| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
sk_ack_backlog wrap-around problem
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-4652
Protect user controls against concurrent access
CVE-2014-4653
Don't access controls outside of protected regions
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
| |
audit_krule mask accesses need bounds checking
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-3673
skb_over_panic when receiving malformed ASCONF chunks
Fixes: b896b82be4ae ("[SCTP] ADDIP: Support for processing incoming ASCONF_ACK
chunks.")
CVE-2014-3687
panic on duplicate ASCONF chunks
Fixes: 2e3216cd54b1 ("sctp: Follow security requirement of responding with 1
packet")
CVE-2014-3688
remote memory pressure from excessive queueing
Fixes: 2e3216cd54b1 ("sctp: Follow security requirement of responding with 1
packet")
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688
http://www.openwall.com/lists/oss-security/2014/11/13/8
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-3601
Fixes the third parameter of kvm_iommu_put_pages
The third parameter of kvm_iommu_put_pages is wrong,
It should be 'gfn - slot->base_gfn'.
CVE-2014-8369
Fixes excessive pages un-pinning in kvm_iommu_map error path.
(This vulnerability exists because of an incorrect fix for CVE-2014-3601
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369
https://bugzilla.redhat.com/show_bug.cgi?id=1156518
https://lkml.org/lkml/2014/10/24/460
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-3181 Kernel: HID: OOB write in magicmouse driver
CVE-2014-3182 Kernel: HID: logitech-dj OOB array access
CVE-2014-3184 Kernel: HID: off by one error in various _report_fixup routine
CVE-2014-3185 Kernel: USB serial: memory corruption flaw
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes null pointer dereference when processing authenticated cookie_echo chunk
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101
https://bugzilla.redhat.com/show_bug.cgi?id=1070705
Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f9
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Avoid infinite loop when processing indirect ICBs
References:
http://seclists.org/oss-sec/2014/q3/600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patches fixes mount flags handling during remount issue.
The patches come from:
https://www.kernel.org (remotes/origin/linux-3.12.y branch)
References:
http://seclists.org/oss-sec/2014/q3/357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5207
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes following fixes:
35af73f Fix: Copy user-space buffer of injected control frame to kernel
00c8040 Add multiple error labels in the probe function
2835689 Fix: Remove memory leaks when the module is removed or fails on probing
d770a37 Fix: Remove compile warning on 32b
89e29fc Fix: Remove unnecessary checks
adbb47e Beautify: Rename macros into more proper names
d5cac6e Add "poll()" function for NPI device
220cee3 Replace rescheduling with work queues
2a5fe4e Add cacheline support for extraction of control frames
6f14f0b Fix: UIO device might not be removed properly if module fails to initialize
2dcea55 Removed unecessary includes
1077880 Add UIO driver
68ab7bd Initial empty repository
update COMPATIBLE_MACHINE to use soc_family.
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This update to fsl sdk v1.7 release. The detailed changes
can be found at:
http://git.freescale.com/git/cgit.cgi/ppc/sdk/asf.git/
Other changes to sync with meta-fsl-arm:
* install kernel modules to ${D}/lib/modules/${KERNEL_VERSION}/asf
* install scripts to ${D}/${libexecdir}/
* remove dependency on virtual/kernel as it inherit module.bbclass
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently pkc-host does not support RSA_KEYGEN. When pkc-host
installed, RSA keygen operations should be avoided.
Introduce DISTRO_FEATURE "c29x_pkc". To install pkc-host, this
feature should be enabled. Then cryptodev checks it to disable
RSA_KEYGEN.
this can be done in conf/local.conf:
DISTRO_FEATURES_append = " c29x_pkc"
Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Nikos handed over project maintainance to Phil Sutter.
- Several pending patches have been merged upstream so we removed
them from the recipe. The remaining ones have been sorted
Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
Change-Id: I0c6160c739d379ba787e72423d1564b9a3d05d8b
Reviewed-on: http://git.am.freescale.net:8181/24177
Reviewed-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Tested-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This update to fsl sdk v1.7 release.
