diff options
author | Adrian Stratulat <adrian.stratulat@enea.com> | 2020-08-31 09:05:28 +0200 |
---|---|---|
committer | Adrian Stratulat <adrian.stratulat@enea.com> | 2020-09-10 15:26:42 +0200 |
commit | 00c3bf142e169c73b165d43711f7f4d81bbf5927 (patch) | |
tree | a371169bc9b8ccc094e075f0301abbaf9ae7876e | |
parent | 28c30d52913547902c827ea485d487498f9c4bb2 (diff) | |
download | meta-enea-bsp-x86-00c3bf142e169c73b165d43711f7f4d81bbf5927.tar.gz |
linux-intel: remove files related to version 4.14
Change-Id: Ib1741c59ad331f68be1353374706c3edbeb420eb
Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
-rw-r--r-- | recipes-kernel/linux/linux-intel-guest_4.14.bb | 1 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel-host_4.14.bb | 1 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel-rt_4.14.bbappend | 29 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel.inc | 24 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-12233.patch | 52 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-13093.patch | 148 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-13094.patch | 51 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-14609.patch | 71 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-14617.patch | 64 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-14734.patch | 62 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-15572.patch | 99 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-16658.patch | 42 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel/CVE-2018-9363.patch | 56 | ||||
-rw-r--r-- | recipes-kernel/linux/linux-intel_4.14.bbappend | 26 |
14 files changed, 0 insertions, 726 deletions
diff --git a/recipes-kernel/linux/linux-intel-guest_4.14.bb b/recipes-kernel/linux/linux-intel-guest_4.14.bb deleted file mode 100644 index 6be0508..0000000 --- a/recipes-kernel/linux/linux-intel-guest_4.14.bb +++ /dev/null | |||
@@ -1 +0,0 @@ | |||
1 | require linux-intel.inc | ||
diff --git a/recipes-kernel/linux/linux-intel-host_4.14.bb b/recipes-kernel/linux/linux-intel-host_4.14.bb deleted file mode 100644 index 6be0508..0000000 --- a/recipes-kernel/linux/linux-intel-host_4.14.bb +++ /dev/null | |||
@@ -1 +0,0 @@ | |||
1 | require linux-intel.inc | ||
diff --git a/recipes-kernel/linux/linux-intel-rt_4.14.bbappend b/recipes-kernel/linux/linux-intel-rt_4.14.bbappend deleted file mode 100644 index a5108bc..0000000 --- a/recipes-kernel/linux/linux-intel-rt_4.14.bbappend +++ /dev/null | |||
@@ -1,29 +0,0 @@ | |||
1 | # look for files in the layer first | ||
2 | FILESEXTRAPATHS_prepend := "${THISDIR}/linux-intel:" | ||
3 | |||
4 | require recipes-kernel/linux/linux-deploy-kconfig.inc | ||
5 | |||
6 | SRCREV_metaenea = "7f34b40b0ba594d85ee8ccdf327d2a06f7ceaad4" | ||
7 | KENEABRANCH = "intel-4.14" | ||
8 | SRC_URI_append = " git://git@git.enea.com/linux/enea-kernel-cache.git;protocol=ssh;type=kmeta;name=metaenea;branch=${KENEABRANCH};destsuffix=enea-kernel-meta \ | ||
9 | file://CVE-2018-14734.patch \ | ||
10 | file://CVE-2018-12233.patch \ | ||
11 | file://CVE-2018-13093.patch \ | ||
12 | file://CVE-2018-13094.patch \ | ||
13 | file://CVE-2018-15572.patch \ | ||
14 | file://CVE-2018-9363.patch \ | ||
15 | file://CVE-2018-16658.patch \ | ||
16 | file://CVE-2018-14609.patch \ | ||
17 | file://CVE-2018-14617.patch \ | ||
18 | " | ||
19 | |||
20 | KERNEL_FEATURES_append = " features/x2apic/x2apic.scc" | ||
21 | |||
22 | # Debug tools support | ||
23 | KERNEL_FEATURES_append = " features/debug/debug_kernel_y.scc" | ||
24 | KERNEL_FEATURES_append = " features/kgdb/kgdb_y.scc" | ||
25 | KERNEL_FEATURES_append = " features/lttng/lttng_y.scc" | ||
26 | KERNEL_FEATURES_append = " features/latencytop/latencytop_y.scc" | ||
27 | KERNEL_FEATURES_append = " features/perf/perf_y.scc" | ||
28 | KERNEL_FEATURES_append = " features/systemtap/systemtap_y.scc" | ||
29 | |||
diff --git a/recipes-kernel/linux/linux-intel.inc b/recipes-kernel/linux/linux-intel.inc deleted file mode 100644 index 8ef5f1b..0000000 --- a/recipes-kernel/linux/linux-intel.inc +++ /dev/null | |||
@@ -1,24 +0,0 @@ | |||
1 | FILESEXTRAPATHS_prepend := "${THISDIR}/linux-intel:" | ||
2 | require recipes-kernel/linux/linux-intel_4.14.bb | ||
3 | require recipes-kernel/linux/linux-deploy-kconfig.inc | ||
4 | |||
5 | SRCREV_metaenea = "7f34b40b0ba594d85ee8ccdf327d2a06f7ceaad4" | ||
6 | KENEABRANCH = "intel-4.14" | ||
7 | SRC_URI_append = " git://git@git.enea.com/linux/enea-kernel-cache.git;protocol=ssh;type=kmeta;name=metaenea;branch=${KENEABRANCH};destsuffix=enea-kernel-meta" | ||
8 | |||
9 | KERNEL_FEATURES_append_atom-c3000 = " bsp/atom-c3000/atom-c3000.scc" | ||
10 | |||
