aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--community/pdns-recursor/APKBUILD10
-rw-r--r--community/tor/APKBUILD4
-rw-r--r--community/virtualbox-guest-modules-vanilla/APKBUILD2
-rw-r--r--community/zabbix/APKBUILD6
-rw-r--r--main/alpine-base/APKBUILD2
-rw-r--r--main/ansible/APKBUILD15
-rw-r--r--main/apache2/APKBUILD7
-rw-r--r--main/axel/APKBUILD23
-rw-r--r--main/axel/CVE-2020-13614.patch223
-rw-r--r--main/ca-certificates/0003-update-ca-insert-newline-between-certs.patch38
-rw-r--r--main/ca-certificates/APKBUILD15
-rw-r--r--main/dahdi-linux-vanilla/APKBUILD2
-rw-r--r--main/dbus/APKBUILD8
-rw-r--r--main/dbus/CVE-2020-12049.patch103
-rw-r--r--main/devicemaster-linux-vanilla/APKBUILD2
-rw-r--r--main/dovecot/APKBUILD16
-rw-r--r--main/drbd9-vanilla/APKBUILD2
-rw-r--r--main/dropbear/APKBUILD8
-rw-r--r--main/dropbear/CVE-2018-20685.patch23
-rw-r--r--main/gd/APKBUILD17
-rw-r--r--main/gd/CVE-2018-14553.patch32
-rw-r--r--main/gd/CVE-2019-11038.patch36
-rw-r--r--main/git/APKBUILD42
-rw-r--r--main/gnutls/APKBUILD14
-rw-r--r--main/gnutls/GNUTLS-SA-2020-03-31.patch33
-rw-r--r--main/gnutls/tests-date-compat.patch12
-rw-r--r--main/haproxy/APKBUILD8
-rw-r--r--main/hostapd/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch150
-rw-r--r--main/hostapd/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch59
-rw-r--r--main/hostapd/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch47
-rw-r--r--main/hostapd/APKBUILD27
-rw-r--r--main/iproute2/APKBUILD13
-rw-r--r--main/iproute2/CVE-2019-20795.patch42
-rw-r--r--main/json-c/APKBUILD11
-rw-r--r--main/libexif/APKBUILD44
-rw-r--r--main/libexif/CVE-2017-7544.patch20
-rw-r--r--main/libuv/APKBUILD4
-rw-r--r--main/libvirt/APKBUILD10
-rw-r--r--main/libvirt/CVE-2020-12430.patch44
-rw-r--r--main/linux-vanilla/APKBUILD26
-rw-r--r--main/linux-vanilla/config-vanilla.aarch6412
-rw-r--r--main/linux-vanilla/config-vanilla.armhf16
-rw-r--r--main/linux-vanilla/config-vanilla.ppc3731
-rw-r--r--main/linux-vanilla/config-vanilla.ppc64le3
-rw-r--r--main/linux-vanilla/config-vanilla.s390x2
-rw-r--r--main/linux-vanilla/config-vanilla.x862
-rw-r--r--main/linux-vanilla/config-vanilla.x86_642
-rw-r--r--main/linux-vanilla/config-virt.aarch642
-rw-r--r--main/linux-vanilla/config-virt.x862
-rw-r--r--main/linux-vanilla/config-virt.x86_642
-rw-r--r--main/mariadb/APKBUILD11
-rw-r--r--main/mcpp/APKBUILD18
-rw-r--r--main/mcpp/CVE-2019-14274.patch52
-rw-r--r--main/nghttp2/APKBUILD8
-rw-r--r--main/nghttp2/CVE-2020-11080.patch332
-rw-r--r--main/ngircd/APKBUILD13
-rw-r--r--main/ngircd/CVE-2020-14148.patch37
-rw-r--r--main/nodejs/APKBUILD35
-rw-r--r--main/ntfs-3g/APKBUILD20
-rw-r--r--main/ntfs-3g/CVE-2019-9755.patch62
-rw-r--r--main/openldap/APKBUILD9
-rw-r--r--main/openssl/APKBUILD12
-rw-r--r--main/openssl/CVE-2019-1551.patch757
-rw-r--r--main/openssl/man-section.patch4
-rw-r--r--main/perl-mozilla-ca/APKBUILD31
-rw-r--r--main/perl/APKBUILD14
-rw-r--r--main/perl/CVE-2020-10543.patch32
-rw-r--r--main/perl/CVE-2020-10878.patch148
-rw-r--r--main/perl/CVE-2020-12723.patch277
-rw-r--r--main/python2/APKBUILD18
-rw-r--r--main/ruby/APKBUILD7
-rw-r--r--main/samba/APKBUILD7
-rw-r--r--main/samba/samba-4.9.17-security-2020-01-21.patch1662
-rw-r--r--main/spl-vanilla/APKBUILD2
-rw-r--r--main/sprunge/APKBUILD6
-rw-r--r--main/sqlite/APKBUILD8
-rw-r--r--main/sqlite/CVE-2020-11655.patch24
-rw-r--r--main/squid/APKBUILD13
-rw-r--r--main/squid/CVE-2019-18679.patch120
-rw-r--r--main/tcpdump/APKBUILD41
-rw-r--r--main/tzdata/APKBUILD21
-rw-r--r--main/unbound/APKBUILD11
-rw-r--r--main/unbound/CVE-2020-12662_CVE-2020-12663.patch948
-rw-r--r--main/xen/APKBUILD43
-rw-r--r--main/xen/xsa313-1.patch26
-rw-r--r--main/xen/xsa313-2.patch132
-rw-r--r--main/xen/xsa314-4.13.patch121
-rw-r--r--main/xen/xsa316-xen.patch30
-rw-r--r--main/xen/xsa318.patch39
-rw-r--r--main/xtables-addons-vanilla/APKBUILD2
-rw-r--r--main/zfs-vanilla/APKBUILD2
-rw-r--r--testing/ipt-netflow-vanilla/APKBUILD4
-rw-r--r--testing/wireguard-vanilla/APKBUILD2
-rw-r--r--testing/wireguard-virt/APKBUILD2
94 files changed, 5189 insertions, 4948 deletions
diff --git a/community/pdns-recursor/APKBUILD b/community/pdns-recursor/APKBUILD
index d2137dad8e..60204c880f 100644
--- a/community/pdns-recursor/APKBUILD
+++ b/community/pdns-recursor/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Olivier Mauras <olivier@mauras.ch>
pkgname=pdns-recursor
-pkgver=4.1.9
-pkgrel=1
+pkgver=4.1.16
+pkgrel=0
pkgdesc="PowerDNS Recursive Server"
url="https://www.powerdns.com/"
# s390x: missing boost-context
@@ -22,6 +22,10 @@ source="https://downloads.powerdns.com/releases/$pkgname-$pkgver.tar.bz2
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 4.1.16-r0:
+# - CVE-2020-10030
+# - CVE-2020-10995
+# - CVE-2020-12244
# 4.1.9-r0:
# - CVE-2019-3806
# - CVE-2019-3807
@@ -69,6 +73,6 @@ package() {
"$pkgdir"/etc/pdns/recursor.conf
}
-sha512sums="2deaf1cdc8c32087f744efe0d142421cfd2d89dc9b31edcdea55c1efc2637987e8557891716498e3703c4b1af4b0d301e2a53316c5a97c7a18ec85016ccfa8f1 pdns-recursor-4.1.9.tar.bz2
+sha512sums="dc5d6113d88ce0da9e4735b2af98705c635651215e11f10b94e93b11fcbe20e91479aa0a9730e8d0f027aa6d1905c2b1131f3fd0efeeb5ca11af97bd3d7d7ff4 pdns-recursor-4.1.16.tar.bz2
6eea64828a363a8f36a694da4ab08f48482a096572e5597e3182bbf5f4e7c0114d9b643c7ea5060ae46b50b05c6ebbace2fedd44dc6309b641fd638d44db879e pdns-recursor.initd
954df537693a202fc195e751011bbfaa605b3f3df42ac386fa82eb809b73c2b987f5e418b5c96bb3b0669497426ce0daa39a719844701e06990b82843a4cf0d4 recursor.conf"
diff --git a/community/tor/APKBUILD b/community/tor/APKBUILD
index 14caac4d98..97d3d3919e 100644
--- a/community/tor/APKBUILD
+++ b/community/tor/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Christine Dodrill <me@christine.website>
pkgname=tor
pkgver=0.3.4.11
-pkgrel=0
+pkgrel=1
pkgdesc="Anonymous network connectivity"
url="https://www.torproject.org"
arch="all"
@@ -12,7 +12,7 @@ makedepends="linux-headers bash libevent-dev openssl-dev ca-certificates
zlib-dev"
install="$pkgname.post-upgrade $pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-openrc"
-source="https://www.torproject.org/dist/$pkgname-$pkgver.tar.gz
+source="https://archive.torproject.org/tor-package-archive/$pkgname-$pkgver.tar.gz
tor.initd
tor.confd
torrc.sample.patch"
diff --git a/community/virtualbox-guest-modules-vanilla/APKBUILD b/community/virtualbox-guest-modules-vanilla/APKBUILD
index e18cb36485..81304aa622 100644
--- a/community/virtualbox-guest-modules-vanilla/APKBUILD
+++ b/community/virtualbox-guest-modules-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/community/zabbix/APKBUILD b/community/zabbix/APKBUILD
index 6a341f5844..9d9290ca24 100644
--- a/community/zabbix/APKBUILD
+++ b/community/zabbix/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=zabbix
-pkgver=4.0.16
+pkgver=4.0.21
pkgrel=0
pkgdesc="Enterprise-class open source distributed monitoring"
url="http://www.zabbix.com"
@@ -25,7 +25,7 @@ options="!check" # no tests available
subpackages="$pkgname-doc $pkgname-agent $pkgname-pgsql $pkgname-mysql $pkgname-sqlite
$pkgname-webif::noarch $pkgname-utils $pkgname-setup::noarch
$pkgname-openrc $pkgname-agent-openrc:agent_openrc"
-source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz
+source="$pkgname-$pkgver.tar.gz::https://github.com/zabbix/zabbix/archive/$pkgver.tar.gz
zabbix-server.initd
zabbix-server.confd
zabbix-agentd.initd
@@ -200,7 +200,7 @@ agent_openrc() {
"$subpkgdir"/etc/init.d/zabbix-agentd
}
-sha512sums="e5a0b13790ef082d63c879ebf989739ffde448161d45eb16ccf4100473556ef39d00466687ecce69e3430e54ec32015c2d00461b81f51510d08d8e38284e2ee6 zabbix-4.0.16.tar.gz
+sha512sums="f93137602a6f89feed66d35d6604f92bb4f8b6831cd9348108408a5bddeb98ac22ed72077e59b6e9dd12b894d115c0e410912e0c1d83bb36a9398188dbe80e30 zabbix-4.0.21.tar.gz
9998ee172a28002d98bacc3f76038ff52b8cf2b206e101418d76b4ca3de94afaf92cb4f7a6235ecf177f74beb9dd3ea1f3983c4f164b4f60bb601acba65aa175 zabbix-server.initd
9c06527bf653c40585fa7eeb3f7a0b2fc454031d24cd0d1633aed87b78a681c5227a193c5b9fcfcea0839135874e27ba7dd9b198573f905f680a2856f79e9512 zabbix-server.confd
523013cab3ba79cbc00db92f09d4c5d514fd6aa9cbebf8f29227dc91fbc19d2f8375af74c21d2037e4f3380a818f808194dbc94e69709ef2cf90f66e715895c4 zabbix-agentd.initd
diff --git a/main/alpine-base/APKBUILD b/main/alpine-base/APKBUILD
index 7fdc06926b..76e68d03a8 100644
--- a/main/alpine-base/APKBUILD
+++ b/main/alpine-base/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=alpine-base
-pkgver=3.9.5
+pkgver=3.9.6
pkgrel=0
pkgdesc="Meta package for minimal alpine base"
url="https://alpinelinux.org"
diff --git a/main/ansible/APKBUILD b/main/ansible/APKBUILD
index 2c9f9407d0..385db4691f 100644
--- a/main/ansible/APKBUILD
+++ b/main/ansible/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Takuya Noguchi <takninnovationresearch@gmail.com>
# Maintainer: Fabian Affolter <fabian@affolter-engineering.ch>
pkgname=ansible
-pkgver=2.7.16
+pkgver=2.7.17
pkgrel=0
pkgdesc="A configuration-management, deployment, task-execution, and multinode orchestration framework"
url="https://ansible.com/"
@@ -14,13 +14,20 @@ depends="python3 $_py-yaml $_py-paramiko $_py-jinja2 $_py-markupsafe $_py-crypto
makedepends="python3-dev py3-setuptools"
options="!check" # not included in release tarball
subpackages="$pkgname-doc"
-source="$pkgname-$pkgver.tar.gz::https://releases.ansible.com/ansible/$pkgname-$pkgver.tar.gz
+source="https://releases.ansible.com/ansible/ansible-$pkgver.tar.gz
add-lxc-container_shell-option.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 2.7.17-r0:
+# - CVE-2019-3828
+# - CVE-2020-1733
+# - CVE-2020-1737
+# - CVE-2020-1739
+# - CVE-2020-1740
+# - CVE-2020-1746
# 2.7.16-r0:
# - CVE-2019-14864
# - CVE-2019-14904
@@ -38,7 +45,7 @@ builddir="$srcdir/$pkgname-$pkgver"
# 2.7.5-r0:
# - CVE-2018-16876
# 2.7.3-r0:
-# - CVE 2018-16859
+# - CVE-2018-16859
# 2.7.1-r0:
# - CVE-2018-16837
# 2.6.3-r0:
@@ -68,5 +75,5 @@ package() {
install -m644 README.rst "$pkgdir"/usr/share/doc/$pkgname
}
-sha512sums="daae5c495f60a6b1b7fbce7c1b964e946ffa85e57791f9e07765aacfea8a490e39e3fad7f319684fc98dcc2e59ed8e9daf058e03a5dfcdf2cd6de5166ecb5767 ansible-2.7.16.tar.gz
+sha512sums="387ee26381d120e8b1a77a5251686831fefb47213dce4a1f0aee714e6c6e2a94f1bf283ef2bcf3d79940552407fff7d86453968f1aa5a866f013d396948ccc0f ansible-2.7.17.tar.gz
e1bd1affec585abf4556d1f2598df2689c2341fc0ddaec3eadc0a9c6df5725b8ab97092771f2c57da6ecaa72ae1bb5e5ccce55db8c4d74bfc785f611dd5b8c32 add-lxc-container_shell-option.patch"
diff --git a/main/apache2/APKBUILD b/main/apache2/APKBUILD
index b067ad7fb9..535a4753bd 100644
--- a/main/apache2/APKBUILD
+++ b/main/apache2/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
pkgname=apache2
_pkgreal=httpd
-pkgver=2.4.41
+pkgver=2.4.43
pkgrel=0
pkgdesc="A high performance Unix-based HTTP server"
url="https://httpd.apache.org/"
@@ -51,6 +51,9 @@ options="suid"
builddir="$srcdir"/$_pkgreal-$pkgver
# secfixes:
+# 2.4.43-r0:
+# - CVE-2020-1927
+# - CVE-2020-1934
# 2.4.41-r0:
# - CVE-2019-9517
# - CVE-2019-10081
@@ -344,7 +347,7 @@ _lua() {
"$subpkgdir"/usr/lib/apache2/
_load_mods
}
-sha512sums="350cc7dcd2c439e0590338fa6da3f44df44f9bb885c381e91f91b14c2f48597f6f0bbac0ea118a8a67eaa70ae7edbb769beace368643ed73f6daee44c307b335 httpd-2.4.41.tar.bz2
+sha512sums="16cfeecc8f6fab6eca478065a384bdf1872f7ac42206b0bc2bcac6c0d9c576f392c07107201f39e0601dec1bbafcb33d66153544de4d87d79b9a52094d334b64 httpd-2.4.43.tar.bz2
8e62b101f90c67babe864bcb74f711656180b011df3fd4b541dc766b980b72aa409e86debf3559a55be359471c1cad81b8779ef3a55add8d368229fc7e9544fc apache2.confd
18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b apache2.logrotate
81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701 apache2.initd
diff --git a/main/axel/APKBUILD b/main/axel/APKBUILD
index 0e96319282..373726aa57 100644
--- a/main/axel/APKBUILD
+++ b/main/axel/APKBUILD
@@ -2,18 +2,32 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=axel
pkgver=2.16.1
-pkgrel=2
+pkgrel=3
pkgdesc="A multiple-connection concurrent downloader"
url="https://github.com/axel-download-accelerator/axel"
arch="all"
options="!check" # has no checks
license="GPL-2.0-or-later"
-makedepends="openssl-dev"
+makedepends="openssl-dev automake autoconf libtool gettext-dev"
subpackages="$pkgname-doc"
-source="$url/releases/download/v$pkgver/axel-$pkgver.tar.xz"
+source="$url/releases/download/v$pkgver/axel-$pkgver.tar.xz
+ CVE-2020-13614.patch
+ "
+
+# secfixes:
+# 2.16.1-r3:
+# - CVE-2020-13614
builddir="$srcdir/$pkgname-$pkgver"
+prepare() {
+ default_prepare
+
+ # We need to regenerate the configure script because the CVE-2020-13614
+ # modifies src/Makefile.am
+ autoreconf -fi
+}
+
build() {
cd "$builddir"
./configure \
@@ -32,4 +46,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="a263b6926acb6acf16353d0d02464d48ad89c18dd3328b84273c26cdb23cb7323084a8204a5c6ad163ad5352136cb1709c6734d4fec9bc1c514174dbbb3c5dab axel-2.16.1.tar.xz"
+sha512sums="a263b6926acb6acf16353d0d02464d48ad89c18dd3328b84273c26cdb23cb7323084a8204a5c6ad163ad5352136cb1709c6734d4fec9bc1c514174dbbb3c5dab axel-2.16.1.tar.xz
+b5365d6ccb3453d4e1d70e8cf734e9d6723e412904427d8bbee5e409511864c7a9970343c9a9c9cbfb86032a54ab78579ca180094e18f4b53028116b669b4cb5 CVE-2020-13614.patch"
diff --git a/main/axel/CVE-2020-13614.patch b/main/axel/CVE-2020-13614.patch
new file mode 100644
index 0000000000..f23b705e16
--- /dev/null
+++ b/main/axel/CVE-2020-13614.patch
@@ -0,0 +1,223 @@
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 6269979..a56b4dd 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -14,6 +14,7 @@ axel_SOURCES = \
+ search.c \
+ search.h \
+ ssl.c \
++ ssl_verify.c \
+ ssl.h \
+ tcp.c \
+ tcp.h \
+diff --git a/src/ssl.c b/src/ssl.c
+index c05f238..0859b76 100644
+--- a/src/ssl.c
++++ b/src/ssl.c
+@@ -70,7 +70,7 @@ ssl_startup(void)
+ SSL *
+ ssl_connect(int fd, char *hostname, char *message)
+ {
+-
++ X509 *server_cert;
+ SSL_CTX *ssl_ctx;
+ SSL *ssl;
+
+@@ -91,9 +91,33 @@ ssl_connect(int fd, char *hostname, char *message)
+ if (err <= 0) {
+ sprintf(message, _("SSL error: %s\n"),
+ ERR_reason_error_string(ERR_get_error()));
++ SSL_CTX_free(ssl_ctx);
++ return NULL;
++ }
++
++ err = SSL_get_verify_result(ssl);
++ if (err != X509_V_OK) {
++ fprintf(stderr, _("SSL error: Certificate error"));
++ SSL_CTX_free(ssl_ctx);
+ return NULL;
+ }
+
++ server_cert = SSL_get_peer_certificate(ssl);
++ if (server_cert == NULL) {
++ fprintf(stderr, _("SSL error: Certificate not found"));
++ SSL_CTX_free(ssl_ctx);
++ return NULL;
++ }
++
++ if (!ssl_validate_hostname(hostname, server_cert)) {
++ fprintf(stderr, _("SSL error: Hostname verification failed"));
++ X509_free(server_cert);
++ SSL_CTX_free(ssl_ctx);
++ return NULL;
++ }
++
++ X509_free(server_cert);
++
+ return ssl;
+ }
+
+diff --git a/src/ssl.h b/src/ssl.h
+index cc00eaf..64fb933 100644
+--- a/src/ssl.h
++++ b/src/ssl.h
+@@ -44,5 +44,6 @@
+ void ssl_init(conf_t *conf);
+ SSL *ssl_connect(int fd, char *hostname, char *message);
+ void ssl_disconnect(SSL *ssl);
++bool ssl_validate_hostname(const char *hostname, const X509 *server_cert);
+
+ #endif /* AXEL_SSL_H */
+diff --git a/src/ssl_verify.c b/src/ssl_verify.c
+new file mode 100644
+index 0000000..8a67a3c
+--- /dev/null
++++ b/src/ssl_verify.c
+@@ -0,0 +1,147 @@
++/*
++ Helper functions to perform basic hostname validation using OpenSSL.
++
++ Author: Alban Diquet
++ Copyright (C) 2012, iSEC Partners.
++
++ Permission is hereby granted, free of charge, to any person obtaining a copy of
++ this software and associated documentation files (the "Software"), to deal in
++ the Software without restriction, including without limitation the rights to
++ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
++ of the Software, and to permit persons to whom the Software is furnished to do
++ so, subject to the following conditions:
++
++ The above copyright notice and this permission notice shall be included in all
++ copies or substantial portions of the Software.
++
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
++ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
++ SOFTWARE.
++ */
++
++#include "axel.h"
++
++#ifdef HAVE_SSL
++
++#include <openssl/ssl.h>
++#include <openssl/x509v3.h>
++
++#if OPENSSL_VERSION_NUMBER < 0x10101000L
++#define ASN1_STRING_data_compat ASN1_STRING_data
++#else
++#define ASN1_STRING_data_compat ASN1_STRING_get0_data
++#endif
++
++typedef enum {
++ MatchFound,
++ MatchNotFound,
++ NoSANPresent,
++ MalformedCertificate,
++ Error
++} validate_result;
++
++static validate_result
++ssl_matches_common_name(const char *hostname, const X509 *server_cert)
++{
++ int common_name_loc = -1;
++ X509_NAME_ENTRY *common_name_entry = NULL;
++ ASN1_STRING *common_name_asn1 = NULL;
++ char *common_name_str = NULL;
++
++ // Find the position of the CN field in the Subject field of the certificate
++ common_name_loc = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *) server_cert), NID_commonName, -1);
++ if (common_name_loc < 0) {
++ return Error;
++ }
++
++ // Extract the CN field
++ common_name_entry = X509_NAME_get_entry(X509_get_subject_name((X509 *) server_cert), common_name_loc);
++ if (common_name_entry == NULL) {
++ return Error;
++ }
++
++ // Convert the CN field to a C string
++ common_name_asn1 = X509_NAME_ENTRY_get_data(common_name_entry);
++ if (common_name_asn1 == NULL) {
++ return Error;
++ }
++ common_name_str = (char *) ASN1_STRING_data_compat(common_name_asn1);
++
++ // Make sure there isn't an embedded NUL character in the CN
++ if ((size_t) ASN1_STRING_length(common_name_asn1) != strlen(common_name_str)) {
++ return MalformedCertificate;
++ }
++
++ // Compare expected hostname with the CN
++ if (strcasecmp(hostname, common_name_str) == 0) {
++ return MatchFound;
++ } else {
++ return MatchNotFound;
++ }
++}
++
++static validate_result
++ssl_matches_subject_alternative_name(const char *hostname, const X509 *server_cert)
++{
++ validate_result result = MatchNotFound;
++ int i;
++ int san_names_nb = -1;
++ STACK_OF(GENERAL_NAME) *san_names = NULL;
++
++ // Try to extract the names within the SAN extension from the certificate
++ san_names = X509_get_ext_d2i((X509 *) server_cert, NID_subject_alt_name, NULL, NULL);
++ if (san_names == NULL) {
++ return NoSANPresent;
++ }
++ san_names_nb = sk_GENERAL_NAME_num(san_names);
++
++ // Check each name within the extension
++ for (i = 0; i < san_names_nb; i++) {
++ const GENERAL_NAME *current_name = sk_GENERAL_NAME_value(san_names, i);
++
++ if (current_name->type == GEN_DNS) {
++ // Current name is a DNS name, let's check it
++ char *dns_name = (char *) ASN1_STRING_data_compat(current_name->d.dNSName);
++
++ // Make sure there isn't an embedded NUL character in the DNS name
++ if ((size_t) ASN1_STRING_length(current_name->d.dNSName) != strlen(dns_name)) {
++ result = MalformedCertificate;
++ break;
++ } else {
++ // Compare expected hostname with the DNS name
++ if (strcasecmp(hostname, dns_name) == 0) {
++ result = MatchFound;
++ break;
++ }
++ }
++ }
++ }
++ sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free);
++
++ return result;
++}
++
++bool
++ssl_validate_hostname(const char *hostname, const X509 *server_cert)
++{
++ validate_result result;
++
++ if ((hostname == NULL) || (server_cert == NULL)) {
++ return false;
++ }
++
++ // First try the Subject Alternative Names extension
++ result = ssl_matches_subject_alternative_name(hostname, server_cert);
++ if (result == NoSANPresent) {
++ // Extension was not found: try the Common Name
++ result = ssl_matches_common_name(hostname, server_cert);
++ }
++
++ return result == MatchFound;
++}
++
++#endif /* HAVE_SSL */
diff --git a/main/ca-certificates/0003-update-ca-insert-newline-between-certs.patch b/main/ca-certificates/0003-update-ca-insert-newline-between-certs.patch
new file mode 100644
index 0000000000..4a945a076b
--- /dev/null
+++ b/main/ca-certificates/0003-update-ca-insert-newline-between-certs.patch
@@ -0,0 +1,38 @@
+From fd399b2416191bd7f3b0f267bdb530ed829de271 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Wed, 5 Feb 2020 17:40:57 +0100
+Subject: [PATCH 3/3] update-ca: insert newline between certs
+
+There may be certificates that lack a trailing newline, which is allowed
+in the certificate format. We work around that by inject a newline after
+each cert.
+
+see https://gitlab.alpinelinux.org/alpine/aports/issues/8379
+---
+ update-ca.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/update-ca.c b/update-ca.c
+index 2b3195b..0260f83 100644
+--- a/update-ca.c
++++ b/update-ca.c
+@@ -191,6 +191,7 @@ static void proc_localglobaldir(const char *fullpath, struct hash *h, int tmpfil
+ fprintf(stderr, "Warning! Cannot hash: %s\n", fullpath);
+ if (!copyfile(fullpath, tmpfile_fd))
+ fprintf(stderr, "Warning! Cannot copy to bundle: %s\n", fullpath);
++ write(tmpfile_fd, "\n", 1);
+ free(actual_file);
+ }
+
+@@ -260,7 +261,7 @@ static bool dir_readfiles(struct hash* d, const char* path,
+ DIR *dp = opendir(path);
+ if (!dp)
+ return false;
+-
++
+ struct dirent *dirp;
+ while ((dirp = readdir(dp)) != NULL) {
+ if (str_begins(dirp->d_name, "."))
+--
+2.25.0
+
diff --git a/main/ca-certificates/APKBUILD b/main/ca-certificates/APKBUILD
index a8a1b5456e..b3d7084abc 100644
--- a/main/ca-certificates/APKBUILD
+++ b/main/ca-certificates/APKBUILD
@@ -2,9 +2,9 @@
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=ca-certificates
-pkgver=20190108
-pkgrel=0
-pkgdesc="Common CA certificates PEM files"
+pkgver=20191127
+pkgrel=2
+pkgdesc="Common CA certificates PEM files from Mozilla"
url="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/"
arch="all"
license="MPL-2.0 GPL-2.0-or-later"
@@ -16,12 +16,16 @@ replaces="libcrypto1.0 openssl openssl1.0"
options="!fhs !check"
triggers="ca-certificates.trigger=/usr/share/ca-certificates:/usr/local/share/ca-certificates:/etc/ssl/certs:/etc/ca-certificates/update.d"
install="$pkgname.post-deinstall"
-source="https://git.alpinelinux.org/ca-certificates/snapshot/ca-certificates-$pkgver.tar.xz"
+source="https://gitlab.alpinelinux.org/alpine/ca-certificates/-/archive/$pkgver/ca-certificates-$pkgver.tar.bz2
+ 0003-update-ca-insert-newline-between-certs.patch
+ "
builddir="$srcdir/ca-certificates-$pkgver"
build() {
cd "$builddir"
make
+ # remove expired cert (https://gitlab.alpinelinux.org/alpine/aports/issues/11607)
+ rm AddTrust_External_Root.crt
}
package() {
@@ -58,4 +62,5 @@ cacert() {
"$subpkgdir"/etc/ssl/cert.pem
}
-sha512sums="7b022c3b3319ac4ebbf13f551626f3d60a5552014d564166165030ee799c2fd470c593fb7171732100089b17ad3d309abc73f2429967222676915cad46f95a8e ca-certificates-20190108.tar.xz"
+sha512sums="05e3a11efd80ea88eb81774e084febe4b8d1fa48f01f49e5ed3d469e10a2769260a264faed42ea3a0b725659cda1cc4a67ce5575fe04cdff9dc1c08207911c9b ca-certificates-20191127.tar.bz2
+051b5d78916ee7389dfbd4e8871aab720415bd6e9ee0313dba770fc40ee7c68ac67d7918f2503458a3218e3bfc10691b5e379b65269106fde02c7e7a36eb7595 0003-update-ca-insert-newline-between-certs.patch"
diff --git a/main/dahdi-linux-vanilla/APKBUILD b/main/dahdi-linux-vanilla/APKBUILD
index 1f21065eb3..b2f9c62789 100644
--- a/main/dahdi-linux-vanilla/APKBUILD
+++ b/main/dahdi-linux-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/main/dbus/APKBUILD b/main/dbus/APKBUILD
index ee9fdc492a..fae169cfda 100644
--- a/main/dbus/APKBUILD
+++ b/main/dbus/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=dbus
pkgver=1.10.28
-pkgrel=0
+pkgrel=1
pkgdesc="Freedesktop.org message bus system"
url="http://www.freedesktop.org/Software/dbus"
pkggroups="messagebus"
@@ -17,12 +17,15 @@ makedepends="$depends_dev expat-dev libx11-dev autoconf automake libtool xmlto
install="$pkgname.pre-install $pkgname.post-install"
source="https://dbus.freedesktop.org/releases/dbus/dbus-$pkgver.tar.gz
fix-int64-print.patch
+ CVE-2020-12049.patch
$pkgname.initd
"
# secfixes:
+# 1.12.28-r1:
+# - CVE-2020-12049
# 1.10.28-r0:
-# - CVE-2019-12749
+# - CVE-2019-12749
prepare() {
default_prepare
@@ -75,4 +78,5 @@ x11() {
sha512sums="d699e5c115dd33c7667c32bf66db0a211e98678ba4b6a155541a705af2819cd45868ca9d33d57a2df7fb1a1ac072e09c8607157a7cd3f8664292c118ae164f61 dbus-1.10.28.tar.gz
5f07d8cb377ab80c927a77236c3f3437f08351161e594c62a1ad43f0324c2dba3cc98d50257ae27b9a4f5148571c5f26f35db8b40f13c72e92f267d5356c87f0 fix-int64-print.patch
+f05e2d14f072da81186e8a70d0895b37ee8f17c566b71865a72419218562e0f08544b7ea04daf6682dec5ff9ebab440c015f57a05abfb93610ec77caf9c2da97 CVE-2020-12049.patch
df74e7d6a4f76f777d356e94bd23422b17656aa51a5b2d3c655fcabb32c84f2f06b9f5cd8827920d51842f89e8c0d968a6e723315e4bf216e55711fcda9b0ee9 dbus.initd"
diff --git a/main/dbus/CVE-2020-12049.patch b/main/dbus/CVE-2020-12049.patch
new file mode 100644
index 0000000000..f1b04b4a65
--- /dev/null
+++ b/main/dbus/CVE-2020-12049.patch
@@ -0,0 +1,103 @@
+This is a combination of
+
+https://gitlab.freedesktop.org/dbus/dbus/-/commit/8bc1381819e5a845331650bfa28dacf6d2ac1748.patch
+https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5.patch
+
+Applied against the 1.10 tree (the commits are for 1.12)
+
+diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
+index b730971..4b0e390 100644
+--- a/dbus/dbus-sysdeps-unix.c
++++ b/dbus/dbus-sysdeps-unix.c
+@@ -432,18 +432,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
+ struct cmsghdr *cm;
+ dbus_bool_t found = FALSE;
+
+- if (m.msg_flags & MSG_CTRUNC)
+- {
+- /* Hmm, apparently the control data was truncated. The bad
+- thing is that we might have completely lost a couple of fds
+- without chance to recover them. Hence let's treat this as a
+- serious error. */
+-
+- errno = ENOSPC;
+- _dbus_string_set_length (buffer, start);
+- return -1;
+- }
+-
+ for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
+ if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
+ {
+@@ -498,6 +486,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
+ if (!found)
+ *n_fds = 0;
+
++ if (m.msg_flags & MSG_CTRUNC)
++ {
++ unsigned int i;
++
++ /* Hmm, apparently the control data was truncated. The bad
++ thing is that we might have completely lost a couple of fds
++ without chance to recover them. Hence let's treat this as a
++ serious error. */
++
++ /* We still need to close whatever fds we *did* receive,
++ * otherwise they'll never get closed. (CVE-2020-12049) */
++ for (i = 0; i < *n_fds; i++)
++ close (fds[i]);
++
++ *n_fds = 0;
++ errno = ENOSPC;
++ _dbus_string_set_length (buffer, start);
++ return -1;
++ }
++
+ /* put length back (doesn't actually realloc) */
+ _dbus_string_set_length (buffer, start + bytes_read);
+
+diff --git a/test/fdpass.c b/test/fdpass.c
+index 665b4a1..d8d9c67 100644
+--- a/test/fdpass.c
++++ b/test/fdpass.c
+@@ -50,6 +50,14 @@
+
+ #include "test-utils-glib.h"
+
++#ifdef DBUS_ENABLE_EMBEDDED_TESTS
++#include <dbus/dbus-message-internal.h>
++#else
++typedef struct _DBusInitialFDs DBusInitialFDs;
++#define _dbus_check_fdleaks_enter() NULL
++#define _dbus_check_fdleaks_leave(fds) do {} while (0)
++#endif
++
+ /* Arbitrary; included here to avoid relying on the default */
+ #define MAX_MESSAGE_UNIX_FDS 20
+ /* This test won't work on Linux unless this is true. */
+@@ -91,6 +99,7 @@ typedef struct {
+ GQueue messages;
+
+ int fd_before;
++ DBusInitialFDs *initial_fds;
+ } Fixture;
+
+ static void oom (const gchar *doing) G_GNUC_NORETURN;
+@@ -172,6 +181,8 @@ test_connect (Fixture *f,
+ {
+ char *address;
+
++ f->initial_fds = _dbus_check_fdleaks_enter ();
++
+ g_assert (f->left_server_conn == NULL);
+ g_assert (f->right_server_conn == NULL);
+
+@@ -835,6 +846,9 @@ teardown (Fixture *f,
+ if (f->fd_before >= 0 && close (f->fd_before) < 0)
+ g_error ("%s", g_strerror (errno));
+ #endif
++
++ if (f->initial_fds != NULL)
++ _dbus_check_fdleaks_leave (f->initial_fds);
+ }
+
+ int
diff --git a/main/devicemaster-linux-vanilla/APKBUILD b/main/devicemaster-linux-vanilla/APKBUILD
index 87a4264943..5bbcf9f019 100644
--- a/main/devicemaster-linux-vanilla/APKBUILD
+++ b/main/devicemaster-linux-vanilla/APKBUILD
@@ -7,7 +7,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/main/dovecot/APKBUILD b/main/dovecot/APKBUILD
index 8203823d11..3d7caebb5a 100644
--- a/main/dovecot/APKBUILD
+++ b/main/dovecot/APKBUILD
@@ -4,10 +4,10 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=dovecot
-pkgver=2.3.7.2
+pkgver=2.3.10.1
_pkgvermajor=2.3
-pkgrel=1
-_pigeonholever=0.5.7.2
+pkgrel=0
+_pigeonholever=0.5.10
_pigeonholevermajor=${_pigeonholever%.*}
pkgdesc="IMAP and POP3 server"
url="https://www.dovecot.org/"
@@ -68,6 +68,12 @@ builddir="$srcdir/$pkgname-$pkgver"
_builddir_pigeonhole="$srcdir/$pkgname-$_pkgvermajor-pigeonhole-$_pigeonholever"
# secfixes:
+# 2.3.10.1-r0:
+# - CVE-2020-10957
+# - CVE-2020-10958
+# - CVE-2020-10967
+# - CVE-2020-7046
+# - CVE-2020-7957
# 2.3.7.2-r0:
# - CVE-2019-11500
# 2.3.6-r0:
@@ -303,8 +309,8 @@ _submv() {
done
}
-sha512sums="172f7f0edb884259e4c050607510aee67a35c3a20b7dd147e7c8a25a04921c18f7d6b5c85af2c69ae8c4d53791550970e471b033dbfae94253e331053b6a317d dovecot-2.3.7.2.tar.gz
-7fc8d89ee31c8e8c16a9aeaeffb591f4188de36fc80e3a30a9ae10bc5acd7ea5d5d91e077fda566e61d588d9221ec53044ce17a9cc0c9c219dbe6824558a1d60 dovecot-2.3-pigeonhole-0.5.7.2.tar.gz
+sha512sums="5c07436a3e861993f241caa2c60f035c533c5fceb5c8540c1717d31bedd54b82299f7ea11bfee12c72d4d33985d93a7130c4f56877864a7ad21cf7373a29cc06 dovecot-2.3.10.1.tar.gz
+f3d380edba4d25d20ee52db21d2965e3a6b229924e9a04fbf45cfe32e1d25448977ee41b12ba41ad8cf8b795f19bb1dbef1d7d09e775598d782123268f61dc8b dovecot-2.3-pigeonhole-0.5.10.tar.gz
fe4fbeaedb377d809f105d9dbaf7c1b961aa99f246b77189a73b491dc1ae0aa9c68678dde90420ec53ec877c08f735b42d23edb13117d7268420e001aa30967a skip-iconv-check.patch
794875dbf0ded1e82c5c3823660cf6996a7920079149cd8eed54231a53580d931b966dfb17185ab65e565e108545ecf6591bae82f935ab1b6ff65bb8ee93d7d5 split-protocols.patch
0d8f89c7ba6f884719b5f9fc89e8b2efbdc3e181de308abf9b1c1b0e42282f4df72c7bf62f574686967c10a8677356560c965713b9d146e2770aab17e95bcc07 default-config.patch
diff --git a/main/drbd9-vanilla/APKBUILD b/main/drbd9-vanilla/APKBUILD
index 02df33e972..ae51e4c86f 100644
--- a/main/drbd9-vanilla/APKBUILD
+++ b/main/drbd9-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kabi="$_kver-$_krel-$_flavor"
_kpkgver="$_kver-r$_krel"
diff --git a/main/dropbear/APKBUILD b/main/dropbear/APKBUILD
index 570be69730..8d0fb472be 100644
--- a/main/dropbear/APKBUILD
+++ b/main/dropbear/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=dropbear
pkgver=2018.76
-pkgrel=2
+pkgrel=3
pkgdesc="small SSH 2 client/server designed for small memory environments"
url="http://matt.ucc.asn.au/dropbear/dropbear.html"
arch="all"
@@ -23,9 +23,12 @@ source="https://matt.ucc.asn.au/dropbear/releases/${pkgname}-${pkgver}.tar.bz2
dropbear-0.53.1-static_build_fix.patch
dropbear-options_sftp-server_path.patch
CVE-2018-15599.patch
+ CVE-2018-20685.patch
"
# secfixes:
+# 2018.76-r3:
+# - CVE-2018-20685
# 2018.76-r2:
# - CVE-2018-15599
@@ -89,4 +92,5 @@ sha512sums="82323279f7e78c366ba1ea07ff242259132b2576122429f54326518dd6092aba8ae5
83f2c1eaf7687917a4b2bae7d599d4378c4bd64f9126ba42fc5d235f2b3c9a474d1b3168d70ed64bb4101cc251d30bc9ae20604da9b5d819fcd635ee4d0ebb0f dropbear.confd
c9b0f28eb9653de21da4e8646fc27870a156112bce3d8a13baa6154ebf4baada3dee4f75bd5fdf5b6cd24a43fb80fb009e917d139d9e65d35118b082de0ebfbf dropbear-0.53.1-static_build_fix.patch
e11456ec3bc7e1265727c8921a6eb6151712a9a498c7768e2d4b7f9043256099457cebf29b2d47dd61eb260746d97f4b19e9429443bda1c3e441ea50ced79b48 dropbear-options_sftp-server_path.patch
-f204c2ee5aea8c0962573c4c49479ac17e9f6a9ab9ce21060a252b449323be841c1e64460f0e191fc72c6e213ffe829544418715d120a8f6c40de7b6374428e0 CVE-2018-15599.patch"
+f204c2ee5aea8c0962573c4c49479ac17e9f6a9ab9ce21060a252b449323be841c1e64460f0e191fc72c6e213ffe829544418715d120a8f6c40de7b6374428e0 CVE-2018-15599.patch
+6f17cf2b344b97457d2e0c1588fd285fac9757aa5e46aa2c103783978cc5fd9f7085aba36e7409270380d1250a277b43b0f5ff860d157148c6c28a0bbcbdce4c CVE-2018-20685.patch"
diff --git a/main/dropbear/CVE-2018-20685.patch b/main/dropbear/CVE-2018-20685.patch
new file mode 100644
index 0000000000..a8ea2af85b
--- /dev/null
+++ b/main/dropbear/CVE-2018-20685.patch
@@ -0,0 +1,23 @@
+From 8f8a3dff705fad774a10864a2e3dbcfa9779ceff Mon Sep 17 00:00:00 2001
+From: Haelwenn Monnier <contact+github.com@hacktivis.me>
+Date: Mon, 25 May 2020 14:54:29 +0200
+Subject: [PATCH] scp.c: Port OpenSSH CVE-2018-20685 fix (#80)
+
+---
+ scp.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/scp.c b/scp.c
+index 742ae00f..7b8e7d22 100644
+--- a/scp.c
++++ b/scp.c
+@@ -935,7 +935,8 @@ sink(int argc, char **argv)
+ size = size * 10 + (*cp++ - '0');
+ if (*cp++ != ' ')
+ SCREWUP("size not delimited");
+- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
++ if (*cp == '\0' || strchr(cp, '/') != NULL ||
++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
+ run_err("error: unexpected filename: %s", cp);
+ exit(1);
+ } \ No newline at end of file
diff --git a/main/gd/APKBUILD b/main/gd/APKBUILD
index 9a5ffe91c0..a8abc50656 100644
--- a/main/gd/APKBUILD
+++ b/main/gd/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=gd
pkgver=2.2.5
-pkgrel=3
+pkgrel=4
_pkgreal=lib$pkgname
pkgdesc="Library for the dynamic creation of images by programmers"
url="https://libgd.github.io/"
@@ -13,7 +13,9 @@ makedepends="bash libpng-dev libjpeg-turbo-dev libwebp-dev freetype-dev zlib-dev
subpackages="$pkgname-dev $_pkgreal:libs"
source="https://github.com/$_pkgreal/$_pkgreal/releases/download/$pkgname-$pkgver/$_pkgreal-$pkgver.tar.xz
CVE-2018-1000222.patch
+ CVE-2018-14553.patch
CVE-2018-5711.patch
+ CVE-2019-11038.patch
CVE-2019-6977.patch
CVE-2019-6978.patch
"
@@ -23,12 +25,15 @@ case "$CARCH" in
esac
# secfixes:
+# 2.2.5-r3:
+# - CVE-2018-14553
+# - CVE-2019-11038
# 2.2.5-r2:
-# - CVE-2018-5711
-# - CVE-2019-6977
-# - CVE-2019-6978
+# - CVE-2018-5711
+# - CVE-2019-6977
+# - CVE-2019-6978
# 2.2.5-r1:
-# - CVE-2018-1000222
+# - CVE-2018-1000222
build() {
cd "$builddir"
@@ -62,6 +67,8 @@ dev() {
sha512sums="e4598e17a277a75e02255402182cab139cb3f2cffcd68ec05cc10bbeaf6bc7aa39162c3445cd4a7efc1a26b72b9152bbedb187351e3ed099ea51767319997a6b libgd-2.2.5.tar.xz
d12462f1b159d50b9032435e9767a5d76e1797a88be950ed33dda7aa17005b7cb60560d04b9520e46d8111e1669d42ce28cb2c508f9c8825d545ac0335d2a10b CVE-2018-1000222.patch
+9bf1677d69d04f41eba48b48e853ad706f3097edb1a96c3b681b516708be0ba199c463e7b3e44f52921e14028a7c4d74977d66e7f456b9f96d935ce9db342c0e CVE-2018-14553.patch
b23929f10ad75fa97d2ff797ef44d185cfe6de4f26b649e8e507b6fc41ebdb527ab4633d10df955c92d677428d9ed1707d9997954a1bcfb0070995191211d886 CVE-2018-5711.patch
+a56397fb310c94d4dc9c565dcec17ffd7411e1957ba45f1093e9fffad74192c244b1ef4f9d954c052f589fd5b4d1cc37ca5d53d8db569cee09a7bdc38bfc4eaf CVE-2019-11038.patch
5214ac4148c618f3fef3bb3b6675e41a76e31465cd8dac326ee99dc1ae4cfe760749997d2941743efa48e79b8dbdb536d6b6d79d9bc4e5363f2c50da52ab5cac CVE-2019-6977.patch
2f70f041b531a23d0bac5c5370a3fb135ca8facaa7baf1554baf35135cc9c6e21de9c09400d939e133ad090b9aa23fa901ea7b5cd9ea20d11edc38257601eb97 CVE-2019-6978.patch"
diff --git a/main/gd/CVE-2018-14553.patch b/main/gd/CVE-2018-14553.patch
new file mode 100644
index 0000000000..816bd9ccc9
--- /dev/null
+++ b/main/gd/CVE-2018-14553.patch
@@ -0,0 +1,32 @@
+From a93eac0e843148dc2d631c3ba80af17e9c8c860f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?F=C3=A1bio=20Cabral=20Pacheco?= <fcabralpacheco@gmail.com>
+Date: Fri, 20 Dec 2019 12:03:33 -0300
+Subject: [PATCH] Fix potential NULL pointer dereference in gdImageClone()
+
+diff --git a/src/gd.c b/src/gd.c
+index 592a0286..d564d1f9 100644
+--- a/src/gd.c
++++ b/src/gd.c
+@@ -2865,14 +2865,6 @@ BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
+ }
+ }
+
+- if (src->styleLength > 0) {
+- dst->styleLength = src->styleLength;
+- dst->stylePos = src->stylePos;
+- for (i = 0; i < src->styleLength; i++) {
+- dst->style[i] = src->style[i];
+- }
+- }
+-
+ dst->interlace = src->interlace;
+
+ dst->alphaBlendingFlag = src->alphaBlendingFlag;
+@@ -2907,6 +2899,7 @@ BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
+
+ if (src->style) {
+ gdImageSetStyle(dst, src->style, src->styleLength);
++ dst->stylePos = src->stylePos;
+ }
+
+ for (i = 0; i < gdMaxColors; i++) {
diff --git a/main/gd/CVE-2019-11038.patch b/main/gd/CVE-2019-11038.patch
new file mode 100644
index 0000000000..1ccb9c1c15
--- /dev/null
+++ b/main/gd/CVE-2019-11038.patch
@@ -0,0 +1,36 @@
+From e13a342c079aeb73e31dfa19eaca119761bac3f3 Mon Sep 17 00:00:00 2001
+From: Jonas Meurer <jonas@freesources.org>
+Date: Tue, 11 Jun 2019 12:16:46 +0200
+Subject: [PATCH] Fix #501: Uninitialized read in gdImageCreateFromXbm
+ (CVE-2019-11038)
+
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-11038
+Bug-Debian: https://bugs.debian.org/929821
+Bug: https://github.com/libgd/libgd/issues/501
+
+We have to ensure that `sscanf()` does indeed read a hex value here,
+and bail out otherwise.
+
+Original patch by Christoph M. Becker <cmbecker69@gmx.de> for PHP libgd ext.
+https://git.php.net/?p=php-src.git;a=commit;h=ed6dee9a198c904ad5e03113e58a2d2c200f5184
+---
+ src/gd_xbm.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/gd_xbm.c b/src/gd_xbm.c
+index 4ca41acf..cf0545ef 100644
+--- a/src/gd_xbm.c
++++ b/src/gd_xbm.c
+@@ -169,7 +169,11 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXbm(FILE * fd)
+ }
+ h[3] = ch;
+ }
+- sscanf(h, "%x", &b);
++ if (sscanf(h, "%x", &b) != 1) {
++ gd_error("invalid XBM");
++ gdImageDestroy(im);
++ return 0;
++ }
+ for (bit = 1; bit <= max_bit; bit = bit << 1) {
+ gdImageSetPixel(im, x++, y, (b & bit) ? 1 : 0);
+ if (x == im->sx) {
diff --git a/main/git/APKBUILD b/main/git/APKBUILD
index 1afbb4ff75..1d002fc278 100644
--- a/main/git/APKBUILD
+++ b/main/git/APKBUILD
@@ -2,27 +2,31 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
-# 2.20.2:
-# - CVE-2019-1348
-# - CVE-2019-1349
-# - CVE-2019-1350
-# - CVE-2019-1351
-# - CVE-2019-1352
-# - CVE-2019-1353
-# - CVE-2019-1354
-# - CVE-2019-1387
-# 2.19.1:
-# - CVE-2018-17456
-# 2.17.1:
-# - CVE-2018-11233
-# - CVE-2018-11235
-# 2.14.1:
-# - CVE-2017-1000117
+# 2.20.4-r0:
+# - CVE-2020-11008
+# 2.20.3-r0:
+# - CVE-2020-5260
+# 2.20.2-r0:
+# - CVE-2019-1348
+# - CVE-2019-1349
+# - CVE-2019-1350
+# - CVE-2019-1351
+# - CVE-2019-1352
+# - CVE-2019-1353
+# - CVE-2019-1354
+# - CVE-2019-1387
+# 2.19.1-r0:
+# - CVE-2018-17456
+# 2.17.1-r0:
+# - CVE-2018-11233
+# - CVE-2018-11235
+# 2.14.1-r0:
+# - CVE-2017-1000117
pkgname=git
-pkgver=2.20.2
+pkgver=2.20.4
pkgrel=0
pkgdesc="Distributed version control system"
-url="https://www.git-scm.com"
+url="https://www.git-scm.com/"
arch="all"
license="GPL-2.0-or-later"
depends=""
@@ -275,7 +279,7 @@ _perl_config() {
perl -e "use Config; print \$Config{$1};"
}
-sha512sums="9c267d17fa73a81339d6d20ccc42cea70607aab759eee21aa58a4690cbb0987f7bf50a617a0831273b5de8ca8604d6d86c2fb780510702e710aae72e20bb2ff7 git-2.20.2.tar.xz
+sha512sums="271d0c238cb892ecef542e56ccbfc50cbc2bade12f4771f7aa1bacecfbcd15d116bd20986861101545be985aca3a45bc49fb63742ac48cac463e3564b243da08 git-2.20.4.tar.xz
85767b5e03137008d6a96199e769e3979f75d83603ac8cb13a3481a915005637409a4fd94e0720da2ec6cd1124f35eba7cf20109a94816c4b4898a81fbc46bd2 bb-tar.patch
89528cdd14c51fd568aa61cf6c5eae08ea0844e59f9af9292da5fc6c268261f4166017d002d494400945e248df6b844e2f9f9cd2d9345d516983f5a110e4c42a git-daemon.initd
fbf1f425206a76e2a8f82342537ed939ff7e623d644c086ca2ced5f69b36734695f9f80ebda1728f75a94d6cd2fcb71bf845b64239368caab418e4d368c141ec git-daemon.confd"
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index 60134bef8a..e4dc31b208 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -2,8 +2,8 @@
# Contributor: Michael Mason <ms13sp@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
-pkgver=3.6.7
-pkgrel=1
+pkgver=3.6.14
+pkgrel=0
pkgdesc="A TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
@@ -17,13 +17,13 @@ case $pkgver in
*.*.*.*) _v=${_v%.*};;
esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
- GNUTLS-SA-2020-03-31.patch
- tests-date-compat.patch
"
# secfixes:
+# 3.6.14-r0:
+# - CVE-2020-13777 GNUTLS-SA-2020-06-03
# 3.6.7-r1:
-# - GNUTLS-SA-2020-03-31
+# - CVE-2020-11501 GNUTLS-SA-2020-03-31
# 3.6.7-r0:
# - CVE-2019-3836
# - CVE-2019-3829
@@ -67,6 +67,4 @@ xx() {
mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}
-sha512sums="ae9b8996eb9b7269d28213f0aca3a4a17890ba8d47e3dc3b8e754ab8e2b4251e9412aaaa161a8bf56167f04cc169b4cada46f55a7bde92b955eb36cd717a99f3 gnutls-3.6.7.tar.xz
-b9aefaca8a894b223b8bcc738524602e36edf6a49f458606235598470033c81b02e876bec18a41ac57760cb9644d44b4c35969be74d4a8120245fff716429531 tests-date-compat.patch
-abda4eb55aaca6aa841be7fcee9827b7f018d7311177dcaab76b5e3fed8b90baa18a4d7a3876de15a174472716f9c1ebcba3379ec8f4bef5a71f19516b577622 GNUTLS-SA-2020-03-31.patch"
+sha512sums="b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604 gnutls-3.6.14.tar.xz"
diff --git a/main/gnutls/GNUTLS-SA-2020-03-31.patch b/main/gnutls/GNUTLS-SA-2020-03-31.patch
deleted file mode 100644
index e9554e2ea8..0000000000
--- a/main/gnutls/GNUTLS-SA-2020-03-31.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From c01011c2d8533dbbbe754e49e256c109cb848d0d Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Stefan=20B=C3=BChler?= <stbuehler@web.de>
-Date: Fri, 27 Mar 2020 17:17:57 +0100
-Subject: [PATCH] dtls client hello: fix zeroed random (fixes #960)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This broke with bcf4de03 "handshake: treat reply to HRR as a reply to
-hello verify request", which failed to "De Morgan" properly.
-
-Signed-off-by: Stefan Bühler <stbuehler@web.de>
----
- lib/handshake.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/handshake.c b/lib/handshake.c
-index 5739df213e..84a0e52101 100644
---- a/lib/handshake.c
-+++ b/lib/handshake.c
-@@ -2167,7 +2167,7 @@ static int send_client_hello(gnutls_session_t session, int again)
- /* Generate random data
- */
- if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) &&
-- !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) {
-+ !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) {
- ret = _gnutls_gen_client_random(session);
- if (ret < 0) {
- gnutls_assert();
---
-2.24.1
-
-
diff --git a/main/gnutls/tests-date-compat.patch b/main/gnutls/tests-date-compat.patch
deleted file mode 100644
index 82e3314d29..0000000000
--- a/main/gnutls/tests-date-compat.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-Busybox date does not support %N, this is GNU extension.
---- a/tests/scripts/common.sh
-+++ b/tests/scripts/common.sh
-@@ -61,7 +61,7 @@
- # Find a port number not currently in use.
- GETPORT='rc=0; unset myrandom
- if test -n "$RANDOM"; then myrandom=$(($RANDOM + $RANDOM)); fi
-- if test -z "$myrandom"; then myrandom=$(date +%N | sed s/^0*//); fi
-+ if test -z "$myrandom"; then myrandom=$(date +%s | sed s/^0*//); fi
- if test -z "$myrandom"; then myrandom=0; fi
- while test $rc = 0;do
- PORT="$(((($$<<15)|$myrandom) % 63001 + 2000))"
diff --git a/main/haproxy/APKBUILD b/main/haproxy/APKBUILD
index b390167f6a..01998b6f23 100644
--- a/main/haproxy/APKBUILD
+++ b/main/haproxy/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=haproxy
-pkgver=1.8.23
+pkgver=1.8.25
_pkgmajorver=${pkgver%.*}
pkgrel=0
pkgdesc="A TCP/HTTP reverse proxy for high availability environments"
@@ -21,7 +21,9 @@ source="http://haproxy.1wt.eu/download/${_pkgmajorver}/src/$pkgname-$pkgver.tar.
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
-# 1.8.23:
+# 1.8.25-r0:
+# - CVE-2020-11100
+# 1.8.23-r0:
# - CVE-2019-19330
build() {
@@ -54,6 +56,6 @@ package() {
"$pkgdir"/etc/haproxy/haproxy.cfg
}
-sha512sums="bfd65179345285f6f4581a7dce42e638b89e12717d4cb9218afa085759161e04b6c78307d04265a6c97cd484b67949781639da5236edb89137585c625130be4f haproxy-1.8.23.tar.gz
+sha512sums="655eb4056989a3fee321ea9278a2085b0a999e522293f1f6229ebb8d17f3d33cb78abb4fd55a06d0218082e632b2d42de105575d0acd0c1b49996d4b45aa78e8 haproxy-1.8.25.tar.gz
3ab277bf77fe864ec6c927118dcd70bdec0eb3c54535812d1c3c0995fa66a3ea91a73c342edeb8944caeb097d2dd1a7761099182df44af5e3ef42de6e2176d26 haproxy.initd
26bc8f8ac504fcbaec113ecbb9bb59b9da47dc8834779ebbb2870a8cadf2ee7561b3a811f01e619358a98c6c7768e8fdd90ab447098c05b82e788c8212c4c41f haproxy.cfg"
diff --git a/main/hostapd/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch b/main/hostapd/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
new file mode 100644
index 0000000000..0aa8a5ea1d
--- /dev/null
+++ b/main/hostapd/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
@@ -0,0 +1,150 @@
+From 5b78c8f961f25f4dc22d6f2b77ddd06d712cec63 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Wed, 3 Jun 2020 23:17:35 +0300
+Subject: [PATCH 1/3] WPS UPnP: Do not allow event subscriptions with URLs to
+ other networks
+
+The UPnP Device Architecture 2.0 specification errata ("UDA errata
+16-04-2020.docx") addresses a problem with notifications being allowed
+to go out to other domains by disallowing such cases. Do such filtering
+for the notification callback URLs to avoid undesired connections to
+external networks based on subscriptions that any device in the local
+network could request when WPS support for external registrars is
+enabled (the upnp_iface parameter in hostapd configuration).
+
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/wps/wps_er.c | 2 +-
+ src/wps/wps_upnp.c | 38 ++++++++++++++++++++++++++++++++++++--
+ src/wps/wps_upnp_i.h | 3 ++-
+ 3 files changed, 39 insertions(+), 4 deletions(-)
+
+diff --git a/src/wps/wps_er.c b/src/wps/wps_er.c
+index 6bded14327f8..31d2e50e4cff 100644
+--- a/src/wps/wps_er.c
++++ b/src/wps/wps_er.c
+@@ -1298,7 +1298,7 @@ wps_er_init(struct wps_context *wps, const char *ifname, const char *filter)
+ "with %s", filter);
+ }
+ if (get_netif_info(er->ifname, &er->ip_addr, &er->ip_addr_text,
+- er->mac_addr)) {
++ NULL, er->mac_addr)) {
+ wpa_printf(MSG_INFO, "WPS UPnP: Could not get IP/MAC address "
+ "for %s. Does it have IP address?", er->ifname);
+ wps_er_deinit(er, NULL, NULL);
+diff --git a/src/wps/wps_upnp.c b/src/wps/wps_upnp.c
+index 6e10e4bc0c3f..7d4b7439940e 100644
+--- a/src/wps/wps_upnp.c
++++ b/src/wps/wps_upnp.c
+@@ -303,6 +303,14 @@ static void subscr_addr_free_all(struct subscription *s)
+ }
+
+
++static int local_network_addr(struct upnp_wps_device_sm *sm,
++ struct sockaddr_in *addr)
++{
++ return (addr->sin_addr.s_addr & sm->netmask.s_addr) ==
++ (sm->ip_addr & sm->netmask.s_addr);
++}
++
++
+ /* subscr_addr_add_url -- add address(es) for one url to subscription */
+ static void subscr_addr_add_url(struct subscription *s, const char *url,
+ size_t url_len)
+@@ -381,6 +389,7 @@ static void subscr_addr_add_url(struct subscription *s, const char *url,
+
+ for (rp = result; rp; rp = rp->ai_next) {
+ struct subscr_addr *a;
++ struct sockaddr_in *addr = (struct sockaddr_in *) rp->ai_addr;
+
+ /* Limit no. of address to avoid denial of service attack */
+ if (dl_list_len(&s->addr_list) >= MAX_ADDR_PER_SUBSCRIPTION) {
+@@ -389,6 +398,13 @@ static void subscr_addr_add_url(struct subscription *s, const char *url,
+ break;
+ }
+
++ if (!local_network_addr(s->sm, addr)) {
++ wpa_printf(MSG_INFO,
++ "WPS UPnP: Ignore a delivery URL that points to another network %s",
++ inet_ntoa(addr->sin_addr));
++ continue;
++ }
++
+ a = os_zalloc(sizeof(*a) + alloc_len);
+ if (a == NULL)
+ break;
+@@ -890,11 +906,12 @@ static int eth_get(const char *device, u8 ea[ETH_ALEN])
+ * @net_if: Selected network interface name
+ * @ip_addr: Buffer for returning IP address in network byte order
+ * @ip_addr_text: Buffer for returning a pointer to allocated IP address text
++ * @netmask: Buffer for returning netmask or %NULL if not needed
+ * @mac: Buffer for returning MAC address
+ * Returns: 0 on success, -1 on failure
+ */
+ int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
+- u8 mac[ETH_ALEN])
++ struct in_addr *netmask, u8 mac[ETH_ALEN])
+ {
+ struct ifreq req;
+ int sock = -1;
+@@ -920,6 +937,19 @@ int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
+ in_addr.s_addr = *ip_addr;
+ os_snprintf(*ip_addr_text, 16, "%s", inet_ntoa(in_addr));
+
++ if (netmask) {
++ os_memset(&req, 0, sizeof(req));
++ os_strlcpy(req.ifr_name, net_if, sizeof(req.ifr_name));
++ if (ioctl(sock, SIOCGIFNETMASK, &req) < 0) {
++ wpa_printf(MSG_ERROR,
++ "WPS UPnP: SIOCGIFNETMASK failed: %d (%s)",
++ errno, strerror(errno));
++ goto fail;
++ }
++ addr = (struct sockaddr_in *) &req.ifr_netmask;
++ netmask->s_addr = addr->sin_addr.s_addr;
++ }
++
+ #ifdef __linux__
+ os_strlcpy(req.ifr_name, net_if, sizeof(req.ifr_name));
+ if (ioctl(sock, SIOCGIFHWADDR, &req) < 0) {
+@@ -1026,11 +1056,15 @@ static int upnp_wps_device_start(struct upnp_wps_device_sm *sm, char *net_if)
+
+ /* Determine which IP and mac address we're using */
+ if (get_netif_info(net_if, &sm->ip_addr, &sm->ip_addr_text,
+- sm->mac_addr)) {
++ &sm->netmask, sm->mac_addr)) {
+ wpa_printf(MSG_INFO, "WPS UPnP: Could not get IP/MAC address "
+ "for %s. Does it have IP address?", net_if);
+ goto fail;
+ }
++ wpa_printf(MSG_DEBUG, "WPS UPnP: Local IP address %s netmask %s hwaddr "
++ MACSTR,
++ sm->ip_addr_text, inet_ntoa(sm->netmask),
++ MAC2STR(sm->mac_addr));
+
+ /* Listen for incoming TCP connections so that others
+ * can fetch our "xml files" from us.
