Maxin B. John [Mon, 11 Sep 2017 11:37:41 +0000 (14:37 +0300)]
hostap-utils: use w1.fi for SRC_URI
epitest.fi is down and hostap-utils source is now available in
w1.fi. So, move SRC_URI to https://w1.fi
Since hostap-utils is only meant for old Intersil Prism2/2.5/3 wifi cards,
this recipe will be removed from oe-core in future (most likely to
meta-handheld)
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Mon, 24 Jul 2017 20:34:49 +0000 (21:34 +0100)]
libpng: use SourceForge mirror
The Gentoo mirror also deletes old versions when they're not used, so revert
back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to
handle new releases moving the version we want.
Original idea by Maxin B. John <maxin.john@intel.com>.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hand applied to work with morty version
Newer versions of gpg (at least 2.1.5 and 2.2.1) have issues when signing occurs in parallel
so (unfortunately) the signing must be done serially. Once the upstream problem is fixed,
this patch must be reverted, otherwise we loose all the intrinsic parallelism from
bitbake.
selftest/cases/signing: ignore removal errors when cleaning temporary gpg directory
The high-level method tempfile.TemporaryDirectory give us no way to
ignore erros on removal thus use tempfile.mkdtemp instead. Ignoring possible issues
on removal is neccesary because it contains gpg sockets that are automatically removed
by the system once the process terminates, otherwise the following log is observed:
..
..
File "/usr/lib/python3.5/shutil.py", line 436, in _rmtree_safe_fd
os.unlink(name, dir_fd=topfd)
FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.browser'
Nicolas Dechesne [Wed, 13 Sep 2017 19:38:20 +0000 (21:38 +0200)]
kernel.bbclass: fix KERNEL_IMAGETYPE(S) for Image.gz
KERNEL_IMAGETYPES lists all the kernel images that we want to build. in cb17b6c2a7 (kernel.bbclass: support kernel image type of vmlinux.gz), some logic
was added to support vmlinux.gz which is not a target built by kernel
makefiles (only vmlinux). It is clear that the goal of this logic is only to
support vmlinux.gz and not others compressed format (such as Image.gz) which are
valid target for kernel makefiles.
For Image.gz we should rely on the kernel makefiles and not do the compression
in kernel class.
This patch updates the logic used to filter out non supported kernel target from
KERNEL_IMAGETYPES, and make vmlinux.gz a 'special case', instead of *.gz. If
more special cases are needed in the future, we could add them in a similar way.
This patch should be a no-op for anyone using vmlinux or vmlinux.gz, and on top
of that it is fixing the build for Image.gz which was not working until now.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cfc0c897656fe67e81a6a5dcd936dff785529f41) Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Thu, 14 Sep 2017 12:27:53 +0000 (13:27 +0100)]
bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250)
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an
information disclosure vulnerability which allows remote attackers to obtain
sensitive information from the bluetoothd process memory. This vulnerability
lies in the processing of SDP search attribute requests.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
image.bbclass: Sorted ctypes to avoid basehash error
When selected multiple subimages a similar error could happend:
Variable do_image_cpio[subimages] value changed \
from 'cpio.gz.u-boot cpio.gz' to 'cpio.gz cpio.gz.u-boot'
To avoid this, 'ctypes' should be sorted at 'gen_conversion_cmds'.
This garantee that 'CONVERSION_CMD_xxx' are always written in tha same
order and consequently 'do_image_cpio' have the same hash.
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* but in some builds the glibc dependency isn't built soon enough:
$ diff -uNr BUILD-*/pkgdata/qemux86/runtime/localedef
--- BUILD-bad/pkgdata/qemux86/runtime/localedef 2017-09-02 21:17:50.000000000 +0000
+++ BUILD-ok/pkgdata/qemux86/runtime/localedef 2017-09-11 10:15:49.954381592 +0000
@@ -6,6 +6,7 @@
LICENSE: GPLv2 & LGPLv2.1
DESCRIPTION_localedef: glibc: compile locale definition files
SUMMARY: Locale data from glibc
+RDEPENDS_localedef: glibc (>= 2.26)
SECTION: base
PKG_localedef: localedef
FILES_localedef: /usr/bin/localedef
and the build fails with QA issues:
http://errors.yoctoproject.org/Errors/Details/155529/
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.0), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.15), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.3), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.2), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.1), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6, but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA run found fatal errors. Please consider fixing them.
* reproducible with Yocto 2.2 Morty as well, with slightly different
error message:
ERROR: glibc-locale-2.24-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.4), but no providers found in RDEPENDS_localedef? [file-rdeps]
Richard Purdie [Wed, 1 Mar 2017 15:16:44 +0000 (15:16 +0000)]
oeqa/selftest: Drop http sstate sharing
Using httpServer from python for sharing sstate is known to be buggy, it can't
cope with the number/type of requests coming from bitbake and quietly fails
to share files.
This causes intermittent build failures which are hard to debug. We can
use a file:// url for the sstate mirror instead, removing the need for
the http server.
The sdk-update test is simply dropped since the SDK is never published
to this location and hence it would never have any update. Its equiavalent
to pointing at an empty web server. There is a better eSDK update test in
testsdk so rather than improve this one, lets drop it and concentrate on
the one there.
Mariano Lopez [Wed, 22 Feb 2017 13:12:55 +0000 (13:12 +0000)]
selftest/eSDK.py: Cleanup when there is an error in setUpClass
Lately autobuilders are experiencing hangs with selftest,
it seems it is cause if an error happens in setUpClass
method of oeSDKExtSelfTest class because HTTP server
keeps running in background.
This patch will ensure tearDownClass will be run if there
is an error in setUpClass.
