Submodule "names" come from the untrusted .gitmodules file,
but we blindly append them to $GIT_DIR/modules to create our
on-disk repo paths. This means you can do bad things by
putting "../" into the name (among other things).
Let's sanity-check these names to avoid building a path that
can be exploited. There are two main decisions:
1. What should the allowed syntax be?
It's tempting to reuse verify_path(), since submodule
names typically come from in-repo paths. But there are
two reasons not to:
a. It's technically more strict than what we need, as
we really care only about breaking out of the
$GIT_DIR/modules/ hierarchy. E.g., having a
submodule named "foo/.git" isn't actually
dangerous, and it's possible that somebody has
manually given such a funny name.
b. Since we'll eventually use this checking logic in
fsck to prevent downstream repositories, it should
be consistent across platforms. Because
verify_path() relies on is_dir_sep(), it wouldn't
block "foo\..\bar" on a non-Windows machine.
2. Where should we enforce it? These days most of the
.gitmodules reads go through submodule-config.c, so
I've put it there in the reading step. That should
cover all of the C code.
We also construct the name for "git submodule add"
inside the git-submodule.sh script. This is probably
not a big deal for security since the name is coming
from the user anyway, but it would be polite to remind
them if the name they pick is invalid (and we need to
expose the name-checker to the shell anyway for our
test scripts).
This patch issues a warning when reading .gitmodules
and just ignores the related config entry completely.
This will generally end up producing a sensible error,
as it works the same as a .gitmodules file which is
missing a submodule entry (so "submodule update" will
barf, but "git clone --recurse-submodules" will print
an error but not abort the clone.
There is one minor oddity, which is that we print the
warning once per malformed config key (since that's how
the config subsystem gives us the entries). So in the
new test, for example, the user would see three
warnings. That's OK, since the intent is that this case
should never come up outside of malicious repositories
(and then it might even benefit the user to see the
message multiple times).
Credit for finding this vulnerability and the proof of
concept from which the test script was adapted goes to
Etienne Stalmans.
Affects: git < 2.13.7 and git < 2.14.4 and git < 2.15.2 and git < 2.16.4 and
git < 2.17.1
CVE-2017-18018-1:
doc: clarify chown/chgrp --dereference defaults
* doc/coreutils.texi: the documentation for the --dereference
flag of chown/chgrp states that it is the default mode of
operation. Document that this is only the case when operating
non-recursively.
CVE-2017-18018-2:
doc: warn about following symlinks recursively in chown/chgrp
In both chown and chgrp (which shares its code with chown), operating
on symlinks recursively has a window of vulnerability where the
destination user or group can change the target of the operation.
Warn about combining the --dereference, --recursive, and -L flags.
* doc/coreutils.texi (warnOptDerefWithRec): Add macro.
(node chown invocation): Add it to --dereference and -L.
(node chgrp invocation): Likewise.
double64_init: Check psf->sf.channels against upper bound
This prevents division by zero later in the code.
While the trivial case to catch this (i.e. sf.channels < 1) has already
been covered, a crafted file may report a number of channels that is
so high (i.e. > INT_MAX/sizeof(double)) that it "somehow" gets
miscalculated to zero (if this makes sense) in the determination of the
blockwidth. Since we only support a limited number of channels anyway,
make sure to check here as well.
Andrej Valek [Tue, 17 Jul 2018 09:10:33 +0000 (11:10 +0200)]
openssl-1.1: fix c_rehash perl errors
Patch original c_rehash script with Debian patch instead
of overriding it with own version.
Error output from c_reshah without patching:
Unknown regexp modifier "/b" at ./c_rehash line 15, at end of line
Unknown regexp modifier "/W" at ./c_rehash line 28, at end of line
Unknown regexp modifier "/3" at ./c_rehash line 28, at end of line
Unknown regexp modifier "/2" at ./c_rehash line 28, at end of line
No such class installdir at ./c_rehash line 63, near "Prefix our
installdir"
(Might be a runaway multi-line // string starting on line 28)
syntax error at ./c_rehash line 63, near "Prefix our installdir"
Can't redeclare "my" in "my" at ./c_rehash line 68, near ""
Execution of ./c_rehash aborted due to compilation errors.
Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Marko Peter <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Andre McCurdy [Wed, 8 Aug 2018 18:15:12 +0000 (11:15 -0700)]
openssl_1.0: drop unnecessary call to perlpath.pl from do_configure()
The perlpath.pl script is used to patch the #! lines in all perl
scripts in the utils directory. However, as these scripts are run via
e.g. "perl foo.pl", they don't actually rely on the #! path to be
correct (which can be confirmed by the observation that the path is
currently being set to ${STAGING_BINDIR_NATIVE}/perl, which doesn't
exist).
