Includes a fix for CVE-2022-2068.
(From OE-Core rev: e5b48730a9916eeda37c34d6d2b41c903a3dcdeb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f034faebd45e63385849078e6ee4b51257763e99)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The license checksum changed due to a major version change in the referenced file.
(From OE-Core rev: a290032fe88b6bac5e789da20f88fd72febe1780)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 89f34d8aa4f4572d048dbb732ca4c83d443157fb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The cve-check class writes temporary files to preserve state across the
build, and cleans them up in a CookerExit handler.
However, in memory-resident builds the cooker won't exit in between
builds, so the state isn't cleared and the CVE report generation fails:
NOTE: Generating JSON CVE summary
ERROR: Error adding the same package twice
Easily solved by hooking to BuildCompleted, instead of CookerExit.
(From OE-Core rev: 6f9c806dd1580a80856a687a2ad3a0b32d74dd17)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fccdcfd301de281a427bfee48d8ff47fa07b7259)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove obsolete comments/data from the file. Add in three CVEs to ignore.
Two are qemu CVEs which upstream aren't particularly intersted in and aren't
serious issues. Also ignore the nasm CVE found from fuzzing as this isn't
a issue we'd expose from OE.
(From OE-Core rev: 94fad58c6f10d0dfc42be816b0a7f6b108bd03e6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 68291026aab2fa6ee1260ca95198dd1d568521e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is fixed in 2.4.2, which we have, but the complex CPE in that CVE
isn't parsed by cve-check correctly so it thinks that we're vulnerable.
(From OE-Core rev: 8eb224d3160e8483c2bc6ffa207a2b6fc8644c6f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b40dd920f8b40eabe78db363249257818c63c074)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
I realised only the first logging message was being displayed in a given
parsing process. The reason turned out to be the UI handler failing
with a "pop from empty list". The default handler was then lost and
no further messages were processed.
Fix this by catching the exception correctly in the connection writer code.
(Bitbake rev: b8fd6f5d9959d27176ea016c249cf6d35ac8ba03)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d3e64f64525187f1409531a0bd99df576e627f7f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are two issues inside importlib. Firstly, the modules are accessed in
on disk order. This means behaviour seen on one system might not reproduce
on another and is a real headache.
Secondly, empty directories left behind by previous modules might be looked
at. This has caused a long string of different issues for us.
As a result, patch this to a behaviour which works for us. Upstream discussion
can follow later, this is breaking builds for too many people to leave unpatched.
[YOCTO #14816]
(From OE-Core rev: cdb6879b49d4f6dc2bea8ff064a5b1e62db34781)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e5944a38db513e033c3a3e9313267055f7254be7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In the native sysroot we should never have paths to the python3-native
build directory. These may or may not exist at the time some dependency
is building and nothing should rely upon them.
I suspect nothing is relying on this at the moment but clean up
just to be sure.
The various config copies are adjusted to be modified consistently as some
copies were and some were not. The Makefile has the "bad" ${B} paths
replaced with a dummy placeholder too.
(From OE-Core rev: 2f93d30fee0698e3cf13be17f1691e85d2122b0e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ae9e6249ded8fc063d6333231c391cfa2d594567)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The setuptools version is now used by default when setuptools is installed,
but it is incompatible with some of python's own tests.
(From OE-Core rev: 8e34686911269e461dc646068f7a4d7c0e5da53f)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c0c1ee33781733d712cd983be460001cd7938014)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In some cases it is useful to be able to test the snapshot of
linux-firmware (e.g. to test if the updated firmware works on the
particular hardware). Allow building the linux-firmware snapshots.
To switch to the most recent branch, add the following lines to the
local.conf file:
PREFERRED_VERSION_linux-firmware = "1:20220509+git%"
SRCREV:class-devupstream = "${AUTOREV}"
WHENCE_CHKSUM:class-devupstream:pn-linux-firmware = "4288aad55d189fa225d492526b8406d5"
(From OE-Core rev: 96cd37cff9caaf3e92cbf63660e9b6bc73fa9744)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b023570ae1d239de14b50a0e827582d0e84ddf81)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ignored CVEs aren't patched, but do not apply in our configuration
for some reason. Up till now they were only partially supported
and reported as "Patched".