Signed-off-by: Francisco Pedraza <francisco.j.pedraza.gonzalez@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 14 Aug 2017 13:00:21 +0000 (14:00 +0100)]
python3-native: Avoid use of getentropy/getrandom
getentropy/random() is only available in glibc 2.25+ and uninative may relocate
binaries onto systems that don't have this function. For now, force the code to
the older codepaths until we can come up with a better solution for this kind of
issue.
Sona Sarmadi [Wed, 30 Aug 2017 10:21:41 +0000 (12:21 +0200)]
connman: Fix for CVE-2017-12865
dnsproxy: Fix crash on malformed DNS response
If the response query string is malformed, we might access memory
pass the end of "name" variable in parse_response().
Dmitry Rozhkov [Tue, 21 Feb 2017 15:18:08 +0000 (17:18 +0200)]
scripts/runqemu: avoid overridden user input for bootparams
Currently runqemu hardcodes the "ip=" kernel boot parameter
when configuring QEMU to use tap or slirp networking. This makes
the guest system to have a network interface pre-configured
by kernel and causes systemd to fail renaming the interface
to whatever pleases it:
Feb 21 10:10:20 intel-corei7-64 systemd-udevd[201]: Error changing
net interface name 'eth0' to 'enp0s3': Device or resource busy,
Always append user input for kernel boot params after the ones
added by the script. This way user input has priority over runqemu's
default params.
It isn't clear that the README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt
file in the deploy directory warrants the complexity it brings elsewhere.
Let's just remove it entirely.
In particular, if two do_image_complete tasks run in parallel they risk
both trying to put their image into ${DEPLOY_DIR_IMAGE} at the same time.
Both will contain a README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt
file. In theory this should be safe because "cp -alf" will just cause one
to overwrite the other. Unfortunately, coreutils cp also has a race[1]
which means that if one copy creates the file at just the wrong point the
other will fail with:
cp: cannot create hard link ‘..../tmp-glibc/deploy/images/pantera/README_-_DO_NOT_DELETE_FILES_IN_THIS_D.txt’ to
+‘..../tmp-glibc/work/rage_against-oe-linux-gnueabi/my-own-image/1.0-r0/deploy-my-own-image-complete/README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt’: File exists
Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Gan Yau Wai [Sat, 12 Aug 2017 00:41:45 +0000 (02:41 +0200)]
insane.bbclass: fix override handling in RDEPENDS QA
The package_qa_check_rdepends() in insane.bbclass has
incorrectly replace its localdata OVERRIDES value with
the package name. Fixing it by appending the package name
to the existing OVERRIDES value. This resolves RDEPENDS QA
error when setting PACKAGECONFIG using a pn- override at
local.conf.
Cherry picked from master 60d28dd72daee235150ab6605cbf953f1ea691df
and modified to work with older bitbake where 2nd parameter in
localdata.getVar was mandatory.
[YOCTO #11374]
Signed-off-by: Gan Yau Wai <yau.wai.gan@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Martin Jansa [Sat, 12 Aug 2017 00:41:44 +0000 (02:41 +0200)]
icecc.bbclass: prevent nativesdk builds depending on target specific KERNEL_CC
* without this we cause nativesdk-linux-libc-headers to depend
on target specific KERNEL_CC (through icecc_get_tool ->
icecc_is_kernel -> KERNEL_CC -> HOST_CC_KERNEL_ARCH ->
TARGET_CC_KERNEL_ARCH -> TUNE_FEATURES(thumb) as shown by
bitbake-diffsigs:
OE qemux86@ ~/build/oe-core $ ls /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemu*/*sdk*/*/*do_configure.sigdata*
/OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemuarm/x86_64-nativesdk-oesdk-linux/nativesdk-linux-libc-headers/4.10-r0.do_configure.sigdata.3a9a423878d56524e0ee8e42eba1804f
/OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemux86/x86_64-nativesdk-oesdk-linux/nativesdk-linux-libc-headers/4.10-r0.do_configure.sigdata.401071dbaa88903ece37d35a47965ff2
OE qemux86@ ~/build/oe-core $ bitbake-diffsigs /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemu*/*sdk*/*/*do_configure.sigdata*
basehash changed from 39774238b66763c598153132e87a2c1a to aa2d66e770bf533e312536eb0a401c4c
Variable TARGET_CC_KERNEL_ARCH value changed from '${@bb.utils.contains('TUNE_FEATURES', 'thumb', '-mno-thumb-interwork-marm', '', d)} TUNE_FEATURES{thumb} = Set' to ''
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Martin Jansa [Sat, 12 Aug 2017 00:41:41 +0000 (02:41 +0200)]
test-dependencies.sh: Strip also '\.bb: .*' before adding failed recipe to list of failed
* format of bitbake tasks changed in: 2c88afb taskdata/runqueue: Rewrite without use of ID indirection
-ERROR: Task 4 (/OE/build/oe-core/openembedded-core/meta/recipes-devtools/rpm/sftp.bb, do_fetch) failed with exit code '1'
+ERROR: Task /OE/build/oe-core/openembedded-core/meta/recipes-devtools/rpm/sftp.bb:do_fetch (/OE/build/oe-core/openembedded-core/meta/recipes-devtools/rpm/sftp.bb:do_fetch) failed with exit code '1'
so strip not only '\.bb, .*' used before, but also '\.bb:.*' to drop
the task name to get recipe name.
* for more details see:
http://lists.openembedded.org/pipermail/openembedded-core/2016-June/123132.html
* without this change you can see test-dependencies.sh trying to rebuild packages
like:
Building recipe: fbprogress (6/21)
Building recipe: fbprogress.bb:do (7/21)
where the later of course doesn't exist as a recipe
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Tom Rini [Tue, 25 Jul 2017 19:58:09 +0000 (15:58 -0400)]
image: Fix "metadata is not deterministic" when chaining 2+ CONVERSION_CMDs
When we have more than one CONVERSION_CMD being used, for example
ext4.gz.sha256sum we will see errors about "metadata is not
deterministic". This is because we do not have a stable order of
intermediate files that will be removed in the generated shell command.
