Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock
Severity: normal
X-Debbugs-CC: debian-boot@lists.debian.org
Please unblock package u-boot
This u-boot update fixes two minor CVEs with backported patches, one
for ext4 support and one with insufficiently random GPT partition
table generation.
It also is enables support for three additional platforms, which should
have little impact on existing platforms. Two of these additional
platforms have been enabled in debian-installer using u-boot binaries.
The already backported support for Teres-I platform was synced with
upstream, fixing USB support.
Support for the PocketBeagle was backported from upstream, which is
the largest part of the diff as it contains the device-tree for the
platform.
A small clarification was added to the u-boot-omap README to reduce
the risk of accidentally overwriting the partition table on the
am335x_beagleboneblack platform.
diff -Nru u-boot-2019.01+dfsg/debian/bin/u-boot-install-sunxi64 u-boot-2019.01+dfsg/debian/bin/u-boot-install-sunxi64
--- u-boot-2019.01+dfsg/debian/bin/u-boot-install-sunxi64 2019-04-19 15:21:52.000000000 -0700
+++ u-boot-2019.01+dfsg/debian/bin/u-boot-install-sunxi64 2019-05-13 18:03:24.000000000 -0700
@@ -6,9 +6,11 @@
case $(cat "${dtmodel}") in
Pinebook) TARGET="/usr/lib/u-boot/pinebook" ;;
Pine64+) TARGET="/usr/lib/u-boot/pine64_plus" ;;
+ "Pine64 LTS") TARGET="/usr/lib/u-boot/pine64-lts" ;;
"Olimex A64-Olinuxino") TARGET="/usr/lib/u-boot/a64-olinuxino/" ;;
"Olimex A64 Teres-I") TARGET="/usr/lib/u-boot/teres_i/" ;;
"OrangePi Zero Plus2") TARGET="/usr/lib/u-boot/orangepi_zero_plus2/" ;;
+ "FriendlyARM NanoPi NEO 2") TARGET="/usr/lib/u-boot/nanopi_neo2/" ;;
esac
fi
diff -Nru u-boot-2019.01+dfsg/debian/changelog u-boot-2019.01+dfsg/debian/changelog
--- u-boot-2019.01+dfsg/debian/changelog 2019-04-19 16:43:08.000000000 -0700
+++ u-boot-2019.01+dfsg/debian/changelog 2019-05-13 19:07:44.000000000 -0700
@@ -1,3 +1,32 @@
+u-boot (2019.01+dfsg-7) unstable; urgency=medium
+
+ [ Sunil Mohan Adapa ]
+ * Enable pine64-lts target in u-boot-sunxi (Closes: #928947).
+
+ [ Vagrant Cascadian ]
+ * u-boot-omap: Enable am335x_evm target.
+ * Add patches to enable PocketBeagle in am335x_evm target.
+ * u-boot-omap: Fix instructions for installing beaglebone black.
+
+ -- Vagrant Cascadian <vagrant@debian.org> Mon, 13 May 2019 19:07:44 -0700
+
+u-boot (2019.01+dfsg-6) unstable; urgency=medium
+
+ [ Domenico Andreoli ]
+ * Enable support for NanoPi NEO 2 in u-boot-sunxi (Closes: #928612).
+
+ [ Jonas Smedegaard ]
+ * Sync sunxi teres-i patch with mainline u-boot, enabling USB
+ support (Closes: #928815).
+
+ [ Vagrant Cascadian ]
+ * Apply patch from upstream fixing buffer overflow with ext4 filesystems
+ (CVE-2019-11059, Closes: #928800).
+ * Apply patch from upstream fixing randomly generated
+ UUIDs. (CVE-2019-11690, Closes: #928557).
+
+ -- Vagrant Cascadian <vagrant@debian.org> Sat, 11 May 2019 18:20:19 -0700
+
u-boot (2019.01+dfsg-5) unstable; urgency=medium
[ Jonas Smedegaard ]
diff -Nru u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0001-ti-Add-device-tree-for-am335x-pocketbeagle.patch u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0001-ti-Add-device-tree-for-am335x-pocketbeagle.patch
--- u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0001-ti-Add-device-tree-for-am335x-pocketbeagle.patch 1969-12-31 16:00:00.000000000 -0800
+++ u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0001-ti-Add-device-tree-for-am335x-pocketbeagle.patch 2019-05-13 18:47:19.000000000 -0700
@@ -0,0 +1,401 @@
+From 59a1df084f4a47e98d31cdc483a514575d8ff676 Mon Sep 17 00:00:00 2001
+From: Vagrant Cascadian <vagrant@debian.org>
+Date: Mon, 29 Apr 2019 16:12:29 -0700
+Subject: [PATCH 1/2] ti: Add device-tree for am335x-pocketbeagle.