For detailed changes, see:
http://git.freescale.com/git/cgit.cgi/ppc/sdk/linux.git/
Remove the patches which were applied in the repository.
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <ting.liu@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Having a number higher than necessary for NR_CPUS wastes memory by
instantiating unnecessary structures in RAM. An example is in the DPAA
where DPAA_ETH_TX_QUEUES is defined based on NR_CPUS and used to create
dozens of extra qman_fq structures. Using the prior value of 24, which
was left over from the T4240 created an additonal 60 frame queue
structures alone.
This has been tested on t1040rdb-64b.
Signed-off-by: Bob Cochran <yocto@mindchasers.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Although the flag existed in Kconfig for FMAN_V3L, it was not set by
default. Also, the T1040 and FMAN V3L only support four O/H ports, so
remove the last two from the DTS files. Otherwise, MAJOR FM Errors
will be reported during FMAN probing / init.
This was tested on t1040rdb-64b
Signed-off-by: Bob Cochran <yocto@mindchasers.com>
|
| |
|
|
|
|
|
|
| |
T1040 uses an E5500 processor, and E5500 doesn't have an Altivec unit
This was tested on a t1040rdb
Signed-off-by: Bob Cochran <yocto@mindchasers.com>
|
| |
|
|
|
|
|
| |
Fix unbounded recursion when processing relocated directories
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A NULL pointer dereference flaw was found in the way the
Linux kernel's Stream Control Transmission Protocol
(SCTP) implementation handled simultaneous connections
between the same hosts. A remote attacker could use this
flaw to crash the system.
References:
- https://access.redhat.com/security/cve/CVE-2014-5077
- http://patchwork.ozlabs.org/patch/372475/
Signed-off-by: Liviu Gheorghisan <liviu.gheorghisan@enea.com>
|
| |
|
|
| |
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
| |
While other cryptodev-fsl's bbapend to assign FILESEXTRAPATHS,
there was a potential dir split error.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
| |
ppce6500 is a specific core which only support 64bit kernel, the duplicate
hack codes were packaged into qoriq_build_64bit_kernel.bbclass, use it.
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
| |
fslmachine is too generic, use qoriq-ppc instead.
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
| |
like linux-imx, linux-qoriq is supposed to be provided and supported
by Freescale. it uses latest linux codes on git.freescale.com
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
|
|
| |
FSL SDK released its own cryptodev based on 1.6, but not all the codes
was upstreamed, add bbappend to use fsl maintained source. This change
only be applied for fsl machines
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
changes:
ASFIPSEC: Fix for IPV6 crash dump when L2blob is not resolved.
ASFIPSEC: Patch to fix P1010/P9131 IPSEC.
ASF: Fix - Reassembly cleanCB not getting called.
ASF: Giving fragmented non TCP/UDP/AH/ESP packet back to linux.
ASFIPSEC:Patch to Fix ICV error in IPv6 case.
asf: handle memory leak due to software buffer counter.
AH-SHA1 does not work with ASF
fmc scripts : 48G fmc config file for T4240RDB
ASFIPSEC: Patch to fix crash when IPSEC traffic is initiated.
Patch to fix klocwork issues
Crash during ping6 test for varied sizes across the tunnel.
FMC : Adding new config file to support 22G ports for T2080QDS
ASF : Porting ASF to kernel 3.13
asf_ipsec: Patch to fix the MD5 issue.
ASF: Memory leaks observed.
asf_ipsec: Patch to fix the issue in AH for 64 bits.
ASF_IPSEC:Same SA is getting added twice under stress traffic
ASF_IPSEC:Multiple times of Addition and deletion of SPD and SAs causing linkage problem.
ASF_IPEC: Unable to delete SPD from ASF.
ASF-IPSEC:SA flush with traffic through the DUT causing crash.
ipsec_scripts: Patch to add scripts for all algorithmic combinations for IPsec.
asf_ipfrag: Patch to fix the issue of crash on P5040RDB.
