summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* kernel: CVE-2016-10229krogothSona Sarmadi2017-05-192-0/+102
| | | | | | | | | | | Reference: https://nvd.nist.gov/vuln/detail/CVE-2016-10229 Reference to upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v3.12.74&id=c3bfbecb1bb575278ce4812746a29c04875a2926 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: tty: CVE-2017-2636Sona Sarmadi2017-04-052-0/+319
| | | | | | | | | | | | | tty: n_hdlc: get rid of racy n_hdlc.tbuf Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2636 Reference to upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/patch/?id=63075fbddd5151d2e98fa7cf0608a2113e23607d Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: tty: n_hdlc, fix lockdep false positiveSona Sarmadi2017-04-052-0/+107
| | | | | | | | We need this patch to be able to cherry-pick the patch for CVE-2017-2636 from later version. Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: CVE-2017-5551Sona Sarmadi2017-02-062-0/+65
| | | | | | | | | | | | | | | S_ISGD is not cleared when setting posix ACLs in tmpfs (CVE-2016-7097 incomplete fix) It was found that fix for CVE-2016-7097 was incomplete as it missed tmpfs. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5551 Reference to upstream commit (kernel.org 3.12 branch): https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=b0369e53c851f8cd87afd059d360a4f646840c8c Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: CVE-2016-7097Sona Sarmadi2017-02-063-0/+505
| | | | | | | | | | | | | | | | | | Setting a POSIX ACL via setxattr doesn't clear the setgid bit The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7097 Reference to upstream commits (kernel.org 3.12 branch): https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/?id=refs%2Ftags%2Fv3.12.70&qt=grep&q=posix_acl%3A+Clear+SGID+bit+when+setting+file+permissions Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* Kernel: CVE-2016-9754Sona Sarmadi2017-02-032-0/+96
| | | | | | | | | | | | | | | | | | Integer overflow in ring_buffer_resize() The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9754 References to upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59643d1535eb220668692a5359de22545af579f6 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: scsi: aacraid: CVE-2016-6480Sona Sarmadi2016-11-032-0/+73
| | | | | | | | | | | | | | | | | Fixes double fetch in ioctl_send_fib(). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6480 Upstream bug: https://bugzilla.kernel.org/show_bug.cgi?id=116751 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=bcc85e09fc60d2e99053eae3fd0515c343189375 Signen-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: CVE-2016-5195Sona Sarmadi2016-10-242-0/+101
| | | | | | | | | | | | Fixes privilege escalation via MAP_PRIVATE COW breakage. References: =========== https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5195 http://www.securityfocus.com/bid/93793 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: CVE-2016-3136Sona Sarmadi2016-09-162-0/+53
| | | | | | | | | | | | | Crash on invalid USB device descriptors (mct_u232 driver) Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3136 Reference to upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=f9dbb3666b3ddb5f9a7e44a433383cb6880a03f5 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel-net: CVE-2016-5696Sona Sarmadi2016-08-222-0/+99
| | | | | | | | | | | | | | | | | tcp: make challenge acks less predictable net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5696 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=860c53258e634c54f70252c352bae7bac30724a9 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* net-kernel: CVE-2016-2070Sona Sarmadi2016-08-172-0/+68
| | | | | | | | | | | | | | | | | | Fixes a divide-by-zero vulnerability in a way the linux kernel processes TCP connections. The error can occur if a connection starts another cwnd reduction phase by setting tp->prior_cwnd to the current cwnd (0) in tcp_init_cwnd_reduction(). A remote, unauthenticated attacker could use this flaw to crash the kernel (denial of service). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2070 Reference to upstream correction (backported from kernel.org 4.4 branch): https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=8b8a321ff72c785ed5e8b4cf6eda20b35d427390 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* net-kernel: CVE-2015-8543Sona Sarmadi2016-08-172-0/+143
| | | | | | | | | | | | | | | | Fixes a NULL pointer dereference flaw in the Linux kernel's network subsystem. A local user could use this flaw to crash the system. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8543 Reference to upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=0295617f822f630711f5af03316d3cbda6e737d4 Signen-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* kernel/drivers/ppp: CVE-2015-8569Sona Sarmadi2016-07-292-0/+52
| | | | | | | | | | | | | | | Fixes an out-of-bounds flaw in the kernel where the length of the sockaddr parameter was not checked in the pptp_bind() and pptp_connect() functions. A local system user could exploit this flaw to bypass kernel ASLR or leak other information. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8569 Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=d470ffbe3fe914d176ced4cf330a297c523c5711 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
* README: Update maintainers and contribution informatioAdrian Dudau2016-07-041-2/+4
| | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* README: fix branch nameStefan Sicleru2016-06-011-2/+2
| | | | | | | Replace master with krogoth branch for layer dependencies. Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* linux-qoriq: Fix kernel oops caused by fsnotify race conditionAdrian Dudau2016-05-312-0/+81
| | | | | | | Backport from mainline. Only kernels <4.2 are affected by this. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* Fman config for Enea specific device treeAdrian Calianu2016-05-121-0/+7
| | | | | | | | | For Enea specific device tree where only the FM1@GETH5 is allocated to Linux stack while all other ethernet ports are allocated to USDPAA it is required to have a specific config file. Signed-off-by: Adrian Calianu <adrian.calianu@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* Revert "kernel ipc: fix compat msgrcv with negative msgtyp"Adrian Calianu2016-05-102-29/+0
| | | | | | | The patch was intergrated by Freescale into meta-fsl-ppc into krogoth and krogoth-next branches(commit 324d71e3ef072d17bd6c03973b1d24150fe471ce). This reverts commit 324d71e3ef072d17bd6c03973b1d24150fe471ce.
