|
Re: Cip-kernel-sec Updates for Week of 2021-05-05
Done. Sorry about that.
I only looked through my inbox. And our scripts don't pick things up
from the stable-queue. In any case they will be picked up once the
stable kernels including them are
Done. Sorry about that.
I only looked through my inbox. And our scripts don't pick things up
from the stable-queue. In any case they will be picked up once the
stable kernels including them are
|
By
Chen-Yu Tsai (Moxa) <wens@...>
·
#6419
·
|
|
Re: Cip-kernel-sec Updates for Week of 2021-05-05
Hi!
Could you push your changes to cip-kernel-sec?
These are queued for 5.10.35 and 4.19, I believe they may be related.
v |8373088d4 b9b34d o: 5.10| bpf: Fix masking negation logic upon negative
Hi!
Could you push your changes to cip-kernel-sec?
These are queued for 5.10.35 and 4.19, I believe they may be related.
v |8373088d4 b9b34d o: 5.10| bpf: Fix masking negation logic upon negative
|
By
Pavel Machek
·
#6418
·
|
|
Cip-kernel-sec Updates for Week of 2021-05-05
Hi everyone,
Two new CVEs this week:
- CVE-2021-31829 [bpf: stack pointer protection from speculative
arithmetic] - fixed
Fixes just landed in mainline as part of the merge window. Fixes
Hi everyone,
Two new CVEs this week:
- CVE-2021-31829 [bpf: stack pointer protection from speculative
arithmetic] - fixed
Fixes just landed in mainline as part of the merge window. Fixes
|
By
Chen-Yu Tsai (Moxa) <wens@...>
·
#6417
·
|
|
Re: [isar-cip-core][PATCH v2] swupdate-config: add prefix to variables
And for that, it needs u-boot-config as package, not u-boot-<machine>.
Build order is meaningless if you are not consuming the output - which I
assume is the case via fw_env.config from u-boot-config
And for that, it needs u-boot-config as package, not u-boot-<machine>.
Build order is meaningless if you are not consuming the output - which I
assume is the case via fw_env.config from u-boot-config
|
By
Jan Kiszka
·
#6416
·
|
|
Re: [isar-cip-core][PATCH v2] swupdate-config: add prefix to variables
SWUpdate does not depends on the u-boot-binary. SWUpdate needs 'fw_env.config'(u-boot-config) to interact with the u-boot environment.
As libubootenv does not request or provide 'fw_env.config' the
SWUpdate does not depends on the u-boot-binary. SWUpdate needs 'fw_env.config'(u-boot-config) to interact with the u-boot environment.
As libubootenv does not request or provide 'fw_env.config' the
|
By
Quirin Gylstorff
·
#6415
·
|
|
Re: [isar-cip-core][PATCH v2] swupdate-config: add prefix to variables
But does SWUpdate really depends on the U-Boot binary that is going to
be put on the device - or rather on u-boot-config? This looks fishy.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center
But does SWUpdate really depends on the U-Boot binary that is going to
be put on the device - or rather on u-boot-config? This looks fishy.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center
|
By
Jan Kiszka
·
#6414
·
|
|
Re: [isar-cip-core][PATCH v2] swupdate-config: add prefix to variables
SWUPDATE_U_BOOT should be the name of the u-boot package.
In case the layer (e.g. isar-cip-core) supplies the u-boot binary, `SWUPDATE_U_BOOT` should be defined as `u-boot-${MACHINE}`.
Debian
SWUPDATE_U_BOOT should be the name of the u-boot package.
In case the layer (e.g. isar-cip-core) supplies the u-boot binary, `SWUPDATE_U_BOOT` should be defined as `u-boot-${MACHINE}`.
Debian
|
By
Quirin Gylstorff
·
#6413
·
|
|
Re: [isar-cip-core][PATCH v2] README.secureboot: Corrections
Thanks, applied.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
Thanks, applied.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
|
By
Jan Kiszka
·
#6412
·
|
|
Re: [isar-cip-core][PATCH v2] swupdate-config: add prefix to variables
Still leaves me and probably other users clueless what SWUPDATE_U_BOOT
should be. Simply "u-boot-${MACHINE}"?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
Still leaves me and probably other users clueless what SWUPDATE_U_BOOT
should be. Simply "u-boot-${MACHINE}"?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
|
By
Jan Kiszka
·
#6411
·
|
|
Re: [isar-cip-core][RFC] Add option to use swupdate-handler-roundrobin
...but the in-tree handler does. How much effort is needed to port that
feature into the new handler?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
...but the in-tree handler does. How much effort is needed to port that
feature into the new handler?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
|
By
Jan Kiszka
·
#6410
·
|
|
Re: [isar-cip-core][PATCH v2] README.secureboot: Corrections
Do you want to mention qemu-system-x86_64 --version should be 5.2.0 or higher as default Debian buster has older version of qemu and this step fails with older version.
