]> code.ossystems Code Review - openembedded-core.git/log
openembedded-core.git
8 years agolibX11: CVE-2016-7942
Sona Sarmadi [Mon, 30 Jan 2017 11:46:22 +0000 (12:46 +0100)]
libX11: CVE-2016-7942

The XGetImage function in X.org libX11 before 1.6.4 might allow remote X
servers to gain privileges via vectors involving image type and geometry,
which triggers out-of-bounds read operations.

References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
Upstream patch
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
8 years agolibXrandr: fix for CVE-2016-7947 and CVE-2016-7948
Sona Sarmadi [Fri, 27 Jan 2017 11:59:35 +0000 (12:59 +0100)]
libXrandr: fix for CVE-2016-7947 and CVE-2016-7948

CVE-2016-7947
Insufficient validation of server responses result in Integer overflows

CVE-2016-7948
Insufficient validation of server responses result in various data mishandlings

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
https://lists.x.org/archives/xorg-announce/2016-October/002720.html

Upstream patch for both CVEs:
https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
8 years agolibxrender: CVE-2016-7949
Sona Sarmadi [Fri, 27 Jan 2017 07:26:12 +0000 (08:26 +0100)]
libxrender: CVE-2016-7949

Insufficient validation of server responses results
in overflow of previously reserved memory

Upstream patch:
https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4

External References:
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7949

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
8 years agoclasses: Fix alternatives and rc.d ordering
David Vincent [Wed, 25 Jan 2017 13:03:06 +0000 (15:03 +0200)]
classes: Fix alternatives and rc.d ordering

When using an alternative as an initscript, the ordering between
update-rc.d and update-alternatives tasks during prerm and postinst
tasks must always be the following in order to work:
  * prerm:
    - stop daemon
    - remove alternative

  * postinst:
    - add alternative
    - start daemon

This patchset adds comments to the scripts generated by both classes and
organize the generated sections based on those comments.

[YOCTO #10433]

Signed-off-by: David Vincent <freesilicon@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit aa87b1a4dcc14e4dfe719b6c55045c5662bc59c2)

8 years agonspr: set correct version in pkg-config file
Andreas Müller [Wed, 14 Dec 2016 22:28:24 +0000 (23:28 +0100)]
nspr: set correct version in pkg-config file

while we are at it clean up sed

(From OE-Core rev: 69e9f7ec8ba8649784a27e9c7dc7a6987a53c22e)

(From OE-Core rev: cb4f5ecf32006192baaf41218a3d7b43ca1c2951)

Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoattr/ea-acl: pass --disable-gettext when USE_NLS=no
Denys Dmytriyenko [Wed, 11 Jan 2017 00:21:28 +0000 (19:21 -0500)]
attr/ea-acl: pass --disable-gettext when USE_NLS=no

Fixes following error in configure:
  FATAL ERROR: msgfmt does not seem to be installed.
  attr cannot be built without a working gettext installation.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core rev: d044fad8a0ac5d57deb88b25106f3a39cb7c1636)

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-dtb: strip DTB extension properly in postinst/postrm
Denys Dmytriyenko [Tue, 10 Jan 2017 23:11:39 +0000 (18:11 -0500)]
linux-dtb: strip DTB extension properly in postinst/postrm

The use of awk -F "." in do_install/do_deploy to strip filename extension
was deprecated long time ago in 72980d5bb465f0640ed451d1ebb9c5d2a210ad0c.

Make a similar change in postinst/postrm to properly use basename command.

Otherwise DTB files that contain dots in the name result in broken symlinks
that point to non-existent truncated files.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core rev: 40c2addf0f0ee16b1c1334cf00f1490ffeaac475)

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibxtst: 1.2.2 -> 1.2.3
Sona Sarmadi [Tue, 10 Jan 2017 11:10:51 +0000 (12:10 +0100)]
libxtst: 1.2.2 -> 1.2.3

Upgrade libxtst from 1.2.2 to 1.2.3 to address:
Out of Bounds Write Denial of Service Vulnerability, CVE-2016-7951

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951
https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agobinutils-2.27.inc: Fix alignment frags for aarch64
Manjukumar Matha [Sat, 17 Dec 2016 01:43:31 +0000 (17:43 -0800)]
binutils-2.27.inc: Fix alignment frags for aarch64

There was bug with alignment frags for aarch64 in binutils. This is fixed in
master of binutils. This patch backports the fix to binutils 2.27 version.

(From OE-Core rev: f6f87019073d4f3caa7766aca89faa6781690fba)

Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com>
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agopopulate_sdk_ext: whitelist do_package tasks
Ed Bartosh [Wed, 4 Jan 2017 18:48:18 +0000 (20:48 +0200)]
populate_sdk_ext: whitelist do_package tasks

With enabled SSTATE_MIRRORS sstate code expects mirrors to
contain entries for all tasks, which is not the case for ext
installer as it uses reduced sstate cache.

Added do_package tasks to BB_SETSCENE_ENFORCE_WHITELIST to prevent
installer failing with ERROR: Sstate artifact unavailable

[YOCTO #10832]

(From OE-Core rev: 2ed46ada4b8e496493835e84b36f7e9c367f59d2)

Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agopopulate_sdk_ext: fix working with uninative sstate
Ed Bartosh [Wed, 4 Jan 2017 18:48:17 +0000 (20:48 +0200)]
populate_sdk_ext: fix working with uninative sstate

Mapped uninative sstate directories to make ext SDK installer to
use them when it's run on systems with gcc version different from
gcc version used to build installer.

[YOCTO #10832]

Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agozlib: update SRC_URI to fix fetching
Joshua Lock [Thu, 5 Jan 2017 16:34:23 +0000 (16:34 +0000)]
zlib: update SRC_URI to fix fetching

Upstream have removed the file from zlib.net as a new version has
been released, switch to fetching from the official sourceforge
mirror.

[YOCTO #10879]

(From OE-Core rev: bb99e4a620efd59556539c156cd98ea23aae74c8)

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agobuild-appliance-image: Update to morty head revision
Richard Purdie [Wed, 11 Jan 2017 17:26:48 +0000 (17:26 +0000)]
build-appliance-image: Update to morty head revision

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agolibgcc-common: Don't apply symlinks for nativesdk
Richard Purdie [Wed, 21 Dec 2016 13:33:07 +0000 (13:33 +0000)]
libgcc-common: Don't apply symlinks for nativesdk

nativesdk-libgcc doesn't need a symlink into the target space and if we do this
sstate installation of the recipe can fail depending on whether it races with
the cross-canadian toolchains.

(From OE-Core rev: b2c1e1fe4221862e0dbf5d08960f0d0228e47c72)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agobitbake.conf: Add inclusion of BB_CURRENT_MC.conf after local.conf
Richard Purdie [Tue, 20 Dec 2016 19:05:01 +0000 (19:05 +0000)]
bitbake.conf: Add inclusion of BB_CURRENT_MC.conf after local.conf

People are strugling with multiconfig as the up front inclusion of the
configuration file doesn't do what people expect. The only way to meet
user expectations is to include the file immediately after local.conf.

We add BB_CURRENT_MC to bitbake so that the metadata can determine when
to include the extra configuration.

(From OE-Core rev: a6a3894fb2cb2097d2404b8b8cb2b85df595cfa9)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agouninative: Parameterise the use of STAGING_DIR
Richard Purdie [Wed, 21 Dec 2016 14:13:09 +0000 (14:13 +0000)]
uninative: Parameterise the use of STAGING_DIR

This means that a user can change TMPDIR in a multiconfig situation
and still only have one path to the uninative setup. Without this change
its not possile to make such a setup work.

(From OE-Core rev: 779422c5458f5f643b3a4a0dedaa4d9ad709367a)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
8 years agoselftest: wic: fix test_qemu
Ed Bartosh [Fri, 2 Dec 2016 23:48:06 +0000 (01:48 +0200)]
selftest: wic: fix test_qemu

Setting WKS_FILE variable in qemux86-64 made wic test to
use wrong wks file to produce an image and resulted in
test_qemu failure.

Used conditional assignment in qemux86-64 and explicitly
set WKS_FILE in wic testing suite to make the suite to use
wic-image-minimal.wsk. This should fix test_qemu failure.

(From OE-Core rev: 3bca4d18c2712e3b154bacfb917f0a749ebaddeb)

Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoutils: Always use datastore's PATH for host_gcc_version
Ross Burton [Thu, 15 Dec 2016 19:09:16 +0000 (19:09 +0000)]
utils: Always use datastore's PATH for host_gcc_version

BUILD_CC may reference something like ccache and expect this to come from
ccache-native, we at least have some selftests which assume this. Modify the
code to use PATH when runnig BUILD_CC to ensure the tests continue to work
as expected.

(From OE-Core rev: f3e753372baac43d0921186340cf260df056de20)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hand applied and used d.getVar(True)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agovalgrind: make ld-XXX.so strlen intercept optional
Jackie Huang [Wed, 14 Dec 2016 02:26:13 +0000 (10:26 +0800)]
valgrind: make ld-XXX.so strlen intercept optional

Hack: Depending on how glibc was compiled (e.g. optimised
for size or built with _FORTIFY_SOURCE enabled) the strlen
symbol might not be found in ld-XXX.so. Therefore although
we should still try to intercept it, don't make it mandatory
to do so.

(From OE-Core rev: 84ec50e587e7464b260b1b189659b93b6dab0ef6)

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agouninative: rebuild uninative for gcc 4.8 and 4.9
Ed Bartosh [Tue, 13 Dec 2016 23:55:04 +0000 (01:55 +0200)]
uninative: rebuild uninative for gcc 4.8 and 4.9

Some c++ libraries fail to build if uninative is built
with gcc 5.x and host gcc version is either 4.8 or 4.9.

The issue should be solved by making separate uninative sstate
directory structure sstate-cache/universal-<gcc version> for host gcc
versions 4.8 and 4.9. This causes rebuilds of uninative if host gcc
is either 4.8 or 4.9 and it doesn't match gcc version used to build
uninative.

[YOCTO #10441]

(From OE-Core rev: d36f41e5658bbbb6080ee833027879c119edf3e0)

Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibxml2: Fix more NULL pointer derefs
Andrej Valek [Mon, 12 Dec 2016 13:20:21 +0000 (14:20 +0100)]
libxml2: Fix more NULL pointer derefs

The NULL pointer dereferencing could produced some
security problems.
This is a preventive security fix.

(From OE-Core rev: 8f3008114d5000a0865f50833db7c3a3f9808601)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibxml2: fix CVE-2016-4658 Disallow namespace nodes in XPointer points and ranges
Andrej Valek [Mon, 12 Dec 2016 13:20:20 +0000 (14:20 +0100)]
libxml2: fix CVE-2016-4658 Disallow namespace nodes in XPointer points and ranges

Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.

(From OE-Core rev: 00e928bd1c2aed9caeaf9e411743805d2139a023)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibxml2: Necessary changes before fixing CVE-2016-5131
Andrej Valek [Mon, 12 Dec 2016 13:20:19 +0000 (14:20 +0100)]
libxml2: Necessary changes before fixing CVE-2016-5131

xpath:
 - Check for errors after evaluating first operand.
 - Add sanity check for empty stack.
 - Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes

(From OE-Core rev: 96ef568f75dded56a2123b63dcc8b443f796afe0)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolib/oe/rootfs: fix log_check warnings being printed twice with RPM packaging
Paul Eggleton [Mon, 12 Dec 2016 22:05:05 +0000 (11:05 +1300)]
lib/oe/rootfs: fix log_check warnings being printed twice with RPM packaging

We were calling _log_check() in the RPM-specific rootfs class as well as
in the base class; this is unnecessary and resulted in any errors/warnings
generated during the actual package installation time triggering two warnings
instead of one. Drop the call from RpmRootfs._create() to fix this.

(From OE-Core rev: 541c56d755ba0354297673e857628026ad9e4df2)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibtiff: Update to 4.0.7
Armin Kuster [Sat, 10 Dec 2016 17:38:43 +0000 (09:38 -0800)]
libtiff: Update to 4.0.7

Major changes:
The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution, used for demos.

CVEs fixed:
CVE-2016-9297
CVE-2016-9448
CVE-2016-9273
CVE-2014-8127
CVE-2016-3658
CVE-2016-5875
CVE-2016-5652
CVE-2016-3632

plus more that are not identified in the changelog.

removed patches integrated into update.
more info: http://libtiff.maptools.org/v4.0.7.html

(From OE-Core rev: 9945cbccc4c737c84ad441773061acbf90c7baed)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel-yocto: explicitly trap subcommand errors
Bruce Ashfield [Fri, 9 Dec 2016 19:28:00 +0000 (14:28 -0500)]
kernel-yocto: explicitly trap subcommand errors

To trap errors and halt processing, do_kernel_metadata was recently
switched to exit on any non zero return code. While the concept is
sound, there are subcommands that have legitimate non-zero return
codes.

Instead of removing set +e, we'll explicitly check the return code
of the commands that can error, and throw a bbfatal to alert the
user.

(From OE-Core rev: a4705e62d0973c290011fc0d250501d358b659e8)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: update to -rt7
Bruce Ashfield [Fri, 9 Dec 2016 19:27:59 +0000 (14:27 -0500)]
linux-yocto/4.8: update to -rt7

Updating to the latest 4.8-rt

(From OE-Core rev: 9f4565a308be55c1bf11706041c0565d48bda4f4)

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoglibc: Enable backtrace from abort on ARM
Yuanjie Huang [Fri, 9 Dec 2016 17:49:34 +0000 (11:49 -0600)]
glibc: Enable backtrace from abort on ARM

ARM stack frames for abort and raise were limited to the the actual
abort and raise call, such as:

Obtained 4 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4adae1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4adacf74]

This is not terribly useful when trying to figure out what function
may have called called the abort, especially when using pthreads.

After the change the trace would now look like:

Obtained 8 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4befe1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4befcf74]
/lib/libc.so.6(abort+0x134) [0x4befe358]
./test-app(dummy_function+0x50) [0x10adc]
./test-app(main+0xd4) [0x10c24]
/lib/libc.so.6(__libc_start_main+0x114) [0x4bee7a58]

(From OE-Core rev: 93bf8713d8e13c278543baea94fb8dad0cb80e49)

Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoUse weak assignment for SERIAL_CONSOLES in qemu configuration files
Chen Qi [Fri, 9 Dec 2016 07:43:03 +0000 (15:43 +0800)]
Use weak assignment for SERIAL_CONSOLES in qemu configuration files

Use weak assignment for SERIAL_CONSOLES in qemu configuration files so that
the value could serve as a default value and could be easily overridden in
configuration files like local.conf.

When using the default value for SERIAL_CONSOLES in qemux86-64,we would have
annoying messages on console complaining about respawning getty on ttyS1.
Although the value is set by purpose, at least we need to provide an easy way
to override it.

(From OE-Core rev: 5f060b66162c41a295995947b918253450870117)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoarchiver: don't change directory when generating tarball
Ross Burton [Thu, 8 Dec 2016 21:29:57 +0000 (21:29 +0000)]
archiver: don't change directory when generating tarball

There's no need to chdir() as tarfile.add() can be told what name to use in the
archive.

