Integrating Paul Gortmaker's -stable updates to 4.12 that comprise the
following changes:
f4fd7580487d Linux 4.12.28
d15dfc7d192f net: mvneta: eliminate wrong call to handle rx descriptor error
c7a79cbd2b44 net: mvneta: use proper rxq_number in loop on rx queues
f65f1aed2ef2 net: mvneta: clear interface link status on port disable
402f4ea26693 tcp: add tcp_ooo_try_coalesce() helper
035eddf502ef tcp: call tcp_drop() from tcp_data_queue_ofo()
c224a5920d55 tcp: detect malicious patterns in tcp_collapse_ofo_queue()
7c5d21c36cec tcp: avoid collapses in tcp_prune_queue() if possible
f999a5cfc3eb tcp: free batches of packets in tcp_prune_ofo_queue()
3471d76b1128 net: add rb_to_skb() and other rb tree helpers
fcd212157f50 libnvdimm, pfn: fix start_pad handling for aligned namespaces
d90d61722843 libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment
df6a2110169e drm/sun4i: Fix error path handling
d2d90272068d drm/i915: Flush pending GTT writes before unbinding
55e3ba836aee powerpc/perf: Dereference BHRB entries safely
32c5b092ac7e clk: sunxi: sun9i-mmc: Implement reset callback for reset controls
a472f9b5c546 pinctrl: cherryview: Mask all interrupts on Intel_Strago based systems
32f9f01a1b49 spi: a3700: Fix clk prescaling for coefficient over 15
39e2376e2774 spi: xilinx: Detect stall with Unknown commands
104bf43e4653 Revert "parisc: Re-enable interrupts early"
2c6a864363b5 parisc: Hide Diva-built-in serial aux and graphics card
4e92abc4d371 parisc: Align os_hpmc_size on word boundary
8df2ad333664 ALSA: usb-audio: Add native DSD support for Esoteric D-05X
2d7184d7f8b1 ALSA: rawmidi: Avoid racy info ioctl via ctl device
425708ccc413 mfd: twl6040: Fix child-node lookup
d99aacab316b mfd: twl4030-audio: Fix sibling-node lookup
cd2ca561cdd7 mfd: cros ec: spi: Don't send first message too soon
f5d153b69e6a crypto: mcryptd - protect the per-CPU queue with a lock
01b2634b17f4 acpi, nfit: fix health event notification
1170a37d5339 ACPI: APEI / ERST: Fix missing error handling in erst_reader()
0cf5d1f5ce10 bpf: fix incorrect sign extension in check_alu_op()
39cc58874bfc bpf, sparc: fix usage of wrong reg for load_skb_regs after call
8c570303798e bpf, ppc64: do not reload skb pointers in non-skb context
05bd23b36b88 bpf, s390x: do not reload skb pointers in non-skb context
da92e092ffa7 platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes
ab3980511fa0 thermal/drivers/hisi: Fix multiple alarm interrupts firing
ed7ec377cb05 thermal/drivers/hisi: Simplify the temperature/step computation
b4322338048d thermal/drivers/hisi: Fix kernel panic on alarm interrupt
e9b4b6019cc2 thermal/drivers/hisi: Fix missing interrupt enablement
01f1870f5aa8 IB/opa_vnic: Properly return the total MACs in UC MAC list
59522364dab2 IB/opa_vnic: Properly clear Mac Table Digest
84cf0ea1cb2a cpuidle: fix broadcast control when broadcast can not be entered
fdb28a72dafa rtc: set the alarm to the next expiring timer
245a952509f6 tcp: fix under-evaluated ssthresh in TCP Vegas
ebe28298b759 clk: sunxi-ng: sun6i: Rename HDMI DDC clock to avoid name collision
c31c122f7744 staging: greybus: light: Release memory obtained by kasprintf
7900ee86e495 net: ipv6: send NS for DAD when link operationally up
0c8d7ea9c7db ibmvnic: Set state UP
eb3237c59a98 fm10k: ensure we process SM mbx when processing VF mbx
a076534d71b3 vfio/pci: Virtualize Maximum Payload Size
0e8c3cf3f83e i40e: fix client notify of VF reset
2e3bad157461 scsi: lpfc: PLOGI failures during NPIV testing
022e3fe9ac98 scsi: lpfc: Fix secure firmware updates
