Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2022-11-12 17:40:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new.1597 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source" Sat Nov 12 17:40:11 2022 rev:666 rq:1035177 version:6.0.8 Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes 2022-11-06 12:41:24.625098048 +0100 +++ /work/SRC/openSUSE:Factory/.kernel-source.new.1597/dtb-aarch64.changes 2022-11-12 17:40:12.325823757 +0100 @@ -1,0 +2,370 @@ +Fri Nov 11 09:02:50 CET 2022 - jsl...@suse.cz + +- Linux 6.0.8 (bsc#1012628). +- usb: dwc3: gadget: Force sending delayed status during soft + disconnect (bsc#1012628). +- usb: dwc3: gadget: Don't delay End Transfer on delayed_status + (bsc#1012628). +- RDMA/cma: Use output interface for net_dev check (bsc#1012628). +- IB/hfi1: Correctly move list in sc_disable() (bsc#1012628). +- RDMA/hns: Disable local invalidate operation (bsc#1012628). +- RDMA/hns: Fix NULL pointer problem in free_mr_init() + (bsc#1012628). +- docs/process/howto: Replace C89 with C11 (bsc#1012628). +- RDMA/rxe: Fix mr leak in RESPST_ERR_RNR (bsc#1012628). +- NFSv4: Fix a potential state reclaim deadlock (bsc#1012628). +- NFSv4.1: Handle RECLAIM_COMPLETE trunking errors (bsc#1012628). +- NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot + (bsc#1012628). +- SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed + (bsc#1012628). +- NFSv4.2: Fixup CLONE dest file size for zero-length count + (bsc#1012628). +- nfs4: Fix kmemleak when allocate slot failed (bsc#1012628). +- net: dsa: Fix possible memory leaks in dsa_loop_init() + (bsc#1012628). +- RDMA/core: Fix null-ptr-deref in ib_core_cleanup() + (bsc#1012628). +- RDMA/qedr: clean up work queue on failure in + qedr_alloc_resources() (bsc#1012628). +- tools/nolibc: Fix missing strlen() definition and infinite + loop with gcc-12 (bsc#1012628). +- net: dsa: fall back to default tagger if we can't load the + one from DT (bsc#1012628). +- nfc: fdp: Fix potential memory leak in fdp_nci_send() + (bsc#1012628). +- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() + (bsc#1012628). +- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() + (bsc#1012628). +- nfc: nfcmrvl: Fix potential memory leak in + nfcmrvl_i2c_nci_send() (bsc#1012628). +- net: fec: fix improper use of NETDEV_TX_BUSY (bsc#1012628). +- ata: pata_legacy: fix pdc20230_set_piomode() (bsc#1012628). +- ata: palmld: fix return value check in palmld_pata_probe() + (bsc#1012628). +- net: sched: Fix use after free in red_enqueue() (bsc#1012628). +- net: tun: fix bugs for oversize packet when napi frags enabled + (bsc#1012628). +- netfilter: nf_tables: netlink notifier might race to release + objects (bsc#1012628). +- netfilter: nf_tables: release flow rule object from commit path + (bsc#1012628). +- sfc: Fix an error handling path in efx_pci_probe() + (bsc#1012628). +- nfsd: fix nfsd_file_unhash_and_dispose (bsc#1012628). +- nfsd: fix net-namespace logic in __nfsd_file_cache_purge + (bsc#1012628). +- net: lan966x: Fix the MTU calculation (bsc#1012628). +- net: lan966x: Adjust maximum frame size when vlan is + enabled/disabled (bsc#1012628). +- net: lan966x: Fix FDMA when MTU is changed (bsc#1012628). +- net: lan966x: Fix unmapping of received frames using FDMA + (bsc#1012628). +- ipvs: use explicitly signed chars (bsc#1012628). +- ipvs: fix WARNING in __ip_vs_cleanup_batch() (bsc#1012628). +- ipvs: fix WARNING in ip_vs_app_net_cleanup() (bsc#1012628). +- rose: Fix NULL pointer dereference in rose_send_frame() + (bsc#1012628). +- mISDN: fix possible memory leak in mISDN_register_device() + (bsc#1012628). +- isdn: mISDN: netjet: fix wrong check of device registration + (bsc#1012628). +- btrfs: fix inode list leak during backref walking at + resolve_indirect_refs() (bsc#1012628). +- btrfs: fix inode list leak during backref walking at + find_parent_nodes() (bsc#1012628). +- btrfs: fix ulist leaks in error paths of qgroup self tests + (bsc#1012628). +- netfilter: ipset: enforce documented limit to prevent allocating + huge memory (bsc#1012628). +- Bluetooth: L2CAP: Fix use-after-free caused by + l2cap_reassemble_sdu (bsc#1012628). +- Bluetooth: hci_conn: Fix CIS connection dst_type handling + (bsc#1012628). +- Bluetooth: virtio_bt: Use skb_put to set length (bsc#1012628). +- Bluetooth: L2CAP: Fix memory leak in vhci_write (bsc#1012628). +- Bluetooth: hci_conn: Fix not restoring ISO buffer count on + disconnect (bsc#1012628). +- net: mdio: fix undefined behavior in bit shift for + __mdiobus_register (bsc#1012628). +- ibmvnic: Free rwi on reset success (bsc#1012628). +- stmmac: dwmac-loongson: fix invalid mdio_node (bsc#1012628). +- net/smc: Fix possible leaked pernet namespace in smc_init() + (bsc#1012628). +- net, neigh: Fix null-ptr-deref in neigh_table_clear() + (bsc#1012628). +- bridge: Fix flushing of dynamic FDB entries (bsc#1012628). +- ipv6: fix WARNING in ip6_route_net_exit_late() (bsc#1012628). +- vsock: fix possible infinite sleep in + vsock_connectible_wait_data() (bsc#1012628). +- iio: adc: stm32-adc: fix channel sampling time init + (bsc#1012628). +- media: rkisp1: Fix source pad format configuration + (bsc#1012628). +- media: rkisp1: Don't pass the quantization to + rkisp1_csm_config() (bsc#1012628). +- media: rkisp1: Initialize color space on resizer sink and + source pads (bsc#1012628). +- media: rkisp1: Use correct macro for gradient registers + (bsc#1012628). +- media: rkisp1: Zero v4l2_subdev_format fields in when validating + links (bsc#1012628). +- media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1012628). +- media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE + (bsc#1012628). +- media: dvb-frontends/drxk: initialize err to 0 (bsc#1012628). +- media: platform: cros-ec: Add Kuldax to the match table + (bsc#1012628). +- media: meson: vdec: fix possible refcount leak in vdec_probe() + (bsc#1012628). +- media: hantro: Store HEVC bit depth in context (bsc#1012628). +- media: hantro: HEVC: Fix auxilary buffer size calculation + (bsc#1012628). +- media: hantro: HEVC: Fix chroma offset computation + (bsc#1012628). +- media: v4l: subdev: Fail graciously when getting try data for + NULL state (bsc#1012628). +- drm/vc4: hdmi: Check the HSM rate at runtime_resume + (bsc#1012628). +- ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() + (bsc#1012628). +- hwrng: bcm2835 - use hwrng_msleep() instead of cpu_relax() + (bsc#1012628). +- io_uring: don't iopoll from io_ring_ctx_wait_and_kill() + (bsc#1012628). +- scsi: core: Restrict legal sdev_state transitions via sysfs + (bsc#1012628). +- HID: saitek: add madcatz variant of MMO7 mouse device ID + (bsc#1012628). +- drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid + in SRIOV case (bsc#1012628). +- drm/amd/pm: skip loading pptable from driver on secure board + for smu_v13_0_10 (bsc#1012628). +- drm/amdkfd: Fix type of reset_type parameter in hqd_destroy() + callback (bsc#1012628). +- drm/amdgpu: Program GC registers through RLCG interface in + gfx_v11/gmc_v11 (bsc#1012628). +- drm/amdgpu: dequeue mes scheduler during fini (bsc#1012628). +- nvme-pci: disable write zeroes on various Kingston SSD + (bsc#1012628). +- i2c: xiic: Add platform module alias (bsc#1012628). +- bio: safeguard REQ_ALLOC_CACHE bio put (bsc#1012628). +- clk: rs9: Fix I2C accessors (bsc#1012628). +- arm64: dts: imx8mm: Enable CPLD_Dn pull down resistor on + MX8Menlo (bsc#1012628). +- efi/tpm: Pass correct address to memblock_reserve (bsc#1012628). +- clk: renesas: r8a779g0: Fix HSCIF parent clocks (bsc#1012628). +- clk: qcom: Update the force mem core bit for GPU clocks + (bsc#1012628). +- arm64: dts: verdin-imx8mp: fix ctrl_sleep_moci (bsc#1012628). +- arm64: dts: imx8mm: remove otg1/2 power domain dependency on + hsio (bsc#1012628). +- arm64: dts: imx8mm: correct usb power domains (bsc#1012628). +- arm64: dts: imx8mn: remove otg1 power domain dependency on hsio + (bsc#1012628). +- arm64: dts: imx8mn: Correct the usb power domain (bsc#1012628). +- ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset + (bsc#1012628). +- arm64: dts: imx8: correct clock order (bsc#1012628). +- arm64: dts: imx93: add gpio clk (bsc#1012628). +- arm64: dts: imx93: correct gpio-ranges (bsc#1012628). +- arm64: dts: lx2160a: specify clock frequencies for the MDIO + controllers (bsc#1012628). +- arm64: dts: ls1088a: specify clock frequencies for the MDIO + controllers (bsc#1012628). +- arm64: dts: ls208xa: specify clock frequencies for the MDIO + controllers (bsc#1012628). +- drm/rockchip: dw_hdmi: filter regulator -EPROBE_DEFER error + messages (bsc#1012628). +- drm/rockchip: fix fbdev on non-IOMMU devices (bsc#1012628). +- drm/i915: stop abusing swiotlb_max_segment (bsc#1012628). +- ublk_drv: return flag of UBLK_F_URING_CMD_COMP_IN_TASK in case + of module (bsc#1012628). +- block: Fix possible memory leak for rq_wb on add_disk failure + (bsc#1012628). +- blk-mq: Fix kmemleak in blk_mq_init_allocated_queue + (bsc#1012628). +- ARM: dts: ux500: Add trips to battery thermal zones + (bsc#1012628). +- firmware: arm_scmi: Suppress the driver's bind attributes + (bsc#1012628). +- firmware: arm_scmi: Make Rx chan_setup fail on memory errors + (bsc#1012628). +- firmware: arm_scmi: Fix devres allocation device in virtio + transport (bsc#1012628). +- firmware: arm_scmi: Fix deferred_tx_wq release on error paths + (bsc#1012628). ++++ 173 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes ++++ and /work/SRC/openSUSE:Factory/.kernel-source.new.1597/dtb-aarch64.changes dtb-armv6l.changes: same change dtb-armv7l.changes: same change dtb-riscv64.changes: same change kernel-64kb.changes: same change kernel-debug.changes: same change kernel-default.changes: same change kernel-docs.changes: same change kernel-kvmsmall.