|
Re: New CVE entry this week
Masami Ichikawa
Hi !
On Thu, Sep 9, 2021 at 3:42 PM Pavel Machek <pavel@denx.de> wrote: I think so too. maybe we don't have to track this CVE. Thanks. I overlooked it.CVE-2021-40490: A race condition was discovered inThis is already queued to 4.4 and 4.19; we can simply wait. I see. We don't have to track it. I'll update information when thereCVE-2021-38198: KVM: X86: MMU: Use the correct inherited permissionsKVM. Tricky code and not exactly focus on CIP code. But perhaps is a new update . Best regards,Regards, -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@cybertrust.co.jp :masami.ichikawa@miraclelinux.com
|
|
|
|
CIP IRC weekly meeting today on libera.chat
Jan Kiszka
Hi all,
Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today. Please note that we moved from Freenode to libera.chat. Our channel is the following: irc:irc.libera.chat:6667/cip Furthermore note that the IRC meeting is now scheduled to UTC (GMT) 13:00: https://www.timeanddate.com/worldclock/meetingdetails.html?year=2021&month=9&day=9&hour=13&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248 USWest USEast UK DE TW JP 06:00 09:00 14:00 15:00 21:00 22:00 Last meeting minutes: https://irclogs.baserock.org/meetings/cip/2021/09/cip.2021-09-02-13.00.log.html * Action item 1. Combine root filesystem with kselftest binary - iwamatsu & alicef * Kernel maintenance updates * Kernel testing * AOB Jan -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux
|
|
|
|
Re: New CVE entry this week
Pavel Machek
Hi!
CVE-2021-3759: memcg: charge semaphores and sem_undo objectsI don't think we need to care about this one. Embedded systems don't usually run untrusted code... CVE-2021-40490: A race condition was discovered inThis is already queued to 4.4 and 4.19; we can simply wait. CVE-2021-38198: KVM: X86: MMU: Use the correct inherited permissionsKVM. Tricky code and not exactly focus on CIP code. But perhaps someone fixes it for us :-). Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|
|
|
New CVE entry this week
Masami Ichikawa
Hi !
It's this week's CVE report. This week reported 3 new CVEs. These CVEs have been fixed in mainline and some stable kernels. * New CVEs CVE-2021-3715: kernel: use-after-free in route4_change() in net/sched/cls_route.c This vulnerability was introduced in 3.18-rc1 and fixed in 5.6. Therefore 5.6 or later kernels aren't affect this vulnerability. Fixed status cip/4.19: [ea3d6652c240978736a91b9e85fde9fee9359be4] cip/4.19-rt: [ea3d6652c240978736a91b9e85fde9fee9359be4] cip/4.4: [7518af6464b47a0d775173570c3d25f699da2a5e] cip/4.4-rt: [7518af6464b47a0d775173570c3d25f699da2a5e] mainline: [ef299cc3fa1a9e1288665a9fdc8bff55629fd359] stable/4.14: [f0c92f59cf528bc1b872f2ca91b01e128a2af3e6] stable/4.19: [ea3d6652c240978736a91b9e85fde9fee9359be4] stable/4.4: [7518af6464b47a0d775173570c3d25f699da2a5e] stable/4.9: [97a8e7afaee8fc4f08662cf8e4f495b87874aa91] stable/5.4: [ff28c6195814bdbd4038b08d39e40f8d65d2025e] CVE-2021-3759: memcg: charge semaphores and sem_undo objects This causes DoS attack. Patch was merged into mainline this week. for 4.19, it needs modify or apply following patches to apply commit 18319498fdd4. 4a2ae92993be24ba727faa733e99d7980d389ec0: ipc/sem.c: replace kvmalloc/memset with kvzalloc and use struct_size bc8136a543aa839a848b49af5e101ac6de5f6b27: ipc: use kmalloc for msg_queue and shmid_kernel fc37a3b8b4388e73e8e3525556d9f1feeb232bb9: ipc sem: use kvmalloc for sem_undo allocation for 4.4, need to modify the patch. Fixed status mainline: [18319498fdd4cdf8c1c2c48cd432863b1f915d6f] CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Commit a54c4613dac1 fixes f19d5870cbf72d4cb2a8e1f749dff97af99b071e which has been merged into 3.8-rc1. Fixed status mainline: [a54c4613dac1500b40e4ab55199f7c51f028e848] stable/5.10: [09a379549620f122de3aa4e65df9329976e4cdf5] stable/5.13: [c764e8fa4491da66780fcb30a0d43bfd3fccd12c] stable/5.14: [f8ea208b3fbbc0546d71b47e8abaf98b0961dec1] * Updated CVEs CVE-2021-3542: media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() Patch has been sent to linux-media list (https://lore.kernel.org/linux-media/20210816072721.GA10534@kili/). btw, no cip member enables DVB_FIREDTV. Fixed status Not fixed in mainline yet. CVE-2021-3640: UAF in sco_send_frame function According to the SUSE bugzilla(https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=99c23da0eed4fd20cae8243f2b51e10e66aa0951 ), patch has been merged into