Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2022-08-14 15:55:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Sun Aug 14 15:55:16 2022 rev:653 rq:994658 version:5.19.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
2022-08-10 17:13:51.457795321 +0200
+++ /work/SRC/openSUSE:Factory/.kernel-source.new.1521/dtb-aarch64.changes
2022-08-14 15:55:17.579724370 +0200
@@ -1,0 +2,81 @@
+Thu Aug 11 13:32:49 CEST 2022 - jsl...@suse.cz
+
+- Linux 5.19.1 (bsc#1012628).
+- x86/speculation: Add LFENCE to RSB fill sequence (bsc#1012628).
+- x86/speculation: Add RSB VM Exit protections (bsc#1012628).
+- macintosh/adb: fix oob read in do_adb_query() function
+ (bsc#1012628).
+- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
+ (bsc#1012628).
+- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
+ (bsc#1012628).
+- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
+ (bsc#1012628).
+- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
+ (bsc#1012628).
+- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
+ (bsc#1012628).
+- Bluetooth: btusb: Add support of IMC Networks PID 0x3568
+ (bsc#1012628).
+- dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding
+ (bsc#1012628).
+- Bluetooth: hci_bcm: Add DT compatible for CYW55572
+ (bsc#1012628).
+- Bluetooth: hci_bcm: Add BCM4349B1 variant (bsc#1012628).
+- Bluetooth: hci_qca: Return wakeup for qca_wakeup (bsc#1012628).
+- arm64: set UXN on swapper page tables (bsc#1012628).
+- ata: sata_mv: Fixes expected number of resources now IRQs are
+ gone (bsc#1012628).
+- crypto: arm64/poly1305 - fix a read out-of-bound (bsc#1012628).
+- ACPI: APEI: Better fix to avoid spamming the console with old
+ error logs (bsc#1012628).
+- ACPI: video: Shortening quirk list by identifying Clevo by
+ board_name only (bsc#1012628).
+- ACPI: video: Force backlight native for some TongFang devices
+ (bsc#1012628).
+- tools/vm/slabinfo: Handle files in debugfs (bsc#1012628).
+- block: fix default IO priority handling again (bsc#1012628).
+- commit a5bf6c0
+
+-------------------------------------------------------------------
+Thu Aug 11 12:09:59 CEST 2022 - jsl...@suse.cz
+
+- mm/mprotect: fix soft-dirty check in can_change_pte_writable()
+ (bsc#1202013 CVE-2022-2590).
+- commit 46cb433
+
+-------------------------------------------------------------------
+Thu Aug 11 10:48:02 CEST 2022 - jsl...@suse.cz
+
+- Refresh
+ patches.suse/Revert-zram-remove-double-compression-logic.patch.
+ Update upstream status.
+- commit e707d80
+
+-------------------------------------------------------------------
+Thu Aug 11 10:45:34 CEST 2022 - jsl...@suse.cz
+
+- mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
+ (bsc#1202013 CVE-2022-2590).
+- commit cbcf3e8
+
+-------------------------------------------------------------------
+Wed Aug 10 18:57:11 CEST 2022 - je...@suse.com
+
+- config: Disable reiserfs kernel module (bsc#1202309).
+ Future access of reiserfs file systems can be done by using the FUSE
+ implementation of reiserfs that ships with GRUB.
+ $ grub2-mount <dev> /path/to/mountpoint
+- commit db8891f
+
+-------------------------------------------------------------------
+Wed Aug 10 11:28:52 CEST 2022 - jsl...@suse.cz
+
+- kbuild: dummy-tools: pretend we understand __LONG_DOUBLE_128__
+ (ppc config fix).
+- Update config files.
+ This sets PPC_LONG_DOUBLE_128 automatically and allows us to set
+ DRM_AMD_SECURE_DISPLAY too. I set it to y to copy other architectures.
+- commit 48dfdff
+
+-------------------------------------------------------------------
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
dtb-riscv64.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-kvmsmall.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-vanilla.changes: same change
kernel-zfcpdump.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:22.715735281 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:22.719735289 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -29,9 +29,9 @@
%(chmod +x
%_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build})
Name: dtb-aarch64
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
dtb-riscv64.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:22.827735519 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:22.835735535 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: Kernel with 64kb PAGE_SIZE
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -236,10 +236,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
-Provides: kernel-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides:
kernel-%build_flavor-base-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
+Provides: kernel-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
# END COMMON DEPS
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%obsolete_rebuilds %name
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source3: kernel-source.rpmlintrc
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:22.863735595 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:22.871735612 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: A Debug Version of the Kernel
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -236,10 +236,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
-Provides: kernel-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides:
kernel-%build_flavor-base-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
+Provides: kernel-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
# END COMMON DEPS
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%ifarch ppc64
Provides: kernel-kdump = 2.6.28
Obsoletes: kernel-kdump <= 2.6.28
++++++ kernel-default.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:22.899735672 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:22.903735680 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: The Standard Kernel
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -236,10 +236,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
-Provides: kernel-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides:
kernel-%build_flavor-base-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