ASF : Patch to decrement software buffer pool counter when packet send to linux.
ASFCTRL : Patch to reflect back the changes made in linux to netdev_notifier_info_to_dev() of asfctrl.
ASF : update CONFIG_FSL_DPAA_TX_RECYCLE to CONFIG_FMAN_T4240
asf_ipsec: Patch to fix the compilation error.
asf_qos: Patch to fix the compilation error in asf_qos.
ASFIPSEC: Integeration with DPAA eth SG driver
asf_proc: Patch to update the procfs code.
ASFIPSEC : Large size self-generated ping packet crash resolved.
ASF: Patch to fix traffic halt issue in IPSEC fragmentation case.
ASFIPSEC: Patch to fix the crash seen while deleting SA.
ASFCTRL: Patch to check for loopback packet and do not offload it.
ASFIPSEC: invalidate magic number while offloading policy in asfctrl_xfrm_enc_hook
ASFIPSEC: Patch to fix IPSEC fragmented traffic issues.
MODULE_LICENSE is changed to dual(BSD/GPL)
ASF: FMC: Adding 1G port entries for T4240QDS boards.
ASF: Defining flag in ASF for FSL_DPAA_TX_RECYCLE framework
ASF: Adding debug module to create a loopback framawork on DPAA platform
ASF:FMC: Extra line is removed from the file.
Removing make error when ASF is disabled in Kernel
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
| |
Currently it does not support S!=B build, workaround it now
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Changes:
Corrected char buffer overrun error
Added suport for Linux kernel 3.12
Corrected memory map for QMAN and BMAN for T4/B4
Added Device Config support for Gen 1 processors.
Support for additional T4240rev2 and B4860rev2 debug components
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
| |
upstream commit: 7998eb3dc700aaf499f93f50b3d77da834ef9e1d
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
1.move more generic bits to linux-qoriq-sdk.inc file
2.add support for multiple kernel delta config files
3.Append SDK_VERSION to .scmversion, and use the same version format
with u-boot. For exmaple: 3.12.17-rt25-QorIQ-SDK-V1.6+gfae7d11
4.add linux-qoirq-sdk_3.12.bb to use latest released codes in sdk v1.6, detailed changes can be viewed at:
http://git.freescale.com/git/cgit.cgi/ppc/sdk/linux.git/log/?qt=range&q=c29fe1a733308cbe592b3af054a97be1b91cf2dd
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This uses the % wildcard for recipe matching, this easy the update of
recipe versions and maintenance.
- udev-extraconf_1.0.bbappend
- xserver-xf86-config_0.1.bbappend
- lttng-modules_2.3.3.bbappend
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
|
| |
|
|
| |
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zongchun Yu <Zongchun.Yu@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zongchun Yu <Zongchun.Yu@freescale.com>
|
| |
|
|
|
|
|
|
| |
Fix the below issue:
| Computing transaction...error: Can't install asf-git-r0@t4240qds_64b:
| no package provides /usr/sbin/setkey
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
| |
Signed-off-by: Ting Liu <b28495@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
| |
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
*e6500 is built with 32b rootfs/64b kernel, build asf as 64bit too.
*Fix the below build issue on e6500 core:
| DEBUG: Executing shell function do_make_scripts
| make: Entering directory `.../tmp/sysroots/t4240qds/usr/src/kernel'
| CC scripts/mod/empty.o | scripts/mod/empty.c:1:0: error: -mcmodel not supported in this configuration
| make[2]: *** [scripts/mod/empty.o] Error 1
| make[1]: *** [scripts/mod] Error 2
| make: *** [scripts] Error 2
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
| |
|
|
|
|
|
| |
*Ensure the right branches are set in SRC_URI to match the revisions used.
This resolves certain fetch failures.
Signed-off-by: Chunrong Guo <B40290@freescale.com>
|
| |
|
|
| |
This reverts commit a2789b3edf0f3fa4a14279e5d0d4c01d40962353.
|
