Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2021-09-09 23:07:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source" Thu Sep 9 23:07:22 2021 rev:604 rq:916953 version:5.14.1 Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes 2021-09-04 22:33:50.956031732 +0200 +++ /work/SRC/openSUSE:Factory/.kernel-source.new.1899/dtb-aarch64.changes 2021-09-09 23:07:29.192826943 +0200 @@ -1,0 +2,122 @@ +Sat Sep 4 10:22:09 CEST 2021 - jsl...@suse.cz + +- watchdog: Fix NULL pointer dereference when releasing cdev + (bsc#1190093). +- Update config files. + We can enable the option after this fix again. +- commit 65109d0 + +------------------------------------------------------------------- +Sat Sep 4 07:01:40 CEST 2021 - jsl...@suse.cz + +- Linux 5.14.1 (bsc#1012628). +- Bluetooth: btusb: check conditions before enabling USB ALT 3 + for WBS (bsc#1012628). +- net: dsa: mt7530: fix VLAN traffic leaks again (bsc#1012628). +- btrfs: fix NULL pointer dereference when deleting device by + invalid id (bsc#1012628). +- Revert "floppy: reintroduce O_NDELAY fix" (bsc#1012628). +- fscrypt: add fscrypt_symlink_getattr() for computing st_size + (bsc#1012628). +- ext4: report correct st_size for encrypted symlinks + (bsc#1012628). +- f2fs: report correct st_size for encrypted symlinks + (bsc#1012628). +- ubifs: report correct st_size for encrypted symlinks + (bsc#1012628). +- net: don't unconditionally copy_from_user a struct ifreq for + socket ioctls (bsc#1012628). +- audit: move put_tree() to avoid trim_trees refcount underflow + and UAF (bsc#1012628). +- commit 1059c60 + +------------------------------------------------------------------- +Fri Sep 3 11:08:31 CEST 2021 - mkube...@suse.cz + +- update patches metadata +- update upstream references: + - patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch + - patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch + - patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch + - patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch +- commit c2e3f15 + +------------------------------------------------------------------- +Fri Sep 3 10:49:22 CEST 2021 - mkube...@suse.cz + +- HID: usbhid: Simplify code in hid_submit_ctrl() + (<cover.1630658591.git.mkube...@suse.cz>). +- HID: usbhid: Fix warning caused by 0-length input reports + (<cover.1630658591.git.mkube...@suse.cz>). +- HID: usbhid: Fix flood of "control queue full" messages + (<cover.1630658591.git.mkube...@suse.cz>). +- commit 4552165 + +------------------------------------------------------------------- +Fri Sep 3 10:47:34 CEST 2021 - mkube...@suse.cz + +- Delete patches.suse/hid-fix-length-inconsistency.patch. + To be replaced by a cherry pick of corresponding upstream commits. +- commit ba7e2a2 + +------------------------------------------------------------------- +Thu Sep 2 18:26:03 CEST 2021 - mkube...@suse.cz + +- Delete patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch (bsc#1189964) + The regression addressed by this revert was fixed properly by mainline + commit ee04805ff54a ("netfilter: conntrack: make conntrack userspace + helpers work again") in 5.7. +- commit 775ed38 + +------------------------------------------------------------------- +Thu Sep 2 18:22:53 CEST 2021 - mkube...@suse.cz + +- series.conf: cleanup + Move queued patches to "almost mainline" section. + No effect on expanded tree. +- commit e91bb9d + +------------------------------------------------------------------- +Thu Sep 2 09:57:18 CEST 2021 - jsl...@suse.cz + +- vt_kdsetmode: extend console locking (bsc#1190025 + CVE-2021-3753). +- commit 18d6ea3 + +------------------------------------------------------------------- +Thu Sep 2 08:46:00 CEST 2021 - jsl...@suse.cz + +- Update config files. Disable CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT + (bsc#1190093) +- commit 55bd270 + +------------------------------------------------------------------- +Wed Sep 1 16:24:50 CEST 2021 - ti...@suse.de + +- Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() + (CVE-2021-3640 bsc#1188172). +- commit b9d15a3 + +------------------------------------------------------------------- +Tue Aug 31 23:50:52 CEST 2021 - ldun...@suse.com + +- Delete + patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc (bsc#1189959). + No longer needed, since it's upstream now. +- commit b1aeba4 + +------------------------------------------------------------------- +Tue Aug 31 12:12:22 CEST 2021 - mbrug...@suse.com + +- arm64: Update config files. (bsc#1189922) + Enable ISP1760_DUAL_ROLE +- commit c265161 + +------------------------------------------------------------------- +Tue Aug 31 08:41:22 CEST 2021 - msucha...@suse.de + +- rpm/kernel-binary.spec.in: Use kmod-zstd provide. + This makes it possible to use kmod with ZSTD support on non-Tumbleweed. +- commit 357f09a + +------------------------------------------------------------------- @@ -285,0 +408,12 @@ +Mon Aug 23 14:35:12 CEST 2021 - martin.wi...@suse.com + +- kernel-binary.spec.in: make sure zstd is supported by kmod if used +- commit f36412b + +------------------------------------------------------------------- +Mon Aug 23 14:32:13 CEST 2021 - martin.wi...@suse.com + +- kernel-binary.spec.in: add zstd to BuildRequires if used +- commit aa61dba + +------------------------------------------------------------------- @@ -414,0 +549,8 @@ + +------------------------------------------------------------------- +Fri Aug 20 17:16:36 CEST 2021 - martin.wi...@suse.com + +- rpm: support gz and zst compression methods + Extend commit 18fcdff43a00 ("rpm: support compressed modules") for + compression methods other than xz. +- commit 3b8c4d9 dtb-armv6l.changes: same change dtb-armv7l.changes: same change dtb-riscv64.changes: same change kernel-64kb.changes: same change kernel-debug.changes: same change kernel-default.changes: same change kernel-docs.changes: same change kernel-kvmsmall.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-vanilla.changes: same change kernel-zfcpdump.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dtb-aarch64.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.156831545 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.160831549 +0200 @@ -17,7 +17,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build}) Name: dtb-aarch64 -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif dtb-armv6l.spec: same change dtb-armv7l.spec: same change dtb-riscv64.spec: same change ++++++ kernel-64kb.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.252831656 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.256831660 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -86,9 +86,9 @@ Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0-only Group: System/Kernel -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -205,10 +210,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 -Provides: kernel-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f +Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f # END COMMON DEPS -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1437,7 +1442,7 @@ %preun -n cluster-md-kmp-%build_flavor nvr=cluster-md-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n cluster-md-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1478,7 +1483,7 @@ %preun -n dlm-kmp-%build_flavor nvr=dlm-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n dlm-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1519,7 +1524,7 @@ %preun -n gfs2-kmp-%build_flavor nvr=gfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n gfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1575,7 +1580,7 @@ %preun -n kselftests-kmp-%build_flavor nvr=kselftests-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n kselftests-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1617,7 +1622,7 @@ %preun -n ocfs2-kmp-%build_flavor nvr=ocfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n ocfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1658,7 +1663,7 @@ %preun -n reiserfs-kmp-%build_flavor nvr=reiserfs-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n reiserfs-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 ++++++ kernel-debug.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.280831688 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.284831693 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -86,9 +86,9 @@ Summary: A Debug Version of the Kernel License: GPL-2.0-only Group: System/Kernel -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -205,10 +210,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 -Provides: kernel-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f +Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f # END COMMON DEPS -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f %ifarch ppc64 Provides: kernel-kdump = 2.6.28 Obsoletes: kernel-kdump <= 2.6.28 @@ -1451,7 +1456,7 @@ %preun -n cluster-md-kmp-%build_flavor nvr=cluster-md-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n cluster-md-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1492,7 +1497,7 @@ %preun -n dlm-kmp-%build_flavor nvr=dlm-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n dlm-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1533,7 +1538,7 @@ %preun -n gfs2-kmp-%build_flavor nvr=gfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n gfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1589,7 +1594,7 @@ %preun -n kselftests-kmp-%build_flavor nvr=kselftests-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n kselftests-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1631,7 +1636,7 @@ %preun -n ocfs2-kmp-%build_flavor nvr=ocfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n ocfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1672,7 +1677,7 @@ %preun -n reiserfs-kmp-%build_flavor nvr=reiserfs-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n reiserfs-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 ++++++ kernel-default.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.320831735 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.324831740 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -86,9 +86,9 @@ Summary: The Standard Kernel License: GPL-2.0-only Group: System/Kernel -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -205,10 +210,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 -Provides: kernel-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f +Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f # END COMMON DEPS -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f %ifarch %ix86 Provides: kernel-smp = 2.6.17 Obsoletes: kernel-smp <= 2.6.17 @@ -1552,7 +1557,7 @@ %preun -n cluster-md-kmp-%build_flavor nvr=cluster-md-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n cluster-md-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1593,7 +1598,7 @@ %preun -n dlm-kmp-%build_flavor nvr=dlm-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n dlm-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1634,7 +1639,7 @@ %preun -n gfs2-kmp-%build_flavor nvr=gfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n gfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1690,7 +1695,7 @@ %preun -n kselftests-kmp-%build_flavor nvr=kselftests-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n kselftests-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1732,7 +1737,7 @@ %preun -n ocfs2-kmp-%build_flavor nvr=ocfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n ocfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1773,7 +1778,7 @@ %preun -n reiserfs-kmp-%build_flavor nvr=reiserfs-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n reiserfs-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.344831762 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.348831767 +0200 @@ -17,7 +17,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Summary: Kernel Documentation License: GPL-2.0-only Group: Documentation/Man -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -64,7 +64,7 @@ %endif Url: http://www.kernel.org/ Provides: %name = %version-%source_rel -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz ++++++ kernel-kvmsmall.