+
+Add device-tree files from linux 5.1-rc7 needed to complete support
+for PocketBeagle.
+
+Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
+Reviewed-by: Tom Rini <trini@konsulko.com>
+---
+ arch/arm/dts/Makefile | 1 +
+ arch/arm/dts/am335x-osd335x-common.dtsi | 124 +++++++++++++
+ arch/arm/dts/am335x-pocketbeagle.dts | 237 ++++++++++++++++++++++++
+ 3 files changed, 362 insertions(+)
+ create mode 100644 arch/arm/dts/am335x-osd335x-common.dtsi
+ create mode 100644 arch/arm/dts/am335x-pocketbeagle.dts
+
+Index: u-boot/arch/arm/dts/Makefile
+===================================================================
+--- u-boot.orig/arch/arm/dts/Makefile
++++ u-boot/arch/arm/dts/Makefile
+@@ -190,6 +190,7 @@ dtb-$(CONFIG_AM33XX) += am335x-boneblack
+ am335x-evmsk.dtb \
+ am335x-bonegreen.dtb \
+ am335x-icev2.dtb \
++ am335x-pocketbeagle.dtb \
+ am335x-pxm50.dtb \
+ am335x-rut.dtb \
+ am335x-pdu001.dtb \
+Index: u-boot/arch/arm/dts/am335x-osd335x-common.dtsi
+===================================================================
+--- /dev/null
++++ u-boot/arch/arm/dts/am335x-osd335x-common.dtsi
+@@ -0,0 +1,124 @@
++// SPDX-License-Identifier: GPL-2.0
++/*
++ * Copyright (C) 2012 Texas Instruments Incorporated - http://www.ti.com/
++ *
++ * Author: Robert Nelson <robertcnelson@gmail.com>
++ */
++
++/ {
++ cpus {
++ cpu@0 {
++ cpu0-supply = <&dcdc2_reg>;
++ };
++ };
++
++ memory@80000000 {
++ device_type = "memory";
++ reg = <0x80000000 0x20000000>; /* 512 MB */
++ };
++};
++
++&cpu0_opp_table {
++ /*
++ * Octavo Systems:
++ * The EFUSE_SMA register is not programmed for any of the AM335x wafers
++ * we get and we are not programming them during our production test.
++ * Therefore, from a DEVICE_ID revision point of view, the silicon looks
++ * like it is Revision 2.1. However, from an EFUSE_SMA point of view for
++ * the HW OPP table, the silicon looks like it is Revision 1.0 (ie the
++ * EFUSE_SMA register reads as all zeros).
++ */
++ oppnitro-1000000000 {
++ opp-supported-hw = <0x06 0x0100>;
++ };
++};
++
++&am33xx_pinmux {
++ i2c0_pins: pinmux-i2c0-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x988, PIN_INPUT_PULLUP | MUX_MODE0) /* (C17) I2C0_SDA.I2C0_SDA */
++ AM33XX_IOPAD(0x98c, PIN_INPUT_PULLUP | MUX_MODE0) /* (C16) I2C0_SCL.I2C0_SCL */
++ >;
++ };
++};
++
++&i2c0 {
++ pinctrl-names = "default";
++ pinctrl-0 = <&i2c0_pins>;
++
++ status = "okay";
++ clock-frequency = <400000>;
++
++ tps: tps@24 {
++ reg = <0x24>;
++ };
++};
++
++/include/ "tps65217.dtsi"
++
++&tps {
++ interrupts = <7>; /* NMI */
++ interrupt-parent = <&intc>;
++
++ ti,pmic-shutdown-controller;
++
++ pwrbutton {
++ interrupts = <2>;
++ status = "okay";
++ };
++
++ regulators {
++ dcdc1_reg: regulator@0 {
++ regulator-name = "vdds_dpr";
++ regulator-always-on;
++ };
++
++ dcdc2_reg: regulator@1 {
++ /* VDD_MPU voltage limits 0.95V - 1.26V with +/-4% tolerance */
++ regulator-name = "vdd_mpu";
++ regulator-min-microvolt = <925000>;
++ regulator-max-microvolt = <1351500>;
++ regulator-boot-on;
++ regulator-always-on;
++ };
++
++ dcdc3_reg: regulator@2 {
++ /* VDD_CORE voltage limits 0.95V - 1.1V with +/-4% tolerance */
++ regulator-name = "vdd_core";
++ regulator-min-microvolt = <925000>;
++ regulator-max-microvolt = <1150000>;
++ regulator-boot-on;
