284 speakup: fix a segfault caused by switching consoles
    b3c6edbee48e slimbus: stream: correct presence rate frequencies
    6b35ac831555 slimbus: qcom-ngd: Fix build error when CONFIG_SLIM_QCOM_NGD_CTRL=y && CONFIG_QCOM_RPROC_COMMON=m
    0f847462fea1 Revert "usb: dwc3: disable USB core PHY management"
    23ad214a8665 ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
    a36b505749c6 ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
    02b94885b2fd ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
    7176d6f3adb9 drm/amd/display: Add HUBP surface flip interrupt handler
    e57daa750369 tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit()
    3a41c0f2a5c3 tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()
    7291dec4f2d1 tracing: Fix race where eprobes can be called before the event
    6517b97134f7 tracing: Fix wild-memory-access in register_synth_event()
    07ba4f0603ab tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
    8b318f3032bf tracing/ring-buffer: Have polling block on watermark
    2c21ee020ce4 tracing: Fix memory leak in tracing_read_pipe()
    00f74b1a98a2 ring_buffer: Do not deactivate non-existant pages
    1bea037a1abb ftrace: Fix null pointer dereference in ftrace_add_mod()
    fadfcf39fbcd ftrace: Optimize the allocation for mcount entries
    5c5f2642898f ftrace: Fix the possible incorrect kernel message
    2ab249416244 cifs: add check for returning value of SMB2_set_info_init
    5783abda58d6 net: thunderbolt: Fix error handling in tbnet_init()
    80e590aeb132 net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
    4a55aec1425f cifs: Fix wrong return value checking when GETFLAGS
    c8baf1fc248b net/x25: Fix skb leak in x25_lapb_receive_frame()
    af4b57fa6bd0 net: ag71xx: call phylink_disconnect_phy if ag71xx_hw_enable() fail in ag71xx_open()
    61404a182eb5 cifs: add check for returning value of SMB2_close_init
    d3233f4bf3dd platform/surface: aggregator: Do not check for repeated unsequenced packets
    69691714035b platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized
    7d93417d5964 drbd: use after free in drbd_create_device()
    fc16a2c81a3e bridge: switchdev: Fix memory leaks when changing VLAN protocol
    3d90a668c4bc net: hns3: fix setting incorrect phy link ksettings for firmware in resetting process
    3f7b2ef8fe92 net: ena: Fix error handling in ena_init()
    2540eea1bdc3 net: ionic: Fix error handling in ionic_init_module()
    c08c13cb13fa xen/pcpu: fix possible memory leak in register_pcpu()
    97009f07f217 net: dsa: make dsa_master_ioctl() see through port_hwtstamp_get() shims
    88da008e5e2f net: mhi: Fix memory leak in mhi_net_dellink()
    8f839715d032 bnxt_en: Remove debugfs when pci_register_driver failed
    b88713d92bd3 net: caif: fix double disconnect client in chnl_net_open()
    6d2403416089 net: macvlan: Use built-in RCU list checking
    596230471da3 mISDN: fix misuse of put_device() in mISDN_register_device()
    07a6a8cf1712 net: liquidio: release resources when liquidio driver open failed
    19feb6cf4136 soc: imx8m: Enable OCOTP clock before reading the register
    8c54d706d829 net: stmmac: ensure tx function is not running in stmmac_xdp_release()
    6219f46c2b9d net: hinic: Fix error handling in hinic_module_init()
    7a05e3929668 mISDN: fix possible memory leak in mISDN_dsp_element_register()
    0ee6455c9cfa net: bgmac: Drop free_netdev() from bgmac_enet_remove()
    7ff4fa179e4e bpf: Initialize same number of free nodes for each pcpu_freelist
    12f178cf05f3 MIPS: Loongson64: Add WARN_ON on kexec related kmalloc failed
    a4d6e024bea2 MIPS: fix duplicate definitions for exported symbols
    44142b652a28 nfp: change eeprom length to max length enumerators
    f23058dc2398 ata: libata-transport: fix error handling in ata_tdev_add()
    67b219314628 ata: libata-transport: fix error handling in ata_tlink_add()
    e7bb1b7a7bf2 ata: libata-transport: fix error handling in ata_tport_add()
    377ff82c33c0 ata: libata-transport: fix double ata_host_put() in ata_tport_add()
    494df0b0efe8 arm64: dts: imx8mn: Fix NAND controller size-cells
    7178d568f7cc arm64: dts: imx8mm: Fix NAND controller size-cells
    8ccf18c82a0a ARM: dts: imx7: Fix NAND controller size-cells
    e884a6c2d49a drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
    07e56de8766f drm/drv: Fix potential memory leak in drm_dev_init()
    45c300613bee drm/panel: simple: set bpc field for logic technologies displays
    779f3f9e0cdc drm/vc4: kms: Fix IS_ERR() vs NULL check for vc4_kms
    97e5b508e961 pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
    9a77b8557fdb parport_pc: Avoid FIFO port location truncation
    5d03c2911c52 siox: fix possible memory leak in siox_device_add()
    530e987a0226 arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
    d4944497827a bpf: Fix memory leaks in __check_func_call
    25521fd2e217 block: sed-opal: kmalloc the cmd/resp buffers
    2f21d653c648 scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
    7cd28bc410d2 pinctrl: rockchip: list all pins in a possible mux route for PX30
    ab79b8dbe21e ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
    eaa8edd86514 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
    33cabe04d2c8 tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
    ae22294e213a serial: imx: Add missing .thaw_noirq hook
    26db1cd5191e serial: 8250: omap: Flush PM QOS work on remove
    e0db709a58bd serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in omap8250_remove()
    83b6d4d6da67 serial: 8250_omap: remove wait loop from Errata i202 workaround
    76db05ab7092 serial: 8250: omap: Fix missing PM runtime calls for omap8250_set_mctrl()
    2aee616a6b11 ARM: at91: pm: avoid soft resetting AC DLL
    188546c78006 ASoC: tas2764: Fix set_tdm_slot in case of single slot
    5782896daf65 ASoC: tas2770: Fix set_tdm_slot in case of single slot
    34eee4189bce ASoC: core: Fix use-after-free in snd_soc_exit()
    aa6f8aecbbf2 ARM: dts: at91: sama7g5: fix signal name of pin PB2
    487fff700f5f spi: stm32: Print summary 'callbacks suppressed' message
    2cec2f65c1e7 arm64: dts: qcom: sm8350-hdk: Specify which LDO modes are allowed
    44dbe66bb3ea arm64: dts: qcom: sm8250-xperia-edo: Specify which LDO modes are allowed
    8b2eae7def2b arm64: dts: qcom: sm8150-xperia-kumano: Specify which LDO modes are allowed
    c8e76eeea77c arm64: dts: qcom: sa8155p-adp: Specify which LDO modes are allowed
    30571f28bb35 hugetlbfs: don't delete error page from pagecache
    14ddbb83c342 KVM: x86/pmu: Do not speculatively query Intel GP PMCs that don't exist yet
    a9b964ed7cf9 spi: intel: Use correct mask for flash and protected regions
    f4eb68642ed3 mtd: spi-nor: intel-spi: Disable write protection only if asked
    156d0c823c59 ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source", "Routee" -> "Route"
    5907ff9f2c8f x86/cpu: Add several Intel server CPU model numbers
    41e37d04e397 Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
    b02a025dd188 btrfs: remove pointless and double ulist frees in error paths of qgroup tests
    1c366c206ff2 drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid
    1c8ded1b3879 i2c: i801: add lis3lv02d's I2C address for Vostro 5568
    b432581f19a0 i2c: tegra: Allocate DMA memory for DMA engine
    7b0ae4c7b918 firmware: arm_scmi: Cleanup the core driver removal callback
    1a8a2fef273d ACPI: x86: Add another system to quirk list for forcing StorageD3Enable
    8a03a4a5cf6d NFSv4: Retry LOCK on OLD_STATEID during delegation return
    49ca2227c47b btrfs: raid56: properly handle the error when unable to find the missing stripe
    0f7bd3a2dfe1 RDMA/efa: Add EFA 0xefa2 PCI ID
    a42d4363e78f ACPI: scan: Add LATT2021 to acpi_ignore_dep_ids[]
    004decd41b32 drm/amd/display: Remove wrong pipe control lock
    7779efbb99bf ASoC: rt1308-sdw: add the default value of some registers
    ef1e4ed85814 selftests/intel_pstate: fix build for ARCH=x86_64
    dfd3cc1ef3e2 selftests/futex: fix build for clang
    648467236c12 ASoC: Intel: sof_sdw: add quirk variant for LAPBC710 NUC15
    64ee750c29da ASoC: codecs: jz4725b: fix capture selector naming
    150b74cd0625 ASoC: codecs: jz4725b: use right control for Capture Volume
    5352d8b31572 ASoC: codecs: jz4725b: fix reported volume for Master ctl
    85134577a7f2 ASoC: codecs: jz4725b: add missed Line In power control bit
    5e61dffb16dc spi: intel: Fix the offset to get the 64K erase opcode
    c697cb2e6663 ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK
    569085124d75 ASoC: rt1019: Fix the TDM settings
    4160a515c75b ASoC: mt6660: Keep the pm_runtime enables before component stuff in mt6660_i2c_probe
    2963ec4535a1 ASoC: wm8997: Revert "ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe"
    30a2f9479c21 ASoC: wm5110: Revert "ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe"
    3bf6da38a292 ASoC: wm5102: Revert "ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe"
    94fa250ea55c mm: shmem: don't truncate page if memory failure happens
    003fa195911d mm: hwpoison: handle non-anonymous THP correctly
    a62b1bc603a1 mm: hwpoison: refactor refcount check handling
    3df0eeae4d9a Linux 5.15.79
    599b24eedf2a x86/cpu: Restore AMD's DE_CFG MSR after resume
    9132fa043f96 net: tun: call napi_schedule_prep() to ensure we own a napi
    1dea25e25acd drm/amdkfd: Migrate in CPU page fault use current mm
    a1c303fbd4dd marvell: octeontx2: build error: unknown type name 'u64'
    d948b228343a dmaengine: at_hdmac: Check return code of dma_async_device_register
    c556ecf32a07 dmaengine: at_hdmac: Fix impossible condition
    8a941ff34e53 dmaengine: at_hdmac: Don't allow CPU to reorder channel enable
    53831f7a13c3 dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors
    14f5462e4a00 dmaengine: at_hdmac: Fix descriptor handling when issuing it to hardware
    5482403228be dmaengine: at_hdmac: Fix concurrency over the active list
    82ca19414faa dmaengine: at_hdmac: Free the memset buf without holding the chan lock
    8fd36e069d65 dmaengine: at_hdmac: Fix concurrency over descriptor
    1ee012d452b1 dmaengine: at_hdmac: Fix concurrency problems by removing atc_complete_all()
    90c1b07406f0 dmaengine: at_hdmac: Protect atchan->status with the channel lock
    b5ee1fe06ad7 dmaengine: at_hdmac: Do not call the complete callback on device_terminate_all
    9bbf5df0fc8c dmaengine: at_hdmac: Fix premature completion of desc in issue_pending
    f7d1aaa90319 dmaengine: at_hdmac: Start transfer for cyclic channels in issue_pending
    e9777b4efcce dmaengine: at_hdmac: Don't start transactions at tx_submit level
    4e28674a0ecd dmaengine: at_hdmac: Fix at_lli struct definition
    49eba53137f5 cert host tools: Stop complaining about deprecated OpenSSL functions
    69e86c6268d5 can: j1939: j1939_send_one(): fix missing CAN header initialization
    81fc8f90b885 mm/shmem: use page_mapping() to detect page cache for uffd continue
    e91451af11f9 mm/memremap.c: map FS_DAX device memory as decrypted
    48998c1773a4 mm/damon/dbgfs: check if rm_contexts input is for a real context
    c736ed854160 udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
    2e87eddf5736 mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
    91c38504e589 btrfs: zoned: initialize device's zone info for seeding
    432c30ba3f56 btrfs: selftests: fix wrong error check in btrfs_free_dummy_root()
    c9fe4719c662 btrfs: fix match incorrectly in dev_args_match_device
    f96fd3693631 wifi: ath11k: avoid deadlock during regulatory update in ath11k_regd_update()
    8e2b576caf91 platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
    cb3ab0e1e074 drm/amdgpu: disable BACO on special BEIGE_GOBY card
    dc066a78500a drm/i915/dmabuf: fix sg_table handling in map_dma_buf
    afbd1188382a nilfs2: fix use-after-free bug of ns_writer on remount
    abc082aac0d9 nilfs2: fix deadlock in nilfs_count_free_blocks()
    589da2288197 ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
    51ae4579a5d5 vmlinux.lds.h: Fix placement of '.data..decrypted' section
    1f8e08ab3269 ALSA: usb-audio: Add DSD support for Accuphase DAC-60
    c2451f62b2bd ALSA: usb-audio: Add quirk entry for M-Audio Micro
    031d1480a0f4 ALSA: usb-audio: Yet more regression for for the delayed card registration
    574f51e4aa40 ALSA: hda/realtek: Add Positivo C6300 model quirk
    7140d7aaf93d ALSA: hda: fix potential memleak in 'add_widget_node'
    f6d7a487aabd ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
    1ccd55b3901b ALSA: hda/hdmi - enable runtime pm for more AMD display audio
    29100c674208 mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA
    3dce99e2eb06 mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
    9d6bd33e6aeb mmc: sdhci_am654: Fix SDHCI_RESET_ALL for CQHCI
    ad01f16ca90c mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
    1aa78c1d013c mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
    c198524a99cb MIPS: jump_label: Fix compat branch range check
    9713ceffa40a arm64: efi: Fix handling of misaligned runtime regions and drop warning
    518e49f0590d riscv: fix reserved memory setup
    d07c3d7491b4 riscv: vdso: fix build with llvm
    cc36c7fa5d93 riscv: process: fix kernel info leakage
    a8d67367ab33 net: macvlan: fix memory leaks of macvlan_common_newlink
    7b194dd32b13 ethernet: tundra: free irq when alloc ring failed in tsi108_open()
    7de10342fe14 net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open()
    88e1dd2d9291 ethernet: s2io: disable napi when start nic failed in s2io_card_up()
    3652f1f8d3ea net: atlantic: macsec: clear encryption keys from the stack
    fca3b0a1fd3e net: phy: mscc: macsec: clear encryption keys when freeing a flow
    60a0af8813fd stmmac: dwmac-loongson: fix missing of_node_put() while module exiting
    ee4a9bd2c7f4 stmmac: dwmac-loongson: fix missing pci_disable_device() in loongson_dwmac_probe()
    4a8770eebc39 stmmac: dwmac-loongson: fix missing pci_disable_msi() while module exiting
    83196d8dc5a8 cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open()
    49d8a6e24a34 mctp: Fix an error handling path in mctp_init()
    29961d2332a5 stmmac: intel: Update PCH PTP clock rate from 200MHz to 204.8MHz
    8604bebc5c32 stmmac: intel: Enable 2.5Gbps for Intel AlderLake-S
    7dec6dae2b61 net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
    960f9d30def3 net: cpsw: disable napi in cpsw_ndo_open()
    1360778fdb6f net/mlx5e: E-Switch, Fix comparing termination table instance
    f13e9ebd2925 net/mlx5: Allow async trigger completion execution on single CPU systems
    48b73b46a5b0 net/mlx5: Bridge, verify LAG state when adding bond to bridge
    13b1ea861e8a net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg
    7e4dcacb4dd6 net: nixge: disable napi when enable interrupts failed in nixge_open()
    409731df6310 net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()
    77ff31cba9a6 netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()
    e62cb1c093d6 netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()
    0bd20318da08 perf tools: Add the include/perf/ directory to .gitignore
    a733671e388c perf stat: Fix printing os->prefix in CSV metrics output
    c36e9e2c4aff drivers: net: xgene: disable napi when register irq failed in xgene_enet_open()
    4689bd3a1b23 net: lapbether: fix issue of invalid opcode in lapbeth_open()
    1dd27541aa2b dmaengine: ti: k3-udma-glue: fix memory leak when register device fail
    992e966caf57 dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
    9766af75ba5a dmaengine: pxa_dma: use platform_get_irq_optional
    301caa06091a tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
    6a264203dbdb net: broadcom: Fix BCMGENET Kconfig
    e7871b9a21ae net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable()
    261178a1c262 can: af_can: fix NULL pointer dereference in can_rx_register()
    2acb2779b147 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
    13ecaa6832fb tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
    bc79cb9fb006 drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register()
    2845bc9070ce net: wwan: mhi: fix memory leak in mhi_mbim_dellink
    2ce2348c2858 net: wwan: iosm: fix memory leak in ipc_wwan_dellink
    7b6bc50f65e9 hamradio: fix issue of dev reference count leakage in bpq_device_event()
    f59adebb8c28 net: lapbether: fix issue of dev reference count leakage in lapbeth_device_event()
    119407dc329a KVM: s390: pv: don't allow userspace to set the clock under PV
    500bcd3a99ea phy: ralink: mt7621-pci: add sentinel to quirks table
    151dc8087b56 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
    435c7ddfd510 net: fman: Unregister ethernet device on removal
    3a504d6d96ea bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
    ac257c43fa61 bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
    d7569302a7a5 net: tun: Fix memory leaks of napi_get_frags
    430d1f4964dd octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT]
    ec0db81883b4 octeontx2-pf: Use hardware register for CQE count
    b89a0d8859ae macsec: clear encryption keys from the stack after setting up offload
    eeba7f07a0cb macsec: fix detection of RXSCs when toggling offloading
    3070a880eb03 macsec: fix secy->n_rx_sc accounting
    e957555a3694 macsec: delete new rxsc when offload fails
    ad25a115f508 net: gso: fix panic on frag_list with mixed head alloc types
    466ce46f251d bpf: Fix wrong reg type conversion in release_reference()
    35d8130f2ad0 bpf: Add helper macro bpf_for_each_reg_in_vstate
    61274498fbf8 bpf, sock_map: Move cancel_work_sync() out of sock lock
    32b5dd03beeb bpf: Fix sockmap calling sleepable function in teardown path
    e9915581899c bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
    5ad95d71344b HID: hyperv: fix possible memory leak in mousevsc_probe()
    6dcdd1b68b7f bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE
    2fc902245c82 wifi: mac80211: Set TWT Information Frame Disabled bit as 1
    95adbd2ac8de bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues
    06615967d488 bpf, verifier: Fix memory leak in array reallocation for stack state
    4335a82c4f7b soundwire: qcom: check for outanding writes before doing a read
    ae4dad2e5374 soundwire: qcom: reinit broadcast completion
    38c9fa2cc6bf wifi: cfg80211: fix memory leak in query_regdb_file()
    2c6ba0a7872b wifi: cfg80211: silence a sparse RCU warning
    921738c280ab phy: stm32: fix an error code in probe
    fa722006f762 hwspinlock: qcom: correct MMIO max register for newer SoCs
    3c1bb6187e56 drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
    b1f852277171 drm/amdkfd: handle CPU fault on COW mapping
    36770c045aba drm/amdkfd: avoid recursive lock in migrations back to RAM
    93a5de7e8843 fuse: fix readdir cache race
    1920cf94545a thunderbolt: Add DP OUT resource when DP tunnel is discovered
    47dbf2496990 thunderbolt: Tear down existing tunnels when resuming from hibernate