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-vanilla.changes: same change kernel-zfcpdump.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dtb-aarch64.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.621873145 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.625873169 +0100 @@ -17,7 +17,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build}) Name: dtb-aarch64 -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif dtb-armv6l.spec: same change dtb-armv7l.spec: same change dtb-riscv64.spec: same change ++++++ kernel-64kb.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.705873646 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.713873693 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -110,9 +110,9 @@ Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0-only Group: System/Kernel -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -239,10 +239,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-9068830e0691c2cb4e39588327708e85a45d9987 -Provides: kernel-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: kernel-%build_flavor-base-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e +Provides: kernel-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e # END COMMON DEPS -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %obsolete_rebuilds %name Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz Source3: kernel-source.rpmlintrc ++++++ kernel-debug.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.741873860 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.745873884 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -110,9 +110,9 @@ Summary: A Debug Version of the Kernel License: GPL-2.0-only Group: System/Kernel -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -239,10 +239,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-9068830e0691c2cb4e39588327708e85a45d9987 -Provides: kernel-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: kernel-%build_flavor-base-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e +Provides: kernel-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e # END COMMON DEPS -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %ifarch ppc64 Provides: kernel-kdump = 2.6.28 Obsoletes: kernel-kdump <= 2.6.28 ++++++ kernel-default.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.773874051 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.777874074 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -110,9 +110,9 @@ Summary: The Standard Kernel License: GPL-2.0-only Group: System/Kernel -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -239,10 +239,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-9068830e0691c2cb4e39588327708e85a45d9987 -Provides: kernel-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: kernel-%build_flavor-base-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e +Provides: kernel-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e # END COMMON DEPS -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %ifarch %ix86 Provides: kernel-smp = 2.6.17 Obsoletes: kernel-smp <= 2.6.17 ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.793874169 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.797874193 +0100 @@ -17,7 +17,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Summary: Kernel Documentation License: GPL-2.0-only Group: Documentation/Man -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -67,7 +67,7 @@ %endif URL: https://www.kernel.org/ Provides: %name = %version-%source_rel -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz ++++++ kernel-kvmsmall.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.813874288 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.821874336 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -110,9 +110,9 @@ Summary: The Small Developer Kernel for KVM License: GPL-2.0-only Group: System/Kernel -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -239,10 +239,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-9068830e0691c2cb4e39588327708e85a45d9987 -Provides: kernel-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: kernel-%build_flavor-base-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e +Provides: kernel-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e # END COMMON DEPS -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %obsolete_rebuilds %name Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz Source3: kernel-source.rpmlintrc kernel-lpae.spec: same change ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.861874574 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.869874622 +0100 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 @@ -45,7 +45,7 @@ %endif %endif %endif -BuildRequires: kernel%kernel_flavor-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +BuildRequires: kernel%kernel_flavor-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %if 0%{?rhel_version} BuildRequires: kernel @@ -64,9 +64,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0-only Group: SLES -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.889874741 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.893874765 +0100 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0-only Group: SLES -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.925874955 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.929874979 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -110,9 +110,9 @@ Summary: Kernel with PAE Support License: GPL-2.0-only Group: System/Kernel -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -239,10 +239,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-9068830e0691c2cb4e39588327708e85a45d9987 -Provides: kernel-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: kernel-%build_flavor-base-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e +Provides: kernel-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e # END COMMON DEPS -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %ifarch %ix86 Provides: kernel-bigsmp = 2.6.17 Obsoletes: kernel-bigsmp <= 2.6.17 ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.949875098 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.953875122 +0100 @@ -17,7 +17,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 @@ -31,9 +31,9 @@ %endif Name: kernel-source -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -50,7 +50,7 @@ BuildRequires: sed Requires(post): coreutils sed Provides: %name = %version-%source_rel -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e Provides: linux Provides: multiversion(kernel) Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:20.977875265 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:20.981875288 +0100 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0-only Group: Development/Sources -Version: 6.0.7 +Version: 6.0.8 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -52,7 +52,7 @@ %endif Requires: pesign-obs-integration Provides: %name = %version-%source_rel -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e Provides: multiversion(kernel) Source: README.KSYMS Requires: kernel-devel%variant = %version-%source_rel ++++++ kernel-vanilla.spec ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:21.005875431 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:21.009875455 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.0 -%define patchversion 6.0.7 +%define patchversion 6.0.8 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -110,9 +110,9 @@ Summary: The Standard Kernel - without any SUSE patches License: GPL-2.0-only Group: System/Kernel -Version: 6.0.7 +Version: 6.0.8 %if 0%{?is_kotd} -Release: <RELEASE>.g9068830 +Release: <RELEASE>.g1579d93 %else Release: 0 %endif @@ -239,10 +239,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-9068830e0691c2cb4e39588327708e85a45d9987 -Provides: kernel-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: kernel-%build_flavor-base-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e +Provides: kernel-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e # END COMMON DEPS -Provides: %name-srchash-9068830e0691c2cb4e39588327708e85a45d9987 +Provides: %name-srchash-1579d93a204dab0da2ae1ae638af853b9b6ca66e %obsolete_rebuilds %name Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz Source3: kernel-source.rpmlintrc kernel-zfcpdump.spec: same change ++++++ config.