9e7341570bf9 fm10k: fix mis-ordered parameters in declaration for .ndo_set_vf_bw
af88451b2676 ASoC: codecs: msm8916-wcd-analog: fix module autoload
2fc38deb5bed ASoC: img-parallel-out: Add pm_runtime_get/put to set_fmt callback
4529e660bc83 tracing: Exclude 'generic fields' from histograms
3485fd44f243 PCI/AER: Report non-fatal errors only to the affected endpoint
64e367610786 Bluetooth: BT_HCIUART now depends on SERIAL_DEV_BUS
47663fe61367 Bluetooth: hci_uart_set_flow_control: Fix NULL deref when using serdev
58adf4fe65f8 md: always set THREAD_WAKEUP and wake up wqueue if thread existed
e9f7be0e550e block,bfq: Disable writeback throttling
c09fcc304541 IB/rxe: put the pool on allocation failure
392f4c00adca IB/rxe: check for allocation failure on elem
179099ba0d69 ixgbe: fix use of uninitialized padding
e2e131da3b6b i40e: use the safe hash table iterator when deleting mac filters
757ad831c703 igb: check memory allocation failure
e156a3afb676 PM / OPP: Move error message to debug level
9bd17b3b4bb6 PCI: Create SR-IOV virtfn/physfn links before attaching driver
54da833e63b0 scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive
929cc7c94e3b scsi: cxgb4i: fix Tx skb leak
84aa72a81de3 PCI: Avoid bus reset if bridge itself is broken
3932edaebc65 net: phy: at803x: Change error to EINVAL for invalid MAC
e9bd07539e3f rtc: pl031: make interrupt optional
9f77ab2f562c crypto: lrw - Fix an error handling path in 'create()'
59e5a2e7eec9 crypto: crypto4xx - increase context and scatter ring buffer elements
13c0df6a379d clk: sunxi-ng: sun5i: Fix bit offset of audio PLL post-divider
68e13e506d6e clk: sunxi-ng: nm: Check if requested rate is supported by fractional clock
3996734fc715 drm: Add retries for lspcon mode detection
77190a6d2d57 backlight: pwm_bl: Fix overflow condition
d3b4b8043ff7 optee: fix invalid of_node_put() in optee_driver_init()
752218b19686 posix-timer: Properly check sigevent->sigev_notify
16c39a33a5c6 ACPI / APEI: adjust a local variable type in ghes_ioremap_pfn_irq()
ba0b2e6cbb82 Linux 4.12.27
feea4d492d73 usb: musb: da8xx: fix babble condition handling
6d8d83c4ec67 ath10k: fix build errors with !CONFIG_PM
00e875f83a3c ath9k: fix tx99 potential info leak
01cf18e17476 lightnvm: pblk: fix min size for page mempool
4413575d48be lightnvm: pblk: initialize debug stat counter
87135620a06a lightnvm: pblk: fix changing GC group list for a line
3b1abf7d20f6 icmp: don't fail on fragment reassembly time exceeded
4be8ae2da97b IB/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush
7d284754ed54 IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop
634b3e0fefd7 RDMA/cma: Avoid triggering undefined behavior
f9f24086ba42 macvlan: Only deliver one copy of the frame to the macvlan interface
aba3745fc9b0 udf: Avoid overflow when session starts at large offset
4a9bf3983ef9 md-cluster: fix wrong condition check in raid1_write_request
e08da1a3d9d5 raid5-ppl: check recovery_offset when performing ppl recovery
a6b9b60622b0 scsi: bfa: integer overflow in debugfs
a6adc19ff5a4 scsi: sd: change allow_restart to bool in sysfs interface
d23a6641b217 scsi: sd: change manage_start_stop to bool in sysfs interface
be59ef05ed52 rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_disassoc_cmd
9257df5ece69 vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend
5d0d0b750520 IB/core: Fix calculation of maximum RoCE MTU
950215a22a7a scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry
40dd3da9911d raid5: Set R5_Expanded on parity devices as well as data.
