Date   

cip/linux-4.19.y-cip baseline: 121 runs, 1 regressions (v4.19.217-cip62) #kernelci

kernelci.org bot <bot@...>
 

cip/linux-4.19.y-cip baseline: 121 runs, 1 regressions (v4.19.217-cip62)

Regressions Summary
-------------------

platform | arch | lab | compiler | defconfig | regressions
---------+------+---------------+----------+---------------------+------------
panda | arm | lab-collabora | gcc-10 | omap2plus_defconfig | 1

Details: https://kernelci.org/test/job/cip/branch/linux-4.19.y-cip/kernel/v4.19.217-cip62/plan/baseline/

Test: baseline
Tree: cip
Branch: linux-4.19.y-cip
Describe: v4.19.217-cip62
URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
SHA: dc62e26e3be875a7324b85b8274c13a335e610dd


Test Regressions
----------------


platform | arch | lab | compiler | defconfig | regressions
---------+------+---------------+----------+---------------------+------------
panda | arm | lab-collabora | gcc-10 | omap2plus_defconfig | 1

Details: https://kernelci.org/test/plan/id/61a587a0ab3b0079bd18f6d7

Results: 5 PASS, 1 FAIL, 0 SKIP
Full config: omap2plus_defconfig
Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110)
Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.217-cip62/arm/omap2plus_defconfig/gcc-10/lab-collabora/baseline-panda.txt
HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.217-cip62/arm/omap2plus_defconfig/gcc-10/lab-collabora/baseline-panda.html
Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-6-g8983f3b738df/armel/baseline/rootfs.cpio.gz


* baseline.dmesg.emerg: https://kernelci.org/test/case/id/61a587a0ab3b0079bd18f6dd
new failure (last pass: v4.19.216-cip61)
2 lines

2021-11-30T02:08:20.120053 kern :emerg : BUG: spinlock bad magic on CPU#0, udevd/110
2021-11-30T02:08:20.129545 kern :emerg : lock: emif_lock+0x0/0xffffecfc [emif], .magic: dead4ead, .owner: <none>/-1, .owner_cpu: -1
2021-11-30T02:08:20.143995 <8>[ 21.198120] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=emerg RESULT=fail UNITS=lines MEASUREMENT=2>


cip/linux-4.19.y-cip baseline-nfs: 12 runs, 1 regressions (v4.19.217-cip62) #kernelci

kernelci.org bot <bot@...>
 

cip/linux-4.19.y-cip baseline-nfs: 12 runs, 1 regressions (v4.19.217-cip62)

Regressions Summary
-------------------

platform | arch | lab | compiler | defconfig | regressions
-----------------+-------+---------------+----------+-----------+------------
rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig | 1

Details: https://kernelci.org/test/job/cip/branch/linux-4.19.y-cip/kernel/v4.19.217-cip62/plan/baseline-nfs/

Test: baseline-nfs
Tree: cip
Branch: linux-4.19.y-cip
Describe: v4.19.217-cip62
URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
SHA: dc62e26e3be875a7324b85b8274c13a335e610dd


Test Regressions
----------------


platform | arch | lab | compiler | defconfig | regressions
-----------------+-------+---------------+----------+-----------+------------
rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig | 1

Details: https://kernelci.org/test/plan/id/61a58c2989f6953bd118f6e4

Results: 0 PASS, 1 FAIL, 0 SKIP
Full config: defconfig
Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110)
Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.217-cip62/arm64/defconfig/gcc-10/lab-collabora/baseline-nfs-rk3399-gru-kevin.txt
HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.217-cip62/arm64/defconfig/gcc-10/lab-collabora/baseline-nfs-rk3399-gru-kevin.html
Rootfs: http://storage.kernelci.org/images/rootfs/debian/bullseye/20211126.0/arm64/initrd.cpio.gz


* baseline-nfs.login: https://kernelci.org/test/case/id/61a58c2989f6953bd118f6e5
new failure (last pass: v4.19.216-cip61)


cip/linux-4.19.y-cip build: 118 builds: 1 failed, 117 passed, 2 errors, 13 warnings (v4.19.217-cip62) #kernelci

kernelci.org bot <bot@...>
 

cip/linux-4.19.y-cip build: 118 builds: 1 failed, 117 passed, 2 errors, 13 warnings (v4.19.217-cip62)

