@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 6.1.27-ipfire Kernel Configuration
+# Linux/arm64 6.1.28-ipfire Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 6.1.27-ipfire Kernel Configuration
+# Linux/x86 6.1.28-ipfire Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
CONFIG_CC_IS_GCC=y
@@ -15914,7 +15914,7 @@ etc/modprobe.d/ipv6.conf
#lib/modules/KVER-ipfire/build/include/sound/ac97/regs.h
#lib/modules/KVER-ipfire/build/include/sound/ac97_codec.h
#lib/modules/KVER-ipfire/build/include/sound/aci.h
-#lib/modules/KVER-ipfire/build/include/sound/acp62_chip_offset_byte.h
+#lib/modules/KVER-ipfire/build/include/sound/acp63_chip_offset_byte.h
#lib/modules/KVER-ipfire/build/include/sound/ad1816a.h
#lib/modules/KVER-ipfire/build/include/sound/ad1843.h
#lib/modules/KVER-ipfire/build/include/sound/adau1373.h
@@ -16002,7 +16002,7 @@ etc/modprobe.d/ipv6.conf
#lib/modules/KVER-ipfire/build/include/sound/ac97/regs.h
#lib/modules/KVER-ipfire/build/include/sound/ac97_codec.h
#lib/modules/KVER-ipfire/build/include/sound/aci.h
-#lib/modules/KVER-ipfire/build/include/sound/acp62_chip_offset_byte.h
+#lib/modules/KVER-ipfire/build/include/sound/acp63_chip_offset_byte.h
#lib/modules/KVER-ipfire/build/include/sound/ad1816a.h
#lib/modules/KVER-ipfire/build/include/sound/ad1843.h
#lib/modules/KVER-ipfire/build/include/sound/adau1373.h
@@ -24,7 +24,7 @@
include Config
-VER = 6.1.27
+VER = 6.1.28
ARM_PATCHES = 6.1.y-ipfire2
@@ -76,7 +76,7 @@ objects = \
$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE)
arm-multi-patches-$(ARM_PATCHES).patch.xz = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
-$(DL_FILE)_BLAKE2 = 5d7ec9a6a2652abbe4afb70174a63f58d495291d522087f9adb33864063ce54e219fd6e426793077a346338ccb4d9d753a60cb76b448146fb592ff17c2618792
+$(DL_FILE)_BLAKE2 = f840274d9e1c5af90292bce6afb8b8b1a81b4f8ef82691a1cf28ca2d6cf680913c2668ddb086e1fa4ba4112e9d8118a674231374c14a06a911ddb3d2cf8ac3fb
arm-multi-patches-$(ARM_PATCHES).patch.xz_BLAKE2 = 7afc460562fb24bcd75784fc79de768f9b60780aedd88d1a847927169e31920bbb475b1ac1466c4a224a7876d16bd8d465b96202de12b74f6e2ccbfcec731ad3
install : $(TARGET)
@@ -144,12 +144,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
# Fix external module compile
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.0-fix_external_module_build.patch
- # Fix pmc compile dependency errors
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.0.7-platform-x86-amd-Fix-pmc-compile-dependency-errors.patch
-
- # Patch netfilter CVE-2023-32233
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.3-netfilter_nftables_deactivate_anonymus_set.patch
-
ifeq "$(BUILD_ARCH)" "aarch64"
# Apply Arm-multiarch kernel patches.
cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
deleted file mode 100644
@@ -1,63 +0,0 @@
-From: Yupeng Li <liyupeng@zbhlos.com>
-To: Shyam-sundar.S-k@amd.com, hdegoede@redhat.com, markgross@kernel.org
-Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org,
- caizp2008@163.com, Yupeng Li <liyupeng@zbhlos.com>
-Subject: [PATCH 1/1] platform/x86/amd: Fix pmc compile dependency errors.