++ regulator-always-on;
++ };
++
++ ldo1_reg: regulator@3 {
++ regulator-name = "vio,vrtc,vdds";
++ regulator-always-on;
++ };
++
++ ldo2_reg: regulator@4 {
++ regulator-name = "vdd_3v3aux";
++ regulator-always-on;
++ };
++
++ ldo3_reg: regulator@5 {
++ regulator-name = "vdd_1v8";
++ regulator-min-microvolt = <1800000>;
++ regulator-max-microvolt = <1800000>;
++ regulator-always-on;
++ };
++
++ ldo4_reg: regulator@6 {
++ regulator-name = "vdd_3v3a";
++ regulator-always-on;
++ };
++ };
++};
++
++&aes {
++ status = "okay";
++};
++
++&sham {
++ status = "okay";
++};
+Index: u-boot/arch/arm/dts/am335x-pocketbeagle.dts
+===================================================================
+--- /dev/null
++++ u-boot/arch/arm/dts/am335x-pocketbeagle.dts
+@@ -0,0 +1,237 @@
++// SPDX-License-Identifier: GPL-2.0
++/*
++ * Copyright (C) 2012 Texas Instruments Incorporated - http://www.ti.com/
++ *
++ * Author: Robert Nelson <robertcnelson@gmail.com>
++ */
++/dts-v1/;
++
++#include "am33xx.dtsi"
++#include "am335x-osd335x-common.dtsi"
++
++/ {
++ model = "TI AM335x PocketBeagle";
++ compatible = "ti,am335x-pocketbeagle", "ti,am335x-bone", "ti,am33xx";
++
++ chosen {
++ stdout-path = &uart0;
++ };
++
++ leds {
++ pinctrl-names = "default";
++ pinctrl-0 = <&usr_leds_pins>;
++
++ compatible = "gpio-leds";
++
++ usr0 {
++ label = "beaglebone:green:usr0";
++ gpios = <&gpio1 21 GPIO_ACTIVE_HIGH>;
++ linux,default-trigger = "heartbeat";
++ default-state = "off";
++ };
++
++ usr1 {
++ label = "beaglebone:green:usr1";
++ gpios = <&gpio1 22 GPIO_ACTIVE_HIGH>;
++ linux,default-trigger = "mmc0";
++ default-state = "off";
++ };
++
++ usr2 {
++ label = "beaglebone:green:usr2";
++ gpios = <&gpio1 23 GPIO_ACTIVE_HIGH>;
++ linux,default-trigger = "cpu0";
++ default-state = "off";
++ };
++
++ usr3 {
++ label = "beaglebone:green:usr3";
++ gpios = <&gpio1 24 GPIO_ACTIVE_HIGH>;
++ default-state = "off";
++ };
++ };
++
++ vmmcsd_fixed: fixedregulator0 {
++ compatible = "regulator-fixed";
++ regulator-name = "vmmcsd_fixed";
++ regulator-min-microvolt = <3300000>;
++ regulator-max-microvolt = <3300000>;
++ };
++};
++
++&am33xx_pinmux {
++ i2c2_pins: pinmux-i2c2-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x97c, PIN_INPUT_PULLUP | MUX_MODE3) /* (D17) uart1_rtsn.I2C2_SCL */
++ AM33XX_IOPAD(0x978, PIN_INPUT_PULLUP | MUX_MODE3) /* (D18) uart1_ctsn.I2C2_SDA */
++ >;
++ };
++
++ ehrpwm0_pins: pinmux-ehrpwm0-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x990, PIN_OUTPUT_PULLDOWN | MUX_MODE1) /* (A13) mcasp0_aclkx.ehrpwm0A */
++ >;
++ };
++
++ ehrpwm1_pins: pinmux-ehrpwm1-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x848, PIN_OUTPUT_PULLDOWN | MUX_MODE6) /* (U14) gpmc_a2.ehrpwm1A */
++ >;
++ };
++
++ mmc0_pins: pinmux-mmc0-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x960, PIN_INPUT | MUX_MODE7) /* (C15) spi0_cs1.gpio0[6] */
++ AM33XX_IOPAD(0x8fc, PIN_INPUT_PULLUP | MUX_MODE0) /* (G16) mmc0_dat0.mmc0_dat0 */
++ AM33XX_IOPAD(0x8f8, PIN_INPUT_PULLUP | MUX_MODE0) /* (G15) mmc0_dat1.mmc0_dat1 */
++ AM33XX_IOPAD(0x8f4, PIN_INPUT_PULLUP | MUX_MODE0) /* (F18) mmc0_dat2.mmc0_dat2 */
++ AM33XX_IOPAD(0x8f0, PIN_INPUT_PULLUP | MUX_MODE0) /* (F17) mmc0_dat3.mmc0_dat3 */
++ AM33XX_IOPAD(0x904, PIN_INPUT_PULLUP | MUX_MODE0) /* (G18) mmc0_cmd.mmc0_cmd */