Andre McCurdy [Tue, 31 Jul 2018 01:28:07 +0000 (18:28 -0700)]
openssl_1.0: drop unnecessary dependency on makedepend-native
The openssl Configure script will only select standalone makedepend
(vs running "$CC -M") when building with gcc < 3.x or with an Apple
Xcode version which predates the switch to clang (in approx 2010?).
Neither of these cases are possible when building under OE, therefore
the dependency on makedepend-native can be dropped (ie align the
openssl 1.0 recipe with the 1.1 recipe, which has dropped the
makedepend-native dependency already).
Andre McCurdy [Tue, 31 Jul 2018 13:57:56 +0000 (06:57 -0700)]
openssl: fix missing dependency on hostperl-runtime-native
Openssl 1.1 requires perl in order to build (just as openssl 1.0
does). The missing dependency has gone unnoticed up to now since
hostperl-runtime-native is included in ASSUME_PROVIDED.
Andre McCurdy [Sat, 28 Jul 2018 20:39:23 +0000 (13:39 -0700)]
openssl_1.0: squash whitespace in CC_INFO
Squash whitespace in CC_INFO to avoid recipe whitespace changes to
CFLAG affecting the final openssl binaries (the value of CC_INFO gets
embedded in libcrypto, via buildinf.h).
Andre McCurdy [Sat, 28 Jul 2018 20:39:22 +0000 (13:39 -0700)]
openssl_1.0: add PACKAGECONFIG option to control manpages
Creating the openssl manpages, which happens as part of do_install(),
can take a significant amount of time (e.g. ~50 seconds on a quad
core laptop). Provide a PACKAGECONFIG option to allow creation of the
manpages to be skipped completely if not required and inherit the
manpages class to automatically control the PACKAGECONFIG option
(based on the "api-documentation" distro feature).
Andre McCurdy [Sat, 28 Jul 2018 20:39:21 +0000 (13:39 -0700)]
openssl_1.0: drop unmaintained darwin support
The fact that the darwin support only appears to consider x86 (and
not x86_64) suggests that it's not maintained or tested. In general
oe-core doesn't support building on darwin.
Andre McCurdy [Sat, 28 Jul 2018 20:39:20 +0000 (13:39 -0700)]
openssl_1.0: drop obsolete exporting of AS, EX_LIBS and DIRS
Previously (when EXTRA_OEMAKE contained -e) exporting these variables
over-rode default values in the top-level openssl Makefile. However,
since -e was removed from EXTRA_OEMAKE as part of:
exporting these variables does nothing. The comment from that commit
that only AR is affected by removing -e wasn't correct, but the
effects of letting the openssl Makefile also control AS, EX_LIBS and
DIRS seem to be either benign or beneficial.
Since without -e make ignores DIRS from the environment and always
runs for all subdirs (including "test"), adding "test" to DIRS and
calling "make depend" again from do_compile_ptest() can be dropped.
Andre McCurdy [Sat, 28 Jul 2018 20:39:19 +0000 (13:39 -0700)]
openssl_1.0: drop obsolete ca.patch
This patch adds a second line to the -help output of the CA.pl script
(which lists almost the same command line options as the line above
it but in a slightly different order). Although it's tagged as a
Debian backport, there's no patch like it in recent Debian patch sets
for openssl 1.0.2.
Andre McCurdy [Tue, 24 Jul 2018 02:38:52 +0000 (19:38 -0700)]
openssl_1.0: avoid running make twice for target do_compile()
Currently target builds call make twice as part of do_compile(). It
appears to be an accidental side effect of needing to only pass
CC_INFO on the make command line for target builds, since CC_INFO is
only referenced by the reproducible build patches.
Andre McCurdy [Tue, 24 Jul 2018 02:38:50 +0000 (19:38 -0700)]
openssl_1.0: fix cryptodev-linux PACKAGECONFIG support
Since openssl isn't an autotools recipe, defining cryptodev-linux
related config options via PACKAGECONFIG hasn't worked correctly
since PACKAGECONFIG_CONFARGS stopped being automatically appended to
EXTRA_OECONF in 2016:
The issue appears to have been hidden as the flags are also hardcoded
in CFLAG - and therefore always enabled, regardless of the state of
the PACKAGECONFIG option. Fix by passing both EXTRA_OECONF and
PACKAGECONFIG_CONFARGS when running the openssl Configure script.