d63147f7712f pinctrl: adi2: Fix Kconfig build problem
b25a34c20291 dev/dax: fix uninitialized variable build warning
3b928d69ed7c tty fix oops when rmmod 8250
6fd73bd5acc5 ipv4: ipv4_default_advmss() should use route mtu
e8552a24db2a soc: mediatek: pwrap: fix compiler errors
023499e5fff8 powerpc/xmon: Check before calling xive functions
7092b9c569ee powerpc/perf/hv-24x7: Fix incorrect comparison in memord
d85bb8676f60 serdev: ttyport: enforce tty-driver open() requirement
dcc2d9b7db19 mfd: mxs-lradc: Fix error handling in mxs_lradc_probe()
d7630ac47698 scsi: hpsa: destroy sas transport properties before scsi_host
a2133c918746 scsi: hpsa: cleanup sas_phy structures in sysfs when unloading
37686080a0c8 PCI: Detach driver before procfs & sysfs teardown on device remove
585eb66776b7 RDMA/cxgb4: Declare stag as __be32
06a21042a540 xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real
98da748f2c95 xfs: fix log block underflow during recovery cycle verification
9aaebfb38490 l2tp: cleanup l2tp_tunnel_delete calls
4fd806e81bcb nvme: use kref_get_unless_zero in nvme_find_get_ns
377d9449f868 platform/x86: hp_accel: Add quirk for HP ProBook 440 G4
89e9f0fce2a4 liquidio: fix kernel panic in VF driver
85aad298ecc2 samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1
767f9da42096 ARM64: dts: meson-gxbb-odroidc2: fix usb1 power supply
65743dd02181 mtd: spi-nor: stm32-quadspi: Fix uninitialized error return code
0501313aa697 btrfs: tests: Fix a memory leak in error handling path in 'run_test()'
563e097ec448 btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit
3faadbbe68b1 btrfs: undo writable superblocke when sprouting fails
7028f26c6034 btrfs: Explicitly handle btrfs_update_root failure
3f0a4dfc8eb9 Bluetooth: hci_ldisc: Fix another race when closing the tty.
abb921b20fa0 Ib/hfi1: Return actual operational VLs in port info query
879b18ebb8f4 bcache: fix wrong cache_misses statistics
744eb7bd3386 bcache: explicitly destroy mutex while exiting
653aad5c1702 media: usbtv: fix brightness and contrast controls
c4d5c7940953 GFS2: Take inode off order_write list when setting jdata flag
2e510357e1a6 scsi: scsi_debug: write_same: fix error report
56c755841ee6 misc: pci_endpoint_test: Avoid triggering a BUG()
b55d52393e28 misc: pci_endpoint_test: Fix failure path return values in probe
aeac8e4c0c15 thermal/drivers/step_wise: Fix temperature regulation misbehavior
aaca414203c4 ASoC: rsnd: rsnd_ssi_run_mods() needs to care ssi_parent_mod
0587e5a36d00 ppp: Destroy the mutex when cleanup
4a7735ca4455 clk: tegra: Fix cclk_lp divisor register
0006385aadd0 clk: tegra: Use readl_relaxed_poll_timeout_atomic() in tegra210_clock_init()
6ae2754d991b blk-mq-sched: dispatch from scheduler IFF progress is made in ->dispatch
ec4585cdc959 clk: hi6220: mark clock cs_atb_syspll as critical
f203d6193f5c clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU
c9ce9a4d1734 clk: imx: imx7d: Fix parent clock for OCRAM_CLK
5f200f317929 clk: mediatek: add the option for determining PLL source clock
6f7955a0aa2a crypto: tcrypt - fix buffer lengths in test_aead_speed()
40734099baaa xfs: truncate pagecache before writeback in xfs_setattr_size()
165b974bd72a iommu/amd: Limit the IOVA page range to the specified addresses
a2e1fcc04fb6 badblocks: fix wrong return value in badblocks_set if badblocks are disabled
75920b77b802 target/file: Do not return error for UNMAP if length is zero
ca73c042292d target:fix condition return in core_pr_dump_initiator_port()
8e2ee3f5ff33 iscsi-target: fix memory leak in lio_target_tiqn_addtpg()
f1ae60da96df target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
d5adfbee09dc target/iscsi: Detect conn_cmd_list corruption early
edd7fdf83184 platform/x86: intel_punit_ipc: Fix resource ioremap warning
da2aa58cb07b powerpc/pseries/vio: Dispose of virq mapping on vdevice unregister
2ae1d60028ab powerpc/ipic: Fix status get and status clear
1d0cfd6df447 powerpc/opal: Fix EBUSY bug in acquiring tokens
88189efa7ee7 netfilter: ipvs: Fix inappropriate output of procfs
39254860365c iommu/mediatek: Fix driver name
c82f9ea385ab PCI: dwc: Fix enumeration end when reaching root subordinate
