From ce717d0a3cff41100bb4620a2e79ca318b10ab55 Mon Sep 17 00:00:00 2001 From: Jonathan Maple Date: Tue, 14 Jan 2025 12:19:54 -0500 Subject: [PATCH 1/2] github actions: Make builds on Merge Request Since we need to make sure external contributors code actually compiles prior to merging. To get access to the forked repos merge request we need to switch over our push to pull_request. In addition we're fixing up some Naming Conventions, adding aarch64 to this branch and fixing the naming so that we can quickly identify if the CI is for x86_64 or aarch64. Also disable the process-pull-request until the `utf-8` situation is resolved. --- .github/workflows/build-check_aarch64.yml | 34 +++++++++++++++++++++++ .github/workflows/build-check_x86_64.yml | 34 +++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 .github/workflows/build-check_aarch64.yml create mode 100644 .github/workflows/build-check_x86_64.yml diff --git a/.github/workflows/build-check_aarch64.yml b/.github/workflows/build-check_aarch64.yml new file mode 100644 index 0000000000000..cb30a2199ed0e --- /dev/null +++ b/.github/workflows/build-check_aarch64.yml @@ -0,0 +1,34 @@ +name: aarch64 CI +on: + pull_request: + branches: + - '**' + - '!mainline' + +jobs: + kernel-build-job: + runs-on: + labels: kernel-build-arm64 + container: + image: rockylinux:8 + env: + ROCKY_ENV: rocky8 + ports: + - 80 + options: --cpus 8 + steps: + - name: Install tools and Libraries + run: | + dnf groupinstall 'Development Tools' -y + dnf install --enablerepo=devel bc dwarves kernel-devel openssl-devel elfutils-libelf-devel -y + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: "${{ github.event.pull_request.head.sha }}" + fetch-depth: 0 + - name: Build the Kernel + run: | + git config --global --add safe.directory /__w/kernel-src-tree/kernel-src-tree + cp configs/kernel-4.18.0-aarch64.config .config + make olddefconfig + make -j8 diff --git a/.github/workflows/build-check_x86_64.yml b/.github/workflows/build-check_x86_64.yml new file mode 100644 index 0000000000000..a1d16685ec22a --- /dev/null +++ b/.github/workflows/build-check_x86_64.yml @@ -0,0 +1,34 @@ +name: x86_64 CI +on: + pull_request: + branches: + - '**' + - '!mainline' + +jobs: + kernel-build-job: + runs-on: + labels: kernel-build + container: + image: rockylinux:8 + env: + ROCKY_ENV: rocky8 + ports: + - 80 + options: --cpus 8 + steps: + - name: Install tools and Libraries + run: | + dnf groupinstall 'Development Tools' -y + dnf install --enablerepo=devel bc dwarves kernel-devel openssl-devel elfutils-libelf-devel -y + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: "${{ github.event.pull_request.head.sha }}" + fetch-depth: 0 + - name: Build the Kernel + run: | + git config --global --add safe.directory /__w/kernel-src-tree/kernel-src-tree + cp configs/kernel-4.18.0-x86_64.config .config + make olddefconfig + make -j8 From 45e71cc5dcfb35d941c72976cc7fd5fb4e13694d Mon Sep 17 00:00:00 2001 From: Greg Rose Date: Tue, 11 Feb 2025 11:04:24 -0800 Subject: [PATCH 2/2] media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format jira VULN-9672 cve CVE-2024-53104 commit-author Benoit Sevens commit ecf2b43018da9579842c774b7f35dbe11b5c38dd This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming. Fixes: c0efd232929c ("V4L/DVB (8145a): USB Video Class driver") Signed-off-by: Benoit Sevens Cc: stable@vger.kernel.org Acked-by: Greg Kroah-Hartman Reviewed-by: Laurent Pinchart Signed-off-by: Hans Verkuil (cherry picked from commit ecf2b43018da9579842c774b7f35dbe11b5c38dd) Signed-off-by: Greg Rose --- drivers/media/usb/uvc/uvc_driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/media/usb/uvc/uvc_driver.c b/drivers/media/usb/uvc/uvc_driver.c index 9b50e5a0975da..1807b332ba87a 100644 --- a/drivers/media/usb/uvc/uvc_driver.c +++ b/drivers/media/usb/uvc/uvc_driver.c @@ -368,7 +368,7 @@ static int uvc_parse_format(struct uvc_device *dev, * Parse the frame descriptors. Only uncompressed, MJPEG and frame * based formats have frame descriptors. */ - while (buflen > 2 && buffer[1] == USB_DT_CS_INTERFACE && + while (ftype && buflen > 2 && buffer[1] == USB_DT_CS_INTERFACE && buffer[2] == ftype) { frame = &format->frame[format->nframes]; if (ftype != UVC_VS_FRAME_FRAME_BASED)