+Provides: kernel-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
# END COMMON DEPS
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%ifarch %ix86
Provides: kernel-smp = 2.6.17
Obsoletes: kernel-smp <= 2.6.17
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:22.923735723 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:22.931735739 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -31,9 +31,9 @@
Summary: Kernel Documentation
License: GPL-2.0-only
Group: Documentation/Man
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -67,7 +67,7 @@
%endif
URL: https://www.kernel.org/
Provides: %name = %version-%source_rel
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
++++++ kernel-kvmsmall.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:22.959735799 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:22.967735816 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: The Small Developer Kernel for KVM
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -236,10 +236,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
-Provides: kernel-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides:
kernel-%build_flavor-base-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
+Provides: kernel-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
# END COMMON DEPS
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%obsolete_rebuilds %name
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source3: kernel-source.rpmlintrc
kernel-lpae.spec: same change
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:23.019735926 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:23.023735935 +0200
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
@@ -45,7 +45,7 @@
%endif
%endif
%endif
-BuildRequires:
kernel%kernel_flavor-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+BuildRequires:
kernel%kernel_flavor-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%if 0%{?rhel_version}
BuildRequires: kernel
@@ -64,9 +64,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0-only
Group: SLES
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:23.047735986 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:23.051735995 +0200
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0-only
Group: SLES
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:23.071736037 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:23.079736054 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -236,10 +236,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
-Provides: kernel-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides:
kernel-%build_flavor-base-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
+Provides: kernel-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
# END COMMON DEPS
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%ifarch %ix86
Provides: kernel-bigsmp = 2.6.17
Obsoletes: kernel-bigsmp <= 2.6.17
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:23.099736097 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:23.103736105 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
@@ -31,9 +31,9 @@
%endif
Name: kernel-source
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -50,7 +50,7 @@
BuildRequires: sed
Requires(post): coreutils sed
Provides: %name = %version-%source_rel
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
Provides: linux
Provides: multiversion(kernel)
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:23.135736173 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:23.139736181 +0200
@@ -24,10 +24,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0-only
Group: Development/Sources
-Version: 5.19.0
+Version: 5.19.1
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -52,7 +52,7 @@
%endif
Requires: pesign-obs-integration
Provides: %name = %version-%source_rel
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
Provides: multiversion(kernel)
Source: README.KSYMS
Requires: kernel-devel%variant = %version-%source_rel
++++++ kernel-vanilla.spec ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:23.159736224 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:23.167736241 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.19
-%define patchversion 5.19.0
+%define patchversion 5.19.1
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: The Standard Kernel - without any SUSE patches
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.19.0
+Version: 5.19.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g8213b0c
+Release: <RELEASE>.ga5bf6c0
%else
Release: 0
%endif
@@ -236,10 +236,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
-Provides: kernel-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides:
kernel-%build_flavor-base-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
+Provides: kernel-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
# END COMMON DEPS
-Provides: %name-srchash-8213b0c0cb8450a0f8f1db115acc781271604732
+Provides: %name-srchash-a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
%obsolete_rebuilds %name
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source3: kernel-source.rpmlintrc
kernel-zfcpdump.spec: same change
++++++ config.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/arm64/debug new/config/arm64/debug
--- old/config/arm64/debug 2022-08-09 18:37:12.000000000 +0200
+++ new/config/arm64/debug 2022-08-10 19:31:33.000000000 +0200
@@ -54,8 +54,6 @@
CONFIG_MMC_DEBUG=y
CONFIG_OCFS2_DEBUG_FS=y
CONFIG_PCI_DEBUG=y
-CONFIG_REISERFS_CHECK=y
-CONFIG_REISERFS_PROC_INFO=y
CONFIG_RT2X00_DEBUG=y
CONFIG_RTC_DRV_TEST=m
CONFIG_RTW88_DEBUG=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/arm64/default new/config/arm64/default
--- old/config/arm64/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/arm64/default 2022-08-10 19:31:33.000000000 +0200
@@ -11344,12 +11344,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv6hl/default new/config/armv6hl/default
--- old/config/armv6hl/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/armv6hl/default 2022-08-10 19:31:33.000000000 +0200
@@ -7842,12 +7842,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default