5dad0dfd17df PCI: Do not allocate more buses than available in parent
4a917030981d powerpc: Don't preempt_disable() in show_cpuinfo()
0bc0d339ff6c powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo
7842177fdc43 PCI/PME: Handle invalid data when reading Root Status
301c44edb5a1 dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type
2761bc37b1c2 ASoC: Intel: Skylake: Fix uuid_module memory leak in failure case
c42830902147 PM / s2idle: Clear the events_check_enabled flag
9c70ec2c413d scsi: aacraid: address UBSAN warning regression
3819c3c756b0 scsi: aacraid: use timespec64 instead of timeval
e262d43729be rtc: pcf8563: fix output clock rate
3ecf1bdeb61e video: fbdev: au1200fb: Return an error code if a memory allocation fails
d56242baba22 video: fbdev: au1200fb: Release some resources if a memory allocation fails
3b53b4e4c0ab video: udlfb: Fix read EDID timeout
f50c8ab6dc0d fbdev: controlfb: Add missing modes to fix out of bounds access
bfbfacb318cd sfc: don't warn on successful change of MAC
ae058bf77e63 HID: cp2112: fix broken gpio_direction_input callback
91590951dec1 ext4: fix crash when a directory's i_size is too small
4fae0491c35c ext4: fix fdatasync(2) after fallocate(2) operation
df19eb58d7be dmaengine: dmatest: fix container_of member in dmatest_callback
100cb4506fb4 dmaengine: dmatest: move callback wait queue to thread context
4d873e954ac0 eeprom: at24: change nvmem stride to 1
b90737b239b0 iw_cxgb4: only insert drain cqes if wq is flushed
6b1f48a27656 dm: fix various targets to dm_register_target after module __init resources created
26c2e6fc10f1 scsi: core: Fix a scsi_show_rq() NULL pointer dereference
04039227baf7 nfsd: auth: Fix gid sorting when rootsquash enabled
143fdc512ac6 NFS: Fix unstable write completion
7482c56f758c NFS: Use an atomic_long_t to count the number of commits
3ef4a32040bf nfs: don't wait on commit in nfs_commit_inode() if there were no commit requests
4a70dd38f444 xhci: Don't add a virt_dev to the devs array before it's fully allocated
fa7944fd5601 usb: xhci: fix TDS for MTK xHCI1.1
80aa2eb9b51b ceph: drop negative child dentries before try pruning inode's alias
b9db0ab47687 mmc: core: apply NO_CMD23 quirk to some specific cards
ff1b82c5314c usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
cea2ad71f37b usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
1e5edda8ccd3 usbip: fix stub_rx: get_pipe() to validate endpoint number
3ac1e4089c48 USB: core: prevent malicious bNumInterfaces overflow
2479ee21bf60 USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID
b3fd05a19818 tracing: Allocate mask_str buffer dynamically
5eb37713e296 kernel: make groups_sort calling a responsibility group_info allocators
d87a616735d8 cifs: fix NULL deref in SMB2_read
d22121ce1210 crypto: rsa - fix buffer overread when stripping leading zeroes
0ad02bd37731 mfd: fsl-imx25: Clean up irq settings during removal
(From OE-Core rev: 408daaa6d0fb2147a541b0f14d73b362bd848d3c)
(From OE-Core rev: 768051963683a354a80e11c7d792791b160c2f2b)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
{Fixup for Sumo context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.
(From OE-Core rev: a5a07887e73ebf0aa6b3b1fa247e44743b39322e)
(From OE-Core rev: 96f69ae45a47a8aeb17b494b128e034fb12a5e98)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
os-release (5) recommends that the os-release file be installed in
/usr/lib/os-release and that /etc/os-release be a relative symlink to it.
(From OE-Core rev: 4feb8614ee25a3d3ceb7f5187120a1256a993155)
(From OE-Core rev: 4e67fa950cd3ca6e44d7f46743904d23a756e498)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes issues mainly seen when mounting eMMC devices:
The wildcard /sys/block/${DEVBASE}/${DEVBASE}*1 matches both "mmcblk0p1"
and "mmcblk0boot1" for example, and this results in syntax errors. Fix this
by searching for a "partition" file instead, which only exists for real
partitions and not 'fakes' like the eMMC extra's.
When mount fails, the mountpoint file is left behind, causing later attempts
at auto-mounting it to fail. If mount fails, remove the mountpoint, leaving
the system in the state as it was before the mount attempt.