+diff --git a/src/wps/wps_upnp_i.h b/src/wps/wps_upnp_i.h
+index e87a93232df1..6ead7b4e9a30 100644
+--- a/src/wps/wps_upnp_i.h
++++ b/src/wps/wps_upnp_i.h
+@@ -128,6 +128,7 @@ struct upnp_wps_device_sm {
+ u8 mac_addr[ETH_ALEN]; /* mac addr of network i.f. we use */
+ char *ip_addr_text; /* IP address of network i.f. we use */
+ unsigned ip_addr; /* IP address of network i.f. we use (host order) */
++ struct in_addr netmask;
+ int multicast_sd; /* send multicast messages over this socket */
+ int ssdp_sd; /* receive discovery UPD packets on socket */
+ int ssdp_sd_registered; /* nonzero if we must unregister */
+@@ -158,7 +159,7 @@ struct subscription * subscription_find(struct upnp_wps_device_sm *sm,
+ const u8 uuid[UUID_LEN]);
+ void subscr_addr_delete(struct subscr_addr *a);
+ int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
+- u8 mac[ETH_ALEN]);
++ struct in_addr *netmask, u8 mac[ETH_ALEN]);
+
+ /* wps_upnp_ssdp.c */
+ void msearchreply_state_machine_stop(struct advertisement_state_machine *a);
+--
+2.20.1
+
diff --git a/main/hostapd/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch b/main/hostapd/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
new file mode 100644
index 0000000000..c7a449e0b5
--- /dev/null
+++ b/main/hostapd/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
@@ -0,0 +1,59 @@
+From f7d268864a2660b7239b9a8ff5ad37faeeb751ba Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Wed, 3 Jun 2020 22:41:02 +0300
+Subject: [PATCH 2/3] WPS UPnP: Fix event message generation using a long URL
+ path
+
+More than about 700 character URL ended up overflowing the wpabuf used
+for building the event notification and this resulted in the wpabuf
+buffer overflow checks terminating the hostapd process. Fix this by
+allocating the buffer to be large enough to contain the full URL path.
+However, since that around 700 character limit has been the practical
+limit for more than ten years, start explicitly enforcing that as the
+limit or the callback URLs since any longer ones had not worked before
+and there is no need to enable them now either.
+
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/wps/wps_upnp.c | 9 +++++++--
+ src/wps/wps_upnp_event.c | 3 ++-
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/src/wps/wps_upnp.c b/src/wps/wps_upnp.c
+index 7d4b7439940e..ab685d52ecab 100644
+--- a/src/wps/wps_upnp.c
++++ b/src/wps/wps_upnp.c
+@@ -328,9 +328,14 @@ static void subscr_addr_add_url(struct subscription *s, const char *url,
+ int rerr;
+ size_t host_len, path_len;
+
+- /* url MUST begin with http: */
+- if (url_len < 7 || os_strncasecmp(url, "http://", 7))
++ /* URL MUST begin with HTTP scheme. In addition, limit the length of
++ * the URL to 700 characters which is around the limit that was
++ * implicitly enforced for more than 10 years due to a bug in
++ * generating the event messages. */
++ if (url_len < 7 || os_strncasecmp(url, "http://", 7) || url_len > 700) {
++ wpa_printf(MSG_DEBUG, "WPS UPnP: Reject an unacceptable URL");
+ goto fail;
++ }
+ url += 7;
+ url_len -= 7;
+
+diff --git a/src/wps/wps_upnp_event.c b/src/wps/wps_upnp_event.c
+index d7e6edcc6503..08a23612f338 100644
+--- a/src/wps/wps_upnp_event.c
++++ b/src/wps/wps_upnp_event.c
+@@ -147,7 +147,8 @@ static struct wpabuf * event_build_message(struct wps_event_ *e)
+ struct wpabuf *buf;
+ char *b;
+
+- buf = wpabuf_alloc(1000 + wpabuf_len(e->data));
++ buf = wpabuf_alloc(1000 + os_strlen(e->addr->path) +
++ wpabuf_len(e->data));
+ if (buf == NULL)
+ return NULL;
+ wpabuf_printf(buf, "NOTIFY %s HTTP/1.1\r\n", e->addr->path);
+--
+2.20.1
+
diff --git a/main/hostapd/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch b/main/hostapd/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
new file mode 100644
index 0000000000..9d0376043d
--- /dev/null
+++ b/main/hostapd/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
@@ -0,0 +1,47 @@
+From 85aac526af8612c21b3117dadc8ef5944985b476 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Thu, 4 Jun 2020 21:24:04 +0300
+Subject: [PATCH 3/3] WPS UPnP: Handle HTTP initiation failures for events more
+ properly
+
+While it is appropriate to try to retransmit the event to another
+callback URL on a failure to initiate the HTTP client connection, there
+is no point in trying the exact same operation multiple times in a row.
+Replve the event_retry() calls with event_addr_failure() for these cases
+to avoid busy loops trying to repeat the same failing operation.
+
+These potential busy loops would go through eloop callbacks, so the
+process is not completely stuck on handling them, but unnecessary CPU
+would be used to process the continues retries that will keep failing
+for the same reason.
+
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/wps/wps_upnp_event.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/wps/wps_upnp_event.c b/src/wps/wps_upnp_event.c
+index 08a23612f338..c0d9e41d9a38 100644
+--- a/src/wps/wps_upnp_event.c
++++ b/src/wps/wps_upnp_event.c
+@@ -294,7 +294,7 @@ static int event_send_start(struct subscription *s)
+
+ buf = event_build_message(e);
+ if (buf == NULL) {
+- event_retry(e, 0);
++ event_addr_failure(e);
+ return -1;
+ }
+
+@@ -302,7 +302,7 @@ static int event_send_start(struct subscription *s)
+ event_http_cb, e);
+ if (e->http_event == NULL) {
+ wpabuf_free(buf);
+- event_retry(e, 0);
++ event_addr_failure(e);
+ return -1;
+ }
+
+--
+2.20.1
+
diff --git a/main/hostapd/APKBUILD b/main/hostapd/APKBUILD
index 2ac593fbec..48bbef8892 100644
--- a/main/hostapd/APKBUILD
+++ b/main/hostapd/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=hostapd
pkgver=2.7
-pkgrel=5
+pkgrel=6
pkgdesc="daemon for wireless software access points"
url="http://hostap.epitest.fi/hostapd/"
arch="all"
@@ -36,15 +36,21 @@ patches="CVE-2012-4445.patch
0024-SAE-Reject-unsuitable-groups-based-on-REVmd-changes.patch
0025-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
CVE-2019-16275.patch
- "
-source="http://hostap.epitest.fi/releases/$pkgname-$pkgver.tar.gz
+ 0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
+ 0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
+ 0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
+"
+source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz
$patches
$pkgname.initd
- $pkgname.confd"
+ $pkgname.confd
+ "
options="!check" #no testsuite
builddir="$srcdir"/$pkgname-$pkgver/hostapd
# secfixes:
+# 2.7-r6:
+# - CVE-2020-12695
# 2.7-r5:
# - CVE-2019-16275
# 2.7-r4:
@@ -69,10 +75,14 @@ builddir="$srcdir"/$pkgname-$pkgver/hostapd
prepare() {
local conf="$builddir/.config"
+ # This is required because our builddir is the hostapd/ directory
+ # inside the extracted archive, while patches mostly apply against
+ # the src/ directory that is in the same directory as the hostapd/
+ # one is
cd "$builddir"/..
- for i in $patches; do
- msg $i
- patch -p1 -i "$srcdir"/$i
+ for i in "$srcdir"/*.patch; do
+ msg "Applying $i..."
+ patch -p1 -i $i
done
cd "$builddir"
@@ -153,5 +163,8 @@ bcae73930c35d441c5615970c305abb3dff293fdec16df50823e57419b22d1aac0e780970619e0c7
da5f4248a0173cd7d07972b760631a8dc26f258e7b5be059c0d7de26e17f668945a62d2afce01ed1a1e9df6c55f9fd6ee344d4f006f5564b90a25e90e1e7c704 0024-SAE-Reject-unsuitable-groups-based-on-REVmd-changes.patch
4734a8ab8ba1e91fc9e3d729f34527c14c291df238b02adea5acc04b0361b41d4bffca2fb13a4f464e9f007fa624117af4f50d755cb41a3129b4868da91bdf9a 0025-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38 CVE-2019-16275.patch
+b76bbca282a74ef16c0303e5dbd2ccd33a62461595964d52c1481b0bfa4f41deacde56830b85409b288803b87ceb6f33cf0ccc69c5b17ec632c2d4784b872f3c 0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
+00cc739e78c42353a555c0de2f29defecff372927040e14407a231d1ead7ff32a37c9fd46bea7cdf1c24e3ac891bc3d483800d44fc6d2c8a12d2ae886523b12c 0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
+69243af20cdcfa837c51917a3723779f4825e11436fb83311355b4ffe8f7a4b7a5747a976f7bf923038c410c9e9055b13b866d9a396913ad08bdec3a70e9f6e0 0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
b54b7c6aa17e5cb86a9b354a516eb2dbefb544df18471339c61d82776de447011a2ac290bea1e6c8beae4b6cebefafb8174683ea42fb773e9e8fe6c679f33ba3 hostapd.initd
0882263bbd7c0b05bf51f51d66e11a23a0b8ca7da2a3b8a30166d2c5f044c0c134e6bccb1d02c9e81819ca8fb0c0fb55c7121a08fe7233ccaa73ff8ab9a238fe hostapd.confd"
diff --git a/main/iproute2/APKBUILD b/main/iproute2/APKBUILD
index a2c79c9a19..740763a72d 100644
--- a/main/iproute2/APKBUILD
+++ b/main/iproute2/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=iproute2
pkgver=4.19.0
-pkgrel=0
+pkgrel=1
pkgdesc="IP Routing Utilities"
url="https://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2"
arch="all"
@@ -11,9 +11,15 @@ install="$pkgname.post-install"
makedepends="bison flex bash iptables-dev libelf-dev"
subpackages="$pkgname-doc $pkgname-bash-completion:bashcomp:noarch"
source="https://kernel.org/pub/linux/utils/net/iproute2/iproute2-$pkgver.tar.xz
- fix-install-errors.patch"
+ fix-install-errors.patch
+ CVE-2019-20795.patch
+ "
builddir="$srcdir"/$pkgname-$pkgver
+# secfixes:
+# 4.19.0-r1:
+# - CVE-2019-20795
+
prepare() {
default_prepare
cd "$builddir"
@@ -54,4 +60,5 @@ bashcomp() {
}
sha512sums="47c750da2247705b1b1d1621f58987333e54370d0fff2f24106194022de793ff35dfd67fd1be127ce019008705702092d31dac49abf930a7c0dc5c7e7c0665b8 iproute2-4.19.0.tar.xz
-24fc2a901650e11f80bcaa82c839e70c21aafdf3c5b8a357d932d066a0b98ae2ec8379fc17a0a16a1b5b4fa5edc131179c10fc02e55d6101701df5a09966912c fix-install-errors.patch"
+24fc2a901650e11f80bcaa82c839e70c21aafdf3c5b8a357d932d066a0b98ae2ec8379fc17a0a16a1b5b4fa5edc131179c10fc02e55d6101701df5a09966912c fix-install-errors.patch
+a9f7685dc50495e338fcfce31fc097c220227e78158e16845ed9341d96ba82f34d2778e6268ed7ad795d0bde7293b63d19b3066d37f37dde9112277e61a4e9ac CVE-2019-20795.patch"
diff --git a/main/iproute2/CVE-2019-20795.patch b/main/iproute2/CVE-2019-20795.patch
new file mode 100644
index 0000000000..bc50bee091
--- /dev/null
+++ b/main/iproute2/CVE-2019-20795.patch
@@ -0,0 +1,42 @@
+diff --git a/ip/ipnetns.c b/ip/ipnetns.c
+index 03879b4..18d6e26 100644
+--- a/ip/ipnetns.c
++++ b/ip/ipnetns.c
+@@ -106,7 +106,7 @@ int get_netnsid_from_name(const char *name)
+ struct nlmsghdr *answer;
+ struct rtattr *tb[NETNSA_MAX + 1];
+ struct rtgenmsg *rthdr;
+- int len, fd;
++ int len, fd, ret = -1;
+
+ netns_nsid_socket_init();
+
+@@ -123,23 +123,22 @@ int get_netnsid_from_name(const char *name)
+
+ /* Validate message and parse attributes */
+ if (answer->nlmsg_type == NLMSG_ERROR)
+- goto err_out;
++ goto out;
+
+ rthdr = NLMSG_DATA(answer);
+ len = answer->nlmsg_len - NLMSG_SPACE(sizeof(*rthdr));
+ if (len < 0)
+- goto err_out;
++ goto out;
+
+ parse_rtattr(tb, NETNSA_MAX, NETNS_RTA(rthdr), len);
+
+ if (tb[NETNSA_NSID]) {
+- free(answer);
+- return rta_getattr_u32(tb[NETNSA_NSID]);
++ ret = rta_getattr_u32(tb[NETNSA_NSID]);
+ }
+
+-err_out:
++out:
+ free(answer);
+- return -1;
++ return ret;
+ }
+
+ struct nsid_cache {
diff --git a/main/json-c/APKBUILD b/main/json-c/APKBUILD
index de361f308c..365b0ad323 100644
--- a/main/json-c/APKBUILD
+++ b/main/json-c/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=json-c
pkgver=0.13.1
-pkgrel=0
+pkgrel=1
pkgdesc="A JSON implementation in C"
url="https://github.com/json-c/json-c/wiki"
arch="all"
@@ -12,9 +12,15 @@ makedepends="$depends_dev autoconf automake libtool"
install=""
subpackages="$pkgname-static $pkgname-dev"
source="https://s3.amazonaws.com/${pkgname}_releases/releases/$pkgname-${pkgver}.tar.gz
+ CVE-2020-12762.patch::https://github.com/json-c/json-c/pull/607.patch
"
builddir="$srcdir"/json-c-$pkgver
+
+# secfixes:
+# 0.13.1-r1:
+# - CVE-2020-12762
+
prepare() {
cd "$builddir"
default_prepare
@@ -53,4 +59,5 @@ static() {
mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/
}
-sha512sums="e984db2a42b9c95b52c798b2e8dd1b79951a8dcba27370af30c43b9549fbb00008dbcf052a535c528209aaee38e6d1f760168b706905ae72f3e704ed20f8a1a1 json-c-0.13.1.tar.gz"
+sha512sums="e984db2a42b9c95b52c798b2e8dd1b79951a8dcba27370af30c43b9549fbb00008dbcf052a535c528209aaee38e6d1f760168b706905ae72f3e704ed20f8a1a1 json-c-0.13.1.tar.gz
+f6c47ba18cdbf5cf150fdac97e931e511e12cbb5c30e6798b1ebf6173556eda1e84384bf0019a95bcfbb9dcd561a13d05639c68e07838b28cdbcf5b86bd3d497 CVE-2020-12762.patch"
diff --git a/main/libexif/APKBUILD b/main/libexif/APKBUILD
index 467acb3b99..22a32de8c3 100644
--- a/main/libexif/APKBUILD
+++ b/main/libexif/APKBUILD
@@ -1,30 +1,47 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libexif
-pkgver=0.6.21
-pkgrel=3
+pkgver=0.6.22
+pkgrel=0
pkgdesc="A library to parse an EXIF file and read the data from those tags"
url="https://sourceforge.net/projects/libexif"
arch="all"
-license="LGPL-2.0+"
+license="LGPL-2.0-or-later"
subpackages="$pkgname-dev $pkgname-doc"
-depends=
-makedepends=
-source="https://downloads.sf.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.bz2
- CVE-2017-7544.patch
- "
+source="https://github.com/libexif/libexif/releases/download/libexif-${pkgver//./_}-release/libexif-$pkgver.tar.xz"
# secfixes:
+# 0.6.22-r0:
+# - CVE-2018-20030
+# - CVE-2020-13114
+# - CVE-2020-13113
+# - CVE-2020-13112
+# - CVE-2020-0093
+# - CVE-2019-9278
+# - CVE-2020-12767
+# - CVE-2016-6328
# 0.6.21-r3:
# - CVE-2017-7544
+# 0.6.21-r0:
+# - CVE-2012-2812
+# - CVE-2012-2813
+# - CVE-2012-2814
+# - CVE-2012-2836
+# - CVE-2012-2837
+# - CVE-2012-2840
+# - CVE-2012-2841
+# - CVE-2012-2845
+# 0.6.19-r0:
+# - CVE-2009-3895
prepare() {
- cd "$builddir"
- update_config_sub
default_prepare
+
+ # The tarballs upstream provides uses /usr/bin/sh instead of /bin/sh
+ # most likely as a result of a poor usrmerge
+ grep -l '^#!/usr/bin/sh' -r . | xargs sed -i 's|^#!/usr/bin/sh|#!/bin/sh|g'
}
build() {
- cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -33,13 +50,10 @@ build() {
}
check() {
- cd "$builddir"
make check
}
package() {
- cd "$builddir"
make DESTDIR="$pkgdir" install
}
-sha512sums="4e0fe2abe85d1c95b41cb3abe1f6333dc3a9eb69dba106a674a78d74a4d5b9c5a19647118fa1cc2d72b98a29853394f1519eda9e2889eb28d3be26b21c7cfc35 libexif-0.6.21.tar.bz2
-5475c9e0f4a05448a571077d24d545cfaa0a7b15978345e92440107770077158b994fc0c785a81bb95ad6b409929c4c516c6e002cd65c9d35eb0e91161750e48 CVE-2017-7544.patch"
+sha512sums="0a9e7bf0258ed98a794b667d45e8fc65299101a2a2d2e39c358715b20b003beff258782f0736cd5b53978428a2f878a989f303bee249a978850a065f33c534af libexif-0.6.22.tar.xz"
diff --git a/main/libexif/CVE-2017-7544.patch b/main/libexif/CVE-2017-7544.patch
deleted file mode 100644
index b8825e1385..0000000000
--- a/main/libexif/CVE-2017-7544.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Index: libexif/exif-data.c
-===================================================================
-RCS file: /cvsroot/libexif/libexif/libexif/exif-data.c,v
-retrieving revision 1.131
-diff -u -r1.131 exif-data.c
---- a/libexif/exif-data.c 12 Jul 2012 17:28:26 -0000 1.131
-+++ b/libexif/exif-data.c 25 Jul 2017 21:34:06 -0000
-@@ -255,6 +255,12 @@
- exif_mnote_data_set_offset (data->priv->md, *ds - 6);
- exif_mnote_data_save (data->priv->md, &e->data, &e->size);
- e->components = e->size;
-+ if (exif_format_get_size (e->format) != 1) {
-+ /* e->format is taken from input code,
-+ * but we need to make sure it is a 1 byte
-+ * entity due to the multiplication below. */
-+ e->format = EXIF_FORMAT_UNDEFINED;
-+ }
- }
- }
-
diff --git a/main/libuv/APKBUILD b/main/libuv/APKBUILD
index eb97e6616a..e1d687a303 100644
--- a/main/libuv/APKBUILD
+++ b/main/libuv/APKBUILD
@@ -2,7 +2,7 @@
# Conttributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libuv
-pkgver=1.23.2
+pkgver=1.25.0
pkgrel=0
pkgdesc="Cross-platform asychronous I/O"
url="https://libuv.org"
@@ -45,5 +45,5 @@ package() {
"$pkgdir"/usr/share/licenses/$pkgname/LICENSE
}
-sha512sums="8dd9053adad115ae6dd012bf1059aab87cea2adcd8d2f8061607929bf5b0c83b1898f5945325b0f3ace7cdd70b7cdc03f60d4b2f85495c34ca94b9dcf76b42fe libuv-v1.23.2.tar.gz
+sha512sums="ee120b3baf3f399319b6f21258c25f980a4961f80059b82537f1760faea70bbaf96a8ebdb66ba9552d7b4a3e2287eed8f0169829472d690b6338a0d8aaf9f521 libuv-v1.25.0.tar.gz
081b98efa33264d326d998f32600635efd5723de1d9836b99039c60168580c7f56a7ea9fdd138f41bb1aede11da70079cce4aa69ea5b954b7f9e4dcad53ba16a disable-setuid-test.patch"
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index 80674edae6..f37d26e48d 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -2,7 +2,7 @@
pkgname=libvirt
pkgver=5.5.0
_ver="${pkgver/_rc/-rc}"
-pkgrel=0
+pkgrel=1
pkgdesc="A virtualization API for several hypervisor and container systems"
url="http://libvirt.org/"
arch="all"
@@ -31,6 +31,7 @@ source="https://libvirt.org/sources/$pkgname-$pkgver.tar.xz
virtlockd.initd
musl-fix-includes.patch
musl-stderr.patch
+ CVE-2020-12430.patch
"
if [ "$CARCH" = "x86_64" ]; then
@@ -42,8 +43,8 @@ subpackages="$subpackages $pkgname-common-drivers:_common_drivers"
builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
-# 4.10.0-r2:
-# - CVE-2019-3840
+# 5.5.0-r1:
+# - CVE-2020-12430
# 5.5.0-r0:
# - CVE-2019-10161
# - CVE-2019-10166
@@ -188,4 +189,5 @@ sha512sums="47923aaca605fb43a53238ac535abc1f88f73435336b8f3e88cb01df277ed205d99c
36b85f473d292be8df415256d01a562131d8ae61450ba3893658090a12d589ca32215382f56f286a830b4e59ffd98fbe1d92004f2ce14ca0834451b943cd8f2f virtlogd.initd
a4c4d26e4111931acbe7594451bf963a36c8db33c64b1bc447ab4758bb92803510bebee0511d6bc16ba80c289ab6f87e74377d47bf560412f9adb9c161a206d9 virtlockd.initd
dfe042c596028125bf8548115de2922683829c4716f6b0efb8efc38518670e3e848481661b9714bb0664c1022b87e8f3c0773611fe10187b0bc588e2336ada0c musl-fix-includes.patch
-a583c5981cda7fe2c17b5c7d4262399debea3e273124c43590cff029ce8d93868836ec1fe45d5776cd7ff26e31df577828e8541af56801a2b75eaa8f179cfc13 musl-stderr.patch"
+a583c5981cda7fe2c17b5c7d4262399debea3e273124c43590cff029ce8d93868836ec1fe45d5776cd7ff26e31df577828e8541af56801a2b75eaa8f179cfc13 musl-stderr.patch
+9f395a8be5c401b3e63f2a95154b2459ba4f9e5dffd0c9e0d96822f9e5b6b36c4b0b6e8e5de11fc280505d001ede0a196b477e60af95c6035daa7b29ca054d69 CVE-2020-12430.patch"
diff --git a/main/libvirt/CVE-2020-12430.patch b/main/libvirt/CVE-2020-12430.patch
new file mode 100644
index 0000000000..0d2b9e0f75
--- /dev/null
+++ b/main/libvirt/CVE-2020-12430.patch
@@ -0,0 +1,44 @@
+From 9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581 Mon Sep 17 00:00:00 2001
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 19 Feb 2020 08:40:59 +0100
+Subject: [PATCH] qemuDomainGetStatsIOThread: Don't leak array with 0 iothreads
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+qemuMonitorGetIOThreads returns a NULL-terminated list even when 0
+iothreads are present. The caller didn't perform cleanup if there were 0
+iothreads leaking the array.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1804548
+
+Fixes: d1eac92784573559b6fd56836e33b215c89308e3
+Reported-by: Jing Yan <jiyan@redhat.com>
+Signed-off-by: Peter Krempa <pkrempa@redhat.com>
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+---
+ src/qemu/qemu_driver.c | 8 ++++++--
+ 1 files changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index f686b85..39e1f04 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -21759,8 +21759,12 @@ qemuDomainGetStatsIOThread(virQEMUDriverPtr driver,
+ if ((niothreads = qemuDomainGetIOThreadsMon(driver, dom, &iothreads)) < 0)
+ return -1;
+
+- if (niothreads == 0)
+- return 0;
++ /* qemuDomainGetIOThreadsMon returns a NULL-terminated list, so we must free
++ * it even if it returns 0 */
++ if (niothreads == 0) {
++ ret = 0;
++ goto cleanup;
++ }
+
+ if (virTypedParamListAddUInt(params, niothreads, "iothread.count") < 0)
+ goto cleanup;
+--
+1.7.1
+
diff --git a/main/linux-vanilla/APKBUILD b/main/linux-vanilla/APKBUILD
index bf43db74ba..5836d27727 100644
--- a/main/linux-vanilla/APKBUILD
+++ b/main/linux-vanilla/APKBUILD
@@ -2,7 +2,7 @@
_flavor=vanilla
pkgname=linux-${_flavor}
-pkgver=4.19.98
+pkgver=4.19.118
case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=$pkgver;;
@@ -22,7 +22,6 @@ source="https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/linux-$_kernver
config-vanilla.armv7
config-vanilla.x86
config-vanilla.x86_64
- config-vanilla.ppc
config-vanilla.ppc64le
config-vanilla.s390x
@@ -222,15 +221,14 @@ _dev() {
}
sha512sums="ab67cc746b375a8b135e8b23e35e1d6787930d19b3c26b2679787d62951cbdbc3bb66f8ededeb9b890e5008b2459397f9018f1a6772fdef67780b06a4cb9f6f4 linux-4.19.tar.xz
-f70b11a82936b044f4d82f241554c974ab0bf17e8c205617a2c4739064556c1e70fa50b57885da21ae0d54c97f0f3abaa65f362b550e8e2cbd69ed0d8e39a36b config-vanilla.aarch64
-081322c29496bd741a8d185185898f3138c17ead22ccd57f46641c15eaaba2ad4c9ce25506cde1f1cc99e767f505424e46e2202d1e5f2776be7187b7d2b3190c config-vanilla.armhf
-081322c29496bd741a8d185185898f3138c17ead22ccd57f46641c15eaaba2ad4c9ce25506cde1f1cc99e767f505424e46e2202d1e5f2776be7187b7d2b3190c config-vanilla.armv7
-8fc0073543319c9f160dbade80a91f45b8035b8611f8d369f0816be6d06f9149e4cef6a80398832055bcec55843ae3c6208bee50b9572350aa92fc922456b12b config-vanilla.x86
-3cea3db9e1ec315332903f0efface63d09ceaa9563841c10210dba2e2149fd9dc8e1021581ab80e7fc2c3ee7f169165a16be97c11f85675d28334175fe3e621c config-vanilla.x86_64
-96651aca476c905c04d616565a2dd08066167c1d4887e2ddc86c4b7cdda44257ef633a9bcf745a91f00f88023dde8f1804c56b258e7e99232bb8bfa25d0ba4db config-vanilla.ppc
-9f1214efe9ed22b640b7f769c8869bef806e9164205b4228c999f85cc53c3153358b8eaa15892f2ab95c589fa06b00288695349d9a298fb7cf7a32b05931fb45 config-vanilla.ppc64le
-0e33770ed93acc74e30f8d33445a6bc1412ba9bb8c16e1ecb4da046b78e46b14d6b47f1d4ba9786dd8d77bc138e5ea08d4f852d9845055caaa292090ca3361e7 config-vanilla.s390x
-986d63ab6d104320f362be4e9534cd7916c4e8a460e2ff459e8aebe39aa77c4ebcffd6f1e0e585c7cf1736b4163b948aa30b87a8eea9b3e7db8cf42ddb7d5dd3 config-virt.aarch64
-0d566b91f54e25ddfcb085909a819485f835ca0022cba4fb5d37e41a64d1832d9540fa5da58f925c0b703907c4a22e378bff1e674c2f69827a20e2701d85e7ec config-virt.x86
-8e6db66a1df52ec336b965fd989bd0ffcfbd09c91946522a8b22eb314956167b743615684c748c71fbe26893b55252810d22165a0a601285ec6c0888fe234422 config-virt.x86_64
-5e87edc8475864f99018ccac64102f3000fdc7fcb6669d497ee1d9116334c53b82d7c1bea2411ef76d59961cb3a3882d75ff82c61c190a999b7a6be08ad41d06 patch-4.19.98.xz"
+0e7f4cd857519d307b87dc3ef7860b8420e5c3da70e2814b648f3c5a298f56e9e5cede50f1223f441ebb7231e5f36eb2654c3be579335329daf1e74f7a4c941d config-vanilla.aarch64
+2b0b7cfff2ee6e0622e0113efcf379f9ecfe4dfd49e22a634cb2a8a094680b13974994c1b844deebd67d8bde3fd84414cb6f2cd3ad6a8808c11af4c898d1c6b2 config-vanilla.armhf
+2b0b7cfff2ee6e0622e0113efcf379f9ecfe4dfd49e22a634cb2a8a094680b13974994c1b844deebd67d8bde3fd84414cb6f2cd3ad6a8808c11af4c898d1c6b2 config-vanilla.armv7
+e04de3450d02245bd7f8eca6502e7c3d62bbab4f154a80c79d30dfbd996fccedfb050f6305bddc4ad7bf868eea5456bdbd578a4bd1ef73e96b4cd09347acf1b6 config-vanilla.x86
+0887328ce1d886e21774d895aa5e0abffd3ab070480fab1433d569954e74271052cdbff7db4e59722fbc3911f17db4acddf8757546235f8c1d941dc46f266cbd config-vanilla.x86_64
+107b4419c439aec04fffa466a9e33f58720ee4372ea75bc05b46653a6cdc815a2238c7e38c5f5382e36fb4080147e9ba8eb64bf918ab843ef51107fbf4d02056 config-vanilla.ppc64le
+c1c31f6d4b2d5cf710659a18fe6580e8546865ccc7b3d908a7a200a29e3024d4c05111ddfdc430d55bb8b153e7e3bd1a4fa7da1344dc390d3347db28e48273d7 config-vanilla.s390x
+bb73130a966f4d8bbb0e81c735b76ce6cca5fece05c95411bae95e044b82922528ff515328fff010f8e0b433c6f315bc36e968f93d3eb718f97a85d0debf4354 config-virt.aarch64
+7f6a4c3cb89b9582b90513860ada012e37d377dd4d5760ccaf57586af5c359c910c00dd7e7d9185bdcdf136e8e2c2c705218273f977e942bd2cc2792fdda55db config-virt.x86
+bb3ee3538228c80f6afc25610e565c3e580ad6640816a26b55527d9d694d59b120b9c3b1c28d6578b5d448a0f8bb44f34c8d5c21e61197c25e822b053e842a34 config-virt.x86_64
+55d9cf9dc2fe87ea0cb788a7c9abc71307be1b2420cd446e4281634c1fbb077510da2f067c12094f6c38c87bad26a39dd1d553e4afc9b73baa6a0ffa18eaafd2 patch-4.19.118.xz"
diff --git a/main/linux-vanilla/config-vanilla.aarch64 b/main/linux-vanilla/config-vanilla.aarch64
index 9aee6eba50..d2d6910d60 100644
--- a/main/linux-vanilla/config-vanilla.aarch64
+++ b/main/linux-vanilla/config-vanilla.aarch64
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 4.19.50 Kernel Configuration
+# Linux/arm64 4.19.118 Kernel Configuration
#
#
@@ -563,6 +563,7 @@ CONFIG_ARM_SDE_INTERFACE=y
CONFIG_FIRMWARE_MEMMAP=y
CONFIG_DMIID=y
# CONFIG_DMI_SYSFS is not set
+# CONFIG_ISCSI_IBFT is not set
CONFIG_RASPBERRYPI_FIRMWARE=m
CONFIG_FW_CFG_SYSFS=m
# CONFIG_FW_CFG_SYSFS_CMDLINE is not set
@@ -1804,6 +1805,7 @@ CONFIG_DEBUG_DEVRES=y
# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set
CONFIG_SYS_HYPERVISOR=y
CONFIG_GENERIC_CPU_AUTOPROBE=y
+CONFIG_GENERIC_CPU_VULNERABILITIES=y
CONFIG_SOC_BUS=y
CONFIG_REGMAP=y
CONFIG_REGMAP_I2C=m
@@ -2552,6 +2554,7 @@ CONFIG_ACENIC=m
# CONFIG_ACENIC_OMIT_TIGON_I is not set
CONFIG_ALTERA_TSE=m
CONFIG_NET_VENDOR_AMAZON=y
+CONFIG_ENA_ETHERNET=m
CONFIG_NET_VENDOR_AMD=y
CONFIG_AMD8111_ETH=m
CONFIG_PCNET32=m
@@ -2837,7 +2840,7 @@ CONFIG_SWPHY=y
CONFIG_SFP=m
CONFIG_AMD_PHY=m
CONFIG_AQUANTIA_PHY=m
-# CONFIG_ASIX_PHY is not set
+# CONFIG_AX88796B_PHY is not set
CONFIG_AT803X_PHY=m
CONFIG_BCM7XXX_PHY=m
CONFIG_BCM87XX_PHY=m
@@ -5191,10 +5194,10 @@ CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y
#
# Frame buffer Devices
#
-CONFIG_FB=y
-# CONFIG_FIRMWARE_EDID is not set
CONFIG_FB_CMDLINE=y
CONFIG_FB_NOTIFY=y
+CONFIG_FB=y
+# CONFIG_FIRMWARE_EDID is not set
CONFIG_FB_DDC=m
CONFIG_FB_CFB_FILLRECT=y
CONFIG_FB_CFB_COPYAREA=y
@@ -5978,7 +5981,6 @@ CONFIG_USB_EMI62=m
CONFIG_USB_EMI26=m
CONFIG_USB_ADUTUX=m
CONFIG_USB_SEVSEG=m
-CONFIG_USB_RIO500=m
# CONFIG_USB_LEGOTOWER is not set
CONFIG_USB_LCD=m
CONFIG_USB_CYPRESS_CY7C63=m
diff --git a/main/linux-vanilla/config-vanilla.armhf b/main/linux-vanilla/config-vanilla.armhf
index 4d5da5e2ec..62d7cc480a 100644
--- a/main/linux-vanilla/config-vanilla.armhf
+++ b/main/linux-vanilla/config-vanilla.armhf
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 4.19.50 Kernel Configuration
+# Linux/arm 4.19.118 Kernel Configuration
#
#
@@ -2225,7 +2225,6 @@ CONFIG_MDIO_DEVICE=y
CONFIG_MDIO_BUS=y
CONFIG_MDIO_BCM_UNIMAC=m
CONFIG_MDIO_BITBANG=m
-CONFIG_MDIO_BUS_MUX=m
# CONFIG_MDIO_BUS_MUX_GPIO is not set
# CONFIG_MDIO_BUS_MUX_MMIOREG is not set
CONFIG_MDIO_GPIO=m
@@ -2241,7 +2240,7 @@ CONFIG_SWPHY=y
#
CONFIG_AMD_PHY=m
CONFIG_AQUANTIA_PHY=m
-# CONFIG_ASIX_PHY is not set
+# CONFIG_AX88796B_PHY is not set
# CONFIG_AT803X_PHY is not set
CONFIG_BCM7XXX_PHY=m
CONFIG_BCM87XX_PHY=m
@@ -4104,10 +4103,10 @@ CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y
#
# Frame buffer Devices
#
-CONFIG_FB=y
-# CONFIG_FIRMWARE_EDID is not set
CONFIG_FB_CMDLINE=y
CONFIG_FB_NOTIFY=y
+CONFIG_FB=y
+# CONFIG_FIRMWARE_EDID is not set
CONFIG_FB_CFB_FILLRECT=y
CONFIG_FB_CFB_COPYAREA=y
CONFIG_FB_CFB_IMAGEBLIT=y
@@ -4742,7 +4741,6 @@ CONFIG_USB_EMI62=m
CONFIG_USB_EMI26=m
CONFIG_USB_ADUTUX=m
CONFIG_USB_SEVSEG=m
-CONFIG_USB_RIO500=m
# CONFIG_USB_LEGOTOWER is not set
CONFIG_USB_LCD=m
CONFIG_USB_CYPRESS_CY7C63=m
@@ -5277,11 +5275,6 @@ CONFIG_REMOTEPROC=m
CONFIG_RPMSG=m
# CONFIG_RPMSG_CHAR is not set
CONFIG_RPMSG_VIRTIO=m
-CONFIG_SOUNDWIRE=y
-
-#
-# SoundWire Devices
-#
#
# SOC (System On Chip) specific Drivers
@@ -6252,7 +6245,6 @@ CONFIG_ARM_UNWIND=y
CONFIG_OLD_MCOUNT=y
# CONFIG_DEBUG_USER is not set
# CONFIG_DEBUG_LL is not set
-CONFIG_DEBUG_IMX_UART_PORT=1
CONFIG_DEBUG_LL_INCLUDE="mach/debug-macro.S"
CONFIG_UNCOMPRESS_INCLUDE="debug/uncompress.h"
# CONFIG_ARM_KPROBES_TEST is not set
diff --git a/main/linux-vanilla/config-vanilla.ppc b/main/linux-vanilla/config-vanilla.ppc
deleted file mode 100644
index 23720e922a..0000000000
--- a/main/linux-vanilla/config-vanilla.ppc
+++ /dev/null
@@ -1,3731 +0,0 @@
-#
-# Automatically generated file; DO NOT EDIT.
-# Linux/powerpc 4.14.13 Kernel Configuration
-#
-# CONFIG_PPC64 is not set
-
-#
-# Processor support
-#
-CONFIG_PPC_BOOK3S_32=y
-# CONFIG_PPC_85xx is not set
-# CONFIG_PPC_8xx is not set
-# CONFIG_40x is not set
-# CONFIG_44x is not set
-# CONFIG_E200 is not set
-CONFIG_PPC_BOOK3S=y
-CONFIG_6xx=y
-CONFIG_PPC_FPU=y
-CONFIG_ALTIVEC=y
-CONFIG_PPC_STD_MMU=y
-CONFIG_PPC_STD_MMU_32=y
-# CONFIG_PPC_MM_SLICES is not set
-CONFIG_PPC_HAVE_PMU_SUPPORT=y
-CONFIG_PPC_PERF_CTRS=y
-# CONFIG_FORCE_SMP is not set
-# CONFIG_SMP is not set
-# CONFIG_PPC_DOORBELL is not set
-CONFIG_VDSO32=y
-CONFIG_CPU_BIG_ENDIAN=y
-CONFIG_PPC32=y
-CONFIG_32BIT=y
-# CONFIG_ARCH_PHYS_ADDR_T_64BIT is not set
-# CONFIG_ARCH_DMA_ADDR_T_64BIT is not set
-CONFIG_MMU=y
-CONFIG_ARCH_MMAP_RND_BITS_MAX=17
-CONFIG_ARCH_MMAP_RND_BITS_MIN=11
-CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=17
-CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=11
-# CONFIG_HAVE_SETUP_PER_CPU_AREA is not set
-# CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK is not set
-CONFIG_NR_IRQS=512
-CONFIG_STACKTRACE_SUPPORT=y
-CONFIG_TRACE_IRQFLAGS_SUPPORT=y
-CONFIG_LOCKDEP_SUPPORT=y
-CONFIG_RWSEM_XCHGADD_ALGORITHM=y
-CONFIG_GENERIC_HWEIGHT=y
-CONFIG_ARCH_HAS_DMA_SET_COHERENT_MASK=y
-CONFIG_PPC=y
-# CONFIG_GENERIC_CSUM is not set
-CONFIG_EARLY_PRINTK=y
-CONFIG_PANIC_TIMEOUT=180
-CONFIG_GENERIC_NVRAM=y
-CONFIG_SCHED_OMIT_FRAME_POINTER=y
-CONFIG_ARCH_MAY_HAVE_PC_FDC=y
-# CONFIG_PPC_UDBG_16550 is not set
-# CONFIG_GENERIC_TBSYNC is not set
-CONFIG_AUDIT_ARCH=y
-CONFIG_GENERIC_BUG=y
-CONFIG_SYS_SUPPORTS_APM_EMULATION=y
-# CONFIG_EPAPR_BOOT is not set
-# CONFIG_DEFAULT_UIMAGE is not set
-CONFIG_ARCH_HIBERNATION_POSSIBLE=y
-CONFIG_ARCH_SUSPEND_POSSIBLE=y
-# CONFIG_PPC_DCR_NATIVE is not set
-# CONFIG_PPC_DCR_MMIO is not set
-CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
-CONFIG_ARCH_SUPPORTS_UPROBES=y
-CONFIG_PGTABLE_LEVELS=2
-CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
-CONFIG_IRQ_WORK=y
-CONFIG_BUILDTIME_EXTABLE_SORT=y
-
-#
-# General setup
-#
-CONFIG_BROKEN_ON_SMP=y
-CONFIG_INIT_ENV_ARG_LIMIT=32
-CONFIG_CROSS_COMPILE=""
-# CONFIG_COMPILE_TEST is not set
-CONFIG_LOCALVERSION=""
-# CONFIG_LOCALVERSION_AUTO is not set
-CONFIG_HAVE_KERNEL_GZIP=y
-CONFIG_KERNEL_GZIP=y
-CONFIG_DEFAULT_HOSTNAME="(none)"
-CONFIG_SWAP=y
-CONFIG_SYSVIPC=y
-CONFIG_SYSVIPC_SYSCTL=y
-CONFIG_POSIX_MQUEUE=y
-CONFIG_POSIX_MQUEUE_SYSCTL=y
-CONFIG_CROSS_MEMORY_ATTACH=y
-CONFIG_FHANDLE=y
-CONFIG_USELIB=y
-CONFIG_AUDIT=y
-CONFIG_HAVE_ARCH_AUDITSYSCALL=y
-
-#
-# IRQ subsystem
-#
-CONFIG_GENERIC_IRQ_SHOW=y
-CONFIG_GENERIC_IRQ_SHOW_LEVEL=y
-CONFIG_IRQ_DOMAIN=y
-# CONFIG_IRQ_DOMAIN_DEBUG is not set
-CONFIG_IRQ_FORCED_THREADING=y
-CONFIG_SPARSE_IRQ=y
-# CONFIG_GENERIC_IRQ_DEBUGFS is not set
-CONFIG_GENERIC_TIME_VSYSCALL=y
-CONFIG_GENERIC_CLOCKEVENTS=y
-CONFIG_GENERIC_CMOS_UPDATE=y
-
-#
-# Timers subsystem
-#
-CONFIG_TICK_ONESHOT=y
-CONFIG_NO_HZ_COMMON=y
-# CONFIG_HZ_PERIODIC is not set
-CONFIG_NO_HZ_IDLE=y
-CONFIG_NO_HZ=y
-CONFIG_HIGH_RES_TIMERS=y
-
-#
-# CPU/Task time and stats accounting
-#
-CONFIG_TICK_CPU_ACCOUNTING=y
-# CONFIG_VIRT_CPU_ACCOUNTING_NATIVE is not set
-# CONFIG_IRQ_TIME_ACCOUNTING is not set
-# CONFIG_BSD_PROCESS_ACCT is not set
-# CONFIG_TASKSTATS is not set
-
-#
-# RCU Subsystem
-#
-CONFIG_TINY_RCU=y
-# CONFIG_RCU_EXPERT is not set
-CONFIG_SRCU=y
-CONFIG_TINY_SRCU=y
-# CONFIG_TASKS_RCU is not set
-# CONFIG_RCU_STALL_COMMON is not set
-# CONFIG_RCU_NEED_SEGCBLIST is not set
-CONFIG_BUILD_BIN2C=y
-CONFIG_IKCONFIG=y
-CONFIG_IKCONFIG_PROC=y
-CONFIG_LOG_BUF_SHIFT=14
-CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13
-# CONFIG_CGROUPS is not set
-# CONFIG_CHECKPOINT_RESTORE is not set
-CONFIG_NAMESPACES=y
-CONFIG_UTS_NS=y
-CONFIG_IPC_NS=y
-# CONFIG_USER_NS is not set
-CONFIG_PID_NS=y
-CONFIG_NET_NS=y
-# CONFIG_SCHED_AUTOGROUP is not set
-# CONFIG_SYSFS_DEPRECATED is not set
-# CONFIG_RELAY is not set
-CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE=""
-CONFIG_RD_GZIP=y
-CONFIG_RD_BZIP2=y
-CONFIG_RD_LZMA=y
-CONFIG_RD_XZ=y
-CONFIG_RD_LZO=y
-CONFIG_RD_LZ4=y
-CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
-# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
-CONFIG_SYSCTL=y
-CONFIG_ANON_INODES=y
-CONFIG_SYSCTL_EXCEPTION_TRACE=y
-CONFIG_BPF=y
-# CONFIG_EXPERT is not set
-CONFIG_MULTIUSER=y
-CONFIG_SGETMASK_SYSCALL=y
-CONFIG_SYSFS_SYSCALL=y
-# CONFIG_SYSCTL_SYSCALL is not set
-CONFIG_POSIX_TIMERS=y
-CONFIG_KALLSYMS=y
-CONFIG_KALLSYMS_ALL=y
-# CONFIG_KALLSYMS_ABSOLUTE_PERCPU is not set
-CONFIG_KALLSYMS_BASE_RELATIVE=y
-CONFIG_PRINTK=y
-CONFIG_PRINTK_NMI=y
-CONFIG_BUG=y
-CONFIG_ELF_CORE=y
-CONFIG_BASE_FULL=y
-CONFIG_FUTEX=y
-CONFIG_FUTEX_PI=y
-CONFIG_EPOLL=y
-CONFIG_SIGNALFD=y
-CONFIG_TIMERFD=y
-CONFIG_EVENTFD=y
-# CONFIG_BPF_SYSCALL is not set
-CONFIG_SHMEM=y
-CONFIG_AIO=y
-CONFIG_ADVISE_SYSCALLS=y
-# CONFIG_USERFAULTFD is not set
-CONFIG_PCI_QUIRKS=y
-CONFIG_MEMBARRIER=y
-# CONFIG_EMBEDDED is not set
-CONFIG_HAVE_PERF_EVENTS=y
-# CONFIG_PC104 is not set
-
-#
-# Kernel Performance Events And Counters
-#
-CONFIG_PERF_EVENTS=y
-CONFIG_VM_EVENT_COUNTERS=y
-CONFIG_SLUB_DEBUG=y
-# CONFIG_COMPAT_BRK is not set
-# CONFIG_SLAB is not set
-CONFIG_SLUB=y
-CONFIG_SLAB_MERGE_DEFAULT=y
-# CONFIG_SLAB_FREELIST_RANDOM is not set
-# CONFIG_SLAB_FREELIST_HARDENED is not set
-# CONFIG_SYSTEM_DATA_VERIFICATION is not set
-CONFIG_PROFILING=y
-CONFIG_TRACEPOINTS=y
-CONFIG_OPROFILE=y
-CONFIG_HAVE_OPROFILE=y
-# CONFIG_KPROBES is not set
-# CONFIG_JUMP_LABEL is not set
-CONFIG_UPROBES=y
-# CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set
-CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
-CONFIG_ARCH_USE_BUILTIN_BSWAP=y
-CONFIG_HAVE_IOREMAP_PROT=y
-CONFIG_HAVE_KPROBES=y
-CONFIG_HAVE_KRETPROBES=y
-CONFIG_HAVE_KPROBES_ON_FTRACE=y
-CONFIG_HAVE_NMI=y
-CONFIG_HAVE_ARCH_TRACEHOOK=y
-CONFIG_GENERIC_SMP_IDLE_THREAD=y
-CONFIG_ARCH_HAS_FORTIFY_SOURCE=y
-CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
-CONFIG_HAVE_DMA_API_DEBUG=y
-CONFIG_HAVE_HW_BREAKPOINT=y
-CONFIG_HAVE_PERF_REGS=y
-CONFIG_HAVE_PERF_USER_STACK_DUMP=y
-CONFIG_HAVE_ARCH_JUMP_LABEL=y
-CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
-CONFIG_ARCH_WEAK_RELEASE_ACQUIRE=y
-CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
-CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
-CONFIG_SECCOMP_FILTER=y
-CONFIG_HAVE_GCC_PLUGINS=y
-# CONFIG_GCC_PLUGINS is not set
-# CONFIG_CC_STACKPROTECTOR is not set
-CONFIG_THIN_ARCHIVES=y
-CONFIG_HAVE_VIRT_CPU_ACCOUNTING=y
-CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
-CONFIG_HAVE_MOD_ARCH_SPECIFIC=y
-CONFIG_MODULES_USE_ELF_RELA=y
-CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
-CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
-CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
-CONFIG_ARCH_MMAP_RND_BITS=11
-# CONFIG_HAVE_ARCH_HASH is not set
-# CONFIG_ISA_BUS_API is not set
-CONFIG_CLONE_BACKWARDS=y
-CONFIG_OLD_SIGSUSPEND=y
-CONFIG_OLD_SIGACTION=y
-# CONFIG_CPU_NO_EFFICIENT_FFS is not set
-# CONFIG_HAVE_ARCH_VMAP_STACK is not set
-# CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set
-# CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set
-# CONFIG_ARCH_HAS_STRICT_KERNEL_RWX is not set
-# CONFIG_ARCH_HAS_STRICT_MODULE_RWX is not set
-# CONFIG_REFCOUNT_FULL is not set
-
-#
-# GCOV-based kernel profiling
-#
-# CONFIG_GCOV_KERNEL is not set
-CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
-# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set
-CONFIG_SLABINFO=y
-CONFIG_RT_MUTEXES=y
-CONFIG_BASE_SMALL=0
-CONFIG_MODULES=y
-# CONFIG_MODULE_FORCE_LOAD is not set
-CONFIG_MODULE_UNLOAD=y
-CONFIG_MODULE_FORCE_UNLOAD=y
-# CONFIG_MODVERSIONS is not set
-# CONFIG_MODULE_SRCVERSION_ALL is not set
-# CONFIG_MODULE_SIG is not set
-# CONFIG_MODULE_COMPRESS is not set
-# CONFIG_TRIM_UNUSED_KSYMS is not set
-CONFIG_MODULES_TREE_LOOKUP=y
-CONFIG_BLOCK=y
-CONFIG_LBDAF=y
-CONFIG_BLK_SCSI_REQUEST=y
-CONFIG_BLK_DEV_BSG=y
-CONFIG_BLK_DEV_BSGLIB=y
-# CONFIG_BLK_DEV_INTEGRITY is not set
-# CONFIG_BLK_DEV_ZONED is not set
-# CONFIG_BLK_CMDLINE_PARSER is not set
-# CONFIG_BLK_WBT is not set
-CONFIG_BLK_DEBUG_FS=y
-# CONFIG_BLK_SED_OPAL is not set
-
-#
-# Partition Types
-#
-CONFIG_PARTITION_ADVANCED=y
-# CONFIG_ACORN_PARTITION is not set
-# CONFIG_AIX_PARTITION is not set
-# CONFIG_OSF_PARTITION is not set
-# CONFIG_AMIGA_PARTITION is not set
-# CONFIG_ATARI_PARTITION is not set
-CONFIG_MAC_PARTITION=y
-CONFIG_MSDOS_PARTITION=y
-# CONFIG_BSD_DISKLABEL is not set
-# CONFIG_MINIX_SUBPARTITION is not set
-# CONFIG_SOLARIS_X86_PARTITION is not set
-# CONFIG_UNIXWARE_DISKLABEL is not set
-# CONFIG_LDM_PARTITION is not set
-# CONFIG_SGI_PARTITION is not set
-# CONFIG_ULTRIX_PARTITION is not set
-# CONFIG_SUN_PARTITION is not set
-# CONFIG_KARMA_PARTITION is not set
-CONFIG_EFI_PARTITION=y
-# CONFIG_SYSV68_PARTITION is not set
-# CONFIG_CMDLINE_PARTITION is not set
-CONFIG_BLK_MQ_PCI=y
-
-#
-# IO Schedulers
-#
-CONFIG_IOSCHED_NOOP=y
-CONFIG_IOSCHED_DEADLINE=y
-CONFIG_IOSCHED_CFQ=y
-# CONFIG_DEFAULT_DEADLINE is not set
-CONFIG_DEFAULT_CFQ=y
-# CONFIG_DEFAULT_NOOP is not set
-CONFIG_DEFAULT_IOSCHED="cfq"
-CONFIG_MQ_IOSCHED_DEADLINE=y
-CONFIG_MQ_IOSCHED_KYBER=y
-# CONFIG_IOSCHED_BFQ is not set
-CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
-CONFIG_INLINE_READ_UNLOCK=y
-CONFIG_INLINE_READ_UNLOCK_IRQ=y
-CONFIG_INLINE_WRITE_UNLOCK=y
-CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
-CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y
-CONFIG_FREEZER=y
-# CONFIG_PPC_XICS is not set
-# CONFIG_PPC_ICP_NATIVE is not set
-# CONFIG_PPC_ICP_HV is not set
-# CONFIG_PPC_ICS_RTAS is not set
-# CONFIG_PPC_XIVE is not set
-# CONFIG_PPC_XIVE_SPAPR is not set
-# CONFIG_GE_FPGA is not set
-
-#
-# Platform support
-#
-# CONFIG_PPC_CHRP is not set
-# CONFIG_PPC_MPC512x is not set
-# CONFIG_PPC_MPC52xx is not set
-CONFIG_PPC_PMAC=y
-# CONFIG_PPC_CELL is not set
-# CONFIG_PPC_CELL_NATIVE is not set
-# CONFIG_PPC_82xx is not set
-# CONFIG_PQ2ADS is not set
-# CONFIG_PPC_83xx is not set
-# CONFIG_PPC_86xx is not set
-# CONFIG_EMBEDDED6xx is not set
-# CONFIG_AMIGAONE is not set
-# CONFIG_KVM_GUEST is not set
-# CONFIG_EPAPR_PARAVIRT is not set
-CONFIG_PPC_NATIVE=y
-CONFIG_PPC_OF_BOOT_TRAMPOLINE=y
-# CONFIG_IPIC is not set
-CONFIG_MPIC=y
-# CONFIG_PPC_EPAPR_HV_PIC is not set
-# CONFIG_MPIC_WEIRD is not set
-# CONFIG_MPIC_MSGR is not set
-# CONFIG_PPC_I8259 is not set
-# CONFIG_PPC_RTAS is not set
-# CONFIG_MMIO_NVRAM is not set
-# CONFIG_MPIC_U3_HT_IRQS is not set
-CONFIG_PPC_MPC106=y
-# CONFIG_PPC_970_NAP is not set
-# CONFIG_PPC_P7_NAP is not set
-
-#
-# CPU Frequency scaling
-#
-CONFIG_CPU_FREQ=y
-CONFIG_CPU_FREQ_STAT=y
-CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
-# CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE is not set
-# CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set
-# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set
-# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set
-CONFIG_CPU_FREQ_GOV_PERFORMANCE=y
-CONFIG_CPU_FREQ_GOV_POWERSAVE=y
-CONFIG_CPU_FREQ_GOV_USERSPACE=y
-# CONFIG_CPU_FREQ_GOV_ONDEMAND is not set
-# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set
-
-#
-# CPU frequency scaling drivers
-#
-CONFIG_CPU_FREQ_PMAC=y
-
-#
-# CPUIdle driver
-#
-
-#
-# CPU Idle
-#
-# CONFIG_CPU_IDLE is not set
-# CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set
-CONFIG_PPC601_SYNC_FIX=y
-# CONFIG_TAU is not set
-# CONFIG_FSL_ULI1575 is not set
-CONFIG_GEN_RTC=y
-# CONFIG_SIMPLE_GPIO is not set
-
-#
-# Kernel options
-#
-CONFIG_HIGHMEM=y
-# CONFIG_HZ_100 is not set
-CONFIG_HZ_250=y
-# CONFIG_HZ_300 is not set
-# CONFIG_HZ_1000 is not set
-CONFIG_HZ=250
-CONFIG_SCHED_HRTICK=y
-CONFIG_PREEMPT_NONE=y
-# CONFIG_PREEMPT_VOLUNTARY is not set
-# CONFIG_PREEMPT is not set
-CONFIG_BINFMT_ELF=y
-CONFIG_ELFCORE=y
-CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y
-CONFIG_BINFMT_SCRIPT=y
-# CONFIG_HAVE_AOUT is not set
-CONFIG_BINFMT_MISC=m
-CONFIG_COREDUMP=y
-# CONFIG_IOMMU_HELPER is not set
-# CONFIG_SWIOTLB is not set
-CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
-CONFIG_ARCH_HAS_WALK_MEMORY=y
-CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y
-# CONFIG_KEXEC is not set
-# CONFIG_CRASH_DUMP is not set
-CONFIG_ARCH_FLATMEM_ENABLE=y
-CONFIG_ILLEGAL_POINTER_VALUE=0
-CONFIG_FLATMEM=y
-CONFIG_FLAT_NODE_MEM_MAP=y
-CONFIG_HAVE_MEMBLOCK=y
-CONFIG_HAVE_MEMBLOCK_NODE_MAP=y
-CONFIG_HAVE_GENERIC_GUP=y
-CONFIG_NO_BOOTMEM=y
-# CONFIG_HAVE_BOOTMEM_INFO_NODE is not set
-CONFIG_SPLIT_PTLOCK_CPUS=4
-CONFIG_COMPACTION=y
-CONFIG_MIGRATION=y
-# CONFIG_PHYS_ADDR_T_64BIT is not set
-CONFIG_BOUNCE=y
-CONFIG_VIRT_TO_BUS=y
-# CONFIG_KSM is not set
-CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
-# CONFIG_ARCH_WANTS_THP_SWAP is not set
-CONFIG_NEED_PER_CPU_KM=y
-# CONFIG_CLEANCACHE is not set
-# CONFIG_FRONTSWAP is not set
-# CONFIG_CMA is not set
-# CONFIG_ZPOOL is not set
-# CONFIG_ZBUD is not set
-# CONFIG_ZSMALLOC is not set
-CONFIG_ARCH_SUPPORTS_DEFERRED_STRUCT_PAGE_INIT=y
-# CONFIG_IDLE_PAGE_TRACKING is not set
-# CONFIG_PERCPU_STATS is not set
-CONFIG_PPC_4K_PAGES=y
-CONFIG_THREAD_SHIFT=13
-CONFIG_FORCE_MAX_ZONEORDER=11