11 | KERNEL_FEATURES_append = " features/udev/udev.scc" | ||
12 | |||
13 | # NFS boot support | ||
14 | KERNEL_FEATURES_append = " features/blkdev/net_blk_dev.scc" | ||
15 | |||
16 | # Intel 10G ports(SoC) | ||
17 | KERNEL_FEATURES_append_corei7-64-intel-common = " features/ixgbe/ixgbe_y.scc" | ||
18 | KERNEL_FEATURES_append_corei7-64-intel-common = " features/dca/dca_y.scc" | ||
19 | |||
20 | # NMVe SSD | ||
21 | KERNEL_FEATURES_append = " features/nvme/nvme.scc" | ||
22 | |||
23 | #IPv4 waiting for carrier on | ||
24 | KERNEL_FEATURES_append = " patches/ipv4/ipv4wait.scc" | ||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-12233.patch b/recipes-kernel/linux/linux-intel/CVE-2018-12233.patch deleted file mode 100644 index d7b6fb8..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-12233.patch +++ /dev/null | |||
@@ -1,52 +0,0 @@ | |||
1 | From 7d29fb53439c8c91874550cc078eda6db8feafe7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Shankara Pailoor <shankarapailoor@gmail.com> | ||
3 | Date: Tue, 5 Jun 2018 08:33:27 -0500 | ||
4 | Subject: [PATCH] jfs: Fix inconsistency between memory allocation and | ||
5 | ea_buf->max_size | ||
6 | |||
7 | commit 92d34134193e5b129dc24f8d79cb9196626e8d7a upstream. | ||
8 | |||
9 | The code is assuming the buffer is max_size length, but we weren't | ||
10 | allocating enough space for it. | ||
11 | |||
12 | CVE: CVE-2018-12233 | ||
13 | Upstream-Status: Backport | ||
14 | |||
15 | Signed-off-by: Shankara Pailoor <shankarapailoor@gmail.com> | ||
16 | Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com> | ||
17 | Cc: Guenter Roeck <linux@roeck-us.net> | ||
18 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
19 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
20 | --- | ||
21 | fs/jfs/xattr.c | 10 ++++++---- | ||
22 | 1 file changed, 6 insertions(+), 4 deletions(-) | ||
23 | |||
24 | diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c | ||
25 | index c60f3d3..a679798 100644 | ||
26 | --- a/fs/jfs/xattr.c | ||
27 | +++ b/fs/jfs/xattr.c | ||
28 | @@ -491,15 +491,17 @@ static int ea_get(struct inode *inode, struct ea_buffer *ea_buf, int min_size) | ||
29 | if (size > PSIZE) { | ||
30 | /* | ||
31 | * To keep the rest of the code simple. Allocate a | ||
32 | - * contiguous buffer to work with | ||
33 | + * contiguous buffer to work with. Make the buffer large | ||
34 | + * enough to make use of the whole extent. | ||
35 | */ | ||
36 | - ea_buf->xattr = kmalloc(size, GFP_KERNEL); | ||
37 | + ea_buf->max_size = (size + sb->s_blocksize - 1) & | ||
38 | + ~(sb->s_blocksize - 1); | ||
39 | + | ||
40 | + ea_buf->xattr = kmalloc(ea_buf->max_size, GFP_KERNEL); | ||
41 | if (ea_buf->xattr == NULL) | ||
42 | return -ENOMEM; | ||
43 | |||
44 | ea_buf->flag = EA_MALLOC; | ||
45 | - ea_buf->max_size = (size + sb->s_blocksize - 1) & | ||
46 | - ~(sb->s_blocksize - 1); | ||
47 | |||
48 | if (ea_size == 0) | ||
49 | return 0; | ||
50 | -- | ||
51 | 1.9.1 | ||
52 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-13093.patch b/recipes-kernel/linux/linux-intel/CVE-2018-13093.patch deleted file mode 100644 index 87b53c3..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-13093.patch +++ /dev/null | |||
@@ -1,148 +0,0 @@ | |||
1 | From c2ae72c4e543148cfb4232617815942f3ad1d37a Mon Sep 17 00:00:00 2001 | ||
2 | From: Dave Chinner <dchinner@redhat.com> | ||
3 | Date: Fri, 23 Mar 2018 10:22:53 -0700 | ||
4 | Subject: [PATCH] xfs: validate cached inodes are free when allocated | ||
5 | |||
6 | commit afca6c5b2595fc44383919fba740c194b0b76aff upstream. | ||
7 | |||
8 | A recent fuzzed filesystem image cached random dcache corruption | ||
9 | when the reproducer was run. This often showed up as panics in | ||
10 | lookup_slow() on a null inode->i_ops pointer when doing pathwalks. | ||
11 | |||
12 | BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 | ||
13 | .... | ||
14 | Call Trace: | ||
15 | lookup_slow+0x44/0x60 | ||
16 | walk_component+0x3dd/0x9f0 | ||
17 | link_path_walk+0x4a7/0x830 | ||
18 | path_lookupat+0xc1/0x470 | ||
19 | filename_lookup+0x129/0x270 | ||
20 | user_path_at_empty+0x36/0x40 | ||
21 | path_listxattr+0x98/0x110 | ||
22 | SyS_listxattr+0x13/0x20 | ||
23 | do_syscall_64+0xf5/0x280 | ||
24 | entry_SYSCALL_64_after_hwframe+0x42/0xb7 | ||
25 | |||
26 | but had many different failure modes including deadlocks trying to | ||
27 | lock the inode that was just allocated or KASAN reports of | ||
28 | use-after-free violations. | ||
29 | |||
30 | The cause of the problem was a corrupt INOBT on a v4 fs where the | ||
31 | root inode was marked as free in the inobt record. Hence when we | ||
