summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-kernel
diff options
context:
space:
mode:
authorAndrew Geissler <geissonator@yahoo.com>2023-07-21 17:09:43 +0300
committerPatrick Williams <patrick@stwcx.xyz>2023-08-10 22:22:44 +0300
commit8f840685fb701a268141f0fcebc1d34fcd9b01de (patch)
tree49f7cc04f8447a72e1bb9f96fa4a1174cea7b435 /poky/meta/recipes-kernel
parent5eea8d85a2b0bfced71508b4b97030e2dc9a5717 (diff)
downloadopenbmc-8f840685fb701a268141f0fcebc1d34fcd9b01de.tar.xz
subtree updates july 21 2023 poky,openembedded
poky: 13b646c0e1..b398c7653e: Adrian Freihofer (2): runqemu-ifdown: catch up with ifup runqemu: drop uid parameter for ifdown Alejandro Hernandez Samaniego (3): baremetal-helloworld: Fix race condition runqemu: Stop using warn() since its been deprecated runqemu: Fix automated call to runqemu-ifup Alex Kiernan (3): rootfs: Add debugfs package db file copy and cleanup rpm: Pick debugfs package db files/dirs explicitly eudev: Add group sgx to eudev package Alexander Kanavin (27): insane.bbclass: enable 32 bit time API check (as a warning) on affected architectures libxcrypt: upgrade 4.4.34 -> 4.4.35 libxml2: update 2.10.4 -> 2.11.4 ovmf: update 202302 -> 202305 lua: update 5.4.4 -> 5.4.6 cargo.bbclass: set up cargo environment in common do_compile rust-common.bbclass: move musl-specific linking fix from rust-source.inc python3-cryptography: update 39.0.2 -> 41.0.1 python3-cryptography-vectors: update 39.0.2 -> 41.0.1 python3: update 3.11.3 -> 3.11.4 diffutils: update 3.9 -> 3.10 shadow: remove dependency on pam-plugin-lastlog libpam: update 1.5.2 -> 1.5.3 librsvg: update 2.56.0 -> 2.56.1 vulkan-validation-layers: update 1.3.243 -> 1.3.250 xcb-util-cursor: add a recipe from meta-oe weston: update 11.0.1 -> 12.0.1 libdmx: update 1.1.4 -> 1.1.5 xtrans: update 1.4.0 -> 1.5.0 libproxy: fetch from git libproxy: update 0.4.18 -> 0.5.2 libssh2: update 1.10.0 -> 1.11.0 gstreamer1.0-plugins-base: enable glx/opengl support webkitgtk: update 2.38.5 -> 2.40.2 python3-cryptography: update a patch to upstream's better followup fix time64.inc: annotate and clean up recipe-specific Y2038 exceptions Revert "rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock" Andrej Valek (3): cve-check: add option to add additional patched CVEs oeqa/selftest/cve_check: rework test to new cve status handling cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS Anuj Mittal (7): rpm: backport fix to prevent crashes with latest sqlite sqlite3: upgrade 3.41.2 -> 3.42.0 vte: upgrade 0.72.1 -> 0.72.2 libpng: upgrade 1.6.39 -> 1.6.40 glib-networking: upgrade 2.76.0 -> 2.76.1 bluez5: upgrade 5.66 -> 5.68 selftest/cases/glibc.py: fix the override syntax BELOUARGA Mohamed (9): bitbake: fetch2/npmsw: Add support for the new format of the shrinkwrap file bitbake: fetch2/npmsw: Don't fetch dev dependencies when they are not demanded bitbake: fetch2/npm: Remove special caracters that causes recipe tool to fail recipetool: create: npm: Remove duplicate function to not have future conflicts classes: npm: Handle peer dependencies for npm packages recipetool: create: npm: Add support for the new format of the shrinkwrap file recipetool: create: npm: Add support to handle peer dependencies classes: npm: Add support for the new format of the shrinkwrap file classe-recipes: npm: Add support for dependencies and devDependencies Benjamin Bouvier (1): util-linux: add alternative links for ipcs,ipcrm Bruce Ashfield (19): perf: fix buildpaths QA warning in 6.4+ linux-libc-headers: bump to 6.4 kernel: fix localversion in v6.3+ linux-yocto: introduce 6.4 reference kernel recipes linux-yocto/6.4: update to latest linux-yocto/6.4: aufs6 integration linux-yocto/6.4: refresh configuration linux-yocto-rt/6.4: integrate -rt6 linux-yocto/6.4: update to v6.4.2 linux-yocto-tiny/6.4: fix configuration warnings (HID) linux-yocto-tiny/arm: fix configuration warnings (HID) linux-yocto/ppc: add elfutils-native to DEPENDS linux-yocto/6.1: update to v6.1.36 linux-yocto/6.1: update to v6.1.37 linux-yocto/6.1: update to v6.1.38 linux-yocto/6.x: cfg: update ima.cfg to match current meta-integrity linux-yocto/6.4: update to v6.4.3 kernel: set HOSTPKG_CONFIG to use pkg-config-native linux-yocto/6.4: fix menuconfig Changqing Li (2): dnf: only write the log lock to root for native dnf rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock Denys Dmytriyenko (1): bitbake: runqueue: convert deferral messages from bb.note to bb.debug Enrico Scholz (1): shadow-sysroot: add license information Etienne Cordonnier (2): libxcrypt: fix hard-coded ".so" extension qemu: fix typo Fabio Estevam (3): u-boot: Update Upstream-Status u-boot: Upgrade to 2023.07 u-boot: Upgrade to 2023.07.02 Frederic Martinsons (1): ptest-cargo.bbclass: fix condition to detect test executable Joe Slater (1): ghostscript: advance to version 10.01.2 Jose Quaresma (12): kernel: config modules directories are handled by kernel-module-split kernel-module-split: install config modules directories only when they are needed kernel-module-split: use context manager to open files kernel-module-split: make autoload and probeconf distribution specific kernel-module-split add systemd modulesloaddir and modprobedir config pybootchartgui: calcule elapsed_time when starting the loop pybootchartgui: concatenate the elapsed time with the process pybootchartgui: fix overlapping argument in render_processes_chart pybootchartgui: fix width max usage in draw_label_in_box openssl: add PERLEXTERNAL path to test its existence openssl: use a glob on the PERLEXTERNAL to track updates on the path go: update 1.20.5 -> 1.20.6 Julien Stephan (1): automake: fix buildtest patch Khem Raj (9): ffmpeg: Fix build on riscv libpam: Fix examples build on musl webkitgtk: Enable JIT on RISCV64 musl: Guard fallocate64 with _LARGEFILE64_SOURCE alsa-lib: Disable old API symbols mesa: Fix build with upcoming LLVM 17 meson.bbclass: Point to llvm-config from native sysroot webkitgtk: Unbreak build on platforms using pvr graphics drivers python3-lxml: upgrade 4.9.2 -> 4.9.3 Martin Jansa (4): selftest: multiconfig-image-packager: try to respect IMAGE_LINK_NAME kernel-devicetree: install dtb files without -${KERNEL_DTB_NAME} suffix image-artifact-names: include ${IMAGE_NAME_SUFFIX} directly in both ${IMAGE_NAME} and ${IMAGE_LINK_NAME} cpio: respect MLPREFIX for PACKAGE_WRITE_DEPS Michael Halstead (1): resulttool/resultutils: allow index generation despite corrupt json Mingli Yu (1): qemu: Add qemu-user-* and qemu-system-* to PACKAGES_DYNAMIC Natasha Bailey (1): tiff: backport a fix for CVE-2023-26965 Ovidiu Panait (5): mdadm: fix util-linux ptest dependency mdadm: fix 07revert-inplace ptest mdadm: fix segfaults when running ptests mdadm: skip running known broken ptests mdadm: re-add mdadm-ptest to PTESTS_SLOW Peter Hoyes (5): bitbake: bitbake: tests/fetch: Mark TestTimeout as not a test suite bitbake: bitbake: tests/fetch: Rename assertRaisesRegexp to assertRaisesRegex bitbake: bitbake: tests/fetch: Set git config if not already set bitbake: bitbake: tests: Use assertLogs to test logging output bitbake: bitbake: Bootstrap pytest for self-tests Peter Marko (4): cve-update-nvd2-native: fix cvssV3 metrics gcsections: apply section removal also in C++, not only in C cve-update-nvd2-native: retry all errors and sleep between retries cve-update-nvd2-native: increase retry count Piotr Łobacz (1): bitbake.conf: Add acl distro native features support Quentin Schulz (1): uboot-extlinux-config.bbclass: fix old override syntax in comment Richard Purdie (14): defaultsetup: Enable largefile and 64bit time_t support systemwide for 32 bit platforms time64: Disable CFLAGS for strace bitbake: runqueue: Fix deferred task/multiconfig race issue strace: Update patches/tests with upstream fixes bitbake: fetch2/npmsw: Support old and new shrinkwrap formats ptest-runner: Pull in "runner: Remove threads and mutexes" fix bitbake: server/process: Show command in timeout message bitbake: cooker: Log when parsing starts