Change-Id: Ib49fd4450a8dde606b798a226f053b03034ab354
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/7179
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Ajay Kaher <akaher@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,65 @@ |
0 |
+From febbc583319b567fe3d83e521cc2ace9be8d1501 Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Benjamin Lim <jarsp.ctf@gmail.com> |
|
2 |
+Date: Fri, 29 Mar 2019 07:29:45 -0400 |
|
3 |
+Subject: [PATCH] Fix ext4 block group descriptor sizing |
|
4 |
+ |
|
5 |
+Ext4 allows for arbitrarily sized block group descriptors when 64-bit |
|
6 |
+addressing is enabled, which was previously not properly supported. This |
|
7 |
+patch dynamically allocates a chunk of memory of the correct size. |
|
8 |
+ |
|
9 |
+Signed-off-by: Benjamin Lim <jarsp.ctf@gmail.com> |
|
10 |
+Signed-off-by Ajay Kaher <akaher@vmware.com? |
|
11 |
+ |
|
12 |
+--- |
|
13 |
+ fs/ext4/ext4_common.c | 19 +++++++++++++++---- |
|
14 |
+ 1 file changed, 15 insertions(+), 4 deletions(-) |
|
15 |
+ |
|
16 |
+diff --git a/fs/ext4/ext4_common.c b/fs/ext4/ext4_common.c |
|
17 |
+index feffbfa..464c33d 100644 |
|
18 |
+--- a/fs/ext4/ext4_common.c |
|
19 |
+@@ -1587,7 +1587,7 @@ static int ext4fs_blockgroup |
|
20 |
+ |
|
21 |
+ int ext4fs_read_inode(struct ext2_data *data, int ino, struct ext2_inode *inode) |
|
22 |
+ { |
|
23 |
+- struct ext2_block_group blkgrp; |
|
24 |
++ struct ext2_block_group *blkgrp; |
|
25 |
+ struct ext2_sblock *sblock = &data->sblock; |
|
26 |
+ struct ext_filesystem *fs = get_fs(); |
|
27 |
+ int log2blksz = get_fs()->dev_desc->log2blksz; |
|
28 |
+@@ -1595,17 +1595,28 @@ int ext4fs_read_inode(struct ext2_data *data, int ino, struct ext2_inode *inode) |
|
29 |
+ long int blkno; |
|
30 |
+ unsigned int blkoff; |
|
31 |
+ |
|
32 |
++ /* Allocate blkgrp based on gdsize (for 64-bit support). */ |
|
33 |
++ blkgrp = zalloc(get_fs()->gdsize); |
|
34 |
++ if (!blkgrp) |
|
35 |
++ return 0; |
|
36 |
++ |
|
37 |
+ /* It is easier to calculate if the first inode is 0. */ |
|
38 |
+ ino--; |
|
39 |
+ status = ext4fs_blockgroup(data, ino / le32_to_cpu |
|
40 |
+- (sblock->inodes_per_group), &blkgrp); |
|
41 |
+- if (status == 0) |
|
42 |
++ (sblock->inodes_per_group), blkgrp); |
|
43 |
++ if (status == 0) { |
|
44 |
++ free(blkgrp); |
|
45 |
+ return 0; |
|
46 |
++ } |
|
47 |
+ |
|
48 |
+ inodes_per_block = EXT2_BLOCK_SIZE(data) / fs->inodesz; |
|
49 |
+- blkno = ext4fs_bg_get_inode_table_id(&blkgrp, fs) + |
|
50 |
++ blkno = ext4fs_bg_get_inode_table_id(blkgrp, fs) + |
|
51 |
+ (ino % le32_to_cpu(sblock->inodes_per_group)) / inodes_per_block; |
|
52 |
+ blkoff = (ino % inodes_per_block) * fs->inodesz; |
|
53 |
++ |
|
54 |
++ /* Free blkgrp as it is no longer required. */ |
|
55 |
++ free(blkgrp); |
|
56 |
++ |
|
57 |
+ /* Read the inode. */ |
|
58 |
+ status = ext4fs_devread((lbaint_t)blkno << (LOG2_BLOCK_SIZE(data) - |
|
59 |
+ log2blksz), blkoff, |
|
60 |
+-- |
|
61 |
+2.7.4 |
|
62 |
+ |
|
63 |
+ |
... | ... |
@@ -3,7 +3,7 @@ |
3 | 3 |
Summary: U-Boot EFI firmware |
4 | 4 |
Name: u-boot |
5 | 5 |
Version: 2019.01 |
6 |
-Release: 1%{?dist} |
|
6 |
+Release: 2%{?dist} |
|
7 | 7 |
License: GPLv2 |
8 | 8 |
Url: http://www.denx.de/wiki/U-Boot |
9 | 9 |
Vendor: VMware, Inc. |
... | ... |
@@ -17,6 +17,10 @@ Patch1: 0004-Fix-MMC1-external-SD-slot-on-Samsun.patch |
17 | 17 |
Patch2: 0005-Fix-no-usb.patch |
18 | 18 |
Patch3: add_tcp_wget_support.patch |
19 | 19 |
Patch4: add-saveenv-in-bootcmd.patch |
20 |
+ |
|
21 |
+# CVE-2019-11059 |
|
22 |
+Patch5: 0001-Fix_ext4_block_group_descriptor_sizing.patch |
|
23 |
+ |
|
20 | 24 |
Group: Development/Tools |
21 | 25 |
BuildArch: aarch64 |
22 | 26 |
|
... | ... |
@@ -37,6 +41,7 @@ env variables from linux shell prompt. |
37 | 37 |
%patch2 -p1 |
38 | 38 |
%patch3 -p1 |
39 | 39 |
%patch4 -p1 |
40 |
+%patch5 -p1 |
|
40 | 41 |
|
41 | 42 |
%build |
42 | 43 |
cp %{SOURCE1} configs/ |
... | ... |
@@ -58,6 +63,8 @@ install -D -m 0644 %{SOURCE2} %{buildroot}/etc/fw_env.config |
58 | 58 |
/usr/bin/fw_setenv |
59 | 59 |
|
60 | 60 |
%changelog |
61 |
+* Wed May 15 2019 Ajay Kaher <akaher@vmware.com> 2019.01-2 |
|
62 |
+- Fix CVE-2019-11059 |
|
61 | 63 |
* Fri Feb 22 2019 Tapas Kundu <tkundu@vmware.com> 2019.01-1 |
62 | 64 |
- Updating to 2019.01 |
63 | 65 |
- Added patch for tcp and wget support |