Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2021-09-14 21:14:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Tue Sep 14 21:14:02 2021 rev:605 rq:917930 version:5.14.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
2021-09-09 23:07:29.192826943 +0200
+++ /work/SRC/openSUSE:Factory/.kernel-source.new.1899/dtb-aarch64.changes
2021-09-14 21:14:03.832385843 +0200
@@ -1,0 +2,91 @@
+Thu Sep 9 16:33:33 CEST 2021 - rgold...@suse.com
+
+- Delete 0001-apparmor-fix-unnecessary-creation-of-net-compat.patch
+ (bsc#1189978)
+ Compat patch no longer required since userspace is upgraded to v3.x
+- commit c28bbe5
+
+-------------------------------------------------------------------
+Wed Sep 8 16:16:46 CEST 2021 - je...@suse.com
+
+- Delete patches.suse/setuid-dumpable-wrongdir (bsc#1189957).
+- commit 762368d
+
+-------------------------------------------------------------------
+Wed Sep 8 14:40:21 CEST 2021 - ti...@suse.de
+
+- Bluetooth: schedule SCO timeouts with delayed_work
+ (CVE-2021-3640 bsc#1188172).
+- Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch.
+- commit 2605fb9
+
+-------------------------------------------------------------------
+Wed Sep 8 13:39:44 CEST 2021 - jsl...@suse.cz
+
+- rpm/kernel-source.spec.in: do some more for vanilla_only
+ Make sure:
+ * sources are NOT executable
+ * env is not used as interpreter
+ * timestamps are correct
+ We do all this for normal kernel builds, but not for vanilla_only
+ kernels (linux-next and vanilla).
+- commit b41e4fd
+
+-------------------------------------------------------------------
+Wed Sep 8 09:11:24 CEST 2021 - jsl...@suse.cz
+
+- Linux 5.14.2 (bsc#1012628).
+- ext4: fix race writing to an inline_data file while its xattrs
+ are changing (bsc#1012628).
+- ext4: fix e2fsprogs checksum failure for mounted filesystem
+ (bsc#1012628).
+- xtensa: fix kconfig unmet dependency warning for
+ HAVE_FUTEX_CMPXCHG (bsc#1012628).
+- USB: serial: pl2303: fix GL type detection (bsc#1012628).
+- USB: serial: cp210x: fix control-characters error handling
+ (bsc#1012628).
+- USB: serial: cp210x: fix flow-control error handling
+ (bsc#1012628).
+- ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
+ (bsc#1012628).
+- ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC
+ (bsc#1012628).
+- ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
+ ROG Strix G17 (bsc#1012628).
+- ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (bsc#1012628).
+- ALSA: usb-audio: Work around for XRUN with low latency playback
+ (bsc#1012628).
+- media: stkwebcam: fix memory leak in stk_camera_probe
+ (bsc#1012628).
+- commit b155faa
+
+-------------------------------------------------------------------
+Tue Sep 7 18:27:27 CEST 2021 - mkube...@suse.cz
+
+- series.conf: cleanup
+- update upstream reference and move to appropriate section:
+ - patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch
+- commit 1eedbb8
+
+-------------------------------------------------------------------
+Tue Sep 7 15:36:01 CEST 2021 - mbrug...@suse.com
+
+- crypto: ecc - handle unaligned input buffer in ecc_swap_digits
+ (bsc#1188327).
+- commit f7925a4
+
+-------------------------------------------------------------------
+Tue Sep 7 09:21:37 CEST 2021 - h...@suse.de
+
+- Refresh patches.suse/scsi-retry-alua-transition-in-progress.
+- Delete patches.suse/megaraid-mbox-fix-SG_IO.
+- commit d1e442c
+
+-------------------------------------------------------------------
+Mon Sep 6 19:48:11 CEST 2021 - mkou...@suse.com
+
+- memcg: enable accounting of ipc resources (bsc#1190115
+ CVE-2021-3759).
+- commit 9193235
+
+-------------------------------------------------------------------
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
dtb-riscv64.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-kvmsmall.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-vanilla.changes: same change
kernel-zfcpdump.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.344390272 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.348390276 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -29,9 +29,9 @@
%(chmod +x
%_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build})
Name: dtb-aarch64
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
dtb-riscv64.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.436390362 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.444390371 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
%define compress_modules xz
@@ -86,9 +86,9 @@
Summary: Kernel with 64kb PAGE_SIZE
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -210,10 +210,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f
-Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides:
kernel-%build_flavor-base-srchash-314dce0059447f7063b87fb9e87c4744e389054d
+Provides: kernel-srchash-314dce0059447f7063b87fb9e87c4744e389054d
# END COMMON DEPS
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%obsolete_rebuilds %name
Source0:
http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source2: source-post.sh
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.464390390 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.468390394 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
%define compress_modules xz
@@ -86,9 +86,9 @@
Summary: A Debug Version of the Kernel
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -210,10 +210,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f
-Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides:
kernel-%build_flavor-base-srchash-314dce0059447f7063b87fb9e87c4744e389054d
+Provides: kernel-srchash-314dce0059447f7063b87fb9e87c4744e389054d
# END COMMON DEPS
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%ifarch ppc64
Provides: kernel-kdump = 2.6.28
Obsoletes: kernel-kdump <= 2.6.28
++++++ kernel-default.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.492390418 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.496390422 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
%define compress_modules xz
@@ -86,9 +86,9 @@
Summary: The Standard Kernel
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -210,10 +210,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f
-Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides:
kernel-%build_flavor-base-srchash-314dce0059447f7063b87fb9e87c4744e389054d
+Provides: kernel-srchash-314dce0059447f7063b87fb9e87c4744e389054d
# END COMMON DEPS
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%ifarch %ix86
Provides: kernel-smp = 2.6.17
Obsoletes: kernel-smp <= 2.6.17
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.516390441 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.516390441 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -31,9 +31,9 @@
Summary: Kernel Documentation
License: GPL-2.0-only
Group: Documentation/Man
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -64,7 +64,7 @@
%endif
Url: http://www.kernel.org/
Provides: %name = %version-%source_rel
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0:
http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
++++++ kernel-kvmsmall.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.540390465 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.544390469 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
%define compress_modules xz
@@ -86,9 +86,9 @@
Summary: The Small Developer Kernel for KVM
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -210,10 +210,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f
-Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides:
kernel-%build_flavor-base-srchash-314dce0059447f7063b87fb9e87c4744e389054d
+Provides: kernel-srchash-314dce0059447f7063b87fb9e87c4744e389054d
# END COMMON DEPS
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%obsolete_rebuilds %name
Source0:
http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source2: source-post.sh
kernel-lpae.spec: same change
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.588390511 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.592390516 +0200
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
@@ -45,7 +45,7 @@
%endif
%endif
%endif
-BuildRequires:
kernel%kernel_flavor-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+BuildRequires:
kernel%kernel_flavor-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%if 0%{?rhel_version}
BuildRequires: kernel
@@ -64,9 +64,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0-only
Group: SLES
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.612390536 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.616390539 +0200
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0-only
Group: SLES
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.632390555 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.636390559 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
%define compress_modules xz
@@ -86,9 +86,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -210,10 +210,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f
-Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides:
kernel-%build_flavor-base-srchash-314dce0059447f7063b87fb9e87c4744e389054d
+Provides: kernel-srchash-314dce0059447f7063b87fb9e87c4744e389054d
# END COMMON DEPS
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%ifarch %ix86
Provides: kernel-bigsmp = 2.6.17
Obsoletes: kernel-bigsmp <= 2.6.17
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.652390575 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.656390578 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
@@ -30,9 +30,9 @@
Summary: The Linux Kernel Sources
License: GPL-2.0-only
Group: Development/Sources
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -43,7 +43,7 @@
BuildRequires: sed
Requires(post): coreutils sed
Provides: %name = %version-%source_rel
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
Provides: linux
Provides: multiversion(kernel)
Source0:
http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
@@ -267,6 +267,7 @@
-D "$OLDPWD/devel.files" -N "$OLDPWD/nondevel.files" \
-L "%src_install_dir"
popd
+%endif
find %{buildroot}/usr/src/linux* -type f -name '*.[ch]' -perm /0111 -exec
chmod -v a-x {} +
# OBS checks don't like /usr/bin/env in script interpreter lines
@@ -281,6 +282,7 @@
ts="$(head -n1 %_sourcedir/source-timestamp)"
find %buildroot/usr/src/linux* ! -type l | xargs touch -d "$ts"
+%if ! %vanilla_only
%post -f %name-post.sh
%post -n kernel-devel%variant -f %name-post.sh
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.680390602 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.680390602 +0200
@@ -24,10 +24,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0-only
Group: Development/Sources
-Version: 5.14.1
+Version: 5.14.2
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -52,7 +52,7 @@
%endif
Requires: pesign-obs-integration
Provides: %name = %version-%source_rel
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
Provides: multiversion(kernel)
Source: README.KSYMS
Requires: kernel-devel%variant = %version-%source_rel
++++++ kernel-vanilla.spec ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:08.700390622 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:08.704390626 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.14
-%define patchversion 5.14.1
+%define patchversion 5.14.2
%define variant %{nil}
%define vanilla_only 0
%define compress_modules xz
@@ -86,9 +86,9 @@
Summary: The Standard Kernel - without any SUSE patches
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.14.1
+Version: 5.14.2
%if 0%{?is_kotd}
-Release: <RELEASE>.g67af907
+Release: <RELEASE>.g314dce0
%else
Release: 0
%endif
@@ -210,10 +210,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-67af907a1ed285fde3476e8419e51f68252f488f
-Provides: kernel-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides:
kernel-%build_flavor-base-srchash-314dce0059447f7063b87fb9e87c4744e389054d
+Provides: kernel-srchash-314dce0059447f7063b87fb9e87c4744e389054d
# END COMMON DEPS
-Provides: %name-srchash-67af907a1ed285fde3476e8419e51f68252f488f
+Provides: %name-srchash-314dce0059447f7063b87fb9e87c4744e389054d
%obsolete_rebuilds %name
Source0:
http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source2: source-post.sh
kernel-zfcpdump.spec: same change
++++++ kernel-source.spec.in ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:09.120391033 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:09.120391033 +0200
@@ -267,6 +267,7 @@
-D "$OLDPWD/devel.files" -N "$OLDPWD/nondevel.files" \
-L "%src_install_dir"
popd
+%endif
find %{buildroot}/usr/src/linux* -type f -name '*.[ch]' -perm /0111 -exec
chmod -v a-x {} +
# OBS checks don't like /usr/bin/env in script interpreter lines
@@ -281,6 +282,7 @@
ts="$(head -n1 %_sourcedir/source-timestamp)"
find %buildroot/usr/src/linux* ! -type l | xargs touch -d "$ts"
+%if ! %vanilla_only
%post -f %name-post.sh
%post -n kernel-devel%variant -f %name-post.sh
++++++ patches.kernel.org.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-001-ext4-fix-race-writing-to-an-inline_data-file-w.patch
new/patches.kernel.org/5.14.2-001-ext4-fix-race-writing-to-an-inline_data-file-w.patch
---
old/patches.kernel.org/5.14.2-001-ext4-fix-race-writing-to-an-inline_data-file-w.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-001-ext4-fix-race-writing-to-an-inline_data-file-w.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,49 @@
+From: Theodore Ts'o <ty...@mit.edu>
+Date: Fri, 20 Aug 2021 23:44:17 -0400
+Subject: [PATCH] ext4: fix race writing to an inline_data file while its
+ xattrs are changing
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: a54c4613dac1500b40e4ab55199f7c51f028e848
+
+commit a54c4613dac1500b40e4ab55199f7c51f028e848 upstream.