-Date: Wed, 26 Oct 2022 15:25:31 +0800
-
-When disabled CONFIG_SUSPEND and CONFIG_DEBUG_FS, get_metrics_table
-and amd_pmc_idlemask_read is defined under two conditions of this,
-pmc build with implicit declaration of function error.Some build error
-messages are as follows:
-
- CC [M] drivers/platform/x86/amd/pmc.o
-drivers/platform/x86/amd/pmc.c: In function ‘smu_fw_info_show’:
-drivers/platform/x86/amd/pmc.c:436:6: error: implicit declaration of function ‘get_metrics_table’ [-Werror=implicit-function-declaration]
- 436 | if (get_metrics_table(dev, &table))
- | ^~~~~~~~~~~~~~~~~
-drivers/platform/x86/amd/pmc.c: In function ‘amd_pmc_idlemask_show’:
-drivers/platform/x86/amd/pmc.c:508:8: error: implicit declaration of function ‘amd_pmc_idlemask_read’; did you mean ‘amd_pmc_idlemask_show’? [-Werror=implicit-function-declaration]
- 508 | rc = amd_pmc_idlemask_read(dev, NULL, s);
- | ^~~~~~~~~~~~~~~~~~~~~
- | amd_pmc_idlemask_show
-cc1: some warnings being treated as errors
-
-Signed-off-by: Yupeng Li <liyupeng@zbhlos.com>
-Reviewed-by: Caicai <caizp2008@163.com>
----
- drivers/platform/x86/amd/pmc.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/drivers/platform/x86/amd/pmc.c b/drivers/platform/x86/amd/pmc.c
-index ce859b300712..2b08039921b8 100644
---- a/drivers/platform/x86/amd/pmc.c
-+++ b/drivers/platform/x86/amd/pmc.c
-@@ -433,8 +433,10 @@ static int smu_fw_info_show(struct seq_file *s, void *unused)
- struct smu_metrics table;
- int idx;
-
-+#if defined(CONFIG_SUSPEND) || defined(CONFIG_DEBUG_FS)
- if (get_metrics_table(dev, &table))
- return -EINVAL;
-+#endif
-
- seq_puts(s, "\n=== SMU Statistics ===\n");
- seq_printf(s, "Table Version: %d\n", table.table_version);
-@@ -503,11 +505,12 @@ static int amd_pmc_idlemask_show(struct seq_file *s, void *unused)
- if (rc)
- return rc;
- }
--
- if (dev->major > 56 || (dev->major >= 55 && dev->minor >= 37)) {
-+#if defined(CONFIG_SUSPEND) || defined(CONFIG_DEBUG_FS)
- rc = amd_pmc_idlemask_read(dev, NULL, s);
- if (rc)
- return rc;
-+#endif
- } else {
- seq_puts(s, "Unsupported SMU version for Idlemask\n");
- }
-2.34.1
-
-
deleted file mode 100644
@@ -1,121 +0,0 @@
-From c1592a89942e9678f7d9c8030efa777c0d57edab Mon Sep 17 00:00:00 2001
-From: Pablo Neira Ayuso <pablo@netfilter.org>
-Date: Tue, 2 May 2023 10:25:24 +0200
-Subject: netfilter: nf_tables: deactivate anonymous set from preparation phase
-
-Toggle deleted anonymous sets as inactive in the next generation, so
-users cannot perform any update on it. Clear the generation bitmask
-in case the transaction is aborted.
-
-The following KASAN splat shows a set element deletion for a bound
-anonymous set that has been already removed in the same transaction.