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/default new/config/arm64/default --- old/config/arm64/default 2022-11-04 07:13:30.000000000 +0100 +++ new/config/arm64/default 2022-11-09 06:49:39.000000000 +0100 @@ -12085,6 +12085,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y @@ -12414,7 +12415,7 @@ CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set -# CONFIG_SECONDARY_TRUSTED_KEYRING is not set +CONFIG_SECONDARY_TRUSTED_KEYRING=y CONFIG_SYSTEM_BLACKLIST_KEYRING=y CONFIG_SYSTEM_BLACKLIST_HASH_LIST="" CONFIG_SYSTEM_REVOCATION_LIST=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv6hl/default new/config/armv6hl/default --- old/config/armv6hl/default 2022-11-04 07:13:30.000000000 +0100 +++ new/config/armv6hl/default 2022-11-09 06:49:39.000000000 +0100 @@ -8323,6 +8323,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y @@ -8563,7 +8564,7 @@ CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set -# CONFIG_SECONDARY_TRUSTED_KEYRING is not set +CONFIG_SECONDARY_TRUSTED_KEYRING=y # CONFIG_SYSTEM_BLACKLIST_KEYRING is not set # end of Certificates for signature checking diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default --- old/config/armv7hl/default 2022-11-04 07:13:30.000000000 +0100 +++ new/config/armv7hl/default 2022-11-09 06:49:39.000000000 +0100 @@ -11705,6 +11705,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y @@ -12008,7 +12009,7 @@ CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set -# CONFIG_SECONDARY_TRUSTED_KEYRING is not set +CONFIG_SECONDARY_TRUSTED_KEYRING=y # CONFIG_SYSTEM_BLACKLIST_KEYRING is not set # end of Certificates for signature checking diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/pae new/config/i386/pae --- old/config/i386/pae 2022-11-04 07:13:30.000000000 +0100 +++ new/config/i386/pae 2022-11-09 06:49:39.000000000 +0100 @@ -10226,7 +10226,6 @@ CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y CONFIG_INTEGRITY_TRUSTED_KEYRING=y CONFIG_INTEGRITY_PLATFORM_KEYRING=y -CONFIG_INTEGRITY_MACHINE_KEYRING=y CONFIG_LOAD_UEFI_KEYS=y CONFIG_INTEGRITY_AUDIT=y CONFIG_IMA=y @@ -10247,7 +10246,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y -# CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY is not set +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default --- old/config/ppc64/default 2022-11-04 07:13:30.000000000 +0100 +++ new/config/ppc64/default 2022-11-09 06:49:39.000000000 +0100 @@ -8074,7 +8074,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y -# CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY is not set +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default --- old/config/ppc64le/default 2022-11-04 07:13:30.000000000 +0100 +++ new/config/ppc64le/default 2022-11-09 06:49:39.000000000 +0100 @@ -7923,7 +7923,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y -# CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY is not set +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/s390x/default new/config/s390x/default --- old/config/s390x/default 2022-11-04 07:13:30.000000000 +0100 +++ new/config/s390x/default 2022-11-09 06:49:39.000000000 +0100 @@ -4011,7 +4011,7 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_TRUSTED_KEYRING=y -# CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY is not set +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y # CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y ++++++ patches.kernel.org.tar.bz2 ++++++ ++++ 16379 lines of diff (skipped) ++++++ patches.suse.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/ALSA-usb-audio-Remove-redundant-workaround-for-Rolan.patch new/patches.suse/ALSA-usb-audio-Remove-redundant-workaround-for-Rolan.patch --- old/patches.suse/ALSA-usb-audio-Remove-redundant-workaround-for-Rolan.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/ALSA-usb-audio-Remove-redundant-workaround-for-Rolan.patch 2022-11-11 09:02:50.000000000 +0100 @@ -0,0 +1,97 @@ +From ea83ec50393a6993fa09315e4200240c938c21b3 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai <ti...@suse.de> +Date: Tue, 8 Nov 2022 07:58:24 +0100 +Subject: [PATCH] ALSA: usb-audio: Remove redundant workaround for Roland quirk +Git-commit: ea83ec50393a6993fa09315e4200240c938c21b3 +Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git +Patch-mainline: Queued in subsystem maintainer repository +References: bsc#1205111 + +The recent fix for the delayed card registration made the current +workaround for QUIRK_AUTODETECT superfluous, since the card +registration itself is delayed until the last interface probe. + +This patch drops the redundant workaround in +create_autodetect_quirks() for simplification. + +Fixes: 39efc9c8a973 ("ALSA: usb-audio: Fix last interface check for registration") +Link: https://bugzilla.suse.com/show_bug.cgi?id=1205111 +Link: https://lore.kernel.org/r/20221108065824.14418-2-ti...@suse.de +Signed-off-by: Takashi Iwai <ti...@suse.de> + +--- + sound/usb/quirks.c | 44 +++----------------------------------------- + 1 file changed, 3 insertions(+), 41 deletions(-) + +diff --git a/sound/usb/quirks.c b/sound/usb/quirks.c +index eadac586bcc8..2dd19a5c3026 100644 +--- a/sound/usb/quirks.c ++++ b/sound/usb/quirks.c +@@ -376,7 +376,8 @@ static int create_auto_midi_quirk(struct snd_usb_audio *chip, + + static int create_autodetect_quirk(struct snd_usb_audio *chip, + struct usb_interface *iface, +- struct usb_driver *driver) ++ struct usb_driver *driver, ++ const struct snd_usb_audio_quirk *quirk) + { + int err; + +@@ -386,45 +387,6 @@ static int create_autodetect_quirk(struct snd_usb_audio *chip, + return err; + } + +-static int create_autodetect_quirks(struct snd_usb_audio *chip, +- struct usb_interface *iface, +- struct usb_driver *driver, +- const struct snd_usb_audio_quirk *quirk) +-{ +- int probed_ifnum = get_iface_desc(iface->altsetting)->bInterfaceNumber; +- int ifcount, ifnum, err; +- +- err = create_autodetect_quirk(chip, iface, driver); +- if (err < 0) +- return err; +- +- /* +- * ALSA PCM playback/capture devices cannot be registered in two steps, +- * so we have to claim the other corresponding interface here. +- */ +- ifcount = chip->dev->actconfig->desc.bNumInterfaces; +- for (ifnum = 0; ifnum < ifcount; ifnum++) { +- if (ifnum == probed_ifnum || quirk->ifnum >= 0) +- continue; +- iface = usb_ifnum_to_if(chip->dev, ifnum); +- if (!iface || +- usb_interface_claimed(iface) || +- get_iface_desc(iface->altsetting)->bInterfaceClass != +- USB_CLASS_VENDOR_SPEC) +- continue; +- +- err = create_autodetect_quirk(chip, iface, driver); +- if (err >= 0) { +- err = usb_driver_claim_interface(driver, iface, +- USB_AUDIO_IFACE_UNUSED); +- if (err < 0) +- return err; +- } +- } +- +- return 0; +-} +- + /* + * Create a stream for an Edirol UA-700/UA-25/UA-4FX interface. + * The only way to detect the sample rate is by looking at wMaxPacketSize. +@@ -554,7 +516,7 @@ int snd_usb_create_quirk(struct snd_usb_audio *chip, + static const quirk_func_t quirk_funcs[] = { + [QUIRK_IGNORE_INTERFACE] = ignore_interface_quirk, + [QUIRK_COMPOSITE] = create_composite_quirk, +- [QUIRK_AUTODETECT] = create_autodetect_quirks, ++ [QUIRK_AUTODETECT] = create_autodetect_quirk, + [QUIRK_MIDI_STANDARD_INTERFACE] = create_any_midi_quirk, + [QUIRK_MIDI_FIXED_ENDPOINT] = create_any_midi_quirk, + [QUIRK_MIDI_YAMAHA] = create_any_midi_quirk, +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/ALSA-usb-audio-Yet-more-regression-for-for-the-delay.patch new/patches.suse/ALSA-usb-audio-Yet-more-regression-for-for-the-delay.patch --- old/patches.suse/ALSA-usb-audio-Yet-more-regression-for-for-the-delay.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/ALSA-usb-audio-Yet-more-regression-for-for-the-delay.patch 2022-11-11 09:02:50.000000000 +0100 @@ -0,0 +1,89 @@ +From 971cb608d1c5d95533a43b549bb8ec9637f10043 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai <ti...@suse.de> +Date: Tue, 8 Nov 2022 07:58:23 +0100 +Subject: [PATCH] ALSA: usb-audio: Yet more regression for for the delayed card + registration +Git-commit: 971cb608d1c5d95533a43b549bb8ec9637f10043 +Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git +Patch-mainline: Queued in subsystem maintainer repository +References: bsc#1205111 + +Although we tried to fix the regression for the recent changes with +the delayed card registration, it doesn't seem covering the all +cases; e.g. on Roland EDIROL M-100FX, where the generic quirk for +Roland devices is applied, it misses the card registration because the +detection of the last interface (apparently for MIDI) fails. + +This patch is an attempt to recover from those failures by calling the +card register also at the error path for the secondary interfaces. +The card register condition is also extended to match with the old +check in the previous patch, too (i.e. the simple check of the +interface number) for catching the probe with errors. + +Fixes: 39efc9c8a973 ("ALSA: usb-audio: Fix last interface check for registration") +Cc: <sta...