+
+The location of the system.data extended attribute can change whenever
+xattr_sem is not taken. So we need to recalculate the i_inline_off
+field since it mgiht have changed between ext4_write_begin() and
+ext4_write_end().
+
+This means that caching i_inline_off is probably not helpful, so in
+the long run we should probably get rid of it and shrink the in-memory
+ext4 inode slightly, but let's fix the race the simple way for now.
+
+Cc: sta...@kernel.org
+Fixes: f19d5870cbf72 ("ext4: add normal write support for inline data")
+Reported-by: syzbot+13146364637c7363a...@syzkaller.appspotmail.com
+Signed-off-by: Theodore Ts'o <ty...@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ fs/ext4/inline.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c
+index 70cb64db33f7..24e994e75f5c 100644
+--- a/fs/ext4/inline.c
++++ b/fs/ext4/inline.c
+@@ -750,6 +750,12 @@ int ext4_write_inline_data_end(struct inode *inode,
loff_t pos, unsigned len,
+ ext4_write_lock_xattr(inode, &no_expand);
+ BUG_ON(!ext4_has_inline_data(inode));
+
++ /*
++ * ei->i_inline_off may have changed since ext4_write_begin()
++ * called ext4_try_to_write_inline_data()
++ */
++ (void) ext4_find_inline_data_nolock(inode);
++
+ kaddr = kmap_atomic(page);
+ ext4_write_inline_data(inode, &iloc, kaddr, pos, len);
+ kunmap_atomic(kaddr);
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-002-ext4-fix-e2fsprogs-checksum-failure-for-mounte.patch
new/patches.kernel.org/5.14.2-002-ext4-fix-e2fsprogs-checksum-failure-for-mounte.patch
---
old/patches.kernel.org/5.14.2-002-ext4-fix-e2fsprogs-checksum-failure-for-mounte.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-002-ext4-fix-e2fsprogs-checksum-failure-for-mounte.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,55 @@
+From: Jan Kara <j...@suse.cz>
+Date: Thu, 12 Aug 2021 14:47:37 +0200
+Subject: [PATCH] ext4: fix e2fsprogs checksum failure for mounted filesystem
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: b2bbb92f7042e8075fb036bf97043339576330c3
+
+commit b2bbb92f7042e8075fb036bf97043339576330c3 upstream.
+
+Commit 81414b4dd48 ("ext4: remove redundant sb checksum
+recomputation") removed checksum recalculation after updating
+superblock free space / inode counters in ext4_fill_super() based on
+the fact that we will recalculate the checksum on superblock
+writeout.
+
+That is correct assumption but until the writeout happens (which can
+take a long time) the checksum is incorrect in the buffer cache and if
+programs such as tune2fs or resize2fs is called shortly after a file
+system is mounted can fail. So return back the checksum recalculation
+and add a comment explaining why.
+
+Fixes: 81414b4dd48f ("ext4: remove redundant sb checksum recomputation")
+Cc: sta...@kernel.org
+Reported-by: Boyang Xue <b...@redhat.com>
+Signed-off-by: Jan Kara <j...@suse.cz>
+Signed-off-by: Theodore Ts'o <ty...@mit.edu>
+Link: https://lore.kernel.org/r/20210812124737.21981-1-j...@suse.cz
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ fs/ext4/super.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/fs/ext4/super.c b/fs/ext4/super.c
+index dfa09a277b56..970013c93d3e 100644
+--- a/fs/ext4/super.c
++++ b/fs/ext4/super.c
+@@ -5032,6 +5032,14 @@ static int ext4_fill_super(struct super_block *sb, void
*data, int silent)
+ err = percpu_counter_init(&sbi->s_freeinodes_counter, freei,
+ GFP_KERNEL);
+ }
++ /*
++ * Update the checksum after updating free space/inode
++ * counters. Otherwise the superblock can have an incorrect
++ * checksum in the buffer cache until it is written out and
++ * e2fsprogs programs trying to open a file system immediately
++ * after it is mounted can fail.
++ */
++ ext4_superblock_csum_set(sb);
+ if (!err)
+ err = percpu_counter_init(&sbi->s_dirs_counter,
+ ext4_count_dirs(sb), GFP_KERNEL);
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-003-xtensa-fix-kconfig-unmet-dependency-warning-fo.patch
new/patches.kernel.org/5.14.2-003-xtensa-fix-kconfig-unmet-dependency-warning-fo.patch
---
old/patches.kernel.org/5.14.2-003-xtensa-fix-kconfig-unmet-dependency-warning-fo.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-003-xtensa-fix-kconfig-unmet-dependency-warning-fo.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,47 @@
+From: Randy Dunlap <rdun...@infradead.org>
+Date: Wed, 26 May 2021 00:03:37 -0700
+Subject: [PATCH] xtensa: fix kconfig unmet dependency warning for
+ HAVE_FUTEX_CMPXCHG
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: ed5aacc81cd41efc4d561e14af408d1003f7b855
+
+commit ed5aacc81cd41efc4d561e14af408d1003f7b855 upstream.
+
+XTENSA should only select HAVE_FUTEX_CMPXCHG when FUTEX is
+set/enabled. This prevents a kconfig warning.
+
+WARNING: unmet direct dependencies detected for HAVE_FUTEX_CMPXCHG
+ Depends on [n]: FUTEX [=n]
+ Selected by [y]:
+ - XTENSA [=y] && !MMU [=n]
+
+Fixes: d951ba21b959 ("xtensa: nommu: select HAVE_FUTEX_CMPXCHG")
+Signed-off-by: Randy Dunlap <rdun...@infradead.org>
+Cc: Max Filippov <jcmvb...@gmail.com>
+Cc: Chris Zankel <ch...@zankel.net>
+Cc: linux-xte...@linux-xtensa.org
+Message-Id: <20210526070337.28130-1-rdun...@infradead.org>
+Signed-off-by: Max Filippov <jcmvb...@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ arch/xtensa/Kconfig | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/xtensa/Kconfig b/arch/xtensa/Kconfig
+index 3878880469d1..b843902ad9fd 100644
+--- a/arch/xtensa/Kconfig
++++ b/arch/xtensa/Kconfig
+@@ -30,7 +30,7 @@ config XTENSA
+ select HAVE_DMA_CONTIGUOUS
+ select HAVE_EXIT_THREAD
+ select HAVE_FUNCTION_TRACER
+- select HAVE_FUTEX_CMPXCHG if !MMU
++ select HAVE_FUTEX_CMPXCHG if !MMU && FUTEX
+ select HAVE_HW_BREAKPOINT if PERF_EVENTS
+ select HAVE_IRQ_TIME_ACCOUNTING
+ select HAVE_PCI
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-004-USB-serial-pl2303-fix-GL-type-detection.patch
new/patches.kernel.org/5.14.2-004-USB-serial-pl2303-fix-GL-type-detection.patch
---
old/patches.kernel.org/5.14.2-004-USB-serial-pl2303-fix-GL-type-detection.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-004-USB-serial-pl2303-fix-GL-type-detection.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,39 @@
+From: Robert Marko <robert.ma...@sartura.hr>
+Date: Thu, 26 Aug 2021 13:02:39 +0200
+Subject: [PATCH] USB: serial: pl2303: fix GL type detection
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: dcf097e7d21fbdfbf20e473ac155f4d154018374
+
+commit dcf097e7d21fbdfbf20e473ac155f4d154018374 upstream.
+
+At least some PL2303GL have a bcdDevice of 0x405 instead of 0x100 as the
+datasheet claims. Add it to the list of known release numbers for the
+HXN (G) type.
+
+Fixes: 894758d0571d ("USB: serial: pl2303: tighten type HXN (G) detection")
+Signed-off-by: Robert Marko <robert.ma...@sartura.hr>
+Cc: sta...@vger.kernel.org # 5.13
+Link: https://lore.kernel.org/r/20210826110239.5269-1-robert.ma...@sartura.hr
+Signed-off-by: Johan Hovold <jo...@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/usb/serial/pl2303.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/usb/serial/pl2303.c b/drivers/usb/serial/pl2303.c
+index 930b3d50a330..f45ca7ddf78e 100644
+--- a/drivers/usb/serial/pl2303.c
++++ b/drivers/usb/serial/pl2303.c
+@@ -433,6 +433,7 @@ static int pl2303_detect_type(struct usb_serial *serial)
+ switch (bcdDevice) {
+ case 0x100:
+ case 0x305:
++ case 0x405:
+ /*
+ * Assume it's an HXN-type if the device doesn't
+ * support the old read request value.
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-005-USB-serial-cp210x-fix-control-characters-error.patch
new/patches.kernel.org/5.14.2-005-USB-serial-cp210x-fix-control-characters-error.patch
---
old/patches.kernel.org/5.14.2-005-USB-serial-cp210x-fix-control-characters-error.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-005-USB-serial-cp210x-fix-control-characters-error.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,58 @@
+From: Johan Hovold <jo...@kernel.org>
+Date: Mon, 5 Jul 2021 10:20:10 +0200
+Subject: [PATCH] USB: serial: cp210x: fix control-characters error handling
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: 2d9a00705910ccea2dc5d9cba5469ff2de72fc87
+
+commit 2d9a00705910ccea2dc5d9cba5469ff2de72fc87 upstream.
+
+In the unlikely event that setting the software flow-control characters
+fails the other flow-control settings should still be updated (just like
+all other terminal settings).
+
+Move out the error message printed by the set_chars() helper to make it
+more obvious that this is intentional.
+
+Fixes: 7748feffcd80 ("USB: serial: cp210x: add support for software flow
control")
+Cc: sta...@vger.kernel.org # 5.11
+Reviewed-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Johan Hovold <jo...@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/usb/serial/cp210x.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c
+index 3c80bfbf3bec..ad6aeb44f3e6 100644
+--- a/drivers/usb/serial/cp210x.c
++++ b/drivers/usb/serial/cp210x.c
+@@ -1164,10 +1164,8 @@ static int cp210x_set_chars(struct usb_serial_port
*port,
+
+ kfree(dmabuf);
+
+- if (result < 0) {
+- dev_err(&port->dev, "failed to set special chars: %d\n",
result);
++ if (result < 0)
+ return result;
+- }
+
+ return 0;
+ }
+@@ -1219,8 +1217,10 @@ static void cp210x_set_flow_control(struct tty_struct
*tty,
+ chars.bXoffChar = STOP_CHAR(tty);
+
+ ret = cp210x_set_chars(port, &chars);
+- if (ret)
+- return;
++ if (ret) {
++ dev_err(&port->dev, "failed to set special chars: %d\n",
++ ret);
++ }
+ }
+
+ mutex_lock(&port_priv->mutex);
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-006-USB-serial-cp210x-fix-flow-control-error-handl.patch
new/patches.kernel.org/5.14.2-006-USB-serial-cp210x-fix-flow-control-error-handl.patch
---
old/patches.kernel.org/5.14.2-006-USB-serial-cp210x-fix-flow-control-error-handl.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-006-USB-serial-cp210x-fix-flow-control-error-handl.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,69 @@
+From: Johan Hovold <jo...@kernel.org>
+Date: Mon, 5 Jul 2021 10:20:11 +0200
+Subject: [PATCH] USB: serial: cp210x: fix flow-control error handling
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: ba4bbdabecd11530dca78dbae3ee7e51ffdc0a06
+
+commit ba4bbdabecd11530dca78dbae3ee7e51ffdc0a06 upstream.