bluetooth-next tree as of 2021/09/03. Fixed status Not fixed in mainline yet. CVE-2021-3739: btrfs: fix NULL pointer dereference when deleting device by invalid id This vulnerability is not affected before 4.20-rc1. Fixed status mainline: [e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091] stable/5.10: [c43add24dffdbac269d5610465ced70cfc1bad9e] stable/5.13: [301aabe0239f227818622096be7e180fcdbedf80] stable/5.14: [734dabfb6918d399024063c9db9093a83f804ce5] stable/5.4: [d7f7eca72ecc08f0bb6897fda2290293fca63068] CVE-2021-3753: vt_kdsetmode: extend console locking A out-of-bounds caused by the race of KDSETMODE in VT. Fixed status mainline: [2287a51ba822384834dafc1c798453375d1107c7] stable/4.14: [3f488313d96fc6512a4a0fe3ed56cce92cbeec94] stable/4.19: [0776c1a20babb4ad0b7ce7f2f4e0806a97663187] stable/4.4: [01da584f08cbb1e04f22796cc49b10d570cd5ec1] stable/4.9: [755a2f40dda2d6b2e3b8624cb052e68947ee4d1f] stable/5.10: [60d69cb4e60de0067e5d8aecacd86dfe92a5384a] stable/5.13: [a5dfcf3d8ecc549f8dc324ab6caf9dd14de87986] stable/5.14: [acf3c7b4fae092e7f5c170bc8a0fe2ead9b2a320] stable/5.4: [f4418015201bdca0cd4e28b363d88096206e4ad0] CVE-2021-3743: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c The Qualcomm's IPC router protocol(qrtr) has been introduced since 4.15-rc1 so before 4.15 kernels aren't affected. Fixed status mainline: [7e78c597c3ebfd0cb329aa09a838734147e4f117] stable/4.19: [ce7d8be2eaa4cab3032e256d154d1c33843d2367] stable/5.10: [ad41706c771a038e9a334fa55216abd69b32bfdf] stable/5.13: [d6060df9b53ab8098c954aac9acbacef6915e42a] stable/5.4: [a6b049aeefa880a8bd7b1ae3a8804bda1e8b077e] CVE-2021-38198: KVM: X86: MMU: Use the correct inherited permissions to get shadow page 4.14 has been fixed this week. mainline: [b1bd5cba3306691c771d558e94baa73e8b0b96b7] stable/4.14: [cea9e8ee3b8059bd2b36d68f1f428d165e5d13ce] stable/4.19: [4c07e70141eebd3db64297515a427deea4822957] stable/5.10: [6b6ff4d1f349cb35a7c7d2057819af1b14f80437] stable/5.4: [d28adaabbbf4a6949d0f6f71daca6744979174e2] CVE-2021-3444: bpf: Fix truncation handling for mod32 dst reg wrt zero The vulnerability has been introduced since 4.15-rc9. 4.4 is not affected. 4.19 has been fixed in this week. Fixed status mainline: [9b00f1b78809309163dda2d044d9e94a3c0248a3] stable/4.19: [39f74b7c81cca139c05757d9c8f9d1e35fbbf56b] stable/5.10: [3320bae8c115863b6f17993c2b7970f7f419da57] stable/5.11: [55c262ea5d0f754648cd25aa73de081adaab07d9] stable/5.4: [185c2266c1df80bec001c987d64cae2d9cd13816] CVE-2021-3600: eBPF 32-bit source register truncation on div/mod The vulnerability has been introduced since 4.15-rc9. 4.4 is not affected. 4.19 has been fixed in this week.We have been tracking this vulnerability since Aug to watch 4.19 to be fixed, and now it is finally fixed. Fixed status mainline: [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90] stable/4.19: [1d16cc210fabd0a7ebf52d3025f81c2bde054a90] stable/5.10: [1d16cc210fabd0a7ebf52d3025f81c2bde054a90] stable/5.4: [78e2f71b89b22222583f74803d14f3d90cdf9d12] CVE-2021-3655: missing size validations on inbound SCTP packets cip/4.4, cip/4.19, cip/4.4-rt, cip/4.19-rt, stable/4.14, and stable/5.4 have been fixed this week. Fixed status mainline: [0c5dc070ff3d6246d22ddd931f23a6266249e3db, 50619dbf8db77e98d821d615af4f634d08e22698, b6ffe7671b24689c09faa5675dd58f93758a97ae, ef6c8d6ccf0c1dccdda092ebe8782777cd7803c9] stable/4.19: [c7a03ebace4f9cd40d9cd9dd5fb2af558025583c, dd16e38e1531258d332b0fc7c247367f60c6c381] cip/4.19: [c7a03ebace4f9cd40d9cd9dd5fb2af558025583c, dd16e38e1531258d332b0fc7c247367f60c6c381] cip/4.19-rt: [c7a03ebace4f9cd40d9cd9dd5fb2af558025583c, dd16e38e1531258d332b0fc7c247367f60c6c381] stable/4.4: [48cd035cad5b5fad0648aa8294c4223bedb166dd] cip/4.4: [48cd035cad5b5fad0648aa8294c4223bedb166dd] cip/4.4-rt: [48cd035cad5b5fad0648aa8294c4223bedb166dd] stable/4.9: [c7da1d1ed43a6c2bece0d287e2415adf2868697e] stable/5.10: [d4dbef7046e24669278eba4455e9e8053ead6ba0, 6ef81a5c0e22233e13c748e813c54d3bf0145782] stable/4.14: [f01bfaea62d14938ff2fbeaf67f0afec2ec64ab9, d890768c1ed6688ca5cd54ee37a69d90ea8c422f] stable/5.4: [03a5e454614dc095a70d88c85ac45ba799c79971, a01745edc1c95ff53e261c493f15bb43b1338003] Currently tracking CVEs CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 There is no fix information. CVE-2021-3640: UAF in sco_send_frame function There is no fix information. CVE-2020-26555: BR/EDR pin code pairing broken There is no fix information CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning No fix information. CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM No fix information. CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning No fix information. CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning No fix information. Other topics. About cve.mitre.org CVE Website Transitioning to New Web Address – “CVE.ORG” https://cve.mitre.org/news/archives/2021/news.html#September022021_CVE_Website_Transitioning_to_New_Web_Address_-_CVE.ORG Regards, -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@cybertrust.co.jp :masami.ichikawa@miraclelinux.com