32 | allocated an inode, it chose the root inode to allocate, found it in | ||
33 | the cache and re-initialised it. | ||
34 | |||
35 | We recently fixed a similar inode allocation issue caused by inobt | ||
36 | record corruption problem in xfs_iget_cache_miss() in commit | ||
37 | ee457001ed6c ("xfs: catch inode allocation state mismatch | ||
38 | corruption"). This change adds similar checks to the cache-hit path | ||
39 | to catch it, and turns the reproducer into a corruption shutdown | ||
40 | situation. | ||
41 | |||
42 | CVE: CVE-2018-13093 | ||
43 | Upstream-Status: Backport | ||
44 | |||
45 | Reported-by: Wen Xu <wen.xu@gatech.edu> | ||
46 | Signed-Off-By: Dave Chinner <dchinner@redhat.com> | ||
47 | Reviewed-by: Christoph Hellwig <hch@lst.de> | ||
48 | Reviewed-by: Carlos Maiolino <cmaiolino@redhat.com> | ||
49 | Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> | ||
50 | [darrick: fix typos in comment] | ||
51 | Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> | ||
52 | Cc: Eduardo Valentin <eduval@amazon.com> | ||
53 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
54 | |||
55 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
56 | --- | ||
57 | fs/xfs/xfs_icache.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++------- | ||
58 | 1 file changed, 51 insertions(+), 7 deletions(-) | ||
59 | |||
60 | diff --git a/fs/xfs/xfs_icache.c b/fs/xfs/xfs_icache.c | ||
61 | index 43005fb..544b521 100644 | ||
62 | --- a/fs/xfs/xfs_icache.c | ||
63 | +++ b/fs/xfs/xfs_icache.c | ||
64 | @@ -306,6 +306,46 @@ struct xfs_inode * | ||
65 | } | ||
66 | |||
67 | /* | ||
68 | + * If we are allocating a new inode, then check what was returned is | ||
69 | + * actually a free, empty inode. If we are not allocating an inode, | ||
70 | + * then check we didn't find a free inode. | ||
71 | + * | ||
72 | + * Returns: | ||
73 | + * 0 if the inode free state matches the lookup context | ||
74 | + * -ENOENT if the inode is free and we are not allocating | ||
75 | + * -EFSCORRUPTED if there is any state mismatch at all | ||
76 | + */ | ||
77 | +static int | ||
78 | +xfs_iget_check_free_state( | ||
79 | + struct xfs_inode *ip, | ||
80 | + int flags) | ||
81 | +{ | ||
82 | + if (flags & XFS_IGET_CREATE) { | ||
83 | + /* should be a free inode */ | ||
84 | + if (VFS_I(ip)->i_mode != 0) { | ||
85 | + xfs_warn(ip->i_mount, | ||
86 | +"Corruption detected! Free inode 0x%llx not marked free! (mode 0x%x)", | ||
87 | + ip->i_ino, VFS_I(ip)->i_mode); | ||
88 | + return -EFSCORRUPTED; | ||
89 | + } | ||
90 | + | ||
91 | + if (ip->i_d.di_nblocks != 0) { | ||
92 | + xfs_warn(ip->i_mount, | ||
93 | +"Corruption detected! Free inode 0x%llx has blocks allocated!", | ||
94 | + ip->i_ino); | ||
95 | + return -EFSCORRUPTED; | ||
96 | + } | ||
97 | + return 0; | ||
98 | + } | ||
99 | + | ||
100 | + /* should be an allocated inode */ | ||
101 | + if (VFS_I(ip)->i_mode == 0) | ||
102 | + return -ENOENT; | ||
103 | + | ||
104 | + return 0; | ||
105 | +} | ||
106 | + | ||
107 | +/* | ||
108 | * Check the validity of the inode we just found it the cache | ||
109 | */ | ||
110 | static int | ||
111 | @@ -354,12 +394,12 @@ struct xfs_inode * | ||
112 | } | ||
113 | |||
114 | /* | ||
115 | - * If lookup is racing with unlink return an error immediately. | ||
116 | + * Check the inode free state is valid. This also detects lookup | ||
117 | + * racing with unlinks. | ||
118 | */ | ||
119 | - if (VFS_I(ip)->i_mode == 0 && !(flags & XFS_IGET_CREATE)) { | ||
120 | - error = -ENOENT; | ||
121 | + error = xfs_iget_check_free_state(ip, flags); | ||
122 | + if (error) | ||
123 | goto out_error; | ||
124 | - } | ||
125 | |||
126 | /* | ||
127 | * If IRECLAIMABLE is set, we've torn down the VFS inode already. | ||
128 | @@ -475,10 +515,14 @@ struct xfs_inode * | ||
129 | |||
130 | trace_xfs_iget_miss(ip); | ||
131 | |||
132 | - if ((VFS_I(ip)->i_mode == 0) && !(flags & XFS_IGET_CREATE)) { | ||
133 | - error = -ENOENT; | ||
134 | + | ||
135 | + /* | ||
136 | + * Check the inode free state is valid. This also detects lookup | ||
137 | + * racing with unlinks. | ||
138 | + */ | ||
139 | + error = xfs_iget_check_free_state(ip, flags); | ||
140 | + if (error) | ||
141 | goto out_destroy; | ||
142 | - } | ||
143 | |||
144 | /* | ||
145 | * Preload the radix tree so we can insert safely under the | ||
146 | -- | ||
147 | 1.9.1 | ||
148 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-13094.patch b/recipes-kernel/linux/linux-intel/CVE-2018-13094.patch deleted file mode 100644 index b42ac8f..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-13094.patch +++ /dev/null | |||
@@ -1,51 +0,0 @@ | |||