+
+Make sure that the driver crtscts state is not updated in the unlikely
+event that the flow-control request fails. Not doing so could break RTS
+control.
+
+Fixes: 5951b8508855 ("USB: serial: cp210x: suppress modem-control errors")
+Cc: sta...@vger.kernel.org # 5.11
+Reviewed-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Johan Hovold <jo...@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/usb/serial/cp210x.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c
+index ad6aeb44f3e6..d48bed5782a5 100644
+--- a/drivers/usb/serial/cp210x.c
++++ b/drivers/usb/serial/cp210x.c
+@@ -1190,6 +1190,7 @@ static void cp210x_set_flow_control(struct tty_struct
*tty,
+ struct cp210x_flow_ctl flow_ctl;
+ u32 flow_repl;
+ u32 ctl_hs;
++ bool crtscts;
+ int ret;
+
+ /*
+@@ -1249,14 +1250,14 @@ static void cp210x_set_flow_control(struct tty_struct
*tty,
+ flow_repl |= CP210X_SERIAL_RTS_FLOW_CTL;
+ else
+ flow_repl |= CP210X_SERIAL_RTS_INACTIVE;
+- port_priv->crtscts = true;
++ crtscts = true;
+ } else {
+ ctl_hs &= ~CP210X_SERIAL_CTS_HANDSHAKE;
+ if (port_priv->rts)
+ flow_repl |= CP210X_SERIAL_RTS_ACTIVE;
+ else
+ flow_repl |= CP210X_SERIAL_RTS_INACTIVE;
+- port_priv->crtscts = false;
++ crtscts = false;
+ }
+
+ if (I_IXOFF(tty)) {
+@@ -1279,8 +1280,12 @@ static void cp210x_set_flow_control(struct tty_struct
*tty,
+ flow_ctl.ulControlHandshake = cpu_to_le32(ctl_hs);
+ flow_ctl.ulFlowReplace = cpu_to_le32(flow_repl);
+
+- cp210x_write_reg_block(port, CP210X_SET_FLOW, &flow_ctl,
++ ret = cp210x_write_reg_block(port, CP210X_SET_FLOW, &flow_ctl,
+ sizeof(flow_ctl));
++ if (ret)
++ goto out_unlock;
++
++ port_priv->crtscts = crtscts;
+ out_unlock:
+ mutex_unlock(&port_priv->mutex);
+ }
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-007-HID-usbhid-Fix-flood-of-control-queue-full-mes.patch
new/patches.kernel.org/5.14.2-007-HID-usbhid-Fix-flood-of-control-queue-full-mes.patch
---
old/patches.kernel.org/5.14.2-007-HID-usbhid-Fix-flood-of-control-queue-full-mes.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-007-HID-usbhid-Fix-flood-of-control-queue-full-mes.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,86 @@
+From: Michal Kubecek <mkube...@suse.cz>
+Date: Wed, 1 Sep 2021 12:35:49 -0400
+Subject: [PATCH] HID: usbhid: Fix flood of "control queue full" messages
+Patch-mainline: 5.14.2
+References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz
20210819195300.ga8...@rowland.harvard.edu
<cover.1630658591.git.mkube...@suse.cz> bsc#1012628
+Git-commit: 5049307d37a760e304ad191c5dc7c6851266d2f8
+
+commit 5049307d37a760e304ad191c5dc7c6851266d2f8 upstream.
+
+[patch description by Alan Stern]
+
+Commit 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength
+for control transfers") causes control URB submissions to fail if the
+transfer_buffer_length value disagrees with the setup packet's wLength
+valuel. Unfortunately, it turns out that the usbhid can trigger this
+failure mode when it submits a control request for an input report: It
+pads the transfer buffer size to a multiple of the maxpacket value but
+does not increase wLength correspondingly.
+
+These failures have caused problems for people using an APS UPC, in
+the form of a flood of log messages resembling:
+
+ hid-generic 0003:051D:0002.0002: control queue full
+
+This patch fixes the problem by setting the wLength value equal to the
+padded transfer_buffer_length value in hid_submit_ctrl(). As a nice
+bonus, the code which stores the transfer_buffer_length value is now
+shared between the two branches of an "if" statement, so it can be
+de-duplicated.
+
+Signed-off-by: Michal Kubecek <mkube...@suse.cz>
+Signed-off-by: Alan Stern <st...@rowland.harvard.edu>
+Fixes: 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength for
control transfers")
+Tested-by: Oleksandr Natalenko <oleksa...@natalenko.name>
+Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
+Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
+Cc: sta...@vger.kernel.org
+Signed-off-by: Jiri Kosina <jkos...@suse.cz>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/hid/usbhid/hid-core.c | 15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/drivers/hid/usbhid/hid-core.c b/drivers/hid/usbhid/hid-core.c
+index 06130dc431a0..ef240ef63a66 100644
+--- a/drivers/hid/usbhid/hid-core.c
++++ b/drivers/hid/usbhid/hid-core.c
+@@ -377,27 +377,26 @@ static int hid_submit_ctrl(struct hid_device *hid)
+ len = hid_report_len(report);
+ if (dir == USB_DIR_OUT) {
+ usbhid->urbctrl->pipe = usb_sndctrlpipe(hid_to_usb_dev(hid), 0);
+- usbhid->urbctrl->transfer_buffer_length = len;
+ if (raw_report) {
+ memcpy(usbhid->ctrlbuf, raw_report, len);
+ kfree(raw_report);
+ usbhid->ctrl[usbhid->ctrltail].raw_report = NULL;
+ }
+ } else {
+- int maxpacket, padlen;
++ int maxpacket;
+
+ usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0);
+ maxpacket = usb_maxpacket(hid_to_usb_dev(hid),
+ usbhid->urbctrl->pipe, 0);
+ if (maxpacket > 0) {
+- padlen = DIV_ROUND_UP(len, maxpacket);
+- padlen *= maxpacket;
+- if (padlen > usbhid->bufsize)
+- padlen = usbhid->bufsize;
++ len = DIV_ROUND_UP(len, maxpacket);
++ len *= maxpacket;
++ if (len > usbhid->bufsize)
++ len = usbhid->bufsize;
+ } else
+- padlen = 0;
+- usbhid->urbctrl->transfer_buffer_length = padlen;
++ len = 0;
+ }
++ usbhid->urbctrl->transfer_buffer_length = len;
+ usbhid->urbctrl->dev = hid_to_usb_dev(hid);
+
+ usbhid->cr->bRequestType = USB_TYPE_CLASS | USB_RECIP_INTERFACE | dir;
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-008-HID-usbhid-Fix-warning-caused-by-0-length-inpu.patch
new/patches.kernel.org/5.14.2-008-HID-usbhid-Fix-warning-caused-by-0-length-inpu.patch
---
old/patches.kernel.org/5.14.2-008-HID-usbhid-Fix-warning-caused-by-0-length-inpu.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-008-HID-usbhid-Fix-warning-caused-by-0-length-inpu.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,54 @@
+From: Alan Stern <st...@rowland.harvard.edu>
+Date: Wed, 1 Sep 2021 12:36:00 -0400
+Subject: [PATCH] HID: usbhid: Fix warning caused by 0-length input reports
+Patch-mainline: 5.14.2
+References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz
20210819195300.ga8...@rowland.harvard.edu
<cover.1630658591.git.mkube...@suse.cz> bsc#1012628
+Git-commit: 0a824efdb724e07574bafcd2c2486b2a3de35ff6
+
+commit 0a824efdb724e07574bafcd2c2486b2a3de35ff6 upstream.
+
+Syzbot found a warning caused by hid_submit_ctrl() submitting a
+control request to transfer a 0-length input report:
+
+ usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType a1
+
+(The warning message is a little difficult to understand. It means
+that the control request claims to be for an IN transfer but this
+contradicts the USB spec, which requires 0-length control transfers
+always to be in the OUT direction.)
+
+Now, a zero-length report isn't good for anything and there's no
+reason for a device to have one, but the fuzzer likes to pick out
+these weird edge cases. In the future, perhaps we will decide to
+reject 0-length reports at probe time. For now, the simplest approach
+for avoiding these warnings is to pretend that the report actually has
+length 1.
+
+Signed-off-by: Alan Stern <st...@rowland.harvard.edu>
+Reported-and-tested-by: syzbot+9b57a46bf1801ce2a...@syzkaller.appspotmail.com
+Tested-by: Oleksandr Natalenko <oleksa...@natalenko.name>
+Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
+Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
+Cc: sta...@vger.kernel.org
+Signed-off-by: Jiri Kosina <jkos...@suse.cz>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/hid/usbhid/hid-core.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/hid/usbhid/hid-core.c b/drivers/hid/usbhid/hid-core.c
+index ef240ef63a66..b234958f883a 100644
+--- a/drivers/hid/usbhid/hid-core.c
++++ b/drivers/hid/usbhid/hid-core.c
+@@ -389,6 +389,7 @@ static int hid_submit_ctrl(struct hid_device *hid)
+ maxpacket = usb_maxpacket(hid_to_usb_dev(hid),
+ usbhid->urbctrl->pipe, 0);
+ if (maxpacket > 0) {
++ len += (len == 0); /* Don't allow 0-length reports */
+ len = DIV_ROUND_UP(len, maxpacket);
+ len *= maxpacket;
+ if (len > usbhid->bufsize)
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-009-ALSA-hda-realtek-Quirk-for-HP-Spectre-x360-14-.patch
new/patches.kernel.org/5.14.2-009-ALSA-hda-realtek-Quirk-for-HP-Spectre-x360-14-.patch
---
old/patches.kernel.org/5.14.2-009-ALSA-hda-realtek-Quirk-for-HP-Spectre-x360-14-.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-009-ALSA-hda-realtek-Quirk-for-HP-Spectre-x360-14-.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,38 @@
+From: Johnathon Clark <john.cl...@cantab.net>
+Date: Mon, 23 Aug 2021 17:21:10 +0100
+Subject: [PATCH] ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: 93ab3eafb0b3551c54175cb38afed3b82356a047
+
+commit 93ab3eafb0b3551c54175cb38afed3b82356a047 upstream.
+
+This patch extends support for the HP Spectre x360 14
+amp enable quirk to support a model of the device with
+an additional subdevice ID.