Full Build Summary: https://kernelci.org/build/cip/branch/linux-4.19.y-cip/kernel/v4.19.217-cip62/

Tree: cip
Branch: linux-4.19.y-cip
Git Describe: v4.19.217-cip62
Git Commit: dc62e26e3be875a7324b85b8274c13a335e610dd
Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
Built: 3 unique architectures

Build Failure Detected:

arm:
rpc_defconfig: (gcc-10) FAIL

Errors and Warnings Detected:

arm64:
cip://4.19.y-cip/arm64/qemu_arm64_defconfig (gcc-10): 3 warnings
defconfig (gcc-10): 3 warnings

arm:
omap1_defconfig (gcc-10): 1 warning
rpc_defconfig (gcc-10): 2 errors

x86_64:
cip://4.19.y-cip/x86/cip_qemu_defconfig (gcc-10): 3 warnings
defconfig (gcc-10): 3 warnings

Errors summary:

1 arm-linux-gnueabihf-gcc: error: unrecognized -march target: armv3
1 arm-linux-gnueabihf-gcc: error: missing argument to ‘-march=’

Warnings summary:

6 aarch64-linux-gnu-ld: warning: -z norelro ignored
2 ld: warning: creating DT_TEXTREL in a PIE
2 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text'
2 arch/x86/entry/entry_64.S:1738: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
1 drivers/gpio/gpio-omap.c:1233:34: warning: array ‘omap_gpio_match’ assumed to have one element

================================================================================

Detailed per-defconfig build reports:

--------------------------------------------------------------------------------
acs5k_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
acs5k_tiny_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
am200epdkit_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
aspeed_g4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
aspeed_g5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
assabet_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
at91_dt_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
axm55xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
badge4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
bcm2835_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
cerfcube_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
cip://4.19.y-cip/arm/qemu_arm_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
cip://4.19.y-cip/arm64/qemu_arm64_defconfig (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches

Warnings:
aarch64-linux-gnu-ld: warning: -z norelro ignored
aarch64-linux-gnu-ld: warning: -z norelro ignored
aarch64-linux-gnu-ld: warning: -z norelro ignored

--------------------------------------------------------------------------------
cip://4.19.y-cip/x86/cip_qemu_defconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches

Warnings:
arch/x86/entry/entry_64.S:1738: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text'
ld: warning: creating DT_TEXTREL in a PIE

--------------------------------------------------------------------------------
cm_x2xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
cm_x300_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
colibri_pxa270_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
colibri_pxa300_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
collie_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
corgi_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
davinci_all_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
defconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches

Warnings:
arch/x86/entry/entry_64.S:1738: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text'
ld: warning: creating DT_TEXTREL in a PIE

--------------------------------------------------------------------------------
defconfig (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches

Warnings:
aarch64-linux-gnu-ld: warning: -z norelro ignored
aarch64-linux-gnu-ld: warning: -z norelro ignored
aarch64-linux-gnu-ld: warning: -z norelro ignored

--------------------------------------------------------------------------------
defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
dove_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
ebsa110_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
efm32_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
em_x270_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
ep93xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
eseries_pxa_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
exynos_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
ezx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
footbridge_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
gemini_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
h3600_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
h5000_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
hackkit_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
hisi_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
imote2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
imx_v4_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
integrator_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
iop13xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
iop32x_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
iop33x_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
ixp4xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
jornada720_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
keystone_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
ks8695_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
lart_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
lpc18xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
lpc32xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
lpd270_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
lubbock_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
magician_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mainstone_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mini2440_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mmp2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
moxart_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mps2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
multi_v4t_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mvebu_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mvebu_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
mxs_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
neponset_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
netwinder_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
netx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
nhk8815_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
nuc910_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
nuc950_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
nuc960_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
omap1_defconfig (arm, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches

Warnings:
drivers/gpio/gpio-omap.c:1233:34: warning: array ‘omap_gpio_match’ assumed to have one element

--------------------------------------------------------------------------------
omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
orion5x_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
oxnas_v6_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
palmz72_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pcm027_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pleb_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
prima2_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pxa168_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pxa255-idp_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pxa3xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pxa910_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
pxa_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
qcom_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
raumfeld_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
realview_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
rpc_defconfig (arm, gcc-10) — FAIL, 2 errors, 0 warnings, 0 section mismatches

