diff --git a/blacklist.conf b/blacklist.conf index 3e3e62a..86481f6 100644 --- a/blacklist.conf +++ b/blacklist.conf @@ -2714,3 +2714,16 @@ df6d4f9db79c1a5d6f48b59db35ccd1e9ff9adfc # 08529078d8d9 not present 4fa42adebe5b77215e50eaad701663c8702d3c88 # feature and interrupt mitigation 9cec1d547cb739f8bac2de833487116e0fe896d2 # irrelevant for our compiler version 68c5634c4a7278672a3bed00eb5646884257c413 # Greg's political wipeout of patches from unm.edu +46ed6026ca2181c917c8334a82e3eaf40a6234dd # cleanup +d7110a26e5905ec2fe3fc88bc6a538901accb72b # clang +c7aadc09321d8f9a1d3bd1e6d8a47222ecddf6c5 # clang+KCSAN +81e96851ea32deb2c921c870eecabf335f598aeb # clang +5714ee50bb4375bd586858ad800b1d9772847452 # 9e4636545933 not present +44069737ac9625a0f02f0f7f5ab96aae4cd819bc # clang +e00b62f0b06d0ae2b844049f216807617aff0cdb # adds only CPU ID +c84cb3735fd53c91101ccdb191f2e3331a9262cb # bd9240a18edf not present +de308d1815c9e8fe602a958c5c76142ff6501d75 # bd9240a18edf not present +9e4636545933131de15e1ecd06733538ae939b2f # hard without f0d4f30a7fd2 +e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb # not applicable +dc8d37ed304eeeea47e65fb9edc1c6c8b0093386 # we have CONFIG_SYSFS=y +16fe10cf92783ed9ceb182d6ea2b8adf5e8ec1b8 # already applied diff --git a/patches.suse/ath10k-Fix-missing-frame-timestamp-for-beacon-probe-.patch b/patches.suse/ath10k-Fix-missing-frame-timestamp-for-beacon-probe-.patch new file mode 100644 index 0000000..b6281b0 --- /dev/null +++ b/patches.suse/ath10k-Fix-missing-frame-timestamp-for-beacon-probe-.patch @@ -0,0 +1,38 @@ +From e6dfbc3ba90cc2b619229be56b485f085a0a8e1c Mon Sep 17 00:00:00 2001 +From: Loic Poulain +Date: Tue, 28 Sep 2021 14:00:47 +0300 +Subject: [PATCH] ath10k: Fix missing frame timestamp for beacon/probe-resp +Git-commit: e6dfbc3ba90cc2b619229be56b485f085a0a8e1c +References: git-fixes +Patch-mainline: v5.16-rc1 + +When receiving a beacon or probe response, we should update the +boottime_ns field which is the timestamp the frame was received at. +(cf mac80211.h) + +This fixes a scanning issue with Android since it relies on this +timestamp to determine when the AP has been seen for the last time +(via the nl80211 BSS_LAST_SEEN_BOOTTIME parameter). + +Fixes: 5e3dd157d7e7 ("ath10k: mac80211 driver for Qualcomm Atheros 802.11ac CQA98xx devices") +Signed-off-by: Loic Poulain +Signed-off-by: Kalle Valo +Link: https://lore.kernel.org/r/1629811733-7927-1-git-send-email-loic.poulain@linaro.org +Signed-off-by: Oliver Neukum +--- + drivers/net/wireless/ath/ath10k/wmi.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/drivers/net/wireless/ath/ath10k/wmi.c ++++ b/drivers/net/wireless/ath/ath10k/wmi.c +@@ -2477,6 +2477,10 @@ int ath10k_wmi_event_mgmt_rx(struct ath1 + if (ieee80211_is_beacon(hdr->frame_control)) + ath10k_mac_handle_beacon(ar, skb); + ++ if (ieee80211_is_beacon(hdr->frame_control) || ++ ieee80211_is_probe_resp(hdr->frame_control)) ++ status->boottime_ns = ktime_get_boot_ns(); ++ + ath10k_dbg(ar, ATH10K_DBG_MGMT, + "event mgmt rx skb %pK len %d ftype %02x stype %02x\n", + skb, skb->len, diff --git a/patches.suse/bpf-x86-Fix-encoding-for-lower-8-bit-registers-in-BP.patch b/patches.suse/bpf-x86-Fix-encoding-for-lower-8-bit-registers-in-BP.patch new file mode 100644 index 0000000..6aff34b --- /dev/null +++ b/patches.suse/bpf-x86-Fix-encoding-for-lower-8-bit-registers-in-BP.patch @@ -0,0 +1,72 @@ +From: Luke Nelson +Date: Sat, 18 Apr 2020 16:26:53 -0700 +Subject: bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B +Git-commit: aee194b14dd2b2bde6252b3acf57d36dccfc743a +Patch-mainline: 5.7-rc3 +References: git-fixes + +This patch fixes an encoding bug in emit_stx for BPF_B when the source +register is BPF_REG_FP. + +The current implementation for BPF_STX BPF_B in emit_stx saves one REX +byte when the operands can be encoded using Mod-R/M alone. The lower 8 +bits of registers %rax, %rbx, %rcx, and %rdx can be accessed without using +a REX prefix via %al, %bl, %cl, and %dl, respectively. Other registers, +(e.g., %rsi, %rdi, %rbp, %rsp) require a REX prefix to use their 8-bit +equivalents (%sil, %dil, %bpl, %spl). + +The current code checks if the source for BPF_STX BPF_B is BPF_REG_1 +or BPF_REG_2 (which map to %rdi and %rsi), in which case it emits the +required REX prefix. However, it misses the case when the source is +BPF_REG_FP (mapped to %rbp). + +The result is that BPF_STX BPF_B with BPF_REG_FP as the source operand +will read from register %ch instead of the correct %bpl. This patch fixes +the problem by fixing and refactoring the check on which registers need +the extra REX byte. Since no BPF registers map to %rsp, there is no need +to handle %spl. + +Fixes: 622582786c9e0 ("net: filter: x86: internal BPF JIT") +Signed-off-by: Xi Wang +Signed-off-by: Luke Nelson +Signed-off-by: Alexei Starovoitov +Link: https://lore.kernel.org/bpf/20200418232655.23870-1-luke.r.nels@gmail.com +Signed-off-by: Jiri Slaby +--- + arch/x86/net/bpf_jit_comp.c | 18 +++++++++++++++--- + 1 file changed, 15 insertions(+), 3 deletions(-) + +--- a/arch/x86/net/bpf_jit_comp.c ++++ b/arch/x86/net/bpf_jit_comp.c +@@ -146,6 +146,19 @@ static bool is_ereg(u32 reg) + BIT(BPF_REG_AX)); + } + ++/* ++ * is_ereg_8l() == true if BPF register 'reg' is mapped to access x86-64 ++ * lower 8-bit registers dil,sil,bpl,spl,r8b..r15b, which need extra byte ++ * of encoding. al,cl,dl,bl have simpler encoding. ++ */ ++static bool is_ereg_8l(u32 reg) ++{ ++ return is_ereg(reg) || ++ (1 << reg) & (BIT(BPF_REG_1) | ++ BIT(BPF_REG_2) | ++ BIT(BPF_REG_FP)); ++} ++ + /* add modifiers if 'reg' maps to x64 registers r8..r15 */ + static u8 add_1mod(u8 byte, u32 reg) + { +@@ -720,9 +733,8 @@ st: if (is_imm8(insn->off)) + /* STX: *(u8*)(dst_reg + off) = src_reg */ + case BPF_STX | BPF_MEM | BPF_B: + /* emit 'mov byte ptr [rax + off], al' */ +- if (is_ereg(dst_reg) || is_ereg(src_reg) || +- /* have to add extra byte for x86 SIL, DIL regs */ +- src_reg == BPF_REG_1 || src_reg == BPF_REG_2) ++ if (is_ereg(dst_reg) || is_ereg_8l(src_reg)) ++ /* Add extra byte for eregs or SIL,DIL,BPL in src_reg */ + EMIT2(add_2mod(0x40, dst_reg, src_reg), 0x88); + else + EMIT1(0x88); diff --git a/patches.suse/drivers-net-lmc-fix-case-value-for-target-abort-erro.patch b/patches.suse/drivers-net-lmc-fix-case-value-for-target-abort-erro.patch new file mode 100644 index 0000000..5fc342f --- /dev/null +++ b/patches.suse/drivers-net-lmc-fix-case-value-for-target-abort-erro.patch @@ -0,0 +1,38 @@ +From c6d646fdeae44c7859ee4dea3987254df93b4393 Mon Sep 17 00:00:00 2001 +From: Colin Ian King +Date: Wed, 1 Aug 2018 18:22:41 +0100 +Subject: [PATCH 3/3] drivers: net: lmc: fix case value for target abort error +Git-commit: afb41bb039656f0cecb54eeb8b2e2088201295f5 +Patch-mainline: 4.18-rc8 +References: git-fixes + +Current value for a target abort error is 0x010, however, this value +should in fact be 0x002. As it stands, the range of error is 0..7 so +it is currently never being detected. This bug has been in the driver +since the early 2.6.12 days (or before). + +Detected by CoverityScan, CID#744290 ("Logically dead code") + +Signed-off-by: Colin Ian King +Signed-off-by: David S. Miller +Signed-off-by: Denis Kirjanov +--- + drivers/net/wan/lmc/lmc_main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/net/wan/lmc/lmc_main.c b/drivers/net/wan/lmc/lmc_main.c +index 4698450c77d1..bb43d176eb4e 100644 +--- a/drivers/net/wan/lmc/lmc_main.c ++++ b/drivers/net/wan/lmc/lmc_main.c +@@ -1371,7 +1371,7 @@ static irqreturn_t lmc_interrupt (int irq, void *dev_instance) /*fold00*/ + case 0x001: + printk(KERN_WARNING "%s: Master Abort (naughty)\n", dev->name); + break; +- case 0x010: ++ case 0x002: + printk(KERN_WARNING "%s: Target Abort (not so naughty)\n", dev->name); + break; + default: +-- +2.16.4 + diff --git a/patches.suse/kretprobe-Prevent-triggering-kretprobe-from-within-k.patch b/patches.suse/kretprobe-Prevent-triggering-kretprobe-from-within-k.patch new file mode 100644 index 0000000..df23797 --- /dev/null +++ b/patches.suse/kretprobe-Prevent-triggering-kretprobe-from-within-k.patch @@ -0,0 +1,235 @@ +From: Jiri Olsa +Date: Tue, 12 May 2020 17:03:18 +0900 +Subject: kretprobe: Prevent triggering kretprobe from within kprobe_flush_task +Git-commit: 9b38cc704e844e41d9cf74e647bff1d249512cb3 +Patch-mainline: 5.8-rc2 +References: git-fixes + +Ziqian reported lockup when adding retprobe on _raw_spin_lock_irqsave. +My test was also able to trigger lockdep output: + + ============================================ + WARNING: possible recursive locking detected + 5.6.0-rc6+ #6 Not tainted + -------------------------------------------- + sched-messaging/2767 is trying to acquire lock: + ffffffff9a492798 (&(kretprobe_table_locks[i].lock)){-.-.}, at: kretprobe_hash_lock+0x52/0xa0 + + but task is already holding lock: + ffffffff9a491a18 (&(kretprobe_table_locks[i].lock)){-.-.}, at: kretprobe_trampoline+0x0/0x50 + + other info that might help us debug this: + Possible unsafe locking scenario: + + CPU0 + ---- + lock(&(kretprobe_table_locks[i].lock)); + lock(&(kretprobe_table_locks[i].lock)); + + *** DEADLOCK *** + + May be due to missing lock nesting notation + + 1 lock held by sched-messaging/2767: + #0: ffffffff9a491a18 (&(kretprobe_table_locks[i].lock)){-.-.}, at: kretprobe_trampoline+0x0/0x50 + + stack backtrace: + CPU: 3 PID: 2767 Comm: sched-messaging Not tainted 5.6.0-rc6+ #6 + Call Trace: + dump_stack+0x96/0xe0 + __lock_acquire.cold.57+0x173/0x2b7 + ? native_queued_spin_lock_slowpath+0x42b/0x9e0 + ? lockdep_hardirqs_on+0x590/0x590 + ? __lock_acquire+0xf63/0x4030 + lock_acquire+0x15a/0x3d0 + ? kretprobe_hash_lock+0x52/0xa0 + _raw_spin_lock_irqsave+0x36/0x70 + ? kretprobe_hash_lock+0x52/0xa0 + kretprobe_hash_lock+0x52/0xa0 + trampoline_handler+0xf8/0x940 + ? kprobe_fault_handler+0x380/0x380 + ? find_held_lock+0x3a/0x1c0 + kretprobe_trampoline+0x25/0x50 + ? lock_acquired+0x392/0xbc0 + ? _raw_spin_lock_irqsave+0x50/0x70 + ? __get_valid_kprobe+0x1f0/0x1f0 + ? _raw_spin_unlock_irqrestore+0x3b/0x40 + ? finish_task_switch+0x4b9/0x6d0 + ? __switch_to_asm+0x34/0x70 + ? __switch_to_asm+0x40/0x70 + +The code within the kretprobe handler checks for probe reentrancy, +so we won't trigger any _raw_spin_lock_irqsave probe in there. + +The problem is in outside kprobe_flush_task, where we call: + + kprobe_flush_task + kretprobe_table_lock + raw_spin_lock_irqsave + _raw_spin_lock_irqsave + +where _raw_spin_lock_irqsave triggers the kretprobe and installs +kretprobe_trampoline handler on _raw_spin_lock_irqsave return. + +The kretprobe_trampoline handler is then executed with already +locked kretprobe_table_locks, and first thing it does is to +lock kretprobe_table_locks ;-) the whole lockup path like: + + kprobe_flush_task + kretprobe_table_lock + raw_spin_lock_irqsave + _raw_spin_lock_irqsave ---> probe triggered, kretprobe_trampoline installed + + ---> kretprobe_table_locks locked + + kretprobe_trampoline + trampoline_handler + kretprobe_hash_lock(current, &head, &flags); <--- deadlock + +Adding kprobe_busy_begin/end helpers that mark code with fake +probe installed to prevent triggering of another kprobe within +this code. + +Using these helpers in kprobe_flush_task, so the probe recursion +protection check is hit and the probe is never set to prevent +above lockup. + +Link: http://lkml.kernel.org/r/158927059835.27680.7011202830041561604.stgit@devnote2 + +Fixes: ef53d9c5e4da ("kprobes: improve kretprobe scalability with hashed locking") +Cc: Ingo Molnar +Cc: "Gustavo A . R . Silva" +Cc: Anders Roxell +Cc: "Naveen N . Rao" +Cc: Anil S Keshavamurthy +Cc: David Miller +Cc: Ingo Molnar +Cc: Peter Zijlstra +Cc: stable@vger.kernel.org +Reported-by: "Ziqian SUN (Zamir)" +Acked-by: Masami Hiramatsu +Signed-off-by: Jiri Olsa +Signed-off-by: Steven Rostedt (VMware) +Signed-off-by: Jiri Slaby +--- + arch/x86/kernel/kprobes/core.c | 16 +++------------- + include/linux/kprobes.h | 4 ++++ + kernel/kprobes.c | 24 ++++++++++++++++++++++++ + 3 files changed, 31 insertions(+), 13 deletions(-) + +--- a/arch/x86/kernel/kprobes/core.c ++++ b/arch/x86/kernel/kprobes/core.c +@@ -742,16 +742,11 @@ asm( + NOKPROBE_SYMBOL(kretprobe_trampoline); + STACK_FRAME_NON_STANDARD(kretprobe_trampoline); + +-static struct kprobe kretprobe_kprobe = { +- .addr = (void *)kretprobe_trampoline, +-}; +- + /* + * Called from kretprobe_trampoline + */ + __visible __used void *trampoline_handler(struct pt_regs *regs) + { +- struct kprobe_ctlblk *kcb; + struct kretprobe_instance *ri = NULL; + struct hlist_head *head, empty_rp; + struct hlist_node *tmp; +@@ -759,16 +754,12 @@ __visible __used void *trampoline_handle + unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline; + kprobe_opcode_t *correct_ret_addr = NULL; + +- preempt_disable(); +- + /* + * Set a dummy kprobe for avoiding kretprobe recursion. + * Since kretprobe never run in kprobe handler, kprobe must not + * be running at this point. + */ +- kcb = get_kprobe_ctlblk(); +- __this_cpu_write(current_kprobe, &kretprobe_kprobe); +- kcb->kprobe_status = KPROBE_HIT_ACTIVE; ++ kprobe_busy_begin(); + + INIT_HLIST_HEAD(&empty_rp); + kretprobe_hash_lock(current, &head, &flags); +@@ -824,7 +815,7 @@ __visible __used void *trampoline_handle + __this_cpu_write(current_kprobe, &ri->rp->kp); + ri->ret_addr = correct_ret_addr; + ri->rp->handler(ri, regs); +- __this_cpu_write(current_kprobe, &kretprobe_kprobe); ++ __this_cpu_write(current_kprobe, &kprobe_busy); + } + + recycle_rp_inst(ri, &empty_rp); +@@ -840,8 +831,7 @@ __visible __used void *trampoline_handle + + kretprobe_hash_unlock(current, &flags); + +- __this_cpu_write(current_kprobe, NULL); +- preempt_enable(); ++ kprobe_busy_end(); + + hlist_for_each_entry_safe(ri, tmp, &empty_rp, hlist) { + hlist_del(&ri->hlist); +--- a/include/linux/kprobes.h ++++ b/include/linux/kprobes.h +@@ -384,6 +384,10 @@ static inline struct kprobe_ctlblk *get_ + return this_cpu_ptr(&kprobe_ctlblk); + } + ++extern struct kprobe kprobe_busy; ++void kprobe_busy_begin(void); ++void kprobe_busy_end(void); ++ + kprobe_opcode_t *kprobe_lookup_name(const char *name, unsigned int offset); + int register_kprobe(struct kprobe *p); + void unregister_kprobe(struct kprobe *p); +--- a/kernel/kprobes.c ++++ b/kernel/kprobes.c +@@ -1184,6 +1184,26 @@ __releases(hlist_lock) + } + NOKPROBE_SYMBOL(kretprobe_table_unlock); + ++struct kprobe kprobe_busy = { ++ .addr = (void *) get_kprobe, ++}; ++ ++void kprobe_busy_begin(void) ++{ ++ struct kprobe_ctlblk *kcb; ++ ++ preempt_disable(); ++ __this_cpu_write(current_kprobe, &kprobe_busy); ++ kcb = get_kprobe_ctlblk(); ++ kcb->kprobe_status = KPROBE_HIT_ACTIVE; ++} ++ ++void kprobe_busy_end(void) ++{ ++ __this_cpu_write(current_kprobe, NULL); ++ preempt_enable(); ++} ++ + /* + * This function is called