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.368831791 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.372831795 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -86,9 +86,9 @@ Summary: The Small Developer Kernel for KVM License: GPL-2.0-only Group: System/Kernel -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -205,10 +210,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 -Provides: kernel-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f +Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f # END COMMON DEPS -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1449,7 +1454,7 @@ %preun -n cluster-md-kmp-%build_flavor nvr=cluster-md-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n cluster-md-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1490,7 +1495,7 @@ %preun -n dlm-kmp-%build_flavor nvr=dlm-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n dlm-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1531,7 +1536,7 @@ %preun -n gfs2-kmp-%build_flavor nvr=gfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n gfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1587,7 +1592,7 @@ %preun -n kselftests-kmp-%build_flavor nvr=kselftests-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n kselftests-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1629,7 +1634,7 @@ %preun -n ocfs2-kmp-%build_flavor nvr=ocfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n ocfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1670,7 +1675,7 @@ %preun -n reiserfs-kmp-%build_flavor nvr=reiserfs-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n reiserfs-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 kernel-lpae.spec: same change ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.412831842 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.416831846 +0200 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 @@ -45,7 +45,7 @@ %endif %endif %endif -BuildRequires: kernel%kernel_flavor-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +BuildRequires: kernel%kernel_flavor-srchash-67af907a1ed285fde3476e8419e51f68252f488f %if 0%{?rhel_version} BuildRequires: kernel @@ -64,9 +64,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0-only Group: SLES -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.432831864 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.436831869 +0200 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0-only Group: SLES -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.452831888 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.456831893 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -86,9 +86,9 @@ Summary: Kernel with PAE Support License: GPL-2.0-only Group: System/Kernel -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -205,10 +210,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 -Provides: kernel-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f +Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f # END COMMON DEPS -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f %ifarch %ix86 Provides: kernel-bigsmp = 2.6.17 Obsoletes: kernel-bigsmp <= 2.6.17 @@ -1501,7 +1506,7 @@ %preun -n cluster-md-kmp-%build_flavor nvr=cluster-md-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n cluster-md-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1542,7 +1547,7 @@ %preun -n dlm-kmp-%build_flavor nvr=dlm-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n dlm-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1583,7 +1588,7 @@ %preun -n gfs2-kmp-%build_flavor nvr=gfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n gfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1639,7 +1644,7 @@ %preun -n kselftests-kmp-%build_flavor nvr=kselftests-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n kselftests-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1681,7 +1686,7 @@ %preun -n ocfs2-kmp-%build_flavor nvr=ocfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n ocfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1722,7 +1727,7 @@ %preun -n reiserfs-kmp-%build_flavor nvr=reiserfs-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n reiserfs-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.480831920 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.480831920 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 @@ -30,9 +30,9 @@ Summary: The Linux Kernel Sources License: GPL-2.0-only Group: Development/Sources -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -43,7 +43,7 @@ BuildRequires: sed Requires(post): coreutils sed Provides: %name = %version-%source_rel -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f Provides: linux Provides: multiversion(kernel) Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.500831944 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.504831949 +0200 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0-only Group: Development/Sources -Version: 5.14.0 +Version: 5.14.1 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -52,7 +52,7 @@ %endif Requires: pesign-obs-integration Provides: %name = %version-%source_rel -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f Provides: multiversion(kernel) Source: README.KSYMS Requires: kernel-devel%variant = %version-%source_rel ++++++ kernel-vanilla.spec ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.520831967 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.524831971 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.14 -%define patchversion 5.14.0 +%define patchversion 5.14.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -86,9 +86,9 @@ Summary: The Standard Kernel - without any SUSE patches License: GPL-2.0-only Group: System/Kernel -Version: 5.14.0 +Version: 5.14.1 %if 0%{?is_kotd} -Release: <RELEASE>.gdc06e24 +Release: <RELEASE>.g67af907 %else Release: 0 %endif @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -205,10 +210,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 -Provides: kernel-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f +Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f # END COMMON DEPS -Provides: %name-srchash-dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1428,7 +1433,7 @@ %preun -n cluster-md-kmp-%build_flavor nvr=cluster-md-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n cluster-md-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1469,7 +1474,7 @@ %preun -n dlm-kmp-%build_flavor nvr=dlm-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n dlm-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1510,7 +1515,7 @@ %preun -n gfs2-kmp-%build_flavor nvr=gfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n gfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1566,7 +1571,7 @@ %preun -n kselftests-kmp-%build_flavor nvr=kselftests-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n kselftests-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1608,7 +1613,7 @@ %preun -n ocfs2-kmp-%build_flavor nvr=ocfs2-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n ocfs2-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 @@ -1649,7 +1654,7 @@ %preun -n reiserfs-kmp-%build_flavor nvr=reiserfs-kmp-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n reiserfs-kmp-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 kernel-zfcpdump.spec: same change ++++++ check-module-license ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:33.684832157 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:33.684832157 +0200 @@ -1,7 +1,8 @@ #!/bin/sh rc=0 -for file in $(find "$@" -name '*.ko' -o -name '*.ko.xz'); do +for file in $(find "$@" -name '*.ko' -o -name '*.ko.xz' \ + -o -name '*.ko.gz' -o -name '*.ko.zst'); do l=$(/sbin/modinfo -F license "$file") if [ -z "$l" ]; then echo "ERROR: No license is included for module ${file##*/lib/modules/}" ++++++ config.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/default new/config/arm64/default --- old/config/arm64/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/arm64/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm64 5.14.0 Kernel Configuration +# Linux/arm64 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -8144,9 +8144,10 @@ CONFIG_USB_CHIPIDEA_TEGRA=m CONFIG_USB_ISP1760=m CONFIG_USB_ISP1760_HCD=y -CONFIG_USB_ISP1760_HOST_ROLE=y +CONFIG_USB_ISP1761_UDC=y +# CONFIG_USB_ISP1760_HOST_ROLE is not set # CONFIG_USB_ISP1760_GADGET_ROLE is not set -# CONFIG_USB_ISP1760_DUAL_ROLE is not set +CONFIG_USB_ISP1760_DUAL_ROLE=y # # USB port drivers diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv6hl/default new/config/armv6hl/default --- old/config/armv6hl/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/armv6hl/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 5.14.0 Kernel Configuration +# Linux/arm 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default --- old/config/armv7hl/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/armv7hl/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 5.14.0 Kernel Configuration +# Linux/arm 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/lpae new/config/armv7hl/lpae --- old/config/armv7hl/lpae 2021-08-30 00:37:02.000000000 +0200 +++ new/config/armv7hl/lpae 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 5.14.0 Kernel Configuration +# Linux/arm 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/pae new/config/i386/pae --- old/config/i386/pae 2021-08-30 00:37:02.000000000 +0200 +++ new/config/i386/pae 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/i386 5.14.0 Kernel Configuration +# Linux/i386 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default --- old/config/ppc64/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/ppc64/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/powerpc 5.14.0 Kernel Configuration +# Linux/powerpc 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default --- old/config/ppc64le/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/ppc64le/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/powerpc 5.14.0 Kernel Configuration +# Linux/powerpc 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/riscv64/default new/config/riscv64/default --- old/config/riscv64/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/riscv64/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/riscv 5.14.0 Kernel Configuration +# Linux/riscv 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/s390x/default new/config/s390x/default --- old/config/s390x/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/s390x/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/s390 5.14.0 Kernel Configuration +# Linux/s390 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/s390x/zfcpdump new/config/s390x/zfcpdump --- old/config/s390x/zfcpdump 2021-08-30 00:37:02.000000000 +0200 +++ new/config/s390x/zfcpdump 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/s390 5.14.0 Kernel Configuration +# Linux/s390 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/default new/config/x86_64/default --- old/config/x86_64/default 2021-08-30 00:37:02.000000000 +0200 +++ new/config/x86_64/default 2021-09-04 10:22:09.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86_64 5.14.0 Kernel Configuration +# Linux/x86_64 5.14.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y ++++++ kernel-binary.spec.in ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.084832621 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.084832621 +0200 @@ -119,6 +119,11 @@ BuildRequires: libelf-devel # required for 50-check-kernel-build-id rpm check BuildRequires: elfutils +%if "%{compress_modules}" == "zstd" +BuildRequires: zstd +# Make sure kmod supports zstd compressed modules +Requires(post): kmod-zstd +%endif Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -1288,7 +1293,7 @@ %preun -n @KMP_NAME@-%build_flavor nvr=@KMP_NAME@-%build_flavor-%version-%release -rpm -ql "$nvr" | grep '\.ko\(\.xz\)\?$' > "/var/run/rpm-$nvr-modules" +rpm -ql "$nvr" | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > "/var/run/rpm-$nvr-modules" %postun -n @KMP_NAME@-%build_flavor wm2=/usr/lib/module-init-tools/weak-modules2 ++++++ kernel-module-subpackage ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.168832719 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.168832719 +0200 @@ -79,7 +79,7 @@ %{?regenerate_initrd_posttrans} %preun -n %{-n*}-kmp-%1 nvr=%{-n*}-kmp-%1-%_this_kmp_version-%{-r*} -rpm -ql $nvr | sed -n '/\.ko\(\.xz\)\?$/p' > /var/run/rpm-$nvr-modules +rpm -ql $nvr | sed -n '/\.ko\(\.xz\|\.gz\|\.zst\)\?$/p' > /var/run/rpm-$nvr-modules %postun -n %{-n*}-kmp-%1 nvr=%{-n*}-kmp-%1-%_this_kmp_version-%{-r*} modules=( $(cat /var/run/rpm-$nvr-modules) ) ++++++ mergedep ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.336832914 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.336832914 +0200 @@ -7,13 +7,21 @@ | \ while read l ; do MOD=$(echo "$l" | sed -e 's/:.*//') - MOD=$(basename $MOD .xz) - MOD=$(basename $MOD .ko) + MOD=$(basename $MOD) + case $MOD in + *.ko.xz|*.ko.gz|*.ko.zst) + MOD=${MOD%.