@vger.kernel.org> +Link: https://bugzilla.suse.com/show_bug.cgi?id=1205111 +Link: https://lore.kernel.org/r/20221108065824.14418-1-ti...@suse.de +Signed-off-by: Takashi Iwai <ti...@suse.de> + +--- + sound/usb/card.c | 29 ++++++++++++++++++++--------- + 1 file changed, 20 insertions(+), 9 deletions(-) + +diff --git a/sound/usb/card.c b/sound/usb/card.c +index a5ed11ea1145..26268ffb8274 100644 +--- a/sound/usb/card.c ++++ b/sound/usb/card.c +@@ -742,6 +742,18 @@ get_alias_quirk(struct usb_device *dev, unsigned int id) + return NULL; + } + ++/* register card if we reach to the last interface or to the specified ++ * one given via option ++ */ ++static int try_to_register_card(struct snd_usb_audio *chip, int ifnum) ++{ ++ if (check_delayed_register_option(chip) == ifnum || ++ chip->last_iface == ifnum || ++ usb_interface_claimed(usb_ifnum_to_if(chip->dev, chip->last_iface))) ++ return snd_card_register(chip->card); ++ return 0; ++} ++ + /* + * probe the active usb device + * +@@ -880,15 +892,9 @@ static int usb_audio_probe(struct usb_interface *intf, + chip->need_delayed_register = false; /* clear again */ + } + +- /* register card if we reach to the last interface or to the specified +- * one given via option +- */ +- if (check_delayed_register_option(chip) == ifnum || +- usb_interface_claimed(usb_ifnum_to_if(dev, chip->last_iface))) { +- err = snd_card_register(chip->card); +- if (err < 0) +- goto __error; +- } ++ err = try_to_register_card(chip, ifnum); ++ if (err < 0) ++ goto __error_no_register; + + if (chip->quirk_flags & QUIRK_FLAG_SHARE_MEDIA_DEVICE) { + /* don't want to fail when snd_media_device_create() fails */ +@@ -907,6 +913,11 @@ static int usb_audio_probe(struct usb_interface *intf, + return 0; + + __error: ++ /* in the case of error in secondary interface, still try to register */ ++ if (chip) ++ try_to_register_card(chip, ifnum); ++ ++ __error_no_register: + if (chip) { + /* chip->active is inside the chip->card object, + * decrement before memory is possibly returned. +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch new/patches.suse/Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch --- old/patches.suse/Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch 2022-11-04 08:35:08.000000000 +0100 +++ new/patches.suse/Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,142 +0,0 @@ -From 42cf46dea905a80f6de218e837ba4d4cc33d6979 Mon Sep 17 00:00:00 2001 -From: Zhengchao Shao <shaozhengc...@huawei.com> -Date: Mon, 17 Oct 2022 15:58:13 +0800 -Subject: [PATCH] Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() -Git-commit: 42cf46dea905a80f6de218e837ba4d4cc33d6979 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git -Patch-mainline: Queued in subsystem maintainer repo -References: CVE-2022-3640 bsc#1204619 - -When l2cap_recv_frame() is invoked to receive data, and the cid is -L2CAP_CID_A2MP, if the channel does not exist, it will create a channel. -However, after a channel is created, the hold operation of the channel -is not performed. In this case, the value of channel reference counting -is 1. As a result, after hci_error_reset() is triggered, l2cap_conn_del() -invokes the close hook function of A2MP to release the channel. Then - l2cap_chan_unlock(chan) will trigger UAF issue. - -The process is as follows: -Receive data: -l2cap_data_channel() - a2mp_channel_create() --->channel ref is 2 - l2cap_chan_put() --->channel ref is 1 - -Triger event: - hci_error_reset() - hci_dev_do_close() - ... - l2cap_disconn_cfm() - l2cap_conn_del() - l2cap_chan_hold() --->channel ref is 2 - l2cap_chan_del() --->channel ref is 1 - a2mp_chan_close_cb() --->channel ref is 0, release channel - l2cap_chan_unlock() --->UAF of channel - -The detailed Call Trace is as follows: -Bug: KASAN: use-after-free in __mutex_unlock_slowpath+0xa6/0x5e0 -Read of size 8 at addr ffff8880160664b8 by task kworker/u11:1/7593 -Workqueue: hci0 hci_error_reset -Call Trace: - <TASK> - dump_stack_lvl+0xcd/0x134 - print_report.cold+0x2ba/0x719 - kasan_report+0xb1/0x1e0 - kasan_check_range+0x140/0x190 - __mutex_unlock_slowpath+0xa6/0x5e0 - l2cap_conn_del+0x404/0x7b0 - l2cap_disconn_cfm+0x8c/0xc0 - hci_conn_hash_flush+0x11f/0x260 - hci_dev_close_sync+0x5f5/0x11f0 - hci_dev_do_close+0x2d/0x70 - hci_error_reset+0x9e/0x140 - process_one_work+0x98a/0x1620 - worker_thread+0x665/0x1080 - kthread+0x2e4/0x3a0 - ret_from_fork+0x1f/0x30 - </TASK> - -Allocated by task 7593: - kasan_save_stack+0x1e/0x40 - __kasan_kmalloc+0xa9/0xd0 - l2cap_chan_create+0x40/0x930 - amp_mgr_create+0x96/0x990 - a2mp_channel_create+0x7d/0x150 - l2cap_recv_frame+0x51b8/0x9a70 - l2cap_recv_acldata+0xaa3/0xc00 - hci_rx_work+0x702/0x1220 - process_one_work+0x98a/0x1620 - worker_thread+0x665/0x1080 - kthread+0x2e4/0x3a0 - ret_from_fork+0x1f/0x30 - -Freed by task 7593: - kasan_save_stack+0x1e/0x40 - kasan_set_track+0x21/0x30 - kasan_set_free_info+0x20/0x30 - ____kasan_slab_free+0x167/0x1c0 - slab_free_freelist_hook+0x89/0x1c0 - kfree+0xe2/0x580 - l2cap_chan_put+0x22a/0x2d0 - l2cap_conn_del+0x3fc/0x7b0 - l2cap_disconn_cfm+0x8c/0xc0 - hci_conn_hash_flush+0x11f/0x260 - hci_dev_close_sync+0x5f5/0x11f0 - hci_dev_do_close+0x2d/0x70 - hci_error_reset+0x9e/0x140 - process_one_work+0x98a/0x1620 - worker_thread+0x665/0x1080 - kthread+0x2e4/0x3a0 - ret_from_fork+0x1f/0x30 - -Last potentially related work creation: - kasan_save_stack+0x1e/0x40 - __kasan_record_aux_stack+0xbe/0xd0 - call_rcu+0x99/0x740 - netlink_release+0xe6a/0x1cf0 - __sock_release+0xcd/0x280 - sock_close+0x18/0x20 - __fput+0x27c/0xa90 - task_work_run+0xdd/0x1a0 - exit_to_user_mode_prepare+0x23c/0x250 - syscall_exit_to_user_mode+0x19/0x50 - do_syscall_64+0x42/0x80 - entry_SYSCALL_64_after_hwframe+0x63/0xcd - -Second to last potentially related work creation: - kasan_save_stack+0x1e/0x40 - __kasan_record_aux_stack+0xbe/0xd0 - call_rcu+0x99/0x740 - netlink_release+0xe6a/0x1cf0 - __sock_release+0xcd/0x280 - sock_close+0x18/0x20 - __fput+0x27c/0xa90 - task_work_run+0xdd/0x1a0 - exit_to_user_mode_prepare+0x23c/0x250 - syscall_exit_to_user_mode+0x19/0x50 - do_syscall_64+0x42/0x80 - entry_SYSCALL_64_after_hwframe+0x63/0xcd - -Fixes: d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put") -Signed-off-by: Zhengchao Shao <shaozhengc...@huawei.com> -Signed-off-by: Luiz Augusto von Dentz <luiz.von.de...@intel.com> -Acked-by: Takashi Iwai <ti...@suse.de> - ---- - net/bluetooth/l2cap_core.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c -index 2283871d3f01..9a32ce634919 100644 ---- a/net/bluetooth/l2cap_core.c -+++ b/net/bluetooth/l2cap_core.c -@@ -7615,6 +7615,7 @@ static void l2cap_data_channel(struct l2cap_conn *conn, u16 cid, - return; - } - -+ l2cap_chan_hold(chan); - l2cap_chan_lock(chan); - } else { - BT_DBG("unknown cid 0x%4.4x", cid); --- -2.35.3 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/Input-synaptics-retry-query-upon-error.patch new/patches.suse/Input-synaptics-retry-query-upon-error.patch --- old/patches.suse/Input-synaptics-retry-query-upon-error.patch 2022-11-04 08:35:08.000000000 +0100 +++ new/patches.suse/Input-synaptics-retry-query-upon-error.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,61 +0,0 @@ -From: Takashi Iwai <ti...@suse.de> -Subject: [PATCH] Input: synaptics: retry query upon error -Date: Tue, 18 Jan 2022 17:28:50 +0100 -Message-ID: <s5h35llxb25.wl-ti...@suse.de> -Patch-mainline: Submitted, linux-input ML -References: bsc#1194086 - -Some recent laptops such as Lenovo ThinkPad T14 AMD Gen 1 show the -errors at querying synaptics attributes. This results in the driver -falling back to the legacy mode without multi-finger support. It -happens only intermittently at some boots, and it seems that the same -query command seems working fine after retrying. - -This patch implements a retry of synaptics_query_hardware() call when -it fails after some delay as a workaround. - -Buglink: https://bugzilla.suse.com/show_bug.cgi?id=1194086 -Signed-off-by: Takashi Iwai <ti...@suse.de> - ---- - drivers/input/mouse/synaptics.c | 17 ++++++++++++++++- - 1 file changed, 16 insertions(+), 1 deletion(-) - -diff --git a/drivers/input/mouse/synaptics.c b/drivers/input/mouse/synaptics.c -index ffad142801b3..0f23fba4c36e 100644 ---- a/drivers/input/mouse/synaptics.c -+++ b/drivers/input/mouse/synaptics.c -@@ -416,7 +416,7 @@ static int synaptics_resolution(struct psmouse *psmouse, - return 0; - } - --static int synaptics_query_hardware(struct psmouse *psmouse, -+static int __synaptics_query_hardware(struct psmouse *psmouse, - struct synaptics_device_info *info) - { - int error; -@@ -450,6 +450,21 @@ static int synaptics_query_hardware(struct psmouse *psmouse, - return 0; - } - -+static int synaptics_query_hardware(struct psmouse *psmouse, -+ struct synaptics_device_info *info) -+{ -+ int err; -+ -+ err = __synaptics_query_hardware(psmouse, info); -+ if (err) { -+ psmouse_info(psmouse, "Query error (%d), retrying...