--- old/config/armv7hl/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/armv7hl/default 2022-08-10 19:31:33.000000000 +0200
@@ -11163,12 +11163,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/lpae new/config/armv7hl/lpae
--- old/config/armv7hl/lpae 2022-08-09 18:37:12.000000000 +0200
+++ new/config/armv7hl/lpae 2022-08-10 19:31:33.000000000 +0200
@@ -10787,12 +10787,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/i386/debug new/config/i386/debug
--- old/config/i386/debug 2022-08-09 18:37:12.000000000 +0200
+++ new/config/i386/debug 2022-08-10 19:31:33.000000000 +0200
@@ -58,8 +58,6 @@
# CONFIG_PARAVIRT_SPINLOCKS is not set
CONFIG_PCI_DEBUG=y
CONFIG_PREEMPTIRQ_DELAY_TEST=m
-CONFIG_REISERFS_CHECK=y
-CONFIG_REISERFS_PROC_INFO=y
CONFIG_RT2X00_DEBUG=y
CONFIG_RT2X00_LIB_DEBUGFS=y
CONFIG_RTC_DRV_TEST=m
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/i386/pae new/config/i386/pae
--- old/config/i386/pae 2022-08-09 18:37:12.000000000 +0200
+++ new/config/i386/pae 2022-08-10 19:31:33.000000000 +0200
@@ -9737,12 +9737,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/ppc64/debug new/config/ppc64/debug
--- old/config/ppc64/debug 2022-08-09 18:37:12.000000000 +0200
+++ new/config/ppc64/debug 2022-08-10 19:31:33.000000000 +0200
@@ -42,8 +42,6 @@
CONFIG_MAC80211_TDLS_DEBUG=y
CONFIG_MAC80211_VERBOSE_DEBUG=y
CONFIG_PREEMPTIRQ_DELAY_TEST=m
-CONFIG_REISERFS_CHECK=y
-CONFIG_REISERFS_PROC_INFO=y
CONFIG_RT2X00_DEBUG=y
CONFIG_RT2X00_LIB_DEBUGFS=y
CONFIG_SCSI_LPFC_DEBUG_FS=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default
--- old/config/ppc64/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/ppc64/default 2022-08-10 19:31:33.000000000 +0200
@@ -327,7 +327,7 @@
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_PPC=y
-# CONFIG_PPC_LONG_DOUBLE_128 is not set
+CONFIG_PPC_LONG_DOUBLE_128=y
CONFIG_PPC_BARRIER_NOSPEC=y
CONFIG_EARLY_PRINTK=y
CONFIG_PANIC_TIMEOUT=90
@@ -5887,10 +5887,11 @@
# Display Engine Configuration
#
CONFIG_DRM_AMD_DC=y
-# CONFIG_DRM_AMD_DC_DCN is not set
+CONFIG_DRM_AMD_DC_DCN=y
CONFIG_DRM_AMD_DC_HDCP=y
CONFIG_DRM_AMD_DC_SI=y
# CONFIG_DEBUG_KERNEL_DC is not set
+CONFIG_DRM_AMD_SECURE_DISPLAY=y
# end of Display Engine Configuration
CONFIG_HSA_AMD=y
@@ -7597,12 +7598,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/ppc64le/debug new/config/ppc64le/debug
--- old/config/ppc64le/debug 2022-08-09 18:37:12.000000000 +0200
+++ new/config/ppc64le/debug 2022-08-10 19:31:33.000000000 +0200
@@ -40,8 +40,6 @@
CONFIG_MAC80211_TDLS_DEBUG=y
CONFIG_MAC80211_VERBOSE_DEBUG=y
CONFIG_PREEMPTIRQ_DELAY_TEST=m
-CONFIG_REISERFS_CHECK=y
-CONFIG_REISERFS_PROC_INFO=y
CONFIG_RT2X00_DEBUG=y
CONFIG_RT2X00_LIB_DEBUGFS=y
CONFIG_RTW88_DEBUG=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default
--- old/config/ppc64le/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/ppc64le/default 2022-08-10 19:31:33.000000000 +0200
@@ -324,7 +324,7 @@
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_PPC=y
-# CONFIG_PPC_LONG_DOUBLE_128 is not set
+CONFIG_PPC_LONG_DOUBLE_128=y
CONFIG_PPC_BARRIER_NOSPEC=y
CONFIG_EARLY_PRINTK=y
CONFIG_PANIC_TIMEOUT=90
@@ -5750,10 +5750,11 @@
# Display Engine Configuration
#
CONFIG_DRM_AMD_DC=y
-# CONFIG_DRM_AMD_DC_DCN is not set
+CONFIG_DRM_AMD_DC_DCN=y
CONFIG_DRM_AMD_DC_HDCP=y
CONFIG_DRM_AMD_DC_SI=y
# CONFIG_DEBUG_KERNEL_DC is not set
+CONFIG_DRM_AMD_SECURE_DISPLAY=y
# end of Display Engine Configuration
CONFIG_HSA_AMD=y
@@ -7445,12 +7446,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/riscv64/default new/config/riscv64/default
--- old/config/riscv64/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/riscv64/default 2022-08-10 19:31:33.000000000 +0200
@@ -8507,12 +8507,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/s390x/default new/config/s390x/default
--- old/config/s390x/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/s390x/default 2022-08-10 19:31:33.000000000 +0200
@@ -3553,12 +3553,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/x86_64/debug new/config/x86_64/debug
--- old/config/x86_64/debug 2022-08-09 18:37:12.000000000 +0200
+++ new/config/x86_64/debug 2022-08-10 19:31:33.000000000 +0200
@@ -56,8 +56,6 @@
CONFIG_OCFS2_DEBUG_FS=y
# CONFIG_PARAVIRT_SPINLOCKS is not set
CONFIG_PCI_DEBUG=y
-CONFIG_REISERFS_CHECK=y
-CONFIG_REISERFS_PROC_INFO=y
CONFIG_RT2X00_DEBUG=y
CONFIG_RT2X00_LIB_DEBUGFS=y
CONFIG_RTC_DRV_TEST=m
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/x86_64/default new/config/x86_64/default
--- old/config/x86_64/default 2022-08-09 18:37:12.000000000 +0200
+++ new/config/x86_64/default 2022-08-10 19:31:33.000000000 +0200
@@ -9657,12 +9657,7 @@
CONFIG_JBD2=m
# CONFIG_JBD2_DEBUG is not set
CONFIG_FS_MBCACHE=m
-CONFIG_REISERFS_FS=m
-# CONFIG_REISERFS_CHECK is not set
-# CONFIG_REISERFS_PROC_INFO is not set
-CONFIG_REISERFS_FS_XATTR=y
-CONFIG_REISERFS_FS_POSIX_ACL=y
-CONFIG_REISERFS_FS_SECURITY=y
+# CONFIG_REISERFS_FS is not set
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
++++++ patches.kernel.org.tar.bz2 ++++++
++++ 1945 lines of diff (skipped)
++++++ patches.rpmify.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.rpmify/kbuild-dummy-tools-pretend-we-understand-__LONG_DOUB.patch
new/patches.rpmify/kbuild-dummy-tools-pretend-we-understand-__LONG_DOUB.patch
---
old/patches.rpmify/kbuild-dummy-tools-pretend-we-understand-__LONG_DOUB.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.rpmify/kbuild-dummy-tools-pretend-we-understand-__LONG_DOUB.patch
2022-08-10 11:28:52.000000000 +0200
@@ -0,0 +1,38 @@
+From: Jiri Slaby <jsl...@suse.cz>
+Date: Wed, 3 Mar 2021 11:43:14 +0100
+Subject: kbuild: dummy-tools: pretend we understand __LONG_DOUBLE_128__
+Patch-mainline: Submitted 20220810092603.20368-1-jsl...@suse.cz
+References: ppc config fix
+
+There is a test in powerpc's Kconfig which checks __LONG_DOUBLE_128__
+and sets CONFIG_PPC_LONG_DOUBLE_128 if it is understood by the compiler.
+
+We currently don't handle it, so this results in PPC_LONG_DOUBLE_128 not
+being in super-config generated by dummy-tools. So take this into
+account in the gcc script and preprocess __LONG_DOUBLE_128__ as "1".