-# CONFIG_PPC_COPRO_BASE is not set
-# CONFIG_CMDLINE_BOOL is not set
-CONFIG_EXTRA_TARGETS=""
-CONFIG_ARCH_WANTS_FREEZER_CONTROL=y
-CONFIG_SUSPEND=y
-CONFIG_SUSPEND_FREEZER=y
-CONFIG_HIBERNATE_CALLBACKS=y
-CONFIG_HIBERNATION=y
-CONFIG_PM_STD_PARTITION=""
-CONFIG_PM_SLEEP=y
-# CONFIG_PM_AUTOSLEEP is not set
-# CONFIG_PM_WAKELOCKS is not set
-CONFIG_PM=y
-CONFIG_PM_DEBUG=y
-# CONFIG_PM_ADVANCED_DEBUG is not set
-# CONFIG_PM_TEST_SUSPEND is not set
-CONFIG_PM_SLEEP_DEBUG=y
-CONFIG_APM_EMULATION=y
-# CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set
-CONFIG_SECCOMP=y
-CONFIG_ISA_DMA_API=y
-
-#
-# Bus options
-#
-CONFIG_ZONE_DMA=y
-# CONFIG_NEED_DMA_MAP_STATE is not set
-CONFIG_NEED_SG_DMA_LENGTH=y
-CONFIG_GENERIC_ISA_DMA=y
-CONFIG_PPC_INDIRECT_PCI=y
-# CONFIG_FSL_LBC is not set
-CONFIG_PCI=y
-CONFIG_PCI_DOMAINS=y
-CONFIG_PCI_SYSCALL=y
-# CONFIG_PCIEPORTBUS is not set
-# CONFIG_PCI_MSI is not set
-# CONFIG_PCI_DEBUG is not set
-# CONFIG_PCI_REALLOC_ENABLE_AUTO is not set
-# CONFIG_PCI_STUB is not set
-# CONFIG_PCI_IOV is not set
-# CONFIG_PCI_PRI is not set
-# CONFIG_PCI_PASID is not set
-# CONFIG_HOTPLUG_PCI is not set
-
-#
-# DesignWare PCI Core Support
-#
-
-#
-# PCI host controller drivers
-#
-
-#
-# PCI Endpoint
-#
-# CONFIG_PCI_ENDPOINT is not set
-
-#
-# PCI switch controller drivers
-#
-# CONFIG_PCI_SW_SWITCHTEC is not set
-CONFIG_PCCARD=m
-CONFIG_PCMCIA=m
-CONFIG_PCMCIA_LOAD_CIS=y
-CONFIG_CARDBUS=y
-
-#
-# PC-card bridges
-#
-CONFIG_YENTA=m
-CONFIG_YENTA_O2=y
-CONFIG_YENTA_RICOH=y
-CONFIG_YENTA_TI=y
-CONFIG_YENTA_ENE_TUNE=y
-CONFIG_YENTA_TOSHIBA=y
-# CONFIG_PD6729 is not set
-# CONFIG_I82092 is not set
-CONFIG_PCCARD_NONSTATIC=y
-# CONFIG_HAS_RAPIDIO is not set
-# CONFIG_RAPIDIO is not set
-# CONFIG_NONSTATIC_KERNEL is not set
-
-#
-# Advanced setup
-#
-# CONFIG_ADVANCED_OPTIONS is not set
-
-#
-# Default settings for advanced configuration options are used
-#
-CONFIG_LOWMEM_SIZE=0x30000000
-CONFIG_PAGE_OFFSET=0xc0000000
-CONFIG_KERNEL_START=0xc0000000
-CONFIG_PHYSICAL_START=0x00000000
-CONFIG_TASK_SIZE=0xc0000000
-# CONFIG_ARCH_RANDOM is not set
-CONFIG_NET=y
-CONFIG_NET_INGRESS=y
-
-#
-# Networking options
-#
-CONFIG_PACKET=y
-# CONFIG_PACKET_DIAG is not set
-CONFIG_UNIX=y
-# CONFIG_UNIX_DIAG is not set
-# CONFIG_TLS is not set
-CONFIG_XFRM=y
-CONFIG_XFRM_ALGO=y
-CONFIG_XFRM_USER=y
-# CONFIG_XFRM_SUB_POLICY is not set
-# CONFIG_XFRM_MIGRATE is not set
-# CONFIG_XFRM_STATISTICS is not set
-CONFIG_NET_KEY=y
-# CONFIG_NET_KEY_MIGRATE is not set
-CONFIG_INET=y
-CONFIG_IP_MULTICAST=y
-# CONFIG_IP_ADVANCED_ROUTER is not set
-CONFIG_IP_ROUTE_CLASSID=y
-# CONFIG_IP_PNP is not set
-# CONFIG_NET_IPIP is not set
-# CONFIG_NET_IPGRE_DEMUX is not set
-# CONFIG_NET_IP_TUNNEL is not set
-# CONFIG_IP_MROUTE is not set
-CONFIG_SYN_COOKIES=y
-# CONFIG_NET_UDP_TUNNEL is not set
-# CONFIG_NET_FOU is not set
-CONFIG_INET_AH=y
-CONFIG_INET_ESP=y
-# CONFIG_INET_ESP_OFFLOAD is not set
-# CONFIG_INET_IPCOMP is not set
-# CONFIG_INET_XFRM_TUNNEL is not set
-# CONFIG_INET_TUNNEL is not set
-# CONFIG_INET_XFRM_MODE_TRANSPORT is not set
-# CONFIG_INET_XFRM_MODE_TUNNEL is not set
-CONFIG_INET_XFRM_MODE_BEET=y
-CONFIG_INET_DIAG=y
-CONFIG_INET_TCP_DIAG=y
-# CONFIG_INET_UDP_DIAG is not set
-# CONFIG_INET_RAW_DIAG is not set
-# CONFIG_INET_DIAG_DESTROY is not set
-# CONFIG_TCP_CONG_ADVANCED is not set
-CONFIG_TCP_CONG_CUBIC=y
-CONFIG_DEFAULT_TCP_CONG="cubic"
-# CONFIG_TCP_MD5SIG is not set
-# CONFIG_IPV6 is not set
-# CONFIG_NETLABEL is not set
-# CONFIG_NETWORK_SECMARK is not set
-# CONFIG_NET_PTP_CLASSIFY is not set
-# CONFIG_NETWORK_PHY_TIMESTAMPING is not set
-CONFIG_NETFILTER=y
-CONFIG_NETFILTER_ADVANCED=y
-
-#
-# Core Netfilter Configuration
-#
-CONFIG_NETFILTER_INGRESS=y
-CONFIG_NETFILTER_NETLINK=m
-# CONFIG_NETFILTER_NETLINK_ACCT is not set
-CONFIG_NETFILTER_NETLINK_QUEUE=m
-CONFIG_NETFILTER_NETLINK_LOG=m
-CONFIG_NF_CONNTRACK=m
-# CONFIG_NF_LOG_NETDEV is not set
-# CONFIG_NF_CONNTRACK_MARK is not set
-CONFIG_NF_CONNTRACK_PROCFS=y
-# CONFIG_NF_CONNTRACK_EVENTS is not set
-# CONFIG_NF_CONNTRACK_TIMEOUT is not set
-# CONFIG_NF_CONNTRACK_TIMESTAMP is not set
-CONFIG_NF_CT_PROTO_DCCP=y
-# CONFIG_NF_CT_PROTO_SCTP is not set
-# CONFIG_NF_CT_PROTO_UDPLITE is not set
-# CONFIG_NF_CONNTRACK_AMANDA is not set
-CONFIG_NF_CONNTRACK_FTP=m
-# CONFIG_NF_CONNTRACK_H323 is not set
-CONFIG_NF_CONNTRACK_IRC=m
-# CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
-# CONFIG_NF_CONNTRACK_SNMP is not set
-# CONFIG_NF_CONNTRACK_PPTP is not set
-# CONFIG_NF_CONNTRACK_SANE is not set
-# CONFIG_NF_CONNTRACK_SIP is not set
-CONFIG_NF_CONNTRACK_TFTP=m
-CONFIG_NF_CT_NETLINK=m
-# CONFIG_NF_CT_NETLINK_TIMEOUT is not set
-# CONFIG_NETFILTER_NETLINK_GLUE_CT is not set
-# CONFIG_NF_TABLES is not set
-CONFIG_NETFILTER_XTABLES=m
-
-#
-# Xtables combined modules
-#
-CONFIG_NETFILTER_XT_MARK=m
-# CONFIG_NETFILTER_XT_CONNMARK is not set
-
-#
-# Xtables targets
-#
-# CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set
-CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
-# CONFIG_NETFILTER_XT_TARGET_CONNMARK is not set
-# CONFIG_NETFILTER_XT_TARGET_CT is not set
-# CONFIG_NETFILTER_XT_TARGET_DSCP is not set
-CONFIG_NETFILTER_XT_TARGET_HL=m
-# CONFIG_NETFILTER_XT_TARGET_HMARK is not set
-# CONFIG_NETFILTER_XT_TARGET_IDLETIMER is not set
-# CONFIG_NETFILTER_XT_TARGET_LED is not set
-# CONFIG_NETFILTER_XT_TARGET_LOG is not set
-CONFIG_NETFILTER_XT_TARGET_MARK=m
-CONFIG_NETFILTER_XT_TARGET_NFLOG=m
-CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
-# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set
-CONFIG_NETFILTER_XT_TARGET_RATEEST=m
-# CONFIG_NETFILTER_XT_TARGET_TEE is not set
-# CONFIG_NETFILTER_XT_TARGET_TPROXY is not set
-CONFIG_NETFILTER_XT_TARGET_TRACE=m
-CONFIG_NETFILTER_XT_TARGET_TCPMSS=m
-CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m
-
-#
-# Xtables matches
-#
-# CONFIG_NETFILTER_XT_MATCH_ADDRTYPE is not set
-# CONFIG_NETFILTER_XT_MATCH_BPF is not set
-# CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set
-CONFIG_NETFILTER_XT_MATCH_COMMENT=m
-# CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set
-# CONFIG_NETFILTER_XT_MATCH_CONNLABEL is not set
-CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m
-# CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set
-CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
-# CONFIG_NETFILTER_XT_MATCH_CPU is not set
-CONFIG_NETFILTER_XT_MATCH_DCCP=m
-# CONFIG_NETFILTER_XT_MATCH_DEVGROUP is not set
-CONFIG_NETFILTER_XT_MATCH_DSCP=m
-CONFIG_NETFILTER_XT_MATCH_ECN=m
-CONFIG_NETFILTER_XT_MATCH_ESP=m
-# CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set
-CONFIG_NETFILTER_XT_MATCH_HELPER=m
-CONFIG_NETFILTER_XT_MATCH_HL=m
-# CONFIG_NETFILTER_XT_MATCH_IPCOMP is not set
-CONFIG_NETFILTER_XT_MATCH_IPRANGE=m
-# CONFIG_NETFILTER_XT_MATCH_L2TP is not set
-CONFIG_NETFILTER_XT_MATCH_LENGTH=m
-CONFIG_NETFILTER_XT_MATCH_LIMIT=m
-CONFIG_NETFILTER_XT_MATCH_MAC=m
-CONFIG_NETFILTER_XT_MATCH_MARK=m
-CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
-# CONFIG_NETFILTER_XT_MATCH_NFACCT is not set
-# CONFIG_NETFILTER_XT_MATCH_OSF is not set
-CONFIG_NETFILTER_XT_MATCH_OWNER=m
-CONFIG_NETFILTER_XT_MATCH_POLICY=m
-CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
-# CONFIG_NETFILTER_XT_MATCH_QUOTA is not set
-CONFIG_NETFILTER_XT_MATCH_RATEEST=m
-CONFIG_NETFILTER_XT_MATCH_REALM=m
-CONFIG_NETFILTER_XT_MATCH_RECENT=m
-CONFIG_NETFILTER_XT_MATCH_SCTP=m
-# CONFIG_NETFILTER_XT_MATCH_STATE is not set
-# CONFIG_NETFILTER_XT_MATCH_STATISTIC is not set
-CONFIG_NETFILTER_XT_MATCH_STRING=m
-CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
-CONFIG_NETFILTER_XT_MATCH_TIME=m
-CONFIG_NETFILTER_XT_MATCH_U32=m
-# CONFIG_IP_SET is not set
-# CONFIG_IP_VS is not set
-
-#
-# IP: Netfilter Configuration
-#
-CONFIG_NF_DEFRAG_IPV4=m
-CONFIG_NF_CONNTRACK_IPV4=m
-# CONFIG_NF_SOCKET_IPV4 is not set
-# CONFIG_NF_DUP_IPV4 is not set
-# CONFIG_NF_LOG_ARP is not set
-# CONFIG_NF_LOG_IPV4 is not set
-CONFIG_NF_REJECT_IPV4=m
-# CONFIG_NF_NAT_IPV4 is not set
-CONFIG_IP_NF_IPTABLES=m
-CONFIG_IP_NF_MATCH_AH=m
-CONFIG_IP_NF_MATCH_ECN=m
-# CONFIG_IP_NF_MATCH_RPFILTER is not set
-CONFIG_IP_NF_MATCH_TTL=m
-CONFIG_IP_NF_FILTER=m
-CONFIG_IP_NF_TARGET_REJECT=m
-# CONFIG_IP_NF_TARGET_SYNPROXY is not set
-# CONFIG_IP_NF_NAT is not set
-CONFIG_IP_NF_MANGLE=m
-# CONFIG_IP_NF_TARGET_CLUSTERIP is not set
-CONFIG_IP_NF_TARGET_ECN=m
-CONFIG_IP_NF_TARGET_TTL=m
-CONFIG_IP_NF_RAW=m
-# CONFIG_IP_NF_SECURITY is not set
-CONFIG_IP_NF_ARPTABLES=m
-CONFIG_IP_NF_ARPFILTER=m
-CONFIG_IP_NF_ARP_MANGLE=m
-CONFIG_IP_DCCP=m
-CONFIG_INET_DCCP_DIAG=m
-
-#
-# DCCP CCIDs Configuration
-#
-# CONFIG_IP_DCCP_CCID2_DEBUG is not set
-CONFIG_IP_DCCP_CCID3=y
-# CONFIG_IP_DCCP_CCID3_DEBUG is not set
-CONFIG_IP_DCCP_TFRC_LIB=y
-
-#
-# DCCP Kernel Hacking
-#
-# CONFIG_IP_DCCP_DEBUG is not set
-# CONFIG_IP_SCTP is not set
-# CONFIG_RDS is not set
-# CONFIG_TIPC is not set
-# CONFIG_ATM is not set
-# CONFIG_L2TP is not set
-# CONFIG_BRIDGE is not set
-CONFIG_HAVE_NET_DSA=y
-# CONFIG_NET_DSA is not set
-# CONFIG_VLAN_8021Q is not set
-# CONFIG_DECNET is not set
-# CONFIG_LLC2 is not set
-# CONFIG_IPX is not set
-# CONFIG_ATALK is not set
-# CONFIG_X25 is not set
-# CONFIG_LAPB is not set
-# CONFIG_PHONET is not set
-# CONFIG_IEEE802154 is not set
-# CONFIG_NET_SCHED is not set
-# CONFIG_DCB is not set
-CONFIG_DNS_RESOLVER=y
-# CONFIG_BATMAN_ADV is not set
-# CONFIG_OPENVSWITCH is not set
-# CONFIG_VSOCKETS is not set
-# CONFIG_NETLINK_DIAG is not set
-# CONFIG_MPLS is not set
-# CONFIG_NET_NSH is not set
-# CONFIG_HSR is not set
-# CONFIG_NET_SWITCHDEV is not set
-# CONFIG_NET_L3_MASTER_DEV is not set
-# CONFIG_NET_NCSI is not set
-CONFIG_NET_RX_BUSY_POLL=y
-CONFIG_BQL=y
-# CONFIG_BPF_JIT is not set
-
-#
-# Network testing
-#
-# CONFIG_NET_PKTGEN is not set
-# CONFIG_NET_DROP_MONITOR is not set
-# CONFIG_HAMRADIO is not set
-# CONFIG_CAN is not set
-CONFIG_BT=m
-CONFIG_BT_BREDR=y
-CONFIG_BT_RFCOMM=m
-CONFIG_BT_RFCOMM_TTY=y
-CONFIG_BT_BNEP=m
-CONFIG_BT_BNEP_MC_FILTER=y
-CONFIG_BT_BNEP_PROTO_FILTER=y
-CONFIG_BT_HIDP=m
-CONFIG_BT_HS=y
-CONFIG_BT_LE=y
-# CONFIG_BT_LEDS is not set
-# CONFIG_BT_SELFTEST is not set
-CONFIG_BT_DEBUGFS=y
-
-#
-# Bluetooth device drivers
-#
-# CONFIG_BT_HCIBTUSB is not set
-# CONFIG_BT_HCIUART is not set
-CONFIG_BT_HCIBCM203X=m
-CONFIG_BT_HCIBFUSB=m
-# CONFIG_BT_HCIDTL1 is not set
-# CONFIG_BT_HCIBT3C is not set
-# CONFIG_BT_HCIBLUECARD is not set
-# CONFIG_BT_HCIBTUART is not set
-# CONFIG_BT_HCIVHCI is not set
-# CONFIG_BT_MRVL is not set
-# CONFIG_AF_RXRPC is not set
-# CONFIG_AF_KCM is not set
-# CONFIG_STREAM_PARSER is not set
-CONFIG_WIRELESS=y
-CONFIG_WIRELESS_EXT=y
-CONFIG_WEXT_CORE=y
-CONFIG_WEXT_PROC=y
-CONFIG_WEXT_SPY=y
-CONFIG_WEXT_PRIV=y
-CONFIG_CFG80211=m
-# CONFIG_NL80211_TESTMODE is not set
-# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set
-CONFIG_CFG80211_DEFAULT_PS=y
-# CONFIG_CFG80211_DEBUGFS is not set
-# CONFIG_CFG80211_INTERNAL_REGDB is not set
-CONFIG_CFG80211_CRDA_SUPPORT=y
-# CONFIG_CFG80211_WEXT is not set
-# CONFIG_LIB80211 is not set
-CONFIG_MAC80211=m
-CONFIG_MAC80211_HAS_RC=y
-CONFIG_MAC80211_RC_MINSTREL=y
-CONFIG_MAC80211_RC_MINSTREL_HT=y
-# CONFIG_MAC80211_RC_MINSTREL_VHT is not set
-CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y
-CONFIG_MAC80211_RC_DEFAULT="minstrel_ht"
-# CONFIG_MAC80211_MESH is not set
-CONFIG_MAC80211_LEDS=y
-# CONFIG_MAC80211_DEBUGFS is not set
-# CONFIG_MAC80211_MESSAGE_TRACING is not set
-# CONFIG_MAC80211_DEBUG_MENU is not set
-CONFIG_MAC80211_STA_HASH_MAX_SIZE=0
-# CONFIG_WIMAX is not set
-# CONFIG_RFKILL is not set
-# CONFIG_NET_9P is not set
-# CONFIG_CAIF is not set
-# CONFIG_CEPH_LIB is not set
-# CONFIG_NFC is not set
-# CONFIG_PSAMPLE is not set
-# CONFIG_NET_IFE is not set
-# CONFIG_LWTUNNEL is not set
-# CONFIG_DST_CACHE is not set
-CONFIG_GRO_CELLS=y
-# CONFIG_NET_DEVLINK is not set
-CONFIG_MAY_USE_DEVLINK=y
-CONFIG_HAVE_CBPF_JIT=y
-
-#
-# Device Drivers
-#
-
-#
-# Generic Driver Options
-#
-CONFIG_UEVENT_HELPER=y
-CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug"
-# CONFIG_DEVTMPFS is not set
-# CONFIG_STANDALONE is not set
-CONFIG_PREVENT_FIRMWARE_BUILD=y
-CONFIG_FW_LOADER=y
-CONFIG_FIRMWARE_IN_KERNEL=y
-CONFIG_EXTRA_FIRMWARE=""
-# CONFIG_FW_LOADER_USER_HELPER_FALLBACK is not set
-CONFIG_ALLOW_DEV_COREDUMP=y
-# CONFIG_DEBUG_DRIVER is not set
-# CONFIG_DEBUG_DEVRES is not set
-# CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set
-# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set
-# CONFIG_SYS_HYPERVISOR is not set
-# CONFIG_GENERIC_CPU_DEVICES is not set
-CONFIG_GENERIC_CPU_AUTOPROBE=y
-CONFIG_REGMAP=y
-CONFIG_REGMAP_I2C=y
-CONFIG_DMA_SHARED_BUFFER=y
-# CONFIG_DMA_FENCE_TRACE is not set
-
-#
-# Bus devices
-#
-# CONFIG_SIMPLE_PM_BUS is not set
-CONFIG_CONNECTOR=y
-CONFIG_PROC_EVENTS=y
-# CONFIG_MTD is not set
-CONFIG_DTC=y
-CONFIG_OF=y
-# CONFIG_OF_UNITTEST is not set
-CONFIG_OF_FLATTREE=y
-CONFIG_OF_EARLY_FLATTREE=y
-CONFIG_OF_ADDRESS=y
-CONFIG_OF_ADDRESS_PCI=y
-CONFIG_OF_IRQ=y
-CONFIG_OF_NET=y
-CONFIG_OF_MDIO=m
-CONFIG_OF_PCI=y
-CONFIG_OF_PCI_IRQ=y
-CONFIG_OF_RESERVED_MEM=y
-# CONFIG_OF_OVERLAY is not set
-CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
-# CONFIG_PARPORT is not set
-CONFIG_BLK_DEV=y
-# CONFIG_BLK_DEV_NULL_BLK is not set
-# CONFIG_BLK_DEV_FD is not set
-CONFIG_MAC_FLOPPY=m
-# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set
-# CONFIG_BLK_DEV_DAC960 is not set
-# CONFIG_BLK_DEV_UMEM is not set
-# CONFIG_BLK_DEV_COW_COMMON is not set
-CONFIG_BLK_DEV_LOOP=y
-CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
-# CONFIG_BLK_DEV_CRYPTOLOOP is not set
-# CONFIG_BLK_DEV_DRBD is not set
-# CONFIG_BLK_DEV_NBD is not set
-# CONFIG_BLK_DEV_SX8 is not set
-CONFIG_BLK_DEV_RAM=y
-CONFIG_BLK_DEV_RAM_COUNT=16
-CONFIG_BLK_DEV_RAM_SIZE=4096
-# CONFIG_CDROM_PKTCDVD is not set
-# CONFIG_ATA_OVER_ETH is not set
-# CONFIG_BLK_DEV_RBD is not set
-# CONFIG_BLK_DEV_RSXX is not set
-# CONFIG_BLK_DEV_NVME is not set
-# CONFIG_NVME_FC is not set
-
-#
-# Misc devices
-#
-# CONFIG_SENSORS_LIS3LV02D is not set
-# CONFIG_AD525X_DPOT is not set
-# CONFIG_DUMMY_IRQ is not set
-# CONFIG_PHANTOM is not set
-# CONFIG_SGI_IOC4 is not set
-# CONFIG_TIFM_CORE is not set
-# CONFIG_ICS932S401 is not set
-# CONFIG_ENCLOSURE_SERVICES is not set
-# CONFIG_HP_ILO is not set
-# CONFIG_APDS9802ALS is not set
-# CONFIG_ISL29003 is not set
-# CONFIG_ISL29020 is not set
-# CONFIG_SENSORS_TSL2550 is not set
-# CONFIG_SENSORS_BH1770 is not set
-# CONFIG_SENSORS_APDS990X is not set
-# CONFIG_HMC6352 is not set
-# CONFIG_DS1682 is not set
-# CONFIG_USB_SWITCH_FSA9480 is not set
-# CONFIG_SRAM is not set
-# CONFIG_PCI_ENDPOINT_TEST is not set
-# CONFIG_C2PORT is not set
-
-#
-# EEPROM support
-#
-# CONFIG_EEPROM_AT24 is not set
-# CONFIG_EEPROM_LEGACY is not set
-# CONFIG_EEPROM_MAX6875 is not set
-# CONFIG_EEPROM_93CX6 is not set
-# CONFIG_EEPROM_IDT_89HPESX is not set
-# CONFIG_CB710_CORE is not set
-
-#
-# Texas Instruments shared transport line discipline
-#
-# CONFIG_SENSORS_LIS3_I2C is not set
-
-#
-# Altera FPGA firmware download module
-#
-# CONFIG_ALTERA_STAPL is not set
-
-#
-# Intel MIC Bus Driver
-#
-
-#
-# SCIF Bus Driver
-#
-
-#
-# VOP Bus Driver
-#
-
-#
-# Intel MIC Host Driver
-#
-
-#
-# Intel MIC Card Driver
-#
-
-#
-# SCIF Driver
-#
-
-#
-# Intel MIC Coprocessor State Management (COSM) Drivers
-#
-
-#
-# VOP Driver
-#
-# CONFIG_ECHO is not set
-# CONFIG_CXL_BASE is not set
-# CONFIG_CXL_AFU_DRIVER_OPS is not set
-# CONFIG_CXL_LIB is not set
-CONFIG_HAVE_IDE=y
-CONFIG_IDE=y
-
-#
-# Please see Documentation/ide/ide.txt for help/info on IDE drives
-#
-CONFIG_IDE_XFER_MODE=y
-CONFIG_IDE_TIMINGS=y
-CONFIG_IDE_ATAPI=y
-# CONFIG_BLK_DEV_IDE_SATA is not set
-CONFIG_IDE_GD=y
-CONFIG_IDE_GD_ATA=y
-# CONFIG_IDE_GD_ATAPI is not set
-CONFIG_BLK_DEV_IDECS=m
-# CONFIG_BLK_DEV_DELKIN is not set
-CONFIG_BLK_DEV_IDECD=y
-CONFIG_BLK_DEV_IDECD_VERBOSE_ERRORS=y
-# CONFIG_BLK_DEV_IDETAPE is not set
-# CONFIG_IDE_TASK_IOCTL is not set
-CONFIG_IDE_PROC_FS=y
-
-#
-# IDE chipset support/bugfixes
-#
-# CONFIG_BLK_DEV_PLATFORM is not set
-CONFIG_BLK_DEV_IDEDMA_SFF=y
-
-#
-# PCI IDE chipsets support
-#
-CONFIG_BLK_DEV_IDEPCI=y
-CONFIG_IDEPCI_PCIBUS_ORDER=y
-# CONFIG_BLK_DEV_OFFBOARD is not set
-CONFIG_BLK_DEV_GENERIC=y
-# CONFIG_BLK_DEV_OPTI621 is not set
-CONFIG_BLK_DEV_IDEDMA_PCI=y
-# CONFIG_BLK_DEV_AEC62XX is not set
-# CONFIG_BLK_DEV_ALI15X3 is not set
-# CONFIG_BLK_DEV_AMD74XX is not set
-# CONFIG_BLK_DEV_CMD64X is not set
-# CONFIG_BLK_DEV_TRIFLEX is not set
-# CONFIG_BLK_DEV_HPT366 is not set
-# CONFIG_BLK_DEV_JMICRON is not set
-# CONFIG_BLK_DEV_PIIX is not set
-# CONFIG_BLK_DEV_IT8172 is not set
-# CONFIG_BLK_DEV_IT8213 is not set
-# CONFIG_BLK_DEV_IT821X is not set
-# CONFIG_BLK_DEV_NS87415 is not set
-# CONFIG_BLK_DEV_PDC202XX_OLD is not set
-CONFIG_BLK_DEV_PDC202XX_NEW=y
-# CONFIG_BLK_DEV_SVWKS is not set
-# CONFIG_BLK_DEV_SIIMAGE is not set
-CONFIG_BLK_DEV_SL82C105=y
-# CONFIG_BLK_DEV_SLC90E66 is not set
-# CONFIG_BLK_DEV_TRM290 is not set
-# CONFIG_BLK_DEV_VIA82CXXX is not set
-# CONFIG_BLK_DEV_TC86C001 is not set
-CONFIG_BLK_DEV_IDE_PMAC=y
-CONFIG_BLK_DEV_IDE_PMAC_ATA100FIRST=y
-CONFIG_BLK_DEV_IDEDMA=y
-
-#
-# SCSI device support
-#
-CONFIG_SCSI_MOD=y
-# CONFIG_RAID_ATTRS is not set
-CONFIG_SCSI=y
-CONFIG_SCSI_DMA=y
-CONFIG_SCSI_NETLINK=y
-# CONFIG_SCSI_MQ_DEFAULT is not set
-CONFIG_SCSI_PROC_FS=y
-
-#
-# SCSI support type (disk, tape, CD-ROM)
-#
-CONFIG_BLK_DEV_SD=y
-CONFIG_CHR_DEV_ST=y
-# CONFIG_CHR_DEV_OSST is not set
-CONFIG_BLK_DEV_SR=y
-CONFIG_BLK_DEV_SR_VENDOR=y
-CONFIG_CHR_DEV_SG=y
-# CONFIG_CHR_DEV_SCH is not set
-CONFIG_SCSI_CONSTANTS=y
-# CONFIG_SCSI_LOGGING is not set
-# CONFIG_SCSI_SCAN_ASYNC is not set
-
-#
-# SCSI Transports
-#
-CONFIG_SCSI_SPI_ATTRS=y
-CONFIG_SCSI_FC_ATTRS=y
-# CONFIG_SCSI_ISCSI_ATTRS is not set
-# CONFIG_SCSI_SAS_ATTRS is not set
-# CONFIG_SCSI_SAS_LIBSAS is not set
-# CONFIG_SCSI_SRP_ATTRS is not set
-CONFIG_SCSI_LOWLEVEL=y
-# CONFIG_ISCSI_TCP is not set
-# CONFIG_ISCSI_BOOT_SYSFS is not set
-# CONFIG_SCSI_CXGB3_ISCSI is not set
-# CONFIG_SCSI_CXGB4_ISCSI is not set
-# CONFIG_SCSI_BNX2_ISCSI is not set
-# CONFIG_BE2ISCSI is not set
-# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
-# CONFIG_SCSI_HPSA is not set
-# CONFIG_SCSI_3W_9XXX is not set
-# CONFIG_SCSI_3W_SAS is not set
-# CONFIG_SCSI_ACARD is not set
-# CONFIG_SCSI_AACRAID is not set
-CONFIG_SCSI_AIC7XXX=m
-CONFIG_AIC7XXX_CMDS_PER_DEVICE=253
-CONFIG_AIC7XXX_RESET_DELAY_MS=15000
-CONFIG_AIC7XXX_DEBUG_ENABLE=y
-CONFIG_AIC7XXX_DEBUG_MASK=0
-CONFIG_AIC7XXX_REG_PRETTY_PRINT=y
-# CONFIG_SCSI_AIC79XX is not set
-# CONFIG_SCSI_AIC94XX is not set
-# CONFIG_SCSI_MVSAS is not set
-# CONFIG_SCSI_MVUMI is not set
-# CONFIG_SCSI_DPT_I2O is not set
-# CONFIG_SCSI_ADVANSYS is not set
-# CONFIG_SCSI_ARCMSR is not set
-# CONFIG_SCSI_ESAS2R is not set
-# CONFIG_MEGARAID_NEWGEN is not set
-# CONFIG_MEGARAID_LEGACY is not set
-# CONFIG_MEGARAID_SAS is not set
-# CONFIG_SCSI_MPT3SAS is not set
-# CONFIG_SCSI_MPT2SAS is not set
-# CONFIG_SCSI_SMARTPQI is not set
-# CONFIG_SCSI_UFSHCD is not set
-# CONFIG_SCSI_HPTIOP is not set
-# CONFIG_SCSI_BUSLOGIC is not set
-# CONFIG_LIBFC is not set
-# CONFIG_SCSI_SNIC is not set
-# CONFIG_SCSI_DMX3191D is not set
-# CONFIG_SCSI_EATA is not set
-# CONFIG_SCSI_FUTURE_DOMAIN is not set
-# CONFIG_SCSI_GDTH is not set
-# CONFIG_SCSI_IPS is not set
-# CONFIG_SCSI_INITIO is not set
-# CONFIG_SCSI_INIA100 is not set
-# CONFIG_SCSI_STEX is not set
-CONFIG_SCSI_SYM53C8XX_2=y
-CONFIG_SCSI_SYM53C8XX_DMA_ADDRESSING_MODE=0
-CONFIG_SCSI_SYM53C8XX_DEFAULT_TAGS=16
-CONFIG_SCSI_SYM53C8XX_MAX_TAGS=64
-CONFIG_SCSI_SYM53C8XX_MMIO=y
-# CONFIG_SCSI_QLOGIC_1280 is not set
-# CONFIG_SCSI_QLA_FC is not set
-# CONFIG_SCSI_QLA_ISCSI is not set
-# CONFIG_SCSI_LPFC is not set
-# CONFIG_SCSI_DC395x is not set
-# CONFIG_SCSI_AM53C974 is not set
-# CONFIG_SCSI_NSP32 is not set
-# CONFIG_SCSI_WD719X is not set
-# CONFIG_SCSI_DEBUG is not set
-CONFIG_SCSI_MESH=y
-CONFIG_SCSI_MESH_SYNC_RATE=5
-CONFIG_SCSI_MESH_RESET_DELAY_MS=4000
-CONFIG_SCSI_MAC53C94=y
-# CONFIG_SCSI_PMCRAID is not set
-# CONFIG_SCSI_PM8001 is not set
-# CONFIG_SCSI_BFA_FC is not set
-# CONFIG_SCSI_CHELSIO_FCOE is not set
-# CONFIG_SCSI_LOWLEVEL_PCMCIA is not set
-# CONFIG_SCSI_DH is not set
-# CONFIG_SCSI_OSD_INITIATOR is not set
-# CONFIG_ATA is not set
-CONFIG_MD=y
-CONFIG_BLK_DEV_MD=m
-CONFIG_MD_LINEAR=m
-CONFIG_MD_RAID0=m
-CONFIG_MD_RAID1=m
-CONFIG_MD_RAID10=m
-# CONFIG_MD_RAID456 is not set
-CONFIG_MD_MULTIPATH=m
-CONFIG_MD_FAULTY=m
-# CONFIG_BCACHE is not set
-CONFIG_BLK_DEV_DM_BUILTIN=y
-CONFIG_BLK_DEV_DM=m
-# CONFIG_DM_MQ_DEFAULT is not set
-# CONFIG_DM_DEBUG is not set
-CONFIG_DM_BUFIO=m
-# CONFIG_DM_DEBUG_BLOCK_MANAGER_LOCKING is not set
-CONFIG_DM_CRYPT=m
-CONFIG_DM_SNAPSHOT=m
-# CONFIG_DM_THIN_PROVISIONING is not set
-# CONFIG_DM_CACHE is not set
-# CONFIG_DM_ERA is not set
-CONFIG_DM_MIRROR=m
-# CONFIG_DM_LOG_USERSPACE is not set
-# CONFIG_DM_RAID is not set
-CONFIG_DM_ZERO=m
-# CONFIG_DM_MULTIPATH is not set
-# CONFIG_DM_DELAY is not set
-# CONFIG_DM_UEVENT is not set
-# CONFIG_DM_FLAKEY is not set
-# CONFIG_DM_VERITY is not set
-# CONFIG_DM_SWITCH is not set
-# CONFIG_DM_LOG_WRITES is not set
-# CONFIG_DM_INTEGRITY is not set
-# CONFIG_TARGET_CORE is not set
-# CONFIG_FUSION is not set
-
-#
-# IEEE 1394 (FireWire) support
-#
-# CONFIG_FIREWIRE is not set
-# CONFIG_FIREWIRE_NOSY is not set
-CONFIG_MACINTOSH_DRIVERS=y
-CONFIG_ADB=y
-CONFIG_ADB_CUDA=y
-CONFIG_ADB_PMU=y
-CONFIG_ADB_PMU_LED=y
-# CONFIG_ADB_PMU_LED_DISK is not set
-CONFIG_PMAC_APM_EMU=m
-CONFIG_PMAC_MEDIABAY=y
-CONFIG_PMAC_BACKLIGHT=y
-CONFIG_PMAC_BACKLIGHT_LEGACY=y
-CONFIG_INPUT_ADBHID=y
-CONFIG_MAC_EMUMOUSEBTN=y
-CONFIG_THERM_WINDTUNNEL=m
-CONFIG_THERM_ADT746X=m
-# CONFIG_WINDFARM is not set
-# CONFIG_ANSLCD is not set
-CONFIG_PMAC_RACKMETER=m
-# CONFIG_SENSORS_AMS is not set
-CONFIG_NETDEVICES=y
-CONFIG_MII=y
-CONFIG_NET_CORE=y
-# CONFIG_BONDING is not set
-CONFIG_DUMMY=m
-# CONFIG_EQUALIZER is not set
-# CONFIG_NET_FC is not set
-# CONFIG_NET_TEAM is not set
-# CONFIG_MACVLAN is not set
-# CONFIG_VXLAN is not set
-# CONFIG_MACSEC is not set
-# CONFIG_NETCONSOLE is not set
-# CONFIG_NETPOLL is not set
-# CONFIG_NET_POLL_CONTROLLER is not set
-CONFIG_TUN=m
-# CONFIG_TUN_VNET_CROSS_LE is not set
-# CONFIG_VETH is not set
-# CONFIG_NLMON is not set
-CONFIG_SUNGEM_PHY=y
-# CONFIG_ARCNET is not set
-
-#
-# CAIF transport drivers
-#
-
-#
-# Distributed Switch Architecture drivers
-#
-CONFIG_ETHERNET=y
-CONFIG_NET_VENDOR_3COM=y
-# CONFIG_PCMCIA_3C574 is not set
-# CONFIG_PCMCIA_3C589 is not set
-# CONFIG_VORTEX is not set
-# CONFIG_TYPHOON is not set
-CONFIG_NET_VENDOR_ADAPTEC=y
-# CONFIG_ADAPTEC_STARFIRE is not set
-CONFIG_NET_VENDOR_AGERE=y
-# CONFIG_ET131X is not set
-CONFIG_NET_VENDOR_ALACRITECH=y
-# CONFIG_SLICOSS is not set
-CONFIG_NET_VENDOR_ALTEON=y
-# CONFIG_ACENIC is not set
-# CONFIG_ALTERA_TSE is not set
-CONFIG_NET_VENDOR_AMAZON=y
-CONFIG_NET_VENDOR_AMD=y
-# CONFIG_AMD8111_ETH is not set
-CONFIG_PCNET32=y
-# CONFIG_PCMCIA_NMCLAN is not set
-# CONFIG_AMD_XGBE_HAVE_ECC is not set
-CONFIG_NET_VENDOR_APPLE=y
-CONFIG_MACE=y
-# CONFIG_MACE_AAUI_PORT is not set
-CONFIG_BMAC=y
-CONFIG_NET_VENDOR_AQUANTIA=y
-CONFIG_NET_VENDOR_ARC=y
-CONFIG_NET_VENDOR_ATHEROS=y
-# CONFIG_ATL2 is not set
-# CONFIG_ATL1 is not set
-# CONFIG_ATL1E is not set
-# CONFIG_ATL1C is not set
-# CONFIG_ALX is not set
-# CONFIG_NET_VENDOR_AURORA is not set
-CONFIG_NET_CADENCE=y
-# CONFIG_MACB is not set
-CONFIG_NET_VENDOR_BROADCOM=y
-# CONFIG_B44 is not set
-# CONFIG_BCMGENET is not set
-# CONFIG_BNX2 is not set
-# CONFIG_CNIC is not set
-# CONFIG_TIGON3 is not set
-# CONFIG_BNX2X is not set
-# CONFIG_SYSTEMPORT is not set
-# CONFIG_BNXT is not set
-CONFIG_NET_VENDOR_BROCADE=y
-# CONFIG_BNA is not set
-CONFIG_NET_VENDOR_CAVIUM=y
-CONFIG_NET_VENDOR_CHELSIO=y
-# CONFIG_CHELSIO_T1 is not set
-# CONFIG_CHELSIO_T3 is not set
-# CONFIG_CHELSIO_T4 is not set
-# CONFIG_CHELSIO_T4VF is not set
-CONFIG_NET_VENDOR_CISCO=y
-# CONFIG_ENIC is not set
-# CONFIG_DNET is not set
-CONFIG_NET_VENDOR_DEC=y
-# CONFIG_NET_TULIP is not set
-CONFIG_NET_VENDOR_DLINK=y
-# CONFIG_DL2K is not set
-# CONFIG_SUNDANCE is not set
-CONFIG_NET_VENDOR_EMULEX=y
-# CONFIG_BE2NET is not set
-CONFIG_NET_VENDOR_EZCHIP=y
-# CONFIG_EZCHIP_NPS_MANAGEMENT_ENET is not set
-CONFIG_NET_VENDOR_EXAR=y
-# CONFIG_S2IO is not set
-# CONFIG_VXGE is not set
-CONFIG_NET_VENDOR_FUJITSU=y
-# CONFIG_PCMCIA_FMVJ18X is not set
-CONFIG_NET_VENDOR_HP=y
-# CONFIG_HP100 is not set
-CONFIG_NET_VENDOR_HUAWEI=y
-CONFIG_NET_VENDOR_INTEL=y
-# CONFIG_E100 is not set
-# CONFIG_E1000 is not set
-# CONFIG_E1000E is not set
-# CONFIG_IGB is not set
-# CONFIG_IGBVF is not set
-# CONFIG_IXGB is not set
-# CONFIG_IXGBE is not set
-# CONFIG_I40E is not set
-CONFIG_NET_VENDOR_I825XX=y
-# CONFIG_JME is not set
-CONFIG_NET_VENDOR_MARVELL=y
-# CONFIG_MV643XX_ETH is not set
-# CONFIG_MVMDIO is not set
-# CONFIG_MVNETA_BM is not set
-# CONFIG_SKGE is not set
-# CONFIG_SKY2 is not set
-CONFIG_NET_VENDOR_MELLANOX=y
-# CONFIG_MLX4_EN is not set
-# CONFIG_MLX4_CORE is not set
-# CONFIG_MLX5_CORE is not set
-# CONFIG_MLXSW_CORE is not set
-# CONFIG_MLXFW is not set
-CONFIG_NET_VENDOR_MICREL=y
-# CONFIG_KS8851_MLL is not set
-# CONFIG_KSZ884X_PCI is not set
-CONFIG_NET_VENDOR_MYRI=y
-# CONFIG_MYRI10GE is not set
-# CONFIG_FEALNX is not set
-CONFIG_NET_VENDOR_NATSEMI=y
-# CONFIG_NATSEMI is not set
-# CONFIG_NS83820 is not set
-CONFIG_NET_VENDOR_NETRONOME=y
-CONFIG_NET_VENDOR_8390=y
-# CONFIG_PCMCIA_AXNET is not set
-# CONFIG_NE2K_PCI is not set
-# CONFIG_PCMCIA_PCNET is not set
-CONFIG_NET_VENDOR_NVIDIA=y
-# CONFIG_FORCEDETH is not set
-CONFIG_NET_VENDOR_OKI=y
-# CONFIG_ETHOC is not set
-CONFIG_NET_PACKET_ENGINE=y
-# CONFIG_HAMACHI is not set
-# CONFIG_YELLOWFIN is not set
-CONFIG_NET_VENDOR_QLOGIC=y
-# CONFIG_QLA3XXX is not set
-# CONFIG_QLCNIC is not set
-# CONFIG_QLGE is not set
-# CONFIG_NETXEN_NIC is not set
-# CONFIG_QED is not set
-CONFIG_NET_VENDOR_QUALCOMM=y
-# CONFIG_QCOM_EMAC is not set
-# CONFIG_RMNET is not set
-CONFIG_NET_VENDOR_REALTEK=y
-# CONFIG_8139CP is not set
-# CONFIG_8139TOO is not set
-# CONFIG_R8169 is not set
-CONFIG_NET_VENDOR_RENESAS=y
-CONFIG_NET_VENDOR_RDC=y
-# CONFIG_R6040 is not set
-CONFIG_NET_VENDOR_ROCKER=y
-CONFIG_NET_VENDOR_SAMSUNG=y
-# CONFIG_SXGBE_ETH is not set
-CONFIG_NET_VENDOR_SEEQ=y
-CONFIG_NET_VENDOR_SILAN=y
-# CONFIG_SC92031 is not set
-CONFIG_NET_VENDOR_SIS=y
-# CONFIG_SIS900 is not set
-# CONFIG_SIS190 is not set
-CONFIG_NET_VENDOR_SOLARFLARE=y
-# CONFIG_SFC is not set
-# CONFIG_SFC_FALCON is not set
-CONFIG_NET_VENDOR_SMSC=y
-# CONFIG_PCMCIA_SMC91C92 is not set
-# CONFIG_EPIC100 is not set
-# CONFIG_SMSC911X is not set
-# CONFIG_SMSC9420 is not set
-CONFIG_NET_VENDOR_STMICRO=y
-# CONFIG_STMMAC_ETH is not set
-CONFIG_NET_VENDOR_SUN=y
-# CONFIG_HAPPYMEAL is not set
-CONFIG_SUNGEM=y
-# CONFIG_CASSINI is not set
-# CONFIG_NIU is not set
-CONFIG_NET_VENDOR_TEHUTI=y
-# CONFIG_TEHUTI is not set
-CONFIG_NET_VENDOR_TI=y
-# CONFIG_TI_CPSW_ALE is not set
-# CONFIG_TLAN is not set
-CONFIG_NET_VENDOR_VIA=y
-# CONFIG_VIA_RHINE is not set
-# CONFIG_VIA_VELOCITY is not set
-CONFIG_NET_VENDOR_WIZNET=y
-# CONFIG_WIZNET_W5100 is not set
-# CONFIG_WIZNET_W5300 is not set
-CONFIG_NET_VENDOR_XILINX=y
-# CONFIG_XILINX_EMACLITE is not set
-# CONFIG_XILINX_LL_TEMAC is not set
-CONFIG_NET_VENDOR_XIRCOM=y
-# CONFIG_PCMCIA_XIRC2PS is not set
-CONFIG_NET_VENDOR_SYNOPSYS=y
-# CONFIG_DWC_XLGMAC is not set
-# CONFIG_FDDI is not set
-# CONFIG_HIPPI is not set
-CONFIG_MDIO_DEVICE=m
-CONFIG_MDIO_BUS=m
-# CONFIG_MDIO_BCM_UNIMAC is not set
-# CONFIG_MDIO_BITBANG is not set
-# CONFIG_MDIO_BUS_MUX_MMIOREG is not set
-# CONFIG_MDIO_HISI_FEMAC is not set
-CONFIG_PHYLIB=m
-CONFIG_SWPHY=y
-# CONFIG_LED_TRIGGER_PHY is not set
-
-#
-# MII PHY device drivers
-#
-# CONFIG_AMD_PHY is not set
-# CONFIG_AQUANTIA_PHY is not set
-# CONFIG_AT803X_PHY is not set
-# CONFIG_BCM7XXX_PHY is not set
-# CONFIG_BCM87XX_PHY is not set
-# CONFIG_BROADCOM_PHY is not set
-# CONFIG_CICADA_PHY is not set
-# CONFIG_CORTINA_PHY is not set
-# CONFIG_DAVICOM_PHY is not set
-# CONFIG_DP83848_PHY is not set
-# CONFIG_DP83867_PHY is not set
-CONFIG_FIXED_PHY=m
-# CONFIG_ICPLUS_PHY is not set
-# CONFIG_INTEL_XWAY_PHY is not set
-# CONFIG_LSI_ET1011C_PHY is not set
-# CONFIG_LXT_PHY is not set
-# CONFIG_MARVELL_PHY is not set
-# CONFIG_MARVELL_10G_PHY is not set
-# CONFIG_MICREL_PHY is not set
-# CONFIG_MICROCHIP_PHY is not set
-# CONFIG_MICROSEMI_PHY is not set
-# CONFIG_NATIONAL_PHY is not set
-# CONFIG_QSEMI_PHY is not set
-# CONFIG_REALTEK_PHY is not set
-# CONFIG_ROCKCHIP_PHY is not set
-# CONFIG_SMSC_PHY is not set
-# CONFIG_STE10XP is not set
-# CONFIG_TERANETICS_PHY is not set
-# CONFIG_VITESSE_PHY is not set
-# CONFIG_XILINX_GMII2RGMII is not set
-CONFIG_PPP=y
-CONFIG_PPP_BSDCOMP=m
-CONFIG_PPP_DEFLATE=y
-# CONFIG_PPP_FILTER is not set
-# CONFIG_PPP_MPPE is not set
-CONFIG_PPP_MULTILINK=y
-# CONFIG_PPPOE is not set
-CONFIG_PPP_ASYNC=y
-CONFIG_PPP_SYNC_TTY=m
-# CONFIG_SLIP is not set
-CONFIG_SLHC=y
-CONFIG_USB_NET_DRIVERS=y
-# CONFIG_USB_CATC is not set
-# CONFIG_USB_KAWETH is not set
-# CONFIG_USB_PEGASUS is not set
-# CONFIG_USB_RTL8150 is not set
-# CONFIG_USB_RTL8152 is not set
-# CONFIG_USB_LAN78XX is not set
-CONFIG_USB_USBNET=m
-CONFIG_USB_NET_AX8817X=m
-CONFIG_USB_NET_AX88179_178A=m
-CONFIG_USB_NET_CDCETHER=m
-# CONFIG_USB_NET_CDC_EEM is not set
-CONFIG_USB_NET_CDC_NCM=m
-# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set
-# CONFIG_USB_NET_CDC_MBIM is not set
-# CONFIG_USB_NET_DM9601 is not set
-# CONFIG_USB_NET_SR9700 is not set
-# CONFIG_USB_NET_SR9800 is not set
-# CONFIG_USB_NET_SMSC75XX is not set
-# CONFIG_USB_NET_SMSC95XX is not set
-# CONFIG_USB_NET_GL620A is not set
-CONFIG_USB_NET_NET1080=m
-# CONFIG_USB_NET_PLUSB is not set
-# CONFIG_USB_NET_MCS7830 is not set
-# CONFIG_USB_NET_RNDIS_HOST is not set
-# CONFIG_USB_NET_CDC_SUBSET is not set
-CONFIG_USB_NET_ZAURUS=m
-# CONFIG_USB_NET_CX82310_ETH is not set
-# CONFIG_USB_NET_KALMIA is not set
-# CONFIG_USB_NET_QMI_WWAN is not set
-# CONFIG_USB_NET_INT51X1 is not set
-# CONFIG_USB_IPHETH is not set
-# CONFIG_USB_SIERRA_NET is not set
-# CONFIG_USB_VL600 is not set
-# CONFIG_USB_NET_CH9200 is not set
-CONFIG_WLAN=y
-CONFIG_WLAN_VENDOR_ADMTEK=y
-# CONFIG_ADM8211 is not set
-CONFIG_WLAN_VENDOR_ATH=y
-# CONFIG_ATH_DEBUG is not set
-# CONFIG_ATH5K is not set
-# CONFIG_ATH5K_PCI is not set
-# CONFIG_ATH9K is not set
-# CONFIG_ATH9K_HTC is not set
-# CONFIG_CARL9170 is not set
-# CONFIG_ATH6KL is not set
-# CONFIG_AR5523 is not set
-# CONFIG_WIL6210 is not set
-# CONFIG_ATH10K is not set
-# CONFIG_WCN36XX is not set
-CONFIG_WLAN_VENDOR_ATMEL=y
-# CONFIG_ATMEL is not set
-# CONFIG_AT76C50X_USB is not set
-CONFIG_WLAN_VENDOR_BROADCOM=y
-CONFIG_B43=m
-CONFIG_B43_BCMA=y
-CONFIG_B43_SSB=y
-CONFIG_B43_BUSES_BCMA_AND_SSB=y
-# CONFIG_B43_BUSES_BCMA is not set
-# CONFIG_B43_BUSES_SSB is not set
-CONFIG_B43_PCI_AUTOSELECT=y
-CONFIG_B43_PCICORE_AUTOSELECT=y
-CONFIG_B43_BCMA_PIO=y
-CONFIG_B43_PIO=y
-CONFIG_B43_PHY_G=y
-CONFIG_B43_PHY_N=y
-CONFIG_B43_PHY_LP=y
-CONFIG_B43_PHY_HT=y
-CONFIG_B43_LEDS=y
-CONFIG_B43_HWRNG=y
-# CONFIG_B43_DEBUG is not set
-CONFIG_B43LEGACY=m
-CONFIG_B43LEGACY_PCI_AUTOSELECT=y
-CONFIG_B43LEGACY_PCICORE_AUTOSELECT=y
-CONFIG_B43LEGACY_LEDS=y
-CONFIG_B43LEGACY_HWRNG=y
-CONFIG_B43LEGACY_DEBUG=y
-CONFIG_B43LEGACY_DMA=y
-CONFIG_B43LEGACY_PIO=y
-CONFIG_B43LEGACY_DMA_AND_PIO_MODE=y
-# CONFIG_B43LEGACY_DMA_MODE is not set
-# CONFIG_B43LEGACY_PIO_MODE is not set
-# CONFIG_BRCMSMAC is not set
-# CONFIG_BRCMFMAC is not set
-CONFIG_WLAN_VENDOR_CISCO=y
-# CONFIG_AIRO is not set
-# CONFIG_AIRO_CS is not set
-CONFIG_WLAN_VENDOR_INTEL=y
-# CONFIG_IPW2100 is not set
-# CONFIG_IPW2200 is not set
-# CONFIG_IWL4965 is not set
-# CONFIG_IWL3945 is not set
-# CONFIG_IWLWIFI is not set
-CONFIG_WLAN_VENDOR_INTERSIL=y
-# CONFIG_HOSTAP is not set
-# CONFIG_HERMES is not set
-CONFIG_P54_COMMON=m
-# CONFIG_P54_USB is not set
-# CONFIG_P54_PCI is not set
-CONFIG_P54_LEDS=y
-CONFIG_PRISM54=m
-CONFIG_WLAN_VENDOR_MARVELL=y
-# CONFIG_LIBERTAS is not set
-# CONFIG_LIBERTAS_THINFIRM is not set
-# CONFIG_MWIFIEX is not set
-# CONFIG_MWL8K is not set
-CONFIG_WLAN_VENDOR_MEDIATEK=y
-# CONFIG_MT7601U is not set
-CONFIG_WLAN_VENDOR_RALINK=y
-# CONFIG_RT2X00 is not set
-CONFIG_WLAN_VENDOR_REALTEK=y
-# CONFIG_RTL8180 is not set
-# CONFIG_RTL8187 is not set
-CONFIG_RTL_CARDS=m
-# CONFIG_RTL8192CE is not set
-# CONFIG_RTL8192SE is not set
-# CONFIG_RTL8192DE is not set
-# CONFIG_RTL8723AE is not set
-# CONFIG_RTL8723BE is not set
-# CONFIG_RTL8188EE is not set
-# CONFIG_RTL8192EE is not set
-# CONFIG_RTL8821AE is not set
-# CONFIG_RTL8192CU is not set
-# CONFIG_RTL8XXXU is not set
-CONFIG_WLAN_VENDOR_RSI=y
-# CONFIG_RSI_91X is not set
-CONFIG_WLAN_VENDOR_ST=y
-# CONFIG_CW1200 is not set
-CONFIG_WLAN_VENDOR_TI=y
-# CONFIG_WL1251 is not set
-# CONFIG_WL12XX is not set
-# CONFIG_WL18XX is not set
-# CONFIG_WLCORE is not set
-CONFIG_WLAN_VENDOR_ZYDAS=y
-# CONFIG_USB_ZD1201 is not set
-# CONFIG_ZD1211RW is not set
-CONFIG_WLAN_VENDOR_QUANTENNA=y
-# CONFIG_QTNFMAC_PEARL_PCIE is not set
-# CONFIG_PCMCIA_RAYCS is not set
-# CONFIG_PCMCIA_WL3501 is not set
-# CONFIG_MAC80211_HWSIM is not set
-# CONFIG_USB_NET_RNDIS_WLAN is not set
-
-#
-# Enable WiMAX (Networking options) to see the WiMAX drivers
-#
-# CONFIG_WAN is not set
-# CONFIG_VMXNET3 is not set
-# CONFIG_ISDN is not set
-# CONFIG_NVM is not set
-
-#
-# Input device support
-#
-CONFIG_INPUT=y
-CONFIG_INPUT_LEDS=y
-# CONFIG_INPUT_FF_MEMLESS is not set
-# CONFIG_INPUT_POLLDEV is not set
-# CONFIG_INPUT_SPARSEKMAP is not set
-# CONFIG_INPUT_MATRIXKMAP is not set
-
-#
-# Userland interfaces
-#
-CONFIG_INPUT_MOUSEDEV=y
-CONFIG_INPUT_MOUSEDEV_PSAUX=y
-CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
-CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
-# CONFIG_INPUT_JOYDEV is not set
-CONFIG_INPUT_EVDEV=y
-# CONFIG_INPUT_EVBUG is not set
-
-#
-# Input Device Drivers
-#
-CONFIG_INPUT_KEYBOARD=y
-# CONFIG_KEYBOARD_ADP5588 is not set
-# CONFIG_KEYBOARD_ADP5589 is not set
-# CONFIG_KEYBOARD_ATKBD is not set
-# CONFIG_KEYBOARD_QT1070 is not set
-# CONFIG_KEYBOARD_QT2160 is not set
-# CONFIG_KEYBOARD_DLINK_DIR685 is not set
-# CONFIG_KEYBOARD_LKKBD is not set
-# CONFIG_KEYBOARD_TCA6416 is not set
-# CONFIG_KEYBOARD_TCA8418 is not set
-# CONFIG_KEYBOARD_LM8323 is not set
-# CONFIG_KEYBOARD_LM8333 is not set
-# CONFIG_KEYBOARD_MAX7359 is not set
-# CONFIG_KEYBOARD_MCS is not set
-# CONFIG_KEYBOARD_MPR121 is not set
-# CONFIG_KEYBOARD_NEWTON is not set
-# CONFIG_KEYBOARD_OPENCORES is not set
-# CONFIG_KEYBOARD_STOWAWAY is not set
-# CONFIG_KEYBOARD_SUNKBD is not set
-# CONFIG_KEYBOARD_OMAP4 is not set
-# CONFIG_KEYBOARD_TM2_TOUCHKEY is not set
-# CONFIG_KEYBOARD_XTKBD is not set
-# CONFIG_KEYBOARD_CAP11XX is not set
-CONFIG_INPUT_MOUSE=y
-# CONFIG_MOUSE_PS2 is not set
-# CONFIG_MOUSE_SERIAL is not set
-CONFIG_MOUSE_APPLETOUCH=y
-# CONFIG_MOUSE_BCM5974 is not set
-# CONFIG_MOUSE_CYAPA is not set
-# CONFIG_MOUSE_ELAN_I2C is not set
-# CONFIG_MOUSE_VSXXXAA is not set
-# CONFIG_MOUSE_SYNAPTICS_I2C is not set
-# CONFIG_MOUSE_SYNAPTICS_USB is not set
-# CONFIG_INPUT_JOYSTICK is not set
-# CONFIG_INPUT_TABLET is not set
-# CONFIG_INPUT_TOUCHSCREEN is not set
-# CONFIG_INPUT_MISC is not set
-# CONFIG_RMI4_CORE is not set
-
-#
-# Hardware I/O ports
-#
-CONFIG_SERIO=y
-CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
-# CONFIG_SERIO_I8042 is not set
-# CONFIG_SERIO_SERPORT is not set
-# CONFIG_SERIO_PCIPS2 is not set
-# CONFIG_SERIO_LIBPS2 is not set
-# CONFIG_SERIO_RAW is not set
-# CONFIG_SERIO_XILINX_XPS_PS2 is not set
-# CONFIG_SERIO_ALTERA_PS2 is not set
-# CONFIG_SERIO_PS2MULT is not set
-# CONFIG_SERIO_ARC_PS2 is not set
-# CONFIG_SERIO_APBPS2 is not set
-# CONFIG_USERIO is not set
-# CONFIG_GAMEPORT is not set
-
-#
-# Character devices
-#
-CONFIG_TTY=y
-CONFIG_VT=y
-CONFIG_CONSOLE_TRANSLATIONS=y
-CONFIG_VT_CONSOLE=y
-CONFIG_VT_CONSOLE_SLEEP=y
-CONFIG_HW_CONSOLE=y
-CONFIG_VT_HW_CONSOLE_BINDING=y
-CONFIG_UNIX98_PTYS=y
-CONFIG_LEGACY_PTYS=y
-CONFIG_LEGACY_PTY_COUNT=256
-# CONFIG_SERIAL_NONSTANDARD is not set
-# CONFIG_NOZOMI is not set
-# CONFIG_N_GSM is not set
-# CONFIG_TRACE_SINK is not set
-# CONFIG_PPC_EPAPR_HV_BYTECHAN is not set
-CONFIG_DEVMEM=y
-CONFIG_DEVKMEM=y
-
-#
-# Serial drivers
-#
-CONFIG_SERIAL_8250=m
-CONFIG_SERIAL_8250_DEPRECATED_OPTIONS=y
-# CONFIG_SERIAL_8250_FINTEK is not set
-CONFIG_SERIAL_8250_PCI=m
-CONFIG_SERIAL_8250_EXAR=m
-# CONFIG_SERIAL_8250_CS is not set
-CONFIG_SERIAL_8250_NR_UARTS=4
-CONFIG_SERIAL_8250_RUNTIME_UARTS=4
-# CONFIG_SERIAL_8250_EXTENDED is not set
-# CONFIG_SERIAL_8250_ASPEED_VUART is not set
-# CONFIG_SERIAL_8250_DW is not set
-# CONFIG_SERIAL_8250_RT288X is not set
-# CONFIG_SERIAL_8250_MOXA is not set
-# CONFIG_SERIAL_OF_PLATFORM is not set
-
-#
-# Non-8250 serial port support
-#
-# CONFIG_SERIAL_UARTLITE is not set
-CONFIG_SERIAL_CORE=m
-CONFIG_SERIAL_PMACZILOG=m
-CONFIG_SERIAL_PMACZILOG_TTYS=y
-# CONFIG_SERIAL_JSM is not set
-# CONFIG_SERIAL_SCCNXP is not set
-# CONFIG_SERIAL_SC16IS7XX is not set
-# CONFIG_SERIAL_ALTERA_JTAGUART is not set
-# CONFIG_SERIAL_ALTERA_UART is not set
-# CONFIG_SERIAL_XILINX_PS_UART is not set
-# CONFIG_SERIAL_ARC is not set
-# CONFIG_SERIAL_RP2 is not set
-# CONFIG_SERIAL_FSL_LPUART is not set
-# CONFIG_SERIAL_CONEXANT_DIGICOLOR is not set
-# CONFIG_SERIAL_DEV_BUS is not set
-# CONFIG_HVC_UDBG is not set
-# CONFIG_IPMI_HANDLER is not set
-CONFIG_HW_RANDOM=m
-# CONFIG_HW_RANDOM_TIMERIOMEM is not set
-CONFIG_NVRAM=y
-# CONFIG_R3964 is not set
-# CONFIG_APPLICOM is not set
-
-#
-# PCMCIA character devices
-#
-# CONFIG_SYNCLINK_CS is not set
-# CONFIG_CARDMAN_4000 is not set
-# CONFIG_CARDMAN_4040 is not set
-# CONFIG_SCR24X is not set
-# CONFIG_IPWIRELESS is not set
-# CONFIG_RAW_DRIVER is not set
-# CONFIG_TCG_TPM is not set
-CONFIG_DEVPORT=y
-# CONFIG_XILLYBUS is not set
-
-#
-# I2C support
-#
-CONFIG_I2C=y
-CONFIG_I2C_BOARDINFO=y
-CONFIG_I2C_COMPAT=y
-CONFIG_I2C_CHARDEV=m
-# CONFIG_I2C_MUX is not set
-CONFIG_I2C_HELPER_AUTO=y
-CONFIG_I2C_ALGOBIT=y
-
-#
-# I2C Hardware Bus support
-#
-
-#
-# PC SMBus host controller drivers
-#
-# CONFIG_I2C_ALI1535 is not set
-# CONFIG_I2C_ALI1563 is not set
-# CONFIG_I2C_ALI15X3 is not set
-# CONFIG_I2C_AMD756 is not set
-# CONFIG_I2C_AMD8111 is not set
-# CONFIG_I2C_I801 is not set
-# CONFIG_I2C_ISCH is not set
-# CONFIG_I2C_PIIX4 is not set
-# CONFIG_I2C_NFORCE2 is not set
-# CONFIG_I2C_SIS5595 is not set
-# CONFIG_I2C_SIS630 is not set
-# CONFIG_I2C_SIS96X is not set
-# CONFIG_I2C_VIA is not set
-# CONFIG_I2C_VIAPRO is not set
-
-#
-# Mac SMBus host controller drivers
-#
-CONFIG_I2C_POWERMAC=y
-
-#
-# I2C system bus drivers (mostly embedded / system-on-chip)
-#
-# CONFIG_I2C_DESIGNWARE_PLATFORM is not set
-# CONFIG_I2C_DESIGNWARE_PCI is not set
-# CONFIG_I2C_MPC is not set
-# CONFIG_I2C_OCORES is not set
-# CONFIG_I2C_PCA_PLATFORM is not set
-# CONFIG_I2C_PXA_PCI is not set
-# CONFIG_I2C_SIMTEC is not set
-# CONFIG_I2C_XILINX is not set
-
-#
-# External I2C/SMBus adapter drivers
-#
-# CONFIG_I2C_DIOLAN_U2C is not set
-# CONFIG_I2C_PARPORT_LIGHT is not set
-# CONFIG_I2C_ROBOTFUZZ_OSIF is not set
-# CONFIG_I2C_TAOS_EVM is not set
-# CONFIG_I2C_TINY_USB is not set
-
-#
-# Other I2C/SMBus bus drivers
-#
-# CONFIG_I2C_STUB is not set
-# CONFIG_I2C_SLAVE is not set
-# CONFIG_I2C_DEBUG_CORE is not set
-# CONFIG_I2C_DEBUG_ALGO is not set
-# CONFIG_I2C_DEBUG_BUS is not set
-# CONFIG_SPI is not set
-# CONFIG_SPMI is not set
-# CONFIG_HSI is not set
-# CONFIG_PPS is not set
-
-#
-# PTP clock support
-#
-# CONFIG_PTP_1588_CLOCK is not set
-
-#
-# Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
-#
-# CONFIG_GPIOLIB is not set
-# CONFIG_W1 is not set
-# CONFIG_POWER_AVS is not set
-# CONFIG_POWER_RESET is not set
-CONFIG_POWER_SUPPLY=y
-# CONFIG_POWER_SUPPLY_DEBUG is not set
-# CONFIG_PDA_POWER is not set
-CONFIG_APM_POWER=y
-# CONFIG_TEST_POWER is not set
-# CONFIG_BATTERY_DS2780 is not set
-# CONFIG_BATTERY_DS2781 is not set
-# CONFIG_BATTERY_DS2782 is not set
-CONFIG_BATTERY_PMU=y
-# CONFIG_BATTERY_SBS is not set
-# CONFIG_CHARGER_SBS is not set
-# CONFIG_BATTERY_BQ27XXX is not set
-# CONFIG_BATTERY_MAX17040 is not set
-# CONFIG_BATTERY_MAX17042 is not set
-# CONFIG_CHARGER_MAX8903 is not set
-# CONFIG_CHARGER_LP8727 is not set
-# CONFIG_CHARGER_DETECTOR_MAX14656 is not set
-# CONFIG_CHARGER_BQ2415X is not set
-# CONFIG_CHARGER_SMB347 is not set
-# CONFIG_BATTERY_GAUGE_LTC2941 is not set
-CONFIG_HWMON=m
-# CONFIG_HWMON_VID is not set
-# CONFIG_HWMON_DEBUG_CHIP is not set
-
-#
-# Native drivers
-#
-# CONFIG_SENSORS_AD7414 is not set
-# CONFIG_SENSORS_AD7418 is not set
-# CONFIG_SENSORS_ADM1021 is not set