This patch adds separate reporting of Ignored CVEs. The variable
CVE_CHECK_REPORT_PATCHED now manages reporting of both patched
and ignored CVEs.
(From OE-Core rev: d76957e4257a3bf934bdb94d65aa43267b8d9766)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c773102d4828fc4ddd1024f6115d577e23f1afe4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are cached reproducibility issues on the autobuilder due to the PRServ
sstate checksum issues, flush the bad data out the system by bumping the
versions.
(From OE-Core rev: b2d10487f80deb04a0893325a1ae79c8629a7655)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b12e6cfe3bb34e426c8bb74183d041948cb2ed89)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes fuzz warning with insane class ihnerited introduced in 4c3f51142b
Kirkstone specific, master has been updated to 251.2 and FTBFS with musl [Yocto 14838]
(From OE-Core rev: 7cdaac4a5a30e8705fb725fd0d69629f268e7da3)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using multiconfig with the same TMP folder we can have
races because the shared recipes like gcc-source run twice.
ARCHIVER_OUTDIR = ${ARCHIVER_TOPDIR}/${TARGET_SYS}/${PF}/
which includes TARGET_SYS and between the two different MACHINE values,
this changes from 'arm-poky-linux-gnueabi' to 'aarch64-poky-linux'.
This leads to the task running twice, once for each multiconfig.
To solve this we need to store the shared output in a common place
for all machines and in this way the stamps will be the same for each
machine so the gcc-source will on run once regardless of the machine used.
(From OE-Core rev: 6fa49ffcf2d77aaae5c348b6eb1f0117aa93eeaf)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5abe497aad39a6ce8d72556fcdda1938a0f8c1bc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some tasks may reference ${B} for gcc-source which in general would not exist.
It has dependencies on HOST_SYS and TARGET_SYS which are not appropriate for a
shared recipe like gcc-source. This causes problems for the archiver and
multiconfigs in particlar.
Set B to something else to avoid these task hash issues.
Acked-by: Jose Quaresma <jose.quaresma@foundries.io>
(From OE-Core rev: 7211a6fb51ef0e7f5c919f98a33eaf8094b9c814)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit beb2a76c591e985c6fc7ed473abd1bee27f955a2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building busybox with CONFIG_LSATTR=y and installing that in the same
filesystem as e2fsprogs breaks:
ERROR: ... do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
Deferring to first boot via 'exit 1' is no longer supported.
Fix that by also alternatifying lsattr just as chattr already is.
(From OE-Core rev: 8876f33f08e07480c93803c19b517b2bed4dfe4c)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96703961eeb3460e9da26503d7942cc965d1e573)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When multilib enabled and add layers/meta-openembedded/meta-oe in
conf/bblayers.conf, it reports below error when run oe-selftest.
$ oe-selftest -r oescripts
[snip]
[20:36:33-0700] 2022-05-16 03:36:33,494 - oe-selftest - INFO - RESULTS - oescripts.OEListPackageconfigTests.test_packageconfig_flags_option_flags: FAILED (585.37s)
[snip]
It is because the output of "list-packageconfig-flags.py -f" as below:
$ ../scripts/contrib/list-packageconfig-flags.py -f
[snip]
qt lib32-pinentry lib32-wxwidgets nativesdk-pinentry pinentry pinentry-native wxwidgets wxwidgets-native
secret lib32-pinentry nativesdk-pinentry pinentry pinentry-native
[snip]
But the check logic as below:
class OEListPackageconfigTests(OEScriptTests):
#oe-core.scripts.List_all_the_PACKAGECONFIG's_flags
def check_endlines(self, results, expected_endlines):
for line in results.output.splitlines():
for el in expected_endlines:
if line.split() == el.split():
expected_endlines.remove(el)
break
def test_packageconfig_flags_option_flags(self):
results = runCmd('%s/contrib/list-packageconfig-flags.py -f' % self.scripts_dir)
expected_endlines = []
expected_endlines.append("PACKAGECONFIG FLAG RECIPE NAMES")
expected_endlines.append("qt nativesdk-pinentry pinentry pinentry-native")
expected_endlines.append("secret nativesdk-pinentry pinentry pinentry-native")
self.check_endlines(results, expected_endlines)
And the test will fail as line.split() doesn't equal el.split() as
line.split() is ['lib32-pinentry', 'lib32-wxwidgets', 'nativesdk-pinentry',
'pinentry', 'pinentry-native', 'wxwidgets', 'wxwidgets-native'] and
el.split() is ['nativesdk-pinentry', 'pinentry', 'pinentry-native'].