|
|
|
|
FW: KernelCI Hackfest #2 - Sept 6-10 2021
Chris Paterson
FYI
toggle quoted messageShow quoted text
Link to original message without annoying safelinks: https://lore.kernel.org/lkml/259a2ea9-63da-b5df-3496-676c2b76700b@collabora.com/ Kind regards, Chris
-----Original Message-----
From: kernelci@groups.io <kernelci@groups.io> On Behalf Of Guillaume Tucker via groups.io Sent: 02 September 2021 21:23 To: kernelci@groups.io Cc: kernelci-members <kernelci-members@groups.io>; automated-testing@lists.yoctoproject.org; Collabora Kernel ML <kernel@collabora.com>; linux-kernel@vger.kernel.org; Jesse Barnes <jsbarnes@google.com>; Summer Wang <wangsummer@google.com>; linux-kselftest@vger.kernel.org; workflows@vger.kernel.org; kunit-dev@googlegroups.com; clang-built-linux <clang-built-linux@googlegroups.com> Subject: Re: KernelCI Hackfest #2 - Sept 6-10 2021 On 02/08/2021 10:00, Guillaume Tucker wrote: The first KernelCI hackfest[1] early June was successful in gettingPlease find below some extra information for the KernelCI Hackfest which is taking place next week. We're expecting at least some contributors from the Civil Infrastructure Platform project, the Google Chrome OS kernel team, Collabora kernel developers and a few more from the wider Linux kernel community. If you need any direct support, please reply to this email or ask on kernelci.slack.com or IRC #kernelci (libera.chat). Here's the project board where anyone can already add some ideas:In order to add an issue to the workboard, please first create one in a KernelCI GitHub repository such as kernelci-core: https://jpn01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fkernelci%2Fkernelci-core%2Fissues&;data=04%7C01%7Cchris.paterson2%40renesas.com%7C40b772cad9334f95da9b08d96e4f817e%7C53d82571da1947e49cb4625a166a4a2a%7C0%7C0%7C637662110028350236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tbQmPdA4sJrRLpDSp3ExMS9ZiEVYgk%2BoPdylxe7zCNU%3D&reserved=0 Each contributor to the hackfest should be added to the KernelCI "hackers" team, which has permission to edit the workboard. If you aren't part of this team yet, please ask and you'll be invited. Note: Having a GitHub account is not mandatory for taking part in the hackfest. It's mainly there to facilitate coordination, even though it is required in order to contribute to the KernelCI GitHub repositories. Contributions as part of the hackfest may also be in the kernel tree such as improvements to kselftest, KUnit or bug fixes, or other test suites such as LTP etc. The hackfest features:Please see the table below with the proposed daily open hours to accommodate most time zones: Region Zone Time 1 Time 2 East Asia GMT+10 17:00-19:00 03:00-05:00 Europe GMT+2 09:00-11:00 19:00-21:00 UTC 07:00-09:00 17:00-19:00 West America GMT-7 00:00-02:00 10:00-12:00 They will be held as a Big Blue Button virtual conference with the same URL as the last hackfest. It's not being shared publicly to avoid any potential abuse, so please ask if you don't have it already. On Monday, the focus should be put on getting started and reviewing the backlog on the hackfest workboard to distribute things among people or help new contributors find topics suitable for them. Open hours are otherwise opportunities to get more direct support from the KernelCI team or discuss any topic. See you there! Best wishes, Guillaume [1] https://jpn01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffoundation.kernelci.org%2Fblog%2F2021%2F06%2F24%2Fthe-first-ever-kernelci-hackfest%2F&;data=04%7C01%7Cchris.paterson2%40renesas.com%7C40b772cad9334f95da9b08d96e4f817e%7C53d82571da1947e49cb4625a166a4a2a%7C0%7C0%7C637662110028350236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OVrrOfoO%2B2nR9RKQpw30D54Dq%2F1Ucyof9fC9sPwbcLI%3D&reserved=0
|
|
|
|
Re: New CVE entry this week
Masami Ichikawa
Hi !