(From OE-Core rev: d0b282bce34db44dde4dd7f53a64dfaafe6789de)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agogrub2: fix some quirks and div by zero
Awais Belal [Thu, 8 Dec 2016 14:09:39 +0000 (19:09 +0500)]
grub2: fix some quirks and div by zero

Rather than erroring out on a single attempt while
terminating EFI services, make a few retries because
such quirks are found in a few implementations.
Also fix a div by zero issue in the same framework
which causes an infinite reboot on the target.
Both patches included here are backports.

(From OE-Core rev: 5e6ac806bd9b8bf885ef1e88484e91e4cdaaa69a)

Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agowic: Create a logical partition only when it is really mandatory
Alessio Igor Bogani [Wed, 7 Dec 2016 14:00:57 +0000 (15:00 +0100)]
wic: Create a logical partition only when it is really mandatory

Don't worth bother with logical partition on MBR partition type (aka
msdos) if disk image generated by wic should have 4 partitions.

(From OE-Core rev: 36a558fbdc96094626e7de1a3510691e30885368)

Signed-off-by: Alessio Igor Bogani <alessio.bogani@elettra.eu>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibarchive: fix ALTERNATIVE_PRIORITY to avoid conflict
Chen Qi [Wed, 7 Dec 2016 01:45:37 +0000 (09:45 +0800)]
libarchive: fix ALTERNATIVE_PRIORITY to avoid conflict

'tar' utility from tar and bsdtar has the same alternative priority.
'cpio' utility from cpio and bsdcpio has the same alternative priority.

Lower the ALTERNATIVE_PRIORITY to avoid conflict.

(From OE-Core rev: 9a59ff628771b586666999d44923968a6bc58956)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agocve-check: allow recipes to override the product name
Ross Burton [Wed, 7 Dec 2016 11:25:53 +0000 (11:25 +0000)]
cve-check: allow recipes to override the product name

Add a new variable CVE_PRODUCT for the product name to look up in the NVD
database.  Default this to BPN, but allow recipes such as tiff (which is libtiff
in NVD) to override it.

(From OE-Core rev: ba330051570a4c991885ee726cb187e0c911bd4f)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agocurl: set CVE_PRODUCT
Ross Burton [Wed, 7 Dec 2016 16:41:40 +0000 (16:41 +0000)]
curl: set CVE_PRODUCT

This is 'libcurl' in NVD.

(From OE-Core rev: f5381da49ac781ef017a1b9816c00b512ca9c7c2)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: set CVE_PRODUCT
Ross Burton [Thu, 8 Dec 2016 10:42:25 +0000 (10:42 +0000)]
tiff: set CVE_PRODUCT

This is 'libtiff' in NVD.

(From OE-Core rev: 0c8d1523f3ad0ada2d1b8f9abffbc2b898a744ca)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotargetloader.py: drop test for ClassType
Juro Bystricky [Sat, 10 Dec 2016 17:21:45 +0000 (09:21 -0800)]
targetloader.py: drop test for ClassType

ClassType was removed from python3.
The code testing for ClassType kept throwing AttributeError exceptions:

    module 'types' has no attribute 'ClassType'

The exceptions prevented loading of any dynamically resolved target
controllers.

(From OE-Core rev: d62f18c39bc0ed3b0f5ac8465b393c15f2143ecf)

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.x: CVE-2016-8655
Bruce Ashfield [Thu, 8 Dec 2016 17:58:55 +0000 (12:58 -0500)]
linux-yocto/4.x: CVE-2016-8655

Backporting upstream commit 84ac726023 [packet: fix race condition in
packet_set_ring] to address CVE-2016-8655

(From OE-Core rev: db7799747b263507427e325638353142ae79403c)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto-rt/4.4: update to -rt43
Bruce Ashfield [Thu, 8 Dec 2016 17:58:54 +0000 (12:58 -0500)]
linux-yocto-rt/4.4: update to -rt43

After the update to 4.4.36 -rt no longer builds. The fixes for the
issues are found in the v4.4-rt43 release.

(From OE-Core rev: 262fff10ba5cdedbee9ba9ecf00f98dc9159477c)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokern-tools: ensure that no shared directories are used
Bruce Ashfield [Thu, 8 Dec 2016 17:58:53 +0000 (12:58 -0500)]
kern-tools: ensure that no shared directories are used

We need to avoid using shared/common directories for any files that are
part of specific build, since permissions issues in multi user
environments will cause issues.

Integrating the following commit to solve the issue:

   scc: move unused patch queue under output dir

(From OE-Core rev: cad65cc0eef2e06cb5ae08062ffae7a4d43a51ad)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: update to v4.8.12
Bruce Ashfield [Thu, 8 Dec 2016 17:58:52 +0000 (12:58 -0500)]
linux-yocto/4.8: update to v4.8.12

shortlog of the changes follow:

   356ccf6d2b0c Linux 4.8.12
   f81c90012f2f scsi: mpt3sas: Unblock device after controller reset
   3de3eebb10fd flow_dissect: call init_default_flow_dissectors() earlier
   7838fbe25a95 mm, oom: stop pre-mature high-order OOM killer invocations
   374ff835e2b6 can: bcm: fix support for CAN FD frames
   7ed8d94b99b3 powerpc/boot: Fix the early OPAL console wrappers
   7cbe9568fa04 powerpc/mm: Fixup kernel read only mapping
   30988ea31783 powerpc: Set missing wakeup bit in LPCR on POWER9
   8d248df485f2 device-dax: fail all private mapping attempts
   f87a483126b5 device-dax: check devm_nsio_enable() return value
   5b08489eba14 xc2028: Fix use-after-free bug properly
   9030deb21f29 X.509: Fix double free in x509_cert_parse() [ver #3]
   0257b7e20c07 mpi: Fix NULL ptr dereference in mpi_powm() [ver #3]
   bdab996a7a9e mmc: sdhci-of-esdhc: fixup PRESENT_STATE read
   0a80bef18a9f parisc: Also flush data TLB in flush_icache_page_asm
   09e35a83cdc9 parisc: Fix race in pci-dma.c
   3cb2bc6fdc54 parisc: Switch to generic sched_clock implementation
   113b60efa37c parisc: Fix races in parisc_setup_cache_timing()
   b2f64572db2e thermal/powerclamp: add back module device table
   6dfe1643b56a perf/x86/intel: Cure bogus unwind from PEBS entries
   403f47ddbf6b perf/core: Fix address filter parser
   c5795c5f682d x86/traps: Ignore high word of regs->cs in early_fixup_exception()
   885bad1e5f32 x86/fpu: Fix invalid FPU ptrace state after execve()
   1a42cd56229b NFSv4.x: hide array-bounds warning
   154c665b2b02 apparmor: fix change_hat not finding hat after policy replacement
   9c15a98542f0 cfg80211: limit scan results cache size
   f204d21ee0b7 tile: avoid using clocksource_cyc2ns with absolute cycle count
   c707019bef62 scsi: mpt3sas: Fix secure erase premature termination
   b33387f6a68d Fix USB CB/CBI storage devices with CONFIG_VMAP_STACK=y
   89a28f3a3c77 USB: serial: ftdi_sio: add support for TI CC3200 LaunchPad
   6476f6530187 USB: serial: cp210x: add ID for the Zone DPMX
   7445ffb75ed5 usb: chipidea: move the lock initialization to core file
   32fe669c8634 KVM: x86: check for pic and ioapic presence before use
   c02d13809180 KVM: x86: fix out-of-bounds accesses of rtc_eoi map
   39b653013527 KVM: x86: drop error recovery in em_jmp_far and em_ret_far
   3c22c81377d4 KVM: x86: fix out-of-bounds access in lapic
   eb060c1a03f7 iommu/vt-d: Fix IOMMU lookup for SR-IOV Virtual Functions
   8b23f16343f6 iommu/vt-d: Fix PASID table allocation
   36bd5bfe4349 Linux 4.8.11
   a9a0027757f8 gpio: pca953x: Fix corruption of other gpios in set_multiple.
   88fce76cf590 gpio: pca953x: Move memcpy into mutex lock for set multiple
   9a7b80894951 netfilter: nft_dynset: fix element timeout for HZ != 1000
   fd4251fa4d09 IB/cm: Mark stale CM id's whenever the mad agent was unregistered
   8ce92be782f8 IB/uverbs: Fix leak of XRC target QPs
   160149299f71 IB/hfi1: Remove incorrect IS_ERR check
   46e47543175b IB/core: Avoid unsigned int overflow in sg_alloc_table
   82c377d05311 IB/mlx5: Fix NULL pointer dereference on debug print
   554e4b69f1bb IB/mlx5: Fix fatal error dispatching
   32091ee63d17 IB/mlx5: Fix memory leak in query device
   21822a5bbddd IB/mlx5: Use cache line size to select CQE stride
   ad886a0e9035 IB/mlx5: Validate requested RQT size
   76a93a6f8dd7 IB/mlx4: Fix create CQ error flow
   4234e6a06f8b IB/mlx4: Check gid_index return value
   fc9275365065 IB/rxe: Clear queue buffer when modifying QP to reset
   3c87b4a8f6d5 IB/rxe: Fix handling of erroneous WR
   c4605a0e9605 IB/rxe: Fix kernel panic in UDP tunnel with GRO and RX checksum
   04d016249998 IB/rxe: Update qp state for user query
   bac1543b764c perf hists: Fix column length on --hierarchy
   4cba876de64d PM / sleep: don't suspend parent when async child suspend_{noirq, late} fails
   2e2c8f0e7502 PM / sleep: fix device reference leak in test_suspend
   fd669bf2a099 uwb: fix device reference leaks
   ab17baeaea91 sunrpc: svc_age_temp_xprts_now should not call setsockopt non-tcp transports
   8c7ea73e3a9b mfd: core: Fix device reference leak in mfd_clone_cell
   545ea4003db9 iwlwifi: mvm: wake the wait queue when the RX sync counter is zero
   8bfaf856695b iwlwifi: mvm: fix d3_test with unified D0/D3 images
   8cdfd32398b5 iwlwifi: mvm: fix netdetect starting/stopping for unified images
   6e3324dc039c iwlwifi: pcie: mark command queue lock with separate lockdep class
   b822907865cc iwlwifi: pcie: fix SPLC structure parsing
   edb60ee4bc65 rtc: omap: Fix selecting external osc
   5f95e68daae3 clk: imx: fix integer overflow in AV PLL round rate
   fec43900c9b7 clk: mmp: mmp2: fix return value check in mmp2_clk_init()
   63465eaf7b2e clk: mmp: pxa168: fix return value check in pxa168_clk_init()
   a42bbd552ded clk: mmp: pxa910: fix return value check in pxa910_clk_init()
   bb6c9ec826be virtio-net: drop legacy features in virtio 1 mode
   899f5426eebf drm/i915: Assume non-DP++ port if dvo_port is HDMI and there's no AUX ch specified in the VBT
   f6920e506992 drm/i915: Refresh that status of MST capable connectors in ->detect()
   56a02a5f60ea drm/amdgpu: Attach exclusive fence to prime exported bo's. (v5)
   3eac4767dd7e powerpc/64: Fix setting of AIL in hypervisor mode
   fc312878ffe3 crypto: caam - do not register AES-XTS mode on LP units
   54f28973e8a5 ARM: dts: imx53-qsb: Fix regulator constraints
   7001b98b9dce ext4: sanity check the block and cluster size at mount time
   56df604296c2 kbuild: Steal gcc's pie from the very beginning
   e14754cb8f0c x86/kexec: add -fno-PIE
   ad4e2f324ade scripts/has-stack-protector: add -fno-PIE
   1c7727d0bca0 kbuild: add -fno-PIE
   20bcbe246933 Disable the __builtin_return_address() warning globally after all
   504b60516ba7 i2c: i2c-mux-pca954x: fix deselect enabling for device-tree
   45244660281c i2c: mux: fix up dependencies
   ce97f5012b6d ALSA: hda - Fix mic regression by ASRock mobo fixup
   23e14ee1abcf ALSA: hda - add a new condition to check if it is thinkpad
   85fcb62a58b2 ALSA: usb-audio: Fix use-after-free of usb_device at disconnect
   e902f10da218 gpio: do not double-check direction on sleeping chips
   b21b327d96bc can: bcm: fix warning in bcm_connect/proc_register
   50e6cd2feff7 mfd: stmpe: Fix RESET regression on STMPE2401
   e015527c6fbd mfd: intel-lpss: Do not put device in reset state on suspend
   8b4d44f46bf2 IB/hfi1: Fix rnr_timer addition
   06eac15f11e0 IB/rdmavt: rdmavt can handle non aligned page maps
   ca720a2b11b4 fuse: fix fuse_write_end() if zero bytes were copied
   de58c50e84e2 genirq: Use irq type from irqdata instead of irqdesc
   8844024c8839 ftrace: Add more checks for FTRACE_FL_DISABLED in processing ip records
   c5d20ce0b459 ftrace: Ignore FTRACE_FL_DISABLED while walking dyn_ftrace records
   f271087fb2ea KVM: arm64: Fix the issues when guest PMCCFILTR is configured
   8d8b37e242de arm64: KVM: pmu: Fix AArch32 cycle counter access
   1cb9b2489e77 KVM: Disable irq while unregistering user notifier
   23555ca21394 KVM: x86: fix missed SRCU usage in kvm_lapic_set_vapic_addr
   f8c74cf95655 x86/cpu/AMD: Fix cpu_llc_id for AMD Fam17h systems

(From OE-Core rev: beb9adb4763a1bbed182503371921e676ccd4ae2)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.4: update to v4.4.36
Bruce Ashfield [Thu, 8 Dec 2016 17:58:51 +0000 (12:58 -0500)]
linux-yocto/4.4: update to v4.4.36

shortlog of the changes follow:

   87c6c6ef5b17 Linux 4.4.36
   6eddf5c993dd scsi: mpt3sas: Unblock device after controller reset
   c178e4809df7 flow_dissect: call init_default_flow_dissectors() earlier
   0b7860d6e88c mei: fix return value on disconnection
   bab2f72f70ea mei: me: fix place for kaby point device ids.
   4f13967ecd20 mei: me: disable driver on SPT SPS firmware
   e1049372d7a7 drm/radeon: Ensure vblank interrupt is enabled on DPMS transition to on
   249090830942 mpi: Fix NULL ptr dereference in mpi_powm() [ver #3]
   cd4235a794c0 parisc: Also flush data TLB in flush_icache_page_asm
   7a1ab6a2bf3a parisc: Fix race in pci-dma.c
   e541fd815db9 parisc: Fix races in parisc_setup_cache_timing()
   0c0ddbf7efec NFSv4.x: hide array-bounds warning
   be79d7fa43f9 apparmor: fix change_hat not finding hat after policy replacement
   8316338a201b cfg80211: limit scan results cache size
   4df31626fc08 tile: avoid using clocksource_cyc2ns with absolute cycle count
   ffffc1ed47e7 scsi: mpt3sas: Fix secure erase premature termination
   ab0867dd8bc8 Fix USB CB/CBI storage devices with CONFIG_VMAP_STACK=y
   f3f95f177269 USB: serial: ftdi_sio: add support for TI CC3200 LaunchPad
   1f36db0b397f USB: serial: cp210x: add ID for the Zone DPMX
   55d061bf9d23 usb: chipidea: move the lock initialization to core file
   341f9730c29b KVM: x86: check for pic and ioapic presence before use
   b7f9404d1b48 KVM: x86: drop error recovery in em_jmp_far and em_ret_far
   c091bbddbc5e iommu/vt-d: Fix IOMMU lookup for SR-IOV Virtual Functions
   d88a1bd00cfa iommu/vt-d: Fix PASID table allocation
   0a5b451a53d4 Linux 4.4.35
   1ba7fafae3c2 netfilter: nft_dynset: fix element timeout for HZ != 1000
   698a8dddb8a5 IB/cm: Mark stale CM id's whenever the mad agent was unregistered
   2b026a265a9a IB/uverbs: Fix leak of XRC target QPs
   eba83a85caba IB/core: Avoid unsigned int overflow in sg_alloc_table
   c524185c81d4 IB/mlx5: Fix fatal error dispatching
   734039913373 IB/mlx5: Use cache line size to select CQE stride
   7cf5b7882184 IB/mlx4: Fix create CQ error flow
   41664d7077e9 IB/mlx4: Check gid_index return value
   04c0800c73b2 PM / sleep: don't suspend parent when async child suspend_{noirq, late} fails
   469fcbcb84d8 PM / sleep: fix device reference leak in test_suspend
   680bc27065b9 uwb: fix device reference leaks
   dd214a159de6 mfd: core: Fix device reference leak in mfd_clone_cell
   d2adb5ebec61 iwlwifi: pcie: fix SPLC structure parsing
   1f995573bac8 rtc: omap: Fix selecting external osc
   c8aa3e98c1a8 clk: mmp: mmp2: fix return value check in mmp2_clk_init()
   96576127ffb7 clk: mmp: pxa168: fix return value check in pxa168_clk_init()
   a4709b4582ac clk: mmp: pxa910: fix return value check in pxa910_clk_init()
   d039fc37ec7f drm/amdgpu: Attach exclusive fence to prime exported bo's. (v5)
   96f10a6239a2 crypto: caam - do not register AES-XTS mode on LP units
   454cf79b05c5 ext4: sanity check the block and cluster size at mount time
   147117cf23c0 kbuild: Steal gcc's pie from the very beginning
   e543f094a38a x86/kexec: add -fno-PIE
   3a868dde1824 scripts/has-stack-protector: add -fno-PIE
   f740b5cc39dd kbuild: add -fno-PIE
   936d157fa7ae i2c: mux: fix up dependencies
   4e583b89add6 can: bcm: fix warning in bcm_connect/proc_register
   0c6e0db9686b mfd: intel-lpss: Do not put device in reset state on suspend
   b7321bcc8b1c fuse: fix fuse_write_end() if zero bytes were copied
   d4a774fdb92f KVM: Disable irq while unregistering user notifier
   b689e86c9a8f KVM: x86: fix missed SRCU usage in kvm_lapic_set_vapic_addr
   aea9d760b8ba x86/cpu/AMD: Fix cpu_llc_id for AMD Fam17h systems
   4eb9a8100248 Linux 4.4.34
   b4bbdcef7d90 sparc64: Delete now unused user copy fixup functions.
   cb85910b0d45 sparc64: Delete now unused user copy assembler helpers.
   1c7e17b1c4d6 sparc64: Convert U3copy_{from,to}_user to accurate exception reporting.
   7181969338f8 sparc64: Convert NG2copy_{from,to}_user to accurate exception reporting.
   bfc8be659309 sparc64: Convert NGcopy_{from,to}_user to accurate exception reporting.
   dc3a7a7d2c85 sparc64: Convert NG4copy_{from,to}_user to accurate exception reporting.
   1731d90d8a55 sparc64: Convert U1copy_{from,to}_user to accurate exception reporting.
   8a444c770f6e sparc64: Convert GENcopy_{from,to}_user to accurate exception reporting.
   c718e917b3d3 sparc64: Convert copy_in_user to accurate exception reporting.
   dd8a78b2b6ad sparc64: Prepare to move to more saner user copy exception handling.
   756723ad553d sparc64: Delete __ret_efault.
   f5a69ff7486e sparc64: Handle extremely large kernel TLB range flushes more gracefully.
   d36a1ac49d24 sparc64: Fix illegal relative branches in hypervisor patched TLB cross-call code.
   5d8eb954763d sparc64: Fix instruction count in comment for __hypervisor_flush_tlb_pending.
   217f829ae967 sparc64: Fix illegal relative branches in hypervisor patched TLB code.
   2ba06323db41 sparc64: Handle extremely large kernel TSB range flushes sanely.
   75931800733c sparc: Handle negative offsets in arch_jump_label_transform
   8fd11efa2140 sparc64 mm: Fix base TSB sizing when hugetlb pages are used
   4e90b6880135 sparc: serial: sunhv: fix a double lock bug
   a395f7a66eec sparc: Don't leak context bits into thread->fault_address
   4e772c53ab98 tty: Prevent ldisc drivers from re-using stale tty fields
   225a24ae9733 tcp: take care of truncations done by sk_filter()
   ae9e052a58ef ipv4: use new_gw for redirect neigh lookup
   5c67f9477bb2 net: __skb_flow_dissect() must cap its return value
   b67ed647d135 sock: fix sendmmsg for partial sendmsg
   0650eeb4f187 fib_trie: Correct /proc/net/route off by one error
   3f8857a4971d sctp: assign assoc_id earlier in __sctp_connect
   65d29c185614 ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped
   99131760a885 ipv6: dccp: fix out of bound access in dccp_v6_err()
   a2df29ed840f dccp: fix out of bound access in dccp_v4_err()
   ad6d0a82016b dccp: do not send reset to already closed sockets
   69a5c7ca2e62 tcp: fix potential memory corruption
   8777977b22c4 ip6_tunnel: Clear IP6CB in ip6tunnel_xmit()
   c5bad811ca4d bgmac: stop clearing DMA receive control register right after it is set
   6e9ca1b61cc8 net: mangle zero checksum in skb_checksum_help()
   ac4c2cf6f57a net: clear sk_err_soft in sk_clone_lock()
   74e53a3a053f dctcp: avoid bogus doubling of cwnd after loss
   86429bd405de Linux 4.4.33
   21cc1a183a9d netfilter: fix namespace handling in nf_log_proc_dostring
   ee5dd6878886 btrfs: qgroup: Prevent qgroup->reserved from going subzero
   ae6d4df4a7a0 mmc: mxs: Initialize the spinlock prior to using it
   ae5b8dbfe6be ASoC: sun4i-codec: return error code instead of NULL when create_card fails
   125e84726d7c ACPI / APEI: Fix incorrect return value of ghes_proc()
   5cd2cd84d573 i40e: fix call of ndo_dflt_bridge_getlink()
   5be7e6b48b21 hwrng: core - Don't use a stack buffer in add_early_randomness()
   ba8580f6cf03 lib/genalloc.c: start search from start of chunk
   c048b6711ed6 mei: bus: fix received data size check in NFC fixup
   19426f065d1e iommu/vt-d: Fix dead-locks in disable_dmar_iommu() path
   f029e7b34f25 iommu/amd: Free domain id when free a domain of struct dma_ops_domain
   f5bb84163704 tty/serial: at91: fix hardware handshake on Atmel platforms
   49163391881a dmaengine: at_xdmac: fix spurious flag status for mem2mem transfers
   fff40ee4d224 drm/i915: Respect alternate_ddc_pin for all DDI ports
   d7b0055e5566 KVM: MIPS: Precalculate MMIO load resume PC
   d24587404922 scsi: mpt3sas: Fix for block device of raid exists even after deleting raid disk
   6e897d034d4c scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init
   29cf142cefed iio: orientation: hid-sensor-rotation: Add PM function (fix non working driver)
   caff14e99c63 iio: hid-sensors: Increase the precision of scale to fix wrong reading interpretation.
   dbbc5e6bcf36 clk: qoriq: Don't allow CPU clocks higher than starting value
   2c5cdadeab5d toshiba-wmi: Fix loading the driver on non Toshiba laptops
   f523deedff82 drbd: Fix kernel_sendmsg() usage - potential NULL deref
   f1de32232db3 usb: gadget: u_ether: remove interrupt throttling
   0ab4186bf238 USB: cdc-acm: fix TIOCMIWAIT
   290ffd550e34 staging: nvec: remove managed resource from PS2 driver
   4aa859ea591e Revert "staging: nvec: ps2: change serio type to passthrough"
   729eb8d9f7b7 drivers: staging: nvec: remove bogus reset command for PS/2 interface
   6bba8c37ceed staging: iio: ad5933: avoid uninitialized variable in error case
   a98e483ca784 pinctrl: cherryview: Prevent possible interrupt storm on resume
   126d0a2fe878 pinctrl: cherryview: Serialize register access in suspend/resume
   c45bfaa9211e ARC: timer: rtc: implement read loop in "C" vs. inline asm
   3b21a0b468a3 s390/hypfs: Use get_free_page() instead of kmalloc to ensure page alignment
   e835220ed25f coredump: fix unfreezable coredumping task
   5c54f79ad234 swapfile: fix memory corruption via malformed swapfile
   2f7496c48a7b dib0700: fix nec repeat handling
   a04769029386 ASoC: cs4270: fix DAPM stream name mismatch
   f3155797b91c ALSA: info: Limit the proc text input size
   c1ea2b3c07c6 ALSA: info: Return error for invalid read/write

(From OE-Core rev: 7d8d71ba5bc2dd8884c3f43a8d71a6d399c4e2fe)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yoct/4.1: update to v4.1.36
Bruce Ashfield [Thu, 8 Dec 2016 17:58:50 +0000 (12:58 -0500)]
linux-yoct/4.1: update to v4.1.36

Shortlog of the changes:

   8576fa45c10e Linux 4.1.36
   39f99860357c kbuild: add -fno-PIE
   bf5d3d296abf firewire: net: fix fragmented datagram_size off-by-one
   c604dec3d5a6 firewire: net: guard against rx buffer overflows
   9fe6256c0020 parisc: Ensure consistent state when switching to kernel stack at syscall entry
   83a474ed7003 ovl: fsync after copy-up
   c0b309f18b01 virtio: console: Unlock vqs while freeing buffers
   4fe9ae4d3fcf md: be careful not lot leak internal curr_resync value into metadata. -- (all)
   e1e5cab9b43c md: sync sync_completed has correct value as recovery finishes.
   97d53c4d89e0 scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
   d207c6603fc6 scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded
   169eb57c9e8d drm/radeon/si_dpm: workaround for SI kickers
   c1593e5dcc2a drm/dp/mst: Check peer device type before attempting EDID read
   e5c6bbbcc7be drm/dp/mst: add some defines for logical/physical ports
   dadd5803301f drm/dp/mst: Clear port->pdt when tearing down the i2c adapter
   a2d4bd9c99cc KVM: MIPS: Precalculate MMIO load resume PC
   b05ff0cb0dea KVM: MIPS: Make ERET handle ERL before EXL
   90a107c0b85b drm/radeon: drop register readback in cayman_cp_int_cntl_setup
   9a9a2373142a scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices
   1b15bd739689 Revert "drm/radeon: fix DP link training issue with second 4K monitor"
   5bc028b10d04 powerpc: Convert cmp to cmpd in idle enter sequence
   00a4335dfaa5 drm/radeon/si_dpm: Limit clocks on HD86xx part
   469bc68e081c drm/radeon/si/dpm: add workaround for for Jet parts
   85a2af9f690a USB: serial: cp210x: fix tiocmget error handling
   0854ce492ec3 Input: i8042 - add XMG C504 to keyboard reset table
   0e9bbbdfe9f8 ALSA: hda - Merge RIRB_PRE_DELAY into CTX_WORKAROUND caps
   02426cf24407 mac80211: discard multicast and 4-addr A-MSDUs
   f065a553f36e ubifs: Fix regression in ubifs_readdir()
   5fdb4fad291f GenWQE: Fix bad page access during abort of resource allocation
   55a2f87cd564 mm/list_lru.c: avoid error-path NULL pointer deref
   52e7b6bd8378 btrfs: fix races on root_log_ctx lists
   9f2d48f0745f vt: clear selection before resizing
   93ec720c6f10 tty: limit terminal size to 4M chars
   ca963122cab2 ALSA: usb-audio: Add quirk for Syntek STK1160
   3dc8f1f0decb KEYS: Fix short sprintf buffer in /proc/keys show function
   1f7ff6f7910e hv: do not lose pending heartbeat vmbus packets
   9662d19bab68 mei: txe: don't clean an unprocessed interrupt cause.
   a64291d578dd ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct
   11924cba404d ANDROID: binder: Add strong ref checks
   39709c84807f dm table: fix missing dm_put_target_type() in dm_table_add_target()
   c91812c8ef76 usb: increase ohci watchdog delay to 275 msec
   51b231bd1a95 arm64: KVM: Take S1 walks into account when determining S2 write faults
   bb21e0295064 arm/arm64: KVM: Handle out-of-RAM cache maintenance as a NOP
   7fbfac87fbf5 USB: serial: fix potential NULL-dereference at probe
   605a6960617f xhci: workaround for hosts missing CAS bit
   c23a6dce1147 xhci: add restart quirk for Intel Wildcatpoint PCH
   4c17f91bb370 kvm: x86: memset whole irq_eoi
   9c5e89d59d56 libxfs: clean up _calc_dquots_per_chunk
   d1375c3e4f2e target: Don't override EXTENDED_COPY xcopy_pt_cmd SCSI status code
   ac49951623e1 target: Re-add missing SCF_ACK_KREF assignment in v4.1.y
   eaf55207fe3b ubifs: Abort readdir upon error
   b9ce8700a2e3 UBIFS: Fix possible memory leak in ubifs_readdir()
   cad1ca2a9485 ubifs: Fix xattr_names length in exit paths
   dfeb7e4f30e9 arm64: percpu: rewrite ll/sc loops in assembly
   3c9c01324032 powerpc/mm: Prevent unlikely crash in copro_calculate_slb()
   c1f5e5f89b99 isofs: Do not return EACCES for unknown filesystems
   b15662c8e266 irqchip/gic-v3-its: Fix entry size mask for GITS_BASER
   af17243fc1b4 arm64: kernel: Init MDCR_EL2 even in the absence of a PMU
   c911b72eaff1 USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7
   59eabe8bb60f memstick: rtsx_usb_ms: Manage runtime PM when accessing the device
   86559fc191ca memstick: rtsx_usb_ms: Runtime resume the device when polling for cards
   a89634cf709b mmc: rtsx_usb_sdmmc: Handle runtime PM while changing the led
   e79c2f2f7b30 mmc: rtsx_usb_sdmmc: Avoid keeping the device runtime resumed when unused
   f125e7f2285c mmc: sdhci: cast unsigned int to unsigned long long to avoid unexpeted error
   517052446f36 usb: gadget: function: u_ether: don't starve tx request queue
   66f38bf99faa ceph: fix error handling in ceph_read_iter
   9e9ca450cd93 irqchip/gicv3: Handle loop timeout proper
   88b6c9f4146a drm/radeon: change vblank_time's calculation method to reduce computational error.
   dcf4c1144f3a jbd2: fix incorrect unlock on j_list_lock
   a3da255ead60 scsi: Fix use-after-free
   8df981058e4f mmc: core: Annotate cmd_hdr as __le32
   7ea3d2e9c6aa x86/mm: Expand the exception table logic to allow new handling options