1 | From 59f35b983e8aeb98188c6ef93f8eabc594f8f953 Mon Sep 17 00:00:00 2001 | ||
2 | From: Eric Sandeen <sandeen@sandeen.net> | ||
3 | Date: Fri, 8 Jun 2018 09:53:49 -0700 | ||
4 | Subject: [PATCH] xfs: don't call xfs_da_shrink_inode with NULL bp | ||
5 | |||
6 | commit bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a upstream. | ||
7 | |||
8 | xfs_attr3_leaf_create may have errored out before instantiating a buffer, | ||
9 | for example if the blkno is out of range. In that case there is no work | ||
10 | to do to remove it, and in fact xfs_da_shrink_inode will lead to an oops | ||
11 | if we try. | ||
12 | |||
13 | This also seems to fix a flaw where the original error from | ||
14 | xfs_attr3_leaf_create gets overwritten in the cleanup case, and it | ||
15 | removes a pointless assignment to bp which isn't used after this. | ||
16 | |||
17 | CVE: CVE-2018-13094 | ||
18 | Upstream-Status: Backport | ||
19 | |||
20 | Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199969 | ||
21 | Reported-by: Xu, Wen <wen.xu@gatech.edu> | ||
22 | Tested-by: Xu, Wen <wen.xu@gatech.edu> | ||
23 | Signed-off-by: Eric Sandeen <sandeen@redhat.com> | ||
24 | Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> | ||
25 | Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> | ||
26 | Cc: Eduardo Valentin <eduval@amazon.com> | ||
27 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
28 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
29 | --- | ||
30 | fs/xfs/libxfs/xfs_attr_leaf.c | 5 ++--- | ||
31 | 1 file changed, 2 insertions(+), 3 deletions(-) | ||
32 | |||
33 | diff --git a/fs/xfs/libxfs/xfs_attr_leaf.c b/fs/xfs/libxfs/xfs_attr_leaf.c | ||
34 | index 5c16db8..40e53a4 100644 | ||
35 | --- a/fs/xfs/libxfs/xfs_attr_leaf.c | ||
36 | +++ b/fs/xfs/libxfs/xfs_attr_leaf.c | ||
37 | @@ -785,9 +785,8 @@ STATIC void xfs_attr3_leaf_moveents(struct xfs_da_args *args, | ||
38 | ASSERT(blkno == 0); | ||
39 | error = xfs_attr3_leaf_create(args, blkno, &bp); | ||
40 | if (error) { | ||
41 | - error = xfs_da_shrink_inode(args, 0, bp); | ||
42 | - bp = NULL; | ||
43 | - if (error) | ||
44 | + /* xfs_attr3_leaf_create may not have instantiated a block */ | ||
45 | + if (bp && (xfs_da_shrink_inode(args, 0, bp) != 0)) | ||
46 | goto out; | ||
47 | xfs_idata_realloc(dp, size, XFS_ATTR_FORK); /* try to put */ | ||
48 | memcpy(ifp->if_u1.if_data, tmpbuffer, size); /* it back */ | ||
49 | -- | ||
50 | 1.9.1 | ||
51 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-14609.patch b/recipes-kernel/linux/linux-intel/CVE-2018-14609.patch deleted file mode 100644 index 96d8a4e..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-14609.patch +++ /dev/null | |||
@@ -1,71 +0,0 @@ | |||
1 | From 0cdbc3faf960de16ebe8a427feb3b0544ad983cc Mon Sep 17 00:00:00 2001 | ||
2 | From: Qu Wenruo <wqu@suse.com> | ||
3 | Date: Tue, 3 Jul 2018 17:10:07 +0800 | ||
4 | Subject: [PATCH] btrfs: relocation: Only remove reloc rb_trees if reloc | ||
5 | control has been initialized | ||
6 | |||
7 | [ Upstream commit 389305b2aa68723c754f88d9dbd268a400e10664 ] | ||
8 | |||
9 | Invalid reloc tree can cause kernel NULL pointer dereference when btrfs | ||
10 | does some cleanup of the reloc roots. | ||
11 | |||
12 | It turns out that fs_info::reloc_ctl can be NULL in | ||
13 | btrfs_recover_relocation() as we allocate relocation control after all | ||
14 | reloc roots have been verified. | ||
15 | So when we hit: note, we haven't called set_reloc_control() thus | ||
16 | fs_info::reloc_ctl is still NULL. | ||
17 | |||
18 | CVE: CVE-2018-14609 | ||
19 | Upstream-Status: Backport | ||
20 | |||
21 | Link: https://bugzilla.kernel.org/show_bug.cgi?id=199833 | ||
22 | Reported-by: Xu Wen <wen.xu@gatech.edu> | ||
23 | Signed-off-by: Qu Wenruo <wqu@suse.com> | ||
24 | Tested-by: Gu Jinxiang <gujx@cn.fujitsu.com> | ||
25 | Reviewed-by: David Sterba <dsterba@suse.com> | ||
26 | Signed-off-by: David Sterba <dsterba@suse.com> | ||
27 | Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> | ||
28 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
29 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
30 | --- | ||
31 | fs/btrfs/relocation.c | 23 ++++++++++++----------- | ||
32 | 1 file changed, 12 insertions(+), 11 deletions(-) | ||
33 | |||
34 | diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c | ||
35 | index 9841fae..b80b03e 100644 | ||
36 | --- a/fs/btrfs/relocation.c | ||
37 | +++ b/fs/btrfs/relocation.c | ||
38 | @@ -1334,18 +1334,19 @@ static void __del_reloc_root(struct btrfs_root *root) | ||
39 | struct mapping_node *node = NULL; | ||
40 | struct reloc_control *rc = fs_info->reloc_ctl; | ||
41 | |||
