diff options
author | Jason M. Bills <jason.m.bills@linux.intel.com> | 2021-05-24 22:54:37 +0300 |
---|---|---|
committer | Jason M. Bills <jason.m.bills@linux.intel.com> | 2021-05-24 23:12:35 +0300 |
commit | 2a64b8ae9b952b18b4aef38cb7c41ce6dba16c50 (patch) | |
tree | 704eb802dc7b987411a0e44d128bdd8978745d8c /meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend | |
parent | 0e0df451ae365f09d5c0c766b253f23de26901f2 (diff) | |
download | openbmc-2a64b8ae9b952b18b4aef38cb7c41ce6dba16c50.tar.xz |
Update to internal 0.52
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
Diffstat (limited to 'meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend')
-rw-r--r-- | meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend | 49 |
1 files changed, 47 insertions, 2 deletions
diff --git a/meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend b/meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend index 360d8398e..29d938c6e 100644 --- a/meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend +++ b/meta-openbmc-mods/meta-ast2600/recipes-bsp/u-boot/u-boot-aspeed-sdk_%.bbappend @@ -1,6 +1,5 @@ COMPATIBLE_MACHINE = "intel-ast2600" FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files:" -FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2020-10648:" # the meta-phosphor layer adds this patch, which conflicts # with the intel layout for environment @@ -23,10 +22,10 @@ SRC_URI_append_intel-ast2600 = " \ file://0014-Add-a-workaround-to-cover-eSPI-OOB-free-bug-in-AST26.patch \ file://0015-net-phy-realtek-Change-LED-configuration.patch \ file://0016-Add-system-reset-status-support.patch \ + file://0016-Add-LED-control-support.patch \ file://0017-Manufacturing-mode-physical-presence-detection.patch \ file://0018-Add-a-workaround-to-cover-VGA-memory-size-bug-in-A0.patch \ file://0019-Apply-WDT1-2-reset-mask-to-reset-needed-controller.patch \ - file://0020-Add-BMC-running-indicator-LED-control.patch \ file://0022-Reboot-into-UBOOT-on-Watchdog-Failures.patch \ file://0023-Add-WDT-to-u-boot-to-cover-booting-failures.patch \ file://0024-fix-SUS_WARN-handling-logic.patch \ @@ -34,9 +33,11 @@ SRC_URI_append_intel-ast2600 = " \ file://0025-Enable-PCIe-L1-support.patch \ file://0027-ast2600-Add-Mailbox-init-function.patch \ file://0028-Improve-randomness-of-mac-address-generation.patch \ + file://0029-Set-UART-routing-in-lowlevel_init.patch \ " # CVE-2020-10648 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2020-10648:" SRC_URI_append_intel-ast2600 = " \ file://0001-image-Correct-comment-for-fit_conf_get_node.patch \ file://0008-image-Load-the-correct-configuration-in-fit_check_si.patch \ @@ -44,6 +45,50 @@ SRC_URI_append_intel-ast2600 = " \ file://0012-image-Use-constants-for-required-and-key-name-hint.patch \ " +# CVE-2019-11059 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2019-11059:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-Fix-ext4-block-group-descriptor-sizing.patch \ + " + +# CVE-2019-11690 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2019-11690:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-lib-uuid-Fix-unseeded-PRNG-on-RANDOM_UUID-y.patch \ + " + +# CVE-2019-13104 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2019-13104:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-CVE-2019-13104-ext4-check-for-underflow-in-ext4fs_re.patch \ + " + +# CVE-2019-13105 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2019-13105:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-fs-ext4-cache-extent-data.patch \ + file://0002-CVE-2019-13105-ext4-fix-double-free-in-ext4_cache_re.patch \ + " + +# CVE-2019-13106 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2019-13106:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-CVE-2019-13106-ext4-fix-out-of-bounds-memset.patch \ + " + +# CVE-2021-27097 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2021-27097:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-image-Adjust-the-workings-of-fit_check_format.patch \ + file://0002-image-Add-an-option-to-do-a-full-check-of-the-FIT.patch \ + " + +# CVE-2021-27138 vulnerability fix +FILESEXTRAPATHS_append_intel-ast2600:= "${THISDIR}/files/CVE-2021-27138:" +SRC_URI_append_intel-ast2600 = " \ + file://0001-image-Check-for-unit-addresses-in-FITs.patch \ + " + PFR_SRC_URI = " \ file://0043-AST2600-PFR-u-boot-env-changes-as-per-PFR-BMC-image.patch \ " |