March 2023 - openSUSE Commits - openSUSE Mailing Lists

commit tar for openSUSE:Factory
by Source-Sync 02 Mar '23

02 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tar for openSUSE:Factory checked in at 2023-03-02 23:01:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tar (Old) and /work/SRC/openSUSE:Factory/.tar.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "tar" Thu Mar 2 23:01:48 2023 rev:80 rq:1068196 version:1.34 Changes: -------- --- /work/SRC/openSUSE:Factory/tar/tar.changes 2023-01-07 17:15:46.544746126 +0100 +++ /work/SRC/openSUSE:Factory/.tar.new.31432/tar.changes 2023-03-02 23:01:52.154720545 +0100 @@ -1,0 +2,13 @@ +Tue Feb 14 11:07:40 UTC 2023 - Danilo Spinella <danilo.spinella(a)suse.com> + +- Fix CVE-2022-48303, tar has a one-byte out-of-bounds read that + results in use of uninitialized memory for a conditional jump + (CVE-2022-48303, bsc#1207753) + * fix-CVE-2022-48303.patch +- Fix hang when unpacking test tarball, bsc#1202436 + * bsc1202436.patch + * bsc1202436-1.patch + * bsc1202436-2.patch + * go-testsuite-test-hang.patch + +------------------------------------------------------------------- New: ---- bsc1202436-1.patch bsc1202436-2.patch bsc1202436.patch fix-CVE-2022-48303.patch go-testsuite-test-hang.patch pax-global-records.tar ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tar.spec ++++++ --- /var/tmp/diff_new_pack.sFp3mD/_old 2023-03-02 23:01:53.014724441 +0100 +++ /var/tmp/diff_new_pack.sFp3mD/_new 2023-03-02 23:01:53.022724477 +0100 @@ -1,7 +1,7 @@ # # spec file for package tar # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,6 +29,7 @@ Source1: https://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.xz.sig # http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x3602B07F55D0C732 Source2: %{name}.keyring +Source3: pax-global-records.tar Patch0: %{name}-wildcards.patch Patch1: %{name}-backup-spec-fix-paths.patch Patch2: paxutils-rtapelib_mtget.patch @@ -47,6 +48,16 @@ Patch9: tar-avoid-overflow-in-symlinks-tests.patch Patch10: bsc1200657.patch Patch11: tar-fix-extract-unlink.patch +# PATCH-FIX-SUSE danilo.spinella(a)suse.com bsc#1202436 +Patch12: go-testsuite-test-hang.patch +# PATCH-FIX-UPSTREAM danilo.spinella(a)suse.com bsc#1202436 +Patch13: bsc1202436.patch +Patch14: bsc1202436-1.patch +Patch15: bsc1202436-2.patch +# PATCH-FIX-UPSTREAM danilo.spinella(a)suse.com bsc#1207753 +# tar has a one-byte out-of-bounds read that results in use of +# uninitialized memory for a conditional jump +Patch16: fix-CVE-2022-48303.patch BuildRequires: automake >= 1.15 BuildRequires: libacl-devel BuildRequires: libselinux-devel @@ -109,6 +120,7 @@ %lang_package %prep +# TODO: Use autosetup %setup -q %patch0 -p1 %patch1 -p1 @@ -121,6 +133,12 @@ %patch9 -p1 %patch10 -p1 %patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +cp %{S:3} tests %build %define my_cflags -W -Wall -Wpointer-arith -Wstrict-prototypes -Wformat-security -Wno-unused-parameter -fPIE ++++++ bsc1202436-1.patch ++++++ From edf38d13a47becec81b2c3a2b74f54771e1cbee4 Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff <gray(a)gnu.org> Date: Sat, 11 Feb 2023 13:03:23 +0200 Subject: Prevent dead loop in extract_file * src/extract.c (maybe_recoverable): If make_directories indicates success, suppose some intermediate directories have been made, even if in fact they have not. That's necessary to avoid dead loops when maybe_recoverable is called with the same arguments again. --- src/extract.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/extract.c b/src/extract.c index 2d43947..aec5de6 100644 --- a/src/extract.c +++ b/src/extract.c @@ -682,7 +682,7 @@ fixup_delayed_set_stat (char const *src, char const *dst) directories were created, nonzero (issuing a diagnostic) otherwise. Set *INTERDIR_MADE if at least one directory was created. */ static int -make_directories (char *file_name, bool *interdir_made) +make_directories (char *file_name) { char *cursor0 = file_name + FILE_SYSTEM_PREFIX_LEN (file_name); char *cursor; /* points into the file name */ @@ -726,7 +726,6 @@ make_directories (char *file_name, bool *interdir_made) desired_mode, AT_SYMLINK_NOFOLLOW); print_for_mkdir (file_name, cursor - file_name, desired_mode); - *interdir_made = true; parent_end = NULL; } else @@ -882,8 +881,11 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made) case ENOENT: /* Attempt creating missing intermediate directories. */ - if (make_directories (file_name, interdir_made) == 0) - return RECOVER_OK; + if (make_directories (file_name) == 0) + { + *interdir_made = true; + return RECOVER_OK; + } break; default: @@ -1985,12 +1987,11 @@ rename_directory (char *src, char *dst) else { int e = errno; - bool interdir_made; switch (e) { case ENOENT: - if (make_directories (dst, &interdir_made) == 0) + if (make_directories (dst) == 0) { if (renameat (chdir_fd, src, chdir_fd, dst) == 0) return true; -- cgit v1.1 ++++++ bsc1202436-2.patch ++++++ From 5e8a915b16c5f06d2a16d98cdc2af666199caabb Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff <gray(a)gnu.org> Date: Sat, 11 Feb 2023 14:21:05 +0200 Subject: Changes in extended header decoder * src/xheader.c (decode_time): Fix error detection. (raw_path_decoder): Ignore empty paths. --- src/xheader.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/xheader.c b/src/xheader.c index 7ff216b..a195f3e 100644 --- a/src/xheader.c +++ b/src/xheader.c @@ -1059,6 +1059,12 @@ decode_time (struct timespec *ts, char const *arg, char const *keyword) keyword, arg)); return false; } + if (*arg_lim) + { + ERROR ((0, 0, _("Malformed extended header: invalid %s=%s"), + keyword, arg)); + return false; + } *ts = t; return true; @@ -1247,9 +1253,12 @@ path_coder (struct tar_stat_info const *st, char const *keyword, static void raw_path_decoder (struct tar_stat_info *st, char const *arg) { - decode_string (&st->orig_file_name, arg); - decode_string (&st->file_name, arg); - st->had_trailing_slash = strip_trailing_slashes (st->file_name); + if (*arg) + { + decode_string (&st->orig_file_name, arg); + decode_string (&st->file_name, arg); + st->had_trailing_slash = strip_trailing_slashes (st->file_name); + } } -- cgit v1.1 ++++++ bsc1202436.patch ++++++ diff --git a/src/extract.c b/src/extract.c index 37ab2956..b70b6c2f 100644 --- a/src/extract.c +++ b/src/extract.c @@ -854,6 +854,9 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made) case EEXIST: /* Remove an old file, if the options allow this. */ + if (strlen(file_name) == 1 && *file_name == '.') + return RECOVER_NO; + switch (old_files_option) { case SKIP_OLD_FILES: ++++++ fix-CVE-2022-48303.patch ++++++ From 1d530107a24d71e798727d7f0afa0833473d1074 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila(a)gmail.com> Date: Wed, 11 Jan 2023 08:55:58 +0100 Subject: [PATCH] Fix savannah bug #62387 * src/list.c (from_header): Check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value --- src/list.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/list.c b/src/list.c index 9fafc425..bf41b581 100644 --- a/src/list.c +++ b/src/list.c @@ -895,6 +895,12 @@ from_header (char const *where0, size_t digs, char const *type, << (CHAR_BIT * sizeof (uintmax_t) - LG_256 - (LG_256 - 2))); value = (*where++ & ((1 << (LG_256 - 2)) - 1)) - signbit; + if (where == lim) + { + if (type && !silent) + ERROR ((0, 0, _("Archive base-256 value is invalid"))); + return -1; + } for (;;) { value = (value << LG_256) + (unsigned char) *where++; -- 2.38.1 ++++++ go-testsuite-test-hang.patch ++++++ Index: tar-1.34/tests/testsuite.at =================================================================== --- tar-1.34.orig/tests/testsuite.at +++ tar-1.34/tests/testsuite.at @@ -204,6 +204,8 @@ m4_include([version.at]) m4_include([pipe.at]) +m4_include([go-testsuite-test-hang.at]) + AT_BANNER([Options]) m4_include([options.at]) m4_include([options02.at]) Index: tar-1.34/suse-test.at =================================================================== --- /dev/null +++ tar-1.34/tests/go-testsuite-test-hang.at @@ -0,0 +1,9 @@ +AT_SETUP([try extracting archive without hanging]) +AT_KEYWORDS([suse]) + +AT_TAR_CHECK([ +# This command will fail, just don't hang +tar xf ../../../pax-global-records.tar || exit 0 +]) + +AT_CLEANUP

1 0

commit elfutils for openSUSE:Factory
by Source-Sync 02 Mar '23

02 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package elfutils for openSUSE:Factory checked in at 2023-03-02 23:01:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/elfutils (Old) and /work/SRC/openSUSE:Factory/.elfutils.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "elfutils" Thu Mar 2 23:01:47 2023 rev:105 rq:1067346 version:0.188 Changes: -------- --- /work/SRC/openSUSE:Factory/elfutils/elfutils-debuginfod.changes 2023-02-19 18:18:39.993368410 +0100 +++ /work/SRC/openSUSE:Factory/.elfutils.new.31432/elfutils-debuginfod.changes 2023-03-02 23:01:50.666713805 +0100 @@ -1,0 +2,5 @@ +Thu Feb 23 09:29:20 UTC 2023 - Martin Li��ka <mliska(a)suse.cz> + +- Disable a false-positive -Werror=use-after-free warning. + +------------------------------------------------------------------- elfutils.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ elfutils-debuginfod.spec ++++++ --- /var/tmp/diff_new_pack.rSSkUZ/_old 2023-03-02 23:01:51.626718154 +0100 +++ /var/tmp/diff_new_pack.rSSkUZ/_new 2023-03-02 23:01:51.630718172 +0100 @@ -118,7 +118,7 @@ %build %sysusers_generate_pre %{SOURCE4} %{name} %{name}.conf -export CFLAGS="%optflags -Werror=date-time" +export CFLAGS="%optflags -Werror=date-time -Wno-use-after-free" CFLAGS+=" -g" # tests need debug info enabled (boo#1031556) %ifarch %sparc # Small PIC model not sufficient ++++++ elfutils.spec ++++++ --- /var/tmp/diff_new_pack.rSSkUZ/_old 2023-03-02 23:01:51.666718335 +0100 +++ /var/tmp/diff_new_pack.rSSkUZ/_new 2023-03-02 23:01:51.670718353 +0100 @@ -155,7 +155,7 @@ %build %global _lto_cflags %{_lto_cflags} -ffat-lto-objects -export CFLAGS="%optflags -Werror=date-time" +export CFLAGS="%optflags -Werror=date-time -Wno-use-after-free" CFLAGS+=" -g" # tests need debug info enabled (boo#1031556) %ifarch %sparc # Small PIC model not sufficient

1 0

commit binutils for openSUSE:Factory
by Source-Sync 02 Mar '23

02 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package binutils for openSUSE:Factory checked in at 2023-03-02 23:01:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/binutils (Old) and /work/SRC/openSUSE:Factory/.binutils.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "binutils" Thu Mar 2 23:01:45 2023 rev:163 rq:1067336 version:2.40 Changes: -------- --- /work/SRC/openSUSE:Factory/binutils/binutils.changes 2023-02-21 15:35:27.604086325 +0100 +++ /work/SRC/openSUSE:Factory/.binutils.new.31432/binutils.changes 2023-03-02 23:01:48.794705326 +0100 @@ -1,0 +2,11 @@ +Thu Feb 23 09:11:50 UTC 2023 - Martin Li��ka <mliska(a)suse.cz> + +- Disable ZSTD debug section compress by default. + +------------------------------------------------------------------- +Tue Feb 21 15:32:02 UTC 2023 - Martin Li��ka <mliska(a)suse.cz> + +- Enable zstd compression algorithm (instead of zlib) + for debug info sections by default. + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ binutils.spec ++++++ --- /var/tmp/diff_new_pack.LBpLLP/_old 2023-03-02 23:01:50.166711540 +0100 +++ /var/tmp/diff_new_pack.LBpLLP/_new 2023-03-02 23:01:50.174711577 +0100 @@ -61,6 +61,9 @@ %else BuildRequires: zlib-devel %endif +%if %{suse_version} > 1500 +BuildRequires: libzstd-devel +%endif Version: 2.40 Release: 0 @@ -385,6 +388,11 @@ --enable-warn-execstack=yes \ --enable-warn-rwx-segments=yes +#FIXME: enable in the future +#%if %{suse_version} > 1550 +# --enable-default-compressed-debug-sections-algorithm=zstd \ +#%endif + # we patch headers (bfd-in.h) that are input to other headers # which are generated only with --enable-maintainer-mode (which we # don't do) or explicitely by make headers, so do this:

1 0

commit kernel-source for openSUSE:Factory
by Source-Sync 02 Mar '23

02 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2023-03-02 23:01:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "kernel-source" Thu Mar 2 23:01:38 2023 rev:680 rq:1068171 version:6.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes 2023-02-28 12:47:45.924138692 +0100 +++ /work/SRC/openSUSE:Factory/.kernel-source.new.31432/dtb-aarch64.changes 2023-03-02 23:01:40.130666081 +0100 @@ -1,0 +2,86 @@ +Mon Feb 27 12:39:20 CET 2023 - jslaby(a)suse.cz + +- Linux 6.2.1 (bsc#1012628). +- bpf: add missing header file include (bsc#1012628). +- randstruct: disable Clang 15 support (bsc#1012628). +- ext4: Fix function prototype mismatch for ext4_feat_ktype + (bsc#1012628). +- platform/x86: nvidia-wmi-ec-backlight: Add force module + parameter (bsc#1012628). +- platform/x86/amd/pmf: Add depends on CONFIG_POWER_SUPPLY + (bsc#1012628). +- audit: update the mailing list in MAINTAINERS (bsc#1012628). +- wifi: mwifiex: Add missing compatible string for SD8787 + (bsc#1012628). +- HID: mcp-2221: prevent UAF in delayed work (bsc#1012628). +- x86/static_call: Add support for Jcc tail-calls (bsc#1012628). +- x86/alternatives: Teach text_poke_bp() to patch Jcc.d32 + instructions (bsc#1012628). +- x86/alternatives: Introduce int3_emulate_jcc() (bsc#1012628). +- uaccess: Add speculation barrier to copy_from_user() + (bsc#1012628). +- commit 15796ef + +------------------------------------------------------------------- +Fri Feb 24 15:32:06 CET 2023 - msuchanek(a)suse.de + +- Disable PS3 support + The PS3 hardware cannot be used with up-to-date firmware. +- commit 484fa63 + +------------------------------------------------------------------- +Fri Feb 24 14:53:02 CET 2023 - tzimmermann(a)suse.com + +- uvesafb: Disable fbdev driver (boo#1208662) + A VESA-based driver. Dropped in favor of generic DRM drivers. +- commit f0d0f1a + +------------------------------------------------------------------- +Fri Feb 24 14:39:16 CET 2023 - tzimmermann(a)suse.com + +- ocfb: Disable fbdev driver (boo#1208660) + The OpenCores fbdev driver is for an old homebrew chip design. Probably + unused. +- commit 00dd263 + +------------------------------------------------------------------- +Fri Feb 24 14:10:24 CET 2023 - tzimmermann(a)suse.com + +- udlfb: Disable fbdev driver (boo#1208658) + We've long shipped the DRM-based udl driver, which handles the same + devices. +- commit 8a53173 + +------------------------------------------------------------------- +Fri Feb 24 13:16:18 CET 2023 - tzimmermann(a)suse.com + +- ssd1307fb: Replace with ssd130x (boo#1208656) + Replace fbdev's ssd1307fb driver with the new DRM-based driver + ssd130x. Adds support for SPI and Wayland-based userspace. +- commit 1fe1b4c + +------------------------------------------------------------------- +Fri Feb 24 10:30:43 CET 2023 - tzimmermann(a)suse.com + +- vfb: Disable fbdev driver (boo#1208646) + The vfb fbdev driver is backed by system memory and only relevant for + testing. Disable it. There is DRM's vkms, if a software-only driver is + required. +- commit b1c9331 + +------------------------------------------------------------------- +Fri Feb 24 09:43:37 CET 2023 - tzimmermann(a)suse.com + +- Disable gxt4500 fbdev driver (boo#1208642) + The gxt4500 driver serves a 20yrs-old graphics hardware for + IBM RS/6000 system. Probably not in use any longer. +- commit 5313a19 + +------------------------------------------------------------------- +Tue Feb 21 07:32:10 CET 2023 - jslaby(a)suse.cz + +- blacklist.conf: clean up + Remove the only (5.5) entry. It was needed only years ago. +- commit de1e630 + +------------------------------------------------------------------- @@ -6,0 +93,20 @@ + +------------------------------------------------------------------- +Sat Feb 18 08:02:26 CET 2023 - jlee(a)suse.com + +- arm64: lock down kernel in secure boot mode (jsc#SLE-15020, bsc#1198101). +- efi: Lock down the kernel at the integrity level if booted in + secure boot mode (jsc#SLE-9870, bsc#1198101). +- efi: Lock down the kernel if booted in secure boot mode + (jsc#SLE-9870, bsc#1198101). +- Update config files. + - The shim for openSUSE Tumbleweed needs to be reviewed by upstream + and signed by Microsoft. So we need to lockdown kernel on x86_64 + and arm64 because EFI secure boot. + - We disable CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT in other + architectures. +- efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode + (jsc#SLE-9870, bsc#1198101). +- security: lockdown: expose a hook to lock the kernel down + (jsc#SLE-9870, bsc#1198101). +- commit a7d5b50 dtb-armv6l.changes: same change dtb-armv7l.changes: same change dtb-riscv64.changes: same change kernel-64kb.changes: same change kernel-debug.changes: same change kernel-default.changes: same change kernel-docs.changes: same change kernel-kvmsmall.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-vanilla.changes: same change kernel-zfcpdump.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dtb-aarch64.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.238693748 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.250693803 +0100 @@ -17,7 +17,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build}) Name: dtb-aarch64 -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif dtb-armv6l.spec: same change dtb-armv7l.spec: same change dtb-riscv64.spec: same change ++++++ kernel-64kb.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.406694509 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.410694528 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -111,9 +111,9 @@ Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0-only Group: System/Kernel -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -240,10 +240,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 -Provides: kernel-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: kernel-%build_flavor-base-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 +Provides: kernel-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 # END COMMON DEPS -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %obsolete_rebuilds %name Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz Source3: kernel-source.rpmlintrc ++++++ kernel-debug.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.446694690 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.454694726 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -111,9 +111,9 @@ Summary: A Debug Version of the Kernel License: GPL-2.0-only Group: System/Kernel -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -240,10 +240,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 -Provides: kernel-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: kernel-%build_flavor-base-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 +Provides: kernel-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 # END COMMON DEPS -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %ifarch ppc64 Provides: kernel-kdump = 2.6.28 Obsoletes: kernel-kdump <= 2.6.28 ++++++ kernel-default.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.482694853 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.494694907 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -111,9 +111,9 @@ Summary: The Standard Kernel License: GPL-2.0-only Group: System/Kernel -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -240,10 +240,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 -Provides: kernel-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: kernel-%build_flavor-base-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 +Provides: kernel-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 # END COMMON DEPS -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %ifarch %ix86 Provides: kernel-smp = 2.6.17 Obsoletes: kernel-smp <= 2.6.17 ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.518695016 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.526695052 +0100 @@ -17,7 +17,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Summary: Kernel Documentation License: GPL-2.0-only Group: Documentation/Man -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -67,7 +67,7 @@ %endif URL: https://www.kernel.org/ Provides: %name = %version-%source_rel -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz ++++++ kernel-kvmsmall.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.558695197 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.566695234 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -111,9 +111,9 @@ Summary: The Small Developer Kernel for KVM License: GPL-2.0-only Group: System/Kernel -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -240,10 +240,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 -Provides: kernel-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: kernel-%build_flavor-base-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 +Provides: kernel-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 # END COMMON DEPS -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %obsolete_rebuilds %name Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz Source3: kernel-source.rpmlintrc kernel-lpae.spec: same change ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.634695542 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.642695578 +0100 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 @@ -45,7 +45,7 @@ %endif %endif %endif -BuildRequires: kernel%kernel_flavor-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +BuildRequires: kernel%kernel_flavor-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %if 0%{?rhel_version} BuildRequires: kernel @@ -64,9 +64,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0-only Group: SLES -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.674695723 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.682695759 +0100 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0-only Group: SLES -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.714695904 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.722695940 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -111,9 +111,9 @@ Summary: Kernel with PAE Support License: GPL-2.0-only Group: System/Kernel -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -240,10 +240,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 -Provides: kernel-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: kernel-%build_flavor-base-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 +Provides: kernel-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 # END COMMON DEPS -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %ifarch %ix86 Provides: kernel-bigsmp = 2.6.17 Obsoletes: kernel-bigsmp <= 2.6.17 ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.750696067 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.762696121 +0100 @@ -17,7 +17,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 @@ -31,9 +31,9 @@ %endif Name: kernel-source -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -50,7 +50,7 @@ BuildRequires: sed Requires(post): coreutils sed Provides: %name = %version-%source_rel -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 Provides: linux Provides: multiversion(kernel) Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.802696303 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.806696321 +0100 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0-only Group: Development/Sources -Version: 6.2.0 +Version: 6.2.1 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -52,7 +52,7 @@ %endif Requires: pesign-obs-integration Provides: %name = %version-%source_rel -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 Provides: multiversion(kernel) Source: README.KSYMS Requires: kernel-devel%variant = %version-%source_rel ++++++ kernel-vanilla.spec ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:46.842696484 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:46.850696520 +0100 @@ -18,7 +18,7 @@ %define srcversion 6.2 -%define patchversion 6.2.0 +%define patchversion 6.2.1 %define variant %{nil} %define vanilla_only 0 %define compress_modules zstd @@ -111,9 +111,9 @@ Summary: The Standard Kernel - without any SUSE patches License: GPL-2.0-only Group: System/Kernel -Version: 6.2.0 +Version: 6.2.1 %if 0%{?is_kotd} -Release: <RELEASE>.g89e2785 +Release: <RELEASE>.g69e0e95 %else Release: 0 %endif @@ -240,10 +240,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 -Provides: kernel-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: kernel-%build_flavor-base-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 +Provides: kernel-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 # END COMMON DEPS -Provides: %name-srchash-89e27851f72a9025c71bfb1a4edc9748cfbed036 +Provides: %name-srchash-69e0e95118afe307ac9da57c2cc7f80673a41423 %obsolete_rebuilds %name Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-%srcversion.tar.xz Source3: kernel-source.rpmlintrc kernel-zfcpdump.spec: same change ++++++ config.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/default new/config/arm64/default --- old/config/arm64/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/arm64/default 2023-02-25 23:38:51.000000000 +0100 @@ -7668,7 +7668,7 @@ # CONFIG_FB_UDL is not set # CONFIG_FB_IBM_GXT4500 is not set CONFIG_FB_XILINX=m -CONFIG_FB_VIRTUAL=m +# CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set CONFIG_FB_MX3=y @@ -12194,6 +12194,7 @@ # CONFIG_SECURITY_SAFESETID is not set CONFIG_SECURITY_LOCKDOWN_LSM=y CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y +CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y # CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set # CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/kvmsmall new/config/arm64/kvmsmall --- old/config/arm64/kvmsmall 2023-02-20 00:02:32.000000000 +0100 +++ new/config/arm64/kvmsmall 2023-02-25 23:38:51.000000000 +0100 @@ -97,7 +97,6 @@ # CONFIG_EQUALIZER is not set # CONFIG_EXTCON_FSA9480 is not set CONFIG_FAILOVER=y -# CONFIG_FB_VIRTUAL is not set # CONFIG_FDDI is not set # CONFIG_FIREWIRE is not set # CONFIG_FIREWIRE_NOSY is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv6hl/default new/config/armv6hl/default --- old/config/armv6hl/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/armv6hl/default 2023-02-25 23:38:51.000000000 +0100 @@ -5660,7 +5660,7 @@ # CONFIG_FB_SMSCUFX is not set # CONFIG_FB_UDL is not set # CONFIG_FB_IBM_GXT4500 is not set -CONFIG_FB_VIRTUAL=m +# CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set CONFIG_FB_MX3=m # CONFIG_FB_SSD1307 is not set @@ -8371,6 +8371,7 @@ # CONFIG_SECURITY_SAFESETID is not set CONFIG_SECURITY_LOCKDOWN_LSM=y CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y +# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y # CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set # CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default --- old/config/armv7hl/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/armv7hl/default 2023-02-25 23:38:51.000000000 +0100 @@ -7507,15 +7507,15 @@ CONFIG_FB_TMIO_ACCELL=y CONFIG_FB_SM501=m # CONFIG_FB_SMSCUFX is not set -CONFIG_FB_UDL=m +# CONFIG_FB_UDL is not set # CONFIG_FB_IBM_GXT4500 is not set CONFIG_FB_XILINX=m CONFIG_FB_DA8XX=m -CONFIG_FB_VIRTUAL=m +# CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set CONFIG_FB_MX3=m -CONFIG_FB_SSD1307=m +# CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices @@ -11765,6 +11765,7 @@ # CONFIG_SECURITY_SAFESETID is not set CONFIG_SECURITY_LOCKDOWN_LSM=y CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y +# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y # CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set # CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/pae new/config/i386/pae --- old/config/i386/pae 2023-02-20 00:02:32.000000000 +0100 +++ new/config/i386/pae 2023-02-25 23:38:51.000000000 +0100 @@ -6841,7 +6841,9 @@ CONFIG_DRM_XEN_FRONTEND=m CONFIG_DRM_VBOXVIDEO=m CONFIG_DRM_GUD=m -# CONFIG_DRM_SSD130X is not set +CONFIG_DRM_SSD130X=m +CONFIG_DRM_SSD130X_I2C=m +CONFIG_DRM_SSD130X_SPI=m CONFIG_DRM_HYPERV=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y @@ -6864,7 +6866,6 @@ # CONFIG_FB_FOREIGN_ENDIAN is not set CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y -CONFIG_FB_BACKLIGHT=m CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -6911,13 +6912,13 @@ # CONFIG_FB_GEODE is not set # CONFIG_FB_SMSCUFX is not set # CONFIG_FB_UDL is not set -CONFIG_FB_IBM_GXT4500=m -CONFIG_FB_VIRTUAL=m +# CONFIG_FB_IBM_GXT4500 is not set +# CONFIG_FB_VIRTUAL is not set CONFIG_XEN_FBDEV_FRONTEND=m # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_HYPERV is not set -CONFIG_FB_SSD1307=m +# CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default --- old/config/ppc64/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/ppc64/default 2023-02-25 23:38:51.000000000 +0100 @@ -397,28 +397,7 @@ CONFIG_PPC_PMAC64=y CONFIG_PPC_MAPLE=y # CONFIG_PPC_PASEMI is not set -CONFIG_PPC_PS3=y - -# -# PS3 Platform Options -# -CONFIG_PS3_ADVANCED=y -CONFIG_PS3_HTAB_SIZE=20 -# CONFIG_PS3_DYNAMIC_DMA is not set -CONFIG_PS3_VUART=y -CONFIG_PS3_PS3AV=y -CONFIG_PS3_SYS_MANAGER=y -# CONFIG_PS3_VERBOSE_RESULT is not set -# CONFIG_PS3_REPOSITORY_WRITE is not set -CONFIG_PS3_STORAGE=m -CONFIG_PS3_DISK=m -CONFIG_PS3_ROM=m -CONFIG_PS3_FLASH=m -CONFIG_PS3_VRAM=m -CONFIG_PS3_LPM=m -# CONFIG_PS3GELIC_UDBG is not set -# end of PS3 Platform Options - +# CONFIG_PPC_PS3 is not set CONFIG_PPC_CELL=y CONFIG_PPC_CELL_COMMON=y CONFIG_PPC_CELL_NATIVE=y @@ -3183,8 +3162,6 @@ # CONFIG_TI_CPSW_PHY_SEL is not set CONFIG_TLAN=m CONFIG_NET_VENDOR_TOSHIBA=y -CONFIG_GELIC_NET=m -CONFIG_GELIC_WIRELESS=y CONFIG_SPIDER_NET=m CONFIG_NET_VENDOR_VERTEXCOM=y CONFIG_MSE102X=m @@ -6127,7 +6104,9 @@ # CONFIG_TINYDRM_ST7586 is not set # CONFIG_TINYDRM_ST7735R is not set CONFIG_DRM_GUD=m -# CONFIG_DRM_SSD130X is not set +CONFIG_DRM_SSD130X=m +CONFIG_DRM_SSD130X_I2C=m +CONFIG_DRM_SSD130X_SPI=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y # CONFIG_DRM_LIB_RANDOM is not set @@ -6149,7 +6128,6 @@ # CONFIG_FB_FOREIGN_ENDIAN is not set CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y -CONFIG_FB_BACKLIGHT=m CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -6162,8 +6140,8 @@ # CONFIG_FB_ASILIANT is not set # CONFIG_FB_IMSTT is not set # CONFIG_FB_VGA16 is not set -CONFIG_FB_UVESA=m -CONFIG_FB_OPENCORES=m +# CONFIG_FB_UVESA is not set +# CONFIG_FB_OPENCORES is not set # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_NVIDIA is not set # CONFIG_FB_RIVA is not set @@ -6186,14 +6164,12 @@ # CONFIG_FB_CARMINE is not set # CONFIG_FB_SMSCUFX is not set # CONFIG_FB_UDL is not set -CONFIG_FB_IBM_GXT4500=m -CONFIG_FB_PS3=y -CONFIG_FB_PS3_DEFAULT_SIZE_M=9 +# CONFIG_FB_IBM_GXT4500 is not set # CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_SIMPLE is not set -CONFIG_FB_SSD1307=m +# CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices @@ -6377,8 +6353,6 @@ CONFIG_SND_PPC=y CONFIG_SND_POWERMAC=m CONFIG_SND_POWERMAC_AUTO_DRC=y -CONFIG_SND_PS3=m -CONFIG_SND_PS3_DEFAULT_START_DELAY=2000 CONFIG_SND_AOA=m CONFIG_SND_AOA_FABRIC_LAYOUT=m CONFIG_SND_AOA_ONYX=m @@ -6585,7 +6559,6 @@ CONFIG_USB_OHCI_BIG_ENDIAN_DESC=y CONFIG_USB_OHCI_BIG_ENDIAN_MMIO=y CONFIG_USB_OHCI_LITTLE_ENDIAN=y -CONFIG_USB_EHCI_BIG_ENDIAN_MMIO=y CONFIG_USB_SUPPORT=y CONFIG_USB_COMMON=m CONFIG_USB_LED_TRIG=y @@ -7136,7 +7109,6 @@ CONFIG_RTC_DRV_GENERIC=m CONFIG_RTC_DRV_CADENCE=m # CONFIG_RTC_DRV_FTRTC010 is not set -CONFIG_RTC_DRV_PS3=m # CONFIG_RTC_DRV_R7301 is not set # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/kvmsmall new/config/ppc64/kvmsmall --- old/config/ppc64/kvmsmall 2023-02-20 00:02:32.000000000 +0100 +++ new/config/ppc64/kvmsmall 2023-02-25 23:38:51.000000000 +0100 @@ -238,7 +238,6 @@ # CONFIG_PPC_MAPLE is not set # CONFIG_PPC_PMAC is not set # CONFIG_PPC_POWERNV is not set -# CONFIG_PPC_PS3 is not set # CONFIG_PPS_CLIENT_GPIO is not set # CONFIG_PPS_CLIENT_LDISC is not set # CONFIG_PTP_1588_CLOCK is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default --- old/config/ppc64le/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/ppc64le/default 2023-02-25 23:38:51.000000000 +0100 @@ -5993,7 +5993,9 @@ # CONFIG_TINYDRM_ST7586 is not set # CONFIG_TINYDRM_ST7735R is not set CONFIG_DRM_GUD=m -# CONFIG_DRM_SSD130X is not set +CONFIG_DRM_SSD130X=m +CONFIG_DRM_SSD130X_I2C=m +CONFIG_DRM_SSD130X_SPI=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y # CONFIG_DRM_LIB_RANDOM is not set @@ -6015,7 +6017,6 @@ # CONFIG_FB_FOREIGN_ENDIAN is not set CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y -CONFIG_FB_BACKLIGHT=m CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -6028,8 +6029,8 @@ # CONFIG_FB_ASILIANT is not set # CONFIG_FB_IMSTT is not set # CONFIG_FB_VGA16 is not set -CONFIG_FB_UVESA=m -CONFIG_FB_OPENCORES=m +# CONFIG_FB_UVESA is not set +# CONFIG_FB_OPENCORES is not set # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_NVIDIA is not set # CONFIG_FB_RIVA is not set @@ -6052,12 +6053,12 @@ # CONFIG_FB_CARMINE is not set # CONFIG_FB_SMSCUFX is not set # CONFIG_FB_UDL is not set -CONFIG_FB_IBM_GXT4500=m +# CONFIG_FB_IBM_GXT4500 is not set # CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_SIMPLE is not set -CONFIG_FB_SSD1307=m +# CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/riscv64/default new/config/riscv64/default --- old/config/riscv64/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/riscv64/default 2023-02-25 23:38:51.000000000 +0100 @@ -6203,7 +6203,9 @@ # CONFIG_TINYDRM_ST7586 is not set # CONFIG_TINYDRM_ST7735R is not set CONFIG_DRM_GUD=m -# CONFIG_DRM_SSD130X is not set +CONFIG_DRM_SSD130X=m +CONFIG_DRM_SSD130X_I2C=m +CONFIG_DRM_SSD130X_SPI=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y # CONFIG_DRM_LIB_RANDOM is not set @@ -6225,7 +6227,6 @@ # CONFIG_FB_FOREIGN_ENDIAN is not set CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y -CONFIG_FB_BACKLIGHT=m CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -6263,12 +6264,12 @@ # CONFIG_FB_SH_MOBILE_LCDC is not set # CONFIG_FB_SMSCUFX is not set # CONFIG_FB_UDL is not set -CONFIG_FB_IBM_GXT4500=m +# CONFIG_FB_IBM_GXT4500 is not set CONFIG_FB_GOLDFISH=m -CONFIG_FB_VIRTUAL=m +# CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set -CONFIG_FB_SSD1307=m +# CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices @@ -9201,6 +9202,7 @@ # CONFIG_SECURITY_SAFESETID is not set CONFIG_SECURITY_LOCKDOWN_LSM=y CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y +# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y # CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set # CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/default new/config/x86_64/default --- old/config/x86_64/default 2023-02-20 00:02:32.000000000 +0100 +++ new/config/x86_64/default 2023-02-25 23:38:51.000000000 +0100 @@ -6669,7 +6669,9 @@ CONFIG_DRM_XEN_FRONTEND=m CONFIG_DRM_VBOXVIDEO=m CONFIG_DRM_GUD=m -# CONFIG_DRM_SSD130X is not set +CONFIG_DRM_SSD130X=m +CONFIG_DRM_SSD130X_I2C=m +CONFIG_DRM_SSD130X_SPI=m CONFIG_DRM_HYPERV=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y @@ -6692,7 +6694,6 @@ # CONFIG_FB_FOREIGN_ENDIAN is not set CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y -CONFIG_FB_BACKLIGHT=m CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -6737,13 +6738,13 @@ # CONFIG_FB_CARMINE is not set # CONFIG_FB_SMSCUFX is not set # CONFIG_FB_UDL is not set -CONFIG_FB_IBM_GXT4500=m -CONFIG_FB_VIRTUAL=m +# CONFIG_FB_IBM_GXT4500 is not set +# CONFIG_FB_VIRTUAL is not set CONFIG_XEN_FBDEV_FRONTEND=m # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_HYPERV is not set -CONFIG_FB_SSD1307=m +# CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices @@ -10280,6 +10281,7 @@ # CONFIG_SECURITY_SAFESETID is not set CONFIG_SECURITY_LOCKDOWN_LSM=y CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y +CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y # CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set # CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/kvmsmall new/config/x86_64/kvmsmall --- old/config/x86_64/kvmsmall 2023-02-20 00:02:32.000000000 +0100 +++ new/config/x86_64/kvmsmall 2023-02-25 23:38:51.000000000 +0100 @@ -127,8 +127,6 @@ # CONFIG_EXTCON_FSA9480 is not set # CONFIG_F71808E_WDT is not set CONFIG_FAILOVER=y -# CONFIG_FB_IBM_GXT4500 is not set -# CONFIG_FB_VIRTUAL is not set # CONFIG_FCOE_FNIC is not set # CONFIG_FDDI is not set # CONFIG_FIREWIRE is not set ++++++ patches.kernel.org.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-001-uaccess-Add-speculation-barrier-to-copy_fr… new/patches.kernel.org/6.2.1-001-uaccess-Add-speculation-barrier-to-copy_fr… --- old/patches.kernel.org/6.2.1-001-uaccess-Add-speculation-barrier-to-copy_fr… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-001-uaccess-Add-speculation-barrier-to-copy_fr… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,116 @@ +From: Dave Hansen <dave.hansen(a)linux.intel.com> +Date: Tue, 21 Feb 2023 12:30:15 -0800 +Subject: [PATCH] uaccess: Add speculation barrier to copy_from_user() +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 74e19ef0ff8061ef55957c3abd71614ef0f42f47 + +commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 upstream. + +The results of "access_ok()" can be mis-speculated. The result is that +you can end speculatively: + + if (access_ok(from, size)) + // Right here + +even for bad from/size combinations. On first glance, it would be ideal +to just add a speculation barrier to "access_ok()" so that its results +can never be mis-speculated. + +But there are lots of system calls just doing access_ok() via +"copy_to_user()" and friends (example: fstat() and friends). Those are +generally not problematic because they do not _consume_ data from +userspace other than the pointer. They are also very quick and common +system calls that should not be needlessly slowed down. + +"copy_from_user()" on the other hand uses a user-controller pointer and +is frequently followed up with code that might affect caches. Take +something like this: + + if (!copy_from_user(&kernelvar, uptr, size)) + do_something_with(kernelvar); + +If userspace passes in an evil 'uptr' that *actually* points to a kernel +addresses, and then do_something_with() has cache (or other) +side-effects, it could allow userspace to infer kernel data values. + +Add a barrier to the common copy_from_user() code to prevent +mis-speculated values which happen after the copy. + +Also add a stub for architectures that do not define barrier_nospec(). +This makes the macro usable in generic code. + +Since the barrier is now usable in generic code, the x86 #ifdef in the +BPF code can also go away. + +Reported-by: Jordy Zomer <jordyzomer(a)google.com> +Suggested-by: Linus Torvalds <torvalds(a)linuxfoundation.org> +Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> +Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> +Acked-by: Daniel Borkmann <daniel(a)iogearbox.net> # BPF bits +Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + include/linux/nospec.h | 4 ++++ + kernel/bpf/core.c | 2 -- + lib/usercopy.c | 7 +++++++ + 3 files changed, 11 insertions(+), 2 deletions(-) + +diff --git a/include/linux/nospec.h b/include/linux/nospec.h +index c1e79f72..9f0af4f1 100644 +--- a/include/linux/nospec.h ++++ b/include/linux/nospec.h +@@ -11,6 +11,10 @@ + + struct task_struct; + ++#ifndef barrier_nospec ++# define barrier_nospec() do { } while (0) ++#endif ++ + /** + * array_index_mask_nospec() - generate a ~0 mask when index < size, 0 otherwise + * @index: array element index +diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c +index ba3fff17..430c66d5 100644 +--- a/kernel/bpf/core.c ++++ b/kernel/bpf/core.c +@@ -1910,9 +1910,7 @@ static u64 ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn) + * reuse preexisting logic from Spectre v1 mitigation that + * happens to produce the required code on x86 for v4 as well. + */ +-#ifdef CONFIG_X86 + barrier_nospec(); +-#endif + CONT; + #define LDST(SIZEOP, SIZE) \ + STX_MEM_##SIZEOP: \ +diff --git a/lib/usercopy.c b/lib/usercopy.c +index 1505a52f..d29fe29c 100644 +--- a/lib/usercopy.c ++++ b/lib/usercopy.c +@@ -3,6 +3,7 @@ + #include <linux/fault-inject-usercopy.h> + #include <linux/instrumented.h> + #include <linux/uaccess.h> ++#include <linux/nospec.h> + + /* out-of-line parts */ + +@@ -12,6 +13,12 @@ unsigned long _copy_from_user(void *to, const void __user *from, unsigned long n + unsigned long res = n; + might_fault(); + if (!should_fail_usercopy() && likely(access_ok(from, n))) { ++ /* ++ * Ensure that bad access_ok() speculation will not ++ * lead to nasty side effects *after* the copy is ++ * finished: ++ */ ++ barrier_nospec(); + instrument_copy_from_user_before(to, from, n); + res = raw_copy_from_user(to, from, n); + instrument_copy_from_user_after(to, from, n, res); +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-002-x86-alternatives-Introduce-int3_emulate_jc… new/patches.kernel.org/6.2.1-002-x86-alternatives-Introduce-int3_emulate_jc… --- old/patches.kernel.org/6.2.1-002-x86-alternatives-Introduce-int3_emulate_jc… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-002-x86-alternatives-Introduce-int3_emulate_jc… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,140 @@ +From: Peter Zijlstra <peterz(a)infradead.org> +Date: Mon, 23 Jan 2023 21:59:16 +0100 +Subject: [PATCH] x86/alternatives: Introduce int3_emulate_jcc() +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: db7adcfd1cec4e95155e37bc066fddab302c6340 + +commit db7adcfd1cec4e95155e37bc066fddab302c6340 upstream. + +Move the kprobe Jcc emulation into int3_emulate_jcc() so it can be +used by more code -- specifically static_call() will need this. + +Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> +Signed-off-by: Ingo Molnar <mingo(a)kernel.org> +Reviewed-by: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> +Link: https://lore.kernel.org/r/20230123210607.057678245@infradead.org +Cc: Nathan Chancellor <nathan(a)kernel.org> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + arch/x86/include/asm/text-patching.h | 31 +++++++++++++++++++++++ + arch/x86/kernel/kprobes/core.c | 38 ++++++---------------------- + 2 files changed, 39 insertions(+), 30 deletions(-) + +diff --git a/arch/x86/include/asm/text-patching.h b/arch/x86/include/asm/text-patching.h +index f4b87f08..29832c33 100644 +--- a/arch/x86/include/asm/text-patching.h ++++ b/arch/x86/include/asm/text-patching.h +@@ -184,6 +184,37 @@ void int3_emulate_ret(struct pt_regs *regs) + unsigned long ip = int3_emulate_pop(regs); + int3_emulate_jmp(regs, ip); + } ++ ++static __always_inline ++void int3_emulate_jcc(struct pt_regs *regs, u8 cc, unsigned long ip, unsigned long disp) ++{ ++ static const unsigned long jcc_mask[6] = { ++ [0] = X86_EFLAGS_OF, ++ [1] = X86_EFLAGS_CF, ++ [2] = X86_EFLAGS_ZF, ++ [3] = X86_EFLAGS_CF | X86_EFLAGS_ZF, ++ [4] = X86_EFLAGS_SF, ++ [5] = X86_EFLAGS_PF, ++ }; ++ ++ bool invert = cc & 1; ++ bool match; ++ ++ if (cc < 0xc) { ++ match = regs->flags & jcc_mask[cc >> 1]; ++ } else { ++ match = ((regs->flags & X86_EFLAGS_SF) >> X86_EFLAGS_SF_BIT) ^ ++ ((regs->flags & X86_EFLAGS_OF) >> X86_EFLAGS_OF_BIT); ++ if (cc >= 0xe) ++ match = match || (regs->flags & X86_EFLAGS_ZF); ++ } ++ ++ if ((match && !invert) || (!match && invert)) ++ ip += disp; ++ ++ int3_emulate_jmp(regs, ip); ++} ++ + #endif /* !CONFIG_UML_X86 */ + + #endif /* _ASM_X86_TEXT_PATCHING_H */ +diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c +index 695873c0..0ce969ae 100644 +--- a/arch/x86/kernel/kprobes/core.c ++++ b/arch/x86/kernel/kprobes/core.c +@@ -464,50 +464,26 @@ static void kprobe_emulate_call(struct kprobe *p, struct pt_regs *regs) + } + NOKPROBE_SYMBOL(kprobe_emulate_call); + +-static nokprobe_inline +-void __kprobe_emulate_jmp(struct kprobe *p, struct pt_regs *regs, bool cond) ++static void kprobe_emulate_jmp(struct kprobe *p, struct pt_regs *regs) + { + unsigned long ip = regs->ip - INT3_INSN_SIZE + p->ainsn.size; + +- if (cond) +- ip += p->ainsn.rel32; ++ ip += p->ainsn.rel32; + int3_emulate_jmp(regs, ip); + } +- +-static void kprobe_emulate_jmp(struct kprobe *p, struct pt_regs *regs) +-{ +- __kprobe_emulate_jmp(p, regs, true); +-} + NOKPROBE_SYMBOL(kprobe_emulate_jmp); + +-static const unsigned long jcc_mask[6] = { +- [0] = X86_EFLAGS_OF, +- [1] = X86_EFLAGS_CF, +- [2] = X86_EFLAGS_ZF, +- [3] = X86_EFLAGS_CF | X86_EFLAGS_ZF, +- [4] = X86_EFLAGS_SF, +- [5] = X86_EFLAGS_PF, +-}; +- + static void kprobe_emulate_jcc(struct kprobe *p, struct pt_regs *regs) + { +- bool invert = p->ainsn.jcc.type & 1; +- bool match; ++ unsigned long ip = regs->ip - INT3_INSN_SIZE + p->ainsn.size; + +- if (p->ainsn.jcc.type < 0xc) { +- match = regs->flags & jcc_mask[p->ainsn.jcc.type >> 1]; +- } else { +- match = ((regs->flags & X86_EFLAGS_SF) >> X86_EFLAGS_SF_BIT) ^ +- ((regs->flags & X86_EFLAGS_OF) >> X86_EFLAGS_OF_BIT); +- if (p->ainsn.jcc.type >= 0xe) +- match = match || (regs->flags & X86_EFLAGS_ZF); +- } +- __kprobe_emulate_jmp(p, regs, (match && !invert) || (!match && invert)); ++ int3_emulate_jcc(regs, p->ainsn.jcc.type, ip, p->ainsn.rel32); + } + NOKPROBE_SYMBOL(kprobe_emulate_jcc); + + static void kprobe_emulate_loop(struct kprobe *p, struct pt_regs *regs) + { ++ unsigned long ip = regs->ip - INT3_INSN_SIZE + p->ainsn.size; + bool match; + + if (p->ainsn.loop.type != 3) { /* LOOP* */ +@@ -535,7 +511,9 @@ static void kprobe_emulate_loop(struct kprobe *p, struct pt_regs *regs) + else if (p->ainsn.loop.type == 1) /* LOOPE */ + match = match && (regs->flags & X86_EFLAGS_ZF); + +- __kprobe_emulate_jmp(p, regs, match); ++ if (match) ++ ip += p->ainsn.rel32; ++ int3_emulate_jmp(regs, ip); + } + NOKPROBE_SYMBOL(kprobe_emulate_loop); + +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-003-x86-alternatives-Teach-text_poke_bp-to-pat… new/patches.kernel.org/6.2.1-003-x86-alternatives-Teach-text_poke_bp-to-pat… --- old/patches.kernel.org/6.2.1-003-x86-alternatives-Teach-text_poke_bp-to-pat… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-003-x86-alternatives-Teach-text_poke_bp-to-pat… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,193 @@ +From: Peter Zijlstra <peterz(a)infradead.org> +Date: Mon, 23 Jan 2023 21:59:17 +0100 +Subject: [PATCH] x86/alternatives: Teach text_poke_bp() to patch Jcc.d32 + instructions +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: ac0ee0a9560c97fa5fe1409e450c2425d4ebd17a + +commit ac0ee0a9560c97fa5fe1409e450c2425d4ebd17a upstream. + +In order to re-write Jcc.d32 instructions text_poke_bp() needs to be +taught about them. + +The biggest hurdle is that the whole machinery is currently made for 5 +byte instructions and extending this would grow struct text_poke_loc +which is currently a nice 16 bytes and used in an array. + +However, since text_poke_loc contains a full copy of the (s32) +displacement, it is possible to map the Jcc.d32 2 byte opcodes to +Jcc.d8 1 byte opcode for the int3 emulation. + +This then leaves the replacement bytes; fudge that by only storing the +last 5 bytes and adding the rule that 'length == 6' instruction will +be prefixed with a 0x0f byte. + +Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> +Signed-off-by: Ingo Molnar <mingo(a)kernel.org> +Reviewed-by: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> +Link: https://lore.kernel.org/r/20230123210607.115718513@infradead.org +Cc: Nathan Chancellor <nathan(a)kernel.org> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + arch/x86/kernel/alternative.c | 62 ++++++++++++++++++++++++++--------- + 1 file changed, 47 insertions(+), 15 deletions(-) + +diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c +index 7d8c3cbd..81381a01 100644 +--- a/arch/x86/kernel/alternative.c ++++ b/arch/x86/kernel/alternative.c +@@ -340,6 +340,12 @@ void __init_or_module noinline apply_alternatives(struct alt_instr *start, + } + } + ++static inline bool is_jcc32(struct insn *insn) ++{ ++ /* Jcc.d32 second opcode byte is in the range: 0x80-0x8f */ ++ return insn->opcode.bytes[0] == 0x0f && (insn->opcode.bytes[1] & 0xf0) == 0x80; ++} ++ + #if defined(CONFIG_RETPOLINE) && defined(CONFIG_OBJTOOL) + + /* +@@ -378,12 +384,6 @@ static int emit_indirect(int op, int reg, u8 *bytes) + return i; + } + +-static inline bool is_jcc32(struct insn *insn) +-{ +- /* Jcc.d32 second opcode byte is in the range: 0x80-0x8f */ +- return insn->opcode.bytes[0] == 0x0f && (insn->opcode.bytes[1] & 0xf0) == 0x80; +-} +- + static int emit_call_track_retpoline(void *addr, struct insn *insn, int reg, u8 *bytes) + { + u8 op = insn->opcode.bytes[0]; +@@ -1772,6 +1772,11 @@ void text_poke_sync(void) + on_each_cpu(do_sync_core, NULL, 1); + } + ++/* ++ * NOTE: crazy scheme to allow patching Jcc.d32 but not increase the size of ++ * this thing. When len == 6 everything is prefixed with 0x0f and we map ++ * opcode to Jcc.d8, using len to distinguish. ++ */ + struct text_poke_loc { + /* addr := _stext + rel_addr */ + s32 rel_addr; +@@ -1893,6 +1898,10 @@ noinstr int poke_int3_handler(struct pt_regs *regs) + int3_emulate_jmp(regs, (long)ip + tp->disp); + break; + ++ case 0x70 ... 0x7f: /* Jcc */ ++ int3_emulate_jcc(regs, tp->opcode & 0xf, (long)ip, tp->disp); ++ break; ++ + default: + BUG(); + } +@@ -1966,16 +1975,26 @@ static void text_poke_bp_batch(struct text_poke_loc *tp, unsigned int nr_entries + * Second step: update all but the first byte of the patched range. + */ + for (do_sync = 0, i = 0; i < nr_entries; i++) { +- u8 old[POKE_MAX_OPCODE_SIZE] = { tp[i].old, }; ++ u8 old[POKE_MAX_OPCODE_SIZE+1] = { tp[i].old, }; ++ u8 _new[POKE_MAX_OPCODE_SIZE+1]; ++ const u8 *new = tp[i].text; + int len = tp[i].len; + + if (len - INT3_INSN_SIZE > 0) { + memcpy(old + INT3_INSN_SIZE, + text_poke_addr(&tp[i]) + INT3_INSN_SIZE, + len - INT3_INSN_SIZE); ++ ++ if (len == 6) { ++ _new[0] = 0x0f; ++ memcpy(_new + 1, new, 5); ++ new = _new; ++ } ++ + text_poke(text_poke_addr(&tp[i]) + INT3_INSN_SIZE, +- (const char *)tp[i].text + INT3_INSN_SIZE, ++ new + INT3_INSN_SIZE, + len - INT3_INSN_SIZE); ++ + do_sync++; + } + +@@ -2003,8 +2022,7 @@ static void text_poke_bp_batch(struct text_poke_loc *tp, unsigned int nr_entries + * The old instruction is recorded so that the event can be + * processed forwards or backwards. + */ +- perf_event_text_poke(text_poke_addr(&tp[i]), old, len, +- tp[i].text, len); ++ perf_event_text_poke(text_poke_addr(&tp[i]), old, len, new, len); + } + + if (do_sync) { +@@ -2021,10 +2039,15 @@ static void text_poke_bp_batch(struct text_poke_loc *tp, unsigned int nr_entries + * replacing opcode. + */ + for (do_sync = 0, i = 0; i < nr_entries; i++) { +- if (tp[i].text[0] == INT3_INSN_OPCODE) ++ u8 byte = tp[i].text[0]; ++ ++ if (tp[i].len == 6) ++ byte = 0x0f; ++ ++ if (byte == INT3_INSN_OPCODE) + continue; + +- text_poke(text_poke_addr(&tp[i]), tp[i].text, INT3_INSN_SIZE); ++ text_poke(text_poke_addr(&tp[i]), &byte, INT3_INSN_SIZE); + do_sync++; + } + +@@ -2042,9 +2065,11 @@ static void text_poke_loc_init(struct text_poke_loc *tp, void *addr, + const void *opcode, size_t len, const void *emulate) + { + struct insn insn; +- int ret, i; ++ int ret, i = 0; + +- memcpy((void *)tp->text, opcode, len); ++ if (len == 6) ++ i = 1; ++ memcpy((void *)tp->text, opcode+i, len-i); + if (!emulate) + emulate = opcode; + +@@ -2055,6 +2080,13 @@ static void text_poke_loc_init(struct text_poke_loc *tp, void *addr, + tp->len = len; + tp->opcode = insn.opcode.bytes[0]; + ++ if (is_jcc32(&insn)) { ++ /* ++ * Map Jcc.d32 onto Jcc.d8 and use len to distinguish. ++ */ ++ tp->opcode = insn.opcode.bytes[1] - 0x10; ++ } ++ + switch (tp->opcode) { + case RET_INSN_OPCODE: + case JMP32_INSN_OPCODE: +@@ -2071,7 +2103,6 @@ static void text_poke_loc_init(struct text_poke_loc *tp, void *addr, + BUG_ON(len != insn.length); + } + +- + switch (tp->opcode) { + case INT3_INSN_OPCODE: + case RET_INSN_OPCODE: +@@ -2080,6 +2111,7 @@ static void text_poke_loc_init(struct text_poke_loc *tp, void *addr, + case CALL_INSN_OPCODE: + case JMP32_INSN_OPCODE: + case JMP8_INSN_OPCODE: ++ case 0x70 ... 0x7f: /* Jcc */ + tp->disp = insn.immediate.value; + break; + +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-004-x86-static_call-Add-support-for-Jcc-tail-c… new/patches.kernel.org/6.2.1-004-x86-static_call-Add-support-for-Jcc-tail-c… --- old/patches.kernel.org/6.2.1-004-x86-static_call-Add-support-for-Jcc-tail-c… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-004-x86-static_call-Add-support-for-Jcc-tail-c… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,137 @@ +From: Peter Zijlstra <peterz(a)infradead.org> +Date: Thu, 26 Jan 2023 16:34:27 +0100 +Subject: [PATCH] x86/static_call: Add support for Jcc tail-calls +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 923510c88d2b7d947c4217835fd9ca6bd65cc56c + +commit 923510c88d2b7d947c4217835fd9ca6bd65cc56c upstream. + +Clang likes to create conditional tail calls like: + + 0000000000000350 <amd_pmu_add_event>: + 350: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 351: R_X86_64_NONE __fentry__-0x4 + 355: 48 83 bf 20 01 00 00 00 cmpq $0x0,0x120(%rdi) + 35d: 0f 85 00 00 00 00 jne 363 <amd_pmu_add_event+0x13> 35f: R_X86_64_PLT32 __SCT__amd_pmu_branch_add-0x4 + 363: e9 00 00 00 00 jmp 368 <amd_pmu_add_event+0x18> 364: R_X86_64_PLT32 __x86_return_thunk-0x4 + +Where 0x35d is a static call site that's turned into a conditional +tail-call using the Jcc class of instructions. + +Teach the in-line static call text patching about this. + +Notably, since there is no conditional-ret, in that case patch the Jcc +to point at an empty stub function that does the ret -- or the return +thunk when needed. + +Reported-by: "Erhard F." <erhard_f(a)mailbox.org> +Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> +Signed-off-by: Ingo Molnar <mingo(a)kernel.org> +Reviewed-by: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> +Link: https://lore.kernel.org/r/Y9Kdg9QjHkr9G5b5@hirez.programming.kicks-ass.net +Cc: Nathan Chancellor <nathan(a)kernel.org> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + arch/x86/kernel/static_call.c | 50 ++++++++++++++++++++++++++++++++--- + 1 file changed, 47 insertions(+), 3 deletions(-) + +diff --git a/arch/x86/kernel/static_call.c b/arch/x86/kernel/static_call.c +index 2ebc3389..b70670a9 100644 +--- a/arch/x86/kernel/static_call.c ++++ b/arch/x86/kernel/static_call.c +@@ -9,6 +9,7 @@ enum insn_type { + NOP = 1, /* site cond-call */ + JMP = 2, /* tramp / site tail-call */ + RET = 3, /* tramp / site cond-tail-call */ ++ JCC = 4, + }; + + /* +@@ -25,12 +26,40 @@ static const u8 xor5rax[] = { 0x2e, 0x2e, 0x2e, 0x31, 0xc0 }; + + static const u8 retinsn[] = { RET_INSN_OPCODE, 0xcc, 0xcc, 0xcc, 0xcc }; + ++static u8 __is_Jcc(u8 *insn) /* Jcc.d32 */ ++{ ++ u8 ret = 0; ++ ++ if (insn[0] == 0x0f) { ++ u8 tmp = insn[1]; ++ if ((tmp & 0xf0) == 0x80) ++ ret = tmp; ++ } ++ ++ return ret; ++} ++ ++extern void __static_call_return(void); ++ ++asm (".global __static_call_return\n\t" ++ ".type __static_call_return, @function\n\t" ++ ASM_FUNC_ALIGN "\n\t" ++ "__static_call_return:\n\t" ++ ANNOTATE_NOENDBR ++ ANNOTATE_RETPOLINE_SAFE ++ "ret; int3\n\t" ++ ".size __static_call_return, . - __static_call_return \n\t"); ++ + static void __ref __static_call_transform(void *insn, enum insn_type type, + void *func, bool modinit) + { + const void *emulate = NULL; + int size = CALL_INSN_SIZE; + const void *code; ++ u8 op, buf[6]; ++ ++ if ((type == JMP || type == RET) && (op = __is_Jcc(insn))) ++ type = JCC; + + switch (type) { + case CALL: +@@ -57,6 +86,20 @@ static void __ref __static_call_transform(void *insn, enum insn_type type, + else + code = &retinsn; + break; ++ ++ case JCC: ++ if (!func) { ++ func = __static_call_return; ++ if (cpu_feature_enabled(X86_FEATURE_RETHUNK)) ++ func = x86_return_thunk; ++ } ++ ++ buf[0] = 0x0f; ++ __text_gen_insn(buf+1, op, insn+1, func, 5); ++ code = buf; ++ size = 6; ++ ++ break; + } + + if (memcmp(insn, code, size) == 0) +@@ -68,9 +111,9 @@ static void __ref __static_call_transform(void *insn, enum insn_type type, + text_poke_bp(insn, code, size, emulate); + } + +-static void __static_call_validate(void *insn, bool tail, bool tramp) ++static void __static_call_validate(u8 *insn, bool tail, bool tramp) + { +- u8 opcode = *(u8 *)insn; ++ u8 opcode = insn[0]; + + if (tramp && memcmp(insn+5, tramp_ud, 3)) { + pr_err("trampoline signature fail"); +@@ -79,7 +122,8 @@ static void __static_call_validate(void *insn, bool tail, bool tramp) + + if (tail) { + if (opcode == JMP32_INSN_OPCODE || +- opcode == RET_INSN_OPCODE) ++ opcode == RET_INSN_OPCODE || ++ __is_Jcc(insn)) + return; + } else { + if (opcode == CALL_INSN_OPCODE || +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-005-HID-mcp-2221-prevent-UAF-in-delayed-work.p… new/patches.kernel.org/6.2.1-005-HID-mcp-2221-prevent-UAF-in-delayed-work.p… --- old/patches.kernel.org/6.2.1-005-HID-mcp-2221-prevent-UAF-in-delayed-work.p… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-005-HID-mcp-2221-prevent-UAF-in-delayed-work.p… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,44 @@ +From: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> +Date: Thu, 16 Feb 2023 11:22:58 +0100 +Subject: [PATCH] HID: mcp-2221: prevent UAF in delayed work +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 47e91fdfa511139f2549687edb0d8649b123227b + +commit 47e91fdfa511139f2549687edb0d8649b123227b upstream. + +If the device is plugged/unplugged without giving time for mcp_init_work() +to complete, we might kick in the devm free code path and thus have +unavailable struct mcp_2221 while in delayed work. + +Canceling the delayed_work item is enough to solve the issue, because +cancel_delayed_work_sync will prevent the work item to requeue itself. + +Fixes: 960f9df7c620 ("HID: mcp2221: add ADC/DAC support via iio subsystem") +CC: stable(a)vger.kernel.org +Acked-by: Jiri Kosina <jkosina(a)suse.cz> +Link: https://lore.kernel.org/r/20230215-wip-mcp2221-v2-1-109f71fd036e@redhat.com +Signed-off-by: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + drivers/hid/hid-mcp2221.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/drivers/hid/hid-mcp2221.c b/drivers/hid/hid-mcp2221.c +index e61dd039..f74a977c 100644 +--- a/drivers/hid/hid-mcp2221.c ++++ b/drivers/hid/hid-mcp2221.c +@@ -922,6 +922,9 @@ static void mcp2221_hid_unregister(void *ptr) + /* This is needed to be sure hid_hw_stop() isn't called twice by the subsystem */ + static void mcp2221_remove(struct hid_device *hdev) + { ++ struct mcp2221 *mcp = hid_get_drvdata(hdev); ++ ++ cancel_delayed_work_sync(&mcp->init_work); + } + + #if IS_REACHABLE(CONFIG_IIO) +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-006-wifi-mwifiex-Add-missing-compatible-string… new/patches.kernel.org/6.2.1-006-wifi-mwifiex-Add-missing-compatible-string… --- old/patches.kernel.org/6.2.1-006-wifi-mwifiex-Add-missing-compatible-string… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-006-wifi-mwifiex-Add-missing-compatible-string… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,40 @@ +From: Lukas Wunner <lukas(a)wunner.de> +Date: Fri, 27 Jan 2023 15:01:00 +0100 +Subject: [PATCH] wifi: mwifiex: Add missing compatible string for SD8787 +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 36dd7a4c6226133b0b7aa92b8e604e688d958d0c + +commit 36dd7a4c6226133b0b7aa92b8e604e688d958d0c upstream. + +Commit e3fffc1f0b47 ("devicetree: document new marvell-8xxx and +pwrseq-sd8787 options") documented a compatible string for SD8787 in +the devicetree bindings, but neglected to add it to the mwifiex driver. + +Fixes: e3fffc1f0b47 ("devicetree: document new marvell-8xxx and pwrseq-sd8787 options") +Signed-off-by: Lukas Wunner <lukas(a)wunner.de> +Cc: stable(a)vger.kernel.org # v4.11+ +Cc: Matt Ranostay <mranostay(a)ti.com> +Signed-off-by: Kalle Valo <kvalo(a)kernel.org> +Link: https://lore.kernel.org/r/320de5005ff3b8fd76be2d2b859fd021689c3681.16748271… +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + drivers/net/wireless/marvell/mwifiex/sdio.