42 | - spin_lock(&rc->reloc_root_tree.lock); | ||
43 | - rb_node = tree_search(&rc->reloc_root_tree.rb_root, | ||
44 | - root->node->start); | ||
45 | - if (rb_node) { | ||
46 | - node = rb_entry(rb_node, struct mapping_node, rb_node); | ||
47 | - rb_erase(&node->rb_node, &rc->reloc_root_tree.rb_root); | ||
48 | + if (rc) { | ||
49 | + spin_lock(&rc->reloc_root_tree.lock); | ||
50 | + rb_node = tree_search(&rc->reloc_root_tree.rb_root, | ||
51 | + root->node->start); | ||
52 | + if (rb_node) { | ||
53 | + node = rb_entry(rb_node, struct mapping_node, rb_node); | ||
54 | + rb_erase(&node->rb_node, &rc->reloc_root_tree.rb_root); | ||
55 | + } | ||
56 | + spin_unlock(&rc->reloc_root_tree.lock); | ||
57 | + if (!node) | ||
58 | + return; | ||
59 | + BUG_ON((struct btrfs_root *)node->data != root); | ||
60 | } | ||
61 | - spin_unlock(&rc->reloc_root_tree.lock); | ||
62 | - | ||
63 | - if (!node) | ||
64 | - return; | ||
65 | - BUG_ON((struct btrfs_root *)node->data != root); | ||
66 | |||
67 | spin_lock(&fs_info->trans_lock); | ||
68 | list_del_init(&root->root_list); | ||
69 | -- | ||
70 | 1.9.1 | ||
71 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-14617.patch b/recipes-kernel/linux/linux-intel/CVE-2018-14617.patch deleted file mode 100644 index 8801932..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-14617.patch +++ /dev/null | |||
@@ -1,64 +0,0 @@ | |||
1 | From 68e787c3c80059c776d1d7afb20f5eb9f20237a5 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Ernesto=20A=2E=20Fern=C3=A1ndez?= | ||
3 | <ernesto.mnd.fernandez@gmail.com> | ||
4 | Date: Thu, 23 Aug 2018 17:00:25 -0700 | ||
5 | Subject: [PATCH] hfsplus: fix NULL dereference in hfsplus_lookup() | ||
6 | MIME-Version: 1.0 | ||
7 | Content-Type: text/plain; charset=UTF-8 | ||
8 | Content-Transfer-Encoding: 8bit | ||
9 | |||
10 | [ Upstream commit a7ec7a4193a2eb3b5341243fc0b621c1ac9e4ec4 ] | ||
11 | |||
12 | An HFS+ filesystem can be mounted read-only without having a metadata | ||
13 | directory, which is needed to support hardlinks. But if the catalog | ||
14 | data is corrupted, a directory lookup may still find dentries claiming | ||
15 | to be hardlinks. | ||
16 | |||
17 | hfsplus_lookup() does check that ->hidden_dir is not NULL in such a | ||
18 | situation, but mistakenly does so after dereferencing it for the first | ||
19 | time. Reorder this check to prevent a crash. | ||
20 | |||
21 | This happens when looking up corrupted catalog data (dentry) on a | ||
22 | filesystem with no metadata directory (this could only ever happen on a | ||
23 | read-only mount). Wen Xu sent the replication steps in detail to the | ||
24 | fsdevel list: https://bugzilla.kernel.org/show_bug.cgi?id=200297 | ||
25 | |||
26 | CVE: CVE-2018-14617 | ||
27 | Upstream-Status: Backport | ||
28 | |||
29 | Link: http://lkml.kernel.org/r/20180712215344.q44dyrhymm4ajkao@eaf | ||
30 | Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com> | ||
31 | Reported-by: Wen Xu <wen.xu@gatech.edu> | ||
32 | Cc: Viacheslav Dubeyko <slava@dubeyko.com> | ||
33 | Signed-off-by: Andrew Morton <akpm@linux-foundation.org> | ||
34 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | ||
35 | Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> | ||
36 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
37 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
38 | --- | ||
39 | fs/hfsplus/dir.c | 4 ++-- | ||
40 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
41 | |||
42 | diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c | ||
43 | index e8120a2..1a44c46 100644 | ||
44 | --- a/fs/hfsplus/dir.c | ||
45 | +++ b/fs/hfsplus/dir.c | ||
46 | @@ -78,13 +78,13 @@ static struct dentry *hfsplus_lookup(struct inode *dir, struct dentry *dentry, | ||
47 | cpu_to_be32(HFSP_HARDLINK_TYPE) && | ||
48 | entry.file.user_info.fdCreator == | ||
49 | cpu_to_be32(HFSP_HFSPLUS_CREATOR) && | ||
50 | + HFSPLUS_SB(sb)->hidden_dir && | ||
51 | (entry.file.create_date == | ||
52 | HFSPLUS_I(HFSPLUS_SB(sb)->hidden_dir)-> | ||
53 | create_date || | ||
54 | entry.file.create_date == | ||
55 | HFSPLUS_I(d_inode(sb->s_root))-> | ||
56 | - create_date) && | ||
57 | - HFSPLUS_SB(sb)->hidden_dir) { | ||
58 | + create_date)) { | ||
59 | struct qstr str; | ||
60 | char name[32]; | ||
61 | |||
62 | -- | ||
63 | 1.9.1 | ||
64 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-14734.patch b/recipes-kernel/linux/linux-intel/CVE-2018-14734.patch deleted file mode 100644 index 4d58410..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-14734.patch +++ /dev/null | |||
@@ -1,62 +0,0 @@ | |||
1 | From e27dad1eb1ac7bedb5a033ac2e068543742c807b Mon Sep 17 00:00:00 2001 | ||