(From OE-Core rev: 41ab5422d4dc62b6e21ccad975b2a22960d3a44b)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.4/4.8: Fix remaining kernel_configcheck warnings in Intel BSPs
Bruce Ashfield [Thu, 8 Dec 2016 17:58:49 +0000 (12:58 -0500)]
linux-yocto/4.4/4.8: Fix remaining kernel_configcheck warnings in Intel BSPs

Integrating the following meta-data change to remove warnings during
kernel configuration checking:

  bec7e0ace0e5 leds.cfg: Remove CONFIG_LEDS_TRIGGER_CPU
  cc857e64ea34 bsp/intel-quark: Remove bosch-pressure-sensor-i2c
  3198ab25af74 features/i2c: Support I2C_MUX by default

(From OE-Core rev: 2cf5fae50a3b7f232ad667c6c60eaa3f2aafd149)

Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: aufs warning and ixgbe calltrace
Bruce Ashfield [Thu, 8 Dec 2016 17:58:48 +0000 (12:58 -0500)]
linux-yocto/4.8: aufs warning and ixgbe calltrace

Integrating the following commits to fix aufs/ixgbe issues:

   Author: Liwei Song <liwei.song@windriver.com>
   Date:   Mon Dec 5 00:50:16 2016 -0500

       ixgbe: initialize u64_stats_sync structures early at ixgbe_probe

       Fix the following CallTrace:
       INFO: trying to register non-static key.
       the code is fine but needs lockdep annotation.
       turning off the locking correctness validator.
       CPU: 71 PID: 1 Comm: swapper/0 Not tainted 4.8.8-WR9.0.0.1_standard #11
       Hardware name: Intel Corporation S2600WTT/S2600WTT,
       BIOS GRNDSDP1.86B.0036.R05.1407140519 07/14/2014
        00200086 00200086 eb5e1ab8 c144dd70 00000000 00000000 eb5e1af8 c10af89a
        c1d23de4 eb5e1af8 00000009 eb5d8600 eb5d8638 eb5e1af8 c10b14d8 00000009
        0000000a c1d32911 00000000 00000000 e44c826c eb5d8000 eb5e1b74 c10b214e
       Call Trace:
        [<c144dd70>] dump_stack+0x5f/0x8f
        [<c10af89a>] register_lock_class+0x25a/0x4c0
        [<c10b14d8>] ? check_irq_usage+0x88/0xc0
        [<c10b214e>] __lock_acquire+0x5e/0x17a0
        [<c1abdb9b>] ? _raw_spin_unlock_irqrestore+0x3b/0x70
        [<c10cf14a>] ? rcu_read_lock_sched_held+0x8a/0x90
        [<c10b3c5f>] lock_acquire+0x9f/0x1f0
        [<c1922dcf>] ? dev_get_stats+0x5f/0x110
        [<c176e6b3>] ixgbe_get_stats64+0x113/0x320
        [<c1922dcf>] ? dev_get_stats+0x5f/0x110
        [<c1922dcf>] dev_get_stats+0x5f/0x110
        [<c1ab5415>] rtnl_fill_stats+0x40/0x105
        [<c193dd45>] rtnl_fill_ifinfo+0x4c5/0xd20
        [<c11c5115>] ? __kmalloc_node_track_caller+0x1a5/0x410
        [<c1917487>] ? __kmalloc_reserve.isra.42+0x27/0x80
        [<c191754f>] ? __alloc_skb+0x6f/0x270
        [<c1942291>] rtmsg_ifinfo_build_skb+0x71/0xd0
        [<c194230a>] rtmsg_ifinfo.part.23+0x1a/0x50
        [<c1923dad>] ? call_netdevice_notifiers_info+0x2d/0x60
        [<c194236b>] rtmsg_ifinfo+0x2b/0x40
        [<c192f997>] register_netdevice+0x3d7/0x4d0
        [<c192faa7>] register_netdev+0x17/0x30
        [<c177b83d>] ixgbe_probe+0x118d/0x1610
        [<c1498202>] local_pci_probe+0x32/0x80
        [<c1498172>] ? pci_match_device+0xd2/0x100
        [<c14991e0>] pci_device_probe+0xc0/0x110
        [<c1652cc5>] driver_probe_device+0x1c5/0x280
        [<c1498172>] ? pci_match_device+0xd2/0x100
        [<c1652e09>] __driver_attach+0x89/0x90
        [<c1652d80>] ? driver_probe_device+0x280/0x280
        [<c165114f>] bus_for_each_dev+0x4f/0x80
        [<c165269e>] driver_attach+0x1e/0x20
        [<c1652d80>] ? driver_probe_device+0x280/0x280
        [<c1652317>] bus_add_driver+0x1a7/0x220
        [<c1653a79>] driver_register+0x59/0xe0
        [<c1f897b8>] ? igb_init_module+0x49/0x49
        [<c1497b2a>] __pci_register_driver+0x4a/0x50
        [<c1f8985d>] ixgbe_init_module+0xa5/0xc4
        [<c1000485>] do_one_initcall+0x35/0x150
        [<c107e818>] ? parameq+0x18/0x70
        [<c1f395d8>] ? repair_env_string+0x12/0x51
        [<c107ead0>] ? parse_args+0x260/0x3b0
        [<c1074f73>] ? __usermodehelper_set_disable_depth+0x43/0x50
        [<c1f39e90>] kernel_init_freeable+0x19b/0x267
        [<c1f395c6>] ? set_debug_rodata+0xf/0xf
        [<c10b1e7b>] ? trace_hardirqs_on+0xb/0x10
        [<c1abdc02>] ? _raw_spin_unlock_irq+0x32/0x50
        [<c1085f0b>] ? finish_task_switch+0xab/0x1f0
        [<c1085ec9>] ? finish_task_switch+0x69/0x1f0
        [<c1ab6a30>] kernel_init+0x10/0x110
        [<c108bd65>] ? schedule_tail+0x25/0x80
        [<c1abe422>] ret_from_kernel_thread+0xe/0x24
        [<c1ab6a20>] ? rest_init+0x130/0x130

       This CallTrace occurred on 32-bit kernel with CONFIG_PROVE_LOCKING
       enabled.

       This happens at ixgbe driver probe hardware stage, when comes to
       ixgbe_get_stats64, the seqcount/seqlock still not initialize, although
       this was initialize in TX/RX resources setup routin, but it was too late,
       then lockdep give this Warning.

       To fix this, move the u64_stats_init function to driver probe stage,
       which before we get the status of seqcount and after the RX/TX ring
       was finished init.

Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
   Author: Kexin(Casey) Chen <Casey.Chen@windriver.com>
   Date:   Tue Nov 29 14:14:07 2016 -0800

       aufs: fix compile warning

       fs/aufs/debug.h:95:19: warning: comparison of constant '0'
       with boolean expression is always false [-Wbool-compare]
          if (unlikely((e) < 0)) \
                           ^

       fs/aufs/vdir.c:852:2: note: in expansion of macro 'AuTraceErr'
          AuTraceErr(!valid);
          ^~~~~~~~~~

       In expansion of AuTraceErr(!valid), comparison of (!valid)
       and constant '0' always passes unlikely(x) false. function
       'static int seek_vdir(struct file *file, struct dir_context *ctx)'
       is to find whether there is a valid vd_deblk following ctx->pos.
       return 1 means valid, 0 for not. Change to AuTraceErr(valid - 1)
       makes more sense.

Signed-off-by: Kexin(Casey) Chen <Casey.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
(From OE-Core rev: ae7d870954cf6a3608933335fedc425677aee0e3)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agodiffutils: do_configure: fix "Argument list too long"
Robert Yang [Mon, 5 Dec 2016 14:54:39 +0000 (06:54 -0800)]
diffutils: do_configure: fix "Argument list too long"

Fixed when len(TMPDIR) =  410:
aclocal: error: cannot open echo [snip]: Argument list too long

This is becuase it has a lot of m4 files, use relative path for them
can fix the problem.

It doesn't happen when MACHINE="qemux86", I think it is because
intel-x86-64 is longer than qemux86.

(From OE-Core rev: 5210ccd61ef52a191454a4587cfeb22079df746d)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel.bbclass: fix kernel_do_compile for KERNEL_IMAGETYPE = "vmlinux.gz" on mips
Andreas Oberritter [Wed, 30 Nov 2016 23:36:51 +0000 (00:36 +0100)]
kernel.bbclass: fix kernel_do_compile for KERNEL_IMAGETYPE = "vmlinux.gz" on mips

The target directory didn't exist.

(From OE-Core rev: bd62851dc236a0279c735b290782602e275de5c1)

Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel.bbclass: do not copy bundled initramfs to /boot
Andreas Oberritter [Wed, 30 Nov 2016 23:36:50 +0000 (00:36 +0100)]
kernel.bbclass: do not copy bundled initramfs to /boot

These files cause warnings because they don't get packaged, now that they
don't land in kernel-vmlinux anymore.

(From OE-Core rev: a49569e3a7534779bbe3f01a0647fd076c95798d)

Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel.bbclass: Avoid wildcards for kernel images
Andreas Oberritter [Wed, 30 Nov 2016 23:36:49 +0000 (00:36 +0100)]
kernel.bbclass: Avoid wildcards for kernel images

With multiple kernel images enabled starting with 'vmlinux', e.g.
vmlinux.gz and vmlinux.bin, all files landed inside the
kernel-vmlinux package.

On top of that, even initramfs images were included, e.g.
vmlinux.gz-initramfs-*.

(From OE-Core rev: b7f4133b44b740e8ac8e758b0d4a3ee32d326332)

Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel.bbclass: Use real filenames in kernel packages
Andreas Oberritter [Wed, 30 Nov 2016 23:36:48 +0000 (00:36 +0100)]
kernel.bbclass: Use real filenames in kernel packages

When iterating over kernel image types to set up their packaging
variables, don't use make targets but the real names.

It was surprising if both vmlinux.bin and vmlinux.gz were enabled
and only the latter had its filename extension removed from the
package name.

(From OE-Core rev: aa189f183e10588f7e8d642f351bd9b8d69f3ea9)

Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel.bbclass: allow uncompressed initramfs archives
Andreas Oberritter [Wed, 30 Nov 2016 23:36:47 +0000 (00:36 +0100)]
kernel.bbclass: allow uncompressed initramfs archives

The code failed to copy the initramfs in case it was a plain
cpio archive.

(From OE-Core rev: 7dbdb4ea91aa027866da2bd46c65fe65a25c848f)

Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agorecipetool: fix encoding-related errors creating python recipes
Paul Eggleton [Sun, 4 Dec 2016 22:11:44 +0000 (11:11 +1300)]
recipetool: fix encoding-related errors creating python recipes

Yet another instance of us expecting a string back from subprocess when
in Python 3 what you get back is bytes. Just decode the output within
run_command() so we avoid this everywhere.

(From OE-Core rev: 103faae78cdff5280c7b7cdb7ca01e0868d02ec9)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agogrub2: enforce -no-pie if supported by compiler
Alexander Kanavin [Fri, 2 Dec 2016 19:14:07 +0000 (21:14 +0200)]
grub2: enforce -no-pie if supported by compiler

Recent distros are enabling -pie by default; in case of grub
we need to turn it off.

(From OE-Core rev: aaff6c99dde3f1058bb3c4b320f27753c6c992ad)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: Fix several CVE issues
Mingli Yu [Wed, 7 Dec 2016 08:01:13 +0000 (16:01 +0800)]
tiff: Fix several CVE issues

Fix CVE-2016-9533, CVE-2016-9534, CVE-2016-9536 and
CVE-2016-9537

External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9533
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9534
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9536
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9537

Patch from:
https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f

(From OE-Core rev: f75ecefee21ef89b147fff9afae01a6f09c93198)

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: Security fix CVE-2016-9538
Mingli Yu [Wed, 7 Dec 2016 08:01:12 +0000 (16:01 +0800)]
tiff: Security fix CVE-2016-9538

* tools/tiffcrop.c: fix read of undefined buffer in
readContigStripsIntoBuffer() due to uint16 overflow.

External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9538

Patch from:
https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f

(From OE-Core rev: 9af5d5ea882c853e4cb15006f990d3814eeea9ae)

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: Security fix CVE-2016-9535
Mingli Yu [Wed, 7 Dec 2016 08:01:11 +0000 (16:01 +0800)]
tiff: Security fix CVE-2016-9535

* libtiff/tif_predict.h, libtiff/tif_predict.c:
Replace assertions by runtime checks to avoid assertions in debug mode,
or buffer overflows in release mode. Can happen when dealing with
unusual tile size like YCbCr with subsampling.

External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9535

Patch from:
https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33

(From OE-Core rev: 61d3feb9cad9f61f6551b43f4f19bfa33cadd275)

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: set CVE NAME
Ross Burton [Wed, 7 Dec 2016 11:26:01 +0000 (11:26 +0000)]
tiff: set CVE NAME

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agosubversion: Fix issues in LDFLAGS sed manipulation
Richard Purdie [Wed, 7 Dec 2016 13:54:18 +0000 (13:54 +0000)]
subversion: Fix issues in LDFLAGS sed manipulation

The existing sed expression can match expressions like
--sysroot=/some/path/xxx-linux/ which clearly isn't intended and
injects incorrect paths into LDFLAGS.

Fix this in the same way we address the problem in CFLAGS. This fixes corrupt
build paths and incorrect paths in .la files amongst other issues.

(From OE-Core rev: 9a8382422ddbb0972dc25b752204f4908bb9857c)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoattr: Convert SSTATEPOSTINSTFUNCS to a do_install_append
Richard Purdie [Wed, 7 Dec 2016 12:07:31 +0000 (12:07 +0000)]
attr: Convert SSTATEPOSTINSTFUNCS to a do_install_append

A SSTATEPOSTINSTFUNCS function here is overkill, just do this in a
do_install_append_class-native and create relative symlinks rather
than absolute ones which would then have to be relocated.

(From OE-Core rev: 518e8d0216b0f42f574e42288804f553b9ff6f99)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agostaging: Drop unused SYSROOT_LOCK
Richard Purdie [Wed, 7 Dec 2016 12:09:56 +0000 (12:09 +0000)]
staging: Drop unused SYSROOT_LOCK

This hasn't been used in years and isn't referenced anywhere, drop
the definition.