from finish_task_switch when task tk becomes dead, + * so that we can recycle any function-return probe instances associated +@@ -1201,6 +1221,8 @@ void kprobe_flush_task(struct task_struc + /* Early boot. kretprobe_table_locks not yet initialized. */ + return; + ++ kprobe_busy_begin(); ++ + INIT_HLIST_HEAD(&empty_rp); + hash = hash_ptr(tk, KPROBE_HASH_BITS); + head = &kretprobe_inst_table[hash]; +@@ -1214,6 +1236,8 @@ void kprobe_flush_task(struct task_struc + hlist_del(&ri->hlist); + kfree(ri); + } ++ ++ kprobe_busy_end(); + } + NOKPROBE_SYMBOL(kprobe_flush_task); + diff --git a/patches.suse/net-axienet-Fix-double-deregister-of-mdio.patch b/patches.suse/net-axienet-Fix-double-deregister-of-mdio.patch new file mode 100644 index 0000000..9bcfc13 --- /dev/null +++ b/patches.suse/net-axienet-Fix-double-deregister-of-mdio.patch @@ -0,0 +1,64 @@ +From 426be8a19f66453784e4f6e14e0b1d963ea21440 Mon Sep 17 00:00:00 2001 +From: Shubhrajyoti Datta +Date: Tue, 24 Jul 2018 10:09:53 +0530 +Subject: [PATCH 2/3] net: axienet: Fix double deregister of mdio +Git-commit: 03bc7cab7d7218088412a75e141696a89059ab00 +Patch-mainline: 4.18-rc7 +References: git-fixes + +If the registration fails then mdio_unregister is called. +However at unbind the unregister ia attempted again resulting +in the below crash + +[ 73.544038] kernel BUG at drivers/net/phy/mdio_bus.c:415! +[ 73.549362] Internal error: Oops - BUG: 0 [#1] SMP +[ 73.554127] Modules linked in: +[ 73.557168] CPU: 0 PID: 2249 Comm: sh Not tainted 4.14.0 #183 +[ 73.562895] Hardware name: xlnx,zynqmp (DT) +[ 73.567062] task: ffffffc879e41180 task.stack: ffffff800cbe0000 +[ 73.572973] PC is at mdiobus_unregister+0x84/0x88 +[ 73.577656] LR is at axienet_mdio_teardown+0x18/0x30 +[ 73.582601] pc : [] lr : [] +pstate: 20000145 +[ 73.589981] sp : ffffff800cbe3c30 +[ 73.593277] x29: ffffff800cbe3c30 x28: ffffffc879e41180 +[ 73.598573] x27: ffffff8008a21000 x26: 0000000000000040 +[ 73.603868] x25: 0000000000000124 x24: ffffffc879efe920 +[ 73.609164] x23: 0000000000000060 x22: ffffffc879e02000 +[ 73.614459] x21: ffffffc879e02800 x20: ffffffc87b0b8870 +[ 73.619754] x19: ffffffc879e02800 x18: 000000000000025d +[ 73.625050] x17: 0000007f9a719ad0 x16: ffffff8008195bd8 +[ 73.630345] x15: 0000007f9a6b3d00 x14: 0000000000000010 +[ 73.635640] x13: 74656e7265687465 x12: 0000000000000030 +[ 73.640935] x11: 0000000000000030 x10: 0101010101010101 +[ 73.646231] x9 : 241f394f42533300 x8 : ffffffc8799f6e98 +[ 73.651526] x7 : ffffffc8799f6f18 x6 : ffffffc87b0ba318 +[ 73.656822] x5 : ffffffc87b0ba498 x4 : 0000000000000000 +[ 73.662117] x3 : 0000000000000000 x2 : 0000000000000008 +[ 73.667412] x1 : 0000000000000004 x0 : ffffffc8799f4000 +[ 73.672708] Process sh (pid: 2249, stack limit = 0xffffff800cbe0000) + +Fix the same by making the bus NULL on unregister. + +Signed-off-by: Shubhrajyoti Datta +Signed-off-by: David S. Miller +Signed-off-by: Denis Kirjanov +--- + drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c b/drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c +index 63307ea97846..9beea13e2e1f 100644 +--- a/drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c ++++ b/drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c +@@ -217,6 +217,7 @@ int axienet_mdio_setup(struct axienet_local *lp, struct device_node *np) + ret = of_mdiobus_register(bus, np1); + if (ret) { + mdiobus_free(bus); ++ lp->mii_bus = NULL; + return ret; + } + return 0; +-- +2.16.4 + diff --git a/patches.suse/net-prevent-ISA-drivers-from-building-on-PPC32.patch b/patches.suse/net-prevent-ISA-drivers-from-building-on-PPC32.patch new file mode 100644 index 0000000..3fd028b --- /dev/null +++ b/patches.suse/net-prevent-ISA-drivers-from-building-on-PPC32.patch @@ -0,0 +1,84 @@ +From 32e5e402d337480c3c57ca9cb61ef0436fa56134 Mon Sep 17 00:00:00 2001 +From: Randy Dunlap +Date: Sat, 21 Jul 2018 12:59:25 -0700 +Subject: [PATCH 1/3] net: prevent ISA drivers from building on PPC32 +Git-commit: c9ce1fa1c24b08e13c2a3b5b1f94a19c9eaa982c +Patch-mainline: 4.18-rc7 +References: git-fixes + +Prevent drivers from building on PPC32 if they use isa_bus_to_virt(), +isa_virt_to_bus(), or isa_page_to_bus(), which are not available and +thus cause build errors. + +../drivers/net/ethernet/3com/3c515.c: In function 'corkscrew_open': +../drivers/net/ethernet/3com/3c515.c:824:9: error: implicit declaration of function 'isa_virt_to_bus'; did you mean 'virt_to_bus'? [-Werror=implicit-function-declaration] + +../drivers/net/ethernet/amd/lance.c: In function 'lance_rx': +../drivers/net/ethernet/amd/lance.c:1203:23: error: implicit declaration of function 'isa_bus_to_virt'; did you mean 'bus_to_virt'? [-Werror=implicit-function-declaration] + +../drivers/net/ethernet/amd/ni65.c: In function 'ni65_init_lance': +../drivers/net/ethernet/amd/ni65.c:585:20: error: implicit declaration of function 'isa_virt_to_bus'; did you mean 'virt_to_bus'? [-Werror=implicit-function-declaration] + +../drivers/net/ethernet/cirrus/cs89x0.c: In function 'net_open': +../drivers/net/ethernet/cirrus/cs89x0.c:897:20: error: implicit declaration of function 'isa_virt_to_bus'; did you mean 'virt_to_bus'? [-Werror=implicit-function-declaration] + +Signed-off-by: Randy Dunlap +Suggested-by: Michael Ellerman +Signed-off-by: David S. Miller +Signed-off-by: Denis Kirjanov +--- + drivers/net/ethernet/3com/Kconfig | 2 +- + drivers/net/ethernet/amd/Kconfig | 4 ++-- + drivers/net/ethernet/cirrus/Kconfig | 1 + + 3 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/drivers/net/ethernet/3com/Kconfig b/drivers/net/ethernet/3com/Kconfig +index 5b7658bcf020..5c3ef9fc8207 100644 +--- a/drivers/net/ethernet/3com/Kconfig ++++ b/drivers/net/ethernet/3com/Kconfig +@@ -32,7 +32,7 @@ config EL3 + + config 3C515 + tristate "3c515 ISA \"Fast EtherLink\"" +- depends on ISA && ISA_DMA_API ++ depends on ISA && ISA_DMA_API && !PPC32 + ---help--- + If you have a 3Com ISA EtherLink XL "Corkscrew" 3c515 Fast Ethernet + network card, say Y here. +diff --git a/drivers/net/ethernet/amd/Kconfig b/drivers/net/ethernet/amd/Kconfig +index d5c15e8bb3de..a8e8f4e9c1bb 100644 +--- a/drivers/net/ethernet/amd/Kconfig ++++ b/drivers/net/ethernet/amd/Kconfig +@@ -44,7 +44,7 @@ config AMD8111_ETH + + config LANCE + tristate "AMD LANCE and PCnet (AT1500 and NE2100) support" +- depends on ISA && ISA_DMA_API && !ARM ++ depends on ISA && ISA_DMA_API && !ARM && !PPC32 + ---help--- + If you have a network (Ethernet) card of this type, say Y here. + Some LinkSys cards are of this type. +@@ -138,7 +138,7 @@ config PCMCIA_NMCLAN + + config NI65 + tristate "NI6510 support" +- depends on ISA && ISA_DMA_API && !ARM ++ depends on ISA && ISA_DMA_API && !ARM && !PPC32 + ---help--- + If you have a network (Ethernet) card of this type, say Y here. + +diff --git a/drivers/net/ethernet/cirrus/Kconfig b/drivers/net/ethernet/cirrus/Kconfig +index 5ab912937aff..ec0b545197e2 100644 +--- a/drivers/net/ethernet/cirrus/Kconfig ++++ b/drivers/net/ethernet/cirrus/Kconfig +@@ -19,6 +19,7 @@ if NET_VENDOR_CIRRUS + config CS89x0 + tristate "CS89x0 support" + depends on ISA || EISA || ARM ++ depends on !PPC32 + ---help--- + Support for CS89x0 chipset based Ethernet cards. If you have a + network (Ethernet) card of this type, say Y and read the file +-- +2.16.4 + diff --git a/patches.suse/powercap-fix-possible-name-leak-in-powercap_register.patch b/patches.suse/powercap-fix-possible-name-leak-in-powercap_register.patch