We fix this by calling sorted() on the set of rm_tmp_images so that we
will have a stable hash again.
Cc: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98a2afeb3a53bec7a72a4a9846e1dba636cc6f3d) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Tom Rini [Fri, 21 Jul 2017 22:06:33 +0000 (18:06 -0400)]
image.bbclass: Correct chaining compression support
When chaining of compression/conversion types was added, we had a new
way to handle doing things like "ext4.bz2.sha256sum" or
"ext2.gz.u-boot". However, because the U-Boot image class isn't
included normally, it wasn't properly converted at the time. After the
support was added the "clean" argument that the .u-boot code uses no
longer functions. The fix for this inadvertently broke chaining
compression/conversion. First, correct the u-boot conversion code.
Fixes: 46bc438374de ("image.bbclass: do exact match for rootfs type") Cc: Zhenhua Luo <zhenhua.luo@nxp.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0a7ce0b971a208956cb895ba5a869ec8c5d94703)
excluded lz4 and lzo chnages Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Fri, 4 Aug 2017 16:27:00 +0000 (17:27 +0100)]
systemd: refuse to load units with errors (CVE-2017-1000082)
If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.
Backport a patch from upstream to mitigate this by refusing to start units such
as this.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Nikolay Merinov [Wed, 26 Jul 2017 08:05:08 +0000 (13:05 +0500)]
systemd: Disable DefaultDependencies for sysv scripts on rcS runlevel
systemd-sysv-generator translate sysv services on rcS runlevel to
services that starts before sysinit.target. This behavour conflict
with default dependency on same tartget.
String that define "DefaultDependency=no" was lost from patch for
sysv generator during porting patches to systemd 229 in commit 64ab17b707dc431aaed880d6d8615971243f46f8.
Current commit returns changes required for services that work on
rcS runlevel.
Signed-off-by: Nikolay Merinov <n.merinov@inango-systems.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Andre McCurdy [Thu, 6 Jul 2017 19:49:01 +0000 (12:49 -0700)]
lsof: update SRC_URI
Upstream lsof releases are hosted on an ftp server which times out
download attempts from hosts for which it can not perform a DNS
reverse-lookup. See:
https://people.freebsd.org/~abe/
http://www.mirrorservice.org seems to be the most commonly used
alternative (and using it for SRC_URI allows the custom
UPSTREAM_CHECK_URI to be removed).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 4e718242c1554021689a7946add055b22b81ec42) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Kai Kang [Sat, 27 May 2017 07:45:03 +0000 (15:45 +0800)]
lsof: clear setuid
Having 'lsof' as a +s (setuid) binary could lead to security issues if
a compromise in the binary is found. It is better that it be -s by
default as a precaution.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 346c65dd6855106069d1861ca965d3121eb084d1) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ed Bartosh [Mon, 17 Jul 2017 07:25:28 +0000 (10:25 +0300)]
wic: fix calculation of partition number
Total number of partitions should be taken into account when calculating
real partition number for msdos partition table. The number can be
different for the 4th partition: it can be 4 if there are 4 partitions in
the table and 5 if there are more than 4 partitions in the table. In the
latter case number 4 is occupied by extended partition.
[YOCTO #11790]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Armin Kuster [Sat, 17 Jun 2017 21:20:26 +0000 (14:20 -0700)]
docbook-utils: update SRC_URI from fedora to osl
WARNING: docbook-utils-native-0.6.14-r3 do_fetch: Failed to fetch URL ftp://sources.redhat.com/pub/docbook-tools/new-trials/SOURCES/docbook-utils-0.6.14.tar.gz, attempting MIRRORS if available
Armin Kuster [Sat, 17 Jun 2017 21:17:10 +0000 (14:17 -0700)]
sgml-common: update SRC_URI from fedora to OSL
WARNING: sgml-common-native-0.6.3-r1 do_fetch: Failed to fetch URL ftp://sources.redhat.com/pub/docbook-tools/new-trials/SOURCES/sgml-common-0.6.3.tgz, attempting MIRRORS if available
Signed-off-by: Marek Vasut <marex@denx.de> Cc: Ross Burton <ross.burton@intel.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Cody P Schafer <dev@codyps.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Zhixiong Chi [Thu, 20 Apr 2017 07:04:54 +0000 (15:04 +0800)]
bash: CVE-2016-0634
A vulnerability was found in a way bash expands the $HOSTNAME.
Injecting the hostname with malicious code would cause it to run
each time bash expanded \h in the prompt string.
Porting patch from <https://ftp.gnu.org/gnu/bash/bash-4.3-patches/
bash43-047> to solve CVE-2016-0634
Cody P Schafer [Wed, 7 Jun 2017 20:36:44 +0000 (16:36 -0400)]
elfutils: fix building elfutils-native with GCC7
This is heavily based on the oe-core master commit with the same
subject, but includes a backport of upstream's fix for the fallthrough
warnings rebased to 0.166 (the oe-core patch which targeted 0.168 did
not apply), a rebase of the format-truncation patch, and a backport of
the upstream format-length patch.
Joshua Lock [Wed, 7 Jun 2017 18:46:21 +0000 (14:46 -0400)]
gcc-6.2: backport fix of check for empty string in ubsan.c
Building gcc-cross-initial with GCC7 on the host fails due to the
comparison of a pointer to an integer in ubsan_use_new_style_p, which
is forbidden by ISO C++:
ubsan.c:1474:23: error: ISO C++ forbids comparison between pointer and
integer [-fpermissive]
|| xloc.file == '\0' || xloc.file[0] == '\xff'
Backport the fix from upstream GCC to enable the build with GCC 7
PR binutils/21156: Fix illegal memory accesses in readelf when
ing a corrupt binary.
PR binutils/21156: Fix another memory access error in readelf when
parsing a corrupt binary.