in server log gcc-testsuite: Fix ppc cpu specification ptest-runner: Pull in parallel test fixes and output handling oeqa/selftest/rust: Various fixes to work correctly bitbake: runqueue: Add pressure change logging build-appliance-image: Update to master head revision glibc-testsuite: Fix network restrictions causing test failures Ross Burton (26): cve-update-db-native: remove cve-update-nvd2-native: handle all configuration nodes, not just first cve-update-nvd2-native: use exact times, don't truncate ghostscript: remove CVE_CHECK_IGNORE for CVE-2013-6629 pkgconf: update SRC_URI libjpeg-turbo: upgrade to 3.0.0 cups: upgrade to 2.4.6 tiff: upgrade to 4.5.1 linux-yocto/cve-exclusion: move entries from cve-extra-exclusions linux-yocto/cve-exclusion: ignore more backported CVEs python3: fix missing comma in get_module_deps3.py python3-jsonpointer: upgrade to 2.4 oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case cml1: add showconfig task to easily find the generated .config file rootfs_rpm: don't depend on opkg-native for update-alternatives poky: add Debian 12 to supported distribution list cve-update-nvd2-native: log a little more cve-update-nvd2-native: actually use API keys gcc: don't pass --enable-standard-branch-protection machine/arch-arm64: add -mbranch-protection=standard qemuarm: pin kernel to 6.1 libdmx: remove obsolete library linux-yocto_6.1: ignore backported CVEs python3: ignore CVE-2023-36632 ltp: add RDEPENDS on findutils oeqa/ltp: rewrote LTP testcase and parser Siddharth Doshi (2): bind: Upgrade 9.18.15 -> 9.18.16 flac: Upgrade 1.4.2 -> 1.4.3 Soumya (1): perl: Fix CVE-2023-31486 Staffan Rydén (1): kernel: Fix path comparison in kernel staging dir symlinking Stéphane Veyret (1): scripts/oe-setup-builddir: copy conf-notes.txt to build dir Sudip Mukherjee (1): libssh2: disable rpath to fix curl-native build Thomas Roos (1): testimage/oeqa: Drop testimage_dump_host functionality Tim Orling (10): python3-pytest-subtests: upgrade 0.10.0 -> 0.11.0 python3-urllib3: upgrade 2.0.2 -> 2.0.3 python3-typing-extensions: upgrade 4.6.3 -> 4.7.0 python3-hypothesis: upgrade 6.79.2 -> 6.80.0 python3-pygments: upgrade 2.14.0 -> 2.15.1 python3-importlib-metadata: upgrade 6.7.0 -> 6.8.0 python3-typing-extensions: upgrade 4.7.0 -> 4.7.1 python3-cryptography{-vectors}: upgrade 41.0.1 -> 41.0.2 python3-zipp: upgrade 3.15.0 -> 3.16.2 python3-hypothesis: upgrade 6.80.0 -> 6.81.2 Trevor Gamblin (15): python3: add cgitb, zipapp ptest dependencies qemu: upgrade 8.0.0 -> 8.0.3 python3: parallelize ptests, add test_cppext dependencies python3-setuptools: upgrade 67.6.1 -> 68.0.0 diffoscope: upgrade 242 -> 243 p11-kit: upgrade 0.24.1 -> 0.25.0 diffoscope: add missing RDEPENDS and alphabetize linux-firmware: upgrade 20230515 -> 20230625 python3-trove-classifiers: upgrade 2023.5.24 -> 2023.7.6 python3-cython: upgrade 0.29.35 -> 0.29.36 icu: upgrade 72-1 -> 73-2 python3-editables: add python3-io to RDEPENDS python3: ensure ptest regression capture diffoscope: upgrade 243 -> 244 xeyes: upgrade 1.2.0 -> 1.3.0 Wang Mingyu (51): freetype: upgrade 2.13.0 -> 2.13.1 gstreamer1.0: upgrade 1.22.3 -> 1.22.4 kbd: upgrade 2.5.1 -> 2.6.0 libassuan: upgrade 2.5.5 -> 2.5.6 libksba: upgrade 1.6.3 -> 1.6.4 libmd: upgrade 1.0.4 -> 1.1.0 libsdl2: upgrade 2.26.5 -> 2.28.0 libtraceevent: upgrade 1.7.2 -> 1.7.3 libx11: upgrade 1.8.5 -> 1.8.6 lttng-ust: upgrade 2.13.5 -> 2.13.6 nettle: upgrade 3.9 -> 3.9.1 nghttp2: upgrade 1.53.0 -> 1.54.0 ccache: upgrade 4.8.1 -> 4.8.2 mesa: upgrade 23.1.1 -> 23.1.3 python3-numpy: upgrade 1.24.3 -> 1.25.0 python3-typing-extensions: upgrade 4.6.2 -> 4.6.3 xorgproto: upgrade 2022.2 -> 2023.2 python3-hatchling: upgrade 1.17.0 -> 1.18.0 python3-hypothesis: upgrade 6.75.7 -> 6.79.2 python3-importlib-metadata: upgrade 6.6.0 -> 6.7.0 python3-iso8601: upgrade 1.1.0 -> 2.0.0 python3-markupsafe: upgrade 2.1.2 -> 2.1.3 python3-pluggy: upgrade 1.0.0 -> 1.2.0 python3-pycairo: upgrade 1.23.0 -> 1.24.0 python3-pyparsing: upgrade 3.0.9 -> 3.1.0 python3-pytest: upgrade 7.3.1 -> 7.4.0 python3-ruamel-yaml: upgrade 0.17.31 -> 0.17.32 python3-sphinx-rtd-theme: upgrade 1.2.1 -> 1.2.2 xkeyboard-config: upgrade 2.38 -> 2.39 xwayland: upgrade 23.1.1 -> 23.1.2 wayland-protocols: upgrade 1.31 -> 1.32 taglib: upgrade 1.13 -> 1.13.1 libxcrypt: upgrade 4.4.35 -> 4.4.36 msmtp: upgrade 1.8.23 -> 1.8.24 libwebp: upgrade 1.3.0 -> 1.3.1 libuv: upgrade 1.45.0 -> 1.46.0 acpica: upgrade 20230331 -> 20230628 libnss-nis: upgrade 3.1 -> 3.2 harfbuzz: upgrade 7.3.0 -> 8.0.1 libproxy: upgrade 0.5.2 -> 0.5.3 nghttp2: upgrade 1.54.0 -> 1.55.1 debianutils: upgrade 5.7 -> 5.8 glib-2.0: upgrade 2.76.3 -> 2.76.4 python3-pip: upgrade 23.1.2 -> 23.2 opkg: upgrade 0.6.1 -> 0.6.2 opkg-utils: upgrade 0.5.0 -> 0.6.2 python3-editables: upgrade 0.3 -> 0.4 python3-git: upgrade 3.1.31 -> 3.1.32 python3-numpy: upgrade 1.25.0 -> 1.25.1 repo: upgrade 2.34.1 -> 2.35 libva: upgrade to 2.19.0 Yash Shinde (1): oeqa/selftest: Add rust selftests Yi Zhao (1): ifupdown: install missing directories Yoann Congal (2): recipetool: Fix inherit in created -native* recipes oeqa/selftest/devtool: add unit test for "devtool add -b" Yuta Hayama (1): systemd-systemctl: fix errors in instance name expansion meta-openembedded: 2638d458a5..0e3f5e5201: Alex Kiernan (1): ostree: Upgrade 2023.4 -> 2023.5 Archana Polampalli (1): tcpreplay: upgrade 4.4.3 -> 4.4.4 Beniamin Sandu (1): mbedtls: fix builds with crypto extensions Bruce Ashfield (1): vboxguestdrivers: fix compilation against 6.4 kernel / headers Carlos Rafael Giani (3): pipewire: Disable libmysofa since it is not available in OE pipewire: Improve packageconfigs pipewire: Add dedicated aes67 package and fix rlimits.d package assignment Chee Yang Lee (1): rabbitmq-c: Fix CVE-2023-35789 Jasper Orschulko (8): python3-pytest-cov: Add initial recipe 4.1.0 python3-covdefaults: Add initial recipe 2.3.0 python3-platformdirs: Fix recipe version 3.6.0 python3-distlib: Add initial recipe 0.3.6 python3-filelock: Add initial recipe 3.12.0 python3-virtualenv: Add initial recipe 20.23.0 python3-pyproject-api: Add initial recipe 1.5.1 python3-tox: Add initial recipe 4.6.0 Joe Slater (1): libgpiod: modify RDEPENDS for ptest Justin Bronder (2): python3-asyncinotify: upgrade 3.0.1 -> 4.0.2 python3-pytest-asyncio: upgrade 0.16.0 -> 0.21.1 Kai Kang (2): libtimezonemap: rename downloaded file name fltk-native: fix libdl link issue Khem Raj (33): gupnp-av: Fix build with libxml2-2.11 and newer xcb-util-cursor: Delete recipe pidgin-sipe: Add packageconfig to turn Werror on/off fbida: Fix build on musl pcp: Update to 6.0.5 geos: Upgrade to 3.12.0 ctags: Extend to build native package libcoap: Build linker symbol file explicitly geos: Use cmake directly pcp: Fix build race sblim-sfcc: Fix build with clang17 minifi-cpp: Fix build with clang 17 python3-grpcio-tools: Upgrade to 1.56.0 python3-grpcio: Upgrade to 1.56.0 python3-grpcio: Fix build on musl python3-grpcio-tools: Fix build with musl thin-provisioning-tools: Upgrade to 1.0.4 thin-provisioning-tools: Fix build on musl. pcp: Disable parallel build crash: Fix build with glibc 2.38+ breakpad: Update to latest trunk python3-requests-toolbelt: Fix ptest failures seen with urllib3 2.0 ptest-packagelists-meta-oe: Limit mcelog to x86/x86_64 graphviz: Upgrade to 8.1.0 release emlog: Update to latest to fix build with 6.4 kernel dlm: Upgrade to 4.2.0 mdio-tools: Update to latest on trunk dlm: Fix build with linux kernel 6.4+ dlm: Do not pass -fcf-protection=full via Makefile dlm: Do not use -fcf-protection=full on arm platforms zfs: Update to 2.2.0 rc1 zfs: Disable builds on aarch64 for now dhcp-relay: Pass cross configure flags to bind build Luke Schaefer (1): nginx: Add stream Signed-off-by: Luke Schaefer <lukeschafer17@gmail.com> Marek Vasut (4): lvgl: Factor out and unify lv-drivers configuration lvgl: Add default input device configuration option linux-serial-test: Update to latest git revision libiio: enable c++ bindings Markus Volk (10): pipewire: upgrade 