++ AM33XX_IOPAD(0x900, PIN_INPUT_PULLUP | MUX_MODE0) /* (G17) mmc0_clk.mmc0_clk */
++ AM33XX_IOPAD(0x9a0, PIN_INPUT | MUX_MODE4) /* (B12) mcasp0_aclkr.mmc0_sdwp */
++ >;
++ };
++
++ spi0_pins: pinmux-spi0-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x950, PIN_INPUT_PULLUP | MUX_MODE0) /* (A17) spi0_sclk.spi0_sclk */
++ AM33XX_IOPAD(0x954, PIN_INPUT_PULLUP | MUX_MODE0) /* (B17) spi0_d0.spi0_d0 */
++ AM33XX_IOPAD(0x958, PIN_INPUT_PULLUP | MUX_MODE0) /* (B16) spi0_d1.spi0_d1 */
++ AM33XX_IOPAD(0x95c, PIN_INPUT_PULLUP | MUX_MODE0) /* (A16) spi0_cs0.spi0_cs0 */
++ >;
++ };
++
++ spi1_pins: pinmux-spi1-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x964, PIN_INPUT_PULLUP | MUX_MODE4) /* (C18) eCAP0_in_PWM0_out.spi1_sclk */
++ AM33XX_IOPAD(0x968, PIN_INPUT_PULLUP | MUX_MODE4) /* (E18) uart0_ctsn.spi1_d0 */
++ AM33XX_IOPAD(0x96c, PIN_INPUT_PULLUP | MUX_MODE4) /* (E17) uart0_rtsn.spi1_d1 */
++ AM33XX_IOPAD(0x9b0, PIN_INPUT_PULLUP | MUX_MODE4) /* (A15) xdma_event_intr0.spi1_cs1 */
++ >;
++ };
++
++ usr_leds_pins: pinmux-usr-leds-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x854, PIN_OUTPUT | MUX_MODE7) /* (V15) gpmc_a5.gpio1[21] - USR_LED_0 */
++ AM33XX_IOPAD(0x858, PIN_OUTPUT | MUX_MODE7) /* (U15) gpmc_a6.gpio1[22] - USR_LED_1 */
++ AM33XX_IOPAD(0x85c, PIN_OUTPUT | MUX_MODE7) /* (T15) gpmc_a7.gpio1[23] - USR_LED_2 */
++ AM33XX_IOPAD(0x860, PIN_OUTPUT | MUX_MODE7) /* (V16) gpmc_a8.gpio1[24] - USR_LED_3 */
++ >;
++ };
++
++ uart0_pins: pinmux-uart0-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x970, PIN_INPUT_PULLUP | MUX_MODE0) /* (E15) uart0_rxd.uart0_rxd */
++ AM33XX_IOPAD(0x974, PIN_OUTPUT_PULLDOWN | MUX_MODE0) /* (E16) uart0_txd.uart0_txd */
++ >;
++ };
++
++ uart4_pins: pinmux-uart4-pins {
++ pinctrl-single,pins = <
++ AM33XX_IOPAD(0x870, PIN_INPUT_PULLUP | MUX_MODE6) /* (T17) gpmc_wait0.uart4_rxd */
++ AM33XX_IOPAD(0x874, PIN_OUTPUT_PULLDOWN | MUX_MODE6) /* (U17) gpmc_wpn.uart4_txd */
++ >;
++ };
++};
++
++&epwmss0 {
++ status = "okay";
++};
++
++&ehrpwm0 {
++ status = "okay";
++ pinctrl-names = "default";
++ pinctrl-0 = <&ehrpwm0_pins>;
++};
++
++&epwmss1 {
++ status = "okay";
++};
++
++&ehrpwm1 {
++ status = "okay";
++ pinctrl-names = "default";
++ pinctrl-0 = <&ehrpwm1_pins>;
++};
++
++&i2c0 {
++ eeprom: eeprom@50 {
++ compatible = "atmel,24c256";
++ reg = <0x50>;
++ };
++};
++
++&i2c2 {
++ pinctrl-names = "default";
++ pinctrl-0 = <&i2c2_pins>;
++
++ status = "okay";
++ clock-frequency = <400000>;
++};
++
++&mmc1 {
++ status = "okay";
++ vmmc-supply = <&vmmcsd_fixed>;
++ bus-width = <4>;
++ pinctrl-names = "default";
++ pinctrl-0 = <&mmc0_pins>;
++ cd-gpios = <&gpio0 6 GPIO_ACTIVE_LOW>;
++};
++
++&rtc {
++ system-power-controller;
++};
++
++&tscadc {
++ status = "okay";
++ adc {
++ ti,adc-channels = <0 1 2 3 4 5 6 7>;
++ ti,chan-step-avg = <16 16 16 16 16 16 16 16>;
++ ti,chan-step-opendelay = <0x98 0x98 0x98 0x98 0x98 0x98 0x98 0x98>;
++ ti,chan-step-sampledelay = <0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0>;
++ };
++};
++
++&uart0 {
++ pinctrl-names = "default";
++ pinctrl-0 = <&uart0_pins>;
++
++ status = "okay";
++};
++
++&uart4 {
++ pinctrl-names = "default";
++ pinctrl-0 = <&uart4_pins>;
++
++ status = "okay";
++};
++
++&usb {
++ status = "okay";
++};
++