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ee40eebc70d1d09c758eeba2ff6de969fb717a0b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 3dac2fbcd2..dd9f940c7c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -17,7 +17,7 @@ SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.15.78"
+LINUX_VERSION ?= "5.15.84"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 3dd2ecdf6f..8aa2ee14f2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.15.78"
+LINUX_VERSION ?= "5.15.84"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index dabbb82822..f28dae716b 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.78"
+LINUX_VERSION ?= "5.15.84"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][kirkstone 17/32] linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/5.15:

    f100c753aa1f powerpc: Fix reschedule bug in KUAP-unlocked user copy

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b457e6976e9e64a737517f9d9142ab290cdce214)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.15.bb              |  4 ++--
 .../linux/linux-yocto-tiny_5.15.bb            |  4 ++--
 meta/recipes-kernel/linux/linux-yocto_5.15.bb | 22 +++++++++----------
 3 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index dd9f940c7c..122fc0feac 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,8 +11,8 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "6a972b54f014ca67588d73f32058c42af0bd856e"
-SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
+SRCREV_machine ?= "e53e73b907707b92b3433de7c9c776aa504b2d0b"
+SRCREV_meta ?= "e77e5259a3d11efe417b164a0f3341c07ba2bc46"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 8aa2ee14f2..f060e22e84 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "6e85c80a960287ec238f53c91eeade3456044fa3"
-SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
+SRCREV_machine ?= "ae2415ee19511e205a983bc8024700c1f794076a"
+SRCREV_meta ?= "e77e5259a3d11efe417b164a0f3341c07ba2bc46"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index f28dae716b..bb48e158ab 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,17 +13,17 @@ KBRANCH:qemux86  ?= "v5.15/standard/base"
 KBRANCH:qemux86-64 ?= "v5.15/standard/base"
 KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "24c30a8e9f8385f6d74785aa345f5731321b6c41"
-SRCREV_machine:qemuarm64 ?= "c3caed57192735dc74adff939ea35af248a11177"
-SRCREV_machine:qemumips ?= "3bed92886dc9177ce0076dada5056cbe83ec11f0"
-SRCREV_machine:qemuppc ?= "45cbeb05d362ee51b7836a7faa07958670110c38"
-SRCREV_machine:qemuriscv64 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
-SRCREV_machine:qemuriscv32 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
-SRCREV_machine:qemux86 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
-SRCREV_machine:qemux86-64 ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
-SRCREV_machine:qemumips64 ?= "2642cdd862a63f5a8c2774f372f3d3424991b1b9"
-SRCREV_machine ?= "da5513f301871b972d5bc6fab284d3cb277e0a28"
-SRCREV_meta ?= "72756ee16d7230f04fb6bbf0bb115e32a9d73d8d"
+SRCREV_machine:qemuarm ?= "8c0f02ba7db6a463ca3aef969441906706edb350"
+SRCREV_machine:qemuarm64 ?= "42a14881ba8145b2d1bdfc019c603abe79aeafd4"
+SRCREV_machine:qemumips ?= "1ea321a5c9c66edba818ddffcef2aa9910de552e"
+SRCREV_machine:qemuppc ?= "14da484e7f2fc95e10abb4db96bc5fd6b444cb60"
+SRCREV_machine:qemuriscv64 ?= "f100c753aa1f9638bfd476da0498b09fdee569d6"
+SRCREV_machine:qemuriscv32 ?= "f100c753aa1f9638bfd476da0498b09fdee569d6"
+SRCREV_machine:qemux86 ?= "f100c753aa1f9638bfd476da0498b09fdee569d6"
+SRCREV_machine:qemux86-64 ?= "f100c753aa1f9638bfd476da0498b09fdee569d6"
+SRCREV_machine:qemumips64 ?= "8db5fd5c032f44486ef52f34724d0452aa3a6fea"
+SRCREV_machine ?= "f100c753aa1f9638bfd476da0498b09fdee569d6"
+SRCREV_meta ?= "e77e5259a3d11efe417b164a0f3341c07ba2bc46"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
-- 
2.25.1