-# CONFIG_SENSORS_ADM1025 is not set
-# CONFIG_SENSORS_ADM1026 is not set
-# CONFIG_SENSORS_ADM1029 is not set
-# CONFIG_SENSORS_ADM1031 is not set
-# CONFIG_SENSORS_ADM9240 is not set
-# CONFIG_SENSORS_ADT7410 is not set
-# CONFIG_SENSORS_ADT7411 is not set
-# CONFIG_SENSORS_ADT7462 is not set
-# CONFIG_SENSORS_ADT7470 is not set
-# CONFIG_SENSORS_ADT7475 is not set
-# CONFIG_SENSORS_ASC7621 is not set
-# CONFIG_SENSORS_ASPEED is not set
-# CONFIG_SENSORS_ATXP1 is not set
-# CONFIG_SENSORS_DS620 is not set
-# CONFIG_SENSORS_DS1621 is not set
-# CONFIG_SENSORS_I5K_AMB is not set
-# CONFIG_SENSORS_F75375S is not set
-# CONFIG_SENSORS_GL518SM is not set
-# CONFIG_SENSORS_GL520SM is not set
-# CONFIG_SENSORS_G760A is not set
-# CONFIG_SENSORS_G762 is not set
-# CONFIG_SENSORS_HIH6130 is not set
-# CONFIG_SENSORS_JC42 is not set
-# CONFIG_SENSORS_POWR1220 is not set
-# CONFIG_SENSORS_LINEAGE is not set
-# CONFIG_SENSORS_LTC2945 is not set
-# CONFIG_SENSORS_LTC2990 is not set
-# CONFIG_SENSORS_LTC4151 is not set
-# CONFIG_SENSORS_LTC4215 is not set
-# CONFIG_SENSORS_LTC4222 is not set
-# CONFIG_SENSORS_LTC4245 is not set
-# CONFIG_SENSORS_LTC4260 is not set
-# CONFIG_SENSORS_LTC4261 is not set
-# CONFIG_SENSORS_MAX16065 is not set
-# CONFIG_SENSORS_MAX1619 is not set
-# CONFIG_SENSORS_MAX1668 is not set
-# CONFIG_SENSORS_MAX197 is not set
-# CONFIG_SENSORS_MAX6639 is not set
-# CONFIG_SENSORS_MAX6642 is not set
-# CONFIG_SENSORS_MAX6650 is not set
-# CONFIG_SENSORS_MAX6697 is not set
-# CONFIG_SENSORS_MAX31790 is not set
-# CONFIG_SENSORS_MCP3021 is not set
-# CONFIG_SENSORS_TC654 is not set
-# CONFIG_SENSORS_LM63 is not set
-# CONFIG_SENSORS_LM73 is not set
-# CONFIG_SENSORS_LM75 is not set
-# CONFIG_SENSORS_LM77 is not set
-# CONFIG_SENSORS_LM78 is not set
-# CONFIG_SENSORS_LM80 is not set
-# CONFIG_SENSORS_LM83 is not set
-# CONFIG_SENSORS_LM85 is not set
-# CONFIG_SENSORS_LM87 is not set
-# CONFIG_SENSORS_LM90 is not set
-# CONFIG_SENSORS_LM92 is not set
-# CONFIG_SENSORS_LM93 is not set
-# CONFIG_SENSORS_LM95234 is not set
-# CONFIG_SENSORS_LM95241 is not set
-# CONFIG_SENSORS_LM95245 is not set
-# CONFIG_SENSORS_NTC_THERMISTOR is not set
-# CONFIG_SENSORS_NCT7802 is not set
-# CONFIG_SENSORS_NCT7904 is not set
-# CONFIG_SENSORS_PCF8591 is not set
-# CONFIG_PMBUS is not set
-# CONFIG_SENSORS_SHT21 is not set
-# CONFIG_SENSORS_SHT3x is not set
-# CONFIG_SENSORS_SHTC1 is not set
-# CONFIG_SENSORS_SIS5595 is not set
-# CONFIG_SENSORS_EMC1403 is not set
-# CONFIG_SENSORS_EMC2103 is not set
-# CONFIG_SENSORS_EMC6W201 is not set
-# CONFIG_SENSORS_SMSC47M192 is not set
-# CONFIG_SENSORS_SCH56XX_COMMON is not set
-# CONFIG_SENSORS_STTS751 is not set
-# CONFIG_SENSORS_SMM665 is not set
-# CONFIG_SENSORS_ADC128D818 is not set
-# CONFIG_SENSORS_ADS1015 is not set
-# CONFIG_SENSORS_ADS7828 is not set
-# CONFIG_SENSORS_AMC6821 is not set
-# CONFIG_SENSORS_INA209 is not set
-# CONFIG_SENSORS_INA2XX is not set
-# CONFIG_SENSORS_INA3221 is not set
-# CONFIG_SENSORS_TC74 is not set
-# CONFIG_SENSORS_THMC50 is not set
-# CONFIG_SENSORS_TMP102 is not set
-# CONFIG_SENSORS_TMP103 is not set
-# CONFIG_SENSORS_TMP108 is not set
-# CONFIG_SENSORS_TMP401 is not set
-# CONFIG_SENSORS_TMP421 is not set
-# CONFIG_SENSORS_VIA686A is not set
-# CONFIG_SENSORS_VT8231 is not set
-# CONFIG_SENSORS_W83781D is not set
-# CONFIG_SENSORS_W83791D is not set
-# CONFIG_SENSORS_W83792D is not set
-# CONFIG_SENSORS_W83793 is not set
-# CONFIG_SENSORS_W83795 is not set
-# CONFIG_SENSORS_W83L785TS is not set
-# CONFIG_SENSORS_W83L786NG is not set
-# CONFIG_THERMAL is not set
-# CONFIG_WATCHDOG is not set
-CONFIG_SSB_POSSIBLE=y
-
-#
-# Sonics Silicon Backplane
-#
-CONFIG_SSB=m
-CONFIG_SSB_SPROM=y
-CONFIG_SSB_BLOCKIO=y
-CONFIG_SSB_PCIHOST_POSSIBLE=y
-CONFIG_SSB_PCIHOST=y
-CONFIG_SSB_B43_PCI_BRIDGE=y
-CONFIG_SSB_PCMCIAHOST_POSSIBLE=y
-# CONFIG_SSB_PCMCIAHOST is not set
-# CONFIG_SSB_DEBUG is not set
-CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y
-CONFIG_SSB_DRIVER_PCICORE=y
-CONFIG_BCMA_POSSIBLE=y
-CONFIG_BCMA=m
-CONFIG_BCMA_BLOCKIO=y
-CONFIG_BCMA_HOST_PCI_POSSIBLE=y
-CONFIG_BCMA_HOST_PCI=y
-# CONFIG_BCMA_HOST_SOC is not set
-CONFIG_BCMA_DRIVER_PCI=y
-# CONFIG_BCMA_DRIVER_GMAC_CMN is not set
-# CONFIG_BCMA_DEBUG is not set
-
-#
-# Multifunction device drivers
-#
-# CONFIG_MFD_CORE is not set
-# CONFIG_MFD_ACT8945A is not set
-# CONFIG_MFD_AS3711 is not set
-# CONFIG_MFD_AS3722 is not set
-# CONFIG_PMIC_ADP5520 is not set
-# CONFIG_MFD_ATMEL_FLEXCOM is not set
-# CONFIG_MFD_ATMEL_HLCDC is not set
-# CONFIG_MFD_BCM590XX is not set
-# CONFIG_MFD_BD9571MWV is not set
-# CONFIG_MFD_AXP20X_I2C is not set
-# CONFIG_PMIC_DA903X is not set
-# CONFIG_MFD_DA9052_I2C is not set
-# CONFIG_MFD_DA9055 is not set
-# CONFIG_MFD_DA9062 is not set
-# CONFIG_MFD_DA9063 is not set
-# CONFIG_MFD_DA9150 is not set
-# CONFIG_MFD_DLN2 is not set
-# CONFIG_MFD_MC13XXX_I2C is not set
-# CONFIG_MFD_HI6421_PMIC is not set
-# CONFIG_HTC_PASIC3 is not set
-# CONFIG_LPC_ICH is not set
-# CONFIG_LPC_SCH is not set
-# CONFIG_MFD_JANZ_CMODIO is not set
-# CONFIG_MFD_KEMPLD is not set
-# CONFIG_MFD_88PM800 is not set
-# CONFIG_MFD_88PM805 is not set
-# CONFIG_MFD_88PM860X is not set
-# CONFIG_MFD_MAX14577 is not set
-# CONFIG_MFD_MAX77620 is not set
-# CONFIG_MFD_MAX77686 is not set
-# CONFIG_MFD_MAX77693 is not set
-# CONFIG_MFD_MAX77843 is not set
-# CONFIG_MFD_MAX8907 is not set
-# CONFIG_MFD_MAX8925 is not set
-# CONFIG_MFD_MAX8997 is not set
-# CONFIG_MFD_MAX8998 is not set
-# CONFIG_MFD_MT6397 is not set
-# CONFIG_MFD_MENF21BMC is not set
-# CONFIG_MFD_VIPERBOARD is not set
-# CONFIG_MFD_RETU is not set
-# CONFIG_MFD_PCF50633 is not set
-# CONFIG_MFD_RDC321X is not set
-# CONFIG_MFD_RTSX_PCI is not set
-# CONFIG_MFD_RT5033 is not set
-# CONFIG_MFD_RTSX_USB is not set
-# CONFIG_MFD_RC5T583 is not set
-# CONFIG_MFD_RK808 is not set
-# CONFIG_MFD_RN5T618 is not set
-# CONFIG_MFD_SEC_CORE is not set
-# CONFIG_MFD_SI476X_CORE is not set
-# CONFIG_MFD_SM501 is not set
-# CONFIG_MFD_SKY81452 is not set
-# CONFIG_MFD_SMSC is not set
-# CONFIG_ABX500_CORE is not set
-# CONFIG_MFD_STMPE is not set
-# CONFIG_MFD_SYSCON is not set
-# CONFIG_MFD_TI_AM335X_TSCADC is not set
-# CONFIG_MFD_LP3943 is not set
-# CONFIG_MFD_LP8788 is not set
-# CONFIG_MFD_TI_LMU is not set
-# CONFIG_MFD_PALMAS is not set
-# CONFIG_TPS6105X is not set
-# CONFIG_TPS6507X is not set
-# CONFIG_MFD_TPS65086 is not set
-# CONFIG_MFD_TPS65090 is not set
-# CONFIG_MFD_TPS65217 is not set
-# CONFIG_MFD_TI_LP873X is not set
-# CONFIG_MFD_TI_LP87565 is not set
-# CONFIG_MFD_TPS65218 is not set
-# CONFIG_MFD_TPS6586X is not set
-# CONFIG_MFD_TPS65912_I2C is not set
-# CONFIG_MFD_TPS80031 is not set
-# CONFIG_TWL4030_CORE is not set
-# CONFIG_TWL6040_CORE is not set
-# CONFIG_MFD_WL1273_CORE is not set
-# CONFIG_MFD_LM3533 is not set
-# CONFIG_MFD_TC3589X is not set
-# CONFIG_MFD_TMIO is not set
-# CONFIG_MFD_VX855 is not set
-# CONFIG_MFD_ARIZONA_I2C is not set
-# CONFIG_MFD_WM8400 is not set
-# CONFIG_MFD_WM831X_I2C is not set
-# CONFIG_MFD_WM8350_I2C is not set
-# CONFIG_MFD_WM8994 is not set
-# CONFIG_REGULATOR is not set
-CONFIG_RC_CORE=y
-CONFIG_RC_MAP=y
-CONFIG_RC_DECODERS=y
-# CONFIG_LIRC is not set
-CONFIG_IR_NEC_DECODER=y
-CONFIG_IR_RC5_DECODER=y
-CONFIG_IR_RC6_DECODER=y
-CONFIG_IR_JVC_DECODER=y
-CONFIG_IR_SONY_DECODER=y
-CONFIG_IR_SANYO_DECODER=y
-CONFIG_IR_SHARP_DECODER=y
-CONFIG_IR_MCE_KBD_DECODER=y
-CONFIG_IR_XMP_DECODER=y
-# CONFIG_RC_DEVICES is not set
-# CONFIG_MEDIA_SUPPORT is not set
-
-#
-# Graphics support
-#
-CONFIG_AGP=m
-CONFIG_AGP_UNINORTH=m
-CONFIG_VGA_ARB=y
-CONFIG_VGA_ARB_MAX_GPUS=16
-CONFIG_DRM=m
-# CONFIG_DRM_DP_AUX_CHARDEV is not set
-# CONFIG_DRM_DEBUG_MM_SELFTEST is not set
-CONFIG_DRM_KMS_HELPER=m
-CONFIG_DRM_KMS_FB_HELPER=y
-CONFIG_DRM_FBDEV_EMULATION=y
-CONFIG_DRM_FBDEV_OVERALLOC=100
-# CONFIG_DRM_LOAD_EDID_FIRMWARE is not set
-CONFIG_DRM_TTM=m
-
-#
-# I2C encoder or helper chips
-#
-# CONFIG_DRM_I2C_CH7006 is not set
-# CONFIG_DRM_I2C_SIL164 is not set
-# CONFIG_DRM_I2C_NXP_TDA998X is not set
-CONFIG_DRM_RADEON=m
-# CONFIG_DRM_RADEON_USERPTR is not set
-# CONFIG_DRM_AMDGPU is not set
-
-#
-# ACP (Audio CoProcessor) Configuration
-#
-# CONFIG_DRM_NOUVEAU is not set
-# CONFIG_DRM_VGEM is not set
-# CONFIG_DRM_UDL is not set
-# CONFIG_DRM_AST is not set
-# CONFIG_DRM_MGAG200 is not set
-# CONFIG_DRM_CIRRUS_QEMU is not set
-# CONFIG_DRM_RCAR_DW_HDMI is not set
-# CONFIG_DRM_QXL is not set
-# CONFIG_DRM_BOCHS is not set
-CONFIG_DRM_PANEL=y
-
-#
-# Display Panels
-#
-# CONFIG_DRM_PANEL_LVDS is not set
-# CONFIG_DRM_PANEL_SIMPLE is not set
-# CONFIG_DRM_PANEL_SAMSUNG_S6E8AA0 is not set
-CONFIG_DRM_BRIDGE=y
-CONFIG_DRM_PANEL_BRIDGE=y
-
-#
-# Display Interface Bridges
-#
-# CONFIG_DRM_ANALOGIX_ANX78XX is not set
-# CONFIG_DRM_DUMB_VGA_DAC is not set
-# CONFIG_DRM_LVDS_ENCODER is not set
-# CONFIG_DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW is not set
-# CONFIG_DRM_NXP_PTN3460 is not set
-# CONFIG_DRM_PARADE_PS8622 is not set
-# CONFIG_DRM_SIL_SII8620 is not set
-# CONFIG_DRM_SII902X is not set
-# CONFIG_DRM_TOSHIBA_TC358767 is not set
-# CONFIG_DRM_TI_TFP410 is not set
-# CONFIG_DRM_I2C_ADV7511 is not set
-# CONFIG_DRM_ARCPGU is not set
-# CONFIG_DRM_HISI_HIBMC is not set
-# CONFIG_DRM_TINYDRM is not set
-# CONFIG_DRM_LEGACY is not set
-# CONFIG_DRM_LIB_RANDOM is not set
-
-#
-# Frame buffer Devices
-#
-CONFIG_FB=y
-# CONFIG_FIRMWARE_EDID is not set
-CONFIG_FB_CMDLINE=y
-CONFIG_FB_NOTIFY=y
-CONFIG_FB_DDC=y
-# CONFIG_FB_BOOT_VESA_SUPPORT is not set
-CONFIG_FB_CFB_FILLRECT=y
-CONFIG_FB_CFB_COPYAREA=y
-CONFIG_FB_CFB_IMAGEBLIT=y
-# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set
-CONFIG_FB_SYS_FILLRECT=m
-CONFIG_FB_SYS_COPYAREA=m
-CONFIG_FB_SYS_IMAGEBLIT=m
-# CONFIG_FB_PROVIDE_GET_FB_UNMAPPED_AREA is not set
-# CONFIG_FB_FOREIGN_ENDIAN is not set
-CONFIG_FB_SYS_FOPS=m
-CONFIG_FB_DEFERRED_IO=y
-# CONFIG_FB_SVGALIB is not set
-CONFIG_FB_MACMODES=y
-CONFIG_FB_BACKLIGHT=y
-CONFIG_FB_MODE_HELPERS=y
-CONFIG_FB_TILEBLITTING=y
-
-#
-# Frame buffer hardware drivers
-#
-# CONFIG_FB_CIRRUS is not set
-# CONFIG_FB_PM2 is not set
-# CONFIG_FB_CYBER2000 is not set
-CONFIG_FB_OF=y
-CONFIG_FB_CONTROL=y
-CONFIG_FB_PLATINUM=y
-CONFIG_FB_VALKYRIE=y
-CONFIG_FB_CT65550=y
-# CONFIG_FB_ASILIANT is not set
-CONFIG_FB_IMSTT=y
-# CONFIG_FB_VGA16 is not set
-# CONFIG_FB_UVESA is not set
-# CONFIG_FB_OPENCORES is not set
-# CONFIG_FB_S1D13XXX is not set
-CONFIG_FB_NVIDIA=y
-CONFIG_FB_NVIDIA_I2C=y
-# CONFIG_FB_NVIDIA_DEBUG is not set
-CONFIG_FB_NVIDIA_BACKLIGHT=y
-# CONFIG_FB_RIVA is not set
-# CONFIG_FB_I740 is not set
-CONFIG_FB_MATROX=y
-CONFIG_FB_MATROX_MILLENIUM=y
-CONFIG_FB_MATROX_MYSTIQUE=y
-# CONFIG_FB_MATROX_G is not set
-# CONFIG_FB_MATROX_I2C is not set
-CONFIG_FB_RADEON=y
-CONFIG_FB_RADEON_I2C=y
-CONFIG_FB_RADEON_BACKLIGHT=y
-# CONFIG_FB_RADEON_DEBUG is not set
-CONFIG_FB_ATY128=y
-CONFIG_FB_ATY128_BACKLIGHT=y
-CONFIG_FB_ATY=y
-CONFIG_FB_ATY_CT=y
-# CONFIG_FB_ATY_GENERIC_LCD is not set
-CONFIG_FB_ATY_GX=y
-CONFIG_FB_ATY_BACKLIGHT=y
-# CONFIG_FB_S3 is not set
-# CONFIG_FB_SAVAGE is not set
-# CONFIG_FB_SIS is not set
-# CONFIG_FB_NEOMAGIC is not set
-# CONFIG_FB_KYRO is not set
-CONFIG_FB_3DFX=y
-# CONFIG_FB_3DFX_ACCEL is not set
-CONFIG_FB_3DFX_I2C=y
-# CONFIG_FB_VOODOO1 is not set
-# CONFIG_FB_VT8623 is not set
-# CONFIG_FB_TRIDENT is not set
-# CONFIG_FB_ARK is not set
-# CONFIG_FB_PM3 is not set
-# CONFIG_FB_CARMINE is not set
-# CONFIG_FB_SMSCUFX is not set
-# CONFIG_FB_UDL is not set
-# CONFIG_FB_IBM_GXT4500 is not set
-# CONFIG_FB_VIRTUAL is not set
-# CONFIG_FB_METRONOME is not set
-# CONFIG_FB_MB862XX is not set
-# CONFIG_FB_BROADSHEET is not set
-# CONFIG_FB_AUO_K190X is not set
-# CONFIG_FB_SIMPLE is not set
-# CONFIG_FB_SM712 is not set
-CONFIG_BACKLIGHT_LCD_SUPPORT=y
-CONFIG_LCD_CLASS_DEVICE=m
-# CONFIG_LCD_PLATFORM is not set
-CONFIG_BACKLIGHT_CLASS_DEVICE=y
-CONFIG_BACKLIGHT_GENERIC=y
-# CONFIG_BACKLIGHT_PM8941_WLED is not set
-# CONFIG_BACKLIGHT_ADP8860 is not set
-# CONFIG_BACKLIGHT_ADP8870 is not set
-# CONFIG_BACKLIGHT_LM3639 is not set
-# CONFIG_BACKLIGHT_LV5207LP is not set
-# CONFIG_BACKLIGHT_BD6107 is not set
-# CONFIG_BACKLIGHT_ARCXCNN is not set
-CONFIG_VGASTATE=y
-CONFIG_HDMI=y
-
-#
-# Console display driver support
-#
-# CONFIG_VGA_CONSOLE is not set
-CONFIG_DUMMY_CONSOLE=y
-CONFIG_DUMMY_CONSOLE_COLUMNS=80
-CONFIG_DUMMY_CONSOLE_ROWS=25
-CONFIG_FRAMEBUFFER_CONSOLE=y
-CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y
-# CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set
-CONFIG_LOGO=y
-CONFIG_LOGO_LINUX_MONO=y
-CONFIG_LOGO_LINUX_VGA16=y
-CONFIG_LOGO_LINUX_CLUT224=y
-CONFIG_SOUND=m
-CONFIG_SOUND_OSS_CORE=y
-CONFIG_SOUND_OSS_CORE_PRECLAIM=y
-CONFIG_SND=m
-CONFIG_SND_TIMER=m
-CONFIG_SND_PCM=m
-CONFIG_SND_HWDEP=m
-CONFIG_SND_SEQ_DEVICE=m
-CONFIG_SND_RAWMIDI=m
-CONFIG_SND_OSSEMUL=y
-CONFIG_SND_MIXER_OSS=m
-CONFIG_SND_PCM_OSS=m
-CONFIG_SND_PCM_OSS_PLUGINS=y
-CONFIG_SND_PCM_TIMER=y
-# CONFIG_SND_HRTIMER is not set
-# CONFIG_SND_DYNAMIC_MINORS is not set
-CONFIG_SND_SUPPORT_OLD_API=y
-CONFIG_SND_PROC_FS=y
-CONFIG_SND_VERBOSE_PROCFS=y
-# CONFIG_SND_VERBOSE_PRINTK is not set
-# CONFIG_SND_DEBUG is not set
-CONFIG_SND_VMASTER=y
-CONFIG_SND_SEQUENCER=m
-CONFIG_SND_SEQ_DUMMY=m
-CONFIG_SND_SEQUENCER_OSS=m
-CONFIG_SND_SEQ_MIDI_EVENT=m
-CONFIG_SND_SEQ_MIDI=m
-# CONFIG_SND_OPL3_LIB_SEQ is not set
-# CONFIG_SND_OPL4_LIB_SEQ is not set
-CONFIG_SND_DRIVERS=y
-CONFIG_SND_DUMMY=m
-# CONFIG_SND_ALOOP is not set
-# CONFIG_SND_VIRMIDI is not set
-# CONFIG_SND_MTPAV is not set
-# CONFIG_SND_SERIAL_U16550 is not set
-# CONFIG_SND_MPU401 is not set
-CONFIG_SND_PCI=y
-# CONFIG_SND_AD1889 is not set
-# CONFIG_SND_ALS300 is not set
-# CONFIG_SND_ALS4000 is not set
-# CONFIG_SND_ALI5451 is not set
-# CONFIG_SND_ATIIXP is not set
-# CONFIG_SND_ATIIXP_MODEM is not set
-# CONFIG_SND_AU8810 is not set
-# CONFIG_SND_AU8820 is not set
-# CONFIG_SND_AU8830 is not set
-# CONFIG_SND_AW2 is not set
-# CONFIG_SND_AZT3328 is not set
-# CONFIG_SND_BT87X is not set
-# CONFIG_SND_CA0106 is not set
-# CONFIG_SND_CMIPCI is not set
-# CONFIG_SND_OXYGEN is not set
-# CONFIG_SND_CS4281 is not set
-# CONFIG_SND_CS46XX is not set
-# CONFIG_SND_CTXFI is not set
-# CONFIG_SND_DARLA20 is not set
-# CONFIG_SND_GINA20 is not set
-# CONFIG_SND_LAYLA20 is not set
-# CONFIG_SND_DARLA24 is not set
-# CONFIG_SND_GINA24 is not set
-# CONFIG_SND_LAYLA24 is not set
-# CONFIG_SND_MONA is not set
-# CONFIG_SND_MIA is not set
-# CONFIG_SND_ECHO3G is not set
-# CONFIG_SND_INDIGO is not set
-# CONFIG_SND_INDIGOIO is not set
-# CONFIG_SND_INDIGODJ is not set
-# CONFIG_SND_INDIGOIOX is not set
-# CONFIG_SND_INDIGODJX is not set
-# CONFIG_SND_EMU10K1 is not set
-# CONFIG_SND_EMU10K1_SEQ is not set
-# CONFIG_SND_EMU10K1X is not set
-# CONFIG_SND_ENS1370 is not set
-# CONFIG_SND_ENS1371 is not set
-# CONFIG_SND_ES1938 is not set
-# CONFIG_SND_ES1968 is not set
-# CONFIG_SND_FM801 is not set
-# CONFIG_SND_HDSP is not set
-# CONFIG_SND_HDSPM is not set
-# CONFIG_SND_ICE1712 is not set
-# CONFIG_SND_ICE1724 is not set
-# CONFIG_SND_INTEL8X0 is not set
-# CONFIG_SND_INTEL8X0M is not set
-# CONFIG_SND_KORG1212 is not set
-# CONFIG_SND_LOLA is not set
-# CONFIG_SND_LX6464ES is not set
-# CONFIG_SND_MAESTRO3 is not set
-# CONFIG_SND_MIXART is not set
-# CONFIG_SND_NM256 is not set
-# CONFIG_SND_PCXHR is not set
-# CONFIG_SND_RIPTIDE is not set
-# CONFIG_SND_RME32 is not set
-# CONFIG_SND_RME96 is not set
-# CONFIG_SND_RME9652 is not set
-# CONFIG_SND_SE6X is not set
-# CONFIG_SND_SONICVIBES is not set
-# CONFIG_SND_TRIDENT is not set
-# CONFIG_SND_VIA82XX is not set
-# CONFIG_SND_VIA82XX_MODEM is not set
-# CONFIG_SND_VIRTUOSO is not set
-# CONFIG_SND_VX222 is not set
-# CONFIG_SND_YMFPCI is not set
-
-#
-# HD-Audio
-#
-# CONFIG_SND_HDA_INTEL is not set
-CONFIG_SND_HDA_PREALLOC_SIZE=64
-CONFIG_SND_PPC=y
-CONFIG_SND_POWERMAC=m
-CONFIG_SND_POWERMAC_AUTO_DRC=y
-CONFIG_SND_AOA=m
-CONFIG_SND_AOA_FABRIC_LAYOUT=m
-CONFIG_SND_AOA_ONYX=m
-CONFIG_SND_AOA_TAS=m
-CONFIG_SND_AOA_TOONIE=m
-CONFIG_SND_AOA_SOUNDBUS=m
-CONFIG_SND_AOA_SOUNDBUS_I2S=m
-CONFIG_SND_USB=y
-CONFIG_SND_USB_AUDIO=m
-# CONFIG_SND_USB_UA101 is not set
-# CONFIG_SND_USB_USX2Y is not set
-# CONFIG_SND_USB_CAIAQ is not set
-# CONFIG_SND_USB_6FIRE is not set
-# CONFIG_SND_USB_HIFACE is not set
-# CONFIG_SND_BCD2000 is not set
-# CONFIG_SND_USB_POD is not set
-# CONFIG_SND_USB_PODHD is not set
-# CONFIG_SND_USB_TONEPORT is not set
-# CONFIG_SND_USB_VARIAX is not set
-CONFIG_SND_PCMCIA=y
-# CONFIG_SND_VXPOCKET is not set
-# CONFIG_SND_PDAUDIOCF is not set
-# CONFIG_SND_SOC is not set
-
-#
-# HID support
-#
-CONFIG_HID=y
-# CONFIG_HID_BATTERY_STRENGTH is not set
-# CONFIG_HIDRAW is not set
-# CONFIG_UHID is not set
-CONFIG_HID_GENERIC=y
-
-#
-# Special HID drivers
-#
-CONFIG_HID_A4TECH=y
-# CONFIG_HID_ACCUTOUCH is not set
-# CONFIG_HID_ACRUX is not set
-CONFIG_HID_APPLE=y
-# CONFIG_HID_APPLEIR is not set
-# CONFIG_HID_ASUS is not set
-# CONFIG_HID_AUREAL is not set
-CONFIG_HID_BELKIN=y
-# CONFIG_HID_BETOP_FF is not set
-CONFIG_HID_CHERRY=y
-CONFIG_HID_CHICONY=y
-# CONFIG_HID_CORSAIR is not set
-# CONFIG_HID_PRODIKEYS is not set
-# CONFIG_HID_CMEDIA is not set
-CONFIG_HID_CYPRESS=y
-# CONFIG_HID_DRAGONRISE is not set
-# CONFIG_HID_EMS_FF is not set
-# CONFIG_HID_ELECOM is not set
-# CONFIG_HID_ELO is not set
-CONFIG_HID_EZKEY=y
-# CONFIG_HID_GEMBIRD is not set
-# CONFIG_HID_GFRM is not set
-# CONFIG_HID_HOLTEK is not set
-# CONFIG_HID_GT683R is not set
-# CONFIG_HID_KEYTOUCH is not set
-# CONFIG_HID_KYE is not set
-# CONFIG_HID_UCLOGIC is not set
-# CONFIG_HID_WALTOP is not set
-CONFIG_HID_GYRATION=y
-# CONFIG_HID_ICADE is not set
-CONFIG_HID_ITE=y
-# CONFIG_HID_TWINHAN is not set
-CONFIG_HID_KENSINGTON=y
-# CONFIG_HID_LCPOWER is not set
-# CONFIG_HID_LED is not set
-# CONFIG_HID_LENOVO is not set
-CONFIG_HID_LOGITECH=y
-# CONFIG_HID_LOGITECH_HIDPP is not set
-# CONFIG_LOGITECH_FF is not set
-# CONFIG_LOGIRUMBLEPAD2_FF is not set
-# CONFIG_LOGIG940_FF is not set
-# CONFIG_LOGIWHEELS_FF is not set
-# CONFIG_HID_MAGICMOUSE is not set
-# CONFIG_HID_MAYFLASH is not set
-CONFIG_HID_MICROSOFT=y
-CONFIG_HID_MONTEREY=y
-# CONFIG_HID_MULTITOUCH is not set
-# CONFIG_HID_NTI is not set
-CONFIG_HID_NTRIG=y
-# CONFIG_HID_ORTEK is not set
-CONFIG_HID_PANTHERLORD=y
-# CONFIG_PANTHERLORD_FF is not set
-# CONFIG_HID_PENMOUNT is not set
-CONFIG_HID_PETALYNX=y
-# CONFIG_HID_PICOLCD is not set
-# CONFIG_HID_PLANTRONICS is not set
-# CONFIG_HID_PRIMAX is not set
-# CONFIG_HID_RETRODE is not set
-# CONFIG_HID_ROCCAT is not set
-# CONFIG_HID_SAITEK is not set
-CONFIG_HID_SAMSUNG=y
-CONFIG_HID_SONY=y
-# CONFIG_SONY_FF is not set
-# CONFIG_HID_SPEEDLINK is not set
-# CONFIG_HID_STEELSERIES is not set
-CONFIG_HID_SUNPLUS=y
-# CONFIG_HID_RMI is not set
-# CONFIG_HID_GREENASIA is not set
-# CONFIG_HID_SMARTJOYPLUS is not set
-# CONFIG_HID_TIVO is not set
-CONFIG_HID_TOPSEED=y
-# CONFIG_HID_THINGM is not set
-# CONFIG_HID_THRUSTMASTER is not set
-# CONFIG_HID_UDRAW_PS3 is not set
-# CONFIG_HID_WACOM is not set
-# CONFIG_HID_WIIMOTE is not set
-# CONFIG_HID_XINMO is not set
-# CONFIG_HID_ZEROPLUS is not set
-# CONFIG_HID_ZYDACRON is not set
-# CONFIG_HID_SENSOR_HUB is not set
-# CONFIG_HID_ALPS is not set
-
-#
-# USB HID support
-#
-CONFIG_USB_HID=y
-# CONFIG_HID_PID is not set
-# CONFIG_USB_HIDDEV is not set
-
-#
-# I2C HID support
-#
-# CONFIG_I2C_HID is not set
-CONFIG_USB_OHCI_LITTLE_ENDIAN=y
-CONFIG_USB_SUPPORT=y
-CONFIG_USB_COMMON=y
-CONFIG_USB_ARCH_HAS_HCD=y
-CONFIG_USB=y
-CONFIG_USB_PCI=y
-# CONFIG_USB_ANNOUNCE_NEW_DEVICES is not set
-
-#
-# Miscellaneous USB options
-#
-CONFIG_USB_DEFAULT_PERSIST=y
-CONFIG_USB_DYNAMIC_MINORS=y
-# CONFIG_USB_OTG is not set
-# CONFIG_USB_OTG_WHITELIST is not set
-# CONFIG_USB_LEDS_TRIGGER_USBPORT is not set
-CONFIG_USB_MON=y
-# CONFIG_USB_WUSB_CBAF is not set
-
-#
-# USB Host Controller Drivers
-#
-# CONFIG_USB_C67X00_HCD is not set
-# CONFIG_USB_XHCI_HCD is not set
-CONFIG_USB_EHCI_HCD=m
-CONFIG_USB_EHCI_ROOT_HUB_TT=y
-CONFIG_USB_EHCI_TT_NEWSCHED=y
-CONFIG_USB_EHCI_PCI=m
-# CONFIG_XPS_USB_HCD_XILINX is not set
-# CONFIG_USB_EHCI_HCD_PPC_OF is not set
-# CONFIG_USB_EHCI_HCD_PLATFORM is not set
-# CONFIG_USB_OXU210HP_HCD is not set
-# CONFIG_USB_ISP116X_HCD is not set
-# CONFIG_USB_ISP1362_HCD is not set
-# CONFIG_USB_FOTG210_HCD is not set
-CONFIG_USB_OHCI_HCD=y
-# CONFIG_USB_OHCI_HCD_PPC_OF_BE is not set
-# CONFIG_USB_OHCI_HCD_PPC_OF_LE is not set
-# CONFIG_USB_OHCI_HCD_PPC_OF is not set
-CONFIG_USB_OHCI_HCD_PCI=y
-# CONFIG_USB_OHCI_HCD_PLATFORM is not set
-# CONFIG_USB_UHCI_HCD is not set
-# CONFIG_USB_SL811_HCD is not set
-# CONFIG_USB_R8A66597_HCD is not set
-# CONFIG_USB_HCD_BCMA is not set
-# CONFIG_USB_HCD_SSB is not set
-# CONFIG_USB_HCD_TEST_MODE is not set
-
-#
-# USB Device Class drivers
-#
-CONFIG_USB_ACM=m
-CONFIG_USB_PRINTER=m
-# CONFIG_USB_WDM is not set
-# CONFIG_USB_TMC is not set
-
-#
-# NOTE: USB_STORAGE depends on SCSI but BLK_DEV_SD may
-#
-
-#
-# also be needed; see USB_STORAGE Help for more info
-#
-CONFIG_USB_STORAGE=m
-# CONFIG_USB_STORAGE_DEBUG is not set
-# CONFIG_USB_STORAGE_REALTEK is not set
-# CONFIG_USB_STORAGE_DATAFAB is not set
-# CONFIG_USB_STORAGE_FREECOM is not set
-# CONFIG_USB_STORAGE_ISD200 is not set
-# CONFIG_USB_STORAGE_USBAT is not set
-# CONFIG_USB_STORAGE_SDDR09 is not set
-# CONFIG_USB_STORAGE_SDDR55 is not set
-# CONFIG_USB_STORAGE_JUMPSHOT is not set
-# CONFIG_USB_STORAGE_ALAUDA is not set
-CONFIG_USB_STORAGE_ONETOUCH=m
-# CONFIG_USB_STORAGE_KARMA is not set
-# CONFIG_USB_STORAGE_CYPRESS_ATACB is not set
-# CONFIG_USB_STORAGE_ENE_UB6250 is not set
-# CONFIG_USB_UAS is not set
-
-#
-# USB Imaging devices
-#
-# CONFIG_USB_MDC800 is not set
-# CONFIG_USB_MICROTEK is not set
-# CONFIG_USBIP_CORE is not set
-# CONFIG_USB_MUSB_HDRC is not set
-# CONFIG_USB_DWC3 is not set
-# CONFIG_USB_DWC2 is not set
-# CONFIG_USB_CHIPIDEA is not set
-# CONFIG_USB_ISP1760 is not set
-
-#
-# USB port drivers
-#
-CONFIG_USB_SERIAL=m
-# CONFIG_USB_SERIAL_GENERIC is not set
-# CONFIG_USB_SERIAL_SIMPLE is not set
-# CONFIG_USB_SERIAL_AIRCABLE is not set
-# CONFIG_USB_SERIAL_ARK3116 is not set
-# CONFIG_USB_SERIAL_BELKIN is not set
-# CONFIG_USB_SERIAL_CH341 is not set
-# CONFIG_USB_SERIAL_WHITEHEAT is not set
-# CONFIG_USB_SERIAL_DIGI_ACCELEPORT is not set
-# CONFIG_USB_SERIAL_CP210X is not set
-# CONFIG_USB_SERIAL_CYPRESS_M8 is not set
-# CONFIG_USB_SERIAL_EMPEG is not set
-# CONFIG_USB_SERIAL_FTDI_SIO is not set
-CONFIG_USB_SERIAL_VISOR=m
-CONFIG_USB_SERIAL_IPAQ=m
-# CONFIG_USB_SERIAL_IR is not set
-# CONFIG_USB_SERIAL_EDGEPORT is not set
-# CONFIG_USB_SERIAL_EDGEPORT_TI is not set
-# CONFIG_USB_SERIAL_F81232 is not set
-# CONFIG_USB_SERIAL_F8153X is not set
-# CONFIG_USB_SERIAL_GARMIN is not set
-# CONFIG_USB_SERIAL_IPW is not set
-# CONFIG_USB_SERIAL_IUU is not set
-CONFIG_USB_SERIAL_KEYSPAN_PDA=m
-CONFIG_USB_SERIAL_KEYSPAN=m
-CONFIG_USB_SERIAL_KEYSPAN_MPR=y
-CONFIG_USB_SERIAL_KEYSPAN_USA28=y
-CONFIG_USB_SERIAL_KEYSPAN_USA28X=y
-CONFIG_USB_SERIAL_KEYSPAN_USA28XA=y
-CONFIG_USB_SERIAL_KEYSPAN_USA28XB=y
-CONFIG_USB_SERIAL_KEYSPAN_USA19=y
-CONFIG_USB_SERIAL_KEYSPAN_USA18X=y
-CONFIG_USB_SERIAL_KEYSPAN_USA19W=y
-CONFIG_USB_SERIAL_KEYSPAN_USA19QW=y
-CONFIG_USB_SERIAL_KEYSPAN_USA19QI=y
-CONFIG_USB_SERIAL_KEYSPAN_USA49W=y
-CONFIG_USB_SERIAL_KEYSPAN_USA49WLC=y
-# CONFIG_USB_SERIAL_KLSI is not set
-# CONFIG_USB_SERIAL_KOBIL_SCT is not set
-# CONFIG_USB_SERIAL_MCT_U232 is not set
-# CONFIG_USB_SERIAL_METRO is not set
-# CONFIG_USB_SERIAL_MOS7720 is not set
-# CONFIG_USB_SERIAL_MOS7840 is not set
-# CONFIG_USB_SERIAL_MXUPORT is not set
-# CONFIG_USB_SERIAL_NAVMAN is not set
-# CONFIG_USB_SERIAL_PL2303 is not set
-# CONFIG_USB_SERIAL_OTI6858 is not set
-# CONFIG_USB_SERIAL_QCAUX is not set
-# CONFIG_USB_SERIAL_QUALCOMM is not set
-# CONFIG_USB_SERIAL_SPCP8X5 is not set
-# CONFIG_USB_SERIAL_SAFE is not set
-# CONFIG_USB_SERIAL_SIERRAWIRELESS is not set
-# CONFIG_USB_SERIAL_SYMBOL is not set
-# CONFIG_USB_SERIAL_TI is not set
-# CONFIG_USB_SERIAL_CYBERJACK is not set
-# CONFIG_USB_SERIAL_XIRCOM is not set
-# CONFIG_USB_SERIAL_OPTION is not set
-# CONFIG_USB_SERIAL_OMNINET is not set
-# CONFIG_USB_SERIAL_OPTICON is not set
-# CONFIG_USB_SERIAL_XSENS_MT is not set
-# CONFIG_USB_SERIAL_WISHBONE is not set
-# CONFIG_USB_SERIAL_SSU100 is not set
-# CONFIG_USB_SERIAL_QT2 is not set
-# CONFIG_USB_SERIAL_UPD78F0730 is not set
-# CONFIG_USB_SERIAL_DEBUG is not set
-
-#
-# USB Miscellaneous drivers
-#
-# CONFIG_USB_EMI62 is not set
-# CONFIG_USB_EMI26 is not set
-# CONFIG_USB_ADUTUX is not set
-# CONFIG_USB_SEVSEG is not set
-# CONFIG_USB_RIO500 is not set
-# CONFIG_USB_LEGOTOWER is not set
-# CONFIG_USB_LCD is not set
-# CONFIG_USB_CYPRESS_CY7C63 is not set
-# CONFIG_USB_CYTHERM is not set
-# CONFIG_USB_IDMOUSE is not set
-# CONFIG_USB_FTDI_ELAN is not set
-CONFIG_USB_APPLEDISPLAY=m
-# CONFIG_USB_SISUSBVGA is not set
-# CONFIG_USB_LD is not set
-# CONFIG_USB_TRANCEVIBRATOR is not set
-# CONFIG_USB_IOWARRIOR is not set
-# CONFIG_USB_TEST is not set
-# CONFIG_USB_EHSET_TEST_FIXTURE is not set
-# CONFIG_USB_ISIGHTFW is not set
-# CONFIG_USB_YUREX is not set
-CONFIG_USB_EZUSB_FX2=m
-# CONFIG_USB_HUB_USB251XB is not set
-# CONFIG_USB_HSIC_USB3503 is not set
-# CONFIG_USB_HSIC_USB4604 is not set
-# CONFIG_USB_LINK_LAYER_TEST is not set
-# CONFIG_USB_CHAOSKEY is not set
-
-#
-# USB Physical Layer drivers
-#
-# CONFIG_USB_PHY is not set
-# CONFIG_NOP_USB_XCEIV is not set
-# CONFIG_USB_ISP1301 is not set
-# CONFIG_USB_GADGET is not set
-
-#
-# USB Power Delivery and Type-C drivers
-#
-# CONFIG_USB_LED_TRIG is not set
-# CONFIG_USB_ULPI_BUS is not set
-# CONFIG_UWB is not set
-# CONFIG_MMC is not set
-# CONFIG_MEMSTICK is not set
-CONFIG_NEW_LEDS=y
-CONFIG_LEDS_CLASS=y
-# CONFIG_LEDS_CLASS_FLASH is not set
-# CONFIG_LEDS_BRIGHTNESS_HW_CHANGED is not set
-
-#
-# LED drivers
-#
-# CONFIG_LEDS_BCM6328 is not set
-# CONFIG_LEDS_BCM6358 is not set
-# CONFIG_LEDS_LM3530 is not set
-# CONFIG_LEDS_LM3642 is not set
-# CONFIG_LEDS_PCA9532 is not set
-# CONFIG_LEDS_LP3944 is not set
-# CONFIG_LEDS_LP5521 is not set
-# CONFIG_LEDS_LP5523 is not set
-# CONFIG_LEDS_LP5562 is not set
-# CONFIG_LEDS_LP8501 is not set
-# CONFIG_LEDS_LP8860 is not set
-# CONFIG_LEDS_PCA955X is not set
-# CONFIG_LEDS_PCA963X is not set
-# CONFIG_LEDS_BD2802 is not set
-# CONFIG_LEDS_TCA6507 is not set
-# CONFIG_LEDS_TLC591XX is not set
-# CONFIG_LEDS_LM355x is not set
-# CONFIG_LEDS_IS31FL319X is not set
-# CONFIG_LEDS_IS31FL32XX is not set
-
-#
-# LED driver for blink(1) USB RGB LED is under Special HID drivers (HID_THINGM)
-#
-# CONFIG_LEDS_BLINKM is not set
-# CONFIG_LEDS_USER is not set
-
-#
-# LED Triggers
-#
-CONFIG_LEDS_TRIGGERS=y
-# CONFIG_LEDS_TRIGGER_TIMER is not set
-# CONFIG_LEDS_TRIGGER_ONESHOT is not set
-# CONFIG_LEDS_TRIGGER_DISK is not set
-# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set
-# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set
-# CONFIG_LEDS_TRIGGER_CPU is not set
-CONFIG_LEDS_TRIGGER_DEFAULT_ON=y
-
-#
-# iptables trigger is under Netfilter config (LED target)
-#
-# CONFIG_LEDS_TRIGGER_TRANSIENT is not set
-# CONFIG_LEDS_TRIGGER_CAMERA is not set
-# CONFIG_LEDS_TRIGGER_PANIC is not set
-# CONFIG_ACCESSIBILITY is not set
-# CONFIG_INFINIBAND is not set
-CONFIG_EDAC_ATOMIC_SCRUB=y
-CONFIG_EDAC_SUPPORT=y
-CONFIG_RTC_LIB=y
-CONFIG_RTC_CLASS=y
-CONFIG_RTC_HCTOSYS=y
-CONFIG_RTC_HCTOSYS_DEVICE="rtc0"
-CONFIG_RTC_SYSTOHC=y
-CONFIG_RTC_SYSTOHC_DEVICE="rtc0"
-# CONFIG_RTC_DEBUG is not set
-CONFIG_RTC_NVMEM=y
-
-#
-# RTC interfaces
-#
-CONFIG_RTC_INTF_SYSFS=y
-CONFIG_RTC_INTF_PROC=y
-CONFIG_RTC_INTF_DEV=y
-# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set
-# CONFIG_RTC_DRV_TEST is not set
-
-#
-# I2C RTC drivers
-#
-# CONFIG_RTC_DRV_ABB5ZES3 is not set
-# CONFIG_RTC_DRV_ABX80X is not set
-# CONFIG_RTC_DRV_DS1307 is not set
-# CONFIG_RTC_DRV_DS1374 is not set
-# CONFIG_RTC_DRV_DS1672 is not set
-# CONFIG_RTC_DRV_HYM8563 is not set
-# CONFIG_RTC_DRV_MAX6900 is not set
-# CONFIG_RTC_DRV_RS5C372 is not set
-# CONFIG_RTC_DRV_ISL1208 is not set
-# CONFIG_RTC_DRV_ISL12022 is not set
-# CONFIG_RTC_DRV_X1205 is not set
-# CONFIG_RTC_DRV_PCF8523 is not set
-# CONFIG_RTC_DRV_PCF85063 is not set
-# CONFIG_RTC_DRV_PCF8563 is not set
-# CONFIG_RTC_DRV_PCF8583 is not set
-# CONFIG_RTC_DRV_M41T80 is not set
-# CONFIG_RTC_DRV_BQ32K is not set
-# CONFIG_RTC_DRV_S35390A is not set
-# CONFIG_RTC_DRV_FM3130 is not set
-# CONFIG_RTC_DRV_RX8010 is not set
-# CONFIG_RTC_DRV_RX8581 is not set
-# CONFIG_RTC_DRV_RX8025 is not set
-# CONFIG_RTC_DRV_EM3027 is not set
-# CONFIG_RTC_DRV_RV8803 is not set
-
-#
-# SPI RTC drivers
-#
-CONFIG_RTC_I2C_AND_SPI=y
-
-#
-# SPI and I2C RTC drivers
-#
-# CONFIG_RTC_DRV_DS3232 is not set
-# CONFIG_RTC_DRV_PCF2127 is not set
-# CONFIG_RTC_DRV_RV3029C2 is not set
-
-#
-# Platform RTC drivers
-#
-# CONFIG_RTC_DRV_CMOS is not set
-# CONFIG_RTC_DRV_DS1286 is not set
-# CONFIG_RTC_DRV_DS1511 is not set
-# CONFIG_RTC_DRV_DS1553 is not set
-# CONFIG_RTC_DRV_DS1685_FAMILY is not set
-# CONFIG_RTC_DRV_DS1742 is not set
-# CONFIG_RTC_DRV_DS2404 is not set
-# CONFIG_RTC_DRV_STK17TA8 is not set
-# CONFIG_RTC_DRV_M48T86 is not set
-# CONFIG_RTC_DRV_M48T35 is not set
-# CONFIG_RTC_DRV_M48T59 is not set
-# CONFIG_RTC_DRV_MSM6242 is not set
-# CONFIG_RTC_DRV_BQ4802 is not set
-# CONFIG_RTC_DRV_RP5C01 is not set
-# CONFIG_RTC_DRV_V3020 is not set
-# CONFIG_RTC_DRV_ZYNQMP is not set
-
-#
-# on-CPU RTC drivers
-#
-CONFIG_RTC_DRV_GENERIC=y
-# CONFIG_RTC_DRV_FTRTC010 is not set
-# CONFIG_RTC_DRV_SNVS is not set
-# CONFIG_RTC_DRV_R7301 is not set
-
-#
-# HID Sensor RTC drivers
-#
-# CONFIG_RTC_DRV_HID_SENSOR_TIME is not set
-# CONFIG_DMADEVICES is not set
-
-#
-# DMABUF options
-#
-CONFIG_SYNC_FILE=y
-# CONFIG_SW_SYNC is not set
-# CONFIG_AUXDISPLAY is not set
-# CONFIG_UIO is not set
-# CONFIG_VIRT_DRIVERS is not set
-
-#
-# Virtio drivers
-#
-# CONFIG_VIRTIO_PCI is not set
-# CONFIG_VIRTIO_MMIO is not set
-
-#
-# Microsoft Hyper-V guest support
-#
-# CONFIG_HYPERV_TSCPAGE is not set
-# CONFIG_STAGING is not set
-# CONFIG_HWSPINLOCK is not set
-
-#
-# Clock Source drivers
-#
-# CONFIG_ATMEL_PIT is not set
-# CONFIG_SH_TIMER_CMT is not set
-# CONFIG_SH_TIMER_MTU2 is not set
-# CONFIG_SH_TIMER_TMU is not set
-# CONFIG_EM_TIMER_STI is not set
-# CONFIG_MAILBOX is not set
-CONFIG_IOMMU_SUPPORT=y
-
-#
-# Generic IOMMU Pagetable Support
-#
-
-#
-# Remoteproc drivers
-#
-# CONFIG_REMOTEPROC is not set
-
-#
-# Rpmsg drivers
-#
-
-#
-# SOC (System On Chip) specific Drivers
-#
-
-#
-# Amlogic SoC drivers
-#
-
-#
-# Broadcom SoC drivers
-#
-
-#
-# i.MX SoC drivers
-#
-
-#
-# Qualcomm SoC drivers
-#
-# CONFIG_SUNXI_SRAM is not set
-# CONFIG_SOC_TI is not set
-# CONFIG_PM_DEVFREQ is not set
-# CONFIG_EXTCON is not set
-# CONFIG_MEMORY is not set
-# CONFIG_IIO is not set
-# CONFIG_NTB is not set
-# CONFIG_VME_BUS is not set
-# CONFIG_PWM is not set
-CONFIG_IRQCHIP=y
-CONFIG_ARM_GIC_MAX_NR=1
-# CONFIG_IPACK_BUS is not set
-# CONFIG_RESET_CONTROLLER is not set
-# CONFIG_FMC is not set
-
-#
-# PHY Subsystem
-#
-# CONFIG_GENERIC_PHY is not set
-# CONFIG_BCM_KONA_USB2_PHY is not set
-# CONFIG_PHY_PXA_28NM_HSIC is not set
-# CONFIG_PHY_PXA_28NM_USB2 is not set
-# CONFIG_POWERCAP is not set
-# CONFIG_MCB is not set
-
-#
-# Performance monitor support
-#
-# CONFIG_RAS is not set
-
-#
-# Android
-#
-# CONFIG_ANDROID is not set
-CONFIG_DAX=m
-CONFIG_NVMEM=y
-# CONFIG_STM is not set
-# CONFIG_INTEL_TH is not set
-# CONFIG_FPGA is not set
-
-#
-# FSI support
-#
-# CONFIG_FSI is not set
-
-#
-# File systems
-#
-CONFIG_EXT2_FS=y
-# CONFIG_EXT2_FS_XATTR is not set
-CONFIG_EXT3_FS=y
-CONFIG_EXT3_FS_POSIX_ACL=y
-# CONFIG_EXT3_FS_SECURITY is not set
-CONFIG_EXT4_FS=y
-CONFIG_EXT4_FS_POSIX_ACL=y
-# CONFIG_EXT4_FS_SECURITY is not set
-# CONFIG_EXT4_ENCRYPTION is not set
-# CONFIG_EXT4_DEBUG is not set
-CONFIG_JBD2=y
-# CONFIG_JBD2_DEBUG is not set
-CONFIG_FS_MBCACHE=y
-# CONFIG_REISERFS_FS is not set
-# CONFIG_JFS_FS is not set
-# CONFIG_XFS_FS is not set
-# CONFIG_GFS2_FS is not set
-# CONFIG_BTRFS_FS is not set
-# CONFIG_NILFS2_FS is not set
-# CONFIG_F2FS_FS is not set
-# CONFIG_FS_DAX is not set
-CONFIG_FS_POSIX_ACL=y
-CONFIG_EXPORTFS=y
-# CONFIG_EXPORTFS_BLOCK_OPS is not set
-CONFIG_FILE_LOCKING=y
-CONFIG_MANDATORY_FILE_LOCKING=y
-# CONFIG_FS_ENCRYPTION is not set
-CONFIG_FSNOTIFY=y
-CONFIG_DNOTIFY=y
-CONFIG_INOTIFY_USER=y
-# CONFIG_FANOTIFY is not set
-# CONFIG_QUOTA is not set
-# CONFIG_QUOTACTL is not set
-CONFIG_AUTOFS4_FS=m
-CONFIG_FUSE_FS=m
-# CONFIG_CUSE is not set
-# CONFIG_OVERLAY_FS is not set
-
-#
-# Caches
-#
-# CONFIG_FSCACHE is not set
-
-#
-# CD-ROM/DVD Filesystems
-#
-CONFIG_ISO9660_FS=y
-CONFIG_JOLIET=y
-CONFIG_ZISOFS=y
-CONFIG_UDF_FS=m
-CONFIG_UDF_NLS=y
-
-#
-# DOS/FAT/NT Filesystems
-#
-CONFIG_FAT_FS=m
-CONFIG_MSDOS_FS=m
-CONFIG_VFAT_FS=m
-CONFIG_FAT_DEFAULT_CODEPAGE=437
-CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
-# CONFIG_FAT_DEFAULT_UTF8 is not set
-# CONFIG_NTFS_FS is not set
-
-#
-# Pseudo filesystems
-#
-CONFIG_PROC_FS=y
-CONFIG_PROC_KCORE=y
-CONFIG_PROC_SYSCTL=y
-CONFIG_PROC_PAGE_MONITOR=y
-# CONFIG_PROC_CHILDREN is not set
-CONFIG_KERNFS=y
-CONFIG_SYSFS=y
-CONFIG_TMPFS=y
-# CONFIG_TMPFS_POSIX_ACL is not set
-# CONFIG_TMPFS_XATTR is not set
-# CONFIG_HUGETLB_PAGE is not set
-# CONFIG_CONFIGFS_FS is not set
-CONFIG_MISC_FILESYSTEMS=y
-# CONFIG_ORANGEFS_FS is not set
-# CONFIG_ADFS_FS is not set
-# CONFIG_AFFS_FS is not set
-# CONFIG_ECRYPT_FS is not set
-CONFIG_HFS_FS=m
-CONFIG_HFSPLUS_FS=m
-# CONFIG_HFSPLUS_FS_POSIX_ACL is not set
-# CONFIG_BEFS_FS is not set
-# CONFIG_BFS_FS is not set
-# CONFIG_EFS_FS is not set
-# CONFIG_CRAMFS is not set
-# CONFIG_SQUASHFS is not set
-# CONFIG_VXFS_FS is not set
-# CONFIG_MINIX_FS is not set
-# CONFIG_OMFS_FS is not set
-# CONFIG_HPFS_FS is not set
-# CONFIG_QNX4FS_FS is not set
-# CONFIG_QNX6FS_FS is not set
-# CONFIG_ROMFS_FS is not set
-# CONFIG_PSTORE is not set
-# CONFIG_SYSV_FS is not set
-# CONFIG_UFS_FS is not set
-CONFIG_NETWORK_FILESYSTEMS=y
-CONFIG_NFS_FS=y
-CONFIG_NFS_V2=y
-CONFIG_NFS_V3=y
-CONFIG_NFS_V3_ACL=y
-CONFIG_NFS_V4=y
-# CONFIG_NFS_SWAP is not set
-CONFIG_NFS_V4_1=y
-CONFIG_NFS_V4_2=y
-CONFIG_PNFS_FILE_LAYOUT=m
-CONFIG_PNFS_BLOCK=m
-CONFIG_PNFS_FLEXFILE_LAYOUT=m
-CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org"
-# CONFIG_NFS_V4_1_MIGRATION is not set
-CONFIG_NFS_V4_SECURITY_LABEL=y
-# CONFIG_NFS_USE_LEGACY_DNS is not set
-CONFIG_NFS_USE_KERNEL_DNS=y
-CONFIG_NFSD=m
-CONFIG_NFSD_V2_ACL=y
-CONFIG_NFSD_V3=y
-CONFIG_NFSD_V3_ACL=y
-CONFIG_NFSD_V4=y
-# CONFIG_NFSD_BLOCKLAYOUT is not set
-# CONFIG_NFSD_SCSILAYOUT is not set
-# CONFIG_NFSD_FLEXFILELAYOUT is not set
-# CONFIG_NFSD_V4_SECURITY_LABEL is not set
-# CONFIG_NFSD_FAULT_INJECTION is not set
-CONFIG_GRACE_PERIOD=y
-CONFIG_LOCKD=y
-CONFIG_LOCKD_V4=y
-CONFIG_NFS_ACL_SUPPORT=y
-CONFIG_NFS_COMMON=y
-CONFIG_SUNRPC=y
-CONFIG_SUNRPC_GSS=y
-# CONFIG_SUNRPC_DEBUG is not set
-# CONFIG_CEPH_FS is not set
-# CONFIG_CIFS is not set
-# CONFIG_NCP_FS is not set
-# CONFIG_CODA_FS is not set
-# CONFIG_AFS_FS is not set
-CONFIG_NLS=y
-CONFIG_NLS_DEFAULT="iso8859-1"
-CONFIG_NLS_CODEPAGE_437=m
-# CONFIG_NLS_CODEPAGE_737 is not set
-# CONFIG_NLS_CODEPAGE_775 is not set
-# CONFIG_NLS_CODEPAGE_850 is not set
-# CONFIG_NLS_CODEPAGE_852 is not set
-# CONFIG_NLS_CODEPAGE_855 is not set
-# CONFIG_NLS_CODEPAGE_857 is not set
-# CONFIG_NLS_CODEPAGE_860 is not set
-# CONFIG_NLS_CODEPAGE_861 is not set
-# CONFIG_NLS_CODEPAGE_862 is not set
-# CONFIG_NLS_CODEPAGE_863 is not set
-# CONFIG_NLS_CODEPAGE_864 is not set
-# CONFIG_NLS_CODEPAGE_865 is not set
-# CONFIG_NLS_CODEPAGE_866 is not set
-# CONFIG_NLS_CODEPAGE_869 is not set
-# CONFIG_NLS_CODEPAGE_936 is not set
-# CONFIG_NLS_CODEPAGE_950 is not set
-# CONFIG_NLS_CODEPAGE_932 is not set
-# CONFIG_NLS_CODEPAGE_949 is not set
-# CONFIG_NLS_CODEPAGE_874 is not set
-# CONFIG_NLS_ISO8859_8 is not set
-# CONFIG_NLS_CODEPAGE_1250 is not set
-# CONFIG_NLS_CODEPAGE_1251 is not set
-# CONFIG_NLS_ASCII is not set
-CONFIG_NLS_ISO8859_1=m
-# CONFIG_NLS_ISO8859_2 is not set
-# CONFIG_NLS_ISO8859_3 is not set
-# CONFIG_NLS_ISO8859_4 is not set
-# CONFIG_NLS_ISO8859_5 is not set
-# CONFIG_NLS_ISO8859_6 is not set
-# CONFIG_NLS_ISO8859_7 is not set
-# CONFIG_NLS_ISO8859_9 is not set
-# CONFIG_NLS_ISO8859_13 is not set
-# CONFIG_NLS_ISO8859_14 is not set
-# CONFIG_NLS_ISO8859_15 is not set
-# CONFIG_NLS_KOI8_R is not set
-# CONFIG_NLS_KOI8_U is not set
-# CONFIG_NLS_MAC_ROMAN is not set
-# CONFIG_NLS_MAC_CELTIC is not set
-# CONFIG_NLS_MAC_CENTEURO is not set
-# CONFIG_NLS_MAC_CROATIAN is not set
-# CONFIG_NLS_MAC_CYRILLIC is not set
-# CONFIG_NLS_MAC_GAELIC is not set
-# CONFIG_NLS_MAC_GREEK is not set
-# CONFIG_NLS_MAC_ICELAND is not set
-# CONFIG_NLS_MAC_INUIT is not set
-# CONFIG_NLS_MAC_ROMANIAN is not set
-# CONFIG_NLS_MAC_TURKISH is not set
-CONFIG_NLS_UTF8=m
-CONFIG_BINARY_PRINTF=y
-
-#
-# Library routines
-#
-CONFIG_BITREVERSE=y
-# CONFIG_HAVE_ARCH_BITREVERSE is not set
-CONFIG_GENERIC_STRNCPY_FROM_USER=y
-CONFIG_GENERIC_STRNLEN_USER=y
-CONFIG_GENERIC_NET_UTILS=y
-CONFIG_GENERIC_PCI_IOMAP=y
-CONFIG_GENERIC_IO=y
-CONFIG_CRC_CCITT=y
-CONFIG_CRC16=y
-CONFIG_CRC_T10DIF=y
-CONFIG_CRC_ITU_T=m
-CONFIG_CRC32=y
-# CONFIG_CRC32_SELFTEST is not set
-CONFIG_CRC32_SLICEBY8=y
-# CONFIG_CRC32_SLICEBY4 is not set
-# CONFIG_CRC32_SARWATE is not set
-# CONFIG_CRC32_BIT is not set
-# CONFIG_CRC4 is not set
-# CONFIG_CRC7 is not set
-CONFIG_LIBCRC32C=m
-# CONFIG_CRC8 is not set
-# CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set
-# CONFIG_RANDOM32_SELFTEST is not set
-CONFIG_ZLIB_INFLATE=y
-CONFIG_ZLIB_DEFLATE=y
-CONFIG_LZO_COMPRESS=y
-CONFIG_LZO_DECOMPRESS=y
-CONFIG_LZ4_DECOMPRESS=y
-CONFIG_XZ_DEC=y
-CONFIG_XZ_DEC_X86=y
-CONFIG_XZ_DEC_POWERPC=y
-CONFIG_XZ_DEC_IA64=y
-CONFIG_XZ_DEC_ARM=y
-CONFIG_XZ_DEC_ARMTHUMB=y
-CONFIG_XZ_DEC_SPARC=y
-CONFIG_XZ_DEC_BCJ=y
-# CONFIG_XZ_DEC_TEST is not set
-CONFIG_DECOMPRESS_GZIP=y
-CONFIG_DECOMPRESS_BZIP2=y
-CONFIG_DECOMPRESS_LZMA=y
-CONFIG_DECOMPRESS_XZ=y
-CONFIG_DECOMPRESS_LZO=y
-CONFIG_DECOMPRESS_LZ4=y
-CONFIG_TEXTSEARCH=y
-CONFIG_TEXTSEARCH_KMP=m
-CONFIG_TEXTSEARCH_BM=m
-CONFIG_TEXTSEARCH_FSM=m
-CONFIG_INTERVAL_TREE=y
-CONFIG_ASSOCIATIVE_ARRAY=y
-CONFIG_HAS_IOMEM=y
-CONFIG_HAS_IOPORT_MAP=y
-CONFIG_HAS_DMA=y
-# CONFIG_DMA_NOOP_OPS is not set
-# CONFIG_DMA_VIRT_OPS is not set
-CONFIG_DQL=y
-CONFIG_GLOB=y
-# CONFIG_GLOB_SELFTEST is not set
-CONFIG_NLATTR=y
-CONFIG_GENERIC_ATOMIC64=y
-# CONFIG_CORDIC is not set
-# CONFIG_DDR is not set
-# CONFIG_IRQ_POLL is not set
-CONFIG_LIBFDT=y
-CONFIG_OID_REGISTRY=y
-CONFIG_FONT_SUPPORT=y
-# CONFIG_FONTS is not set
-CONFIG_FONT_8x8=y
-CONFIG_FONT_8x16=y
-# CONFIG_SG_SPLIT is not set
-CONFIG_SG_POOL=y
-CONFIG_ARCH_HAS_SG_CHAIN=y
-CONFIG_SBITMAP=y
-# CONFIG_STRING_SELFTEST is not set
-
-#
-# Kernel hacking
-#
-
-#
-# printk and dmesg options
-#
-# CONFIG_PRINTK_TIME is not set
-CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7
-CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4
-# CONFIG_DYNAMIC_DEBUG is not set
-
-#
-# Compile-time checks and compiler options
-#
-# CONFIG_DEBUG_INFO is not set
-CONFIG_ENABLE_WARN_DEPRECATED=y
-CONFIG_ENABLE_MUST_CHECK=y
-CONFIG_FRAME_WARN=1024
-# CONFIG_STRIP_ASM_SYMS is not set
-# CONFIG_READABLE_ASM is not set
-# CONFIG_UNUSED_SYMBOLS is not set
-# CONFIG_PAGE_OWNER is not set
-CONFIG_DEBUG_FS=y
-# CONFIG_HEADERS_CHECK is not set
-# CONFIG_DEBUG_SECTION_MISMATCH is not set
-CONFIG_SECTION_MISMATCH_WARN_ONLY=y
-# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
-CONFIG_MAGIC_SYSRQ=y
-CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1
-CONFIG_MAGIC_SYSRQ_SERIAL=y
-CONFIG_DEBUG_KERNEL=y
-
-#
-# Memory Debugging
-#
-# CONFIG_PAGE_EXTENSION is not set
-# CONFIG_PAGE_POISONING is not set
-# CONFIG_DEBUG_PAGE_REF is not set
-# CONFIG_DEBUG_OBJECTS is not set
-# CONFIG_SLUB_DEBUG_ON is not set
-# CONFIG_SLUB_STATS is not set
-CONFIG_HAVE_DEBUG_KMEMLEAK=y
-# CONFIG_DEBUG_KMEMLEAK is not set
-# CONFIG_DEBUG_STACK_USAGE is not set
-# CONFIG_DEBUG_VM is not set
-CONFIG_DEBUG_MEMORY_INIT=y
-# CONFIG_DEBUG_HIGHMEM is not set
-CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
-# CONFIG_DEBUG_STACKOVERFLOW is not set
-# CONFIG_DEBUG_SHIRQ is not set
-
-#
-# Debug Lockups and Hangs
-#
-# CONFIG_SOFTLOCKUP_DETECTOR is not set
-CONFIG_DETECT_HUNG_TASK=y
-CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120
-# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
-CONFIG_BOOTPARAM_HUNG_TASK_PANIC_VALUE=0
-# CONFIG_WQ_WATCHDOG is not set
-# CONFIG_PANIC_ON_OOPS is not set
-CONFIG_PANIC_ON_OOPS_VALUE=0
-CONFIG_SCHED_DEBUG=y
-CONFIG_SCHED_INFO=y
-CONFIG_SCHEDSTATS=y
-# CONFIG_SCHED_STACK_END_CHECK is not set
-# CONFIG_DEBUG_TIMEKEEPING is not set
-
-#
-# Lock Debugging (spinlocks, mutexes, etc...)