So change the compare logic to fix the gap.
(From OE-Core rev: 8c74bca4d652af93c7e36a2a8847d8010b8cc009)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 239f22847bcae0cb31769adb0a42b5440173a7c5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It fails to compile xxhash when '-Og' is set in CFLAGS via such as set
DEBUG_BUILD = '1' in local.conf. Check and disable inline when '-Og'
exists.
(From OE-Core rev: d8e454b370089e4a33c8373742178ef4d540e848)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3464c67cd34acbb1a6705369e34dee8af7e348ac)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Current patch removes the uint8_t* cast in src/basic/recurse-dir.c:57
to fix musl build, but it changes the value here as pointer arithmetic
is type-depended in C. This patch corrects the behavior by adding an
extra cast to struct dirent*.
Also changes the patch's Upstream-Status to Inappropriate as it's musl-
specific.
(From OE-Core rev: 741030ce3251d0f6084b6c58904760316ac84487)
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e9e43d7f7488c4da8598759c4882cceeda9d2095)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* add missing space to fix:
/bin/sh: 1: [: Illegal number: 119)
shown in the log.do_compile (isn't fatal for the build)
(From OE-Core rev: 92a5fb9138ee0a2a1b9926217647a23d1c1d73b4)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8f785f35c8a9cdc0107fbaa76b20df5199159ee0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The following kernel commit has been back ported to v5.10.119 and v5.15.44.
commit 14c174633f349cb41ea90c2c0aaddac157012f74
Author: Jason A. Donenfeld <Jason@zx2c4.com>
Date: Thu Feb 10 16:40:44 2022 +0100
random: remove unused tracepoints
These explicit tracepoints aren't really used and show sign of aging.
It's work to keep these up to date, and before I attempted to keep them
up to date, they weren't up to date, which indicates that they're not
really used. These days there are better ways of introspecting anyway.
Which causes the following build failure
lttng-modules-2.13.3/src/probes/lttng-probe-random.c:18:10: fatal error: trace/events/random.h: No such file or directory
| 18 | #include <trace/events/random.h>
| | ^~~~~~~~~~~~~~~~~~~~~~~
| compilation terminated.
(From OE-Core rev: 48aad396d902b36ece414b0adb9cce4aebb093d7)
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c8effd12cae7c7024f8e6c8f6ef70ed602d380ed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lttng-modules fails to build against 5.18-rc7, the details of the fix
are as follows:
The commit [fix: sched/tracing: Don't re-read p->state when emitting
sched_switch event (v5.18)] was correct, but the kernel changed their
mind with the following commit:
commit 9c2136be0878c88c53dea26943ce40bb03ad8d8d
Author: Delyan Kratunov <delyank@fb.com>
Date: Wed May 11 18:28:36 2022 +0000
sched/tracing: Append prev_state to tp args instead
Commit fa2c3254d7cf (sched/tracing: Don't re-read p->state when emitting
sched_switch event, 2022-01-20) added a new prev_state argument to the
sched_switch tracepoint, before the prev task_struct pointer.
This reordering of arguments broke BPF programs that use the raw
tracepoint (e.g. tp_btf programs). The type of the second argument has
changed and existing programs that assume a task_struct* argument
(e.g. for bpf_task_storage access) will now fail to verify.
If we instead append the new argument to the end, all existing programs
would continue to work and can conditionally extract the prev_state
argument on supported kernel versions.
Fixes: fa2c3254d7cf (sched/tracing: Don't re-read p->state when emitting sched_switch event, 2022-01-20)
Signed-off-by: Delyan Kratunov <delyank@fb.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Link: https://lkml.kernel.org/r/c8a6930dfdd58a4a5755fc01732675472979732b.camel@fb.com
By reordering the parameters (again) we can get back up and building.