0.3.71 -> 0.3.72 pipewire: upgrade 0.3.72 -> 0.3.73 gnome-software: upgrade 44.2 -> 44.3 eog: upgrade 44.2 -> 44.3 spdlog: upgrade 1.11.0 -> 1.12.0 flatpak: update dependencies gnome-control-center: upgrade 44.2 -> 44.3 gnome-shell: upgrade 44.2 -> 44.3 mutter: upgrade 44.2 -> 44.3 gnome-settings-daemon: upgrade 44.0 -> 44.1 Martin Jansa (4): nodejs: use PIE for host binaries gupnp: backport a fix not to use deprecated xmlReadMemory pidgin-sipe: allow to build with libxml2-2.11 raptor2: backport a fix to build with libxml2-2.11 Michael Haener (1): nginx: upgrade to 1.24.0 release Michael Weiß (1): pv: Show progress bar even if no terminal is set as in 1.6.6 Mingli Yu (1): snort: Add systemd unit file Peter Kjellerstedt (1): cppzmq: Move the version to the recipe file name Petr Gotthard (2): python3-pyroute2: upgrade 0.5.19 -> 0.7.9 networkmanager: upgrade 1.42.6 -> 1.42.8 Ricardo Salveti (1): lshw: bump to b4e0673 Ross Burton (5): poppler: fix missing include libpaper: remove redundant autoreconf --install liblbxutil: remove obsolete library xsetmode: remove obsolete utility libxkbui: remove obsolete recipe Tim Orling (1): python3-argh: upgrade 0.26.2 -> 0.28.1 Trevor Gamblin (9): python3-alembic: upgrade 1.10.4 -> 1.11.1 python3-sqlalchemy: upgrade 2.0.15 -> 2.0.19 python3-argcomplete: upgrade 3.1.0 -> 3.1.1 python3-arpeggio: upgrade 2.0.0 -> 2.0.2 python3-astroid: upgrade 2.15.5 -> 2.15.6 python3-autobahn: upgrade 23.6.1 -> 23.6.2 python3-bandit: upgrade 1.7.4 -> 1.7.5 python3-bandit: add python3-rich to RDEPENDS python3-bitarray: upgrade 2.7.3 -> 2.7.6 Wang Mingyu (44): cppzmq: upgrade 4.9.0 -> 4.10.0 iwd: upgrade 2.5 -> 2.6 libburn: upgrade 1.5.4 -> 1.5.6 libzip: upgrade 1.9.2 -> 1.10.0 openfortivpn: upgrade 1.20.3 -> 1.20.5 psqlodbc: upgrade 13.02.0000 -> 15.00.0000 python3-aenum: upgrade 3.1.12 -> 3.1.14 python3-can: upgrade 4.2.1 -> 4.2.2 python3-google-api-python-client: upgrade 2.89.0 -> 2.90.0 python3-h5py: upgrade 3.8.0 -> 3.9.0 python3-natsort: upgrade 8.3.1 -> 8.4.0 python3-pymodbus: upgrade 3.3.1 -> 3.3.2 python3-pymongo: upgrade 4.3.3 -> 4.4.0 python3-pyscaffold: upgrade 4.4.1 -> 4.5 python3-pyzstd: upgrade 0.15.7 -> 0.15.9 python3-requests-futures: upgrade 1.0.0 -> 1.0.1 python3-sentry-sdk: upgrade 1.25.1 -> 1.26.0 python3-zeroconf: upgrade 0.68.0 -> 0.69.0 weechat: upgrade 3.8 -> 4.0.0 python3-platformdirs: upgrade 3.6.0 -> 3.8.0 renderdoc: upgrade 1.13 -> 1.27 gegl: upgrade 0.4.44 -> 0.4.46 gvfs: upgrade 1.50.4 -> 1.51.1 weechat: upgrade 4.0.0 -> 4.0.1 avro-c: upgrade 1.11.1 -> 1.11.2 glfw: upgrade 3.3 -> 3.3.8 hwloc: upgrade 2.9.1 -> 2.9.2 minicoredumper: upgrade 2.0.3 -> 2.0.6 thingsboard-gateway: upgrade 3.2 -> 3.3 xterm: upgrade 382 -> 383 passwdqc: upgrade 2.0.2 -> 2.0.3 python3-aenum: upgrade 3.1.14 -> 3.1.15 python3-configargparse : upgrade 1.5.3 -> 1.5.5 python3-elementpath: upgrade 4.1.3 -> 4.1.4 python3-google-api-python-client: upgrade 2.90.0 -> 2.92.0 python3-google-auth: upgrade 2.20.0 -> 2.21.0 python3-joblib: upgrade 1.2.0 -> 1.3.1 python3-pillow: upgrade 9.5.0 -> 10.0.0 python3-redis: upgrade 4.5.5 -> 4.6.0 python3-tox: upgrade 4.6.0 -> 4.6.3 python3-virtualenv: upgrade 20.23.0 -> 20.23.1 python3-zeroconf: upgrade 0.69.0 -> 0.70.0 libyang: Fix install conflict when enable multilib. php: Fix install conflict when enable multilib. Wolfgang Meyer (4): fbida: Switch to git fetcher fbida: build with meson fbida: SRC_REV bump ac9005b..eb769e3 fbida: make fbpdf build optional Yi Zhao (6): conntrack-tools: add systemd unit file conntrack-tools: add required kernel modules to RRECOMMENDS frr: upgrade 8.4.2 -> 8.4.4 mbedtls: upgrade 2.28.2 -> 2.28.3 open-vm-tools: Security fix CVE-2023-20867 samba: upgrade 4.18.3 -> 4.18.4 Zoltán Böszörményi (1): opencv: 4.8.0 Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: I48c2ba4573ee81b637b1ba890c312f491004f666
Diffstat (limited to 'poky/meta/recipes-kernel')
-rw-r--r--poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.3.bb (renamed from poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb)2
-rw-r--r--poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb (renamed from poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb)4
-rw-r--r--poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers/0001-include-linux-stddef.h-in-swab.h-uapi-header.patch42
-rw-r--r--poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.4.bb (renamed from poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.1.bb)3
-rw-r--r--poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc581
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb6
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto-rt_6.4.bb48
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb6
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.4.bb33
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto.inc2
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb28
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto_6.4.bb71
-rw-r--r--poky/meta/recipes-kernel/lttng/lttng-ust_2.13.6.bb (renamed from poky/meta/recipes-kernel/lttng/lttng-ust_2.13.5.bb)2
-rw-r--r--poky/meta/recipes-kernel/perf/perf.bb2
14 files changed, 754 insertions, 76 deletions
diff --git a/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb b/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.3.bb
index b5c0834d89..f9a3811669 100644
--- a/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.2.bb
+++ b/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.3.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSES/GPL-2.0;md5=e6a75371ba4d16749254a51215d13f97
file://LICENSES/LGPL-2.1;md5=b370887980db5dd40659b50909238dbd"
SECTION = "libs"
-SRCREV = "1c6f0f3b2bb47571fc455dc565dc343152517d98"
+SRCREV = "dd148189b74da3e2f45c7e536319fec97cb71213"
SRC_URI = "git://git.kernel.org/pub/scm/libs/libtrace/libtraceevent.git;branch=${BPN};protocol=https \
file://0001-makefile-Do-not-preserve-ownership-in-cp-command.patch"
diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
index 3470131294..329a3e3c9a 100644
--- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb
+++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
@@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
"
# WHENCE checksum is defined separately to ease overriding it if
# class-devupstream is selected.
-WHENCE_CHKSUM = "a0997fc7a9af4e46d96529d6ef13b58a"
+WHENCE_CHKSUM = "57bf874056926f12aec2405d3fc390d9"
# These are not common licenses, set NO_GENERIC_LICENSE for them
# so that the license files will be copied from fetched source
@@ -212,7 +212,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw
# Pin this to the 20220509 release, override this in local.conf
SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae"
-SRC_URI[sha256sum] = "8b1acfa16f1ee94732a6acb50d9d6c835cf53af11068bd89ed207bbe04a1e951"
+SRC_URI[sha256sum] = "87597111c0d4b71b31e53cb85a92c386921b84c825a402db8c82e0e86015500d"
inherit allarch
diff --git a/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers/0001-include-linux-stddef.h-in-swab.h-uapi-header.patch b/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers/0001-include-linux-stddef.h-in-swab.h-uapi-header.patch
deleted file mode 100644
index 5b7c1b6e21..0000000000
--- a/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers/0001-include-linux-stddef.h-in-swab.h-uapi-header.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From dc221138c809125dc1bbff8506c70cb7bd846368 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Wed, 12 Sep 2018 17:08:58 -0700
-Subject: [PATCH] include linux/stddef.h in swab.h uapi header
-
-swab.h uses __always_inline without including the header where it is
-defined, this is exposed by musl based distributions where this macro is
-not defined by system C library headers unlike glibc where it is defined
-in sys/cdefs.h and that header gets pulled in indirectly via
-
-features.h -> sys/cdefs.h
-
-and features.h gets pulled in a lot of headers. Therefore it may work in
-cases where features.h is includes but not otherwise.