*};; + esac + MOD=${MOD%.ko} DEPS="$(echo "$l" | sed -e 's/.*://')" moddeps="" for dep in $DEPS ; do - dep=$(basename $dep .xz) - dep=$(basename $dep .ko) + dep=$(basename $dep) + case $dep in + *.ko.xz|*.ko.gz|*.ko.zst) + dep=${dep%.*};; + esac + dep=${dep%.ko} moddeps="$moddeps $dep" done [ -n "$moddeps" ] && echo $MOD:$moddeps ||: ++++++ modflist ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.368832951 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.368832951 +0200 @@ -6,5 +6,5 @@ while read MOD ; do [ -n "$MOD" ] || continue - cat $flist | grep -E "/$MOD[.]ko([.]xz)?\$" >> $output || { grep -q /$MOD[.]ko\$ $mod_builtin && echo Module $MOD built-in ;} || echo Module $MOD missing + cat $flist | grep -E "/$MOD[.]ko([.]xz|[.]gz|[.]zst)?\$" >> $output || { grep -q /$MOD[.]ko\$ $mod_builtin && echo Module $MOD built-in ;} || echo Module $MOD missing done < $modules ++++++ patches.kernel.org.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-001-vt_kdsetmode-extend-console-locking.patch new/patches.kernel.org/5.14.1-001-vt_kdsetmode-extend-console-locking.patch --- old/patches.kernel.org/5.14.1-001-vt_kdsetmode-extend-console-locking.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-001-vt_kdsetmode-extend-console-locking.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,70 @@ +From: Linus Torvalds <torva...@linux-foundation.org> +Date: Mon, 30 Aug 2021 08:55:18 -0700 +Subject: [PATCH] vt_kdsetmode: extend console locking +Patch-mainline: 5.14.1 +References: CVE-2021-3753 bsc#1012628 bsc#1190025 +Git-commit: 2287a51ba822384834dafc1c798453375d1107c7 + +commit 2287a51ba822384834dafc1c798453375d1107c7 upstream. + +As per the long-suffering comment. + +Reported-by: Minh Yuan <yuanmingb...@gmail.com> +Cc: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Cc: Jiri Slaby <jirisl...@kernel.org> +Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + drivers/tty/vt/vt_ioctl.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c +index 0e0cd9e9e589..3639bb6dc372 100644 +--- a/drivers/tty/vt/vt_ioctl.c ++++ b/drivers/tty/vt/vt_ioctl.c +@@ -246,6 +246,8 @@ int vt_waitactive(int n) + * + * XXX It should at least call into the driver, fbdev's definitely need to + * restore their engine state. --BenH ++ * ++ * Called with the console lock held. + */ + static int vt_kdsetmode(struct vc_data *vc, unsigned long mode) + { +@@ -262,7 +264,6 @@ static int vt_kdsetmode(struct vc_data *vc, unsigned long mode) + return -EINVAL; + } + +- /* FIXME: this needs the console lock extending */ + if (vc->vc_mode == mode) + return 0; + +@@ -271,12 +272,10 @@ static int vt_kdsetmode(struct vc_data *vc, unsigned long mode) + return 0; + + /* explicitly blank/unblank the screen if switching modes */ +- console_lock(); + if (mode == KD_TEXT) + do_unblank_screen(1); + else + do_blank_screen(1); +- console_unlock(); + + return 0; + } +@@ -378,7 +377,10 @@ static int vt_k_ioctl(struct tty_struct *tty, unsigned int cmd, + if (!perm) + return -EPERM; + +- return vt_kdsetmode(vc, arg); ++ console_lock(); ++ ret = vt_kdsetmode(vc, arg); ++ console_unlock(); ++ return ret; + + case KDGETMODE: + return put_user(vc->vc_mode, (int __user *)arg); +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-002-Bluetooth-btusb-check-conditions-before-enabli.patch new/patches.kernel.org/5.14.1-002-Bluetooth-btusb-check-conditions-before-enabli.patch --- old/patches.kernel.org/5.14.1-002-Bluetooth-btusb-check-conditions-before-enabli.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-002-Bluetooth-btusb-check-conditions-before-enabli.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,91 @@ +From: Pauli Virtanen <p...@iki.fi> +Date: Mon, 26 Jul 2021 21:02:06 +0300 +Subject: [PATCH] Bluetooth: btusb: check conditions before enabling USB ALT 3 + for WBS +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 55981d3541812234e687062926ff199c83f79a39 + +commit 55981d3541812234e687062926ff199c83f79a39 upstream. + +Some USB BT adapters don't satisfy the MTU requirement mentioned in +commit e848dbd364ac ("Bluetooth: btusb: Add support USB ALT 3 for WBS") +and have ALT 3 setting that produces no/garbled audio. Some adapters +with larger MTU were also reported to have problems with ALT 3. + +Add a flag and check it and MTU before selecting ALT 3, falling back to +ALT 1. Enable the flag for Realtek, restoring the previous behavior for +non-Realtek devices. + +Tested with USB adapters (mtu<72, no/garbled sound with ALT3, ALT1 +works) BCM20702A1 0b05:17cb, CSR8510A10 0a12:0001, and (mtu>=72, ALT3 +works) RTL8761BU 0bda:8771, Intel AX200 8087:0029 (after disabling +ALT6). Also got reports for (mtu>=72, ALT 3 reported to produce bad +audio) Intel 8087:0a2b. + +Signed-off-by: Pauli Virtanen <p...@iki.fi> +Fixes: e848dbd364ac ("Bluetooth: btusb: Add support USB ALT 3 for WBS") +Tested-by: Micha?? K??pie?? <ker...@kempniu.pl> +Tested-by: Jonathan Lamp??rth <j...@h4n.dev> +Signed-off-by: Luiz Augusto von Dentz <luiz.von.de...@intel.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + drivers/bluetooth/btusb.c | 22 ++++++++++++++-------- + 1 file changed, 14 insertions(+), 8 deletions(-) + +diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c +index a9855a2dd561..a552e7b48360 100644 +--- a/drivers/bluetooth/btusb.c ++++ b/drivers/bluetooth/btusb.c +@@ -525,6 +525,7 @@ static const struct dmi_system_id btusb_needs_reset_resume_table[] = { + #define BTUSB_HW_RESET_ACTIVE 12 + #define BTUSB_TX_WAIT_VND_EVT 13 + #define BTUSB_WAKEUP_DISABLE 14 ++#define BTUSB_USE_ALT3_FOR_WBS 15 + + struct btusb_data { + struct hci_dev *hdev; +@@ -1757,16 +1758,20 @@ static void btusb_work(struct work_struct *work) + /* Bluetooth USB spec recommends alt 6 (63 bytes), but + * many adapters do not support it. Alt 1 appears to + * work for all adapters that do not have alt 6, and +- * which work with WBS at all. ++ * which work with WBS at all. Some devices prefer ++ * alt 3 (HCI payload >= 60 Bytes let air packet ++ * data satisfy 60 bytes), requiring ++ * MTU >= 3 (packets) * 25 (size) - 3 (headers) = 72 ++ * see also Core spec 5, vol 4, B 2.1.1 & Table 2.1. + */ +- new_alts = btusb_find_altsetting(data, 6) ? 6 : 1; +- /* Because mSBC frames do not need to be aligned to the +- * SCO packet boundary. If support the Alt 3, use the +- * Alt 3 for HCI payload >= 60 Bytes let air packet +- * data satisfy 60 bytes. +- */ +- if (new_alts == 1 && btusb_find_altsetting(data, 3)) ++ if (btusb_find_altsetting(data, 6)) ++ new_alts = 6; ++ else if (btusb_find_altsetting(data, 3) && ++ hdev->sco_mtu >= 72 && ++ test_bit(BTUSB_USE_ALT3_FOR_WBS, &data->flags)) + new_alts = 3; ++ else ++ new_alts = 1; + } + + if (btusb_switch_alt_setting(hdev, new_alts) < 0) +@@ -4742,6 +4747,7 @@ static int btusb_probe(struct usb_interface *intf, + * (DEVICE_REMOTE_WAKEUP) + */ + set_bit(BTUSB_WAKEUP_DISABLE, &data->flags); ++ set_bit(BTUSB_USE_ALT3_FOR_WBS, &data->flags); + } + + if (!reset) +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-003-net-dsa-mt7530-fix-VLAN-traffic-leaks-again.patch new/patches.kernel.org/5.14.1-003-net-dsa-mt7530-fix-VLAN-traffic-leaks-again.patch --- old/patches.kernel.org/5.14.1-003-net-dsa-mt7530-fix-VLAN-traffic-leaks-again.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-003-net-dsa-mt7530-fix-VLAN-traffic-leaks-again.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,46 @@ +From: DENG Qingfang <dqf...@gmail.com> +Date: Wed, 11 Aug 2021 17:50:43 +0800 +Subject: [PATCH] net: dsa: mt7530: fix VLAN traffic leaks again +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 7428022b50d0fbb4846dd0f00639ea09d36dff02 + +commit 7428022b50d0fbb4846dd0f00639ea09d36dff02 upstream. + +When a port leaves a VLAN-aware bridge, the current code does not clear +other ports' matrix field bit. If the bridge is later set to VLAN-unaware +mode, traffic in the bridge may leak to that port. + +Remove the VLAN filtering check in mt7530_port_bridge_leave. + +Fixes: 474a2ddaa192 ("net: dsa: mt7530: fix VLAN traffic leaks") +Fixes: 83163f7dca56 ("net: dsa: mediatek: add VLAN support for MT7530") +Signed-off-by: DENG Qingfang <dqf...@gmail.com> +Reviewed-by: Vladimir Oltean <olte...@gmail.com> +Signed-off-by: David S. Miller <da...@davemloft.net> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + drivers/net/dsa/mt7530.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/drivers/net/dsa/mt7530.c b/drivers/net/dsa/mt7530.c +index 632f0fcc5aa7..05bc46634b36 100644 +--- a/drivers/net/dsa/mt7530.c ++++ b/drivers/net/dsa/mt7530.c +@@ -1308,11 +1308,8 @@ mt7530_port_bridge_leave(struct dsa_switch *ds, int port, + /* Remove this port from the port matrix of the other ports + * in the same bridge. If the port is disabled, port matrix + * is kept and not being setup until the port becomes enabled. +- * And the other port's port matrix cannot be broken when the +- * other port is still a VLAN-aware port. + */ +- if (dsa_is_user_port(ds, i) && i != port && +- !dsa_port_is_vlan_filtering(dsa_to_port(ds, i))) { ++ if (dsa_is_user_port(ds, i) && i != port) { + if (dsa_to_port(ds, i)->bridge_dev != bridge) + continue; + if (priv->ports[i].enable) +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-004-btrfs-fix-NULL-pointer-dereference-when-deleti.patch new/patches.kernel.org/5.14.1-004-btrfs-fix-NULL-pointer-dereference-when-deleti.patch --- old/patches.kernel.org/5.14.1-004-btrfs-fix-NULL-pointer-dereference-when-deleti.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-004-btrfs-fix-NULL-pointer-dereference-when-deleti.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,86 @@ +From: Qu Wenruo <w...@suse.com> +Date: Fri, 6 Aug 2021 18:24:15 +0800 +Subject: [PATCH] btrfs: fix NULL pointer dereference when deleting device by + invalid id +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091 + +commit e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091 upstream. + +[BUG] +It's easy to trigger NULL pointer dereference, just by removing a +non-existing device id: + + # mkfs.btrfs -f -m single -d single /dev/test/scratch1 \ + /dev/test/scratch2 + # mount /dev/test/scratch1 /mnt/btrfs + # btrfs device remove 3 /mnt/btrfs + +Then we have the following kernel NULL pointer dereference: + + BUG: kernel NULL pointer dereference, address: 0000000000000000 + #PF: supervisor read access in kernel mode + #PF: error_code(0x0000) - not-present page + PGD 0 P4D 0 + Oops: 0000 [#1] PREEMPT SMP NOPTI + CPU: 9 PID: 649 Comm: btrfs Not tainted 5.14.0-rc3-custom+ #35 + Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 + RIP: 0010:btrfs_rm_device+0x4de/0x6b0 [btrfs] + btrfs_ioctl+0x18bb/0x3190 [btrfs] + ? lock_is_held_type+0xa5/0x120 + ? find_held_lock.constprop.0+0x2b/0x80 + ? do_user_addr_fault+0x201/0x6a0 + ? lock_release+0xd2/0x2d0 + ? __x64_sys_ioctl+0x83/0xb0 + __x64_sys_ioctl+0x83/0xb0 + do_syscall_64+0x3b/0x90 + entry_SYSCALL_64_after_hwframe+0x44/0xae + +[CAUSE] +Commit a27a94c2b0c7 ("btrfs: Make btrfs_find_device_by_devspec return +btrfs_device directly") moves the "missing" device path check into +btrfs_rm_device(). + +But btrfs_rm_device() itself can have case where it only receives +@devid, with NULL as @device_path. + +In that case, calling strcmp() on NULL will trigger the NULL pointer +dereference. + +Before that commit, we handle the "missing" case inside +btrfs_find_device_by_devspec(), which will not check @device_path at all +if @devid is provided, thus no way to trigger the bug. + +[FIX] +Before calling strcmp(), also make sure @device_path is not NULL. + +Fixes: a27a94c2b0c7 ("btrfs: Make btrfs_find_device_by_devspec return btrfs_device directly") +CC: sta...@vger.kernel.org # 5.4+ +Reported-by: butt3rflyh4ck <butterflyhuan...@gmail.com> +Reviewed-by: Anand Jain <anand.j...@oracle.com> +Signed-off-by: Qu Wenruo <w...@suse.com> +Reviewed-by: David Sterba <dste...@suse.com> +Signed-off-by: David Sterba <dste...@suse.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + fs/btrfs/volumes.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c +index 70f94b75f25a..354ffd8f81af 100644 +--- a/fs/btrfs/volumes.c ++++ b/fs/btrfs/volumes.c +@@ -2137,7 +2137,7 @@ int btrfs_rm_device(struct btrfs_fs_info *fs_info, const char *device_path, + + if (IS_ERR(device)) { + if (PTR_ERR(device) == -ENOENT && +- strcmp(device_path, "missing") == 0) ++ device_path && strcmp(device_path, "missing") == 0) + ret = BTRFS_ERROR_DEV_MISSING_NOT_FOUND; + else + ret = PTR_ERR(device); +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-005-Revert-floppy-reintroduce-O_NDELAY-fix.patch new/patches.kernel.org/5.14.1-005-Revert-floppy-reintroduce-O_NDELAY-fix.patch --- old/patches.kernel.org/5.14.1-005-Revert-floppy-reintroduce-O_NDELAY-fix.