* kernel ipc: fix compat msgrcv with negative msgtypPaul Vaduva2016-04-282-0/+29
| | | | | | | | | | Compat function takes msgtyp argument as u32 and passes it down to do_msgrcv which results in casting to long, thus the sign is lost and we get a big positive number instead. Cast the argument to signed type before passing it down. Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* Update layer dependency on meta-enea-bsp-commonAdrian Dudau2016-04-212-3/+3
| | | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* Drop linux-qoriq-prt kernel recipeAdrian Dudau2016-04-151-10/+0
| | | | | | | | We don't release a preempt-rt enabled kernel in 6.0, so no need for the recipe. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* linux-qoriq: Remove dts patches for USDPAAAdrian Dudau2016-04-144-458/+0
| | | | | | | These are moved to the meta-enea-networking layer. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* recipes-kernel: rename references to cfg fragmentsStefan Sicleru2016-04-012-26/+26
| | | | | | | | Kernel config fragments were renamed and references must be updated accordingly. Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com> Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
* binutils: revert to version 2.25.1 for e500mc targetsMartin Borg2016-03-3027-0/+22327
| | | | | | | | | | | | Poky master branch has recently upgraded to binutils version 2.26, but for e500mc based targets the kernel crashes early in boot if built with this version of binutils. Reverting back to binutils 2.25.1 is a temporary workaround to be able to build bootable images for these targets. Signed-off-by: Martin Borg <martin.borg@enea.com> Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
* pramfs-init: add recipeNora Björklund2016-03-092-0/+94
| | | | | | | pramfs-init is a RRECCOMMEND to pramfs, that helps mount FS to PRAM. Signed-off-by: Nora Björklund <nora.bjorklund@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* linux-qoriq: stop copying cfg fragmentsAdrian Dudau2016-03-081-18/+0
| | | | | | | | | The bug this change addresses has been fixed upstream in meta-fsl-ppc ( commit 97a5f5d7c1451649b72cdc4d6faab69a761c6e7b), so it's not needed anymore. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
* recipes-kernel: provide VFAT and NLS supportStefan Sicleru2016-03-011-0/+1
| | | | | | | | Add support for VFAT fs and one of its available code pages - 437 (United States, Canada). Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* recipes-kernel: provide NFSv3/4 server supportStefan Sicleru2016-03-011-0/+2
| | | | | Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* kernel: copy cfg fragments to kernel's build directoryStefan Sicleru2016-03-012-29/+6
| | | | | | | | | | | | | | | | | | | | There were two do_configure_prepend() methods, one within FSL's repository and another one in Enea's repository. Due to layers' priorities, the last to be executed was the one from FSL's layer. Hence .config resulted from executing do_configure_prepend() from Enea's repository was lost because both were operating on the same .config file. The issue is how FSL checks for cfg fragments. Fragments need to be within build directory instead of source directory, hence do_unpack_append() method was modified accordingly, otherwise none of the fragments would have been applied on .config. do_configure_prepend() from our repository was deleted, since it's not of much use. Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* update layer dependenciesAdrian Dudau2016-02-222-4/+5
| | | | | | | | The config fragments have been moved to meta-enea-base-ppc now, so this layer should depend on it now. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* openssl: add ptestStefan Sicleru2016-02-054-0/+148
| | | | | | | | | | | This is backported from poky/meta repository. Needed only by FSL's openssl version (found in meta-fsl-ppc layer). Original commit: 8132507f0397877c4d528414c6d34ca61674b6dd on meta-fsl-ppc/dizzy-enea. Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: Add device tree for p3041ds for USDPAAdizzyMihaela Martinas2015-12-142-0/+129
