+++ /dev/null
-From 00c53b02cb01976b35d37670a4b5c5d7a6ad3c62 Mon Sep 17 00:00:00 2001
-From: Daniel Borkmann <dborkman@redhat.com>
-Date: Mon, 3 Mar 2014 17:23:04 +0100
-Subject: [PATCH] net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is
- AUTH capable
-
-[ Upstream commit ec0223ec48a90cb605244b45f7c62de856403729 ]
-
-RFC4895 introduced AUTH chunks for SCTP; during the SCTP
-handshake RANDOM; CHUNKS; HMAC-ALGO are negotiated (CHUNKS
-being optional though):
-
- ---------- INIT[RANDOM; CHUNKS; HMAC-ALGO] ---------->
- <------- INIT-ACK[RANDOM; CHUNKS; HMAC-ALGO] ---------
- -------------------- COOKIE-ECHO -------------------->
- <-------------------- COOKIE-ACK ---------------------
-
-A special case is when an endpoint requires COOKIE-ECHO
-chunks to be authenticated:
-
- ---------- INIT[RANDOM; CHUNKS; HMAC-ALGO] ---------->
- <------- INIT-ACK[RANDOM; CHUNKS; HMAC-ALGO] ---------
- ------------------ AUTH; COOKIE-ECHO ---------------->
- <-------------------- COOKIE-ACK ---------------------
-
-RFC4895, section 6.3. Receiving Authenticated Chunks says:
-
- The receiver MUST use the HMAC algorithm indicated in
- the HMAC Identifier field. If this algorithm was not
- specified by the receiver in the HMAC-ALGO parameter in
- the INIT or INIT-ACK chunk during association setup, the
- AUTH chunk and all the chunks after it MUST be discarded
- and an ERROR chunk SHOULD be sent with the error cause
- defined in Section 4.1. [...] If no endpoint pair shared
- key has been configured for that Shared Key Identifier,
- all authenticated chunks MUST be silently discarded. [...]
-
- When an endpoint requires COOKIE-ECHO chunks to be
- authenticated, some special procedures have to be followed
- because the reception of a COOKIE-ECHO chunk might result
- in the creation of an SCTP association. If a packet arrives
- containing an AUTH chunk as a first chunk, a COOKIE-ECHO
- chunk as the second chunk, and possibly more chunks after
- them, and the receiver does not have an STCB for that
- packet, then authentication is based on the contents of
- the COOKIE-ECHO chunk. In this situation, the receiver MUST
- authenticate the chunks in the packet by using the RANDOM
- parameters, CHUNKS parameters and HMAC_ALGO parameters
- obtained from the COOKIE-ECHO chunk, and possibly a local
- shared secret as inputs to the authentication procedure
- specified in Section 6.3. If authentication fails, then
- the packet is discarded. If the authentication is successful,
- the COOKIE-ECHO and all the chunks after the COOKIE-ECHO
- MUST be processed. If the receiver has an STCB, it MUST
- process the AUTH chunk as described above using the STCB
- from the existing association to authenticate the
- COOKIE-ECHO chunk and all the chunks after it. [...]
-
-Commit bbd0d59809f9 introduced the possibility to receive
-and verification of AUTH chunk, including the edge case for
-authenticated COOKIE-ECHO. On reception of COOKIE-ECHO,
-the function sctp_sf_do_5_1D_ce() handles processing,
-unpacks and creates a new association if it passed sanity
-checks and also tests for authentication chunks being
-present. After a new association has been processed, it
-invokes sctp_process_init() on the new association and
-walks through the parameter list it received from the INIT
-chunk. It checks SCTP_PARAM_RANDOM, SCTP_PARAM_HMAC_ALGO
-and SCTP_PARAM_CHUNKS, and copies them into asoc->peer
-meta data (peer_random, peer_hmacs, peer_chunks) in case
-sysctl -w net.sctp.auth_enable=1 is set. If in INIT's
-SCTP_PARAM_SUPPORTED_EXT parameter SCTP_CID_AUTH is set,
-peer_random != NULL and peer_hmacs != NULL the peer is to be
-assumed asoc->peer.auth_capable=1, in any other case
-asoc->peer.auth_capable=0.
-
-Now, if in sctp_sf_do_5_1D_ce() chunk->auth_chunk is
-available, we set up a fake auth chunk and pass that on to
-sctp_sf_authenticate(), which at latest in
-sctp_auth_calculate_hmac() reliably dereferences a NULL pointer
-at position 0..0008 when setting up the crypto key in
-crypto_hash_setkey() by using asoc->asoc_shared_key that is
-NULL as condition key_id == asoc->active_key_id is true if
-the AUTH chunk was injected correctly from remote. This
-happens no matter what net.sctp.auth_enable sysctl says.