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-005-Revert-floppy-reintroduce-O_NDELAY-fix.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,78 @@ +From: Denis Efremov <efre...@linux.com> +Date: Sat, 7 Aug 2021 10:37:02 +0300 +Subject: [PATCH] Revert "floppy: reintroduce O_NDELAY fix" +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: c7e9d0020361f4308a70cdfd6d5335e273eb8717 + +commit c7e9d0020361f4308a70cdfd6d5335e273eb8717 upstream. + +The patch breaks userspace implementations (e.g. fdutils) and introduces +regressions in behaviour. Previously, it was possible to O_NDELAY open a +floppy device with no media inserted or with write protected media without +an error. Some userspace tools use this particular behavior for probing. + +It's not the first time when we revert this patch. Previous revert is in +commit f2791e7eadf4 (Revert "floppy: refactor open() flags handling"). + +This reverts commit 8a0c014cd20516ade9654fc13b51345ec58e7be8. + +Link: https://lore.kernel.org/linux-block/de10cb47-34d1-5a88-7751-225ca380f...@compro.net/ +Reported-by: Mark Hounschell <ma...@compro.net> +Cc: Jiri Kosina <jkos...@suse.cz> +Cc: Wim Osterholt <w...@djo.tudelft.nl> +Cc: Kurt Garloff <k...@garloff.de> +Cc: <sta...@vger.kernel.org> +Signed-off-by: Denis Efremov <efre...@linux.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + drivers/block/floppy.c | 30 +++++++++++++++--------------- + 1 file changed, 15 insertions(+), 15 deletions(-) + +diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c +index 87460e0e5c72..fef79ea52e3e 100644 +--- a/drivers/block/floppy.c ++++ b/drivers/block/floppy.c +@@ -4029,23 +4029,23 @@ static int floppy_open(struct block_device *bdev, fmode_t mode) + if (fdc_state[FDC(drive)].rawcmd == 1) + fdc_state[FDC(drive)].rawcmd = 2; + +- if (mode & (FMODE_READ|FMODE_WRITE)) { +- drive_state[drive].last_checked = 0; +- clear_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags); +- if (bdev_check_media_change(bdev)) +- floppy_revalidate(bdev->bd_disk); +- if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags)) +- goto out; +- if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags)) ++ if (!(mode & FMODE_NDELAY)) { ++ if (mode & (FMODE_READ|FMODE_WRITE)) { ++ drive_state[drive].last_checked = 0; ++ clear_bit(FD_OPEN_SHOULD_FAIL_BIT, ++ &drive_state[drive].flags); ++ if (bdev_check_media_change(bdev)) ++ floppy_revalidate(bdev->bd_disk); ++ if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags)) ++ goto out; ++ if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags)) ++ goto out; ++ } ++ res = -EROFS; ++ if ((mode & FMODE_WRITE) && ++ !test_bit(FD_DISK_WRITABLE_BIT, &drive_state[drive].flags)) + goto out; + } +- +- res = -EROFS; +- +- if ((mode & FMODE_WRITE) && +- !test_bit(FD_DISK_WRITABLE_BIT, &drive_state[drive].flags)) +- goto out; +- + mutex_unlock(&open_lock); + mutex_unlock(&floppy_mutex); + return 0; +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-006-fscrypt-add-fscrypt_symlink_getattr-for-comput.patch new/patches.kernel.org/5.14.1-006-fscrypt-add-fscrypt_symlink_getattr-for-comput.patch --- old/patches.kernel.org/5.14.1-006-fscrypt-add-fscrypt_symlink_getattr-for-comput.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-006-fscrypt-add-fscrypt_symlink_getattr-for-comput.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,153 @@ +From: Eric Biggers <ebigg...@google.com> +Date: Thu, 1 Jul 2021 23:53:46 -0700 +Subject: [PATCH] fscrypt: add fscrypt_symlink_getattr() for computing st_size +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: d18760560593e5af921f51a8c9b64b6109d634c2 + +commit d18760560593e5af921f51a8c9b64b6109d634c2 upstream. + +Add a helper function fscrypt_symlink_getattr() which will be called +from the various filesystems' ->getattr() methods to read and decrypt +the target of encrypted symlinks in order to report the correct st_size. + +Detailed explanation: + +As required by POSIX and as documented in various man pages, st_size for +a symlink is supposed to be the length of the symlink target. +Unfortunately, st_size has always been wrong for encrypted symlinks +because st_size is populated from i_size from disk, which intentionally +contains the length of the encrypted symlink target. That's slightly +greater than the length of the decrypted symlink target (which is the +symlink target that userspace usually sees), and usually won't match the +length of the no-key encoded symlink target either. + +This hadn't been fixed yet because reporting the correct st_size would +require reading the symlink target from disk and decrypting or encoding +it, which historically has been considered too heavyweight to do in +->getattr(). Also historically, the wrong st_size had only broken a +test (LTP lstat03) and there were no known complaints from real users. +(This is probably because the st_size of symlinks isn't used too often, +and when it is, typically it's for a hint for what buffer size to pass +to readlink() -- which a slightly-too-large size still works for.) + +However, a couple things have changed now. First, there have recently +been complaints about the current behavior from real users: + +- Breakage in rpmbuild: + https://github.com/rpm-software-management/rpm/issues/1682 + https://github.com/google/fscrypt/issues/305 + +- Breakage in toybox cpio: + https://www.mail-archive.com/toybox@lists.landley.net/msg07193.html + +- Breakage in libgit2: https://issuetracker.google.com/issues/189629152 + (on Android public issue tracker, requires login) + +Second, we now cache decrypted symlink targets in ->i_link. Therefore, +taking the performance hit of reading and decrypting the symlink target +in ->getattr() wouldn't be as big a deal as it used to be, since usually +it will just save having to do the same thing later. + +Also note that eCryptfs ended up having to read and decrypt symlink +targets in ->getattr() as well, to fix this same issue; see +commit 3a60a1686f0d ("eCryptfs: Decrypt symlink target for stat size"). + +So, let's just bite the bullet, and read and decrypt the symlink target +in ->getattr() in order to report the correct st_size. Add a function +fscrypt_symlink_getattr() which the filesystems will call to do this. + +(Alternatively, we could store the decrypted size of symlinks on-disk. +But there isn't a great place to do so, and encryption is meant to hide +the original size to some extent; that property would be lost.) + +Cc: sta...@vger.kernel.org +Link: https://lore.kernel.org/r/20210702065350.209646-2-ebigg...@kernel.org +Signed-off-by: Eric Biggers <ebigg...@google.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + fs/crypto/hooks.c | 44 +++++++++++++++++++++++++++++++++++++++++ + include/linux/fscrypt.h | 7 +++++++ + 2 files changed, 51 insertions(+) + +diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c +index a73b0376e6f3..af74599ae1cf 100644 +--- a/fs/crypto/hooks.c ++++ b/fs/crypto/hooks.c +@@ -384,3 +384,47 @@ const char *fscrypt_get_symlink(struct inode *inode, const void *caddr, + return ERR_PTR(err); + } + EXPORT_SYMBOL_GPL(fscrypt_get_symlink); ++ ++/** ++ * fscrypt_symlink_getattr() - set the correct st_size for encrypted symlinks ++ * @path: the path for the encrypted symlink being queried ++ * @stat: the struct being filled with the symlink's attributes ++ * ++ * Override st_size of encrypted symlinks to be the length of the decrypted ++ * symlink target (or the no-key encoded symlink target, if the key is ++ * unavailable) rather than the length of the encrypted symlink target. This is ++ * necessary for st_size to match the symlink target that userspace actually ++ * sees. POSIX requires this, and some userspace programs depend on it. ++ * ++ * This requires reading the symlink target from disk if needed, setting up the ++ * inode's encryption key if possible, and then decrypting or encoding the ++ * symlink target. This makes lstat() more heavyweight than is normally the ++ * case. However, decrypted symlink targets will be cached in ->i_link, so ++ * usually the symlink won't have to be read and decrypted again later if/when ++ * it is actually followed, readlink() is called, or lstat() is called again. ++ * ++ * Return: 0 on success, -errno on failure ++ */ ++int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat) ++{ ++ struct dentry *dentry = path->dentry; ++ struct inode *inode = d_inode(dentry); ++ const char *link; ++ DEFINE_DELAYED_CALL(done); ++ ++ /* ++ * To get the symlink target that userspace will see (whether it's the ++ * decrypted target or the no-key encoded target), we can just get it in ++ * the same way the VFS does during path resolution and readlink(). ++ */ ++ link = READ_ONCE(inode->i_link); ++ if (!link) { ++ link = inode->i_op->get_link(dentry, inode, &done); ++ if (IS_ERR(link)) ++ return PTR_ERR(link); ++ } ++ stat->size = strlen(link); ++ do_delayed_call(&done); ++ return 0; ++} ++EXPORT_SYMBOL_GPL(fscrypt_symlink_getattr); +diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h +index 2ea1387bb497..b7bfd0cd4f3e 100644 +--- a/include/linux/fscrypt.h ++++ b/include/linux/fscrypt.h +@@ -253,6 +253,7 @@ int __fscrypt_encrypt_symlink(struct inode *inode, const char *target, + const char *fscrypt_get_symlink(struct inode *inode, const void *caddr, + unsigned int max_size, + struct delayed_call *done); ++int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat); + static inline void fscrypt_set_ops(struct super_block *sb, + const struct fscrypt_operations *s_cop) + { +@@ -583,6 +584,12 @@ static inline const char *fscrypt_get_symlink(struct inode *inode, + return ERR_PTR(-EOPNOTSUPP); + } + ++static inline int fscrypt_symlink_getattr(const struct path *path, ++ struct kstat *stat) ++{ ++ return -EOPNOTSUPP; ++} ++ + static inline void fscrypt_set_ops(struct super_block *sb, + const struct fscrypt_operations *s_cop) + { +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-007-ext4-report-correct-st_size-for-encrypted-syml.patch new/patches.kernel.org/5.14.1-007-ext4-report-correct-st_size-for-encrypted-syml.patch --- old/patches.kernel.org/5.14.1-007-ext4-report-correct-st_size-for-encrypted-syml.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-007-ext4-report-correct-st_size-for-encrypted-syml.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,57 @@ +From: Eric Biggers <ebigg...@google.com> +Date: Thu, 1 Jul 2021 23:53:47 -0700 +Subject: [PATCH] ext4: report correct st_size for encrypted symlinks +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 8c4bca10ceafc43b1ca0a9fab5fa27e13cbce99e + +commit 8c4bca10ceafc43b1ca0a9fab5fa27e13cbce99e upstream. + +The stat() family of syscalls report the wrong size for encrypted +symlinks, which has caused breakage in several userspace programs. + +Fix this by calling fscrypt_symlink_getattr() after ext4_getattr() for +encrypted symlinks. This function computes the correct size by reading +and decrypting the symlink target (if it's not already cached). + +For more details, see the commit which added fscrypt_symlink_getattr(). + +Fixes: f348c252320b ("ext4 crypto: add symlink encryption") +Cc: sta...@vger.kernel.org +Link: https://lore.kernel.org/r/20210702065350.209646-3-ebigg...@kernel.org +Signed-off-by: Eric Biggers <ebigg...@google.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + fs/ext4/symlink.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/fs/ext4/symlink.c b/fs/ext4/symlink.c +index dd05af983092..69109746e6e2 100644 +--- a/fs/ext4/symlink.c ++++ b/fs/ext4/symlink.c +@@ -52,10 +52,20 @@ static const char *ext4_encrypted_get_link(struct dentry *dentry, + return paddr; + } + ++static int ext4_encrypted_symlink_getattr(struct user_namespace *mnt_userns, ++ const struct path *path, ++ struct kstat *stat, u32 request_mask, ++ unsigned int query_flags) ++{ ++ ext4_getattr(mnt_userns, path, stat, request_mask, query_flags); ++ ++ return fscrypt_symlink_getattr(path, stat); ++} ++ + const struct inode_operations ext4_encrypted_symlink_inode_operations = { + .get_link = ext4_encrypted_get_link, + .setattr = ext4_setattr, +- .getattr = ext4_getattr, ++ .getattr = ext4_encrypted_symlink_getattr, + .listxattr = ext4_listxattr, + }; + +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-008-f2fs-report-correct-st_size-for-encrypted-syml.patch new/patches.kernel.org/5.14.1-008-f2fs-report-correct-st_size-for-encrypted-syml.patch --- old/patches.kernel.org/5.14.1-008-f2fs-report-correct-st_size-for-encrypted-syml.