+
+Cc: Masahiro Yamada <masahi...@kernel.org>
+Cc: Michal Marek <michal.l...@markovi.net>
+Cc: Nick Desaulniers <ndesaulni...@google.com>
+Cc: linux-kbu...@vger.kernel.org
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ scripts/dummy-tools/gcc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/scripts/dummy-tools/gcc b/scripts/dummy-tools/gcc
+index 7db82584..1db1889f 100755
+--- a/scripts/dummy-tools/gcc
++++ b/scripts/dummy-tools/gcc
+@@ -59,7 +59,7 @@ fi
+ if arg_contain -E "$@"; then
+ # For scripts/cc-version.sh; This emulates GCC 20.0.0
+ if arg_contain - "$@"; then
+- sed -n '/^GCC/{s/__GNUC__/20/; s/__GNUC_MINOR__/0/;
s/__GNUC_PATCHLEVEL__/0/; p;}'
++ sed -n '/^GCC/{s/__GNUC__/20/; s/__GNUC_MINOR__/0/;
s/__GNUC_PATCHLEVEL__/0/; p;}; s/__LONG_DOUBLE_128__/1/ p'
+ exit 0
+ else
+ echo "no input files" >&2
+--
+2.35.3
+
++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/Revert-zram-remove-double-compression-logic.patch
new/patches.suse/Revert-zram-remove-double-compression-logic.patch
--- old/patches.suse/Revert-zram-remove-double-compression-logic.patch
2022-08-09 10:07:03.000000000 +0200
+++ new/patches.suse/Revert-zram-remove-double-compression-logic.patch
2022-08-11 12:16:01.000000000 +0200
@@ -1,13 +1,45 @@
From: Jiri Slaby <jsl...@suse.cz>
-Date: Tue, 9 Aug 2022 10:02:37 +0200
+Date: Wed, 10 Aug 2022 09:06:09 +0200
Subject: Revert "zram: remove double compression logic"
-Patch-mainline: not yet, under discussion
+Git-repo:
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm#mm-hotfixes-unstable
+Git-commit: c3697d57c2019274c23680ffdcb22057f6db14fd
+Patch-mainline: Queued in subsystem maintainer repository
References: bsc#1202203
-This reverts commit e7be8d1dd983156bbdd22c0319b71119a8fbb697 as it
-causes zram failures.
+This reverts commit e7be8d1dd983156b ("zram: remove double compression
+logic") as it causes zram failures. It does not revert cleanly, PTR_ERR
+handling was introduced in the meantime. This is handled by appropriate
+IS_ERR.
+When under memory pressure, zs_malloc() can fail. Before the above
+commit, the allocation was retried with direct reclaim enabled (GFP_NOIO).
+After the commit, it is not -- only __GFP_KSWAPD_RECLAIM is tried.
+
+So when the failure occurs under memory pressure, the overlaying
+filesystem such as ext2 (mounted by ext4 module in this case) can emit
+failures, making the (file)system unusable:
+ EXT4-fs warning (device zram0): ext4_end_bio:343: I/O error 10 writing to
inode 16386 starting block 159744)
+ Buffer I/O error on device zram0, logical block 159744
+
+With direct reclaim, memory is really reclaimed and allocation succeeds,
+eventually. In the worst case, the oom killer is invoked, which is proper
+outcome if user sets up zram too large (in comparison to available RAM).
+
+This very diff doesn't apply to 5.19 (stable) cleanly (see PTR_ERR note
+above). Use revert of e7be8d1dd983 directly.
+
+Link: https://bugzilla.suse.com/show_bug.cgi?id=1202203
+Link: https://lkml.kernel.org/r/20220810070609.14402-1-jsl...@suse.cz
+Fixes: e7be8d1dd983 ("zram: remove double compression logic")
Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+Reviewed-by: Sergey Senozhatsky <senozhat...@chromium.org>
+Cc: Minchan Kim <minc...@kernel.org>
+Cc: Nitin Gupta <ngu...@vflare.org>
+Cc: Alexey Romanov <avroma...@sberdevices.ru>
+Cc: Dmitry Rokosov <ddroko...@sberdevices.ru>
+Cc: Lukas Czerner <lczer...@redhat.com>
+Cc: <sta...@vger.kernel.org> [5.19]
+Signed-off-by: Andrew Morton <a...@linux-foundation.org>
---
drivers/block/zram/zram_drv.c | 42
++++++++++++++++++++++++++++++++----------
drivers/block/zram/zram_drv.h | 1 +
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/mm-gup-fix-FOLL_FORCE-COW-security-issue-and-remove-.patch
new/patches.suse/mm-gup-fix-FOLL_FORCE-COW-security-issue-and-remove-.patch
--- old/patches.suse/mm-gup-fix-FOLL_FORCE-COW-security-issue-and-remove-.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/mm-gup-fix-FOLL_FORCE-COW-security-issue-and-remove-.patch
2022-08-11 12:16:01.000000000 +0200
@@ -0,0 +1,303 @@
+From: David Hildenbrand <da...@redhat.com>
+Date: Tue, 9 Aug 2022 22:56:40 +0200
+Subject: mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
+Git-repo:
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm#mm-hotfixes-unstable
+Git-commit: 4f5409708b5bd1f8f0ebae0e9e9919896b56d871
+Patch-mainline: Queued in subsystem maintainer repository
+References: bsc#1202013 CVE-2022-2590
+
+Ever since the Dirty COW (CVE-2016-5195) security issue happened, we know
+that FOLL_FORCE can be possibly dangerous, especially if there are races
+that can be exploited by user space.
+
+Right now, it would be sufficient to have some code that sets a PTE of a
+R/O-mapped shared page dirty, in order for it to erroneously become
+writable by FOLL_FORCE. The implications of setting a write-protected PTE
+dirty might not be immediately obvious to everyone.
+
+And in fact ever since commit 9ae0f87d009c ("mm/shmem: unconditionally set
+pte dirty in mfill_atomic_install_pte"), we can use UFFDIO_CONTINUE to map
+a shmem page R/O while marking the pte dirty. This can be used by
+unprivileged user space to modify tmpfs/shmem file content even if the
+user does not have write permissions to the file, and to bypass memfd
+write sealing -- Dirty COW restricted to tmpfs/shmem (CVE-2022-2590).
+
+To fix such security issues for good, the insight is that we really only
+need that fancy retry logic (FOLL_COW) for COW mappings that are not
+writable (!VM_WRITE). And in a COW mapping, we really only broke COW if
+we have an exclusive anonymous page mapped. If we have something else
+mapped, or the mapped anonymous page might be shared (!PageAnonExclusive),
+we have to trigger a write fault to break COW. If we don't find an
+exclusive anonymous page when we retry, we have to trigger COW breaking
+once again because something intervened.
+
+Let's move away from this mandatory-retry + dirty handling and rely on our
+PageAnonExclusive() flag for making a similar decision, to use the same
+COW logic as in other kernel parts here as well. In case we stumble over
+a PTE in a COW mapping that does not map an exclusive anonymous page, COW
+was not properly broken and we have to trigger a fake write-fault to break
+COW.
