|
Backporting of security patches for Intel i40e drivers required?
They all seemed to involve communication with the owner of a PCIe Virtual Function (VF). A VF might be assigned to a VM or privileged process. In Civil Infrastructure systems those should already be t
They all seemed to involve communication with the owner of a PCIe Virtual Function (VF). A VF might be assigned to a VM or privileged process. In Civil Infrastructure systems those should already be t
|
By
...
· #5791
·
|
|
Leaving Codethink and CIP
I will be leaving Codethink next month, and will no longer be working directly on CIP. (With my Debian hat on, I may still submit merge requests to the cip-kernel-sec repository.) My last working day
I will be leaving Codethink next month, and will no longer be working directly on CIP. (With my Debian hat on, I may still submit merge requests to the cip-kernel-sec repository.) My last working day
|
By
...
· #5683
·
|
|
Direct Pushes for cip-kernel-sec
Please push them directly. Ben.
Please push them directly. Ben.
|
By
...
· #5675
·
|
|
Direct Pushes for cip-kernel-sec
[...] I was going to suggest you do that, for other reasons. I didn't realise you weren't able to do so. It looks you have been granted that permission now, is that right? Ben.
[...] I was going to suggest you do that, for other reasons. I didn't realise you weren't able to do so. It looks you have been granted that permission now, is that right? Ben.
|
By
...
· #5655
·
|
|
[cip-kernel-sec] reports: add script to convert reports to csv format
[...] I think this script is trying to do too many different things: 1. Importing data from NVD 2. Importing data from Debian security tracker 3. Parsing an existing report (!) 4. Generating a new rep
[...] I think this script is trying to do too many different things: 1. Importing data from NVD 2. Importing data from Debian security tracker 3. Parsing an existing report (!) 4. Generating a new rep
|
By
...
· #5500
·
|
|
[isar-cip-core] version management
OK. Possibly... but then: 1. You have to make sure that builds are only signed when the source is from a tag signed by one of a defined set of trusted keys. 2. You have to somehow keep the signing key
OK. Possibly... but then: 1. You have to make sure that builds are only signed when the source is from a tag signed by one of a defined set of trusted keys. 2. You have to somehow keep the signing key
|
By
...
· #4642
·
|
|
[isar-cip-core] version management
Including punctuation in the date may make it more readable. Also the day-of-month could be omitted if there will be no more than one release per month. An md5sum would help to detect accidental corru
Including punctuation in the date may make it more readable. Also the day-of-month could be omitted if there will be no more than one release per month. An md5sum would help to detect accidental corru
|
By
...
· #4639
·
|
|
[backport 4.4] mac80211: Fix TKIP replay protection immediately after key setup
The security tracker shows a lot of fixes missing from 4.4. Ben.
The security tracker shows a lot of fixes missing from 4.4. Ben.
|
By
...
· #4528
·
|
|
[backport 4.4] mac80211: Fix TKIP replay protection immediately after key setup
That's what I would do. This reference is wrong; the upstream commit is 6f601265215a421f425ba3a4850a35861d024643. Also the usual format for this reference has "upstream." after the commit hash. [...]
That's what I would do. This reference is wrong; the upstream commit is 6f601265215a421f425ba3a4850a35861d024643. Also the usual format for this reference has "upstream." after the commit hash. [...]
|
By
...
· #4527
·
|
|
Backporting "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup"
I also had a go at this before catching up on cip-dev and finding you had also done so. So I've compared this with my version. I haven't done real testing yet either. This leaves the ret variable unus
I also had a go at this before catching up on cip-dev and finding you had also done so. So I've compared this with my version. I haven't done real testing yet either. This leaves the ret variable unus
|
By
...
· #4525
·
|
|
Linux-cip: Kselftest plans
[...] Some self-tests will fail on older kernel versions due to missing features or bugs that might not be practically fixable. Test cases can report "skip" rather than "fail" for missing features, bu
[...] Some self-tests will fail on older kernel versions due to missing features or bugs that might not be practically fixable. Test cases can report "skip" rather than "fail" for missing features, bu
|
By
...