Although the openssl 1.1 recipe doesn't contain any PACKAGECONFIG
options yet, pre-emptively make the same fix there too.
Also only enable cryptodev-linux by default for target builds (based
on the historical comments in the recipe, that seems to have been the
original intention).
Joshua Watt [Tue, 7 Aug 2018 13:40:04 +0000 (08:40 -0500)]
alsa-lib: Cleanup packaging
Cleans up the packaging by moving libasound.so.2 back into the alsa-lib
package which was previously empty.
Previously, it was difficult to create an image that had libasound.so.2,
then create an SDK from that image that had the proper development
files, because the only way to get libasound.so.2 was to do:
IMAGE_INSTALL += "libasound"
This however caused a problem because all of the development files that
would be desired in the SDK were located in alsa-lib-dev, which wouldn't
be included because alsa-lib wasn't included, and it was impossible to
include alsa-lib because it was an empty package that was culled.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 30352f3d84344bff8c06625f9674947417f6e8e1)
Ross Burton [Mon, 13 Aug 2018 17:20:54 +0000 (18:20 +0100)]
classes: sanity-check LIC_FILES_CHKSUM
We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this,
which can lead to problems if you have a URI that resolves to a path of / as
Bitbake will then dutifully checksum / recursively.
Ross Burton [Mon, 13 Aug 2018 23:59:39 +0000 (00:59 +0100)]
bzip2: use Yocto Project mirror for SRC_URI
The bzip.org domain expired and is now a holding site for adverts, so we can't
trust a tarball that appears on that site (luckily we have source checksums to
detect this).
For now, point SRC_URI at the tarball in the Yocto Project source mirror, but
set HOMEPAGE and UPSTREAM_CHECK_URI to the sourceware.org/bzip2/ page which
apparently will be resurrected as the new canonical home page.
Daniel DÃaz [Tue, 14 Aug 2018 16:14:36 +0000 (11:14 -0500)]
multilib_header: recognize BPF as a target
When building with `clang -target bpf` using the
multilib_header, a recursion was unavoidable because
bits/wordsize.h would #include itself, still lacking
a definition for __MHWORDSIZE or __WORDSIZE.
Daniel DÃaz [Tue, 14 Aug 2018 16:14:35 +0000 (11:14 -0500)]
glibc: Make bits/wordsize.h multilibbed again
As reported by ChenQi, leaving bits/wordsize.h out of being
multilibbed introduced a problem in building the SDK for
arm64:
Error: Transaction check error:
file /usr/include/bits/wordsize.h conflicts between attempted installs of lib32-libc6-dev-2.27-r0.armv7vet2hf_vfp and libc6-dev-2.27-r0.aarch64
oe-pkgdata-util: Make parse_pkgdatafile() support package suffixed vars
Support for variables suffixed with package names, e.g., PKGV_foo, was
removed in commit 3d2c87c4, which broke support for recipes that set
other versions on their packages than what is in ${PV}.
If a package name exists in runtime-rprovides, lookup-recipe and
package-info would finish after printing information about that
package even if more packages were specified.
Chen Qi [Mon, 14 May 2018 08:35:22 +0000 (16:35 +0800)]
devtool/sdk.py: error out in case of downloading file failure
It's possible that downloading file from updateserver fails. In
this case, we should error out instead of continue.
We have users reporting unexpected behavior of 'devtool sdk-update'.
When an invalid url is supplied, e.g., `devtool sdk-update http://invalid',
the program reports 'Note: Already up-to-date'.
This is obviously not expected. We should error out in such case.
Martin Jansa [Mon, 30 Jul 2018 09:17:25 +0000 (09:17 +0000)]
linux-firmware: add separate packages for all brcm files
* no changes in the content of previously existing packages
* include some silly commands I've used to "parse" WHENCE file to
generate these, some manual changes are still needed, like separating
cypress licensed files, removing duplicates when 2 files are included
in the same package (bcm4356-pcie is exception because sdio and pcie
files have different license).
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Martin Jansa [Mon, 30 Jul 2018 09:17:23 +0000 (09:17 +0000)]
linux-firmware: add ${PN}-cypress-license handling from meta-raspberrypi
* this will break meta-raspberrypi once more, by including
${PN}-cypress-license package twice in PACKAGES
I've sent fix here:
https://github.com/agherzan/meta-raspberrypi/pull/295
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
u-boot attempts to build a Python library called pylibfdt. By default,
u-boot would attempt to use the build host's Python interpreter, which
causes numerous problems, not least of which is that it fails if the
host doesn't have the Python development package installed (complaining
about not being able to find Python.h)
Rectify this situation by including the proper build time dependencies
for pylibfdt and passing the proper arguments to make.