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-008-f2fs-report-correct-st_size-for-encrypted-syml.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,56 @@ +From: Eric Biggers <ebigg...@google.com> +Date: Thu, 1 Jul 2021 23:53:48 -0700 +Subject: [PATCH] f2fs: report correct st_size for encrypted symlinks +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 461b43a8f92e68e96c4424b31e15f2b35f1bbfa9 + +commit 461b43a8f92e68e96c4424b31e15f2b35f1bbfa9 upstream. + +The stat() family of syscalls report the wrong size for encrypted +symlinks, which has caused breakage in several userspace programs. + +Fix this by calling fscrypt_symlink_getattr() after f2fs_getattr() for +encrypted symlinks. This function computes the correct size by reading +and decrypting the symlink target (if it's not already cached). + +For more details, see the commit which added fscrypt_symlink_getattr(). + +Fixes: cbaf042a3cc6 ("f2fs crypto: add symlink encryption") +Cc: sta...@vger.kernel.org +Link: https://lore.kernel.org/r/20210702065350.209646-4-ebigg...@kernel.org +Signed-off-by: Eric Biggers <ebigg...@google.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + fs/f2fs/namei.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c +index e149c8c66a71..9c528e583c9d 100644 +--- a/fs/f2fs/namei.c ++++ b/fs/f2fs/namei.c +@@ -1323,9 +1323,19 @@ static const char *f2fs_encrypted_get_link(struct dentry *dentry, + return target; + } + ++static int f2fs_encrypted_symlink_getattr(struct user_namespace *mnt_userns, ++ const struct path *path, ++ struct kstat *stat, u32 request_mask, ++ unsigned int query_flags) ++{ ++ f2fs_getattr(mnt_userns, path, stat, request_mask, query_flags); ++ ++ return fscrypt_symlink_getattr(path, stat); ++} ++ + const struct inode_operations f2fs_encrypted_symlink_inode_operations = { + .get_link = f2fs_encrypted_get_link, +- .getattr = f2fs_getattr, ++ .getattr = f2fs_encrypted_symlink_getattr, + .setattr = f2fs_setattr, + .listxattr = f2fs_listxattr, + }; +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-009-ubifs-report-correct-st_size-for-encrypted-sym.patch new/patches.kernel.org/5.14.1-009-ubifs-report-correct-st_size-for-encrypted-sym.patch --- old/patches.kernel.org/5.14.1-009-ubifs-report-correct-st_size-for-encrypted-sym.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-009-ubifs-report-correct-st_size-for-encrypted-sym.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,62 @@ +From: Eric Biggers <ebigg...@google.com> +Date: Thu, 1 Jul 2021 23:53:49 -0700 +Subject: [PATCH] ubifs: report correct st_size for encrypted symlinks +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 064c734986011390b4d111f1a99372b7f26c3850 + +commit 064c734986011390b4d111f1a99372b7f26c3850 upstream. + +The stat() family of syscalls report the wrong size for encrypted +symlinks, which has caused breakage in several userspace programs. + +Fix this by calling fscrypt_symlink_getattr() after ubifs_getattr() for +encrypted symlinks. This function computes the correct size by reading +and decrypting the symlink target (if it's not already cached). + +For more details, see the commit which added fscrypt_symlink_getattr(). + +Fixes: ca7f85be8d6c ("ubifs: Add support for encrypted symlinks") +Cc: sta...@vger.kernel.org +Link: https://lore.kernel.org/r/20210702065350.209646-5-ebigg...@kernel.org +Signed-off-by: Eric Biggers <ebigg...@google.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + fs/ubifs/file.c | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c +index 2e4e1d159969..5cfa28cd00cd 100644 +--- a/fs/ubifs/file.c ++++ b/fs/ubifs/file.c +@@ -1630,6 +1630,17 @@ static const char *ubifs_get_link(struct dentry *dentry, + return fscrypt_get_symlink(inode, ui->data, ui->data_len, done); + } + ++static int ubifs_symlink_getattr(struct user_namespace *mnt_userns, ++ const struct path *path, struct kstat *stat, ++ u32 request_mask, unsigned int query_flags) ++{ ++ ubifs_getattr(mnt_userns, path, stat, request_mask, query_flags); ++ ++ if (IS_ENCRYPTED(d_inode(path->dentry))) ++ return fscrypt_symlink_getattr(path, stat); ++ return 0; ++} ++ + const struct address_space_operations ubifs_file_address_operations = { + .readpage = ubifs_readpage, + .writepage = ubifs_writepage, +@@ -1655,7 +1666,7 @@ const struct inode_operations ubifs_file_inode_operations = { + const struct inode_operations ubifs_symlink_inode_operations = { + .get_link = ubifs_get_link, + .setattr = ubifs_setattr, +- .getattr = ubifs_getattr, ++ .getattr = ubifs_symlink_getattr, + .listxattr = ubifs_listxattr, + .update_time = ubifs_update_time, + }; +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-010-net-don-t-unconditionally-copy_from_user-a-str.patch new/patches.kernel.org/5.14.1-010-net-don-t-unconditionally-copy_from_user-a-str.patch --- old/patches.kernel.org/5.14.1-010-net-don-t-unconditionally-copy_from_user-a-str.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-010-net-don-t-unconditionally-copy_from_user-a-str.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,89 @@ +From: Peter Collingbourne <p...@google.com> +Date: Thu, 26 Aug 2021 12:46:01 -0700 +Subject: [PATCH] net: don't unconditionally copy_from_user a struct ifreq for + socket ioctls +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: d0efb16294d145d157432feda83877ae9d7cdf37 + +commit d0efb16294d145d157432feda83877ae9d7cdf37 upstream. + +A common implementation of isatty(3) involves calling a ioctl passing +a dummy struct argument and checking whether the syscall failed -- +bionic and glibc use TCGETS (passing a struct termios), and musl uses +TIOCGWINSZ (passing a struct winsize). If the FD is a socket, we will +copy sizeof(struct ifreq) bytes of data from the argument and return +-EFAULT if that fails. The result is that the isatty implementations +may return a non-POSIX-compliant value in errno in the case where part +of the dummy struct argument is inaccessible, as both struct termios +and struct winsize are smaller than struct ifreq (at least on arm64). + +Although there is usually enough stack space following the argument +on the stack that this did not present a practical problem up to now, +with MTE stack instrumentation it's more likely for the copy to fail, +as the memory following the struct may have a different tag. + +Fix the problem by adding an early check for whether the ioctl is a +valid socket ioctl, and return -ENOTTY if it isn't. + +Fixes: 44c02a2c3dc5 ("dev_ioctl(): move copyin/copyout to callers") +Link: https://linux-review.googlesource.com/id/I869da6cf6daabc3e4b7b82ac979683ba05e27d4d +Signed-off-by: Peter Collingbourne <p...@google.com> +Cc: <sta...@vger.kernel.org> # 4.19 +Signed-off-by: David S. Miller <da...@davemloft.net> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + include/linux/netdevice.h | 4 ++++ + net/socket.c | 6 +++++- + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h +index eaf5bb008aa9..d65ce093e5a7 100644 +--- a/include/linux/netdevice.h ++++ b/include/linux/netdevice.h +@@ -4012,6 +4012,10 @@ int netdev_rx_handler_register(struct net_device *dev, + void netdev_rx_handler_unregister(struct net_device *dev); + + bool dev_valid_name(const char *name); ++static inline bool is_socket_ioctl_cmd(unsigned int cmd) ++{ ++ return _IOC_TYPE(cmd) == SOCK_IOC_TYPE; ++} + int dev_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr, + bool *need_copyout); + int dev_ifconf(struct net *net, struct ifconf *, int); +diff --git a/net/socket.c b/net/socket.c +index 0b2dad3bdf7f..8808b3617dac 100644 +--- a/net/socket.c ++++ b/net/socket.c +@@ -1109,7 +1109,7 @@ static long sock_do_ioctl(struct net *net, struct socket *sock, + rtnl_unlock(); + if (!err && copy_to_user(argp, &ifc, sizeof(struct ifconf))) + err = -EFAULT; +- } else { ++ } else if (is_socket_ioctl_cmd(cmd)) { + struct ifreq ifr; + bool need_copyout; + if (copy_from_user(&ifr, argp, sizeof(struct ifreq))) +@@ -1118,6 +1118,8 @@ static long sock_do_ioctl(struct net *net, struct socket *sock, + if (!err && need_copyout) + if (copy_to_user(argp, &ifr, sizeof(struct ifreq))) + return -EFAULT; ++ } else { ++ err = -ENOTTY; + } + return err; + } +@@ -3306,6 +3308,8 @@ static int compat_ifr_data_ioctl(struct net *net, unsigned int cmd, + struct ifreq ifreq; + u32 data32; + ++ if (!is_socket_ioctl_cmd(cmd)) ++ return -ENOTTY; + if (copy_from_user(ifreq.ifr_name, u_ifreq32->ifr_name, IFNAMSIZ)) + return -EFAULT; + if (get_user(data32, &u_ifreq32->ifr_data)) +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-011-audit-move-put_tree-to-avoid-trim_trees-refcou.patch new/patches.kernel.org/5.14.1-011-audit-move-put_tree-to-avoid-trim_trees-refcou.patch --- old/patches.kernel.org/5.14.1-011-audit-move-put_tree-to-avoid-trim_trees-refcou.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-011-audit-move-put_tree-to-avoid-trim_trees-refcou.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,64 @@ +From: Richard Guy Briggs <r...@redhat.com> +Date: Mon, 23 Aug 2021 22:04:09 -0400 +Subject: [PATCH] audit: move put_tree() to avoid trim_trees refcount underflow + and UAF +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 67d69e9d1a6c889d98951c1d74b19332ce0565af + +commit 67d69e9d1a6c889d98951c1d74b19332ce0565af upstream. + +AUDIT_TRIM is expected to be idempotent, but multiple executions resulted +in a refcount underflow and use-after-free. + +git bisect fingered commit fb041bb7c0a9 ("locking/refcount: Consolidate +implementations of refcount_t") but this patch with its more thorough +checking that wasn't in the x86 assembly code merely exposed a previously +existing tree refcount imbalance in the case of tree trimming code that +was refactored with prune_one() to remove a tree introduced in +commit 8432c7006297 ("audit: Simplify locking around untag_chunk()") + +Move the put_tree() to cover only the prune_one() case. + +Passes audit-testsuite and 3 passes of "auditctl -t" with at least one +directory watch. + +Cc: Jan Kara <j...@suse.cz> +Cc: Will Deacon <w...@kernel.org> +Cc: Alexander Viro <v...@zeniv.linux.org.uk> +Cc: Seiji Nishikawa <snish...@redhat.com> +Cc: sta...@vger.kernel.org +Fixes: 8432c7006297 ("audit: Simplify locking around untag_chunk()") +Signed-off-by: Richard Guy Briggs <r...@redhat.com> +Reviewed-by: Jan Kara <j...@suse.cz> +[PM: reformatted/cleaned-up the commit description] +Signed-off-by: Paul Moore <p...@paul-moore.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + kernel/audit_tree.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c +index b2be4e978ba3..2cd7b5694422 100644 +--- a/kernel/audit_tree.c ++++ b/kernel/audit_tree.c +@@ -593,7 +593,6 @@ static void prune_tree_chunks(struct audit_tree *victim, bool tagged) + spin_lock(&hash_lock); + } + spin_unlock(&hash_lock); +- put_tree(victim); + } + + /* +@@ -602,6 +601,7 @@ static void prune_tree_chunks(struct audit_tree *victim, bool tagged) + static void prune_one(struct audit_tree *victim) + { + prune_tree_chunks(victim, false); ++ put_tree(victim); + } + + /* trim the uncommitted chunks from tree */ +-- +2.33.0 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/5.14.1-012-Linux-5.14.1.patch new/patches.kernel.org/5.14.1-012-Linux-5.14.1.patch --- old/patches.kernel.org/5.14.1-012-Linux-5.14.1.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/5.14.1-012-Linux-5.14.1.patch 2021-09-04 07:01:40.000000000 +0200 @@ -0,0 +1,36 @@ +From: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Date: Fri, 3 Sep 2021 10:24:03 +0200 +Subject: [PATCH] Linux 5.14.1 +References: bsc#1012628 +Patch-mainline: 5.14.1 +Git-commit: 66a613c5173456fe0edfa1a89147381d2802d4e4 + +Link: https://lore.kernel.org/r/20210901122249.520249...@linuxfoundation.org +Tested-by: Fox Chen <foxhlc...@gmail.com> +Tested-by: Jon Hunter <jonath...@nvidia.com> +Tested-by: Shuah Khan <sk...@linuxfoundation.org> +Tested-by: Linux Kernel Functional Testing <l...@linaro.org> +Tested-by: Guenter Roeck <li...@roeck-us.net> +Tested-by: Florian Fainelli <f.faine...@gmail.com> +Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 61741e9d9c6e..83d1f7c1fd30 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,7 +1,7 @@ + # SPDX-License-Identifier: GPL-2.0 + VERSION = 5 + PATCHLEVEL = 14 +-SUBLEVEL = 0 ++SUBLEVEL = 1 + EXTRAVERSION = + NAME = Opossums on Parade + +-- +2.33.0 + ++++++ patches.suse.