Upstream-Status: Backport
(From OE-Core rev: 6c689e1b6f5501b0db8b24552fe4eae033fee289)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fb69e5cfb043a15354beb2d613772aa0233d12ae)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating to the latest korg -stable release that comprises
the following commits:
56c31ac1d8aa Linux 5.10.119
7c57f2134988 ALSA: ctxfi: Add SB046x PCI ID
514f58734001 random: check for signals after page of pool writes
18c261e9485a random: wire up fops->splice_{read,write}_iter()
cf8f8d37586f random: convert to using fops->write_iter()
affa1ae52219 random: convert to using fops->read_iter()
4bb374a1183b random: unify batched entropy implementations
552ae8e4841b random: move randomize_page() into mm where it belongs
5f2a040b2fb4 random: move initialization functions out of hot pages
02102b63bd96 random: make consistent use of buf and len
33783ca3556e random: use proper return types on get_random_{int,long}_wait()
1fdd7eef2100 random: remove extern from functions in header
811afd06e0f3 random: use static branch for crng_ready()
04d61b96bd8a random: credit architectural init the exact amount
5123cc61e27d random: handle latent entropy and command line from random_init()
9320e087f2b6 random: use proper jiffies comparison macro
31ac294037be random: remove ratelimiting for in-kernel unseeded randomness
b50f2830b3df random: move initialization out of reseeding hot path
4c4110c052e8 random: avoid initializing twice in credit race
cef9010b78c4 random: use symbolic constants for crng_init states
30e9f362661c siphash: use one source of truth for siphash permutations
772edeb8c76a random: help compiler out with fast_mix() by using simpler arguments
18413472339b random: do not use input pool from hard IRQs
999b0c9e8a97 random: order timer entropy functions below interrupt functions
ce3c4ff38186 random: do not pretend to handle premature next security model
24d327568578 random: use first 128 bits of input as fast init
273aebb50be6 random: do not use batches when !crng_ready()
f4c98fe1d100 random: insist on random_get_entropy() existing in order to simplify
ffcfdd5de9d0 xtensa: use fallback for random_get_entropy() instead of zero
e1ea0e26d3e4 sparc: use fallback for random_get_entropy() instead of zero
a5092be129cf um: use fallback for random_get_entropy() instead of zero
25d4fdf1f0f8 x86/tsc: Use fallback for random_get_entropy() instead of zero
0b93f40cbe97 nios2: use fallback for random_get_entropy() instead of zero
fdca77508152 arm: use fallback for random_get_entropy() instead of zero
d5531246afcf mips: use fallback for random_get_entropy() instead of just c0 random
714def449776 riscv: use fallback for random_get_entropy() instead of zero
84397906a603 m68k: use fallback for random_get_entropy() instead of zero
7690be1adf8a timekeeping: Add raw clock fallback for random_get_entropy()
07b5d0b3e2cc powerpc: define get_cycles macro for arch-override
30ee01bcdc2c alpha: define get_cycles macro for arch-override
c55a863c304e parisc: define get_cycles macro for arch-override
641d1fbd9667 s390: define get_cycles macro for arch-override
c895438b172c ia64: define get_cycles macro for arch-override
7d9eab78bed9 init: call time_init() before rand_initialize()
ec25e386d381 random: fix sysctl documentation nits
9dff512945f1 random: document crng_fast_key_erasure() destination possibility
a1b5c849d855 random: make random_get_entropy() return an unsigned long
72a9ec8d7514 random: allow partial reads if later user copies fail
1805d20dfb67 random: check for signals every PAGE_SIZE chunk of /dev/[u]random
9641d9b4303f random: check for signal_pending() outside of need_resched() check
26ee8fa4dfda random: do not allow user to keep crng key around on stack
bb515a5beff2 random: do not split fast init input in add_hwgenerator_randomness()
be0d4e3e96ad random: mix build-time latent entropy into pool at init
bb563d06c5bc random: re-add removed comment about get_random_{u32,u64} reseeding
f3bc5eca83d3 random: treat bootloader trust toggle the same way as cpu trust toggle
7cb6782146b8 random: skip fast_init if hwrng provides large chunk of entropy
083ab33951e4 random: check for signal and try earlier when generating entropy
20da9c6079df random: reseed more often immediately after booting
