Skip to content

Commit

Permalink
linux: Add new version 4.4.14
Browse files Browse the repository at this point in the history 
The new Linux kernel release fixes the security issues below [1].

1.  CVE-2016-4997: Corrupted offset allows for arbitrary decrements in
    compat IPT_SO_SET_REPLACE setsockopt
2.  CVE-2016-4998: Out of bounds reads when processing
    IPT_SO_SET_REPLACE setsockopt

From Softpedia [2]:

> According to the appended shortlog and the diff from the previous
> maintenance update, Linux kernel 4.4.14 LTS adds multiple changes to
> the SPARC support, along with various small fixes for other hardware
> architectures, including s390, ARM64 (AArch64), PowerPC (PPC), MIPS,
> ARM, and x86. Moreover, the networking stack has received various
> improvements to the IPv4 and IPv6 protocols, as well as things like
> L2TP, Netfilter, Netlink, Open vSwitch, TIPC, Wireless, and switchdev.
>
> KVM (Kernel-based Virtual Machine) full virtualization solution for
> Linux and Intel HDA sound support have been improved as well in Linux
> kernel 4.4.14 LTS, along with a few updated drivers, in particular
> networking ones (Ethernet, TUN, VXLAN, etc.), but also general-purpose
> input/output (GPIO), crypto, PINCTRL, and SCSI drivers. All users of a
> GNU/Linux operating system powered by a kernel from the Linux 4.4 LTS
> series are urged to update to Linux kernel 4.4.14 LTS as soon as
> possible.

Also, select `RTC_DRV_CMOS` and `CONFIG_HPET`.

The first option is needed, to get `/dev/rtc0`.

```
--- /boot/config-4.4.13.mx64.89 2016-06-17 09:58:30.000000000 +0200
+++ /dev/shm/linux-4.4.14.config        2016-06-27 17:36:14.584655167 +0200
@@ -1,6 +1,6 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.4.13 Kernel Configuration
+# Linux/x86 4.4.14 Kernel Configuration
 #
 CONFIG_64BIT=y
 CONFIG_X86_64=y
@@ -50,7 +50,7 @@
 CONFIG_INIT_ENV_ARG_LIMIT=32
 CONFIG_CROSS_COMPILE=""
 # CONFIG_COMPILE_TEST is not set
-CONFIG_LOCALVERSION=".mx64.89"
+CONFIG_LOCALVERSION=".mx64.90"
 CONFIG_LOCALVERSION_AUTO=y
 CONFIG_HAVE_KERNEL_GZIP=y
 CONFIG_HAVE_KERNEL_BZIP2=y
@@ -398,6 +398,7 @@
 CONFIG_CPU_SUP_AMD=y
 CONFIG_CPU_SUP_CENTAUR=y
 CONFIG_HPET_TIMER=y
+CONFIG_HPET_EMULATE_RTC=y
 CONFIG_DMI=y
 CONFIG_GART_IOMMU=y
 # CONFIG_CALGARY_IOMMU is not set
@@ -2146,7 +2147,9 @@
 # CONFIG_APPLICOM is not set
 # CONFIG_MWAVE is not set
 # CONFIG_RAW_DRIVER is not set
-# CONFIG_HPET is not set
+CONFIG_HPET=y
+CONFIG_HPET_MMAP=y
+CONFIG_HPET_MMAP_DEFAULT=y
 # CONFIG_HANGCHECK_TIMER is not set
 # CONFIG_TCG_TPM is not set
 # CONFIG_TELCLOCK is not set
@@ -3217,7 +3220,83 @@
 CONFIG_EDAC_I5100=y
 CONFIG_EDAC_I7300=y
 CONFIG_RTC_LIB=y
-# CONFIG_RTC_CLASS is not set
+CONFIG_RTC_CLASS=y
+CONFIG_RTC_HCTOSYS=y
+CONFIG_RTC_HCTOSYS_DEVICE="rtc0"
+CONFIG_RTC_SYSTOHC=y
+CONFIG_RTC_SYSTOHC_DEVICE="rtc0"
+# CONFIG_RTC_DEBUG is not set
+
+#
+# RTC interfaces
+#
+CONFIG_RTC_INTF_SYSFS=y
+# CONFIG_RTC_INTF_PROC is not set
+CONFIG_RTC_INTF_DEV=y
+# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set
+# CONFIG_RTC_DRV_TEST is not set
+
+#
+# I2C RTC drivers
+#
+# CONFIG_RTC_DRV_ABB5ZES3 is not set
+# CONFIG_RTC_DRV_ABX80X is not set
+# CONFIG_RTC_DRV_DS1307 is not set
+# CONFIG_RTC_DRV_DS1374 is not set
+# CONFIG_RTC_DRV_DS1672 is not set
+# CONFIG_RTC_DRV_DS3232 is not set
+# CONFIG_RTC_DRV_MAX6900 is not set
+# CONFIG_RTC_DRV_RS5C372 is not set
+# CONFIG_RTC_DRV_ISL1208 is not set
+# CONFIG_RTC_DRV_ISL12022 is not set
+# CONFIG_RTC_DRV_ISL12057 is not set
+# CONFIG_RTC_DRV_X1205 is not set
+# CONFIG_RTC_DRV_PCF2127 is not set
+# CONFIG_RTC_DRV_PCF8523 is not set
+# CONFIG_RTC_DRV_PCF8563 is not set
+# CONFIG_RTC_DRV_PCF85063 is not set
+# CONFIG_RTC_DRV_PCF8583 is not set
+# CONFIG_RTC_DRV_M41T80 is not set
+# CONFIG_RTC_DRV_BQ32K is not set
+# CONFIG_RTC_DRV_S35390A is not set
+# CONFIG_RTC_DRV_FM3130 is not set
+# CONFIG_RTC_DRV_RX8581 is not set
+# CONFIG_RTC_DRV_RX8025 is not set
+# CONFIG_RTC_DRV_EM3027 is not set
+# CONFIG_RTC_DRV_RV3029C2 is not set
+# CONFIG_RTC_DRV_RV8803 is not set
+
+#
+# SPI RTC drivers
+#
+
+#
+# Platform RTC drivers
+#
+CONFIG_RTC_DRV_CMOS=y
+# CONFIG_RTC_DRV_DS1286 is not set
+# CONFIG_RTC_DRV_DS1511 is not set
+# CONFIG_RTC_DRV_DS1553 is not set
+# CONFIG_RTC_DRV_DS1685_FAMILY is not set
+# CONFIG_RTC_DRV_DS1742 is not set
+# CONFIG_RTC_DRV_DS2404 is not set
+# CONFIG_RTC_DRV_STK17TA8 is not set
+# CONFIG_RTC_DRV_M48T86 is not set
+# CONFIG_RTC_DRV_M48T35 is not set
+# CONFIG_RTC_DRV_M48T59 is not set
+# CONFIG_RTC_DRV_MSM6242 is not set
+# CONFIG_RTC_DRV_BQ4802 is not set
+# CONFIG_RTC_DRV_RP5C01 is not set
+# CONFIG_RTC_DRV_V3020 is not set
+
+#
+# on-CPU RTC drivers
+#
+
+#
+# HID Sensor RTC drivers
+#
+# CONFIG_RTC_DRV_HID_SENSOR_TIME is not set
 # CONFIG_DMADEVICES is not set
 # CONFIG_AUXDISPLAY is not set
 # CONFIG_UIO is not set