2 | From: Cong Wang <xiyou.wangcong@gmail.com> | ||
3 | Date: Fri, 1 Jun 2018 11:31:44 -0700 | ||
4 | Subject: [PATCH] infiniband: fix a possible use-after-free bug | ||
5 | |||
6 | [ Upstream commit cb2595c1393b4a5211534e6f0a0fbad369e21ad8 ] | ||
7 | |||
8 | ucma_process_join() will free the new allocated "mc" struct, | ||
9 | if there is any error after that, especially the copy_to_user(). | ||
10 | |||
11 | But in parallel, ucma_leave_multicast() could find this "mc" | ||
12 | through idr_find() before ucma_process_join() frees it, since it | ||
13 | is already published. | ||
14 | |||
15 | So "mc" could be used in ucma_leave_multicast() after it is been | ||
16 | allocated and freed in ucma_process_join(), since we don't refcnt | ||
17 | it. | ||
18 | |||
19 | Fix this by separating "publish" from ID allocation, so that we | ||
20 | can get an ID first and publish it later after copy_to_user(). | ||
21 | |||
22 | CVE: CVE-2018-14734 | ||
23 | Upstream-Status: Backport | ||
24 | |||
25 | Fixes: c8f6a362bf3e ("RDMA/cma: Add multicast communication support") | ||
26 | Reported-by: Noam Rathaus <noamr@beyondsecurity.com> | ||
27 | Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> | ||
28 | Signed-off-by: Jason Gunthorpe <jgg@mellanox.com> | ||
29 | Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> | ||
30 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
31 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
32 | --- | ||
33 | drivers/infiniband/core/ucma.c | 6 +++++- | ||
34 | 1 file changed, 5 insertions(+), 1 deletion(-) | ||
35 | |||
36 | diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c | ||
37 | index e47baf0..a22b992 100644 | ||
38 | --- a/drivers/infiniband/core/ucma.c | ||
39 | +++ b/drivers/infiniband/core/ucma.c | ||
40 | @@ -218,7 +218,7 @@ static struct ucma_multicast* ucma_alloc_multicast(struct ucma_context *ctx) | ||
41 | return NULL; | ||
42 | |||
43 | mutex_lock(&mut); | ||
44 | - mc->id = idr_alloc(&multicast_idr, mc, 0, 0, GFP_KERNEL); | ||
45 | + mc->id = idr_alloc(&multicast_idr, NULL, 0, 0, GFP_KERNEL); | ||
46 | mutex_unlock(&mut); | ||
47 | if (mc->id < 0) | ||
48 | goto error; | ||
49 | @@ -1404,6 +1404,10 @@ static ssize_t ucma_process_join(struct ucma_file *file, | ||
50 | goto err3; | ||
51 | } | ||
52 | |||
53 | + mutex_lock(&mut); | ||
54 | + idr_replace(&multicast_idr, mc, mc->id); | ||
55 | + mutex_unlock(&mut); | ||
56 | + | ||
57 | mutex_unlock(&file->mut); | ||
58 | ucma_put_ctx(ctx); | ||
59 | return 0; | ||
60 | -- | ||
61 | 2.7.4 | ||
62 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-15572.patch b/recipes-kernel/linux/linux-intel/CVE-2018-15572.patch deleted file mode 100644 index 27722af..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-15572.patch +++ /dev/null | |||
@@ -1,99 +0,0 @@ | |||
1 | From f374b5593e44c01265156b4c4070b618097f401b Mon Sep 17 00:00:00 2001 | ||
2 | From: Jiri Kosina <jkosina@suse.cz> | ||
3 | Date: Thu, 26 Jul 2018 13:14:55 +0200 | ||
4 | Subject: [PATCH] x86/speculation: Protect against userspace-userspace | ||
5 | spectreRSB | ||
6 | |||
7 | commit fdf82a7856b32d905c39afc85e34364491e46346 upstream. | ||
8 | |||
9 | The article "Spectre Returns! Speculation Attacks using the Return Stack | ||
10 | Buffer" [1] describes two new (sub-)variants of spectrev2-like attacks, | ||
11 | making use solely of the RSB contents even on CPUs that don't fallback to | ||
12 | BTB on RSB underflow (Skylake+). | ||
13 | |||
14 | Mitigate userspace-userspace attacks by always unconditionally filling RSB on | ||
15 | context switch when the generic spectrev2 mitigation has been enabled. | ||
16 | |||
17 | [1] https://arxiv.org/pdf/1807.07940.pdf | ||
18 | |||
19 | CVE: CVE-2018-15572 | ||
20 | Upstream-Status: Backport | ||
21 | |||
22 | Signed-off-by: Jiri Kosina <jkosina@suse.cz> | ||
23 | Signed-off-by: Thomas Gleixner <tglx@linutronix.de> | ||
24 | Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com> | ||
25 | Acked-by: Tim Chen <tim.c.chen@linux.intel.com> | ||
26 | Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> | ||
27 | Cc: Borislav Petkov <bp@suse.de> | ||
28 | Cc: David Woodhouse <dwmw@amazon.co.uk> | ||
29 | Cc: Peter Zijlstra <peterz@infradead.org> | ||
30 | Cc: Linus Torvalds <torvalds@linux-foundation.org> | ||
31 | Cc: stable@vger.kernel.org | ||
32 | Link: https://lkml.kernel.org/r/nycvar.YFH.7.76.1807261308190.997@cbobk.fhfr.pm | ||
33 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
34 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
35 | --- | ||
36 | arch/x86/kernel/cpu/bugs.c | 38 +++++++------------------------------- | ||