-#
-# CONFIG_DEBUG_RT_MUTEXES is not set
-# CONFIG_DEBUG_SPINLOCK is not set
-# CONFIG_DEBUG_MUTEXES is not set
-# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
-# CONFIG_DEBUG_LOCK_ALLOC is not set
-# CONFIG_PROVE_LOCKING is not set
-# CONFIG_LOCK_STAT is not set
-# CONFIG_DEBUG_ATOMIC_SLEEP is not set
-# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
-# CONFIG_LOCK_TORTURE_TEST is not set
-# CONFIG_WW_MUTEX_SELFTEST is not set
-CONFIG_STACKTRACE=y
-# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set
-# CONFIG_DEBUG_KOBJECT is not set
-CONFIG_DEBUG_BUGVERBOSE=y
-# CONFIG_DEBUG_LIST is not set
-# CONFIG_DEBUG_PI_LIST is not set
-# CONFIG_DEBUG_SG is not set
-# CONFIG_DEBUG_NOTIFIERS is not set
-# CONFIG_DEBUG_CREDENTIALS is not set
-
-#
-# RCU Debugging
-#
-# CONFIG_PROVE_RCU is not set
-# CONFIG_TORTURE_TEST is not set
-# CONFIG_RCU_PERF_TEST is not set
-# CONFIG_RCU_TORTURE_TEST is not set
-# CONFIG_RCU_TRACE is not set
-# CONFIG_RCU_EQS_DEBUG is not set
-# CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set
-# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
-# CONFIG_NOTIFIER_ERROR_INJECTION is not set
-# CONFIG_FAULT_INJECTION is not set
-CONFIG_LATENCYTOP=y
-CONFIG_NOP_TRACER=y
-CONFIG_HAVE_FUNCTION_TRACER=y
-CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
-CONFIG_HAVE_DYNAMIC_FTRACE=y
-CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
-CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
-CONFIG_TRACE_CLOCK=y
-CONFIG_RING_BUFFER=y
-CONFIG_EVENT_TRACING=y
-CONFIG_CONTEXT_SWITCH_TRACER=y
-CONFIG_RING_BUFFER_ALLOW_SWAP=y
-CONFIG_TRACING=y
-CONFIG_TRACING_SUPPORT=y
-CONFIG_FTRACE=y
-# CONFIG_FUNCTION_TRACER is not set
-# CONFIG_IRQSOFF_TRACER is not set
-# CONFIG_SCHED_TRACER is not set
-# CONFIG_HWLAT_TRACER is not set
-# CONFIG_ENABLE_DEFAULT_TRACERS is not set
-# CONFIG_FTRACE_SYSCALLS is not set
-# CONFIG_TRACER_SNAPSHOT is not set
-CONFIG_BRANCH_PROFILE_NONE=y
-# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
-# CONFIG_PROFILE_ALL_BRANCHES is not set
-# CONFIG_STACK_TRACER is not set
-# CONFIG_BLK_DEV_IO_TRACE is not set
-CONFIG_UPROBE_EVENTS=y
-CONFIG_PROBE_EVENTS=y
-# CONFIG_HIST_TRIGGERS is not set
-# CONFIG_TRACEPOINT_BENCHMARK is not set
-# CONFIG_RING_BUFFER_BENCHMARK is not set
-# CONFIG_RING_BUFFER_STARTUP_TEST is not set
-# CONFIG_TRACE_EVAL_MAP_FILE is not set
-# CONFIG_DMA_API_DEBUG is not set
-
-#
-# Runtime Testing
-#
-# CONFIG_LKDTM is not set
-# CONFIG_TEST_LIST_SORT is not set
-# CONFIG_TEST_SORT is not set
-# CONFIG_BACKTRACE_SELF_TEST is not set
-# CONFIG_RBTREE_TEST is not set
-# CONFIG_INTERVAL_TREE_TEST is not set
-# CONFIG_PERCPU_TEST is not set
-# CONFIG_ATOMIC64_SELFTEST is not set
-# CONFIG_TEST_HEXDUMP is not set
-# CONFIG_TEST_STRING_HELPERS is not set
-# CONFIG_TEST_KSTRTOX is not set
-# CONFIG_TEST_PRINTF is not set
-# CONFIG_TEST_BITMAP is not set
-# CONFIG_TEST_UUID is not set
-# CONFIG_TEST_RHASHTABLE is not set
-# CONFIG_TEST_HASH is not set
-# CONFIG_TEST_LKM is not set
-# CONFIG_TEST_USER_COPY is not set
-# CONFIG_TEST_BPF is not set
-# CONFIG_TEST_FIRMWARE is not set
-# CONFIG_TEST_SYSCTL is not set
-# CONFIG_TEST_UDELAY is not set
-# CONFIG_TEST_STATIC_KEYS is not set
-# CONFIG_TEST_KMOD is not set
-# CONFIG_MEMTEST is not set
-# CONFIG_BUG_ON_DATA_CORRUPTION is not set
-# CONFIG_SAMPLES is not set
-CONFIG_HAVE_ARCH_KGDB=y
-# CONFIG_KGDB is not set
-CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y
-# CONFIG_ARCH_WANTS_UBSAN_NO_NULL is not set
-# CONFIG_UBSAN is not set
-CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
-CONFIG_STRICT_DEVMEM=y
-# CONFIG_IO_STRICT_DEVMEM is not set
-# CONFIG_PPC_DISABLE_WERROR is not set
-CONFIG_PPC_WERROR=y
-CONFIG_PRINT_STACK_DEPTH=64
-# CONFIG_PPC_EMULATED_STATS is not set
-# CONFIG_CODE_PATCHING_SELFTEST is not set
-# CONFIG_FTR_FIXUP_SELFTEST is not set
-# CONFIG_MSI_BITMAP_SELFTEST is not set
-CONFIG_XMON=y
-CONFIG_XMON_DEFAULT=y
-CONFIG_XMON_DISASSEMBLY=y
-CONFIG_DEBUGGER=y
-# CONFIG_BDI_SWITCH is not set
-CONFIG_BOOTX_TEXT=y
-CONFIG_PPC_EARLY_DEBUG=y
-CONFIG_PPC_EARLY_DEBUG_BOOTX=y
-# CONFIG_PPC_EARLY_DEBUG_MEMCONS is not set
-# CONFIG_PPC_PTDUMP is not set
-
-#
-# Security options
-#
-CONFIG_KEYS=y
-# CONFIG_PERSISTENT_KEYRINGS is not set
-# CONFIG_BIG_KEYS is not set
-# CONFIG_ENCRYPTED_KEYS is not set
-# CONFIG_KEY_DH_OPERATIONS is not set
-# CONFIG_SECURITY_DMESG_RESTRICT is not set
-CONFIG_SECURITY=y
-# CONFIG_SECURITY_WRITABLE_HOOKS is not set
-CONFIG_SECURITYFS=y
-# CONFIG_SECURITY_NETWORK is not set
-# CONFIG_SECURITY_PATH is not set
-CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
-# CONFIG_HARDENED_USERCOPY is not set
-# CONFIG_FORTIFY_SOURCE is not set
-# CONFIG_STATIC_USERMODEHELPER is not set
-# CONFIG_SECURITY_SMACK is not set
-# CONFIG_SECURITY_TOMOYO is not set
-# CONFIG_SECURITY_APPARMOR is not set
-# CONFIG_SECURITY_LOADPIN is not set
-CONFIG_SECURITY_YAMA=y
-# CONFIG_INTEGRITY is not set
-CONFIG_DEFAULT_SECURITY_DAC=y
-CONFIG_DEFAULT_SECURITY=""
-CONFIG_CRYPTO=y
-
-#
-# Crypto core or helper
-#
-CONFIG_CRYPTO_ALGAPI=y
-CONFIG_CRYPTO_ALGAPI2=y
-CONFIG_CRYPTO_AEAD=y
-CONFIG_CRYPTO_AEAD2=y
-CONFIG_CRYPTO_BLKCIPHER=y
-CONFIG_CRYPTO_BLKCIPHER2=y
-CONFIG_CRYPTO_HASH=y
-CONFIG_CRYPTO_HASH2=y
-CONFIG_CRYPTO_RNG=y
-CONFIG_CRYPTO_RNG2=y
-CONFIG_CRYPTO_RNG_DEFAULT=y
-CONFIG_CRYPTO_AKCIPHER2=y
-CONFIG_CRYPTO_KPP2=y
-CONFIG_CRYPTO_ACOMP2=y
-# CONFIG_CRYPTO_RSA is not set
-# CONFIG_CRYPTO_DH is not set
-CONFIG_CRYPTO_ECDH=m
-CONFIG_CRYPTO_MANAGER=y
-CONFIG_CRYPTO_MANAGER2=y
-# CONFIG_CRYPTO_USER is not set
-CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y
-CONFIG_CRYPTO_GF128MUL=m
-CONFIG_CRYPTO_NULL=y
-CONFIG_CRYPTO_NULL2=y
-CONFIG_CRYPTO_WORKQUEUE=y
-# CONFIG_CRYPTO_CRYPTD is not set
-# CONFIG_CRYPTO_MCRYPTD is not set
-CONFIG_CRYPTO_AUTHENC=y
-# CONFIG_CRYPTO_TEST is not set
-
-#
-# Authenticated Encryption with Associated Data
-#
-CONFIG_CRYPTO_CCM=m
-CONFIG_CRYPTO_GCM=m
-# CONFIG_CRYPTO_CHACHA20POLY1305 is not set
-CONFIG_CRYPTO_SEQIV=m
-CONFIG_CRYPTO_ECHAINIV=y
-
-#
-# Block modes
-#
-CONFIG_CRYPTO_CBC=y
-CONFIG_CRYPTO_CTR=m
-# CONFIG_CRYPTO_CTS is not set
-CONFIG_CRYPTO_ECB=m
-# CONFIG_CRYPTO_LRW is not set
-CONFIG_CRYPTO_PCBC=m
-# CONFIG_CRYPTO_XTS is not set
-# CONFIG_CRYPTO_KEYWRAP is not set
-
-#
-# Hash modes
-#
-CONFIG_CRYPTO_CMAC=m
-CONFIG_CRYPTO_HMAC=y
-# CONFIG_CRYPTO_XCBC is not set
-# CONFIG_CRYPTO_VMAC is not set
-
-#
-# Digest
-#
-CONFIG_CRYPTO_CRC32C=y
-# CONFIG_CRYPTO_CRC32 is not set
-CONFIG_CRYPTO_CRCT10DIF=y
-CONFIG_CRYPTO_GHASH=m
-# CONFIG_CRYPTO_POLY1305 is not set
-CONFIG_CRYPTO_MD4=m
-CONFIG_CRYPTO_MD5=y
-# CONFIG_CRYPTO_MD5_PPC is not set
-# CONFIG_CRYPTO_MICHAEL_MIC is not set
-# CONFIG_CRYPTO_RMD128 is not set
-# CONFIG_CRYPTO_RMD160 is not set
-# CONFIG_CRYPTO_RMD256 is not set
-# CONFIG_CRYPTO_RMD320 is not set
-CONFIG_CRYPTO_SHA1=y
-# CONFIG_CRYPTO_SHA1_PPC is not set
-CONFIG_CRYPTO_SHA256=y
-CONFIG_CRYPTO_SHA512=m
-# CONFIG_CRYPTO_SHA3 is not set
-CONFIG_CRYPTO_TGR192=m
-CONFIG_CRYPTO_WP512=m
-
-#
-# Ciphers
-#
-CONFIG_CRYPTO_AES=y
-# CONFIG_CRYPTO_AES_TI is not set
-CONFIG_CRYPTO_ANUBIS=m
-CONFIG_CRYPTO_ARC4=m
-CONFIG_CRYPTO_BLOWFISH=m
-CONFIG_CRYPTO_BLOWFISH_COMMON=m
-# CONFIG_CRYPTO_CAMELLIA is not set
-CONFIG_CRYPTO_CAST_COMMON=m
-CONFIG_CRYPTO_CAST5=m
-CONFIG_CRYPTO_CAST6=m
-CONFIG_CRYPTO_DES=y
-# CONFIG_CRYPTO_FCRYPT is not set
-CONFIG_CRYPTO_KHAZAD=m
-# CONFIG_CRYPTO_SALSA20 is not set
-# CONFIG_CRYPTO_CHACHA20 is not set
-# CONFIG_CRYPTO_SEED is not set
-CONFIG_CRYPTO_SERPENT=m
-CONFIG_CRYPTO_TEA=m
-CONFIG_CRYPTO_TWOFISH=m
-CONFIG_CRYPTO_TWOFISH_COMMON=m
-
-#
-# Compression
-#
-CONFIG_CRYPTO_DEFLATE=m
-# CONFIG_CRYPTO_LZO is not set
-# CONFIG_CRYPTO_842 is not set
-# CONFIG_CRYPTO_LZ4 is not set
-# CONFIG_CRYPTO_LZ4HC is not set
-
-#
-# Random Number Generation
-#
-# CONFIG_CRYPTO_ANSI_CPRNG is not set
-CONFIG_CRYPTO_DRBG_MENU=y
-CONFIG_CRYPTO_DRBG_HMAC=y
-# CONFIG_CRYPTO_DRBG_HASH is not set
-# CONFIG_CRYPTO_DRBG_CTR is not set
-CONFIG_CRYPTO_DRBG=y
-CONFIG_CRYPTO_JITTERENTROPY=y
-# CONFIG_CRYPTO_USER_API_HASH is not set
-# CONFIG_CRYPTO_USER_API_SKCIPHER is not set
-# CONFIG_CRYPTO_USER_API_RNG is not set
-# CONFIG_CRYPTO_USER_API_AEAD is not set
-CONFIG_CRYPTO_HW=y
-# CONFIG_CRYPTO_DEV_HIFN_795X is not set
-# CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC is not set
-# CONFIG_ASYMMETRIC_KEY_TYPE is not set
-
-#
-# Certificates for signature checking
-#
-# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
-# CONFIG_VIRTUALIZATION is not set
diff --git a/main/linux-vanilla/config-vanilla.ppc64le b/main/linux-vanilla/config-vanilla.ppc64le
index 59118df500..98760c960e 100644
--- a/main/linux-vanilla/config-vanilla.ppc64le
+++ b/main/linux-vanilla/config-vanilla.ppc64le
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/powerpc 4.19.97 Kernel Configuration
+# Linux/powerpc 4.19.118 Kernel Configuration
#
#
@@ -1346,6 +1346,7 @@ CONFIG_OF_NET=y
CONFIG_OF_MDIO=y
CONFIG_OF_RESERVED_MEM=y
# CONFIG_OF_OVERLAY is not set
+CONFIG_OF_DMA_DEFAULT_COHERENT=y
CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
CONFIG_PARPORT=m
CONFIG_PARPORT_PC=m
diff --git a/main/linux-vanilla/config-vanilla.s390x b/main/linux-vanilla/config-vanilla.s390x
index 7a068e3e61..a6a2761834 100644
--- a/main/linux-vanilla/config-vanilla.s390x
+++ b/main/linux-vanilla/config-vanilla.s390x
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/s390 4.19.97 Kernel Configuration
+# Linux/s390 4.19.118 Kernel Configuration
#
#
diff --git a/main/linux-vanilla/config-vanilla.x86 b/main/linux-vanilla/config-vanilla.x86
index 32b5f58b2b..d0de674ee4 100644
--- a/main/linux-vanilla/config-vanilla.x86
+++ b/main/linux-vanilla/config-vanilla.x86
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.19.97 Kernel Configuration
+# Linux/x86 4.19.118 Kernel Configuration
#
#
diff --git a/main/linux-vanilla/config-vanilla.x86_64 b/main/linux-vanilla/config-vanilla.x86_64
index 145731a90b..aad290f9fa 100644
--- a/main/linux-vanilla/config-vanilla.x86_64
+++ b/main/linux-vanilla/config-vanilla.x86_64
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86_64 4.19.97 Kernel Configuration
+# Linux/x86_64 4.19.118 Kernel Configuration
#
#
diff --git a/main/linux-vanilla/config-virt.aarch64 b/main/linux-vanilla/config-virt.aarch64
index 27498035ca..c50622561e 100644
--- a/main/linux-vanilla/config-virt.aarch64
+++ b/main/linux-vanilla/config-virt.aarch64
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 4.19.97 Kernel Configuration
+# Linux/arm64 4.19.118 Kernel Configuration
#
#
diff --git a/main/linux-vanilla/config-virt.x86 b/main/linux-vanilla/config-virt.x86
index 0eadba85b4..acfcb0fc55 100644
--- a/main/linux-vanilla/config-virt.x86
+++ b/main/linux-vanilla/config-virt.x86
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.19.97 Kernel Configuration
+# Linux/x86 4.19.118 Kernel Configuration
#
#
diff --git a/main/linux-vanilla/config-virt.x86_64 b/main/linux-vanilla/config-virt.x86_64
index 30ee060686..6448072900 100644
--- a/main/linux-vanilla/config-virt.x86_64
+++ b/main/linux-vanilla/config-virt.x86_64
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86_64 4.19.97 Kernel Configuration
+# Linux/x86_64 4.19.118 Kernel Configuration
#
#
diff --git a/main/mariadb/APKBUILD b/main/mariadb/APKBUILD
index 5a085c31fe..bf6e0de3ee 100644
--- a/main/mariadb/APKBUILD
+++ b/main/mariadb/APKBUILD
@@ -6,7 +6,7 @@
# Contributor: Marcel Haazen <marcel@haazen.xyz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mariadb
-pkgver=10.3.20
+pkgver=10.3.23
pkgrel=0
pkgdesc="A fast SQL database server"
url="https://www.mariadb.org/"
@@ -49,6 +49,13 @@ source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariad
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 10.3.23-r0:
+# - CVE-2020-2752
+# - CVE-2020-2760
+# - CVE-2020-2812
+# - CVE-2020-2814
+# 10.3.22-r0:
+# - CVE-2020-2574
# 10.3.20-r0:
# - CVE-2019-2938
# - CVE-2019-2974
@@ -433,7 +440,7 @@ _plugin_rocksdb() {
"$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so
}
-sha512sums="8080cb6db85c587f39f128e98b00c3e6428bf3e828271a227bb2c61c97683c965802baa6e5f825317f7e2963683c0f81699642853deeca6977faa2b6932044a3 mariadb-10.3.20.tar.gz
+sha512sums="535cd2ce80a95b6c0a1aa559cc3275dfcd559c3a4f958fab3382923190a16e6bc5b4ad79acaa518244512ff618568c239c0edef8a701d958362ede19a29c2986 mariadb-10.3.23.tar.gz
c352969f6665b0ffa387f7b185a5dea7751f4b16c12c809627857b27321efa09159369d7dd5c852d6159a9f173cb895fb601f0c52a1fa6e3527899520030964c mariadb.initd
ecfea6503edd301bb628e2a44f36315079efa70e7615ff06b27714397332034f02e68ef40d4d5c761942e024ed1993621127c9df80b7e2327c68b1d839a7a322 fix-c11-atomics-check.patch
e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd ppc-remove-glibc-dep.patch
diff --git a/main/mcpp/APKBUILD b/main/mcpp/APKBUILD
index 85aaff93b3..f102d1dc8e 100644
--- a/main/mcpp/APKBUILD
+++ b/main/mcpp/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Sören Tempel <soeren+alpine@soeren-tempel.net>
pkgname=mcpp
pkgver=2.7.2
-pkgrel=1
+pkgrel=2
pkgdesc="A portable C preprocessor"
url="http://mcpp.sourceforge.net"
arch="all"
@@ -13,7 +13,12 @@ makedepends=""
subpackages="$pkgname-dev $pkgname-doc $pkgname-libs"
source="https://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz
01-zeroc-fixes.patch
- 02-gniibe-fixes.patch"
+ 02-gniibe-fixes.patch
+ CVE-2019-14274.patch"
+
+# secfixes:
+# 2.7.2-r2:
+# - CVE-2019-14274
prepare() {
cd "$builddir"
@@ -45,12 +50,7 @@ package() {
"$pkgdir"/usr/share/licenses/$pkgname/LICENSE || return 1
}
-md5sums="512de48c87ab023a69250edc7a0c7b05 mcpp-2.7.2.tar.gz
-e231a2c976ccf14b548deaee840faeb7 01-zeroc-fixes.patch
-1801827678e80d0ef73655a88064a35b 02-gniibe-fixes.patch"
-sha256sums="3b9b4421888519876c4fc68ade324a3bbd81ceeb7092ecdbbc2055099fcb8864 mcpp-2.7.2.tar.gz
-6ed331f58edc7a24e769ac065ab43ed9f09f06487fda37095cacd413b81f522c 01-zeroc-fixes.patch
-30a790e63e387a95e45c2b73b3942948e1e852155250dd769a5598c33d374504 02-gniibe-fixes.patch"
sha512sums="1ca885cb13fdb684de9d0595a9215b52f48a93a69077d82cdcacafe40d9a61fb77b00a3ff2b8890e7bc0a0fcc0c8d70d4093c00c280351cd4459aba67c573235 mcpp-2.7.2.tar.gz
86b2e851490e180dfe3028a5a37019ea423924c921ab053a642fb78d4533a87f913ede2928daf9da4daf60e67795a24521186b40c76961ae99ebeb75f8aa95ad 01-zeroc-fixes.patch
-a31a0f2e7430381e5e62ea4257a35891ce9d2f3beed60c6caad3b6d298a58557e9c850223840ef8c6f6c2e8139cf4a4edf29ac93b2532680feafba503fcfaf6d 02-gniibe-fixes.patch"
+a31a0f2e7430381e5e62ea4257a35891ce9d2f3beed60c6caad3b6d298a58557e9c850223840ef8c6f6c2e8139cf4a4edf29ac93b2532680feafba503fcfaf6d 02-gniibe-fixes.patch
+12a72a2c527358effc4ed8e0c5f80f1a06a005ba3b050c7d99a4aa67ad5fe7e4c4c2a75d0808382b67e359076c5bac6065ec284d32f55e7e31466331a47db882 CVE-2019-14274.patch"
diff --git a/main/mcpp/CVE-2019-14274.patch b/main/mcpp/CVE-2019-14274.patch
new file mode 100644
index 0000000000..717b16fe9d
--- /dev/null
+++ b/main/mcpp/CVE-2019-14274.patch
@@ -0,0 +1,52 @@
+Description: Fix for a bug reported to sourceforge.net #13
+ by fixing error messages.
+ Also, fix erroneous messages.
+Author: NIIBE Yutaka
+
+Index: mcpp/src/support.c
+===================================================================
+--- mcpp.orig/src/support.c
++++ mcpp/src/support.c
+@@ -822,7 +822,7 @@ escape:
+ if (diag && iscntrl( c) && ((char_type[ c] & SPA) == 0)
+ && (warn_level & 1))
+ cwarn(
+- "Illegal control character %.0s0lx%02x in quotation" /* _W1_ */
++ "Illegal control character %.0s0x%02x in quotation" /* _W1_ */
+ , NULL, (long) c, NULL);
+ *out_p++ = c;
+ chk_limit:
+@@ -861,10 +861,10 @@ chk_limit:
+ if (mcpp_mode != POST_STD && option_flags.lang_asm) {
+ /* STD, KR */
+ if (warn_level & 1)
+- cwarn( unterm_char, out, 0L, NULL); /* _W1_ */
++ cwarn( unterm_char, NULL, (long)delim, NULL); /* _W1_ */
+ goto done;
+ } else {
+- cerror( unterm_char, out, 0L, skip); /* _E_ */
++ cerror( unterm_char, NULL, (long)delim, skip); /* _E_ */
+ }
+ } else {
+ cerror( "Unterminated header name %s%.0ld%s" /* _E_ */
+@@ -875,9 +875,9 @@ chk_limit:
+ if (mcpp_mode != POST_STD && option_flags.lang_asm) {
+ /* STD, KR */
+ if (warn_level & 1)
+- cwarn( empty_const, out, 0L, skip); /* _W1_ */
++ cwarn( empty_const, NULL, (long)delim, skip); /* _W1_ */
+ } else {
+- cerror( empty_const, out, 0L, skip); /* _E_ */
++ cerror( empty_const, NULL, (long)delim, skip); /* _E_ */
+ out_p = NULL;
+ goto done;
+ }
+@@ -1774,7 +1774,7 @@ not_comment:
+ default:
+ if (iscntrl( c)) {
+ cerror( /* Skip the control character */
+- "Illegal control character %.0s0x%lx, skipped the character" /* _E_ */
++ "Illegal control character %.0s0x%02x, skipped the character" /* _E_ */
+ , NULL, (long) c, NULL);
+ } else { /* Any valid character */
+ *tp++ = c;
diff --git a/main/nghttp2/APKBUILD b/main/nghttp2/APKBUILD
index e56ee298b3..99b9812911 100644
--- a/main/nghttp2/APKBUILD
+++ b/main/nghttp2/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=nghttp2
pkgver=1.35.1
-pkgrel=1
+pkgrel=2
pkgdesc="Experimental HTTP/2 client, server and proxy"
url="https://nghttp2.org"
arch="all"
@@ -14,10 +14,13 @@ source="https://github.com/tatsuhiro-t/$pkgname/releases/download/v$pkgver/nghtt
0001-nghttpx-Fix-request-stall.patch
0002-Add-nghttp2_option_set_max_outbound_ack.patch
0003-Don-t-read-too-greedily.patch
+ CVE-2020-11080.patch
"
builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
+# 1.35.1-r2:
+# - CVE-2020-11080
# 1.35.1-r1:
# - CVE-2019-9511
# - CVE-2019-9513
@@ -63,4 +66,5 @@ sha512sums="fcd3f79f913afbeee1c75003bb39df918e6122bbf728b3ad4192d5849d8fb96705e0
d3f6a66ad6522babb5ad2b3721d52c1c2af88e57ed2895cf87037da1032ca42dcb95dacc23ea277b9507b4116cec117b5c9a3313759dc56b48199b687b74dd9a remove-mruby-tests.patch
2a44858219275f69b7380358a07cfa6ed73e506519969e074196205c686e19e2f422181cacde8b6051fda1be744550958b3e3f3ad600f9ed2f3bdf4ef9d1d54a 0001-nghttpx-Fix-request-stall.patch
2f98c77b1590f2c85de9f0ddcaaf997a1ac513428127796bc1b598c70e8d557cc2402fecdedb2329267ab7903bc163f099acfca8ca44f3a4c74958b57c27f8b2 0002-Add-nghttp2_option_set_max_outbound_ack.patch
-ca4b196f86d2193052ff427904e6232a2c3fb2c998ffc76e7b6def4c8297031f047dc5fac7036d774bacd878fb21c5afb87fcced3d3e2f477c8275b869a8aa9c 0003-Don-t-read-too-greedily.patch"
+ca4b196f86d2193052ff427904e6232a2c3fb2c998ffc76e7b6def4c8297031f047dc5fac7036d774bacd878fb21c5afb87fcced3d3e2f477c8275b869a8aa9c 0003-Don-t-read-too-greedily.patch
+60219ba3cb97d5164a544813f54e483299989b6fa2b41a3cb6cfa4730e4de0c775a109331a341d1e8a0e22166ad8df35dd214a6d49c0b0ebab9b709e0592c3d6 CVE-2020-11080.patch"
diff --git a/main/nghttp2/CVE-2020-11080.patch b/main/nghttp2/CVE-2020-11080.patch
new file mode 100644
index 0000000000..622ad844da
--- /dev/null
+++ b/main/nghttp2/CVE-2020-11080.patch
@@ -0,0 +1,332 @@
+From 336a98feb0d56b9ac54e12736b18785c27f75090 Mon Sep 17 00:00:00 2001
+From: James M Snell <jasnell@gmail.com>
+Date: Fri, 17 Apr 2020 16:53:51 -0700
+Subject: [PATCH 1/2] Implement max settings option
+Upstream: yes
+Source: https://github.com/nghttp2/nghttp2/commit/c3b46625633cd9a4519f6fbcd9048127b84a5514.patch
+
+---
+ doc/CMakeLists.txt | 1 +
+ doc/Makefile.am | 1 +
+ lib/includes/nghttp2/nghttp2.h | 23 +++++++++++++
+ lib/nghttp2_helper.c | 2 ++
+ lib/nghttp2_option.c | 5 +++
+ lib/nghttp2_option.h | 5 +++
+ lib/nghttp2_session.c | 21 ++++++++++++
+ lib/nghttp2_session.h | 2 ++
+ tests/main.c | 2 ++
+ tests/nghttp2_session_test.c | 61 ++++++++++++++++++++++++++++++++++
+ tests/nghttp2_session_test.h | 1 +
+ 11 files changed, 124 insertions(+)
+
+diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt
+index 34c027929..f3aec84da 100644
+--- a/doc/CMakeLists.txt
++++ b/doc/CMakeLists.txt
+@@ -42,6 +42,7 @@ set(APIDOCS
+ nghttp2_option_set_no_recv_client_magic.rst
+ nghttp2_option_set_peer_max_concurrent_streams.rst
+ nghttp2_option_set_user_recv_extension_type.rst
++ nghttp2_option_set_max_settings.rst
+ nghttp2_pack_settings_payload.rst
+ nghttp2_priority_spec_check_default.rst
+ nghttp2_priority_spec_default_init.rst
+diff --git a/doc/Makefile.am b/doc/Makefile.am
+index 4d73cef50..f073bfa4c 100644
+--- a/doc/Makefile.am
++++ b/doc/Makefile.am
+@@ -69,6 +69,7 @@ APIDOCS= \
+ nghttp2_option_set_peer_max_concurrent_streams.rst \
+ nghttp2_option_set_user_recv_extension_type.rst \
+ nghttp2_option_set_max_outbound_ack.rst \
++ nghttp2_option_set_max_settings.rst \
+ nghttp2_pack_settings_payload.rst \
+ nghttp2_priority_spec_check_default.rst \
+ nghttp2_priority_spec_default_init.rst \
+diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
+index e3aeb9fed..9be6eea5c 100644
+--- a/lib/includes/nghttp2/nghttp2.h
++++ b/lib/includes/nghttp2/nghttp2.h
+@@ -228,6 +228,13 @@ typedef struct {
+ */
+ #define NGHTTP2_CLIENT_MAGIC_LEN 24
+
++/**
++ * @macro
++ *
++ * The default max number of settings per SETTINGS frame
++ */
++#define NGHTTP2_DEFAULT_MAX_SETTINGS 32
++
+ /**
+ * @enum
+ *
+@@ -398,6 +405,11 @@ typedef enum {
+ * receives an other type of frame.
+ */
+ NGHTTP2_ERR_SETTINGS_EXPECTED = -536,
++ /**
++ * When a local endpoint receives too many settings entries
++ * in a single SETTINGS frame.
++ */
++ NGHTTP2_ERR_TOO_MANY_SETTINGS = -537,
+ /**
+ * The errors < :enum:`NGHTTP2_ERR_FATAL` mean that the library is
+ * under unexpected condition and processing was terminated (e.g.,
+@@ -2659,6 +2671,17 @@ NGHTTP2_EXTERN void nghttp2_option_set_no_closed_streams(nghttp2_option *option,
+ NGHTTP2_EXTERN void nghttp2_option_set_max_outbound_ack(nghttp2_option *option,
+ size_t val);
+
++/**
++ * @function
++ *
++ * This function sets the maximum number of SETTINGS entries per
++ * SETTINGS frame that will be accepted. If more than those entries
++ * are received, the peer is considered to be misbehaving and session
++ * will be closed. The default value is 32.
++ */
++NGHTTP2_EXTERN void nghttp2_option_set_max_settings(nghttp2_option *option,
++ size_t val);
++
+ /**
+ * @function
+ *
+diff --git a/lib/nghttp2_helper.c b/lib/nghttp2_helper.c
+index 91136a619..0bd541472 100644
+--- a/lib/nghttp2_helper.c
++++ b/lib/nghttp2_helper.c
+@@ -334,6 +334,8 @@ const char *nghttp2_strerror(int error_code) {
+ case NGHTTP2_ERR_FLOODED:
+ return "Flooding was detected in this HTTP/2 session, and it must be "
+ "closed";
++ case NGHTTP2_ERR_TOO_MANY_SETTINGS:
++ return "SETTINGS frame contained more than the maximum allowed entries";
+ default:
+ return "Unknown error code";
+ }
+diff --git a/lib/nghttp2_option.c b/lib/nghttp2_option.c
+index e53f22d36..34348e660 100644
+--- a/lib/nghttp2_option.c
++++ b/lib/nghttp2_option.c
+@@ -121,3 +121,8 @@ void nghttp2_option_set_max_outbound_ack(nghttp2_option *option, size_t val) {
+ option->opt_set_mask |= NGHTTP2_OPT_MAX_OUTBOUND_ACK;
+ option->max_outbound_ack = val;
+ }
++
++void nghttp2_option_set_max_settings(nghttp2_option *option, size_t val) {
++ option->opt_set_mask |= NGHTTP2_OPT_MAX_SETTINGS;
++ option->max_settings = val;
++}
+diff --git a/lib/nghttp2_option.h b/lib/nghttp2_option.h
+index 1f740aaa6..939729fdc 100644
+--- a/lib/nghttp2_option.h
++++ b/lib/nghttp2_option.h
+@@ -67,6 +67,7 @@ typedef enum {
+ NGHTTP2_OPT_MAX_DEFLATE_DYNAMIC_TABLE_SIZE = 1 << 9,
+ NGHTTP2_OPT_NO_CLOSED_STREAMS = 1 << 10,
+ NGHTTP2_OPT_MAX_OUTBOUND_ACK = 1 << 11,
++ NGHTTP2_OPT_MAX_SETTINGS = 1 << 12,
+ } nghttp2_option_flag;
+
+ /**
+@@ -85,6 +86,10 @@ struct nghttp2_option {
+ * NGHTTP2_OPT_MAX_OUTBOUND_ACK
+ */
+ size_t max_outbound_ack;
++ /**
++ * NGHTTP2_OPT_MAX_SETTINGS
++ */
++ size_t max_settings;
+ /**
+ * Bitwise OR of nghttp2_option_flag to determine that which fields
+ * are specified.
+diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
+index 563ccd7de..415e34776 100644
+--- a/lib/nghttp2_session.c
++++ b/lib/nghttp2_session.c
+@@ -458,6 +458,7 @@ static int session_new(nghttp2_session **session_ptr,
+
+ (*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
+ (*session_ptr)->max_outbound_ack = NGHTTP2_DEFAULT_MAX_OBQ_FLOOD_ITEM;
++ (*session_ptr)->max_settings = NGHTTP2_DEFAULT_MAX_SETTINGS;
+
+ if (option) {
+ if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
+@@ -521,6 +522,11 @@ static int session_new(nghttp2_session **session_ptr,
+ if (option->opt_set_mask & NGHTTP2_OPT_MAX_OUTBOUND_ACK) {
+ (*session_ptr)->max_outbound_ack = option->max_outbound_ack;
+ }
++
++ if ((option->opt_set_mask & NGHTTP2_OPT_MAX_SETTINGS) &&
++ option->max_settings) {
++ (*session_ptr)->max_settings = option->max_settings;
++ }
+ }
+
+ rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
+@@ -5657,6 +5663,16 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in,
+ iframe->max_niv =
+ iframe->frame.hd.length / NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH + 1;
+
++ if (iframe->max_niv - 1 > session->max_settings) {
++ rv = nghttp2_session_terminate_session_with_reason(
++ session, NGHTTP2_ENHANCE_YOUR_CALM,
++ "SETTINGS: too many setting entries");
++ if (nghttp2_is_fatal(rv)) {
++ return rv;
++ }
++ return (ssize_t)inlen;
++ }
++
+ iframe->iv = nghttp2_mem_malloc(mem, sizeof(nghttp2_settings_entry) *
+ iframe->max_niv);
+
+@@ -7425,6 +7441,11 @@ static int nghttp2_session_upgrade_internal(nghttp2_session *session,
+ if (settings_payloadlen % NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH) {
+ return NGHTTP2_ERR_INVALID_ARGUMENT;
+ }
++ /* SETTINGS frame contains too many settings */
++ if (settings_payloadlen / NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH
++ > session->max_settings) {
++ return NGHTTP2_ERR_TOO_MANY_SETTINGS;
++ }
+ rv = nghttp2_frame_unpack_settings_payload2(&iv, &niv, settings_payload,
+ settings_payloadlen, mem);
+ if (rv != 0) {
+diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h
+index d20827315..07bfbb6c9 100644
+--- a/lib/nghttp2_session.h
++++ b/lib/nghttp2_session.h
+@@ -267,6 +267,8 @@ struct nghttp2_session {
+ /* The maximum length of header block to send. Calculated by the
+ same way as nghttp2_hd_deflate_bound() does. */
+ size_t max_send_header_block_length;
++ /* The maximum number of settings accepted per SETTINGS frame. */
++ size_t max_settings;
+ /* Next Stream ID. Made unsigned int to detect >= (1 << 31). */
+ uint32_t next_stream_id;
+ /* The last stream ID this session initiated. For client session,
+diff --git a/tests/main.c b/tests/main.c
+index 41e0b03eb..67eb4a1c2 100644
+--- a/tests/main.c
++++ b/tests/main.c
+@@ -317,6 +317,8 @@ int main() {
+ test_nghttp2_session_set_local_window_size) ||
+ !CU_add_test(pSuite, "session_cancel_from_before_frame_send",
+ test_nghttp2_session_cancel_from_before_frame_send) ||
++ !CU_add_test(pSuite, "session_too_many_settings",
++ test_nghttp2_session_too_many_settings) ||
+ !CU_add_test(pSuite, "session_removed_closed_stream",
+ test_nghttp2_session_removed_closed_stream) ||
+ !CU_add_test(pSuite, "session_pause_data",
+diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c
+index 6eb8e244d..33ee3ad84 100644
+--- a/tests/nghttp2_session_test.c
++++ b/tests/nghttp2_session_test.c
+@@ -10614,6 +10614,67 @@ void test_nghttp2_session_cancel_from_before_frame_send(void) {
+ nghttp2_session_del(session);
+ }
+
++void test_nghttp2_session_too_many_settings(void) {
++ nghttp2_session *session;
++ nghttp2_option *option;
++ nghttp2_session_callbacks callbacks;
++ nghttp2_frame frame;
++ nghttp2_bufs bufs;
++ nghttp2_buf *buf;
++ ssize_t rv;
++ my_user_data ud;
++ nghttp2_settings_entry iv[3];
++ nghttp2_mem *mem;
++ nghttp2_outbound_item *item;
++
++ mem = nghttp2_mem_default();
++ frame_pack_bufs_init(&bufs);
++
++ memset(&callbacks, 0, sizeof(nghttp2_session_callbacks));
++ callbacks.on_frame_recv_callback = on_frame_recv_callback;
++ callbacks.send_callback = null_send_callback;
++
++ nghttp2_option_new(&option);
++ nghttp2_option_set_max_settings(option, 1);
++
++ nghttp2_session_client_new2(&session, &callbacks, &ud, option);
++
++ CU_ASSERT(1 == session->max_settings);
++
++ nghttp2_option_del(option);
++
++ iv[0].settings_id = NGHTTP2_SETTINGS_HEADER_TABLE_SIZE;
++ iv[0].value = 3000;
++
++ iv[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
++ iv[1].value = 16384;
++
++ nghttp2_frame_settings_init(&frame.settings, NGHTTP2_FLAG_NONE, dup_iv(iv, 2),
++ 2);
++
++ rv = nghttp2_frame_pack_settings(&bufs, &frame.settings);
++
++ CU_ASSERT(0 == rv);
++ CU_ASSERT(nghttp2_bufs_len(&bufs) > 0);
++
++ nghttp2_frame_settings_free(&frame.settings, mem);
++
++ buf = &bufs.head->buf;
++ assert(nghttp2_bufs_len(&bufs) == nghttp2_buf_len(buf));
++
++ ud.frame_recv_cb_called = 0;
++
++ rv = nghttp2_session_mem_recv(session, buf->pos, nghttp2_buf_len(buf));
++ CU_ASSERT((ssize_t)nghttp2_buf_len(buf) == rv);
++
++ item = nghttp2_session_get_next_ob_item(session);
++ CU_ASSERT(NGHTTP2_GOAWAY == item->frame.hd.type);
++
++ nghttp2_bufs_reset(&bufs);
++ nghttp2_bufs_free(&bufs);
++ nghttp2_session_del(session);
++}
++
+ static void
+ prepare_session_removed_closed_stream(nghttp2_session *session,
+ nghttp2_hd_deflater *deflater) {
+diff --git a/tests/nghttp2_session_test.h b/tests/nghttp2_session_test.h
+index e872c5d0b..818c808d0 100644
+--- a/tests/nghttp2_session_test.h
++++ b/tests/nghttp2_session_test.h
+@@ -156,6 +156,7 @@ void test_nghttp2_session_repeated_priority_change(void);
+ void test_nghttp2_session_repeated_priority_submission(void);
+ void test_nghttp2_session_set_local_window_size(void);
+ void test_nghttp2_session_cancel_from_before_frame_send(void);
++void test_nghttp2_session_too_many_settings(void);
+ void test_nghttp2_session_removed_closed_stream(void);
+ void test_nghttp2_session_pause_data(void);
+ void test_nghttp2_session_no_closed_streams(void);
+
+From f8da73bd042f810f34d19f9eae02b46d870af394 Mon Sep 17 00:00:00 2001
+From: James M Snell <jasnell@gmail.com>
+Date: Sun, 19 Apr 2020 09:12:24 -0700
+Subject: [PATCH 2/2] Earlier check for settings flood
+
+---
+ lib/nghttp2_session.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
+index 415e34776..39f81f498 100644
+--- a/lib/nghttp2_session.c
++++ b/lib/nghttp2_session.c
+@@ -5653,6 +5653,12 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in,
+ break;
+ }
+
++ /* Check the settings flood counter early to be safe */
++ if (session->obq_flood_counter_ >= session->max_outbound_ack &&
++ !(iframe->frame.hd.flags & NGHTTP2_FLAG_ACK)) {
++ return NGHTTP2_ERR_FLOODED;
++ }
++
+ iframe->state = NGHTTP2_IB_READ_SETTINGS;
+
+ if (iframe->payloadleft) {
diff --git a/main/ngircd/APKBUILD b/main/ngircd/APKBUILD
index da71f4a6e4..f931173b11 100644
--- a/main/ngircd/APKBUILD
+++ b/main/ngircd/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=ngircd
pkgver=24
-pkgrel=4
+pkgrel=5
pkgdesc="Next Generation IRC Daemon"
url="https://ngircd.barton.de/"
arch="all"
@@ -12,6 +12,7 @@ makedepends="openssl-dev zlib-dev linux-pam-dev"
subpackages="$pkgname-doc"
install="$pkgname.pre-install"
source="https://ngircd.barton.de/pub/ngircd/ngircd-$pkgver.tar.xz
+ CVE-2020-14148.patch
$pkgname.initd
"
_builddir="$srcdir"/$pkgname-$pkgver
@@ -24,6 +25,10 @@ prepare() {
done
}
+# secfixes:
+# 24-r5:
+# - CVE-2020-14148
+
build() {
cd "$_builddir"
./configure \
@@ -45,10 +50,6 @@ package() {
make DESTDIR="$pkgdir" install || return 1
install -Dm755 ../$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
}
-
-md5sums="81b9c5ae283d07aab35ce16eaf49e458 ngircd-24.tar.xz
-51c3679a7c1f2f5522031fa856e34734 ngircd.initd"
-sha256sums="173fa0ea10788a8ba08ef2f7e64ea8951d7c88862e744128c8b87bae424b1008 ngircd-24.tar.xz
-890d0dc433a8d7f082c35ba806bac53f19d2d4352fcb7127cc28741abcbd6a75 ngircd.initd"
sha512sums="d176ec4eb3e780aa8b5efb722c8c0f6fc1a7ac3c06e2039019e6e602aad64ca5357762f1549e117f6e452fe6314fb6cf5bc31a9fdbec1a08cc6d2a344c0bf49f ngircd-24.tar.xz
+3863bab40dcb0283127497efa117ceaab3f4d1d427399ad262a1a3b24d50ff663578579639c9ea39b9be41698ad13767ee575071e46e8ba80eebbda1f3d58881 CVE-2020-14148.patch
50339507917c956a38451394a8a5996337ff29948944ff6aa40ed39f6dd3d6bfdfb864d60a24199c0a86a01e18a71f213efa6cfb2857a320f31b9fcfb92c6ac1 ngircd.initd"
diff --git a/main/ngircd/CVE-2020-14148.patch b/main/ngircd/CVE-2020-14148.patch
new file mode 100644
index 0000000000..2f2d2b5038
--- /dev/null
+++ b/main/ngircd/CVE-2020-14148.patch
@@ -0,0 +1,37 @@
+From 02cf31c0e267a4c9a7656d43ad3ad4eeb37fc9c5 Mon Sep 17 00:00:00 2001
+From: Alexander Barton <alex@barton.de>
+Date: Mon, 25 May 2020 23:43:29 +0200
+Subject: [PATCH] IRC_SERVER: Make sure that the client sent a prefix
+
+The SERVER command is only valid with a prefix when received from other
+servers, so make sure that there is one and disconnect the peer if not
+(instead of crashing ...).
+
+This obsoletes PR #275.
+
+Thanks Hilko Bengen (hillu) for finding & reporting this as well for the
+patch & pull request! But I think this is the "more correct" fix.
+---
+ src/ngircd/irc-server.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/src/ngircd/irc-server.c b/src/ngircd/irc-server.c
+index 317a3e1a..10f1ef69 100644
+--- a/src/ngircd/irc-server.c
++++ b/src/ngircd/irc-server.c
+@@ -186,6 +186,15 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req )
+ if (!Client_CheckID(Client, Req->argv[0]))
+ return DISCONNECTED;
+
++ if (!Req->prefix) {
++ /* We definitely need a prefix here! */
++ Log(LOG_ALERT, "Got SERVER command without prefix! (on connection %d)",
++ Client_Conn(Client));
++ Conn_Close(Client_Conn(Client), NULL,
++ "SERVER command without prefix", true);
++ return DISCONNECTED;
++ }
++
+ from = Client_Search( Req->prefix );
+ if (! from) {
+ /* Uh, Server, that introduced the new server is unknown?! */
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index 27b0bd811c..4d3c13cdfe 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -3,9 +3,25 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Contributor: Dave Esaias <dave@containership.io>
# Contributor: Tadahisa Kamijo <kamijin@live.jp>
+# Contributor: Eivind Uggedal <eu@eju.no>
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 10.19.0-r0:
+# - CVE-2019-15606
+# - CVE-2019-15605
+# - CVE-2019-15604
+# 10.16.3-r0:
+# - CVE-2019-9511
+# - CVE-2019-9512
+# - CVE-2019-9513
+# - CVE-2019-9514
+# - CVE-2019-9515
+# - CVE-2019-9516
+# - CVE-2019-9517
+# - CVE-2019-9518
+# 10.15.3-r0:
+# - CVE-2019-5737
# 10.14.0-r0:
# - CVE-2018-12121
# - CVE-2018-12122
@@ -33,7 +49,7 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=10.14.2
+pkgver=10.19.0
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
@@ -43,7 +59,7 @@ depends="ca-certificates"
depends_dev="libuv"
# gold is needed for mksnapshot
makedepends="$depends_dev python2 openssl-dev zlib-dev libuv-dev linux-headers
- paxmark binutils-gold http-parser-dev ca-certificates c-ares-dev"
+ paxmark binutils-gold ca-certificates c-ares-dev"
subpackages="$pkgname-dev $pkgname-doc npm::noarch"
provides="nodejs-lts=$pkgver" # for backward compatibility
replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility
@@ -57,7 +73,7 @@ prepare() {
default_prepare
# Remove bundled dependencies that we're not using.
- rm -rf deps/http_parser deps/openssl deps/uv deps/zlib
+ rm -rf deps/openssl deps/uv deps/zlib
}
build() {
@@ -72,7 +88,6 @@ build() {
--shared-zlib \
--shared-libuv \
--shared-openssl \
- --shared-http-parser \
--shared-cares \
--openssl-use-def-ca-store
@@ -102,9 +117,17 @@ package() {
paxmark -m "$pkgdir"/usr/bin/node
cp -pr "$pkgdir"/usr/lib/node_modules/npm/man "$pkgdir"/usr/share
- local d; for d in doc html man; do
+ local d; for d in docs man; do
rm -r "$pkgdir"/usr/lib/node_modules/npm/$d
done
+
+ # XXX: Workaround for https://github.com/npm/cli/issues/780.
+ (cd "$pkgdir"/usr/share/man/man5 && find * \
+ -type f ! \( -name 'package-json.*' -or -name 'npmrc.*' -or -name 'npm-*' \) \
+ -exec mv {} npm-{} \;)
+ (cd "$pkgdir"/usr/share/man/man7 && find * \
+ -type f ! \( -name 'semver.*' -or -name 'npm-*' \) \
+ -exec mv {} npm-{} \;)
}
dev() {
@@ -126,6 +149,6 @@ npm() {
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
-sha512sums="72e78f8839543826025549022df9f23a71be3507261a387f82142d71d24065a23f9b905d7fd95a0940ac68355bfe0d81ee50c320eb46493e10e417cd975d3c8e node-v10.14.2.tar.gz
+sha512sums="59f584e27dfd99453a031722ca3e094d658a90e77316a85a7048868fe6a6164b8aef0f03b60cbe681ace273d902434210bf3cd10a638583b74264d8b42bf2565 node-v10.19.0.tar.gz
9d09a88074bf0093f35c5b610e73ebf4c5381df2a2b29feb69da1af0b18776a683b13f1276375bbcfc60936cc27769539e1f01b4ba94b22cad2d5f4daae14c46 dont-run-gyp-files-for-bundled-deps.patch
4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"
diff --git a/main/ntfs-3g/APKBUILD b/main/ntfs-3g/APKBUILD
index 9f63527fe1..8c2695bc2d 100644
--- a/main/ntfs-3g/APKBUILD
+++ b/main/ntfs-3g/APKBUILD
@@ -4,18 +4,24 @@
pkgname=ntfs-3g
_pkgreal=ntfs-3g_ntfsprogs
pkgver=2017.3.23
-pkgrel=1
+pkgrel=2
pkgdesc="Stable, full-featured, read-write NTFS"
-url="http://www.tuxera.com/community/ntfs-3g-download/"
+url="https://www.tuxera.com/community/ntfs-3g-download/"
arch="all"
-license="GPL"
+license="GPL-2.0-or-later AND LGPL-2.0-or-later"
+options="!check" # No test suite
makedepends="attr-dev util-linux-dev linux-headers"
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-progs"
-source="http://tuxera.com/opensource/$_pkgreal-$pkgver.tgz"
+source="https://tuxera.com/opensource/ntfs-3g_ntfsprogs-$pkgver.tgz
+ CVE-2019-9755.patch
+ "
builddir="$srcdir/$_pkgreal-$pkgver"
+# secfixes:
+# 2017.3.23-r2:
+# - CVE-2019-9755
+
build() {
- cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -29,7 +35,6 @@ build() {
package() {
pkgdesc="$pkgdesc (driver)"
- cd "$builddir"
mkdir -p "$pkgdir"/lib
make -j1 DESTDIR="$pkgdir" LDCONFIG=: install
ln -s /bin/ntfs-3g "$pkgdir"/sbin/mount.ntfs
@@ -44,4 +49,5 @@ progs() {
rm -fr "$subpkgdir"/lib "$subpkgdir"/usr/lib
}
-sha512sums="3a607f0d7be35204c992d8931de0404fbc52032c13b4240d2c5e6f285c318a28eb2a385d7cf5ac4cd445876aee5baa5753bb636ada0d870d84a9d3fdbce794ef ntfs-3g_ntfsprogs-2017.3.23.tgz"
+sha512sums="3a607f0d7be35204c992d8931de0404fbc52032c13b4240d2c5e6f285c318a28eb2a385d7cf5ac4cd445876aee5baa5753bb636ada0d870d84a9d3fdbce794ef ntfs-3g_ntfsprogs-2017.3.23.tgz
+d071cf6c3ee38963df0286049196cb3bab050460e0b541f3cf5d217c874d247878cb6dcca2d6d68c562447f8956e0511dd93552c5647dda88b69be880b5cd9f8 CVE-2019-9755.patch"
diff --git a/main/ntfs-3g/CVE-2019-9755.patch b/main/ntfs-3g/CVE-2019-9755.patch
new file mode 100644
index 0000000000..577f168628
--- /dev/null
+++ b/main/ntfs-3g/CVE-2019-9755.patch
@@ -0,0 +1,62 @@
+From 85c1634a26faa572d3c558d4cf8aaaca5202d4e9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
+Date: Wed, 19 Dec 2018 15:57:50 +0100
+Subject: [PATCH] Fixed reporting an error when failed to build the mountpoint
+
+The size check was inefficient because getcwd() uses an unsigned int
+argument.
+---
+ src/lowntfs-3g.c | 6 +++++-
+ src/ntfs-3g.c | 6 +++++-
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/src/lowntfs-3g.c b/src/lowntfs-3g.c
+index 993867fa..0660439b 100644
+--- a/src/lowntfs-3g.c
++++ b/src/lowntfs-3g.c
+@@ -4323,7 +4323,8 @@
+ else {
+ ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
+ if (ctx->abs_mnt_point) {
+- if (getcwd(ctx->abs_mnt_point,
++ if ((strlen(opts.mnt_point) < PATH_MAX)
++ && getcwd(ctx->abs_mnt_point,
+ PATH_MAX - strlen(opts.mnt_point) - 1)) {
+ strcat(ctx->abs_mnt_point, "/");
+ strcat(ctx->abs_mnt_point, opts.mnt_point);
+@@ -4331,6 +4332,9 @@
+ /* Solaris also wants the absolute mount point */
+ opts.mnt_point = ctx->abs_mnt_point;
+ #endif /* defined(__sun) && defined (__SVR4) */
++ } else {
++ free(ctx->abs_mnt_point);
++ ctx->abs_mnt_point = (char*)NULL;
+ }
+ }
+ }
+diff --git a/src/ntfs-3g.c b/src/ntfs-3g.c
+index 6ce89fef..4e0912ae 100644
+--- a/src/ntfs-3g.c
++++ b/src/ntfs-3g.c
+@@ -4123,7 +4123,8 @@
+ else {
+ ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
+ if (ctx->abs_mnt_point) {
+- if (getcwd(ctx->abs_mnt_point,
++ if ((strlen(opts.mnt_point) < PATH_MAX)
++ && getcwd(ctx->abs_mnt_point,
+ PATH_MAX - strlen(opts.mnt_point) - 1)) {
+ strcat(ctx->abs_mnt_point, "/");
+ strcat(ctx->abs_mnt_point, opts.mnt_point);
+@@ -4131,6 +4132,9 @@
+ /* Solaris also wants the absolute mount point */
+ opts.mnt_point = ctx->abs_mnt_point;
+ #endif /* defined(__sun) && defined (__SVR4) */
++ } else {
++ free(ctx->abs_mnt_point);
++ ctx->abs_mnt_point = (char*)NULL;
+ }
+ }
+ }
+--
+2.22.0
diff --git a/main/openldap/APKBUILD b/main/openldap/APKBUILD
index 76ed26f8f8..c6e075176b 100644
--- a/main/openldap/APKBUILD
+++ b/main/openldap/APKBUILD
@@ -2,6 +2,8 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 2.4.48-r1:
+# - CVE-2020-12243
# 2.4.48-r0:
# - CVE-2019-13565
# - CVE-2019-13057
@@ -13,7 +15,7 @@
#
pkgname=openldap
pkgver=2.4.48
-pkgrel=0
+pkgrel=1
pkgdesc="LDAP Server"
url="http://www.openldap.org/"
arch="all"
@@ -39,6 +41,8 @@ source="https://www.openldap.org/software/download/OpenLDAP/$pkgname-release/$pk
slapd.initd
slapd.confd
+
+ CVE-2020-12243.patch::https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@@ -226,4 +230,5 @@ sha512sums="cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be79
0d2e570ddcb7ace1221abad9fc1d3dd0d00d6948340df69879b449959a68feee6a0ad8e17ef9971b35986293e16fc9d8e88de81815fedd5ea6a952eb085406ca configs.patch
60c1ec62003a33036de68402544e25a71715ed124a3139056a94ed1ba02fb8148ee510ab8f182a308105a2f744b9787e67112bcd8cd0d800cdb6f5409c4f63ff cacheflush.patch
0c3606e4dad1b32f1c4b62f2bc1990a4c9f7ccd10c7b50e623309ba9df98064e68fc42a7242450f32fb6e5fa2203609d3d069871b5ae994cd4b227a078c93532 slapd.initd
-64dc4c0aa0abe3d9f7d2aef25fe4c8e23c53df2421067947ac4d096c9e942b26356cb8577ebc41b52d88d0b0a03b2a3e435fe86242671f9b36555a5f82ee0e3a slapd.confd"
+64dc4c0aa0abe3d9f7d2aef25fe4c8e23c53df2421067947ac4d096c9e942b26356cb8577ebc41b52d88d0b0a03b2a3e435fe86242671f9b36555a5f82ee0e3a slapd.confd
+d4d8bec1c23c73e7126462bfe2e51cb603d1e83be4c64698ac167f221d515554b3b0e311f9789450b5c4c206c09cbdad1842b0b5b2364919967195da4ea6d833 CVE-2020-12243.patch"
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index bcceb4dda2..8ecefb4f55 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,8 +1,8 @@
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
-pkgver=1.1.1d
+pkgver=1.1.1g
_abiver=${pkgver%.*}
-pkgrel=2
+pkgrel=0
pkgdesc="Toolkit for Transport Layer Security (TLS)"
url="https://www.openssl.org"
arch="all"
@@ -14,7 +14,6 @@ makedepends="$makedepends_host $makedepends_build"
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto$_abiver:_libcrypto libssl$_abiver:_libssl"
source="https://www.openssl.org/source/openssl-$pkgver.tar.gz
man-section.patch
- CVE-2019-1551.patch
"
case "$CARCH" in
s390x) options="$options !check";; # FIXME: test hangs
@@ -23,6 +22,8 @@ esac
builddir="$srcdir/openssl-$pkgver"
# secfixes:
+# 1.1.1g-r0:
+# - CVE-2020-1967
# 1.1.1d-r2:
# - CVE-2019-1551
# 1.1.1d-r0:
@@ -112,6 +113,5 @@ _libssl() {
done
}
-sha512sums="2bc9f528c27fe644308eb7603c992bac8740e9f0c3601a130af30c9ffebbf7e0f5c28b76a00bbb478bad40fbe89b4223a58d604001e1713da71ff4b7fe6a08a7 openssl-1.1.1d.tar.gz
-3e5c425d219768721d38bb33db7445eb3ea12d9447a16c5b23b9fddfcbd9d40b98b39506aeac9cbaced4be22ad5a6cb8e4d16fbe4850ac50a6b0c716592b2a2b man-section.patch
-11ca61515a89766241fe0fae27f3b39767128915f288ea88840bf93e8b50ac416024cb2153efcdf2658d3e82a8e4250a0c069333dbd7347475f9dafcc45370b5 CVE-2019-1551.patch"
+sha512sums="01e3d0b1bceeed8fb066f542ef5480862001556e0f612e017442330bbd7e5faee228b2de3513d7fc347446b7f217e27de1003dc9d7214d5833b97593f3ec25ab openssl-1.1.1g.tar.gz
+43c3255118db6f5f340dc865c0f25ccbcafe5bf7507585244ca59b4d27daf533d6c3171aa32a8685cbb6200104bec535894b633de13feaadff87ab86739a445a man-section.patch"
diff --git a/main/openssl/CVE-2019-1551.patch b/main/openssl/CVE-2019-1551.patch
deleted file mode 100644
index 8daf04ebf9..0000000000
--- a/main/openssl/CVE-2019-1551.patch
+++ /dev/null
@@ -1,757 +0,0 @@
-From 419102400a2811582a7a3d4a4e317d72e5ce0a8f Mon Sep 17 00:00:00 2001
-From: Andy Polyakov <appro@openssl.org>
-Date: Wed, 4 Dec 2019 12:48:21 +0100
-Subject: [PATCH] Fix an overflow bug in rsaz_512_sqr
-
-There is an overflow bug in the x64_64 Montgomery squaring procedure used in
-exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis
-suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a
-result of this defect would be very difficult to perform and are not believed
-likely. Attacks against DH512 are considered just feasible. However, for an
-attack the target would have to re-use the DH512 private key, which is not
-recommended anyway. Also applications directly using the low level API
-BN_mod_exp may be affected if they use BN_FLG_CONSTTIME.