-
-Adding linux/stddef.h here ensures that __always_inline is always
-defined independent of which C library is used in userspace
-
-Upstream-Status: Submitted [https://lkml.org/lkml/2018/9/13/78]
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Cc: Philippe Ombredanne <pombredanne@nexb.com>
-Cc: Kate Stewart <kstewart@linuxfoundation.org>
-Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-Cc: Thomas Gleixner <tglx@linutronix.de>
-
----
- include/uapi/linux/swab.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/include/uapi/linux/swab.h b/include/uapi/linux/swab.h
-index 7272f85d6..2912fe463 100644
---- a/include/uapi/linux/swab.h
-+++ b/include/uapi/linux/swab.h
-@@ -3,6 +3,7 @@
- #define _UAPI_LINUX_SWAB_H
-
- #include <linux/types.h>
-+#include <linux/stddef.h>
- #include <linux/compiler.h>
- #include <asm/bitsperlong.h>
- #include <asm/swab.h>
diff --git a/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.1.bb b/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.4.bb
index cbdebdc1e8..c52315499e 100644
--- a/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.1.bb
+++ b/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.4.bb
@@ -4,7 +4,6 @@ SRC_URI:append:libc-musl = "\
file://0001-libc-compat.h-fix-some-issues-arising-from-in6.h.patch \
file://0003-remove-inclusion-of-sysinfo.h-in-kernel.h.patch \
file://0001-libc-compat.h-musl-_does_-define-IFF_LOWER_UP-DORMAN.patch \
- file://0001-include-linux-stddef.h-in-swab.h-uapi-header.patch \
"
SRC_URI += "\
@@ -13,6 +12,6 @@ SRC_URI += "\
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-SRC_URI[sha256sum] = "2ca1f17051a430f6fed1196e4952717507171acfd97d96577212502703b25deb"
+SRC_URI[sha256sum] = "8fa0588f0c2ceca44cac77a0e39ba48c9f00a6b9dc69761c02a5d3efac8da7f3"
diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 4cc151901b..2eb4836c35 100644
--- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,20 +1,329 @@
+CVE_STATUS[CVE-2018-6559] = "not-applicable-platform: Issue only affects Ubuntu"
+
+# https://www.linuxkernelcves.com/cves/CVE-2019-3016
+# Fixed with 5.6
+CVE_STATUS[CVE-2019-3016] = "fixed-version: Fixed in version v5.6"
+
+# https://www.linuxkernelcves.com/cves/CVE-2019-3819
+# Fixed with 5.1
+CVE_STATUS[CVE-2019-3819] = "fixed-version: Fixed in version v5.1"
+
+# https://www.linuxkernelcves.com/cves/CVE-2019-3887
+# Fixed with 5.2
+CVE_STATUS[CVE-2019-3887] = "fixed-version: Fixed in version v5.2"
+
+CVE_STATUS[CVE-2020-11935] = "not-applicable-config: Issue only affects aufs, which is not in linux-yocto"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2020-27784
+# Introduced in version v4.1 b26394bd567e5ebe57ec4dee7fe6cd14023c96e9
+# Patched in kernel since v5.10 e8d5f92b8d30bb4ade76494490c3c065e12411b1
+# Backported in version v5.4.73 e9e791f5c39ab30e374a3b1a9c25ca7ff24988f3
+CVE_STATUS[CVE-2020-27784] = "cpe-stable-backport: Backported in version v5.4.73"
+
+
+# 2021
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-3669
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.15 20401d1058f3f841f35a594ac2fc1293710e55b9
+CVE_STATUS[CVE-2021-3669] = "fixed-version: Fixed in version v5.15"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-3759
+# Introduced in version v4.5 a9bb7e620efdfd29b6d1c238041173e411670996
+# Patched in kernel since v5.15 18319498fdd4cdf8c1c2c48cd432863b1f915d6f
+# Backported in version v5.4.224 bad83d55134e647a739ebef2082541963f2cbc92
+# Backported in version v5.10.154 836686e1a01d7e2fda6a5a18252243ff30a6e196
+CVE_STATUS[CVE-2021-3759] = "cpe-stable-backport: Backported in versions v5.4.224 and v6.1.11"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-4218
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.8 32927393dc1ccd60fb2bdc05b9e8e88753761469
+CVE_STATUS[CVE-2021-4218] = "fixed-version: Fixed in version v5.8"
+
+
+# 2022
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-0480
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.15 0f12156dff2862ac54235fc72703f18770769042
+CVE_STATUS[CVE-2022-0480] = "fixed-version: Fixed in version v5.15"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1184
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 46c116b920ebec58031f0a78c5ea9599b0d2a371
+# Backported in version v5.4.198 17034d45ec443fb0e3c0e7297f9cd10f70446064
+# Backported in version v5.10.121 da2f05919238c7bdc6e28c79539f55c8355408bb
+# Backported in version v5.15.46 ca17db384762be0ec38373a12460081d22a8b42d
+CVE_STATUS[CVE-2022-1184] = "cpe-stable-backport: Backported in versions v5.4.198, v5.10.121 and v5.15.46"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1462
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 a501ab75e7624d133a5a3c7ec010687c8b961d23
+# Backported in version v5.4.208 f7785092cb7f022f59ebdaa181651f7c877df132
+# Backported in version v5.10.134 08afa87f58d83dfe040572ed591b47e8cb9e225c
+# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
+CVE_STATUS[CVE-2022-1462] = "cpe-stable-backport: Backported in versions v5.4.208, v5.10.134 and v5.15.58"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2196
+# Introduced in version v5.8 5c911beff20aa8639e7a1f28988736c13e03ed54
+# Breaking commit backported in v5.4.47 64b8f33b2e1e687d465b5cb382e7bec495f1e026
+# Patched in kernel since v6.2 2e7eab81425ad6c875f2ed47c0ce01e78afc38a5
+# Backported in version v5.4.233 f93a1a5bdcdd122aae0a3eab7a52c15b71fb725b
+# Backported in version v5.10.170 1b0cafaae8884726c597caded50af185ffc13349
+# Backported in version v5.15.96 6b539a7dbb49250f92515c2ba60aea239efc9e35
+# Backported in version v6.1.14 63fada296062e91ad9f871970d4e7f19e21a6a15
+CVE_STATUS[CVE-2022-2196] = "cpe-stable-backport: Backported in versions v5.4.1233, v5.10.170, v5.15.46 and v6.1.14"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2308
+# Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e
+# Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b
+# Backported in version v5.15.72 dc248ddf41eab4566e95b1ee2433c8a5134ad94a
+# Backported in version v5.19.14 38d854c4a11c3bbf6a96ea46f14b282670c784ac
+CVE_STATUS[CVE-2022-2308] = "cpe-stable-backport: Backported in versions v5.15.72 and v5.19.14"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2327
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.10.125 df3f3bb5059d20ef094d6b2f0256c4bf4127a859
+CVE_STATUS[CVE-2022-2327] = "fixed-version: Fixed in version v5.10.125"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2663
+# Introduced in version v2.6.20 869f37d8e48f3911eb70f38a994feaa8f8380008
+# Patched in kernel since v6.0 0efe125cfb99e6773a7434f3463f7c2fa28f3a43
+# Backported in version v5.4.213 36f7b71f8ad8e4d224b45f7d6ecfeff63b091547
+# Backported in version v5.10.143 e12ce30fe593dd438c5b392290ad7316befc11ca
+# Backported in version v5.15.68 451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4
+# Backported in version v5.19.9 6cf0609154b2ce8d3ae160e7506ab316400a8d3d
+CVE_STATUS[CVE-2022-2663] = "cpe-stable-backport: Backported in versions v5.4.213, v5.10.143, v5.15.68 and v5.19.9"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2785
+# Introduced in version v5.18 b1d18a7574d0df5eb4117c14742baf8bc2b9bb74
+# Patched in kernel since v6.0 86f44fcec22ce2979507742bc53db8400e454f46
+# Backported in version v5.19.4 b429d0b9a7a0f3dddb1f782b72629e6353f292fd
+CVE_STATUS[CVE-2022-2785] = "cpe-stable-backport: Backported in version v5.19.4"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3176
+# Introduced in version v5.1 221c5eb2338232f7340386de1c43decc32682e58
+# Patched in kernel since v5.17 791f3465c4afde02d7f16cf7424ca87070b69396
+# Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5
+CVE_STATUS[CVE-2022-3176] = "cpe-stable-backport: Backported in version v5.15.65"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3424
+# Introduced in version v2.6.33 55484c45dbeca2eec7642932ec3f60f8a2d4bdbf
+# Patched in kernel since v6.2 643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
+# Backported in version v5.4.229 0078dd8758561540ed30b2c5daa1cb647e758977
+# Backported in version v5.10.163 0f67ed565f20ea2fdd98e3b0b0169d9e580bb83c
+# Backported in version v5.15.86 d5c8f9003a289ee2a9b564d109e021fc4d05d106
+# Backported in version v6.1.2 4e947fc71bec7c7da791f8562d5da233b235ba5e
+CVE_STATUS[CVE-2022-3424] = "cpe-stable-backport: Backported in versions v5.4.229, v5.10.163, v5.15.86 and v 6.1.2"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3435
+# Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82
+# Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438
+# Breaking commit backported in v5.10.111 63ea57478aaa3e06a597081a0f537318fc04e49f
+# Breaking commit backported in v5.15.34 907c97986d6fa77318d17659dd76c94b65dd27c5
+# Patched in kernel since v6.1 61b91eb33a69c3be11b259c5ea484505cd79f883
+# Backported in version v5.4.226 cc3cd130ecfb8b0ae52e235e487bae3f16a24a32
+# Backported in version v5.10.158 0b5394229ebae09afc07aabccb5ffd705ffd250e
+# Backported in version v5.15.82 25174d91e4a32a24204060d283bd5fa6d0ddf133
+CVE_STATUS[CVE-2022-3435] = "cpe-stable-backport: Backported in versions v5.4.226, v5.10.158 and v5.15.82"
+
# https://nvd.nist.gov/vuln/detail/CVE-2022-3523
# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
# Patched in kernel since v6.1 16ce101db85db694a91380aa4c89b25530871d33
-CVE_CHECK_IGNORE += "CVE-2022-3523"
+CVE_STATUS[CVE-2022-3523] = "fixed-version: Fixed in version v6.1"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3526
+# Introduced in version v5.13 427f0c8c194b22edcafef1b0a42995ddc5c2227d
+# Patched in kernel since v5.18 e16b859872b87650bb55b12cca5a5fcdc49c1442