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch new/patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch --- old/patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch 2021-09-04 10:22:09.000000000 +0200 @@ -3,8 +3,7 @@ Date: Tue, 10 Aug 2021 12:14:06 +0800 Subject: [PATCH] Bluetooth: avoid circular locks in sco_sock_connect Git-commit: 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git -Patch-mainline: Queued in subsystem maintainer repo +Patch-mainline: v5.15-rc1 References: CVE-2021-3640 bsc#1188172 In a future patch, calls to bh_lock_sock in sco.c should be replaced diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch new/patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch --- old/patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch 2021-09-04 10:22:09.000000000 +0200 @@ -3,8 +3,7 @@ Date: Fri, 23 Jul 2021 01:17:18 +0800 Subject: [PATCH] Bluetooth: btusb: Add support for Foxconn Mediatek Chip Git-commit: 64832df2ac056f111b51aaebbe54a996e0fce7f1 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git -Patch-mainline: Queued in subsystem maintainer repo +Patch-mainline: v5.15-rc1 References: bsc#1188064 Add support for another Foxconn / Hon Hai device with MT7921 chip. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch new/patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch --- old/patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch 2021-09-04 10:22:09.000000000 +0200 @@ -3,8 +3,7 @@ Date: Thu, 8 Jul 2021 04:00:59 +0800 Subject: [PATCH] Bluetooth: btusb: Add support for IMC Networks Mediatek Chip Git-commit: 2cdff8ca4c8414401bcbc9701229e971797b1340 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git -Patch-mainline: Queued in subsystem maintainer repo +Patch-mainline: v5.15-rc1 References: bsc#1188064 This add supports for IMC Networks Wireless_Device Media Chip diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch new/patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch --- old/patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch 2021-09-04 10:22:09.000000000 +0200 @@ -0,0 +1,96 @@ +From 99c23da0eed4fd20cae8243f2b51e10e66aa0951 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai <ti...@suse.de> +Date: Sat, 28 Aug 2021 18:18:18 +0200 +Subject: [PATCH] Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() +Git-commit: 99c23da0eed4fd20cae8243f2b51e10e66aa0951 +Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git +Patch-mainline: Queued in subsystem maintainer repo +References: CVE-2021-3640 bsc#1188172 + +The sco_send_frame() also takes lock_sock() during memcpy_from_msg() +call that may be endlessly blocked by a task with userfaultd +technique, and this will result in a hung task watchdog trigger. + +Just like the similar fix for hci_sock_sendmsg() in commit +92c685dc5de0 ("Bluetooth: reorganize functions..."), this patch moves +the memcpy_from_msg() out of lock_sock() for addressing the hang. + +This should be the last piece for fixing CVE-2021-3640 after a few +already queued fixes. + +Signed-off-by: Takashi Iwai <ti...@suse.de> +Signed-off-by: Marcel Holtmann <mar...@holtmann.org> + +--- + net/bluetooth/sco.c | 24 ++++++++++++++++-------- + 1 file changed, 16 insertions(+), 8 deletions(-) + +diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c +index 98a881586512..b62c91c627e2 100644 +--- a/net/bluetooth/sco.c ++++ b/net/bluetooth/sco.c +@@ -280,7 +280,8 @@ static int sco_connect(struct hci_dev *hdev, struct sock *sk) + return err; + } + +-static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) ++static int sco_send_frame(struct sock *sk, void *buf, int len, ++ unsigned int msg_flags) + { + struct sco_conn *conn = sco_pi(sk)->conn; + struct sk_buff *skb; +@@ -292,15 +293,11 @@ static int sco_send_frame(struct sock *sk, struct msghdr *msg, int len) + + BT_DBG("sk %p len %d", sk, len); + +- skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err); ++ skb = bt_skb_send_alloc(sk, len, msg_flags & MSG_DONTWAIT, &err); + if (!skb) + return err; + +- if (memcpy_from_msg(skb_put(skb, len), msg, len)) { +- kfree_skb(skb); +- return -EFAULT; +- } +- ++ memcpy(skb_put(skb, len), buf, len); + hci_send_sco(conn->hcon, skb); + + return len; +@@ -725,6 +722,7 @@ static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg, + size_t len) + { + struct sock *sk = sock->sk; ++ void *buf; + int err; + + BT_DBG("sock %p, sk %p", sock, sk); +@@ -736,14 +734,24 @@ static int sco_sock_sendmsg(struct socket *sock, struct msghdr *msg, + if (msg->msg_flags & MSG_OOB) + return -EOPNOTSUPP; + ++ buf = kmalloc(len, GFP_KERNEL); ++ if (!buf) ++ return -ENOMEM; ++ ++ if (memcpy_from_msg(buf, msg, len)) { ++ kfree(buf); ++ return -EFAULT; ++ } ++ + lock_sock(sk); + + if (sk->sk_state == BT_CONNECTED) +- err = sco_send_frame(sk, msg, len); ++ err = sco_send_frame(sk, buf, len, msg->msg_flags); + else + err = -ENOTCONN; + + release_sock(sk); ++ kfree(buf); + return err; + } + +-- +2.26.2 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch new/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch --- old/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch 2021-09-04 10:22:09.000000000 +0200 @@ -3,8 +3,7 @@ Date: Tue, 10 Aug 2021 12:14:07 +0800 Subject: [PATCH] Bluetooth: switch to lock_sock in SCO Git-commit: 27c24fda62b601d6f9ca5e992502578c4310876f -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git -Patch-mainline: Queued in subsystem maintainer repo +Patch-mainline: v5.15-rc1 References: CVE-2021-3640 bsc#1188172 Since sco_sock_timeout is now scheduled using delayed work, it is no diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch new/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch --- old/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch 2021-09-04 10:22:09.000000000 +0200 @@ -0,0 +1,80 @@ +Message-Id: <5049307d37a760e304ad191c5dc7c6851266d2f8.1630658591.git.mkube...@suse.cz> +In-Reply-To: <cover.1630658591.git.mkube...@suse.cz> +References: <cover.1630658591.git.mkube...@suse.cz> +From: Michal Kubecek <mkube...@suse.cz> +Date: Wed, 1 Sep 2021 12:35:49 -0400 +Subject: HID: usbhid: Fix flood of "control queue full" messages +Patch-mainline: v5.15-rc1 +Git-commit: 5049307d37a760e304ad191c5dc7c6851266d2f8 +References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz 20210819195300.ga8...@rowland.harvard.edu + +[patch description by Alan Stern] + +Commit 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength +for control transfers") causes control URB submissions to fail if the +transfer_buffer_length value disagrees with the setup packet's wLength +valuel. Unfortunately, it turns out that the usbhid can trigger this +failure mode when it submits a control request for an input report: It +pads the transfer buffer size to a multiple of the maxpacket value but +does not increase wLength correspondingly. + +These failures have caused problems for people using an APS UPC, in +the form of a flood of log messages resembling: + + hid-generic 0003:051D:0002.0002: control queue full + +This patch fixes the problem by setting the wLength value equal to the +padded transfer_buffer_length value in hid_submit_ctrl(). As a nice +bonus, the code which stores the transfer_buffer_length value is now +shared between the two branches of an "if" statement, so it can be +de-duplicated. + +Signed-off-by: Michal Kubecek <mkube...@suse.cz> +Signed-off-by: Alan Stern <st...@rowland.harvard.edu> +Fixes: 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength for control transfers") +Tested-by: Oleksandr Natalenko <oleksa...@natalenko.name> +Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com> +Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com> +Cc: sta...@vger.kernel.org +Signed-off-by: Jiri Kosina <jkos...@suse.cz> +--- + drivers/hid/usbhid/hid-core.c | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +--- a/drivers/hid/usbhid/hid-core.c ++++ b/drivers/hid/usbhid/hid-core.c +@@ -377,27 +377,26 @@ static int hid_submit_ctrl(struct hid_device *hid) + len = hid_report_len(report); + if (dir == USB_DIR_OUT) { + usbhid->urbctrl->pipe = usb_sndctrlpipe(hid_to_usb_dev(hid), 0); +- usbhid->urbctrl->transfer_buffer_length = len; + if (raw_report) { + memcpy(usbhid->ctrlbuf, raw_report, len); + kfree(raw_report); + usbhid->ctrl[usbhid->ctrltail].raw_report = NULL; + } + } else { +- int maxpacket, padlen; ++ int maxpacket; + + usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0); + maxpacket = usb_maxpacket(hid_to_usb_dev(hid), + usbhid->urbctrl->pipe, 0); + if (maxpacket > 0) { +- padlen = DIV_ROUND_UP(len, maxpacket); +- padlen *= maxpacket; +- if (padlen > usbhid->bufsize) +- padlen = usbhid->bufsize; ++ len = DIV_ROUND_UP(len, maxpacket); ++ len *= maxpacket; ++ if (len > usbhid->bufsize) ++ len = usbhid->bufsize; + } else +- padlen = 0; +- usbhid->urbctrl->transfer_buffer_length = padlen; ++ len = 0; + } ++ usbhid->urbctrl->transfer_buffer_length = len; + usbhid->urbctrl->dev = hid_to_usb_dev(hid); + + usbhid->cr->bRequestType = USB_TYPE_CLASS | USB_RECIP_INTERFACE | dir; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch new/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch --- old/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch 2021-09-04 10:22:09.000000000 +0200 @@ -0,0 +1,48 @@ +Message-Id: <0a824efdb724e07574bafcd2c2486b2a3de35ff6.1630658591.git.mkube...@suse.cz> +In-Reply-To: <cover.1630658591.git.mkube...@suse.cz> +References: <cover.1630658591.git.mkube...@suse.cz> +From: Alan Stern <st...@rowland.harvard.edu> +Date: Wed, 1 Sep 2021 12:36:00 -0400 +Subject: HID: usbhid: Fix warning caused by 0-length input reports +Patch-mainline: v5.15-rc1 +Git-commit: 0a824efdb724e07574bafcd2c2486b2a3de35ff6 +References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz 20210819195300.ga8...@rowland.harvard.edu + +Syzbot found a warning caused by hid_submit_ctrl() submitting a +control request to transfer a 0-length input report: + + usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType a1 + +(The warning message is a little difficult to understand. It means +that the control request claims to be for an IN transfer but this +contradicts the USB spec, which requires 0-length control transfers +always to be in the OUT direction.) + +Now, a zero-length report isn't good for anything and there's no +reason for a device to have one, but the fuzzer likes to pick out +these weird edge cases. In the future, perhaps we will decide to +reject 0-length reports at probe time. For now, the simplest approach +for avoiding these warnings is to pretend that the report actually has +length 1. + +Signed-off-by: Alan Stern <st...@rowland.harvard.edu> +Reported-and-tested-by: syzbot+9b57a46bf1801ce2a...@syzkaller.appspotmail.com +Tested-by: Oleksandr Natalenko <oleksa...@natalenko.name> +Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com> +Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com> +Cc: sta...@vger.kernel.org +Signed-off-by: Jiri Kosina <jkos...@suse.cz> +--- + drivers/hid/usbhid/hid-core.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/hid/usbhid/hid-core.c ++++ b/drivers/hid/usbhid/hid-core.c +@@ -389,6 +389,7 @@ static int hid_submit_ctrl(struct hid_device *hid) + maxpacket = usb_maxpacket(hid_to_usb_dev(hid), + usbhid->urbctrl->pipe, 0); + if (maxpacket > 0) { ++ len += (len == 0); /* Don't allow 0-length reports */ + len = DIV_ROUND_UP(len, maxpacket); + len *= maxpacket; + if (len > usbhid->bufsize) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/HID-usbhid-Simplify-code-in-hid_submit_ctrl.patch new/patches.suse/HID-usbhid-Simplify-code-in-hid_submit_ctrl.patch --- old/patches.suse/HID-usbhid-Simplify-code-in-hid_submit_ctrl.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/HID-usbhid-Simplify-code-in-hid_submit_ctrl.patch 2021-09-04 10:22:09.000000000 +0200 @@ -0,0 +1,47 @@ +Message-Id: <d2f311ec91984adb219ac6985d4dd72c37ae734d.1630658591.git.mkube...@suse.cz> +In-Reply-To: <cover.1630658591.git.mkube...@suse.cz> +References: <cover.1630658591.git.mkube...@suse.cz> +From: Alan Stern <st...@rowland.harvard.edu> +Date: Wed, 1 Sep 2021 12:36:06 -0400 +Subject: HID: usbhid: Simplify code in hid_submit_ctrl() +Patch-mainline: v5.15-rc1 +Git-commit: d2f311ec91984adb219ac6985d4dd72c37ae734d +References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz 20210819195300.ga8...@rowland.harvard.edu + +This patch makes a small simplification to the code in +hid_submit_ctrl(). The test for maxpacket being > 0 is unnecessary, +because endpoint 0 always has a maxpacket value which is >= 8. + +Furthermore, endpoint 0's maxpacket value is always a power of 2, so +instead of open-coding the round-to-next-multiple computation we can +call the optimized round_up() routine. + +Signed-off-by: Alan Stern <st...