On Thu, Sep 2, 2021 at 3:28 PM Pavel Machek <pavel@denx.de> wrote: Thank you for the comment. This weekly report mail contains full list which are new CVEs, updated CVEs, and currently tracking CVEs, so summary can be removed or make it simple I think. I'll write a new summary style that includes CVEs which we need to take care of. Regards,* CVE detailThis one is queued for 5.10.62, so this is getting fixed for us. -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@cybertrust.co.jp :masami.ichikawa@miraclelinux.com
|
|
|
|
Re: New CVE entry this week
Nobuhiro Iwamatsu
Hi,
toggle quoted messageShow quoted text
-----Original Message-----I checked the patch application and build at hand. We can backport without any changes to 4.4 tree. But I don't have this device, so I can't confirm the working. Best regards, Nobuhiro
|
|
|
|
Re: New CVE entry this week
Pavel Machek
Hi!
* CVE short summaryThese summaries are not so short; I simply skip them and go to full list. Perhaps they don't need to be included, or could include only CVEs where we need to take an action? * CVE detailThis one is queued for 5.10.62, so this is getting fixed for us. CVE-2021-3743: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.cFixes are queued for 4.19 and 5.10.62, so this is getting fixed for us. CVE-2021-3753: A out-of-bounds caused by the race of KDSETMODE in vtAgreed, fixed in 4.19.192 and 4.4.270. Nothing for us to do there. Updated CVEsFixed in 4.14 but not 4.4. stable/4.14: [2cbb22fd4b4fb4d0822d185bf5bd6d027107bfda,Diffstat looks like this: key.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) main.c | 5 +++++ 1 file changed, 5 insertions(+) ath.h | 1 + key.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) ath.h | 2 +- ath5k/mac80211-ops.c | 2 +- ath9k/htc_drv_main.c | 2 +- ath9k/main.c | 5 ++--- key.c | 34 +++++++++++++++++----------------- 5 files changed, 22 insertions(+), 23 deletions(-) hw.h | 1 main.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 87 insertions(+), 1 deletion(-) Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|
|
|
CIP IRC weekly meeting today on libera.chat
Jan Kiszka
Hi all,
Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today. Please note that we moved from Freenode to libera.chat. Our channel is the following: irc:irc.libera.chat:6667/cip Furthermore note that the IRC meeting is now scheduled to UTC (GMT) 13:00: https://www.timeanddate.com/worldclock/meetingdetails.html?year=2021&month=9&day=2&hour=13&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248 USWest USEast UK DE TW JP 06:00 09:00 14:00 15:00 21:00 22:00 Last meeting minutes: https://irclogs.baserock.org/meetings/cip/2021/08/cip.2021-08-26-13.00.log.html * Action item 1. Combine root filesystem with kselftest binary - iwamatsu & alicef 2. Do some experiment to lower burdens on CI - patersonc * Kernel maintenance updates * Kernel testing * AOB Jan -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux
|
|
|
|
New CVE entry this week
Masami Ichikawa
Hi !
It's this week's CVE report. * CVE short summary ** New CVEs CVE-2021-3739: mainline is fixed. before 4.20-rc1 kernels aren't affected. CVE-2021-3743: mainline is fixed. before 4.15-rc1 kernels aren't affected. CVE-2021-3753: mainline is fixed. 4.4 and 4.19 kernels are affected. ** Updated CVEs CVE-2020-3702: 4.14, 4.19, 5.10, 5.4 kernels are fixed CVE-2021-3653:stable kernels are fixed. CVE-2021-3656: stable are fixed. 4.4 is not affected. CVE-2021-3600: Patches for 4.19 exist in stable-rc tree as of 2021/09/02. ** Tracking CVEs CVE-2021-31615: No fix information as of 2021/09/02. CVE-2021-3640: No fix information as of 2021/09/02. CVE-2020-26555: No fix information as of 2021/09/02. CVE-2020-26556: No fix information as of 2021/09/02. CVE-2020-26557: No fix information as of 2021/09/02. CVE-2020-26559: No fix information as of 2021/09/02. CVE-2020-26560: No fix information as of 2021/09/02. CVE-2021-3600: mainline, 5.10, 5.4 are fixed. 4.4 isn't affected. 4.19 will be fixed in stable tree. * CVE detail New CVEs CVE-2021-3739: btrfs: fix NULL pointer dereference when deleting device by invalid id Fixed in btrfs tree but not fixed in mainline yet. This vulnerability has been introduced since 4.20-rc1 so before 4.20 kernel aren't affected this vulnerability. Fixed status mainline: [e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091] CVE-2021-3743: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c The Qualcomm's IPC router protocol(qrtr) has been introduced since 4.15-rc1 so before 4.15 kernels aren't affected. Checked on cip-kernel-config, it looks like no CIP member enables QRTR. Fixed status mainline: [7e78c597c3ebfd0cb329aa09a838734147e4f117] CVE-2021-3753: A out-of-bounds caused by the race of KDSETMODE in vt Commit ffb324e6f874121f7dce5bdae5e05d02baae7269 introduced race condition and oob bug. The commit ffb324e6f874 have been backported to 4.4 and 4.19. Fixed status mainline: [2287a51ba822384834dafc1c798453375d1107c7] Updated CVEs CVE-2020-3702: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic Vulnerability in ath9k driver. 4.4.y-cip/arm/siemens_imx6_defconfig and 4.4.y-cip/arm/moxa_mxc_defconfig use ath9k. Fixed status mainline: [56c5485c9e444c2e85e11694b6c44f1338fc20fd, 73488cb2fa3bb1ef9f6cf0d757f76958bd4deaca, d2d3e36498dd8e0c83ea99861fac5cf9e8671226, 144cd24dbc36650a51f7fe3bf1424a1432f1f480, ca2848022c12789685d3fab3227df02b863f9696] stable/4.14: [2cbb22fd4b4fb4d0822d185bf5bd6d027107bfda, 20e7de09cbdb76a38f28fb71709fae347123ddb7, 995586a56748c532850870523d3a9080492b3433, f4d4f4473129e9ee55b8562250adc53217bad529, 61b014a8f8de02bedc56f76620170437f5638588] stable/4.19: [dd5815f023b89c9a28325d8a2a5f0779b57b7190, d2fd9d34210f34cd0ff5b33fa94e9fcc2a513cea, fb924bfcecc90ca63ca76b5a10f192bd0e1bb35d, 7c5a966edd3c6eec4a9bdf698c1f27712d1781f0, 08c613a2cb06c68ef4e7733e052af067b21e5dbb] stable/5.10: [8f05076983ddeaae1165457b6aa4eca9fe0e5498, 6566c207e5767deb37d283ed9f77b98439a1de4e, 2925a8385ec746bf09c11dcadb9af13c26091a4d, 609c0cfd07f0ae6c444e064a59b46c5f3090b705, e2036bc3fc7daa03c15fda27e1818192da817cea] stable/5.4: [0c049ce432b37a51a0da005314ac32e5d9324ccf, add283e2517a90468ce223465e0f4360128bb650, b7d593705eb4f0655a70f0207f573fb1edb80bda, c6feaf806da6a0deecc2fe41adb3443cdecba347, 23f77ad13f8176314b7c51f71b9ac7c5c6d10b7b] CVE-2021-3653: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl Fixed status mainline: [0f923e07124df069ba68d8bb12324398f4b6b709] stable/4.14: [26af47bdc45e454877f15fa7658a167bb9799681] stable/4.19: [42f4312c0e8a225b5f1e3ed029509ef514f2157a] stable/4.4: [53723b7be26ef31ad642ce5ffa8b42dec16db40e] stable/4.9: [29c4f674715ba8fe7a391473313e8c71f98799c4] stable/5.10: [c0883f693187c646c0972d73e525523f9486c2e3] stable/5.13: [a0949ee63cf95408870a564ccad163018b1a9e6b] stable/5.4: [7c1c96ffb658fbfe66c5ebed6bcb5909837bc267] CVE-2021-3656: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Fixed status mainline: [c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc] stable/4.14: [6ed198381ed2496fbc82214108e56a441d3b0213] stable/4.19: [119d547cbf7c055ba8100309ad71910478092f24] stable/5.10: [3dc5666baf2a135f250e4101d41d5959ac2c2e1f] stable/5.13: [639a033fd765ed473dfee27028df5ccbe1038a2e] stable/5.4: [a17f2f2c89494c0974529579f3552ecbd1bc2d52] stable/4.4: Not affected Currently tracking CVEs CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 There is no fix information as of 2021/08/26. CVE-2021-3640: UAF in sco_send_frame function There is no fix information as of 2021/08/26. CVE-2020-26555: BR/EDR pin code pairing broken There is no fix information as of 2021/08/26. CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning No fix information as of 2021/08/26. CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM No fix information as of 2021/08/26. CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning No fix information as of 2021/08/26. CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning No fix information as of 2021/08/26. CVE-2021-3600: eBPF 32-bit source register truncation on div/mod The vulnerability has been introduced since 4.15-rc9. 4.4 is not affected. 4.19 is not fixed yet as of 2021/08/26. Patches have been sent to stable kernel(https://lore.kernel.org/stable/YSj43Lpw9bilHuIn@kroah.com/T/#t). Then these have been included in stable-rc tree. These patch set addressed to fix CVE-2021-3444 and CVE-2021-3600. Discussion: https://lore.kernel.org/stable/YSd1q9Llm1vsWbXT@mussarela/T/#t Patches in stable-rc tree. bpf: Do not use ax register in interpreter on div/mod: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/commit/?h=queue/4.19&id=5179c6c58d0a2a05eeadd1bc0431bee01609d5b2 bpf: Fix 32 bit src register truncation on div/mod: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/commit/?h=queue/4.19&id=ca13f215fc36e37cf46d624b8c0ee71c10e231b1 bpf: Fix truncation handling for mod32 dst reg wrt zero: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/commit/?h=queue/4.19&id=a84037fcded8a9513f4838079cef85c516036f23 mainline: [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90] stable/5.10: [1d16cc210fabd0a7ebf52d3025f81c2bde054a90] stable/5.4: [78e2f71b89b22222583f74803d14f3d90cdf9d12] Regards,
|
|
|
|
cip/linux-4.19.y-cip baseline: 319 runs, 3 regressions (v4.19.205-cip56)
#kernelci
kernelci.org bot <bot@...>
cip/linux-4.19.y-cip baseline: 319 runs, 3 regressions (v4.19.205-cip56)
Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+------+--------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-baylibre | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-broonie | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-cip | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/job/cip/branch/linux-4.19.y-cip/kernel/v4.19.205-cip56/plan/baseline/ Test: baseline Tree: cip Branch: linux-4.19.y-cip Describe: v4.19.205-cip56 URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git SHA: ad19e133aebcec558066ea338f896ec0b7338254 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+------+--------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-baylibre | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/612d8ea3b86a70ad1c8e2ca5 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/versatile_defconfig/gcc-8/lab-baylibre/baseline-qemu_arm-versatilepb.txt HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/versatile_defconfig/gcc-8/lab-baylibre/baseline-qemu_arm-versatilepb.html Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-6-g8983f3b738df/armel/baseline/rootfs.cpio.gz * baseline.login: https://kernelci.org/test/case/id/612d8ea3b86a70ad1c8e2ca6 failing since 290 days (last pass: v4.19.152-cip37-37-g18852869b06b, first fail: v4.19.157-cip38) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+--------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-broonie | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/612d8f796095f64edd8e2c86 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/versatile_defconfig/gcc-8/lab-broonie/baseline-qemu_arm-versatilepb.txt HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/versatile_defconfig/gcc-8/lab-broonie/baseline-qemu_arm-versatilepb.html Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-6-g8983f3b738df/armel/baseline/rootfs.cpio.gz * baseline.login: https://kernelci.org/test/case/id/612d8f796095f64edd8e2c87 failing since 290 days (last pass: v4.19.152-cip37-37-g18852869b06b, first fail: v4.19.157-cip38) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+--------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-cip | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/612d8e83b44cb7d5a18e2c9b Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/versatile_defconfig/gcc-8/lab-cip/baseline-qemu_arm-versatilepb.txt HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/versatile_defconfig/gcc-8/lab-cip/baseline-qemu_arm-versatilepb.html Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-6-g8983f3b738df/armel/baseline/rootfs.cpio.gz * baseline.login: https://kernelci.org/test/case/id/612d8e83b44cb7d5a18e2c9c failing since 290 days (last pass: v4.19.152-cip37-37-g18852869b06b, first fail: v4.19.157-cip38)
|
|
|
|