(From OE-Core rev: 8645c0419456c1bd3ae15a9a7dd2b2e9a960eaf4)
(From OE-Core rev: 38f1648f1472f70a3e747f270cc3230b5993d94b)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Move init related configs to init.cfg.
These config items do not make much sense unless busybox is selected
as the init manager. They should belong to init.cfg.
(From OE-Core rev: 4af10fe67a31368163bb5d468ee2c5a85ce0fff3)
(From OE-Core rev: 996247ba7dfffbeb444f793f7e105fcfb5ffa939)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If CONFIG_KLOGD is not enabled, then the related service file should
not be installed, The error message is below:
Cannot add dependency job for unit busybox-klogd.service,
ignoring: Unit busybox-klogd.service failed to load:
No such file or directory.
So we should first check the configuration before we install these
service files.
(From OE-Core rev: c3cc402df996654bf6f838b1e79e16a8bdd6d4d7)
(From OE-Core rev: df1cd90140456dbed0c1bd29ead7c1c81f498b99)
Signed-off-by: Yadi.hu <yadi.hu@windriver.com>
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use == instead of = when comparing task outcome to OUTCOME_FAILED.
Prior to this fix the recipe template would cause a TemplateSyntaxError
exception.
(Bitbake rev: a53ffec4ed3d0f9221bca398e20e8f480fb2b325)
(Bitbake rev: bef6ef1a79b2d5a3688ae845824f722c332d7f19)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The local layer info (provided through custom fixtures) should
not be hidden. It is better to handle it in the same manner
as an imported layer, otherwise the layer path and dependency
info is not shown. The layer editing fields are handled in the
html side of things appropriately so this does not harm that
implementation.
[YOCTO #12891]
(Bitbake rev: 75918405346abde6055658372c1a954a214001cc)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In a case where the layer source is local only and the recipe
is not yet built, we can search for the path with layer's
local_source_dir, and if available that should be used rather
than just skipping the scenario.
[YOCTO #12891]
(Bitbake rev: 30f622dbd874b800c5bbdbeac992dd7783092928)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This change allows the CUSTOM_XML_ONLY toaster setting to be
provided through the environment so the user can do this without
mingling with the settings.xml, for scenarios where modifying
settings.xml is not achievable.
[YOCTO #12891]
(Bitbake rev: 87060a84e74125be10db062da3032e9b01f5dc96)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The release drop down divs are not being closed
appropriately, which showed adverse reactions on
the UI that aligned the "Create project" button
with the left edge of the screen without any
margins. This fixes these divs which in turn
aligns the button appropriately.
[YOCTO #12891]
(Bitbake rev: bc6a137f4f8193cadfa8a8d0e43875991d47a818)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There can be cases where the variables being used
to divide in build percentage expressions can be
zero. For example, a setup consisting of only local
repos will have repos_to_clone=0 and will generate
a divide by zero scenario.
Fix this by checking the divisor in such cases.
[YOCTO #12891]
(Bitbake rev: 30702f29928c3b088f199bf8b1609b2956f8c47a)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
TOASTER_DIR is used for higher level toaster artifacts
such the SQL DB and creating toaster internal build
directories for projects. Prior to this change it was
evaluated as `dirname $BUILDDIR` and user had no control
over it. This change allows to override this variable
from the command line for more flexibility. The variable
defaults to its original setting if the optional argument
is not passed.
[YOCTO #12891]
(Bitbake rev: e073775d3b6980fc8004ae28a3ccc3c5bbf50fb2)
(Bitbake rev: 486e571b1caaf7f86f8f969c512566487bcd9841)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The current mechanism for finding the bitbake binary
assumes a directory structure which is identical to
poky, where oe-core's meta and bitbake directories are
at the same level. There can be a case where bitbake
is used from elsewhere and in such cases the above
mentioned assumption fails to hold, whereas this is
totally allowed by the oe-init-build-env script which
can take bitbakedir as an argument.
The better approach is to allow bitbake to be derived
from PATH, while keeping the older mechanism in place so
it can be removed after tests are done in various
environments. This makes more sense as toaster has
also been launched from the same bitbake instance
that is the one in PATH.