[OE-core][kirkstone 18/32] vim: upgrade 9.0.0947 -> 9.0.1211

[Steve Sakoman]

From: Randy MacLeod <randy.macleod@windriver.com>

Includes fixes for:
   https://nvd.nist.gov/vuln/detail/CVE-2023-0049
   https://nvd.nist.gov/vuln/detail/CVE-2023-0051
   https://nvd.nist.gov/vuln/detail/CVE-2023-0054
   https://nvd.nist.gov/vuln/detail/CVE-2023-0288

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1c51068c78d12ee02789a6dbecf5e7e91d141af5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/vim/vim.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index d86841efaa..9bc6881fce 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -20,8 +20,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://no-path-adjust.patch \
            "
 
-PV .= ".0947"
-SRCREV = "cc762a48d42b579fb7bdec2c614636b830342dd5"
+PV .= ".1211"
+SRCREV = "f7d1c6e1884c76680980571f1cf15e0928d247b5"
 
 # Remove when 8.3 is out
 UPSTREAM_VERSION_UNKNOWN = "1"
-- 
2.25.1

[OE-core][kirkstone 19/32] gcc: Refactor linker patches and fix linker on arm with usrmerge

[Steve Sakoman]

From: Pavel Zhukov <pavel@zhukoff.net>

Backport fix from master to allow gcc to use proper linker path for
musl [Yocto #14977].

Fixes:
| qemu-arm: Could not open '/lib/ld-musl-armhf.so.1': No such file or directory

Signed-off-by: Pavel Zhukov <pavel@zhukoff.net>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/gcc/gcc-11.3.inc        |   1 -
 ...rm-add-armv9-a-architecture-to-march.patch |  89 +++---
 ...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 269 +++++++++++++-----
 ...s-fix-v4bx-to-linker-to-support-EABI.patch |  10 +-
 ...019-nios2-Define-MUSL_DYNAMIC_LINKER.patch |  25 --
 5 files changed, 245 insertions(+), 149 deletions(-)
 delete mode 100644 meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch

diff --git a/meta/recipes-devtools/gcc/gcc-11.3.inc b/meta/recipes-devtools/gcc/gcc-11.3.inc
index 27074a06ae..ab2ece3cce 100644
--- a/meta/recipes-devtools/gcc/gcc-11.3.inc
+++ b/meta/recipes-devtools/gcc/gcc-11.3.inc
@@ -48,7 +48,6 @@ SRC_URI = "\
            file://0016-If-CXXFLAGS-contains-something-unsupported-by-the-bu.patch \
            file://0017-handle-sysroot-support-for-nativesdk-gcc.patch \
            file://0018-Search-target-sysroot-gcc-version-specific-dirs-with.patch \
-           file://0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch \
            file://0020-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch \
            file://0021-Link-libgcc-using-LDFLAGS-not-just-SHLIB_LDFLAGS.patch \
            file://0022-sync-gcc-stddef.h-with-musl.patch \
diff --git a/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch b/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch
index c38d1b9119..864c8b3017 100644
--- a/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch
+++ b/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch
@@ -43,10 +43,10 @@ Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com>
  gcc/testsuite/lib/target-supports.exp     |  3 ++-
  9 files changed, 79 insertions(+), 8 deletions(-)
 
-diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
-index bcc9ebe9f..58d83829c 100644
---- a/gcc/config/arm/arm-cpus.in
-+++ b/gcc/config/arm/arm-cpus.in
+Index: gcc-11.3.0/gcc/config/arm/arm-cpus.in
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/arm-cpus.in
++++ gcc-11.3.0/gcc/config/arm/arm-cpus.in
 @@ -132,6 +132,9 @@ define feature cmse
  # Architecture rel 8.1-M.
  define feature armv8_1m_main
@@ -57,7 +57,7 @@ index bcc9ebe9f..58d83829c 100644
  # Floating point and Neon extensions.
  # VFPv1 is not supported in GCC.
  
-@@ -293,6 +296,7 @@ define fgroup ARMv8m_base ARMv6m armv8 cmse tdiv
+@@ -293,6 +296,7 @@ define fgroup ARMv8m_base ARMv6m armv8 c
  define fgroup ARMv8m_main ARMv7m armv8 cmse
  define fgroup ARMv8r      ARMv8a
  define fgroup ARMv8_1m_main ARMv8m_main armv8_1m_main
@@ -87,10 +87,10 @@ index bcc9ebe9f..58d83829c 100644
  begin arch iwmmxt
   tune for iwmmxt
   tune flags LDSCHED STRONG XSCALE
-diff --git a/gcc/config/arm/arm-tables.opt b/gcc/config/arm/arm-tables.opt
-index 5692d4fb7..ae3dd9414 100644
---- a/gcc/config/arm/arm-tables.opt
-+++ b/gcc/config/arm/arm-tables.opt
+Index: gcc-11.3.0/gcc/config/arm/arm-tables.opt
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/arm-tables.opt
++++ gcc-11.3.0/gcc/config/arm/arm-tables.opt
 @@ -380,10 +380,13 @@ EnumValue
  Enum(arm_arch) String(armv8.1-m.main) Value(30)
  
@@ -107,10 +107,10 @@ index 5692d4fb7..ae3dd9414 100644
  
  Enum
  Name(arm_fpu) Type(enum fpu_type)
-diff --git a/gcc/config/arm/arm.h b/gcc/config/arm/arm.h
-index 47c13a9e5..088c7725c 100644
---- a/gcc/config/arm/arm.h
-+++ b/gcc/config/arm/arm.h
+Index: gcc-11.3.0/gcc/config/arm/arm.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/arm.h
++++ gcc-11.3.0/gcc/config/arm/arm.h
 @@ -456,7 +456,8 @@ enum base_architecture
    BASE_ARCH_8A = 8,
    BASE_ARCH_8M_BASE = 8,
@@ -121,10 +121,10 @@ index 47c13a9e5..088c7725c 100644
  };
  
  /* The major revision number of the ARM Architecture implemented by the target.  */
-diff --git a/gcc/config/arm/t-aprofile b/gcc/config/arm/t-aprofile
-index 8574ac3e2..68e2251c7 100644
---- a/gcc/config/arm/t-aprofile
-+++ b/gcc/config/arm/t-aprofile
+Index: gcc-11.3.0/gcc/config/arm/t-aprofile
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/t-aprofile
++++ gcc-11.3.0/gcc/config/arm/t-aprofile
 @@ -26,8 +26,8 @@
  
  # Arch and FPU variants to build libraries with
@@ -136,7 +136,7 @@ index 8574ac3e2..68e2251c7 100644
  
  # ARMv7-A - build nofp, fp-d16 and SIMD variants
  
-@@ -46,6 +46,11 @@ MULTILIB_REQUIRED	+= mthumb/march=armv8-a/mfloat-abi=soft
+@@ -46,6 +46,11 @@ MULTILIB_REQUIRED	+= mthumb/march=armv8-
  MULTILIB_REQUIRED	+= mthumb/march=armv8-a+simd/mfloat-abi=hard
  MULTILIB_REQUIRED	+= mthumb/march=armv8-a+simd/mfloat-abi=softfp
  
@@ -148,7 +148,7 @@ index 8574ac3e2..68e2251c7 100644
  # Matches
  
  # Arch Matches
-@@ -129,17 +134,29 @@ MULTILIB_MATCHES	+= march?armv8-a=march?armv8.6-a
+@@ -129,17 +134,29 @@ MULTILIB_MATCHES	+= march?armv8-a=march?
  MULTILIB_MATCHES	+= $(foreach ARCH, $(v8_6_a_simd_variants), \
  			     march?armv8-a+simd=march?armv8.6-a$(ARCH))
  
@@ -180,11 +180,11 @@ index 8574ac3e2..68e2251c7 100644
 -			     $(foreach ARCH, armv7-a armv8-a, \
 +			     $(foreach ARCH, armv7-a armv8-a armv9-a, \
  			       mthumb/march.$(ARCH)/mfloat-abi.soft=m$(MODE)/march.$(ARCH)/mfloat-abi.softfp))
-diff --git a/gcc/config/arm/t-arm-elf b/gcc/config/arm/t-arm-elf
-index d68def308..b3a900e8c 100644
---- a/gcc/config/arm/t-arm-elf
-+++ b/gcc/config/arm/t-arm-elf
-@@ -38,6 +38,8 @@ v7ve_fps	:= vfpv3-d16 vfpv3 vfpv3-d16-fp16 vfpv3-fp16 vfpv4 neon \
+Index: gcc-11.3.0/gcc/config/arm/t-arm-elf
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/t-arm-elf
++++ gcc-11.3.0/gcc/config/arm/t-arm-elf
+@@ -38,6 +38,8 @@ v7ve_fps	:= vfpv3-d16 vfpv3 vfpv3-d16-fp
  # it seems to work ok.
  v8_fps		:= simd fp16 crypto fp16+crypto dotprod fp16fml
  
@@ -202,7 +202,7 @@ index d68def308..b3a900e8c 100644
  # No floating point variants, require thumb1 softfp
  all_nofp_t	:= armv6-m armv6s-m armv8-m.base
  
-@@ -110,6 +114,11 @@ MULTILIB_MATCHES     += $(foreach ARCH, $(all_v8_archs), \
+@@ -110,6 +114,11 @@ MULTILIB_MATCHES     += $(foreach ARCH,
  			  $(foreach FPARCH, $(v8_fps), \
  			    march?armv7+fp=march?$(ARCH)+$(FPARCH)))
  
@@ -214,11 +214,11 @@ index d68def308..b3a900e8c 100644
  MULTILIB_MATCHES     += $(foreach ARCH, armv7e-m armv8-m.mainline, \
  			  march?armv7+fp=march?$(ARCH)+fp.dp)
  