37 | 1 file changed, 7 insertions(+), 31 deletions(-) | ||
38 | |||
39 | diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c | ||
40 | index 7416fc2..1d3bbaa 100644 | ||
41 | --- a/arch/x86/kernel/cpu/bugs.c | ||
42 | +++ b/arch/x86/kernel/cpu/bugs.c | ||
43 | @@ -311,23 +311,6 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) | ||
44 | return cmd; | ||
45 | } | ||
46 | |||
47 | -/* Check for Skylake-like CPUs (for RSB handling) */ | ||
48 | -static bool __init is_skylake_era(void) | ||
49 | -{ | ||
50 | - if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL && | ||
51 | - boot_cpu_data.x86 == 6) { | ||
52 | - switch (boot_cpu_data.x86_model) { | ||
53 | - case INTEL_FAM6_SKYLAKE_MOBILE: | ||
54 | - case INTEL_FAM6_SKYLAKE_DESKTOP: | ||
55 | - case INTEL_FAM6_SKYLAKE_X: | ||
56 | - case INTEL_FAM6_KABYLAKE_MOBILE: | ||
57 | - case INTEL_FAM6_KABYLAKE_DESKTOP: | ||
58 | - return true; | ||
59 | - } | ||
60 | - } | ||
61 | - return false; | ||
62 | -} | ||
63 | - | ||
64 | static void __init spectre_v2_select_mitigation(void) | ||
65 | { | ||
66 | enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); | ||
67 | @@ -388,22 +371,15 @@ static void __init spectre_v2_select_mitigation(void) | ||
68 | pr_info("%s\n", spectre_v2_strings[mode]); | ||
69 | |||
70 | /* | ||
71 | - * If neither SMEP nor PTI are available, there is a risk of | ||
72 | - * hitting userspace addresses in the RSB after a context switch | ||
73 | - * from a shallow call stack to a deeper one. To prevent this fill | ||
74 | - * the entire RSB, even when using IBRS. | ||
75 | + * If spectre v2 protection has been enabled, unconditionally fill | ||
76 | + * RSB during a context switch; this protects against two independent | ||
77 | + * issues: | ||
78 | * | ||
79 | - * Skylake era CPUs have a separate issue with *underflow* of the | ||
80 | - * RSB, when they will predict 'ret' targets from the generic BTB. | ||
81 | - * The proper mitigation for this is IBRS. If IBRS is not supported | ||
82 | - * or deactivated in favour of retpolines the RSB fill on context | ||
83 | - * switch is required. | ||
84 | + * - RSB underflow (and switch to BTB) on Skylake+ | ||
85 | + * - SpectreRSB variant of spectre v2 on X86_BUG_SPECTRE_V2 CPUs | ||
86 | */ | ||
87 | - if ((!boot_cpu_has(X86_FEATURE_PTI) && | ||
88 | - !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) { | ||
89 | - setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); | ||
90 | - pr_info("Spectre v2 mitigation: Filling RSB on context switch\n"); | ||
91 | - } | ||
92 | + setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); | ||
93 | + pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n"); | ||
94 | |||
95 | /* Initialize Indirect Branch Prediction Barrier if supported */ | ||
96 | if (boot_cpu_has(X86_FEATURE_IBPB)) { | ||
97 | -- | ||
98 | 1.9.1 | ||
99 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-16658.patch b/recipes-kernel/linux/linux-intel/CVE-2018-16658.patch deleted file mode 100644 index d6dc109..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-16658.patch +++ /dev/null | |||
@@ -1,42 +0,0 @@ | |||
1 | From 73b2e7073b51de0b03ebd15c97dd3ad0c3470810 Mon Sep 17 00:00:00 2001 | ||
2 | From: Scott Bauer <scott.bauer@intel.com> | ||
3 | Date: Thu, 26 Apr 2018 11:51:08 -0600 | ||
4 | Subject: [PATCH] cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status | ||
5 | |||
6 | commit 8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 upstream. | ||
7 | |||
8 | Like d88b6d04: "cdrom: information leak in cdrom_ioctl_media_changed()" | ||
9 | |||
10 | There is another cast from unsigned long to int which causes | ||
11 | a bounds check to fail with specially crafted input. The value is | ||
12 | then used as an index in the slot array in cdrom_slot_status(). | ||
13 | |||
14 | CVE: CVE-2018-16658 | ||
15 | Upstream-Status: Backport | ||
16 | |||
17 | Signed-off-by: Scott Bauer <scott.bauer@intel.com> | ||
18 | Signed-off-by: Scott Bauer <sbauer@plzdonthack.me> | ||
19 | Cc: stable@vger.kernel.org | ||
20 | Signed-off-by: Jens Axboe <axboe@kernel.dk> | ||
21 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
22 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
23 | --- | ||
24 | drivers/cdrom/cdrom.c | 2 +- | ||
25 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
26 | |||
27 | diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c | ||
28 | index bfc566d..8cfa10ab 100644 | ||
29 | --- a/drivers/cdrom/cdrom.c | ||
30 | +++ b/drivers/cdrom/cdrom.c | ||
31 | @@ -2542,7 +2542,7 @@ static int cdrom_ioctl_drive_status(struct cdrom_device_info *cdi, | ||
32 | if (!CDROM_CAN(CDC_SELECT_DISC) || | ||