Errors:
arm-linux-gnueabihf-gcc: error: unrecognized -march target: armv3
arm-linux-gnueabihf-gcc: error: missing argument to ‘-march=’

--------------------------------------------------------------------------------
s3c2410_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
s3c6400_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
s5pv210_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
sama5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
shannon_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
shmobile_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
simpad_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
socfpga_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
spear13xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
spear3xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
spear6xx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
spitz_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
stm32_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
sunxi_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
tango4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
tct_hammer_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
tegra_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
trizeps4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
u300_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
u8500_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
versatile_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
vf610m4_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
viper_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
vt8500_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
xcep_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
zeus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

--------------------------------------------------------------------------------
zx_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches

---
For more info write to <info@...>


Re: CVE-2021-3640: UAF in sco_send_frame function was Re: [cip-dev] New CVE entries in this week

Masami Ichikawa
 

Hi !

On Fri, Nov 26, 2021 at 7:03 PM Pavel Machek <pavel@...> wrote:

Hi!
Interesting.

commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951
Author: Takashi Iwai <tiwai@...>

Says:

This should be the last piece for fixing CVE-2021-3640 after a few
already queued fixes.

Which means more than 99c23da0eed is needed to fix this one,
unfortunately it does not give us good way to identify what commits
are needed.
Aha, but we have required information in
cip-kernel-sec/issues/CVE-2021-3640.yml. It lists patches that should
be fixing this.

Some searching in the trees reveals that one of those patches is buggy
itself, and additionaly 49d8a5606428ca0962d09050a5af81461ff90fbb is
needed.

The patches fixing this are:

~ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
c20d8c197454068da758a83e09d93683f520d681,
a1073aad497d0d071a71f61b721966a176d50c08]

But we still miss backport of 27c24fda62b6 ("Bluetooth: switch to
lock_sock in SCO") to 5.10, which has its own prerequisites
according to the changelog. AFAICT those prerequisites are
734bc5ff783115aa3164f4e9dd5967ae78e0a8ab and
ba316be1b6a00db7126ed9a39f9bee434a508043, and both are in 5.10.

I'm not sure how to express this in yml cleanly. I came with this:

diff --git a/issues/CVE-2021-3640.yml b/issues/CVE-2021-3640.yml
index fb52d5a..d386093 100644
--- a/issues/CVE-2021-3640.yml
+++ b/issues/CVE-2021-3640.yml
@@ -23,9 +23,23 @@ comments:
there is no fixed information as of 2021/07/26.
Fixed in bluetooth-next tree. commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951.
ubuntu/sbeattie: Possibly addressed by Desmond Cheong Zhi Xi's patchset.
+ pavel: We are one patch away from fixing this 5.10, 27c24fda62b6 is needed.
fixed-by:
- mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
- stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
+ mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951,
+ e04480920d1eec9c061841399aa6f35b6f987d8b,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ 49d8a5606428ca0962d09050a5af81461ff90fbb,
+ ba316be1b6a00db7126ed9a39f9bee434a508043,
+ 27c24fda62b601d6f9ca5e992502578c4310876f,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ ba316be1b6a00db7126ed9a39f9bee434a508043]
+ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
+ f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ c20d8c197454068da758a83e09d93683f520d681,
+ a1073aad497d0d071a71f61b721966a176d50c08,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ a1073aad497d0d071a71f61b721966a176d50c08]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]
Thank you for your analysis result ! I applied it.

I checked 27c24fda62b601d6f9ca5e992502578c4310876f is able to apply
cleanly to stable/5.10 tree or not. Unfortunately it need to fix
conflicts. git-am shows following two errors.
As far as I can tell, logic is quite simple there and the patch would
look like this. Whether the final result works and closes the security
hole is different question.
Thank you for the patch !
Yes, applying code and works properly is different question. however,
your patch is LGTM.