9891211dfe03 random: make consistent usage of crng_ready()
95a1c94a1bd7 random: use SipHash as interrupt entropy accumulator
849e7b744cf2 random: replace custom notifier chain with standard one
66307429b5df random: don't let 644 read-only sysctls be written to
4c74ca006afe random: give sysctl_random_min_urandom_seed a more sensible value
0964a76fd58b random: do crng pre-init loading in worker rather than irq
192d4c6cb3e2 random: unify cycles_t and jiffies usage and types
47f0e89b71e2 random: cleanup UUID handling
9b0e0e27140d random: only wake up writers after zap if threshold was passed
c47f215ab36d random: round-robin registers as ulong, not u32
5064550d422d random: clear fast pool, crng, and batches in cpuhp bring up
6e1cb84cc6a0 random: pull add_hwgenerator_randomness() declaration into random.h
32252548b50f random: check for crng_init == 0 in add_device_randomness()
684e9fe92d44 random: unify early init crng load accounting
f656bd0011fd random: do not take pool spinlock at boot
5d73e69a5dd4 random: defer fast pool mixing to worker
7873321cd88f random: rewrite header introductory comment
6d1671b6d253 random: group sysctl functions
21ae543e3afb random: group userspace read/write functions
f04580811d26 random: group entropy collection functions
e9ff357860ab random: group entropy extraction functions
d7e5b1925a67 random: group crng functions
6b1ffb3b5a08 random: group initialization wait functions
6c9cee15555d random: remove whitespace and reorder includes
7b0f36f7c252 random: remove useless header comment
b3901816545e random: introduce drain_entropy() helper to declutter crng_reseed()
0971c1c2fdc6 random: deobfuscate irq u32/u64 contributions
ae1b8f19542f random: add proper SPDX header
9342656c013d random: remove unused tracepoints
17ad693cd214 random: remove ifdef'd out interrupt bench
28683a188537 random: tie batched entropy generation to base_crng generation
adc32acf23db random: fix locking for crng_init in crng_reseed()
bb63851c2557 random: zero buffer after reading entropy from userspace
63c1aae40ac1 random: remove outdated INT_MAX >> 6 check in urandom_read()
07280d2c3f33 random: make more consistent use of integer types
655a69cb41e0 random: use hash function for crng_slow_load()
95026060d809 random: use simpler fast key erasure flow on per-cpu keys
732872aa2c41 random: absorb fast pool into input pool after fast load
7a5b9ca583f9 random: do not xor RDRAND when writing into /dev/random
16a6e4ae71e2 random: ensure early RDSEED goes through mixer on init
c521bf08ee69 random: inline leaves of rand_initialize()
70377ee0740c random: get rid of secondary crngs
c36e71b5a52e random: use RDSEED instead of RDRAND in entropy extraction
1d1582e5fe52 random: fix locking in crng_fast_load()
0762b7d1f1ad random: remove batched entropy locking
8d07e2a22687 random: remove use_input_pool parameter from crng_reseed()
b07fcd9e53fa random: make credit_entropy_bits() always safe
32d1d7ce3aad random: always wake up entropy writers after extraction
985292206167 random: use linear min-entropy accumulation crediting
bb9c45cfb97e random: simplify entropy debiting
de0727c0c448 random: use computational hash for entropy extraction
e0cc561e4758 random: only call crng_finalize_init() for primary_crng
480fd91dcdc7 random: access primary_pool directly rather than through pointer
0b9e36e895bb random: continually use hwgenerator randomness
6d2d29f051be random: simplify arithmetic function flow in account()
a0653a9ec15e random: selectively clang-format where it makes sense
bccc8d92310d random: access input_pool_data directly rather than through pointer
a9db850c219f random: cleanup fractional entropy shift constants
edd294052e77 random: prepend remaining pool constants with POOL_
f87f50b843e4 random: de-duplicate INPUT_POOL constants
09ae6b851979 random: remove unused OUTPUT_POOL constants
8cc5260c19da random: rather than entropy_store abstraction, use global
5897e06ac15a random: remove unused extract_entropy() reserved argument
ae093ca1256e random: remove incomplete last_data logic
7abbc9809fa0 random: cleanup integer types
c9e108e36dc8 random: cleanup poolinfo abstraction
8a3b78f9177c random: fix typo in comments
0ad5d6384d25 random: don't reset crng_init_cnt on urandom_read()
17420c77f04c random: avoid superfluous call to RDRAND in CRNG extraction