-
-The fix is to check for net->sctp.auth_enable and for
-asoc->peer.auth_capable before doing any operations like
-sctp_sf_authenticate() as no key is activated in
-sctp_auth_asoc_init_active_key() for each case.
-
-Now as RFC4895 section 6.3 states that if the used HMAC-ALGO
-passed from the INIT chunk was not used in the AUTH chunk, we
-SHOULD send an error; however in this case it would be better
-to just silently discard such a maliciously prepared handshake
-as we didn't even receive a parameter at all. Also, as our
-endpoint has no shared key configured, section 6.3 says that
-MUST silently discard, which we are doing from now onwards.
-
-Before calling sctp_sf_pdiscard(), we need not only to free
-the association, but also the chunk->auth_chunk skb, as
-commit bbd0d59809f9 created a skb clone in that case.
-
-I have tested this locally by using netfilter's nfqueue and
-re-injecting packets into the local stack after maliciously
-modifying the INIT chunk (removing RANDOM; HMAC-ALGO param)
-and the SCTP packet containing the COOKIE_ECHO (injecting
-AUTH chunk before COOKIE_ECHO). Fixed with this patch applied.
-
-This fixes CVE-2014-0101
-Upstream-Status: Backport
-
-Fixes: bbd0d59809f9 ("[SCTP]: Implement the receive and verification of AUTH chunk")
-Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-Cc: Vlad Yasevich <yasevich@gmail.com>
-Cc: Neil Horman <nhorman@tuxdriver.com>
-Acked-by: Vlad Yasevich <vyasevich@gmail.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-Signed-off-by: Jiri Slaby <jslaby@suse.cz>
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
----
- net/sctp/sm_statefuns.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
-index dfe3f36..56ebe71 100644
---- a/net/sctp/sm_statefuns.c
-+++ b/net/sctp/sm_statefuns.c
-@@ -768,6 +768,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(struct net *net,
- return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
- }
-
-+ /* Make sure that we and the peer are AUTH capable */
-+ if (!net->sctp.auth_enable || !new_asoc->peer.auth_capable) {
-+ kfree_skb(chunk->auth_chunk);
-+ sctp_association_free(new_asoc);
-+ return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
-+ }
-+
- /* set-up our fake chunk so that we can process it */
- auth.skb = chunk->auth_chunk;
- auth.asoc = chunk->asoc;
---
-1.9.1
-
+++ /dev/null
-From aeea3592a13bf12861943e44fc48f1f270941f8d Mon Sep 17 00:00:00 2001
-From: Behan Webster <behanw@converseincode.com>
-Date: Wed, 24 Sep 2014 01:06:46 +0100
-Subject: ARM: 8158/1: LLVMLinux: use static inline in ARM ftrace.h
-
-With compilers which follow the C99 standard (like modern versions of gcc and
-clang), "extern inline" does the wrong thing (emits code for an externally
-linkable version of the inline function). In this case using static inline
-and removing the NULL version of return_address in return_address.c does
-the right thing.
-
-Signed-off-by: Behan Webster <behanw@converseincode.com>
-Reviewed-by: Mark Charlebois <charlebm@gmail.com>
-Acked-by: Steven Rostedt <rostedt@goodmis.org>
-Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
-diff --git a/arch/arm/include/asm/ftrace.h b/arch/arm/include/asm/ftrace.h
-index 39eb16b..bfe2a2f 100644
---- a/arch/arm/include/asm/ftrace.h
-+++ b/arch/arm/include/asm/ftrace.h
-@@ -45,7 +45,7 @@ void *return_address(unsigned int);
-
- #else
-
--extern inline void *return_address(unsigned int level)
-+static inline void *return_address(unsigned int level)
- {
- return NULL;
- }
-diff --git a/arch/arm/kernel/return_address.c b/arch/arm/kernel/return_address.c
-index fafedd8..f6aa84d 100644
---- a/arch/arm/kernel/return_address.c
-+++ b/arch/arm/kernel/return_address.c
-@@ -63,11 +63,6 @@ void *return_address(unsigned int level)
- #warning "TODO: return_address should use unwind tables"
- #endif
-
--void *return_address(unsigned int level)
--{
-- return NULL;
--}
--
- #endif /* if defined(CONFIG_FRAME_POINTER) && !defined(CONFIG_ARM_UNWIND) / else */
-
- EXPORT_SYMBOL_GPL(return_address);
---
-cgit v0.10.2
-
+++ /dev/null
-From a2561791169351cbf1ac5ca0c4299a0eef7eca65 Mon Sep 17 00:00:00 2001
-From: Behan Webster <behanw@converseincode.com>
-Date: Tue, 3 Sep 2013 22:27:26 -0400
-Subject: [PATCH] ARM: LLVMLinux: Change "extern inline" to "static inline" in
- glue-cache.h
-
-With compilers which follow the C99 standard (like modern versions of gcc and
-clang), "extern inline" does the wrong thing (emits code for an externally
-linkable version of the inline function). "static inline" is the correct choice
-instead.