+
+Just like we do in can_change_pte_writable() added via commit 64fe24a3e05e
+("mm/mprotect: try avoiding write faults for exclusive anonymous pages
+when changing protection") and commit 76aefad628aa ("mm/mprotect: fix
+soft-dirty check in can_change_pte_writable()"), take care of softdirty
+and uffd-wp manually.
+
+For example, a write() via /proc/self/mem to a uffd-wp-protected range has
+to fail instead of silently granting write access and bypassing the
+userspace fault handler. Note that FOLL_FORCE is not only used for debug
+access, but also triggered by applications without debug intentions, for
+example, when pinning pages via RDMA.
+
+This fixes CVE-2022-2590. Note that only x86_64 and aarch64 are
+affected, because only those support CONFIG_HAVE_ARCH_USERFAULTFD_MINOR.
+
+Fortunately, FOLL_COW is no longer required to handle FOLL_FORCE. So
+let's just get rid of it.
+
+Thanks to Nadav Amit for pointing out that the pte_dirty() check in
+FOLL_FORCE code is problematic and might be exploitable.
+
+Note 1: We don't check for the PTE being dirty because it doesn't matter
+ for making a "was COWed" decision anymore, and whoever modifies the
+ page has to set the page dirty either way.
+
+Note 2: Kernels before extended uffd-wp support and before
+ PageAnonExclusive (< 5.19) can simply revert the problematic
+ commit instead and be safe regarding UFFDIO_CONTINUE. A backport to
+ v5.19 requires minor adjustments due to lack of
+ vma_soft_dirty_enabled().
+
+Link: https://lkml.kernel.org/r/20220809205640.70916-1-da...@redhat.com
+Fixes: 9ae0f87d009c ("mm/shmem: unconditionally set pte dirty in
mfill_atomic_install_pte")
+Signed-off-by: David Hildenbrand <da...@redhat.com>
+Cc: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Cc: Axel Rasmussen <axelrasmus...@google.com>
+Cc: Nadav Amit <nadav.a...@gmail.com>
+Cc: Peter Xu <pet...@redhat.com>
+Cc: Hugh Dickins <hu...@google.com>
+Cc: Andrea Arcangeli <aarca...@redhat.com>
+Cc: Matthew Wilcox <wi...@infradead.org>
+Cc: Vlastimil Babka <vba...@suse.cz>
+Cc: John Hubbard <jhubb...@nvidia.com>
+Cc: Jason Gunthorpe <j...@nvidia.com>
+Cc: David Laight <david.lai...@aculab.com>
+Cc: <sta...@vger.kernel.org> [5.16]
+Signed-off-by: Andrew Morton <a...@linux-foundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ include/linux/mm.h | 1
+ mm/gup.c | 68
+++++++++++++++++++++++++++++++++++------------------
+ mm/huge_memory.c | 64 +++++++++++++++++++++++++++++++++----------------
+ 3 files changed, 89 insertions(+), 44 deletions(-)
+
+--- a/include/linux/mm.h
++++ b/include/linux/mm.h
+@@ -2939,7 +2939,6 @@ struct page *follow_page(struct vm_area_
+ #define FOLL_MIGRATION 0x400 /* wait for page to replace migration
entry */
+ #define FOLL_TRIED 0x800 /* a retry, previous pass started an IO */
+ #define FOLL_REMOTE 0x2000 /* we are working on non-current tsk/mm */
+-#define FOLL_COW 0x4000 /* internal GUP flag */
+ #define FOLL_ANON 0x8000 /* don't do file mappings */
+ #define FOLL_LONGTERM 0x10000 /* mapping lifetime is indefinite: see below */
+ #define FOLL_SPLIT_PMD 0x20000 /* split huge pmd before returning */
+--- a/mm/gup.c
++++ b/mm/gup.c
+@@ -478,14 +478,42 @@ static int follow_pfn_pte(struct vm_area
+ return -EEXIST;
+ }
+
+-/*
+- * FOLL_FORCE can write to even unwritable pte's, but only
+- * after we've gone through a COW cycle and they are dirty.
+- */
+-static inline bool can_follow_write_pte(pte_t pte, unsigned int flags)
++/* FOLL_FORCE can write to even unwritable PTEs in COW mappings. */
++static inline bool can_follow_write_pte(pte_t pte, struct page *page,
++ struct vm_area_struct *vma,
++ unsigned int flags)
+ {
+- return pte_write(pte) ||
+- ((flags & FOLL_FORCE) && (flags & FOLL_COW) && pte_dirty(pte));
++ /* If the pte is writable, we can write to the page. */
++ if (pte_write(pte))
++ return true;
++
++ /* Maybe FOLL_FORCE is set to override it? */
++ if (!(flags & FOLL_FORCE))
++ return false;
++
++ /* But FOLL_FORCE has no effect on shared mappings */
++ if (vma->vm_flags & (VM_MAYSHARE | VM_SHARED))
++ return false;
++
++ /* ... or read-only private ones */
++ if (!(vma->vm_flags & VM_MAYWRITE))
++ return false;
++
++ /* ... or already writable ones that just need to take a write fault */
++ if (vma->vm_flags & VM_WRITE)
++ return false;
++
++ /*
++ * See can_change_pte_writable(): we broke COW and could map the page
++ * writable if we have an exclusive anonymous page ...
++ */
++ if (!page || !PageAnon(page) || !PageAnonExclusive(page))
++ return false;
++
++ /* ... and a write-fault isn't required for other reasons. */
++ if (vma_soft_dirty_enabled(vma) && !pte_soft_dirty(pte))
++ return false;
++ return !userfaultfd_pte_wp(vma, pte);
+ }
+
+ static struct page *follow_page_pte(struct vm_area_struct *vma,
+@@ -528,12 +556,19 @@ retry:
+ }
+ if ((flags & FOLL_NUMA) && pte_protnone(pte))
+ goto no_page;
+- if ((flags & FOLL_WRITE) && !can_follow_write_pte(pte, flags)) {
+- pte_unmap_unlock(ptep, ptl);
+- return NULL;
+- }
+
+ page = vm_normal_page(vma, address, pte);
++
++ /*
++ * We only care about anon pages in can_follow_write_pte() and don't
++ * have to worry about pte_devmap() because they are never anon.