c245231aecd3 random: early initialization of ChaCha constants
efaddd56bc54 random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
644320410266 random: harmonize "crng init done" messages
ca57d51126e4 random: mix bootloader randomness into pool
542d8ebedb4d random: do not re-init if crng_reseed completes before primary init
2bfdf588a811 random: do not sign extend bytes for rotation when mixing
685200b076ff random: use BLAKE2s instead of SHA1 in extraction
33c30bfe4fb4 random: remove unused irq_flags argument from add_interrupt_randomness()
b57a88874088 random: document add_hwgenerator_randomness() with other input functions
ae33c501e059 lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
07918ddba3ab lib/crypto: sha1: re-roll loops to reduce code size
5fb6a3ba3af6 lib/crypto: blake2s: move hmac construction into wireguard
62531d446a98 lib/crypto: blake2s: include as built-in
aec0878b1d13 crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
030d3443aa61 crypto: blake2s - adjust include guard naming
fea91e907076 crypto: blake2s - add comment for blake2s_state fields
d45ae768b71b crypto: blake2s - optimize blake2s initialization
6c362b7c7764 crypto: blake2s - share the "shash" API boilerplate code
72e5b68f33a1 crypto: blake2s - move update and final logic to internal/blake2s.h
e467a55bd006 crypto: blake2s - remove unneeded includes
198a19d7ee95 crypto: x86/blake2s - define shash_alg structs using macros
89f9ee998e36 crypto: blake2s - define shash_alg structs using macros
0f8fcf5b6ed7 crypto: lib/blake2s - Move selftest prototype into header file
c3a4645d803e MAINTAINERS: add git tree for random.c
c4882c6e1ec9 MAINTAINERS: co-maintain random.c
acb198c4d11f random: remove dead code left over from blocking pool
6227458fef95 random: avoid arch_get_random_seed_long() when collecting IRQ randomness
257fbea15ab1 ACPI: sysfs: Fix BERT error region memory mapping
14fa2769ea6c ACPI: sysfs: Make sparse happy about address space in use
0debc69f003b media: vim2m: initialize the media device earlier
ed0e71cc3f1e media: vim2m: Register video device after setting up internals
a5c68f457fbf secure_seq: use the 64 bits of the siphash for port offset calculation
33f1b4a27abc tcp: change source port randomizarion at connect() time
9b4aa0d80b18 KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
74c6e5d58435 KVM: x86: Properly handle APF vs disabled LAPIC situation
c06e5f751a08 staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
a8f4d63142f9 lockdown: also lock down previous kgdb use
(From OE-Core rev: a4b49bdba4fa69f365e18ca6d45d7b414b697a1f)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e03685b0263e127777baa3440c15db0de9fff523)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating to the latest korg -stable release that comprises
the following commits:
4e67be407725 Linux 5.15.44
50196b5d73dc ALSA: ctxfi: Add SB046x PCI ID
ea5b87349d5a random: check for signals after page of pool writes
3e167570a951 random: wire up fops->splice_{read,write}_iter()
0789c69644c8 random: convert to using fops->write_iter()
7f8cea12a494 random: convert to using fops->read_iter()
6244da28c6b3 random: unify batched entropy implementations
64cb7f01ddd2 random: move randomize_page() into mm where it belongs
55a368c3e850 random: move initialization functions out of hot pages
542a60612d2a random: make consistent use of buf and len
29ed26a33436 random: use proper return types on get_random_{int,long}_wait()
55729575eaa9 random: remove extern from functions in header
c6ae9d65bcdb random: use static branch for crng_ready()
4e5e6754a4b6 random: credit architectural init the exact amount
11cce5040c29 random: handle latent entropy and command line from random_init()
ac0172992c94 random: use proper jiffies comparison macro
8df752b82ec5 random: remove ratelimiting for in-kernel unseeded randomness
272b79432f66 random: move initialization out of reseeding hot path
c4e600154ac0 random: avoid initializing twice in credit race
23a1b984f4b8 random: use symbolic constants for crng_init states
f4cb809a90df siphash: use one source of truth for siphash permutations
82caef84092e random: help compiler out with fast_mix() by using simpler arguments
4649394c4749 random: do not use input pool from hard IRQs