++&usb_ctrl_mod {
++ status = "okay";
++};
++
++&usb0_phy {
++ status = "okay";
++};
++
++&usb0 {
++ status = "okay";
++ dr_mode = "otg";
++};
++
++&usb1_phy {
++ status = "okay";
++};
++
++&usb1 {
++ status = "okay";
++ dr_mode = "host";
++};
++
++&cppi41dma {
++ status = "okay";
++};
diff -Nru u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0002-ti-Add-am335x-pocketbeagle-to-am335x_evm_defconfig.patch u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0002-ti-Add-am335x-pocketbeagle-to-am335x_evm_defconfig.patch
--- u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0002-ti-Add-am335x-pocketbeagle-to-am335x_evm_defconfig.patch 1969-12-31 16:00:00.000000000 -0800
+++ u-boot-2019.01+dfsg/debian/patches/pocketbeagle/0002-ti-Add-am335x-pocketbeagle-to-am335x_evm_defconfig.patch 2019-05-13 18:47:19.000000000 -0700
@@ -0,0 +1,26 @@
+From 88471ca344570cf3b31026174044bccb45689119 Mon Sep 17 00:00:00 2001
+From: Vagrant Cascadian <vagrant@debian.org>
+Date: Mon, 29 Apr 2019 16:12:30 -0700
+Subject: [PATCH 2/2] ti: Add am335x-pocketbeagle to am335x_evm_defconfig.
+
+Add am335x-pocketbeagle to CONFIG_OF_LIST in am335x_evm_defconfig.
+
+Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
+Reviewed-by: Tom Rini <trini@konsulko.com>
+---
+ configs/am335x_evm_defconfig | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: u-boot/configs/am335x_evm_defconfig
+===================================================================
+--- u-boot.orig/configs/am335x_evm_defconfig
++++ u-boot/configs/am335x_evm_defconfig
+@@ -24,7 +24,7 @@ CONFIG_MTDPARTS_DEFAULT="mtdparts=nand.0
+ # CONFIG_SPL_EFI_PARTITION is not set
+ CONFIG_OF_CONTROL=y
+ CONFIG_DEFAULT_DEVICE_TREE="am335x-evm"
+-CONFIG_OF_LIST="am335x-evm am335x-bone am335x-boneblack am335x-evmsk am335x-bonegreen am335x-icev2"
++CONFIG_OF_LIST="am335x-evm am335x-bone am335x-boneblack am335x-evmsk am335x-bonegreen am335x-icev2 am335x-pocketbeagle"
+ CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y
+ # CONFIG_BLK is not set
+ CONFIG_BOOTCOUNT_LIMIT=y
diff -Nru u-boot-2019.01+dfsg/debian/patches/series u-boot-2019.01+dfsg/debian/patches/series
--- u-boot-2019.01+dfsg/debian/patches/series 2019-04-19 15:21:52.000000000 -0700
+++ u-boot-2019.01+dfsg/debian/patches/series 2019-05-13 18:47:19.000000000 -0700
@@ -19,6 +19,8 @@
upstream/fs-ext4-Unmount-FS-in-do_fs_type.patch
upstream/0001-Fix-typo-missmatched-mismatched.patch
+upstream/Fix-ext4-block-group-descriptor-sizing.patch
+upstream/lib-uuid-Fix-unseeded-PRNG-on-RANDOM_UUID-y.patch
exynos/0001-arm-config-fix-default-console-only-to-specify-the-d.patch
exynos/0002-Fix-spelling-of-download.patch
@@ -29,3 +31,6 @@
sunxi/sun50i_i2c_init.patch
sunxi/teres-i.patch
+
+pocketbeagle/0001-ti-Add-device-tree-for-am335x-pocketbeagle.patch
+pocketbeagle/0002-ti-Add-am335x-pocketbeagle-to-am335x_evm_defconfig.patch
diff -Nru u-boot-2019.01+dfsg/debian/patches/sunxi/teres-i.patch u-boot-2019.01+dfsg/debian/patches/sunxi/teres-i.patch
--- u-boot-2019.01+dfsg/debian/patches/sunxi/teres-i.patch 2019-04-19 15:21:52.000000000 -0700
+++ u-boot-2019.01+dfsg/debian/patches/sunxi/teres-i.patch 2019-05-13 18:03:24.000000000 -0700
@@ -1,10 +1,15 @@
Description: add support for Olimex Teres-I
* sun50i-a64-teres-i.dts is copied verbatim from Linux 5.0.