Khem Raj [Wed, 10 May 2017 09:37:05 +0000 (11:37 +0200)]
openssl-native: Compile with -fPIC
Fixes
| /usr/bin/ld: libcrypto.a(sha1-x86_64.o): relocation R_X86_64_PC32 against undefined symbol `OPENSSL_ia32cap_P' can not be used when making a shared object; recompile with -fPIC
| /usr/bin/ld: final link failed: Bad value
If you want to be able to use -fstack-protector then you need the
runtime support - you can either write this yourself or use libssp
supplied with GCC. If you're using GCC then it seems likely that you'd
just be using libssp, so include in the SDK by default; however use
RRECOMMENDS just in case it's been disabled or you aren't using GCC.
Daniel Schultz [Wed, 5 Apr 2017 12:48:57 +0000 (14:48 +0200)]
e2fsprogs: Fix wrong error code after optimization
fsck.ext will return an error code of 1 if a file systems was checked
and successfully repaired. Even when an optimization was performed it
will return this error code.
This patch will change the error code to 0 if only optimizations had
changed the file systems.
The reason for this patch is a question I asked at the ext4 ML:
http://www.spinics.net/lists/linux-ext4/msg55700.html
Rebase monitor-option.patch and no-msgfmt-check.patch
Add support for python 3 probes
(this necessitates the 0001-Do-not-let-configure-write-a-python-location-into-th.patch
and the Add 0001-Install-python-modules-to-correct-library-dir.patch to
install python modules to correct destination).
Add perl to RDEPENDS to fix a QA warning about one of the installed files.
Bruce Ashfield [Thu, 8 Jun 2017 18:39:41 +0000 (14:39 -0400)]
linux-yocto/4.8: update to 4.8.24
Integration the -stable updates to 4.8, which comprise the following
commits:
ae51b3b4efe6 Linux 4.8.24 accb950219c0 nvme/pci: Disable on removal when disconnected 995be68699ef padata: avoid race in reordering bea2fdcc6d3e blk: improve order of bio handling in generic_make_request() 26690f5a8bdf mm: workingset: fix premature shadow node shrinking with cgroups f52ade55d6e9 MIPS: Lantiq: Fix cascaded IRQ setup feae78cdcaef ARM: dts: BCM5301X: Correct GIC_PPI interrupt flags e36a1a1a9695 ARM: BCM5301X: Add back handler ignoring external imprecise aborts 26fbe60844a9 mm, hugetlb: use pte_present() instead of pmd_present() in follow_huge_pmd() d15202219abe mm: rmap: fix huge file mmap accounting in the memcg stats 72f38e33793c x86/mce: Fix copy/paste error in exception table entries 9e08a6f8e64e x86/mm/KASLR: Exclude EFI region from KASLR VA space randomization 100aa553e31b x86/mm/64: Enable KASLR for vmemmap memory region 2e5c45495433 drm/etnaviv: (re-)protect fence allocation with GPU mutex 7f160b149090 drm/vc4: Allocate the right amount of space for boot-time CRTC state. 38cdfd6153cf drm/radeon: Override fpfn for all VRAM placements in radeon_evict_flags ccd0fc5589ca KVM: kvm_io_bus_unregister_dev() should never fail 332e2ac55d3b KVM: x86: clear bus pointer when destroyed fcbdbe1290d6 serial: mxs-auart: Fix baudrate calculation 3b7bb3391f62 USB: fix linked-list corruption in rh_call_control() 5f004babfd46 tty/serial: atmel: fix race condition (TX+DMA) 4509ea7b4349 ACPI: Do not create a platform_device for IOAPIC/IOxAPIC 12fddf4d255f ACPI: Fix incompatibility with mcount-based function graph tracing 8805bbdea121 nfsd: map the ENOKEY to nfserr_perm for avoiding warning 1fa18f8fad45 mmc: sdhci-of-at91: fix MMC_DDR_52 timing selection 3a0df02f0387 mmc: sdhci: Disable runtime pm when the sdio_irq is enabled d742580939f5 ASoC: Intel: Skylake: fix invalid memory access due to wrong reference of pointer 726514355250 ASoC: atmel-classd: fix audio clock rate 0dd77376bd45 ALSA: hda - fix a problem for lineout on a Dell AIO machine 12788ff3a917 ALSA: seq: Fix race during FIFO resize 5ccedc21345f PCI: iproc: Save host bridge window resource in struct iproc_pcie 61b133e83718 scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function ae4a71a0b8b4 scsi: scsi_dh_alua: Check scsi_device_get() return value 1b82bcc866c3 scsi: libsas: fix ata xfer length 0b9b5b603f27 scsi: sg: check length passed to SG_NEXT_CMD_LEN 8b02a4b8e3b3 xfs: Use xfs_icluster_size_fsb() to calculate inode alignment mask a8eded7e1484 xfs: tune down agno asserts in the bmap code 7650b45a6dd8 xfs: Use xfs_icluster_size_fsb() to calculate inode chunk alignment e9d4a4b55c86 xfs: don't reserve blocks for right shift transactions 81f456210999 xfs: split indlen reservations fairly when under reserved 842c9d864561 xfs: handle indlen shortage on delalloc extent merge f90db61ed148 xfs: don't fail xfs_extent_busy allocation 590e612677e2 xfs: reset b_first_retry_time when clear the retry status of xfs_buf_t c493142b3a2c xfs: verify free block header fields 4dda58920fb9 xfs: check for obviously bad level values in the bmbt root 0faf06ef8b24 xfs: filter out obviously bad btree pointers 6974d828ce0c xfs: fail _dir_open when readahead fails 365ec079aeeb xfs: fix toctou race when locking an inode to access the data map 06a1dbe68823 xfs: fix eofblocks race with file extending async