\n", err); -+ msleep(100); -+ err = __synaptics_query_hardware(psmouse, info); -+ } -+ -+ return err; -+} -+ - #endif /* CONFIG_MOUSE_PS2_SYNAPTICS || CONFIG_MOUSE_PS2_SYNAPTICS_SMBUS */ - - #ifdef CONFIG_MOUSE_PS2_SYNAPTICS --- -2.31.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/KVM-x86-emulator-introduce-emulator_recalc_and_set_m.patch new/patches.suse/KVM-x86-emulator-introduce-emulator_recalc_and_set_m.patch --- old/patches.suse/KVM-x86-emulator-introduce-emulator_recalc_and_set_m.patch 2022-11-04 08:35:08.000000000 +0100 +++ new/patches.suse/KVM-x86-emulator-introduce-emulator_recalc_and_set_m.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,161 +0,0 @@ -From: Maxim Levitsky <mlevi...@redhat.com> -Date: Tue, 25 Oct 2022 15:47:29 +0300 -Subject: KVM: x86: emulator: introduce emulator_recalc_and_set_mode -Git-commit: d087e0f79fa0dd336a9a6b2f79ec23120f5eff73 -Patch-mainline: v6.1-rc4 -References: bsc#1200616 - -Some instructions update the cpu execution mode, which needs to update the -emulation mode. - -Extract this code, and make assign_eip_far use it. - -assign_eip_far now reads CS, instead of getting it via a parameter, -which is ok, because callers always assign CS to the same value -before calling this function. - -No functional change is intended. - -Signed-off-by: Maxim Levitsky <mlevi...@redhat.com> -Message-Id: <20221025124741.228045-12-mlevi...@redhat.com> -Cc: sta...@vger.kernel.org -Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> -Signed-off-by: Jiri Slaby <jsl...@suse.cz> ---- - arch/x86/kvm/emulate.c | 85 ++++++++++++++++++++++++++++++++----------------- - 1 file changed, 57 insertions(+), 28 deletions(-) - ---- a/arch/x86/kvm/emulate.c -+++ b/arch/x86/kvm/emulate.c -@@ -791,8 +791,7 @@ static int linearize(struct x86_emulate_ - ctxt->mode, linear); - } - --static inline int assign_eip(struct x86_emulate_ctxt *ctxt, ulong dst, -- enum x86emul_mode mode) -+static inline int assign_eip(struct x86_emulate_ctxt *ctxt, ulong dst) - { - ulong linear; - int rc; -@@ -802,41 +801,71 @@ static inline int assign_eip(struct x86_ - - if (ctxt->op_bytes != sizeof(unsigned long)) - addr.ea = dst & ((1UL << (ctxt->op_bytes << 3)) - 1); -- rc = __linearize(ctxt, addr, &max_size, 1, false, true, mode, &linear); -+ rc = __linearize(ctxt, addr, &max_size, 1, false, true, ctxt->mode, &linear); - if (rc == X86EMUL_CONTINUE) - ctxt->_eip = addr.ea; - return rc; - } - -+static inline int emulator_recalc_and_set_mode(struct x86_emulate_ctxt *ctxt) -+{ -+ u64 efer; -+ struct desc_struct cs; -+ u16 selector; -+ u32 base3; -+ -+ ctxt->ops->get_msr(ctxt, MSR_EFER, &efer); -+ -+ if (!(ctxt->ops->get_cr(ctxt, 0) & X86_CR0_PE)) { -+ /* Real mode. cpu must not have long mode active */ -+ if (efer & EFER_LMA) -+ return X86EMUL_UNHANDLEABLE; -+ ctxt->mode = X86EMUL_MODE_REAL; -+ return X86EMUL_CONTINUE; -+ } -+ -+ if (ctxt->eflags & X86_EFLAGS_VM) { -+ /* Protected/VM86 mode. cpu must not have long mode active */ -+ if (efer & EFER_LMA) -+ return X86EMUL_UNHANDLEABLE; -+ ctxt->mode = X86EMUL_MODE_VM86; -+ return X86EMUL_CONTINUE; -+ } -+ -+ if (!ctxt->ops->get_segment(ctxt, &selector, &cs, &base3, VCPU_SREG_CS)) -+ return X86EMUL_UNHANDLEABLE; -+ -+ if (efer & EFER_LMA) { -+ if (cs.l) { -+ /* Proper long mode */ -+ ctxt->mode = X86EMUL_MODE_PROT64; -+ } else if (cs.d) { -+ /* 32 bit compatibility mode*/ -+ ctxt->mode = X86EMUL_MODE_PROT32; -+ } else { -+ ctxt->mode = X86EMUL_MODE_PROT16; -+ } -+ } else { -+ /* Legacy 32 bit / 16 bit mode */ -+ ctxt->mode = cs.d ? X86EMUL_MODE_PROT32 : X86EMUL_MODE_PROT16; -+ } -+ -+ return X86EMUL_CONTINUE; -+} -+ - static inline int assign_eip_near(struct x86_emulate_ctxt *ctxt, ulong dst) - { -- return assign_eip(ctxt, dst, ctxt->mode); -+ return assign_eip(ctxt, dst); - } - --static int assign_eip_far(struct x86_emulate_ctxt *ctxt, ulong dst, -- const struct desc_struct *cs_desc) -+static int assign_eip_far(struct x86_emulate_ctxt *ctxt, ulong dst) - { -- enum x86emul_mode mode = ctxt->mode; -- int rc; -+ int rc = emulator_recalc_and_set_mode(ctxt); - --#ifdef CONFIG_X86_64 -- if (ctxt->mode >= X86EMUL_MODE_PROT16) { -- if (cs_desc->l) { -- u64 efer = 0; -+ if (rc != X86EMUL_CONTINUE) -+ return rc; - -- ctxt->ops->get_msr(ctxt, MSR_EFER, &efer); -- if (efer & EFER_LMA) -- mode = X86EMUL_MODE_PROT64; -- } else -- mode = X86EMUL_MODE_PROT32; /* temporary value */ -- } --#endif -- if (mode == X86EMUL_MODE_PROT16 || mode == X86EMUL_MODE_PROT32) -- mode = cs_desc->d ? X86EMUL_MODE_PROT32 : X86EMUL_MODE_PROT16; -- rc = assign_eip(ctxt, dst, mode); -- if (rc == X86EMUL_CONTINUE) -- ctxt->mode = mode; -- return rc; -+ return assign_eip(ctxt, dst); - } - - static inline int jmp_rel(struct x86_emulate_ctxt *ctxt, int rel) -@@ -2170,7 +2199,7 @@ static int em_jmp_far(struct x86_emulate - if (rc != X86EMUL_CONTINUE) - return rc; - -- rc = assign_eip_far(ctxt, ctxt->src.val, &new_desc); -+ rc = assign_eip_far(ctxt, ctxt->src.val); - /* Error handling is not implemented. */ - if (rc != X86EMUL_CONTINUE) - return X86EMUL_UNHANDLEABLE; -@@ -2248,7 +2277,7 @@ static int em_ret_far(struct x86_emulate - &new_desc); - if (rc != X86EMUL_CONTINUE) - return rc; -- rc = assign_eip_far(ctxt, eip, &new_desc); -+ rc = assign_eip_far(ctxt, eip); - /* Error handling is not implemented. */ - if (rc != X86EMUL_CONTINUE) - return X86EMUL_UNHANDLEABLE; -@@ -3467,7 +3496,7 @@ static int em_call_far(struct x86_emulat - if (rc != X86EMUL_CONTINUE) - return rc; - -- rc = assign_eip_far(ctxt, ctxt->src.val, &new_desc); -+ rc = assign_eip_far(ctxt, ctxt->src.val); - if (rc != X86EMUL_CONTINUE) - goto fail; - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/KVM-x86-emulator-update-the-emulation-mode-after-rsm.patch new/patches.suse/KVM-x86-emulator-update-the-emulation-mode-after-rsm.patch --- old/patches.suse/KVM-x86-emulator-update-the-emulation-mode-after-rsm.patch 2022-11-04 08:35:08.000000000 +0100 +++ new/patches.suse/KVM-x86-emulator-update-the-emulation-mode-after-rsm.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,34 +0,0 @@ -From: Maxim Levitsky <mlevi...@redhat.com> -Date: Tue, 25 Oct 2022 15:47:30 +0300 -Subject: KVM: x86: emulator: update the emulation mode after rsm -Git-commit: 055f37f84e304e59c046d1accfd8f08462f52c4c -Patch-mainline: v6.1-rc4 -References: bsc#1200616 - -Update the emulation mode after RSM so that RIP will be correctly -written back, because the RSM instruction can switch the CPU mode from -32 bit (or less) to 64 bit. - -This fixes a guest crash in case the #SMI is received while the guest -runs a code from an address > 32 bit. - -Signed-off-by: Maxim Levitsky <mlevi...@redhat.com> -Message-Id: <20221025124741.228045-13-mlevi...@redhat.com> -Cc: sta...@vger.kernel.org -Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> -Signed-off-by: Jiri Slaby <jsl...@suse.cz> ---- - arch/x86/kvm/emulate.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/arch/x86/kvm/emulate.c -+++ b/arch/x86/kvm/emulate.c -@@ -2660,7 +2660,7 @@ static int em_rsm(struct x86_emulate_ctx - * those side effects need to be explicitly handled for both success - * and shutdown. - */ -- return X86EMUL_CONTINUE; -+ return emulator_recalc_and_set_mode(ctxt); - - emulate_shutdown: - ctxt->ops->triple_fault(ctxt); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/ring-buffer-Check-for-NULL-cpu_buffer-in-ring_buffer.patch new/patches.suse/ring-buffer-Check-for-NULL-cpu_buffer-in-ring_buffer.patch --- old/patches.suse/ring-buffer-Check-for-NULL-cpu_buffer-in-ring_buffer.patch 2022-11-04 08:35:08.000000000 +0100 +++ new/patches.suse/ring-buffer-Check-for-NULL-cpu_buffer-in-ring_buffer.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,71 +0,0 @@ -From: "Steven Rostedt (Google)" <rost...@goodmis.org> -Date: Tue, 1 Nov 2022 19:10:09 -0400 -Subject: [PATCH] ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() -Message-ID: <20221101191009.1e737...@rorschach.local.home> -Patch-mainline: Submitted, trace ML -References: bsc#1204705 - -On some machines the number of listed CPUs may be bigger than the actual -CPUs that exist. The tracing subsystem allocates a per_cpu directory with -access to the per CPU ring buffer via a cpuX file. But to save space, the -ring buffer will only allocate buffers for online CPUs, even though the -CPU array will be as big as the nr_cpu_ids. - -With the addition of waking waiters on the ring buffer when closing the -file, the ring_buffer_wake_waiters() now needs to make sure that the -buffer is allocated (with the irq_work allocated with it) before trying to -wake waiters, as it will cause a NULL pointer dereference. - -While debugging this, I added a NULL check for the buffer itself (which is -OK to do), and also NULL pointer checks against buffer->buffers (which is -not fine, and will WARN) as well as making sure the CPU number passed in -is within the nr_cpu_ids (which is also not fine if it isn't). - -Link: https://lore.kernel.org/all/87h6zklb6n.wl-ti...