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/net/wireless/marvell/mwifiex/sdio.c b/drivers/net/wireless/marvell/mwifiex/sdio.c +index b8dc3b5c..9f506efa 100644 +--- a/drivers/net/wireless/marvell/mwifiex/sdio.c ++++ b/drivers/net/wireless/marvell/mwifiex/sdio.c +@@ -480,6 +480,7 @@ static struct memory_type_mapping mem_type_mapping_tbl[] = { + }; + + static const struct of_device_id mwifiex_sdio_of_match_table[] = { ++ { .compatible = "marvell,sd8787" }, + { .compatible = "marvell,sd8897" }, + { .compatible = "marvell,sd8997" }, + { } +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-007-audit-update-the-mailing-list-in-MAINTAINE… new/patches.kernel.org/6.2.1-007-audit-update-the-mailing-list-in-MAINTAINE… --- old/patches.kernel.org/6.2.1-007-audit-update-the-mailing-list-in-MAINTAINE… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-007-audit-update-the-mailing-list-in-MAINTAINE… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,41 @@ +From: Paul Moore <paul(a)paul-moore.com> +Date: Tue, 7 Feb 2023 10:21:47 -0500 +Subject: [PATCH] audit: update the mailing list in MAINTAINERS +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 6c6cd913accd77008f74a1a9d57b816db3651daa + +commit 6c6cd913accd77008f74a1a9d57b816db3651daa upstream. + +We've moved the upstream Linux Kernel audit subsystem discussions to +a new mailing list, this patch updates the MAINTAINERS info with the +new list address. + +Marking this for stable inclusion to help speed uptake of the new +list across all of the supported kernel releases. This is a doc only +patch so the risk should be close to nil. + +Cc: stable(a)vger.kernel.org +Signed-off-by: Paul Moore <paul(a)paul-moore.com> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + MAINTAINERS | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/MAINTAINERS b/MAINTAINERS +index 135d9336..f77188f3 100644 +--- a/MAINTAINERS ++++ b/MAINTAINERS +@@ -3515,7 +3515,7 @@ F: drivers/net/ieee802154/atusb.h + AUDIT SUBSYSTEM + M: Paul Moore <paul(a)paul-moore.com> + M: Eric Paris <eparis(a)redhat.com> +-L: linux-audit(a)redhat.com (moderated for non-subscribers) ++L: audit(a)vger.kernel.org + S: Supported + W: https://github.com/linux-audit + T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-008-platform-x86-amd-pmf-Add-depends-on-CONFIG… new/patches.kernel.org/6.2.1-008-platform-x86-amd-pmf-Add-depends-on-CONFIG… --- old/patches.kernel.org/6.2.1-008-platform-x86-amd-pmf-Add-depends-on-CONFIG… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-008-platform-x86-amd-pmf-Add-depends-on-CONFIG… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,49 @@ +From: Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> +Date: Mon, 13 Feb 2023 17:44:57 +0530 +Subject: [PATCH] platform/x86/amd/pmf: Add depends on CONFIG_POWER_SUPPLY +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 3004e8d2a0a98bbf4223ae146464fadbff68bf78 + +commit 3004e8d2a0a98bbf4223ae146464fadbff68bf78 upstream. + +It is reported that amd_pmf driver is missing "depends on" for +CONFIG_POWER_SUPPLY causing the following build error. + +ld: drivers/platform/x86/amd/pmf/core.o: in function `amd_pmf_remove': +core.c:(.text+0x10): undefined reference to `power_supply_unreg_notifier' +ld: drivers/platform/x86/amd/pmf/core.o: in function `amd_pmf_probe': +core.c:(.text+0x38f): undefined reference to `power_supply_reg_notifier' +make[1]: *** [scripts/Makefile.vmlinux:34: vmlinux] Error 1 +make: *** [Makefile:1248: vmlinux] Error 2 + +Add this to the Kconfig file. + +Link: https://bugzilla.kernel.org/show_bug.cgi?id=217028 +Fixes: c5258d39fc4c ("platform/x86/amd/pmf: Add helper routine to update SPS thermals") +Signed-off-by: Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> +Link: https://lore.kernel.org/r/20230213121457.1764463-1-Shyam-sundar.S-k@amd.com +Cc: stable(a)vger.kernel.org +Reviewed-by: Hans de Goede <hdegoede(a)redhat.com> +Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + drivers/platform/x86/amd/pmf/Kconfig | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/platform/x86/amd/pmf/Kconfig b/drivers/platform/x86/amd/pmf/Kconfig +index c375498c..6d89528c 100644 +--- a/drivers/platform/x86/amd/pmf/Kconfig ++++ b/drivers/platform/x86/amd/pmf/Kconfig +@@ -6,6 +6,7 @@ + config AMD_PMF + tristate "AMD Platform Management Framework" + depends on ACPI && PCI ++ depends on POWER_SUPPLY + select ACPI_PLATFORM_PROFILE + help + This driver provides support for the AMD Platform Management Framework. +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-009-platform-x86-nvidia-wmi-ec-backlight-Add-f… new/patches.kernel.org/6.2.1-009-platform-x86-nvidia-wmi-ec-backlight-Add-f… --- old/patches.kernel.org/6.2.1-009-platform-x86-nvidia-wmi-ec-backlight-Add-f… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-009-platform-x86-nvidia-wmi-ec-backlight-Add-f… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,65 @@ +From: Hans de Goede <hdegoede(a)redhat.com> +Date: Fri, 17 Feb 2023 15:42:08 +0100 +Subject: [PATCH] platform/x86: nvidia-wmi-ec-backlight: Add force module + parameter +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 0d9bdd8a550170306c2021b8d6766c5343b870c2 + +commit 0d9bdd8a550170306c2021b8d6766c5343b870c2 upstream. + +On some Lenovo Legion models, the backlight might be driven by either +one of nvidia_wmi_ec_backlight or amdgpu_bl0 at different times. + +When the Nvidia WMI EC backlight interface reports the backlight is +controlled by the EC, the current backlight handling only registers +nvidia_wmi_ec_backlight (and registers no other backlight interfaces). + +This hides (never registers) the amdgpu_bl0 interface, where as prior +to 6.1.4 users would have both nvidia_wmi_ec_backlight and amdgpu_bl0 +and could work around things in userspace. + +Add a force module parameter which can be used with acpi_backlight=native +to restore the old behavior as a workound (for now) by passing: + +"acpi_backlight=native nvidia-wmi-ec-backlight.force=1" + +Fixes: 8d0ca287fd8c ("platform/x86: nvidia-wmi-ec-backlight: Use acpi_video_get_backlight_type()") +Link: https://bugzilla.kernel.org/show_bug.cgi?id=217026 +Cc: stable(a)vger.kernel.org +Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> +Reviewed-by: Daniel Dadap <ddadap(a)nvidia.com> +Link: https://lore.kernel.org/r/20230217144208.5721-1-hdegoede@redhat.com +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + drivers/platform/x86/nvidia-wmi-ec-backlight.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/drivers/platform/x86/nvidia-wmi-ec-backlight.c b/drivers/platform/x86/nvidia-wmi-ec-backlight.c +index baccdf65..1b572c90 100644 +--- a/drivers/platform/x86/nvidia-wmi-ec-backlight.c ++++ b/drivers/platform/x86/nvidia-wmi-ec-backlight.c +@@ -12,6 +12,10 @@ + #include <linux/wmi.h> + #include <acpi/video.h> + ++static bool force; ++module_param(force, bool, 0444); ++MODULE_PARM_DESC(force, "Force loading (disable acpi_backlight=xxx checks"); ++ + /** + * wmi_brightness_notify() - helper function for calling WMI-wrapped ACPI method + * @w: Pointer to the struct wmi_device identified by %WMI_BRIGHTNESS_GUID +@@ -91,7 +95,7 @@ static int nvidia_wmi_ec_backlight_probe(struct wmi_device *wdev, const void *ct + int ret; + + /* drivers/acpi/video_detect.c also checks that SOURCE == EC */ +- if (acpi_video_get_backlight_type() != acpi_backlight_nvidia_wmi_ec) ++ if (!force && acpi_video_get_backlight_type() != acpi_backlight_nvidia_wmi_ec) + return -ENODEV; + + /* +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-010-ext4-Fix-function-prototype-mismatch-for-e… new/patches.kernel.org/6.2.1-010-ext4-Fix-function-prototype-mismatch-for-e… --- old/patches.kernel.org/6.2.1-010-ext4-Fix-function-prototype-mismatch-for-e… 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-010-ext4-Fix-function-prototype-mismatch-for-e… 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,80 @@ +From: Kees Cook <keescook(a)chromium.org> +Date: Wed, 4 Jan 2023 13:09:12 -0800 +Subject: [PATCH] ext4: Fix function prototype mismatch for ext4_feat_ktype +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 118901ad1f25d2334255b3d50512fa20591531cd + +commit 118901ad1f25d2334255b3d50512fa20591531cd upstream. + +With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), +indirect call targets are validated against the expected function +pointer prototype to make sure the call target is valid to help mitigate +ROP attacks. If they are not identical, there is a failure at run time, +which manifests as either a kernel panic or thread getting killed. + +ext4_feat_ktype was setting the "release" handler to "kfree", which +doesn't have a matching function prototype. Add a simple wrapper +with the correct prototype. + +This was found as a result of Clang's new -Wcast-function-type-strict +flag, which is more sensitive than the simpler -Wcast-function-type, +which only checks for type width mismatches. + +Note that this code is only reached when ext4 is a loadable module and +it is being unloaded: + + CFI failure at kobject_put+0xbb/0x1b0 (target: kfree+0x0/0x180; expected type: 0x7c4aa698) + ... + RIP: 0010:kobject_put+0xbb/0x1b0 + ... + Call Trace: + <TASK> + ext4_exit_sysfs+0x14/0x60 [ext4] + cleanup_module+0x67/0xedb [ext4] + +Fixes: b99fee58a20a ("ext4: create ext4_feat kobject dynamically") +Cc: Theodore Ts'o <tytso(a)mit.edu> +Cc: Eric Biggers <ebiggers(a)kernel.org> +Cc: stable(a)vger.kernel.org +Build-tested-by: Gustavo A. R. Silva <gustavoars(a)kernel.org> +Reviewed-by: Gustavo A. R. Silva <gustavoars(a)kernel.org> +Reviewed-by: Nathan Chancellor <nathan(a)kernel.org> +Link: https://lore.kernel.org/r/20230103234616.never.915-kees@kernel.org +Signed-off-by: Kees Cook <keescook(a)chromium.org> +Reviewed-by: Eric Biggers <ebiggers(a)google.com> +Link: https://lore.kernel.org/r/20230104210908.gonna.388-kees@kernel.org +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + fs/ext4/sysfs.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/fs/ext4/sysfs.c b/fs/ext4/sysfs.c +index d233c24e..e2b8b343 100644 +--- a/fs/ext4/sysfs.c ++++ b/fs/ext4/sysfs.c +@@ -491,6 +491,11 @@ static void ext4_sb_release(struct kobject *kobj) + complete(&sbi->s_kobj_unregister); + } + ++static void ext4_feat_release(struct kobject *kobj) ++{ ++ kfree(kobj); ++} ++ + static const struct sysfs_ops ext4_attr_ops = { + .show = ext4_attr_show, + .store = ext4_attr_store, +@@ -505,7 +510,7 @@ static struct kobj_type ext4_sb_ktype = { + static struct kobj_type ext4_feat_ktype = { + .default_groups = ext4_feat_groups, + .sysfs_ops = &ext4_attr_ops, +- .release = (void (*)(struct kobject *))kfree, ++ .release = ext4_feat_release, + }; + + void ext4_notify_error_sysfs(struct ext4_sb_info *sbi) +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-011-randstruct-disable-Clang-15-support.patch new/patches.kernel.org/6.2.1-011-randstruct-disable-Clang-15-support.patch --- old/patches.kernel.org/6.2.1-011-randstruct-disable-Clang-15-support.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-011-randstruct-disable-Clang-15-support.patch 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,46 @@ +From: Eric Biggers <ebiggers(a)google.com> +Date: Tue, 7 Feb 2023 22:51:33 -0800 +Subject: [PATCH] randstruct: disable Clang 15 support +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 78f7a3fd6dc66cb788c21d7705977ed13c879351 + +commit 78f7a3fd6dc66cb788c21d7705977ed13c879351 upstream. + +The randstruct support released in Clang 15 is unsafe to use due to a +bug that can cause miscompilations: "-frandomize-layout-seed +inconsistently randomizes all-function-pointers structs" +(https://github.com/llvm/llvm-project/issues/60349). It has been fixed +on the Clang 16 release branch, so add a Clang version check. + +Fixes: 035f7f87b729 ("randstruct: Enable Clang support") +Cc: stable(a)vger.kernel.org +Signed-off-by: Eric Biggers <ebiggers(a)google.com> +Acked-by: Nick Desaulniers <ndesaulniers(a)google.com> +Reviewed-by: Nathan Chancellor <nathan(a)kernel.org> +Reviewed-by: Bill Wendling <morbo(a)google.com> +Signed-off-by: Kees Cook <keescook(a)chromium.org> +Link: https://lore.kernel.org/r/20230208065133.220589-1-ebiggers@kernel.org +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + security/Kconfig.hardening | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening +index 53baa95c..0f295961 100644 +--- a/security/Kconfig.hardening ++++ b/security/Kconfig.hardening +@@ -281,6 +281,9 @@ endmenu + + config CC_HAS_RANDSTRUCT + def_bool $(cc-option,-frandomize-layout-seed-file=/dev/null) ++ # Randstruct was first added in Clang 15, but it isn't safe to use until ++ # Clang 16 due to https://github.com/llvm/llvm-project/issues/60349 ++ depends on !CC_IS_CLANG || CLANG_VERSION >= 160000 + + choice + prompt "Randomize layout of sensitive kernel structures" +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-012-bpf-add-missing-header-file-include.patch new/patches.kernel.org/6.2.1-012-bpf-add-missing-header-file-include.patch --- old/patches.kernel.org/6.2.1-012-bpf-add-missing-header-file-include.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-012-bpf-add-missing-header-file-include.patch 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,55 @@ +From: Linus Torvalds <torvalds(a)linux-foundation.org> +Date: Wed, 22 Feb 2023 09:52:32 -0800 +Subject: [PATCH] bpf: add missing header file include +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: f3dd0c53370e70c0f9b7e931bbec12916f3bb8cc + +commit f3dd0c53370e70c0f9b7e931bbec12916f3bb8cc upstream. + +Commit 74e19ef0ff80 ("uaccess: Add speculation barrier to +copy_from_user()") built fine on x86-64 and arm64, and that's the extent +of my local build testing. + +It turns out those got the <linux/nospec.h> include incidentally through +other header files (<linux/kvm_host.h> in particular), but that was not +true of other architectures, resulting in build errors + + kernel/bpf/core.c: In function ��___bpf_prog_run��: + kernel/bpf/core.c:1913:3: error: implicit declaration of function ��barrier_nospec�� + +so just make sure to explicitly include the proper <linux/nospec.h> +header file to make everybody see it. + +Fixes: 74e19ef0ff80 ("uaccess: Add speculation barrier to copy_from_user()") +Reported-by: kernel test robot <lkp(a)intel.com> +Reported-by: Viresh Kumar <viresh.kumar(a)linaro.org> +Reported-by: Huacai Chen <chenhuacai(a)loongson.cn> +Tested-by: Geert Uytterhoeven <geert(a)linux-m68k.org> +Tested-by: Dave Hansen <dave.hansen(a)linux.intel.com> +Acked-by: Alexei Starovoitov <alexei.starovoitov(a)gmail.com> +Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + kernel/bpf/core.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c +index 430c66d5..f9c3b103 100644 +--- a/kernel/bpf/core.c ++++ b/kernel/bpf/core.c +@@ -34,6 +34,7 @@ + #include <linux/log2.h> + #include <linux/bpf_verifier.h> + #include <linux/nodemask.h> ++#include <linux/nospec.h> + #include <linux/bpf_mem_alloc.h> + + #include <asm/barrier.h> +-- +2.35.3 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/6.2.1-013-Linux-6.2.1.patch new/patches.kernel.org/6.2.1-013-Linux-6.2.1.patch --- old/patches.kernel.org/6.2.1-013-Linux-6.2.1.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/6.2.1-013-Linux-6.2.1.patch 2023-02-27 12:39:26.000000000 +0100 @@ -0,0 +1,42 @@ +From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Date: Sat, 25 Feb 2023 11:13:30 +0100 +Subject: [PATCH] Linux 6.2.1 +References: bsc#1012628 +Patch-mainline: 6.2.1 +Git-commit: 8c20eb7e6a27b2c493b0bbb435e75cae7135634f + +Link: https://lore.kernel.org/r/20230223130426.170746546@linuxfoundation.org +Link: https://lore.kernel.org/r/20230223141539.893173089@linuxfoundation.org +Tested-by: Luna Jernberg <droidbittin(a)gmail.com> +Tested-by: Justin M. Forbes <jforbes(a)fedoraproject.org> +Tested-by: Conor Dooley <conor.dooley(a)microchip.com> +Tested-by: Florian Fainelli <f.fainelli(a)gmail.com> +Tested-by: Shuah Khan <skhan(a)linuxfoundation.org> +Tested-by: Bagas Sanjaya <bagasdotme(a)gmail.com> +Tested-by: Guenter Roeck <linux(a)roeck-us.net> +Tested-by: Linux Kernel Functional Testing <lkft(a)linaro.org> +Tested-by: Ron Economos <re(a)w6rz.net> +Tested-by: Slade Watkins <srw(a)sladewatkins.net> +Tested-by: Allen Pais <apais(a)linux.microsoft.com> +Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> +Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 3f662878..f26824f3 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,7 +1,7 @@ + # SPDX-License-Identifier: GPL-2.0 + VERSION = 6 + PATCHLEVEL = 2 +-SUBLEVEL = 0 ++SUBLEVEL = 1 + EXTRAVERSION = + NAME = Hurr durr I'ma ninja sloth + +-- +2.35.3 + ++++++ patches.suse.