Yongxin Liu [Mon, 30 Jul 2018 09:16:32 +0000 (17:16 +0800)]
kdump: start kdump.service after basic.target
If kdump.service is set to run on boot and dump-capture kernel isn't
placed in /dev/root, kdump.service will fail to load the kernel,
since other partitions are not mounted yet. Starting kdump.service
after basic.target guarantees dump-capture kernel can be loaded in
this situation.
Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
ERROR: glibc-locale-2.27-r0 do_package_qa: QA Issue: glibc-locale: /glibc-binary-localedata-hy-am/usr/lib/locale/hy_AM/LC_MEASUREMENT.tmp is owned by uid 3004, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
* it isn't needed in master, because nativesdk postinst were fixed by:
commit d10fd6ae3fe46290c6e3a5250878966d9f12ca3f
Author: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Date: Mon Jun 11 16:38:20 2018 +0300
Subject: qemuwrapper-cross: enable multilib and nativesdk variants of the script
* which depends on:
commit d4f5b8e26acaadffac6df10f9a9d9ebfb3045f5f
Author: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Date: Mon Jun 11 16:38:17 2018 +0300
Subject: gtk-immodules-cache.bbclass: convert cache creation to postinst_intercept mechanism
* backporting just these 2 isn't enough, we would need to backport
something else as well, otherwise it fails with:
webos-ndk-basic/1.0.0-1-r3/intercept_scripts-a4270d1427cca0a9d172dbcd8dc262957c8e081c657e1123cc9ad551d65f22ea/update_gio_module_cache-nativesdk:
nativesdk-qemuwrapper: not found
and at this point I would rather safely disable it for nativesdk
in sumo instead of backporting bunch more commits to stable branch
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Daniel DÃaz [Thu, 26 Jul 2018 14:39:26 +0000 (09:39 -0500)]
glibc: Avoid multilibbing on wordsize.h
Once another header #includes <bits/wordsize.h>, there is a
potential recursion going on because the
multilib_header_wrapper.h #includes <bits/wordsize.h> again!
This should not happen because an __arm__ (32-bits) or an
__aarch64__ (64-bits) environment guarantees that we will
be getting the correct definition, but when building against
a different target (like BPF), recursion is what happens.
This can be seen, for instance, when building eBPF programs
from the kernel with `clang -target bpf', such as the ones
located in linux/tools/testing/selftests/bpf/.
Rui Wang [Mon, 16 Jul 2018 02:55:08 +0000 (10:55 +0800)]
bash: fix wrong exit status offset
In Linux,8 bits of the return code and 8 bits of the number of
the killing signal are mixed into a single value on the exit code,
so the exit status offset should be 8. But the autoconf checker
can not determine it while cross compiling, and then it is set to
the default value 0, which will cause generating the wrong exit
code if program exit with an error code.
Ross Burton [Thu, 12 Jul 2018 13:44:06 +0000 (14:44 +0100)]
insane: optimise buildpath search
Instead of decoding every file we open as UTF-8 (with many errors as machine
code isn't UTF-8), convert the build path to the UTF-8 byte representation and
search for that instead.
wic/engine: use up all free space when expanding partitions
Currently we just divide up the free space by the number of partitions
that need to be re-sized. This leads to problems when a user has
explicitly specified a subset of partitions (but not all) that need
to re-sized along with the sizes. As an example, for an image with 3
partitions, if we use:
wic write image.wic /dev/sdb --expand 1:10G
This would lead to paritions 2 and 3 each being re-sized to one thirds
of the free space instead of half.
The UEFI spec implies that GPT partitions should be assumed to be on a 2048
sector boundary (for a 512 byte sector) and the current logic just
divides the free sectors available by the number of partitions that need
re-sizing, which may or may not align and the final result might
overshoot the limits imposed after alignment.
Since we are expanding already aligned partitions, just divide up the
free space in multiples of 2048. Also use the exec_cmd wrapper instead
of the subprocess call directly.