(From OE-Core rev: 68258f856f08f35813964e58ef761471e29373ad)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokernel-yocto: exit on non-zero return code
Bruce Ashfield [Fri, 2 Dec 2016 21:09:25 +0000 (16:09 -0500)]
kernel-yocto: exit on non-zero return code

Historically the processing of kernel meta data contained some
commands that exited with a non-zero return code. Special processing
was required to properly deal with their exit.

That is no longer true, and instead of handling all return codes
and doing an explicit 'exit' call, we can remove set -e from the
routine and have all errors be trapped and stop processing.

(From OE-Core rev: 476ffd57cf5b6fba40d4e3f5dd913824ab8a8d3d)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokern-tools: fix processing for no branch meta-data
Bruce Ashfield [Fri, 2 Dec 2016 21:09:24 +0000 (16:09 -0500)]
kern-tools: fix processing for no branch meta-data

Lernel meta-data that has patches, but no branches, can trigger an
error due to no branch specific patch queue.

This error then cascades to more issues since the tools are using
a named file in /tmp to store and display error messages to the
user.

We fix both issues though the following kern tools tweaks:

  commit bd9e1d6c9b0a34ff3e19a06999aaf57ffadfd04c
  Author: Bruce Ashfield <bruce.ashfield@windriver.com>
  Date:   Fri Dec 2 13:09:40 2016 -0500

    scc: use mktemp for consolidated output capture

    To provide useful error messages the tools dump pre-processed
    files and messages to a temporary file. If multiple users are
    doing builds, this means they either race, or can have permissions
    issues.

    By creating the temporary file via mktemp, we avoid both issues.
    (We also make sure to clean these up on exit, or /tmp will get
    polluted quickly).

  commit a287da4bfe0b4acb8f2b0627bd8e7abd1a1dde26
  Author: Bruce Ashfield <bruce.ashfield@windriver.com>
  Date:   Fri Dec 2 13:08:08 2016 -0500

    patch: do not assume a branch specific patch queue is needed

    When processing input files per-branch and global patch queues are
    generated. If the meta-data has not created any branches in the
    repo, no branch specific queue is required.

    The tools assumed that one is always valid, and hence would throw a
    non-zero exit code and stop processing.

    By testing for a named per-branch queue, we avoid this issue.

(From OE-Core rev: 0fd7da7375f0dcc59b56791fd482de557507c04c)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto-dev: update to 4.9-rcX
Bruce Ashfield [Fri, 2 Dec 2016 21:09:23 +0000 (16:09 -0500)]
linux-yocto-dev: update to 4.9-rcX

(From OE-Core rev: 27c53cb8d0f1d408cb9791697305187944ad07b9)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: update to v4.8.10
Bruce Ashfield [Fri, 2 Dec 2016 21:09:22 +0000 (16:09 -0500)]
linux-yocto/4.8: update to v4.8.10

Integrating the 4.8.9 and 4.8.10 -stable updates. The commit log is
as follows:

   cf5ae2989a32 Linux 4.8.10
   5cd8f6788ff3 usb: gadget: f_fs: stop sleeping in ffs_func_eps_disable
   e2458382c792 usb: gadget: f_fs: edit epfile->ep under lock
   e34a0f1c53b5 sparc64: Delete now unused user copy fixup functions.
   af97481a6f5b sparc64: Delete now unused user copy assembler helpers.
   ac663c54f40b sparc64: Convert U3copy_{from,to}_user to accurate exception reporting.
   d91bb7a87e26 sparc64: Convert NG2copy_{from,to}_user to accurate exception reporting.
   a15859f9d839 sparc64: Convert NGcopy_{from,to}_user to accurate exception reporting.
   bb522726d311 sparc64: Convert NG4copy_{from,to}_user to accurate exception reporting.
   b0580eadc19f sparc64: Convert U1copy_{from,to}_user to accurate exception reporting.
   50e927483ccf sparc64: Convert GENcopy_{from,to}_user to accurate exception reporting.
   620ec41010d1 sparc64: Convert copy_in_user to accurate exception reporting.
   bf4d0da8e800 sparc64: Prepare to move to more saner user copy exception handling.
   bbbab9f59ea7 sparc64: Delete __ret_efault.
   81a91edbb91a sparc64: Handle extremely large kernel TLB range flushes more gracefully.
   7f8a50eb38d3 sparc64: Fix illegal relative branches in hypervisor patched TLB cross-call code.
   f7ef55af2f1b sparc64: Fix instruction count in comment for __hypervisor_flush_tlb_pending.
   2a28ab3d4148 sparc64: Fix illegal relative branches in hypervisor patched TLB code.
   f4fb552a033e sparc64: Handle extremely large kernel TSB range flushes sanely.
   51915c6d9070 sparc: Handle negative offsets in arch_jump_label_transform
   da6fe239ceff spi: spidev_test: fix build with musl libc
   4ea98e573d65 net: stmmac: Fix lack of link transition for fixed PHYs
   150b491b1b88 sctp: change sk state only when it has assocs in sctp_shutdown
   5235fcfa6cf8 bnx2: Wait for in-flight DMA to complete at probe stage
   6523ff2e27fe Revert "bnx2: Reset device during driver initialization"
   224fb8cbefb2 mlxsw: spectrum_router: Correctly dump neighbour activity
   9092bbd64bd9 mlxsw: spectrum: Fix refcount bug on span entries
   5712922773b5 Revert "include/uapi/linux/atm_zatm.h: include linux/time.h"
   2b5f22e4f7fd tcp: take care of truncations done by sk_filter()
   22a78d4c7f43 ipv4: use new_gw for redirect neigh lookup
   bccb4093d464 net: __skb_flow_dissect() must cap its return value
   a1632e969a55 net: icmp_route_lookup should use rt dev to determine L3 domain
   9885f474d92b sock: fix sendmmsg for partial sendmsg
   b78ba0a0f231 fib_trie: Correct /proc/net/route off by one error
   92fd1c1f2fd2 net: icmp6_send should use dst dev to determine L3 domain
   09ee09498bca bpf: fix htab map destruction when extra reserve is in use
   de289ad2e575 sctp: assign assoc_id earlier in __sctp_connect
   76b5fee5cfa0 ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped
   84d9c612bb7a ipv6: dccp: fix out of bound access in dccp_v6_err()
   ba93cf7d2118 dccp: fix out of bound access in dccp_v4_err()
   378a61101374 dccp: do not send reset to already closed sockets
   72b03e549b95 dccp: do not release listeners too soon
   b3523a0773ed tcp: fix return value for partial writes
   1f49cc6fa91c ipv4: allow local fragmentation in ip_finish_output_gso()
   842a858fa048 tcp: fix potential memory corruption
   fc3b825f2c81 ip6_tunnel: Clear IP6CB in ip6tunnel_xmit()
   f5f4b71d5632 bgmac: stop clearing DMA receive control register right after it is set
   0c7f764d2c6a net: mangle zero checksum in skb_checksum_help()
   ac22a3ba0796 net: clear sk_err_soft in sk_clone_lock()
   5b078dc6fb64 dctcp: avoid bogus doubling of cwnd after loss
   876577321657 Linux 4.8.9
   07d00beb1e04 netfilter: fix namespace handling in nf_log_proc_dostring
   8ef009e09c13 drm/i915: Fix mismatched INIT power domain disabling during suspend
   88a45e5d2c0d drm/amdgpu: fix a vm_flush fence leak
   25ed6e4b0b65 drm/amdgpu: fix fence slab teardown
   de5e9aa77a3c NFSv4.1: work around -Wmaybe-uninitialized warning
   18c801047a18 libceph: fix legacy layout decode with pool 0
   53c1792b94da memcg: prevent memcg caches to be both OFF_SLAB & OBJFREELIST_SLAB
   02e1ee6b3e1c mmc: mxs: Initialize the spinlock prior to using it
   ce0702e35aeb pinctrl: iproc: Fix iProc and NSP GPIO support
   320244ac9eb6 ASoC: sun4i-codec: return error code instead of NULL when create_card fails
   2140d4fd9277 ASoC: Intel: Skylake: Always acquire runtime pm ref on unload
   5037fdbc62c2 gpio: of: fix GPIO drivers with multiple gpio_chip for a single node
   7a9239fd0480 gpio/mvebu: Use irq_domain_add_linear
   6de98e87effb batman-adv: Modify neigh_list only with rcu-list functions
   a3f000ce7b44 ACPI/PCI: pci_link: Include PIRQ_PENALTY_PCI_USING for ISA IRQs
   6c76dd0c7066 ACPI/PCI: pci_link: penalize SCI correctly
   86c711665c84 ACPI/PCI/IRQ: assign ISA IRQ directly during early boot stages
   ad185d9251e1 ACPI / APEI: Fix incorrect return value of ghes_proc()
   b55ebc89ab1d mmc: sdhci-msm: Fix error return code in sdhci_msm_probe()
   85284c0850f9 i40e: fix call of ndo_dflt_bridge_getlink()
   1242c9dfab0c hwrng: core - Don't use a stack buffer in add_early_randomness()
   c1a2ada73dac lib/genalloc.c: start search from start of chunk
   06bb5ebedbb4 s390/dumpstack: restore reliable indicator for call traces
   1ef1bd02ad23 rtc: pcf2123: Add missing error code assignment before test
   4baabb72e9dd clk: samsung: clk-exynos-audss: Fix module autoload
   3bbdbd8aa3c8 x86/build: Fix build with older GCC versions
   f5eadc27a60c Revert "clocksource/drivers/timer_sun5i: Replace code by clocksource_mmio_init"
   645a6b823739 nvme: Delete created IO queues on reset
   07c4cbe01341 svcrdma: Tail iovec leaves an orphaned DMA mapping
   4131e00a436e svcrdma: Skip put_page() when send_reply() fails
   755ab7aa1466 mei: bus: fix received data size check in NFC fixup
   d1b564536c6a perf top: Fix refreshing hierarchy entries on TUI
   6ac4e06b717f Input: synaptics-rmi4 - fix error handling in I2C transport driver
   d3716f1b3e4b Input: synaptics-rmi4 - fix error handling in SPI transport driver
   66503ec38f34 watchdog: core: Fix devres_alloc() allocation size
   c5e9e5cc8cd1 agp/intel: Flush chipset writes after updating a single PTE
   813617a4c8dc iommu/vt-d: Fix dead-locks in disable_dmar_iommu() path
   b6ef0b142208 iommu/amd: Free domain id when free a domain of struct dma_ops_domain
   2ef38255b588 iommu/io-pgtable-arm: Check for v7s-incapable systems
   d3d9428d7133 xprtrdma: Fix DMAR failure in frwr_op_map() after reconnect
   31c749bee3de xprtrdma: use complete() instead complete_all()
   67080e2785a3 drm/amd: fix scheduler fence teardown order v2
   b0da5ab2ffb5 drm/amdgpu: fix sched fence slab teardown
   920a85ba4306 tty/serial: at91: fix hardware handshake on Atmel platforms
   9d76a886eb2f drm/amdgpu: fix crash in acp_hw_fini
   6e652d18d73d drm/amdgpu: disable runtime pm in certain cases
   8c8fdc683295 drm/i915/dp: Extend BDW DP audio workaround to GEN9 platforms
   db8e005bf2ba drm/i915/dp: BDW cdclk fix for DP audio
   f50b7450a8e4 drm/i915: Respect alternate_ddc_pin for all DDI ports
   e1b24f6a0b3c drm/radeon: disable runtime pm in certain cases
   eb13abb0e515 KVM: arm/arm64: vgic: Prevent access to invalid SPIs
   2850fad5acb0 scsi: scsi_dh_alua: Fix a reference counting bug
   5fac70d772a4 scsi: scsi_dh_alua: fix missing kref_put() in alua_rtpg_work()
   f29bcd11a170 scsi: mpt3sas: Fix for block device of raid exists even after deleting raid disk
   b2040deabb07 scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init
   1281b9683f96 iio: st_sensors: fix scale configuration for h3lis331dl
   4dfb6d1dd11d iio: orientation: hid-sensor-rotation: Add PM function (fix non working driver)
   341c5534edad iio: hid-sensors: Increase the precision of scale to fix wrong reading interpretation.
   b9d031f354da cdc-acm: fix uninitialized variable
   c480880cd12c clk: qoriq: Don't allow CPU clocks higher than starting value
   ee27fd32c499 toshiba-wmi: Fix loading the driver on non Toshiba laptops
   f713523a234c drbd: Fix kernel_sendmsg() usage - potential NULL deref
   31da266e4b9a usb: gadget: u_ether: remove interrupt throttling
   264e4131a167 USB: cdc-acm: fix TIOCMIWAIT
   c12c24eeaf77 usb: dwc3: Fix error handling for core init
   6b95417150b7 staging: nvec: remove managed resource from PS2 driver
   82239ab105a5 Revert "staging: nvec: ps2: change serio type to passthrough"
   529789866abe drivers: staging: nvec: remove bogus reset command for PS/2 interface
   dea774aac054 staging: comedi: ni_tio: fix buggy ni_tio_clock_period_ps() return value
   5d510185f99a staging: sm750fb: Fix bugs introduced by early commits
   45983d678b70 staging: iio: ad5933: avoid uninitialized variable in error case
   5289e59246dd mmc: mmc: Use 500ms as the default generic CMD6 timeout
   ce4dfe7d927e mmc: sdhci: Fix unexpected data interrupt handling
   bde8d3f73375 mmc: sdhci: Fix CMD line reset interfering with ongoing data transfer
   10d24701f3f4 cpupower: Correct return type of cpu_power_is_cpu_online() in cpufreq-set
   f062e738c19b pinctrl: cherryview: Prevent possible interrupt storm on resume
   1d99fe3317e3 pinctrl: cherryview: Serialize register access in suspend/resume
   f5ad96462615 arc: Implement arch-specific dma_map_ops.mmap
   004e7c97f181 PCI: Don't attempt to claim shadow copies of ROM
   7fac0361f94e ARC: timer: rtc: implement read loop in "C" vs. inline asm
   4058116db4d0 s390/hypfs: Use get_free_page() instead of kmalloc to ensure page alignment
   2f3e0b82ebe9 coredump: fix unfreezable coredumping task
   d6ee4f47e2e7 mm/hugetlb: fix huge page reservation leak in private mapping error paths
   e87bf4f558f1 mm: hwpoison: fix thp split handling in memory_failure()
   67c79e166d46 swapfile: fix memory corruption via malformed swapfile
   c87739e5d029 shmem: fix pageflags after swapping DMA32 object
   5b5243b606ec mm, frontswap: make sure allocated frontswap map is assigned
   2e594273d4c5 dib0700: fix nec repeat handling
   9964230320d5 ASoC: cs4270: fix DAPM stream name mismatch
   9386a722d250 ALSA: info: Limit the proc text input size
   c3ea1b15b71e ALSA: info: Return error for invalid read/write

(From OE-Core rev: b5e43be6aaf912cf6c679ee98ed61cf34dd00ee8)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoparselogs: Whitelist GPT warnings as the device is fully functional
Jair Gonzalez [Wed, 30 Nov 2016 20:43:02 +0000 (14:43 -0600)]
parselogs: Whitelist GPT warnings as the device is fully functional

The warning occurs when the GPT image is not the same size than the
media into which it's being flashed, causing the backup GPT table
not being at the end of the disk. However, this is expected as the
image is created before having the information about the destination
media. The error is harmless, so it will be whitelisted.