++ */
++ if ((flags & FOLL_WRITE) &&
++ !can_follow_write_pte(pte, page, vma, flags)) {
++ page = NULL;
++ goto out;
++ }
++
+ if (!page && pte_devmap(pte) && (flags & (FOLL_GET | FOLL_PIN))) {
+ /*
+ * Only return device mapping pages in the FOLL_GET or FOLL_PIN
+@@ -967,17 +1002,6 @@ static int faultin_page(struct vm_area_s
+ return -EBUSY;
+ }
+
+- /*
+- * The VM_FAULT_WRITE bit tells us that do_wp_page has broken COW when
+- * necessary, even if maybe_mkwrite decided not to set pte_write. We
+- * can thus safely do subsequent page lookups as if they were reads.
+- * But only do so when looping for pte_write is futile: in some cases
+- * userspace may also be wanting to write to the gotten user page,
+- * which a read fault here might prevent (a readonly page might get
+- * reCOWed by userspace write).
+- */
+- if ((ret & VM_FAULT_WRITE) && !(vma->vm_flags & VM_WRITE))
+- *flags |= FOLL_COW;
+ return 0;
+ }
+
+--- a/mm/huge_memory.c
++++ b/mm/huge_memory.c
+@@ -977,12 +977,6 @@ struct page *follow_devmap_pmd(struct vm
+
+ assert_spin_locked(pmd_lockptr(mm, pmd));
+
+- /*
+- * When we COW a devmap PMD entry, we split it into PTEs, so we should
+- * not be in this function with `flags & FOLL_COW` set.
+- */
+- WARN_ONCE(flags & FOLL_COW, "mm: In follow_devmap_pmd with FOLL_COW
set");
+-
+ /* FOLL_GET and FOLL_PIN are mutually exclusive. */
+ if (WARN_ON_ONCE((flags & (FOLL_PIN | FOLL_GET)) ==
+ (FOLL_PIN | FOLL_GET)))
+@@ -1348,14 +1342,42 @@ fallback:
+ return VM_FAULT_FALLBACK;
+ }
+
+-/*
+- * FOLL_FORCE can write to even unwritable pmd's, but only
+- * after we've gone through a COW cycle and they are dirty.
+- */
+-static inline bool can_follow_write_pmd(pmd_t pmd, unsigned int flags)
++/* FOLL_FORCE can write to even unwritable PMDs in COW mappings. */
++static inline bool can_follow_write_pmd(pmd_t pmd, struct page *page,
++ struct vm_area_struct *vma,
++ unsigned int flags)
+ {
+- return pmd_write(pmd) ||
+- ((flags & FOLL_FORCE) && (flags & FOLL_COW) && pmd_dirty(pmd));
++ /* If the pmd is writable, we can write to the page. */
++ if (pmd_write(pmd))
++ return true;
++
++ /* Maybe FOLL_FORCE is set to override it? */
++ if (!(flags & FOLL_FORCE))
++ return false;
++
++ /* But FOLL_FORCE has no effect on shared mappings */
++ if (vma->vm_flags & (VM_MAYSHARE | VM_SHARED))
++ return false;
++
++ /* ... or read-only private ones */
++ if (!(vma->vm_flags & VM_MAYWRITE))
++ return false;
++
++ /* ... or already writable ones that just need to take a write fault */
++ if (vma->vm_flags & VM_WRITE)
++ return false;
++
++ /*
++ * See can_change_pte_writable(): we broke COW and could map the page
++ * writable if we have an exclusive anonymous page ...
++ */
++ if (!page || !PageAnon(page) || !PageAnonExclusive(page))
++ return false;
++
++ /* ... and a write-fault isn't required for other reasons. */
++ if (vma_soft_dirty_enabled(vma) && !pmd_soft_dirty(pmd))
++ return false;
++ return !userfaultfd_huge_pmd_wp(vma, pmd);
+ }
+
+ struct page *follow_trans_huge_pmd(struct vm_area_struct *vma,
+@@ -1364,12 +1386,16 @@ struct page *follow_trans_huge_pmd(struc
+ unsigned int flags)
+ {
+ struct mm_struct *mm = vma->vm_mm;
+- struct page *page = NULL;
++ struct page *page;
+
+ assert_spin_locked(pmd_lockptr(mm, pmd));
+
+- if (flags & FOLL_WRITE && !can_follow_write_pmd(*pmd, flags))
+- goto out;
++ page = pmd_page(*pmd);
++ VM_BUG_ON_PAGE(!PageHead(page) && !is_zone_device_page(page), page);
++
++ if ((flags & FOLL_WRITE) &&
++ !can_follow_write_pmd(*pmd, page, vma, flags))
++ return NULL;
+
+ /* Avoid dumping huge zero page */
+ if ((flags & FOLL_DUMP) && is_huge_zero_pmd(*pmd))
+@@ -1377,10 +1403,7 @@ struct page *follow_trans_huge_pmd(struc
+
+ /* Full NUMA hinting faults to serialise migration in fault paths */
+ if ((flags & FOLL_NUMA) && pmd_protnone(*pmd))
+- goto out;
+-
+- page = pmd_page(*pmd);
+- VM_BUG_ON_PAGE(!PageHead(page) && !is_zone_device_page(page), page);
++ return NULL;
+
+ if (!pmd_write(*pmd) && gup_must_unshare(flags, page))
+ return ERR_PTR(-EMLINK);
+@@ -1397,7 +1420,6 @@ struct page *follow_trans_huge_pmd(struc
+ page += (addr & ~HPAGE_PMD_MASK) >> PAGE_SHIFT;
+ VM_BUG_ON_PAGE(!PageCompound(page) && !is_zone_device_page(page), page);
+
+-out:
+ return page;
+ }
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/mm-mprotect-fix-soft-dirty-check-in-can_change_pte_w.patch
new/patches.suse/mm-mprotect-fix-soft-dirty-check-in-can_change_pte_w.patch
--- old/patches.suse/mm-mprotect-fix-soft-dirty-check-in-can_change_pte_w.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/mm-mprotect-fix-soft-dirty-check-in-can_change_pte_w.patch
2022-08-11 12:16:01.000000000 +0200
@@ -0,0 +1,177 @@
+From: Peter Xu <pet...@redhat.com>
+Date: Mon, 25 Jul 2022 10:20:46 -0400
+Subject: mm/mprotect: fix soft-dirty check in can_change_pte_writable()
+Git-commit: 76aefad628aae152207ee624a7981b9aa1a267d8
+Patch-mainline: v6.0-rc1
+References: bsc#1202013 CVE-2022-2590
+
+Patch series "mm/mprotect: Fix soft-dirty checks", v4.