new file mode 100644 index 0000000..c9de2c8 --- /dev/null +++ b/patches.suse/powercap-fix-possible-name-leak-in-powercap_register.patch @@ -0,0 +1,54 @@ +From 1b6599f741a4525ca761ecde46e5885ff1e6ba58 Mon Sep 17 00:00:00 2001 +From: Yang Yingliang +Date: Tue, 3 Jan 2023 20:57:26 +0800 +Subject: [PATCH] powercap: fix possible name leak in powercap_register_zone() +Git-commit: 1b6599f741a4525ca761ecde46e5885ff1e6ba58 +References: git-fixes +Patch-mainline: v6.3-rc1 + +In the error path after calling dev_set_name(), the device +name is leaked. To fix this, calling dev_set_name() before +device_register(), and call put_device() if it returns error. + +All the resources is released in powercap_release(), so it +can return from powercap_register_zone() directly. + +Fixes: 75d2364ea0ca ("PowerCap: Add class driver") +Signed-off-by: Yang Yingliang +Signed-off-by: Rafael J. Wysocki +Signed-off-by: Oliver Neukum +--- + drivers/powercap/powercap_sys.c | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -542,9 +542,6 @@ struct powercap_zone *powercap_register_ + power_zone->name = kstrdup(name, GFP_KERNEL); + if (!power_zone->name) + goto err_name_alloc; +- dev_set_name(&power_zone->dev, "%s:%x", +- dev_name(power_zone->dev.parent), +- power_zone->id); + power_zone->constraints = kzalloc(sizeof(*power_zone->constraints) * + nr_constraints, GFP_KERNEL); + if (!power_zone->constraints) +@@ -566,9 +563,16 @@ struct powercap_zone *powercap_register_ + power_zone->dev_attr_groups[0] = &power_zone->dev_zone_attr_group; + power_zone->dev_attr_groups[1] = NULL; + power_zone->dev.groups = power_zone->dev_attr_groups; ++ dev_set_name(&power_zone->dev, "%s:%x", ++ dev_name(power_zone->dev.parent), ++ power_zone->id); + result = device_register(&power_zone->dev); +- if (result) +- goto err_dev_ret; ++ if (result) { ++ put_device(&power_zone->dev); ++ mutex_unlock(&control_type->lock); ++ ++ return ERR_PTR(result); ++ } + + control_type->nr_zones++; + mutex_unlock(&control_type->lock); diff --git a/patches.suse/usb-dwc3-gadget-Don-t-set-IMI-for-no_interrupt.patch b/patches.suse/usb-dwc3-gadget-Don-t-set-IMI-for-no_interrupt.patch new file mode 100644 index 0000000..355c0e9 --- /dev/null +++ b/patches.suse/usb-dwc3-gadget-Don-t-set-IMI-for-no_interrupt.patch @@ -0,0 +1,44 @@ +From 308c316d16cbad99bb834767382baa693ac42169 Mon Sep 17 00:00:00 2001 +From: Thinh Nguyen +Date: Tue, 25 Oct 2022 15:10:20 -0700 +Subject: [PATCH] usb: dwc3: gadget: Don't set IMI for no_interrupt +Git-commit: 308c316d16cbad99bb834767382baa693ac42169 +References: git-fixes +Patch-mainline: v6.1-rc3 + +The gadget driver may have a certain expectation of how the request +completion flow should be from to its configuration. Make sure the +controller driver respect that. That is, don't set IMI (Interrupt on +Missed Isoc) when usb_request->no_interrupt is set. Also, the driver +should only set IMI to the last TRB of a chain. + +Fixes: 72246da40f37 ("usb: Introduce DesignWare USB3 DRD Driver") +Cc: stable@vger.kernel.org +Signed-off-by: Thinh Nguyen +Reviewed-by: Jeff Vanhoof +Tested-by: Jeff Vanhoof +Link: https://lore.kernel.org/r/ced336c84434571340c07994e3667a0ee284fefe.1666735451.git.Thinh.Nguyen@synopsys.com +Signed-off-by: Greg Kroah-Hartman +Signed-off-by: Oliver Neukum +--- + drivers/usb/dwc3/gadget.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c +index 230b3c660054..5fe2d136dff5 100644 +--- a/drivers/usb/dwc3/gadget.c ++++ b/drivers/usb/dwc3/gadget.c +@@ -1292,8 +1292,8 @@ static void dwc3_prepare_one_trb(struct dwc3_ep *dep, + trb->ctrl = DWC3_TRBCTL_ISOCHRONOUS; + } + +- /* always enable Interrupt on Missed ISOC */ +- trb->ctrl |= DWC3_TRB_CTRL_ISP_IMI; ++ if (!no_interrupt && !chain) ++ trb->ctrl |= DWC3_TRB_CTRL_ISP_IMI; + break; + + case USB_ENDPOINT_XFER_BULK: +-- +2.40.0 + diff --git a/patches.suse/usb-storage-Add-check-for-kcalloc.patch b/patches.suse/usb-storage-Add-check-for-kcalloc.patch new file mode 100644 index 0000000..4b8fa97 --- /dev/null +++ b/patches.suse/usb-storage-Add-check-for-kcalloc.patch @@ -0,0 +1,38 @@ +From c35ca10f53c51eeb610d3f8fbc6dd6d511b58a58 Mon Sep 17 00:00:00 2001 +From: Jiasheng Jiang +Date: Thu, 8 Dec 2022 19:00:58 +0800 +Subject: [PATCH] usb: storage: Add check for kcalloc +Git-commit: c35ca10f53c51eeb610d3f8fbc6dd6d511b58a58 +References: git-fixes +Patch-mainline: v6.2-rc1 + +As kcalloc may return NULL pointer, the return value should +be checked and return error if fails as same as the ones in +alauda_read_map. + +Fixes: e80b0fade09e ("[PATCH] USB Storage: add alauda support") +Acked-by: Alan Stern +Signed-off-by: Jiasheng Jiang +Link: https://lore.kernel.org/r/20221208110058.12983-1-jiasheng@iscas.ac.cn +Signed-off-by: Greg Kroah-Hartman +Signed-off-by: Oliver Neukum +--- + drivers/usb/storage/alauda.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/drivers/usb/storage/alauda.c b/drivers/usb/storage/alauda.c +index 747be69e5e69..5e912dd29b4c 100644 +--- a/drivers/usb/storage/alauda.c ++++ b/drivers/usb/storage/alauda.c +@@ -438,6 +438,8 @@ static int alauda_init_media(struct us_data *us) + + MEDIA_INFO(us).blockshift + MEDIA_INFO(us).pageshift); + MEDIA_INFO(us).pba_to_lba = kcalloc(num_zones, sizeof(u16*), GFP_NOIO); + MEDIA_INFO(us).lba_to_pba = kcalloc(num_zones, sizeof(u16*), GFP_NOIO); ++ if (MEDIA_INFO(us).pba_to_lba == NULL || MEDIA_INFO(us).lba_to_pba == NULL) ++ return USB_STOR_TRANSPORT_ERROR; + + if (alauda_reset_media(us) != USB_STOR_XFER_GOOD) + return USB_STOR_TRANSPORT_ERROR; +-- +2.40.0 + diff --git a/patches.suse/usb-typec-Check-for-ops-exit-instead-of-ops-enter-in.patch b/patches.suse/usb-typec-Check-for-ops-exit-instead-of-ops-enter-in.patch new file mode 100644 index 0000000..b4e2be6 --- /dev/null +++ b/patches.suse/usb-typec-Check-for-ops-exit-instead-of-ops-enter-in.patch @@ -0,0 +1,39 @@ +From b6ddd180e3d9f92c1e482b3cdeec7dda086b1341 Mon Sep 17 00:00:00 2001 +From: Sven Peter +Date: Mon, 14 Nov 2022 17:59:24 +0100 +Subject: [PATCH] usb: typec: Check for ops->exit instead of ops->enter in + altmode_exit +Git-commit: b6ddd180e3d9f92c1e482b3cdeec7dda086b1341 +References: git-fixes +Patch-mainline: v6.2-rc1 + +typec_altmode_exit checks if ops->enter is not NULL but then calls +ops->exit a few lines below. Fix that and check for the function +pointer it's about to call instead. + +Fixes: 8a37d87d72f0 ("usb: typec: Bus type for alternate modes") +Signed-off-by: Sven Peter +Reviewed-by: Heikki Krogerus +Link: https://lore.kernel.org/r/20221114165924.33487-1-sven@svenpeter.dev +Signed-off-by: Greg Kroah-Hartman +Signed-off-by: Oliver Neukum +--- + drivers/usb/typec/bus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/usb/typec/bus.c b/drivers/usb/typec/bus.c +index 26ea2fdec17d..31c2a3130cad 100644 +--- a/drivers/usb/typec/bus.c ++++ b/drivers/usb/typec/bus.c +@@ -134,7 +134,7 @@ int typec_altmode_exit(struct typec_altmode *adev) + if (!adev || !adev->active) + return 0; + +- if (!pdev->ops || !pdev->ops->enter) ++ if (!pdev->ops || !pdev->ops->exit) + return -EOPNOTSUPP; + + /* Moving to USB Safe State */ +-- +2.40.0 + diff --git a/patches.suse/watchdog-pcwd_usb-Fix-attempting-to-access-uninitial.patch b/patches.suse/watchdog-pcwd_usb-Fix-attempting-to-access-uninitial.patch new file mode 100644 index 0000000..20eea61 --- /dev/null +++ b/patches.suse/watchdog-pcwd_usb-Fix-attempting-to-access-uninitial.patch @@ -0,0 +1,64 @@ +From 7d06c07c67100fd0f8e6b3ab7145ce789f788117 Mon Sep 17 00:00:00 2001 +From: Li Hua +Date: Wed, 16 Nov 2022 10:07:06 +0800 +Subject: [PATCH] watchdog: pcwd_usb: Fix attempting to access uninitialized + memory +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +Git-commit: 7d06c07c67100fd0f8e6b3ab7145ce789f788117 +References: git-fixes +Patch-mainline: v6.3-rc1 + +The stack variable msb and lsb may be used uninitialized in function +usb_pcwd_get_temperature and usb_pcwd_get_timeleft when usb card no response. + +The build waring is: +drivers/watchdog/pcwd_usb.c:336:22: error: ‘lsb’ is used uninitialized in this function [-Werror=uninitialized] + *temperature = (lsb * 9 / 5) + 32; + ~~~~^~~ +drivers/watchdog/pcwd_usb.c:328:21: note: ‘lsb’ was declared here + unsigned char msb, lsb; + ^~~ +cc1: all warnings being treated as errors +scripts/Makefile.build:250: recipe for target 'drivers/watchdog/pcwd_usb.o' failed +make[3]: *** [drivers/watchdog/pcwd_usb.o] Error 1 + +Fixes: b7e04f8c61a4 ("mv watchdog tree under drivers") +Signed-off-by: Li Hua +Reviewed-by: Guenter Roeck +Link: https://lore.kernel.org/r/20221116020706.70847-1-hucool.lihua@huawei.com +Signed-off-by: Guenter Roeck +Signed-off-by: Wim Van Sebroeck +Signed-off-by: Oliver Neukum +--- + drivers/watchdog/pcwd_usb.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/drivers/watchdog/pcwd_usb.c b/drivers/watchdog/pcwd_usb.c +index 1bdaf17c1d38..8202f0a6b093 100644 +--- a/drivers/watchdog/pcwd_usb.c ++++ b/drivers/watchdog/pcwd_usb.c +@@ -325,7 +325,8 @@ static int usb_pcwd_set_heartbeat(struct usb_pcwd_private *usb_pcwd, int t) + static int usb_pcwd_get_temperature(struct usb_pcwd_private *usb_pcwd, + int *temperature) + { +- unsigned char msb, lsb; ++ unsigned char msb = 0x00; ++ unsigned char lsb = 0x00; + + usb_pcwd_send_command(usb_pcwd, CMD_READ_TEMP, &msb, &lsb); + +@@ -341,7 +342,8 @@ static int usb_pcwd_get_temperature(struct usb_pcwd_private *usb_pcwd, + static int usb_pcwd_get_timeleft(struct usb_pcwd_private *usb_pcwd, + int *time_left) + { +- unsigned char msb, lsb; ++ unsigned char msb = 0x00; ++ unsigned char lsb = 0x00; + + /* Read the time that's left before rebooting */ + /* Note: if the board is not yet armed then we will read 0xFFFF */ +-- +2.40.0 + diff --git a/patches.suse/x86-Don-t-let-pgprot_modify-change-the-page-encrypti.patch b/patches.suse/x86-Don-t-let-pgprot_modify-change-the-page-encrypti.patch new file mode 100644 index 0000000..ea7cd6c --- /dev/null +++ b/patches.suse/x86-Don-t-let-pgprot_modify-change-the-page-encrypti.patch @@ -0,0 +1,60 @@ +From: Thomas Hellstrom +Date: Wed, 4 Mar 2020 12:45:26 +0100 +Subject: x86: Don't let pgprot_modify() change the page encryption bit +Git-commit: 6db73f17c5f155dbcfd5e48e621c706270b84df0 +Patch-mainline: 5.7-rc1 +References: git-fixes + +When SEV or SME is enabled and active, vm_get_page_prot() typically +returns with the encryption bit set. This means that users of +pgprot_modify(, vm_get_page_prot()) (mprotect_fixup(), do_mmap()) end up +with a value of vma->vm_pg_prot that is not consistent with the intended +protection of the PTEs. + +This is also important for fault handlers that rely on the VMA +vm_page_prot to set the page protection. Fix this by not allowing +pgprot_modify() to change the encryption bit, similar to how it's done +for PAT bits. + +Signed-off-by: Thomas Hellstrom +Signed-off-by: Borislav Petkov +Reviewed-by: Dave Hansen +Acked-by: Tom Lendacky +Link: https://lkml.kernel.org/r/20200304114527.3636-2-thomas_os@shipmail.org +Signed-off-by: Jiri Slaby +--- + arch/x86/include/asm/pgtable.h | 7 +++++-- + arch/x86/include/asm/pgtable_types.h | 2 +- + 2 files changed, 6 insertions(+), 3 deletions(-) + +--- a/arch/x86/include/asm/pgtable.h ++++ b/arch/x86/include/asm/pgtable.h +@@ -586,12 +586,15 @@ static inline pmd_t pmd_modify(pmd_t pmd + return __pmd(val); + } + +-/* mprotect needs to preserve PAT bits when updating vm_page_prot */ ++/* ++ * mprotect needs to preserve PAT and encryption bits when updating ++ * vm_page_prot ++ */ + #define pgprot_modify pgprot_modify + static inline pgprot_t pgprot_modify(pgprot_t oldprot, pgprot_t newprot) + { + pgprotval_t preservebits = pgprot_val(oldprot) & _PAGE_CHG_MASK; +- pgprotval_t addbits = pgprot_val(newprot); ++ pgprotval_t addbits = pgprot_val(newprot) & ~_PAGE_CHG_MASK; + return __pgprot(preservebits | addbits); + } + +--- a/arch/x86/include/asm/pgtable_types.h ++++ b/arch/x86/include/asm/pgtable_types.h +@@ -136,7 +136,7 @@ + */ + #define _PAGE_CHG_MASK (PTE_PFN_MASK | _PAGE_PCD | _PAGE_PWT | \ + _PAGE_SPECIAL | _PAGE_ACCESSED | _PAGE_DIRTY | \ +- _PAGE_SOFT_DIRTY | _PAGE_DEVMAP) ++ _PAGE_SOFT_DIRTY | _PAGE_DEVMAP | _PAGE_ENC) + #define _HPAGE_CHG_MASK (_PAGE_CHG_MASK | _PAGE_PSE) + + /* diff --git a/patches.suse/x86-Use-return-thunk-in-asm-code.patch b/patches.suse/x86-Use-return-thunk-in-asm-code.patch index 5ea454b..d648d53 100644 --- a/patches.suse/x86-Use-return-thunk-in-asm-code.patch +++ b/patches.suse/x86-Use-return-thunk-in-asm-code.patch @@ -33,12 +33,23 @@ Signed-off-by: Borislav Petkov arch/x86/lib/memmove_64.S | 7 ++++++- 5 files changed, 17 insertions(+), 2 deletions(-) +--- a/arch/x86/Makefile ++++ b/arch/x86/Makefile +@@ -21,7 +21,7 @@ CODE16GCC_CFLAGS := -m32 -Wa,$(srctree)/ + M16_CFLAGS := $(call cc-option, -m16, $(CODE16GCC_CFLAGS)) + + REALMODE_CFLAGS := $(M16_CFLAGS) -g -Os -D__KERNEL__ \ +- -DDISABLE_BRANCH_PROFILING \ ++ -DDISABLE_BRANCH_PROFILING -D__DISABLE_EXPORTS \ + -Wall -Wstrict-prototypes -march=i386 -mregparm=3 \ + -fno-strict-aliasing -fomit-frame-pointer -fno-pic \ + -mno-mmx -mno-sse \ --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile -@@ -34,6 +34,7 @@ KBUILD_CFLAGS += $(cflags-y) - KBUILD_CFLAGS += -mno-mmx -mno-sse - KBUILD_CFLAGS += $(call cc-option,-ffreestanding) +@@ -36,6 +36,7 @@ KBUILD_CFLAGS += $(call cc-option,-ffree KBUILD_CFLAGS += $(call cc-option,-fno-stack-protector) + # Disable relocation relaxation in case the link is not PIE. + KBUILD_CFLAGS += $(call as-option,-Wa$(comma)-mrelax-relocations=no) +KBUILD_CFLAGS += -D__DISABLE_EXPORTS KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__ @@ -106,14 +117,3 @@ Signed-off-by: Borislav Petkov ENDPROC(__memmove) ENDPROC(memmove) EXPORT_SYMBOL(__memmove) ---- a/arch/x86/Makefile -+++ b/arch/x86/Makefile -@@ -21,7 +21,7 @@ CODE16GCC_CFLAGS := -m32 -Wa,$(srctree)/ - M16_CFLAGS := $(call cc-option, -m16, $(CODE16GCC_CFLAGS)) - - REALMODE_CFLAGS := $(M16_CFLAGS) -g -Os -D__KERNEL__ \ -- -DDISABLE_BRANCH_PROFILING \ -+ -DDISABLE_BRANCH_PROFILING -D__DISABLE_EXPORTS \ - -Wall -Wstrict-prototypes -march=i386 -mregparm=3 \ - -fno-strict-aliasing -fomit-frame-pointer -fno-pic \ - -mno-mmx -mno-sse \ diff --git a/patches.suse/x86-boot-compressed-Disable-relocation-relaxation.patch b/patches.suse/x86-boot-compressed-Disable-relocation-relaxation.patch new file mode 100644 index 0000000..d86f141 --- /dev/null +++ b/patches.suse/x86-boot-compressed-Disable-relocation-relaxation.patch @@ -0,0 +1,86 @@ +From: Arvind Sankar +Date: Tue, 11 Aug 2020 20:43:08 -0400 +Subject: x86/boot/compressed: Disable relocation relaxation +Git-commit: 09e43968db40c33a73e9ddbfd937f46d5c334924 +Patch-mainline: 5.9-rc6 +References: git-fixes + +The x86-64 psABI [0] specifies special relocation types +(R_X86_64_[REX_]GOTPCRELX) for