-
-Author: Behan Webster <behanw@converseincode.com>
-Signed-off-by: Behan Webster <behanw@converseincode.com>
-Reviewed-by: Mark Charlebois <charlebm@gmail.com>
----
- arch/arm/include/asm/glue-cache.h | 22 +++++++++++-----------
- 1 file changed, 11 insertions(+), 11 deletions(-)
-
-diff --git a/arch/arm/include/asm/glue-cache.h b/arch/arm/include/asm/glue-cache.h
-index c81adc0..a3c24cd 100644
---- a/arch/arm/include/asm/glue-cache.h
-+++ b/arch/arm/include/asm/glue-cache.h
-@@ -130,22 +130,22 @@
- #endif
-
- #ifndef __ASSEMBLER__
--extern inline void nop_flush_icache_all(void) { }
--extern inline void nop_flush_kern_cache_all(void) { }
--extern inline void nop_flush_kern_cache_louis(void) { }
--extern inline void nop_flush_user_cache_all(void) { }
--extern inline void nop_flush_user_cache_range(unsigned long a,
-+static inline void nop_flush_icache_all(void) { }
-+static inline void nop_flush_kern_cache_all(void) { }
-+static inline void nop_flush_kern_cache_louis(void) { }
-+static inline void nop_flush_user_cache_all(void) { }
-+static inline void nop_flush_user_cache_range(unsigned long a,
- unsigned long b, unsigned int c) { }
-
--extern inline void nop_coherent_kern_range(unsigned long a, unsigned long b) { }
--extern inline int nop_coherent_user_range(unsigned long a,
-+static inline void nop_coherent_kern_range(unsigned long a, unsigned long b) { }
-+static inline int nop_coherent_user_range(unsigned long a,
- unsigned long b) { return 0; }
--extern inline void nop_flush_kern_dcache_area(void *a, size_t s) { }
-+static inline void nop_flush_kern_dcache_area(void *a, size_t s) { }
-
--extern inline void nop_dma_flush_range(const void *a, const void *b) { }
-+static inline void nop_dma_flush_range(const void *a, const void *b) { }
-
--extern inline void nop_dma_map_area(const void *s, size_t l, int f) { }
--extern inline void nop_dma_unmap_area(const void *s, size_t l, int f) { }
-+static inline void nop_dma_map_area(const void *s, size_t l, int f) { }
-+static inline void nop_dma_unmap_area(const void *s, size_t l, int f) { }
- #endif
-
- #ifndef MULTI_CACHE
---
-2.1.4
-
+++ /dev/null
-From 7d4d16a6ccdd6d965b84284262a67d5b63426d50 Mon Sep 17 00:00:00 2001
-From: Zhenhua Luo <zhenhua.luo@freescale.com>
-Date: Mon, 9 Nov 2015 04:36:29 -0600
-Subject: [PATCH] powerpc: Align TOC to 256 bytes
-
-Recent toolchains(gcc-5.2) force the TOC to be 256 byte aligned. We need
-to enforce this alignment in our linker script, otherwise pointers
-to our TOC variables (__toc_start, __prom_init_toc_start) could
-be incorrect.
-
-If they are bad, we die a few hundred instructions into boot.