+
+Signed-off-by: Johnathon Clark <john.cl...@cantab.net>
+Link: https://lore.kernel.org/r/20210823162110.8870-1-john.cl...@cantab.net
+Cc: <sta...@vger.kernel.org>
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ sound/pci/hda/patch_realtek.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c
+index 7ad689f991e7..56e74bd0b095 100644
+--- a/sound/pci/hda/patch_realtek.c
++++ b/sound/pci/hda/patch_realtek.c
+@@ -8438,6 +8438,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = {
+ SND_PCI_QUIRK(0x103c, 0x87f2, "HP ProBook 640 G8 Notebook PC",
ALC236_FIXUP_HP_GPIO_LED),
+ SND_PCI_QUIRK(0x103c, 0x87f4, "HP", ALC287_FIXUP_HP_GPIO_LED),
+ SND_PCI_QUIRK(0x103c, 0x87f5, "HP", ALC287_FIXUP_HP_GPIO_LED),
++ SND_PCI_QUIRK(0x103c, 0x87f6, "HP Spectre x360 14",
ALC245_FIXUP_HP_X360_AMP),
+ SND_PCI_QUIRK(0x103c, 0x87f7, "HP Spectre x360 14",
ALC245_FIXUP_HP_X360_AMP),
+ SND_PCI_QUIRK(0x103c, 0x8805, "HP ProBook 650 G8 Notebook PC",
ALC236_FIXUP_HP_GPIO_LED),
+ SND_PCI_QUIRK(0x103c, 0x880d, "HP EliteBook 830 G8 Notebook PC",
ALC285_FIXUP_HP_GPIO_LED),
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-010-ALSA-usb-audio-Fix-regression-on-Sony-WALKMAN-.patch
new/patches.kernel.org/5.14.2-010-ALSA-usb-audio-Fix-regression-on-Sony-WALKMAN-.patch
---
old/patches.kernel.org/5.14.2-010-ALSA-usb-audio-Fix-regression-on-Sony-WALKMAN-.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-010-ALSA-usb-audio-Fix-regression-on-Sony-WALKMAN-.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,55 @@
+From: Takashi Iwai <ti...@suse.de>
+Date: Tue, 24 Aug 2021 07:47:00 +0200
+Subject: [PATCH] ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: 7af5a14371c1cf94a41f08eabb62a3faceec8911
+
+commit 7af5a14371c1cf94a41f08eabb62a3faceec8911 upstream.
+
+We've got a regression report for USB-audio with Sony WALKMAN NW-A45
+DAC device where no sound is audible on recent kernel. The bisection
+resulted in the code change wrt endpoint management, and the further
+debug session revealed that it was caused by the order of the USB
+audio interface. In the earlier code, we always set up the USB
+interface at first before other setups, but it was changed to be done
+at the last for UAC2/3, which is more standard way, while keeping the
+old way for UAC1. OTOH, this device seems requiring the setup of the
+interface at first just like UAC1.
+
+This patch works around the regression by applying the interface setup
+specifically for the WALKMAN at the beginning of the endpoint setup
+procedure. This change is written straightforwardly to be easily
+backported in old kernels. A further cleanup to move the workaround
+into a generic quirk section will follow in a later patch.
+
+Fixes: bf6313a0ff76 ("ALSA: usb-audio: Refactor endpoint management")
+Cc: <sta...@vger.kernel.org>
+BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=214105
+Link: https://lore.kernel.org/r/20210824054700.8236-1-ti...@suse.de
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ sound/usb/endpoint.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/sound/usb/endpoint.c b/sound/usb/endpoint.c
+index 4f856771216b..8b1bec51c806 100644
+--- a/sound/usb/endpoint.c
++++ b/sound/usb/endpoint.c
+@@ -1287,6 +1287,11 @@ int snd_usb_endpoint_configure(struct snd_usb_audio
*chip,
+ * to be set up before parameter setups
+ */
+ iface_first = ep->cur_audiofmt->protocol == UAC_VERSION_1;
++ /* Workaround for Sony WALKMAN NW-A45 DAC;
++ * it requires the interface setup at first like UAC1
++ */
++ if (chip->usb_id == USB_ID(0x054c, 0x0b8c))
++ iface_first = true;
+ if (iface_first) {
+ err = endpoint_set_interface(chip, ep, true);
+ if (err < 0)
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-011-ALSA-hda-realtek-Workaround-for-conflicting-SS.patch
new/patches.kernel.org/5.14.2-011-ALSA-hda-realtek-Workaround-for-conflicting-SS.patch
---
old/patches.kernel.org/5.14.2-011-ALSA-hda-realtek-Workaround-for-conflicting-SS.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-011-ALSA-hda-realtek-Workaround-for-conflicting-SS.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,55 @@
+From: Takashi Iwai <ti...@suse.de>
+Date: Fri, 20 Aug 2021 16:32:14 +0200
+Subject: [PATCH] ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
+ ROG Strix G17
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: 13d9c6b998aaa76fd098133277a28a21f2cc2264
+
+commit 13d9c6b998aaa76fd098133277a28a21f2cc2264 upstream.
+
+ASUS ROG Strix G17 has the very same PCI and codec SSID (1043:103f) as
+ASUS TX300, and unfortunately, the existing quirk for TX300 is broken
+on ASUS ROG. Actually the device works without the quirk, so we'll
+need to clear the quirk before applying for this device.
+Since ASUS ROG has a different codec (ALC294 - while TX300 has
+ALC282), this patch adds a workaround for the device, just clearing
+the codec->fixup_id by checking the codec vendor_id.
+
+It's a bit ugly to add such a workaround there, but it seems to be the
+simplest way.
+
+BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=214101
+Cc: <sta...@vger.kernel.org>
+Link: https://lore.kernel.org/r/20210820143214.3654-1-ti...@suse.de
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ sound/pci/hda/patch_realtek.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c
+index 56e74bd0b095..70516527ebce 100644
+--- a/sound/pci/hda/patch_realtek.c
++++ b/sound/pci/hda/patch_realtek.c
+@@ -9522,6 +9522,16 @@ static int patch_alc269(struct hda_codec *codec)
+
+ snd_hda_pick_fixup(codec, alc269_fixup_models,
+ alc269_fixup_tbl, alc269_fixups);
++ /* FIXME: both TX300 and ROG Strix G17 have the same SSID, and
++ * the quirk breaks the latter (bko#214101).
++ * Clear the wrong entry.
++ */
++ if (codec->fixup_id == ALC282_FIXUP_ASUS_TX300 &&
++ codec->core.vendor_id == 0x10ec0294) {
++ codec_dbg(codec, "Clear wrong fixup for ASUS ROG Strix G17\n");
++ codec->fixup_id = HDA_FIXUP_ID_NOT_SET;
++ }
++
+ snd_hda_pick_pin_fixup(codec, alc269_pin_fixup_tbl, alc269_fixups,
true);
+ snd_hda_pick_pin_fixup(codec, alc269_fallback_pin_fixup_tbl,
alc269_fixups, false);
+ snd_hda_pick_fixup(codec, NULL, alc269_fixup_vendor_tbl,
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-012-ALSA-pcm-fix-divide-error-in-snd_pcm_lib_ioctl.patch
new/patches.kernel.org/5.14.2-012-ALSA-pcm-fix-divide-error-in-snd_pcm_lib_ioctl.patch
---
old/patches.kernel.org/5.14.2-012-ALSA-pcm-fix-divide-error-in-snd_pcm_lib_ioctl.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-012-ALSA-pcm-fix-divide-error-in-snd_pcm_lib_ioctl.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,41 @@
+From: Zubin Mithra <z...@chromium.org>
+Date: Fri, 27 Aug 2021 08:37:35 -0700
+Subject: [PATCH] ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: f3eef46f0518a2b32ca1244015820c35a22cfe4a
+
+commit f3eef46f0518a2b32ca1244015820c35a22cfe4a upstream.
+
+Syzkaller reported a divide error in snd_pcm_lib_ioctl. fifo_size
+is of type snd_pcm_uframes_t(unsigned long). If frame_size
+is 0x100000000, the error occurs.
+
+Fixes: a9960e6a293e ("ALSA: pcm: fix fifo_size frame calculation")
+Signed-off-by: Zubin Mithra <z...@chromium.org>
+Reviewed-by: Guenter Roeck <gro...@chromium.org>
+Cc: <sta...@vger.kernel.org>
+Link: https://lore.kernel.org/r/20210827153735.789452-1-...@chromium.org
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ sound/core/pcm_lib.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sound/core/pcm_lib.c b/sound/core/pcm_lib.c
+index 7d5883432085..a144a3f68e9e 100644
+--- a/sound/core/pcm_lib.c
++++ b/sound/core/pcm_lib.c
+@@ -1746,7 +1746,7 @@ static int snd_pcm_lib_ioctl_fifo_size(struct
snd_pcm_substream *substream,
+ channels = params_channels(params);
+ frame_size = snd_pcm_format_size(format, channels);
+ if (frame_size > 0)
+- params->fifo_size /= (unsigned)frame_size;
++ params->fifo_size /= frame_size;
+ }
+ return 0;
+ }
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-013-ALSA-usb-audio-Work-around-for-XRUN-with-low-l.patch
new/patches.kernel.org/5.14.2-013-ALSA-usb-audio-Work-around-for-XRUN-with-low-l.patch
---
old/patches.kernel.org/5.14.2-013-ALSA-usb-audio-Work-around-for-XRUN-with-low-l.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-013-ALSA-usb-audio-Work-around-for-XRUN-with-low-l.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,115 @@
+From: Takashi Iwai <ti...@suse.de>
+Date: Fri, 27 Aug 2021 22:33:11 +0200
+Subject: [PATCH] ALSA: usb-audio: Work around for XRUN with low latency
+ playback
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: 4267c5a8f3133db0572cd9abee059b42cafbbdad
+
+commit 4267c5a8f3133db0572cd9abee059b42cafbbdad upstream.
+
+The recent change for low latency playback works in most of test cases
+but it turned out still to hit errors on some use cases, most notably
+with JACK with small buffer sizes. This is because USB-audio driver
+fills up and submits full URBs at the beginning, while the URBs would
+return immediately and try to fill more -- that can easily trigger
+XRUN. It was more or less expected, but in the small buffer size, the
+problem became pretty obvious.
+
+Fixing this behavior properly would require the change of the
+fundamental driver design, so it's no trivial task, unfortunately.
+Instead, here we work around the problem just by switching back to the
+old method when the given configuration is too fragile with the low
+latency stream handling. As a threshold, we calculate the total
+buffer bytes in all plus one URBs, and check whether it's beyond the
+PCM buffer bytes. The one extra URB is needed because XRUN happens at
+the next submission after the first round.