df4e319ea60f random: order timer entropy functions below interrupt functions
baf06217704b random: do not pretend to handle premature next security model
0d24003b5fde random: use first 128 bits of input as fast init
0d79a47b4ae0 random: do not use batches when !crng_ready()
1ab530cf40dc random: insist on random_get_entropy() existing in order to simplify
e6bd242523e8 xtensa: use fallback for random_get_entropy() instead of zero
b4582cb35167 sparc: use fallback for random_get_entropy() instead of zero
d876dca6edf3 um: use fallback for random_get_entropy() instead of zero
e017497815f3 x86/tsc: Use fallback for random_get_entropy() instead of zero
38fbfa404da6 nios2: use fallback for random_get_entropy() instead of zero
197d25e068c0 arm: use fallback for random_get_entropy() instead of zero
9e6db825e87a mips: use fallback for random_get_entropy() instead of just c0 random
2ab416043a94 riscv: use fallback for random_get_entropy() instead of zero
a1428cd7e194 m68k: use fallback for random_get_entropy() instead of zero
82f182812f17 timekeeping: Add raw clock fallback for random_get_entropy()
bc94ccb2904e powerpc: define get_cycles macro for arch-override
8ca78fbdeba0 alpha: define get_cycles macro for arch-override
9bf990cff673 parisc: define get_cycles macro for arch-override
e05efd31b9db s390: define get_cycles macro for arch-override
9f174326e35c ia64: define get_cycles macro for arch-override
807ed9c29586 init: call time_init() before rand_initialize()
2814a9e632db random: fix sysctl documentation nits
4179671f496b random: document crng_fast_key_erasure() destination possibility
8b373c113a4c random: make random_get_entropy() return an unsigned long
b8078810e44d random: allow partial reads if later user copies fail
ccaaff57ed50 random: check for signals every PAGE_SIZE chunk of /dev/[u]random
02c2e2ca3610 random: check for signal_pending() outside of need_resched() check
e7e196e1ae26 random: do not allow user to keep crng key around on stack
be7561767ce8 random: do not split fast init input in add_hwgenerator_randomness()
636b057e2a1a random: mix build-time latent entropy into pool at init
3967a200367c random: re-add removed comment about get_random_{u32,u64} reseeding
25727cbbe9b4 random: treat bootloader trust toggle the same way as cpu trust toggle
a704248b4590 random: skip fast_init if hwrng provides large chunk of entropy
3689ac035180 random: check for signal and try earlier when generating entropy
94c8249efa76 random: reseed more often immediately after booting
99290c6898b2 random: make consistent usage of crng_ready()
0c66c876393b random: use SipHash as interrupt entropy accumulator
6da877d2d46b random: replace custom notifier chain with standard one
39c9e5566ac5 random: don't let 644 read-only sysctls be written to
e4e1600a674f random: give sysctl_random_min_urandom_seed a more sensible value
2c60d7f38d64 random: do crng pre-init loading in worker rather than irq
1523ec5324e9 random: unify cycles_t and jiffies usage and types
fdb1e54472c3 random: cleanup UUID handling
c169e7a09cd4 random: only wake up writers after zap if threshold was passed
e400ba11a241 random: round-robin registers as ulong, not u32
144c1e7ecf00 random: clear fast pool, crng, and batches in cpuhp bring up
80c1f7f8f3cd random: pull add_hwgenerator_randomness() declaration into random.h
98d6def672fd random: check for crng_init == 0 in add_device_randomness()
9df4a56fad32 random: unify early init crng load accounting
d386b087056a random: do not take pool spinlock at boot
3c48a2da32ef random: defer fast pool mixing to worker
9489e36e2150 random: rewrite header introductory comment
9385681af846 random: group sysctl functions
96340f035df6 random: group userspace read/write functions
74b704245f31 random: group entropy collection functions
43e87e6f3317 random: group entropy extraction functions
019e057db9b1 random: group crng functions
81e62ff1f650 random: group initialization wait functions
d3a2510216b4 random: remove whitespace and reorder includes
30c52e99db0d random: remove useless header comment
95f85a01584e random: introduce drain_entropy() helper to declutter crng_reseed()
c807eca035c3 random: deobfuscate irq u32/u64 contributions
f641f9495d6f random: add proper SPDX header
ce951e9672df random: remove unused tracepoints