[YOCTO #12891]
(Bitbake rev: 15340edce23e63b060c75114d508e1f76757239c)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Toaster depends on pokydirname for identifying the location of
the oe-init-build-env script (and there might be other purposes
in the future). The problem with current approach is that it
only checks/sets the variable with git based repos, whereas
toaster provides mechanisms to allow having layers that are all
locally available. The evaluation of the variable fails in such
scenarios, so use a more flexible mechanism in this case and
try to locate poky in the local layers as well, if not already
set.
[YOCTO #12891]
(Bitbake rev: 971c728075af05e71edfd8e5212728c3dd0787b6)
Signed-off-by: Awais Belal <awais.belal@mentor.com>
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In case something goes tragically wrong, catch a request to checksum / and
refuse.
(Bitbake rev: 7444419b7fda34e14d653ba8470f5dfabb5da4f3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Opening a file in binary mode and iterating it seems like the simple solution
but will still break on newlines, which for binary files isn't really useful as
the size of the chunks could be huge or tiny.
Instead, let's be a bit more clever: we'll be MD5ing lots of files, but we don't
want to fill up memory: use mmap() to open the file and read the file in 8k
blocks.
(Bitbake rev: 41e6161c8ce8cc90ebc93d72852673ae60fac923)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The actual dependency on native Python and is handled by inheriting
python3native
(From OE-Core rev: 115a6dea664c9b18fd19b79659029afb52b1a660)
(From OE-Core rev: 82b018956763bf85b90d512c8a6bc96d59fa67fd)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(perl #131844) fix various space calculation issues in
pp_pack.c
- for the originally reported case, if the start/cur pointer is in the
top 75% of the address space the add (cur) + glen addition would
overflow, resulting in the condition failing incorrectly.
- the addition of the existing space used to the space needed could
overflow, resulting in too small an allocation and a buffer overflow.
- the scaling for UTF8 could overflow.
- the multiply to calculate the space needed for many items could
overflow.
For the first case, do a space calculation without making new pointers.
For the other cases, detect the overflow and croak if there's an
overflow.
Originally this used Size_t_MAX as the maximum size of a memory
allocation, but for -DDEBUGGING builds realloc() throws a panic for
allocations over half the address space in size, changing the error
reported for the allocation.
For non-DEBUGGING builds the Size_t_MAX limit has the small chance
of finding a system that has 3GB of contiguous space available, and
allocating that space, which could be a denial of servce in some cases.
Unfortunately changing the limit to half the address space means that
the exact case with the original issue can no longer occur, so the
test is no longer testing against the address + length issue that
caused the original problem, since the allocation is failing earlier.
One option would be to change the test so the size request by pack is
just under 2GB, but this has a higher (but still low) probability that
the system has the address space available, and will actually try to
allocate the memory, so let's not do that.
Note: changed
plan tests => 14713;
to
plan tests => 14712;
in a/t/op/pack.t
to apply this patch on perl 5.24.1.
Affects perl < 5.26.2
(From OE-Core rev: 0542779d2f1a8977a732800a8998fd88971c0c1d)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(perl #132227) restart a node if we change to uni rules within the node and encounter...
This could lead to a buffer overflow.
(cherry picked from commit a02c70e35d1313a5f4e245e8f863c810e991172d)
Affects perl >= 5.18 && perl <= 5.26
(From OE-Core rev: 109ffd1b3d10753bfd711a14ad59b194ca3ce831)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* CVE-2018-6798-1
The proximal cause is several instances in regexec.c of the code
assuming that the input was valid UTF-8, whereas the input was too short
for what the start byte claimed it would be.
I grepped through the core for any other similar uses, and did not find
any.
(cherry picked from commit fe7d8ba0a1bf567af8fa8fea128e2b9f4c553e84)
* CVE-2018-6798-2
The first patch for 132063 prevented the buffer read overflow when
dumping the warning but didn't fix the underlying problem.
The next change treats the supplied buffer correctly, preventing the
non-UTF-8 SV from being treated as UTF-8, preventing the warning.
(cherry picked from commit 1e8b61488f195e1396aa801c685340b156104f4f)
Affects perl >= 5.22 && perl <= 5.26
(From OE-Core rev: 4aaf09b9d657b1c2df85bf509008beacd6a00342)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
qga: check bytes count read by guest-file-read
While reading file content via 'guest-file-read' command,
'qmp_guest_file_read' routine allocates buffer of count+1
bytes. It could overflow for large values of 'count'.
Add check to avoid it.