+
+Fixes: 307cc9baac5c ("ALSA: usb-audio: Reduce latency at playback start,
take#2")
+Cc: <sta...@vger.kernel.org>
+Link: https://lore.kernel.org/r/20210827203311.5987-1-ti...@suse.de
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ sound/usb/card.h | 2 ++
+ sound/usb/endpoint.c | 4 ++++
+ sound/usb/pcm.c | 13 +++++++++++--
+ 3 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/sound/usb/card.h b/sound/usb/card.h
+index 6c0a052a28f9..5b19901f305a 100644
+--- a/sound/usb/card.h
++++ b/sound/usb/card.h
+@@ -94,6 +94,7 @@ struct snd_usb_endpoint {
+ struct list_head ready_playback_urbs; /* playback URB FIFO for implicit
fb */
+
+ unsigned int nurbs; /* # urbs */
++ unsigned int nominal_queue_size; /* total buffer sizes in URBs */
+ unsigned long active_mask; /* bitmask of active urbs */
+ unsigned long unlink_mask; /* bitmask of unlinked urbs */
+ char *syncbuf; /* sync buffer for all sync URBs */
+@@ -187,6 +188,7 @@ struct snd_usb_substream {
+ } dsd_dop;
+
+ bool trigger_tstamp_pending_update; /* trigger timestamp being updated
from initial estimate */
++ bool early_playback_start; /* early start needed for playback? */
+ struct media_ctl *media_ctl;
+ };
+
+diff --git a/sound/usb/endpoint.c b/sound/usb/endpoint.c
+index 8b1bec51c806..bf26c04cf471 100644
+--- a/sound/usb/endpoint.c
++++ b/sound/usb/endpoint.c
+@@ -1126,6 +1126,10 @@ static int data_ep_set_params(struct snd_usb_endpoint
*ep)
+ INIT_LIST_HEAD(&u->ready_list);
+ }
+
++ /* total buffer bytes of all URBs plus the next queue;
++ * referred in pcm.c
++ */
++ ep->nominal_queue_size = maxsize * urb_packs * (ep->nurbs + 1);
+ return 0;
+
+ out_of_memory:
+diff --git a/sound/usb/pcm.c b/sound/usb/pcm.c
+index 4e5031a68064..f5cbf61ac366 100644
+--- a/sound/usb/pcm.c
++++ b/sound/usb/pcm.c
+@@ -614,6 +614,14 @@ static int snd_usb_pcm_prepare(struct snd_pcm_substream
*substream)
+ subs->period_elapsed_pending = 0;
+ runtime->delay = 0;
+
++ /* check whether early start is needed for playback stream */
++ subs->early_playback_start =
++ subs->direction == SNDRV_PCM_STREAM_PLAYBACK &&
++ subs->data_endpoint->nominal_queue_size >= subs->buffer_bytes;
++
++ if (subs->early_playback_start)
++ ret = start_endpoints(subs);
++
+ unlock:
+ snd_usb_unlock_shutdown(chip);
+ return ret;
+@@ -1394,7 +1402,7 @@ static void prepare_playback_urb(struct
snd_usb_substream *subs,
+ subs->trigger_tstamp_pending_update = false;
+ }
+
+- if (period_elapsed && !subs->running) {
++ if (period_elapsed && !subs->running && !subs->early_playback_start) {
+ subs->period_elapsed_pending = 1;
+ period_elapsed = 0;
+ }
+@@ -1448,7 +1456,8 @@ static int snd_usb_substream_playback_trigger(struct
snd_pcm_substream *substrea
+ prepare_playback_urb,
+ retire_playback_urb,
+ subs);
+- if (cmd == SNDRV_PCM_TRIGGER_START) {
++ if (!subs->early_playback_start &&
++ cmd == SNDRV_PCM_TRIGGER_START) {
+ err = start_endpoints(subs);
+ if (err < 0) {
+
snd_usb_endpoint_set_callback(subs->data_endpoint,
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/5.14.2-014-media-stkwebcam-fix-memory-leak-in-stk_camera_.patch
new/patches.kernel.org/5.14.2-014-media-stkwebcam-fix-memory-leak-in-stk_camera_.patch
---
old/patches.kernel.org/5.14.2-014-media-stkwebcam-fix-memory-leak-in-stk_camera_.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/5.14.2-014-media-stkwebcam-fix-memory-leak-in-stk_camera_.patch
2021-09-08 09:11:24.000000000 +0200
@@ -0,0 +1,55 @@
+From: Pavel Skripkin <paskrip...@gmail.com>
+Date: Wed, 7 Jul 2021 19:54:30 +0200
+Subject: [PATCH] media: stkwebcam: fix memory leak in stk_camera_probe
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: 514e97674400462cc09c459a1ddfb9bf39017223
+
+commit 514e97674400462cc09c459a1ddfb9bf39017223 upstream.
+
+My local syzbot instance hit memory leak in usb_set_configuration().
+The problem was in unputted usb interface. In case of errors after
+usb_get_intf() the reference should be putted to correclty free memory
+allocated for this interface.
+
+Fixes: ec16dae5453e ("V4L/DVB (7019): V4L: add support for Syntek DC1125
webcams")
+Cc: sta...@vger.kernel.org
+Signed-off-by: Pavel Skripkin <paskrip...@gmail.com>
+Signed-off-by: Hans Verkuil <hverkuil-ci...@xs4all.nl>
+Signed-off-by: Mauro Carvalho Chehab <mchehab+hua...@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/media/usb/stkwebcam/stk-webcam.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/media/usb/stkwebcam/stk-webcam.c
b/drivers/media/usb/stkwebcam/stk-webcam.c
+index a45d464427c4..0e231e576dc3 100644
+--- a/drivers/media/usb/stkwebcam/stk-webcam.c
++++ b/drivers/media/usb/stkwebcam/stk-webcam.c
+@@ -1346,7 +1346,7 @@ static int stk_camera_probe(struct usb_interface
*interface,
+ if (!dev->isoc_ep) {
+ pr_err("Could not find isoc-in endpoint\n");
+ err = -ENODEV;
+- goto error;
++ goto error_put;
+ }
+ dev->vsettings.palette = V4L2_PIX_FMT_RGB565;
+ dev->vsettings.mode = MODE_VGA;
+@@ -1359,10 +1359,12 @@ static int stk_camera_probe(struct usb_interface
*interface,
+
+ err = stk_register_video_device(dev);
+ if (err)
+- goto error;
++ goto error_put;
+
+ return 0;
+
++error_put:
++ usb_put_intf(interface);
+ error:
+ v4l2_ctrl_handler_free(hdl);
+ v4l2_device_unregister(&dev->v4l2_dev);
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.kernel.org/5.14.2-015-Linux-5.14.2.patch
new/patches.kernel.org/5.14.2-015-Linux-5.14.2.patch
--- old/patches.kernel.org/5.14.2-015-Linux-5.14.2.patch 1970-01-01
01:00:00.000000000 +0100
+++ new/patches.kernel.org/5.14.2-015-Linux-5.14.2.patch 2021-09-08
09:11:24.000000000 +0200
@@ -0,0 +1,38 @@
+From: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Date: Wed, 8 Sep 2021 08:52:41 +0200
+Subject: [PATCH] Linux 5.14.2
+References: bsc#1012628
+Patch-mainline: 5.14.2
+Git-commit: bbdd3de144fc142f2f4b9834c9241cc4e7f3d3fc
+
+Link: https://lore.kernel.org/r/20210906125448.160263...@linuxfoundation.org
+Tested-by: Fox Chen <foxhlc...@gmail.com>
+Tested-by: Linux Kernel Functional Testing <l...@linaro.org>
+Tested-by: Jon Hunter <jonath...@nvidia.com>
+Tested-by: Florian Fainelli <f.faine...@gmail.com>
+Tested-by: Shuah Khan <sk...@linuxfoundation.org>
+Tested-by: Salvatore Bonaccorso <car...@debian.org>
+Tested-by: Justin M. Forbes <jfor...@fedoraproject.org>
+Tested-by: Guenter Roeck <li...@roeck-us.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 83d1f7c1fd30..9a2b00ecc6af 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,7 +1,7 @@
+ # SPDX-License-Identifier: GPL-2.0
+ VERSION = 5
+ PATCHLEVEL = 14
+-SUBLEVEL = 1
++SUBLEVEL = 2
+ EXTRAVERSION =
+ NAME = Opossums on Parade
+
+--
+2.33.0
+
++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/0001-apparmor-fix-unnecessary-creation-of-net-compat.patch
new/patches.suse/0001-apparmor-fix-unnecessary-creation-of-net-compat.patch
--- old/patches.suse/0001-apparmor-fix-unnecessary-creation-of-net-compat.patch
2021-09-04 10:22:09.000000000 +0200
+++ new/patches.suse/0001-apparmor-fix-unnecessary-creation-of-net-compat.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,49 +0,0 @@
-From 0256a7f382670a4f07b6b6068371f1463c251325 Mon Sep 17 00:00:00 2001
-From: Goldwyn Rodrigues <rgold...@suse.com>
-Date: Tue, 20 Nov 2018 06:36:26 -0600
-Subject: [PATCH] apparmor: fix unnecessary creation of net-compat
-Patch-mainline: Never, fixes a compat patch
-References: bsc#1116724
-
-We do not want to create net-compat all of the time,
-only when there are rules in profile AND version is less
-than 8. This will improve performance for cases which
-does not have net rules in profile but uses networking.
-
-Also, remove a bogus condition.
-
-Signed-off-by: Goldwyn Rodrigues <rgold...@suse.com>
----
- security/apparmor/net.c | 2 --
- security/apparmor/policy_unpack.c | 2 +-
- 2 files changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/security/apparmor/net.c b/security/apparmor/net.c
-index 042aee4408c1..b19778a1798d 100644
---- a/security/apparmor/net.c
-+++ b/security/apparmor/net.c
-@@ -174,8 +174,6 @@ int aa_profile_af_perm(struct aa_profile *profile, struct
common_audit_data *sa,
- return 0;
- state = PROFILE_MEDIATES(profile, AA_CLASS_NET);
- if (state) {
-- if (!state)
-- return 0;
- buffer[0] = cpu_to_be16(family);
- buffer[1] = cpu_to_be16((u16) type);
- state = aa_dfa_match_len(profile->policy.dfa, state,
-diff --git a/security/apparmor/policy_unpack.c
b/security/apparmor/policy_unpack.c
-index 9c9a329fd2d7..3d6fa51178c4 100644
---- a/security/apparmor/policy_unpack.c
-+++ b/security/apparmor/policy_unpack.c
-@@ -773,7 +773,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e,
char **ns_name)
- }
-
- size = unpack_array(e, "net_allowed_af");
-- if (size || VERSION_LT(e->version, v8)) {
-+ if (size && VERSION_LT(e->version, v8)) {
- profile->net_compat = kzalloc(sizeof(struct aa_net_compat),
GFP_KERNEL);
- if (!profile->net_compat) {
- info = "out of memory";
---
-2.16.4
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch
new/patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch
--- old/patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch
2021-09-10 09:36:37.000000000 +0200
@@ -0,0 +1,149 @@
+From ba316be1b6a00db7126ed9a39f9bee434a508043 Mon Sep 17 00:00:00 2001
+From: Desmond Cheong Zhi Xi <desmondcheon...@gmail.com>
+Date: Tue, 10 Aug 2021 12:14:05 +0800
+Subject: [PATCH] Bluetooth: schedule SCO timeouts with delayed_work
+Git-commit: ba316be1b6a00db7126ed9a39f9bee434a508043
+Patch-mainline: v5.15-rc1
+References: CVE-2021-3640 bsc#1188172
+
+struct sock.sk_timer should be used as a sock cleanup timer. However,
+SCO uses it to implement sock timeouts.
+
+This causes issues because struct sock.sk_timer's callback is run in
+an IRQ context, and the timer callback function sco_sock_timeout takes
+a spin lock on the socket. However, other functions such as
+sco_conn_del and sco_conn_ready take the spin lock with interrupts
+enabled.