+# Backported in version v5.15.35 8f79ce226ad2e9b2ec598de2b9560863b7549d1b
+CVE_STATUS[CVE-2022-3526] = "cpe-stable-backport: Backported in version v5.15.35"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3534
+# Introduced in version v5.10 919d2b1dbb074d438027135ba644411931179a59
+# Patched in kernel since v6.2 93c660ca40b5d2f7c1b1626e955a8e9fa30e0749
+# Backported in version v5.10.163 c61650b869e0b6fb0c0a28ed42d928eea969afc8
+# Backported in version v5.15.86 a733bf10198eb5bb927890940de8ab457491ed3b
+# Backported in version v6.1.2 fbe08093fb2334549859829ef81d42570812597d
+CVE_STATUS[CVE-2022-3534] = "cpe-stable-backport: Backported in versions v5.10.163, v5.15.86 and v6.1.2"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3564
+# Introduced in version v3.6 4b51dae96731c9d82f5634e75ac7ffd3b9c1b060
+# Patched in kernel since v6.1 3aff8aaca4e36dc8b17eaa011684881a80238966
+# Backported in version v5.10.154 cb1c012099ef5904cd468bdb8d6fcdfdd9bcb569
+# Backported in version v5.15.78 8278a87bb1eeea94350d675ef961ee5a03341fde
+CVE_STATUS[CVE-2022-3564] = "cpe-stable-backport: Backported in versions v5.10.154 and v5.15.78"
# https://nvd.nist.gov/vuln/detail/CVE-2022-3566
# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
# Patched in kernel since v6.1 f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57
-CVE_CHECK_IGNORE += "CVE-2022-3566"
+CVE_STATUS[CVE-2022-3566] = "fixed-version: Fixed in version v6.1"
# https://nvd.nist.gov/vuln/detail/CVE-2022-3567
# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
# Patched in kernel since v6.1 364f997b5cfe1db0d63a390fe7c801fa2b3115f6
-CVE_CHECK_IGNORE += "CVE-2022-3567"
+CVE_STATUS[CVE-2022-3567] = "fixed-version: Fixed in version v6.1"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3619
+# Introduced in version v5.12 4d7ea8ee90e42fc75995f6fb24032d3233314528
+# Patched in kernel since v6.1 7c9524d929648935bac2bbb4c20437df8f9c3f42
+# Backported in version v5.15.78 aa16cac06b752e5f609c106735bd7838f444784c
+CVE_STATUS[CVE-2022-3619] = "cpe-stable-backport: Backported in version v5.15.78"
-# 2023
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3621
+# Introduced in version v2.60.30 05fe58fdc10df9ebea04c0eaed57adc47af5c184
+# Patched in kernel since v6.1 21a87d88c2253350e115029f14fe2a10a7e6c856
+# Backported in version v5.4.218 792211333ad77fcea50a44bb7f695783159fc63c
+# Backported in version v5.10.148 3f840480e31495ce674db4a69912882b5ac083f2
+# Backported in version v5.15.74 1e512c65b4adcdbdf7aead052f2162b079cc7f55
+# Backported in version v5.19.16 caf2c6b580433b3d3e413a3d54b8414a94725dcd
+CVE_STATUS[CVE-2022-3621] = "cpe-stable-backport: Backported in versions v5.4.218, v5.10.148, v5.15.74 and v5.19.16"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3623
+# Introduced in version v5.1 5480280d3f2d11d47f9be59d49b20a8d7d1b33e8
+# Patched in kernel since v6.1 fac35ba763ed07ba93154c95ffc0c4a55023707f
+# Backported in version v5.4.228 176ba4c19d1bb153aa6baaa61d586e785b7d736c
+# Backported in version v5.10.159 fccee93eb20d72f5390432ecea7f8c16af88c850
+# Backported in version v5.15.78 3a44ae4afaa5318baed3c6e2959f24454e0ae4ff
+# Backported in version v5.19.17 86a913d55c89dd13ba070a87f61a493563e94b54
+CVE_STATUS[CVE-2022-3623] = "cpe-stable-backport: Backported in versions v5.4.228, v5.10.159, v5.15.78 and v 5.19.17"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3624
+# Introduced in version v6.0 d5410ac7b0baeca91cf73ff5241d35998ecc8c9e
+# Patched in kernel since v6.0 4f5d33f4f798b1c6d92b613f0087f639d9836971
+CVE_STATUS[CVE-2022-3624] = "fixed-version: Fixed in version v6.0"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3625
+# Introduced in version v4.19 45f05def5c44c806f094709f1c9b03dcecdd54f0
+# Patched in kernel since v6.0 6b4db2e528f650c7fb712961aac36455468d5902
+# Backported in version v5.4.211 1ad4ba9341f15412cf86dc6addbb73871a10212f
+# Backported in version v5.10.138 0e28678a770df7989108327cfe86f835d8760c33
+# Backported in version v5.15.63 c4d09fd1e18bac11c2f7cf736048112568687301
+# Backported in version v5.19.4 26bef5616255066268c0e40e1da10cc9b78b82e9
+CVE_STATUS[CVE-2022-3625] = "cpe-stable-backport: Backported in versions v5.4.211, v5.10.138, v5.15.63 and v5.19.4"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3629
+# Introduced in version v3.9 d021c344051af91f42c5ba9fdedc176740cbd238
+# Patched in kernel since v6.0 7e97cfed9929eaabc41829c395eb0d1350fccb9d
+# Backported in version v5.4.211 f82f1e2042b397277cd39f16349950f5abade58d
+# Backported in version v5.10.138 38ddccbda5e8b762c8ee06670bb1f64f1be5ee50
+# Backported in version v5.15.63 e4c0428f8a6fc8c218d7fd72bddd163f05b29795
+# Backported in version v5.19.4 8ff5db3c1b3d6797eda5cd326dcd31b9cd1c5f72
+CVE_STATUS[CVE-2022-3629] = "cpe-stable-backport: Backported in versions v5.4.211, v5.10.138, v5.15.63 and v5.19.4"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3630
+# Introduced in version v5.19 85e4ea1049c70fb99de5c6057e835d151fb647da
+# Patched in kernel since v6.0 fb24771faf72a2fd62b3b6287af3c610c3ec9cf1
+# Backported in version v5.19.4 7a369dc87b66acc85d0cffcf39984344a203e20b
+CVE_STATUS[CVE-2022-3630] = "cpe-stable-backport: Backported in version v5.19.4"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3633
+# Introduced in version v5.4 9d71dd0c70099914fcd063135da3c580865e924c
+# Patched in kernel since v6.0 8c21c54a53ab21842f5050fa090f26b03c0313d6
+# Backported in version v5.4.211 04e41b6bacf474f5431491f92e981096e8cc8e93
+# Backported in version v5.10.138 a220ff343396bae8d3b6abee72ab51f1f34b3027
+# Backported in version v5.15.63 98dc8fb08299ab49e0b9c08daedadd2f4de1a2f2
+# Backported in version v5.19.4 a0278dbeaaf7ca60346c62a9add65ae7d62564de
+CVE_STATUS[CVE-2022-3633] = "cpe-stable-backport: Backported in versions v5.4.211, v5.10.138, v5.15.63 and v5.19.4"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3635
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.0 3f4093e2bf4673f218c0bf17d8362337c400e77b
+# Backported in version v5.4.211 9a6cbaa50f263b12df18a051b37f3f42f9fb5253
+# Backported in version v5.10.138 a0ae122e9aeccbff75014c4d36d11a9d32e7fb5e
+# Backported in version v5.15.63 a5d7ce086fe942c5ab422fd2c034968a152be4c4
+# Backported in version v5.19.4 af412b252550f9ac36d9add7b013c2a2c3463835
+CVE_STATUS[CVE-2022-3635] = "cpe-stable-backport: Backported in versions v5.4.211, v5.10.138, v5.15.63 and v5.19.4"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3636
+# Introduced in version v5.19 33fc42de33278b2b3ec6f3390512987bc29a62b7
+# Patched in kernel since v5.19 17a5f6a78dc7b8db385de346092d7d9f9dc24df6
+CVE_STATUS[CVE-2022-3636] = "cpe-stable-backport: Backported in version v5.19"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3640
+# Introduced in version v5.19 d0be8347c623e0ac4202a1d4e0373882821f56b0
+# Breaking commit backported in v5.4.209 098e07ef0059296e710a801cdbd74b59016e6624
+# Breaking commit backported in v5.10.135 de5d4654ac6c22b1be756fdf7db18471e7df01ea
+# Breaking commit backported in v5.15.59 f32d5615a78a1256c4f557ccc6543866e75d03f4
+# Patched in kernel since v6.1 0d0e2d032811280b927650ff3c15fe5020e82533
+# Backported in version v5.4.224 c1f594dddd9ffd747c39f49cc5b67a9b7677d2ab
+# Backported in version v5.10.154 d9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd
+# Backported in version v5.15.78 a3a7b2ac64de232edb67279e804932cb42f0b52a
+CVE_STATUS[CVE-2022-3640] = "cpe-stable-backport: Backported in versions v5.4.224, v5.10.154 and v5.15.78"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3646
+# Introduced in version v2.6.30 9ff05123e3bfbb1d2b68ba1d9bf1f7d1dffc1453
+# Patched in kernel since v6.1 d0d51a97063db4704a5ef6bc978dddab1636a306
+# Backported in version v5.4.218 b7e409d11db9ce9f8bc05fcdfa24d143f60cd393
+# Backported in version v5.10.148 aad4c997857f1d4b6c1e296c07e4729d3f8058ee
+# Backported in version v5.15.74 44b1ee304bac03f1b879be5afe920e3a844e40fc
+# Backported in version v5.19.16 4755fcd844240857b525f6e8d8b65ee140fe9570
+CVE_STATUS[CVE-2022-3646] = "cpe-stable-backport: Backported in versions v5.4.218, v5.10.148, v5.15.74 and v5.19.16"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3649
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 d325dc6eb763c10f591c239550b8c7e5466a5d09
+# Backported in version v5.4.220 d1c2d820a2cd73867b7d352e89e92fb3ac29e926
+# Backported in version v5.10.148 21ee3cffed8fbabb669435facfd576ba18ac8652
+# Backported in version v5.15.74 cb602c2b654e26763226d8bd27a702f79cff4006
+# Backported in version v5.19.16 394b2571e9a74ddaed55aa9c4d0f5772f81c21e4
+CVE_STATUS[CVE-2022-3649] = "cpe-stable-backport: Backported in versions v5.4.220, v5.10.148, v5.15.74 and v5.19.16"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-4382
+# Introduced in version v5.3 e5d82a7360d124ae1a38c2a5eac92ba49b125191
+# Patched in kernel since v6.2-rc5 d18dcfe9860e842f394e37ba01ca9440ab2178f4
+# Backported in version v5.4.230 9a39f4626b361ee7aa10fd990401c37ec3b466ae
+# Backported in version v5.10.165 856e4b5e53f21edbd15d275dde62228dd94fb2b4
+# Backported in version v5.15.90 a2e075f40122d8daf587db126c562a67abd69cf9
+# Backported in version v6.1.8 616fd34d017000ecf9097368b13d8a266f4920b3
+CVE_STATUS[CVE-2022-4382] = "cpe-stable-backport: Backported in versions v5.4.230, v5.10.165, v5.15.90 and v6.1.8"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-26365
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 2f446ffe9d737e9a844b97887919c4fda18246e7
+# Backported in version v5.4.204 42112e8f94617d83943f8f3b8de2b66041905506
+# Backported in version v5.10.129 cfea428030be836d79a7690968232bb7fa4410f1