Whenever perf got rebuilt, I was consistently getting errors such as
| find: '[...]/perf/1.0-r9/perf-1.0/plugin_mac80211.so': No such file or directory
| find: '[...]/perf/1.0-r9/perf-1.0/plugin_mac80211.so': No such file or directory
| find: find: '[...]/perf/1.0-r9/perf-1.0/libtraceevent.a''[...]/perf/1.0-r9/perf-1.0/libtraceevent.a': No such file or directory: No such file or directory
|
[...]
| find: cannot delete '/mnt/xfs/devel/pil/yocto/tmp-glibc/work/wandboard-oe-linux-gnueabi/perf/1.0-r9/perf-1.0/util/.pstack.o.cmd': No such file or directory
breaking the whole build. The root cause seems to be that the implicit
'make clean' done during do_configure ends up running in parallel, and
thus multiple find commands attempt to stat and/or delete the same
file.
A patch disabling parallelism for the clean target has been ack'ed
upstream (lkml.kernel.org/r/20180705134955.GB3686@krava), but it should
be harmless to pass JOBS=1 even with a fixed kernel. This can be removed
if and when all relevant -stable kernels have that patch.
Bruce Ashfield [Mon, 9 Jul 2018 15:25:38 +0000 (11:25 -0400)]
linux-yocto/4.12: update to v4.12.26
Integrating Paul Gortmaker's -stable 4.12 release, which comprises
the following commits:
b0f63e84c132 Linux 4.12.26 61be5424616e usbnet: fix alignment for frames with no ethernet header 6d0519e75609 tipc: fix memory leak in tipc_accept_from_sock() 8560506d5b7a tipc: call tipc_rcv() only if bearer is up in tipc_udp_recv() 5ceba73f1c24 tcp: remove buggy call to tcp_v6_restore_cb() 450a839e54a6 tcp/dccp: block bh before arming time_wait timer 872d246eaed9 stmmac: reset last TSO segment size after device open 74386d6ee7bf sit: update frag_off info 3df033244a42 s390/qeth: fix GSO throughput regression b7bd0107008f s390/qeth: fix early exit from error path 7f02573318ba s390/qeth: build max size GSO skbs on L2 devices 3c8a527e0496 rds: Fix NULL pointer dereference in __rds_rdma_map 00c0600c0a35 net: remove hlist_nulls_add_tail_rcu() 193d9a02e802 net: realtek: r8169: implement set_link_ksettings() 8fb1c5e220ee net: qmi_wwan: add Quectel BG96 2c7c:0296 0c2ba29a13d9 net/packet: fix a race in packet_bind() and packet_notifier() bb06331e9156 net: openvswitch: datapath: fix data type in queue_gso_packets ea15a664c5b8 usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping 7f11deffc177 ipmi: Stop timers before cleaning up the module fb006a18929e fix kcm_clone() ee82eaf439cc RDMA/cxgb4: Annotate r2 and stag as __be32 b71be191d4ed md: free unused memory after bitmap resize 6d24efc56915 dm raid: fix panic when attempting to force a raid to sync 490fc05683b4 blk-mq: Avoid that request queue removal can trigger list corruption d9e8cb49aaf1 ide: ide-atapi: fix compile error with defining macro DEBUG 115978628b54 ipvlan: fix ipv6 outbound device ee2ce344ee06 powerpc/powernv/idle: Round up latency and residency values 0fe4d3f9fb5b afs: Connect up the CB.ProbeUuid 94bdd552d7b1 IB/mlx5: Assign send CQ and recv CQ of UMR QP aa02d85e4d08 IB/mlx4: Increase maximal message size under UD QP dd955bcce383 bnxt_re: changing the ip address shouldn't affect new connections a4b3e59bcb04 f2fs: fix to clear FI_NO_PREALLOC 78f9d39a2735 xfrm: Copy policy family in clone_policy 4577662b6010 atm: horizon: Fix irq release error d7241b40fe6d kbuild: rpm-pkg: fix jobserver unavailable warning bffb011d5446 mailbox: mailbox-test: don't rely on rx_buffer content to signal data ready 849ef7edfa4c clk: hi3660: fix incorrect uart3 clock freqency d561354fe15d clk: uniphier: fix DAPLL2 clock rate of Pro5 eada5db0be6e clk: qcom: common: fix legacy board-clock registration 11ea07285eb4 geneve: fix fill_info when link down 4e0b53bd177a sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf be7cba326d33 sctp: use the right sk after waking up from wait_buf sleep 2c485f6fa3be sctp: do not free asoc when it is already dead in sctp_sendmsg 6e2b427a32da slub: fix sysfs duplicate filename creation when slub_debug=O e66ebbc23607 zsmalloc: calling zs_map_object() from irq is a bug dc423eda615d sparc64/mm: set fields in deferred pages 956c73ca6664 block: wake up all tasks blocked in get_request() 1f35bda74d1a dt-bindings: usb: fix reg-property port-number range 412c76f0f9b8 sunrpc: Fix rpc_task_begin trace point 09f79313b317 NFS: Fix a typo in nfs_rename() a550f7b43f63 dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 80f443550f8f lib/genalloc.c: make the avail variable an atomic_long_t 1dfea0e03917 drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' 4add25bf3dff route: update fnhe_expires for redirect when the fnhe exists c53ad6cb2f86 route: also update fnhe_genid when updating a route cache d09b814cd2aa gre6: use log_ecn_error module parameter in ip6_tnl_rcv() f9ef4cd05462 mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() a95269b0e4e5 x86/mpx/selftests: Fix up weird arrays 76e5bd0ae30a coccinelle: fix parallel build with CHECK=scripts/coccicheck 59f2aa43a314 kbuild: pkg: use --transform option to prefix paths in tar 50ce05457e39 irqchip/qcom: Fix u32 comparison with value less than zero e3fec500f619 ARM: avoid faulting on qemu 602f85aeefb7 crypto: talitos - fix ctr-aes-talitos 73e76cb0ca1f crypto: talitos - fix use of sg_link_tbl_len f17fe30404de crypto: talitos - fix AEAD for sha224 on non sha224 capable chips f5fa317606b7 crypto: talitos - fix setkey to check key weakness 519619ec114a crypto: talitos - fix memory corruption on SEC2 e7984cca5abc crypto: talitos - fix AEAD test failures 64d05b5d1d86 bus: arm-ccn: fix module unloading Error: Removing state 147 which has instances left. e14e213dfd51 bus: arm-ccn: Fix use of smp_processor_id() in preemptible context 63efd55a2c6b bus: arm-ccn: Check memory allocation failure fd30c25b5596 bus: arm-cci: Fix use of smp_processor_id() in preemptible context d358187f050b media: dvb: i2c transfers over usb cannot be done from stack 2ae277ebe31f drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU 0792a5a27074 drm/bridge: analogix dp: Fix runtime PM state in get_modes() callback fdc899328ff3 kdb: Fix handling of kallsyms_symbol_next() return value 08f22e2251fd brcmfmac: change driver unbind order of the sdio function devices f9a77013fa02 powerpc/64s: Initialize ISAv3 MMU registers before setting partition table 9c6dfd696e5a KVM: s390: Fix skey emulation permission check 092937ce1aae s390: fix compat system call table 4f4b2e279816 s390: always save and restore all registers on context switch 8c54b7d880d4 smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place a2ec325c7d20 iommu/vt-d: Fix scatterlist offset handling 743ac71ece80 ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU 1df6e988ae39 ALSA: usb-audio: Add check return value for usb_string() 974394e57a05 ALSA: usb-audio: Fix out-of-bound error f4753360efda ALSA: seq: Remove spurious WARN_ON() at timer check 478c2ed7ca1c ALSA: pcm: prevent UAF in snd_pcm_info b12060cae8c2 btrfs: handle errors while updating refcounts in update_ref_for_cow ecfc013c7f23 btrfs: fix missing error return in btrfs_drop_snapshot 45822ea3d1bf X.509: fix comparisons of ->pkey_algo 19057ced2699 X.509: reject invalid BIT STRING for subjectPublicKey a3ad8e49bc26 KEYS: reject NULL restriction string when type is specified 7c2ccfe13faa KEYS: add missing permission check for request_key() destination 664879ff9aef ASN.1: check for error from ASN1_OP_END__ACT actions 4c0e7ec3072d ASN.1: fix out-of-bounds read when parsing indefinite length item 17a6f363daf9 efi/esrt: Use memunmap() instead of kfree() to free the remapping 8dd372dd8845 efi: Move some sysfs files to be read-only by root 97c6b857262f scsi: libsas: align sata_device's rps_resp on a cacheline eb78a8b8f172 scsi: use dma_get_cache_alignment() as minimum DMA alignment db4a32fa5cf2 scsi: dma-mapping: always provide dma_get_cache_alignment 1f55442d0992 isa: Prevent NULL dereference in isa_bus driver callbacks 93fdb7dc713e hv: kvp: Avoid reading past allocated blocks from KVP file d745d533737a pinctrl: armada-37xx: Fix direction_output() callback behavior ae6add36f3ce iio: adc: meson-saradc: fix the bit_idx of the adc_en clock 