@rowland.harvard.edu> +Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com> +Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com> +Signed-off-by: Jiri Kosina <jkos...@suse.cz> +--- + drivers/hid/usbhid/hid-core.c | 12 ++++-------- + 1 file changed, 4 insertions(+), 8 deletions(-) + +--- a/drivers/hid/usbhid/hid-core.c ++++ b/drivers/hid/usbhid/hid-core.c +@@ -388,14 +388,10 @@ static int hid_submit_ctrl(struct hid_device *hid) + usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0); + maxpacket = usb_maxpacket(hid_to_usb_dev(hid), + usbhid->urbctrl->pipe, 0); +- if (maxpacket > 0) { +- len += (len == 0); /* Don't allow 0-length reports */ +- len = DIV_ROUND_UP(len, maxpacket); +- len *= maxpacket; +- if (len > usbhid->bufsize) +- len = usbhid->bufsize; +- } else +- len = 0; ++ len += (len == 0); /* Don't allow 0-length reports */ ++ len = round_up(len, maxpacket); ++ if (len > usbhid->bufsize) ++ len = usbhid->bufsize; + } + usbhid->urbctrl->transfer_buffer_length = len; + usbhid->urbctrl->dev = hid_to_usb_dev(hid); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch new/patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch --- old/patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,377 +0,0 @@ -From: Michal Kubecek <mkube...@suse.cz> -Subject: Revert "netfilter: conntrack: remove helper hook again" -Patch-mainline: Never, temporary patch until upstream applies a different fix -References: FATE#324143 jsc#SLE-8944 bsc#1127886 - -This reverts commit 827318feb69cb07ed58bb9b9dd6c2eaa81a116ad. - -This commit was found to break userspace conntrack helpers, see - - http://lkml.kernel.org/r/20190718092128.zbw4qappq6jsb...@breakpoint.cc - -Signed-off-by: Michal Kubecek <mkube...@suse.cz> ---- - include/net/netfilter/nf_conntrack_core.h | 3 - - net/bridge/netfilter/nf_conntrack_bridge.c | 89 ++++++++++--- - net/netfilter/nf_conntrack_proto.c | 141 ++++++++++++++++----- - 3 files changed, 178 insertions(+), 55 deletions(-) - ---- a/include/net/netfilter/nf_conntrack_core.h -+++ b/include/net/netfilter/nf_conntrack_core.h -@@ -67,9 +67,6 @@ static inline int nf_conntrack_confirm(struct sk_buff *skb) - return ret; - } - --unsigned int nf_confirm(struct sk_buff *skb, unsigned int protoff, -- struct nf_conn *ct, enum ip_conntrack_info ctinfo); -- - void print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, - const struct nf_conntrack_l4proto *proto); - ---- a/net/bridge/netfilter/nf_conntrack_bridge.c -+++ b/net/bridge/netfilter/nf_conntrack_bridge.c -@@ -15,6 +15,7 @@ - #include <net/netfilter/nf_conntrack_core.h> - #include <net/netfilter/nf_conntrack_helper.h> - #include <net/netfilter/nf_conntrack_bridge.h> -+#include <net/netfilter/nf_conntrack_seqadj.h> - - #include <linux/netfilter/nf_tables.h> - #include <net/netfilter/nf_tables.h> -@@ -352,6 +353,26 @@ static int nf_ct_bridge_refrag_post(struct net *net, struct sock *sk, - return br_dev_queue_push_xmit(net, sk, skb); - } - -+static int nf_ct_bridge_skb_protoff(struct sk_buff *skb) -+{ -+ if (skb->protocol == ETH_P_IP) -+ return skb_network_offset(skb) + ip_hdrlen(skb); -+ -+ if (skb->protocol == ETH_P_IPV6) { -+ unsigned char pnum = ipv6_hdr(skb)->nexthdr; -+ __be16 frag_off; -+ int protoff; -+ -+ protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &pnum, -+ &frag_off); -+ if (protoff < 0 || (frag_off & htons(~0x7)) != 0) -+ return -EINVAL; -+ return protoff; -+ } -+ -+ return -EOPNOTSUPP; -+} -+ - static unsigned int nf_ct_bridge_confirm(struct sk_buff *skb) - { - enum ip_conntrack_info ctinfo; -@@ -360,26 +381,25 @@ static unsigned int nf_ct_bridge_confirm(struct sk_buff *skb) - - ct = nf_ct_get(skb, &ctinfo); - if (!ct || ctinfo == IP_CT_RELATED_REPLY) -- return nf_conntrack_confirm(skb); -+ goto out; - -- switch (skb->protocol) { -- case htons(ETH_P_IP): -- protoff = skb_network_offset(skb) + ip_hdrlen(skb); -- break; -- case htons(ETH_P_IPV6): { -- unsigned char pnum = ipv6_hdr(skb)->nexthdr; -- __be16 frag_off; -- -- protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &pnum, -- &frag_off); -- if (protoff < 0 || (frag_off & htons(~0x7)) != 0) -- return nf_conntrack_confirm(skb); -- } -- break; -- default: -+ protoff = nf_ct_bridge_skb_protoff(skb); -+ if (protoff == -EOPNOTSUPP) - return NF_ACCEPT; -+ if (protoff < 0) -+ goto out; -+ -+ /* adjust seqs for loopback traffic only in outgoing direction */ -+ if (test_bit(IPS_SEQ_ADJUST_BIT, &ct->status) && -+ !nf_is_loopback_packet(skb)) { -+ if (!nf_ct_seq_adjust(skb, ct, ctinfo, protoff)) { -+ NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop); -+ return NF_DROP; -+ } - } -- return nf_confirm(skb, protoff, ct, ctinfo); -+out: -+ /* We've seen it coming out the other side: confirm it */ -+ return nf_conntrack_confirm(skb); - } - - static unsigned int nf_ct_bridge_post(void *priv, struct sk_buff *skb, -@@ -394,6 +414,35 @@ static unsigned int nf_ct_bridge_post(void *priv, struct sk_buff *skb, - return nf_ct_bridge_refrag(skb, state, nf_ct_bridge_refrag_post); - } - -+static unsigned int nf_ct_bridge_helper(void *priv, struct sk_buff *skb, -+ const struct nf_hook_state *state) -+{ -+ const struct nf_conntrack_helper *helper; -+ const struct nf_conn_help *help; -+ enum ip_conntrack_info ctinfo; -+ struct nf_conn *ct; -+ int protoff; -+ -+ /* This is where we call the helper: as the packet goes out. */ -+ ct = nf_ct_get(skb, &ctinfo); -+ if (!ct || ctinfo == IP_CT_RELATED_REPLY) -+ return NF_ACCEPT; -+ -+ help = nfct_help(ct); -+ if (!help) -+ return NF_ACCEPT; -+ /* rcu_read_lock()ed by nf_hook_thresh */ -+ helper = rcu_dereference(help->helper); -+ if (!helper) -+ return NF_ACCEPT; -+ -+ protoff = nf_ct_bridge_skb_protoff(skb); -+ if (protoff < 0) -+ return NF_ACCEPT; -+ -+ return helper->help(skb, protoff, ct, ctinfo); -+} -+ - static struct nf_hook_ops nf_ct_bridge_hook_ops[] __read_mostly = { - { - .hook = nf_ct_bridge_pre, -@@ -401,6 +450,12 @@ static struct nf_hook_ops nf_ct_bridge_hook_ops[] __read_mostly = { - .hooknum = NF_BR_PRE_ROUTING, - .priority = NF_IP_PRI_CONNTRACK, - }, -+ { -+ .hook = nf_ct_bridge_helper, -+ .pf = NFPROTO_BRIDGE, -+ .hooknum = NF_BR_POST_ROUTING, -+ .priority = NF_IP_PRI_CONNTRACK_HELPER, -+ }, - { - .hook = nf_ct_bridge_post, - .pf = NFPROTO_BRIDGE, ---- a/net/netfilter/nf_conntrack_proto.c -+++ b/net/netfilter/nf_conntrack_proto.c -@@ -121,54 +121,55 @@ const struct nf_conntrack_l4proto *nf_ct_l4proto_find(u8 l4proto) - }; - EXPORT_SYMBOL_GPL(nf_ct_l4proto_find); - --unsigned int nf_confirm(struct sk_buff *skb, unsigned int protoff, -- struct nf_conn *ct, enum ip_conntrack_info ctinfo) -+static unsigned int ipv4_helper(void *priv, -+ struct sk_buff *skb, -+ const struct nf_hook_state *state) - { -+ struct nf_conn *ct; -+ enum ip_conntrack_info ctinfo; - const struct nf_conn_help *help; -+ const struct nf_conntrack_helper *helper; -+ -+ /* This is where we call the helper: as the packet goes out. */ -+ ct = nf_ct_get(skb, &ctinfo); -+ if (!ct || ctinfo == IP_CT_RELATED_REPLY) -+ return NF_ACCEPT; - - help = nfct_help(ct); -- if (help) { -- const struct nf_conntrack_helper *helper; -- int ret; -- -- /* rcu_read_lock()ed by nf_hook_thresh */ -- helper = rcu_dereference(help->helper); -- if (helper) { -- ret = helper->help(skb, -- protoff, -- ct, ctinfo); -- if (ret != NF_ACCEPT) -- return ret; -- } -- } -+ if (!help) -+ return NF_ACCEPT; - -- if (test_bit(IPS_SEQ_ADJUST_BIT, &ct->status) && -- !nf_is_loopback_packet(skb)) { -- if (!nf_ct_seq_adjust(skb, ct, ctinfo, protoff)) { -- NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop); -- return NF_DROP; -- } -- } -+ /* rcu_read_lock()ed by nf_hook_thresh */ -+ helper = rcu_dereference(help->helper); -+ if (!helper) -+ return NF_ACCEPT; - -- /* We've seen it coming out the other side: confirm it */ -- return nf_conntrack_confirm(skb); -+ return helper->help(skb, skb_network_offset(skb) + ip_hdrlen(skb), -+ ct, ctinfo); - } --EXPORT_SYMBOL_GPL(nf_confirm); - - static unsigned int ipv4_confirm(void *priv, - struct sk_buff *skb, - const struct nf_hook_state *state) - { -- enum ip_conntrack_info ctinfo; - struct nf_conn *ct; -+ enum ip_conntrack_info ctinfo; - - ct = nf_ct_get(skb, &ctinfo); - if (!ct || ctinfo == IP_CT_RELATED_REPLY) -- return nf_conntrack_confirm(skb); -+ goto out; - -- return nf_confirm(skb, -- skb_network_offset(skb) + ip_hdrlen(skb), -- ct, ctinfo); -+ /* adjust seqs for loopback traffic only in outgoing direction */ -+ if (test_bit(IPS_SEQ_ADJUST_BIT, &ct->status) && -+ !nf_is_loopback_packet(skb)) { -+ if (!nf_ct_seq_adjust(skb, ct, ctinfo, ip_hdrlen(skb))) { -+ NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop); -+ return NF_DROP; -+ } -+ } -+out: -+ /* We've seen it coming out the other side: confirm it */ -+ return nf_conntrack_confirm(skb); - } - - static unsigned int ipv4_conntrack_in(void *priv, -@@ -216,12 +217,24 @@ static const struct nf_hook_ops ipv4_conntrack_ops[] = { - .hooknum = NF_INET_LOCAL_OUT, - .priority = NF_IP_PRI_CONNTRACK, - }, -+ { -+ .hook = ipv4_helper, -+ .pf = NFPROTO_IPV4, -+ .hooknum = NF_INET_POST_ROUTING, -+ .priority = NF_IP_PRI_CONNTRACK_HELPER, -+ }, - { - .hook = ipv4_confirm, - .pf = NFPROTO_IPV4, - .hooknum = NF_INET_POST_ROUTING, - .priority = NF_IP_PRI_CONNTRACK_CONFIRM, - }, -+ { -+ .hook = ipv4_helper, -+ .pf = NFPROTO_IPV4, -+ .hooknum = NF_INET_LOCAL_IN, -+ .priority = NF_IP_PRI_CONNTRACK_HELPER, -+ }, - { - .hook = ipv4_confirm, - .pf = NFPROTO_IPV4, -@@ -367,21 +380,31 @@ static unsigned int ipv6_confirm(void *priv, - struct nf_conn *ct; - enum ip_conntrack_info ctinfo; - unsigned char pnum = ipv6_hdr(skb)->nexthdr; -- __be16 frag_off; - int protoff; -+ __be16 frag_off; - - ct = nf_ct_get(skb, &ctinfo); - if (!ct || ctinfo == IP_CT_RELATED_REPLY) -- return nf_conntrack_confirm(skb); -+ goto out; - - protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &pnum, - &frag_off); - if (protoff < 0 || (frag_off & htons(~0x7)) != 0) { - pr_debug("proto header not found\n"); -- return nf_conntrack_confirm(skb); -+ goto out; - } - -- return nf_confirm(skb, protoff, ct, ctinfo); -+ /* adjust seqs for loopback traffic only in outgoing direction */ -+ if (test_bit(IPS_SEQ_ADJUST_BIT, &ct->status) && -+ !nf_is_loopback_packet(skb)) { -+ if (!nf_ct_seq_adjust(skb, ct, ctinfo, protoff)) { -+ NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop); -+ return NF_DROP; -+ } -+ } -+out: -+ /* We've seen it coming out the other side: confirm it */ -+ return nf_conntrack_confirm(skb); - } - - static unsigned int ipv6_conntrack_in(void *priv, -@@ -398,6 +421,42 @@ static unsigned int ipv6_conntrack_local(void *priv, - return nf_conntrack_in(skb, state); - } - -+static unsigned int ipv6_helper(void *priv, -+ struct sk_buff *skb, -+ const struct nf_hook_state *state) -+{ -+ struct nf_conn *ct; -+ const struct nf_conn_help *help; -+ const struct nf_conntrack_helper *helper; -+ enum ip_conntrack_info ctinfo; -+ __be16 frag_off; -+ int protoff; -+ u8 nexthdr; -+ -+ /* This is where we call the helper: as the packet goes out. */ -+ ct = nf_ct_get(skb, &ctinfo); -+ if (!ct || ctinfo == IP_CT_RELATED_REPLY) -+ return NF_ACCEPT; -+ -+ help = nfct_help(ct); -+ if (!help) -+ return NF_ACCEPT; -+ /* rcu_read_lock()ed by nf_hook_thresh */ -+ helper = rcu_dereference(help->helper); -+ if (!helper) -+ return NF_ACCEPT; -+ -+ nexthdr = ipv6_hdr(skb)->nexthdr; -+ protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr, -+ &frag_off); -+ if (protoff < 0 || (frag_off & htons(~0x7)) != 0) { -+ pr_debug("proto header not found\n"); -+ return NF_ACCEPT; -+ } -+ -+ return helper->help(skb, protoff, ct, ctinfo); -+} -+ - static const struct nf_hook_ops ipv6_conntrack_ops[] = { - { - .hook = ipv6_conntrack_in, -@@ -411,12 +470,24 @@ static const struct nf_hook_ops ipv6_conntrack_ops[] = { - .hooknum = NF_INET_LOCAL_OUT, - .priority = NF_IP6_PRI_CONNTRACK, - }, -+ { -+ .hook = ipv6_helper, -+ .pf = NFPROTO_IPV6, -+ .hooknum = NF_INET_POST_ROUTING, -+ .priority = NF_IP6_PRI_CONNTRACK_HELPER, -+ }, - { - .hook = ipv6_confirm, - .pf = NFPROTO_IPV6, - .hooknum = NF_INET_POST_ROUTING, - .priority = NF_IP6_PRI_LAST, - }, -+ { -+ .hook = ipv6_helper, -+ .pf = NFPROTO_IPV6, -+ .hooknum = NF_INET_LOCAL_IN, -+ .priority = NF_IP6_PRI_CONNTRACK_HELPER, -+ }, - { - .hook = ipv6_confirm, - .pf = NFPROTO_IPV6, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/hid-fix-length-inconsistency.patch new/patches.suse/hid-fix-length-inconsistency.patch --- old/patches.suse/hid-fix-length-inconsistency.patch 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/hid-fix-length-inconsistency.