dio writes fc1ff6abfb5d xfs: pull up iolock from xfs_free_eofblocks() 2de02a1aa708 xen/setup: Don't relocate p2m over existing one bd37e332bc35 libceph: force GFP_NOIO for socket allocations 14d57fe1fcd3 sched/rt: Add a missing rescheduling point 461aa14a19df metag/ptrace: Reject partial NT_METAG_RPIPE writes 35d078d3b1f5 metag/ptrace: Provide default TXSTATUS for short NT_PRSTATUS 9519f4083b0d metag/ptrace: Preserve previous registers for short regset write b2d2e181ebe4 sparc/ptrace: Preserve previous registers for short regset write 0a89a38ebbae mips/ptrace: Preserve previous registers for short regset write a303cc3a707b h8300/ptrace: Fix incorrect register transfer count 576d881764eb c6x/ptrace: Remove useless PTRACE_SETREGSET implementation 1661ca89ebd1 pinctrl: qcom: Don't clear status bit on irq_unmask 5c52be1e1c55 virtio_balloon: init 1st buffer in stats vq 171bd47e04fa KVM: x86: cleanup the page tracking SRCU instance 37c063abc015 xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder f5e8896582a0 xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window ef704417015e xfrm: policy: init locks early 54b82b92b678 crypto: algif_hash - avoid zero-sized array 35a836ab3d9b fbcon: Fix vc attr at deinit d64422cfc106 drm: reference count event->completion 5b8d397ea73a drm/bridge: analogix dp: Fix runtime PM state on driver bind 409d2330bd85 libceph: don't set weight to IN when OSD is destroyed cb7f50af5964 Drivers: hv: vmbus: Don't leak channel ids 7d63e96a483f intel_th: Don't leak module refcount on failure to activate bca70ad00096 blk-mq: don't complete un-started request in timeout handler 7ca7701e2615 cgroup, net_cls: iterate the fds of only the tasks which are being migrated c3accccd8ebe cpufreq: Restore policy min/max limits on CPU online 42ec5a5b3f7a arm64: kaslr: Fix up the kernel image alignment b74685fc49ce ARM: at91: pm: cpu_idle: switch DDR to power-down mode cba43efed603 Revert "ARM: at91/dt: sama5d2: Use new compatible for ohci node" a54b0f345230 xen/acpi: upload PM state from init-domain to Xen 3700c9549893 crypto: ccp - Assign DMA commands to the channel's CCP c05851c95c30 clk: sunxi-ng: mp: Adjust parent rate for pre-dividers 298b4bcbee9e mmc: sdhci: Do not disable interrupts while waiting for clock d3bde483cd4e mmc: sdhci-of-arasan: fix incorrect timeout clock 1a0c2899c1fc mmc: sdhci-of-at91: Support external regulators 512b6b14b972 mmc: sdhci: Rename sdhci_set_power() to sdhci_set_power_noreg() fcc465466352 powerpc/64s: Fix idle wakeup potential to clobber registers e31490f131bd ext4: lock the xattr block before checksuming it 9515b8a3e59d ext4: mark inode dirty after converting inline directory ee78dd996a48 parport: fix attempt to write duplicate procfiles 7aa1f90f7bc9 iio: hid-sensor-trigger: Change get poll value function order to avoid sensor properties losing after resume from S3 46ed5a6a0317 iio: sw-device: Fix config group initialization 4fd6237dcb15 iio: adc: ti_am335x_adc: fix fifo overrun recovery 10481fe5bcc5 mmc: ushc: fix NULL-deref at probe b18275c8ca06 uwb: hwa-rc: fix NULL-deref at probe 90f875db3d83 uwb: i1480-dfu: fix NULL-deref at probe fedb7364f161 USB: usbtmc: fix probe error path 19ab12977470 USB: usbtmc: add missing endpoint sanity check d2f6089a604a usb: hub: Fix crash after failure to read BOS descriptor 4fe7f56d5936 usb: musb: cppi41: don't check early-TX-interrupt for Isoch transfer c314f1d496b3 USB: wusbcore: fix NULL-deref at probe 67ca7e6fbefe USB: idmouse: fix NULL-deref at probe 979ce26d7e67 USB: lvtest: fix NULL-deref at probe bc5daa8fcb39 USB: uss720: fix NULL-deref at probe 778e23f6cd77 usb-core: Add LINEAR_FRAME_INTR_BINTERVAL USB quirk 8d38a9d16950 usb: gadget: f_uvc: Fix SuperSpeed companion descriptor's wBytesPerInterval ac5c5689dd1e ACM gadget: fix endianness in notifications 8e39a4d96fa0 USB: serial: qcserial: add Dell DW5811e d3e557a5e277 USB: serial: option: add Quectel UC15, UC20, EC21, and EC25 modems 0ff11fc75667 ALSA: hda - Adding a group of pin definition to fix headset problem 73ac94f75f27 ALSA: seq: Fix racy cell insertions during snd_seq_pool_done() ed79a62ce3b5 Input: sur40 - validate number of endpoints before using them 9f4a9350c962 Input: kbtab - validate number of endpoints before using them 535ecfd9ce37 Input: cm109 - validate number of endpoints before using them d4d90cc1939b Input: yealink - validate number of endpoints before using them 6cd3c938420d Input: hanwang - validate number of endpoints before using them 114ea08f2b53 Input: ims-pcu - validate number of endpoints before using them 8e536247967f Input: iforce - validate number of endpoints before using them d8e9da7cf4d2 Input: i8042 - add noloop quirk for Dell Embedded Box PC 3000 d7bd4ff902d4 Input: elan_i2c - add ASUS EeeBook X205TA special touchpad fw 15cbc365f36f tcp: initialize icsk_ack.lrcvtime at session start time 8d816936cb47 socket, bpf: fix sk_filter use after free in sk_clone_lock 599dca4e637a ipv4: provide stronger user input validation in nl_fib_input() 