indirection through the Global Offset +Table, semantically equivalent to R_X86_64_GOTPCREL, which the linker +can take advantage of for optimization (relaxation) at link time. This +is supported by LLD and binutils versions 2.26 onwards. + +The compressed kernel is position-independent code, however, when using +LLD or binutils versions before 2.27, it must be linked without the -pie +option. In this case, the linker may optimize certain instructions into +a non-position-independent form, by converting foo@GOTPCREL(%rip) to $foo. + +This potential issue has been present with LLD and binutils-2.26 for a +long time, but it has never manifested itself before now: + +- LLD and binutils-2.26 only relax + movq foo@GOTPCREL(%rip), %reg + to + leaq foo(%rip), %reg + which is still position-independent, rather than + mov $foo, %reg + which is permitted by the psABI when -pie is not enabled. + +- GCC happens to only generate GOTPCREL relocations on mov instructions. + +- CLang does generate GOTPCREL relocations on non-mov instructions, but + when building the compressed kernel, it uses its integrated assembler + (due to the redefinition of KBUILD_CFLAGS dropping -no-integrated-as), + which has so far defaulted to not generating the GOTPCRELX + relocations. + +Nick Desaulniers reports [1,2]: + + "A recent change [3] to a default value of configuration variable + (ENABLE_X86_RELAX_RELOCATIONS OFF -> ON) in LLVM now causes Clang's + integrated assembler to emit R_X86_64_GOTPCRELX/R_X86_64_REX_GOTPCRELX + relocations. LLD will relax instructions with these relocations based + on whether the image is being linked as position independent or not. + When not, then LLD will relax these instructions to use absolute + addressing mode (R_RELAX_GOT_PC_NOPIC). This causes kernels built with + Clang and linked with LLD to fail to boot." + +Patch series [4] is a solution to allow the compressed kernel to be +linked with -pie unconditionally, but even if merged is unlikely to be +backported. As a simple solution that can be applied to stable as well, +prevent the assembler from generating the relaxed relocation types using +the -mrelax-relocations=no option. For ease of backporting, do this +unconditionally. + +[0] https://gitlab.com/x86-psABIs/x86-64-ABI/-/blob/master/x86-64-ABI/linker-optimization.tex#L65 +[1] https://lore.kernel.org/lkml/20200807194100.3570838-1-ndesaulniers@google.com/ +[2] https://github.com/ClangBuiltLinux/linux/issues/1121 +[3] https://reviews.llvm.org/rGc41a18cf61790fc898dcda1055c3efbf442c14c0 +[4] https://lore.kernel.org/lkml/20200731202738.2577854-1-nivedita@alum.mit.edu/ + +Reported-by: Nick Desaulniers +Signed-off-by: Arvind Sankar +Signed-off-by: Ingo Molnar +Tested-by: Nick Desaulniers +Tested-by: Sedat Dilek +Acked-by: Ard Biesheuvel +Reviewed-by: Nick Desaulniers +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20200812004308.1448603-1-nivedita@alum.mit.edu +Signed-off-by: Jiri Slaby +--- + arch/x86/boot/compressed/Makefile | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/arch/x86/boot/compressed/Makefile ++++ b/arch/x86/boot/compressed/Makefile +@@ -34,6 +34,8 @@ KBUILD_CFLAGS += $(cflags-y) + KBUILD_CFLAGS += -mno-mmx -mno-sse + KBUILD_CFLAGS += $(call cc-option,-ffreestanding) + KBUILD_CFLAGS += $(call cc-option,-fno-stack-protector) ++# Disable relocation relaxation in case the link is not PIE. ++KBUILD_CFLAGS += $(call as-option,-Wa$(comma)-mrelax-relocations=no) + + KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__ + GCOV_PROFILE := n diff --git a/patches.suse/x86-mm-Stop-printing-BRK-addresses.patch b/patches.suse/x86-mm-Stop-printing-BRK-addresses.patch new file mode 100644 index 0000000..0d1a281 --- /dev/null +++ b/patches.suse/x86-mm-Stop-printing-BRK-addresses.patch @@ -0,0 +1,35 @@ +From: Arvind Sankar +Date: Sat, 29 Feb 2020 18:11:20 -0500 +Subject: x86/mm: Stop printing BRK addresses +Git-commit: 67d631b7c05eff955ccff4139327f0f92a5117e5 +Patch-mainline: 5.8-rc1 +References: git-fixes + +This currently leaks kernel physical addresses into userspace. + +Signed-off-by: Arvind Sankar +Signed-off-by: Borislav Petkov +Acked-by: Kees Cook +Acked-by: Dave Hansen +Link: https://lkml.kernel.org/r/20200229231120.1147527-1-nivedita@alum.mit.edu +Signed-off-by: Jiri Slaby +--- + arch/x86/mm/init.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c +index 1bba16c5..a573a3e6 100644 +--- a/arch/x86/mm/init.c ++++ b/arch/x86/mm/init.c +@@ -121,8 +121,6 @@ __ref void *alloc_low_pages(unsigned int num) + } else { + pfn = pgt_buf_end; + pgt_buf_end += num; +- printk(KERN_DEBUG "BRK [%#010lx, %#010lx] PGTABLE\n", +- pfn << PAGE_SHIFT, (pgt_buf_end << PAGE_SHIFT) - 1); + } + + for (i = 0; i < num; i++) { +-- +2.35.3 + diff --git a/patches.suse/x86-pkeys-Add-check-for-pkey-overflow.patch b/patches.suse/x86-pkeys-Add-check-for-pkey-overflow.patch new file mode 100644 index 0000000..ee22177 --- /dev/null +++ b/patches.suse/x86-pkeys-Add-check-for-pkey-overflow.patch @@ -0,0 +1,71 @@ +From: Dave Hansen +Date: Wed, 22 Jan 2020 08:53:46 -0800 +Subject: x86/pkeys: Add check for pkey "overflow" +Git-commit: 16171bffc829272d5e6014bad48f680cb50943d9 +Patch-mainline: 5.7-rc1 +References: git-fixes + +Alex Shi reported the pkey macros above arch_set_user_pkey_access() +to be unused. They are unused, and even refer to a nonexistent +CONFIG option. + +But, they might have served a good use, which was to ensure that +the code does not try to set values that would not fit in the +PKRU register. As it stands, a too-large 'pkey' value would +be likely to silently overflow the u32 new_pkru_bits. + +Add a check to look for overflows. Also add a comment to remind +any future developer to closely examine the types used to store +pkey values if arch_max_pkey() ever changes. + +This boots and passes the x86 pkey selftests. + +Reported-by: Alex Shi +Signed-off-by: Dave Hansen +Signed-off-by: Borislav Petkov +Link: https://lkml.kernel.org/r/20200122165346.AD4DA150@viggo.jf.intel.com +Signed-off-by: Jiri Slaby +--- + arch/x86/include/asm/pkeys.h | 5 +++++ + arch/x86/kernel/fpu/xstate.c | 9 +++++++-- + 2 files changed, 12 insertions(+), 2 deletions(-) + +--- a/arch/x86/include/asm/pkeys.h ++++ b/arch/x86/include/asm/pkeys.h +@@ -3,6 +3,11 @@ + + #define ARCH_DEFAULT_PKEY 0 + ++/* ++ * If more than 16 keys are ever supported, a thorough audit ++ * will be necessary to ensure that the types that store key ++ * numbers and masks have sufficient capacity. ++ */ + #define arch_max_pkey() (boot_cpu_has(X86_FEATURE_OSPKE) ? 