cip/linux-4.19.y-cip baseline-nfs: 42 runs, 1 regressions (v4.19.205-cip56)
#kernelci
kernelci.org bot <bot@...>
cip/linux-4.19.y-cip baseline-nfs: 42 runs, 1 regressions (v4.19.205-cip56)
Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -----------+------+-----------------+----------+--------------------+------------ dove-cubox | arm | lab-pengutronix | gcc-8 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/job/cip/branch/linux-4.19.y-cip/kernel/v4.19.205-cip56/plan/baseline-nfs/ Test: baseline-nfs Tree: cip Branch: linux-4.19.y-cip Describe: v4.19.205-cip56 URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git SHA: ad19e133aebcec558066ea338f896ec0b7338254 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -----------+------+-----------------+----------+--------------------+------------ dove-cubox | arm | lab-pengutronix | gcc-8 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/612d91bb905996aa128e2c8c Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/multi_v7_defconfig/gcc-8/lab-pengutronix/baseline-nfs-dove-cubox.txt HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.205-cip56/arm/multi_v7_defconfig/gcc-8/lab-pengutronix/baseline-nfs-dove-cubox.html Rootfs: http://storage.kernelci.org/images/rootfs/debian/buster/20210730.6/armhf/initrd.cpio.gz * baseline-nfs.login: https://kernelci.org/test/case/id/612d91bb905996aa128e2c8d failing since 127 days (last pass: v4.19.186-cip47-1-g4c2cb7ba796b, first fail: v4.19.188-cip48)
|
|
|
|
cip/linux-4.19.y-cip build: 114 builds: 0 failed, 114 passed, 31 warnings (v4.19.205-cip56)
#kernelci
kernelci.org bot <bot@...>
cip/linux-4.19.y-cip build: 114 builds: 0 failed, 114 passed, 31 warnings (v4.19.205-cip56)
Full Build Summary: https://kernelci.org/build/cip/branch/linux-4.19.y-cip/kernel/v4.19.205-cip56/ Tree: cip Branch: linux-4.19.y-cip Git Describe: v4.19.205-cip56 Git Commit: ad19e133aebcec558066ea338f896ec0b7338254 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git Built: 3 unique architectures Warnings Detected: arm64: arm: allmodconfig (gcc-8): 2 warnings am200epdkit_defconfig (gcc-8): 1 warning colibri_pxa300_defconfig (gcc-8): 1 warning corgi_defconfig (gcc-8): 1 warning efm32_defconfig (gcc-8): 1 warning eseries_pxa_defconfig (gcc-8): 1 warning h5000_defconfig (gcc-8): 1 warning integrator_defconfig (gcc-8): 1 warning lpc32xx_defconfig (gcc-8): 1 warning lpd270_defconfig (gcc-8): 1 warning magician_defconfig (gcc-8): 1 warning mainstone_defconfig (gcc-8): 1 warning multi_v4t_defconfig (gcc-8): 1 warning palmz72_defconfig (gcc-8): 1 warning pcm027_defconfig (gcc-8): 1 warning prima2_defconfig (gcc-8): 1 warning pxa168_defconfig (gcc-8): 1 warning pxa255-idp_defconfig (gcc-8): 1 warning pxa3xx_defconfig (gcc-8): 1 warning pxa910_defconfig (gcc-8): 1 warning raumfeld_defconfig (gcc-8): 1 warning s3c6400_defconfig (gcc-8): 1 warning s5pv210_defconfig (gcc-8): 1 warning spitz_defconfig (gcc-8): 1 warning stm32_defconfig (gcc-8): 1 warning tango4_defconfig (gcc-8): 1 warning tct_hammer_defconfig (gcc-8): 1 warning viper_defconfig (gcc-8): 1 warning vt8500_v6_v7_defconfig (gcc-8): 1 warning zeus_defconfig (gcc-8): 1 warning x86_64: Warnings summary: 29 drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] 1 /tmp/ccSMp14H.s:18196: Warning: using r15 results in unpredictable behaviour 1 /tmp/ccSMp14H.s:18124: Warning: using r15 results in unpredictable behaviour ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- acs5k_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- acs5k_tiny_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allmodconfig (arm, gcc-8) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: /tmp/ccSMp14H.s:18124: Warning: using r15 results in unpredictable behaviour /tmp/ccSMp14H.s:18196: Warning: using r15 results in unpredictable behaviour -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- am200epdkit_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- aspeed_g4_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- aspeed_g5_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- at91_dt_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- axm55xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- badge4_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bcm2835_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cerfcube_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cm_x300_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- colibri_pxa270_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- colibri_pxa300_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- collie_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- corgi_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- davinci_all_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+CONFIG_CPU_BIG_ENDIAN=y (arm64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+CONFIG_RANDOMIZE_BASE=y (arm64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+crypto (arm64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+ima (arm64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- dove_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ebsa110_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- efm32_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- em_x270_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ep93xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- eseries_pxa_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- exynos_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- footbridge_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- gemini_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- h3600_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- h5000_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- hackkit_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- hisi_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imote2_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v4_v5_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- integrator_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- iop13xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