33 | (arg == CDSL_CURRENT || arg == CDSL_NONE)) | ||
34 | return cdi->ops->drive_status(cdi, CDSL_CURRENT); | ||
35 | - if (((int)arg >= cdi->capacity)) | ||
36 | + if (arg >= cdi->capacity) | ||
37 | return -EINVAL; | ||
38 | return cdrom_slot_status(cdi, arg); | ||
39 | } | ||
40 | -- | ||
41 | 1.9.1 | ||
42 | |||
diff --git a/recipes-kernel/linux/linux-intel/CVE-2018-9363.patch b/recipes-kernel/linux/linux-intel/CVE-2018-9363.patch deleted file mode 100644 index 45a02d7..0000000 --- a/recipes-kernel/linux/linux-intel/CVE-2018-9363.patch +++ /dev/null | |||
@@ -1,56 +0,0 @@ | |||
1 | From 6e2c702e797c25b49dac3a9f663c449f30cf8efc Mon Sep 17 00:00:00 2001 | ||
2 | From: Mark Salyzyn <salyzyn@android.com> | ||
3 | Date: Tue, 31 Jul 2018 15:02:13 -0700 | ||
4 | Subject: [PATCH] Bluetooth: hidp: buffer overflow in hidp_process_report | ||
5 | |||
6 | commit 7992c18810e568b95c869b227137a2215702a805 upstream. | ||
7 | |||
8 | CVE-2018-9363 | ||
9 | |||
10 | The buffer length is unsigned at all layers, but gets cast to int and | ||
11 | checked in hidp_process_report and can lead to a buffer overflow. | ||
12 | Switch len parameter to unsigned int to resolve issue. | ||
13 | |||
14 | This affects 3.18 and newer kernels. | ||
15 | |||
16 | CVE: CVE-2018-9363 | ||
17 | Upstream-Status: Backport | ||
18 | |||
19 | Signed-off-by: Mark Salyzyn <salyzyn@android.com> | ||
20 | Fixes: a4b1b5877b514b276f0f31efe02388a9c2836728 ("HID: Bluetooth: hidp: make sure input buffers are big enough") | ||
21 | Cc: Marcel Holtmann <marcel@holtmann.org> | ||
22 | Cc: Johan Hedberg <johan.hedberg@gmail.com> | ||
23 | Cc: "David S. Miller" <davem@davemloft.net> | ||
24 | Cc: Kees Cook <keescook@chromium.org> | ||
25 | Cc: Benjamin Tissoires <benjamin.tissoires@redhat.com> | ||
26 | Cc: linux-bluetooth@vger.kernel.org | ||
27 | Cc: netdev@vger.kernel.org | ||
28 | Cc: linux-kernel@vger.kernel.org | ||
29 | Cc: security@kernel.org | ||
30 | Cc: kernel-team@android.com | ||
31 | Acked-by: Kees Cook <keescook@chromium.org> | ||
32 | Signed-off-by: Marcel Holtmann <marcel@holtmann.org> | ||
33 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
34 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
35 | --- | ||
36 | net/bluetooth/hidp/core.c | 4 ++-- | ||
37 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
38 | |||
39 | diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c | ||
40 | index 8112893..cef3754 100644 | ||
41 | --- a/net/bluetooth/hidp/core.c | ||
42 | +++ b/net/bluetooth/hidp/core.c | ||
43 | @@ -431,8 +431,8 @@ static void hidp_del_timer(struct hidp_session *session) | ||
44 | del_timer(&session->timer); | ||
45 | } | ||
46 | |||
47 | -static void hidp_process_report(struct hidp_session *session, | ||
48 | - int type, const u8 *data, int len, int intr) | ||
49 | +static void hidp_process_report(struct hidp_session *session, int type, | ||
50 | + const u8 *data, unsigned int len, int intr) | ||
51 | { | ||
52 | if (len > HID_MAX_BUFFER_SIZE) | ||
53 | len = HID_MAX_BUFFER_SIZE; | ||
54 | -- | ||
55 | 1.9.1 | ||
56 | |||
diff --git a/recipes-kernel/linux/linux-intel_4.14.bbappend b/recipes-kernel/linux/linux-intel_4.14.bbappend deleted file mode 100644 index fe1f614..0000000 --- a/recipes-kernel/linux/linux-intel_4.14.bbappend +++ /dev/null | |||
@@ -1,26 +0,0 @@ | |||
1 | # look for files in the layer first | ||
2 | FILESEXTRAPATHS_prepend := "${THISDIR}/linux-intel:" | ||
3 | |||
4 | require recipes-kernel/linux/linux-deploy-kconfig.inc | ||
5 | |||
6 | SRCREV_metaenea = "8ea21d43cbf695382a52ddbd7861dee09f8e92ef" | ||
7 | KENEABRANCH = "intel-4.14" | ||
8 | SRC_URI_append = " git://git@git.enea.com/linux/enea-kernel-cache.git;protocol=ssh;type=kmeta;name=metaenea;branch=${KENEABRANCH};destsuffix=enea-kernel-meta \ | ||
9 | file://CVE-2018-16658.patch \ | ||
10 | file://CVE-2018-14609.patch \ | ||
11 | file://CVE-2018-14617.patch \ | ||
12 | " | ||
13 | |||
14 | KERNEL_FEATURES_append = " features/x2apic/x2apic.scc" | ||
15 | |||
16 | # Debug tools support | ||
17 | KERNEL_FEATURES_append = " features/debug/debug_kernel_y.scc" | ||
18 | KERNEL_FEATURES_append = " features/kgdb/kgdb_y.scc" | ||
19 | KERNEL_FEATURES_append = " features/lttng/lttng_y.scc" | ||
20 | KERNEL_FEATURES_append = " features/latencytop/latencytop_y.scc" | ||
21 | KERNEL_FEATURES_append = " features/perf/perf_y.scc" | ||
22 | KERNEL_FEATURES_append = " features/systemtap/systemtap_y.scc" | ||
23 | |||
24 | # Audio/video support | ||
25 | KERNEL_FEATURES_append_corei7-64-intel-common = " features/drm/drm_y.scc" | ||
26 | KERNEL_FEATURES_append_corei7-64-intel-common = " features/sound/sound_y.scc" | ||