Best regards,
Pavel
commit e077740ddfa22385d53700898ea325068ca4cc6b
Author: Pavel Machek <pavel@...>
Date: Thu Nov 25 14:14:04 2021 +0100

Cherry pick 27c24fda62b6 ("Bluetooth: switch to lock_sock in SCO") to
close CVE-2021-3640.

diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 2f2b8ddc4dd5..cf165b0d15f2 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -93,10 +93,10 @@ static void sco_sock_timeout(struct work_struct *work)

BT_DBG("sock %p state %d", sk, sk->sk_state);

- bh_lock_sock(sk);
+ lock_sock(sk);
sk->sk_err = ETIMEDOUT;
sk->sk_state_change(sk);
- bh_unlock_sock(sk);
+ release_sock(sk);

sock_put(sk);
}
@@ -193,10 +193,10 @@ static void sco_conn_del(struct hci_conn *hcon, int err)

if (sk) {
sock_hold(sk);
- bh_lock_sock(sk);
+ lock_sock(sk);
sco_sock_clear_timer(sk);
sco_chan_del(sk, err);
- bh_unlock_sock(sk);
+ release_sock(sk);
sock_put(sk);
}

@@ -1108,10 +1108,10 @@ static void sco_conn_ready(struct sco_conn *conn)

if (sk) {
sco_sock_clear_timer(sk);
- bh_lock_sock(sk);
+ lock_sock(sk);
sk->sk_state = BT_CONNECTED;
sk->sk_state_change(sk);
- bh_unlock_sock(sk);
+ release_sock(sk);
} else {
sco_conn_lock(conn);

@@ -1126,12 +1126,12 @@ static void sco_conn_ready(struct sco_conn *conn)
return;
}

- bh_lock_sock(parent);
+ lock_sock(parent);

sk = sco_sock_alloc(sock_net(parent), NULL,
BTPROTO_SCO, GFP_ATOMIC, 0);
if (!sk) {
- bh_unlock_sock(parent);
+ release_sock(parent);
sco_conn_unlock(conn);
return;
}
@@ -1152,7 +1152,7 @@ static void sco_conn_ready(struct sco_conn *conn)
/* Wake up parent */
parent->sk_data_ready(parent);

- bh_unlock_sock(parent);
+ release_sock(parent);

sco_conn_unlock(conn);
}


--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Re: CVE-2021-3640: UAF in sco_send_frame function was Re: [cip-dev] New CVE entries in this week

Pavel Machek
 

Hi!
Interesting.

commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951
Author: Takashi Iwai <tiwai@...>

Says:

This should be the last piece for fixing CVE-2021-3640 after a few
already queued fixes.

Which means more than 99c23da0eed is needed to fix this one,
unfortunately it does not give us good way to identify what commits
are needed.
Aha, but we have required information in
cip-kernel-sec/issues/CVE-2021-3640.yml. It lists patches that should
be fixing this.

Some searching in the trees reveals that one of those patches is buggy
itself, and additionaly 49d8a5606428ca0962d09050a5af81461ff90fbb is
needed.

The patches fixing this are:

~ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
c20d8c197454068da758a83e09d93683f520d681,
a1073aad497d0d071a71f61b721966a176d50c08]

But we still miss backport of 27c24fda62b6 ("Bluetooth: switch to
lock_sock in SCO") to 5.10, which has its own prerequisites
according to the changelog. AFAICT those prerequisites are
734bc5ff783115aa3164f4e9dd5967ae78e0a8ab and
ba316be1b6a00db7126ed9a39f9bee434a508043, and both are in 5.10.

I'm not sure how to express this in yml cleanly. I came with this:

diff --git a/issues/CVE-2021-3640.yml b/issues/CVE-2021-3640.yml
index fb52d5a..d386093 100644
--- a/issues/CVE-2021-3640.yml
+++ b/issues/CVE-2021-3640.yml
@@ -23,9 +23,23 @@ comments:
there is no fixed information as of 2021/07/26.
Fixed in bluetooth-next tree. commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951.
ubuntu/sbeattie: Possibly addressed by Desmond Cheong Zhi Xi's patchset.
+ pavel: We are one patch away from fixing this 5.10, 27c24fda62b6 is needed.
fixed-by:
- mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
- stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
+ mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951,
+ e04480920d1eec9c061841399aa6f35b6f987d8b,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ 49d8a5606428ca0962d09050a5af81461ff90fbb,
+ ba316be1b6a00db7126ed9a39f9bee434a508043,
+ 27c24fda62b601d6f9ca5e992502578c4310876f,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ ba316be1b6a00db7126ed9a39f9bee434a508043]
+ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
+ f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ c20d8c197454068da758a83e09d93683f520d681,
+ a1073aad497d0d071a71f61b721966a176d50c08,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ a1073aad497d0d071a71f61b721966a176d50c08]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]
Thank you for your analysis result ! I applied it.