-diff --git a/gcc/config/arm/t-multilib b/gcc/config/arm/t-multilib
-index ddc5033bf..d789b86ee 100644
---- a/gcc/config/arm/t-multilib
-+++ b/gcc/config/arm/t-multilib
-@@ -78,6 +78,8 @@ v8_4_a_simd_variants	:= $(call all_feat_combs, simd fp16 crypto i8mm bf16)
+Index: gcc-11.3.0/gcc/config/arm/t-multilib
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/t-multilib
++++ gcc-11.3.0/gcc/config/arm/t-multilib
+@@ -78,6 +78,8 @@ v8_4_a_simd_variants	:= $(call all_feat_
  v8_5_a_simd_variants	:= $(call all_feat_combs, simd fp16 crypto i8mm bf16)
  v8_6_a_simd_variants	:= $(call all_feat_combs, simd fp16 crypto i8mm bf16)
  v8_r_nosimd_variants	:= +crc
@@ -227,7 +227,7 @@ index ddc5033bf..d789b86ee 100644
  
  ifneq (,$(HAS_APROFILE))
  include $(srcdir)/config/arm/t-aprofile
-@@ -202,6 +204,16 @@ MULTILIB_MATCHES	+= march?armv7=march?armv8.6-a
+@@ -202,6 +204,16 @@ MULTILIB_MATCHES	+= march?armv7=march?ar
  MULTILIB_MATCHES	+= $(foreach ARCH, $(v8_6_a_simd_variants), \
  			     march?armv7+fp=march?armv8.6-a$(ARCH))
  
@@ -244,10 +244,10 @@ index ddc5033bf..d789b86ee 100644
  endif		# Not APROFILE.
  
  # Use Thumb libraries for everything.
-diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
-index 7184a62d0..9a712c0d6 100644
---- a/gcc/doc/invoke.texi
-+++ b/gcc/doc/invoke.texi
+Index: gcc-11.3.0/gcc/doc/invoke.texi
+===================================================================
+--- gcc-11.3.0.orig/gcc/doc/invoke.texi
++++ gcc-11.3.0/gcc/doc/invoke.texi
 @@ -19701,6 +19701,7 @@ Permissible names are:
  @samp{armv7-m}, @samp{armv7e-m},
  @samp{armv8-m.base}, @samp{armv8-m.main},
@@ -256,10 +256,10 @@ index 7184a62d0..9a712c0d6 100644
  @samp{iwmmxt} and @samp{iwmmxt2}.
  
  Additionally, the following architectures, which lack support for the
-diff --git a/gcc/testsuite/gcc.target/arm/multilib.exp b/gcc/testsuite/gcc.target/arm/multilib.exp
-index 4b30025db..e3f06c316 100644
---- a/gcc/testsuite/gcc.target/arm/multilib.exp
-+++ b/gcc/testsuite/gcc.target/arm/multilib.exp
+Index: gcc-11.3.0/gcc/testsuite/gcc.target/arm/multilib.exp
+===================================================================
+--- gcc-11.3.0.orig/gcc/testsuite/gcc.target/arm/multilib.exp
++++ gcc-11.3.0/gcc/testsuite/gcc.target/arm/multilib.exp
 @@ -135,6 +135,14 @@ if {[multilib_config "aprofile"] } {
  	{-march=armv8.6-a+simd+fp16 -mfloat-abi=softfp} "thumb/v8-a+simd/softfp"
  	{-march=armv8.6-a+simd+fp16+nofp -mfloat-abi=softfp} "thumb/v8-a/nofp"
@@ -275,10 +275,10 @@ index 4b30025db..e3f06c316 100644
  	{-mcpu=cortex-a53+crypto -mfloat-abi=hard} "thumb/v8-a+simd/hard"
  	{-mcpu=cortex-a53+nofp -mfloat-abi=softfp} "thumb/v8-a/nofp"
  	{-march=armv8-a+crc -mfloat-abi=hard -mfpu=vfp} "thumb/v8-a+simd/hard"
-diff --git a/gcc/testsuite/lib/target-supports.exp b/gcc/testsuite/lib/target-supports.exp
-index 857e57218..52e043917 100644
---- a/gcc/testsuite/lib/target-supports.exp
-+++ b/gcc/testsuite/lib/target-supports.exp
+Index: gcc-11.3.0/gcc/testsuite/lib/target-supports.exp
+===================================================================
+--- gcc-11.3.0.orig/gcc/testsuite/lib/target-supports.exp
++++ gcc-11.3.0/gcc/testsuite/lib/target-supports.exp
 @@ -4820,7 +4820,8 @@ foreach { armfunc armflag armdefs } {
  	v8m_base "-march=armv8-m.base -mthumb -mfloat-abi=soft"
  		__ARM_ARCH_8M_BASE__
@@ -289,6 +289,3 @@ index 857e57218..52e043917 100644
      eval [string map [list FUNC $armfunc FLAG $armflag DEFS $armdefs ] {
  	proc check_effective_target_arm_arch_FUNC_ok { } {
  	    return [check_no_compiler_messages arm_arch_FUNC_ok assembly {
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch b/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
index ef19eef822..b3515c9734 100644
--- a/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
+++ b/meta/recipes-devtools/gcc/gcc/0006-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch
@@ -1,4 +1,4 @@
-From 84dd8ea4c982fc2c82af642293d29e9c1880de5b Mon Sep 17 00:00:00 2001
+From 4de00af67b57b5440bdf61ab364ad959ad0aeee7 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Fri, 29 Mar 2013 09:24:50 +0400
 Subject: [PATCH] Define GLIBC_DYNAMIC_LINKER and UCLIBC_DYNAMIC_LINKER
@@ -12,28 +12,37 @@ SH, sparc, alpha for possible future support (if any)
 
 Removes the do_headerfix task in metadata
 
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
 Upstream-Status: Inappropriate [OE configuration]
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Refresh patch from master to deduplicate patches and fix arm linker
+Signed-off-by: Pavel Zhukov <pavel@zhukoff.net>
 ---
  gcc/config/aarch64/aarch64-linux.h |  4 ++--
  gcc/config/alpha/linux-elf.h       |  4 ++--
- gcc/config/arm/linux-eabi.h        |  4 ++--
+ gcc/config/arm/linux-eabi.h        |  6 +++---
  gcc/config/arm/linux-elf.h         |  2 +-
- gcc/config/i386/linux.h            |  2 +-
- gcc/config/i386/linux64.h          |  6 +++---
+ gcc/config/i386/linux.h            |  4 ++--
+ gcc/config/i386/linux64.h          | 12 ++++++------
  gcc/config/linux.h                 |  8 ++++----
- gcc/config/mips/linux.h            | 12 ++++++------
- gcc/config/riscv/linux.h           |  2 +-
+ gcc/config/microblaze/linux.h      |  4 ++--
+ gcc/config/mips/linux.h            | 18 +++++++++---------
+ gcc/config/nios2/linux.h           |  4 ++--
+ gcc/config/riscv/linux.h           |  4 ++--
  gcc/config/rs6000/linux64.h        | 15 +++++----------
- gcc/config/sh/linux.h              |  2 +-
+ gcc/config/rs6000/sysv4.h          |  4 ++--
+ gcc/config/s390/linux.h            |  8 ++++----
+ gcc/config/sh/linux.h              |  4 ++--
  gcc/config/sparc/linux.h           |  2 +-
  gcc/config/sparc/linux64.h         |  4 ++--
- 13 files changed, 31 insertions(+), 36 deletions(-)
+ 17 files changed, 53 insertions(+), 58 deletions(-)
 
-diff --git a/gcc/config/aarch64/aarch64-linux.h b/gcc/config/aarch64/aarch64-linux.h
-index 7f2529a2a1d..4bcae7f3110 100644
---- a/gcc/config/aarch64/aarch64-linux.h
-+++ b/gcc/config/aarch64/aarch64-linux.h
+Index: gcc-11.3.0/gcc/config/aarch64/aarch64-linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/aarch64/aarch64-linux.h
++++ gcc-11.3.0/gcc/config/aarch64/aarch64-linux.h
 @@ -21,10 +21,10 @@
  #ifndef GCC_AARCH64_LINUX_H
  #define GCC_AARCH64_LINUX_H
@@ -47,11 +56,11 @@ index 7f2529a2a1d..4bcae7f3110 100644
  
  #undef  ASAN_CC1_SPEC
  #define ASAN_CC1_SPEC "%{%:sanitize(address):-funwind-tables}"
-diff --git a/gcc/config/alpha/linux-elf.h b/gcc/config/alpha/linux-elf.h
-index c1dae8ca2cf..3ce2b76c1a4 100644
---- a/gcc/config/alpha/linux-elf.h
-+++ b/gcc/config/alpha/linux-elf.h
-@@ -23,8 +23,8 @@ along with GCC; see the file COPYING3.  If not see
+Index: gcc-11.3.0/gcc/config/alpha/linux-elf.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/alpha/linux-elf.h
++++ gcc-11.3.0/gcc/config/alpha/linux-elf.h
+@@ -23,8 +23,8 @@ along with GCC; see the file COPYING3.
  #define EXTRA_SPECS \
  { "elf_dynamic_linker", ELF_DYNAMIC_LINKER },
  
@@ -62,10 +71,10 @@ index c1dae8ca2cf..3ce2b76c1a4 100644
  #if DEFAULT_LIBC == LIBC_UCLIBC
  #define CHOOSE_DYNAMIC_LINKER(G, U) "%{mglibc:" G ";:" U "}"
  #elif DEFAULT_LIBC == LIBC_GLIBC
-diff --git a/gcc/config/arm/linux-eabi.h b/gcc/config/arm/linux-eabi.h
-index 85d0136e76e..6bd95855827 100644
---- a/gcc/config/arm/linux-eabi.h
-+++ b/gcc/config/arm/linux-eabi.h
+Index: gcc-11.3.0/gcc/config/arm/linux-eabi.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/linux-eabi.h
++++ gcc-11.3.0/gcc/config/arm/linux-eabi.h
 @@ -65,8 +65,8 @@
     GLIBC_DYNAMIC_LINKER_DEFAULT and TARGET_DEFAULT_FLOAT_ABI.  */
  
@@ -77,10 +86,19 @@ index 85d0136e76e..6bd95855827 100644
  #define GLIBC_DYNAMIC_LINKER_DEFAULT GLIBC_DYNAMIC_LINKER_SOFT_FLOAT
  