Fixes [YOCTO 10481].

(From OE-Core rev: 5cc5cdc788308a79f8f0706e6d794c602ef427ed)

Signed-off-by: Jair Gonzalez <jair.de.jesus.gonzalez.plascencia@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoparselogs.py: Whitelist iwlwifi firmware load error messages
California Sullivan [Tue, 29 Nov 2016 20:28:18 +0000 (12:28 -0800)]
parselogs.py: Whitelist iwlwifi firmware load error messages

The iwlwifi module of any given kernel has a minimum and maximum
supported firmware version. The kernel begins by attempting to load the
maximum version, and decrements until it is successful. The 4.8 kernel's
maximum supported firmware version is 24, but thus far only 22 has been
released, meaning we get errors for 24 and 23.

Filter out iwlwifi firmware load error messages, as they are not
necessarily indicative of real problems.

(From OE-Core rev: 7df570c2310efac8f9898da15deaac2b7df16655)

Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoscripts/send-pull-request: Avoid multiple chain headers
Patrick Ohly [Tue, 29 Nov 2016 08:55:10 +0000 (09:55 +0100)]
scripts/send-pull-request: Avoid multiple chain headers

When creating a patch set with cover letter using the
send-pull-request script, both the "In-Reply-To" and "References"
headers are appended twice in patch 2 and subsequent.

That's because git-format-patch already inserted them and then
git-send-email repeats that. Suppressing mail threading in
git-send-email with --no-thread avoids the problem and is the
right solution because it works regardless whether git-send-email is
called once or twicee.

Repeating these headers is a violation of RFC 2822 and can confuse
mail programs. For example, Patchwork does not detect a patch series
problem when there are these extra headers.

[YOCTO #10718]

(From OE-Core rev: 303a1aa3df43eb0b693d8602062fa33c4a08fdd6)

Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoterminal.py: Pass string instead of bytes to ExecutionError to avoid exception
Martin Vuille [Sun, 27 Nov 2016 20:02:37 +0000 (15:02 -0500)]
terminal.py: Pass string instead of bytes to ExecutionError to avoid exception

Based on run() in bitbake/lib/bb/process.py, ExecutionError() expects strings
not bytes. Passing bytes results in a "TypeError: Can't convert 'bytes' object
to str implicitly" exception.

Fixes Bug 10729

(From OE-Core rev: 063b63d4d324c23322ac1b6b7c7928e725d7b968)

Signed-off-by: Martin Vuille <jpmv27@yahoo.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolibxml2: Security fix CVE-2016-5131
Yi Zhao [Mon, 28 Nov 2016 09:55:40 +0000 (17:55 +0800)]
libxml2: Security fix CVE-2016-5131

CVE-2016-5131 libxml2: Use-after-free vulnerability in libxml2 through
2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to the XPointer range-to function.

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131

Patch from:
https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e

(From OE-Core rev: 640bd2b98ff33e49b42f1087650ebe20d92259a4)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: Security fix CVE-2016-9539
Zhixiong Chi [Mon, 28 Nov 2016 09:52:13 +0000 (17:52 +0800)]
tiff: Security fix CVE-2016-9539

tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in
readContigTilesIntoBuffer(). Reported as MSVR 35092.

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9539

Patch from:
https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53

(From OE-Core rev: 58bf0a237ca28459eb8c3afa030c0054f5bc1f16)

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: Security fix CVE-2016-9540
Zhixiong Chi [Mon, 28 Nov 2016 08:12:04 +0000 (16:12 +0800)]
tiff: Security fix CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled
images with odd tile width versus image width. Reported as MSVR 35103,
aka "cpStripToTile heap-buffer-overflow."

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9540

Patch from:
https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3

(From OE-Core rev: cc97dc66006c7892473e3b4790d05e12445bb927)

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoslang: Disable parallel make install
David Vincent [Thu, 24 Nov 2016 09:46:09 +0000 (10:46 +0100)]
slang: Disable parallel make install

Installation task fails if run in parallel. This case happens if we
define PARALLEL_MAKEINST to a different value of PARALLEL_MAKE.

(From OE-Core rev: bbe59d7c49b540d65c871666c95cc89a23cab474)

Signed-off-by: David Vincent <freesilicon@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agosystemd.bbclass: don't block on service restart
Mark Asselstine [Fri, 25 Nov 2016 04:17:14 +0000 (23:17 -0500)]
systemd.bbclass: don't block on service restart

The current class works fine when a recipe uses SYSTEMD_AUTO_ENABLE
'enable' and has no on device pkg_postinst(), ie when the postinst is
run as part of rootfs creation.  However, when there is a component of
pkg_postinst() that is run on device the 'systemctl restart' is run as
part of the run_postinsts.service at boot. This results in the boot
spinning indefinitely with:

[ *** ] A start job is running for Run pending postinsts (7s / no limit)

The issue could potentially be that the packages service has an
'After' clause which comes later in the boot, beyond
run_postinsts.service, creating a chicken before the egg
scenario. Even service files without an 'After' clause cause this
situation however. Despite this not being the cause of the issue this
fix will prevent this scenario from happenning.

Using strace we are able to find that during boot, when
run_postinsts.service is running attempting to start or restart any
service will result in the call get stuck on poll(). Since the
run_postinsts.service does not monitor the outcome of the call to
restart we can work around this by using '--no-block'.

(From OE-Core rev: 6ad6a0084a73088fc2a27ab9958e5c46d6e094fc)

Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoperl: Fix ptest update hash of ExtUtils/Liblist/Kid.pm in customized.dat
Aníbal Limón [Thu, 24 Nov 2016 21:06:03 +0000 (15:06 -0600)]
perl: Fix ptest update hash of ExtUtils/Liblist/Kid.pm in customized.dat

The perl ptest is failing due to a patch changes the file
ExtUtils/Liblist/Kid.pm and the customized.dat file wasn't updated.

[YOCTO #8656]

(From OE-Core rev: 0ed3cc09e3988367fa57bd08fb7db12b7fb9dabe)

Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoqemux86*.conf: set wic-related parameters
Ed Bartosh [Thu, 24 Nov 2016 14:40:38 +0000 (16:40 +0200)]
qemux86*.conf: set wic-related parameters

Set directdisk.wks as default wks to use for qemux86 machines.
Set requried dependeincies to build directdisk image.

This should simplify building wic images for qemux86* machines.
It should be enough to add wic to the list of IMAGE_FSTYPES to get
the images built.

[YOCTO #10637, YOCTO #8719]

(From OE-Core rev: 8716b8b9be05e3f140bfa426a8e0d4eeaa2edcbe)

Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agopseudo: include fix for xattr corruption
Patrick Ohly [Thu, 24 Nov 2016 10:28:59 +0000 (11:28 +0100)]
pseudo: include fix for xattr corruption

pseudo_1.8.1.bb gets the backported patch and pseudo_git.bb gets
updated to include the commit.

(From OE-Core rev: 4e98f3a6e6f61d9d9037ac828b9c4869f7e11458)

Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agomesa: make sure GLES3 headers are installed
Samuli Piippo [Wed, 23 Nov 2016 14:36:37 +0000 (16:36 +0200)]
mesa: make sure GLES3 headers are installed

Since there is no libgles3-mesa package that would pull in the headers,
add dependency to libgles2-mesa-dev. Now there no need to manually add
GLES3 headers to image or toolchain.

(From OE-Core rev: a93bbfa096cd7de8e935c6c2d2ad98d72a1c297f)

Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoinsane: rewrite the expanded-d test as a QAPKGTEST
Ross Burton [Thu, 24 Nov 2016 20:37:48 +0000 (20:37 +0000)]
insane: rewrite the expanded-d test as a QAPKGTEST

Instead of being executed for every file in every package, this is now just
called for each package.  It is also now correctly called for packages which
don't have any content but do have postinst scripts.

[ YOCTO #10711 ]

(From OE-Core rev: afda72b2424528eaff9054327530bdf5654bec66)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoinsane: add QAPKGTEST, a package-wide equivilant to QAPATHTEST
Ross Burton [Thu, 24 Nov 2016 20:26:44 +0000 (20:26 +0000)]
insane: add QAPKGTEST, a package-wide equivilant to QAPATHTEST

QAPATHTEST defines a function that is executed for every file in every package.
For tests which just need to look at the datastore this is massive overkill.

Add QAPKGTEST, which is invoked for each package in the recipe.

(From OE-Core rev: acc3cc26099c77e4eeb44c75bc7167ab58ef1147)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoinsane: factor out the test matrix processing
Ross Burton [Thu, 24 Nov 2016 18:02:40 +0000 (18:02 +0000)]
insane: factor out the test matrix processing

Pull the test matrix processing out as a function so it can be reused.

(From OE-Core rev: 3caccd3f6079b7e284d32e1eb0217107425e7bf8)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoinsane: fix expanded-d test
Ross Burton [Thu, 24 Nov 2016 11:24:26 +0000 (11:24 +0000)]
insane: fix expanded-d test

This test should be looking for the expanded value of ${D} in the expanded value
of pkg_postinst and so on, but one of the getVar() calls was passing
expand=False so the test would never be true.

(From OE-Core rev: cc545044cba51317bee32e3bf674723e422e3a8a)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoinsane: Add aarch64 baremetal mappings to the QA arch test
Alexandre Belloni [Wed, 23 Nov 2016 13:03:49 +0000 (14:03 +0100)]
insane: Add aarch64 baremetal mappings to the QA arch test

Add mappings for aarch64-elf and aarch64_be-elf to binary lookup table
which allows for the generation of baremetal toolchains.

(From OE-Core rev: e90a1c4b8fd7baa738eb4683e5eac60905e04296)

Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoarch-arm64.inc: Include arch-armv7ve.inc
Khem Raj [Wed, 23 Nov 2016 09:28:06 +0000 (01:28 -0800)]
arch-arm64.inc: Include arch-armv7ve.inc

All armv8 implementations from a53 - a73 supports
virtual extentions

(From OE-Core rev: f896375c60d8ce0f1293f5329163172e946f46df)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agokern-tools: error checking and tree generation fixes
Bruce Ashfield [Wed, 16 Nov 2016 14:24:35 +0000 (09:24 -0500)]
kern-tools: error checking and tree generation fixes

During processing of the kernel meta data the kern tools were
not properly exiting on syntax errors or invalid commands.

Noticing and debugging these issues wasn't trivial. To make this
easier, we now trap the error and dump the offending meta-data
for the user to see.

There was also an issue with creating branches during tree
generation, which is resolved by always switching to the
active branch.

The following are the commit logs of the changes themselves:

[
  commit b36f6f9a5695f2084b83823393e13ca42284bed9
  Author: Paul Gortmaker <paul.gortmaker@windriver.com>
  Date:   Sat Oct 22 17:23:25 2016 -0400

      kgit-scc: dont mention meta-repo in help ; it doesnt exist

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
  commit 08463d684c1952e74c25344cddace4c3f24c739d
  Author: Bruce Ashfield <bruce.ashfield@windriver.com>
  Date:   Mon Oct 31 14:30:12 2016 -0400

      scc: exit on error

      If there is an error in the processing of the input files, scc
      should exit and inform the user.

      scc is executed on a combined/preprocessed file and as a result
      it doesn't have the granularity to see each input file individually.

      Rather than moving preprocessing into scc (from spp), we can trap
      the line number of the error and dump context around the line.
      This gives the user a pointer to the input file and the specific
      line that caused the problem.

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
  commit bf99953e8ac14cee653e559f2d4a6022c847a182
  Author: Bruce Ashfield <bruce.ashfield@windriver.com>
  Date:   Fri Oct 28 21:23:27 2016 -0400

      kgit-meta: always checkout branches on branch commands

      During a tree generation we must always make the branch active when
      we see any kind of branch command. This ensures that any subsequent
      patches are applied in the proper context.

      Previously, only branch creation was changing the active branch, and
      this mean that tree generation was not determinstic and relied
      on the order of processing to generate a correct tree.

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
]

(From OE-Core rev: 83d10e2acef936b1f38804988f10eafa48db36f9)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.4: update to v4.4.32
Bruce Ashfield [Wed, 16 Nov 2016 14:24:34 +0000 (09:24 -0500)]
linux-yocto/4.4: update to v4.4.32

Updating from v4.4.30 -> v4.4.32. The shortlog summary of the changes
follows:

   4dab3e4df994 Linux 4.4.32
   ae94da4c53b7 scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression
   2be0548e64f1 drm/radeon: fix DP mode validation
   ccc31f819918 drm/radeon/dp: add back special handling for NUTMEG
   227994b52c73 drm/amdgpu: fix DP mode validation
   2e8cfc1fe985 drm/amdgpu/dp: add back special handling for NUTMEG
   72c13445dfb4 KVM: MIPS: Drop other CPU ASIDs on guest MMU changes
   c57deabd2b17 Revert KVM: MIPS: Drop other CPU ASIDs on guest MMU changes
   e28a472742bf of: silence warnings due to max() usage
   d21daf7f3ee8 packet: on direct_xmit, limit tso and csum to supported devices
   bd891f40f04f sctp: validate chunk len before actually using it
   7c230d0e546a net sched filters: fix notification of filter delete with proper handle
   d46c76765da6 udp: fix IP_CHECKSUM handling
   80d59090d4e3 net: sctp, forbid negative length
   1a680e543f84 ipv4: use the right lock for ping_group_range
   827ada2d671b ipv4: disable BH in set_ping_group_range()
   3cb00b90e8b1 net: add recursion limit to GRO
   02558fa0e061 rtnetlink: Add rtnexthop offload flag to compare mask
   ebfbfc2e4df8 bridge: multicast: restore perm router ports on multicast enable
   f467184e2323 net: pktgen: remove rcu locking in pktgen_change_name()
   e635b4766174 ipv6: correctly add local routes when lo goes up
   f9d4850af3c8 ip6_tunnel: fix ip6_tnl_lookup
   705b5aca17c3 ipv6: tcp: restore IP6CB for pktoptions skbs
   6d123f1d396b netlink: do not enter direct reclaim from netlink_dump()
   d72cb5fb36bd packet: call fanout_release, while UNREGISTERING a netdev
   63091b2c1dea net: Add netdev all_adj_list refcnt propagation to fix panic
   9edbf4a0b60b net/sched: act_vlan: Push skb->data to mac_header prior calling skb_vlan_*() functions
   bb7ffb6b68a9 net: pktgen: fix pkt_size
   bc5d8ced3c98 net: fec: set mac address unconditionally
   0ee4acb7b3be tg3: Avoid NULL pointer dereference in tg3_io_error_detected()
   6eb0061fa630 ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route
   4f312a802994 ip6_gre: fix flowi6_proto value in ip6gre_xmit_other()
   aadcd6a96010 tcp: fix a compile error in DBGUNDO()
   ac40148543c5 tcp: fix wrong checksum calculation on MTU probing
   d2e01b15657c net: avoid sk_forward_alloc overflows
   a35ce624a3ae tcp: fix overflow in __tcp_retransmit_skb()
   beb996c1c399 Linux 4.4.31
   78bd7c9bf60b HID: usbhid: add ATEN CS962 to list of quirky devices
   69e14ce88389 ubi: fastmap: Fix add_vol() return value test in ubi_attach_fastmap()
   91e1f7b0eb25 kvm: x86: Check memopp before dereference (CVE-2016-8630)
   62fa839b8fff tty: vt, fix bogus division in csi_J
   93fe5c7bb4e0 usb: dwc3: Fix size used in dma_free_coherent()
   4b06152a4822 pwm: Unexport children before chip removal
   353bbacfd57f UBI: fastmap: scrub PEB when bitflips are detected in a free PEB EC header
   1d79b67c4a8a Disable "frame-address" warning
   c5b2cd97b1d3 smc91x: avoid self-comparison warning
   603c78000f8c cgroup: avoid false positive gcc-6 warning
   8a618bc7e586 drm/exynos: fix error handling in exynos_drm_subdrv_open
   26a5f0596ff2 mm/cma: silence warnings due to max() usage
   58fca2f1563b ARM: 8584/1: floppy: avoid gcc-6 warning
   f0b13816ad4f powerpc/ptrace: Fix out of bounds array access warning
   eeae15feceaf x86/xen: fix upper bound of pmd loop in xen_cleanhighmap()
   95f2bdbe50d0 perf build: Fix traceevent plugins build race
   9702108e3def drm/dp/mst: Check peer device type before attempting EDID read
   1262212d3b8e drm/radeon: drop register readback in cayman_cp_int_cntl_setup
   1734d4e14221 drm/radeon/si_dpm: workaround for SI kickers
   231be2b99e4a drm/radeon/si_dpm: Limit clocks on HD86xx part
   4b32256b2706 Revert "drm/radeon: fix DP link training issue with second 4K monitor"
   a1ffa7c37a4c mmc: dw_mmc-pltfm: fix the potential NULL pointer dereference
   c77a2346226e scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
   69ee0ed0c6f9 scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded
   9075faf1406c scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices
   d9237e75fd74 mac80211: discard multicast and 4-addr A-MSDUs
   1d22568ce5ed firewire: net: fix fragmented datagram_size off-by-one
   46e14262a063 firewire: net: guard against rx buffer overflows
   304cc8b5b437 Input: i8042 - add XMG C504 to keyboard reset table
   daac9e1c85c9 dm mirror: fix read error on recovery after default leg failure
   88586a4f884c virtio: console: Unlock vqs while freeing buffers
   50e1c4d90aff virtio_ring: Make interrupt suppression spec compliant
   f2d9107bd0a0 parisc: Ensure consistent state when switching to kernel stack at syscall entry
   e3d312c435dd ovl: fsync after copy-up
   ab69d3a03e22 KVM: MIPS: Make ERET handle ERL before EXL
   159766dff4d4 KVM: x86: fix wbinvd_dirty_mask use-after-free
   cb270a3f1666 dm: free io_barrier after blk_cleanup_queue call
   f49f9df84eb2 USB: serial: cp210x: fix tiocmget error handling
   00877d139396 tty: limit terminal size to 4M chars
   e8a806797070 xhci: add restart quirk for Intel Wildcatpoint PCH
   fde4a5f237ab hv: do not lose pending heartbeat vmbus packets
   3425e397fb23 vt: clear selection before resizing
   dc1555e670c3 Fix potential infoleak in older kernels
   bd5cc3294de3 GenWQE: Fix bad page access during abort of resource allocation
   ce423aca0126 usb: increase ohci watchdog delay to 275 msec
   54af73d02eb4 xhci: use default USB_RESUME_TIMEOUT when resuming ports.
   a98f0e91b0fc USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7
   f2ecc94504f4 USB: serial: fix potential NULL-dereference at probe
   660c04e8f174 usb: gadget: function: u_ether: don't starve tx request queue
   c0510383011f mei: txe: don't clean an unprocessed interrupt cause.
   dc70a200aac2 ubifs: Fix regression in ubifs_readdir()
   0222377bb2cb ubifs: Abort readdir upon error
   f0d6ba518421 btrfs: fix races on root_log_ctx lists
   8910c3388253 ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct
   14f09e8e7cd8 ANDROID: binder: Add strong ref checks
   c5be1e1314ee ALSA: hda - Fix headset mic detection problem for two Dell laptops
   34a8b859da9f ALSA: hda - Adding a new group of pin cfg into ALC295 pin quirk table
   4a30dbab6584 ALSA: hda - allow 40 bit DMA mask for NVidia devices
   b0b3d37edb19 ALSA: hda - Raise AZX_DCAPS_RIRB_DELAY handling into top drivers
   aa72457de77b ALSA: hda - Merge RIRB_PRE_DELAY into CTX_WORKAROUND caps
   d08ae42a106d ALSA: usb-audio: Add quirk for Syntek STK1160
   940d7ecbc57c KEYS: Fix short sprintf buffer in /proc/keys show function
   299991298b04 mm: memcontrol: do not recurse in direct reclaim
   9fa32e04f810 mm/list_lru.c: avoid error-path NULL pointer deref
   fd9e4cea96df libxfs: clean up _calc_dquots_per_chunk
   0daca12d6774 h8300: fix syscall restarting
   44084f15b706 drm/dp/mst: Clear port->pdt when tearing down the i2c adapter
   4125fe7f8d31 i2c: core: fix NULL pointer dereference under race condition
   eeb1846df1c8 i2c: xgene: Avoid dma_buffer overrun

(From OE-Core rev: cdc73ef471c9bf304810a7457c0cb10116d70ef1)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: update from v4.8.6 -> v4.8.8
Bruce Ashfield [Wed, 16 Nov 2016 14:24:33 +0000 (09:24 -0500)]
linux-yocto/4.8: update from v4.8.6 -> v4.8.8

Updating to the korg -stable release 4.8.8. The short log change
summary follows:

   61385cc1db42 Linux 4.8.8
   8ed841d6c045 scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression
   32f60e9b621f scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices
   eb2ca7aac349 usb: dwc3: gadget: properly account queued requests
   38db26fb3ae5 arch/powerpc: Update parameters for csum_tcpudp_magic & csum_tcpudp_nofold
   a143c6022cef packet: on direct_xmit, limit tso and csum to supported devices
   a6289d9ac3fe ip6_tunnel: Update skb->protocol to ETH_P_IPV6 in ip6_tnl_xmit()
   c9e086b9009a sctp: validate chunk len before actually using it
   5a37dce1b679 net sched filters: fix notification of filter delete with proper handle
   d46b19687fec net: ipv6: Do not consider link state for nexthop validation
   eb77db88ea11 macsec: Fix header length if SCI is added if explicitly disabled
   027ab3b8ee5a netvsc: fix incorrect receive checksum offloading
   b75edf27a6c3 udp: fix IP_CHECKSUM handling
   5ee356021c42 sctp: fix the panic caused by route update
   d90cbfaf5439 net: sctp, forbid negative length
   64774617da37 net: fec: Call swap_buffer() prior to IP header alignment
   c6c82c2b707e ipv4: use the right lock for ping_group_range
   8418193f7052 ipv4: disable BH in set_ping_group_range()
   23c110c4cdbc net: add recursion limit to GRO
   d3bbd04b92fd net: core: Correctly iterate over lower adjacency list
   fc5722f8f8f2 rtnetlink: Add rtnexthop offload flag to compare mask
   4ac3ca8c2933 switchdev: Execute bridge ndos only for bridge ports
   63d82a2cbd0c bridge: multicast: restore perm router ports on multicast enable
   e9a5921c393f net: pktgen: remove rcu locking in pktgen_change_name()
   2eeb5735dd04 net/mlx4_en: fixup xdp tx irq to match rx
   27bb6e31d32d IB/ipoib: move back IB LL address into the hard header
   f280126ec8d8 ipv6: correctly add local routes when lo goes up
   0f3e77623916 ip6_tunnel: fix ip6_tnl_lookup
   a148a818df84 net: phy: Trigger state machine on state change and not polling.
   2a9099899a6a ipv6: tcp: restore IP6CB for pktoptions skbs
   50b43ad1dce6 net_sched: reorder pernet ops and act ops registrations
   dac04913ee27 drivers/ptp: Fix kernel memory disclosure
   3f841d1555ad netlink: do not enter direct reclaim from netlink_dump()
   5086cadf8fa4 packet: call fanout_release, while UNREGISTERING a netdev
   6fff1319fdac net: Add netdev all_adj_list refcnt propagation to fix panic
   9caee42c800e net/sched: act_vlan: Push skb->data to mac_header prior calling skb_vlan_*() functions
   c002dfd8adaa net: pktgen: fix pkt_size
   ff1b27c31706 net: fec: set mac address unconditionally
   567aeca9fbb7 Linux 4.8.7
   1bf121d3b234 HID: usbhid: add ATEN CS962 to list of quirky devices
   05a833d4b051 cpufreq: intel_pstate: Set P-state upfront in performance mode
   c89771511deb ubi: fastmap: Fix add_vol() return value test in ubi_attach_fastmap()
   591bf1362e9e btrfs: qgroup: Prevent qgroup->reserved from going subzero
   0c879624701d kvm: x86: Check memopp before dereference (CVE-2016-8630)
   725a92be3926 ARM: fix oops when using older ARMv4T CPUs
   e339609bf377 tty: vt, fix bogus division in csi_J
   4a22930a74ac v4l: vsp1: Prevent pipelines from running when not streaming
   59f9693a170a usb: musb: Fix hardirq-safe hardirq-unsafe lock order error
   086ac9180437 usb: chipidea: host: fix NULL ptr dereference during shutdown
   07bae478e1c1 usb: dwc3: Fix size used in dma_free_coherent()
   fedede0963c4 pwm: Unexport children before chip removal
   7b4b77b9566d omapfb: fix return value check in dsi_bind()
   a3e55d6342b2 video: fbdev: pxafb: potential NULL dereference on error
   13d0f5b3a399 uapi: add missing install of sync_file.h
   db5025bd08ef UBI: fastmap: scrub PEB when bitflips are detected in a free PEB EC header
   cc94524e8940 netfilter: xt_NFLOG: fix unexpected truncated packet
   720a40113e78 i2c: mark device nodes only in case of successful instantiation
   f7d8d44a68de drm: i915: Wait for fences on new fb, not old
   1cefe4cb4f8c drm/i915/fbc: fix CFB size calculation for gen8+
   809e9e6fc390 drm/i915: Clean up DDI DDC/AUX CH sanitation
   ba0a959e0334 drm/i915: Respect alternate_aux_channel for all DDI ports
   426a724c9972 drm: Release reference from blob lookup after replacing property
   5064a6a05387 drm/dp/mst: Check peer device type before attempting EDID read
   e6fcf953a995 drm/i915/gen9: fix watermarks when using the pipe scaler
   0f7f9c456380 drm/i915/gen9: fix DDB partitioning for multi-screen cases
   0cc98b5963f8 drm/fb-helper: Keep references for the current set of used connectors
   14f4a463dc78 drm/fb-helper: Fix connector ref leak on error
   6222f1e0b9ef drm/fb-helper: Don't call dirty callback for untouched clips
   7290da41b8da drm/nouveau/acpi: fix check for power resources support
   fd5f9e1e28cb drm/radeon: drop register readback in cayman_cp_int_cntl_setup
   e136de5d7331 drm/radeon/si_dpm: workaround for SI kickers
   fe777e7a595c drm/radeon/si_dpm: Limit clocks on HD86xx part
   fa6227dbfd6a drm/imx: ipuv3-plane: Access old u/vbo properly in ->atomic_check for YU12/YV12
   d040374f3473 drm/imx: ipuv3-plane: Switch EBA buffer only when we don't need modeset
   51ed5a2bbf38 Revert "drm/radeon: fix DP link training issue with second 4K monitor"
   ac6f210dd7a6 md: be careful not lot leak internal curr_resync value into metadata. -- (all)
   eba4fe9db92f RAID10: ignore discard error
   21faa6dbf53f RAID1: ignore discard error
   b80fcd58e6f6 mmc: dw_mmc-pltfm: fix the potential NULL pointer dereference
   1244d3c3a0f6 scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
   2a1a0a6f1d60 scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded
   5bac49422b4a ath10k: cache calibration data when the core is stopped
   a7d092e946f5 Revert "ath9k_hw: implement temperature compensation support for AR9003+"
   aea7cb3b7ceb mac80211: discard multicast and 4-addr A-MSDUs
   27fa1e735c70 firewire: net: fix fragmented datagram_size off-by-one
   032430fb6a2c firewire: net: guard against rx buffer overflows
   facb17b67ac9 Input: i8042 - add XMG C504 to keyboard reset table
   8b535f07898a rtl8xxxu: Fix rtl8723bu driver reload issue
   1c9edb27261e rtl8xxxu: Fix big-endian problem reporting mactime
   ece1b51ae1c4 rtl8xxxu: Fix memory leak in handling rxdesc16 packets
   5a805cd29284 dm raid: fix activation of existing raid4/10 devices
   6e5456768ba1 dm raid: fix compat_features validation
   056290446e8a dm rq: clear kworker_task if kthread_run() returned an error
   13a59a868756 dm table: fix missing dm_put_target_type() in dm_table_add_target()
   159a17e8dbf6 dm mirror: fix read error on recovery after default leg failure
   d8db5234adef virtio: console: Unlock vqs while freeing buffers
   7569d22a820d virtio_pci: Limit DMA mask to 44 bits for legacy virtio devices
   0c2f67a6196d virtio_ring: Make interrupt suppression spec compliant
   c528df925fba parisc: Ensure consistent state when switching to kernel stack at syscall entry
   592de1000694 ovl: fsync after copy-up
   3ad464dadb7c ovl: update S_ISGID when setting posix ACLs
   be9015460ed5 ovl: fix get_acl() on tmpfs
   2b632307635f MIPS: KASLR: Fix handling of NULL FDT
   1734afcce32b nfsd: Fix general protection fault in release_lock_stateid()
   202c6676b963 ARM: dts: fix the SD card on the Snowball
   db20b510ca5c ARM: mvebu: Select corediv clk for all mvebu v7 SoC
   c627b2e76ae2 KVM: MIPS: Precalculate MMIO load resume PC
   f3a0c969e788 KVM: MIPS: Make ERET handle ERL before EXL
   961cf133b710 KVM: s390: Fix STHYI buffer alignment for diag224
   88aca01f8cb4 KVM: x86: fix wbinvd_dirty_mask use-after-free
   ea261d177aed dm: free io_barrier after blk_cleanup_queue call
   377a2a273c4b Staging: wilc1000: Fix kernel Oops on opening the device
   0c4ffbf9e118 iio:chemical:atlas-ph-sensor: Fix use of 32 bit int to hold 16 bit big endian value
   52a1e76f16e2 arm64: dts: marvell: fix clocksource for CP110 master SPI0
   0dff3c6321a5 tty: limit terminal size to 4M chars
   44f0722dc9ac xhci: workaround for hosts missing CAS bit
   0894224ae7c0 xhci: add restart quirk for Intel Wildcatpoint PCH
   b2d28d93cf83 hv: do not lose pending heartbeat vmbus packets
   eeae0a12a166 vt: clear selection before resizing
   9710f5b19328 x86/smpboot: Init apic mapping before usage
   58b0a7f115f8 GenWQE: Fix bad page access during abort of resource allocation
   b9aa0a7290f5 usb: increase ohci watchdog delay to 275 msec
   241208e7b721 usb: renesas_usbhs: add wait after initialization for R-Car Gen3
   00dbeb06292b xhci: use default USB_RESUME_TIMEOUT when resuming ports.
   1e306cd37a66 USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7
   d082fd105eb9 USB: serial: cp210x: fix tiocmget error handling
   e8bf726705bd USB: serial: fix potential NULL-dereference at probe
   23124735a6f0 usb: gadget: function: u_ether: don't starve tx request queue
   fe4af125085a usb: gadget: udc: atmel: fix endpoint name
   420d16894425 mei: txe: don't clean an unprocessed interrupt cause.
   5d30e8f65073 ubifs: Fix regression in ubifs_readdir()
   b8176cc56bf1 ubifs: Abort readdir upon error
   1755f43e9a90 timers: Lock base for same bucket optimization
   e18ed431d7da timers: Plug locking race vs. timer migration
   b5e3a038997a timers: Prevent base clock corruption when forwarding
   665f7bf33aa8 timers: Prevent base clock rewind when forwarding clock
   0d621c57e739 x86/microcode/AMD: Fix more fallout from CONFIG_RANDOMIZE_MEMORY=y
   e599203f55ad powerpc/64: Fix race condition in setting lock bit in idle/wakeup code
   51d784b54768 powerpc/64: Re-fix race condition between going idle and entering guest
   2c7ff0e5c311 powerpc/mm/radix: Use tlbiel only if we ever ran on the current cpu
   ae150de2d5e0 powerpc: Convert cmp to cmpd in idle enter sequence
   1198fbca645e btrfs: fix races on root_log_ctx lists
   bc720ae2ffab cxl: Fix leaking pid refs in some error paths
   2a997e83960b ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct
   599cfd58ffde ANDROID: binder: Add strong ref checks
   2a0efa30b15c ALSA: hda - Fix headset mic detection problem for two Dell laptops
   2585e17b71c7 ALSA: hda - Fix surround output pins for ASRock B150M mobo
   14456570a4a5 ALSA: hda - Adding a new group of pin cfg into ALC295 pin quirk table
   54186c7dd2ec ALSA: hda - allow 40 bit DMA mask for NVidia devices
   0f574c90d747 ALSA: seq: Fix time account regression
   8ccf154b2654 ALSA: usb-audio: Add quirk for Syntek STK1160
   9d3f5b85ef8b device-dax: fix percpu_ref_exit ordering
   33bcff297228 security/keys: make BIG_KEYS dependent on stdrng.
   5152986c9257 KEYS: Sort out big_key initialisation
   5daa841d0437 KEYS: Fix short sprintf buffer in /proc/keys show function
   0a38e6c551c4 thermal/powerclamp: correct cpu support check
   5db5e0c11c13 mm: memcontrol: do not recurse in direct reclaim
   68adb469dd3b mm/slab: fix kmemcg cache creation delayed issue
   67ae004e2c52 mm/list_lru.c: avoid error-path NULL pointer deref
   5cb73199ca48 libxfs: clean up _calc_dquots_per_chunk
   d00057ecf82f gpio: GPIO_GET_LINE{HANDLE,EVENT}_IOCTL: Fix file descriptor leak
   c70eb2cc1276 gpio: GPIOHANDLE_GET_LINE_VALUES_IOCTL: Fix another information leak
   6bba4b226521 gpio: GPIO_GET_LINEEVENT_IOCTL: Reject invalid line and event flags
   e2144827d96b gpio: GPIO_GET_LINEHANDLE_IOCTL: Reject invalid line flags
   c0699405b147 gpio: GPIO_GET_LINEEVENT_IOCTL: Validate line offset
   49bdfb21e37d gpio: GPIOHANDLE_GET_LINE_VALUES_IOCTL: Fix information leak
   e22edf53b40f gpio: GPIO_GET_LINEHANDLE_IOCTL: Validate line offset
   a23a59c56a53 gpio: GPIO_GET_CHIPINFO_IOCTL: Fix information leak
   78ae767553e4 gpio: GPIO_GET_CHIPINFO_IOCTL: Fix line offset validation
   56ffab4f532e gpio / ACPI: fix returned error from acpi_dev_gpio_irq_get()
   4366246129ca h8300: fix syscall restarting
   a639266ae0c3 spi: mark device nodes only in case of successful instantiation
   d6634d871199 spi: fsl-espi: avoid processing uninitalized data on error
   0cee66b72acc drm/dp/mst: Clear port->pdt when tearing down the i2c adapter
   f2ffb21fb495 i2c: core: fix NULL pointer dereference under race condition
   0fda1cdcbb72 i2c: xgene: Avoid dma_buffer overrun
   9c619c2a8d4d i2c: rk3x: Give the tuning value 0 during rk3x_i2c_v0_calc_timings