-
-Upstream-Status: Backport
-
-Backport from https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5e95235
-
-Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
----
- arch/powerpc/kernel/vmlinux.lds.S | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/arch/powerpc/kernel/vmlinux.lds.S b/arch/powerpc/kernel/vmlinux.lds.S
-index f096e72..3266864 100644
---- a/arch/powerpc/kernel/vmlinux.lds.S
-+++ b/arch/powerpc/kernel/vmlinux.lds.S
-@@ -213,6 +213,8 @@ SECTIONS
- *(.opd)
- }
-
-+ . = ALIGN(256);
-+
- .got : AT(ADDR(.got) - LOAD_OFFSET) {
- __toc_start = .;
- #ifndef CONFIG_RELOCATABLE
---
-2.3.3
-
Subject: [PATCH] use static inline in ARM lifeboot.h
---
- drivers/input/mouse/lifebook.h | 2 +-
drivers/input/mouse/sentelic.h | 2 +-
drivers/input/mouse/trackpoint.h | 2 +-
- 3 files changed, 3 insertions(+), 3 deletions(-)
+ 2 files changed, 2 insertions(+), 2 deletions(-)
-diff --git a/drivers/input/mouse/lifebook.h b/drivers/input/mouse/lifebook.h
-index 4c4326c..e4c2453 100644
---- a/drivers/input/mouse/lifebook.h
-+++ b/drivers/input/mouse/lifebook.h
-@@ -19,7 +19,7 @@ int lifebook_init(struct psmouse *psmouse);
- inline void lifebook_module_init(void)
- {
- }
--inline int lifebook_detect(struct psmouse *psmouse, bool set_properties)
-+static inline int lifebook_detect(struct psmouse *psmouse, bool set_properties)
- {
- return -ENOSYS;
- }
diff --git a/drivers/input/mouse/sentelic.h b/drivers/input/mouse/sentelic.h
index aa697ec..9e69e94 100644
--- a/drivers/input/mouse/sentelic.h
+++ /dev/null
-module: remove MODULE_GENERIC_TABLE
-
-MODULE_DEVICE_TABLE() calles MODULE_GENERIC_TABLE(); make it do the
-work directly. This also removes a wart introduced in the last patch,
-where the alias is defined to be an unknown struct type "struct
-type##__##name##_device_id" instead of "struct type##_device_id" (it's
-an extern so GCC doesn't care, but it's wrong).
-
-The other user of MODULE_GENERIC_TABLE (ISAPNP_CARD_TABLE) is unused,
-so delete it.
-
-<Backport from cff26a51da5d206d3baf871e75778da44710219d>
-
-Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
-
-Upstream-Status: Backport
----
- include/linux/isapnp.h | 4 ----
- include/linux/module.h | 19 ++++++++-----------
- 2 files changed, 8 insertions(+), 15 deletions(-)
-
-diff --git a/include/linux/isapnp.h b/include/linux/isapnp.h
-index e2d28b0..3c77bf9 100644
---- a/include/linux/isapnp.h
-+++ b/include/linux/isapnp.h
-@@ -56,10 +56,6 @@
- #define ISAPNP_DEVICE_ID(_va, _vb, _vc, _function) \
- { .vendor = ISAPNP_VENDOR(_va, _vb, _vc), .function = ISAPNP_FUNCTION(_function) }
-
--/* export used IDs outside module */
--#define ISAPNP_CARD_TABLE(name) \
-- MODULE_GENERIC_TABLE(isapnp_card, name)
--
- struct isapnp_card_id {
- unsigned long driver_data; /* data private to the driver */
- unsigned short card_vendor, card_device;
-diff --git a/include/linux/module.h b/include/linux/module.h
-index 54aef1b..a9f6812 100644
---- a/include/linux/module.h
-+++ b/include/linux/module.h
-@@ -83,15 +83,6 @@ void sort_extable(struct exception_table_entry *start,
- void sort_main_extable(void);
- void trim_init_extable(struct module *m);
-
--#ifdef MODULE
--#define MODULE_GENERIC_TABLE(gtype,name) \
--extern const struct gtype##_id __mod_##gtype##_table \
-- __attribute__ ((unused, alias(__stringify(name))))
--
--#else /* !MODULE */
--#define MODULE_GENERIC_TABLE(gtype,name)
--#endif
--
- /* Generic info of form tag = "info" */
- #define MODULE_INFO(tag, info) __MODULE_INFO(tag, tag, info)
-
-@@ -142,8 +133,14 @@ extern const struct gtype##_id __mod_##gtype##_table \
- /* What your module does. */
- #define MODULE_DESCRIPTION(_description) MODULE_INFO(description, _description)
-
--#define MODULE_DEVICE_TABLE(type,name) \
-- MODULE_GENERIC_TABLE(type##__##name##_device, name)
-+#ifdef MODULE
-+/* Creates an alias so file2alias.c can find device table. */
-+#define MODULE_DEVICE_TABLE(type, name) \
-+ extern const struct type##_device_id __mod_##type##__##name##_device_table \
-+ __attribute__ ((unused, alias(__stringify(name))))
-+#else /* !MODULE */
-+#define MODULE_DEVICE_TABLE(type, name)
-+#endif
-
- /* Version of form [<epoch>:]<version>[-<extra-version>].