  #define GLIBC_DYNAMIC_LINKER \
-diff --git a/gcc/config/arm/linux-elf.h b/gcc/config/arm/linux-elf.h
-index 0c1c4e70b6b..6bd643ade11 100644
---- a/gcc/config/arm/linux-elf.h
-+++ b/gcc/config/arm/linux-elf.h
+@@ -89,7 +89,7 @@
+ #define MUSL_DYNAMIC_LINKER_E "%{mbig-endian:eb}"
+ #endif
+ #define MUSL_DYNAMIC_LINKER \
+-  "/lib/ld-musl-arm" MUSL_DYNAMIC_LINKER_E "%{mfloat-abi=hard:hf}%{mfdpic:-fdpic}.so.1"
++  SYSTEMLIBS_DIR "ld-musl-arm" MUSL_DYNAMIC_LINKER_E "%{mfloat-abi=hard:hf}%{mfdpic:-fdpic}.so.1"
+ 
+ /* At this point, bpabi.h will have clobbered LINK_SPEC.  We want to
+    use the GNU/Linux version, not the generic BPABI version.  */
+Index: gcc-11.3.0/gcc/config/arm/linux-elf.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/linux-elf.h
++++ gcc-11.3.0/gcc/config/arm/linux-elf.h
 @@ -60,7 +60,7 @@
  
  #define LIBGCC_SPEC "%{mfloat-abi=soft*:-lfloat} -lgcc"
@@ -90,11 +108,11 @@ index 0c1c4e70b6b..6bd643ade11 100644
  
  #define LINUX_TARGET_LINK_SPEC  "%{h*} \
     %{static:-Bstatic} \
-diff --git a/gcc/config/i386/linux.h b/gcc/config/i386/linux.h
-index 04b274f1654..7aafcf3ac2d 100644
---- a/gcc/config/i386/linux.h
-+++ b/gcc/config/i386/linux.h
-@@ -20,7 +20,7 @@ along with GCC; see the file COPYING3.  If not see
+Index: gcc-11.3.0/gcc/config/i386/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/i386/linux.h
++++ gcc-11.3.0/gcc/config/i386/linux.h
+@@ -20,7 +20,7 @@ along with GCC; see the file COPYING3.
  <http://www.gnu.org/licenses/>.  */
  
  #define GNU_USER_LINK_EMULATION "elf_i386"
@@ -102,12 +120,13 @@ index 04b274f1654..7aafcf3ac2d 100644
 +#define GLIBC_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-linux.so.2"
  
  #undef MUSL_DYNAMIC_LINKER
- #define MUSL_DYNAMIC_LINKER "/lib/ld-musl-i386.so.1"
-diff --git a/gcc/config/i386/linux64.h b/gcc/config/i386/linux64.h
-index b3822ced528..92d303e80d6 100644
---- a/gcc/config/i386/linux64.h
-+++ b/gcc/config/i386/linux64.h
-@@ -27,9 +27,9 @@ see the files COPYING3 and COPYING.RUNTIME respectively.  If not, see
+-#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-i386.so.1"
++#define MUSL_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-musl-i386.so.1"
+Index: gcc-11.3.0/gcc/config/i386/linux64.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/i386/linux64.h
++++ gcc-11.3.0/gcc/config/i386/linux64.h
+@@ -27,13 +27,13 @@ see the files COPYING3 and COPYING.RUNTI
  #define GNU_USER_LINK_EMULATION64 "elf_x86_64"
  #define GNU_USER_LINK_EMULATIONX32 "elf32_x86_64"
  
@@ -119,12 +138,19 @@ index b3822ced528..92d303e80d6 100644
 +#define GLIBC_DYNAMIC_LINKERX32 SYSTEMLIBS_DIR "ld-linux-x32.so.2"
  
  #undef MUSL_DYNAMIC_LINKER32
- #define MUSL_DYNAMIC_LINKER32 "/lib/ld-musl-i386.so.1"
-diff --git a/gcc/config/linux.h b/gcc/config/linux.h
-index 4e1db60fced..87efc5f69fe 100644
---- a/gcc/config/linux.h
-+++ b/gcc/config/linux.h
-@@ -94,10 +94,10 @@ see the files COPYING3 and COPYING.RUNTIME respectively.  If not, see
+-#define MUSL_DYNAMIC_LINKER32 "/lib/ld-musl-i386.so.1"
++#define MUSL_DYNAMIC_LINKER32 SYSTEMLIBS_DIR "ld-musl-i386.so.1"
+ #undef MUSL_DYNAMIC_LINKER64
+-#define MUSL_DYNAMIC_LINKER64 "/lib/ld-musl-x86_64.so.1"
++#define MUSL_DYNAMIC_LINKER64 SYSTEMLIBS_DIR "ld-musl-x86_64.so.1"
+ #undef MUSL_DYNAMIC_LINKERX32
+-#define MUSL_DYNAMIC_LINKERX32 "/lib/ld-musl-x32.so.1"
++#define MUSL_DYNAMIC_LINKERX32 SYSTEMLIBS_DIR "ld-musl-x32.so.1"
+Index: gcc-11.3.0/gcc/config/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/linux.h
++++ gcc-11.3.0/gcc/config/linux.h
+@@ -94,10 +94,10 @@ see the files COPYING3 and COPYING.RUNTI
     GLIBC_DYNAMIC_LINKER must be defined for each target using them, or
     GLIBC_DYNAMIC_LINKER32 and GLIBC_DYNAMIC_LINKER64 for targets
     supporting both 32-bit and 64-bit compilation.  */
@@ -139,11 +165,33 @@ index 4e1db60fced..87efc5f69fe 100644
  #define BIONIC_DYNAMIC_LINKER "/system/bin/linker"
  #define BIONIC_DYNAMIC_LINKER32 "/system/bin/linker"
  #define BIONIC_DYNAMIC_LINKER64 "/system/bin/linker64"
-diff --git a/gcc/config/mips/linux.h b/gcc/config/mips/linux.h
-index 44a85e410d9..8d41b5574f6 100644
---- a/gcc/config/mips/linux.h
-+++ b/gcc/config/mips/linux.h
-@@ -22,20 +22,20 @@ along with GCC; see the file COPYING3.  If not see
+Index: gcc-11.3.0/gcc/config/microblaze/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/microblaze/linux.h
++++ gcc-11.3.0/gcc/config/microblaze/linux.h
+@@ -28,7 +28,7 @@
+ #undef TLS_NEEDS_GOT
+ #define TLS_NEEDS_GOT 1
+ 
+-#define GLIBC_DYNAMIC_LINKER "/lib/ld.so.1"
++#define GLIBC_DYNAMIC_LINKER SYSTEMLIBS_DIR "/ld.so.1"
+ #define UCLIBC_DYNAMIC_LINKER "/lib/ld-uClibc.so.0"
+ 
+ #if TARGET_BIG_ENDIAN_DEFAULT == 0 /* LE */
+@@ -38,7 +38,7 @@
+ #endif
+ 
+ #undef MUSL_DYNAMIC_LINKER
+-#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-microblaze" MUSL_DYNAMIC_LINKER_E ".so.1"
++#define MUSL_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-musl-microblaze" MUSL_DYNAMIC_LINKER_E ".so.1"
+ 
+ #undef  SUBTARGET_EXTRA_SPECS
+ #define SUBTARGET_EXTRA_SPECS \
+Index: gcc-11.3.0/gcc/config/mips/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/mips/linux.h
++++ gcc-11.3.0/gcc/config/mips/linux.h
+@@ -22,29 +22,29 @@ along with GCC; see the file COPYING3.
  #define GNU_USER_LINK_EMULATIONN32 "elf32%{EB:b}%{EL:l}tsmipn32"
  
  #define GLIBC_DYNAMIC_LINKER32 \
@@ -170,11 +218,36 @@ index 44a85e410d9..8d41b5574f6 100644
  
  #undef MUSL_DYNAMIC_LINKER32
  #define MUSL_DYNAMIC_LINKER32 \
-diff --git a/gcc/config/riscv/linux.h b/gcc/config/riscv/linux.h
-index fce5b896e6e..03aa55cb5ab 100644
---- a/gcc/config/riscv/linux.h
-+++ b/gcc/config/riscv/linux.h
-@@ -22,7 +22,7 @@ along with GCC; see the file COPYING3.  If not see
+-  "/lib/ld-musl-mips%{mips32r6|mips64r6:r6}%{EL:el}%{msoft-float:-sf}.so.1"
++  SYSTEMLIBS_DIR "ld-musl-mips%{mips32r6|mips64r6:r6}%{EL:el}%{msoft-float:-sf}.so.1"
+ #undef MUSL_DYNAMIC_LINKER64
+ #define MUSL_DYNAMIC_LINKER64 \
+-  "/lib/ld-musl-mips64%{mips64r6:r6}%{EL:el}%{msoft-float:-sf}.so.1"
++  SYSTEMLIBS_DIR "ld-musl-mips64%{mips64r6:r6}%{EL:el}%{msoft-float:-sf}.so.1"
+ #define MUSL_DYNAMIC_LINKERN32 \
+-  "/lib/ld-musl-mipsn32%{mips64r6:r6}%{EL:el}%{msoft-float:-sf}.so.1"
++  SYSTEMLIBS_DIR "ld-musl-mipsn32%{mips64r6:r6}%{EL:el}%{msoft-float:-sf}.so.1"
+ 
+ #define BIONIC_DYNAMIC_LINKERN32 "/system/bin/linker32"
+ #define GNU_USER_DYNAMIC_LINKERN32 \
+Index: gcc-11.3.0/gcc/config/nios2/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/nios2/linux.h
++++ gcc-11.3.0/gcc/config/nios2/linux.h
+@@ -29,7 +29,7 @@
+ #undef CPP_SPEC
+ #define CPP_SPEC "%{posix:-D_POSIX_SOURCE} %{pthread:-D_REENTRANT}"
+ 
+-#define GLIBC_DYNAMIC_LINKER "/lib/ld-linux-nios2.so.1"
++#define GLIBC_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-linux-nios2.so.1"
+ 
+ #undef LINK_SPEC
+ #define LINK_SPEC LINK_SPEC_ENDIAN \
+Index: gcc-11.3.0/gcc/config/riscv/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/riscv/linux.h
++++ gcc-11.3.0/gcc/config/riscv/linux.h
+@@ -22,7 +22,7 @@ along with GCC; see the file COPYING3.
      GNU_USER_TARGET_OS_CPP_BUILTINS();				\
    } while (0)
  
@@ -183,10 +256,19 @@ index fce5b896e6e..03aa55cb5ab 100644
  
  #define MUSL_ABI_SUFFIX \
    "%{mabi=ilp32:-sf}" \
-diff --git a/gcc/config/rs6000/linux64.h b/gcc/config/rs6000/linux64.h
-index e3f2cd254f6..a11e01faa3d 100644
---- a/gcc/config/rs6000/linux64.h
-+++ b/gcc/config/rs6000/linux64.h
+@@ -33,7 +33,7 @@ along with GCC; see the file COPYING3.
+   "%{mabi=lp64d:}"
+ 
+ #undef MUSL_DYNAMIC_LINKER
+-#define MUSL_DYNAMIC_LINKER "/lib/ld-musl-riscv" XLEN_SPEC MUSL_ABI_SUFFIX ".so.1"
++#define MUSL_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld-musl-riscv" XLEN_SPEC MUSL_ABI_SUFFIX ".so.1"
+ 
+ /* Because RISC-V only has word-sized atomics, it requries libatomic where
+    others do not.  So link libatomic by default, as needed.  */
+Index: gcc-11.3.0/gcc/config/rs6000/linux64.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/rs6000/linux64.h
++++ gcc-11.3.0/gcc/config/rs6000/linux64.h
 @@ -336,24 +336,19 @@ extern int dot_symbols;
  #undef	LINK_OS_DEFAULT_SPEC
  #define LINK_OS_DEFAULT_SPEC "%(link_os_linux)"
@@ -217,12 +299,55 @@ index e3f2cd254f6..a11e01faa3d 100644
  