+# Backported in version v5.15.53 7ed65a4ad8fa9f40bc3979b32c54243d6a684ec9
+CVE_STATUS[CVE-2022-26365] = "cpe-stable-backport: Backported in versions v5.4.204, v5.10.129 and v5.15.53"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-33740
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 307c8de2b02344805ebead3440d8feed28f2f010
+# Backported in version v5.4.204 04945b5beb73019145ac17a2565526afa7293c14
+# Backported in version v5.10.129 728d68bfe68d92eae1407b8a9edc7817d6227404
+# Backported in version v5.15.53 5dd0993c36832d33820238fc8dc741ba801b7961
+CVE_STATUS[CVE-2022-33740] = "cpe-stable-backport: Backported in versions v5.4.204, v5.10.129 and v5.15.53"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-33741
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 4491001c2e0fa69efbb748c96ec96b100a5cdb7e
+# Backported in version v5.4.204 ede57be88a5fff42cd00e6bcd071503194d398dd
+# Backported in version v5.10.129 4923217af5742a796821272ee03f8d6de15c0cca
+# Backported in version v5.15.53 ed3cfc690675d852c3416aedb271e0e7d179bf49
+CVE_STATUS[CVE-2022-33741] = "cpe-stable-backport: Backported in versions v5.4.204, v5.10.129 and v5.15.53"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-33742
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 2400617da7eebf9167d71a46122828bc479d64c9
+# Backported in version v5.4.204 60ac50daad36ef3fe9d70d89cfe3b95d381db997
+# Backported in version v5.10.129 cbbd2d2531539212ff090aecbea9877c996e6ce6
+# Backported in version v5.15.53 6d0a9127279a4533815202e30ad1b3a39f560ba3
+CVE_STATUS[CVE-2022-33742] = "cpe-stable-backport: Backported in versions v5.4.204, v5.10.129 and v5.15.53"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-42895
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 b1a2cd50c0357f243b7435a732b4e62ba3157a2e
+# Backported in version v5.4.224 6949400ec9feca7f88c0f6ca5cb5fdbcef419c89
+# Backported in version v5.10.154 26ca2ac091b49281d73df86111d16e5a76e43bd7
+# Backported in version v5.15.78 3e4697ffdfbb38a2755012c4e571546c89ab6422
+CVE_STATUS[CVE-2022-42895] = "cpe-stable-backport: Backported in versions v5.4.224, v5.10.154 and v5.15.78"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-42896
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 711f8c3fb3db61897080468586b970c87c61d9e4
+# Backported in version v5.4.226 0d87bb6070361e5d1d9cb391ba7ee73413bc109b
+# Backported in version v5.10.154 6b6f94fb9a74dd2891f11de4e638c6202bc89476
+# Backported in version v5.15.78 81035e1201e26d57d9733ac59140a3e29befbc5a
+CVE_STATUS[CVE-2022-42896] = "cpe-stable-backport: Backported in versions v5.4.226, v5.10.154 and v5.15.78"
# https://nvd.nist.gov/vuln/detail/CVE-2022-38457
# https://nvd.nist.gov/vuln/detail/CVE-2022-40133
@@ -26,11 +335,271 @@ CVE_CHECK_IGNORE += "CVE-2022-3567"
# * https://www.linuxkernelcves.com/cves/CVE-2022-38457
# * https://www.linuxkernelcves.com/cves/CVE-2022-40133
# * https://lore.kernel.org/all/CAODzB9q3OBD0k6W2bcWrSZo2jC3EvV0PrLyWmO07rxR4nQgkJA@mail.gmail.com/T/
-CVE_CHECK_IGNORE += "CVE-2022-38457 CVE-2022-40133"
+CVE_STATUS[CVE-2022-38457] = "cpe-stable-backport: Backported in version v6.1.7"
+CVE_STATUS[CVE-2022-40133] = "cpe-stable-backport: Backported in version v6.1.7"
+
+# Backported to 6.1.33
+CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in version v6.1.33"
+
+# 2023
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0179
+# Patched in kernel since v6.2 696e1a48b1a1b01edad542a1ef293665864a4dd0
+# Backported in version v5.10.164 550efeff989b041f3746118c0ddd863c39ddc1aa
+# Backported in version v5.15.89 a8acfe2c6fb99f9375a9325807a179cd8c32e6e3
+# Backported in version v6.1.7 76ef74d4a379faa451003621a84e3498044e7aa3
+CVE_STATUS[CVE-2023-0179] = "cpe-stable-backport: Backported in versions v5.10.164, v5.15.89 and v6.1.7"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0266
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.2 56b88b50565cd8b946a2d00b0c83927b7ebb055e
+# Backported in version v5.15.88 26350c21bc5e97a805af878e092eb8125843fe2c
+# Backported in version v6.1.6 d6ad4bd1d896ae1daffd7628cd50f124280fb8b1
+CVE_STATUS[CVE-2023-0266] = "cpe-stable-backport: Backported in versions v5.15.88 and v6.1.6"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0394
+# Introduced in version 2.6.12 357b40a18b04c699da1d45608436e9b76b50e251
+# Patched in kernel since v6.2 cb3e9864cdbe35ff6378966660edbcbac955fe17
+# Backported in version v5.4.229 3998dba0f78a59922b0ef333ccfeb58d9410cd3d
+# Backported in version v5.10.164 6c9e2c11c33c35563d34d12b343d43b5c12200b5
+# Backported in version v5.15.89 456e3794e08a0b59b259da666e31d0884b376bcf
+# Backported in version v6.1.7 0afa5f0736584411771299074bbeca8c1f9706d4
+CVE_STATUS[CVE-2023-0394] = "cpe-stable-backport: Backported in versions v5.4.229, v5.10.164, v5.15.89 and v6.1.7"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0386
+# Introduced in 5.11 459c7c565ac36ba09ffbf24231147f408fde4203
+# Patched in kernel v6.2 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3
+# Backported in version 5.15.91 e91308e63710574c4b6a0cadda3e042a3699666e
+# Backported in version 6.1.9 42fea1c35254c49cce07c600d026cbc00c6d3c81
+CVE_STATUS[CVE-2023-0386] = "cpe-stable-backport: Backported in versions v5.15.91 and v6.1.9"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0461
+# Introduced in version v4.13 734942cc4ea6478eed125af258da1bdbb4afe578
+# Patched in kernel since v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c
+# Backported in version v5.4.229 c6d29a5ffdbc362314853462a0e24e63330a654d
+# Backported in version v5.10.163 f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0
+# Backported in version v5.15.88 dadd0dcaa67d27f550131de95c8e182643d2c9d6
+# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c
+CVE_STATUS[CVE-2023-0461] = "cpe-stable-backport: Backported in versions v5.4.229, v5.10.163, v5.15.88 and v6.1.5"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1073
+# Introduced in v3.16 1b15d2e5b8077670b1e6a33250a0d9577efff4a5
+# Patched in kernel v6.2 b12fece4c64857e5fab4290bf01b2e0317a88456
+# Backported in version 5.10.166 5dc3469a1170dd1344d262a332b26994214eeb58
+# Backported in version 5.15.91 2b49568254365c9c247beb0eabbaa15d0e279d64
+# Backported in version 6.1.9 cdcdc0531a51659527fea4b4d064af343452062d
+CVE_STATUS[CVE-2023-1073] = "cpe-stable-backport: Backported in versions v5.10.166, v5.15.91 and v6.1.9"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1074
+# Patched in kernel v6.2 458e279f861d3f61796894cd158b780765a1569f
+# Backported in version 5.15.91 3391bd42351be0beb14f438c7556912b9f96cb32
+# Backported in version 6.1.9 9f08bb650078dca24a13fea1c375358ed6292df3
+CVE_STATUS[CVE-2023-1074] = "cpe-stable-backport: Backported in versions v5.15.91 andv6.1.9"
# https://nvd.nist.gov/vuln/detail/CVE-2023-1075
# Introduced in v4.20 a42055e8d2c30d4decfc13ce943d09c7b9dad221
# Patched in kernel v6.2 ffe2a22562444720b05bdfeb999c03e810d84cbb
# Backported in version 6.1.11 37c0cdf7e4919e5f76381ac60817b67bcbdacb50
# 5.15 still has issue, include/net/tls.h:is_tx_ready() would need patch
-CVE_CHECK_IGNORE += "CVE-2023-1075"
+CVE_STATUS[CVE-2023-1075] = "cpe-stable-backport: Backported in version v6.1.11"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1076
+# Patched in kernel v6.3 a096ccca6e503a5c575717ff8a36ace27510ab0a
+# Backported in version v5.4.235 d92d87000eda9884d49f1acec1c1fccd63cd9b11
+# Backported in version v5.10.173 9a31af61f397500ccae49d56d809b2217d1e2178
+# Backported in version v5.15.99 67f9f02928a34aad0a2c11dab5eea269f5ecf427
+# Backported in version v6.1.16 b4ada752eaf1341f47bfa3d8ada377eca75a8d44
+# Backported in version v6.2.3 4aa4b4b3b3e9551c4de2bf2987247c28805fb8f6
+CVE_STATUS[CVE-2023-1076] = "cpe-stable-backport: Backported in versions v5.4.235, v5.10.173, v5.15.99, v6.1.16 and v6.2.3"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1077
+# Patched in kernel 6.3rc1 7c4a5b89a0b5a57a64b601775b296abf77a9fe97
+# Backported in version 5.15.99 2c36c390a74981d03f04f01fe7ee9c3ac3ea11f7
+# Backported in version 6.1.16 6b4fcc4e8a3016e85766c161daf0732fca16c3a3
+CVE_STATUS[CVE-2023-1077] = "cpe-stable-backport: Backported in versions v5.15.99 and v6.1.16"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1078
+# Patched in kernel 6.2 f753a68980cf4b59a80fe677619da2b1804f526d
+# Backported in version 5.15.94 528e3f3a4b53df36dafd10cdf6b8c0fe2aa1c4ba
+# Backported in version 6.1.12 1d52bbfd469af69fbcae88c67f160ce1b968e7f3
+CVE_STATUS[CVE-2023-1078] = "cpe-stable-backport: Backported in versions v5.15.94 and v6.1.12"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1079
+# Patched in kernel since v6.3-rc1 4ab3a086d10eeec1424f2e8a968827a6336203df
+# Backported in version v5.4.235 dd08e68d04d08d2f42b09162c939a0b0841216cc
+# Backported in version v5.10.173 21a2eec4a440060a6eb294dc890eaf553101ba09
+# Backported in version v5.15.99 3959316f8ceb17866646abc6be4a332655407138
+# Backported in version v6.1.16 ee907829b36949c452c6f89485cb2a58e97c048e
+# Backported in version v6.2.3 b08bcfb4c97d7bd41b362cff44b2c537ce9e8540
+CVE_STATUS[CVE-2023-1079] = "cpe-stable-backport: Backported in versions v5.4.235, v5.10.173, v5.15.99, v6.1.16 and v6.2.3"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1118
+# Introduced in version v2.6.36 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6
+# Patched in kernel since v6.3-rc1 29b0589a865b6f66d141d79b2dd1373e4e50fe17
+# Backported in version v5.4.235 d120334278b370b6a1623a75ebe53b0c76cb247c
+# Backported in version v5.10.173 78da5a378bdacd5bf68c3a6389bdc1dd0c0f5b3c
+# Backported in version v5.15.99 29962c478e8b2e6a6154d8d84b8806dbe36f9c28