-
-CVE-2019-1551
-
-Reviewed-by: Paul Dale <paul.dale@oracle.com>
-Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
-(Merged from https://github.com/openssl/openssl/pull/10575)
----
- crypto/bn/asm/rsaz-x86_64.pl | 381 ++++++++++++++++++-----------------
- 1 file changed, 197 insertions(+), 184 deletions(-)
-
-diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
-index b1797b649f..7534d5cd03 100755
---- a/crypto/bn/asm/rsaz-x86_64.pl
-+++ b/crypto/bn/asm/rsaz-x86_64.pl
-@@ -116,7 +116,7 @@ rsaz_512_sqr: # 25-29% faster than rsaz_512_mul
- subq \$128+24, %rsp
- .cfi_adjust_cfa_offset 128+24
- .Lsqr_body:
-- movq $mod, %rbp # common argument
-+ movq $mod, %xmm1 # common off-load
- movq ($inp), %rdx
- movq 8($inp), %rax
- movq $n0, 128(%rsp)
-@@ -134,7 +134,8 @@ $code.=<<___;
- .Loop_sqr:
- movl $times,128+8(%rsp)
- #first iteration
-- movq %rdx, %rbx
-+ movq %rdx, %rbx # 0($inp)
-+ mov %rax, %rbp # 8($inp)
- mulq %rdx
- movq %rax, %r8
- movq 16($inp), %rax
-@@ -173,31 +174,29 @@ $code.=<<___;
- mulq %rbx
- addq %rax, %r14
- movq %rbx, %rax
-- movq %rdx, %r15
-- adcq \$0, %r15
-+ adcq \$0, %rdx
-
-- addq %r8, %r8 #shlq \$1, %r8
-- movq %r9, %rcx
-- adcq %r9, %r9 #shld \$1, %r8, %r9
-+ xorq %rcx,%rcx # rcx:r8 = r8 << 1
-+ addq %r8, %r8
-+ movq %rdx, %r15
-+ adcq \$0, %rcx
-
- mulq %rax
-- movq %rax, (%rsp)
-- addq %rdx, %r8
-- adcq \$0, %r9
-+ addq %r8, %rdx
-+ adcq \$0, %rcx
-
-- movq %r8, 8(%rsp)
-- shrq \$63, %rcx
-+ movq %rax, (%rsp)
-+ movq %rdx, 8(%rsp)
-
- #second iteration
-- movq 8($inp), %r8
- movq 16($inp), %rax
-- mulq %r8
-+ mulq %rbp
- addq %rax, %r10
- movq 24($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-- mulq %r8
-+ mulq %rbp
- addq %rax, %r11
- movq 32($inp), %rax
- adcq \$0, %rdx
-@@ -205,7 +204,7 @@ $code.=<<___;
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-- mulq %r8
-+ mulq %rbp
- addq %rax, %r12
- movq 40($inp), %rax
- adcq \$0, %rdx
-@@ -213,7 +212,7 @@ $code.=<<___;
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-- mulq %r8
-+ mulq %rbp
- addq %rax, %r13
- movq 48($inp), %rax
- adcq \$0, %rdx
-@@ -221,7 +220,7 @@ $code.=<<___;
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-- mulq %r8
-+ mulq %rbp
- addq %rax, %r14
- movq 56($inp), %rax
- adcq \$0, %rdx
-@@ -229,39 +228,39 @@ $code.=<<___;
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-- mulq %r8
-+ mulq %rbp
- addq %rax, %r15
-- movq %r8, %rax
-+ movq %rbp, %rax
- adcq \$0, %rdx
- addq %rbx, %r15
-- movq %rdx, %r8
-- movq %r10, %rdx
-- adcq \$0, %r8
-+ adcq \$0, %rdx
-
-- add %rdx, %rdx
-- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
-- movq %r11, %rbx
-- adcq %r11, %r11 #shld \$1, %r10, %r11
-+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
-+ addq %r9, %r9
-+ movq %rdx, %r8
-+ adcq %r10, %r10
-+ adcq \$0, %rbx
-
- mulq %rax
-+ addq %rcx, %rax
-+ movq 16($inp), %rbp
-+ adcq \$0, %rdx
- addq %rax, %r9
-+ movq 24($inp), %rax
- adcq %rdx, %r10
-- adcq \$0, %r11
-+ adcq \$0, %rbx
-
- movq %r9, 16(%rsp)
- movq %r10, 24(%rsp)
-- shrq \$63, %rbx
-
- #third iteration
-- movq 16($inp), %r9
-- movq 24($inp), %rax
-- mulq %r9
-+ mulq %rbp
- addq %rax, %r12
- movq 32($inp), %rax
- movq %rdx, %rcx
- adcq \$0, %rcx
-
-- mulq %r9
-+ mulq %rbp
- addq %rax, %r13
- movq 40($inp), %rax
- adcq \$0, %rdx
-@@ -269,7 +268,7 @@ $code.=<<___;
- movq %rdx, %rcx
- adcq \$0, %rcx
-
-- mulq %r9
-+ mulq %rbp
- addq %rax, %r14
- movq 48($inp), %rax
- adcq \$0, %rdx
-@@ -277,9 +276,7 @@ $code.=<<___;
- movq %rdx, %rcx
- adcq \$0, %rcx
-
-- mulq %r9
-- movq %r12, %r10
-- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
-+ mulq %rbp
- addq %rax, %r15
- movq 56($inp), %rax
- adcq \$0, %rdx
-@@ -287,36 +284,40 @@ $code.=<<___;
- movq %rdx, %rcx
- adcq \$0, %rcx
-
-- mulq %r9
-- shrq \$63, %r10
-+ mulq %rbp
- addq %rax, %r8
-- movq %r9, %rax
-+ movq %rbp, %rax
- adcq \$0, %rdx
- addq %rcx, %r8
-- movq %rdx, %r9
-- adcq \$0, %r9
-+ adcq \$0, %rdx
-
-- movq %r13, %rcx
-- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
-+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
-+ addq %r11, %r11
-+ movq %rdx, %r9
-+ adcq %r12, %r12
-+ adcq \$0, %rcx
-
- mulq %rax
-+ addq %rbx, %rax
-+ movq 24($inp), %r10
-+ adcq \$0, %rdx
- addq %rax, %r11
-+ movq 32($inp), %rax
- adcq %rdx, %r12
-- adcq \$0, %r13
-+ adcq \$0, %rcx
-
- movq %r11, 32(%rsp)
- movq %r12, 40(%rsp)
-- shrq \$63, %rcx
-
- #fourth iteration
-- movq 24($inp), %r10
-- movq 32($inp), %rax
-+ mov %rax, %r11 # 32($inp)
- mulq %r10
- addq %rax, %r14
- movq 40($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-+ mov %rax, %r12 # 40($inp)
- mulq %r10
- addq %rax, %r15
- movq 48($inp), %rax
-@@ -325,9 +326,8 @@ $code.=<<___;
- movq %rdx, %rbx
- adcq \$0, %rbx
-
-+ mov %rax, %rbp # 48($inp)
- mulq %r10
-- movq %r14, %r12
-- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
- addq %rax, %r8
- movq 56($inp), %rax
- adcq \$0, %rdx
-@@ -336,32 +336,33 @@ $code.=<<___;
- adcq \$0, %rbx
-
- mulq %r10
-- shrq \$63, %r12
- addq %rax, %r9
- movq %r10, %rax
- adcq \$0, %rdx
- addq %rbx, %r9
-- movq %rdx, %r10
-- adcq \$0, %r10
-+ adcq \$0, %rdx
-
-- movq %r15, %rbx
-- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
-+ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1
-+ addq %r13, %r13
-+ movq %rdx, %r10
-+ adcq %r14, %r14
-+ adcq \$0, %rbx
-
- mulq %rax
-+ addq %rcx, %rax
-+ adcq \$0, %rdx
- addq %rax, %r13
-+ movq %r12, %rax # 40($inp)
- adcq %rdx, %r14
-- adcq \$0, %r15
-+ adcq \$0, %rbx
-
- movq %r13, 48(%rsp)
- movq %r14, 56(%rsp)
-- shrq \$63, %rbx
-
- #fifth iteration
-- movq 32($inp), %r11
-- movq 40($inp), %rax
- mulq %r11
- addq %rax, %r8
-- movq 48($inp), %rax
-+ movq %rbp, %rax # 48($inp)
- movq %rdx, %rcx
- adcq \$0, %rcx
-
-@@ -369,97 +370,99 @@ $code.=<<___;
- addq %rax, %r9
- movq 56($inp), %rax
- adcq \$0, %rdx
-- movq %r8, %r12
-- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
- addq %rcx, %r9
- movq %rdx, %rcx
- adcq \$0, %rcx
-
-+ mov %rax, %r14 # 56($inp)
- mulq %r11
-- shrq \$63, %r12
- addq %rax, %r10
- movq %r11, %rax
- adcq \$0, %rdx
- addq %rcx, %r10
-- movq %rdx, %r11
-- adcq \$0, %r11
-+ adcq \$0, %rdx
-
-- movq %r9, %rcx
-- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
-+ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1
-+ addq %r15, %r15
-+ movq %rdx, %r11
-+ adcq %r8, %r8
-+ adcq \$0, %rcx
-
- mulq %rax
-+ addq %rbx, %rax
-+ adcq \$0, %rdx
- addq %rax, %r15
-+ movq %rbp, %rax # 48($inp)
- adcq %rdx, %r8
-- adcq \$0, %r9
-+ adcq \$0, %rcx
-
- movq %r15, 64(%rsp)
- movq %r8, 72(%rsp)
-- shrq \$63, %rcx
-
- #sixth iteration
-- movq 40($inp), %r12
-- movq 48($inp), %rax
- mulq %r12
- addq %rax, %r10
-- movq 56($inp), %rax
-+ movq %r14, %rax # 56($inp)
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r12
- addq %rax, %r11
- movq %r12, %rax
-- movq %r10, %r15
-- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- adcq \$0, %rdx
-- shrq \$63, %r15
- addq %rbx, %r11
-- movq %rdx, %r12
-- adcq \$0, %r12
-+ adcq \$0, %rdx
-
-- movq %r11, %rbx
-- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
-+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
-+ addq %r9, %r9
-+ movq %rdx, %r12
-+ adcq %r10, %r10
-+ adcq \$0, %rbx
-
- mulq %rax
-+ addq %rcx, %rax
-+ adcq \$0, %rdx
- addq %rax, %r9
-+ movq %r14, %rax # 56($inp)
- adcq %rdx, %r10
-- adcq \$0, %r11
-+ adcq \$0, %rbx
-
- movq %r9, 80(%rsp)
- movq %r10, 88(%rsp)
-
- #seventh iteration
-- movq 48($inp), %r13
-- movq 56($inp), %rax
-- mulq %r13
-+ mulq %rbp
- addq %rax, %r12
-- movq %r13, %rax
-- movq %rdx, %r13
-- adcq \$0, %r13
-+ movq %rbp, %rax
-+ adcq \$0, %rdx
-
-- xorq %r14, %r14
-- shlq \$1, %rbx
-- adcq %r12, %r12 #shld \$1, %rbx, %r12
-- adcq %r13, %r13 #shld \$1, %r12, %r13
-- adcq %r14, %r14 #shld \$1, %r13, %r14
-+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
-+ addq %r11, %r11
-+ movq %rdx, %r13
-+ adcq %r12, %r12
-+ adcq \$0, %rcx
-
- mulq %rax
-+ addq %rbx, %rax
-+ adcq \$0, %rdx
- addq %rax, %r11
-+ movq %r14, %rax # 56($inp)
- adcq %rdx, %r12
-- adcq \$0, %r13
-+ adcq \$0, %rcx
-
- movq %r11, 96(%rsp)
- movq %r12, 104(%rsp)
-
- #eighth iteration
-- movq 56($inp), %rax
-+ xorq %rbx, %rbx # rbx:r13 = r13 << 1
-+ addq %r13, %r13
-+ adcq \$0, %rbx
-+
- mulq %rax
-- addq %rax, %r13
-+ addq %rcx, %rax
- adcq \$0, %rdx
--
-- addq %rdx, %r14
--
-- movq %r13, 112(%rsp)
-- movq %r14, 120(%rsp)
-+ addq %r13, %rax
-+ adcq %rbx, %rdx
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
-@@ -469,6 +472,10 @@ $code.=<<___;
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-+ movq %xmm1, %rbp
-+
-+ movq %rax, 112(%rsp)
-+ movq %rdx, 120(%rsp)
-
- call __rsaz_512_reduce
-
-@@ -500,9 +507,9 @@ $code.=<<___;
- .Loop_sqrx:
- movl $times,128+8(%rsp)
- movq $out, %xmm0 # off-load
-- movq %rbp, %xmm1 # off-load
- #first iteration
- mulx %rax, %r8, %r9
-+ mov %rax, %rbx
-
- mulx 16($inp), %rcx, %r10
- xor %rbp, %rbp # cf=0, of=0
-@@ -510,40 +517,39 @@ $code.=<<___;
- mulx 24($inp), %rax, %r11
- adcx %rcx, %r9
-
-- mulx 32($inp), %rcx, %r12
-+ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12
- adcx %rax, %r10
-
-- mulx 40($inp), %rax, %r13
-+ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13
- adcx %rcx, %r11
-
-- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
-+ mulx 48($inp), %rcx, %r14
- adcx %rax, %r12
- adcx %rcx, %r13
-
-- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
-+ mulx 56($inp), %rax, %r15
- adcx %rax, %r14
- adcx %rbp, %r15 # %rbp is 0
-
-- mov %r9, %rcx
-- shld \$1, %r8, %r9
-- shl \$1, %r8
--
-- xor %ebp, %ebp
-- mulx %rdx, %rax, %rdx
-- adcx %rdx, %r8
-- mov 8($inp), %rdx
-- adcx %rbp, %r9
-+ mulx %rdx, %rax, $out
-+ mov %rbx, %rdx # 8($inp)
-+ xor %rcx, %rcx
-+ adox %r8, %r8
-+ adcx $out, %r8
-+ adox %rbp, %rcx
-+ adcx %rbp, %rcx
-
- mov %rax, (%rsp)
- mov %r8, 8(%rsp)
-
- #second iteration
-- mulx 16($inp), %rax, %rbx
-+ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx
- adox %rax, %r10
- adcx %rbx, %r11
-
-- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
-+ mulx 24($inp), $out, %r8
- adox $out, %r11
-+ .byte 0x66
- adcx %r8, %r12
-
- mulx 32($inp), %rax, %rbx
-@@ -561,24 +567,25 @@ $code.=<<___;
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
- adox $out, %r15
- adcx %rbp, %r8
-+ mulx %rdx, %rax, $out
- adox %rbp, %r8
-+ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx
-
-- mov %r11, %rbx
-- shld \$1, %r10, %r11
-- shld \$1, %rcx, %r10
--
-- xor %ebp,%ebp
-- mulx %rdx, %rax, %rcx
-- mov 16($inp), %rdx
-+ xor %rbx, %rbx
-+ adcx %rcx, %rax
-+ adox %r9, %r9
-+ adcx %rbp, $out
-+ adox %r10, %r10
- adcx %rax, %r9
-- adcx %rcx, %r10
-- adcx %rbp, %r11
-+ adox %rbp, %rbx
-+ adcx $out, %r10
-+ adcx %rbp, %rbx
-
- mov %r9, 16(%rsp)
- .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)
-
- #third iteration
-- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
-+ mulx 24($inp), $out, %r9
- adox $out, %r12
- adcx %r9, %r13
-
-@@ -586,7 +593,7 @@ $code.=<<___;
- adox %rax, %r13
- adcx %rcx, %r14
-
-- mulx 40($inp), $out, %r9
-+ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9
- adox $out, %r14
- adcx %r9, %r15
-
-@@ -594,27 +601,28 @@ $code.=<<___;
- adox %rax, %r15
- adcx %rcx, %r8
-
-- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
-+ mulx 56($inp), $out, %r9
- adox $out, %r8
- adcx %rbp, %r9
-+ mulx %rdx, %rax, $out
- adox %rbp, %r9
-+ mov 24($inp), %rdx
-
-- mov %r13, %rcx
-- shld \$1, %r12, %r13
-- shld \$1, %rbx, %r12
--
-- xor %ebp, %ebp
-- mulx %rdx, %rax, %rdx
-+ xor %rcx, %rcx
-+ adcx %rbx, %rax
-+ adox %r11, %r11
-+ adcx %rbp, $out
-+ adox %r12, %r12
- adcx %rax, %r11
-- adcx %rdx, %r12
-- mov 24($inp), %rdx
-- adcx %rbp, %r13
-+ adox %rbp, %rcx
-+ adcx $out, %r12
-+ adcx %rbp, %rcx
-
- mov %r11, 32(%rsp)
-- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
-+ mov %r12, 40(%rsp)
-
- #fourth iteration
-- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
-+ mulx 32($inp), %rax, %rbx
- adox %rax, %r14
- adcx %rbx, %r15
-
-@@ -629,25 +637,25 @@ $code.=<<___;
- mulx 56($inp), $out, %r10
- adox $out, %r9
- adcx %rbp, %r10
-+ mulx %rdx, %rax, $out
- adox %rbp, %r10
-+ mov 32($inp), %rdx
-
-- .byte 0x66
-- mov %r15, %rbx
-- shld \$1, %r14, %r15
-- shld \$1, %rcx, %r14
--
-- xor %ebp, %ebp
-- mulx %rdx, %rax, %rdx
-+ xor %rbx, %rbx
-+ adcx %rcx, %rax
-+ adox %r13, %r13
-+ adcx %rbp, $out
-+ adox %r14, %r14
- adcx %rax, %r13
-- adcx %rdx, %r14
-- mov 32($inp), %rdx
-- adcx %rbp, %r15
-+ adox %rbp, %rbx
-+ adcx $out, %r14
-+ adcx %rbp, %rbx
-
- mov %r13, 48(%rsp)
- mov %r14, 56(%rsp)
-
- #fifth iteration
-- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
-+ mulx 40($inp), $out, %r11
- adox $out, %r8
- adcx %r11, %r9
-
-@@ -658,18 +666,19 @@ $code.=<<___;
- mulx 56($inp), $out, %r11
- adox $out, %r10
- adcx %rbp, %r11
-+ mulx %rdx, %rax, $out
-+ mov 40($inp), %rdx
- adox %rbp, %r11
-
-- mov %r9, %rcx
-- shld \$1, %r8, %r9
-- shld \$1, %rbx, %r8
--
-- xor %ebp, %ebp
-- mulx %rdx, %rax, %rdx
-+ xor %rcx, %rcx
-+ adcx %rbx, %rax
-+ adox %r15, %r15
-+ adcx %rbp, $out
-+ adox %r8, %r8
- adcx %rax, %r15
-- adcx %rdx, %r8
-- mov 40($inp), %rdx
-- adcx %rbp, %r9
-+ adox %rbp, %rcx
-+ adcx $out, %r8
-+ adcx %rbp, %rcx
-
- mov %r15, 64(%rsp)
- mov %r8, 72(%rsp)
-@@ -682,18 +691,19 @@ $code.=<<___;
- .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
- adox $out, %r11
- adcx %rbp, %r12
-+ mulx %rdx, %rax, $out
- adox %rbp, %r12
-+ mov 48($inp), %rdx
-
-- mov %r11, %rbx
-- shld \$1, %r10, %r11
-- shld \$1, %rcx, %r10
--
-- xor %ebp, %ebp
-- mulx %rdx, %rax, %rdx
-+ xor %rbx, %rbx
-+ adcx %rcx, %rax
-+ adox %r9, %r9
-+ adcx %rbp, $out
-+ adox %r10, %r10
- adcx %rax, %r9
-- adcx %rdx, %r10
-- mov 48($inp), %rdx
-- adcx %rbp, %r11
-+ adcx $out, %r10
-+ adox %rbp, %rbx
-+ adcx %rbp, %rbx
-
- mov %r9, 80(%rsp)
- mov %r10, 88(%rsp)
-@@ -703,31 +713,31 @@ $code.=<<___;
- adox %rax, %r12
- adox %rbp, %r13
-
-- xor %r14, %r14
-- shld \$1, %r13, %r14
-- shld \$1, %r12, %r13
-- shld \$1, %rbx, %r12
--
-- xor %ebp, %ebp
-- mulx %rdx, %rax, %rdx
-- adcx %rax, %r11
-- adcx %rdx, %r12
-+ mulx %rdx, %rax, $out
-+ xor %rcx, %rcx
- mov 56($inp), %rdx
-- adcx %rbp, %r13
-+ adcx %rbx, %rax
-+ adox %r11, %r11
-+ adcx %rbp, $out
-+ adox %r12, %r12
-+ adcx %rax, %r11
-+ adox %rbp, %rcx
-+ adcx $out, %r12
-+ adcx %rbp, %rcx
-
- .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)
-
- #eighth iteration
- mulx %rdx, %rax, %rdx
-- adox %rax, %r13
-- adox %rbp, %rdx
-+ xor %rbx, %rbx
-+ adcx %rcx, %rax
-+ adox %r13, %r13
-+ adcx %rbp, %rdx
-+ adox %rbp, %rbx
-+ adcx %r13, %rax
-+ adcx %rdx, %rbx
-
-- .byte 0x66
-- add %rdx, %r14
--
-- movq %r13, 112(%rsp)
-- movq %r14, 120(%rsp)
- movq %xmm0, $out
- movq %xmm1, %rbp
-
-@@ -741,6 +751,9 @@ $code.=<<___;
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
-+ movq %rax, 112(%rsp)
-+ movq %rbx, 120(%rsp)
-+
- call __rsaz_512_reducex
-
- addq 64(%rsp), %r8
---
-2.17.1
-
diff --git a/main/openssl/man-section.patch b/main/openssl/man-section.patch
index 2920145612..0606897f45 100644
--- a/main/openssl/man-section.patch
+++ b/main/openssl/man-section.patch
@@ -25,8 +25,8 @@ index 1292053546f5..c034d21884d8 100644
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
@$(ECHO) "*** Installing manpages"
$(PERL) $(SRCDIR)/util/process_docs.pl \
-- --destdir=$(DESTDIR)$(MANDIR) --type=man --suffix=$(MANSUFFIX)
-+ --destdir=$(DESTDIR)$(MANDIR) --type=man --suffix=$(MANSUFFIX) \
+- "--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX)
++ "--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX) \
+ --mansection=$(MANSECTION)
uninstall_man_docs:
diff --git a/main/perl-mozilla-ca/APKBUILD b/main/perl-mozilla-ca/APKBUILD
index b4de335ecd..81fde271fb 100644
--- a/main/perl-mozilla-ca/APKBUILD
+++ b/main/perl-mozilla-ca/APKBUILD
@@ -3,37 +3,34 @@
# Maintainer: Kiyoshi Aman <kiyoshi.aman@gmail.com>
pkgname=perl-mozilla-ca
_pkgreal=Mozilla-CA
-pkgver=20160104
+pkgver=20200520
pkgrel=0
pkgdesc="Mozilla's CA cert bundle in PEM format"
-url="http://search.cpan.org/dist/Mozilla-CA/"
+url="https://metacpan.org/release/Mozilla-CA"
arch="noarch"
license="GPL PerlArtistic"
-cpandepends=""
-cpanmakedepends=""
-depends="$cpandepends"
-makedepends="perl-dev $cpanmakedepends"
+makedepends="perl-dev"
subpackages="$pkgname-doc"
-source="http://search.cpan.org/CPAN/authors/id/A/AB/ABH/$_pkgreal-$pkgver.tar.gz"
-
-_builddir="$srcdir/$_pkgreal-$pkgver"
+source="https://search.cpan.org/CPAN/authors/id/A/AB/ABH/$_pkgreal-$pkgver.tar.gz"
+builddir="$srcdir/$_pkgreal-$pkgver"
prepare() {
- cd "$_builddir"
+ default_prepare
+
PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor
}
build() {
- cd "$_builddir"
- make && make test
+ make
+}
+
+check() {
+ make test
}
package() {
- cd "$_builddir"
- make DESTDIR="$pkgdir" install || return 1
+ make DESTDIR="$pkgdir" install
find "$pkgdir" \( -name perllocal.pod -o -name .packlist \) -delete
}
-md5sums="1b91edb15953a8188f011ab5ff433300 Mozilla-CA-20160104.tar.gz"
-sha256sums="27a7069a243162b65ada4194ff9d21b6ebc304af723eb5d3972fb74c11b03f2a Mozilla-CA-20160104.tar.gz"
-sha512sums="3b416d45ce82d2a0be5f8a3f61506deba48c9208e579e418addb2ff8920599aa4b4ab52f7ff4b8aaf274cf4cf2da8d30f7775f9663c6d9d3aae92f7a1cf6292b Mozilla-CA-20160104.tar.gz"
+sha512sums="5bc7c43c55baa3f878fd2dbf1c85d6b20dcdc9e54ae073d1be4f6b808fa5a4b1205428b7967b5f752b31a62464a8b5cc67b32b3f70b834a4da9c39efe3d5d59f Mozilla-CA-20200520.tar.gz"
diff --git a/main/perl/APKBUILD b/main/perl/APKBUILD
index 3206f31977..f81086cee3 100644
--- a/main/perl/APKBUILD
+++ b/main/perl/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
pkgname=perl
pkgver=5.26.3
-pkgrel=0
+pkgrel=1
pkgdesc="Larry Wall's Practical Extraction and Report Language"
url="http://www.perl.org/"
arch="all"
@@ -15,9 +15,16 @@ makedepends="bzip2-dev zlib-dev"
subpackages="$pkgname-doc $pkgname-dev $pkgname-utils::noarch miniperl"
source="http://www.cpan.org/src/5.0/perl-$pkgver.tar.gz
CVE-2018-12015.patch
+ CVE-2020-10543.patch
+ CVE-2020-10878.patch
+ CVE-2020-12723.patch
"
# secfixes:
+# 5.26.3-r1:
+# - CVE-2020-10543
+# - CVE-2020-10878
+# - CVE-2020-12723
# 5.26.3-r0:
# - CVE-2018-18311
# - CVE-2018-18312
@@ -161,4 +168,7 @@ utils() {
}
sha512sums="03914ed51163c998a6afa45610a13cf50124a2c68d291c344b0d52fa15c27fc5d5d4f5dc117516078a03dfd51250097b87c8d5e2b17c7858a4c8c536aecd05af perl-5.26.3.tar.gz
-feda381bd3230443341b99135bac4d6010e9d28b619d9fb57f2dda2c29b8877f012f76d31631e5227ef79e73e0b2b162548fa24704752e61f10c05d015c68916 CVE-2018-12015.patch"
+feda381bd3230443341b99135bac4d6010e9d28b619d9fb57f2dda2c29b8877f012f76d31631e5227ef79e73e0b2b162548fa24704752e61f10c05d015c68916 CVE-2018-12015.patch
+d084db26a6a86bcea0d8f0ecaf63581aae2fb718d92330036464e5c6530480d9bd6624762d54d4d348fdd17f6858be524286fda868f8da3ae943ceae80fec099 CVE-2020-10543.patch
+d8eda9f6bd4ab81c7008697308c081be459f0b9a22bc64dd7841eb7111a98dbe967ff161c22f87bec90487ae2720e2f33c87a6d42a9b9c8af50d65dc558ce40a CVE-2020-10878.patch
+b20c3b94ed675cca255583f7fe826e7e66b0bc05b90fc67f5b717e9204a37f87845fec78752e8fd135f2694d49dd4ccd0c875ab8d7ea1541f804bf270a10f181 CVE-2020-12723.patch"
diff --git a/main/perl/CVE-2020-10543.patch b/main/perl/CVE-2020-10543.patch
new file mode 100644
index 0000000000..a585eb74a9
--- /dev/null
+++ b/main/perl/CVE-2020-10543.patch
@@ -0,0 +1,32 @@
+From 897d1f7fd515b828e4b198d8b8bef76c6faf03ed Mon Sep 17 00:00:00 2001
+From: John Lightsey <jd@cpanel.net>
+Date: Wed, 20 Nov 2019 20:02:45 -0600
+Subject: [PATCH] regcomp.c: Prevent integer overflow from nested regex
+ quantifiers.
+
+(CVE-2020-10543) On 32bit systems the size calculations for nested regular
+expression quantifiers could overflow causing heap memory corruption.
+
+Fixes: Perl/perl5-security#125
+(cherry picked from commit bfd31397db5dc1a5c5d3e0a1f753a4f89a736e71)
+---
+ regcomp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/regcomp.c b/regcomp.c
+index 93c8d98fbb0..5f86be8086d 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -5489,6 +5489,12 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ RExC_precomp)));
+ }
+
++ if ( ( minnext > 0 && mincount >= SSize_t_MAX / minnext )
++ || min >= SSize_t_MAX - minnext * mincount )
++ {
++ FAIL("Regexp out of space");
++ }
++
+ min += minnext * mincount;
+ is_inf_internal |= deltanext == SSize_t_MAX
+ || (maxcount == REG_INFTY && minnext + deltanext > 0);
diff --git a/main/perl/CVE-2020-10878.patch b/main/perl/CVE-2020-10878.patch
new file mode 100644
index 0000000000..4bd3cd92e7
--- /dev/null
+++ b/main/perl/CVE-2020-10878.patch
@@ -0,0 +1,148 @@
+From 011cd8913d3a230b8d30b156b848585c7c4c1597 Mon Sep 17 00:00:00 2001
+From: Hugo van der Sanden <hv@crypt.org>
+Date: Tue, 18 Feb 2020 13:51:16 +0000
+Subject: [PATCH] study_chunk: extract rck_elide_nothing
+
+(CVE-2020-10878)
+
+(cherry picked from commit a3a7598c8ec6efb0eb9c0b786d80c4d2a3751b70)
+---
+ embed.fnc | 1 +
+ embed.h | 1 +
+ proto.h | 3 +++
+ regcomp.c | 70 ++++++++++++++++++++++++++++++++++---------------------
+ 4 files changed, 48 insertions(+), 27 deletions(-)
+
+diff --git a/embed.fnc b/embed.fnc
+index e762fe1eecc..cf892771631 100644
+--- a/embed.fnc
++++ b/embed.fnc
+@@ -2477,6 +2477,7 @@ Es |SSize_t|study_chunk |NN RExC_state_t *pRExC_state \
+ |I32 stopparen|U32 recursed_depth \
+ |NULLOK regnode_ssc *and_withp \
+ |U32 flags|U32 depth
++Es |void |rck_elide_nothing|NN regnode *node
+ EsRn |U32 |add_data |NN RExC_state_t* const pRExC_state \
+ |NN const char* const s|const U32 n
+ rs |void |re_croak2 |bool utf8|NN const char* pat1|NN const char* pat2|...
+diff --git a/embed.h b/embed.h
+index a5416a1148d..886551ce5c6 100644
+--- a/embed.h
++++ b/embed.h
+@@ -1202,6 +1202,7 @@
+ #define output_or_return_posix_warnings(a,b,c) S_output_or_return_posix_warnings(aTHX_ a,b,c)
+ #define parse_lparen_question_flags(a) S_parse_lparen_question_flags(aTHX_ a)
+ #define populate_ANYOF_from_invlist(a,b) S_populate_ANYOF_from_invlist(aTHX_ a,b)
++#define rck_elide_nothing(a) S_rck_elide_nothing(aTHX_ a)
+ #define reg(a,b,c,d) S_reg(aTHX_ a,b,c,d)
+ #define reg2Lanode(a,b,c,d) S_reg2Lanode(aTHX_ a,b,c,d)
+ #define reg_node(a,b) S_reg_node(aTHX_ a,b)
+diff --git a/proto.h b/proto.h
+index 66bb29b1321..d3f8802c1d8 100644
+--- a/proto.h
++++ b/proto.h
+@@ -5485,6 +5485,9 @@ STATIC void S_parse_lparen_question_flags(pTHX_ RExC_state_t *pRExC_state);
+ STATIC void S_populate_ANYOF_from_invlist(pTHX_ regnode *node, SV** invlist_ptr);
+ #define PERL_ARGS_ASSERT_POPULATE_ANYOF_FROM_INVLIST \
+ assert(node); assert(invlist_ptr)
++STATIC void S_rck_elide_nothing(pTHX_ regnode *node);
++#define PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING \
++ assert(node)
+ PERL_STATIC_NO_RET void S_re_croak2(pTHX_ bool utf8, const char* pat1, const char* pat2, ...)
+ __attribute__noreturn__;
+ #define PERL_ARGS_ASSERT_RE_CROAK2 \
+diff --git a/regcomp.c b/regcomp.c
+index dd18add1db2..0a9c6a8085a 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -4093,7 +4093,44 @@ S_unwind_scan_frames(pTHX_ const void *p)
+ } while (f);
+ }
+
++/* Follow the next-chain of the current node and optimize away
++ all the NOTHINGs from it.
++ */
++STATIC void
++S_rck_elide_nothing(pTHX_ regnode *node)
++{
++ dVAR;
+
++ PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING;
++
++ if (OP(node) != CURLYX) {
++ const int max = (reg_off_by_arg[OP(node)]
++ ? I32_MAX
++ /* I32 may be smaller than U16 on CRAYs! */
++ : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
++ int off = (reg_off_by_arg[OP(node)] ? ARG(node) : NEXT_OFF(node));
++ int noff;
++ regnode *n = node;
++
++ /* Skip NOTHING and LONGJMP. */
++ while (
++ (n = regnext(n))
++ && (
++ (PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
++ || ((OP(n) == LONGJMP) && (noff = ARG(n)))
++ )
++ && off + noff < max
++ ) {
++ off += noff;
++ }
++ if (reg_off_by_arg[OP(node)])
++ ARG(node) = off;
++ else
++ NEXT_OFF(node) = off;
++ }
++ return;
++}
++
+ STATIC SSize_t
+ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ SSize_t *minlenp, SSize_t *deltap,
+@@ -4277,28 +4315,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ */
+ JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
+
+- /* Follow the next-chain of the current node and optimize
+- away all the NOTHINGs from it. */
+- if (OP(scan) != CURLYX) {
+- const int max = (reg_off_by_arg[OP(scan)]
+- ? I32_MAX
+- /* I32 may be smaller than U16 on CRAYs! */
+- : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
+- int off = (reg_off_by_arg[OP(scan)] ? ARG(scan) : NEXT_OFF(scan));
+- int noff;
+- regnode *n = scan;
+-
+- /* Skip NOTHING and LONGJMP. */
+- while ((n = regnext(n))
+- && ((PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
+- || ((OP(n) == LONGJMP) && (noff = ARG(n))))
+- && off + noff < max)
+- off += noff;
+- if (reg_off_by_arg[OP(scan)])
+- ARG(scan) = off;
+- else
+- NEXT_OFF(scan) = off;
+- }
++ /* Follow the next-chain of the current node and optimize
++ away all the NOTHINGs from it.
++ */
++ rck_elide_nothing(scan);
+
+ /* The principal pseudo-switch. Cannot be a switch, since we
+ look into several different things. */
+@@ -5425,11 +5445,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ if (data && (fl & SF_HAS_EVAL))
+ data->flags |= SF_HAS_EVAL;
+ optimize_curly_tail:
+- if (OP(oscan) != CURLYX) {
+- while (PL_regkind[OP(next = regnext(oscan))] == NOTHING
+- && NEXT_OFF(next))
+- NEXT_OFF(oscan) += NEXT_OFF(next);
+- }
++ rck_elide_nothing(oscan);
+ continue;
+
+ default:
diff --git a/main/perl/CVE-2020-12723.patch b/main/perl/CVE-2020-12723.patch
new file mode 100644
index 0000000000..657f0c7cc2
--- /dev/null
+++ b/main/perl/CVE-2020-12723.patch
@@ -0,0 +1,277 @@
+From 3f4ba871d2d397dcd4386ed75e05353c36135c29 Mon Sep 17 00:00:00 2001
+From: Hugo van der Sanden <hv@crypt.org>
+Date: Sat, 11 Apr 2020 14:10:24 +0100
+Subject: [PATCH] study_chunk: avoid mutating regexp program within GOSUB
+
+gh16947 and gh17743: studying GOSUB may restudy in an inner call
+(via a mix of recursion and enframing) something that an outer call
+is in the middle of looking at. Let the outer frame deal with it.
+
+(CVE-2020-12723)
+
+(cherry picked from commit c031e3ec7c713077659f5f7dc6638d926c69d7b2)
+---
+ embed.fnc | 2 +-
+ embed.h | 2 +-
+ proto.h | 2 +-
+ regcomp.c | 48 ++++++++++++++++++++++++++++++++----------------
+ t/re/pat.t | 26 +++++++++++++++++++++++++-
+ 5 files changed, 60 insertions(+), 20 deletions(-)
+
+diff --git a/embed.fnc b/embed.fnc
+index cf892771631..4b1ba282779 100644
+--- a/embed.fnc
++++ b/embed.fnc
+@@ -2476,7 +2476,7 @@ Es |SSize_t|study_chunk |NN RExC_state_t *pRExC_state \
+ |NULLOK struct scan_data_t *data \
+ |I32 stopparen|U32 recursed_depth \
+ |NULLOK regnode_ssc *and_withp \
+- |U32 flags|U32 depth
++ |U32 flags|U32 depth|bool was_mutate_ok
+ Es |void |rck_elide_nothing|NN regnode *node
+ EsR |SV * |get_ANYOFM_contents|NN const regnode * n
+ EsRn |U32 |add_data |NN RExC_state_t* const pRExC_state \
+diff --git a/embed.h b/embed.h
+index 886551ce5c6..50fcabc140b 100644
+--- a/embed.h
++++ b/embed.h
+@@ -1232,7 +1232,7 @@
+ #define ssc_is_cp_posixl_init S_ssc_is_cp_posixl_init
+ #define ssc_or(a,b,c) S_ssc_or(aTHX_ a,b,c)
+ #define ssc_union(a,b,c) S_ssc_union(aTHX_ a,b,c)
+-#define study_chunk(a,b,c,d,e,f,g,h,i,j,k) S_study_chunk(aTHX_ a,b,c,d,e,f,g,h,i,j,k)
++#define study_chunk(a,b,c,d,e,f,g,h,i,j,k,l) S_study_chunk(aTHX_ a,b,c,d,e,f,g,h,i,j,k,l)
+ # endif
+ # if defined(PERL_IN_REGCOMP_C) || defined (PERL_IN_DUMP_C)
+ #define _invlist_dump(a,b,c,d) Perl__invlist_dump(aTHX_ a,b,c,d)
+diff --git a/proto.h b/proto.h
+index d3f8802c1d8..e276f69bd1c 100644
+--- a/proto.h
++++ b/proto.h
+@@ -5596,7 +5596,7 @@ PERL_STATIC_INLINE void S_ssc_union(pTHX_ regnode_ssc *ssc, SV* const invlist, c
+ #define PERL_ARGS_ASSERT_SSC_UNION \
+ assert(ssc); assert(invlist)
+ #endif
+-STATIC SSize_t S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, SSize_t *minlenp, SSize_t *deltap, regnode *last, struct scan_data_t *data, I32 stopparen, U32 recursed_depth, regnode_ssc *and_withp, U32 flags, U32 depth);
++STATIC SSize_t S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, SSize_t *minlenp, SSize_t *deltap, regnode *last, struct scan_data_t *data, I32 stopparen, U32 recursed_depth, regnode_ssc *and_withp, U32 flags, U32 depth, bool was_mutate_ok);
+ #define PERL_ARGS_ASSERT_STUDY_CHUNK \
+ assert(pRExC_state); assert(scanp); assert(minlenp); assert(deltap); assert(last)
+ #endif
+diff --git a/regcomp.c b/regcomp.c
+index 0a9c6a8085a..e66032a16ad 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -111,6 +111,7 @@ typedef struct scan_frame {
+ U32 prev_recursed_depth;
+ I32 stopparen; /* what stopparen do we use */
+ U32 is_top_frame; /* what flags do we use? */
++ bool in_gosub; /* this or an outer frame is for GOSUB */
+
+ struct scan_frame *this_prev_frame; /* this previous frame */
+ struct scan_frame *prev_frame; /* previous frame */
+@@ -4225,7 +4226,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ I32 stopparen,
+ U32 recursed_depth,
+ regnode_ssc *and_withp,
+- U32 flags, U32 depth)
++ U32 flags, U32 depth, bool was_mutate_ok)
+ /* scanp: Start here (read-write). */
+ /* deltap: Write maxlen-minlen here. */
+ /* last: Stop before this one. */
+@@ -4303,6 +4304,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ node length to get a real minimum (because
+ the folded version may be shorter) */
+ bool unfolded_multi_char = FALSE;
++ /* avoid mutating ops if we are anywhere within the recursed or
++ * enframed handling for a GOSUB: the outermost level will handle it.
++ */
++ bool mutate_ok = was_mutate_ok && !(frame && frame->in_gosub);
+ /* Peephole optimizer: */
+ DEBUG_STUDYDATA("Peep", data, depth, is_inf);
+ DEBUG_PEEP("Peep", scan, depth, flags);
+@@ -4313,7 +4318,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ * parsing code, as each (?:..) is handled by a different invocation of
+ * reg() -- Yves
+ */
+- JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
++ if (mutate_ok)
++ JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
+
+ /* Follow the next-chain of the current node and optimize
+ away all the NOTHINGs from it.
+@@ -4345,7 +4351,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ /* DEFINEP study_chunk() recursion */
+ (void)study_chunk(pRExC_state, &scan, &minlen,
+ &deltanext, next, &data_fake, stopparen,
+- recursed_depth, NULL, f, depth+1);
++ recursed_depth, NULL, f, depth+1, mutate_ok);
+
+ scan = next;
+ } else
+@@ -4413,7 +4419,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ /* recurse study_chunk() for each BRANCH in an alternation */
+ minnext = study_chunk(pRExC_state, &scan, minlenp,
+ &deltanext, next, &data_fake, stopparen,
+- recursed_depth, NULL, f,depth+1);
++ recursed_depth, NULL, f, depth+1,
++ mutate_ok);
+
+ if (min1 > minnext)
+ min1 = minnext;
+@@ -4480,9 +4487,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ }
+ }
+
+- if (PERL_ENABLE_TRIE_OPTIMISATION &&
+- OP( startbranch ) == BRANCH )
+- {
++ if (PERL_ENABLE_TRIE_OPTIMISATION
++ && OP(startbranch) == BRANCH
++ && mutate_ok
++ ) {
+ /* demq.
+
+ Assuming this was/is a branch we are dealing with: 'scan'
+@@ -4933,6 +4941,9 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ newframe->stopparen = stopparen;
+ newframe->prev_recursed_depth = recursed_depth;
+ newframe->this_prev_frame= frame;
++ newframe->in_gosub = (
++ (frame && frame->in_gosub) || OP(scan) == GOSUB
++ );
+
+ DEBUG_STUDYDATA("frame-new", data, depth, is_inf);
+ DEBUG_PEEP("fnew", scan, depth, flags);
+@@ -5153,7 +5164,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ (mincount == 0
+ ? (f & ~SCF_DO_SUBSTR)
+ : f)
+- ,depth+1);
++ , depth+1, mutate_ok);
+
+ if (flags & SCF_DO_STCLASS)
+ data->start_class = oclass;
+@@ -5221,7 +5232,9 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ if ( OP(oscan) == CURLYX && data
+ && data->flags & SF_IN_PAR
+ && !(data->flags & SF_HAS_EVAL)
+- && !deltanext && minnext == 1 ) {
++ && !deltanext && minnext == 1
++ && mutate_ok
++ ) {
+ /* Try to optimize to CURLYN. */
+ regnode *nxt = NEXTOPER(oscan) + EXTRA_STEP_2ARGS;
+ regnode * const nxt1 = nxt;
+@@ -5267,10 +5280,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ && !(data->flags & SF_HAS_EVAL)
+ && !deltanext /* atom is fixed width */
+ && minnext != 0 /* CURLYM can't handle zero width */
+-
+ /* Nor characters whose fold at run-time may be
+ * multi-character */
+ && ! (RExC_seen & REG_UNFOLDED_MULTI_SEEN)
++ && mutate_ok
+ ) {
+ /* XXXX How to optimize if data == 0? */
+ /* Optimize to a simpler form. */
+@@ -5318,7 +5331,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ /* Optimize again: */
+ /* recurse study_chunk() on optimised CURLYX => CURLYM */
+ study_chunk(pRExC_state, &nxt1, minlenp, &deltanext, nxt,
+- NULL, stopparen, recursed_depth, NULL, 0,depth+1);
++ NULL, stopparen, recursed_depth, NULL, 0,
++ depth+1, mutate_ok);
+ }
+ else
+ oscan->flags = 0;
+@@ -5735,7 +5749,8 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ /* recurse study_chunk() for lookahead body */
+ minnext = study_chunk(pRExC_state, &nscan, minlenp, &deltanext,
+ last, &data_fake, stopparen,
+- recursed_depth, NULL, f, depth+1);
++ recursed_depth, NULL, f, depth+1,
++ mutate_ok);
+ if (scan->flags) {
+ if (deltanext) {
+ FAIL("Variable length lookbehind not implemented");
+@@ -5827,7 +5842,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ *minnextp = study_chunk(pRExC_state, &nscan, minnextp,
+ &deltanext, last, &data_fake,
+ stopparen, recursed_depth, NULL,
+- f,depth+1);
++ f, depth+1, mutate_ok);
+ if (scan->flags) {
+ if (deltanext) {
+ FAIL("Variable length lookbehind not implemented");
+@@ -5988,7 +6003,8 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ /* optimise study_chunk() for TRIE */
+ minnext = study_chunk(pRExC_state, &scan, minlenp,
+ &deltanext, (regnode *)nextbranch, &data_fake,
+- stopparen, recursed_depth, NULL, f,depth+1);
++ stopparen, recursed_depth, NULL, f, depth+1,
++ mutate_ok);
+ }
+ if (nextbranch && PL_regkind[OP(nextbranch)]==BRANCH)
+ nextbranch= regnext((regnode*)nextbranch);
+@@ -7673,7 +7689,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
+ &data, -1, 0, NULL,
+ SCF_DO_SUBSTR | SCF_WHILEM_VISITED_POS | stclass_flag
+ | (restudied ? SCF_TRIE_DOING_RESTUDY : 0),
+- 0);
++ 0, TRUE);
+
+
+ CHECK_RESTUDY_GOTO_butfirst(LEAVE_with_name("study_chunk"));
+@@ -7802,7 +7818,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
+ SCF_DO_STCLASS_AND|SCF_WHILEM_VISITED_POS|(restudied
+ ? SCF_TRIE_DOING_RESTUDY
+ : 0),
+- 0);
++ 0, TRUE);
+
+ CHECK_RESTUDY_GOTO_butfirst(NOOP);
+
+diff --git a/t/re/pat.t b/t/re/pat.t
+index 1d98fe77d7f..1488259b020 100644
+--- a/t/re/pat.t
++++ b/t/re/pat.t
+@@ -23,7 +23,7 @@ BEGIN {
+ skip_all('no re module') unless defined &DynaLoader::boot_DynaLoader;
+ skip_all_without_unicode_tables();
+
+-plan tests => 840; # Update this when adding/deleting tests.
++plan tests => 844; # Update this when adding/deleting tests.
+
+ run_tests() unless caller;
+
+@@ -1948,6 +1948,30 @@ EOP
+ fresh_perl_is('m m0*0+\Rm', "",{},"Undefined behavior in address sanitizer");
+ }
+
++ # gh16947: test regexp corruption (GOSUB)
++ {
++ fresh_perl_is(q{
++ 'xy' =~ /x(?0)|x(?|y|y)/ && print 'ok'
++ }, 'ok', {}, 'gh16947: test regexp corruption (GOSUB)');
++ }
++ # gh16947: test fix doesn't break SUSPEND
++ {
++ fresh_perl_is(q{ 'sx' =~ m{ss++}i; print 'ok' },
++ 'ok', {}, "gh16947: test fix doesn't break SUSPEND");
++ }
++
++ # gh17743: more regexp corruption via GOSUB
++ {
++ fresh_perl_is(q{
++ "0" =~ /((0(?0)|000(?|0000|0000)(?0))|)/; print "ok"
++ }, 'ok', {}, 'gh17743: test regexp corruption (1)');
++
++ fresh_perl_is(q{
++ "000000000000" =~ /(0(())(0((?0)())|000(?|\x{ef}\x{bf}\x{bd}|\x{ef}\x{bf}\x{bd}))|)/;
++ print "ok"
++ }, 'ok', {}, 'gh17743: test regexp corruption (2)');
++ }
++
+ } # End of sub run_tests
+
+ 1;
diff --git a/main/python2/APKBUILD b/main/python2/APKBUILD
index d05aeaab3d..cb184e6193 100644
--- a/main/python2/APKBUILD
+++ b/main/python2/APKBUILD
@@ -2,9 +2,9 @@
pkgname=python2
# the python2-tkinter's pkgver needs to be synchronized with this.
-pkgver=2.7.16
+pkgver=2.7.18
_verbase=${pkgver%.*}
-pkgrel=2
+pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org"
arch="all"
@@ -19,13 +19,14 @@ makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev
source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
musl-find_library.patch
unchecked-ioctl.patch
- CVE-2019-9636.patch
- CVE-2019-9948.patch
- CVE-2019-16935.patch
"
builddir="$srcdir/Python-$pkgver"
# secfixes:
+# 2.7.18-r0:
+# - CVE-2019-18348
+# 2.7.17-r0:
+# - CVE-2019-15903
# 2.7.16-r1:
# - CVE-2019-9636
# - CVE-2019-9948
@@ -143,9 +144,6 @@ wininst() {
"$subpkgdir"/usr/lib/python$_verbase/distutils/command
}
-sha512sums="16e814e8dcffc707b595ca2919bd2fa3db0d15794c63d977364652c4a5b92e90e72b8c9e1cc83b5020398bd90a1b397dbdd7cb931c49f1aa4af6ef95414b43e0 Python-2.7.16.tar.xz
+sha512sums="a7bb62b51f48ff0b6df0b18f5b0312a523e3110f49c3237936bfe56ed0e26838c0274ff5401bda6fc21bf24337477ccac49e8026c5d651e4b4cafb5eb5086f6c Python-2.7.18.tar.xz
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
-5a8e013a4132d71c4360771f130d27b37275ae59330cf9a75378dc8a11236017f540eb224f2a148984e82ca3fb6b29129375b1080ba05b81044faa717520ab82 unchecked-ioctl.patch
-54086e7b4d3597969b945b1460fe578ff3a13289703d58d79b8f00f644eccc4acc11fc6128b7b114f022a6f6cedc91e02eead6373bac0d36e22eb580a1becb53 CVE-2019-9636.patch
-2f9523bd3e39c4831110821d93aef1562ca80708f1b553428eb5c228cdf2192feb13d7aef41097a5df4b4243da8b8f7247f691c0ab73967b0bf2bf6a1a0d487f CVE-2019-9948.patch
-758a897f01665149a23cbc3898fe060c043647d6fe6d22d8ca9038554b4ef1c7b2ac638d37eaed265167cd50f9329be2518f07464dccb7a7ab34ec9be4710095 CVE-2019-16935.patch"
+5a8e013a4132d71c4360771f130d27b37275ae59330cf9a75378dc8a11236017f540eb224f2a148984e82ca3fb6b29129375b1080ba05b81044faa717520ab82 unchecked-ioctl.patch"
diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD
index 026de8a999..7139b67e28 100644
--- a/main/ruby/APKBUILD
+++ b/main/ruby/APKBUILD
@@ -3,6 +3,9 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
+# 2.5.8-r0:
+# - CVE-2020-16255
+# - CVE-2020-10933
# 2.5.7-r0:
# - CVE-2019-16255
# - CVE-2019-16254
@@ -38,7 +41,7 @@
# - CVE-2017-17405
#
pkgname=ruby
-pkgver=2.5.7
+pkgver=2.5.8
_abiver="${pkgver%.*}.0"
pkgrel=0
pkgdesc="An object-oriented language for quick and easy programming"
@@ -351,7 +354,7 @@ _mvgem() {
done
}
-sha512sums="6c4219e1ac316fb00cdd5ff2ac6292448e6ddf49f25eda91426f8e0072288e8849d5c623bf9d532b8e93997b23dddc24718921d92b74983aac8fdb50db4ee809 ruby-2.5.7.tar.gz
+sha512sums="ec8bf18b5ef8bf14a568dfb50cbddcc4bb13241f07b0de969e7b60cc261fb4e08fefeb5236bcf620bc690af112a9ab7f7c89f5b8a03fd3430e58804227b5041f ruby-2.5.8.tar.gz
cfdc5ea3b2e2ea69c51f38e8e2180cb1dc27008ca55cc6301f142ebafdbab31c3379b3b6bba9ff543153876dd98ed2ad194df3255b7ea77a62e931c935f80538 rubygems-avoid-platform-specific-gems.patch
814fe6359505b70d8ff680adf22f20a74b4dbd3fecc9a63a6c2456ee9824257815929917b6df5394ed069a6869511b8c6dce5b95b4acbbb7867c1f3a975a0150 test_insns-lower-recursion-depth.patch
8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch"
diff --git a/main/samba/APKBUILD b/main/samba/APKBUILD
index 1319269f8d..0904fb8147 100644
--- a/main/samba/APKBUILD
+++ b/main/samba/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=samba
pkgver=4.8.12
-pkgrel=1
+pkgrel=2
pkgdesc="Tools to access a server's filespace and printers via SMB"
url="https://www.samba.org/"
arch="all"
@@ -79,6 +79,7 @@ source="
bind-9.12.patch
missing-headers.patch
samba-4.9.14-security-2019-10-29.patch
+ samba-4.9.17-security-2020-01-21.patch
$pkgname.initd
$pkgname.confd
$pkgname.logrotate
@@ -87,6 +88,9 @@ pkggroups="winbind"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 4.8.12-r2:
+# - CVE-2019-14902
+# - CVE-2019-14907
# 4.8.12-r1:
# - CVE-2019-10218
# - CVE-2019-14833
@@ -576,6 +580,7 @@ a99e771f28d787dc22e832b97aa48a1c5e13ddc0c030c501a3c12819ff6e62800ef084b62930abe8
27f12c8395be25d9806d232cc30334f2f7c7d175971d2d1944dd886d699e0381a6f222c17e3d7bc087cf7a29bfb3e98cf25ba98f414c4afe0297b9d134a28bd8 bind-9.12.patch
c0afe8b1dfddc5290c9aa611163d20adc3a546f54bba0081f739cda4255829f1a72bae422b6cb049aca82e58d4daf63ad5553f4c5c51671019bfbbc2781460f0 missing-headers.patch
8386db1209721fabb6acf52e498082ac3e70cd3a4454c54416b02aaa67b2906212383da7ddc06f77ca29cfbb9033407b1e958bcd9c7cdf369fe501f310a0f973 samba-4.9.14-security-2019-10-29.patch
+b00163634fb262777cc8992192150beb5dc2dc45ace823557f1a35fe2448ab3559b7503db96b07c6a9382ddb62a3bd6f4e68e1849f64ec472dbea8abc6b54572 samba-4.9.17-security-2020-01-21.patch
96070e2461370437f48571e7de550c13a332fef869480cfe92e7cac73a998f6c2ee85d2580df58211953bebd0e577691aa710c8edddf3ea0f30e9d47d0a2fd44 samba.initd
e2b49cb394e758447ca97de155a61b4276499983a0a5c00b44ae621c5559b759a766f8d1c8d3ee98ad5560f4064a847a7a20cfa2e14f85c061bec8b80fd649eb samba.confd
3458a4e1f8a8b44c966afb339b2dca51615be049f594c14911fc4d8203623deee416b6fe881436e246fc7d49c97a2b3bf9c5f33ba774302b24190a1103d6b67d samba.logrotate"
diff --git a/main/samba/samba-4.9.17-security-2020-01-21.patch b/main/samba/samba-4.9.17-security-2020-01-21.patch
new file mode 100644
index 0000000000..4847a8660b
--- /dev/null
+++ b/main/samba/samba-4.9.17-security-2020-01-21.patch
@@ -0,0 +1,1662 @@
+From 77d55b64af6acd38a08096b89ee051bc4ce72f43 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Thu, 28 Nov 2019 17:16:16 +1300
+Subject: [PATCH 01/13] CVE-2019-14902 selftest: Add test for replication of
+ inherited security descriptors
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ selftest/knownfail.d/repl_secdesc | 2 +
+ source4/selftest/tests.py | 5 +
+ source4/torture/drs/python/repl_secdesc.py | 258 +++++++++++++++++++++
+ 3 files changed, 265 insertions(+)
+ create mode 100644 selftest/knownfail.d/repl_secdesc
+ create mode 100644 source4/torture/drs/python/repl_secdesc.py
+
+diff --git a/selftest/knownfail.d/repl_secdesc b/selftest/knownfail.d/repl_secdesc
+new file mode 100644
+index 00000000000..2aa24c61375
+--- /dev/null
++++ b/selftest/knownfail.d/repl_secdesc
+@@ -0,0 +1,2 @@
++^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_object_in_conflict
++^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inherit_existing_object
+diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
+index 2ec0bee923b..7244535791d 100755
+--- a/source4/selftest/tests.py
++++ b/source4/selftest/tests.py
+@@ -1004,6 +1004,11 @@ for env in ['vampire_dc', 'promoted_dc']:
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ environ={'DC1': "$DC_SERVER", 'DC2': '$%s_SERVER' % env.upper()},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
++ planoldpythontestsuite(env, "repl_secdesc",
++ name="samba4.drs.repl_secdesc.python(%s)" % env,
++ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
++ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
++ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "repl_move",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.repl_move.python(%s)" % env,
+diff --git a/source4/torture/drs/python/repl_secdesc.py b/source4/torture/drs/python/repl_secdesc.py
+new file mode 100644
+index 00000000000..4ed449a8a18
+--- /dev/null
++++ b/source4/torture/drs/python/repl_secdesc.py
+@@ -0,0 +1,258 @@
++#!/usr/bin/env python3
++# -*- coding: utf-8 -*-
++#
++# Unix SMB/CIFS implementation.
++# Copyright (C) Catalyst.Net Ltd. 2017
++# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2019
++#
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3 of the License, or
++# (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program. If not, see <http://www.gnu.org/licenses/>.
++#
++import drs_base
++import ldb
++import samba
++from samba import sd_utils
++from ldb import LdbError
++
++class ReplAclTestCase(drs_base.DrsBaseTestCase):
++
++ def setUp(self):
++ super(ReplAclTestCase, self).setUp()
++ self.sd_utils_dc1 = sd_utils.SDUtils(self.ldb_dc1)
++ self.sd_utils_dc2 = sd_utils.SDUtils(self.ldb_dc2)
++
++ self.ou = samba.tests.create_test_ou(self.ldb_dc1,
++ "test_acl_inherit")
++
++ # disable replication for the tests so we can control at what point
++ # the DCs try to replicate
++ self._disable_all_repl(self.dnsname_dc1)
++ self._disable_all_repl(self.dnsname_dc2)
++
++ # make sure DCs are synchronized before the test
++ self._net_drs_replicate(DC=self.dnsname_dc2, fromDC=self.dnsname_dc1, forced=True)
++ self._net_drs_replicate(DC=self.dnsname_dc1, fromDC=self.dnsname_dc2, forced=True)
++
++ def tearDown(self):
++ self.ldb_dc1.delete(self.ou, ["tree_delete:1"])
++
++ # re-enable replication
++ self._enable_all_repl(self.dnsname_dc1)
++ self._enable_all_repl(self.dnsname_dc2)
++
++ super(ReplAclTestCase, self).tearDown()
++
++ def test_acl_inheirt_new_object_1_pass(self):
++ # Set the inherited ACL on the parent OU
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++
++ # Make a new object
++ dn = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
++ self.ldb_dc1.add({"dn": dn, "objectclass": "organizationalUnit"})
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm inherited ACLs are identical
++
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
++ self.sd_utils_dc2.get_sd_as_sddl(dn))
++
++ def test_acl_inheirt_new_object(self):
++ # Set the inherited ACL on the parent OU
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Make a new object
++ dn = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
++ self.ldb_dc1.add({"dn": dn, "objectclass": "organizationalUnit"})
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm inherited ACLs are identical
++
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
++ self.sd_utils_dc2.get_sd_as_sddl(dn))
++
++ def test_acl_inherit_existing_object(self):
++ # Make a new object
++ dn = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
++ self.ldb_dc1.add({"dn": dn, "objectclass": "organizationalUnit"})
++
++ try:
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=dn,
++ attrs=[])
++ self.fail()
++ except LdbError as err:
++ enum = err.args[0]
++ self.assertEqual(enum, ldb.ERR_NO_SUCH_OBJECT)
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm it is now replicated
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=dn,
++ attrs=[])
++
++ # Set the inherited ACL on the parent OU
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm inherited ACLs are identical
++
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
++ self.sd_utils_dc2.get_sd_as_sddl(dn))
++
++ def test_acl_inheirt_existing_object_1_pass(self):
++ # Make a new object
++ dn = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
++ self.ldb_dc1.add({"dn": dn, "objectclass": "organizationalUnit"})
++
++ try:
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=dn,
++ attrs=[])
++ self.fail()
++ except LdbError as err:
++ enum = err.args[0]
++ self.assertEqual(enum, ldb.ERR_NO_SUCH_OBJECT)
++
++ # Set the inherited ACL on the parent OU
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm inherited ACLs are identical
++
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
++ self.sd_utils_dc2.get_sd_as_sddl(dn))
++
++ def test_acl_inheirt_renamed_object(self):
++ # Make a new object
++ new_ou = samba.tests.create_test_ou(self.ldb_dc1,
++ "acl_test_l2")
++
++ sub_ou_dn = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
++
++ try:
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=new_ou,
++ attrs=[])
++ self.fail()
++ except LdbError as err:
++ enum = err.args[0]
++ self.assertEqual(enum, ldb.ERR_NO_SUCH_OBJECT)
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm it is now replicated
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=new_ou,
++ attrs=[])
++
++ # Set the inherited ACL on the parent OU on DC1
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Rename to under self.ou
++
++ self.ldb_dc1.rename(new_ou, sub_ou_dn)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm inherited ACLs are identical
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn),
++ self.sd_utils_dc2.get_sd_as_sddl(sub_ou_dn))
++
++
++ def test_acl_inheirt_renamed_object_in_conflict(self):
++ # Make a new object to be renamed under self.ou
++ new_ou = samba.tests.create_test_ou(self.ldb_dc1,
++ "acl_test_l2")
++
++ # Make a new OU under self.ou (on DC2)
++ sub_ou_dn = ldb.Dn(self.ldb_dc2, "OU=l2,%s" % self.ou)
++ self.ldb_dc2.add({"dn": sub_ou_dn,
++ "objectclass": "organizationalUnit"})
++
++ # Set the inherited ACL on the parent OU
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Rename to under self.ou
++ self.ldb_dc1.rename(new_ou, sub_ou_dn)
++
++ # Replicate to DC2 (will cause a conflict, DC1 to win, version
++ # is higher since named twice)
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ children = self.ldb_dc2.search(scope=ldb.SCOPE_ONELEVEL,
++ base=self.ou,
++ attrs=[])
++ for child in children:
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn),
++ self.sd_utils_dc2.get_sd_as_sddl(child.dn))
++
++ # Replicate back
++ self._net_drs_replicate(DC=self.dnsname_dc1,
++ fromDC=self.dnsname_dc2,
++ forced=True)
++
++ for child in children:
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(child.dn),
++ self.sd_utils_dc2.get_sd_as_sddl(child.dn))
+--
+2.17.1
+
+
+From c5a005a45389c8d8fc0eae7137eab1904ea92d42 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Tue, 10 Dec 2019 15:16:24 +1300
+Subject: [PATCH 02/13] CVE-2019-14902 selftest: Add test for a special case
+ around replicated renames
+
+It appears Samba is currently string-name based in the ACL inheritence code.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ selftest/knownfail.d/repl_secdesc | 1 +
+ source4/torture/drs/python/repl_secdesc.py | 69 ++++++++++++++++++++++
+ 2 files changed, 70 insertions(+)
+
+diff --git a/selftest/knownfail.d/repl_secdesc b/selftest/knownfail.d/repl_secdesc
+index 2aa24c61375..7d554ff237a 100644
+--- a/selftest/knownfail.d/repl_secdesc
++++ b/selftest/knownfail.d/repl_secdesc
+@@ -1,2 +1,3 @@
+ ^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_object_in_conflict
+ ^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inherit_existing_object
++^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object
+diff --git a/source4/torture/drs/python/repl_secdesc.py b/source4/torture/drs/python/repl_secdesc.py
+index 4ed449a8a18..58861af3bac 100644
+--- a/source4/torture/drs/python/repl_secdesc.py
++++ b/source4/torture/drs/python/repl_secdesc.py
+@@ -211,6 +211,75 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ self.sd_utils_dc2.get_sd_as_sddl(sub_ou_dn))
+
+
++ def test_acl_inheirt_renamed_child_object(self):
++ # Make a new OU
++ new_ou = samba.tests.create_test_ou(self.ldb_dc1,
++ "acl_test_l2")
++
++ # Here is where the new OU will end up at the end.
++ sub2_ou_dn_final = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
++
++ sub3_ou_dn = ldb.Dn(self.ldb_dc1, "OU=l3,%s" % new_ou)
++ sub3_ou_dn_final = ldb.Dn(self.ldb_dc1, "OU=l3,%s" % sub2_ou_dn_final)
++
++ self.ldb_dc1.add({"dn": sub3_ou_dn,
++ "objectclass": "organizationalUnit"})
++
++ sub4_ou_dn = ldb.Dn(self.ldb_dc1, "OU=l4,%s" % sub3_ou_dn)
++ sub4_ou_dn_final = ldb.Dn(self.ldb_dc1, "OU=l4,%s" % sub3_ou_dn_final)
++
++ self.ldb_dc1.add({"dn": sub4_ou_dn,
++ "objectclass": "organizationalUnit"})
++
++ try:
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=new_ou,
++ attrs=[])
++ self.fail()
++ except LdbError as err:
++ enum = err.args[0]
++ self.assertEqual(enum, ldb.ERR_NO_SUCH_OBJECT)
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm it is now replicated
++ self.ldb_dc2.search(scope=ldb.SCOPE_BASE,
++ base=new_ou,
++ attrs=[])
++
++ #
++ # Given a tree new_ou -> l3 -> l4
++ #
++
++ # Set the inherited ACL on the grandchild OU (l3) on DC1
++ mod = "(A;CIOI;GA;;;SY)"
++ self.sd_utils_dc1.dacl_add_ace(sub3_ou_dn, mod)
++
++ # Rename new_ou (l2) to under self.ou (this must happen second). If the
++ # inheritence between l3 and l4 is name-based, this could
++ # break.
++
++ # The tree is now self.ou -> l2 -> l3 -> l4
++
++ self.ldb_dc1.rename(new_ou, sub2_ou_dn_final)
++
++ # Replicate to DC2
++
++ self._net_drs_replicate(DC=self.dnsname_dc2,
++ fromDC=self.dnsname_dc1,
++ forced=True)
++
++ # Confirm set ACLs (on l3 ) are identical.
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub3_ou_dn_final),
++ self.sd_utils_dc2.get_sd_as_sddl(sub3_ou_dn_final))
++
++ # Confirm inherited ACLs (from l3 to l4) are identical.
++ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub4_ou_dn_final),
++ self.sd_utils_dc2.get_sd_as_sddl(sub4_ou_dn_final))
++
++
+ def test_acl_inheirt_renamed_object_in_conflict(self):
+ # Make a new object to be renamed under self.ou
+ new_ou = samba.tests.create_test_ou(self.ldb_dc1,
+--
+2.17.1
+
+
+From 4afff32debe5ea4bf1219f42c3042eb65c3e1d6b Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Mon, 16 Dec 2019 11:29:27 +1300
+Subject: [PATCH 03/13] selftest: Add test to confirm ACL inheritence really
+ happens
+
+While we have a seperate test (sec_descriptor.py) that confirms inheritance in
+general we want to lock in these specific patterns as this test covers
+rename.