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch new/patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch --- old/patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch 2023-02-23 04:31:08.000000000 +0100 @@ -0,0 +1,91 @@ +From 478a0cff698409224330ea9e25eb332220b55dbb Mon Sep 17 00:00:00 2001 +From: Jeremy Cline <jcline(a)redhat.com> +Date: Mon, 30 Sep 2019 21:22:47 +0000 +Subject: [PATCH 1/3] security: lockdown: expose a hook to lock the kernel down +Patch-mainline: Never, Fedora Core 32 +References: jsc#SLE-9870 + +In order to automatically lock down kernels running on UEFI machines +booted in Secure Boot mode, expose the lock_kernel_down() hook. + +Signed-off-by: Jeremy Cline <jcline(a)redhat.com> +Acked-by: Lee, Chun-Yi <jlee(a)suse.com> +--- + include/linux/lsm_hook_defs.h | 1 + + include/linux/lsm_hooks.h | 6 ++++++ + include/linux/security.h | 5 +++++ + security/lockdown/lockdown.c | 1 + + security/security.c | 6 ++++++ + 5 files changed, 19 insertions(+) + +--- a/include/linux/lsm_hook_defs.h ++++ b/include/linux/lsm_hook_defs.h +@@ -403,6 +403,7 @@ LSM_HOOK(void, LSM_RET_VOID, bpf_prog_fr + #endif /* CONFIG_BPF_SYSCALL */ + + LSM_HOOK(int, 0, locked_down, enum lockdown_reason what) ++LSM_HOOK(int, 0, lock_kernel_down, const char *where, enum lockdown_reason level) + + #ifdef CONFIG_PERF_EVENTS + LSM_HOOK(int, 0, perf_event_open, struct perf_event_attr *attr, int type) +--- a/include/linux/lsm_hooks.h ++++ b/include/linux/lsm_hooks.h +@@ -1618,6 +1618,12 @@ + * @what: kernel feature being accessed. + * Return 0 if permission is granted. + * ++ * @lock_kernel_down ++ * Put the kernel into lock-down mode. ++ * ++ * @where: Where the lock-down is originating from (e.g. command line option) ++ * @level: The lock-down level (can only increase) ++ * + * Security hooks for perf events + * + * @perf_event_open: +--- a/include/linux/security.h ++++ b/include/linux/security.h +@@ -487,6 +487,7 @@ int security_inode_notifysecctx(struct i + int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); + int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); + int security_locked_down(enum lockdown_reason what); ++int security_lock_kernel_down(const char *where, enum lockdown_reason level); + #else /* CONFIG_SECURITY */ + + static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) +@@ -1402,6 +1403,10 @@ static inline int security_locked_down(e + { + return 0; + } ++static inline int security_lock_kernel_down(const char *where, enum lockdown_reason level) ++{ ++ return 0; ++} + #endif /* CONFIG_SECURITY */ + + #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) +--- a/security/lockdown/lockdown.c ++++ b/security/lockdown/lockdown.c +@@ -73,6 +73,7 @@ static int lockdown_is_locked_down(enum + + static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = { + LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), ++ LSM_HOOK_INIT(lock_kernel_down, lock_kernel_down), + }; + + static int __init lockdown_lsm_init(void) +--- a/security/security.c ++++ b/security/security.c +@@ -2705,6 +2705,12 @@ int security_locked_down(enum lockdown_r + } + EXPORT_SYMBOL(security_locked_down); + ++int security_lock_kernel_down(const char *where, enum lockdown_reason level) ++{ ++ return call_int_hook(lock_kernel_down, 0, where, level); ++} ++EXPORT_SYMBOL(security_lock_kernel_down); ++ + #ifdef CONFIG_PERF_EVENTS + int security_perf_event_open(struct perf_event_attr *attr, int type) + { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch new/patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch --- old/patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch 2023-02-23 04:31:08.000000000 +0100 @@ -0,0 +1,154 @@ +From b5123d0553f4ed5e734f6457696cdd30228d1eee Mon Sep 17 00:00:00 2001 +From: David Howells <dhowells(a)redhat.com> +Date: Tue, 27 Feb 2018 10:04:55 +0000 +Subject: [PATCH 2/3] efi: Add an EFI_SECURE_BOOT flag to indicate secure + boot mode +Patch-mainline: Never, Fedora Core 32 +References: jsc#SLE-9870 + +UEFI machines can be booted in Secure Boot mode. Add an EFI_SECURE_BOOT +flag that can be passed to efi_enabled() to find out whether secure boot is +enabled. + +Move the switch-statement in x86's setup_arch() that inteprets the +secure_boot boot parameter to generic code and set the bit there. + +Suggested-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> +Signed-off-by: David Howells <dhowells(a)redhat.com> +Reviewed-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> +cc: linux-efi(a)vger.kernel.org +[Rebased for context; efi_is_table_address was moved to arch/x86] +Signed-off-by: Jeremy Cline <jcline(a)redhat.com> +Acked-by: Lee, Chun-Yi <jlee(a)suse.com> +Signed-off-by: Chester Lin <clin(a)suse.com> +--- + arch/x86/kernel/setup.c | 14 +------------- + drivers/firmware/efi/Makefile | 1 + + drivers/firmware/efi/secureboot.c | 38 ++++++++++++++++++++++++++++++++++++++ + include/linux/efi.h | 19 ++++++++++++------- + 4 files changed, 52 insertions(+), 20 deletions(-) + create mode 100644 drivers/firmware/efi/secureboot.c + +--- a/arch/x86/kernel/setup.c ++++ b/arch/x86/kernel/setup.c +@@ -1114,19 +1114,7 @@ void __init setup_arch(char **cmdline_p) + /* Allocate bigger log buffer */ + setup_log_buf(1); + +- if (efi_enabled(EFI_BOOT)) { +- switch (boot_params.secure_boot) { +- case efi_secureboot_mode_disabled: +- pr_info("Secure boot disabled\n"); +- break; +- case efi_secureboot_mode_enabled: +- pr_info("Secure boot enabled\n"); +- break; +- default: +- pr_info("Secure boot could not be determined\n"); +- break; +- } +- } ++ efi_set_secure_boot(boot_params.secure_boot); + + reserve_initrd(); + +--- a/drivers/firmware/efi/Makefile ++++ b/drivers/firmware/efi/Makefile +@@ -27,6 +27,7 @@ obj-$(CONFIG_EFI_FAKE_MEMMAP) += fake_m + obj-$(CONFIG_EFI_BOOTLOADER_CONTROL) += efibc.o + obj-$(CONFIG_EFI_TEST) += test/ + obj-$(CONFIG_EFI_DEV_PATH_PARSER) += dev-path-parser.o ++obj-$(CONFIG_EFI) += secureboot.o + obj-$(CONFIG_APPLE_PROPERTIES) += apple-properties.o + obj-$(CONFIG_EFI_RCI2_TABLE) += rci2-table.o + obj-$(CONFIG_EFI_EMBEDDED_FIRMWARE) += embedded-firmware.o +--- /dev/null ++++ b/drivers/firmware/efi/secureboot.c +@@ -0,0 +1,38 @@ ++/* Core kernel secure boot support. ++ * ++ * Copyright (C) 2017 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells(a)redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt ++ ++#include <linux/efi.h> ++#include <linux/kernel.h> ++#include <linux/printk.h> ++ ++/* ++ * Decide what to do when UEFI secure boot mode is enabled. ++ */ ++void __init efi_set_secure_boot(enum efi_secureboot_mode mode) ++{ ++ if (efi_enabled(EFI_BOOT)) { ++ switch (mode) { ++ case efi_secureboot_mode_disabled: ++ pr_info("Secure boot disabled\n"); ++ break; ++ case efi_secureboot_mode_enabled: ++ set_bit(EFI_SECURE_BOOT, &efi.flags); ++ pr_info("Secure boot enabled\n"); ++ break; ++ default: ++ pr_warn("Secure boot could not be determined (mode %u)\n", ++ mode); ++ break; ++ } ++ } ++} +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -847,6 +847,14 @@ extern int __init efi_setup_pcdp_console + #define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */ + #define EFI_MEM_NO_SOFT_RESERVE 11 /* Is the kernel configured to ignore soft reservations? */ + #define EFI_PRESERVE_BS_REGIONS 12 /* Are EFI boot-services memory segments available? */ ++#define EFI_SECURE_BOOT 13 /* Are we in Secure Boot mode? */ ++ ++enum efi_secureboot_mode { ++ efi_secureboot_mode_unset, ++ efi_secureboot_mode_unknown, ++ efi_secureboot_mode_disabled, ++ efi_secureboot_mode_enabled, ++}; + + #ifdef CONFIG_EFI + /* +@@ -871,6 +879,8 @@ static inline bool efi_rt_services_suppo + return (efi.runtime_supported_mask & mask) == mask; + } + extern void efi_find_mirror(void); ++ ++extern void __init efi_set_secure_boot(enum efi_secureboot_mode mode); + #else + static inline bool efi_enabled(int feature) + { +@@ -890,6 +900,8 @@ static inline bool efi_rt_services_suppo + } + + static inline void efi_find_mirror(void) {} ++ ++static inline void efi_set_secure_boot(enum efi_secureboot_mode mode) {} + #endif + + extern int efi_status_to_err(efi_status_t status); +@@ -1105,13 +1117,6 @@ static inline bool efi_runtime_disabled( + extern void efi_call_virt_check_flags(unsigned long flags, const char *call); + extern unsigned long efi_call_virt_save_flags(void); + +-enum efi_secureboot_mode { +- efi_secureboot_mode_unset, +- efi_secureboot_mode_unknown, +- efi_secureboot_mode_disabled, +- efi_secureboot_mode_enabled, +-}; +- + static inline + enum efi_secureboot_mode efi_get_secureboot_mode(efi_get_variable_t *get_var) + { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch new/patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch --- old/patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch 2023-02-23 04:31:08.000000000 +0100 @@ -0,0 +1,67 @@ +From 15368f76d4997912318d35c52bfeb9041d85098e Mon Sep 17 00:00:00 2001 +From: David Howells <dhowells(a)redhat.com> +Date: Mon, 30 Sep 2019 21:28:16 +0000 +Subject: [PATCH 3/3] efi: Lock down the kernel if booted in secure boot mode +Patch-mainline: Never, Fedora Core 32 +References: jsc#SLE-9870 + +UEFI Secure Boot provides a mechanism for ensuring that the firmware +will only load signed bootloaders and kernels. Certain use cases may +also require that all kernel modules also be signed. Add a +configuration option that to lock down the kernel - which includes +requiring validly signed modules - if the kernel is secure-booted. + +Signed-off-by: David Howells <dhowells(a)redhat.com> +Signed-off-by: Jeremy Cline <jcline(a)redhat.com> +Acked-by: Lee, Chun-Yi <jlee(a)suse.com> +--- + arch/x86/kernel/setup.c | 8 ++++++++ + security/lockdown/Kconfig | 13 +++++++++++++ + 2 files changed, 21 insertions(+) + +--- a/arch/x86/kernel/setup.c ++++ b/arch/x86/kernel/setup.c +@@ -25,6 +25,7 @@ + #include <linux/static_call.h> + #include <linux/swiotlb.h> + #include <linux/random.h> ++#include <linux/security.h> + + #include <uapi/linux/mount.h> + +@@ -1036,6 +1037,13 @@ void __init setup_arch(char **cmdline_p) + if (efi_enabled(EFI_BOOT)) + efi_init(); + ++ efi_set_secure_boot(boot_params.secure_boot); ++ ++#ifdef CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT ++ if (efi_enabled(EFI_SECURE_BOOT)) ++ security_lock_kernel_down("EFI Secure Boot mode", LOCKDOWN_CONFIDENTIALITY_MAX); ++#endif ++ + dmi_setup(); + + /* +--- a/security/lockdown/Kconfig ++++ b/security/lockdown/Kconfig +@@ -16,6 +16,19 @@ config SECURITY_LOCKDOWN_LSM_EARLY + subsystem is fully initialised. If enabled, lockdown will + unconditionally be called before any other LSMs. + ++config LOCK_DOWN_IN_EFI_SECURE_BOOT ++ bool "Lock down the kernel in EFI Secure Boot mode" ++ default n ++ depends on EFI && SECURITY_LOCKDOWN_LSM_EARLY ++ help ++ UEFI Secure Boot provides a mechanism for ensuring that the firmware ++ will only load signed bootloaders and kernels. Secure boot mode may ++ be determined from EFI variables provided by the system firmware if ++ not indicated by the boot parameters. ++ ++ Enabling this option results in kernel lockdown being triggered if ++ EFI Secure Boot is set. ++ + choice + prompt "Kernel default lockdown mode" + default LOCK_DOWN_KERNEL_FORCE_NONE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch new/patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch --- old/patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch 2023-02-23 04:31:08.000000000 +0100 @@ -0,0 +1,32 @@ +From a44d0b29e985f769540491f7f39b8ffe9ddc3768 Mon Sep 17 00:00:00 2001 +From: "Lee, Chun-Yi" <jlee(a)suse.com> +Date: Tue, 26 Nov 2019 14:40:07 +0800 +Subject: [PATCH] efi: Lock down the kernel at the integrity level if booted in + secure boot mode +Patch-mainline: Never, SUSE specific tweak +References: jsc#SLE-9870 + +The perf and bpf are restricted in confidentiality level, but those +functions are available on SLE. So we use integrity level here. + +Signed-off-by: Lee, Chun-Yi <jlee(a)suse.com> +--- + arch/x86/kernel/setup.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c +index 303abf8..a94e2b0 100644 +--- a/arch/x86/kernel/setup.c ++++ b/arch/x86/kernel/setup.c +@@ -1032,7 +1032,7 @@ void __init setup_arch(char **cmdline_p) + + #ifdef CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT + if (efi_enabled(EFI_SECURE_BOOT)) +- security_lock_kernel_down("EFI Secure Boot mode", LOCKDOWN_CONFIDENTIALITY_MAX); ++ security_lock_kernel_down("EFI Secure Boot mode", LOCKDOWN_INTEGRITY_MAX); + #endif + + dmi_setup(); +-- +2.16.4 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch new/patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch --- old/patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch 2023-02-23 04:31:08.000000000 +0100 @@ -0,0 +1,47 @@ +From: Chester Lin <clin(a)suse.com> +Date: Fri, 20 Nov 2020 14:08:38 +0800 +Subject: arm64: lock down kernel in secure boot mode +References: jsc#SLE-15020 +Patch-mainline: never, only for SLE + +This kernel lockdown feature on ARM64 depends on IMA and EFI to query +secure boot mode. Because aarch64 initiates the EFI subsystem late so +the lockdown check must be put off until the EFI subsystem has been +initialized. + +Signed-off-by: Chester Lin <clin(a)suse.com> +--- + drivers/firmware/efi/secureboot.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +--- a/drivers/firmware/efi/secureboot.c ++++ b/drivers/firmware/efi/secureboot.c +@@ -14,6 +14,8 @@ + #include <linux/efi.h> + #include <linux/kernel.h> + #include <linux/printk.h> ++#include <linux/init.h> ++#include <linux/ima.h> + + /* + * Decide what to do when UEFI secure boot mode is enabled. +@@ -36,3 +38,19 @@ void __init efi_set_secure_boot(enum efi + } + } + } ++ ++#if defined(CONFIG_ARM64) && defined(CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT) ++/* ++ * The arm64_kernel_lockdown() must run after efisubsys_init() because the ++ * the secure boot mode query relies on efi_rts_wq to call EFI_GET_VARIABLE. ++ */ ++static int __init arm64_kernel_lockdown(void) ++{ ++ if (arch_ima_get_secureboot()) ++ security_lock_kernel_down("EFI Secure Boot mode", ++ LOCKDOWN_INTEGRITY_MAX); ++ return 0; ++} ++ ++subsys_initcall(arm64_kernel_lockdown); ++#endif ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:48.330703224 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:48.334703242 +0100 @@ -27,6 +27,19 @@ # DO NOT MODIFY THEM! # Send separate patches upstream if you find a problem... ######################################################## + patches.kernel.org/6.2.1-001-uaccess-Add-speculation-barrier-to-copy_from_u… + patches.kernel.org/6.2.1-002-x86-alternatives-Introduce-int3_emulate_jcc.pa… + patches.kernel.org/6.2.1-003-x86-alternatives-Teach-text_poke_bp-to-patch-J… + patches.kernel.org/6.2.1-004-x86-static_call-Add-support-for-Jcc-tail-calls… + patches.kernel.org/6.2.1-005-HID-mcp-2221-prevent-UAF-in-delayed-work.patch + patches.kernel.org/6.2.1-006-wifi-mwifiex-Add-missing-compatible-string-for… + patches.kernel.org/6.2.1-007-audit-update-the-mailing-list-in-MAINTAINERS.p… + patches.kernel.org/6.2.1-008-platform-x86-amd-pmf-Add-depends-on-CONFIG_POW… + patches.kernel.org/6.2.1-009-platform-x86-nvidia-wmi-ec-backlight-Add-force… + patches.kernel.org/6.2.1-010-ext4-Fix-function-prototype-mismatch-for-ext4_… + patches.kernel.org/6.2.1-011-randstruct-disable-Clang-15-support.patch + patches.kernel.org/6.2.1-012-bpf-add-missing-header-file-include.patch + patches.kernel.org/6.2.1-013-Linux-6.2.1.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -147,6 +160,14 @@ # Security ######################################################## + # Bug 1198101 - VUL-0: shim: openSUSE tumbleweed not fully locked down? Add opensuse-cert-prompt back to openSUSE shim + # Lock down functions for secure boot + patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch + patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch + patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch + patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch + patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch + # crypto ######################################################## ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:48.362703369 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:48.366703387 +0100 @@ -1,4 +1,4 @@ -2023-02-20 06:22:59 +0000 -GIT Revision: 89e27851f72a9025c71bfb1a4edc9748cfbed036 +2023-02-27 11:39:51 +0000 +GIT Revision: 69e0e95118afe307ac9da57c2cc7f80673a41423 GIT Branch: stable ++++++ supported.conf ++++++ --- /var/tmp/diff_new_pack.mzc6Cj/_old 2023-03-02 23:01:48.434703695 +0100 +++ /var/tmp/diff_new_pack.mzc6Cj/_new 2023-03-02 23:01:48.442703731 +0100 @@ -3443,8 +3443,8 @@ - drivers/video/fbdev/metronomefb - drivers/video/fbdev/ocfb - drivers/video/fbdev/smscufx - drivers/video/fbdev/uvesafb - drivers/video/fbdev/vfb +- drivers/video/fbdev/uvesafb +- drivers/video/fbdev/vfb +base drivers/video/fbdev/xen-fbfront - drivers/video/fbdev/xilinxfb drivers/video/macmodes # Standard MacOS video modes