4dce5676bf12 net: bcmgenet: remove bcmgenet_internal_phy_setup() e54a886d9c7e ipv6: make sure to initialize sockc.tsflags before first use de7b203e7a07 net/mlx5e: Count LRO packets correctly 7e3b2755ae57 net/mlx5e: Count GSO packets correctly 0bb7b7ed9983 net/mlx5: Increase number of max QPs in default profile de1454d45e43 net/mlx5: Add missing entries for set/query rate limit commands aea1c1b15494 net: vrf: Reset rt6i_idev in local dst after put 30467a2d6a10 qmi_wwan: add Dell DW5811e 74a4f76fd1ac net: unix: properly re-increment inflight counter of GC discarded candidates b4927d54c638 openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD d98fc268e284 amd-xgbe: Fix jumbo MTU processing on newer hardware 4ceda29faefa net: properly release sk_frag.page 42603fb986e2 net: bcmgenet: Do not suspend PHY if Wake-on-LAN is enabled 40dbeb5b15df net/openvswitch: Set the ipv6 source tunnel key address attribute correctly 81ecfc287d5a cgroup/pids: remove spurious suspicious RCU usage warning b488f503b905 percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages 1924ae622fd9 gfs2: Avoid alignment hole in struct lm_lockname e279f259f3e2 isdn/gigaset: fix NULL-deref at probe 0907a6cf5831 target: Fix VERIFY_16 handling in sbc_parse_cdb 6d71fefbf405 scsi: libiscsi: add lock around task lists to fix list corruption regression 4835fd5ad7aa scsi: lpfc: Add shutdown method for kexec 93ecb4c0e2cf target/pscsi: Fix TYPE_TAPE + TYPE_MEDIMUM_CHANGER export e5660310dac8 powerpc/boot: Fix zImage TOC alignment 8ce12dd199ac cpufreq: Fix and clean up show_cpuinfo_cur_freq() 4d5c2d2099a8 perf/core: Fix event inheritance on fork() f7b9504c680d perf/core: Fix use-after-free in perf_release() 848b0d18a847 parisc: Optimize flush_kernel_vmap_range and invalidate_kernel_vmap_range fbb1e639d3e1 qla2xxx: Fix request queue corruption. 60d674590d02 qla2xxx: Fix memory leak for abts processing e5e1af16aeae give up on gcc ilog2() constant optimizations 2401ecb47c7f drm/vc4: Use runtime autosuspend to avoid thrashing V3D power state. c495444e18c6 drm/vc4: Fix termination of the initial scan for branch targets. 97b74d794fa3 Linux 4.8.23 5d2e054aa127 crypto: powerpc - Fix initialisation of crc32c context 30eacf198cab locking/rwsem: Fix down_write_killable() for CONFIG_RWSEM_GENERIC_SPINLOCK=y 6ceef14519cd futex: Add missing error handling to FUTEX_REQUEUE_PI 0596ef2a1984 futex: Fix potential use-after-free in FUTEX_REQUEUE_PI e0421c6f49b0 x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm b88efae3588c x86/kasan: Fix boot with KASAN=y and PROFILE_ANNOTATED_BRANCHES=y 429bf916381e x86/tsc: Fix ART for TSC_KNOWN_FREQ 5eb6ff068525 drm/vc4: Fix ->clock_select setting for the VEC encoder 4a3f522f63ab drm/vc4: Fix race between page flip completion event and clean-up 02c5256b110c clk: bcm2835: Fix ->fixed_divider of pllh_aux d5dd232fc11e usb: gadget: udc: atmel: remove memory leak e85561f6aca8 serial: 8250_pci: Detach low-level driver during PCI error recovery 54c73832c576 ACPI / blacklist: Make Dell Latitude 3350 ethernet work f92b80712355 ACPI / blacklist: add _REV quirks for Dell Precision 5520 and 3520 990db74c5c87 slub: move synchronize_sched out of slab_mutex on shrink 06e966ded31e [media] uvcvideo: uvc_scan_fallback() for webcams with broken chain e30814bb2038 s390/zcrypt: Introduce CEX6 toleration c73c813f59ed block: allow WRITE_SAME commands with the SG_IO ioctl bb64e9763f59 drm/nouveau/disp/nv50-: specify ctrl/user separately when constructing classes 3c5d63c13311 drm/nouveau/disp/nv50-: split chid into chid.ctrl and chid.user 49e8233a2726 drm/nouveau/disp/gp102: fix cursor/overlay immediate channel indices 275ff35915b3 vfio/spapr: Postpone default window creation a6cc475b194a vfio/spapr: Add a helper to create default DMA window 95045ae80bba powerpc/mm/iommu, vfio/spapr: Put pages on VFIO container shutdown 789e7eac7ee0 vfio/spapr: Reference mm in tce_container 28a412c87e63 powerpc/iommu: Stop using @current in mm_iommu_xxx 605c802e3cb9 powerpc/iommu: Pass mm_struct to init/cleanup helpers c70e411994d8 vfio/spapr: Postpone allocation of userspace version of TCE table 89b9c28ca6d7 Drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2) ea35dd4dc3d5 PCI: Do any VF BAR updates before enabling the BARs ddb11bb30cbc PCI: Ignore BAR updates on virtual functions bfaf6ec96d7f PCI: Update BARs using property bits appropriate for type c09761e3af3f PCI: Don't update VF BARs while VF memory space is enabled f49fdb5fb9aa PCI: Decouple IORESOURCE_ROM_ENABLE and PCI_ROM_ADDRESS_ENABLE 4453d0980e47 PCI: Add comments about ROM BAR updating e9026b999d64 PCI: Remove pci_resource_bar() and pci_iov_resource_bar() bf5194f0e771 PCI: Separate VF BAR updates from standard BAR updates 4c25b4da1978 x86/hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic f86de0bf6845 scsi: ibmvscsis: Synchronize cmds at remove time 03780edbb14b scsi: ibmvscsis: Synchronize cmds at tpg_enable_store time 6e76f14e8da7 scsi: ibmvscsis: Rearrange functions for future patches 87e714992008 scsi: ibmvscsis: Clean up properly if target_submit_cmd/tmr fails 26d9e831807f scsi: ibmvscsis: Return correct partition name/# to client 017f9415d242 scsi: ibmvscsis: Issues from Dan Carpenter/Smatch 1a865ae47435 igb: add i211 to i210 PHY workaround 7af86b0c55e3 igb: Workaround for igb i210 firmware issue 15fdb8c2a904 xen: do not re-use pirq number cached in pci device msi msg data 4af906f27c02 dmaengine: iota: ioat_alloc_chan_resources should not perform sleeping allocations. 