50c87ecdb250 iio: adc: cpcap: fix incorrect validation 657257ba13ae iio: health: max30102: Temperature should be in milli Celsius 3da92b4ab2cc virtio: release virtio index when fail to device_register f6fe0d2777b2 can: peak/pcie_fd: fix potential bug in restarting tx queue 654babccd437 can: usb_8dev: cancel urb on -EPIPE and -EPROTO bda1dccdda47 can: esd_usb2: cancel urb on -EPIPE and -EPROTO 9ff8eb7ef05b can: ems_usb: cancel urb on -EPIPE and -EPROTO 51e5de2b036b can: mcba_usb: cancel urb on -EPROTO c94c94a367ef can: kvaser_usb: cancel urb on -EPIPE and -EPROTO c8474d8798ab can: kvaser_usb: ratelimit errors if incomplete messages are received 1936ba2b0b40 can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() bc86162fa81a can: kvaser_usb: free buf in error paths 4a879f2d1636 can: ti_hecc: Fix napi poll return value for repoll 09b06e3f7b1d can: flexcan: fix VF610 state transition issue f81db8e7d0cb can: peak/pci: fix potential bug when probe() fails 7b747f65c553 can: mcba_usb: fix device disconnect bug 0a3964b0a8d3 usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT d1c24d05d7ec serdev: ttyport: fix tty locking in close 541fbaaf6db7 serdev: ttyport: fix NULL-deref on hangup a6d00d0df9e5 serdev: ttyport: add missing receive_buf sanity checks b30e0bedb66b usb: gadget: udc: renesas_usb3: fix number of the pipes
Bruce Ashfield [Mon, 9 Jul 2018 15:25:36 +0000 (11:25 -0400)]
linux-yocto/4.12: bump to v4.12.25
Integrating Paul Gortmaker's v4.12.25 -stable queue, which comprises the
following commits:
e61748ef5db0 Linux 4.12.25 c34553e3e8af x86/bugs: Rename SSBD_NO to SSB_NO 4aa9e65a91b9 x86/bugs: Remove x86_spec_ctrl_set() 7283d22a40c4 x86/bugs: Expose x86_spec_ctrl_base directly 60fb8f1bbd46 x86/speculation: Rework speculative_store_bypass_update() cc8a65725832 x86/cpufeatures: Disentangle SSBD enumeration 4cadf648f802 x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS 14476a34b4d0 x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP e66dd0595eac x86/cpu: Make alternative_msr_write work for 32-bit code 32e38eda9958 x86/bugs: Fix the parameters alignment and missing void 5593194735ea x86/bugs: Make cpu_show_common() static 86e7eb199990 x86/bugs: Fix __ssb_select_mitigation() return type 4efd9170a722 Documentation/spec_ctrl: Do some minor cleanups e074092d9d0a proc: Use underscores for SSBD in 'status' f57b4be9a391 x86/bugs: Rename _RDS to _SSBD f395cafed558 x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass 9599751872de seccomp: Move speculation migitation control to arch code 647fb2d84f05 seccomp: Add filter flag to opt-out of SSB mitigation 44d5a1d9fe07 seccomp: Use PR_SPEC_FORCE_DISABLE 9490e71c3074 prctl: Add force disable speculation ad5b97fe1ab6 x86/bugs: Make boot modes __ro_after_init cfc00a7877b6 seccomp: Enable speculation flaw mitigations bc4bf81c64b0 proc: Provide details on speculation flaw mitigations a41d2136a447 nospec: Allow getting/setting on non-current task 7e17279e72b9 x86/speculation: Add prctl for Speculative Store Bypass mitigation eea6b1abc91e x86/process: Allow runtime control of Speculative Store Bypass c8630c28cd28 prctl: Add speculation control prctls ecefae5ca101 x86/speculation: Create spec-ctrl.h to avoid include hell 4bcdf54612aa x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested 6ce1317929a3 x86/bugs: Whitelist allowed SPEC_CTRL MSR values cd5e5e6f2e39 x86/bugs/intel: Set proper CPU features and setup RDS d97584229d85 x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation 793b7453cfc5 x86/cpufeatures: Add X86_FEATURE_RDS c6c3cd47ccbb x86/bugs: Expose /sys/../spec_store_bypass 2d92a521bda7 x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits 81865e325abe x86/bugs: Concentrate bug reporting into a separate function 45245a5b9dc4 x86/bugs: Concentrate bug detection into a separate function 05e82d536970 x86/nospec: Simplify alternative_msr_write() effb0dfecfa2 x86/cpu_entry_area: Sync cpu_entry_area to initial_page_table 89fffee9d555 x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend 76199d7beb0b