+# Backported in version v6.1.16 029c1410e345ce579db5c007276340d072aac54a
+# Backported in version v6.2.3 182ea492aae5b64067277e60a4ea5995c4628555
+CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in versions v5.4.235, v5.10.173, v5.15.99, v6.1.16 and v6.2.3"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1281
+# Introduced in version v4.14 9b0d4446b56904b59ae3809913b0ac760fa941a6
+# Patched in kernel since v6.2 ee059170b1f7e94e55fa6cadee544e176a6e59c2
+# Backported in version v5.10.169 eb8e9d8572d1d9df17272783ad8a84843ce559d4
+# Backported in version v5.15.95 becf55394f6acb60dd60634a1c797e73c747f9da
+# Backported in version v6.1.13 bd662ba56187b5ef8a62a3511371cd38299a507f
+CVE_STATUS[CVE-2023-1281] = "cpe-stable-backport: Backported in versions v5.10.169, v5.15.95 and v6.1.13"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1513
+# Patched in kernel since v6.2 2c10b61421a28e95a46ab489fd56c0f442ff6952
+# Backported in version v5.4.232 9f95a161a7deef62d6d2f57b1a69f94e0546d8d8
+# Backported in version v5.10.169 6416c2108ba54d569e4c98d3b62ac78cb12e7107
+# Backported in version v5.15.95 35351e3060d67eed8af1575d74b71347a87425d8
+# Backported in version v6.1.13 747ca7c8a0c7bce004709143d1cd6596b79b1deb
+CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in versions v5.4.232, v5.10.169, v5.15.95 and v6.1.13"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1652
+# Patched in kernel since v6.2 e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd
+# Backported in version v5.15.91 0a27dcd5343026ac0cb168ee63304255372b7a36
+# Backported in version v6.1.9 32d5eb95f8f0e362e37c393310b13b9e95404560
+# Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1652
+# Ref: Debian kernel-sec team: https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/retired/CVE-2023-1652
+CVE_STATUS[CVE-2023-1652] = "cpe-stable-backport: Backported in versions v5.15.91 and v6.1.9"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1829
+# Patched in kernel since v6.3-rc1 8c710f75256bb3cf05ac7b1672c82b92c43f3d28
+# Backported in version v5.4.235 7a6fb69bbcb21e9ce13bdf18c008c268874f0480
+# Backported in version v5.10.173 18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6
+# Backported in version v5.15.100 7c183dc0af472dec33d2c0786a5e356baa8cad19
+# Backported in version v6.1.18 3abebc503a5148072052c229c6b04b329a420ecd
+# Backported in version v6.2.5 372ae77cf11d11fb118cbe2d37def9dd5f826abd
+# Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1829
+# Ref: Debian kernel-sec team : https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/active/CVE-2023-1829
+CVE_STATUS[CVE-2023-1829] = "cpe-stable-backport: Backported in versions v5.4.235, v5.10.173, v5.15.100, v6.1.18 and v6.2.5"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-28466
+# Introduced in version v4.13 3c4d7559159bfe1e3b94df3a657b2cda3a34e218
+# Patched in kernel since v6.3-rc2 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962
+# Backported in version v5.15.105 0b54d75aa43a1edebc8a3770901f5c3557ee0daa
+# Backported in version v6.1.20 14c17c673e1bba08032d245d5fb025d1cbfee123
+# Backported in version v6.2.7 5231fa057bb0e52095591b303cf95ebd17bc62ce
+CVE_STATUS[CVE-2023-28466] = "cpe-stable-backport: Backported in versions v5.15.05, v6.1.20 and v6.2.7"
+
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-0615
+# Fixed in 6.1 onwards
+CVE_STATUS[CVE-2023-0615] = "fixed-version: Fixed in version v6.1 onwards"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-28328
+# Fixed with 6.1.2
+CVE_STATUS[CVE-2023-28328] = "fixed-version: Fixed in version v6.1.2"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-2162
+# Fixed in 6.1.11
+CVE_STATUS[CVE-2023-2162] = "fixed-version: Fixed in version v6.1.11"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-0459
+# Fixed in 6.1.14 onwards
+CVE_STATUS[CVE-2023-0459] = "fixed-version: Fixed in version v6.1.14"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-1999
+# https://www.linuxkernelcves.com/cves/CVE-2023-2985
+# Fixed in 6.1.16
+CVE_STATUS[CVE-2023-1998] = "fixed-version: Fixed in version v6.1.16"
+CVE_STATUS[CVE-2023-2985] = "fixed-version: Fixed in version v6.1.16"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-1855
+# https://www.linuxkernelcves.com/cves/CVE-2023-1990
+# https://www.linuxkernelcves.com/cves/CVE-2023-2235
+# https://www.linuxkernelcves.com/cves/CVE-2023-30456
+# Fixed in 6.1.21
+CVE_STATUS_GROUPS += "CVE_STATUS_KERNEL_6121"
+CVE_STATUS_KERNEL_6121 = "CVE-2023-1855 CVE-2023-1990 CVE-2023-2235 CVE-2023-30456"
+CVE_STATUS_KERNEL_6121[status] = "fixed-version: Fixed in version v6.1.21"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-1989
+# https://www.linuxkernelcves.com/cves/CVE-2023-2194
+# https://www.linuxkernelcves.com/cves/CVE-2023-28866
+# https://www.linuxkernelcves.com/cves/CVE-2023-30772
+# https://www.linuxkernelcves.com/cves/CVE-2023-33203
+# https://www.linuxkernelcves.com/cves/CVE-2023-33288
+# Fixed with 6.1.22
+CVE_STATUS_GROUPS += "CVE_STATUS_KERNEL_6122"
+CVE_STATUS_KERNEL_6122 = "CVE-2023-2194 CVE-2023-1989 CVE-2023-28866 CVE-2023-30772 CVE-2023-33203 CVE-2023-33288"
+CVE_STATUS_KERNEL_6122[status] = "fixed-version: Fixed in version v6.1.22"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-1611
+# Fixed in 6.1.23
+CVE_STATUS[CVE-2023-1611] = "fixed-version: Fixed in version v6.1.23"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-1859
+# Fixed in 6.1.25
+CVE_STATUS[CVE-2023-1859] = "fixed-version: Fixed in version v6.1.25"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-2156
+# https://www.linuxkernelcves.com/cves/CVE-2023-31436
+# Fixed in 6.1.26
+CVE_STATUS[CVE-2023-2156] = "fixed-version: Fixed in version v6.1.26"
+CVE_STATUS[CVE-2023-31436] = "fixed-version: Fixed in version v6.1.26"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-1380
+# https://www.linuxkernelcves.com/cves/CVE-2023-2002
+# Fixed in 6.1.27
+CVE_STATUS[CVE-2023-1380] = "fixed-version: Fixed in version v6.1.27"
+CVE_STATUS[CVE-2023-2002] = "fixed-version: Fixed in version v6.1.27"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-32233
+# Fixed with 6.1.28
+CVE_STATUS[CVE-2023-32233] = "fixed-version: Fixed in version v6.1.28"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-34256
+# Fixed in 6.1.29
+CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed in version v6.1.29"
+
+
+# Backported to 6.1.9
+CVE_STATUS[CVE-2023-3358] = "cpe-stable-backport: Backported in version v6.1.9"
+
+# Backported to 6.1.11
+CVE_STATUS[CVE-2023-3359] = "cpe-stable-backport: Backported in version v6.1.11"
+CVE_STATUS[CVE-2023-3161] = "cpe-stable-backport: Backported in version v6.1.11"
+
+# Backported to 6.1.16
+CVE_STATUS[CVE-2023-3220] = "cpe-stable-backport: Backported in version v6.1.16"
+
+# Backported to 6.1.28
+CVE_STATUS_GROUPS += "CVE_STATUS_KERNEL_6128"
+CVE_STATUS_KERNEL_6128 = "CVE-2023-3268 CVE-2023-35823 CVE-2023-35824 CVE-2023-35826 CVE-2023-35828 CVE-2023-35829"
+CVE_STATUS_KERNEL_6122[status] = "cpe-stable-backport: Backported in version v6.1.28"
+
+# Backported to 6.1.30
+# Backported to 6.1.30 as 9a342d4
+CVE_STATUS[CVE-2023-3090] = "cpe-stable-backport: Backported in version v6.1.30"
+CVE_STATUS[CVE-2023-3141] = "cpe-stable-backport: Backported in version v6.1.30 as 9a342d4"
+
+# Backported to 6.1.33
+CVE_STATUS_GROUPS += "CVE_STATUS_KERNEL_6133"
+CVE_STATUS_KERNEL_6133 = "CVE-2023-2124 CVE-2023-3212 CVE-2023-35788"
+CVE_STATUS_KERNEL_6133[status] = "cpe-stable-backport: Backported in version v6.1.33"
+
+# Backported to 6.1.35
+CVE_STATUS[CVE-2023-3117] = "cpe-stable-backport: Backported in version v6.1.35"
+CVE_STATUS[CVE-2023-3390] = "cpe-stable-backport: Backported in version v6.1.35"
+
+# Backported to 6.1.36
+CVE_STATUS[CVE-2023-3389] = "cpe-stable-backport: Backported in version v6.1.36"
+
+# Only in 6.2.0 to 6.2.14, and 6.3.0 to 6.3.1
+CVE_STATUS[CVE-2023-3312] = "not-applicable-config: Only in versions v6.2.0 to v6.2.4 and v6.3.0 to v6.3.1"
+
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-23005
+# Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b
+# Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee
+# But, the CVE is disputed:
+CVE_STATUS[CVE-2023-23005] = "disputed: There are no realistic cases \
+in which a user can cause the alloc_memory_type error case to be reached. \
+See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2"
+
+CVE_STATUS[CVE-2023-28464] = "not-applicable-config: Only in 6.3-rc"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
index 54ead24ded..d4488b360c 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
@@ -14,13 +14,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "6f370bf9127713eccdfb3cf009c46ef4852aec28"
-SRCREV_meta ?= "b358c237cf493dcf5af1760fc4632ede32e1ff2e"
+SRCREV_machine ?= "efb2c857761e865cd7947aab42eaa5ba77ef6ee7"
+SRCREV_meta ?= "cba89f406c6e07a16018cb77b51950cbae8ec654"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https"
-LINUX_VERSION ?= "6.1.35"
+LINUX_VERSION ?= "6.1.38"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.4.bb
new file mode 100644
index 0000000000..9273a08c61
--- /dev/null
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.4.bb
@@ -0,0 +1,48 @@
+KBRANCH ?= "v6.4/standard/preempt-rt/base"
+
+require recipes-kernel/linux/linux-yocto.inc
+
+# CVE exclusions
+include recipes-kernel/linux/cve-exclusion_6.4.inc
+
+# Skip processing of this recipe if it is not explicitly specified as the
+# PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying
+# to build multiple virtual/kernel providers, e.g. as dependency of
+# core-image-rt-sdk, core-image-rt.