- iop32x_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- iop33x_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ixp4xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- jornada720_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- keystone_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ks8695_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpc18xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpc32xx_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- lpd270_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- magician_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- mainstone_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- mini2440_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mmp2_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- moxart_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mps2_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v4t_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+CONFIG_EFI=y+CONFIG_ARM_LPAE=y (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+CONFIG_SMP=n (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+crypto (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig+ima (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mvebu_v5_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mxs_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- netwinder_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- netx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nhk8815_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nuc910_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nuc950_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nuc960_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap1_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- orion5x_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- oxnas_v6_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- palmz72_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pcm027_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pleb_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- prima2_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pxa168_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pxa255-idp_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pxa3xx_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pxa910_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- pxa_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- qcom_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- raumfeld_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- realview_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rpc_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s3c6400_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- s5pv210_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- sama5_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- simpad_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- socfpga_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear13xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear3xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear6xx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spitz_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- stm32_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- sunxi_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tango4_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- tct_hammer_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- trizeps4_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- u300_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- versatile_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- viper_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- vt8500_v6_v7_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+crypto (x86_64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+ima (x86_64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86_kvm_guest (x86_64, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- zeus_defconfig (arm, gcc-8) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/clk/clk.c:49:27: warning: ‘orphan_list’ defined but not used [-Wunused-variable] -------------------------------------------------------------------------------- zx_defconfig (arm, gcc-8) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info@kernelci.org>
|
|
|
|
[ANNOUNCE] Release v4.19.205-cip56
Nobuhiro Iwamatsu
Hi,
CIP kernel team has released Linux kernel v4.19.205-cip56. The linux-4.19.y-cip tree has been updated base version from v4.19.204 to v4.19.205. You can get this release via the git tree at: v4.19.205-cip56: repository: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git branch: linux-4.19.y-cip commit hash: ad19e133aebcec558066ea338f896ec0b7338254 Fixed CVEs: CVE-2021-3653: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl CVE-2021-3656: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2020-3702: None added commits: CIP: Bump version suffix to -cip56 after merge from stable Best regards, Nobuhiro
|
|
|
|
Re: New CVE entries this week
Masami Ichikawa
Hi !
On Thu, Aug 26, 2021 at 8:51 PM Pavel Machek <pavel@denx.de> wrote: Thank you for asking. Oh, and we may want watch CVE-2021-3444, it is apparently related andI see. We keep track of it. Best regards,Regards, -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@cybertrust.co.jp :masami.ichikawa@miraclelinux.com
|
|
|
|
Re: New CVE entries this week
Pavel Machek
Hi!
Hmm, no; that is what original code did and what is known not to workCVE-2021-3600: eBPF 32-bit source register truncation on div/modI took a look into this. Apparently 4.14 and 4.19 is affected. ( for reasons I don't fully understand. Anyway, I asked on the lists, and according to Thadeu Lima de Souza Cascardo Ubuntu did some work on it and is likely to do some more. Oh, and we may want watch CVE-2021-3444, it is apparently related and not yet fixed in 4.19. Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|
|
|
Re: New CVE entries this week
Pavel Machek
Hi!