· #4523
·
|
|
realtime on de0-nano bisection
[...] [...] When bisection finds a commit touching code that you're not even building, the answer should not be "don't ask me why" but "this is not a reproducible bug". Ben.
[...] [...] When bisection finds a commit touching code that you're not even building, the answer should not be "don't ask me why" but "this is not a reproducible bug". Ben.
|
By
...
· #4522
·
|
|
Difference between v4.19.88-cip16-rebase..v4.19.88-cip16 was Re: Getting older -cip-rebase versions
On Wed, 2020-01-08 at 04:02 +0000, nobuhiro1.iwamatsu@... wrote: [...] > > Any idea what is going on there? Which version is ok and which should > > be adjusted? > > I already fixed these is
On Wed, 2020-01-08 at 04:02 +0000, nobuhiro1.iwamatsu@... wrote: [...] > > Any idea what is going on there? Which version is ok and which should > > be adjusted? > > I already fixed these is
|
By
...
· #4148
·
|
|
[Y2038] [PATCH] generic/402: fix for updated behavior of timestamp limits
[+cc cip-dev]
By
...
· #4097
·
|
|
[RFC] Script to find used sources in the kernel
Yes they are the *.sources files. [...] They require a kernel repository with the CIP branches, and suitable compilers installed. Ben. Pavel
Yes they are the *.sources files. [...] They require a kernel repository with the CIP branches, and suitable compilers installed. Ben. Pavel
|
By
...
· #3974
·
|
|
[PATCH/RFC 4.19.y-cip 00/41] Fast forward sh-pfc
[...] The failing assertions were added by "pinctrl: sh-pfc: Validate pins/marks in pin groups at build time". We could revert that one patch, but it seems to be detecting actual bugs in r8a7740.c, so
[...] The failing assertions were added by "pinctrl: sh-pfc: Validate pins/marks in pin groups at build time". We could revert that one patch, but it seems to be detecting actual bugs in r8a7740.c, so
|
By
...
· #3077
·
|
|
Testing CIP kernel with Debian gcc
So far as I could see, the only hardening option enabled there is PIE. That's good for user-space but can't be used in the kernel (currently). There is another source of default tool-chain options for
So far as I could see, the only hardening option enabled there is PIE. That's good for user-space but can't be used in the kernel (currently). There is another source of default tool-chain options for
|
By
...
· #2845
·
|
|
[PATCH linux-4.19.y-cip-rt] staging: m57621-mmc: delete driver from the tree.
This might seem clear to you, but at least for source code I think it's less clear. Also, if the copyright holder is required to license it under GPL to comply with the kernel's copyright license, tha
This might seem clear to you, but at least for source code I think it's less clear. Also, if the copyright holder is required to license it under GPL to comply with the kernel's copyright license, tha
|
By
...
· #2830
·
|
|
Testing CIP kernel with Debian gcc
On Thu, 2019-08-08 at 12:05 +0000, Chris Paterson wrote: [...] > Do Debian make any changes/fixes in their gcc package? Yes, they are usually snapshots of a release branch, with some cherry- picked fi
On Thu, 2019-08-08 at 12:05 +0000, Chris Paterson wrote: [...] > Do Debian make any changes/fixes in their gcc package? Yes, they are usually snapshots of a release branch, with some cherry- picked fi
|
By
...
· #2829
·
|
|
phy-rcar-gen3-usb2: wrong parsing of role in role_store?
I suspect the intent is to work without a trailing " ", but you're right that this parsing is rather lax. All attribute writes should be going through kernfs_fop_write(), which writes a null terminato
I suspect the intent is to work without a trailing " ", but you're right that this parsing is rather lax. All attribute writes should be going through kernfs_fop_write(), which writes a null terminato
|
By
...
· #2799
·
|