(From OE-Core rev: f95903012735e764ae0608a17fc6d4d8c139eb83)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: update to v4.8.6-rt5
Bruce Ashfield [Wed, 16 Nov 2016 14:24:32 +0000 (09:24 -0500)]
linux-yocto/4.8: update to v4.8.6-rt5

Paul Gortmaker sent along updates to the latest 4.8 -rt version.
Updating the SRCREVs to include the following commits:

   f83a3d4a643b v4.8.6-rt5
   74c7ffc2e3f2 NFSv4: don't disable preemption on !RT
   9711dc408890 kbuild: Add -fno-pie to KBUILD_AFLAGS:
   7b4d4278e307 v4.8.6-rt4
   24aa22031f3c v4.8.2-rt3
   8541163464e2 kbuild: add -fno-PIE
   81b61ced2d45 NFSv4: replace seqcount_t with a seqlock_t
   a8300ce29d0c worqueue: document the proper argument
   9711591ebdc3 genirq: document swork member
   1aace69fd88f rbtree: include barrier.h
   74d4589809f2 rxrpc: remove unused static variables
   a941e2f0611c x86/apic: get rid of "warning: 'acpi_ioapic_lock' defined but not used"
   9888d1c2e3ab hotplug: Call mmdrop_delayed() in sched_cpu_dying() if PREEMPT_RT_FULL
   debf0ec42b2e drivers/zram: Don't disable preemption in zcomp_stream_get/put()
   c84b472ee376 mm/zs_malloc: Fix bit spinlock replacement
   c17de80bfeba zsmalloc: turn that get_cpu_light() into a local_lock()
   33586701e8ad connector/cn_proc: Protect send_msg() with a local lock on RT
   b20867d36bcd ftrace: Fix trace header alignment

(From OE-Core rev: 6840594c43b892056886f471575ccb49a78f34e4)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.1: update to v4.1.35
Bruce Ashfield [Thu, 3 Nov 2016 13:25:16 +0000 (09:25 -0400)]
linux-yocto/4.1: update to v4.1.35

Updating to the korg -stable release.

(From OE-Core rev: c0231b1306034cc03987a5fbabd6f17125c9392b)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.4: update to v4.4.30
Bruce Ashfield [Thu, 3 Nov 2016 13:25:15 +0000 (09:25 -0400)]
linux-yocto/4.4: update to v4.4.30

Updating to the korg -stable release.

(From OE-Core rev: feed13b4d108a93b4e95ed9f80f9624e1bd1cdf5)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: fix cryptodev compilation error
Bruce Ashfield [Wed, 16 Nov 2016 14:24:31 +0000 (09:24 -0500)]
linux-yocto/4.8: fix cryptodev compilation error

It was reported that compilation was broken for the in tree variant of
cryptodev. This commit integrates two patches that fix the issue:

  efbdfa1ed95f cryptodev: stomp dynamic version numbering for in tree builds
  32f54070205f cryptodev: fix compile error when enable CONFIG_CRYPTODEV

(From OE-Core rev: b91469ac21825a86eb7a71f1e91206719061bcaa)

Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agolinux-yocto/4.8: update to 4.8.6
Bruce Ashfield [Thu, 3 Nov 2016 13:25:14 +0000 (09:25 -0400)]
linux-yocto/4.8: update to 4.8.6

Integrating the korg -stable release.

(From OE-Core rev: 2a7d3173c7a05cd09bbcf5fe465403b2d4b2b589)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoconf: add C++ flags for uninative interoperatility
Ross Burton [Tue, 22 Nov 2016 17:41:43 +0000 (17:41 +0000)]
conf: add C++ flags for uninative interoperatility

Create a common include file for compiler flags which allow native binaries to
be interoperable on a wide range of hosts. In particular the C++ ABI is
problematic so choose the CXX11 version to allow interoperation between gcc4 and
gcc5 based hosts. Moving this to a common include instead of uninative.bbclass
allows uninative to be configured later and used in the eSDK (where its
mandatory) even if the base configuration doesn't enable uninative by default
(e.g. nodistro in OE-Core).

[ YOCTO #10645 ]

(From OE-Core rev: 60c912ae9306532bdd4c5e09a65863ee77c12f43)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agobinutils: Fix build for c293pcie PPC machine
Fabio Berton [Mon, 14 Nov 2016 12:28:15 +0000 (10:28 -0200)]
binutils: Fix build for c293pcie PPC machine

The following patch fix build for c293pcie PPC machine :
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=8941017b

This patch is a backport from master branch.

Fix error:
/
|ERROR: binutils-2.27-r0 do_package: runstrip: ''powerpc-fslc-linux-gnuspe-strip'
|--remove-section=.comment --remove-section=.note --strip-unneeded
|'../tmp/work/ppce500v2-fslc-linux-gnuspe/binutils/2.27-r0/package/usr/lib/
|libbfd-2.27.0.20160806.so'' strip command failed with 1
|(b'powerpc-fslc-linux-gnuspe-strip: ../tmp/work/ppce500v2-fslc-linux-gnuspe/
|binutils/2.27-r0/package/usr/lib/stJMAEnm: Not enough room for program headers,
|try linking with -N\npowerpc-fslc-linux-gnuspe-strip:../tmp/work/
|ppce500v2-fslc-linux-gnuspe/binutils/2.27-r0/package/usr/lib/stJMAEnm
|[.note.gnu.build-id]: Bad value\n')
\

(From OE-Core rev: 3526c23ae98d2e08af20b77175c12907355ec42a)

Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agowic: fix function comment typos
Maciej Borzecki [Thu, 10 Nov 2016 12:18:35 +0000 (13:18 +0100)]
wic: fix function comment typos

Fix typos in documentation of Image.add_partition() and
Image.__format_disks().

(From OE-Core rev: f5bf7bf253224912c66bab89f48ff63a73e0d698)

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agowic: check that filesystem is specified for a rootfs partition
Maciej Borzecki [Thu, 10 Nov 2016 12:18:34 +0000 (13:18 +0100)]
wic: check that filesystem is specified for a rootfs partition

We explicitly check for --fstype if no source was provided for a
partition. However, this was not the case for rootfs partitions. Make
sure to raise an error if filesystem was left unspecified when preparing
a rootfs partition image.

(From OE-Core rev: b8c35fcad57810a87aa25ebeb533adf286eed565)

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agowic: make sure that partition size is always an integer in internal processing
Maciej Borzecki [Thu, 10 Nov 2016 12:18:32 +0000 (13:18 +0100)]
wic: make sure that partition size is always an integer in internal processing

The size field of Partition class is expected to be an integer and ought
to be set inside prepare_*() method. Make sure that this is always the
case.

(From OE-Core rev: a37838f995ae642b0b8bdd47a605a264fb3bf200)

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agotiff: Security fix CVE-2016-3632
Yi Zhao [Thu, 17 Nov 2016 08:08:10 +0000 (16:08 +0800)]
tiff: Security fix CVE-2016-3632

CVE-2016-3632 libtiff: The _TIFFVGetField function in tif_dirinfo.c in
LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of
service (out-of-bounds write) or execute arbitrary code via a crafted
TIFF image.

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3632
http://bugzilla.maptools.org/show_bug.cgi?id=2549
https://bugzilla.redhat.com/show_bug.cgi?id=1325095

The patch is from RHEL7.

(From OE-Core rev: 9206c86239717718be840a32724fd1c190929370)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agonfs-utils: fix protocol minor version fall-back
Yi Zhao [Wed, 16 Nov 2016 10:07:43 +0000 (18:07 +0800)]
nfs-utils: fix protocol minor version fall-back

Mount nfs directory would fail if no specific nfsvers:
mount -t nfs IP:/foo/bar/ /mnt/
mount.nfs: an incorrect mount option was specified

mount.nfs currently expects mount(2) to fail with EPROTONOSUPPORT if
the kernel doesn't understand the requested NFS version.
Unfortunately if the requested minor is not known to the kernel
it returns -EINVAL.

Backport patch from nfs-utils-1.3.4 to fix this issue.

(From OE-Core rev: 332596628697d28ae6e8c2271c9658aaf5e54796)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoopenssl: Security fix CVE-2016-7055
Yi Zhao [Wed, 16 Nov 2016 10:07:33 +0000 (18:07 +0800)]
openssl: Security fix CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits.

External References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
https://www.openssl.org/news/secadv/20161110.txt

Patch from:
https://github.com/openssl/openssl/commit/57c4b9f6a2f800b41ce2836986fe33640f6c3f8a

(From OE-Core rev: 07cfa9e2bceb07f3baf40681f8c57f4d3da0aee5)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
8 years agoOpenSSL: CVE-2004-2761 replace MD5 hash algorithm
T.O. Radzy Radzykewycz [Tue, 15 Nov 2016 22:14:38 +0000 (14:14 -0800)]
OpenSSL: CVE-2004-2761 replace MD5 hash algorithm

Use SHA256 as default digest for OpenSSL instead of MD5.

CVE: CVE-2004-2761

    The MD5 Message-Digest Algorithm is not collision resistant,
    which makes it easier for context-dependent attackers to
    conduct spoofing attacks, as demonstrated by attacks on the
    use of MD5 in the signature algorithm of an X.509 certificate.

Upstream-Status: Backport
Backport from OpenSSL 2.0 to OpenSSL 1.0.2
Commit f8547f62c212837dbf44fb7e2755e5774a59a57b

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(From OE-Core rev: f924428cf0c22a0b62769f8f31f11f173f25014f)

Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>