-
-[ 64.921510] ==================================================================
-[ 64.923123] BUG: KASAN: wild-memory-access in nf_tables_commit+0xa24/0x1490 [nf_tables]
-[ 64.924745] Write of size 8 at addr dead000000000122 by task test/890
-[ 64.927903] CPU: 3 PID: 890 Comm: test Not tainted 6.3.0+ #253
-[ 64.931120] Call Trace:
-[ 64.932699] <TASK>
-[ 64.934292] dump_stack_lvl+0x33/0x50
-[ 64.935908] ? nf_tables_commit+0xa24/0x1490 [nf_tables]
-[ 64.937551] kasan_report+0xda/0x120
-[ 64.939186] ? nf_tables_commit+0xa24/0x1490 [nf_tables]
-[ 64.940814] nf_tables_commit+0xa24/0x1490 [nf_tables]
-[ 64.942452] ? __kasan_slab_alloc+0x2d/0x60
-[ 64.944070] ? nf_tables_setelem_notify+0x190/0x190 [nf_tables]
-[ 64.945710] ? kasan_set_track+0x21/0x30
-[ 64.947323] nfnetlink_rcv_batch+0x709/0xd90 [nfnetlink]
-[ 64.948898] ? nfnetlink_rcv_msg+0x480/0x480 [nfnetlink]
-
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
----
- include/net/netfilter/nf_tables.h | 1 +
- net/netfilter/nf_tables_api.c | 12 ++++++++++++
- net/netfilter/nft_dynset.c | 2 +-
- net/netfilter/nft_lookup.c | 2 +-
- net/netfilter/nft_objref.c | 2 +-
- 5 files changed, 16 insertions(+), 3 deletions(-)
-
-diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
-index 3ed21d2d56590..2e24ea1d744c2 100644
---- a/include/net/netfilter/nf_tables.h
-+++ b/include/net/netfilter/nf_tables.h
-@@ -619,6 +619,7 @@ struct nft_set_binding {
- };
-
- enum nft_trans_phase;
-+void nf_tables_activate_set(const struct nft_ctx *ctx, struct nft_set *set);
- void nf_tables_deactivate_set(const struct nft_ctx *ctx, struct nft_set *set,
- struct nft_set_binding *binding,
- enum nft_trans_phase phase);
-diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
-index 8b6c61a2196cb..59fb8320ab4d7 100644
---- a/net/netfilter/nf_tables_api.c
-+++ b/net/netfilter/nf_tables_api.c
-@@ -5127,12 +5127,24 @@ static void nf_tables_unbind_set(const struct nft_ctx *ctx, struct nft_set *set,
- }
- }
-
-+void nf_tables_activate_set(const struct nft_ctx *ctx, struct nft_set *set)
-+{
-+ if (nft_set_is_anonymous(set))
-+ nft_clear(ctx->net, set);
-+
-+ set->use++;
-+}
-+EXPORT_SYMBOL_GPL(nf_tables_activate_set);
-+
- void nf_tables_deactivate_set(const struct nft_ctx *ctx, struct nft_set *set,
- struct nft_set_binding *binding,
- enum nft_trans_phase phase)
- {
- switch (phase) {
- case NFT_TRANS_PREPARE:
-+ if (nft_set_is_anonymous(set))
-+ nft_deactivate_next(ctx->net, set);
-+
- set->use--;
- return;
- case NFT_TRANS_ABORT:
-diff --git a/net/netfilter/nft_dynset.c b/net/netfilter/nft_dynset.c
-index 274579b1696e0..bd19c7aec92ee 100644
---- a/net/netfilter/nft_dynset.c
-+++ b/net/netfilter/nft_dynset.c
-@@ -342,7 +342,7 @@ static void nft_dynset_activate(const struct nft_ctx *ctx,
- {
- struct nft_dynset *priv = nft_expr_priv(expr);
-
-- priv->set->use++;
-+ nf_tables_activate_set(ctx, priv->set);
- }
-
- static void nft_dynset_destroy(const struct nft_ctx *ctx,
-diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c
-index cecf8ab90e58f..03ef4fdaa460b 100644
---- a/net/netfilter/nft_lookup.c
-+++ b/net/netfilter/nft_lookup.c
-@@ -167,7 +167,7 @@ static void nft_lookup_activate(const struct nft_ctx *ctx,
- {
- struct nft_lookup *priv = nft_expr_priv(expr);
-
-- priv->set->use++;
-+ nf_tables_activate_set(ctx, priv->set);
- }
-
- static void nft_lookup_destroy(const struct nft_ctx *ctx,
-diff --git a/net/netfilter/nft_objref.c b/net/netfilter/nft_objref.c
-index cb37169608bab..a48dd5b5d45b1 100644
---- a/net/netfilter/nft_objref.c
-+++ b/net/netfilter/nft_objref.c
-@@ -185,7 +185,7 @@ static void nft_objref_map_activate(const struct nft_ctx *ctx,
- {
- struct nft_objref_map *priv = nft_expr_priv(expr);
-
-- priv->set->use++;
-+ nf_tables_activate_set(ctx, priv->set);
- }
-
- static void nft_objref_map_destroy(const struct nft_ctx *ctx,
-cgit
-