- Or for CVS/RCS ID version, everything but the number is stripped.
---
-2.5.0
-
--- /dev/null
+From 15895f6880829ee502f0a48412173fb452b23c0b Mon Sep 17 00:00:00 2001
+From: Ting Liu <ting.liu@nxp.com>
+Date: Fri, 17 Jun 2016 10:57:35 +0800
+Subject: [PATCH] only set vmpic_msi_feature if CONFIG_EPAPR_PARAVIRT defined
+
+Upstream-Status: Pending
+
+Signed-off-by: Ting Liu <ting.liu@nxp.com>
+---
+ arch/powerpc/sysdev/fsl_msi.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/arch/powerpc/sysdev/fsl_msi.c b/arch/powerpc/sysdev/fsl_msi.c
+index 963661a..95d7111 100644
+--- a/arch/powerpc/sysdev/fsl_msi.c
++++ b/arch/powerpc/sysdev/fsl_msi.c
+@@ -658,10 +658,12 @@ static const struct fsl_msi_feature ipic_msi_feature = {
+ .msiir_offset = 0x38,
+ };
+
++#ifdef CONFIG_EPAPR_PARAVIRT
+ static const struct fsl_msi_feature vmpic_msi_feature = {
+ .fsl_pic_ip = FSL_PIC_IP_VMPIC,
+ .msiir_offset = 0,
+ };
++#endif
+
+ static const struct of_device_id fsl_of_msi_ids[] = {
+ {
+--
+1.9.2
+
-inherit kernel kernel-arch qoriq_build_64bit_kernel
+inherit kernel qoriq_build_64bit_kernel
inherit fsl-kernel-localversion
require recipes-kernel/linux/linux-dtb.inc
-DESCRIPTION = "Linux kernel for Freescale platforms"
+SUMMARY = "Linux Kernel for Freescale QorIQ platforms"
+SECTION = "kernel"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=d7810fab7487fb0aad327b76f1be7cd7"
-SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;branch=sdk-v1.9.x \
+SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;branch=sdk-v2.0.x \
file://modify-defconfig-t1040-nr-cpus.patch \
- file://net-sctp-CVE-2014-0101.patch \
- file://0001-ARM-8158-LLVMLinux-use-static-inline-in-ARM-ftrace.patch \
- file://0001-ARM-LLVMLinux-Change-extern-inline-to-static-inline.patch \
file://0003-use-static-inline-in-ARM-lifeboot.h.patch \
- file://0001-powerpc-Align-TOC-to-256-bytes.patch \
file://fix-the-compile-issue-under-gcc6.patch \
- file://module-remove-MODULE_GENERIC_TABLE.patch \
+ file://only-set-vmpic_msi_feature-if-CONFIG_EPAPR_PARAVIRT-.patch \
"
-SRCREV = "43cecda943a6c40a833b588801b0929e8bd48813"
+SRCREV = "bd51baffc04ecc73f933aee1c3a37c8b44b889a7"
S = "${WORKDIR}/git"
DEPENDS_append = " libgcc"
-# not put uImage into /boot of rootfs, install kernel-image if needed
+# not put Images into /boot of rootfs, install kernel-image if needed
RDEPENDS_kernel-base = ""
KERNEL_CC_append = " ${TOOLCHAIN_OPTIONS}"
KERNEL_LD_append = " ${TOOLCHAIN_OPTIONS}"
-
KERNEL_EXTRA_ARGS += "LOADADDR=${UBOOT_ENTRYPOINT}"
+
ZIMAGE_BASE_NAME = "zImage-${PKGE}-${PKGV}-${PKGR}-${MACHINE}-${DATETIME}"
ZIMAGE_BASE_NAME[vardepsexclude] = "DATETIME"
do_configure_prepend() {
# copy desired defconfig so we pick it up for the real kernel_do_configure
cp ${KERNEL_DEFCONFIG} .config
+
# add config fragments
for deltacfg in ${DELTA_KERNEL_DEFCONFIG}; do
if [ -f "${deltacfg}" ]; then
}
FILES_kernel-image += "/boot/zImage*"
-
-# make everything compatible for the time being
COMPATIBLE_MACHINE = "(qoriq)"