+python () {
+ if d.getVar("KERNEL_PACKAGE_NAME") == "kernel" and d.getVar("PREFERRED_PROVIDER_virtual/kernel") != "linux-yocto-rt":
+ raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
+}
+
+SRCREV_machine ?= "917d160a84f61aada28d09f5afc04d6451fa52a0"
+SRCREV_meta ?= "dab56f52aa33b5cea1513b36b98e50a6c7c31f47"
+
+SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
+ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.4;destsuffix=${KMETA};protocol=https"
+
+LINUX_VERSION ?= "6.4.3"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
+
+DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
+DEPENDS += "openssl-native util-linux-native"
+
+PV = "${LINUX_VERSION}+git${SRCPV}"
+
+KMETA = "kernel-meta"
+KCONF_BSP_AUDIT_LEVEL = "1"
+
+LINUX_KERNEL_TYPE = "preempt-rt"
+
+COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm|qemuarmv5|qemuarm64|qemuppc|qemumips)$"
+
+KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb"
+
+# Functionality flags
+KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc features/taskstats/taskstats.scc"
+KERNEL_FEATURES:append = " ${KERNEL_EXTRA_FEATURES}"
+KERNEL_FEATURES:append:qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc"
+KERNEL_FEATURES:append:qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
+KERNEL_FEATURES:append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
index fd2e2511d5..4e45e25975 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
# CVE exclusions
include recipes-kernel/linux/cve-exclusion_6.1.inc
-LINUX_VERSION ?= "6.1.35"
+LINUX_VERSION ?= "6.1.38"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_meta ?= "b358c237cf493dcf5af1760fc4632ede32e1ff2e"
+SRCREV_machine ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_meta ?= "cba89f406c6e07a16018cb77b51950cbae8ec654"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.4.bb
new file mode 100644
index 0000000000..39abfcbb08
--- /dev/null
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.4.bb
@@ -0,0 +1,33 @@
+KBRANCH ?= "v6.4/standard/tiny/base"
+
+LINUX_KERNEL_TYPE = "tiny"
+KCONFIG_MODE = "--allnoconfig"
+
+require recipes-kernel/linux/linux-yocto.inc
+
+# CVE exclusions
+include recipes-kernel/linux/cve-exclusion_6.4.inc
+
+LINUX_VERSION ?= "6.4.3"
+LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
+
+DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
+DEPENDS += "openssl-native util-linux-native"
+
+KMETA = "kernel-meta"
+KCONF_BSP_AUDIT_LEVEL = "2"
+
+SRCREV_machine ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_meta ?= "dab56f52aa33b5cea1513b36b98e50a6c7c31f47"
+
+PV = "${LINUX_VERSION}+git${SRCPV}"
+
+SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
+ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.4;destsuffix=${KMETA};protocol=https"
+
+COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm64|qemuarm|qemuarmv5)$"
+
+# Functionality flags
+KERNEL_FEATURES = ""
+
+KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto.inc b/poky/meta/recipes-kernel/linux/linux-yocto.inc
index 04a8105e17..0cc303c009 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto.inc
+++ b/poky/meta/recipes-kernel/linux/linux-yocto.inc
@@ -62,7 +62,7 @@ KERNEL_FEATURES:append:qemuall=" features/kernel-sample/kernel-sample.scc"
KERNEL_DEBUG ?= ""
# These used to be version specific, but are now common dependencies. New
# tools / dependencies will continue to be added in version specific recipes.
-DEPENDS += '${@bb.utils.contains_any("ARCH", [ "x86", "arm64" ], "elfutils-native", "", d)}'
+DEPENDS += '${@bb.utils.contains_any("ARCH", [ "x86", "arm64", "powerpc" ], "elfutils-native", "", d)}'
DEPENDS += "openssl-native util-linux-native"
DEPENDS += "gmp-native libmpc-native"
DEPENDS += '${@bb.utils.contains("KERNEL_DEBUG", "True", "pahole-native", "", d)}'
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
index 1838a1e031..a76d2dc404 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
@@ -17,25 +17,25 @@ KBRANCH:qemux86-64 ?= "v6.1/standard/base"
KBRANCH:qemuloongarch64 ?= "v6.1/standard/base"
KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "915f4d2237d1c8e23eb67eda0b8e9b24373a80b4"
-SRCREV_machine:qemuarm64 ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemuloongarch64 ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemumips ?= "1aad3fa2eba5594fb4e779fc53fef6046d833c91"
-SRCREV_machine:qemuppc ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemuriscv64 ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemuriscv32 ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemux86 ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemux86-64 ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_machine:qemumips64 ?= "53e7685d6da27e112397e71c27a0bce0fc9313a9"
-SRCREV_machine ?= "682b17e1d76bc4364fcc9864f39c31c855b5f5df"
-SRCREV_meta ?= "b358c237cf493dcf5af1760fc4632ede32e1ff2e"
+SRCREV_machine:qemuarm ?= "a74344429a095a5941cd8dfac532160349344c92"
+SRCREV_machine:qemuarm64 ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemuloongarch64 ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemumips ?= "78c81e178f8e2ffbb7c03cd324cf50ee0c5c4cf2"
+SRCREV_machine:qemuppc ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemuriscv64 ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemuriscv32 ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemux86 ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemux86-64 ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_machine:qemumips64 ?= "6c6b1170464e1f64f78a45cf7e78d5c678f38f48"
+SRCREV_machine ?= "b110cf9bbc395fe757956839d8110e72368699f4"
+SRCREV_meta ?= "cba89f406c6e07a16018cb77b51950cbae8ec654"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "e84a4e368abe42cf359fe237f0238820859d5044"
+SRCREV_machine:class-devupstream ?= "61fd484b2cf6bc8022e8e5ea6f693a9991740ac2"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v6.1/base"
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
SRC_URI += "file://0001-perf-cpumap-Make-counter-as-unsigned-ints.patch"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.1.35"
+LINUX_VERSION ?= "6.1.38"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.4.bb
new file mode 100644
index 0000000000..443a89cc1e
--- /dev/null
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.4.bb
@@ -0,0 +1,71 @@
+KBRANCH ?= "v6.4/standard/base"
+
+require recipes-kernel/linux/linux-yocto.inc
+
+# CVE exclusions
+include recipes-kernel/linux/cve-exclusion_6.4.inc
+
+# board specific branches
+KBRANCH:qemuarm ?= "v6.4/standard/arm-versatile-926ejs"
+KBRANCH:qemuarm64 ?= "v6.4/standard/qemuarm64"
+KBRANCH:qemumips ?= "v6.4/standard/mti-malta32"
+KBRANCH:qemuppc ?= "v6.4/standard/qemuppc"
+KBRANCH:qemuriscv64 ?= "v6.4/standard/base"
+KBRANCH:qemuriscv32 ?= "v6.4/standard/base"
+KBRANCH:qemux86 ?= "v6.4/standard/base"
+KBRANCH:qemux86-64 ?= "v6.4/standard/base"
+KBRANCH:qemuloongarch64 ?= "v6.4/standard/base"
+KBRANCH:qemumips64 ?= "v6.4/standard/mti-malta64"
+
+SRCREV_machine:qemuarm ?= "aa7642358697dc9be32c4563a3d950f257a3f2ed"
+SRCREV_machine:qemuarm64 ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemuloongarch64 ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemumips ?= "8a3ac37b45e7dcc98d28ab3920309340202272d9"
+SRCREV_machine:qemuppc ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemuriscv64 ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemuriscv32 ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemux86 ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemux86-64 ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_machine:qemumips64 ?= "144ff37fee7f0499574d5b508e4db82234f38fec"
+SRCREV_machine ?= "dee78ad1963cff9c063fba486d43fc9670285883"
+SRCREV_meta ?= "dab56f52aa33b5cea1513b36b98e50a6c7c31f47"
+
+# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
+# get the <version>/base branch, which is pure upstream -stable, and the same
+# meta SRCREV as the linux-yocto-standard builds. Select your version using the
+# normal PREFERRED_VERSION settings.
+BBCLASSEXTEND = "devupstream:target"
+SRCREV_machine:class-devupstream ?= "160f4124ea8b4cd6c86867e111fa55e266345a16"
+PN:class-devupstream = "linux-yocto-upstream"
+KBRANCH:class-devupstream = "v6.4/base"
+
+SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH};protocol=https \
+ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.4;destsuffix=${KMETA};protocol=https"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
+LINUX_VERSION ?= "6.4.3"
+
+PV = "${LINUX_VERSION}+git${SRCPV}"
+
+KMETA = "kernel-meta"
+KCONF_BSP_AUDIT_LEVEL = "1"
+
+KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb"
+
+COMPATIBLE_MACHINE = "^(qemuarm|qemuarmv5|qemuarm64|qemux86|qemuppc|qemuppc64|qemumips|qemumips64|qemux86-64|qemuriscv64|qemuriscv32|qemuloongarch64)$"
+
+# Functionality flags
+KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc"
+KERNEL_FEATURES:append = " ${KERNEL_EXTRA_FEATURES}"
+KERNEL_FEATURES:append:qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc cfg/net/mdio.scc"
+KERNEL_FEATURES:append:qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
+KERNEL_FEATURES:append:powerpc =" arch/powerpc/powerpc-debug.scc"
+KERNEL_FEATURES:append:powerpc64 =" arch/powerpc/powerpc-debug.scc"
+KERNEL_FEATURES:append:powerpc64le =" arch/powerpc/powerpc-debug.scc"
+
+INSANE_SKIP:kernel-vmlinux:qemuppc64 = "textrel"
+
diff --git a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.5.bb b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.6.bb
index 916408bff0..424b0fa645 100644
--- a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.5.bb
+++ b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.6.bb
@@ -34,7 +34,7 @@ SRC_URI = "https://lttng.org/files/lttng-ust/lttng-ust-${PV}.tar.bz2 \
file://0001-Makefile.am-update-rpath-link.patch \
"
-SRC_URI[sha256sum] = "f1d7bb4984a3dc5dacd3b7bcb4c10c04b041b0eecd7cba1fef3d8f86aff02bd6"
+SRC_URI[sha256sum] = "e7e04596dd73ac7aa99e27cd000f949dbb0fed51bd29099f9b08a25c1df0ced5"
CVE_PRODUCT = "ust"
diff --git a/poky/meta/recipes-kernel/perf/perf.bb b/poky/meta/recipes-kernel/perf/perf.bb
index 2d803381bb..7d90ac3612 100644
--- a/poky/meta/recipes-kernel/perf/perf.bb
+++ b/poky/meta/recipes-kernel/perf/perf.bb
@@ -383,7 +383,7 @@ PACKAGESPLITFUNCS =+ "perf_fix_sources"
perf_fix_sources () {
for f in util/parse-events-flex.h util/parse-events-flex.c util/pmu-flex.c \
- util/expr-flex.h util/expr-flex.c; do
+ util/pmu-flex.h util/expr-flex.h util/expr-flex.c; do
f=${PKGD}/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR}/$f
if [ -e $f ]; then
sed -i -e 's#${S}/##g' $f
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-15 13:34:55 +0300