I checked 27c24fda62b601d6f9ca5e992502578c4310876f is able to apply
cleanly to stable/5.10 tree or not. Unfortunately it need to fix
conflicts. git-am shows following two errors.
As far as I can tell, logic is quite simple there and the patch would
look like this. Whether the final result works and closes the security
hole is different question.

Best regards,
Pavel
commit e077740ddfa22385d53700898ea325068ca4cc6b
Author: Pavel Machek <pavel@...>
Date: Thu Nov 25 14:14:04 2021 +0100

Cherry pick 27c24fda62b6 ("Bluetooth: switch to lock_sock in SCO") to
close CVE-2021-3640.

diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 2f2b8ddc4dd5..cf165b0d15f2 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -93,10 +93,10 @@ static void sco_sock_timeout(struct work_struct *work)

BT_DBG("sock %p state %d", sk, sk->sk_state);

- bh_lock_sock(sk);
+ lock_sock(sk);
sk->sk_err = ETIMEDOUT;
sk->sk_state_change(sk);
- bh_unlock_sock(sk);
+ release_sock(sk);

sock_put(sk);
}
@@ -193,10 +193,10 @@ static void sco_conn_del(struct hci_conn *hcon, int err)

if (sk) {
sock_hold(sk);
- bh_lock_sock(sk);
+ lock_sock(sk);
sco_sock_clear_timer(sk);
sco_chan_del(sk, err);
- bh_unlock_sock(sk);
+ release_sock(sk);
sock_put(sk);
}

@@ -1108,10 +1108,10 @@ static void sco_conn_ready(struct sco_conn *conn)

if (sk) {
sco_sock_clear_timer(sk);
- bh_lock_sock(sk);
+ lock_sock(sk);
sk->sk_state = BT_CONNECTED;
sk->sk_state_change(sk);
- bh_unlock_sock(sk);
+ release_sock(sk);
} else {
sco_conn_lock(conn);

@@ -1126,12 +1126,12 @@ static void sco_conn_ready(struct sco_conn *conn)
return;
}

- bh_lock_sock(parent);
+ lock_sock(parent);

sk = sco_sock_alloc(sock_net(parent), NULL,
BTPROTO_SCO, GFP_ATOMIC, 0);
if (!sk) {
- bh_unlock_sock(parent);
+ release_sock(parent);
sco_conn_unlock(conn);
return;
}
@@ -1152,7 +1152,7 @@ static void sco_conn_ready(struct sco_conn *conn)
/* Wake up parent */
parent->sk_data_ready(parent);

- bh_unlock_sock(parent);
+ release_sock(parent);

sco_conn_unlock(conn);
}


--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


example cip/linux-4.19.y-cip and stable/linux-4.19.y results

Alice Ferrazzi
 

hello everyone,

following on yesterday topic about difference from cip-cip+1 and lts-lts+1
I just made a diff of what was requested yesterday
v4.19.216-cip61 vs v4.19.216
the diff can be viewed on the link here under:
https://www.diffchecker.com/W4dpv6ep

the results are get from:
https://groups.io/g/kernelci-results/message/19033 [v4.19.216-cip61]
https://groups.io/g/kernelci-results/message/18808 [v4.19.216]

thanks,
Alicef


--
======================================
Cybertrust Japan Co.,Ltd.
Alice Ferrazzi
alice.ferrazzi@...
======================================


Re: CVE-2021-3640: UAF in sco_send_frame function was Re: [cip-dev] New CVE entries in this week

Masami Ichikawa
 

Hi !

On Thu, Nov 25, 2021 at 6:53 PM Pavel Machek <pavel@...> wrote:

Hi!

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]
Interesting.

commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951
Author: Takashi Iwai <tiwai@...>

Says:

This should be the last piece for fixing CVE-2021-3640 after a few
already queued fixes.

Which means more than 99c23da0eed is needed to fix this one,
unfortunately it does not give us good way to identify what commits
are needed.
Aha, but we have required information in
cip-kernel-sec/issues/CVE-2021-3640.yml. It lists patches that should
be fixing this.

Some searching in the trees reveals that one of those patches is buggy
itself, and additionaly 49d8a5606428ca0962d09050a5af81461ff90fbb is
needed.

