| Age | Commit message (Collapse) | Author |
|---|
|
Fixes race conditions in collect_mounts
References:
http://seclists.org/oss-sec/2015/q2/640
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4177
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=6ab282fe6d43027b3b1ef820b3798aae8fdb432b
Signen-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Change inode_capable to capable_wrt_inode_uidgid
Fixes privileges escalation in Linux kernel built
with the user namespaces(CONFIG_USER_NS).
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4014
http://www.openwall.com/lists/oss-security/2014/06/10/4
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id= 2246a472bce19c0d373fb5488a0e612e3328ce0a
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Fixes an information leakage in Linux kernel built with
the Multimedia support(CONFIG_MEDIA_SUPPORT).
References:
http://www.openwall.com/lists/oss-security/2014/06/15/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=2f1831612c94ee7b1819c4a6d21b9d5efac5297c
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Fixes race condition between chown() and execve() system calls in the
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339
http://seclists.org/oss-sec/2015/q2/216
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch
/?id=5176b77f1aacdc560eaeac4685ade444bb814689
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
|
|
Fixes information leak in llc2_timeout_table.
References:
http://www.openwall.com/lists/oss-security/2015/02/20/19
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2041
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch
/?id=553dd569ff29bc38cebbf9f9dd7c791863ee9113
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
|
|
Fix slab corruption from use after free on INIT collisions
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/
?id=43e39c2f63240f67a67b4060882f67dac1a6f339
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
|
|
Fixes buffer overflow in ioctl.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/
?id=482c6cb2dfb40838d67b0ba844b4b3d0af0f3d20
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
|
|
try_to_unmap_cluster() should lock_page() before mlocking
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch
/?id=400fc13141fe947c38e8485ee9d37066d4533363
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@nxp.com>
|
|
This fixes incorrect processing of checksums in UDP implementation
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5364
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5366
http://www.openwall.com/lists/oss-security/2015/07/10/3
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
commit/?id=a97b54dd69cb05df4c57f5d5b40c761f7835ce4e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Fixes infinite loop in CE record entries
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
commit/?id=1fe5620fcd6c2f0a4a927ee10c8e53196da392f3
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Explicitly clear ramdisk_mcp backend pages
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
commit/?id=186f32e2096c7d9cd9106b8dedd79c596f4c8398
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Prevent requeue pi on same futex
References
http://www.openwall.com/lists/oss-security/2014/06/05/22
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
commit/?id=b9103e5f3a197aec4ec3d78fd5ff2bb74a496b42
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Handle numid overflow
Make sure that id->index does not overflow
References:
http://www.openwall.com/lists/oss-security/2014/06/26/6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
NULL pointer dereference in af->from_addr_param on malformed packet
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
sk_ack_backlog wrap-around problem
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
CVE-2014-4652
Protect user controls against concurrent access
CVE-2014-4653
Don't access controls outside of protected regions
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
audit_krule mask accesses need bounds checking
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
CVE-2014-3673
skb_over_panic when receiving malformed ASCONF chunks
Fixes: b896b82be4ae ("[SCTP] ADDIP: Support for processing incoming ASCONF_ACK
chunks.")
CVE-2014-3687
panic on duplicate ASCONF chunks
Fixes: 2e3216cd54b1 ("sctp: Follow security requirement of responding with 1
packet")
CVE-2014-3688
remote memory pressure from excessive queueing
Fixes: 2e3216cd54b1 ("sctp: Follow security requirement of responding with 1
packet")
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688
http://www.openwall.com/lists/oss-security/2014/11/13/8
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
CVE-2014-3601
Fixes the third parameter of kvm_iommu_put_pages
The third parameter of kvm_iommu_put_pages is wrong,
It should be 'gfn - slot->base_gfn'.
CVE-2014-8369
Fixes excessive pages un-pinning in kvm_iommu_map error path.
(This vulnerability exists because of an incorrect fix for CVE-2014-3601
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369
https://bugzilla.redhat.com/show_bug.cgi?id=1156518
https://lkml.org/lkml/2014/10/24/460
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
CVE-2014-3181 Kernel: HID: OOB write in magicmouse driver
CVE-2014-3182 Kernel: HID: logitech-dj OOB array access
CVE-2014-3184 Kernel: HID: off by one error in various _report_fixup routine
CVE-2014-3185 Kernel: USB serial: memory corruption flaw
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Fixes null pointer dereference when processing authenticated cookie_echo chunk
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101
https://bugzilla.redhat.com/show_bug.cgi?id=1070705
Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f9
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Avoid infinite loop when processing indirect ICBs
References:
http://seclists.org/oss-sec/2014/q3/600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
This patches fixes mount flags handling during remount issue.
The patches come from:
https://www.kernel.org (remotes/origin/linux-3.12.y branch)
References:
http://seclists.org/oss-sec/2014/q3/357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5207
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
This update to fsl sdk v1.7 release.
For detailed changes, see:
http://git.freescale.com/git/cgit.cgi/ppc/sdk/linux.git/
Remove the patches which were applied in the repository.