+
+
+This patch (of 3):
+
+The check wanted to make sure when soft-dirty tracking is enabled we won't
+grant write bit by accident, as a page fault is needed for dirty tracking.
+The intention is correct but we didn't check it right because
+VM_SOFTDIRTY set actually means soft-dirty tracking disabled. Fix it.
+
+There's another thing tricky about soft-dirty is that, we can't check the
+vma flag !(vma_flags & VM_SOFTDIRTY) directly but only check it after we
+checked CONFIG_MEM_SOFT_DIRTY because otherwise VM_SOFTDIRTY will be
+defined as zero, and !(vma_flags & VM_SOFTDIRTY) will constantly return
+true. To avoid misuse, introduce a helper for checking whether vma has
+soft-dirty tracking enabled.
+
+We can easily verify this with any exclusive anonymous page, like program
+below:
+
+=======8<======
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <stdlib.h>
+ #include <assert.h>
+ #include <inttypes.h>
+ #include <stdint.h>
+ #include <sys/types.h>
+ #include <sys/mman.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <unistd.h>
+ #include <fcntl.h>
+ #include <stdbool.h>
+
+ #define BIT_ULL(nr) (1ULL << (nr))
+ #define PM_SOFT_DIRTY BIT_ULL(55)
+
+ unsigned int psize;
+ char *page;
+
+ uint64_t pagemap_read_vaddr(int fd, void *vaddr)
+ {
+ uint64_t value;
+ int ret;
+
+ ret = pread(fd, &value, sizeof(uint64_t),
+ ((uint64_t)vaddr >> 12) * sizeof(uint64_t));
+ assert(ret == sizeof(uint64_t));
+
+ return value;
+ }
+
+ void clear_refs_write(void)
+ {
+ int fd = open("/proc/self/clear_refs", O_RDWR);
+
+ assert(fd >= 0);
+ write(fd, "4", 2);
+ close(fd);
+ }
+
+ #define check_soft_dirty(str, expect) do { \
+ bool dirty = pagemap_read_vaddr(fd, page) & PM_SOFT_DIRTY; \
+ if (dirty != expect) { \
+ printf("ERROR: %s, soft-dirty=%d (expect: %d)
+", str, dirty, expect); \
+ exit(-1); \
+ } \
+ } while (0)
+
+ int main(void)
+ {
+ int fd = open("/proc/self/pagemap", O_RDONLY);
+
+ assert(fd >= 0);
+ psize = getpagesize();
+ page = mmap(NULL, psize, PROT_READ|PROT_WRITE,
+ MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
+ assert(page != MAP_FAILED);
+
+ *page = 1;
+ check_soft_dirty("Just faulted in page", 1);
+ clear_refs_write();
+ check_soft_dirty("Clear_refs written", 0);
+ mprotect(page, psize, PROT_READ);
+ check_soft_dirty("Marked RO", 0);
+ mprotect(page, psize, PROT_READ|PROT_WRITE);
+ check_soft_dirty("Marked RW", 0);
+ *page = 2;
+ check_soft_dirty("Wrote page again", 1);
+
+ munmap(page, psize);
+ close(fd);
+ printf("Test passed.
+");
+
+ return 0;
+ }
+=======8<======
+
+Here we attach a Fixes to commit 64fe24a3e05e only for easy tracking, as
+this patch won't apply to a tree before that point. However the commit
+wasn't the source of problem, but instead 64e455079e1b. It's just that
+after 64fe24a3e05e anonymous memory will also suffer from this problem
+with mprotect().
+
+Link: https://lkml.kernel.org/r/20220725142048.30450-1-pet...@redhat.com
+Link: https://lkml.kernel.org/r/20220725142048.30450-2-pet...@redhat.com
+Fixes: 64e455079e1b ("mm: softdirty: enable write notifications on VMAs after
VM_SOFTDIRTY cleared")
+Fixes: 64fe24a3e05e ("mm/mprotect: try avoiding write faults for exclusive
anonymous pages when changing protection")
+Signed-off-by: Peter Xu <pet...@redhat.com>
+Reviewed-by: David Hildenbrand <da...@redhat.com>
+Cc: Nadav Amit <nadav.a...@gmail.com>
+Cc: Andrea Arcangeli <aarca...@redhat.com>
+Signed-off-by: Andrew Morton <a...@linux-foundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ mm/internal.h | 18 ++++++++++++++++++
+ mm/mmap.c | 2 +-
+ mm/mprotect.c | 2 +-
+ 3 files changed, 20 insertions(+), 2 deletions(-)
+
+--- a/mm/internal.h
++++ b/mm/internal.h
+@@ -861,4 +861,22 @@ struct folio *try_grab_folio(struct page
+
+ DECLARE_PER_CPU(struct per_cpu_nodestat, boot_nodestats);
+
++static inline bool vma_soft_dirty_enabled(struct vm_area_struct *vma)
++{
++ /*
++ * NOTE: we must check this before VM_SOFTDIRTY on soft-dirty
++ * enablements, because when without soft-dirty being compiled in,
++ * VM_SOFTDIRTY is defined as 0x0, then !(vm_flags & VM_SOFTDIRTY)
++ * will be constantly true.
++ */
++ if (!IS_ENABLED(CONFIG_MEM_SOFT_DIRTY))
++ return false;
++
++ /*
++ * Soft-dirty is kind of special: its tracking is enabled when the
++ * vma flags not set.