1 0

commit 000product for openSUSE:Factory
by Source-Sync 01 Mar '23

01 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package 000product for openSUSE:Factory checked in at 2023-03-01 23:49:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/000product (Old) and /work/SRC/openSUSE:Factory/.000product.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "000product" Wed Mar 1 23:49:56 2023 rev:3528 rq: version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MicroOS-dvd5-dvd-x86_64.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:02.973194095 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:02.981194138 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__MicroOS___20230228" schemaversion="4.1"> +<image name="OBS__MicroOS___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -35,11 +35,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:microos:20230228,openSUSE MicroOS</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:microos:20230301,openSUSE MicroOS</productinfo> <productinfo name="LINGUAS">en_US </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/MicroOS/20230228/x86_64</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/MicroOS/20230301/x86_64</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> <productoption name="PLUGIN_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> @@ -109,6 +109,7 @@ <repopackage name="autoyast2-installation" arch="x86_64"/> <repopackage name="avahi" arch="x86_64"/> <repopackage name="avahi-lang" arch="x86_64"/> + <repopackage name="babelstone-han-fonts" arch="x86_64"/> <repopackage name="babeltrace" arch="x86_64"/> <repopackage name="baloo5-file" arch="x86_64"/> <repopackage name="baloo5-file-lang" arch="x86_64"/> @@ -290,7 +291,6 @@ <repopackage name="ed" arch="x86_64"/> <repopackage name="edict2"/> <repopackage name="efibootmgr" arch="x86_64"/> - <repopackage name="efont-unicode-bitmap-fonts" arch="x86_64"/> <repopackage name="elfutils"/> <repopackage name="elfutils-lang"/> <repopackage name="enchant-1-backends"/> @@ -2586,6 +2586,7 @@ <repopackage name="system-user-tftp" arch="x86_64"/> <repopackage name="system-user-tss" arch="x86_64"/> <repopackage name="systemd"/> + <repopackage name="systemd-coredump" arch="x86_64"/> <repopackage name="systemd-default-settings"/> <repopackage name="systemd-default-settings-branding-openSUSE" arch="x86_64"/> <repopackage name="systemd-default-settings-branding-SLE"/> ++++++ openSUSE-Addon-NonOss-ftp-ftp-i586_x86_64.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.025194372 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.029194394 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__openSUSE-Addon-NonOss___20230228" schemaversion="4.1"> +<image name="OBS__openSUSE-Addon-NonOss___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -36,11 +36,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:opensuse-addon-nonoss:20230228,openSUSE NonOSS Addon</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:opensuse-addon-nonoss:20230301,openSUSE NonOSS Addon</productinfo> <productinfo name="LINGUAS">af ar be_BY bg br ca cy el et ga gl gu_IN he hi_IN hr ka km ko lt mk nn pa_IN rw sk sl sr_CS ss st tg th tr uk ve vi xh zu </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE-Addon-NonOss/2023… obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE-Addon-NonOss/2023…</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE-Addon-NonOss/2023… obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE-Addon-NonOss/2023…</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> <productoption name="PLUGIN_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> ++++++ openSUSE-cd-mini-i586.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.065194586 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.073194628 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__openSUSE___20230228" schemaversion="4.1"> +<image name="OBS__openSUSE___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -32,11 +32,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230228,openSUSE Tumbleweed</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230301,openSUSE Tumbleweed</productinfo> <productinfo name="LINGUAS">cs da de el en en_GB en_US es fr hu it ja pl pt pt_BR ru zh zh_CN zh_TW </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230228/i586</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230301/i586</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> <productoption name="PLUGIN_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> ++++++ openSUSE-cd-mini-x86_64.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.145195013 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.153195056 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__openSUSE___20230228" schemaversion="4.1"> +<image name="OBS__openSUSE___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -35,11 +35,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230228,openSUSE Tumbleweed</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230301,openSUSE Tumbleweed</productinfo> <productinfo name="LINGUAS">cs da de el en en_GB en_US es fr hu it ja pl pt pt_BR ru zh zh_CN zh_TW </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230228/x86_64</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230301/x86_64</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> <productoption name="PLUGIN_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> ++++++ openSUSE-dvd5-dvd-i586.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.205195333 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.221195418 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__openSUSE___20230228" schemaversion="4.1"> +<image name="OBS__openSUSE___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -32,11 +32,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230228,openSUSE Tumbleweed</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230301,openSUSE Tumbleweed</productinfo> <productinfo name="LINGUAS">cs da de el en en_GB en_US es fr hu it ja pl pt pt_BR ru zh zh_CN zh_TW </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230228/i586</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230301/i586</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> <productoption name="PLUGIN_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> @@ -167,6 +167,7 @@ <repopackage name="avahi-lang"/> <repopackage name="awesfx"/> <repopackage name="b43-fwcutter"/> + <repopackage name="babelstone-han-fonts"/> <repopackage name="baloo5-file"/> <repopackage name="baloo5-file-lang"/> <repopackage name="baloo5-imports"/> @@ -383,7 +384,6 @@ <repopackage name="ed"/> <repopackage name="edict2"/> <repopackage name="eekboard"/> - <repopackage name="efont-unicode-bitmap-fonts"/> <repopackage name="elfutils"/> <repopackage name="elfutils-lang"/> <repopackage name="emacs"/> @@ -4246,6 +4246,7 @@ <repopackage name="system-user-wwwrun"/> <repopackage name="systemd"/> <repopackage name="systemd-container"/> + <repopackage name="systemd-coredump"/> <repopackage name="systemd-default-settings"/> <repopackage name="systemd-default-settings-branding-openSUSE"/> <repopackage name="systemd-default-settings-branding-SLE"/> ++++++ openSUSE-dvd5-dvd-x86_64.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.277195718 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.293195803 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__openSUSE___20230228" schemaversion="4.1"> +<image name="OBS__openSUSE___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -35,11 +35,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230228,openSUSE Tumbleweed</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230301,openSUSE Tumbleweed</productinfo> <productinfo name="LINGUAS">cs da de el en en_GB en_US es fr hu it ja pl pt pt_BR ru zh zh_CN zh_TW </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230228/x86_64</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230301/x86_64</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> <productoption name="PLUGIN_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> @@ -177,6 +177,7 @@ <repopackage name="avahi-lang"/> <repopackage name="awesfx"/> <repopackage name="b43-fwcutter"/> + <repopackage name="babelstone-han-fonts"/> <repopackage name="babeltrace" arch="x86_64"/> <repopackage name="baloo5-file"/> <repopackage name="baloo5-file-lang"/> @@ -398,7 +399,6 @@ <repopackage name="edict2"/> <repopackage name="eekboard"/> <repopackage name="efibootmgr" arch="x86_64"/> - <repopackage name="efont-unicode-bitmap-fonts"/> <repopackage name="elfutils"/> <repopackage name="elfutils-lang"/> <repopackage name="elilo" arch="x86_64"/> @@ -4467,6 +4467,7 @@ <repopackage name="systemd"/> <repopackage name="systemd-32bit" arch="x86_64"/> <repopackage name="systemd-container"/> + <repopackage name="systemd-coredump"/> <repopackage name="systemd-default-settings"/> <repopackage name="systemd-default-settings-branding-openSUSE"/> <repopackage name="systemd-default-settings-branding-SLE"/> ++++++ openSUSE-ftp-ftp-i586_x86_64.kiwi ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.345196080 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.349196102 +0100 @@ -1,4 +1,4 @@ -<image name="OBS__openSUSE___20230228" schemaversion="4.1"> +<image name="OBS__openSUSE___20230301" schemaversion="4.1"> <description type="system"> <author>The SUSE Team</author> <contact>build(a)opensuse.org</contact> @@ -24,7 +24,7 @@ <productvar name="DISTNAME">openSUSE</productvar> <productvar name="FLAVOR">ftp</productvar> <productvar name="MAKE_LISTINGS">true</productvar> - <productvar name="MEDIUM_NAME">openSUSE-20230228-i586-x86_64</productvar> + <productvar name="MEDIUM_NAME">openSUSE-20230301-i586-x86_64</productvar> <productvar name="MULTIPLE_MEDIA">true</productvar> <productvar name="PRODUCT_DIR">/</productvar> <productvar name="PRODUCT_NAME">$DISTNAME-$FLAVOR</productvar> @@ -36,11 +36,11 @@ <productvar name="SEPARATE_MEDIA">true</productvar> <productvar name="SHA1OPT">-x -2</productvar> <productvar name="VENDOR">openSUSE</productvar> - <productvar name="VERSION">20230228</productvar> + <productvar name="VERSION">20230301</productvar> <productinfo name="CONTENTSTYLE">11</productinfo> - <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230228,openSUSE Tumbleweed</productinfo> + <productinfo name="DISTRO">cpe:/o:opensuse:opensuse:20230301,openSUSE Tumbleweed</productinfo> <productinfo name="LINGUAS">cs da de el en en_GB en_US es fr hu it ja pl pt pt_BR ru zh zh_CN zh_TW </productinfo> - <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230228/i586 obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230228/x86_64</productinfo> + <productinfo name="REPOID">obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230301/i586 obsproduct://build.opensuse.org/openSUSE:Factory/openSUSE/20230301/x86_64</productinfo> <productinfo name="VENDOR">openSUSE</productinfo> <productoption name="DEBUGMEDIUM">2</productoption> <productoption name="INI_DIR">/usr/share/kiwi/modules/plugins/tumbleweed</productoption> ++++++ MicroOS.product ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.429196529 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.433196550 +0100 @@ -6,7 +6,7 @@ <name>MicroOS</name> <releasepkgname>MicroOS-release</releasepkgname> <endoflife/> - <version>20230228</version> + <version>20230301</version>  <release>0</release> <productline>MicroOS</productline> ++++++ dvd.group ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.533197084 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.537197105 +0100 @@ -174,6 +174,7 @@ <package name="avahi-lang" supportstatus="unsupported"/>  <package name="awesfx" supportstatus="unsupported"/>  <package name="b43-fwcutter" supportstatus="unsupported"/>  + <package name="babelstone-han-fonts" supportstatus="unsupported"/>  <package name="baloo5-file" supportstatus="unsupported"/>  <package name="baloo5-file-lang" supportstatus="unsupported"/>  <package name="baloo5-imports" supportstatus="unsupported"/>  @@ -391,7 +392,6 @@ <package name="ed" supportstatus="unsupported"/>  <package name="edict2" supportstatus="unsupported"/>  <package name="eekboard" supportstatus="unsupported"/>  - <package name="efont-unicode-bitmap-fonts" supportstatus="unsupported"/>  <package name="elfutils" supportstatus="unsupported"/>  <package name="elfutils-lang" supportstatus="unsupported"/>  <package name="emacs" supportstatus="unsupported"/>  @@ -4193,6 +4193,7 @@ <package name="system-user-wwwrun" supportstatus="unsupported"/>  <package name="systemd" supportstatus="unsupported"/>  <package name="systemd-container" supportstatus="unsupported"/>  + <package name="systemd-coredump" supportstatus="unsupported"/>  <package name="systemd-default-settings" supportstatus="unsupported"/>  <package name="systemd-default-settings-branding-SLE" supportstatus="unsupported"/>  <package name="systemd-default-settings-branding-openSUSE" supportstatus="unsupported"/>  ++++++ openSUSE-Addon-NonOss.product ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.561197233 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.565197254 +0100 @@ -4,7 +4,7 @@ <product> <vendor>openSUSE</vendor> <name>openSUSE-Addon-NonOss</name> - <version>20230228</version> + <version>20230301</version> <release>0</release> <summary>openSUSE NonOSS Addon</summary> <shortsummary>non oss addon</shortsummary> ++++++ openSUSE.product ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.617197532 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.621197553 +0100 @@ -4,7 +4,7 @@ <product> <vendor>openSUSE</vendor> <name>openSUSE</name> - <version>20230228</version> + <version>20230301</version> <release>0</release> <productline>openSUSE</productline> ++++++ opensuse_microos.group ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.693197938 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.701197980 +0100 @@ -1115,6 +1115,7 @@ <package name="autoyast2-installation" supportstatus="unsupported"/>  <package name="avahi" supportstatus="unsupported"/>  <package name="avahi-lang" supportstatus="unsupported"/>  + <package name="babelstone-han-fonts" supportstatus="unsupported"/>  <package name="babeltrace" supportstatus="unsupported"/>  <package name="baloo5-file" supportstatus="unsupported"/>  <package name="baloo5-file-lang" supportstatus="unsupported"/>  @@ -1248,7 +1249,6 @@ <package name="drkonqi5-lang" supportstatus="unsupported"/>  <package name="ed" supportstatus="unsupported"/>  <package name="efibootmgr" supportstatus="unsupported"/>  - <package name="efont-unicode-bitmap-fonts" supportstatus="unsupported"/>  <package name="ethtool" supportstatus="unsupported"/>  <package name="evince" supportstatus="unsupported"/>  <package name="evince-lang" supportstatus="unsupported"/>  @@ -2593,6 +2593,7 @@ <package name="system-user-pulse" supportstatus="unsupported"/>  <package name="system-user-tftp" supportstatus="unsupported"/>  <package name="system-user-tss" supportstatus="unsupported"/>  + <package name="systemd-coredump" supportstatus="unsupported"/>  <package name="systemd-default-settings-branding-openSUSE" supportstatus="unsupported"/>  <package name="systemd-doc" supportstatus="unsupported"/>  <package name="systemd-presets-branding-openSUSE" supportstatus="unsupported"/>  ++++++ unsorted.yml ++++++ --- /var/tmp/diff_new_pack.XSMc6u/_old 2023-03-01 23:50:03.789198450 +0100 +++ /var/tmp/diff_new_pack.XSMc6u/_new 2023-03-01 23:50:03.805198535 +0100 @@ -1167,7 +1167,6 @@ - azure-storage-cpp-devel - b4 - babe - - babelstone-han-fonts - babelstone-marchen-fonts - babelstone-modern-fonts - babelstone-ogham-fonts @@ -3450,6 +3449,7 @@ - efl-lang - efl-testsuite - efont-serif-fonts + - efont-unicode-bitmap-fonts - eglexternalplatform-devel - eiciel - eiciel-lang @@ -3606,6 +3606,7 @@ - eric - eric-api - erlang + - erlang-cf - erlang-debugger - erlang-debugger-src - erlang-dialyzer @@ -3614,15 +3615,22 @@ - erlang-diameter-src - erlang-doc - erlang-epmd + - erlang-erlware_commons - erlang-et - erlang-et-src + - erlang-getopt - erlang-jinterface - erlang-jinterface-src - erlang-observer - erlang-observer-src + - erlang-providers - erlang-rabbitmq-client - erlang-rebar - erlang-rebar-src + - erlang-rebar3 + - erlang-rebar3-bash-completion + - erlang-rebar3-fish-completion + - erlang-rebar3-zsh-completion - erlang-reltool - erlang-reltool-src - erlang-retest @@ -13321,13 +13329,9 @@ - libopenblas-pthreads-gnu-hpc - libopenblas-pthreads-gnu-hpc-devel - libopenblas-pthreads_0_3_21-gnu-hpc - - libopenblas-pthreads_0_3_21-gnu-hpc-32bit: [x86_64] - libopenblas-pthreads_0_3_21-gnu-hpc-devel - - libopenblas-pthreads_0_3_21-gnu-hpc-devel-32bit: [x86_64] - libopenblas_0_3_21-gnu-hpc - - libopenblas_0_3_21-gnu-hpc-32bit: [x86_64] - libopenblas_0_3_21-gnu-hpc-devel - - libopenblas_0_3_21-gnu-hpc-devel-32bit: [x86_64] - libopenblas_openmp-devel - libopenblas_openmp-devel-32bit: [x86_64] - libopenblas_openmp0-32bit: [x86_64] @@ -14562,7 +14566,7 @@ - libsliplu1 - libslirp-devel - libslopy7_6 - - libslurm38: [x86_64] + - libslurm39: [x86_64] - libsmartcols-devel - libsmartcols-devel-32bit: [x86_64] - libsmartcols-devel-static @@ -26076,6 +26080,7 @@ - python311-PyQt6-sip - python311-PyRIC - python311-PyRSS2Gen + - python311-PyRect - python311-PySDL2 - python311-PyScreeze - python311-PySocks @@ -26846,6 +26851,7 @@ - python311-curtsies - python311-cwcwidth - python311-cymruwhois + - python311-cytoolz - python311-czifile - python311-d2to1 - python311-daemonize @@ -27813,6 +27819,7 @@ - python311-opengl - python311-opengl-accelerate - python311-openidc-client + - python311-openmesh - python311-openpyxl - python311-openqa_client - python311-opentelemetry-api @@ -27888,6 +27895,7 @@ - python311-pefile - python311-pegasus-wms.api - python311-pegasus-wms.common + - python311-pelican: [x86_64] - python311-pem - python311-pendulum - python311-pep440 @@ -28094,9 +28102,12 @@ - python311-pyfuse3 - python311-pygal - python311-pygaljs + - python311-pygame + - python311-pygame-devel - python311-pygeos - python311-pygerrit2 - python311-pygit2 + - python311-pyglet - python311-pygments-ansi-color - python311-pygments-pytest - python311-pygments-style-railscasts @@ -28161,6 +28172,7 @@ - python311-pyosf - python311-pyotp - python311-pyowm + - python311-pyp - python311-pypandoc: [x86_64] - python311-pyparallel - python311-pyparsing @@ -28301,6 +28313,7 @@ - python311-pytest-super-check - python311-pytest-svn - python311-pytest-testconfig + - python311-pytest-testinfra - python311-pytest-timeout - python311-pytest-tldr - python311-pytest-toolbox @@ -28426,6 +28439,7 @@ - python311-pywbem - python311-pywbemtools - python311-pywebpush + - python311-pywinrm - python311-pywlroots - python311-pyxattr - python311-pyxdg @@ -28510,6 +28524,7 @@ - python311-requests-toolbelt - python311-requests-unixsocket - python311-requests-wsgi-adapter + - python311-requests_ntlm - python311-requestsexceptions - python311-requirements-detector - python311-requirements-parser @@ -28584,6 +28599,7 @@ - python311-scikit-hep-testdata - python311-scikit-image - python311-scikit-learn + - python311-scikit-sound - python311-scikit-sparse: [x86_64] - python311-scikit-umfpack: [x86_64] - python311-scipy @@ -28953,6 +28969,7 @@ - python311-virtualenv - python311-virtualenv-clone - python311-visitor + - python311-vispy - python311-vistir - python311-visvis - python311-vncdotool @@ -37956,6 +37973,7 @@ - something-for-reddit - sonatype-oss-parent - sonatype-plugins-parent + - sonic-pi - sonic-visualiser - sonivox-devel - sonnet-devel @@ -38229,6 +38247,12 @@ - sunxi-tools - super-csv - super-csv-javadoc + - supercollider + - supercollider-devel + - supercollider-emacs + - supercollider-gedit + - supercollider-sc3-plugins + - supercollider-vim - superlu-devel - superlu-doc - superlu-examples @@ -38362,7 +38386,6 @@ - system-user-osc-collab - system-user-prometheus - system-user-uuidd - - systemd-coredump - systemd-default-settings-branding-SLE-Micro - systemd-default-settings-branding-upstream - systemd-devel