Affects qemu < v3.0.0
(From OE-Core rev: a11c8ee86007f7f7a34b9dc29d01acc323b71873)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* CVE-2018-1000030-1
[2.7] bpo-31530: Stop crashes when iterating over a file on multiple threads
* CVE-2018-1000030-2
Multiple threads iterating over a file can corrupt the file's internal readahead
buffer resulting in crashes. To fix this, cache buffer state thread-locally for
the duration of a file_iternext call and only update the file's internal state
after reading completes.
No attempt is made to define or provide "reasonable" semantics for iterating
over a file on multiple threads. (Non-crashing) races are still
present. Duplicated, corrupt, and missing data will happen.
This was originally fixed by 6401e56, which
raised an exception from seek() and next() when concurrent operations were
detected. Alas, this simpler solution breaks legitimate use cases such as
capturing the standard streams when multiple threads are logging.
Affects python <= 2.7.14
(From OE-Core rev: 4b6c84e0f950f839bfb8c40f197197f838d8b733)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
proc/readproc.c: Fix bugs and overflows in file2strvec().
Note: this is by far the most important and complex patch of the whole
series, please review it carefully; thank you very much!
For this patch, we decided to keep the original function's design and
skeleton, to avoid regressions and behavior changes, while fixing the
various bugs and overflows. And like the "Harden file2str()" patch, this
patch does not fail when about to overflow, but truncates instead: there
is information available about this process, so return it to the caller;
also, we used INT_MAX as a limit, but a lower limit could be used.
The easy changes:
- Replace sprintf() with snprintf() (and check for truncation).
- Replace "if (n == 0 && rbuf == 0)" with "if (n <= 0 && tot <= 0)" and
do break instead of return: it simplifies the code (only one place to
handle errors), and also guarantees that in the while loop either n or
tot is > 0 (or both), even if n is reset to 0 when about to overflow.
- Remove the "if (n < 0)" block in the while loop: it is (and was) dead
code, since we enter the while loop only if n >= 0.
- Rewrite the missing-null-terminator detection: in the original
function, if the size of the file is a multiple of 2047, a null-
terminator is appended even if the file is already null-terminated.
- Replace "if (n <= 0 && !end_of_file)" with "if (n < 0 || tot <= 0)":
originally, it was equivalent to "if (n < 0)", but we added "tot <= 0"
to handle the first break of the while loop, and to guarantee that in
the rest of the function tot is > 0.
- Double-force ("belt and suspenders") the null-termination of rbuf:
this is (and was) essential to the correctness of the function.
- Replace the final "while" loop with a "for" loop that behaves just
like the preceding "for" loop: in the original function, this would
lead to unexpected results (for example, if rbuf is |\0|A|\0|, this
would return the array {"",NULL} but should return {"","A",NULL}; and
if rbuf is |A|\0|B| (should never happen because rbuf should be null-
terminated), this would make room for two pointers in ret, but would
write three pointers to ret).
The hard changes:
- Prevent the integer overflow of tot in the while loop, but unlike
file2str(), file2strvec() cannot let tot grow until it almost reaches
INT_MAX, because it needs more space for the pointers: this is why we
introduced ARG_LEN, which also guarantees that we can add "align" and
a few sizeof(char*)s to tot without overflowing.
- Prevent the integer overflow of "tot + c + align": when INT_MAX is
(almost) reached, we write the maximal safe amount of pointers to ret
(ARG_LEN guarantees that there is always space for *ret = rbuf and the
NULL terminator).
Affects procps-ng < 3.3.15
(From OE-Core rev: 82d873a1b73da25ae415afe0e6203693f78b88c9)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
newgidmap: enforce setgroups=deny if self-mapping a group
This is necessary to match the kernel-side policy of "self-mapping in a
user namespace is fine, but you cannot drop groups" -- a policy that was
created in order to stop user namespaces from allowing trivial privilege
escalation by dropping supplementary groups that were "blacklisted" from
certain paths.
This is the simplest fix for the underlying issue, and effectively makes
it so that unless a user has a valid mapping set in /etc/subgid (which
only administrators can modify) -- and they are currently trying to use
that mapping -- then /proc/$pid/setgroups will be set to deny. This
workaround is only partial, because ideally it should be possible to set
an "allow_setgroups" or "deny_setgroups" flag in /etc/subgid to allow
administrators to further restrict newgidmap(1).