The patches fixing this are:

~ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
c20d8c197454068da758a83e09d93683f520d681,
a1073aad497d0d071a71f61b721966a176d50c08]

But we still miss backport of 27c24fda62b6 ("Bluetooth: switch to
lock_sock in SCO") to 5.10, which has its own prerequisites
according to the changelog. AFAICT those prerequisites are
734bc5ff783115aa3164f4e9dd5967ae78e0a8ab and
ba316be1b6a00db7126ed9a39f9bee434a508043, and both are in 5.10.

I'm not sure how to express this in yml cleanly. I came with this:

diff --git a/issues/CVE-2021-3640.yml b/issues/CVE-2021-3640.yml
index fb52d5a..d386093 100644
--- a/issues/CVE-2021-3640.yml
+++ b/issues/CVE-2021-3640.yml
@@ -23,9 +23,23 @@ comments:
there is no fixed information as of 2021/07/26.
Fixed in bluetooth-next tree. commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951.
ubuntu/sbeattie: Possibly addressed by Desmond Cheong Zhi Xi's patchset.
+ pavel: We are one patch away from fixing this 5.10, 27c24fda62b6 is needed.
fixed-by:
- mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
- stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
+ mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951,
+ e04480920d1eec9c061841399aa6f35b6f987d8b,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ 49d8a5606428ca0962d09050a5af81461ff90fbb,
+ ba316be1b6a00db7126ed9a39f9bee434a508043,
+ 27c24fda62b601d6f9ca5e992502578c4310876f,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ ba316be1b6a00db7126ed9a39f9bee434a508043]
+ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
+ f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ c20d8c197454068da758a83e09d93683f520d681,
+ a1073aad497d0d071a71f61b721966a176d50c08,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ a1073aad497d0d071a71f61b721966a176d50c08]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]
Thank you for your analysis result ! I applied it.

I checked 27c24fda62b601d6f9ca5e992502578c4310876f is able to apply
cleanly to stable/5.10 tree or not. Unfortunately it need to fix
conflicts. git-am shows following two errors.

Applying: Bluetooth: switch to lock_sock in SCO
Checking patch net/bluetooth/sco.c...
error: while searching for:

BT_DBG("sock %p state %d", sk, sk->sk_state);

bh_lock_sock(sk);
sk->sk_err = ETIMEDOUT;
sk->sk_state_change(sk);
bh_unlock_sock(sk);

sco_sock_kill(sk);
sock_put(sk);

error: patch failed: net/bluetooth/sco.c:93
error: while searching for:

if (sk) {
sock_hold(sk);
bh_lock_sock(sk);
sco_sock_clear_timer(sk);
sco_chan_del(sk, err);
bh_unlock_sock(sk);
sco_sock_kill(sk);
sock_put(sk);


error: patch failed: net/bluetooth/sco.c:193


Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Re: New CVE entries in this week

Masami Ichikawa
 

Hi !

On Thu, Nov 25, 2021 at 6:09 PM Pavel Machek <pavel@...> wrote:

Hi!

Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.
Thank you.

Looks good to me,

Reviewed-by: Pavel Machek <pavel@...>
Thank you for the review! I send patch to the stable list.\
Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Re: New CVE entries in this week

Masami Ichikawa
 

Hi !

On Thu, Nov 25, 2021 at 5:00 PM Nobuhiro Iwamatsu
<nobuhiro1.iwamatsu@...> wrote:

Hi,

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2. Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@kroah.com/) and 5.10(https://lore.kernel.org/stable/1637577215186161@kroah.com/) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.
Thanks, LGTM.
I think it would be better to add the comment of the conflict fixing.
e.g. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=1ada86999dc84b852fcc32962f4002e939f4beb7
Thank you ! I added a comment and sent patch to the stable list.

Best regards,
Nobuhiro

________________________________________
差出人: cip-dev@... <cip-dev@...> が Masami Ichikawa <masami.ichikawa@...> の代理で送信
送信日時: 2021年11月25日 14:16
宛先: cip-dev@...
件名: Re: [cip-dev] New CVE entries in this week

Hi !

On Thu, Nov 25, 2021 at 11:42 AM Masami Ichikawa via
lists.cip-project.org
<masami.ichikawa=miraclelinux.com@...> wrote:

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2. Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@kroah.com/) and 5.10(https://lore.kernel.org/stable/1637577215186161@kroah.com/) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...