+
+This inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} lock usage could
+lead to deadlocks as reported by Syzbot [1]:
+ CPU0
+ ----
+ lock(slock-AF_BLUETOOTH-BTPROTO_SCO);
+ <Interrupt>
+ lock(slock-AF_BLUETOOTH-BTPROTO_SCO);
+
+To fix this, we use delayed work to implement SCO sock timouts
+instead. This allows us to avoid taking the spin lock on the socket in
+an IRQ context, and corrects the misuse of struct sock.sk_timer.
+
+As a note, cancel_delayed_work is used instead of
+cancel_delayed_work_sync in sco_sock_set_timer and
+sco_sock_clear_timer to avoid a deadlock. In the future, the call to
+bh_lock_sock inside sco_sock_timeout should be changed to lock_sock to
+synchronize with other functions using lock_sock. However, since
+sco_sock_set_timer and sco_sock_clear_timer are sometimes called under
+the locked socket (in sco_connect and __sco_sock_close),
+cancel_delayed_work_sync might cause them to sleep until an
+sco_sock_timeout that has started finishes running. But
+sco_sock_timeout would also sleep until it can grab the lock_sock.
+
+Using cancel_delayed_work is fine because sco_sock_timeout does not
+change from run to run, hence there is no functional difference
+Between:
+1. waiting for a timeout to finish running before scheduling another
+timeout
+2. scheduling another timeout while a timeout is running.
+
+Link:
https://syzkaller.appspot.com/bug?id=9089d89de0502e120f234ca0fc8a703f7368b31e
[1]
+Reported-by: syzbot+2f6d7c28bb4bf7e82...@syzkaller.appspotmail.com
+Tested-by: syzbot+2f6d7c28bb4bf7e82...@syzkaller.appspotmail.com
+Signed-off-by: Desmond Cheong Zhi Xi <desmondcheon...@gmail.com>
+Signed-off-by: Luiz Augusto von Dentz <luiz.von.de...@intel.com>
+Acked-by: Takashi Iwai <ti...@suse.de>
+
+---
+ net/bluetooth/sco.c | 35 +++++++++++++++++++++++++++++------
+ 1 file changed, 29 insertions(+), 6 deletions(-)
+
+diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
+index ffa2a77a3e4c..62e638f971a9 100644
+--- a/net/bluetooth/sco.c
++++ b/net/bluetooth/sco.c
+@@ -48,6 +48,8 @@ struct sco_conn {
+ spinlock_t lock;
+ struct sock *sk;
+
++ struct delayed_work timeout_work;
++
+ unsigned int mtu;
+ };
+
+@@ -74,9 +76,20 @@ struct sco_pinfo {
+ #define SCO_CONN_TIMEOUT (HZ * 40)
+ #define SCO_DISCONN_TIMEOUT (HZ * 2)
+
+-static void sco_sock_timeout(struct timer_list *t)
++static void sco_sock_timeout(struct work_struct *work)
+ {
+- struct sock *sk = from_timer(sk, t, sk_timer);
++ struct sco_conn *conn = container_of(work, struct sco_conn,
++ timeout_work.work);
++ struct sock *sk;
++
++ sco_conn_lock(conn);
++ sk = conn->sk;
++ if (sk)
++ sock_hold(sk);
++ sco_conn_unlock(conn);
++
++ if (!sk)
++ return;
+
+ BT_DBG("sock %p state %d", sk, sk->sk_state);
+
+@@ -91,14 +104,21 @@ static void sco_sock_timeout(struct timer_list *t)
+
+ static void sco_sock_set_timer(struct sock *sk, long timeout)
+ {
++ if (!sco_pi(sk)->conn)
++ return;
++
+ BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
+- sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
++ cancel_delayed_work(&sco_pi(sk)->conn->timeout_work);
++ schedule_delayed_work(&sco_pi(sk)->conn->timeout_work, timeout);
+ }
+
+ static void sco_sock_clear_timer(struct sock *sk)
+ {
++ if (!sco_pi(sk)->conn)
++ return;
++
+ BT_DBG("sock %p state %d", sk, sk->sk_state);
+- sk_stop_timer(sk, &sk->sk_timer);
++ cancel_delayed_work(&sco_pi(sk)->conn->timeout_work);
+ }
+
+ /* ---- SCO connections ---- */
+@@ -179,6 +199,9 @@ static void sco_conn_del(struct hci_conn *hcon, int err)
+ bh_unlock_sock(sk);
+ sco_sock_kill(sk);
+ sock_put(sk);
++
++ /* Ensure no more work items will run before freeing conn. */
++ cancel_delayed_work_sync(&conn->timeout_work);
+ }
+
+ hcon->sco_data = NULL;
+@@ -193,6 +216,8 @@ static void __sco_chan_add(struct sco_conn *conn, struct
sock *sk,
+ sco_pi(sk)->conn = conn;
+ conn->sk = sk;
+
++ INIT_DELAYED_WORK(&conn->timeout_work, sco_sock_timeout);
++
+ if (parent)
+ bt_accept_enqueue(parent, sk, true);
+ }
+@@ -500,8 +525,6 @@ static struct sock *sco_sock_alloc(struct net *net, struct
socket *sock,
+
+ sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
+
+- timer_setup(&sk->sk_timer, sco_sock_timeout, 0);
+-
+ bt_sock_link(&sco_sk_list, sk);
+ return sk;
+ }
+--
+2.26.2
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch
new/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch
--- old/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch 2021-09-04
10:22:09.000000000 +0200
+++ new/patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch 2021-09-10
09:36:37.000000000 +0200
@@ -24,7 +24,7 @@
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
-@@ -79,10 +79,10 @@ static void sco_sock_timeout(struct time
+@@ -93,10 +93,10 @@ static void sco_sock_timeout(struct work
BT_DBG("sock %p state %d", sk, sk->sk_state);
@@ -37,7 +37,7 @@
sco_sock_kill(sk);
sock_put(sk);
-@@ -172,10 +172,10 @@ static void sco_conn_del(struct hci_conn
+@@ -193,10 +193,10 @@ static void sco_conn_del(struct hci_conn
if (sk) {
sock_hold(sk);
@@ -49,8 +49,8 @@
+ release_sock(sk);
sco_sock_kill(sk);
sock_put(sk);
- }
-@@ -1021,10 +1021,10 @@ static void sco_conn_ready(struct sco_co
+
+@@ -1100,10 +1100,10 @@ static void sco_conn_ready(struct sco_co
if (sk) {
sco_sock_clear_timer(sk);
@@ -63,7 +63,7 @@
} else {
sco_conn_lock(conn);
-@@ -1039,12 +1039,12 @@ static void sco_conn_ready(struct sco_co
+@@ -1118,12 +1118,12 @@ static void sco_conn_ready(struct sco_co
return;
}
@@ -78,7 +78,7 @@
sco_conn_unlock(conn);
return;
}
-@@ -1065,7 +1065,7 @@ static void sco_conn_ready(struct sco_co
+@@ -1144,7 +1144,7 @@ static void sco_conn_ready(struct sco_co
/* Wake up parent */
parent->sk_data_ready(parent);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch
new/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch
--- old/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch
2021-09-04 10:22:09.000000000 +0200
+++ new/patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,80 +0,0 @@
-Message-Id:
<5049307d37a760e304ad191c5dc7c6851266d2f8.1630658591.git.mkube...@suse.cz>
-In-Reply-To: <cover.1630658591.git.mkube...@suse.cz>
-References: <cover.1630658591.git.mkube...@suse.cz>
-From: Michal Kubecek <mkube...@suse.cz>
-Date: Wed, 1 Sep 2021 12:35:49 -0400
-Subject: HID: usbhid: Fix flood of "control queue full" messages
-Patch-mainline: v5.15-rc1
-Git-commit: 5049307d37a760e304ad191c5dc7c6851266d2f8
-References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz
20210819195300.ga8...@rowland.harvard.edu
-
-[patch description by Alan Stern]
-
-Commit 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength
-for control transfers") causes control URB submissions to fail if the
-transfer_buffer_length value disagrees with the setup packet's wLength
-valuel. Unfortunately, it turns out that the usbhid can trigger this
-failure mode when it submits a control request for an input report: It
-pads the transfer buffer size to a multiple of the maxpacket value but
-does not increase wLength correspondingly.
-
-These failures have caused problems for people using an APS UPC, in
-the form of a flood of log messages resembling:
-
- hid-generic 0003:051D:0002.0002: control queue full
-
-This patch fixes the problem by setting the wLength value equal to the
-padded transfer_buffer_length value in hid_submit_ctrl(). As a nice
-bonus, the code which stores the transfer_buffer_length value is now
-shared between the two branches of an "if" statement, so it can be
-de-duplicated.
-
-Signed-off-by: Michal Kubecek <mkube...@suse.cz>
-Signed-off-by: Alan Stern <st...@rowland.harvard.edu>
-Fixes: 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength for
control transfers")
-Tested-by: Oleksandr Natalenko <oleksa...@natalenko.name>
-Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
-Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
-Cc: sta...@vger.kernel.org
-Signed-off-by: Jiri Kosina <jkos...@suse.cz>
----
- drivers/hid/usbhid/hid-core.c | 15 +++++++--------
- 1 file changed, 7 insertions(+), 8 deletions(-)
-
---- a/drivers/hid/usbhid/hid-core.c
-+++ b/drivers/hid/usbhid/hid-core.c
-@@ -377,27 +377,26 @@ static int hid_submit_ctrl(struct hid_device *hid)
- len = hid_report_len(report);
- if (dir == USB_DIR_OUT) {
- usbhid->urbctrl->pipe = usb_sndctrlpipe(hid_to_usb_dev(hid), 0);
-- usbhid->urbctrl->transfer_buffer_length = len;
- if (raw_report) {
- memcpy(usbhid->ctrlbuf, raw_report, len);
- kfree(raw_report);
- usbhid->ctrl[usbhid->ctrltail].raw_report = NULL;
- }
- } else {
-- int maxpacket, padlen;
-+ int maxpacket;
-
- usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0);
- maxpacket = usb_maxpacket(hid_to_usb_dev(hid),
- usbhid->urbctrl->pipe, 0);
- if (maxpacket > 0) {
-- padlen = DIV_ROUND_UP(len, maxpacket);
-- padlen *= maxpacket;
-- if (padlen > usbhid->bufsize)
-- padlen = usbhid->bufsize;
-+ len = DIV_ROUND_UP(len, maxpacket);
-+ len *= maxpacket;
-+ if (len > usbhid->bufsize)
-+ len = usbhid->bufsize;
- } else
-- padlen = 0;
-- usbhid->urbctrl->transfer_buffer_length = padlen;
-+ len = 0;
- }
-+ usbhid->urbctrl->transfer_buffer_length = len;
- usbhid->urbctrl->dev = hid_to_usb_dev(hid);
-
- usbhid->cr->bRequestType = USB_TYPE_CLASS | USB_RECIP_INTERFACE | dir;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch
new/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch
--- old/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch
2021-09-04 10:22:09.000000000 +0200
+++ new/patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,48 +0,0 @@
-Message-Id:
<0a824efdb724e07574bafcd2c2486b2a3de35ff6.1630658591.git.mkube...@suse.cz>
-In-Reply-To: <cover.1630658591.git.mkube...@suse.cz>
-References: <cover.1630658591.git.mkube...@suse.cz>
-From: Alan Stern <st...@rowland.harvard.edu>
-Date: Wed, 1 Sep 2021 12:36:00 -0400
-Subject: HID: usbhid: Fix warning caused by 0-length input reports
-Patch-mainline: v5.15-rc1
-Git-commit: 0a824efdb724e07574bafcd2c2486b2a3de35ff6
-References: 20210816130059.3yxtdvu2r7wo4...@lion.mk-sys.cz
20210819195300.ga8...@rowland.harvard.edu
-
-Syzbot found a warning caused by hid_submit_ctrl() submitting a
-control request to transfer a 0-length input report:
-
- usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType a1
-
-(The warning message is a little difficult to understand. It means
-that the control request claims to be for an IN transfer but this
-contradicts the USB spec, which requires 0-length control transfers
-always to be in the OUT direction.)