* other files are adapted from pinebook files.
+ .
+ Internal keyboard is known broken
+ (seems to be because the keyboard firmware loads a bootloader first,
+ and then disconnects bootloader and connect real keyboard).
+ External ones connected to the USB port work fine.
Author: Vasily Khoruzhick <anarsoul@gmail.com>
Tested-by: Jonas Smedegaard <dr@jones.dk>
-Origin: https://freenode.irclog.whitequark.org/linux-sunxi/2019-04-13#24411386
-Last-Update: 2019-04-14
+Origin: https://git.denx.de/?p=u-boot.git;a=commit;h=997b857
+Last-Update: 2019-05-11
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/arch/arm/dts/Makefile
@@ -294,7 +299,7 @@
+};
--- /dev/null
+++ b/configs/teres_i_defconfig
-@@ -0,0 +1,21 @@
+@@ -0,0 +1,22 @@
+CONFIG_ARM=y
+CONFIG_ARCH_SUNXI=y
+CONFIG_SPL=y
@@ -302,6 +307,7 @@
+CONFIG_DRAM_CLK=552
+CONFIG_DRAM_ZQ=3881949
+CONFIG_MMC_SUNXI_SLOT_EXTRA=2
++CONFIG_USB1_VBUS_PIN="PL7"
+CONFIG_I2C0_ENABLE=y
+# CONFIG_CMD_FLASH is not set
+# CONFIG_SPL_DOS_PARTITION is not set
diff -Nru u-boot-2019.01+dfsg/debian/patches/upstream/Fix-ext4-block-group-descriptor-sizing.patch u-boot-2019.01+dfsg/debian/patches/upstream/Fix-ext4-block-group-descriptor-sizing.patch
--- u-boot-2019.01+dfsg/debian/patches/upstream/Fix-ext4-block-group-descriptor-sizing.patch 1969-12-31 16:00:00.000000000 -0800
+++ u-boot-2019.01+dfsg/debian/patches/upstream/Fix-ext4-block-group-descriptor-sizing.patch 2019-05-13 18:47:19.000000000 -0700
@@ -0,0 +1,64 @@
+Origin: https://git.denx.de/?p=u-boot.git;a=commit;h=febbc583319b567fe3d83e521cc2ace9be8d1501
+Applied-Upstream: v2019.07-rc1
+Debian-Bug: https://bugs.debian.org/928800
+From: Benjamin Lim <jarsp.ctf@gmail.com>
+Date: Fri, 29 Mar 2019 07:29:45 -0400
+Subject: [PATCH] Fix ext4 block group descriptor sizing
+
+Ext4 allows for arbitrarily sized block group descriptors when 64-bit
+addressing is enabled, which was previously not properly supported. This
+patch dynamically allocates a chunk of memory of the correct size.
+
+Signed-off-by: Benjamin Lim <jarsp.ctf@gmail.com>
+---
+ fs/ext4/ext4_common.c | 19 +++++++++++++++----
+ 1 file changed, 15 insertions(+), 4 deletions(-)
+
+diff --git a/fs/ext4/ext4_common.c b/fs/ext4/ext4_common.c
+index feffbfa9a9..464c33d0d7 100644
+--- a/fs/ext4/ext4_common.c
++++ b/fs/ext4/ext4_common.c
+@@ -1587,7 +1587,7 @@ static int ext4fs_blockgroup
+
+ int ext4fs_read_inode(struct ext2_data *data, int ino, struct ext2_inode *inode)
+ {
+- struct ext2_block_group blkgrp;
++ struct ext2_block_group *blkgrp;
+ struct ext2_sblock *sblock = &data->sblock;
+ struct ext_filesystem *fs = get_fs();
+ int log2blksz = get_fs()->dev_desc->log2blksz;
+@@ -1595,17 +1595,28 @@ int ext4fs_read_inode(struct ext2_data *data, int ino, struct ext2_inode *inode)
+ long int blkno;
+ unsigned int blkoff;
+
++ /* Allocate blkgrp based on gdsize (for 64-bit support). */
++ blkgrp = zalloc(get_fs()->gdsize);
++ if (!blkgrp)
++ return 0;
++
+ /* It is easier to calculate if the first inode is 0. */
+ ino--;
+ status = ext4fs_blockgroup(data, ino / le32_to_cpu
+- (sblock->inodes_per_group), &blkgrp);
+- if (status == 0)
++ (sblock->inodes_per_group), blkgrp);
++ if (status == 0) {
++ free(blkgrp);
+ return 0;
++ }
+
+ inodes_per_block = EXT2_BLOCK_SIZE(data) / fs->inodesz;
+- blkno = ext4fs_bg_get_inode_table_id(&blkgrp, fs) +
++ blkno = ext4fs_bg_get_inode_table_id(blkgrp, fs) +
+ (ino % le32_to_cpu(sblock->inodes_per_group)) / inodes_per_block;
+ blkoff = (ino % inodes_per_block) * fs->inodesz;
++
++ /* Free blkgrp as it is no longer required. */
++ free(blkgrp);
++
+ /* Read the inode. */
+ status = ext4fs_devread((lbaint_t)blkno << (LOG2_BLOCK_SIZE(data) -