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
|
Signed-off-by: Ting Liu <ting.liu@freescale.com>
|
|
Having a number higher than necessary for NR_CPUS wastes memory by
instantiating unnecessary structures in RAM. An example is in the DPAA
where DPAA_ETH_TX_QUEUES is defined based on NR_CPUS and used to create
dozens of extra qman_fq structures. Using the prior value of 24, which
was left over from the T4240 created an additonal 60 frame queue
structures alone.
This has been tested on t1040rdb-64b.
Signed-off-by: Bob Cochran <yocto@mindchasers.com>
|
|
Although the flag existed in Kconfig for FMAN_V3L, it was not set by
default. Also, the T1040 and FMAN V3L only support four O/H ports, so
remove the last two from the DTS files. Otherwise, MAJOR FM Errors
will be reported during FMAN probing / init.
This was tested on t1040rdb-64b
Signed-off-by: Bob Cochran <yocto@mindchasers.com>
|
|
T1040 uses an E5500 processor, and E5500 doesn't have an Altivec unit
This was tested on a t1040rdb
Signed-off-by: Bob Cochran <yocto@mindchasers.com>
|
|
Fix unbounded recursion when processing relocated directories
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
|
A NULL pointer dereference flaw was found in the way the
Linux kernel's Stream Control Transmission Protocol
(SCTP) implementation handled simultaneous connections
between the same hosts. A remote attacker could use this
flaw to crash the system.
References:
- https://access.redhat.com/security/cve/CVE-2014-5077
- http://patchwork.ozlabs.org/patch/372475/
Signed-off-by: Liviu Gheorghisan <liviu.gheorghisan@enea.com>
|
|
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Signed-off-by: Ting Liu <b28495@freescale.com>
|
|
ppce6500 is a specific core which only support 64bit kernel, the duplicate
hack codes were packaged into qoriq_build_64bit_kernel.bbclass, use it.
Signed-off-by: Ting Liu <b28495@freescale.com>
|
|
like linux-imx, linux-qoriq is supposed to be provided and supported
by Freescale. it uses latest linux codes on git.freescale.com
Signed-off-by: Ting Liu <b28495@freescale.com>
|
|
upstream commit: 7998eb3dc700aaf499f93f50b3d77da834ef9e1d
Signed-off-by: Ting Liu <b28495@freescale.com>
|
|
1.move more generic bits to linux-qoriq-sdk.inc file
2.add support for multiple kernel delta config files
3.Append SDK_VERSION to .scmversion, and use the same version format
with u-boot. For exmaple: 3.12.17-rt25-QorIQ-SDK-V1.6+gfae7d11
4.add linux-qoirq-sdk_3.12.bb to use latest released codes in sdk v1.6, detailed changes can be viewed at:
http://git.freescale.com/git/cgit.cgi/ppc/sdk/linux.git/log/?qt=range&q=c29fe1a733308cbe592b3af054a97be1b91cf2dd
Signed-off-by: Ting Liu <b28495@freescale.com>
|
|
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
|
Signed-off-by: Zongchun Yu <Zongchun.Yu@freescale.com>
|
|
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
|
*Ensure the right branches are set in SRC_URI to match the revisions used.
This resolves certain fetch failures.
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
|
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
|
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
|
Layers should never need to be overriding linux-libc-headers.
Refer to http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=babbf7a46acaefd9b36031483cafce053f607e66
for the reason.
Fixed [Bug 5249].
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
|
Having /usr/local/include hardcoded into the makefile is not necessary
as this is automatically included by GCC. It also infects cross-compile
builds with the host systems includes.
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
|
1.Update kernel version to 3.8.
2.add DEPENDS libgcc and append TOOLCHAIN_OPTIONS to KERNEL_{CC,LD}.
kernel in sdk 1.4 need run-time support libraries 'libgcc.a', added
in file arch/powerpc/Makefile:
LIBGCC := $(shell $(CC) $(KBUILD_CFLAGS) -print-libgcc-file-name)
Without passing the TOOLCHAIN_OPTIONS (define --sysroot parameter),
it will fail to find the libgcc.a.
3.Also remove the patches which were already merged on git tree.
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Signed-off-by: Ting Liu <b28495@freescale.com>
|
|
if SDK_VERSION is defined, append the sdk version string to kernel version,
this can make make the sdk version is explicit for users, expecially when same
kernel verison is used for different releases.
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
|
correctly
* The udev is upgraded to 182, the /dev mount requires CONFIG_DEVTMPFS_MOUNT
is enabled in Kernel, so enable the option for QorIQ SDK targets.
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
|
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
|
change "3.0.48" to "3.0.51"
Signed-off-by: Zhenhua Luo <b19537@freescale.com>
|
|
* Perf gived compilation error
CC builtin-sched.o
builtin-sched.c: In function ‘get_cpu_usage_nsec_parent’:
builtin-sched.c:399:16: error: storage size of ‘ru’ isn’t known
* Added a patch from linux kernel git repo commit id
7b78f13603c6fcb64e020a0bbe31a651ea2b657b which include resource.h
file in builtin-sched.c.
* Bump PR.
* Verified it on P4080DS machine.
Signed-off-by: Noor Ahsan <noor_ahsan@mentor.com>
|
Sona Sarmadi
Zhenhua Luo
Ting Liu
Bob Cochran
Liviu Gheorghisan
Ting Liu
Chunrong Guo
Zongchun Yu
Zhenhua Luo
Noor Ahsan