7815d4127881 dccp: fix memory leak during tear-down of unsuccessful connection request 348714c022b1 tun: fix premature POLLOUT notification on tun devices a1bc0a9f122e dccp/tcp: fix routing redirect race 0a787971aa5b bridge: drop netfilter fake rtable unconditionally ee1d5c66f7d9 ipv6: avoid write to a possibly cloned skb 81ed14c04c32 ipv6: make ECMP route replacement less greedy 0949ba4922e5 mpls: Do not decrement alive counter for unregister events 76aaba0ce52e mpls: Send route delete notifications when router module is unloaded 48325fbb1d05 act_connmark: avoid crashing on malformed nlattrs with null parms 4331398f440e uapi: fix linux/packet_diag.h userspace compilation error f5f6f5529468 net/tunnel: set inner protocol in network gro hooks 2a00f4bf0780 vrf: Fix use-after-free in vrf_xmit 61e3a5db6e7d dccp: fix use-after-free in dccp_feat_activate_values 39ff72664911 net: fix socket refcounting in skb_complete_tx_timestamp() 9d88ea01fe88 net: fix socket refcounting in skb_complete_wifi_ack() 65f7a3f9b6c0 tcp: fix various issues for sockets morphing to listen state 5531ae9e101d dccp: Unlock sock before calling sk_free() beb7cb3c2a3d ipv6: orphan skbs in reassembly unit 728edccaedbf net: net_enable_timestamp() can be called from irq contexts e9f82ae95dcc net: don't call strlen() on the user buffer in packet_bind_spkt() b0c360a043c0 tcp/dccp: block BH for SYN processing b64d0db77b52 mlxsw: spectrum_router: Avoid potential packets loss 8e1715480d7c l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv 44797e4d24c0 net sched actions: decrement module reference count after table flush. 9c1294eeb41e ipv4: mask tos for input route 368d2236b926 vxlan: don't allow overwrite of config src addr 9ead713bc6ac vti6: return GRE_KEY for vti6 a305478b6e7d vxlan: correctly validate VXLAN ID against VXLAN_N_VID bc68673783c7 net/mlx5e: Fix wrong CQE decompression 4e8f4987b785 IB/mlx5: Verify that Q counters are supported f0d5cfb83dcb ext4: don't BUG when truncating encrypted inodes on the orphan list 9ac44a73a4c5 [media] rc: raw decoder for keymap protocol is not loaded on register 56174559c310 dm: flush queued bios when process blocks to avoid deadlock 875142c6e879 KVM: arm/arm64: Let vcpu thread modify its own active state 220f66f1f4d8 KVM: s390: Fix guest migration for huge guests resulting in panic 3dd1f5f0b22c serial: samsung: Continue to work if DMA request fails 2a7c66c1a7c0 USB: serial: io_ti: fix information leak in completion handler 71f396d687e9 USB: serial: io_ti: fix NULL-deref in interrupt callback d9682fbb1252 USB: iowarrior: fix NULL-deref in write e1affee35832 USB: iowarrior: fix NULL-deref at probe 07c5918e96e7 USB: serial: omninet: fix reference leaks at open 782317bc4eba USB: serial: safe_serial: fix information leak in completion handler 15b553818e00 usb: host: xhci-plat: Fix timeout on removal of hot pluggable xhci controllers e5df1d8231d8 usb: host: xhci-dbg: HCIVERSION should be a binary number a03e4fb73679 usb: gadget: function: f_fs: pass companion descriptor along bf600df6aa66 usb: dwc3-omap: Fix missing break in dwc3_omap_set_mailbox() 40b091328f1c usb: dwc3: gadget: make Set Endpoint Configuration macros safe 7ab8263169d2 usb: gadget: dummy_hcd: clear usb_gadget region before registration 0a9e57a61494 PCI: Prevent VPD access for QLogic ISP2722 0c925288d9e2 powerpc/xics: Work around limitations of OPAL XICS priority handling e7ef86271857 powerpc: Emulation support for load/store instructions on LE 88cb0342bbc9 i2c: add missing of_node_put in i2c_mux_del_adapters 49817d5f81a0 efi/arm: Fix boot crash with CONFIG_CPUMASK_OFFSTACK=y b463b3b26bf5 tracing: Add #undef to fix compile error 03a9b9c5eb0f cpmac: remove hopeless #warning 9e7e1616fb69 MIPS: ralink: Remove unused rt*_wdt_reset functions 774bd1f0f2e0 MIPS: ralink: Cosmetic change to prom_init(). 