--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Re: Replacing BBB kernel config: Status and AIs

Quirin Gylstorff
 

Hi Kazu,

On 11/24/21 2:02 PM, Kazuhiro Hayashi via lists.cip-project.org wrote:
Hi Quirin,
[...]

Sorry, v2 was lying around at [1].


[1]:
https://gitlab.com/Quirin.Gy/cip-kernel-config/-/tree/feature/bbb-isar-config
OK, thanks for creating these patches!


Testing is missing.
Toshiba members can test them using our BBB.
Please let me know if you already have the steps to testing.
Best regards,
Kazu
[1] containts the current state of the integration of [2] into isar-cip-core. It can be tested for booting, but for SWUpdate test the
u-boot environment is not correct.


[1]: https://gitlab.com/cip-project/cip-core/isar-cip-core/-/tree/bbb/cip-kernel-defconfig
[2]: https://gitlab.com/Quirin.Gy/cip-kernel-config/-/tree/feature/bbb-isar-config

Best regards
Quirin
[...]


CVE-2021-3640: UAF in sco_send_frame function was Re: [cip-dev] New CVE entries in this week

Pavel Machek
 

Hi!

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]
Interesting.

commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951
Author: Takashi Iwai <tiwai@...>

Says:

This should be the last piece for fixing CVE-2021-3640 after a few
already queued fixes.

Which means more than 99c23da0eed is needed to fix this one,
unfortunately it does not give us good way to identify what commits
are needed.
Aha, but we have required information in
cip-kernel-sec/issues/CVE-2021-3640.yml. It lists patches that should
be fixing this.

Some searching in the trees reveals that one of those patches is buggy
itself, and additionaly 49d8a5606428ca0962d09050a5af81461ff90fbb is
needed.

The patches fixing this are:

~ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
c20d8c197454068da758a83e09d93683f520d681,
a1073aad497d0d071a71f61b721966a176d50c08]

But we still miss backport of 27c24fda62b6 ("Bluetooth: switch to
lock_sock in SCO") to 5.10, which has its own prerequisites
according to the changelog. AFAICT those prerequisites are
734bc5ff783115aa3164f4e9dd5967ae78e0a8ab and
ba316be1b6a00db7126ed9a39f9bee434a508043, and both are in 5.10.

I'm not sure how to express this in yml cleanly. I came with this:

diff --git a/issues/CVE-2021-3640.yml b/issues/CVE-2021-3640.yml
index fb52d5a..d386093 100644
--- a/issues/CVE-2021-3640.yml
+++ b/issues/CVE-2021-3640.yml
@@ -23,9 +23,23 @@ comments:
there is no fixed information as of 2021/07/26.
Fixed in bluetooth-next tree. commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951.
ubuntu/sbeattie: Possibly addressed by Desmond Cheong Zhi Xi's patchset.
+ pavel: We are one patch away from fixing this 5.10, 27c24fda62b6 is needed.
fixed-by:
- mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
- stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
+ mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951,
+ e04480920d1eec9c061841399aa6f35b6f987d8b,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ 49d8a5606428ca0962d09050a5af81461ff90fbb,
+ ba316be1b6a00db7126ed9a39f9bee434a508043,
+ 27c24fda62b601d6f9ca5e992502578c4310876f,
+ 734bc5ff783115aa3164f4e9dd5967ae78e0a8ab,
+ ba316be1b6a00db7126ed9a39f9bee434a508043]
+ stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de,
+ f2f856b65ac4b77049c76c0e89ecd3a177e9fcd1,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ c20d8c197454068da758a83e09d93683f520d681,
+ a1073aad497d0d071a71f61b721966a176d50c08,
+ 98d44b7be6f1bcfd4f824c5f8bc2b742f890879f,
+ a1073aad497d0d071a71f61b721966a176d50c08]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


Re: New CVE entries in this week

Pavel Machek
 

Hi!

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]
Interesting.

commit 99c23da0eed4fd20cae8243f2b51e10e66aa0951
Author: Takashi Iwai <tiwai@...>

Says:

This should be the last piece for fixing CVE-2021-3640 after a few
already queued fixes.

Which means more than 99c23da0eed is needed to fix this one,
unfortunately it does not give us good way to identify what commits
are needed.

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]
This is protection of kernel against malicious hardware. I believe we
can ignore this.

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


Re: New CVE entries in this week

Pavel Machek
 

Hi!

Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.
Thank you.