  #undef  DEFAULT_ASM_ENDIAN
  #if (TARGET_DEFAULT & MASK_LITTLE_ENDIAN)
-diff --git a/gcc/config/sh/linux.h b/gcc/config/sh/linux.h
-index 7558d2f7195..3aaa6c3a078 100644
---- a/gcc/config/sh/linux.h
-+++ b/gcc/config/sh/linux.h
-@@ -64,7 +64,7 @@ along with GCC; see the file COPYING3.  If not see
-   "/lib/ld-musl-sh" MUSL_DYNAMIC_LINKER_E MUSL_DYNAMIC_LINKER_FP \
+Index: gcc-11.3.0/gcc/config/rs6000/sysv4.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/rs6000/sysv4.h
++++ gcc-11.3.0/gcc/config/rs6000/sysv4.h
+@@ -780,10 +780,10 @@ GNU_USER_TARGET_CC1_SPEC
+ 
+ #define MUSL_DYNAMIC_LINKER_E ENDIAN_SELECT("","le","")
+ 
+-#define GLIBC_DYNAMIC_LINKER "/lib/ld.so.1"
++#define GLIBC_DYNAMIC_LINKER SYSTEMLIBS_DIR "ld.so.1"
+ #undef MUSL_DYNAMIC_LINKER
+ #define MUSL_DYNAMIC_LINKER \
+-  "/lib/ld-musl-powerpc" MUSL_DYNAMIC_LINKER_E "%{msoft-float:-sf}.so.1"
++  SYSTEMLIBS_DIR "ld-musl-powerpc" MUSL_DYNAMIC_LINKER_E "%{msoft-float:-sf}.so.1"
+ 
+ #ifndef GNU_USER_DYNAMIC_LINKER
+ #define GNU_USER_DYNAMIC_LINKER GLIBC_DYNAMIC_LINKER
+Index: gcc-11.3.0/gcc/config/s390/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/s390/linux.h
++++ gcc-11.3.0/gcc/config/s390/linux.h
+@@ -72,13 +72,13 @@ along with GCC; see the file COPYING3.
+ #define MULTILIB_DEFAULTS { "m31" }
+ #endif
+ 
+-#define GLIBC_DYNAMIC_LINKER32 "/lib/ld.so.1"
+-#define GLIBC_DYNAMIC_LINKER64 "/lib/ld64.so.1"
++#define GLIBC_DYNAMIC_LINKER32 SYSTEMLIBS_DIR "ld.so.1"
++#define GLIBC_DYNAMIC_LINKER64 SYSTEMLIBS_DIR "ld64.so.1"
+ 
+ #undef MUSL_DYNAMIC_LINKER32
+-#define MUSL_DYNAMIC_LINKER32 "/lib/ld-musl-s390.so.1"
++#define MUSL_DYNAMIC_LINKER32 SYSTEMLIBS_DIR "ld-musl-s390.so.1"
+ #undef MUSL_DYNAMIC_LINKER64
+-#define MUSL_DYNAMIC_LINKER64 "/lib/ld-musl-s390x.so.1"
++#define MUSL_DYNAMIC_LINKER64 SYSTEMLIBS_DIR "ld-musl-s390x.so.1"
+ 
+ #undef  LINK_SPEC
+ #define LINK_SPEC \
+Index: gcc-11.3.0/gcc/config/sh/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/sh/linux.h
++++ gcc-11.3.0/gcc/config/sh/linux.h
+@@ -61,10 +61,10 @@ along with GCC; see the file COPYING3.
+ 
+ #undef MUSL_DYNAMIC_LINKER
+ #define MUSL_DYNAMIC_LINKER \
+-  "/lib/ld-musl-sh" MUSL_DYNAMIC_LINKER_E MUSL_DYNAMIC_LINKER_FP \
++  SYSTEMLIBS_DIR "ld-musl-sh" MUSL_DYNAMIC_LINKER_E MUSL_DYNAMIC_LINKER_FP \
    "%{mfdpic:-fdpic}.so.1"
  
 -#define GLIBC_DYNAMIC_LINKER "/lib/ld-linux.so.2"
@@ -230,11 +355,11 @@ index 7558d2f7195..3aaa6c3a078 100644
  
  #undef SUBTARGET_LINK_EMUL_SUFFIX
  #define SUBTARGET_LINK_EMUL_SUFFIX "%{mfdpic:_fd;:_linux}"
-diff --git a/gcc/config/sparc/linux.h b/gcc/config/sparc/linux.h
-index 2550d7ee8f0..a94f4cd8ba2 100644
---- a/gcc/config/sparc/linux.h
-+++ b/gcc/config/sparc/linux.h
-@@ -78,7 +78,7 @@ extern const char *host_detect_local_cpu (int argc, const char **argv);
+Index: gcc-11.3.0/gcc/config/sparc/linux.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/sparc/linux.h
++++ gcc-11.3.0/gcc/config/sparc/linux.h
+@@ -78,7 +78,7 @@ extern const char *host_detect_local_cpu
     When the -shared link option is used a final link is not being
     done.  */
  
@@ -243,11 +368,11 @@ index 2550d7ee8f0..a94f4cd8ba2 100644
  
  #undef  LINK_SPEC
  #define LINK_SPEC "-m elf32_sparc %{shared:-shared} \
-diff --git a/gcc/config/sparc/linux64.h b/gcc/config/sparc/linux64.h
-index 95af8afa9b5..63127afb074 100644
---- a/gcc/config/sparc/linux64.h
-+++ b/gcc/config/sparc/linux64.h
-@@ -78,8 +78,8 @@ along with GCC; see the file COPYING3.  If not see
+Index: gcc-11.3.0/gcc/config/sparc/linux64.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/sparc/linux64.h
++++ gcc-11.3.0/gcc/config/sparc/linux64.h
+@@ -78,8 +78,8 @@ along with GCC; see the file COPYING3.
     When the -shared link option is used a final link is not being
     done.  */
  
diff --git a/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch b/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
index ac139542f1..0f94936140 100644
--- a/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
+++ b/meta/recipes-devtools/gcc/gcc/0009-gcc-armv4-pass-fix-v4bx-to-linker-to-support-EABI.patch
@@ -18,13 +18,13 @@ Upstream-Status: Pending
  gcc/config/arm/linux-eabi.h | 6 +++++-
  1 file changed, 5 insertions(+), 1 deletion(-)
 
-diff --git a/gcc/config/arm/linux-eabi.h b/gcc/config/arm/linux-eabi.h
-index 6bd95855827..77befab5da8 100644
---- a/gcc/config/arm/linux-eabi.h
-+++ b/gcc/config/arm/linux-eabi.h
+Index: gcc-11.3.0/gcc/config/arm/linux-eabi.h
+===================================================================
+--- gcc-11.3.0.orig/gcc/config/arm/linux-eabi.h
++++ gcc-11.3.0/gcc/config/arm/linux-eabi.h
 @@ -91,10 +91,14 @@
  #define MUSL_DYNAMIC_LINKER \
-   "/lib/ld-musl-arm" MUSL_DYNAMIC_LINKER_E "%{mfloat-abi=hard:hf}%{mfdpic:-fdpic}.so.1"
+   SYSTEMLIBS_DIR "ld-musl-arm" MUSL_DYNAMIC_LINKER_E "%{mfloat-abi=hard:hf}%{mfdpic:-fdpic}.so.1"
  
 +/* For armv4 we pass --fix-v4bx to linker to support EABI */
 +#undef TARGET_FIX_V4BX_SPEC
diff --git a/meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch b/meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch
deleted file mode 100644
index 76ebfd7f77..0000000000
--- a/meta/recipes-devtools/gcc/gcc/0019-nios2-Define-MUSL_DYNAMIC_LINKER.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 9ec4db8e910d9a51ae43f6b20d4bf1dac2d8cca8 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 2 Feb 2016 10:26:10 -0800
-Subject: [PATCH] nios2: Define MUSL_DYNAMIC_LINKER
-
-Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=e5ddbbf992b909d8e38851bd3179d29389e6ac97]
-
-Signed-off-by: Marek Vasut <marex@denx.de>
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- gcc/config/nios2/linux.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/gcc/config/nios2/linux.h b/gcc/config/nios2/linux.h
-index 08edf1521f6..15696d86241 100644
---- a/gcc/config/nios2/linux.h
-+++ b/gcc/config/nios2/linux.h
-@@ -30,6 +30,7 @@
- #define CPP_SPEC "%{posix:-D_POSIX_SOURCE} %{pthread:-D_REENTRANT}"
- 
- #define GLIBC_DYNAMIC_LINKER "/lib/ld-linux-nios2.so.1"
-+#define MUSL_DYNAMIC_LINKER  "/lib/ld-musl-nios2.so.1"
- 
- #undef LINK_SPEC
- #define LINK_SPEC LINK_SPEC_ENDIAN \
-- 
2.25.1

[OE-core][kirkstone 20/32] classes: image: Set empty weak default IMAGE_LINGUAS

[Steve Sakoman]

From: Alex Kiernan <alex.kiernan@gmail.com>

This is already set in default-distrovars.inc and so this assignment
will almost never succeed. Rather than leaving it to confuse, set an
empty weak default.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb402948158659da7de0fbbb1bb403c8dad06e2b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/image.bbclass | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 2139a7e576..c424c4c41d 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -177,8 +177,7 @@ python () {
 
 IMAGE_POSTPROCESS_COMMAND ?= ""
 
-# some default locales
-IMAGE_LINGUAS ?= "de-de fr-fr en-gb"
+IMAGE_LINGUAS ??= ""
 
 LINGUAS_INSTALL ?= "${@" ".join(map(lambda s: "locale-base-%s" % s, d.getVar('IMAGE_LINGUAS').split()))}"
 
-- 
2.25.1

[OE-core][kirkstone 21/32] busybox: always start do_compile with orig config files

[Steve Sakoman]

From: Antonin Godard <antoningodard@pm.me>

When compiling busybox a second time (e.g. with `compile -f`), busybox
can use an altered autoconf.h file for compiling, which can ultimately
produces different and unwanted binaries.