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/torture/drs/python/repl_secdesc.py | 115 +++++++++++++++++----
+ 1 file changed, 94 insertions(+), 21 deletions(-)
+
+diff --git a/source4/torture/drs/python/repl_secdesc.py b/source4/torture/drs/python/repl_secdesc.py
+index 58861af3bac..58212907e23 100644
+--- a/source4/torture/drs/python/repl_secdesc.py
++++ b/source4/torture/drs/python/repl_secdesc.py
+@@ -28,6 +28,10 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+
+ def setUp(self):
+ super(ReplAclTestCase, self).setUp()
++ self.mod = "(A;CIOI;GA;;;SY)"
++ self.mod_becomes = "(A;OICIIO;GA;;;SY)"
++ self.mod_inherits_as = "(A;OICIIOID;GA;;;SY)"
++
+ self.sd_utils_dc1 = sd_utils.SDUtils(self.ldb_dc1)
+ self.sd_utils_dc2 = sd_utils.SDUtils(self.ldb_dc2)
+
+@@ -54,8 +58,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+
+ def test_acl_inheirt_new_object_1_pass(self):
+ # Set the inherited ACL on the parent OU
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++ self.sd_utils_dc1.dacl_add_ace(self.ou, self.mod)
++
++ # Assert ACL set stuck as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(self.ou))
+
+ # Make a new object
+ dn = ldb.Dn(self.ldb_dc1, "OU=l2,%s" % self.ou)
+@@ -65,15 +72,24 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
+- # Confirm inherited ACLs are identical
++ # Assert ACL replicated as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc2.get_sd_as_sddl(self.ou))
+
++ # Confirm inherited ACLs are identical and were inherited
++
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
+ self.sd_utils_dc2.get_sd_as_sddl(dn))
+
+ def test_acl_inheirt_new_object(self):
+ # Set the inherited ACL on the parent OU
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++ self.sd_utils_dc1.dacl_add_ace(self.ou, self.mod)
++
++ # Assert ACL set stuck as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(self.ou))
+
+ # Replicate to DC2
+
+@@ -89,8 +105,14 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
+- # Confirm inherited ACLs are identical
++ # Assert ACL replicated as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc2.get_sd_as_sddl(self.ou))
+
++ # Confirm inherited ACLs are identical and were inheritied
++
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
+ self.sd_utils_dc2.get_sd_as_sddl(dn))
+
+@@ -118,8 +140,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ attrs=[])
+
+ # Set the inherited ACL on the parent OU
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++ self.sd_utils_dc1.dacl_add_ace(self.ou, self.mod)
++
++ # Assert ACL set stuck as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(self.ou))
+
+ # Replicate to DC2
+
+@@ -127,8 +152,14 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
+- # Confirm inherited ACLs are identical
++ # Confirm inherited ACLs are identical and were inherited
+
++ # Assert ACL replicated as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc2.get_sd_as_sddl(self.ou))
++
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
+ self.sd_utils_dc2.get_sd_as_sddl(dn))
+
+@@ -147,8 +178,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ self.assertEqual(enum, ldb.ERR_NO_SUCH_OBJECT)
+
+ # Set the inherited ACL on the parent OU
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++ self.sd_utils_dc1.dacl_add_ace(self.ou, self.mod)
++
++ # Assert ACL set as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(self.ou))
+
+ # Replicate to DC2
+
+@@ -156,8 +190,14 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
+- # Confirm inherited ACLs are identical
++ # Assert ACL replicated as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc2.get_sd_as_sddl(self.ou))
+
++ # Confirm inherited ACLs are identical and were inherited
++
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(dn),
+ self.sd_utils_dc2.get_sd_as_sddl(dn))
+
+@@ -187,8 +227,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ attrs=[])
+
+ # Set the inherited ACL on the parent OU on DC1
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++ self.sd_utils_dc1.dacl_add_ace(self.ou, self.mod)
++
++ # Assert ACL set as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(self.ou))
+
+ # Replicate to DC2
+
+@@ -196,6 +239,10 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
++ # Assert ACL replicated as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc2.get_sd_as_sddl(self.ou))
++
+ # Rename to under self.ou
+
+ self.ldb_dc1.rename(new_ou, sub_ou_dn)
+@@ -206,7 +253,9 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
+- # Confirm inherited ACLs are identical
++ # Confirm inherited ACLs are identical and were inherited
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn),
+ self.sd_utils_dc2.get_sd_as_sddl(sub_ou_dn))
+
+@@ -254,8 +303,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ #
+
+ # Set the inherited ACL on the grandchild OU (l3) on DC1
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(sub3_ou_dn, mod)
++ self.sd_utils_dc1.dacl_add_ace(sub3_ou_dn, self.mod)
++
++ # Assert ACL set stuck as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(sub3_ou_dn))
+
+ # Rename new_ou (l2) to under self.ou (this must happen second). If the
+ # inheritence between l3 and l4 is name-based, this could
+@@ -265,17 +317,26 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+
+ self.ldb_dc1.rename(new_ou, sub2_ou_dn_final)
+
++ # Assert ACL set remained as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(sub3_ou_dn_final))
++
+ # Replicate to DC2
+
+ self._net_drs_replicate(DC=self.dnsname_dc2,
+ fromDC=self.dnsname_dc1,
+ forced=True)
+
+- # Confirm set ACLs (on l3 ) are identical.
++ # Confirm set ACLs (on l3 ) are identical and were inherited
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc2.get_sd_as_sddl(sub3_ou_dn_final))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub3_ou_dn_final),
+ self.sd_utils_dc2.get_sd_as_sddl(sub3_ou_dn_final))
+
+- # Confirm inherited ACLs (from l3 to l4) are identical.
++ # Confirm inherited ACLs (from l3 to l4) are identical
++ # and where inherited
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(sub4_ou_dn_final))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub4_ou_dn_final),
+ self.sd_utils_dc2.get_sd_as_sddl(sub4_ou_dn_final))
+
+@@ -291,8 +352,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ "objectclass": "organizationalUnit"})
+
+ # Set the inherited ACL on the parent OU
+- mod = "(A;CIOI;GA;;;SY)"
+- self.sd_utils_dc1.dacl_add_ace(self.ou, mod)
++ self.sd_utils_dc1.dacl_add_ace(self.ou, self.mod)
++
++ # Assert ACL set stuck as expected
++ self.assertIn(self.mod_becomes,
++ self.sd_utils_dc1.get_sd_as_sddl(self.ou))
+
+ # Replicate to DC2
+
+@@ -302,6 +366,8 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+
+ # Rename to under self.ou
+ self.ldb_dc1.rename(new_ou, sub_ou_dn)
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn))
+
+ # Replicate to DC2 (will cause a conflict, DC1 to win, version
+ # is higher since named twice)
+@@ -314,6 +380,8 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ base=self.ou,
+ attrs=[])
+ for child in children:
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc2.get_sd_as_sddl(child.dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn),
+ self.sd_utils_dc2.get_sd_as_sddl(child.dn))
+
+@@ -322,6 +390,11 @@ class ReplAclTestCase(drs_base.DrsBaseTestCase):
+ fromDC=self.dnsname_dc2,
+ forced=True)
+
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(sub_ou_dn))
++
+ for child in children:
++ self.assertIn(self.mod_inherits_as,
++ self.sd_utils_dc1.get_sd_as_sddl(child.dn))
+ self.assertEquals(self.sd_utils_dc1.get_sd_as_sddl(child.dn),
+ self.sd_utils_dc2.get_sd_as_sddl(child.dn))
+--
+2.17.1
+
+
+From 17215b36b22d309a58a3b7bd08123f06e89657c9 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Tue, 26 Nov 2019 15:44:32 +1300
+Subject: [PATCH 04/13] CVE-2019-14902 dsdb: Explain that
+ descriptor_sd_propagation_recursive() is proctected by a transaction
+
+This means we can trust the DB did not change between the two search
+requests.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/dsdb/samdb/ldb_modules/descriptor.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
+index 9018b750ab5..fb2854438e1 100644
+--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
++++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
+@@ -1199,6 +1199,9 @@ static int descriptor_sd_propagation_recursive(struct ldb_module *module,
+ * LDB_SCOPE_SUBTREE searches are expensive.
+ *
+ * Note: that we do not search for deleted/recycled objects
++ *
++ * We know this is safe against a rename race as we are in the
++ * prepare_commit(), so must be in a transaction.
+ */
+ ret = dsdb_module_search(module,
+ change,
+--
+2.17.1
+
+
+From 589d1e4846bbac0e5388af3ef0c6d6c41b5ff991 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Tue, 26 Nov 2019 16:17:32 +1300
+Subject: [PATCH 05/13] CVE-2019-14902 dsdb: Add comments explaining why SD
+ propagation needs to be done here
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/dsdb/samdb/ldb_modules/descriptor.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
+index fb2854438e1..7070affa645 100644
+--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
++++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
+@@ -876,6 +876,9 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
+ return ldb_oom(ldb);
+ }
+
++ /*
++ * Force SD propagation on children of this record
++ */
+ ret = dsdb_module_schedule_sd_propagation(module, nc_root,
+ dn, false);
+ if (ret != LDB_SUCCESS) {
+@@ -966,6 +969,10 @@ static int descriptor_rename(struct ldb_module *module, struct ldb_request *req)
+ return ldb_oom(ldb);
+ }
+
++ /*
++ * Force SD propagation on this record (get a new
++ * inherited SD from the potentially new parent
++ */
+ ret = dsdb_module_schedule_sd_propagation(module, nc_root,
+ newdn, true);
+ if (ret != LDB_SUCCESS) {
+--
+2.17.1
+
+
+From 0fa9a362e55abb289cbf0fe24baa09c45af4837e Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Fri, 6 Dec 2019 17:54:23 +1300
+Subject: [PATCH 06/13] CVE-2019-14902 dsdb: Ensure we honour both
+ change->force_self and change->force_children
+
+If we are renaming a DN we can be in a situation where we need to
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/dsdb/samdb/ldb_modules/descriptor.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
+index 7070affa645..b9f465fc36f 100644
+--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
++++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
+@@ -1291,6 +1291,13 @@ static int descriptor_sd_propagation_recursive(struct ldb_module *module,
+
+ if (cur != NULL) {
+ DLIST_REMOVE(change->children, cur);
++ } else if (i == 0) {
++ /*
++ * in the change->force_self case
++ * res->msgs[0]->elements was not overwritten,
++ * so set cur here
++ */
++ cur = change;
+ }
+
+ for (c = stopped_stack; c; c = stopped_stack) {
+--
+2.17.1
+
+
+From 9ac2b09fa5a2de44967a0b190918825e7dca8d53 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Fri, 6 Dec 2019 18:05:54 +1300
+Subject: [PATCH 07/13] CVE-2019-14902 repl_meta_data: schedule SD propagation
+ to a renamed DN
+
+We need to check the SD of the parent if we rename, it is not the same as an incoming SD change.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+index 04a51ecab51..52ff3d75ee2 100644
+--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
++++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+@@ -6290,7 +6290,22 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
+ ar->index_current, msg->num_elements);
+
+ if (renamed) {
+- sd_updated = true;
++ /*
++ * This is an new name for this object, so we must
++ * inherit from the parent
++ *
++ * This is needed because descriptor is above
++ * repl_meta_data in the module stack, so this will
++ * not be trigered 'naturally' by the flow of
++ * operations.
++ */
++ ret = dsdb_module_schedule_sd_propagation(ar->module,
++ ar->objs->partition_dn,
++ msg->dn,
++ true);
++ if (ret != LDB_SUCCESS) {
++ return ldb_operr(ldb);
++ }
+ }
+
+ if (sd_updated && !isDeleted) {
+--
+2.17.1
+
+
+From 9e6b09e0fd52c664de7f0589074fef872c753fa2 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Tue, 26 Nov 2019 15:50:35 +1300
+Subject: [PATCH 08/13] CVE-2019-14902 repl_meta_data: Fix issue where
+ inherited Security Descriptors were not replicated.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ selftest/knownfail.d/repl_secdesc | 1 -
+ .../dsdb/samdb/ldb_modules/repl_meta_data.c | 22 ++++++++++++++++++-
+ 2 files changed, 21 insertions(+), 2 deletions(-)
+
+diff --git a/selftest/knownfail.d/repl_secdesc b/selftest/knownfail.d/repl_secdesc
+index 7d554ff237a..13a9ce458dd 100644
+--- a/selftest/knownfail.d/repl_secdesc
++++ b/selftest/knownfail.d/repl_secdesc
+@@ -1,3 +1,2 @@
+ ^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_object_in_conflict
+-^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inherit_existing_object
+ ^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object
+diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+index 52ff3d75ee2..9812ded99fb 100644
+--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
++++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+@@ -5527,6 +5527,15 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar)
+ replmd_ldb_message_sort(msg, ar->schema);
+
+ if (!remote_isDeleted) {
++ /*
++ * Ensure any local ACL inheritence is applied from
++ * the parent object.
++ *
++ * This is needed because descriptor is above
++ * repl_meta_data in the module stack, so this will
++ * not be trigered 'naturally' by the flow of
++ * operations.
++ */
+ ret = dsdb_module_schedule_sd_propagation(ar->module,
+ ar->objs->partition_dn,
+ msg->dn, true);
+@@ -6309,9 +6318,20 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
+ }
+
+ if (sd_updated && !isDeleted) {
++ /*
++ * This is an existing object, so there is no need to
++ * inherit from the parent, but we must inherit any
++ * incoming changes to our child objects.
++ *
++ * This is needed because descriptor is above
++ * repl_meta_data in the module stack, so this will
++ * not be trigered 'naturally' by the flow of
++ * operations.
++ */
+ ret = dsdb_module_schedule_sd_propagation(ar->module,
+ ar->objs->partition_dn,
+- msg->dn, true);
++ msg->dn,
++ false);
+ if (ret != LDB_SUCCESS) {
+ return ldb_operr(ldb);
+ }
+--
+2.17.1
+
+
+From 7071888d5b556213be79545cac059a8b3f62baee Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Fri, 6 Dec 2019 18:26:42 +1300
+Subject: [PATCH 09/13] CVE-2019-14902 repl_meta_data: Set renamed = true (and
+ so do SD inheritance) after any rename
+
+Previously if there was a conflict, but the incoming object would still
+win, this was not marked as a rename, and so inheritence was not done.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ selftest/knownfail.d/repl_secdesc | 1 -
+ source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 13 +++++++++++++
+ 2 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/selftest/knownfail.d/repl_secdesc b/selftest/knownfail.d/repl_secdesc
+index 13a9ce458dd..9dd632d99ed 100644
+--- a/selftest/knownfail.d/repl_secdesc
++++ b/selftest/knownfail.d/repl_secdesc
+@@ -1,2 +1 @@
+-^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_object_in_conflict
+ ^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object
+diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+index 9812ded99fb..e67c3b0281e 100644
+--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
++++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+@@ -6134,6 +6134,19 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
+ * replmd_replicated_apply_search_callback())
+ */
+ ret = replmd_replicated_handle_rename(ar, msg, ar->req, &renamed);
++
++ /*
++ * This looks strange, but we must set this after any
++ * rename, otherwise the SD propegation will not
++ * happen (which might matter if we have a new parent)
++ *
++ * The additional case of calling
++ * replmd_op_name_modify_callback (below) is:
++ * - a no-op if there was no name change
++ * and
++ * - called in the default case regardless.
++ */
++ renamed = true;
+ }
+
+ if (ret != LDB_SUCCESS) {
+--
+2.17.1
+
+
+From 16b377276ee82c04d069666e53deaa95a7633dd4 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Thu, 12 Dec 2019 14:44:57 +1300
+Subject: [PATCH 10/13] CVE-2019-14902 dsdb: Change basis of descriptor module
+ deferred processing to be GUIDs
+
+We can not process on the basis of a DN, as the DN may have changed in a rename,
+not only that this module can see, but also from repl_meta_data below.
+
+Therefore remove all the complex tree-based change processing, leaving only
+a tree-based sort of the possible objects to be changed, and a single
+stopped_dn variable containing the DN to stop processing below (after
+a no-op change).
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
+
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+---
+ selftest/knownfail.d/repl_secdesc | 1 -
+ source4/dsdb/samdb/ldb_modules/acl_util.c | 4 +-
+ source4/dsdb/samdb/ldb_modules/descriptor.c | 296 +++++++++---------
+ .../dsdb/samdb/ldb_modules/repl_meta_data.c | 7 +-
+ source4/dsdb/samdb/samdb.h | 2 +-
+ 5 files changed, 156 insertions(+), 154 deletions(-)
+ delete mode 100644 selftest/knownfail.d/repl_secdesc
+
+diff --git a/selftest/knownfail.d/repl_secdesc b/selftest/knownfail.d/repl_secdesc
+deleted file mode 100644
+index 9dd632d99ed..00000000000
+--- a/selftest/knownfail.d/repl_secdesc
++++ /dev/null
+@@ -1 +0,0 @@
+-^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object
+diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
+index 6d645b10fe2..b9931795e19 100644
+--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
++++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
+@@ -286,7 +286,7 @@ uint32_t dsdb_request_sd_flags(struct ldb_request *req, bool *explicit)
+
+ int dsdb_module_schedule_sd_propagation(struct ldb_module *module,
+ struct ldb_dn *nc_root,
+- struct ldb_dn *dn,
++ struct GUID guid,
+ bool include_self)
+ {
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+@@ -299,7 +299,7 @@ int dsdb_module_schedule_sd_propagation(struct ldb_module *module,
+ }
+
+ op->nc_root = nc_root;
+- op->dn = dn;
++ op->guid = guid;
+ op->include_self = include_self;
+
+ ret = dsdb_module_extended(module, op, NULL,
+diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
+index b9f465fc36f..daa08c2ebc7 100644
+--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
++++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
+@@ -46,9 +46,8 @@
+
+ struct descriptor_changes {
+ struct descriptor_changes *prev, *next;
+- struct descriptor_changes *children;
+ struct ldb_dn *nc_root;
+- struct ldb_dn *dn;
++ struct GUID guid;
+ bool force_self;
+ bool force_children;
+ struct ldb_dn *stopped_dn;
+@@ -771,7 +770,8 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
+ current_attrs,
+ DSDB_FLAG_NEXT_MODULE |
+ DSDB_FLAG_AS_SYSTEM |
+- DSDB_SEARCH_SHOW_RECYCLED,
++ DSDB_SEARCH_SHOW_RECYCLED |
++ DSDB_SEARCH_SHOW_EXTENDED_DN,
+ req);
+ if (ret != LDB_SUCCESS) {
+ ldb_debug(ldb, LDB_DEBUG_ERROR,"descriptor_modify: Could not find %s\n",
+@@ -832,7 +832,7 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
+ user_sd = old_sd;
+ }
+
+- sd = get_new_descriptor(module, dn, req,
++ sd = get_new_descriptor(module, current_res->msgs[0]->dn, req,
+ objectclass, parent_sd,
+ user_sd, old_sd, sd_flags);
+ if (sd == NULL) {
+@@ -869,18 +869,32 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
+ return ldb_oom(ldb);
+ }
+ } else if (cmp_ret != 0) {
++ struct GUID guid;
+ struct ldb_dn *nc_root;
++ NTSTATUS status;
+
+- ret = dsdb_find_nc_root(ldb, msg, dn, &nc_root);
++ ret = dsdb_find_nc_root(ldb,
++ msg,
++ current_res->msgs[0]->dn,
++ &nc_root);
+ if (ret != LDB_SUCCESS) {
+ return ldb_oom(ldb);
+ }
+
++ status = dsdb_get_extended_dn_guid(current_res->msgs[0]->dn,
++ &guid,
++ "GUID");
++ if (!NT_STATUS_IS_OK(status)) {
++ return ldb_operr(ldb);
++ }
++
+ /*
+ * Force SD propagation on children of this record
+ */
+- ret = dsdb_module_schedule_sd_propagation(module, nc_root,
+- dn, false);
++ ret = dsdb_module_schedule_sd_propagation(module,
++ nc_root,
++ guid,
++ false);
+ if (ret != LDB_SUCCESS) {
+ return ldb_operr(ldb);
+ }
+@@ -963,20 +977,31 @@ static int descriptor_rename(struct ldb_module *module, struct ldb_request *req)
+
+ if (ldb_dn_compare(olddn, newdn) != 0) {
+ struct ldb_dn *nc_root;
++ struct GUID guid;
+
+ ret = dsdb_find_nc_root(ldb, req, newdn, &nc_root);
+ if (ret != LDB_SUCCESS) {
+ return ldb_oom(ldb);
+ }
+
+- /*
+- * Force SD propagation on this record (get a new
+- * inherited SD from the potentially new parent
+- */
+- ret = dsdb_module_schedule_sd_propagation(module, nc_root,
+- newdn, true);
+- if (ret != LDB_SUCCESS) {
+- return ldb_operr(ldb);
++ ret = dsdb_module_guid_by_dn(module,
++ olddn,
++ &guid,
++ req);
++ if (ret == LDB_SUCCESS) {
++ /*
++ * Without disturbing any errors if the olddn
++ * does not exit, force SD propagation on
++ * this record (get a new inherited SD from
++ * the potentially new parent
++ */
++ ret = dsdb_module_schedule_sd_propagation(module,
++ nc_root,
++ guid,
++ true);
++ if (ret != LDB_SUCCESS) {
++ return ldb_operr(ldb);
++ }
+ }
+ }
+
+@@ -992,9 +1017,7 @@ static int descriptor_extended_sec_desc_propagation(struct ldb_module *module,
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct dsdb_extended_sec_desc_propagation_op *op;
+ TALLOC_CTX *parent_mem = NULL;
+- struct descriptor_changes *parent_change = NULL;
+ struct descriptor_changes *c;
+- int ret;
+
+ op = talloc_get_type(req->op.extended.data,
+ struct dsdb_extended_sec_desc_propagation_op);
+@@ -1011,32 +1034,6 @@ static int descriptor_extended_sec_desc_propagation(struct ldb_module *module,
+
+ parent_mem = descriptor_private->trans_mem;
+
+- for (c = descriptor_private->changes; c; c = c->next) {
+- ret = ldb_dn_compare(c->nc_root, op->nc_root);
+- if (ret != 0) {
+- continue;
+- }
+-
+- ret = ldb_dn_compare(c->dn, op->dn);
+- if (ret == 0) {
+- if (op->include_self) {
+- c->force_self = true;
+- } else {
+- c->force_children = true;
+- }
+- return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
+- }
+-
+- ret = ldb_dn_compare_base(c->dn, op->dn);
+- if (ret != 0) {
+- continue;
+- }
+-
+- parent_mem = c;
+- parent_change = c;
+- break;
+- }
+-
+ c = talloc_zero(parent_mem, struct descriptor_changes);
+ if (c == NULL) {
+ return ldb_module_oom(module);
+@@ -1045,21 +1042,14 @@ static int descriptor_extended_sec_desc_propagation(struct ldb_module *module,
+ if (c->nc_root == NULL) {
+ return ldb_module_oom(module);
+ }
+- c->dn = ldb_dn_copy(c, op->dn);
+- if (c->dn == NULL) {
+- return ldb_module_oom(module);
+- }
++ c->guid = op->guid;
+ if (op->include_self) {
+ c->force_self = true;
+ } else {
+ c->force_children = true;
+ }
+
+- if (parent_change != NULL) {
+- DLIST_ADD_END(parent_change->children, c);
+- } else {
+- DLIST_ADD_END(descriptor_private->changes, c);
+- }
++ DLIST_ADD_END(descriptor_private->changes, c);
+
+ return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
+ }
+@@ -1179,41 +1169,75 @@ static int descriptor_sd_propagation_msg_sort(struct ldb_message **m1,
+ return ldb_dn_compare(dn2, dn1);
+ }
+
+-static int descriptor_sd_propagation_dn_sort(struct ldb_dn *dn1,
+- struct ldb_dn *dn2)
+-{
+- /*
+- * This sorts in tree order, parents first
+- */
+- return ldb_dn_compare(dn2, dn1);
+-}
+-
+ static int descriptor_sd_propagation_recursive(struct ldb_module *module,
+ struct descriptor_changes *change)
+ {
+- struct ldb_context *ldb = ldb_module_get_ctx(module);
++ struct ldb_result *guid_res = NULL;
+ struct ldb_result *res = NULL;
+ unsigned int i;
+ const char * const no_attrs[] = { "@__NONE__", NULL };
+- struct descriptor_changes *c;
+- struct descriptor_changes *stopped_stack = NULL;
+- enum ldb_scope scope;
++ struct ldb_dn *stopped_dn = NULL;
++ struct GUID_txt_buf guid_buf;
+ int ret;
++ bool stop = false;
+
+ /*
+- * First confirm this object has children, or exists (depending on change->force_self)
++ * First confirm this object has children, or exists
++ * (depending on change->force_self)
+ *
+ * LDB_SCOPE_SUBTREE searches are expensive.
+ *
+- * Note: that we do not search for deleted/recycled objects
+- *
+ * We know this is safe against a rename race as we are in the
+ * prepare_commit(), so must be in a transaction.
+ */
++
++ /* Find the DN by GUID, as this is stable under rename */
++ ret = dsdb_module_search(module,
++ change,
++ &guid_res,
++ change->nc_root,
++ LDB_SCOPE_SUBTREE,
++ no_attrs,
++ DSDB_FLAG_NEXT_MODULE |
++ DSDB_FLAG_AS_SYSTEM |
++ DSDB_SEARCH_SHOW_DELETED |
++ DSDB_SEARCH_SHOW_RECYCLED,
++ NULL, /* parent_req */
++ "(objectGUID=%s)",
++ GUID_buf_string(&change->guid,
++ &guid_buf));
++
++ if (ret != LDB_SUCCESS) {
++ return ret;
++ }
++
++ if (guid_res->count != 1) {
++ /*
++ * We were just given this GUID during the same
++ * transaction, if it is missing this is a big
++ * problem.
++ *
++ * Cleanup of tombstones does not trigger this module
++ * as it just does a delete.
++ */
++ ldb_asprintf_errstring(ldb_module_get_ctx(module),
++ "failed to find GUID %s under %s "
++ "for transaction-end SD inheritance: %d results",
++ GUID_buf_string(&change->guid,
++ &guid_buf),
++ ldb_dn_get_linearized(change->nc_root),
++ guid_res->count);
++ return LDB_ERR_OPERATIONS_ERROR;
++ }
++
++ /*
++ * OK, so there was a parent, are there children? Note: that
++ * this time we do not search for deleted/recycled objects
++ */
+ ret = dsdb_module_search(module,
+ change,
+ &res,
+- change->dn,
++ guid_res->msgs[0]->dn,
+ LDB_SCOPE_ONELEVEL,
+ no_attrs,
+ DSDB_FLAG_NEXT_MODULE |
+@@ -1221,26 +1245,55 @@ static int descriptor_sd_propagation_recursive(struct ldb_module *module,
+ NULL, /* parent_req */
+ "(objectClass=*)");
+ if (ret != LDB_SUCCESS) {
++ /*
++ * LDB_ERR_NO_SUCH_OBJECT, say if the DN was a deleted
++ * object, is ignored by the caller
++ */
+ return ret;
+ }
+
+ if (res->count == 0 && !change->force_self) {
++ /* All done, no children */
+ TALLOC_FREE(res);
+ return LDB_SUCCESS;
+- } else if (res->count == 0 && change->force_self) {
+- scope = LDB_SCOPE_BASE;
+- } else {
+- scope = LDB_SCOPE_SUBTREE;
+ }
+
+ /*
++ * First, if we are in force_self mode (eg renamed under new
++ * parent) then apply the SD to the top object
++ */
++ if (change->force_self) {
++ ret = descriptor_sd_propagation_object(module,
++ guid_res->msgs[0],
++ &stop);
++ if (ret != LDB_SUCCESS) {
++ TALLOC_FREE(guid_res);
++ return ret;
++ }
++
++ if (stop == true && !change->force_children) {
++ /* There was no change, nothing more to do */
++ TALLOC_FREE(guid_res);
++ return LDB_SUCCESS;
++ }
++
++ if (res->count == 0) {
++ /* All done! */
++ TALLOC_FREE(guid_res);
++ return LDB_SUCCESS;
++ }
++ }
++
++ /*
++ * Look for children
++ *
+ * Note: that we do not search for deleted/recycled objects
+ */
+ ret = dsdb_module_search(module,
+ change,
+ &res,
+- change->dn,
+- scope,
++ guid_res->msgs[0]->dn,
++ LDB_SCOPE_SUBTREE,
+ no_attrs,
+ DSDB_FLAG_NEXT_MODULE |
+ DSDB_FLAG_AS_SYSTEM,
+@@ -1253,90 +1306,39 @@ static int descriptor_sd_propagation_recursive(struct ldb_module *module,
+ TYPESAFE_QSORT(res->msgs, res->count,
+ descriptor_sd_propagation_msg_sort);
+
+- for (c = change->children; c; c = c->next) {
+- struct ldb_message *msg = NULL;
+-
+- BINARY_ARRAY_SEARCH_P(res->msgs, res->count, dn, c->dn,
+- descriptor_sd_propagation_dn_sort,
+- msg);
+-
+- if (msg == NULL) {
+- ldb_debug(ldb, LDB_DEBUG_WARNING,
+- "descriptor_sd_propagation_recursive: "
+- "%s not found under %s",
+- ldb_dn_get_linearized(c->dn),
+- ldb_dn_get_linearized(change->dn));
+- continue;
+- }
+-
+- msg->elements = (struct ldb_message_element *)c;
+- }
+-
+- DLIST_ADD(stopped_stack, change);
+-
+- if (change->force_self) {
+- i = 0;
+- } else {
+- i = 1;
+- }
+-
+- for (; i < res->count; i++) {
+- struct descriptor_changes *cur;
+- bool stop = false;
+-
+- cur = talloc_get_type(res->msgs[i]->elements,
+- struct descriptor_changes);
+- res->msgs[i]->elements = NULL;
+- res->msgs[i]->num_elements = 0;
+-
+- if (cur != NULL) {
+- DLIST_REMOVE(change->children, cur);
+- } else if (i == 0) {
++ /* We start from 1, the top object has been done */
++ for (i = 1; i < res->count; i++) {
++ /*
++ * ldb_dn_compare_base() does not match for NULL but
++ * this is clearer
++ */
++ if (stopped_dn != NULL) {
++ ret = ldb_dn_compare_base(stopped_dn,
++ res->msgs[i]->dn);
+ /*
+- * in the change->force_self case
+- * res->msgs[0]->elements was not overwritten,
+- * so set cur here
++ * Skip further processing of this
++ * sub-subtree
+ */
+- cur = change;
+- }
+-
+- for (c = stopped_stack; c; c = stopped_stack) {
+- ret = ldb_dn_compare_base(c->dn,
+- res->msgs[i]->dn);
+- if (ret == 0) {
+- break;
+- }
+-
+- c->stopped_dn = NULL;
+- DLIST_REMOVE(stopped_stack, c);
+- }
+-
+- if (cur != NULL) {
+- DLIST_ADD(stopped_stack, cur);
+- }
+-
+- if (stopped_stack->stopped_dn != NULL) {
+- ret = ldb_dn_compare_base(stopped_stack->stopped_dn,
+- res->msgs[i]->dn);
+ if (ret == 0) {
+ continue;
+ }
+- stopped_stack->stopped_dn = NULL;
+ }
+-
+- ret = descriptor_sd_propagation_object(module, res->msgs[i],
++ ret = descriptor_sd_propagation_object(module,
++ res->msgs[i],
+ &stop);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+- if (cur != NULL && cur->force_children) {
+- continue;
+- }
+-
+ if (stop) {
+- stopped_stack->stopped_dn = res->msgs[i]->dn;
+- continue;
++ /*
++ * If this child didn't change, then nothing
++ * under it needs to change
++ *
++ * res has been sorted into tree order so the
++ * next few entries can be skipped
++ */
++ stopped_dn = res->msgs[i]->dn;
+ }
+ }
+
+diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+index e67c3b0281e..a2a6bcc98f3 100644
+--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
++++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+@@ -5538,7 +5538,8 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar)
+ */
+ ret = dsdb_module_schedule_sd_propagation(ar->module,
+ ar->objs->partition_dn,
+- msg->dn, true);
++ ar->objs->objects[ar->index_current].object_guid,
++ true);
+ if (ret != LDB_SUCCESS) {
+ return replmd_replicated_request_error(ar, ret);
+ }
+@@ -6323,7 +6324,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
+ */
+ ret = dsdb_module_schedule_sd_propagation(ar->module,
+ ar->objs->partition_dn,
+- msg->dn,
++ ar->objs->objects[ar->index_current].object_guid,
+ true);
+ if (ret != LDB_SUCCESS) {
+ return ldb_operr(ldb);
+@@ -6343,7 +6344,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
+ */
+ ret = dsdb_module_schedule_sd_propagation(ar->module,
+ ar->objs->partition_dn,
+- msg->dn,
++ ar->objs->objects[ar->index_current].object_guid,
+ false);
+ if (ret != LDB_SUCCESS) {
+ return ldb_operr(ldb);
+diff --git a/source4/dsdb/samdb/samdb.h b/source4/dsdb/samdb/samdb.h
+index e1b0e4aa4e3..3f47b863a83 100644
+--- a/source4/dsdb/samdb/samdb.h
++++ b/source4/dsdb/samdb/samdb.h
+@@ -338,7 +338,7 @@ struct dsdb_extended_allocate_rid {
+ #define DSDB_EXTENDED_SEC_DESC_PROPAGATION_OID "1.3.6.1.4.1.7165.4.4.7"
+ struct dsdb_extended_sec_desc_propagation_op {
+ struct ldb_dn *nc_root;
+- struct ldb_dn *dn;
++ struct GUID guid;
+ bool include_self;
+ };
+
+--
+2.17.1
+
+
+From 030fa9e5455125e30b71c90be80baadb657d8993 Mon Sep 17 00:00:00 2001
+From: Noel Power <noel.power@suse.com>
+Date: Fri, 24 May 2019 13:37:00 +0000
+Subject: [PATCH 11/13] CVE-2019-14907 lib/util/charset: clang: Fix Value
+ stored to 'reason' is never read warning
+
+Fixes:
+
+lib/util/charset/convert_string.c:301:5: warning: Value stored to 'reason' is never read <--[clang]
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14208
+
+Signed-off-by: Noel Power <noel.power@suse.com>
+Reviewed-by: Gary Lockyer gary@catalyst.net.nz
+(cherry picked from commit add47e288bc80c1bf45765d1588a9fa5998ea677)
+---
+ lib/util/charset/convert_string.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib/util/charset/convert_string.c b/lib/util/charset/convert_string.c
+index 196302aacfd..34facab6fe6 100644
+--- a/lib/util/charset/convert_string.c
++++ b/lib/util/charset/convert_string.c
+@@ -300,13 +300,13 @@ bool convert_string_handle(struct smb_iconv_handle *ic,
+ {
+ reason="No more room";
+ if (from == CH_UNIX) {
+- DEBUG(3,("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u - '%s'\n",
++ DEBUG(3,("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u - '%s' error: %s\n",
+ charset_name(ic, from), charset_name(ic, to),
+- (unsigned int)srclen, (unsigned int)destlen, (const char *)src));
++ (unsigned int)srclen, (unsigned int)destlen, (const char *)src, reason));
+ } else {
+- DEBUG(3,("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u\n",
++ DEBUG(3,("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u error: %s\n",
+ charset_name(ic, from), charset_name(ic, to),
+- (unsigned int)srclen, (unsigned int)destlen));
++ (unsigned int)srclen, (unsigned int)destlen, reason));
+ }
+ break;
+ }
+--
+2.17.1
+
+
+From ad0e68d354ad33c577dbf146fc4a1b8254857558 Mon Sep 17 00:00:00 2001
+From: Andrew Bartlett <abartlet@samba.org>
+Date: Fri, 29 Nov 2019 20:58:47 +1300
+Subject: [PATCH 12/13] CVE-2019-14907 lib/util: Do not print the failed to
+ convert string into the logs
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The string may be in another charset, or may be sensitive and
+certainly may not be terminated. It is not safe to just print.
+
+Found by Robert Święcki using a fuzzer he wrote for smbd.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14208
+Signed-off-by: Andrew Bartlett <abartlet@samba.org>
+
+(adapted from master commit)
+---
+ lib/util/charset/convert_string.c | 33 +++++++++++++++++--------------
+ 1 file changed, 18 insertions(+), 15 deletions(-)
+
+diff --git a/lib/util/charset/convert_string.c b/lib/util/charset/convert_string.c
+index 34facab6fe6..b546e056953 100644
+--- a/lib/util/charset/convert_string.c
++++ b/lib/util/charset/convert_string.c
+@@ -293,31 +293,31 @@ bool convert_string_handle(struct smb_iconv_handle *ic,
+ switch(errno) {
+ case EINVAL:
+ reason="Incomplete multibyte sequence";
+- DEBUG(3,("convert_string_internal: Conversion error: %s(%s)\n",
+- reason, (const char *)src));
++ DBG_NOTICE("Conversion error: %s\n",
++ reason);
+ break;
+ case E2BIG:
+ {
+ reason="No more room";
+ if (from == CH_UNIX) {
+- DEBUG(3,("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u - '%s' error: %s\n",
+- charset_name(ic, from), charset_name(ic, to),
+- (unsigned int)srclen, (unsigned int)destlen, (const char *)src, reason));
++ DBG_NOTICE("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u error: %s\n",
++ charset_name(ic, from), charset_name(ic, to),
++ (unsigned int)srclen, (unsigned int)destlen, reason);
+ } else {
+- DEBUG(3,("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u error: %s\n",
+- charset_name(ic, from), charset_name(ic, to),
+- (unsigned int)srclen, (unsigned int)destlen, reason));
++ DBG_NOTICE("E2BIG: convert_string(%s,%s): srclen=%u destlen=%u error: %s\n",
++ charset_name(ic, from), charset_name(ic, to),
++ (unsigned int)srclen, (unsigned int)destlen, reason);
+ }
+ break;
+ }
+ case EILSEQ:
+ reason="Illegal multibyte sequence";
+- DEBUG(3,("convert_string_internal: Conversion error: %s(%s)\n",
+- reason, (const char *)src));
++ DBG_NOTICE("convert_string_internal: Conversion error: %s\n",
++ reason);
+ break;
+ default:
+- DEBUG(0,("convert_string_internal: Conversion error: %s(%s)\n",
+- reason, (const char *)src));
++ DBG_ERR("convert_string_internal: Conversion error: %s\n",
++ reason);
+ break;
+ }
+ /* smb_panic(reason); */
+@@ -427,16 +427,19 @@ bool convert_string_talloc_handle(TALLOC_CTX *ctx, struct smb_iconv_handle *ic,
+ switch(errno) {
+ case EINVAL:
+ reason="Incomplete multibyte sequence";
+- DEBUG(3,("convert_string_talloc: Conversion error: %s(%s)\n",reason,inbuf));
++ DBG_NOTICE("Conversion error: %s\n",
++ reason);
+ break;
+ case E2BIG:
+ goto convert;
+ case EILSEQ:
+ reason="Illegal multibyte sequence";
+- DEBUG(3,("convert_string_talloc: Conversion error: %s(%s)\n",reason,inbuf));
++ DBG_NOTICE("Conversion error: %s\n",
++ reason);
+ break;
+ default:
+- DEBUG(0,("Conversion error: %s(%s)\n",reason,inbuf));
++ DBG_ERR("Conversion error: %s\n",
++ reason);
+ break;
+ }
+ /* smb_panic(reason); */
+--
+2.17.1
+
+
diff --git a/main/spl-vanilla/APKBUILD b/main/spl-vanilla/APKBUILD
index c5d4b7ee21..6949cec9c0 100644
--- a/main/spl-vanilla/APKBUILD
+++ b/main/spl-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/main/sprunge/APKBUILD b/main/sprunge/APKBUILD
index f663d800b9..4d1f651abd 100644
--- a/main/sprunge/APKBUILD
+++ b/main/sprunge/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sprunge
pkgver=0.6
-pkgrel=0
+pkgrel=1
pkgdesc="Helper script to paste things to http://sprunge.us"
url="http://sprunge.us"
arch="noarch"
@@ -33,10 +33,10 @@ package() {
tpaste() {
cd "$_builddir"
- url="http://tpaste.us"
+ url="https://tpaste.us"
pkgdesc="Helper script to paste things to $url"
mkdir -p "$subpkgdir"/usr/bin
- printf "#!/bin/sh\n\nexec curl -F 'tpaste=<-' http://tpaste.us" > \
+ printf "#!/bin/sh\n\nexec curl -F 'tpaste=<-' https://tpaste.us" > \
"$subpkgdir"/usr/bin/tpaste || return 1
chmod 755 "$subpkgdir"/usr/bin/tpaste || return 1
}
diff --git a/main/sqlite/APKBUILD b/main/sqlite/APKBUILD
index 44425f92f8..4bf71c2d81 100644
--- a/main/sqlite/APKBUILD
+++ b/main/sqlite/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
pkgname=sqlite
pkgver=3.28.0
-pkgrel=2
+pkgrel=3
pkgdesc="C library that implements an SQL database engine"
url="https://www.sqlite.org/"
arch="all"
@@ -34,9 +34,12 @@ source="https://www.sqlite.org/2019/$pkgname-autoconf-$_ver.tar.gz
CVE-2019-16168.patch
CVE-2019-19242.patch
CVE-2019-19244.patch
+ CVE-2020-11655.patch
"
# secfixes:
+# 3.28.0-r3:
+# - CVE-2020-11655
# 3.28.0-r2:
# - CVE-2019-19242
# - CVE-2019-19242
@@ -115,4 +118,5 @@ sha512sums="e800c0d9e6c8c01ccf1d714c6c4da4b98e9610c4c06557dda6393d0792a8ae097887
5bde14bec5bf18cc686b8b90a8b2324c8c6600bca1ae56431a795bb34b8b5ae85527143f3b5f0c845c776bce60eaa537624104cefc3a47b3820d43083f40c6e9 license.txt
db937bc87068b486e5163a5493acba2d7b89aa6b45d55cbc1c8b53e6889c53e6be060997f340dfad44c3df328c7891b49277f56299a9531248381a214fb4079d CVE-2019-16168.patch
e0cbb73e56cfd37cb5fbc5b003a40d1853fb527a63319ff78dbcd9d15d9469f75451f4abd572d5a2a1e936c8739f8f031428090b48368f28f97ba6fbf0654dbe CVE-2019-19242.patch
-e7982014a62b4fa465918fd65384cec406ea09598f3e0511eb2b68f618983b2f29a932267397aff9b88b97367dc8e05c4074fa8e276e3f4294ac019df498a724 CVE-2019-19244.patch"
+e7982014a62b4fa465918fd65384cec406ea09598f3e0511eb2b68f618983b2f29a932267397aff9b88b97367dc8e05c4074fa8e276e3f4294ac019df498a724 CVE-2019-19244.patch
+c9d9f440543fa59fb4cb75d069b69adcccfdeb1c31bc9bd8d2f27b178013ea72934f6301d3df28e37a67cb6dbc38b2fc7bf87bacd93d756a62f3bf59a52ab3f2 CVE-2020-11655.patch"
diff --git a/main/sqlite/CVE-2020-11655.patch b/main/sqlite/CVE-2020-11655.patch
new file mode 100644
index 0000000000..ee58cf62e8
--- /dev/null
+++ b/main/sqlite/CVE-2020-11655.patch
@@ -0,0 +1,24 @@
+From 660733d19a17c9927275dbcde537d12531a8d121 Mon Sep 17 00:00:00 2001
+From: Leonardo Arena <rnalrd@alpinelinux.org>
+Date: Thu, 7 May 2020 12:37:05 +0000
+Subject: [PATCH] CVE-2020-11655
+
+---
+ sqlite3.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index 55dc686..f0ccb2d 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -133217,6 +133217,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
+ struct AggInfo_func *pFunc;
+ int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
+ if( nReg==0 ) return;
++ if( pParse->nErr ) return;
+ #ifdef SQLITE_DEBUG
+ /* Verify that all AggInfo registers are within the range specified by
+ ** AggInfo.mnReg..AggInfo.mxReg */
+--
+2.26.0
+
diff --git a/main/squid/APKBUILD b/main/squid/APKBUILD
index 7c4ae5ffff..bea34bb801 100644
--- a/main/squid/APKBUILD
+++ b/main/squid/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=squid
-pkgver=4.8
-pkgrel=1
+pkgver=4.10
+pkgrel=0
pkgdesc="A full-featured Web proxy cache server."
url="http://www.squid-cache.org"
install="squid.pre-install squid.pre-upgrade"
@@ -18,7 +18,6 @@ linguas="af ar az bg ca cs da de el es et fa fi fr he hu hy id it ja ka ko lt
lv ms nl oc pl pt ro ru sk sl sr sv th tr uk uz vi zh"
langdir="/usr/share/squid/errors"
source="http://www.squid-cache.org/Versions/v4/squid-${pkgver}.tar.xz
- CVE-2019-18679.patch
$pkgname.initd
$pkgname.confd
@@ -30,6 +29,11 @@ builddir="$srcdir"/$pkgname-$pkgver
options="!check" # does not work. Error message is about "applet not found", some issue with the installed busybox
# secfixes:
+# 4.10-r0:
+# - CVE-2019-12528
+# - CVE-2020-8449
+# - CVE-2020-8450
+# - CVE-2020-8517
# 4.8-r1:
# - CVE-2019-18679
# 4.8-r0:
@@ -108,8 +112,7 @@ squid_kerb_auth() {
install -d "$subpkgdir"/usr/lib/squid
mv "$pkgdir"/usr/lib/squid/squid_kerb_auth "$subpkgdir"/usr/lib/squid/
}
-sha512sums="2223f299950ded074faca6e3d09c15bc26e8644c3019b36a612f5d424e25b02a528c4b3c8a9463864f71edc29f17c5662f16ffda18c76317405cb97657e5e823 squid-4.8.tar.xz
-e2a38576105eb056640f334499504e10605e5b7e82bcd602fe019dd010beb2c70eddc931ca2b3e452f229a28de0f6c7fb6b770bcf2f3c406044286d8fed18490 CVE-2019-18679.patch
+sha512sums="033891f84789fe23a23fabcfb6f51a5b044c16892600f94380b5f0bcbceaef67b95c7047154d940511146248ca9846a949f00a609c6ed27f9af8829325eb08e0 squid-4.10.tar.xz
15d95f7d787be8c2e6619ef1661fd8aae8d2c1ede706748764644c7dc3d7c34515ef6e8b7543295fddc4e767bbd74a7cf8c42e77cf60b3d574ff11b3f6e336c9 squid.initd
7292661de344e8a87d855c83afce49511685d2680effab3afab110e45144c0117935f3bf73ab893c9e6d43f7fb5ba013635e24f6da6daf0eeb895ef2e9b5baa9 squid.confd
89a703fa4f21b6c7c26e64a46fd52407e20f00c34146ade0bea0c4b63d050117c0f8e218f2256a1fbf6abb84f4ec9b0472c9a4092ff6e78f07c4f5a25d0892a5 squid.logrotate"
diff --git a/main/squid/CVE-2019-18679.patch b/main/squid/CVE-2019-18679.patch
deleted file mode 100644
index 9ad820d319..0000000000
--- a/main/squid/CVE-2019-18679.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-commit 671ba97abe929156dc4c717ee52ad22fba0f7443
-Author: Amos Jeffries <yadij@users.noreply.github.com>
-Date: 2019-09-11 02:52:52 +0000
-
- RFC 7230: server MUST reject messages with BWS after field-name (#445)
-
- Obey the RFC requirement to reject HTTP requests with whitespace
- between field-name and the colon delimiter. Rejection is
- critical in the presence of broken HTTP agents that mishandle
- malformed messages.
-
- Also obey requirement to always strip such whitespace from HTTP
- response messages. The relaxed parser is no longer necessary for
- this response change.
-
- For now non-HTTP protocols retain the old behaviour of removal
- only when using the relaxed parser.
-
-diff --git a/src/HttpHeader.cc b/src/HttpHeader.cc
-index dd320d5..a36ad85 100644
---- a/src/HttpHeader.cc
-+++ b/src/HttpHeader.cc
-@@ -421,15 +421,12 @@ HttpHeader::parse(const char *header_start, size_t hdrLen)
- break; /* terminating blank line */
- }
-
-- HttpHeaderEntry *e;
-- if ((e = HttpHeaderEntry::parse(field_start, field_end)) == NULL) {
-+ const auto e = HttpHeaderEntry::parse(field_start, field_end, owner);
-+ if (!e) {
- debugs(55, warnOnError, "WARNING: unparseable HTTP header field {" <<
- getStringPrefix(field_start, field_end-field_start) << "}");
- debugs(55, warnOnError, " in {" << getStringPrefix(header_start, hdrLen) << "}");
-
-- if (Config.onoff.relaxed_header_parser)
-- continue;
--
- PROF_stop(HttpHeaderParse);
- clean();
- return 0;
-@@ -1386,7 +1383,7 @@ HttpHeaderEntry::~HttpHeaderEntry()
-
- /* parses and inits header entry, returns true/false */
- HttpHeaderEntry *
--HttpHeaderEntry::parse(const char *field_start, const char *field_end)
-+HttpHeaderEntry::parse(const char *field_start, const char *field_end, const http_hdr_owner_type msgType)
- {
- /* note: name_start == field_start */
- const char *name_end = (const char *)memchr(field_start, ':', field_end - field_start);
-@@ -1403,19 +1400,41 @@ HttpHeaderEntry::parse(const char *field_start, const char *field_end)
-
- if (name_len > 65534) {
- /* String must be LESS THAN 64K and it adds a terminating NULL */
-- debugs(55, DBG_IMPORTANT, "WARNING: ignoring header name of " << name_len << " bytes");
-+ // TODO: update this to show proper name_len in Raw markup, but not print all that
-+ debugs(55, 2, "ignoring huge header field (" << Raw("field_start", field_start, 100) << "...)");
- return NULL;
- }
-
-- if (Config.onoff.relaxed_header_parser && xisspace(field_start[name_len - 1])) {
-+ /*
-+ * RFC 7230 section 3.2.4:
-+ * "No whitespace is allowed between the header field-name and colon.
-+ * ...
-+ * A server MUST reject any received request message that contains
-+ * whitespace between a header field-name and colon with a response code
-+ * of 400 (Bad Request). A proxy MUST remove any such whitespace from a
-+ * response message before forwarding the message downstream."
-+ */
-+ if (xisspace(field_start[name_len - 1])) {
-+
-+ if (msgType == hoRequest)
-+ return nullptr;
-+
-+ // for now, also let relaxed parser remove this BWS from any non-HTTP messages
-+ const bool stripWhitespace = (msgType == hoReply) ||
-+ Config.onoff.relaxed_header_parser;
-+ if (!stripWhitespace)
-+ return nullptr; // reject if we cannot strip
-+
- debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
- "NOTICE: Whitespace after header name in '" << getStringPrefix(field_start, field_end-field_start) << "'");
-
- while (name_len > 0 && xisspace(field_start[name_len - 1]))
- --name_len;
-
-- if (!name_len)
-+ if (!name_len) {
-+ debugs(55, 2, "found header with only whitespace for name");
- return NULL;
-+ }
- }
-
- /* now we know we can parse it */
-@@ -1448,11 +1467,7 @@ HttpHeaderEntry::parse(const char *field_start, const char *field_end)
-
- if (field_end - value_start > 65534) {
- /* String must be LESS THAN 64K and it adds a terminating NULL */
-- debugs(55, DBG_IMPORTANT, "WARNING: ignoring '" << name << "' header of " << (field_end - value_start) << " bytes");
--
-- if (id == Http::HdrType::OTHER)
-- name.clean();
--
-+ debugs(55, 2, "WARNING: found '" << name << "' header of " << (field_end - value_start) << " bytes");
- return NULL;
- }
-
-diff --git a/src/HttpHeader.h b/src/HttpHeader.h
-index 35a9410..be175b7 100644
---- a/src/HttpHeader.h
-+++ b/src/HttpHeader.h
-@@ -54,7 +54,7 @@ class HttpHeaderEntry
- public:
- HttpHeaderEntry(Http::HdrType id, const char *name, const char *value);
- ~HttpHeaderEntry();
-- static HttpHeaderEntry *parse(const char *field_start, const char *field_end);
-+ static HttpHeaderEntry *parse(const char *field_start, const char *field_end, const http_hdr_owner_type msgType);
- HttpHeaderEntry *clone() const;
- void packInto(Packable *p) const;
- int getInt() const;
diff --git a/main/tcpdump/APKBUILD b/main/tcpdump/APKBUILD
index aa29f90dc8..b06d0b297a 100644
--- a/main/tcpdump/APKBUILD
+++ b/main/tcpdump/APKBUILD
@@ -1,18 +1,45 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=tcpdump
-pkgver=4.9.2
-pkgrel=4
+pkgver=4.9.3
+pkgrel=0
pkgdesc="A tool for network monitoring and data acquisition"
url="http://www.tcpdump.org"
arch="all"
license="BSD-3-Clause"
-depends=""
+options="!check" # fail on ppc64le
makedepends="libpcap-dev openssl-dev perl"
subpackages="$pkgname-doc"
source="http://www.$pkgname.org/release/$pkgname-$pkgver.tar.gz"
-options="!check"
# secfixes:
+# 4.9.3-r0:
+# - CVE-2017-16808 (AoE)
+# - CVE-2018-14468 (FrameRelay)
+# - CVE-2018-14469 (IKEv1)
+# - CVE-2018-14470 (BABEL)
+# - CVE-2018-14466 (AFS/RX)
+# - CVE-2018-14461 (LDP)
+# - CVE-2018-14462 (ICMP)
+# - CVE-2018-14465 (RSVP)
+# - CVE-2018-14881 (BGP)
+# - CVE-2018-14464 (LMP)
+# - CVE-2018-14463 (VRRP)
+# - CVE-2018-14467 (BGP)
+# - CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
+# - CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
+# - CVE-2018-14880 (OSPF6)
+# - CVE-2018-16451 (SMB)
+# - CVE-2018-14882 (RPL)
+# - CVE-2018-16227 (802.11)
+# - CVE-2018-16229 (DCCP)
+# - CVE-2018-16301 (was fixed in libpcap)
+# - CVE-2018-16230 (BGP)
+# - CVE-2018-16452 (SMB)
+# - CVE-2018-16300 (BGP)
+# - CVE-2018-16228 (HNCP)
+# - CVE-2019-15166 (LMP)
+# - CVE-2019-15167 (VRRP)
+# - CVE-2018-14879 (tcpdump -V)
# 4.9.0-r0:
# - CVE-2016-7922
# - CVE-2016-7923
@@ -60,10 +87,6 @@ options="!check"
builddir="$srcdir"/$pkgname-$pkgver
-prepare() {
- cd "$builddir"
- update_config_sub
-}
build () {
cd "$builddir"
@@ -88,4 +111,4 @@ package() {
rm -f "$pkgdir"/usr/sbin/tcpdump.4*
}
-sha512sums="e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b tcpdump-4.9.2.tar.gz"
+sha512sums="3aec673f78b996a4df884b1240e5d0a26a2ca81ee7aca8a2e6d50255bb53476e008a5ced4409e278a956710d8a4d31d85bbb800c9f1aab92b0b1046b59292a22 tcpdump-4.9.3.tar.gz"
diff --git a/main/tzdata/APKBUILD b/main/tzdata/APKBUILD
index f971dc226e..9725639106 100644
--- a/main/tzdata/APKBUILD
+++ b/main/tzdata/APKBUILD
@@ -2,18 +2,14 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=tzdata
-pkgver=2019c
-_tzcodever=2019c
+pkgver=2020a
+_tzcodever=2020a
_ptzver=0.5
pkgrel=0
pkgdesc="Timezone data"
url="https://www.iana.org/time-zones"
arch="all"
license="Public-Domain"
-depends=""
-depends_dev=""
-makedepends=""
-install=""
subpackages="$pkgname-doc"
source="https://www.iana.org/time-zones/repository/releases/tzcode$_tzcodever.tar.gz
https://www.iana.org/time-zones/repository/releases/tzdata$pkgver.tar.gz
@@ -28,7 +24,6 @@ _timezones="africa antarctica asia australasia europe northamerica \
options="!check" # Testsuite require nsgmls (SP)
build() {
- cd "$builddir"
make cc="${CC:-gcc}" CFLAGS="$CFLAGS -DHAVE_STDINT_H=1"
TZDIR="/usr/share/zoneinfo"
@@ -37,11 +32,9 @@ build() {
}
package() {
- cd "$builddir"
-
- ./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo ${_timezones}
- ./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo/right -L leapseconds ${_timezones}
- #./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo/posix ${_timezones}
+ ./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo $_timezones
+ ./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo/right -L leapseconds $_timezones
+ #./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo/posix $_timezones
./zic -y ./yearistype -d "$pkgdir"/usr/share/zoneinfo -p America/New_York
install -m444 -t "$pkgdir"/usr/share/zoneinfo iso3166.tab zone1970.tab zone.tab
@@ -57,8 +50,8 @@ package() {
"$pkgdir"/usr/bin/posixtz
}
-sha512sums="61ef36385f501c338c263081486de0d1fccd454b86f8777b0dbad4ea3f21bbde059d0a91c23e207b167ed013127d3db8b7528f0188814a8b44d1f946b19d9b8b tzcode2019c.tar.gz
-2921cbb2fd44a6b8f7f2ed42c13fbae28195aa5c2eeefa70396bc97cdbaad679c6cc3c143da82cca5b0279065c02389e9af536904288c12886bf345baa8c6565 tzdata2019c.tar.gz
+sha512sums="5235d6590e844491df32375857f5f36ba0046f2d21a078375188dff79b125cf9b69136a0a431624de1ecfa9d53b62a232f0e6ee0b734294cec62b670e6265cb2 tzcode2020a.tar.gz
+2a2fc2e3ad8a6e4c574242296c847ad582c2c1d86add9c556e65c812d19b9528522e3c4dddb5239017091825d2acc5a2ccaf21dc41b900b6c300ef4264cc5a9d tzdata2020a.tar.gz
68dbaab9f4aef166ac2f2d40b49366527b840bebe17a47599fe38345835e4adb8a767910745ece9c384b57af815a871243c3e261a29f41d71f8054df3061b3fd posixtz-0.5.tar.xz
0f2a10ee2bb4007f57b59123d1a0b8ef6accf99e568f21537f0bb19f290fff46e24050f55f12569d7787be600e1b62aa790ea85a333153f3ea081a812c81b1b5 0001-posixtz-ensure-the-file-offset-we-pass-to-lseek-is-o.patch
fb322ab7867517ba39265d56d3576cbcea107c205d524e87015c1819bbb7361f7322232ee3b86ea9b8df2886e7e06a6424e3ac83b2006be290a33856c7d40ac4 0002-fix-implicit-declaration-warnings-by-including-strin.patch"
diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD
index 22a28e2c86..2d3c22a872 100644
--- a/main/unbound/APKBUILD
+++ b/main/unbound/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=unbound
pkgver=1.8.3
-pkgrel=3
+pkgrel=4
pkgdesc="Unbound is a validating, recursive, and caching DNS resolver"
url="http://unbound.net/"
arch="all"
@@ -22,6 +22,7 @@ source="https://unbound.net/downloads/$pkgname-$pkgver.tar.gz
update-unbound-root-hints
CVE-2019-16866.patch
CVE-2019-18934.patch
+ CVE-2020-12662_CVE-2020-12663.patch
migrate-dnscache-to-unbound
root.hints
$pkgname.initd
@@ -30,8 +31,11 @@ source="https://unbound.net/downloads/$pkgname-$pkgver.tar.gz
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 1.8.3-r4:
+# - CVE-2020-12662
+# - CVE-2020-12663
# 1.8.3-r3:
-# - CVE-2019-18934
+# - CVE-2019-18934
# 1.8.3-r2:
# - CVE-2019-16866
@@ -111,7 +115,8 @@ bd51769e3e2d6035df1abbf220038a56a69795a092b5f31005e1910c6c88e334d7e71fe16d874885
b16b7b15392c0d560718ee543f1eebc5617085fb30d61cddc20dd948bd8b1634ee5b2de1c9cb172a6c0d1c5bbaf98b6fd39816d39c72a43ff619455449e668ac update-unbound-root-hints
da578f620bc1abca4a53bb3448c023c59ccd33c0d560603ab5e6caf7eebd8e4d8a2401f2e4ebbcf1124f168699be02a489ae27d7b723f9b67678592ecea30529 CVE-2019-16866.patch
b2ae6363d89c4effa9e926210c4b876eb8fefa79bf459047107e6fb8eb8aca2b9844a4a8bdabe361248be2eeb36519aac7bbc4fe7b805447958088bcc18a83d2 CVE-2019-18934.patch
-b26a13c1c88da9611a65705dc59f7233c5e0f6aced0d7d66c18536a969a2de627ca5d4bb55eedd81f2f040fa11bde48eaaeca2850f376e72e7a531678a259131 migrate-dnscache-to-unbound
+9362936e4ce7c3f391590526423c7f13c596bc71db6b643056bcf885797a26ea74e44e920383b6af6ac56294f5dc9529dded96645f519a377269f920e9a8cf68 CVE-2020-12662_CVE-2020-12663.patch
0dca3470ed4ca9b76d6f47f5d20e92924e6648f0870d8594fe6735d8f1cdfeeee7296301066c2a8b2b94f7daed86c15efe00c301ca27e435e5dd2c85508dc9c8 root.hints
+b26a13c1c88da9611a65705dc59f7233c5e0f6aced0d7d66c18536a969a2de627ca5d4bb55eedd81f2f040fa11bde48eaaeca2850f376e72e7a531678a259131 migrate-dnscache-to-unbound
a2b39cb00d342c3bae70ae714dc2bd7c15d0475b35f7afff11fb0bd4c1786f83dd5425a5900a7b4d6c17915a6c546e37f82404bceb44f79c054629e999f23152 unbound.initd
40c660f275a78f93677761f52bdf7ef151941e8469dd17767a947dbe575880e0d113c320d15c7ea7e12ef636d8ec9453eeae804619678293fa35e3d4c7e75a71 unbound.confd"
diff --git a/main/unbound/CVE-2020-12662_CVE-2020-12663.patch b/main/unbound/CVE-2020-12662_CVE-2020-12663.patch
new file mode 100644
index 0000000000..961d4d16e0
--- /dev/null
+++ b/main/unbound/CVE-2020-12662_CVE-2020-12663.patch
@@ -0,0 +1,948 @@
+diff --git a/iterator/iter_delegpt.c b/iterator/iter_delegpt.c
+index f88b3e1..9a672b0 100644
+--- a/iterator/iter_delegpt.c
++++ b/iterator/iter_delegpt.c
+@@ -84,7 +84,7 @@ struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* region)
+ }
+ for(a = dp->target_list; a; a = a->next_target) {
+ if(!delegpt_add_addr(copy, region, &a->addr, a->addrlen,
+- a->bogus, a->lame, a->tls_auth_name))
++ a->bogus, a->lame, a->tls_auth_name, NULL))
+ return NULL;
+ }
+ return copy;
+@@ -161,7 +161,7 @@ delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr,
+ int
+ delegpt_add_target(struct delegpt* dp, struct regional* region,
+ uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
+- socklen_t addrlen, uint8_t bogus, uint8_t lame)
++ socklen_t addrlen, uint8_t bogus, uint8_t lame, int* additions)
+ {
+ struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
+ log_assert(!dp->dp_type_mlc);
+@@ -176,13 +176,14 @@ delegpt_add_target(struct delegpt* dp, struct regional* region,
+ if(ns->got4 && ns->got6)
+ ns->resolved = 1;
+ }
+- return delegpt_add_addr(dp, region, addr, addrlen, bogus, lame, NULL);
++ return delegpt_add_addr(dp, region, addr, addrlen, bogus, lame, NULL,
++ additions);
+ }
+
+ int
+ delegpt_add_addr(struct delegpt* dp, struct regional* region,
+ struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus,
+- uint8_t lame, char* tls_auth_name)
++ uint8_t lame, char* tls_auth_name, int* additions)
+ {
+ struct delegpt_addr* a;
+ log_assert(!dp->dp_type_mlc);
+@@ -194,6 +195,8 @@ delegpt_add_addr(struct delegpt* dp, struct regional* region,
+ a->lame = 0;
+ return 1;
+ }
++ if(additions)
++ *additions = 1;
+
+ a = (struct delegpt_addr*)regional_alloc(region,
+ sizeof(struct delegpt_addr));
+@@ -382,10 +385,10 @@ delegpt_from_message(struct dns_msg* msg, struct regional* region)
+ continue;
+
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_A) {
+- if(!delegpt_add_rrset_A(dp, region, s, 0))
++ if(!delegpt_add_rrset_A(dp, region, s, 0, NULL))
+ return NULL;
+ } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_AAAA) {
+- if(!delegpt_add_rrset_AAAA(dp, region, s, 0))
++ if(!delegpt_add_rrset_AAAA(dp, region, s, 0, NULL))
+ return NULL;
+ }
+ }
+@@ -416,7 +419,7 @@ delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
+
+ int
+ delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
+- struct ub_packed_rrset_key* ak, uint8_t lame)
++ struct ub_packed_rrset_key* ak, uint8_t lame, int* additions)
+ {
+ struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
+ size_t i;
+@@ -432,7 +435,7 @@ delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
+ memmove(&sa.sin_addr, d->rr_data[i]+2, INET_SIZE);
+ if(!delegpt_add_target(dp, region, ak->rk.dname,
+ ak->rk.dname_len, (struct sockaddr_storage*)&sa,
+- len, (d->security==sec_status_bogus), lame))
++ len, (d->security==sec_status_bogus), lame, additions))
+ return 0;
+ }
+ return 1;
+@@ -440,7 +443,7 @@ delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
+
+ int
+ delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
+- struct ub_packed_rrset_key* ak, uint8_t lame)
++ struct ub_packed_rrset_key* ak, uint8_t lame, int* additions)
+ {
+ struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
+ size_t i;
+@@ -456,7 +459,7 @@ delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
+ memmove(&sa.sin6_addr, d->rr_data[i]+2, INET6_SIZE);
+ if(!delegpt_add_target(dp, region, ak->rk.dname,
+ ak->rk.dname_len, (struct sockaddr_storage*)&sa,
+- len, (d->security==sec_status_bogus), lame))
++ len, (d->security==sec_status_bogus), lame, additions))
+ return 0;
+ }
+ return 1;
+@@ -464,20 +467,33 @@ delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
+
+ int
+ delegpt_add_rrset(struct delegpt* dp, struct regional* region,
+- struct ub_packed_rrset_key* rrset, uint8_t lame)
++ struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions)
+ {
+ if(!rrset)
+ return 1;
+ if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_NS)
+ return delegpt_rrset_add_ns(dp, region, rrset, lame);
+ else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_A)
+- return delegpt_add_rrset_A(dp, region, rrset, lame);
++ return delegpt_add_rrset_A(dp, region, rrset, lame, additions);
+ else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_AAAA)
+- return delegpt_add_rrset_AAAA(dp, region, rrset, lame);
++ return delegpt_add_rrset_AAAA(dp, region, rrset, lame,
++ additions);
+ log_warn("Unknown rrset type added to delegpt");
+ return 1;
+ }
+
++void delegpt_mark_neg(struct delegpt_ns* ns, uint16_t qtype)
++{
++ if(ns) {
++ if(qtype == LDNS_RR_TYPE_A)
++ ns->got4 = 2;
++ else if(qtype == LDNS_RR_TYPE_AAAA)
++ ns->got6 = 2;
++ if(ns->got4 && ns->got6)
++ ns->resolved = 1;
++ }
++}
++
+ void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg)
+ {
+ struct reply_info* rep = (struct reply_info*)msg->entry.data;
+@@ -487,14 +503,7 @@ void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg)
+ if(FLAGS_GET_RCODE(rep->flags) != 0 || rep->an_numrrsets == 0) {
+ struct delegpt_ns* ns = delegpt_find_ns(dp, msg->key.qname,
+ msg->key.qname_len);
+- if(ns) {
+- if(msg->key.qtype == LDNS_RR_TYPE_A)
+- ns->got4 = 1;
+- else if(msg->key.qtype == LDNS_RR_TYPE_AAAA)
+- ns->got6 = 1;
+- if(ns->got4 && ns->got6)
+- ns->resolved = 1;
+- }
++ delegpt_mark_neg(ns, msg->key.qtype);
+ }
+ }
+
+diff --git a/iterator/iter_delegpt.h b/iterator/iter_delegpt.h
+index 6c08826..138eb6e 100644
+--- a/iterator/iter_delegpt.h
++++ b/iterator/iter_delegpt.h
+@@ -106,9 +106,10 @@ struct delegpt_ns {
+ * and marked true if got4 and got6 are both true.