-
-Now, a zero-length report isn't good for anything and there's no
-reason for a device to have one, but the fuzzer likes to pick out
-these weird edge cases. In the future, perhaps we will decide to
-reject 0-length reports at probe time. For now, the simplest approach
-for avoiding these warnings is to pretend that the report actually has
-length 1.
-
-Signed-off-by: Alan Stern <st...@rowland.harvard.edu>
-Reported-and-tested-by: syzbot+9b57a46bf1801ce2a...@syzkaller.appspotmail.com
-Tested-by: Oleksandr Natalenko <oleksa...@natalenko.name>
-Tested-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
-Acked-by: Benjamin Tissoires <benjamin.tissoi...@redhat.com>
-Cc: sta...@vger.kernel.org
-Signed-off-by: Jiri Kosina <jkos...@suse.cz>
----
- drivers/hid/usbhid/hid-core.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/drivers/hid/usbhid/hid-core.c
-+++ b/drivers/hid/usbhid/hid-core.c
-@@ -389,6 +389,7 @@ static int hid_submit_ctrl(struct hid_device *hid)
- maxpacket = usb_maxpacket(hid_to_usb_dev(hid),
- usbhid->urbctrl->pipe, 0);
- if (maxpacket > 0) {
-+ len += (len == 0); /* Don't allow 0-length reports */
- len = DIV_ROUND_UP(len, maxpacket);
- len *= maxpacket;
- if (len > usbhid->bufsize)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch
new/patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch
--- old/patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch
2021-09-10 09:36:37.000000000 +0200
@@ -0,0 +1,68 @@
+From: Mian Yousaf Kaukab <ykau...@suse.de>
+Date: Wed, 21 Jul 2021 10:39:05 +0200
+Subject: crypto: ecc - handle unaligned input buffer in ecc_swap_digits
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Git-commit: 0469dede0eeeefe12a9a2fd76078f4a266513457
+Patch-mainline: v5.15-rc1
+References: bsc#1188327
+
+ecdsa_set_pub_key() makes an u64 pointer at 1 byte offset of the key.
+This results in an unaligned u64 pointer. This pointer is passed to
+ecc_swap_digits() which assumes natural alignment.
+
+This causes a kernel crash on an armv7 platform:
+[ 0.409022] Unhandled fault: alignment exception (0x001) at 0xc2a0a6a9
+...
+[ 0.416982] PC is at ecdsa_set_pub_key+0xdc/0x120
+...
+[ 0.491492] Backtrace:
+[ 0.492059] [<c07c266c>] (ecdsa_set_pub_key) from [<c07c75d4>]
(test_akcipher_one+0xf4/0x6c0)
+
+Handle unaligned input buffer in ecc_swap_digits() by replacing
+be64_to_cpu() to get_unaligned_be64(). Change type of in pointer to
+void to reflect it doesn???t necessarily need to be aligned.
+
+Fixes: 4e6602916bc6 ("crypto: ecdsa - Add support for ECDSA signature
verification")
+Reported-by: Guillaume Gardet <guillaume.gar...@arm.com>
+Suggested-by: Takashi Iwai <ti...@suse.de>
+Signed-off-by: Mian Yousaf Kaukab <ykau...@suse.de>
+Tested-by: Stefan Berger <stef...@linux.ibm.com>
+Signed-off-by: Herbert Xu <herb...@gondor.apana.org.au>
+Signed-off-by: Matthias Brugger <mbrug...@suse.com>
+---
+ crypto/ecc.h | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/crypto/ecc.h b/crypto/ecc.h
+index a006132646a4..1350e8eb6ac2 100644
+--- a/crypto/ecc.h
++++ b/crypto/ecc.h
+@@ -27,6 +27,7 @@
+ #define _CRYPTO_ECC_H
+
+ #include <crypto/ecc_curve.h>
++#include <asm/unaligned.h>
+
+ /* One digit is u64 qword. */
+ #define ECC_CURVE_NIST_P192_DIGITS 3
+@@ -46,13 +47,13 @@
+ * @out: Output array
+ * @ndigits: Number of digits to copy
+ */
+-static inline void ecc_swap_digits(const u64 *in, u64 *out, unsigned int
ndigits)
++static inline void ecc_swap_digits(const void *in, u64 *out, unsigned int
ndigits)
+ {
+ const __be64 *src = (__force __be64 *)in;
+ int i;
+
+ for (i = 0; i < ndigits; i++)
+- out[i] = be64_to_cpu(src[ndigits - 1 - i]);
++ out[i] = get_unaligned_be64(&src[ndigits - 1 - i]);
+ }
+
+ /**
+--
+2.33.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.suse/megaraid-mbox-fix-SG_IO
new/patches.suse/megaraid-mbox-fix-SG_IO
--- old/patches.suse/megaraid-mbox-fix-SG_IO 2021-09-04 10:22:09.000000000
+0200
+++ new/patches.suse/megaraid-mbox-fix-SG_IO 1970-01-01 01:00:00.000000000
+0100
@@ -1,73 +0,0 @@
-From: Martin Wilck <martin.wi...@fujitsu-siemens.com>
-Subject: megaraid_mbox: Oops on SG_IO
-References: bnc#475619
-Patch-mainline: not yet, maintainer views this driver as obsolete
-
-This patch fixes an Oops in megaraid_mbox that happens when a
-MODE_SENSE command for a logical drive is started viaioctl(SG_IO).
-
-The problem only occurs if the buffer specified by the user to receive
-the mode data resides in highmem and if the buffer is aligned for
-direct dma (no bounce buffer necessary). megaraid_mbox emulates
-the MODE_SENSE command and writes the data using memset() directly
-into user buffer. If the buffer is at a currently unmapped highmem
-page, this leads to an Oops.
-
-Update jeffm 3 Aug 2012:
-- commit 20273941 (mm: fix race in kunmap_atomic()) got rid of kmap slots
-
-Signed-off-by: Hannes Reinecke <h...@suse.de>
-
----
- drivers/scsi/megaraid/megaraid_mbox.c | 28 +++++++++++++++++++++++-----
- 1 file changed, 23 insertions(+), 5 deletions(-)
-
---- a/drivers/scsi/megaraid/megaraid_mbox.c
-+++ b/drivers/scsi/megaraid/megaraid_mbox.c
-@@ -1586,13 +1586,20 @@ megaraid_mbox_build_cmd(adapter_t *adapt
- case MODE_SENSE:
- {
- struct scatterlist *sgl;
-- caddr_t vaddr;
-+ struct page *pg;
-+ unsigned char *vaddr;
-+ unsigned long flags;
-
- sgl = scsi_sglist(scp);
-- if (sg_page(sgl)) {
-- vaddr = (caddr_t) sg_virt(&sgl[0]);
-+ pg = sg_page(sgl);
-+ if (pg) {
-+ local_irq_save(flags);
-+ vaddr = kmap_atomic(pg) + sgl->offset;
-
- memset(vaddr, 0, scp->cmnd[4]);
-+
-+ kunmap_atomic(vaddr);
-+ local_irq_restore(flags);
- }
- else {
- con_log(CL_ANN, (KERN_WARNING
-@@ -2330,9 +2337,20 @@ megaraid_mbox_dpc(unsigned long devp)
- if (scp->cmnd[0] == INQUIRY && status == 0 && islogical == 0
- && IS_RAID_CH(raid_dev, scb->dev_channel)) {
-
-+ struct page *pg;
-+ unsigned char *vaddr;
-+ unsigned long flags;
-+
- sgl = scsi_sglist(scp);
-- if (sg_page(sgl)) {
-- c = *(unsigned char *) sg_virt(&sgl[0]);
-+ pg = sg_page(sgl);
-+ if (pg) {
-+ local_irq_save(flags);
-+ vaddr = kmap_atomic(pg) + sgl->offset;
-+
-+ c = *vaddr;
-+
-+ kunmap_atomic(vaddr);
-+ local_irq_restore(flags);
- } else {
- con_log(CL_ANN, (KERN_WARNING
- "megaraid mailbox: invalid
sg:%d\n",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/memcg-enable-accounting-of-ipc-resources.patch
new/patches.suse/memcg-enable-accounting-of-ipc-resources.patch
--- old/patches.suse/memcg-enable-accounting-of-ipc-resources.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/memcg-enable-accounting-of-ipc-resources.patch
2021-09-10 09:36:37.000000000 +0200
@@ -0,0 +1,122 @@
+From: Vasily Averin <v...@virtuozzo.com>
+Date: Thu, 2 Sep 2021 14:55:31 -0700
+Subject: memcg: enable accounting of ipc resources
+Git-commit: 18319498fdd4cdf8c1c2c48cd432863b1f915d6f
+Patch-mainline: v5.15-rc1
+References: bsc#1190115 CVE-2021-3759
+
+When user creates IPC objects it forces kernel to allocate memory for
+these long-living objects.
+
+It makes sense to account them to restrict the host's memory consumption
+from inside the memcg-limited container.
+
+This patch enables accounting for IPC shared memory segments, messages
+semaphores and semaphore's undo lists.