16 : 1) + + extern int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, +--- a/arch/x86/kernel/fpu/xstate.c ++++ b/arch/x86/kernel/fpu/xstate.c +@@ -885,8 +885,6 @@ const void *get_xsave_field_ptr(int xsav + + #ifdef CONFIG_ARCH_HAS_PKEYS + +-#define NR_VALID_PKRU_BITS (CONFIG_NR_PROTECTION_KEYS * 2) +-#define PKRU_VALID_MASK (NR_VALID_PKRU_BITS - 1) + /* + * This will go out and modify PKRU register to set the access + * rights for @pkey to @init_val. +@@ -905,6 +903,13 @@ int arch_set_user_pkey_access(struct tas + if (!boot_cpu_has(X86_FEATURE_OSPKE)) + return -EINVAL; + ++ /* ++ * This code should only be called with valid 'pkey' ++ * values originating from in-kernel users. Complain ++ * if a bad value is observed. ++ */ ++ WARN_ON_ONCE(pkey >= arch_max_pkey()); ++ + /* Set the bits we need in PKRU: */ + if (init_val & PKEY_DISABLE_ACCESS) + new_pkru_bits |= PKRU_AD_BIT; diff --git a/patches.suse/x86-speculation-mds-Mark-mds_user_clear_cpu_buffers-.patch b/patches.suse/x86-speculation-mds-Mark-mds_user_clear_cpu_buffers-.patch new file mode 100644 index 0000000..d3c3f62 --- /dev/null +++ b/patches.suse/x86-speculation-mds-Mark-mds_user_clear_cpu_buffers-.patch @@ -0,0 +1,46 @@ +From: Thomas Gleixner +Date: Wed, 4 Mar 2020 12:49:18 +0100 +Subject: x86/speculation/mds: Mark mds_user_clear_cpu_buffers() + __always_inline +Git-commit: a7ef9ba986b5fae9d80f8a7b31db0423687efe4e +Patch-mainline: 5.8-rc1 +References: git-fixes + +Prevent the compiler from uninlining and creating traceable/probable +functions as this is invoked _after_ context tracking switched to +CONTEXT_USER and rcu idle. + +Signed-off-by: Thomas Gleixner +Reviewed-by: Alexandre Chartre +Acked-by: Peter Zijlstra +Link: https://lkml.kernel.org/r/20200505134340.902709267@linutronix.de +Signed-off-by: Jiri Slaby +--- + arch/x86/include/asm/nospec-branch.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h +index d52d1aac..e7752b40 100644 +--- a/arch/x86/include/asm/nospec-branch.h ++++ b/arch/x86/include/asm/nospec-branch.h +@@ -262,7 +262,7 @@ DECLARE_STATIC_KEY_FALSE(mds_idle_clear); + * combination with microcode which triggers a CPU buffer flush when the + * instruction is executed. + */ +-static inline void mds_clear_cpu_buffers(void) ++static __always_inline void mds_clear_cpu_buffers(void) + { + static const u16 ds = __KERNEL_DS; + +@@ -283,7 +283,7 @@ static inline void mds_clear_cpu_buffers(void) + * + * Clear CPU buffers if the corresponding static key is enabled + */ +-static inline void mds_user_clear_cpu_buffers(void) ++static __always_inline void mds_user_clear_cpu_buffers(void) + { + if (static_branch_likely(&mds_user_clear)) + mds_clear_cpu_buffers(); +-- +2.35.3 + diff --git a/patches.suse/x86_64-Fix-jiffies-ODR-violation.patch b/patches.suse/x86_64-Fix-jiffies-ODR-violation.patch new file mode 100644 index 0000000..5d3ed48 --- /dev/null +++ b/patches.suse/x86_64-Fix-jiffies-ODR-violation.patch @@ -0,0 +1,129 @@ +From: Bob Haarman +Date: Tue, 2 Jun 2020 12:30:59 -0700 +Subject: x86_64: Fix jiffies ODR violation +Git-commit: d8ad6d39c35d2b44b3d48b787df7f3359381dcbf +Patch-mainline: 5.8-rc1 +References: git-fixes + +'jiffies' and 'jiffies_64' are meant to alias (two different symbols that +share the same address). Most architectures make the symbols alias to the +same address via a linker script assignment in their +arch//kernel/vmlinux.lds.S: + +jiffies = jiffies_64; + +which is effectively a definition of jiffies. + +jiffies and jiffies_64 are both forward declared for all architectures in +include/linux/jiffies.h. jiffies_64 is defined in kernel/time/timer.c. + +x86_64 was peculiar in that it wasn't doing the above linker script +assignment, but rather was: +1. defining jiffies in arch/x86/kernel/time.c instead via the linker script. +2. overriding the symbol jiffies_64 from kernel/time/timer.c in +arch/x86/kernel/vmlinux.lds.s via 'jiffies_64 = jiffies;'. + +As Fangrui notes: + + In LLD, symbol assignments in linker scripts override definitions in + object files. GNU ld appears to have the same behavior. It would + probably make sense for LLD to error "duplicate symbol" but GNU ld + is unlikely to adopt for compatibility reasons. + +This results in an ODR violation (UB), which seems to have survived +thus far. Where it becomes harmful is when; + +1. -fno-semantic-interposition is used: + +As Fangrui notes: + + Clang after LLVM commit 5b22bcc2b70d + ("[X86][ELF] Prefer to lower MC_GlobalAddress operands to .Lfoo$local") + defaults to -fno-semantic-interposition similar semantics which help + -fpic/-fPIC code avoid GOT/PLT when the referenced symbol is defined + within the same translation unit. Unlike GCC + -fno-semantic-interposition, Clang emits such relocations referencing + local symbols for non-pic code as well. + +This causes references to jiffies to refer to '.Ljiffies$local' when +jiffies is defined in the same translation unit. Likewise, references to +jiffies_64 become references to '.Ljiffies_64$local' in translation units +that define jiffies_64. Because these differ from the names used in the +linker script, they will not be rewritten to alias one another. + +2. Full LTO + +Full LTO effectively treats all source files as one translation +unit, causing these local references to be produced everywhere. When +the linker processes the linker script, there are no longer any +references to jiffies_64' anywhere to replace with 'jiffies'. And +thus '.Ljiffies$local' and '.Ljiffies_64$local' no longer alias +at all. + +In the process of porting patches enabling Full LTO from arm64 to x86_64, +spooky bugs have been observed where the kernel appeared to boot, but init +doesn't get scheduled. + +Avoid the ODR violation by matching other architectures and define jiffies +only by linker script. For -fno-semantic-interposition + Full LTO, there +is no longer a global definition of jiffies for the compiler to produce a +local symbol which the linker script won't ensure aliases to jiffies_64. + +Fixes: 40747ffa5aa8 ("asmlinkage: Make jiffies visible") +Reported-by: Nathan Chancellor +Reported-by: Alistair Delva +Debugged-by: Nick Desaulniers +Debugged-by: Sami Tolvanen +Suggested-by: Fangrui Song +Signed-off-by: Bob Haarman +Signed-off-by: Thomas Gleixner +Tested-by: Sedat Dilek # build+boot on +Reviewed-by: Andi Kleen +Reviewed-by: Josh Poimboeuf +Cc: stable@vger.kernel.org +Link: https://github.com/ClangBuiltLinux/linux/issues/852 +Link: https://lkml.kernel.org/r/20200602193100.229287-1-inglorion@google.com +Signed-off-by: Jiri Slaby +--- + arch/x86/kernel/time.c | 4 ---- + arch/x86/kernel/vmlinux.lds.S | 4 ++-- + 2 files changed, 2 insertions(+), 6 deletions(-) + +diff --git a/arch/x86/kernel/time.c b/arch/x86/kernel/time.c +index 106e7f87..f3957298 100644 +--- a/arch/x86/kernel/time.c ++++ b/arch/x86/kernel/time.c +@@ -25,10 +25,6 @@ + #include + #include + +-#ifdef CONFIG_X86_64 +-__visible volatile unsigned long jiffies __cacheline_aligned_in_smp = INITIAL_JIFFIES; +-#endif +- + unsigned long profile_pc(struct pt_regs *regs) + { + unsigned long pc = instruction_pointer(regs); +diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S +index 1bf7e312..7c35556c 100644 +--- a/arch/x86/kernel/vmlinux.lds.S ++++ b/arch/x86/kernel/vmlinux.lds.S +@@ -40,13 +40,13 @@ OUTPUT_FORMAT(CONFIG_OUTPUT_FORMAT) + #ifdef CONFIG_X86_32 + OUTPUT_ARCH(i386) + ENTRY(phys_startup_32) +-jiffies = jiffies_64; + #else + OUTPUT_ARCH(i386:x86-64) + ENTRY(phys_startup_64) +-jiffies_64 = jiffies; + #endif + ++jiffies = jiffies_64; ++ + #if defined(CONFIG_X86_64) + /* + * On 64-bit, align RODATA to 2MB so we retain large page mappings for +-- +2.35.3 + diff --git a/series.conf b/series.conf index c40ba80..7db3dc7 100644 --- a/series.conf +++ b/series.conf @@ -35896,6 +35896,7 @@ patches.suse/vxlan-make-netlink-notify-in-vxlan_fdb_destroy-optio.patch patches.suse/vxlan-fix-default-fdb-entry-netlink-notify-ordering-.patch patches.suse/nfp-flower-ensure-dead-neighbour-entries-are-not-off.patch + patches.suse/net-prevent-ISA-drivers-from-building-on-PPC32.patch patches.suse/can-peak_canfd-fix-firmware-v3.3.0-limit-allocation- patches.suse/can-m_can.c-fix-setup-of-CCCR-register-clear-CCCR-NI patches.suse/can-mpc5xxx_can-check-of_iomap-return-before-use @@ -35921,6 +35922,7 @@ patches.suse/bnx2x-Fix-invalid-memory-access-in-rss-hash-config-p.patch patches.suse/ip-in-cmsg-IP-V6-_ORIGDSTADDR-call-pskb_may_pull.patch patches.suse/qmi_wwan-fix-interface-number-for-DW5821e-production + patches.suse/net-axienet-Fix-double-deregister-of-mdio.patch patches.suse/0001-fscache-Allow-cancelled-operations-to-be-enqueued.patch patches.suse/0002-cachefiles-Fix-refcounting-bug-in-backing-file-read-.patch patches.suse/0003-fscache-Fix-reference-overput-in-fscache_attach_obje.patch @@ -36067,6 +36069,7 @@ patches.suse/kvm-vmx-use-local-variable-for-current_vmptr-when-emulating-vmptrst patches.suse/kvm-x86-vmx-fix-vpid-leak patches.suse/0084-Partially-revert-block-fail-op_is_write-requests-to-.patch + patches.suse/drivers-net-lmc-fix-case-value-for-target-abort-erro.patch patches.suse/mlxsw-core_acl_flex_actions-Return-error-for-conflic.patch patches.suse/mlxsw-core_acl_flex_actions-Remove-redundant-resourc.patch patches.suse/mlxsw-core_acl_flex_actions-Remove-redundant-counter.patch @@ -55741,6 +55744,8 @@ patches.suse/fbdev-g364fb-Fix-build-failure.patch patches.suse/firmware-arm_sdei-fix-double-lock-on-hibernate-with-.patch patches.suse/firmware-arm_sdei-fix-possible-double-lock-on-hibern.patch + patches.suse/x86-pkeys-Add-check-for-pkey-overflow.patch + patches.suse/x86-Don-t-let-pgprot_modify-change-the-page-encrypti.patch patches.suse/btrfs-use-btrfs_ordered_update_i_size-in-clone_finish_inode_update.patch patches.suse/btrfs-introduce-per-inode-file-extent-tree.patch patches.suse/btrfs-use-the-file-extent-tree-infrastructure.patch @@ -56269,6 +56274,7 @@ patches.suse/net-systemport-suppress-warnings-on-failed-Rx-SKB-al.patch patches.suse/cpumap-Avoid-warning-when-CONFIG_DEBUG_PER_CPU_MAPS-.patch patches.suse/bpf-Forbid-XADD-on-spilled-pointers-for-unprivileged.patch + patches.suse/bpf-x86-Fix-encoding-for-lower-8-bit-registers-in-BP.patch patches.suse/powerpc-setup_64-Set-cache-line-size-based-on-cache-.patch patches.suse/s390-ftrace-fix-potential-crashes-when-switching-tracers patches.suse/s390-pci-do-not-set-affinity-for-floating-irqs @@ -56566,6 +56572,7 @@ patches.suse/x86-speculation-change-fill_return_buffer-to-work-with-objtool.patch patches.suse/objtool-Allow-no-op-CFI-ops-in-alternatives.patch patches.suse/efi-efivars-Add-missing-kobject_put-in-sysfs-entry-c.patch + patches.suse/x86-mm-Stop-printing-BRK-addresses.patch patches.suse/x86-cpu-add-a-steppings-field-to-struct-x86_cpu_id.patch patches.suse/x86-cpu-amd-make-erratum-1054-a-legacy-erratum.patch patches.suse/arm64-cpufeature-Drop-TraceFilt-feature-exposure-from-ID_DFR0-register.patch @@ -56969,6 +56976,7 @@ patches.suse/x86-speculation-avoid-force-disabling-ibpb-based-on-stibp-and-enhanced-ibrs.patch patches.suse/x86-speculation-prevent-rogue-cross-process-ssbd-shutdown.patch patches.suse/x86-speculation-pr_spec_force_disable-enforcement-for-indirect-branches.patch + patches.suse/x86_64-Fix-jiffies-ODR-violation.patch patches.suse/0049-block-bio-integrity-don-t-free-buf-if-bio_integrity_add_page-failed.patch patches.suse/block-nr_sects_write-Disable-preemption-on-seqcount-.patch patches.suse/0050-blktrace-use-errno-instead-of-bi_status.patch @@ -56977,6 +56985,7 @@ patches.suse/amdgpu-a-null-mm-does-not-mean-a-thread-is-a-kthread patches.suse/kvm-x86-fix-apic-page-invalidation-race patches.suse/kvm-i8254-remove-redundant-assignment-to-pointer-s.patch + patches.suse/x86-speculation-mds-Mark-mds_user_clear_cpu_buffers-.patch patches.suse/x86_mce_mm-Unmap_the_entire_page_if_the_whole_page_is_affected_and_poisoned.patch patches.suse/i2c-piix4-Detect-secondary-SMBus-controller-on-AMD-A.patch patches.suse/i2c-pxa-fix-i2c_pxa_scream_blue_murder-debug-output.patch @@ -57012,6 +57021,7 @@ patches.suse/0053-blktrace-break-out-of-blktrace-setup-on-concurrent-calls.patch patches.suse/loop-replace-kill_bdev-with-invalidate_bdev.patch patches.suse/s390-fix-syscall_get_error-for-compat-processes + patches.suse/kretprobe-Prevent-triggering-kretprobe-from-within-k.patch patches.suse/0004-drm-encoder_slave-fix-refcouting-error-for-modules.patch patches.suse/crypto-algif_skcipher-Cap-recv-SG-list-at-ctx-used.patch patches.suse/crypto-algboss-don-t-wait-during-notifier-callback.patch @@ -58076,6 +58086,7 @@ patches.suse/USB-UAS-fix-disconnect-by-unplugging-a-hub.patch patches.suse/USB-quirks-Add-USB_QUIRK_IGNORE_REMOTE_WAKEUP-quirk-.patch patches.suse/usblp-fix-race-between-disconnect-and-read.patch + patches.suse/x86-boot-compressed-Disable-relocation-relaxation.patch patches.suse/locking-percpu-rwsem-Use-this_cpu_-inc-dec-for-read_.patch patches.suse/ftrace-Free-the-trampoline-when-ftrace_startup-fails.patch patches.suse/s390-dasd-fix-zero-write-for-fba-devices @@ -61737,6 +61748,7 @@ patches.suse/gve-DQO-avoid-unused-variable-warnings.patch patches.suse/gve-Use-kvcalloc-instead-of-kvzalloc.patch patches.suse/Bluetooth-sco-Fix-lock_sock-blockage-by-memcpy_from_.patch + patches.suse/ath10k-Fix-missing-frame-timestamp-for-beacon-probe-.patch patches.suse/msft-hv-2449-net-mana-Use-kcalloc-instead-of-kzalloc.patch patches.suse/msft-hv-2451-hv_netvsc-use-netif_is_bond_master-instead-of-open-c.patch patches.suse/gve-Switch-to-use-napi_complete_done.patch @@ -63017,6 +63029,7 @@ patches.suse/scsi-qla2xxx-Fix-serialization-of-DCBX-TLV-data-requ.patch patches.suse/scsi-qla2xxx-Use-transport-defined-speed-mask-for-su.patch patches.suse/usb-dwc3-gadget-Stop-processing-more-requests-on-IMI.patch + patches.suse/usb-dwc3-gadget-Don-t-set-IMI-for-no_interrupt.patch patches.suse/NFSv4.1-Handle-RECLAIM_COMPLETE-trunking-errors.patch patches.suse/NFSv4.1-We-must-always-send-RECLAIM_COMPLETE-after-a.patch patches.suse/NFSv4.2-Fixup-CLONE-dest-file-size-for-zero-length-c.patch @@ -63110,6 +63123,8 @@ patches.suse/PCI-sysfs-Fix-double-free-in-error-path.patch patches.suse/crypto-arm64-Fix-unused-variable-compilation-warnings-of-cpu_feature.patch patches.suse/tracing-Fix-infinite-loop-in-tracing_read_pipe-on-overflowed-print_trace_line.patch + patches.suse/usb-typec-Check-for-ops-exit-instead-of-ops-enter-in.patch + patches.suse/usb-storage-Add-check-for-kcalloc.patch patches.suse/x86-mm-Randomize-per-cpu-entry-area.patch patches.suse/powerpc-xive-add-missing-iounmap-in-error-path-in-xi.patch patches.suse/powerpc-perf-callchain-validate-kernel-stack-pointer.patch @@ -63150,6 +63165,7 @@ patches.suse/net-mpls-fix-stale-pointer-if-allocation-fails-durin.patch patches.suse/kvm-initialize-all-of-the-kvm_debugregs-structure-be.patch patches.suse/block-bio-integrity-Copy-flags-when-bio_integrity_pa.patch + patches.suse/powercap-fix-possible-name-leak-in-powercap_register.patch patches.suse/arm64-cpufeature-Fix-field-sign-for-DIT-hwcap-detection.patch patches.suse/net-add-sock_init_data_uid.patch patches.suse/tun-tun_chr_open-correctly-initialize-socket-uid.patch @@ -63190,6 +63206,7 @@ patches.suse/powerpc-rtas-ensure-4KB-alignment-for-rtas_data_buf.patch patches.suse/media-platform-ti-Add-missing-check-for-devm_regulat.patch patches.suse/media-rc-Fix-use-after-free-bugs-caused-by-ene_tx_ir.patch + patches.suse/watchdog-pcwd_usb-Fix-attempting-to-access-uninitial.patch patches.suse/x86-speculation-Allow-enabling-STIBP-with-legacy-IBR.patch patches.suse/net-usb-qmi_wwan-add-Telit-0x1080-composition.patch patches.suse/SUNRPC-Fix-a-server-shutdown-leak.patch