Also these steps can't be
Do you want to mention qemu-system-x86_64 --version should be 5.2.0 or higher as default Debian buster has older version of qemu and this step fails with older version.
Also these steps can't be
|
By
Dinesh Kumar
·
#6409
·
|
|
[isar-cip-core][RFC] Add option to use swupdate-handler-roundrobin
From: Quirin Gylstorff <quirin.gylstorff@...>
The new swupdate round robin handler is available under[1].
Add the Option `SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO` to
use the handler directly
From: Quirin Gylstorff <quirin.gylstorff@...>
The new swupdate round robin handler is available under[1].
Add the Option `SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO` to
use the handler directly
|
By
Quirin Gylstorff
·
#6408
·
|
|
[isar-cip-core][PATCH v2] README.secureboot: Corrections
From: Quirin Gylstorff <quirin.gylstorff@...>
- Add code block for key insertion for better visibility
- Correct the template for user-generated keys
- Add information where to store the
From: Quirin Gylstorff <quirin.gylstorff@...>
- Add code block for key insertion for better visibility
- Correct the template for user-generated keys
- Add information where to store the
|
By
Quirin Gylstorff
·
#6407
·
|
|
[isar-cip-core][PATCH v2] swupdate-config: add prefix to variables
From: Quirin Gylstorff <quirin.gylstorff@...>
The variables U_BOOT and BOOTLOADER are only used for swupdate.
Add the prefix SWUPDATE to indicate the intended usage.
Signed-off-by: Quirin
From: Quirin Gylstorff <quirin.gylstorff@...>
The variables U_BOOT and BOOTLOADER are only used for swupdate.
Add the prefix SWUPDATE to indicate the intended usage.
Signed-off-by: Quirin
|
By
Quirin Gylstorff
·
#6406
·
|
|
Re: [isar-cip-core][PATCH] swupdate-config: add prefix to variables
Does not fully parse to me. Do you mean
"The variables U_BOOT and BOOTLOADER are only used for swupdate.
Add the prefix SWUPDATE to indicate the intended usage."
?
This doesn't make sense. There is
Does not fully parse to me. Do you mean
"The variables U_BOOT and BOOTLOADER are only used for swupdate.
Add the prefix SWUPDATE to indicate the intended usage."
?
This doesn't make sense. There is
|
By
Jan Kiszka
·
#6405
·
|
|
Re: [isar-cip-core][PATCH] README.secureboot: Corrections
These two look spurious.
Unneded new-line?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
These two look spurious.
Unneded new-line?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
|
By
Jan Kiszka
·
#6404
·
|
|
[isar-cip-core][PATCH] README.secureboot: Corrections
From: Quirin Gylstorff <quirin.gylstorff@...>
- Add code block for key insertion for better visibility
- Correct the template for user-generated keys
- Add information where to store the
From: Quirin Gylstorff <quirin.gylstorff@...>
- Add code block for key insertion for better visibility
- Correct the template for user-generated keys
- Add information where to store the
|
By
Quirin Gylstorff
·
#6403
·
|
|
[isar-cip-core][PATCH] swupdate-config: add prefix to variables
From: Quirin Gylstorff <quirin.gylstorff@...>
The variables U_BOOT and BOOTLOADER are only used for swupdate
mark add the prefix SWUPDATE to indicate the intended usage.
Signed-off-by:
From: Quirin Gylstorff <quirin.gylstorff@...>
The variables U_BOOT and BOOTLOADER are only used for swupdate
mark add the prefix SWUPDATE to indicate the intended usage.
Signed-off-by:
|
By
Quirin Gylstorff
·
#6402
·
|
|
Re: [PATCH 2/2] [isar-cip-core] Add support qemu-arm
It looks to me we have some regressions in master (which does
deployment), caused by these commits. Could you have a look
It looks to me we have some regressions in master (which does
deployment), caused by these commits. Could you have a look
|
By
Jan Kiszka
·
#6401
·
|
|
Cip-kernel-sec Updates for Week of 2021-04-29
Hi everyone,
This was a quiet week. Only one new issue:
- CVE-2021-3501 [x86: KVM: VMX: data race condition] - fixed
Nothing else to report on.
Regards
ChenYu
Hi everyone,
This was a quiet week. Only one new issue:
- CVE-2021-3501 [x86: KVM: VMX: data race condition] - fixed
Nothing else to report on.
Regards
ChenYu
|
By
Chen-Yu Tsai (Moxa) <wens@...>
·
#6400
·
|