Looks good to me,

Reviewed-by: Pavel Machek <pavel@...>

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


Re: New CVE entries in this week

Nobuhiro Iwamatsu
 

Hi,

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2. Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@kroah.com/) and 5.10(https://lore.kernel.org/stable/1637577215186161@kroah.com/) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.
Thanks, LGTM.
I think it would be better to add the comment of the conflict fixing.
e.g. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=1ada86999dc84b852fcc32962f4002e939f4beb7

Best regards,
Nobuhiro

________________________________________
差出人: cip-dev@... <cip-dev@...> が Masami Ichikawa <masami.ichikawa@...> の代理で送信
送信日時: 2021年11月25日 14:16
宛先: cip-dev@...
件名: Re: [cip-dev] New CVE entries in this week

Hi !

On Thu, Nov 25, 2021 at 11:42 AM Masami Ichikawa via
lists.cip-project.org
<masami.ichikawa=miraclelinux.com@...> wrote:

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2. Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@kroah.com/) and 5.10(https://lore.kernel.org/stable/1637577215186161@kroah.com/) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


CIP IRC weekly meeting today on libera.chat

Jan Kiszka
 

Hi all,

Kindly be reminded to attend the weekly meeting through IRC to discuss
technical topics with CIP kernel today.

Please note that we moved from Freenode to libera.chat. Our channel is
the following:

irc:irc.libera.chat:6667/cip

Furthermore note that the IRC meeting is now scheduled to UTC (GMT) 13:00:

https://www.timeanddate.com/worldclock/meetingdetails.html?year=2021&month=11&day=25&hour=13&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248

USWest USEast UK DE TW JP
06:00 09:00 13:00 14:00 21:00 22:00

Last meeting minutes:

https://irclogs.baserock.org/meetings/cip/2021/11/cip.2021-11-18-13.00.log.html

* Action item
1. Combine root filesystem with kselftest binary - iwamatsu & alicef
2. Look into S3 artifact upload issues - patersonc
* Kernel maintenance updates
* Kernel testing
* AOB

Jan


Re: [isar-cip-core][PATCH 0/2] start-qemu add missing option

Jan Kiszka
 

On 24.11.21 16:17, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Add the missing option for cip-core-image-security.
Add documentation for start-qemu.sh defaults from kas-container menu

Quirin Gylstorff (2):
start-qemu.sh: Add defaults for IMAGE_SECURITY
README: Add information about start-qemu-defaults with menu config

README.md | 6 ++++--
doc/README.secureboot.md | 7 +++++++
start-qemu.sh | 3 +++
3 files changed, 14 insertions(+), 2 deletions(-)
Both applied, I've just made the wording in README.md even clearer.

Thanks,
Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: New CVE entries in this week

Masami Ichikawa
 

Hi !

On Thu, Nov 25, 2021 at 11:42 AM Masami Ichikawa via
lists.cip-project.org
<masami.ichikawa=miraclelinux.com@...> wrote:

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2. Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@kroah.com/) and 5.10(https://lore.kernel.org/stable/1637577215186161@kroah.com/) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


New CVE entries in this week

Masami Ichikawa
 

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2.  Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@.../) and 5.10(https://lore.kernel.org/stable/1637577215186161@.../) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
          :masami.ichikawa@...


Re: [PATCH v2 0/3] start-qemu.sh: Add some ease of use functionality

Quirin Gylstorff
 

Hi Jan,

please Ignore v2. I sent the changes in a extra patchset.

Quirin

On 11/24/21 3:31 PM, Quirin Gylstorff via lists.cip-project.org wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>
Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter
Changes V2:
- Add Sentence to README
- Add default cip-core-image-security
Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call
README.md | 6 ++++--
start-qemu.sh | 36 +++++++++++++++++++++++++++---------
2 files changed, 31 insertions(+), 11 deletions(-)


[isar-cip-core][PATCH 0/2] start-qemu add missing option

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Add the missing option for cip-core-image-security.
Add documentation for start-qemu.sh defaults from kas-container menu

Quirin Gylstorff (2):
start-qemu.sh: Add defaults for IMAGE_SECURITY
README: Add information about start-qemu-defaults with menu config

README.md | 6 ++++--
doc/README.secureboot.md | 7 +++++++
start-qemu.sh | 3 +++
3 files changed, 14 insertions(+), 2 deletions(-)

--
2.30.2

3101 - 3120 of 10123