New CVEsAt least some of the relevant fixes are queued for 5.10.61/4.19. Likely this will resolve itself. CVE-2021-3600: eBPF 32-bit source register truncation on div/modI took a look into this. Apparently 4.14 and 4.19 is affected. ( https://seclists.org/oss-sec/2021/q2/228 ) Due to BPF 32-bit subregister requirements (see bpf_design_QA.rst) top 32 bits should be always zero when the 32 bit registers are in use. So it could be possible to use BPF_JMP instead of BPF_JMP32. Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|
|
|
New CVE entries this week
Masami Ichikawa
Hi !
It's this week's CVE report. * CVE short summary ** New CVEs CVE-2020-3702: mainline is fixed CVE-2021-3732: mainline and stable kernels are fixed ** Updated CVEs There is no update. ** Tracking CVEs CVE-2021-31615: No fix information as of 2021/08/26. CVE-2021-3640: No fix information as of 2021/08/26. CVE-2020-26555: No fix information as of 2021/08/26. CVE-2020-26556: No fix information as of 2021/08/26. CVE-2020-26557: No fix information as of 2021/08/26. CVE-2020-26559: No fix information as of 2021/08/26. CVE-2020-26560: No fix information as of 2021/08/26. CVE-2021-3600: mainline, 5.10, 5.4 are fixed. 4.4 isn't affected. 4.19 isn't fixed. * CVE detail New CVEs CVE-2020-3702: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic This CVE affects ath9k driver. Fixed status mainline: [56c5485c9e444c2e85e11694b6c44f1338fc20fd, 73488cb2fa3bb1ef9f6cf0d757f76958bd4deaca, d2d3e36498dd8e0c83ea99861fac5cf9e8671226, 144cd24dbc36650a51f7fe3bf1424a1432f1f480, ca2848022c12789685d3fab3227df02b863f9696] CVE-2021-3732: kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files cip/4.19: [963d85d630dabe75a3cfde44a006fec3304d07b8] cip/4.4: [c6e8810d25295acb40a7b69ed3962ff181919571] mainline: [427215d85e8d1476da1a86b8d67aceb485eb3631] stable/4.14: [517b875dfbf58f0c6c9e32dc90f5cf42d71a42ce] stable/4.19: [963d85d630dabe75a3cfde44a006fec3304d07b8] stable/4.4: [c6e8810d25295acb40a7b69ed3962ff181919571] stable/4.9: [e3eee87c846dc47f6d8eb6d85e7271f24122a279] stable/5.10: [6a002d48a66076524f67098132538bef17e8445e] stable/5.13: [41812f4b84484530057513478c6770590347dc30] stable/5.4: [812f39ed5b0b7f34868736de3055c92c7c4cf459] Updated CVEs There is no update. Currently tracking CVEs CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 There is no fix information as of 2021/08/26. CVE-2021-3640: UAF in sco_send_frame function There is no fix information as of 2021/08/26. CVE-2020-26555: BR/EDR pin code pairing broken There is no fix information as of 2021/08/26. CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning No fix information as of 2021/08/26. CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM No fix information as of 2021/08/26. CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning No fix information as of 2021/08/26. CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning No fix information as of 2021/08/26. CVE-2021-3600: eBPF 32-bit source register truncation on div/mod The vulnerability has been introduced since 4.15-rc9. 4.4 is not affected. 4.19 is not fixed yet as of 2021/08/26. mainline: [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90] stable/5.10: [1d16cc210fabd0a7ebf52d3025f81c2bde054a90] stable/5.4: [78e2f71b89b22222583f74803d14f3d90cdf9d12] Regards, -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@cybertrust.co.jp :masami.ichikawa@miraclelinux.com
|
|
|
|
CIP IRC weekly meeting today on libera.chat
masashi.kudo@cybertrust.co.jp <masashi.kudo@...>
Hi all,
Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today.
Please note that we already moved from Freenode to libera.chat, and our channel is the following: irc:irc.libera.chat:6667/cip
Please also note that the IRC meeting was rescheduled to UTC (GMT) 13:00.
USWest USEast UK DE TW JP 06:00 09:00 14:00 15:00 21:00 22:00
Last meeting minutes: https://irclogs.baserock.org/meetings/cip/2021/08/cip.2021-08-19-09.00.log.html https://irclogs.baserock.org/meetings/cip/2021/08/cip.2021-08-19-13.00.log.html
* Action item 1. Combine root filesystem with kselftest binary - iwamatsu & alicef 2. Do some experiment to lower burdens on CI - patersonc
* Kernel maintenance updates * Kernel testing * AOB
The meeting will take 30 min, although it can be extended to an hour if it makes sense and those involved in the topics can stay. Otherwise, the topic will be taken offline or in the next meeting.
Best regards, -- M. Kudo Cybertrust Japan Co., Ltd.
|
|
|
|
Re: [isar-cip-dev][PATCH] Uprevision the cip-kernel-config to latest one
Jan Kiszka
On 10.08.21 09:20, Srinuvasan A wrote:
From: Srinuvasan A <srinuvasan_a@mentor.com>Thanks, applied. Jan -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux
|
|
|