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,52 +0,0 @@ -From: Alan Stern <st...@rowland.harvard.edu> -Date: Mon, 23 Aug 2021 09:07:26 +0200 -Subject: hid: fix length inconsistency -Patch-mainline: Not yet, under discussion - 20210819195300.ga8...@rowland.harvard.edu -References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz - -The new check introduced in commit 7652dd2c5cb7 ("USB: core: Check buffer -length matches wLength for control transfers") revealed request length -inconsistency in HID code. Make sure transfer_buffer_length matches wLength -in hid_submit_ctrl(). - -Signed-off-by: Michal Kubecek <mkube...@suse.cz> ---- - drivers/hid/usbhid/hid-core.c | 16 ++++++---------- - 1 file changed, 6 insertions(+), 10 deletions(-) - ---- a/drivers/hid/usbhid/hid-core.c -+++ b/drivers/hid/usbhid/hid-core.c -@@ -377,27 +377,23 @@ static int hid_submit_ctrl(struct hid_device *hid) - len = hid_report_len(report); - if (dir == USB_DIR_OUT) { - usbhid->urbctrl->pipe = usb_sndctrlpipe(hid_to_usb_dev(hid), 0); -- usbhid->urbctrl->transfer_buffer_length = len; - if (raw_report) { - memcpy(usbhid->ctrlbuf, raw_report, len); - kfree(raw_report); - usbhid->ctrl[usbhid->ctrltail].raw_report = NULL; - } - } else { -- int maxpacket, padlen; -+ int maxpacket; - - usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0); - maxpacket = usb_maxpacket(hid_to_usb_dev(hid), - usbhid->urbctrl->pipe, 0); -- if (maxpacket > 0) { -- padlen = DIV_ROUND_UP(len, maxpacket); -- padlen *= maxpacket; -- if (padlen > usbhid->bufsize) -- padlen = usbhid->bufsize; -- } else -- padlen = 0; -- usbhid->urbctrl->transfer_buffer_length = padlen; -+ len += (len == 0); /* Don't allow 0-length reports */ -+ len = round_up(len, maxpacket); -+ if (len > usbhid->bufsize) -+ len = usbhid->bufsize; - } -+ usbhid->urbctrl->transfer_buffer_length = len; - usbhid->urbctrl->dev = hid_to_usb_dev(hid); - - usbhid->cr->bRequestType = USB_TYPE_CLASS | USB_RECIP_INTERFACE | dir; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc new/patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc --- old/patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc 2021-08-30 08:57:18.000000000 +0200 +++ new/patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc 1970-01-01 01:00:00.000000000 +0100 @@ -1,68 +0,0 @@ -From: Dmitry V. Levin <l...@altlinux.org> -Date: Feb. 22, 2017, 2:29 a.m. -Subject: uapi: add a compatibility layer between linux/uio.h and glibc -References: bsc#1053501 -Patch-mainline: Not yet, submitted 2/22/2017 to lkml <jeffm: and largely ignored, lduncan will follow up, Oct 4, 2017> - -Do not define struct iovec in linux/uio.h when <sys/uio.h> or <fcntl.h> -is already included and provides these definitions. - -This fixes the following compilation error when <sys/uio.h> or <fcntl.h> -is included before <linux/uio.h>: - -/usr/include/linux/uio.h:16:8: error: redefinition of 'struct iovec' - -Signed-off-by: Dmitry V. Levin <l...@altlinux.org> -Acked-by: Lee Duncan <ldun...@suse.com> ---- - include/uapi/linux/libc-compat.h | 10 ++++++++++ - include/uapi/linux/uio.h | 3 +++ - 2 files changed, 13 insertions(+) - ---- a/include/uapi/linux/libc-compat.h -+++ b/include/uapi/linux/libc-compat.h -@@ -158,6 +158,13 @@ - - #endif /* defined(__NETIPX_IPX_H) */ - -+/* Coordinate with glibc bits/uio.h header. */ -+#if defined(_SYS_UIO_H) || defined(_FCNTL_H) -+#define __UAPI_DEF_IOVEC 0 -+#else -+#define __UAPI_DEF_IOVEC 1 -+#endif -+ - /* Definitions for xattr.h */ - #if defined(_SYS_XATTR_H) - #define __UAPI_DEF_XATTR 0 -@@ -205,6 +212,9 @@ - #define __UAPI_DEF_IPX_ROUTE_DEF 1 - #endif - -+/* Definitions for uio.h */ -+#define __UAPI_DEF_IOVEC 1 -+ - /* Definitions for xattr.h */ - #ifndef __UAPI_DEF_XATTR - #define __UAPI_DEF_XATTR 1 ---- a/include/uapi/linux/uio.h -+++ b/include/uapi/linux/uio.h -@@ -9,15 +9,18 @@ - #ifndef _UAPI__LINUX_UIO_H - #define _UAPI__LINUX_UIO_H - -+#include <linux/libc-compat.h> - #include <linux/compiler.h> - #include <linux/types.h> - - -+#if __UAPI_DEF_IOVEC - struct iovec - { - void __user *iov_base; /* BSD uses caddr_t (1003.1g requires void *) */ - __kernel_size_t iov_len; /* Must be size_t (1003.1g) */ - }; -+#endif /* __UAPI_DEF_IOVEC */ - - /* - * UIO_MAXIOV shall be at least 16 1003.1g (5.4.1.1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/watchdog-Fix-NULL-pointer-dereference-when-releasing.patch new/patches.suse/watchdog-Fix-NULL-pointer-dereference-when-releasing.patch --- old/patches.suse/watchdog-Fix-NULL-pointer-dereference-when-releasing.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/watchdog-Fix-NULL-pointer-dereference-when-releasing.patch 2021-09-04 10:22:09.000000000 +0200 @@ -0,0 +1,49 @@ +From: Curtis Klein <curtis.kl...@hpe.com> +Date: Tue, 22 Jun 2021 23:26:23 -0700 +Subject: watchdog: Fix NULL pointer dereference when releasing cdev +Git-repo: git://www.linux-watchdog.org/linux-watchdog-next.git#master +Git-commit: c7b178dae139f8857edc50888cfbf251cd974a38 +Patch-mainline: Queued in subsystem maintainer repository +References: bsc#1190093 + +watchdog_hrtimer_pretimeout_stop needs the watchdog device to have a +valid pointer to the watchdog core data to stop the pretimeout hrtimer. +Therefore it needs to be called before the pointers are cleared in +watchdog_cdev_unregister. + +Fixes: 7b7d2fdc8c3e ("watchdog: Add hrtimer-based pretimeout feature") +Reported-by: Colin Ian King <colin.k...@canonical.com> +Signed-off-by: Curtis Klein <curtis.kl...@hpe.com> +Reviewed-by: Guenter Roeck <li...@roeck-us.net> +Link: https://lore.kernel.org/r/1624429583-5720-1-git-send-email-curtis.kl...@hpe.com +Signed-off-by: Guenter Roeck <li...@roeck-us.net> +Signed-off-by: Wim Van Sebroeck <w...@linux-watchdog.org> +Signed-off-by: Jiri Slaby <jsl...@suse.cz> +--- + drivers/watchdog/watchdog_dev.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/drivers/watchdog/watchdog_dev.c b/drivers/watchdog/watchdog_dev.c +index 5bf795c1b346..f408967ff1a4 100644 +--- a/drivers/watchdog/watchdog_dev.c ++++ b/drivers/watchdog/watchdog_dev.c +@@ -1096,6 +1096,8 @@ static void watchdog_cdev_unregister(struct watchdog_device *wdd) + watchdog_stop(wdd); + } + ++ watchdog_hrtimer_pretimeout_stop(wdd); ++ + mutex_lock(&wd_data->lock); + wd_data->wdd = NULL; + wdd->wd_data = NULL; +@@ -1103,7 +1105,6 @@ static void watchdog_cdev_unregister(struct watchdog_device *wdd) + + hrtimer_cancel(&wd_data->timer); + kthread_cancel_work_sync(&wd_data->work); +- watchdog_hrtimer_pretimeout_stop(wdd); + + put_device(&wd_data->dev); + } +-- +2.33.0 + ++++++ preun.sh ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.620833243 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.624833248 +0200 @@ -1,4 +1,4 @@ if [ @BASE_PACKAGE@ = 0 ]; then nvr=@SUBPACKAGE@-@RPM_VERSION_RELEASE@ - rpm -ql $nvr | grep '\.ko\(\.xz\)\?$' > /var/run/rpm-$nvr-modules + rpm -ql $nvr | grep '\.ko\(\.xz\|\.gz\|\.zst\)\?$' > /var/run/rpm-$nvr-modules fi ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.656833286 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.656833286 +0200 @@ -27,6 +27,18 @@ # DO NOT MODIFY THEM! # Send separate patches upstream if you find a problem... ######################################################## + patches.kernel.org/5.14.1-001-vt_kdsetmode-extend-console-locking.patch + patches.kernel.org/5.14.1-002-Bluetooth-btusb-check-conditions-before-enabli.patch + patches.kernel.org/5.14.1-003-net-dsa-mt7530-fix-VLAN-traffic-leaks-again.patch + patches.kernel.org/5.14.1-004-btrfs-fix-NULL-pointer-dereference-when-deleti.patch + patches.kernel.org/5.14.1-005-Revert-floppy-reintroduce-O_NDELAY-fix.patch + patches.kernel.org/5.14.1-006-fscrypt-add-fscrypt_symlink_getattr-for-comput.patch + patches.kernel.org/5.14.1-007-ext4-report-correct-st_size-for-encrypted-syml.patch + patches.kernel.org/5.14.1-008-f2fs-report-correct-st_size-for-encrypted-syml.patch + patches.kernel.org/5.14.1-009-ubifs-report-correct-st_size-for-encrypted-sym.patch + patches.kernel.org/5.14.1-010-net-don-t-unconditionally-copy_from_user-a-str.patch + patches.kernel.org/5.14.1-011-audit-move-put_tree-to-avoid-trim_trees-refcou.patch + patches.kernel.org/5.14.1-012-Linux-5.14.1.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -50,7 +62,15 @@ # to area specific sections below. ######################################################## patches.suse/arm64-dts-rockchip-Disable-CDN-DP-on-Pinebook-Pro.patch - patches.suse/hid-fix-length-inconsistency.patch + patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch + patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch + patches.suse/HID-usbhid-Simplify-code-in-hid_submit_ctrl.patch + patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch + patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch + patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch + patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch + patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch + patches.suse/watchdog-Fix-NULL-pointer-dereference-when-releasing.patch ######################################################## # kbuild/module infrastructure fixes @@ -110,7 +130,6 @@ patches.suse/vfs-add-super_operations-get_inode_dev # btrfs - patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc patches.suse/btrfs-provide-super_operations-get_inode_dev patches.suse/btrfs-fs-super.c-add-new-super-block-devices-super_block_d.patch patches.suse/btrfs-use-the-new-VFS-super_block_dev.patch @@ -133,7 +152,6 @@ ######################################################## # Networking core ######################################################## - patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch ######################################################## # Security @@ -180,10 +198,6 @@ # Wireless networking drivers ######################################################## patches.suse/b43-missing-firmware-info.patch - patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch - patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch - patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch - patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch ######################################################## # USB ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.684833318 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.684833318 +0200 @@ -1,3 +1,3 @@ -2021-08-30 07:01:36 +0000 -GIT Revision: dc06e24ed55cc7b02a04a66a5ddcfbd8abb2b548 +2021-09-04 08:22:51 +0000 +GIT Revision: 67af907a1ed285fde3476e8419e51f68252f488f GIT Branch: stable ++++++ split-modules ++++++ --- /var/tmp/diff_new_pack.VGTlQU/_old 2021-09-09 23:07:34.696833332 +0200 +++ /var/tmp/diff_new_pack.VGTlQU/_new 2021-09-09 23:07:34.696833332 +0200 @@ -59,8 +59,8 @@ tmp=$(mktemp -d) mkdir "$tmp/empty" -find "$opt_dir" -type f \( -name '*.ko' -o -name '*.ko.xz' \) -printf '/%P\n' | \ - awk -F/ '{ n=$NF; gsub(/-/, "_", n); sub(/\.ko(\.xz)?$/, "", n); print n " " $0; }' | \ +find "$opt_dir" -type f \( -name '*.ko' -o -name '*.ko.xz' -o -name '*.ko.gz' -o -name '*.ko.zst' \) -printf '/%P\n' | \ + awk -F/ '{ n=$NF; gsub(/-/, "_", n); sub(/\.ko(\.xz|\.gz|\.zst)?$/, "", n); print n " " $0; }' | \ sort >"$tmp/all" err=false @@ -101,7 +101,7 @@ @for dep in $^; do echo "$$dep needed by $@"; done >> $(EXPLAIN) endif ' - sed -r 's:[^ ]*/([^/]*)\.ko(.xz)?\>:\1:g; y/-/_/' "$modules_dep" + sed -r 's:[^ ]*/([^/]*)\.ko(\.xz|\.gz|\.zst)?\>:\1:g; y/-/_/' "$modules_dep" ) >"$tmp/dep" add_dependent_modules() @@ -161,7 +161,10 @@ declare -A modmarks wcmarks wcpaths=() while read mark path; do - path=${path%.xz} + case $path in + *.ko.xz|*.ko.gz|*.ko.zst) + path=${path%.*};; + esac path=${path%.ko} mod=${path##*/} modmarks["$mod"]="$mark" @@ -175,7 +178,10 @@ done < "$opt_builddir/Module.optional" while read xpath; do - path=${xpath%.xz} + case $path in + *.ko.xz|*.ko.gz|*.ko.zst) + path=${path%.*};; + esac path=${path%.ko} mod=${path##*/} x=${modmarks["$mod"]} @@ -196,7 +202,7 @@ done < "$opt_out/unsupported-modules" | sort > "$tmp/unsupp-extra" cat "$tmp/supp-all" "$tmp/kmp-all" "$tmp/unsupp-extra" | \ - sed -r 's:[^ ]*/([^/]*)\.ko(.xz)?\>:\1:g; y/-/_/' | sort -u > "$tmp/unsupp-extra-all" + sed -r 's:[^ ]*/([^/]*)\.ko(\.xz|\.gz|\.zst)?\>:\1:g; y/-/_/' | sort -u > "$tmp/unsupp-extra-all" add_dependent_modules "$tmp/unsupp-explain" <"$tmp/unsupp-extra-all" >"$tmp/unsupp-extra-dep" if ! cmp -s "$tmp/unsupp-extra-all" "$tmp/unsupp-extra-dep"; then echo "The following optional modules are used by extra modules:" >&2