++ */
++ return !(vma->vm_flags & VM_SOFTDIRTY);
++}
++
+ #endif /* __MM_INTERNAL_H */
+--- a/mm/mmap.c
++++ b/mm/mmap.c
+@@ -1694,7 +1694,7 @@ int vma_wants_writenotify(struct vm_area
+ return 0;
+
+ /* Do we need to track softdirty? */
+- if (IS_ENABLED(CONFIG_MEM_SOFT_DIRTY) && !(vm_flags & VM_SOFTDIRTY))
++ if (vma_soft_dirty_enabled(vma))
+ return 1;
+
+ /* Specialty mapping? */
+--- a/mm/mprotect.c
++++ b/mm/mprotect.c
+@@ -149,7 +149,7 @@ static unsigned long change_pte_range(st
+ /* Avoid taking write faults for known dirty pages */
+ if (dirty_accountable && pte_dirty(ptent) &&
+ (pte_soft_dirty(ptent) ||
+- !(vma->vm_flags & VM_SOFTDIRTY))) {
++ !vma_soft_dirty_enabled(vma))) {
+ ptent = pte_mkwrite(ptent);
+ }
+ ptep_modify_prot_commit(vma, addr, pte, oldpte, ptent);
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:24.327738705 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:24.327738705 +0200
@@ -27,6 +27,28 @@
# DO NOT MODIFY THEM!
# Send separate patches upstream if you find a problem...
########################################################
+
patches.kernel.org/5.19.1-001-block-fix-default-IO-priority-handling-again.patch
+
patches.kernel.org/5.19.1-002-tools-vm-slabinfo-Handle-files-in-debugfs.patch
+
patches.kernel.org/5.19.1-003-ACPI-video-Force-backlight-native-for-some-Ton.patch
+
patches.kernel.org/5.19.1-004-ACPI-video-Shortening-quirk-list-by-identifyin.patch
+
patches.kernel.org/5.19.1-005-ACPI-APEI-Better-fix-to-avoid-spamming-the-con.patch
+
patches.kernel.org/5.19.1-006-crypto-arm64-poly1305-fix-a-read-out-of-bound.patch
+
patches.kernel.org/5.19.1-007-ata-sata_mv-Fixes-expected-number-of-resources.patch
+ patches.kernel.org/5.19.1-008-arm64-set-UXN-on-swapper-page-tables.patch
+
patches.kernel.org/5.19.1-009-Bluetooth-hci_qca-Return-wakeup-for-qca_wakeup.patch
+
patches.kernel.org/5.19.1-010-Bluetooth-hci_bcm-Add-BCM4349B1-variant.patch
+
patches.kernel.org/5.19.1-011-Bluetooth-hci_bcm-Add-DT-compatible-for-CYW555.patch
+
patches.kernel.org/5.19.1-012-dt-bindings-bluetooth-broadcom-Add-BCM4349B1-D.patch
+
patches.kernel.org/5.19.1-013-Bluetooth-btusb-Add-support-of-IMC-Networks-PI.patch
+
patches.kernel.org/5.19.1-014-Bluetooth-btusb-Add-Realtek-RTL8852C-support-I.patch
+
patches.kernel.org/5.19.1-015-Bluetooth-btusb-Add-Realtek-RTL8852C-support-I.patch
+
patches.kernel.org/5.19.1-016-Bluetooth-btusb-Add-Realtek-RTL8852C-support-I.patch
+
patches.kernel.org/5.19.1-017-Bluetooth-btusb-Add-Realtek-RTL8852C-support-I.patch
+
patches.kernel.org/5.19.1-018-Bluetooth-btusb-Add-Realtek-RTL8852C-support-I.patch
+
patches.kernel.org/5.19.1-019-macintosh-adb-fix-oob-read-in-do_adb_query-fun.patch
+
patches.kernel.org/5.19.1-020-x86-speculation-Add-RSB-VM-Exit-protections.patch
+
patches.kernel.org/5.19.1-021-x86-speculation-Add-LFENCE-to-RSB-fill-sequenc.patch
+ patches.kernel.org/5.19.1-022-Linux-5.19.1.patch
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -36,6 +58,7 @@
patches.rpmify/Add-ksym-provides-tool.patch
patches.rpmify/Revert-kconfig-only-write-CONFIG_FOO-is-not-set-for-.patch
patches.rpmify/BTF-Don-t-break-ABI-when-debuginfo-is-disabled.patch
+
patches.rpmify/kbuild-dummy-tools-pretend-we-understand-__LONG_DOUB.patch
########################################################
# The sorted section should contain all patches that are
@@ -57,6 +80,7 @@
patches.suse/0001-drm-Always-warn-if-user-defined-modes-are-not-suppor.patch
patches.suse/0001-drm-client-Look-for-command-line-modes-first.patch
patches.suse/0001-drm-client-Don-t-add-new-command-line-mode.patch
+ patches.suse/mm-mprotect-fix-soft-dirty-check-in-can_change_pte_w.patch
patches.suse/tools-build-Add-feature-test-for-init_disassemble_in.patch
patches.suse/tools-build-Don-t-display-disassembler-four-args-fea.patch
patches.suse/tools-include-add-dis-asm-compat.h-to-handle-version.patch
@@ -82,6 +106,8 @@
# to area specific sections below.
########################################################
patches.suse/Revert-Revert-tcp-change-pingpong-threshold-to-3.patch
+ patches.suse/Revert-zram-remove-double-compression-logic.patch
+ patches.suse/mm-gup-fix-FOLL_FORCE-COW-security-issue-and-remove-.patch
########################################################
# kbuild/module infrastructure fixes
@@ -181,7 +207,6 @@
# Storage
########################################################
patches.suse/scsi-retry-alua-transition-in-progress
- patches.suse/Revert-zram-remove-double-compression-logic.patch
########################################################
# Networking drivers (wired)
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.1caqoT/_old 2022-08-14 15:55:24.347738748 +0200
+++ /var/tmp/diff_new_pack.1caqoT/_new 2022-08-14 15:55:24.351738756 +0200
@@ -1,4 +1,4 @@
-2022-08-09 16:38:40 +0000
-GIT Revision: 8213b0c0cb8450a0f8f1db115acc781271604732
+2022-08-11 11:32:52 +0000
+GIT Revision: a5bf6c0b09ada9ba7e920eeed3a92b4bfb4cc86b
GIT Branch: stable