+ log2blksz), blkoff,
+--
+2.20.1
+
diff -Nru u-boot-2019.01+dfsg/debian/patches/upstream/lib-uuid-Fix-unseeded-PRNG-on-RANDOM_UUID-y.patch u-boot-2019.01+dfsg/debian/patches/upstream/lib-uuid-Fix-unseeded-PRNG-on-RANDOM_UUID-y.patch
--- u-boot-2019.01+dfsg/debian/patches/upstream/lib-uuid-Fix-unseeded-PRNG-on-RANDOM_UUID-y.patch 1969-12-31 16:00:00.000000000 -0800
+++ u-boot-2019.01+dfsg/debian/patches/upstream/lib-uuid-Fix-unseeded-PRNG-on-RANDOM_UUID-y.patch 2019-05-13 18:03:24.000000000 -0700
@@ -0,0 +1,97 @@
+Origin: https://git.denx.de/?p=u-boot.git;a=commit;h=4ccf678f37731d8ec09eae8dca5f4cbe84132a52
+Applied-Upstream: v2019.07-rc1+
+Debian-Bug: https://bugs.debian.org/928557
+From: Eugeniu Rosca <erosca@de.adit-jv.com>
+Date: Thu, 2 May 2019 14:27:06 +0200
+Subject: [PATCH] lib: uuid: Fix unseeded PRNG on RANDOM_UUID=y
+
+The random uuid values (enabled via CONFIG_RANDOM_UUID=y) on our
+platform are always the same. Below is consistent on each cold boot:
+
+ => ### interrupt autoboot
+ => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
+ ...
+ uuid_gpt_misc=d117f98e-6f2c-d04b-a5b2-331a19f91cb2
+ => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
+ ...
+ uuid_gpt_misc=ad5ec4b6-2d9f-8544-9417-fe3bd1c9b1b3
+ => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
+ ...
+ uuid_gpt_misc=cceb0b18-39cb-d547-9db7-03b405fa77d4
+ => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
+ ...
+ uuid_gpt_misc=d4981a2b-0478-544e-9607-7fd3c651068d
+ => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
+ ...
+ uuid_gpt_misc=6d6c9a36-e919-264d-a9ee-bd00379686c7
+
+While the uuids do change on every 'gpt write' command, the values
+appear to be taken from the same pool, in the same order.
+
+Assuming U-Boot with RANDOM_UUID=y is deployed on a large number of
+devices, all those devices would essentially expose the same UUID,
+breaking the assumption of system/RFS/application designers who rely
+on UUID as being globally unique (e.g. a database using UUID as key
+would alias/mix up entries/records due to duplicated UUID).
+
+The root cause seems to be simply _not_ seeding PRNG before generating
+a random value. It turns out this belongs to an established class of
+PRNG-specific problems, commonly known as "unseeded randomness", for
+which I am able to find below bugs/CVE/CWE:
+ - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0285
+ ("CVE-2015-0285 openssl: handshake with unseeded PRNG")
+ - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-9019
+ ("CVE-2015-9019 libxslt: math.random() in xslt uses unseeded
+ randomness")
+ - https://cwe.mitre.org/data/definitions/336.html
+ ("CWE-336: Same Seed in Pseudo-Random Number Generator (PRNG)")
+
+The first revision [1] of this patch updated the seed based on the
+output of get_timer(), similar to [4].
+
+There are two problems with this approach:
+ - get_timer() has a poor _ms_ resolution
+ - when gen_rand_uuid() is called in a loop, get_timer() returns the
+ same result, leading to the same seed being passed to srand(),
+ leading to the same uuid being generated for several partitions
+ with different names
+
+The above drawbacks have been addressed in the second version [2].
+In its third revision (current), the patch reworded the description
+and summary line to emphasize it is a *fix* rather than an improvement.
+
+Testing [3] consisted of running 'gpt write mmc 1 $partitions' in a
+loop on R-Car3 for several minutes, collecting 8844 randomly generated
+UUIDS. Two consecutive cold boots are concatenated in the log.
+As a result, all uuid values are unique (scripted check).
+
+Thanks to Roman, who reported the issue and provided support in fixing.