x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP 426210b00b02 x86/speculation: Use IBRS if available before calling into firmware 63904f8a6d41 x86/entry/64: Fix CR3 restore in paranoid_exit() 35cf6a9daf5f x86/cpu: Change type of x86_cache_size variable to unsigned int 7fded60b2cb7 x86/spectre: Fix an error message 343945a16727 x86/speculation: Add <asm/msr-index.h> dependency eb0f059ee2de nospec: Move array_index_nospec() parameter checking into separate macro 31951a39de73 x86/speculation: Fix up array_index_nospec_mask() asm constraint 344711f16fec x86/entry/64: Remove the unused 'icebp' macro d4324affaf05 x86/entry/64: Fix paranoid_entry() frame pointer warning 3cadbc9228b4 x86/entry/64: Indent PUSH_AND_CLEAR_REGS and POP_REGS properly 0d561147160c x86/entry/64: Get rid of the ALLOC_PT_GPREGS_ON_STACK and SAVE_AND_CLEAR_REGS macros 22c1269eefa9 x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases ac897d25b1d3 x86/entry/64: Introduce the PUSH_AND_CLEAN_REGS macro 226eea037fa6 x86/entry/64: Interleave XOR register clearing with PUSH instructions 120d889cac9f x86/entry/64: Merge the POP_C_REGS and POP_EXTRA_REGS macros into a single POP_REGS macro 2d5eb3888f24 x86/entry/64: Merge SAVE_C_REGS and SAVE_EXTRA_REGS, remove unused extensions 797a6f4444f1 x86/speculation: Clean up various Spectre related details ff032faca431 KVM/nVMX: Set the CPU_BASED_USE_MSR_BITMAPS if we have a valid L02 MSR bitmap 1aaab2d1a1fd KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods dd17c0f5a114 Revert "x86/speculation: Simplify indirect_branch_prediction_barrier()" add7dd4f1f81 x86/speculation: Correct Speculation Control microcode blacklist again 358f03a9395f x86/speculation: Update Speculation Control microcode blacklist 0307861327c7 x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() a612b987b028 x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface 1b8b432f6dee x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface 513e4bbfc32c x86/entry/64: Clear extra registers beyond syscall arguments, to reduce speculation attack surface
Richard Purdie [Mon, 2 Jul 2018 12:43:50 +0000 (12:43 +0000)]
staging: Improve fixup processing code
With the fixes to other parts of multilib, it was found that the fixup code's
assumptions about the recipe sysroot were incorrect. We need to use the value
calculated earlier in the function.
It turns out there is a rather neat way to do this which cleans up the code
as an added bonus.
Richard Purdie [Fri, 29 Jun 2018 16:33:26 +0000 (16:33 +0000)]
staging/image: Fix multilib recipe sysroot issues
Currently if you enable multilib, then build an image, the multilib
recipe sysroot is build in the wrong WORKDIR. If you then clean and
rebuild the image you see "file exists" errors.
This patch ensures the real WORKDIR is used consistently and then
cleans/rebuilds also work correctly.
Olof Johansson [Tue, 3 Jul 2018 12:00:08 +0000 (14:00 +0200)]
rpm: Avoid leaking temporary scriplet files
RPM writes each package scriptlet (post-/preinstall) to
/var/tmp/rpm-tmp.XXXXXX --- a lot of files potentially gets created.
When debugging is enabled, these temporary scriptlet files aren't
cleaned up at all and after a while this results in the filesystem
resources are eaten up (like running out of available inodes).
Normally, the temporary files would have been written to the tmp
directory of the target sysroot (which we can easily clean up), but in
this tree, you can't necessarily run the scriptlets.
Otavio Salvador [Tue, 3 Jul 2018 12:34:34 +0000 (09:34 -0300)]
go: Update 1.10.2 -> 1.10.3
go1.10.3 (released 2018/06/05) includes fixes to the go command, and
the crypto/tls, crypto/x509, and strings packages. In particular, it
adds minimal support to the go command for the vgo transition.
Otavio Salvador [Tue, 3 Jul 2018 12:34:33 +0000 (09:34 -0300)]
go: Update 1.9.6 -> 1.9.7
go1.9.7 (released 2018/06/05) includes fixes to the go command, and
the crypto/x509, and strings packages. In particular, it adds minimal
support to the go command for the vgo transition.