1 0

commit 000release-packages for openSUSE:Factory
by Source-Sync 01 Mar '23

01 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package 000release-packages for openSUSE:Factory checked in at 2023-03-01 23:49:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/000release-packages (Old) and /work/SRC/openSUSE:Factory/.000release-packages.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "000release-packages" Wed Mar 1 23:49:52 2023 rev:2139 rq: version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ openSUSE-Addon-NonOss-release.spec: same change openSUSE-release.spec: same change stub.spec: same change ++++++ weakremovers.inc ++++++ --- /var/tmp/diff_new_pack.uXwpai/_old 2023-03-01 23:49:56.833161327 +0100 +++ /var/tmp/diff_new_pack.uXwpai/_new 2023-03-01 23:49:56.849161412 +0100 @@ -31902,8 +31902,12 @@ Provides: weakremover(libopenbabel5-32bit) Provides: weakremover(libopenblas-pthreads_0_3_20-gnu-hpc-32bit) Provides: weakremover(libopenblas-pthreads_0_3_20-gnu-hpc-devel-32bit) +Provides: weakremover(libopenblas-pthreads_0_3_21-gnu-hpc-32bit) +Provides: weakremover(libopenblas-pthreads_0_3_21-gnu-hpc-devel-32bit) Provides: weakremover(libopenblas_0_3_20-gnu-hpc-32bit) Provides: weakremover(libopenblas_0_3_20-gnu-hpc-devel-32bit) +Provides: weakremover(libopenblas_0_3_21-gnu-hpc-32bit) +Provides: weakremover(libopenblas_0_3_21-gnu-hpc-devel-32bit) Provides: weakremover(libopencensus-cpp0) Provides: weakremover(libopenct1-32bit) Provides: weakremover(libopenjpeg1-32bit) @@ -32118,6 +32122,7 @@ Provides: weakremover(libslurm35) Provides: weakremover(libslurm36) Provides: weakremover(libslurm37) +Provides: weakremover(libslurm38) Provides: weakremover(libsnmp30-32bit) Provides: weakremover(libsnmp39-32bit) Provides: weakremover(libspandsp2-32bit)

1 0

commit 000release-packages for openSUSE:Factory
by Source-Sync 01 Mar '23

01 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package 000release-packages for openSUSE:Factory checked in at 2023-03-01 16:43:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/000release-packages (Old) and /work/SRC/openSUSE:Factory/.000release-packages.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "000release-packages" Wed Mar 1 16:43:24 2023 rev:2138 rq: version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MicroOS-release.spec ++++++ --- /var/tmp/diff_new_pack.pieL39/_old 2023-03-01 16:43:27.679775507 +0100 +++ /var/tmp/diff_new_pack.pieL39/_new 2023-03-01 16:43:27.683775529 +0100 @@ -17,7 +17,7 @@ Name: MicroOS-release -Version: 20230228 +Version: 20230301 Release: 0 Summary: openSUSE MicroOS License: GPL-2.0-or-later @@ -176,9 +176,9 @@ %include %{SOURCE100} Provides: %name-%version Provides: product() = MicroOS -Provides: product(MicroOS) = 20230228-0 +Provides: product(MicroOS) = 20230301-0 Provides: product-label() = openSUSE%20MicroOS -Provides: product-cpeid() = cpe%3A%2Fo%3Aopensuse%3Amicroos%3A20230228 +Provides: product-cpeid() = cpe%3A%2Fo%3Aopensuse%3Amicroos%3A20230301 Provides: product-url(releasenotes) = http%3A%2F%2Fdoc.opensuse.org%2Frelease%2Dnotes%2Fx86_64%2FopenSUSE%2FTumbleweed%2Frelease%2Dnotes%2DopenSUSE.rpm Provides: product-endoflife() Requires: product_flavor(MicroOS) @@ -194,7 +194,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(dvd) -Provides: product_flavor(MicroOS) = 20230228-0 +Provides: product_flavor(MicroOS) = 20230301-0 Summary: openSUSE MicroOS%{?betaversion: %{betaversion}} %description dvd @@ -210,7 +210,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance) -Provides: product_flavor(MicroOS) = 20230228-0 +Provides: product_flavor(MicroOS) = 20230301-0 Summary: openSUSE MicroOS%{?betaversion: %{betaversion}} %description appliance @@ -274,11 +274,11 @@ <product schemeversion="0"> <vendor>openSUSE</vendor> <name>MicroOS</name> - <version>20230228</version> + <version>20230301</version> <release>0</release> <endoflife></endoflife> <arch>%{_target_cpu}</arch> - <cpeid>cpe:/o:opensuse:microos:20230228</cpeid> + <cpeid>cpe:/o:opensuse:microos:20230301</cpeid> <productline>MicroOS</productline> <register> <pool> ++++++ openSUSE-Addon-NonOss-release.spec ++++++ --- /var/tmp/diff_new_pack.pieL39/_old 2023-03-01 16:43:27.711775677 +0100 +++ /var/tmp/diff_new_pack.pieL39/_new 2023-03-01 16:43:27.715775698 +0100 @@ -1,5 +1,5 @@ # -# spec file for package openSUSE-Addon-NonOss-release (Version 20230228) +# spec file for package openSUSE-Addon-NonOss-release (Version 20230301) # # Copyright (c) 2023 openSUSE. # @@ -16,7 +16,7 @@ Name: openSUSE-Addon-NonOss-release %define product openSUSE-Addon-NonOss Summary: openSUSE NonOSS Addon%{?betaversion: %{betaversion}} -Version: 20230228 +Version: 20230301 Release: 0 License: BSD-3-Clause Group: System/Fhs @@ -24,9 +24,9 @@ Provides: %name-%version Provides: product() = openSUSE%2DAddon%2DNonOss -Provides: product(openSUSE-Addon-NonOss) = 20230228-0 +Provides: product(openSUSE-Addon-NonOss) = 20230301-0 Provides: product-label() = non%20oss%20addon -Provides: product-cpeid() = cpe%3A%2Fo%3Aopensuse%3Aopensuse%2Daddon%2Dnonoss%3A20230228 +Provides: product-cpeid() = cpe%3A%2Fo%3Aopensuse%3Aopensuse%2Daddon%2Dnonoss%3A20230301 AutoReqProv: on @@ -49,10 +49,10 @@ <product schemeversion="0"> <vendor>openSUSE</vendor> <name>openSUSE-Addon-NonOss</name> - <version>20230228</version> + <version>20230301</version> <release>0</release> <arch>%{_target_cpu}</arch> - <cpeid>cpe:/o:opensuse:opensuse-addon-nonoss:20230228</cpeid> + <cpeid>cpe:/o:opensuse:opensuse-addon-nonoss:20230301</cpeid> <register> <pool> </pool> ++++++ openSUSE-release.spec ++++++ --- /var/tmp/diff_new_pack.pieL39/_old 2023-03-01 16:43:27.739775825 +0100 +++ /var/tmp/diff_new_pack.pieL39/_new 2023-03-01 16:43:27.747775868 +0100 @@ -20,7 +20,7 @@ #define betaversion %{nil} %define codename Tumbleweed Name: openSUSE-release -Version: 20230228 +Version: 20230301 Release: 0 # 0 is the product release, not the build release of this package Summary: openSUSE Tumbleweed @@ -185,7 +185,7 @@ %include %{SOURCE100} Provides: %name-%version Provides: product() = openSUSE -Provides: product(openSUSE) = 20230228-0 +Provides: product(openSUSE) = 20230301-0 %ifarch x86_64 Provides: product-register-target() = openSUSE%2DTumbleweed%2Dx86_64 %endif @@ -199,7 +199,7 @@ Provides: product-register-target() = openSUSE%2DTumbleweed%2Daarch64 %endif Provides: product-label() = openSUSE -Provides: product-cpeid() = cpe%3A%2Fo%3Aopensuse%3Aopensuse%3A20230228 +Provides: product-cpeid() = cpe%3A%2Fo%3Aopensuse%3Aopensuse%3A20230301 Provides: product-url(releasenotes) = http%3A%2F%2Fdoc.opensuse.org%2Frelease%2Dnotes%2Fx86_64%2FopenSUSE%2FTumbleweed%2Frelease%2Dnotes%2DopenSUSE.rpm Provides: product-url(repository) = http%3A%2F%2Fdownload.opensuse.org%2Ftumbleweed%2Frepo%2Foss%2F Requires: product_flavor(openSUSE) @@ -213,7 +213,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(ftp) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description ftp @@ -228,7 +228,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(mini) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description mini @@ -243,7 +243,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(dvd) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description dvd @@ -258,7 +258,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(livecd-kde) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description livecd-kde @@ -273,7 +273,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(livecd-x11) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description livecd-x11 @@ -288,7 +288,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(livecd-gnome) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description livecd-gnome @@ -303,7 +303,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(livecd-xfce) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description livecd-xfce @@ -318,7 +318,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(usb-kde) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description usb-kde @@ -333,7 +333,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(usb-gnome) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description usb-gnome @@ -348,7 +348,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(usb-x11) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description usb-x11 @@ -363,7 +363,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance @@ -378,7 +378,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-docker) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-docker @@ -393,7 +393,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-kvm) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-kvm @@ -408,7 +408,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-vmware) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-vmware @@ -423,7 +423,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-openstack) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-openstack @@ -438,7 +438,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-hyperv) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-hyperv @@ -453,7 +453,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-vagrant) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-vagrant @@ -468,7 +468,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-wsl) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-wsl @@ -483,7 +483,7 @@ Group: System/Fhs Provides: product_flavor() Provides: flavor(appliance-custom) -Provides: product_flavor(openSUSE) = 20230228-0 +Provides: product_flavor(openSUSE) = 20230301-0 Summary: openSUSE Tumbleweed%{?betaversion: %{betaversion}} %description appliance-custom @@ -562,10 +562,10 @@ <product schemeversion="0"> <vendor>openSUSE</vendor> <name>openSUSE</name> - <version>20230228</version> + <version>20230301</version> <release>0</release> <arch>%{_target_cpu}</arch> - <cpeid>cpe:/o:opensuse:opensuse:20230228</cpeid> + <cpeid>cpe:/o:opensuse:opensuse:20230301</cpeid> <productline>openSUSE</productline> <register> <pool>

1 0

commit gstreamer-devtools for openSUSE:Factory
by Source-Sync 01 Mar '23

01 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gstreamer-devtools for openSUSE:Factory checked in at 2023-03-01 16:23:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gstreamer-devtools (Old) and /work/SRC/openSUSE:Factory/.gstreamer-devtools.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gstreamer-devtools" Wed Mar 1 16:23:25 2023 rev:14 rq:1068453 version:1.22.0 Changes: -------- --- /work/SRC/openSUSE:Factory/gstreamer-devtools/gstreamer-devtools.changes 2023-02-03 22:09:00.168599996 +0100 +++ /work/SRC/openSUSE:Factory/.gstreamer-devtools.new.31432/gstreamer-devtools.changes 2023-03-01 16:23:26.221512469 +0100 @@ -1,0 +2,7 @@ +Wed Mar 1 13:01:19 UTC 2023 - Antonio Larrosa <alarrosa(a)suse.com> + +- Add patch to reduce the required meson version to 0.61.0 since + that's what we have in SLE 15: + * reduce-required-meson.patch + +------------------------------------------------------------------- New: ---- reduce-required-meson.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gstreamer-devtools.spec ++++++ --- /var/tmp/diff_new_pack.BHXBlD/_old 2023-03-01 16:23:26.801515473 +0100 +++ /var/tmp/diff_new_pack.BHXBlD/_new 2023-03-01 16:23:26.809515514 +0100 @@ -27,7 +27,9 @@ URL: https://gstreamer.freedesktop.org Source: %{url}/src/%{_name}/%{_name}-%{version}.tar.xz # PATCH-FIX-UPSTREAM gst-devtools-fix-hicolor-dir.patch -- Install icon file in correct folder -Patch: gst-devtools-fix-hicolor-dir.patch +Patch0: gst-devtools-fix-hicolor-dir.patch +# PATCH-FIX-OPENSUSE reduce-required-meson.patch alarrosa(a)suse.com -- build with meson 0.61 +Patch1: reduce-required-meson.patch BuildRequires: fdupes BuildRequires: meson ++++++ reduce-required-meson.patch ++++++ Index: gstreamer-1.22.0/meson.build =================================================================== --- gstreamer-1.22.0.orig/meson.build +++ gstreamer-1.22.0/meson.build @@ -1,6 +1,6 @@ project('gst-devtools', 'c', version : '1.22.0', - meson_version : '>= 0.62', + meson_version : '>= 0.61', default_options : [ 'warning_level=1', 'c_std=gnu99', 'buildtype=debugoptimized' ])

1 0

commit gstreamer-plugins-vaapi for openSUSE:Factory
by Source-Sync 01 Mar '23

01 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gstreamer-plugins-vaapi for openSUSE:Factory checked in at 2023-03-01 16:23:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gstreamer-plugins-vaapi (Old) and /work/SRC/openSUSE:Factory/.gstreamer-plugins-vaapi.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gstreamer-plugins-vaapi" Wed Mar 1 16:23:24 2023 rev:56 rq:1068452 version:1.22.0 Changes: -------- --- /work/SRC/openSUSE:Factory/gstreamer-plugins-vaapi/gstreamer-plugins-vaapi.changes 2023-02-03 22:09:04.840627138 +0100 +++ /work/SRC/openSUSE:Factory/.gstreamer-plugins-vaapi.new.31432/gstreamer-plugins-vaapi.changes 2023-03-01 16:23:25.333507870 +0100 @@ -1,0 +2,7 @@ +Wed Mar 1 13:03:10 UTC 2023 - Antonio Larrosa <alarrosa(a)suse.com> + +- Add patch to reduce the required meson version to 0.61.0 since + that's what we have in SLE 15: + * reduce-required-meson.patch + +------------------------------------------------------------------- New: ---- reduce-required-meson.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gstreamer-plugins-vaapi.spec ++++++ --- /var/tmp/diff_new_pack.rTuAqi/_old 2023-03-01 16:23:25.873510667 +0100 +++ /var/tmp/diff_new_pack.rTuAqi/_new 2023-03-01 16:23:25.881510708 +0100 @@ -26,6 +26,8 @@ Group: Productivity/Multimedia/Other URL: https://gstreamer.freedesktop.org Source0: %{url}/src/gstreamer-vaapi/gstreamer-vaapi-%{version}.tar.xz +# PATCH-FIX-OPENSUSE reduce-required-meson.patch alarrosa(a)suse.com -- build with meson 0.61 +Patch0: reduce-required-meson.patch BuildRequires: Mesa-devel BuildRequires: Mesa-libGLESv3-devel ++++++ reduce-required-meson.patch ++++++ Index: gstreamer-1.22.0/meson.build =================================================================== --- gstreamer-1.22.0.orig/meson.build +++ gstreamer-1.22.0/meson.build @@ -1,6 +1,6 @@ project('gstreamer-vaapi', 'c', version : '1.22.0', - meson_version : '>= 0.62', + meson_version : '>= 0.61', default_options : [ 'warning_level=1', 'buildtype=debugoptimized' ])

1 0

commit python-awkward for openSUSE:Factory
by Source-Sync 01 Mar '23

01 Mar '23

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-awkward for openSUSE:Factory checked in at 2023-03-01 16:14:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-awkward (Old) and /work/SRC/openSUSE:Factory/.python-awkward.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-awkward" Wed Mar 1 16:14:57 2023 rev:15 rq:1068476 version:2.0.8 Changes: -------- --- /work/SRC/openSUSE:Factory/python-awkward/python-awkward.changes 2023-02-17 16:45:49.367138954 +0100 +++ /work/SRC/openSUSE:Factory/.python-awkward.new.31432/python-awkward.changes 2023-03-01 16:15:23.179013780 +0100 @@ -1,0 +2,29 @@ +Wed Mar 1 14:04:21 UTC 2023 - Dirk M��ller <dmueller(a)suse.com> + +- update to 2.0.8: + * allow awkward type arrays filtering based on rdfentry + * feat!: re-introduce unknown-length + * fix: keep EmptyArray in remove_structure + * fix: add is_c_contiguous method to Cupy + * fix: boolean indexing with non-zero starting offsets + * fix: add license to _backends + * fix: use of size in to_RegularArray + * fix: indexing into RegularArray with typetracer + * fix: support length-zero outer arrays in almost_equal + * fix: support options in ak.merge_union_of_records + * fix: don't merge non-union parameters + * fix: boolean slicing with non-packed arrays + * refactor: add type hints for Content._getitem_XXX + * refactor: drop NumpyLike.known_shape + * refactor: change Content._getitem_range to use explicit indices + * docs: fix example for merge_union_of_records + * docs: add 1.10 legacy docs to switcher.json + * docs: reintroduce Content documentation from v1 reST files. + * docs: add how-to-examine-type.md + * docs: improve ragged indexing docs + * chore: include cuda kernel tests in sdist + * chore(deps): bump amannn/action-semantic-pull-request + from 5.0.2 to 5.1.0 + * chore: update pre-commit hooks + +------------------------------------------------------------------- Old: ---- awkward-2.0.7.tar.gz New: ---- awkward-2.0.8.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-awkward.spec ++++++ --- /var/tmp/diff_new_pack.k8XaPw/_old 2023-03-01 16:15:23.775016863 +0100 +++ /var/tmp/diff_new_pack.k8XaPw/_new 2023-03-01 16:15:23.779016883 +0100 @@ -18,7 +18,7 @@ %define awkward_cpp_version 8 Name: python-awkward -Version: 2.0.7 +Version: 2.0.8 Release: 0 Summary: Manipulate arrays of complex data structures as easily as Numpy License: BSD-3-Clause ++++++ awkward-2.0.7.tar.gz -> awkward-2.0.8.tar.gz ++++++ ++++ 14935 lines of diff (skipped)

1 0