4509941f75ac random: remove ifdef'd out interrupt bench
ad5d17d0faf9 random: tie batched entropy generation to base_crng generation
86ab60616ec6 random: fix locking for crng_init in crng_reseed()
d2d1ad9430b1 random: zero buffer after reading entropy from userspace
eda555356b39 random: remove outdated INT_MAX >> 6 check in urandom_read()
5dd066ade820 random: make more consistent use of integer types
ba789caa17a0 random: use hash function for crng_slow_load()
b27bd09d0544 random: use simpler fast key erasure flow on per-cpu keys
1aab83f96663 random: absorb fast pool into input pool after fast load
4a18db164cbb random: do not xor RDRAND when writing into /dev/random
b51caadb18a7 random: ensure early RDSEED goes through mixer on init
fd6eb2800589 random: inline leaves of rand_initialize()
5e4fab6fefb1 random: get rid of secondary crngs
ded4cc806d0d random: use RDSEED instead of RDRAND in entropy extraction
704c76e08804 random: fix locking in crng_fast_load()
67fdda9af773 random: remove batched entropy locking
ad86aa8ec90f random: remove use_input_pool parameter from crng_reseed()
1bc9db59b24c random: make credit_entropy_bits() always safe
3730490111ca random: always wake up entropy writers after extraction
cb65ac300816 random: use linear min-entropy accumulation crediting
a6beb8155b9c random: simplify entropy debiting
a5e2c8a4574a random: use computational hash for entropy extraction
add92df1cb37 random: only call crng_finalize_init() for primary_crng
07e015230415 random: access primary_pool directly rather than through pointer
b53c9666e714 random: continually use hwgenerator randomness
c1dc53d781fd random: simplify arithmetic function flow in account()
2f0e83e8326b random: selectively clang-format where it makes sense
db7a0a9171ed random: access input_pool_data directly rather than through pointer
c25c7e29be27 random: cleanup fractional entropy shift constants
68512942c0d7 random: prepend remaining pool constants with POOL_
2772ba4d5223 random: de-duplicate INPUT_POOL constants
da80b44cf9cf random: remove unused OUTPUT_POOL constants
f9efa1a98831 random: rather than entropy_store abstraction, use global
b6d849d0e2f8 random: remove unused extract_entropy() reserved argument
578fbb760064 random: remove incomplete last_data logic
8aa9ddc4db29 random: cleanup integer types
4330c485f92c random: cleanup poolinfo abstraction
250bda5d0505 random: fix typo in comments
15a1a3baf14f random: don't reset crng_init_cnt on urandom_read()
d47579fb283a random: avoid superfluous call to RDRAND in CRNG extraction
0c3910447110 random: early initialization of ChaCha constants
5822fad8d3dc random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
69bb5f0917f9 random: harmonize "crng init done" messages
c4c9081184e9 random: mix bootloader randomness into pool
1b1258b91757 random: do not re-init if crng_reseed completes before primary init
08040365d0b7 random: do not sign extend bytes for rotation when mixing
2e827d53343a random: use BLAKE2s instead of SHA1 in extraction
c5a7694fa802 random: remove unused irq_flags argument from add_interrupt_randomness()
40af1df8034a random: document add_hwgenerator_randomness() with other input functions
45626449eb25 lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
b0cdd9ec8445 lib/crypto: sha1: re-roll loops to reduce code size
cba2195416d4 lib/crypto: blake2s: move hmac construction into wireguard
caba66ec322e lib/crypto: blake2s: include as built-in
830ecbae41a7 MAINTAINERS: add git tree for random.c
12d7163380a2 MAINTAINERS: co-maintain random.c
0da5349e2254 ACPI: sysfs: Fix BERT error region memory mapping
bf5a3c51e9f7 ice: fix crash at allocation failure
acd12d165281 KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
f82ccfa4835b HID: amd_sfh: Add support for sensor discovery
(From OE-Core rev: 87f0b01ea3a920eb881f9ef58e8d6a4f0606231b)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 20bd31326564cfb29e1442e8bbe2f9765aad5992)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie
Alexander Kanavin
Ross Burton
Pgowda
Lee Chee Yang
Steve Sakoman
Michael Opdenacker
Martin Jansa
Paulo Neves
Nick Potenski
Davide Gardenal
Dmitry Baryshkov
Marta Rybczynska
Pavel Zhukov
Jose Quaresma
Yi Zhao
Rasmus Villemoes
Mingli Yu
Kai Kang
Jack Mitchell
Xiaobing Luo
Jiaqing Zhao
He Zhe
Bruce Ashfield