We also don't write anything in the "allow" case because "allow" is the
default, and users may have already written "deny" even if they
technically are allowed to use setgroups. And we don't write anything if
the setgroups policy is already "deny".
Ref: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
Fixes: CVE-2018-7169
Affects shadow <= 4.5
(From OE-Core rev: a875522540372a4fa6658885692e564dfd729f54)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
submodule-config: verify submodule names as paths
Submodule "names" come from the untrusted .gitmodules file,
but we blindly append them to $GIT_DIR/modules to create our
on-disk repo paths. This means you can do bad things by
putting "../" into the name (among other things).
Let's sanity-check these names to avoid building a path that
can be exploited. There are two main decisions:
1. What should the allowed syntax be?
It's tempting to reuse verify_path(), since submodule
names typically come from in-repo paths. But there are
two reasons not to:
a. It's technically more strict than what we need, as
we really care only about breaking out of the
$GIT_DIR/modules/ hierarchy. E.g., having a
submodule named "foo/.git" isn't actually
dangerous, and it's possible that somebody has
manually given such a funny name.
b. Since we'll eventually use this checking logic in
fsck to prevent downstream repositories, it should
be consistent across platforms. Because
verify_path() relies on is_dir_sep(), it wouldn't
block "foo\..\bar" on a non-Windows machine.
2. Where should we enforce it? These days most of the
.gitmodules reads go through submodule-config.c, so
I've put it there in the reading step. That should
cover all of the C code.
We also construct the name for "git submodule add"
inside the git-submodule.sh script. This is probably
not a big deal for security since the name is coming
from the user anyway, but it would be polite to remind
them if the name they pick is invalid (and we need to
expose the name-checker to the shell anyway for our
test scripts).
This patch issues a warning when reading .gitmodules
and just ignores the related config entry completely.
This will generally end up producing a sensible error,
as it works the same as a .gitmodules file which is
missing a submodule entry (so "submodule update" will
barf, but "git clone --recurse-submodules" will print
an error but not abort the clone.
There is one minor oddity, which is that we print the
warning once per malformed config key (since that's how
the config subsystem gives us the entries). So in the
new test, for example, the user would see three
warnings. That's OK, since the intent is that this case
should never come up outside of malicious repositories
(and then it might even benefit the user to see the
message multiple times).
Credit for finding this vulnerability and the proof of
concept from which the test script was adapted goes to
Etienne Stalmans.
Affects: git < 2.13.7 and git < 2.14.4 and git < 2.15.2 and git < 2.16.4 and
git < 2.17.1
(From OE-Core rev: 229bb7cd70c79944d54696d50f4f34df85a5804a)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2017-18018-1:
doc: clarify chown/chgrp --dereference defaults
* doc/coreutils.texi: the documentation for the --dereference
flag of chown/chgrp states that it is the default mode of
operation. Document that this is only the case when operating
non-recursively.
CVE-2017-18018-2:
doc: warn about following symlinks recursively in chown/chgrp
In both chown and chgrp (which shares its code with chown), operating
on symlinks recursively has a window of vulnerability where the
destination user or group can change the target of the operation.
Warn about combining the --dereference, --recursive, and -L flags.
* doc/coreutils.texi (warnOptDerefWithRec): Add macro.
(node chown invocation): Add it to --dereference and -L.
(node chgrp invocation): Likewise.
Affects coreutils <= 8.29
(From OE-Core rev: a523bc6a2ff7d5b5415a789de02fb055ccd2c077)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
double64_init: Check psf->sf.channels against upper bound
This prevents division by zero later in the code.
While the trivial case to catch this (i.e. sf.channels < 1) has already
been covered, a crafted file may report a number of channels that is
so high (i.e. > INT_MAX/sizeof(double)) that it "somehow" gets
miscalculated to zero (if this makes sense) in the determination of the
blockwidth. Since we only support a limited number of channels anyway,
make sure to check here as well.
CVE-2017-14634
Closes: #318
Affects libsndfile1 = 1.0.28
(From OE-Core rev: 00da7bad24cf78c9dba091b9e480515f25886b48)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sfe_copy_data_fp: check value of "max" variable for being normal
and check elements of the data[] array for being finite.
Both checks use functions provided by the <math.h> header as declared
by the C99 standard.
Fixes#317
CVE-2017-14245
CVE-2017-14246
Affects libsndfile1 = 1.0.28
(From OE-Core rev: 39b1dc89ce2870d1a2630b2319783a6203cbcb08)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