@suse.de/ -Link: https://lore.kernel.org/all/CAM6Wdxc0KRJMXVAA0Y=u6Jh2V=uwb-_fn6m4xrunppfxzl1...@mail.gmail.com/ - -Cc: sta...@vger.kernel.org -Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1204705 -Reported-by: Takashi Iwai <ti...@suse.de> -Reported-by: Roland Ruckerbauer <roland.ru...@gmail.com> -Fixes: f3ddb74ad079 ("tracing: Wake up ring buffer waiters on closing of the file") -Signed-off-by: Steven Rostedt (Google) <rost...@goodmis.org> -Signed-off-by: Takashi Iwai <ti...@suse.de> - ---- - kernel/trace/ring_buffer.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c -index 199759c73519..9712083832f4 100644 ---- a/kernel/trace/ring_buffer.c -+++ b/kernel/trace/ring_buffer.c -@@ -937,6 +937,9 @@ void ring_buffer_wake_waiters(struct trace_buffer *buffer, int cpu) - struct ring_buffer_per_cpu *cpu_buffer; - struct rb_irq_work *rbwork; - -+ if (!buffer) -+ return; -+ - if (cpu == RING_BUFFER_ALL_CPUS) { - - /* Wake up individual ones too. One level recursion */ -@@ -945,7 +948,15 @@ void ring_buffer_wake_waiters(struct trace_buffer *buffer, int cpu) - - rbwork = &buffer->irq_work; - } else { -+ if (WARN_ON_ONCE(!buffer->buffers)) -+ return; -+ if (WARN_ON_ONCE(cpu >= nr_cpu_ids)) -+ return; -+ - cpu_buffer = buffer->buffers[cpu]; -+ /* The CPU buffer may not have been initialized yet */ -+ if (!cpu_buffer) -+ return; - rbwork = &cpu_buffer->irq_work; - } - --- -2.35.3 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch new/patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch --- old/patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch 2022-11-04 08:35:08.000000000 +0100 +++ new/patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,128 +0,0 @@ -From 6788ba8aed4e28e90f72d68a9d794e34eac17295 Mon Sep 17 00:00:00 2001 -From: Dokyung Song <dokyung.s...@gmail.com> -Date: Fri, 21 Oct 2022 15:13:59 +0900 -Subject: [PATCH] wifi: brcmfmac: Fix potential buffer overflow in - brcmf_fweh_event_worker() -Git-commit: 6788ba8aed4e28e90f72d68a9d794e34eac17295 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git -Patch-mainline: Queued in subsystem maintainer repository -References: CVE-2022-3628 bsc#1204868 - -This patch fixes an intra-object buffer overflow in brcmfmac that occurs -when the device provides a 'bsscfgidx' equal to or greater than the -buffer size. The patch adds a check that leads to a safe failure if that -is the case. - -This fixes CVE-2022-3628. - -Ubsan: array-index-out-of-bounds in drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c -index 52 is out of range for type 'brcmf_if *[16]' -Cpu: 0 PID: 1898 Comm: kworker/0:2 Tainted: G O 5.14.0+ #132 -Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014 -Workqueue: events brcmf_fweh_event_worker -Call Trace: - dump_stack_lvl+0x57/0x7d - ubsan_epilogue+0x5/0x40 - __ubsan_handle_out_of_bounds+0x69/0x80 - ? memcpy+0x39/0x60 - brcmf_fweh_event_worker+0xae1/0xc00 - ? brcmf_fweh_call_event_handler.isra.0+0x100/0x100 - ? rcu_read_lock_sched_held+0xa1/0xd0 - ? rcu_read_lock_bh_held+0xb0/0xb0 - ? lockdep_hardirqs_on_prepare+0x273/0x3e0 - process_one_work+0x873/0x13e0 - ? lock_release+0x640/0x640 - ? pwq_dec_nr_in_flight+0x320/0x320 - ? rwlock_bug.part.0+0x90/0x90 - worker_thread+0x8b/0xd10 - ? __kthread_parkme+0xd9/0x1d0 - ? process_one_work+0x13e0/0x13e0 - kthread+0x379/0x450 - ? _raw_spin_unlock_irq+0x24/0x30 - ? set_kthread_struct+0x100/0x100 - ret_from_fork+0x1f/0x30 -================================================================================ -general protection fault, probably for non-canonical address 0xe5601c0020023fff: 0000 [#1] SMP KASAN -Kasan: maybe wild-memory-access in range [0x2b0100010011fff8-0x2b0100010011ffff] -Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014 -Rip: 0010:brcmf_fweh_call_event_handler.isra.0+0x42/0x100 -Code: 89 f5 53 48 89 fb 48 83 ec 08 e8 79 0b 38 fe 48 85 ed 74 7e e8 6f 0b 38 fe 48 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 8b 00 00 00 4c 8b 7d 00 44 89 e0 48 ba 00 00 00 -Rsp: 0018:ffffc9000259fbd8 EFLAGS: 00010207 -Rax: dffffc0000000000 RBX: ffff888115d8cd50 RCX: 0000000000000000 -Rdx: 0560200020023fff RSI: ffffffff8304bc91 RDI: ffff888115d8cd50 -Rbp: 2b0100010011ffff R08: ffff888112340050 R09: ffffed1023549809 -R10: ffff88811aa4c047 R11: ffffed1023549808 R12: 0000000000000045 -R13: ffffc9000259fca0 R14: ffff888112340050 R15: ffff888112340000 -Fs: 0000000000000000(0000) GS:ffff88811aa00000(0000) knlGS:0000000000000000 -Cs: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 -Cr2: 000000004053ccc0 CR3: 0000000112740000 CR4: 0000000000750ef0 -Dr0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 -Dr3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 -Pkru: 55555554 -Call Trace: - brcmf_fweh_event_worker+0x117/0xc00 - ? brcmf_fweh_call_event_handler.isra.0+0x100/0x100 - ? rcu_read_lock_sched_held+0xa1/0xd0 - ? rcu_read_lock_bh_held+0xb0/0xb0 - ? lockdep_hardirqs_on_prepare+0x273/0x3e0 - process_one_work+0x873/0x13e0 - ? lock_release+0x640/0x640 - ? pwq_dec_nr_in_flight+0x320/0x320 - ? rwlock_bug.part.0+0x90/0x90 - worker_thread+0x8b/0xd10 - ? __kthread_parkme+0xd9/0x1d0 - ? process_one_work+0x13e0/0x13e0 - kthread+0x379/0x450 - ? _raw_spin_unlock_irq+0x24/0x30 - ? set_kthread_struct+0x100/0x100 - ret_from_fork+0x1f/0x30 -Modules linked in: 88XXau(O) 88x2bu(O) ----[ end trace 41d302138f3ff55a ]--- -RIP: 0010:brcmf_fweh_call_event_handler.isra.0+0x42/0x100 -Code: 89 f5 53 48 89 fb 48 83 ec 08 e8 79 0b 38 fe 48 85 ed 74 7e e8 6f 0b 38 fe 48 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 8b 00 00 00 4c 8b 7d 00 44 89 e0 48 ba 00 00 00 -RSP: 0018:ffffc9000259fbd8 EFLAGS: 00010207 -RAX: dffffc0000000000 RBX: ffff888115d8cd50 RCX: 0000000000000000 -RDX: 0560200020023fff RSI: ffffffff8304bc91 RDI: ffff888115d8cd50 -RBP: 2b0100010011ffff R08: ffff888112340050 R09: ffffed1023549809 -R10: ffff88811aa4c047 R11: ffffed1023549808 R12: 0000000000000045 -R13: ffffc9000259fca0 R14: ffff888112340050 R15: ffff888112340000 -FS: 0000000000000000(0000) GS:ffff88811aa00000(0000) knlGS:0000000000000000 -CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 -CR2: 000000004053ccc0 CR3: 0000000112740000 CR4: 0000000000750ef0 -DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 -DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 -PKRU: 55555554 -Kernel panic - not syncing: Fatal exception - -Reported-by: Dokyung Song <dokyu...@yonsei.ac.kr> -Reported-by: Jisoo Jang <jisoo.j...@yonsei.ac.kr> -Reported-by: Minsuk Kang <linuxlove...@yonsei.ac.kr> -Reviewed-by: Arend van Spriel <aspr...@gmail.com> -Cc: <sta...@vger.kernel.org> -Signed-off-by: Dokyung Song <dokyung.s...@gmail.com> -Signed-off-by: Kalle Valo <kv...@kernel.org> -Link: https://lore.kernel.org/r/20221021061359.GA550858@laguna -Acked-by: Takashi Iwai <ti...@suse.de> - ---- - drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c -index bc3f4e4edcdf..dac7eb77799b 100644 ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c -@@ -228,6 +228,10 @@ static void brcmf_fweh_event_worker(struct work_struct *work) - brcmf_fweh_event_name(event->code), event->code, - event->emsg.ifidx, event->emsg.bsscfgidx, - event->emsg.addr); -+ if (event->emsg.bsscfgidx >= BRCMF_MAX_IFS) { -+ bphy_err(drvr, "invalid bsscfg index: %u\n", event->emsg.bsscfgidx); -+ goto event_free; -+ } - - /* convert event message */ - emsg_be = &event->emsg; --- -2.35.3 - ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:22.533884528 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:22.537884552 +0100 @@ -1292,6 +1292,203 @@ patches.kernel.org/6.0.7-239-arm64-Add-AMPERE1-to-the-Spectre-BHB-affected-l.patch patches.kernel.org/6.0.7-240-tcp-udp-Fix-memory-leak-in-ipv6_renew_options.patch patches.kernel.org/6.0.7-241-Linux-6.0.7.patch + patches.kernel.org/6.0.8-001-usb-dwc3-gadget-Force-sending-delayed-status-du.patch + patches.kernel.org/6.0.8-002-usb-dwc3-gadget-Don-t-delay-End-Transfer-on-del.patch + patches.kernel.org/6.0.8-003-RDMA-cma-Use-output-interface-for-net_dev-check.patch + patches.kernel.org/6.0.8-004-IB-hfi1-Correctly-move-list-in-sc_disable.patch + patches.kernel.org/6.0.8-005-RDMA-hns-Disable-local-invalidate-operation.patch + patches.kernel.org/6.0.8-006-RDMA-hns-Fix-NULL-pointer-problem-in-free_mr_in.patch + patches.kernel.org/6.0.8-007-docs-process-howto-Replace-C89-with-C11.patch + patches.kernel.org/6.0.8-008-RDMA-rxe-Fix-mr-leak-in-RESPST_ERR_RNR.patch + patches.kernel.org/6.0.8-009-NFSv4-Fix-a-potential-state-reclaim-deadlock.patch + patches.kernel.org/6.0.8-010-NFSv4.1-Handle-RECLAIM_COMPLETE-trunking-errors.patch + patches.kernel.org/6.0.8-011-NFSv4.1-We-must-always-send-RECLAIM_COMPLETE-af.patch + patches.kernel.org/6.0.8-012-SUNRPC-Fix-null-ptr-deref-when-xps-sysfs-alloc-.patch + patches.kernel.org/6.0.8-013-NFSv4.2-Fixup-CLONE-dest-file-size-for-zero-len.patch + patches.kernel.org/6.0.8-014-nfs4-Fix-kmemleak-when-allocate-slot-failed.patch + patches.kernel.org/6.0.8-015-net-dsa-Fix-possible-memory-leaks-in-dsa_loop_i.patch + patches.kernel.org/6.0.8-016-RDMA-core-Fix-null-ptr-deref-in-ib_core_cleanup.patch + patches.kernel.org/6.0.8-017-RDMA-qedr-clean-up-work-queue-on-failure-in-qed.patch + patches.kernel.org/6.0.8-018-tools-nolibc-Fix-missing-strlen-definition-and-.patch + patches.kernel.org/6.0.8-019-net-dsa-fall-back-to-default-tagger-if-we-can-t.patch + patches.kernel.org/6.0.8-020-nfc-fdp-Fix-potential-memory-leak-in-fdp_nci_se.patch + patches.kernel.org/6.0.8-021-nfc-nxp-nci-Fix-potential-memory-leak-in-nxp_nc.patch + patches.kernel.org/6.0.8-022-nfc-s3fwrn5-Fix-potential-memory-leak-in-s3fwrn.patch + patches.kernel.org/6.0.8-023-nfc-nfcmrvl-Fix-potential-memory-leak-in-nfcmrv.patch + patches.kernel.org/6.0.8-024-net-fec-fix-improper-use-of-NETDEV_TX_BUSY.patch + patches.kernel.org/6.0.8-025-ata-pata_legacy-fix-pdc20230_set_piomode.patch + patches.kernel.org/6.0.8-026-ata-palmld-fix-return-value-check-in-palmld_pat.patch + patches.kernel.org/6.0.8-027-net-sched-Fix-use-after-free-in-red_enqueue.patch + patches.kernel.org/6.0.8-028-net-tun-fix-bugs-for-oversize-packet-when-napi-.patch + patches.kernel.org/6.0.8-029-netfilter-nf_tables-netlink-notifier-might-race.patch + patches.kernel.org/6.0.8-030-netfilter-nf_tables-release-flow-rule-object-fr.patch + patches.kernel.org/6.0.8-031-sfc-Fix-an-error-handling-path-in-efx_pci_probe.patch + patches.kernel.org/6.0.8-032-nfsd-fix-nfsd_file_unhash_and_dispose.patch + patches.kernel.org/6.0.8-033-nfsd-fix-net-namespace-logic-in-__nfsd_file_cac.patch + patches.kernel.org/6.0.8-034-net-lan966x-Fix-the-MTU-calculation.patch + patches.kernel.org/6.0.8-035-net-lan966x-Adjust-maximum-frame-size-when-vlan.patch + patches.kernel.org/6.0.8-036-net-lan966x-Fix-FDMA-when-MTU-is-changed.patch + patches.kernel.org/6.0.8-037-net-lan966x-Fix-unmapping-of-received-frames-us.patch + patches.kernel.org/6.0.8-038-ipvs-use-explicitly-signed-chars.patch + patches.kernel.org/6.0.8-039-ipvs-fix-WARNING-in-__ip_vs_cleanup_batch.patch + patches.kernel.org/6.0.8-040-ipvs-fix-WARNING-in-ip_vs_app_net_cleanup.patch + patches.kernel.org/6.0.8-041-rose-Fix-NULL-pointer-dereference-in-rose_send_.patch + patches.kernel.org/6.0.8-042-mISDN-fix-possible-memory-leak-in-mISDN_registe.patch + patches.kernel.org/6.0.8-043-isdn-mISDN-netjet-fix-wrong-check-of-device-reg.patch + patches.kernel.org/6.0.8-044-btrfs-fix-inode-list-leak-during-backref-walkin.patch + patches.kernel.org/6.0.8-045-btrfs-fix-inode-list-leak-during-backref-walkin.patch + patches.kernel.org/6.0.8-046-btrfs-fix-ulist-leaks-in-error-paths-of-qgroup-.patch + patches.kernel.org/6.0.8-047-netfilter-ipset-enforce-documented-limit-to-pre.patch + patches.kernel.org/6.0.8-048-Bluetooth-L2CAP-Fix-use-after-free-caused-by-l2.patch + patches.kernel.org/6.0.8-049-Bluetooth-hci_conn-Fix-CIS-connection-dst_type-.patch + patches.kernel.org/6.0.8-050-Bluetooth-virtio_bt-Use-skb_put-to-set-length.patch + patches.kernel.org/6.0.8-051-Bluetooth-L2CAP-fix-use-after-free-in-l2cap_con.patch + patches.kernel.org/6.0.8-052-Bluetooth-L2CAP-Fix-memory-leak-in-vhci_write.patch + patches.kernel.org/6.0.8-053-Bluetooth-hci_conn-Fix-not-restoring-ISO-buffer.patch + patches.kernel.org/6.0.8-054-net-mdio-fix-undefined-behavior-in-bit-shift-fo.patch + patches.kernel.org/6.0.8-055-ibmvnic-Free-rwi-on-reset-success.patch + patches.kernel.org/6.0.8-056-stmmac-dwmac-loongson-fix-invalid-mdio_node.patch + patches.kernel.org/6.0.8-057-net-smc-Fix-possible-leaked-pernet-namespace-in.patch + patches.kernel.org/6.0.8-058-net-neigh-Fix-null-ptr-deref-in-neigh_table_cle.patch + patches.kernel.org/6.0.8-059-bridge-Fix-flushing-of-dynamic-FDB-entries.patch + patches.kernel.org/6.0.8-060-ipv6-fix-WARNING-in-ip6_route_net_exit_late.patch + patches.kernel.org/6.0.8-061-vsock-fix-possible-infinite-sleep-in-vsock_conn.patch + patches.kernel.org/6.0.8-062-iio-adc-stm32-adc-fix-channel-sampling-time-ini.patch + patches.kernel.org/6.0.8-063-media-rkisp1-Fix-source-pad-format-configuratio.patch + patches.kernel.org/6.0.8-064-media-rkisp1-Don-t-pass-the-quantization-to-rki.patch + patches.kernel.org/6.0.8-065-media-rkisp1-Initialize-color-space-on-resizer-.patch + patches.kernel.org/6.0.8-066-media-rkisp1-Use-correct-macro-for-gradient-reg.patch + patches.kernel.org/6.0.8-067-media-rkisp1-Zero-v4l2_subdev_format-fields-in-.patch + patches.kernel.org/6.0.8-068-media-s5p_cec-limit-msg.len-to-CEC_MAX_MSG_SIZE.patch + patches.kernel.org/6.0.8-069-media-cros-ec-cec-limit-msg.len-to-CEC_MAX_MSG_.patch + patches.kernel.org/6.0.8-070-media-dvb-frontends-drxk-initialize-err-to-0.patch + patches.kernel.org/6.0.8-071-media-platform-cros-ec-Add-Kuldax-to-the-match-.patch + patches.kernel.org/6.0.8-072-media-meson-vdec-fix-possible-refcount-leak-in-.patch + patches.kernel.org/6.0.8-073-media-hantro-Store-HEVC-bit-depth-in-context.patch + patches.kernel.org/6.0.8-074-media-hantro-HEVC-Fix-auxilary-buffer-size-calc.patch + patches.kernel.org/6.0.8-075-media-hantro-HEVC-Fix-chroma-offset-computation.patch + patches.kernel.org/6.0.8-076-media-v4l-subdev-Fail-graciously-when-getting-t.patch + patches.kernel.org/6.0.8-077-drm-vc4-hdmi-Check-the-HSM-rate-at-runtime_resu.patch + patches.kernel.org/6.0.8-078-ACPI-APEI-Fix-integer-overflow-in-ghes_estatus_.patch + patches.kernel.org/6.0.8-079-hwrng-bcm2835-use-hwrng_msleep-instead-of-cpu_r.patch + patches.kernel.org/6.0.8-080-io_uring-don-t-iopoll-from-io_ring_ctx_wait_and.patch + patches.kernel.org/6.0.8-081-scsi-core-Restrict-legal-sdev_state-transitions.patch + patches.kernel.org/6.0.8-082-HID-saitek-add-madcatz-variant-of-MMO7-mouse-de.patch + patches.kernel.org/6.0.8-083-drm-amdgpu-set-vm_update_mode-0-as-default-for-.patch + patches.kernel.org/6.0.8-084-drm-amd-pm-skip-loading-pptable-from-driver-on-.patch + patches.kernel.org/6.0.8-085-drm-amdkfd-Fix-type-of-reset_type-parameter-in-.patch + patches.kernel.org/6.0.8-086-drm-amdgpu-Program-GC-registers-through-RLCG-in.patch + patches.kernel.org/6.0.8-087-drm-amdgpu-dequeue-mes-scheduler-during-fini.patch + patches.kernel.org/6.0.8-088-nvme-pci-disable-write-zeroes-on-various-Kingst.patch + patches.kernel.org/6.0.8-089-i2c-xiic-Add-platform-module-alias.patch + patches.kernel.org/6.0.8-090-bio-safeguard-REQ_ALLOC_CACHE-bio-put.patch + patches.kernel.org/6.0.8-091-clk-rs9-Fix-I2C-accessors.patch + patches.kernel.org/6.0.8-092-arm64-dts-imx8mm-Enable-CPLD_Dn-pull-down-resis.patch + patches.kernel.org/6.0.8-093-efi-tpm-Pass-correct-address-to-memblock_reserv.patch + patches.kernel.org/6.0.8-094-clk-renesas-r8a779g0-Fix-HSCIF-parent-clocks.patch + patches.kernel.org/6.0.8-095-clk-qcom-Update-the-force-mem-core-bit-for-GPU-.patch + patches.kernel.org/6.0.8-096-arm64-dts-verdin-imx8mp-fix-ctrl_sleep_moci.patch + patches.kernel.org/6.0.8-097-arm64-dts-imx8mm-remove-otg1-2-power-domain-dep.patch + patches.kernel.org/6.0.8-098-arm64-dts-imx8mm-correct-usb-power-domains.patch + patches.kernel.org/6.0.8-099-arm64-dts-imx8mn-remove-otg1-power-domain-depen.patch + patches.kernel.org/6.0.8-100-arm64-dts-imx8mn-Correct-the-usb-power-domain.patch + patches.kernel.org/6.0.8-101-ARM-dts-imx6qdl-gw59-10-13-fix-user-pushbutton-.patch + patches.kernel.org/6.0.8-102-arm64-dts-imx8-correct-clock-order.patch + patches.kernel.org/6.0.8-103-arm64-dts-imx93-add-gpio-clk.patch + patches.kernel.org/6.0.8-104-arm64-dts-imx93-correct-gpio-ranges.patch + patches.kernel.org/6.0.8-105-arm64-dts-lx2160a-specify-clock-frequencies-for.patch + patches.kernel.org/6.0.8-106-arm64-dts-ls1088a-specify-clock-frequencies-for.patch + patches.kernel.org/6.0.8-107-arm64-dts-ls208xa-specify-clock-frequencies-for.patch + patches.kernel.org/6.0.8-108-drm-rockchip-dw_hdmi-filter-regulator-EPROBE_DE.patch + patches.kernel.org/6.0.8-109-drm-rockchip-fix-fbdev-on-non-IOMMU-devices.patch + patches.kernel.org/6.0.8-110-drm-i915-stop-abusing-swiotlb_max_segment.patch + patches.kernel.org/6.0.8-111-ublk_drv-return-flag-of-UBLK_F_URING_CMD_COMP_I.patch + patches.kernel.org/6.0.8-112-block-Fix-possible-memory-leak-for-rq_wb-on-add.patch + patches.kernel.org/6.0.8-113-blk-mq-Fix-kmemleak-in-blk_mq_init_allocated_qu.patch + patches.kernel.org/6.0.8-114-ARM-dts-ux500-Add-trips-to-battery-thermal-zone.patch + patches.kernel.org/6.0.8-115-firmware-arm_scmi-Suppress-the-driver-s-bind-at.patch + patches.kernel.org/6.0.8-116-firmware-arm_scmi-Make-Rx-chan_setup-fail-on-me.patch + patches.kernel.org/6.0.8-117-firmware-arm_scmi-Fix-devres-allocation-device-.patch + patches.kernel.org/6.0.8-118-firmware-arm_scmi-Fix-deferred_tx_wq-release-on.patch + patches.kernel.org/6.0.8-119-arm64-dts-juno-Add-thermal-critical-trip-points.patch + patches.kernel.org/6.0.8-120-i2c-piix4-Fix-adapter-not-be-removed-in-piix4_r.patch + patches.kernel.org/6.0.8-121-Bluetooth-L2CAP-Fix-accepting-connection-reques.patch + patches.kernel.org/6.0.8-122-Bluetooth-L2CAP-Fix-attempting-to-access-uninit.patch + patches.kernel.org/6.0.8-123-fscrypt-stop-using-keyrings-subsystem-for-fscry.patch + patches.kernel.org/6.0.8-124-fscrypt-fix-keyring-memory-leak-on-mount-failur.patch + patches.kernel.org/6.0.8-125-clk-renesas-r8a779g0-Add-SASYNCPER-clocks.patch + patches.kernel.org/6.0.8-126-btrfs-fix-lost-file-sync-on-direct-IO-write-wit.patch + patches.kernel.org/6.0.8-127-btrfs-fix-tree-mod-log-mishandling-of-reallocat.patch + patches.kernel.org/6.0.8-128-btrfs-fix-type-of-parameter-generation-in-btrfs.patch + patches.kernel.org/6.0.8-129-btrfs-don-t-use-btrfs_chunk-sub_stripes-from-di.patch + patches.kernel.org/6.0.8-130-btrfs-fix-a-memory-allocation-failure-test-in-b.patch + patches.kernel.org/6.0.8-131-ACPI-NUMA-Add-CXL-CFMWS-nodes-to-the-possible-n.patch + patches.kernel.org/6.0.8-132-cxl-pmem-Fix-cxl_pmem_region-and-cxl_memdev-lea.patch + patches.kernel.org/6.0.8-133-cxl-region-Fix-decoder-allocation-crash.patch + patches.kernel.org/6.0.8-134-cxl-region-Fix-region-HPA-ordering-validation.patch + patches.kernel.org/6.0.8-135-cxl-region-Fix-cxl_region-leak-cleanup-targets-.patch + patches.kernel.org/6.0.8-136-cxl-region-Fix-distance-calculation-with-passth.patch + patches.kernel.org/6.0.8-137-ftrace-Fix-use-after-free-for-dynamic-ftrace_op.patch + patches.kernel.org/6.0.8-138-tracing-fprobe-Fix-to-check-whether-fprobe-is-r.patch + patches.kernel.org/6.0.8-139-fprobe-Check-rethook_alloc-return-in-rethook-in.patch + patches.kernel.org/6.0.8-140-tracing-kprobe-Fix-memory-leak-in-test_gen_kpro.patch + patches.kernel.org/6.0.8-141-kprobe-reverse-kp-flags-when-arm_kprobe-failed.patch + patches.kernel.org/6.0.8-142-ring-buffer-Check-for-NULL-cpu_buffer-in-ring_b.patch + patches.kernel.org/6.0.8-143-tools-nolibc-string-Fix-memcmp-implementation.patch + patches.kernel.org/6.0.8-144-tracing-histogram-Update-document-for-KEYS_MAX-.patch + patches.kernel.org/6.0.8-145-capabilities-fix-potential-memleak-on-error-pat.patch + patches.kernel.org/6.0.8-146-fuse-add-file_modified-to-fallocate.patch + patches.kernel.org/6.0.8-147-fuse-fix-readdir-cache-race.patch + patches.kernel.org/6.0.8-148-selftests-landlock-Build-without-static-librari.patch + patches.kernel.org/6.0.8-149-efi-random-reduce-seed-size-to-32-bytes.patch + patches.kernel.org/6.0.8-150-efi-random-Use-ACPI-reclaim-memory-for-random-s.patch + patches.kernel.org/6.0.8-151-efi-efivars-Fix-variable-writes-with-unsupporte.patch + patches.kernel.org/6.0.8-152-net-ulp-remove-SOCK_SUPPORT_ZC-from-tls-sockets.patch + patches.kernel.org/6.0.8-153-arm64-entry-avoid-kprobe-recursion.patch + patches.kernel.org/6.0.8-154-ARM-dts-imx6dl-yapp4-Do-not-allow-PM-to-switch-.patch + patches.kernel.org/6.0.8-155-perf-x86-intel-Fix-pebs-event-constraints-for-I.patch + patches.kernel.org/6.0.8-156-perf-x86-intel-Add-Cooper-Lake-stepping-to-isol.patch + patches.kernel.org/6.0.8-157-perf-x86-intel-Fix-pebs-event-constraints-for-S.patch + patches.kernel.org/6.0.8-158-net-remove-SOCK_SUPPORT_ZC-from-sockmap.patch + patches.kernel.org/6.0.8-159-net-also-flag-accepted-sockets-supporting-msghd.patch + patches.kernel.org/6.0.8-160-parisc-Make-8250_gsc-driver-dependend-on-CONFIG.patch + patches.kernel.org/6.0.8-161-parisc-Export-iosapic_serial_irq-symbol-for-ser.patch + patches.kernel.org/6.0.8-162-parisc-Avoid-printing-the-hardware-path-twice.patch + patches.kernel.org/6.0.8-163-ext4-fix-warning-in-ext4_da_release_space.patch + patches.kernel.org/6.0.8-164-ext4-fix-BUG_ON-when-directory-entry-has-invali.patch + patches.kernel.org/6.0.8-165-ext4-update-the-backup-superblock-s-at-the-end-.patch + patches.kernel.org/6.0.8-166-x86-tdx-Prepare-for-using-INFO-call-for-a-secon.patch + patches.kernel.org/6.0.8-167-x86-tdx-Panic-on-bad-configs-that-VE-on-private.patch + patches.kernel.org/6.0.8-168-x86-syscall-Include-asm-ptrace.h-in-syscall_wra.patch + patches.kernel.org/6.0.8-169-KVM-x86-Mask-off-reserved-bits-in-CPUID.8000000.patch + patches.kernel.org/6.0.8-170-KVM-x86-Mask-off-reserved-bits-in-CPUID.8000001.patch + patches.kernel.org/6.0.8-171-KVM-x86-Mask-off-reserved-bits-in-CPUID.8000000.patch + patches.kernel.org/6.0.8-172-KVM-x86-Mask-off-reserved-bits-in-CPUID.8000000.patch + patches.kernel.org/6.0.8-173-KVM-x86-Mask-off-reserved-bits-in-CPUID.8000001.patch + patches.kernel.org/6.0.8-174-KVM-VMX-Advertise-PMU-LBRs-if-and-only-if-perf-.patch + patches.kernel.org/6.0.8-175-KVM-VMX-Fold-vmx_supported_debugctl-into-vcpu_s.patch + patches.kernel.org/6.0.8-176-KVM-VMX-Ignore-guest-CPUID-for-host-userspace-w.patch + patches.kernel.org/6.0.8-177-KVM-VMX-fully-disable-SGX-if-SECONDARY_EXEC_ENC.patch + patches.kernel.org/6.0.8-178-KVM-Initialize-gfn_to_pfn_cache-locks-in-dedica.patch + patches.kernel.org/6.0.8-179-KVM-Reject-attempts-to-consume-or-refresh-inact.patch + patches.kernel.org/6.0.8-180-KVM-arm64-Fix-bad-dereference-on-MTE-enabled-sy.patch + patches.kernel.org/6.0.8-181-KVM-arm64-Fix-SMPRI_EL1-TPIDR2_EL0-trapping-on-.patch + patches.kernel.org/6.0.8-182-KVM-x86-smm-number-of-GPRs-in-the-SMRAM-image-d.patch + patches.kernel.org/6.0.8-183-KVM-x86-emulator-em_sysexit-should-update-ctxt-.patch + patches.kernel.org/6.0.8-184-KVM-x86-emulator-introduce-emulator_recalc_and_.patch + patches.kernel.org/6.0.8-185-KVM-x86-emulator-update-the-emulation-mode-afte.patch + patches.kernel.org/6.0.8-186-KVM-x86-emulator-update-the-emulation-mode-afte.patch + patches.kernel.org/6.0.8-187-ext4-f2fs-fix-readahead-of-verity-data.patch + patches.kernel.org/6.0.8-188-cifs-fix-regression-in-very-old-smb1-mounts.patch + patches.kernel.org/6.0.8-189-drm-rockchip-dsi-Clean-up-usage_mode-when-faili.patch + patches.kernel.org/6.0.8-190-drm-rockchip-dsi-Force-synchronous-probe.patch + patches.kernel.org/6.0.8-191-drm-amdgpu-disable-GFXOFF-during-compute-for-GF.patch + patches.kernel.org/6.0.8-192-drm-amd-display-Update-latencies-on-DCN321.patch + patches.kernel.org/6.0.8-193-drm-amd-display-Update-DSC-capabilitie-for-DCN3.patch + patches.kernel.org/6.0.8-194-drm-i915-sdvo-Filter-out-invalid-outputs-more-s.patch + patches.kernel.org/6.0.8-195-drm-i915-sdvo-Setup-DDC-fully-before-output-ini.patch + patches.kernel.org/6.0.8-196-wifi-brcmfmac-Fix-potential-buffer-overflow-in-.patch + patches.kernel.org/6.0.8-197-Linux-6.0.8.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -1323,8 +1520,6 @@ patches.suse/ALSA-hda-realtek-More-robust-component-matching-for-.patch patches.suse/watchdog-wdat_wdt-fix-min-max-timer-value.patch patches.suse/ACPI-resource-do-IRQ-override-on-LENOVO-IdeaPad.patch - patches.suse/KVM-x86-emulator-introduce-emulator_recalc_and_set_m.patch - patches.suse/KVM-x86-emulator-update-the-emulation-mode-after-rsm.patch ######################################################## # end of sorted patches @@ -1343,12 +1538,11 @@ # to area specific sections below. ######################################################## patches.suse/misc-sgi-gru-fix-use-after-free-error-in-gru_set_con.patch - patches.suse/Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch patches.suse/char-pcmcia-cm4000_cs-Fix-use-after-free-in-cm4000_f.patch patches.suse/char-pcmcia-cm4040_cs-Fix-use-after-free-in-reader_f.patch patches.suse/char-pcmcia-scr24x_cs-Fix-use-after-free-in-scr24x_f.patch - patches.suse/ring-buffer-Check-for-NULL-cpu_buffer-in-ring_buffer.patch - patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch + patches.suse/ALSA-usb-audio-Yet-more-regression-for-for-the-delay.patch + patches.suse/ALSA-usb-audio-Remove-redundant-workaround-for-Rolan.patch ######################################################## # kbuild/module infrastructure fixes @@ -1467,7 +1661,6 @@ # Input ######################################################## patches.suse/kbd-ignore-gfx.patch - patches.suse/Input-synaptics-retry-query-upon-error.patch patches.suse/Input-elan_i2c-Add-deny-list-for-Lenovo-Yoga-Slim-7.patch patches.suse/Input-i8042-Apply-probe-defer-to-more-ASUS-ZenBook-m.patch ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.yGeXFy/_old 2022-11-12 17:40:22.557884671 +0100 +++ /var/tmp/diff_new_pack.yGeXFy/_new 2022-11-12 17:40:22.561884694 +0100 @@ -1,4 +1,4 @@ -2022-11-04 07:35:08 +0000 -GIT Revision: 9068830e0691c2cb4e39588327708e85a45d9987 +2022-11-11 08:02:50 +0000 +GIT Revision: 1579d93a204dab0da2ae1ae638af853b9b6ca66e GIT Branch: stable