1ec4e1a6c373 mtd: pmcmsp: use kstrndup instead of kmalloc+strncpy e6c4a646d490 MIPS: Update lemote2f_defconfig for CPU_FREQ_STAT change b70dce737466 MIPS: ip22: Fix ip28 build for modern gcc c5f71770663f MIPS: Update ip27_defconfig for SCSI_DH change 4baa71bf6ca0 MIPS: ip27: Disable qlge driver in defconfig 810c65dcf036 crypto: improve gcc optimization flags for serpent and wp512 4b256e46c8e3 USB: serial: digi_acceleport: fix OOB data sanity check b88d9bf6ce41 fat: fix using uninitialized fields of fat_inode/fsinfo_inode bd390a837bf2 mm: do not call mem_cgroup_free() from within mem_cgroup_alloc() bc83fdbb1b88 thp: fix another corner case of munlock() vs. THPs 6f3effcbddd2 x86/tlb: Fix tlb flushing when lguest clears PGE 52f93fd5358e x86, mm: fix gup_pte_range() vs DAX mappings ab0eea711de5 libceph: use BUG() instead of BUG_ON(1) 6dd79e33d04d drm/i915: Fix not finding the VBT when it overlaps with OPREGION_ASLE_EXT 267b0207162b drm: Cancel drm_fb_helper_dirty_work on unload 60a94aca40ff drm/i915/gvt: Disable access to stolen memory as a guest 076bb9ce1a9f drm/atomic: fix an error code in mode_fixup() a6d98a3a3c5c drm/imx: imx-tve: Do not set the regulator voltage 3036e519c3f8 drm/ttm: Make sure BOs being swapped out are cacheable 8c52d5581851 drm/edid: Add EDID_QUIRK_FORCE_8BPC quirk for Rotel RSX-1058 b4f89786c979 drm/ast: Fix AST2400 POST failure without BMC FW or VBIOS 23c1fdaced81 drm/ast: Call open_key before enable_mmio in POST code cb624df381a6 drm/ast: Fix test for VGA enabled 8b6e3ca35b51 drm/amdgpu: add more cases to DCE11 possible crtc mask setup 77a708d95727 mac80211: use driver-indicated transmitter STA only for data frames 72aaf6d71167 mac80211: don't handle filtered frames within a BA session 680c812d7bdc mac80211: don't reorder frames with SN smaller than SSN e9d8c725c29b mac80211: flush delayed work when entering suspend 9a7a9c5c88b2 xtensa: move parse_tag_fdt out of #ifdef CONFIG_BLK_DEV_INITRD b389c603b09e pwm: pca9685: Fix period change with same duty cycle 711e95e9a7d4 nlm: Ensure callback code also checks that the files match 29f3a5545183 target: Fix NULL dereference during LUN lookup + active I/O shutdown f82148e9ffd3 pci/hotplug/pnv-php: Remove WARN_ON() in pnv_php_put_slot() 1d53d522e4d1 ceph: remove req from unsafe list when unregistering it a0e963dbeecc ktest: Fix child exit code processing d8e905726d90 memory/atmel-ebi: Fix ns <-> cycles conversions aef2ccf1d832 orangefs: Use RCU for destroy_inode f0453d44086f fs: Better permission checking for submounts eef4fcd21313 IB/srp: Fix race conditions related to task management 24960d72feeb IB/srp: Avoid that duplicate responses trigger a kernel bug f3572a0ce31f IB/SRP: Avoid using IB_MR_TYPE_SG_GAPS 63129c2502c1 IB/mlx5: Fix out-of-bound access f54cae186e6e IB/ipoib: Fix deadlock between rmmod and set_mode 77563b9714b9 mnt: Tuck mounts under others instead of creating shadow/side mounts. 521cf3b70359 brcmfmac: fix incorrect event channel deduction 55730c566d11 cxl: Prevent read/write to AFU config space while AFU not configured 3c20ea7dd380 net: mvpp2: fix DMA address calculation in mvpp2_txq_inc_put() 7006fe7139f6 s390: use correct input data address for setup_randomness e936795084d3 s390: make setup_randomness work bb318913c8ab s390: TASK_SIZE for kernel threads 64deb4069c4b s390/chsc: Add exception handler for CHSC instruction a35d74c9c4a0 s390/kdump: Use "LINUX" ELF note name instead of "CORE" b3e8ded18f8e s390/dcssblk: fix device size calculation in dcssblk_direct_access() e1b323f8b65e s390/qdio: clear DSCI prior to scanning multiple input queues 7d9a72f5eb8c Bluetooth: Add another AR3012 04ca:3018 device 7f422c5aec89 KVM: VMX: use correct vmcs_read/write for guest segment selector/base 61157eabc44e KVM: s390: Disable dirty log retrieval for UCONTROL guests d44d2ea64003 serial: 8250_pci: Add MKS Tenta SCOM-0800 and SCOM-0801 cards eaae8c8005c1 tty: n_hdlc: get rid of racy n_hdlc.tbuf
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Tue, 18 Jul 2017 22:07:34 +0000 (23:07 +0100)]
libgcrypt: fix CVE-2017-9526
In libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from
side-channel observation during the signing process) can easily recover the
long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this
session key in secure memory, to ensure that constant-time point operations are
used in the MPI library.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Tue, 14 Mar 2017 08:45:45 +0000 (01:45 -0700)]
oe/path.py: fix for "Argument list too long"
Issue: LIN9-1648
Fixed when len(TMPDIR) = 410:
$ bitbake core-image-sato-sdk
[snip]
Subprocess output:
/bin/sh: /bin/cp: Argument list too long
ERROR: core-image-sato-sdk-1.0-r0 do_rootfs: Function failed: do_rootfs
[snip]
This is because "copyhardlinktree(src, dst)" does "cp -afl src/* dst",
while src/* is expanded to "src/file1 src/file2, src/file3..." which
causes the "Argument list too long", use ./* as src and change cwd in
subprocess.check_output() to fix the problem.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 16 Jun 2017 08:42:30 +0000 (09:42 +0100)]
package_ipk: Clean up Source entry in ipk packages
There is the potential for sensitive information to leak through the urls
there and removing it brings this into the behavior of the other package
backends since filtering it is likely error prone.
Since ipks don't appear to be generated at all if we don't set this, set
the field to the recipe name used (basename only, no paths). This avoids
information leaking. We may want to drop the field if opkg can allow that
at a future point but the recipe name is a suitable identifier for now.
Reported-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