+ */
+ int resolved;
+- /** if the ipv4 address is in the delegpt */
++ /** if the ipv4 address is in the delegpt, 0=not, 1=yes 2=negative,
++ * negative means it was done, but no content. */
+ uint8_t got4;
+- /** if the ipv6 address is in the delegpt */
++ /** if the ipv6 address is in the delegpt, 0=not, 1=yes 2=negative */
+ uint8_t got6;
+ /**
+ * If the name is parent-side only and thus dispreferred.
+@@ -215,11 +216,12 @@ int delegpt_rrset_add_ns(struct delegpt* dp, struct regional* regional,
+ * @param addrlen: the length of addr.
+ * @param bogus: security status for the address, pass true if bogus.
+ * @param lame: address is lame.
++ * @param additions: will be set to 1 if a new address is added
+ * @return false on error.
+ */
+ int delegpt_add_target(struct delegpt* dp, struct regional* regional,
+ uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
+- socklen_t addrlen, uint8_t bogus, uint8_t lame);
++ socklen_t addrlen, uint8_t bogus, uint8_t lame, int* additions);
+
+ /**
+ * Add A RRset to delegpt.
+@@ -227,10 +229,11 @@ int delegpt_add_target(struct delegpt* dp, struct regional* regional,
+ * @param regional: where to allocate the info.
+ * @param rrset: RRset A to add.
+ * @param lame: rrset is lame, disprefer it.
++ * @param additions: will be set to 1 if a new address is added
+ * @return 0 on alloc error.
+ */
+ int delegpt_add_rrset_A(struct delegpt* dp, struct regional* regional,
+- struct ub_packed_rrset_key* rrset, uint8_t lame);
++ struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions);
+
+ /**
+ * Add AAAA RRset to delegpt.
+@@ -238,10 +241,11 @@ int delegpt_add_rrset_A(struct delegpt* dp, struct regional* regional,
+ * @param regional: where to allocate the info.
+ * @param rrset: RRset AAAA to add.
+ * @param lame: rrset is lame, disprefer it.
++ * @param additions: will be set to 1 if a new address is added
+ * @return 0 on alloc error.
+ */
+ int delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* regional,
+- struct ub_packed_rrset_key* rrset, uint8_t lame);
++ struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions);
+
+ /**
+ * Add any RRset to delegpt.
+@@ -250,10 +254,11 @@ int delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* regional,
+ * @param regional: where to allocate the info.
+ * @param rrset: RRset to add, NS, A, AAAA.
+ * @param lame: rrset is lame, disprefer it.
++ * @param additions: will be set to 1 if a new address is added
+ * @return 0 on alloc error.
+ */
+ int delegpt_add_rrset(struct delegpt* dp, struct regional* regional,
+- struct ub_packed_rrset_key* rrset, uint8_t lame);
++ struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions);
+
+ /**
+ * Add address to the delegation point. No servername is associated or checked.
+@@ -264,11 +269,12 @@ int delegpt_add_rrset(struct delegpt* dp, struct regional* regional,
+ * @param bogus: if address is bogus.
+ * @param lame: if address is lame.
+ * @param tls_auth_name: TLS authentication name (or NULL).
++ * @param additions: will be set to 1 if a new address is added
+ * @return false on error.
+ */
+ int delegpt_add_addr(struct delegpt* dp, struct regional* regional,
+ struct sockaddr_storage* addr, socklen_t addrlen,
+- uint8_t bogus, uint8_t lame, char* tls_auth_name);
++ uint8_t bogus, uint8_t lame, char* tls_auth_name, int* additions);
+
+ /**
+ * Find NS record in name list of delegation point.
+@@ -341,6 +347,14 @@ size_t delegpt_count_targets(struct delegpt* dp);
+ struct delegpt* delegpt_from_message(struct dns_msg* msg,
+ struct regional* regional);
+
++/**
++ * Mark negative return in delegation point for specific nameserver.
++ * sets the got4 or got6 to negative, updates the ns->resolved.
++ * @param ns: the nameserver in the delegpt.
++ * @param qtype: A or AAAA (host order).
++ */
++void delegpt_mark_neg(struct delegpt_ns* ns, uint16_t qtype);
++
+ /**
+ * Add negative message to delegation point.
+ * @param dp: delegation point.
+diff --git a/iterator/iter_scrub.c b/iterator/iter_scrub.c
+index cceec3d..aae934d 100644
+--- a/iterator/iter_scrub.c
++++ b/iterator/iter_scrub.c
+@@ -185,8 +185,9 @@ mark_additional_rrset(sldns_buffer* pkt, struct msg_parse* msg,
+ /** Get target name of a CNAME */
+ static int
+ parse_get_cname_target(struct rrset_parse* rrset, uint8_t** sname,
+- size_t* snamelen)
++ size_t* snamelen, sldns_buffer* pkt)
+ {
++ size_t oldpos, dlen;
+ if(rrset->rr_count != 1) {
+ struct rr_parse* sig;
+ verbose(VERB_ALGO, "Found CNAME rrset with "
+@@ -204,6 +205,19 @@ parse_get_cname_target(struct rrset_parse* rrset, uint8_t** sname,
+ *sname = rrset->rr_first->ttl_data + sizeof(uint32_t)
+ + sizeof(uint16_t); /* skip ttl, rdatalen */
+ *snamelen = rrset->rr_first->size - sizeof(uint16_t);
++
++ if(rrset->rr_first->outside_packet) {
++ if(!dname_valid(*sname, *snamelen))
++ return 0;
++ return 1;
++ }
++ oldpos = sldns_buffer_position(pkt);
++ sldns_buffer_set_position(pkt, (size_t)(*sname - sldns_buffer_begin(pkt)));
++ dlen = pkt_dname_len(pkt);
++ sldns_buffer_set_position(pkt, oldpos);
++ if(dlen == 0)
++ return 0; /* parse fail on the rdata name */
++ *snamelen = dlen;
+ return 1;
+ }
+
+@@ -215,7 +229,7 @@ synth_cname(uint8_t* qname, size_t qnamelen, struct rrset_parse* dname_rrset,
+ /* we already know that sname is a strict subdomain of DNAME owner */
+ uint8_t* dtarg = NULL;
+ size_t dtarglen;
+- if(!parse_get_cname_target(dname_rrset, &dtarg, &dtarglen))
++ if(!parse_get_cname_target(dname_rrset, &dtarg, &dtarglen, pkt))
+ return 0;
+ if(qnamelen <= dname_rrset->dname_len)
+ return 0;
+@@ -388,7 +402,7 @@ scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg,
+ /* check next cname */
+ uint8_t* t = NULL;
+ size_t tlen = 0;
+- if(!parse_get_cname_target(nx, &t, &tlen))
++ if(!parse_get_cname_target(nx, &t, &tlen, pkt))
+ return 0;
+ if(dname_pkt_compare(pkt, alias, t) == 0) {
+ /* it's OK and better capitalized */
+@@ -439,7 +453,7 @@ scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg,
+ size_t tlen = 0;
+ if(synth_cname(sname, snamelen, nx, alias,
+ &aliaslen, pkt) &&
+- parse_get_cname_target(rrset, &t, &tlen) &&
++ parse_get_cname_target(rrset, &t, &tlen, pkt) &&
+ dname_pkt_compare(pkt, alias, t) == 0) {
+ /* the synthesized CNAME equals the
+ * current CNAME. This CNAME is the
+@@ -460,7 +474,7 @@ scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg,
+ }
+
+ /* move to next name in CNAME chain */
+- if(!parse_get_cname_target(rrset, &sname, &snamelen))
++ if(!parse_get_cname_target(rrset, &sname, &snamelen, pkt))
+ return 0;
+ prev = rrset;
+ rrset = rrset->rrset_all_next;
+diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c
+index 2ab55ce..3c14de8 100644
+--- a/iterator/iter_utils.c
++++ b/iterator/iter_utils.c
+@@ -1142,7 +1142,7 @@ int iter_lookup_parent_glue_from_cache(struct module_env* env,
+ log_rrset_key(VERB_ALGO, "found parent-side", akey);
+ ns->done_pside4 = 1;
+ /* a negative-cache-element has no addresses it adds */
+- if(!delegpt_add_rrset_A(dp, region, akey, 1))
++ if(!delegpt_add_rrset_A(dp, region, akey, 1, NULL))
+ log_err("malloc failure in lookup_parent_glue");
+ lock_rw_unlock(&akey->entry.lock);
+ }
+@@ -1154,7 +1154,7 @@ int iter_lookup_parent_glue_from_cache(struct module_env* env,
+ log_rrset_key(VERB_ALGO, "found parent-side", akey);
+ ns->done_pside6 = 1;
+ /* a negative-cache-element has no addresses it adds */
+- if(!delegpt_add_rrset_AAAA(dp, region, akey, 1))
++ if(!delegpt_add_rrset_AAAA(dp, region, akey, 1, NULL))
+ log_err("malloc failure in lookup_parent_glue");
+ lock_rw_unlock(&akey->entry.lock);
+ }
+diff --git a/iterator/iterator.c b/iterator/iterator.c
+index 1e0113a..9d36660 100644
+--- a/iterator/iterator.c
++++ b/iterator/iterator.c
+@@ -72,6 +72,8 @@
+ /* in msec */
+ int UNKNOWN_SERVER_NICENESS = 376;
+
++static void target_count_increase_nx(struct iter_qstate* iq, int num);
++
+ int
+ iter_init(struct module_env* env, int id)
+ {
+@@ -150,6 +152,7 @@ iter_new(struct module_qstate* qstate, int id)
+ iq->sent_count = 0;
+ iq->ratelimit_ok = 0;
+ iq->target_count = NULL;
++ iq->dp_target_count = 0;
+ iq->wait_priming_stub = 0;
+ iq->refetch_glue = 0;
+ iq->dnssec_expected = 0;
+@@ -221,6 +224,7 @@ final_state(struct iter_qstate* iq)
+ static void
+ error_supers(struct module_qstate* qstate, int id, struct module_qstate* super)
+ {
++ struct iter_env* ie = (struct iter_env*)qstate->env->modinfo[id];
+ struct iter_qstate* super_iq = (struct iter_qstate*)super->minfo[id];
+
+ if(qstate->qinfo.qtype == LDNS_RR_TYPE_A ||
+@@ -246,7 +250,11 @@ error_supers(struct module_qstate* qstate, int id, struct module_qstate* super)
+ super->region, super_iq->dp))
+ log_err("out of memory adding missing");
+ }
++ delegpt_mark_neg(dpns, qstate->qinfo.qtype);
+ dpns->resolved = 1; /* mark as failed */
++ if((dpns->got4 == 2 || !ie->supports_ipv4) &&
++ (dpns->got6 == 2 || !ie->supports_ipv6))
++ target_count_increase_nx(super_iq, 1);
+ }
+ if(qstate->qinfo.qtype == LDNS_RR_TYPE_NS) {
+ /* prime failed to get delegation */
+@@ -621,7 +629,7 @@ static void
+ target_count_create(struct iter_qstate* iq)
+ {
+ if(!iq->target_count) {
+- iq->target_count = (int*)calloc(2, sizeof(int));
++ iq->target_count = (int*)calloc(3, sizeof(int));
+ /* if calloc fails we simply do not track this number */
+ if(iq->target_count)
+ iq->target_count[0] = 1;
+@@ -634,6 +642,15 @@ target_count_increase(struct iter_qstate* iq, int num)
+ target_count_create(iq);
+ if(iq->target_count)
+ iq->target_count[1] += num;
++ iq->dp_target_count++;
++}
++
++static void
++target_count_increase_nx(struct iter_qstate* iq, int num)
++{
++ target_count_create(iq);
++ if(iq->target_count)
++ iq->target_count[2] += num;
+ }
+
+ /**
+@@ -656,13 +673,15 @@ target_count_increase(struct iter_qstate* iq, int num)
+ * @param subq_ret: if newly allocated, the subquerystate, or NULL if it does
+ * not need initialisation.
+ * @param v: if true, validation is done on the subquery.
++ * @param detached: true if this qstate should not attach to the subquery
+ * @return false on error (malloc).
+ */
+ static int
+ generate_sub_request(uint8_t* qname, size_t qnamelen, uint16_t qtype,
+ uint16_t qclass, struct module_qstate* qstate, int id,
+ struct iter_qstate* iq, enum iter_state initial_state,
+- enum iter_state finalstate, struct module_qstate** subq_ret, int v)
++ enum iter_state finalstate, struct module_qstate** subq_ret, int v,
++ int detached)
+ {
+ struct module_qstate* subq = NULL;
+ struct iter_qstate* subiq = NULL;
+@@ -689,11 +708,23 @@ generate_sub_request(uint8_t* qname, size_t qnamelen, uint16_t qtype,
+ valrec = 1;
+ }
+
+- /* attach subquery, lookup existing or make a new one */
+- fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
+- if(!(*qstate->env->attach_sub)(qstate, &qinf, qflags, prime, valrec,
+- &subq)) {
+- return 0;
++ if(detached) {
++ struct mesh_state* sub = NULL;
++ fptr_ok(fptr_whitelist_modenv_add_sub(
++ qstate->env->add_sub));
++ if(!(*qstate->env->add_sub)(qstate, &qinf,
++ qflags, prime, valrec, &subq, &sub)){
++ return 0;
++ }
++ }
++ else {
++ /* attach subquery, lookup existing or make a new one */
++ fptr_ok(fptr_whitelist_modenv_attach_sub(
++ qstate->env->attach_sub));
++ if(!(*qstate->env->attach_sub)(qstate, &qinf, qflags, prime,
++ valrec, &subq)) {
++ return 0;
++ }
+ }
+ *subq_ret = subq;
+ if(subq) {
+@@ -716,6 +747,7 @@ generate_sub_request(uint8_t* qname, size_t qnamelen, uint16_t qtype,
+ subiq->target_count = iq->target_count;
+ if(iq->target_count)
+ iq->target_count[0] ++; /* extra reference */
++ subiq->dp_target_count = 0;
+ subiq->num_current_queries = 0;
+ subiq->depth = iq->depth+1;
+ outbound_list_init(&subiq->outlist);
+@@ -759,7 +791,7 @@ prime_root(struct module_qstate* qstate, struct iter_qstate* iq, int id,
+ * the normal INIT state logic (which would cause an infloop). */
+ if(!generate_sub_request((uint8_t*)"\000", 1, LDNS_RR_TYPE_NS,
+ qclass, qstate, id, iq, QUERYTARGETS_STATE, PRIME_RESP_STATE,
+- &subq, 0)) {
++ &subq, 0, 0)) {
+ verbose(VERB_ALGO, "could not prime root");
+ return 0;
+ }
+@@ -850,7 +882,7 @@ prime_stub(struct module_qstate* qstate, struct iter_qstate* iq, int id,
+ * redundant INIT state processing. */
+ if(!generate_sub_request(stub_dp->name, stub_dp->namelen,
+ LDNS_RR_TYPE_NS, qclass, qstate, id, iq,
+- QUERYTARGETS_STATE, PRIME_RESP_STATE, &subq, 0)) {
++ QUERYTARGETS_STATE, PRIME_RESP_STATE, &subq, 0, 0)) {
+ verbose(VERB_ALGO, "could not prime stub");
+ errinf(qstate, "could not generate lookup for stub prime");
+ (void)error_response(qstate, id, LDNS_RCODE_SERVFAIL);
+@@ -1025,7 +1057,7 @@ generate_a_aaaa_check(struct module_qstate* qstate, struct iter_qstate* iq,
+ if(!generate_sub_request(s->rk.dname, s->rk.dname_len,
+ ntohs(s->rk.type), ntohs(s->rk.rrset_class),
+ qstate, id, iq,
+- INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1)) {
++ INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1, 0)) {
+ verbose(VERB_ALGO, "could not generate addr check");
+ return;
+ }
+@@ -1069,7 +1101,7 @@ generate_ns_check(struct module_qstate* qstate, struct iter_qstate* iq, int id)
+ iq->dp->name, LDNS_RR_TYPE_NS, iq->qchase.qclass);
+ if(!generate_sub_request(iq->dp->name, iq->dp->namelen,
+ LDNS_RR_TYPE_NS, iq->qchase.qclass, qstate, id, iq,
+- INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1)) {
++ INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1, 0)) {
+ verbose(VERB_ALGO, "could not generate ns check");
+ return;
+ }
+@@ -1126,7 +1158,7 @@ generate_dnskey_prefetch(struct module_qstate* qstate,
+ iq->dp->name, LDNS_RR_TYPE_DNSKEY, iq->qchase.qclass);
+ if(!generate_sub_request(iq->dp->name, iq->dp->namelen,
+ LDNS_RR_TYPE_DNSKEY, iq->qchase.qclass, qstate, id, iq,
+- INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0)) {
++ INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0, 0)) {
+ /* we'll be slower, but it'll work */
+ verbose(VERB_ALGO, "could not generate dnskey prefetch");
+ return;
+@@ -1315,6 +1347,7 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->refetch_glue = 0;
+ iq->query_restart_count++;
+ iq->sent_count = 0;
++ iq->dp_target_count = 0;
+ sock_list_insert(&qstate->reply_origin, NULL, 0, qstate->region);
+ if(qstate->env->cfg->qname_minimisation)
+ iq->minimisation_state = INIT_MINIMISE_STATE;
+@@ -1693,7 +1726,7 @@ generate_parentside_target_query(struct module_qstate* qstate,
+ {
+ struct module_qstate* subq;
+ if(!generate_sub_request(name, namelen, qtype, qclass, qstate,
+- id, iq, INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0))
++ id, iq, INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0, 0))
+ return 0;
+ if(subq) {
+ struct iter_qstate* subiq =
+@@ -1744,7 +1777,7 @@ generate_target_query(struct module_qstate* qstate, struct iter_qstate* iq,
+ {
+ struct module_qstate* subq;
+ if(!generate_sub_request(name, namelen, qtype, qclass, qstate,
+- id, iq, INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0))
++ id, iq, INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0, 0))
+ return 0;
+ log_nametypeclass(VERB_QUERY, "new target", name, qtype, qclass);
+ return 1;
+@@ -1783,6 +1816,14 @@ query_for_targets(struct module_qstate* qstate, struct iter_qstate* iq,
+ "number of glue fetches %d", s, iq->target_count[1]);
+ return 0;
+ }
++ if(iq->dp_target_count > MAX_DP_TARGET_COUNT) {
++ char s[LDNS_MAX_DOMAINLEN+1];
++ dname_str(qstate->qinfo.qname, s);
++ verbose(VERB_QUERY, "request %s has exceeded the maximum "
++ "number of glue fetches %d to a single delegation point",
++ s, iq->dp_target_count);
++ return 0;
++ }
+
+ iter_mark_cycle_targets(qstate, iq->dp);
+ missing = (int)delegpt_count_missing_targets(iq->dp);
+@@ -1896,7 +1937,7 @@ processLastResort(struct module_qstate* qstate, struct iter_qstate* iq,
+ for(a = p->target_list; a; a=a->next_target) {
+ (void)delegpt_add_addr(iq->dp, qstate->region,
+ &a->addr, a->addrlen, a->bogus,
+- a->lame, a->tls_auth_name);
++ a->lame, a->tls_auth_name, NULL);
+ }
+ }
+ iq->dp->has_parent_side_NS = 1;
+@@ -1913,6 +1954,7 @@ processLastResort(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->refetch_glue = 1;
+ iq->query_restart_count++;
+ iq->sent_count = 0;
++ iq->dp_target_count = 0;
+ if(qstate->env->cfg->qname_minimisation)
+ iq->minimisation_state = INIT_MINIMISE_STATE;
+ return next_state(iq, INIT_REQUEST_STATE);
+@@ -2078,7 +2120,7 @@ processDSNSFind(struct module_qstate* qstate, struct iter_qstate* iq, int id)
+ iq->dsns_point, LDNS_RR_TYPE_NS, iq->qchase.qclass);
+ if(!generate_sub_request(iq->dsns_point, iq->dsns_point_len,
+ LDNS_RR_TYPE_NS, iq->qchase.qclass, qstate, id, iq,
+- INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0)) {
++ INIT_REQUEST_STATE, FINISHED_STATE, &subq, 0, 0)) {
+ errinf_dname(qstate, "for DS query parent-child nameserver search, could not generate NS lookup for", iq->dsns_point);
+ return error_response_cache(qstate, id, LDNS_RCODE_SERVFAIL);
+ }
+@@ -2136,6 +2178,13 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
+ errinf(qstate, "exceeded the maximum number of sends");
+ return error_response(qstate, id, LDNS_RCODE_SERVFAIL);
+ }
++ if(iq->target_count && iq->target_count[2] > MAX_TARGET_NX) {
++ verbose(VERB_QUERY, "request has exceeded the maximum "
++ " number of nxdomain nameserver lookups with %d",
++ iq->target_count[2]);
++ errinf(qstate, "exceeded the maximum nameserver nxdomains");
++ return error_response(qstate, id, LDNS_RCODE_SERVFAIL);
++ }
+
+ /* Make sure we have a delegation point, otherwise priming failed
+ * or another failure occurred */
+@@ -2240,12 +2289,41 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->qinfo_out.qtype, iq->qinfo_out.qclass,
+ qstate->query_flags, qstate->region,
+ qstate->env->scratch, 0);
+- if(msg && msg->rep->an_numrrsets == 0
+- && FLAGS_GET_RCODE(msg->rep->flags) ==
++ if(msg && FLAGS_GET_RCODE(msg->rep->flags) ==
+ LDNS_RCODE_NOERROR)
+ /* no need to send query if it is already
+- * cached as NOERROR/NODATA */
++ * cached as NOERROR */
+ return 1;
++ if(msg && FLAGS_GET_RCODE(msg->rep->flags) ==
++ LDNS_RCODE_NXDOMAIN &&
++ qstate->env->need_to_validate &&
++ qstate->env->cfg->harden_below_nxdomain) {
++ if(msg->rep->security == sec_status_secure) {
++ iq->response = msg;
++ return final_state(iq);
++ }
++ if(msg->rep->security == sec_status_unchecked) {
++ struct module_qstate* subq = NULL;
++ if(!generate_sub_request(
++ iq->qinfo_out.qname,
++ iq->qinfo_out.qname_len,
++ iq->qinfo_out.qtype,
++ iq->qinfo_out.qclass,
++ qstate, id, iq,
++ INIT_REQUEST_STATE,
++ FINISHED_STATE, &subq, 1, 1))
++ verbose(VERB_ALGO,
++ "could not validate NXDOMAIN "
++ "response");
++ }
++ }
++ if(msg && FLAGS_GET_RCODE(msg->rep->flags) ==
++ LDNS_RCODE_NXDOMAIN) {
++ /* return and add a label in the next
++ * minimisation iteration.
++ */
++ return 1;
++ }
+ }
+ }
+ if(iq->minimisation_state == SKIP_MINIMISE_STATE) {
+@@ -2321,6 +2399,8 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
+ * generated query will immediately be discarded due to depth and
+ * that servfail is cached, which is not good as opportunism goes. */
+ if(iq->depth < ie->max_dependency_depth
++ && iq->num_target_queries == 0
++ && (!iq->target_count || iq->target_count[2]==0)
+ && iq->sent_count < TARGET_FETCH_STOP) {
+ tf_policy = ie->target_fetch_policy[iq->depth];
+ }
+@@ -2366,6 +2446,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->num_current_queries++; /* RespState decrements it*/
+ iq->referral_count++; /* make sure we don't loop */
+ iq->sent_count = 0;
++ iq->dp_target_count = 0;
+ iq->state = QUERY_RESP_STATE;
+ return 1;
+ }
+@@ -2453,6 +2534,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->num_current_queries++; /* RespState decrements it*/
+ iq->referral_count++; /* make sure we don't loop */
+ iq->sent_count = 0;
++ iq->dp_target_count = 0;
+ iq->state = QUERY_RESP_STATE;
+ return 1;
+ }
+@@ -2747,7 +2829,8 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
+ /* Make subrequest to validate intermediate
+ * NXDOMAIN if harden-below-nxdomain is
+ * enabled. */
+- if(qstate->env->cfg->harden_below_nxdomain) {
++ if(qstate->env->cfg->harden_below_nxdomain &&
++ qstate->env->need_to_validate) {
+ struct module_qstate* subq = NULL;
+ log_query_info(VERB_QUERY,
+ "schedule NXDOMAIN validation:",
+@@ -2759,16 +2842,10 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->response->qinfo.qclass,
+ qstate, id, iq,
+ INIT_REQUEST_STATE,
+- FINISHED_STATE, &subq, 1))
++ FINISHED_STATE, &subq, 1, 1))
+ verbose(VERB_ALGO,
+ "could not validate NXDOMAIN "
+ "response");
+- outbound_list_clear(&iq->outlist);
+- iq->num_current_queries = 0;
+- fptr_ok(fptr_whitelist_modenv_detach_subs(
+- qstate->env->detach_subs));
+- (*qstate->env->detach_subs)(qstate);
+- iq->num_target_queries = 0;
+ }
+ }
+ return next_state(iq, QUERYTARGETS_STATE);
+@@ -2852,6 +2929,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
+ /* Count this as a referral. */
+ iq->referral_count++;
+ iq->sent_count = 0;
++ iq->dp_target_count = 0;
+ /* see if the next dp is a trust anchor, or a DS was sent
+ * along, indicating dnssec is expected for next zone */
+ iq->dnssec_expected = iter_indicates_dnssec(qstate->env,
+@@ -2928,6 +3006,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
+ iq->dsns_point = NULL;
+ iq->auth_zone_response = 0;
+ iq->sent_count = 0;
++ iq->dp_target_count = 0;
+ if(iq->minimisation_state != MINIMISE_STATE)
+ /* Only count as query restart when it is not an extra
+ * query as result of qname minimisation. */
+@@ -3120,7 +3199,7 @@ processPrimeResponse(struct module_qstate* qstate, int id)
+ if(!generate_sub_request(qstate->qinfo.qname,
+ qstate->qinfo.qname_len, qstate->qinfo.qtype,
+ qstate->qinfo.qclass, qstate, id, iq,
+- INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1)) {
++ INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1, 0)) {
+ verbose(VERB_ALGO, "could not generate prime check");
+ }
+ generate_a_aaaa_check(qstate, iq, id);
+@@ -3148,6 +3227,7 @@ static void
+ processTargetResponse(struct module_qstate* qstate, int id,
+ struct module_qstate* forq)
+ {
++ struct iter_env* ie = (struct iter_env*)qstate->env->modinfo[id];
+ struct iter_qstate* iq = (struct iter_qstate*)qstate->minfo[id];
+ struct iter_qstate* foriq = (struct iter_qstate*)forq->minfo[id];
+ struct ub_packed_rrset_key* rrset;
+@@ -3185,7 +3265,7 @@ processTargetResponse(struct module_qstate* qstate, int id,
+ log_rrset_key(VERB_ALGO, "add parentside glue to dp",
+ iq->pside_glue);
+ if(!delegpt_add_rrset(foriq->dp, forq->region,
+- iq->pside_glue, 1))
++ iq->pside_glue, 1, NULL))
+ log_err("out of memory adding pside glue");
+ }
+
+@@ -3196,6 +3276,7 @@ processTargetResponse(struct module_qstate* qstate, int id,
+ * response type was ANSWER. */
+ rrset = reply_find_answer_rrset(&iq->qchase, qstate->return_msg->rep);
+ if(rrset) {
++ int additions = 0;
+ /* if CNAMEs have been followed - add new NS to delegpt. */
+ /* BTW. RFC 1918 says NS should not have got CNAMEs. Robust. */
+ if(!delegpt_find_ns(foriq->dp, rrset->rk.dname,
+@@ -3207,13 +3288,23 @@ processTargetResponse(struct module_qstate* qstate, int id,
+ }
+ /* if dpns->lame then set the address(es) lame too */
+ if(!delegpt_add_rrset(foriq->dp, forq->region, rrset,
+- dpns->lame))
++ dpns->lame, &additions))
+ log_err("out of memory adding targets");
++ if(!additions) {
++ /* no new addresses, increase the nxns counter, like
++ * this could be a list of wildcards with no new
++ * addresses */
++ target_count_increase_nx(foriq, 1);
++ }
+ verbose(VERB_ALGO, "added target response");
+ delegpt_log(VERB_ALGO, foriq->dp);
+ } else {
+ verbose(VERB_ALGO, "iterator TargetResponse failed");
++ delegpt_mark_neg(dpns, qstate->qinfo.qtype);
+ dpns->resolved = 1; /* fail the target */
++ if((dpns->got4 == 2 || !ie->supports_ipv4) &&
++ (dpns->got6 == 2 || !ie->supports_ipv6))
++ target_count_increase_nx(foriq, 1);
+ }
+ }
+
+@@ -3387,7 +3478,7 @@ processCollectClass(struct module_qstate* qstate, int id)
+ qstate->qinfo.qname_len, qstate->qinfo.qtype,
+ c, qstate, id, iq, INIT_REQUEST_STATE,
+ FINISHED_STATE, &subq,
+- (int)!(qstate->query_flags&BIT_CD))) {
++ (int)!(qstate->query_flags&BIT_CD), 0)) {
+ errinf(qstate, "could not generate class ANY"
+ " lookup query");
+ return error_response(qstate, id,
+diff --git a/iterator/iterator.h b/iterator/iterator.h
+index a2f1b57..53dcab3 100644
+--- a/iterator/iterator.h
++++ b/iterator/iterator.h
+@@ -55,6 +55,11 @@ struct rbtree_type;
+
+ /** max number of targets spawned for a query and its subqueries */
+ #define MAX_TARGET_COUNT 64
++/** max number of target lookups per qstate, per delegation point */
++#define MAX_DP_TARGET_COUNT 16
++/** max number of nxdomains allowed for target lookups for a query and
++ * its subqueries */
++#define MAX_TARGET_NX 5
+ /** max number of query restarts. Determines max number of CNAME chain. */
+ #define MAX_RESTART_COUNT 8
+ /** max number of referrals. Makes sure resolver does not run away */
+@@ -305,9 +310,14 @@ struct iter_qstate {
+ int sent_count;
+
+ /** number of target queries spawned in [1], for this query and its
+- * subqueries, the malloced-array is shared, [0] refcount. */
++ * subqueries, the malloced-array is shared, [0] refcount.
++ * in [2] the number of nxdomains is counted. */
+ int* target_count;
+
++ /** number of target lookups per delegation point. Reset to 0 after
++ * receiving referral answer. Not shared with subqueries. */
++ int dp_target_count;
++
+ /** if true, already tested for ratelimiting and passed the test */
+ int ratelimit_ok;
+
+diff --git a/services/cache/dns.c b/services/cache/dns.c
+index aa4efec..affe837 100644
+--- a/services/cache/dns.c
++++ b/services/cache/dns.c
+@@ -272,7 +272,7 @@ find_add_addrs(struct module_env* env, uint16_t qclass,
+ akey = rrset_cache_lookup(env->rrset_cache, ns->name,
+ ns->namelen, LDNS_RR_TYPE_A, qclass, 0, now, 0);
+ if(akey) {
+- if(!delegpt_add_rrset_A(dp, region, akey, 0)) {
++ if(!delegpt_add_rrset_A(dp, region, akey, 0, NULL)) {
+ lock_rw_unlock(&akey->entry.lock);
+ return 0;
+ }
+@@ -292,7 +292,7 @@ find_add_addrs(struct module_env* env, uint16_t qclass,
+ akey = rrset_cache_lookup(env->rrset_cache, ns->name,
+ ns->namelen, LDNS_RR_TYPE_AAAA, qclass, 0, now, 0);
+ if(akey) {
+- if(!delegpt_add_rrset_AAAA(dp, region, akey, 0)) {
++ if(!delegpt_add_rrset_AAAA(dp, region, akey, 0, NULL)) {
+ lock_rw_unlock(&akey->entry.lock);
+ return 0;
+ }
+@@ -326,7 +326,8 @@ cache_fill_missing(struct module_env* env, uint16_t qclass,
+ akey = rrset_cache_lookup(env->rrset_cache, ns->name,
+ ns->namelen, LDNS_RR_TYPE_A, qclass, 0, now, 0);
+ if(akey) {
+- if(!delegpt_add_rrset_A(dp, region, akey, ns->lame)) {
++ if(!delegpt_add_rrset_A(dp, region, akey, ns->lame,
++ NULL)) {
+ lock_rw_unlock(&akey->entry.lock);
+ return 0;
+ }
+@@ -346,7 +347,8 @@ cache_fill_missing(struct module_env* env, uint16_t qclass,
+ akey = rrset_cache_lookup(env->rrset_cache, ns->name,
+ ns->namelen, LDNS_RR_TYPE_AAAA, qclass, 0, now, 0);
+ if(akey) {
+- if(!delegpt_add_rrset_AAAA(dp, region, akey, ns->lame)) {
++ if(!delegpt_add_rrset_AAAA(dp, region, akey, ns->lame,
++ NULL)) {
+ lock_rw_unlock(&akey->entry.lock);
+ return 0;
+ }
+diff --git a/util/data/dname.c b/util/data/dname.c
+index 9f25e1e..27ff07d 100644
+--- a/util/data/dname.c
++++ b/util/data/dname.c
+@@ -233,17 +233,28 @@ int
+ dname_pkt_compare(sldns_buffer* pkt, uint8_t* d1, uint8_t* d2)
+ {
+ uint8_t len1, len2;
++ int count1 = 0, count2 = 0;
+ log_assert(pkt && d1 && d2);
+ len1 = *d1++;
+ len2 = *d2++;
+ while( len1 != 0 || len2 != 0 ) {
+ /* resolve ptrs */
+ if(LABEL_IS_PTR(len1)) {
++ if((size_t)PTR_OFFSET(len1, *d1)
++ >= sldns_buffer_limit(pkt))
++ return -1;
++ if(count1++ > MAX_COMPRESS_PTRS)
++ return -1;
+ d1 = sldns_buffer_at(pkt, PTR_OFFSET(len1, *d1));
+ len1 = *d1++;
+ continue;
+ }
+ if(LABEL_IS_PTR(len2)) {
++ if((size_t)PTR_OFFSET(len2, *d2)
++ >= sldns_buffer_limit(pkt))
++ return 1;
++ if(count2++ > MAX_COMPRESS_PTRS)
++ return 1;
+ d2 = sldns_buffer_at(pkt, PTR_OFFSET(len2, *d2));
+ len2 = *d2++;
+ continue;
+@@ -302,12 +313,18 @@ dname_pkt_hash(sldns_buffer* pkt, uint8_t* dname, hashvalue_type h)
+ uint8_t labuf[LDNS_MAX_LABELLEN+1];
+ uint8_t lablen;
+ int i;
++ int count = 0;
+
+ /* preserve case of query, make hash label by label */
+ lablen = *dname++;
+ while(lablen) {
+ if(LABEL_IS_PTR(lablen)) {
+ /* follow pointer */
++ if((size_t)PTR_OFFSET(lablen, *dname)
++ >= sldns_buffer_limit(pkt))
++ return h;
++ if(count++ > MAX_COMPRESS_PTRS)
++ return h;
+ dname = sldns_buffer_at(pkt, PTR_OFFSET(lablen, *dname));
+ lablen = *dname++;
+ continue;
+@@ -341,6 +358,9 @@ void dname_pkt_copy(sldns_buffer* pkt, uint8_t* to, uint8_t* dname)
+ return;
+ }
+ /* follow pointer */
++ if((size_t)PTR_OFFSET(lablen, *dname)
++ >= sldns_buffer_limit(pkt))
++ return;
+ dname = sldns_buffer_at(pkt, PTR_OFFSET(lablen, *dname));
+ lablen = *dname++;
+ continue;
+@@ -369,6 +389,7 @@ void dname_pkt_copy(sldns_buffer* pkt, uint8_t* to, uint8_t* dname)
+ void dname_print(FILE* out, struct sldns_buffer* pkt, uint8_t* dname)
+ {
+ uint8_t lablen;
++ int count = 0;
+ if(!out) out = stdout;
+ if(!dname) return;
+
+@@ -382,6 +403,15 @@ void dname_print(FILE* out, struct sldns_buffer* pkt, uint8_t* dname)
+ fputs("??compressionptr??", out);
+ return;
+ }
++ if((size_t)PTR_OFFSET(lablen, *dname)
++ >= sldns_buffer_limit(pkt)) {
++ fputs("??compressionptr??", out);
++ return;
++ }
++ if(count++ > MAX_COMPRESS_PTRS) {
++ fputs("??compressionptr??", out);
++ return;
++ }
+ dname = sldns_buffer_at(pkt, PTR_OFFSET(lablen, *dname));
+ lablen = *dname++;
+ continue;
+diff --git a/util/data/msgparse.c b/util/data/msgparse.c
+index fb31237..7c32618 100644
+--- a/util/data/msgparse.c
++++ b/util/data/msgparse.c
+@@ -55,7 +55,11 @@ smart_compare(sldns_buffer* pkt, uint8_t* dnow,
+ {
+ if(LABEL_IS_PTR(*dnow)) {
+ /* ptr points to a previous dname */
+- uint8_t* p = sldns_buffer_at(pkt, PTR_OFFSET(dnow[0], dnow[1]));
++ uint8_t* p;
++ if((size_t)PTR_OFFSET(dnow[0], dnow[1])
++ >= sldns_buffer_limit(pkt))
++ return -1;
++ p = sldns_buffer_at(pkt, PTR_OFFSET(dnow[0], dnow[1]));
+ if( p == dprfirst || p == dprlast )
+ return 0;
+ /* prev dname is also a ptr, both ptrs are the same. */
+
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD
index 7810d9eccb..37f62af559 100644
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: William Pitcock <nenolod@dereferenced.org>
pkgname=xen
pkgver=4.11.3
-pkgrel=1
+pkgrel=2
pkgdesc="Xen hypervisor"
url="https://www.xenproject.org/"
arch="x86_64 armhf aarch64" # enable armv7 when builds with gcc8
@@ -12,7 +12,7 @@ depends="bash iproute2 logrotate"
depends_dev="openssl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev
dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev
spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev
- e2fsprogs-dev linux-headers argp-standalone perl-dev flex bison"
+ linux-headers argp-standalone perl-dev flex bison"
makedepends="$depends_dev autoconf automake libtool dnsmasq"
options="!strip"
@@ -145,18 +145,17 @@ options="!strip"
# - CVE-2018-12130 XSA-297
# - CVE-2019-11091 XSA-297
# 4.11.2-r0:
-# - CVE-????-????? XSA-284
-# - CVE-????-????? XSA-285
-# - CVE-????-????? XSA-286
-# - CVE-????-????? XSA-287
-# - CVE-????-????? XSA-288
-# - CVE-????-????? XSA-290
-# - CVE-????-????? XSA-291
-# - CVE-????-????? XSA-292
-# - CVE-????-????? XSA-293
-# - CVE-????-????? XSA-294
-# - CVE-????-????? XSA-295
-# - CVE-????-????? XSA-296
+# - CVE-2019-17340 XSA-284
+# - CVE-2019-17341 XSA-285
+# - CVE-2017-17342 XSA-287
+# - CVE-2019-17343 XSA-288
+# - CVE-2017-17344 XSA-290
+# - CVE-2019-17345 XSA-291
+# - CVE-2019-17346 XSA-292
+# - CVE-2019-17347 XSA-293
+# - CVE-2019-17348 XSA-294
+# - CVE-2019-17349 CVE-2019-17350 XSA-295
+# - CVE-2019-18420 XSA-296
# 4.11.2-r1:
# - CVE-2019-18425 XSA-298
# - CVE-2019-18421 XSA-299
@@ -174,6 +173,11 @@ options="!strip"
# - CVE-2019-19578 XSA-309
# - CVE-2019-19580 XSA-310
# - CVE-2019-19577 XSA-311
+# 4.11.3-r2:
+# - CVE-2020-11740 CVE-2020-11741 XSA-313
+# - CVE-2020-11739 XSA-314
+# - CVE-2020-11743 XSA-316
+# - CVE-2020-11742 XSA-318
case "$CARCH" in
x86*)
@@ -248,6 +252,11 @@ source="https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgv
xsa310-0002-x86-mm-alloc-free_lN_table-Retain-partial_flags-on-E.patch
xsa310-0003-x86-mm-relinquish_memory-Grab-an-extra-type-ref-when.patch
xsa311-4.11.patch
+ xsa313-1.patch
+ xsa313-2.patch
+ xsa314-4.13.patch
+ xsa316-xen.patch
+ xsa318.patch
xenstored.initd
xenstored.confd
@@ -481,7 +490,6 @@ EOF
EOF
}
-
sha512sums="2204e490e9fc357a05983a9bf4e7345e1d364fe00400ce473988dcb9ca7d4e2b921fe10f095cbbc64248130a92d22c6f0d154dcae250a57a7f915df32e3dc436 xen-4.11.3.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz
@@ -512,6 +520,11 @@ ad6468c55c13a259b8baa15f251a77ae5ff0524434201caeb1780ca58e637a9e4be398f264c01091
6e713158f693c1d38f1044e1e9adea3d9338c47e9c2fec10b95a04a36cbc7c8e2841d593cb6e39b44976b6c29b7eec9919dec738e5fddaedddaaeade220185d8 xsa310-0002-x86-mm-alloc-free_lN_table-Retain-partial_flags-on-E.patch
bef47261b61f2f9f10d649c8de1ad076517ac5ecea5f26a3a61ded91ced3f274ddeb8a41592edfe7dfd5439b010b647f6c15afeb7cd2b8c6065cd2281413b614 xsa310-0003-x86-mm-relinquish_memory-Grab-an-extra-type-ref-when.patch
6e786287e21cd8f7371b75b05067428656cc5985ef98902fab577b9dff3a187d130675063db127a9c2210c935b2eb1f6288d784d595c9bdee30f0c904a81afb4 xsa311-4.11.patch
+a5443da59c75a786ecd0c5ad5df4c84de8b0f7ac92bc11d840d1fb4c2c33653f7e883640c2081ba594fb1ca92a61f5c970b821a5f2d37c6e666bc2e7da6c8e8f xsa313-1.patch
+afc34c39e14b3b3d7bcd5b9bb7d2e6eaeb52fdc8733845cafd0b200c764ebd5a79f540cd818143f99bf084d1a33e50ad1614e5e98af6582412975bd73a5c48dd xsa313-2.patch
+6e319c3856ed4a4d96705a258c2654c89a7d645d8b16c03dd257c57d320ee220ffa675eeef615c5bbcf4d5d25b66ceb8b77f57df59da757a3a554a316db074b6 xsa314-4.13.patch
+cd6ac97375742bacd55f51062849ba5dcef6026f673d3fb6ab73723befbf52570ea08765af44d636df65b7c16a9dce2fe6c9b6c47b671872ffb83c8121a181df xsa316-xen.patch
+66e178a859844a3839333b19934ede5db1d83d8b84bfcce70c51a46077287811a92a8ad2ad60663a88162112d65a867815605202a2c9ca44ba32251b42f0ca23 xsa318.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd
diff --git a/main/xen/xsa313-1.patch b/main/xen/xsa313-1.patch
new file mode 100644
index 0000000000..95fde7ead4
--- /dev/null
+++ b/main/xen/xsa313-1.patch
@@ -0,0 +1,26 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: xenoprof: clear buffer intended to be shared with guests
+
+alloc_xenheap_pages() making use of MEMF_no_scrub is fine for Xen
+internally used allocations, but buffers allocated to be shared with
+(unpriviliged) guests need to be zapped of their prior content.
+
+This is part of XSA-313.
+
+Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Wei Liu <wl@xen.org>
+
+--- a/xen/common/xenoprof.c
++++ b/xen/common/xenoprof.c
+@@ -253,6 +253,9 @@ static int alloc_xenoprof_struct(
+ return -ENOMEM;
+ }
+
++ for ( i = 0; i < npages; ++i )
++ clear_page(d->xenoprof->rawbuf + i * PAGE_SIZE);
++
+ d->xenoprof->npages = npages;
+ d->xenoprof->nbuf = nvcpu;
+ d->xenoprof->bufsize = bufsize;
diff --git a/main/xen/xsa313-2.patch b/main/xen/xsa313-2.patch
new file mode 100644
index 0000000000..d81b8232d2
--- /dev/null
+++ b/main/xen/xsa313-2.patch
@@ -0,0 +1,132 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: xenoprof: limit consumption of shared buffer data
+
+Since a shared buffer can be written to by the guest, we may only read
+the head and tail pointers from there (all other fields should only ever
+be written to). Furthermore, for any particular operation the two values
+must be read exactly once, with both checks and consumption happening
+with the thus read values. (The backtrace related xenoprof_buf_space()
+use in xenoprof_log_event() is an exception: The values used there get
+re-checked by every subsequent xenoprof_add_sample().)
+
+Since that code needed touching, also fix the double increment of the
+lost samples count in case the backtrace related xenoprof_add_sample()
+invocation in xenoprof_log_event() fails.
+
+Where code is being touched anyway, add const as appropriate, but take
+the opportunity to entirely drop the now unused domain parameter of
+xenoprof_buf_space().
+
+This is part of XSA-313.
+
+Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: George Dunlap <george.dunlap@citrix.com>
+Reviewed-by: Wei Liu <wl@xen.org>
+
+--- a/xen/common/xenoprof.c
++++ b/xen/common/xenoprof.c
+@@ -479,25 +479,22 @@ static int add_passive_list(XEN_GUEST_HA
+
+
+ /* Get space in the buffer */
+-static int xenoprof_buf_space(struct domain *d, xenoprof_buf_t * buf, int size)
++static int xenoprof_buf_space(int head, int tail, int size)
+ {
+- int head, tail;
+-
+- head = xenoprof_buf(d, buf, event_head);
+- tail = xenoprof_buf(d, buf, event_tail);
+-
+ return ((tail > head) ? 0 : size) + tail - head - 1;
+ }
+
+ /* Check for space and add a sample. Return 1 if successful, 0 otherwise. */
+-static int xenoprof_add_sample(struct domain *d, xenoprof_buf_t *buf,
++static int xenoprof_add_sample(const struct domain *d,
++ const struct xenoprof_vcpu *v,
+ uint64_t eip, int mode, int event)
+ {
++ xenoprof_buf_t *buf = v->buffer;
+ int head, tail, size;
+
+ head = xenoprof_buf(d, buf, event_head);
+ tail = xenoprof_buf(d, buf, event_tail);
+- size = xenoprof_buf(d, buf, event_size);
++ size = v->event_size;
+
+ /* make sure indexes in shared buffer are sane */
+ if ( (head < 0) || (head >= size) || (tail < 0) || (tail >= size) )
+@@ -506,7 +503,7 @@ static int xenoprof_add_sample(struct do
+ return 0;
+ }
+
+- if ( xenoprof_buf_space(d, buf, size) > 0 )
++ if ( xenoprof_buf_space(head, tail, size) > 0 )
+ {
+ xenoprof_buf(d, buf, event_log[head].eip) = eip;
+ xenoprof_buf(d, buf, event_log[head].mode) = mode;
+@@ -530,7 +527,6 @@ static int xenoprof_add_sample(struct do
+ int xenoprof_add_trace(struct vcpu *vcpu, uint64_t pc, int mode)
+ {
+ struct domain *d = vcpu->domain;
+- xenoprof_buf_t *buf = d->xenoprof->vcpu[vcpu->vcpu_id].buffer;
+
+ /* Do not accidentally write an escape code due to a broken frame. */
+ if ( pc == XENOPROF_ESCAPE_CODE )
+@@ -539,7 +535,8 @@ int xenoprof_add_trace(struct vcpu *vcpu
+ return 0;
+ }
+
+- return xenoprof_add_sample(d, buf, pc, mode, 0);
++ return xenoprof_add_sample(d, &d->xenoprof->vcpu[vcpu->vcpu_id],
++ pc, mode, 0);
+ }
+
+ void xenoprof_log_event(struct vcpu *vcpu, const struct cpu_user_regs *regs,
+@@ -570,17 +567,22 @@ void xenoprof_log_event(struct vcpu *vcp
+ /* Provide backtrace if requested. */
+ if ( backtrace_depth > 0 )
+ {
+- if ( (xenoprof_buf_space(d, buf, v->event_size) < 2) ||
+- !xenoprof_add_sample(d, buf, XENOPROF_ESCAPE_CODE, mode,
+- XENOPROF_TRACE_BEGIN) )
++ if ( xenoprof_buf_space(xenoprof_buf(d, buf, event_head),
++ xenoprof_buf(d, buf, event_tail),
++ v->event_size) < 2 )
+ {
+ xenoprof_buf(d, buf, lost_samples)++;
+ lost_samples++;
+ return;
+ }
++
++ /* xenoprof_add_sample() will increment lost_samples on failure */
++ if ( !xenoprof_add_sample(d, v, XENOPROF_ESCAPE_CODE, mode,
++ XENOPROF_TRACE_BEGIN) )
++ return;
+ }
+
+- if ( xenoprof_add_sample(d, buf, pc, mode, event) )
++ if ( xenoprof_add_sample(d, v, pc, mode, event) )
+ {
+ if ( is_active(vcpu->domain) )
+ active_samples++;
+--- a/xen/include/xen/xenoprof.h
++++ b/xen/include/xen/xenoprof.h
+@@ -61,12 +61,12 @@ struct xenoprof {
+
+ #ifndef CONFIG_COMPAT
+ #define XENOPROF_COMPAT(x) 0
+-#define xenoprof_buf(d, b, field) ((b)->field)
++#define xenoprof_buf(d, b, field) ACCESS_ONCE((b)->field)
+ #else
+ #define XENOPROF_COMPAT(x) ((x)->is_compat)
+-#define xenoprof_buf(d, b, field) (*(!(d)->xenoprof->is_compat ? \
+- &(b)->native.field : \
+- &(b)->compat.field))
++#define xenoprof_buf(d, b, field) ACCESS_ONCE(*(!(d)->xenoprof->is_compat \
++ ? &(b)->native.field \
++ : &(b)->compat.field))
+ #endif
+
+ struct domain;
diff --git a/main/xen/xsa314-4.13.patch b/main/xen/xsa314-4.13.patch
new file mode 100644
index 0000000000..67e006681e
--- /dev/null
+++ b/main/xen/xsa314-4.13.patch
@@ -0,0 +1,121 @@
+From ab49f005f7d01d4004d76f2e295d31aca7d4f93a Mon Sep 17 00:00:00 2001
+From: Julien Grall <jgrall@amazon.com>
+Date: Thu, 20 Feb 2020 20:54:40 +0000
+Subject: [PATCH] xen/rwlock: Add missing memory barrier in the unlock path of
+ rwlock
+
+The rwlock unlock paths are using atomic_sub() to release the lock.
+However the implementation of atomic_sub() rightfully doesn't contain a
+memory barrier. On Arm, this means a processor is allowed to re-order
+the memory access with the preceeding access.
+
+In other words, the unlock may be seen by another processor before all
+the memory accesses within the "critical" section.
+
+The rwlock paths already contains barrier indirectly, but they are not
+very useful without the counterpart in the unlock paths.
+
+The memory barriers are not necessary on x86 because loads/stores are
+not re-ordered with lock instructions.
+
+So add arch_lock_release_barrier() in the unlock paths that will only
+add memory barrier on Arm.
+
+Take the opportunity to document each lock paths explaining why a
+barrier is not necessary.
+
+This is XSA-314.
+
+Signed-off-by: Julien Grall <jgrall@amazon.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
+
+---
+ xen/include/xen/rwlock.h | 29 ++++++++++++++++++++++++++++-
+ 1 file changed, 28 insertions(+), 1 deletion(-)
+
+diff --git a/xen/include/xen/rwlock.h b/xen/include/xen/rwlock.h
+index 3dfea1ac2a..516486306f 100644
+--- a/xen/include/xen/rwlock.h
++++ b/xen/include/xen/rwlock.h
+@@ -48,6 +48,10 @@ static inline int _read_trylock(rwlock_t *lock)
+ if ( likely(!(cnts & _QW_WMASK)) )
+ {
+ cnts = (u32)atomic_add_return(_QR_BIAS, &lock->cnts);
++ /*
++ * atomic_add_return() is a full barrier so no need for an
++ * arch_lock_acquire_barrier().
++ */
+ if ( likely(!(cnts & _QW_WMASK)) )
+ return 1;
+ atomic_sub(_QR_BIAS, &lock->cnts);
+@@ -64,11 +68,19 @@ static inline void _read_lock(rwlock_t *lock)
+ u32 cnts;
+
+ cnts = atomic_add_return(_QR_BIAS, &lock->cnts);
++ /*
++ * atomic_add_return() is a full barrier so no need for an
++ * arch_lock_acquire_barrier().
++ */
+ if ( likely(!(cnts & _QW_WMASK)) )
+ return;
+
+ /* The slowpath will decrement the reader count, if necessary. */
+ queue_read_lock_slowpath(lock);
++ /*
++ * queue_read_lock_slowpath() is using spinlock and therefore is a
++ * full barrier. So no need for an arch_lock_acquire_barrier().
++ */
+ }
+
+ static inline void _read_lock_irq(rwlock_t *lock)
+@@ -92,6 +104,7 @@ static inline unsigned long _read_lock_irqsave(rwlock_t *lock)
+ */
+ static inline void _read_unlock(rwlock_t *lock)
+ {
++ arch_lock_release_barrier();
+ /*
+ * Atomically decrement the reader count
+ */
+@@ -121,11 +134,20 @@ static inline int _rw_is_locked(rwlock_t *lock)
+ */
+ static inline void _write_lock(rwlock_t *lock)
+ {
+- /* Optimize for the unfair lock case where the fair flag is 0. */
++ /*
++ * Optimize for the unfair lock case where the fair flag is 0.
++ *
++ * atomic_cmpxchg() is a full barrier so no need for an
++ * arch_lock_acquire_barrier().
++ */
+ if ( atomic_cmpxchg(&lock->cnts, 0, _QW_LOCKED) == 0 )
+ return;
+
+ queue_write_lock_slowpath(lock);
++ /*
++ * queue_write_lock_slowpath() is using spinlock and therefore is a
++ * full barrier. So no need for an arch_lock_acquire_barrier().
++ */
+ }
+
+ static inline void _write_lock_irq(rwlock_t *lock)
+@@ -157,11 +179,16 @@ static inline int _write_trylock(rwlock_t *lock)
+ if ( unlikely(cnts) )
+ return 0;
+
++ /*
++ * atomic_cmpxchg() is a full barrier so no need for an
++ * arch_lock_acquire_barrier().
++ */
+ return likely(atomic_cmpxchg(&lock->cnts, 0, _QW_LOCKED) == 0);
+ }
+
+ static inline void _write_unlock(rwlock_t *lock)
+ {
++ arch_lock_release_barrier();
+ /*
+ * If the writer field is atomic, it can be cleared directly.
+ * Otherwise, an atomic subtraction will be used to clear it.
+--
+2.17.1
+
diff --git a/main/xen/xsa316-xen.patch b/main/xen/xsa316-xen.patch
new file mode 100644
index 0000000000..4962b4e716
--- /dev/null
+++ b/main/xen/xsa316-xen.patch
@@ -0,0 +1,30 @@
+From: Ross Lagerwall <ross.lagerwall@citrix.com>
+Subject: xen/gnttab: Fix error path in map_grant_ref()
+
+Part of XSA-295 (c/s 863e74eb2cffb) inadvertently re-positioned the brackets,
+changing the logic. If the _set_status() call fails, the grant_map hypercall
+would fail with a status of 1 (rc != GNTST_okay) instead of the expected
+negative GNTST_* error.
+
+This error path can be taken due to bad guest state, and causes net/blk-back
+in Linux to crash.
+
+This is XSA-316.
+
+Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Julien Grall <jgrall@amazon.com>
+
+diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
+index 9fd6e60416..4b5344dc21 100644
+--- a/xen/common/grant_table.c
++++ b/xen/common/grant_table.c
+@@ -1031,7 +1031,7 @@ map_grant_ref(
+ {
+ if ( (rc = _set_status(shah, status, rd, rgt->gt_version, act,
+ op->flags & GNTMAP_readonly, 1,
+- ld->domain_id) != GNTST_okay) )
++ ld->domain_id)) != GNTST_okay )
+ goto act_release_out;
+
+ if ( !act->pin )
diff --git a/main/xen/xsa318.patch b/main/xen/xsa318.patch
new file mode 100644
index 0000000000..f4becdf81e
--- /dev/null
+++ b/main/xen/xsa318.patch
@@ -0,0 +1,39 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: gnttab: fix GNTTABOP_copy continuation handling
+
+The XSA-226 fix was flawed - the backwards transformation on rc was done
+too early, causing a continuation to not get invoked when the need for
+preemption was determined at the very first iteration of the request.
+This in particular means that all of the status fields of the individual
+operations would be left untouched, i.e. set to whatever the caller may
+or may not have initialized them to.
+
+This is part of XSA-318.
+
+Reported-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
+Tested-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Juergen Gross <jgross@suse.com>
+
+--- a/xen/common/grant_table.c
++++ b/xen/common/grant_table.c
+@@ -3576,8 +3576,7 @@ do_grant_table_op(
+ rc = gnttab_copy(copy, count);
+ if ( rc > 0 )
+ {
+- rc = count - rc;
+- guest_handle_add_offset(copy, rc);
++ guest_handle_add_offset(copy, count - rc);
+ uop = guest_handle_cast(copy, void);
+ }
+ break;
+@@ -3644,6 +3643,9 @@ do_grant_table_op(
+ out:
+ if ( rc > 0 || opaque_out != 0 )
+ {
++ /* Adjust rc, see gnttab_copy() for why this is needed. */
++ if ( cmd == GNTTABOP_copy )
++ rc = count - rc;
+ ASSERT(rc < count);
+ ASSERT((opaque_out & GNTTABOP_CMD_MASK) == 0);
+ rc = hypercall_create_continuation(__HYPERVISOR_grant_table_op, "ihi",
diff --git a/main/xtables-addons-vanilla/APKBUILD b/main/xtables-addons-vanilla/APKBUILD
index b4e06e3276..ec77c540fb 100644
--- a/main/xtables-addons-vanilla/APKBUILD
+++ b/main/xtables-addons-vanilla/APKBUILD
@@ -7,7 +7,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/main/zfs-vanilla/APKBUILD b/main/zfs-vanilla/APKBUILD
index c493f1f00c..0579950dd8 100644
--- a/main/zfs-vanilla/APKBUILD
+++ b/main/zfs-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/testing/ipt-netflow-vanilla/APKBUILD b/testing/ipt-netflow-vanilla/APKBUILD
index 6ee309b0d9..3bb5cb5c6e 100644
--- a/testing/ipt-netflow-vanilla/APKBUILD
+++ b/testing/ipt-netflow-vanilla/APKBUILD
@@ -7,7 +7,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
@@ -53,4 +53,4 @@ package() {
make -j1 minstall DEPMOD=: DESTDIR="$pkgdir"
}
-sha512sums="e5ba66da9cae6fb9652e5532383233d433dd30dd16634734860f7e6910e46080e562e2d72c74584a86ead31156cffd4c5c44b438f617a9e5b3e5fdc1470045fc ipt-netflow-vanilla-4.19.98.tar.gz"
+sha512sums="e5ba66da9cae6fb9652e5532383233d433dd30dd16634734860f7e6910e46080e562e2d72c74584a86ead31156cffd4c5c44b438f617a9e5b3e5fdc1470045fc ipt-netflow-vanilla-4.19.118.tar.gz"
diff --git a/testing/wireguard-vanilla/APKBUILD b/testing/wireguard-vanilla/APKBUILD
index 732babdc48..cddb687562 100644
--- a/testing/wireguard-vanilla/APKBUILD
+++ b/testing/wireguard-vanilla/APKBUILD
@@ -10,7 +10,7 @@ _toolsrel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/testing/wireguard-virt/APKBUILD b/testing/wireguard-virt/APKBUILD
index d1bf76c022..d37e5de8c5 100644
--- a/testing/wireguard-virt/APKBUILD
+++ b/testing/wireguard-virt/APKBUILD
@@ -10,7 +10,7 @@ _toolsrel=0
_flavor=${FLAVOR:-virt}
_kpkg=linux-$_flavor
-_kver=4.19.98
+_kver=4.19.118
_krel=0
_kpkgver="$_kver-r$_krel"