+
+[1] https://patchwork.ozlabs.org/patch/1091802/
+[2] https://patchwork.ozlabs.org/patch/1092945/
+[3] https://gist.github.com/erosca/2820be9d554f76b982edd48474d0e7ca
+[4] commit da384a9d7628 ("net: rename and refactor eth_rand_ethaddr() function")
+
+Reported-by: Roman Stratiienko <roman.stratiienko@globallogic.com>
+Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
+Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
+---
+ lib/uuid.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/uuid.c b/lib/uuid.c
+index fa20ee39fc..2d4d6ef7e4 100644
+--- a/lib/uuid.c
++++ b/lib/uuid.c
+@@ -238,6 +238,8 @@ void gen_rand_uuid(unsigned char *uuid_bin)
+ unsigned int *ptr = (unsigned int *)&uuid;
+ int i;
+
++ srand(get_ticks() + rand());
++
+ /* Set all fields randomly */
+ for (i = 0; i < sizeof(struct uuid) / sizeof(*ptr); i++)
+ *(ptr + i) = cpu_to_be32(rand());
+--
+2.20.1
+
diff -Nru u-boot-2019.01+dfsg/debian/targets u-boot-2019.01+dfsg/debian/targets
--- u-boot-2019.01+dfsg/debian/targets 2019-04-19 15:21:52.000000000 -0700
+++ u-boot-2019.01+dfsg/debian/targets 2019-05-13 18:47:19.000000000 -0700
@@ -60,6 +60,7 @@
# Vagrant Cascadian <vagrant@debian.org>
# Andrew M.A. Cater <amacater@galactic.demon.co.uk>
armhf omap am335x_boneblack u-boot.img MLO
+armhf omap am335x_evm u-boot.img MLO
# Vagrant Cascadian <vagrant@debian.org>
armhf omap am57xx_evm u-boot.img MLO
@@ -200,12 +201,18 @@
# Rodrigo Exterckötter Tjäder <rodrigo@tjader.xyz>
arm64 sunxi a64-olinuxino u-boot.bin spl/sunxi-spl.bin u-boot-nodtb.bin arch/arm/dts/sun50i-a64-olinuxino.dtb
+# Domenico Andreoli <cavok@debian.org>
+arm64 sunxi nanopi_neo2 u-boot.bin spl/sunxi-spl.bin u-boot-nodtb.bin arch/arm/dts/sun50i-h5-nanopi-neo2.dtb
+
# Frederic Danis <frederic.danis@collabora.com>
arm64 sunxi orangepi_zero_plus2 u-boot.bin spl/sunxi-spl.bin u-boot-nodtb.bin arch/arm/dts/sun50i-h5-orangepi-zero-plus2.dtb
# Vagrant Cascadian <vagrant@debian.org>
arm64 sunxi pine64_plus u-boot.bin spl/sunxi-spl.bin u-boot-nodtb.bin arch/arm/dts/sun50i-a64-pine64-plus.dtb arch/arm/dts/sun50i-a64-pine64.dtb
+# Sunil Mohan Adapa <sunil@medhas.org>
+arm64 sunxi pine64-lts u-boot.bin spl/sunxi-spl.bin u-boot-nodtb.bin arch/arm/dts/sun50i-a64-pine64-lts.dtb arch/arm/dts/sun50i-a64-pine64.dtb
+
# Vagrant Cascadian <vagrant@debian.org>
arm64 sunxi pinebook u-boot.bin spl/sunxi-spl.bin u-boot-nodtb.bin arch/arm/dts/sun50i-a64-pinebook.dtb
diff -Nru u-boot-2019.01+dfsg/debian/u-boot-omap.README.Debian u-boot-2019.01+dfsg/debian/u-boot-omap.README.Debian
--- u-boot-2019.01+dfsg/debian/u-boot-omap.README.Debian 2019-04-19 15:21:52.000000000 -0700
+++ u-boot-2019.01+dfsg/debian/u-boot-omap.README.Debian 2019-05-13 18:53:20.000000000 -0700
@@ -4,8 +4,8 @@
The BeagleBone Black (am335x_boneblack) can be flashed to microSD or eMMC directly:
- dd conv=fsync,notrunc if=/usr/lib/u-boot/am335x_boneblack/MLO of=/dev/mmcblkX count=1 seek=1 bs=128k
- dd conv=fsync,notrunc if=/usr/lib/u-boot/am335x_boneblack/u-boot.img of=/dev/mmcblkX count=2 seek=1 bs=384k
+ dd conv=fsync,notrunc seek=256 if=/usr/lib/u-boot/am335x_boneblack/MLO of=/dev/mmcblkX
+ dd conv=fsync,notrunc seek=768 if=/usr/lib/u-boot/am335x_boneblack/u-boot.img of=/dev/mmcblkX
On OpenPandora:
unblock u-boot/2019.01+dfsg-7
Thanks for your review!
live well,
vagrant
Attachment:
signature.asc
Description: PGP signature