This can produce errors like this one:

ERROR: busybox-1.35.0-r0 do_package: Error executing a python function in exec_func_python() autogenerated:
The stack trace of python calls that resulted in this exception/failure was:
File: 'exec_func_python() autogenerated', lineno: 2, function: <module>
     0001:
 *** 0002:ptest_update_alternatives(d)
     0003:
File: '…/poky/meta/classes/ptest.bbclass', lineno: 100, function: ptest_update_alternatives
     0096:        for alt_name, alt_link, alt_target, _ in alternatives:
     0097:            # Some alternatives are for man pages,
     0098:            # check if the alternative is in PATH
     0099:            if os.path.dirname(alt_link) in bin_paths:
 *** 0100:                os.symlink(alt_target, os.path.join(ptest_bindir, alt_name))
     0101:}
     0102:
     0103:do_configure_ptest_base[dirs] = "${B}"
     0104:do_compile_ptest_base[dirs] = "${B}"
Exception: FileExistsError: [Errno 17] File exists: '/bin/busybox.suid' -> '…/busybox/1.35.0-r0/package/usr/lib/busybox/ptest/bin/login'

This happens because ALTERNATIVE:busybox contains `/bin/login` twice,
initially that's because `/bin/login` is present in both
busybox.links.suid and busybox.links.nosuid. The reason for that is
because of the altered autoconf.h.

Steps to reproduce above error:

<add ptest to distro configs>
bitbake busybox -c clean
bitbake busybox -c package -f
bitbake busybox -c compile -f
bitbake busybox -c package -f

This patch guards against potential bugs by:

- making a backup of .config and autoconf.h that have matching
  timestamps.
- make sure do_compile always starts with these files.
- restore .config and autoconf.h at the end of do_compile.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6b4a0f063edcfe0a5a4f418842e86ac0c46d9cad)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/busybox/busybox.inc | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc
index 5f1c473d5e..dff4a5dec9 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -138,19 +138,23 @@ do_configure () {
 	do_prepare_config
 	merge_config.sh -m .config ${@" ".join(find_cfgs(d))}
 	cml1_do_configure
+
+	# Save a copy of .config and autoconf.h.
+	cp .config .config.orig
+	cp include/autoconf.h include/autoconf.h.orig
 }
 
 do_compile() {
 	unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS
 	export KCONFIG_NOTIMESTAMP=1
 
+	# Ensure we start do_compile with the original .config and autoconf.h.
+	# These files should always have matching timestamps.
+	cp .config.orig .config
+	cp include/autoconf.h.orig include/autoconf.h
+
 	if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then
 		# split the .config into two parts, and make two busybox binaries
-		if [ -e .config.orig ]; then
-			# Need to guard again an interrupted do_compile - restore any backup
-			cp .config.orig .config
-		fi
-		cp .config .config.orig
 		oe_runmake busybox.cfg.suid
 		oe_runmake busybox.cfg.nosuid
 
@@ -187,15 +191,18 @@ do_compile() {
 			bbfatal "busybox suid binary incorrectly provides /bin/sh"
 		fi
 
-		# copy .config.orig back to .config, because the install process may check this file
-		cp .config.orig .config
 		# cleanup
-		rm .config.orig .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
+		rm .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
 	else
 		oe_runmake busybox_unstripped
 		cp busybox_unstripped busybox
 		oe_runmake busybox.links
 	fi
+
+	# restore original .config and autoconf.h, because the install process
+	# may check these files
+	cp .config.orig .config
+	cp include/autoconf.h.orig include/autoconf.h
 }
 
 do_install () {
-- 
2.25.1

[OE-core][kirkstone 22/32] busybox: rm temporary files if do_compile was interrupted

[Steve Sakoman]

From: Antonin Godard <antoningodard@pm.me>

To avoid working with undeterministic config files, remove all the
temporary files to start from scratch.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 74cd440c4e3df0ed3b81cf5c60a3f92e0dd3fe6c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/busybox/busybox.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc
index dff4a5dec9..62dc839245 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -154,6 +154,9 @@ do_compile() {
 	cp include/autoconf.h.orig include/autoconf.h
 
 	if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then
+		# Guard againt interrupted do_compile: clean temporary files.
+		rm -f .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
+
 		# split the .config into two parts, and make two busybox binaries
 		oe_runmake busybox.cfg.suid
 		oe_runmake busybox.cfg.nosuid
-- 
2.25.1

[OE-core][kirkstone 23/32] kernel-fitimage: Adjust order of dtb/dtbo files

[Steve Sakoman]

From: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>

The dtb files must be before the dtbo files, otherwise the overlays may
not be applied correctly.

From Bruce Ashfield:

  We can split between dtbs and dtbos, they just need to be sorted
  for reproducibility reasons.

  Of course, this was only working by luck previously (before the
  sort), since it has always been gathering dtbs and dtbo's with
  find, depending on filesystem ordering for the order in the
  fitimage).

Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 3df94d3c93707f03c501f8aa56450457d0f7fb71)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/kernel-fitimage.bbclass | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass
index 983392c23a..3cd4a45bbe 100644
--- a/meta/classes/kernel-fitimage.bbclass
+++ b/meta/classes/kernel-fitimage.bbclass
@@ -540,10 +540,11 @@ fitimage_assemble() {
 
 	if [ -n "${EXTERNAL_KERNEL_DEVICETREE}" ]; then
 		dtbcount=1
-		for DTB in $(find "${EXTERNAL_KERNEL_DEVICETREE}" \( -name '*.dtb' -o -name '*.dtbo' \) -printf '%P\n' | sort); do
+		for DTB in $(find "${EXTERNAL_KERNEL_DEVICETREE}" -name '*.dtb' -printf '%P\n' | sort) \
+		$(find "${EXTERNAL_KERNEL_DEVICETREE}" -name '*.dtbo' -printf '%P\n' | sort); do
 			DTB=$(echo "$DTB" | tr '/' '_')
 
-			# Skip DTB if we've picked it up previously
+			# Skip DTB/DTBO if we've picked it up previously
 			echo "$DTBS" | tr ' ' '\n' | grep -xq "$DTB" && continue
 
 			DTBS="$DTBS $DTB"
-- 
2.25.1

[OE-core][kirkstone 24/32] kernel-fitimage: Allow user to select dtb when multiple dtb exists

[Steve Sakoman]

From: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>

Allow user to select the default DTB for FIT image when multiple
dtb's exists.

From machine.conf or local.conf user can specify the default dtb
for FIT image as shown below.

FIT_CONF_DEFAULT_DTB = "board-default.dtb"

Also fallback to avaialable dtb when FIT_CONF_DEFAULT_DTB doesn't
exits or empty.

Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit cd397284fa5f17de7e0a0d4b6b26fb8b56c3cd48)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/kernel-fitimage.bbclass | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass
index 3cd4a45bbe..27e17db951 100644
--- a/meta/classes/kernel-fitimage.bbclass
+++ b/meta/classes/kernel-fitimage.bbclass
@@ -67,6 +67,9 @@ FIT_CONF_PREFIX[doc] = "Prefix to use for FIT configuration node name"
 
 FIT_SUPPORTED_INITRAMFS_FSTYPES ?= "cpio.lz4 cpio.lzo cpio.lzma cpio.xz cpio.zst cpio.gz ext2.gz cpio"
 
+# Allow user to select the default DTB for FIT image when multiple dtb's exists.
+FIT_CONF_DEFAULT_DTB ?= ""
+
 # Keys used to sign individually image nodes.
 # The keys to sign image nodes must be different from those used to sign
 # configuration nodes, otherwise the "required" property, from
@@ -369,6 +372,7 @@ fitimage_emit_section_config() {
 	bootscr_line=""
 	setup_line=""
 	default_line=""
+	default_dtb_image="${FIT_CONF_DEFAULT_DTB}"
 
 	# conf node name is selected based on dtb ID if it is present,
 	# otherwise its selected based on kernel ID
@@ -411,7 +415,17 @@ fitimage_emit_section_config() {
 		# default node is selected based on dtb ID if it is present,
 		# otherwise its selected based on kernel ID
 		if [ -n "$dtb_image" ]; then
-			default_line="default = \"${FIT_CONF_PREFIX}$dtb_image\";"
+		        # Select default node as user specified dtb when
+		        # multiple dtb exists.
+		        if [ -n "$default_dtb_image" ]; then
+			        if [ -s "${EXTERNAL_KERNEL_DEVICETREE}/$default_dtb_image" ]; then
+			                default_line="default = \"${FIT_CONF_PREFIX}$default_dtb_image\";"
+			        else
+			                bbwarn "Couldn't find a valid user specified dtb in ${EXTERNAL_KERNEL_DEVICETREE}/$default_dtb_image"
+			        fi
+		        else
+			        default_line="default = \"${FIT_CONF_PREFIX}$dtb_image\";"
+		        fi
 		else
 			default_line="default = \"${FIT_CONF_PREFIX}$kernel_id\";"
 		fi
-- 
2.25.1

[OE-core][kirkstone 25/32] tiff: Add packageconfig knob for webp

[Steve Sakoman]

From: Khem Raj <raj.khem@gmail.com>

tiff-native otherwise falsely detects webp if its installed on build
host. This ensures deterministic behavior regardless of host.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 718c44f282310b2ca85877fed706460ccc1eebea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
index b3737f962e..ef4fa97585 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
@@ -60,6 +60,7 @@ PACKAGECONFIG[jbig] = "--enable-jbig,--disable-jbig,jbig,"
 PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg,"
 PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib,"
 PACKAGECONFIG[lzma] = "--enable-lzma,--disable-lzma,xz,"
+PACKAGECONFIG[webp] = "--enable-webp,--disable-webp,libwebp,"
 
 # Convert single-strip uncompressed images to multiple strips of specified
 # size (default: 8192) to reduce memory usage
-- 
2.25.1

[OE-core][kirkstone 26/32] harfbuzz: remove bindir only if it exists

[Steve Sakoman]

From: Petr Kubizňák <kubiznak@2n.com>

In some scenarios (e.g. when "glib" removed from PACKAGECONFIG),
"${D}${bindir}" might not exist which caused `rmdir` to fail.