| | | | | | | | | | | | A new device tree for USDPAA support has been added for p3041ds platform. This was necessary to allow the usage of an ethernet interface as a normal one, that interfaces with the Linux kernel network stack. In the beginning all the interfaces were allocated to USDPAA, so they were not visible to the Linux kernel. For the development process this would mean the impossibility to boot using a nfs or to connect via ssh. Signen-off-by: Mihaela Martinas <Mihaela.Martinas@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* kernel: Add device tree for p2041rdb for USDPAAMihaela Martinas2015-12-102-0/+115
| | | | | | | | | | | | A new device tree for USDPAA support has been added for p2041rdb platform. This was necessary to allow the usage of an ethernet interface as a normal one, that interfaces with the Linux kernel network stack. In the beginning all the interfaces were allocated to USDPAA, so they were not visible to the Linux kernel. For the development process this would mean the impossibility to boot using a nfs or to connect via ssh. Signed-off-by: Mihaela Martinas <Mihaela.Martinas@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* kernel: add device tree for t4240rdbHuimin She2015-12-092-0/+215
| | | | | | | | | | | | A device tree (dts) is added for USDPAA support on t4240rdb. In the default USDPAA dts, all the ethernet interfaces are dedicated to USDPAA, so that they are not visible to Linux kernel. This brings difficulty for development, such as nfs booting and ssh login. In the new dts, one ethernet interface is reserved for Linux kernel network stack, and the others are for USDPAA. Signed-off-by: Huimin She <huimin.she@enea.com> Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
* linux-qoriq-common.inc: Replaced python print with yocto commandAndrei Varvara2015-12-091-3/+3
| | | | | | | | | When printing from a recipe it should be used the printing functions provided by yocto. Used bb.note for info printing and bb.error for error exception printing. Signed-off-by: Andrei Varvara <andrei.varvara@enea.com> Signed-off-by: George Nita <george.nita@enea.com>
* linux-qoriq-common.inc: Fix config fragment path for linux-qoriqAndrei Varvara2015-12-071-0/+15
| | | | | | | | | | | | | | | | | | The Freescale linux-qoriq.inc is expecting that cfg folder is present in the source directory. Our recipes regarding cfg copies the cfg folder in the working directory. A patch was made to the Freescale's original recipe to look for cfg patches inside workdir, but this was not accepted by Freescale. A new fix was proposed that basically copies the cfg folder from the working directory to source directory where original FSL recipe expects to find it. This way we do not have to modify the original FSL recipe. In order to implement this fix python code that copies the cfg folder from working directory to source directory has been added in the do_unpack task. Signed-off-by: Andrei Varvara <andrei.varvara@enea.com> Signed-off-by: George Nita <george.nita@enea.com>
* Moved config fragment path fix for linux-qoriq kernelAndrei Varvara2015-11-251-0/+26
| | | | | | | | relocated config fragment path fix for linux-qoriq kernel from meta-fsl-ppc to meta-enea-bsp-ppc Signed-off-by: Andrei Varvara <andrei.varvara@enea.com> Signed-off-by: George Nita <george.nita@enea.com>
* add the linux-qoriq-prt kernel recipe from meta-fsl-ppcAdrian Dudau2015-11-173-0/+131
| | | | | | | | New kernel recipes are defined in the meta-enea-bsp-<arch> layers now. Movin the recipe together with patches from meta-fsl-ppc. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* minor changes to the README fileAdrian Dudau2015-11-021-2/+2
|
* linux-qoriq: add whitespace before prepend valueAdrian Dudau2015-10-291-1/+1
| | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* linux-qoriq: small formatting fixAdrian Dudau2015-10-291-1/+3
| | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* kernel: lose the staging-kernel legacyAdrian Dudau2015-10-292-182/+0
| | | | | | | | We give up building the so-called "staging kernel". From now on we'll use the native kernel configuration mechanism and issue two kernel build commands if needed. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* rename the kernel config fragments variableAdrian Dudau2015-10-291-3/+3
| | | | | | | To keep it in synch with the one defined in enea.common.inc in meta-enea-base. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* Initial commitAdrian Dudau2015-10-2813-0/+558
result of splitting up meta-enea Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-05 17:15:14 +0000