+
+Link:
https://lkml.kernel.org/r/d6507b06-4df6-78f8-6c54-3ae86e3b5...@virtuozzo.com
+Signed-off-by: Vasily Averin <v...@virtuozzo.com>
+Reviewed-by: Shakeel Butt <shake...@google.com>
+Cc: Alexander Viro <v...@zeniv.linux.org.uk>
+Cc: Alexey Dobriyan <adobri...@gmail.com>
+Cc: Andrei Vagin <ava...@gmail.com>
+Cc: Borislav Petkov <b...@alien8.de>
+Cc: Borislav Petkov <b...@suse.de>
+Cc: Christian Brauner <christian.brau...@ubuntu.com>
+Cc: Dmitry Safonov <0x7f454...@gmail.com>
+Cc: "Eric W. Biederman" <ebied...@xmission.com>
+Cc: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Cc: "H. Peter Anvin" <h...@zytor.com>
+Cc: Ingo Molnar <mi...@redhat.com>
+Cc: "J. Bruce Fields" <bfie...@fieldses.org>
+Cc: Jeff Layton <jlay...@kernel.org>
+Cc: Jens Axboe <ax...@kernel.dk>
+Cc: Jiri Slaby <jirisl...@kernel.org>
+Cc: Johannes Weiner <han...@cmpxchg.org>
+Cc: Kirill Tkhai <ktk...@virtuozzo.com>
+Cc: Michal Hocko <mho...@kernel.org>
+Cc: Oleg Nesterov <o...@redhat.com>
+Cc: Roman Gushchin <g...@fb.com>
+Cc: Serge Hallyn <se...@hallyn.com>
+Cc: Tejun Heo <t...@kernel.org>
+Cc: Thomas Gleixner <t...@linutronix.de>
+Cc: Vladimir Davydov <vdavydov....@gmail.com>
+Cc: Yutian Yang <ngla...@gmail.com>
+Cc: Zefan Li <lizefa...@bytedance.com>
+Signed-off-by: Andrew Morton <a...@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
+Acked-by: Michal Koutn?? <mkou...@suse.com>
+---
+ ipc/msg.c | 2 +-
+ ipc/sem.c | 9 +++++----
+ ipc/shm.c | 2 +-
+ 3 files changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/ipc/msg.c b/ipc/msg.c
+index 6810276d6bb9..a0d05775af2c 100644
+--- a/ipc/msg.c
++++ b/ipc/msg.c
+@@ -147,7 +147,7 @@ static int newque(struct ipc_namespace *ns, struct
ipc_params *params)
+ key_t key = params->key;
+ int msgflg = params->flg;
+
+- msq = kmalloc(sizeof(*msq), GFP_KERNEL);
++ msq = kmalloc(sizeof(*msq), GFP_KERNEL_ACCOUNT);
+ if (unlikely(!msq))
+ return -ENOMEM;
+
+diff --git a/ipc/sem.c b/ipc/sem.c
+index 971e75d28364..1a8b9f0ac047 100644
+--- a/ipc/sem.c
++++ b/ipc/sem.c
+@@ -514,7 +514,7 @@ static struct sem_array *sem_alloc(size_t nsems)
+ if (nsems > (INT_MAX - sizeof(*sma)) / sizeof(sma->sems[0]))
+ return NULL;
+
+- sma = kvzalloc(struct_size(sma, sems, nsems), GFP_KERNEL);
++ sma = kvzalloc(struct_size(sma, sems, nsems), GFP_KERNEL_ACCOUNT);
+ if (unlikely(!sma))
+ return NULL;
+
+@@ -1855,7 +1855,7 @@ static inline int get_undo_list(struct sem_undo_list
**undo_listp)
+
+ undo_list = current->sysvsem.undo_list;
+ if (!undo_list) {
+- undo_list = kzalloc(sizeof(*undo_list), GFP_KERNEL);
++ undo_list = kzalloc(sizeof(*undo_list), GFP_KERNEL_ACCOUNT);
+ if (undo_list == NULL)
+ return -ENOMEM;
+ spin_lock_init(&undo_list->lock);
+@@ -1941,7 +1941,7 @@ static struct sem_undo *find_alloc_undo(struct
ipc_namespace *ns, int semid)
+
+ /* step 2: allocate new undo structure */
+ new = kvzalloc(sizeof(struct sem_undo) + sizeof(short)*nsems,
+- GFP_KERNEL);
++ GFP_KERNEL_ACCOUNT);
+ if (!new) {
+ ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
+ return ERR_PTR(-ENOMEM);
+@@ -2005,7 +2005,8 @@ static long do_semtimedop(int semid, struct sembuf
__user *tsops,
+ if (nsops > ns->sc_semopm)
+ return -E2BIG;
+ if (nsops > SEMOPM_FAST) {
+- sops = kvmalloc_array(nsops, sizeof(*sops), GFP_KERNEL);
++ sops = kvmalloc_array(nsops, sizeof(*sops),
++ GFP_KERNEL_ACCOUNT);
+ if (sops == NULL)
+ return -ENOMEM;
+ }
+diff --git a/ipc/shm.c b/ipc/shm.c
+index 748933e376ca..ab749be6d8b7 100644
+--- a/ipc/shm.c
++++ b/ipc/shm.c
+@@ -619,7 +619,7 @@ static int newseg(struct ipc_namespace *ns, struct
ipc_params *params)
+ ns->shm_tot + numpages > ns->shm_ctlall)
+ return -ENOSPC;
+
+- shp = kmalloc(sizeof(*shp), GFP_KERNEL);
++ shp = kmalloc(sizeof(*shp), GFP_KERNEL_ACCOUNT);
+ if (unlikely(!shp))
+ return -ENOMEM;
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.suse/scsi-retry-alua-transition-in-progress
new/patches.suse/scsi-retry-alua-transition-in-progress
--- old/patches.suse/scsi-retry-alua-transition-in-progress 2021-09-04
10:22:09.000000000 +0200
+++ new/patches.suse/scsi-retry-alua-transition-in-progress 2021-09-10
09:36:37.000000000 +0200
@@ -1,9 +1,9 @@
From: Rajashekhar M A <r...@netapp.com>
Subject: I/O errors for ALUA state transitions
References: bnc#491289
-Patch-mainline: not yet, <hare: will be revisiting, Oct 4, 2017>
+Patch-mainline: submitted to linux-scsi, Sep 7th, 2021
-When a SLES11 host is configured with a few LUNs and IO is running,
+When a host is configured with a few LUNs and IO is running,
injecting FC faults repeatedly leads to path recovery problems.
The LUNs have 4 paths each and 3 of them come back active after
say an FC fault which makes two of the paths go down, instead of
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.suse/setuid-dumpable-wrongdir
new/patches.suse/setuid-dumpable-wrongdir
--- old/patches.suse/setuid-dumpable-wrongdir 2021-09-04 10:22:09.000000000
+0200
+++ new/patches.suse/setuid-dumpable-wrongdir 1970-01-01 01:00:00.000000000
+0100
@@ -1,37 +0,0 @@
-From: Kurt Garloff <garl...@suse.de>
-Subject: suid-dumpable ended up in wrong sysctl dir
-Patch-mainline: never, old SLES ABI compatibility
-
-Diffing in sysctl.c is tricky, using more context is recommended.
-suid_dumpable ended up in fs/ instead of kernel/ and the reason
-is likely a patch with too little context.
-
-NOTE: This has been in the wrong dir fs/ since it was introduced by
-Alan Cox into mainline on 2005-06-23. However, SUSE shipped it
-in the correct directory kernel/ in SLES9.
-
-By now, it's just something that we are going to have to drag along for
-a long time until SLES 11/12/13 time frame...
-
-Signed-off-by: Kurt Garloff <garl...@suse.de>
-
----
- kernel/sysctl.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
---- a/kernel/sysctl.c
-+++ b/kernel/sysctl.c
-@@ -1079,6 +1079,13 @@ static struct ctl_table kern_table[] = {
- .proc_handler = proc_dointvec,
- },
- #endif
-+ {
-+ .procname = "suid_dumpable",
-+ .data = &suid_dumpable,
-+ .maxlen = sizeof(int),
-+ .mode = 0644,
-+ .proc_handler = proc_dointvec,
-+ },
- #if defined(CONFIG_S390) && defined(CONFIG_SMP)
- {
- .procname = "spin_retry",
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:09.536391443 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:09.536391443 +0200
@@ -39,6 +39,21 @@
patches.kernel.org/5.14.1-010-net-don-t-unconditionally-copy_from_user-a-str.patch
patches.kernel.org/5.14.1-011-audit-move-put_tree-to-avoid-trim_trees-refcou.patch
patches.kernel.org/5.14.1-012-Linux-5.14.1.patch
+
patches.kernel.org/5.14.2-001-ext4-fix-race-writing-to-an-inline_data-file-w.patch
+
patches.kernel.org/5.14.2-002-ext4-fix-e2fsprogs-checksum-failure-for-mounte.patch
+
patches.kernel.org/5.14.2-003-xtensa-fix-kconfig-unmet-dependency-warning-fo.patch
+
patches.kernel.org/5.14.2-004-USB-serial-pl2303-fix-GL-type-detection.patch
+
patches.kernel.org/5.14.2-005-USB-serial-cp210x-fix-control-characters-error.patch
+
patches.kernel.org/5.14.2-006-USB-serial-cp210x-fix-flow-control-error-handl.patch
+
patches.kernel.org/5.14.2-007-HID-usbhid-Fix-flood-of-control-queue-full-mes.patch
+
patches.kernel.org/5.14.2-008-HID-usbhid-Fix-warning-caused-by-0-length-inpu.patch
+
patches.kernel.org/5.14.2-009-ALSA-hda-realtek-Quirk-for-HP-Spectre-x360-14-.patch
+
patches.kernel.org/5.14.2-010-ALSA-usb-audio-Fix-regression-on-Sony-WALKMAN-.patch
+
patches.kernel.org/5.14.2-011-ALSA-hda-realtek-Workaround-for-conflicting-SS.patch
+
patches.kernel.org/5.14.2-012-ALSA-pcm-fix-divide-error-in-snd_pcm_lib_ioctl.patch
+
patches.kernel.org/5.14.2-013-ALSA-usb-audio-Work-around-for-XRUN-with-low-l.patch
+
patches.kernel.org/5.14.2-014-media-stkwebcam-fix-memory-leak-in-stk_camera_.patch
+ patches.kernel.org/5.14.2-015-Linux-5.14.2.patch
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -62,15 +77,16 @@
# to area specific sections below.
########################################################
patches.suse/arm64-dts-rockchip-Disable-CDN-DP-on-Pinebook-Pro.patch
- patches.suse/HID-usbhid-Fix-flood-of-control-queue-full-messages.patch
- patches.suse/HID-usbhid-Fix-warning-caused-by-0-length-input-repo.patch
patches.suse/HID-usbhid-Simplify-code-in-hid_submit_ctrl.patch
patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch
patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch
patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch
+ patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch
patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch
patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch
patches.suse/watchdog-Fix-NULL-pointer-dereference-when-releasing.patch
+ patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch
+ patches.suse/memcg-enable-accounting-of-ipc-resources.patch
########################################################
# kbuild/module infrastructure fixes
@@ -115,7 +131,6 @@
########################################################
# Scheduler
########################################################
- patches.suse/setuid-dumpable-wrongdir
patches.suse/perf_timechart_fix_zero_timestamps.patch
########################################################
@@ -161,7 +176,6 @@
# AppArmor
patches.suse/apparmor-compatibility-with-v2.x-net.patch
- patches.suse/0001-apparmor-fix-unnecessary-creation-of-net-compat.patch
########################################################
# Virtualization
@@ -188,7 +202,6 @@
# Storage
########################################################
patches.suse/scsi-retry-alua-transition-in-progress
- patches.suse/megaraid-mbox-fix-SG_IO
########################################################
# Networking drivers (wired)
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.ds7XT6/_old 2021-09-14 21:14:09.568391474 +0200
+++ /var/tmp/diff_new_pack.ds7XT6/_new 2021-09-14 21:14:09.568391474 +0200
@@ -1,3 +1,3 @@
-2021-09-04 08:22:51 +0000
-GIT Revision: 67af907a1ed285fde3476e8419e51f68252f488f
+2021-09-10 10:18:59 +0000
+GIT Revision: 314dce0059447f7063b87fb9e87c4744e389054d
GIT Branch: stable