```

[1] http://www.openwall.com/lists/oss-security/2016/06/24/5
[2] http://news.softpedia.com/news/linux-kernel-4-4-14-lts-brings-networking-improvements-multiple-sparc-changes-505657.shtml
    "Linux Kernel 4.4.14 LTS Brings Networking Improvements, Multiple SPARC Changes"
  • Loading branch information
@pmenzel
pmenzel committed Jun 28, 2016
1 parent 4ab09bf commit fc93b82
Showing 1 changed file with 82 additions and 0 deletions.
82 changes: 82 additions & 0 deletions linux-4.4.14-90.bee
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
#!/bin/env beesh

# note: CONFIG=/boot/config-WHATEVER BEE_MAKEFLAGS='-j 40' ./linux-xxx.bee

KERNELVERSION=${PKGVERSION}
if [ -z "${PKGVERSION[3]}" ] ; then
KERNELVERSION=${KERNELVERSION}.0
fi

echo $KERNELVERSION

SRCURL[0]="http://www.kernel.org/pub/linux/kernel/v${PKGVERSION[1]}.x/linux-${PKGVERSION}.tar.xz"

# backported to stable # PATCHURL+=(/src/mariux/patches/linux-0001-NFS-Fix-attribute-cache-revalidation.patch)
PATCHURL+=(/src/mariux/patches/linux-0002-NFS-Ensure-we-revalidate-attributes-before-using-exe.patch)
PATCHURL+=(/src/mariux/patches/linux-0003-NFSv4-Don-t-perform-cached-access-checks-before-we-v.patch)
PATCHURL+=(/src/mariux/patches/linux-0001-net-better-skb-sender_cpu-and-skb-napi_id-cohabitati.patch)

# EXCLUDE=""

#CONFIG=

KERNELLOCAL=".mx64.${PKGREVISION}"
FULLKERNELVERSION="${KERNELVERSION}${KERNELLOCAL}"

B=${S}

mee_patch() {
echo "PATCH $@"
bee_patch $@
}

mee_configure() {
echo "configure $@"
if [ -e /proc/config.gz ] ; then
zcat /proc/config.gz >config-current
RUNNING=config-current
else
RUNNING=/boot/config-$(uname -r)
fi

: ${CONFIG:=${RUNNING}}

if [ ! -e ${CONFIG} ] ; then
echo "can't find config '${CONFIG}'"
exit 1
fi

cp -v ${CONFIG} .config

LOCALVERSION="\"${KERNELLOCAL}\""
sed -i -e "s@CONFIG_LOCALVERSION=.*@CONFIG_LOCALVERSION=${LOCALVERSION}@" .config

echo "doing make -C ${S} olddefconfig in ${PWD} .."

make olddefconfig

echo "doing make -C ${S} menuconfig in ${PWD} .."

make menuconfig
}

mee_build() {
echo "build $@"
make ${BEE_MAKEFLAGS}
}

mee_install() {
echo "install $@"

make modules_install INSTALL_MOD_PATH=${D}
make install INSTALL_PATH=${D}/boot
# make firmware_install INSTALL_MOD_PATH=${D}

rm -v ${D}/lib/modules/${FULLKERNELVERSION}/{source,build}

ln -sv /usr/src/linux/${PKGALLPKG}/source ${D}/lib/modules/${FULLKERNELVERSION}/source
ln -sv /usr/src/linux/${PKGALLPKG}/build ${D}/lib/modules/${FULLKERNELVERSION}/build

ln -sv bzImage-${FULLKERNELVERSION} ${D}/boot/mariux.${PKGREVISION}
}

0 comments on commit fc93b82

Please sign in to comment.