Signed-off-by: Petr Kubizňák <kubiznak@2n.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 21261072cbe0056e85550a0710de142fab8943e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
index b639c276db..bdbb322e42 100644
--- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
+++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb
@@ -35,9 +35,9 @@ PACKAGES =+ "${PN}-icu ${PN}-icu-dev ${PN}-subset"
 LEAD_SONAME = "libharfbuzz.so"
 
 do_install:append() {
-    # If no tools are installed due to PACKAGECONFIG then this directory is
-    #still installed, so remove it to stop packaging wanings.
-    rmdir --ignore-fail-on-non-empty ${D}${bindir}
+    # If no tools are installed due to PACKAGECONFIG then this directory might
+    # still be installed, so remove it to stop packaging warnings.
+    [ ! -d ${D}${bindir} ] || rmdir --ignore-fail-on-non-empty ${D}${bindir}
 }
 
 FILES:${PN}-icu = "${libdir}/libharfbuzz-icu.so.*"
-- 
2.25.1

[OE-core][kirkstone 27/32] dhcpcd: backport two patches to fix runtime error

[Steve Sakoman]

From: Chen Qi <Qi.Chen@windriver.com>

In case of nodistro, dhcpcd gives us 'Bad system call'
error and exits. This is because there are syscalls that
should be allowed but not in privsep. Backport two patches
to fix this issue.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f1e6a0c16d6685096ec9313301aa431e73d02c07)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../dhcpcd/dhcpcd_9.4.1.bb                    |  2 ++
 ...low-getrandom-sysctl-for-newer-glibc.patch | 30 ++++++++++++++++++
 ...sep-Allow-newfstatat-syscall-as-well.patch | 31 +++++++++++++++++++
 3 files changed, 63 insertions(+)
 create mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-privsep-Allow-getrandom-sysctl-for-newer-glibc.patch
 create mode 100644 meta/recipes-connectivity/dhcpcd/files/0002-privsep-Allow-newfstatat-syscall-as-well.patch

diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_9.4.1.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_9.4.1.bb
index 1d03de09c8..5cf77fa0f6 100644
--- a/meta/recipes-connectivity/dhcpcd/dhcpcd_9.4.1.bb
+++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_9.4.1.bb
@@ -14,6 +14,8 @@ UPSTREAM_CHECK_URI = "https://roy.marples.name/downloads/dhcpcd/"
 SRC_URI = "https://roy.marples.name/downloads/${BPN}/${BPN}-${PV}.tar.xz \
            file://0001-remove-INCLUDEDIR-to-prevent-build-issues.patch \
            file://0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch \
+           file://0001-privsep-Allow-getrandom-sysctl-for-newer-glibc.patch \
+           file://0002-privsep-Allow-newfstatat-syscall-as-well.patch \
            file://dhcpcd.service \
            file://dhcpcd@.service \
            "
diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-Allow-getrandom-sysctl-for-newer-glibc.patch b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-Allow-getrandom-sysctl-for-newer-glibc.patch
new file mode 100644
index 0000000000..68ab93416a
--- /dev/null
+++ b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-Allow-getrandom-sysctl-for-newer-glibc.patch
@@ -0,0 +1,30 @@
+From c6cdf0aee71ab4126d36b045f02428ee3c6ec50b Mon Sep 17 00:00:00 2001
+From: Roy Marples <roy@marples.name>
+Date: Fri, 26 Aug 2022 09:08:36 +0100
+Subject: [PATCH 1/2] privsep: Allow getrandom sysctl for newer glibc
+
+Fixes #120
+
+Upstream-Status: Backport [c6cdf0aee71ab4126d36b045f02428ee3c6ec50b]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/privsep-linux.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/privsep-linux.c b/src/privsep-linux.c
+index b238644b..479a1d82 100644
+--- a/src/privsep-linux.c
++++ b/src/privsep-linux.c
+@@ -300,6 +300,9 @@ static struct sock_filter ps_seccomp_filter[] = {
+ #ifdef __NR_getpid
+ 	SECCOMP_ALLOW(__NR_getpid),
+ #endif
++#ifdef __NR_getrandom
++	SECCOMP_ALLOW(__NR_getrandom),
++#endif
+ #ifdef __NR_getsockopt
+ 	/* For route socket overflow */
+ 	SECCOMP_ALLOW_ARG(__NR_getsockopt, 1, SOL_SOCKET),
+-- 
+2.17.1
+
diff --git a/meta/recipes-connectivity/dhcpcd/files/0002-privsep-Allow-newfstatat-syscall-as-well.patch b/meta/recipes-connectivity/dhcpcd/files/0002-privsep-Allow-newfstatat-syscall-as-well.patch
new file mode 100644
index 0000000000..c5d2cba305
--- /dev/null
+++ b/meta/recipes-connectivity/dhcpcd/files/0002-privsep-Allow-newfstatat-syscall-as-well.patch
@@ -0,0 +1,31 @@
+From 7625a555797f587a89dc2447fd9d621024d5165c Mon Sep 17 00:00:00 2001
+From: Roy Marples <roy@marples.name>
+Date: Fri, 26 Aug 2022 09:24:50 +0100
+Subject: [PATCH 2/2] privsep: Allow newfstatat syscall as well
+
+Allows newer glibc variants to work apparently.
+As reported in #84 and #89.
+
+Upstream-Status: Backport [7625a555797f587a89dc2447fd9d621024d5165c]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/privsep-linux.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/privsep-linux.c b/src/privsep-linux.c
+index 479a1d82..6327b1bc 100644
+--- a/src/privsep-linux.c
++++ b/src/privsep-linux.c
+@@ -328,6 +328,9 @@ static struct sock_filter ps_seccomp_filter[] = {
+ #ifdef __NR_nanosleep
+ 	SECCOMP_ALLOW(__NR_nanosleep),	/* XXX should use ppoll instead */
+ #endif
++#ifdef __NR_newfstatat
++	SECCOMP_ALLOW(__NR_newfstatat),
++#endif
+ #ifdef __NR_ppoll
+ 	SECCOMP_ALLOW(__NR_ppoll),
+ #endif
+-- 
+2.17.1
+
-- 
2.25.1

[OE-core][kirkstone 28/32] libseccomp: fix typo in DESCRIPTION

[Steve Sakoman]

From: Chen Qi <Qi.Chen@windriver.com>

Fix typo in DESCRIPTION: and -> an.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 349e63045298054f9454025d793c67284fce750b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-support/libseccomp/libseccomp_2.5.3.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb b/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
index 4c0fb1d7b3..1f43686ade 100644
--- a/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
+++ b/meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
@@ -1,5 +1,5 @@
 SUMMARY = "interface to seccomp filtering mechanism"
-DESCRIPTION = "The libseccomp library provides and easy to use, platform independent,interface to the Linux Kernel's syscall filtering mechanism: seccomp."
+DESCRIPTION = "The libseccomp library provides an easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism: seccomp."
 HOMEPAGE = "https://github.com/seccomp/libseccomp"
 SECTION = "security"
 LICENSE = "LGPL-2.1-only"
-- 
2.25.1

[OE-core][kirkstone 29/32] toolchain-scripts: compatibility with unbound variable protection

[Steve Sakoman]

From: Jan Kircher <openembedded@hetsh.de>

Fixed an error when Bash's unbound variable protection is enabled (set -u) and variable "LD_LIBRARY_PATH" does not exist.

Signed-off-by: Jan Kircher <openembedded@hetsh.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 85685370b0ad93291cda59fb091a15eeecf5e0d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/toolchain-scripts.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/toolchain-scripts.bbclass b/meta/classes/toolchain-scripts.bbclass
index 1d7c703748..d2562b5d38 100644
--- a/meta/classes/toolchain-scripts.bbclass
+++ b/meta/classes/toolchain-scripts.bbclass
@@ -31,7 +31,7 @@ toolchain_create_sdk_env_script () {
 	echo '# http://tldp.org/HOWTO/Program-Library-HOWTO/shared-libraries.html#AEN80' >> $script
 	echo '# http://xahlee.info/UnixResource_dir/_/ldpath.html' >> $script
 	echo '# Only disable this check if you are absolutely know what you are doing!' >> $script
-	echo 'if [ ! -z "$LD_LIBRARY_PATH" ]; then' >> $script
+	echo 'if [ ! -z "${LD_LIBRARY_PATH:-}" ]; then' >> $script
 	echo "    echo \"Your environment is misconfigured, you probably need to 'unset LD_LIBRARY_PATH'\"" >> $script
 	echo "    echo \"but please check why this was set in the first place and that it's safe to unset.\"" >> $script
 	echo '    echo "The SDK will not operate correctly in most cases when LD_LIBRARY_PATH is set."' >> $script
-- 
2.25.1

[OE-core][kirkstone 30/32] at: Change when files are copied

[Steve Sakoman]

From: Saul Wold <Saul.Wold@windriver.com>

The create_spdx code relies on patched code, if files are changed
or added during the do_configure phase they will be missed by the
create_spdx process. So we need to ensure files modifications/additions
happen in the do_patch phase.

Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 227c46fe48b64de7574f7b6b407b8c13be71b392)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/at/at_3.2.5.bb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-extended/at/at_3.2.5.bb b/meta/recipes-extended/at/at_3.2.5.bb
index 87a436173f..c0c876a644 100644
--- a/meta/recipes-extended/at/at_3.2.5.bb
+++ b/meta/recipes-extended/at/at_3.2.5.bb
@@ -52,8 +52,10 @@ INITSCRIPT_PARAMS = "defaults"
 
 SYSTEMD_SERVICE:${PN} = "atd.service"
 
-do_configure:prepend() {
-	cp -f ${WORKDIR}/posixtm.[ch] ${S}
+do_patch[postfuncs] += "copy_posix_files"
+
+copy_posix_files() {
+    cp -f ${WORKDIR}/posixtm.[ch] ${S}
 }
 
 do_install () {
-- 
2.25.1

[OE-core][kirkstone 31/32] lib/oe/reproducible: Use git log without gpg signature

[Steve Sakoman]

From: Benoît Mauduit <bmauduit@beneth.fr>

Previously, if "showSignature" is present in user gitconfig, parsing
of the timestamp will fail.

Ideally we should replace this command with a git plumbing command.

Signed-off-by: Benoît Mauduit <bmauduit@beneth.fr>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 3bd6f78f79b3d3e87d8db1e11f58d8021f929843)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oe/reproducible.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oe/reproducible.py b/meta/lib/oe/reproducible.py
index 2e815df190..768fd4f19c 100644
--- a/meta/lib/oe/reproducible.py
+++ b/meta/lib/oe/reproducible.py
@@ -113,7 +113,8 @@ def get_source_date_epoch_from_git(d, sourcedir):
         return None
 
     bb.debug(1, "git repository: %s" % gitpath)
-    p = subprocess.run(['git', '--git-dir', gitpath, 'log', '-1', '--pretty=%ct'], check=True, stdout=subprocess.PIPE)
+    p = subprocess.run(['git', '-c', 'log.showSignature=false', '--git-dir', gitpath, 'log', '-1', '--pretty=%ct'],
+                       check=True, stdout=subprocess.PIPE)
     return int(p.stdout.decode('utf-8'))
 
 def get_source_date_epoch_from_youngest_file(d, sourcedir):
-- 
2.25.1

[OE-core][kirkstone 32/32] selftest/virgl: use pkg-config from the host

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

The check needs to report dri location on the host machine,
so pkg-config binary needs to be capable of finding the needed
dri.pc file on the host, and therefore needs to know where
host .pc files are located.

This may not be the case when using pkg-config from buildtools,
so this forces usage of host pkg-config.

runqemu already does the same PATH tweak, so this simply brings
the two in sync.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f0521f8a3ba7e15482756529ee7b0a95b3d53e7d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/runtime_test.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index 857737f730..858f12ec90 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -263,7 +263,7 @@ class TestImage(OESelftestTestCase):
         except FileNotFoundError:
             self.fail("/dev/dri directory does not exist; no render nodes available on this machine. %s" %(render_hint))
         try:
-            dripath = subprocess.check_output("pkg-config --variable=dridriverdir dri", shell=True)
+            dripath = subprocess.check_output("PATH=/bin:/usr/bin:$PATH pkg-config --variable=dridriverdir dri", shell=True)
         except subprocess.CalledProcessError as e:
             self.fail("Could not determine the path to dri drivers on the host via pkg-config.\nPlease install Mesa development files (particularly, dri.pc) on the host machine.")
         qemu_distrofeatures = get_bb_var('DISTRO_FEATURES', 'qemu-system-native')
-- 
2.25.1