dgit.raspbian.org Git - u-boot.git/log

[PATCH] efi_loader: switch to non-secure mode later

Some ARMv7 boards using PSCI require to be in secure-mode when booted via
'bootz' or 'bootm'. During distro-boot 'bootefi bootmgr' is called to check
if booting via UEFI is possible.

With the change we change the switch from secure mode to non-secure mode is
moved from the UEFI subsystem setup to just before calling StartImage().

Cc: Jernej Škrabec <jernej.skrabec@gmail.com>
Reported by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Gbp-Pq: Topic upstream
Gbp-Pq: Name 0001-efi_loader-switch-to-non-secure-mode-later.patch

[PATCH] configs: add PineTab defconfig

From 2c346cacb4b0841051bceb27a57058020860ab8b Mon Sep 17 00:00:00 2001
Forwarded: https://patchwork.ozlabs.org/project/uboot/list/?series=232582

The PineTab device-tree is already in u-boot, this commit adds the corresponding
defconfig, based on pinephone_defconfig.

Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
Gbp-Pq: Topic pinetab
Gbp-Pq: Name 0001-configs-add-PineTab-defconfig.patch

disable-preboot

Disable USE_PREBOOT as a workaround to boot failure triggered by
initializing USB. (Closes: #973323, #980434)

Reported upstream:

https://lists.denx.de/pipermail/u-boot/2021-January/438098.html

Gbp-Pq: Topic rk3399
Gbp-Pq: Name disable-preboot

bootz_and_raw_initrd

Enable booting of zImage/vmlinuz and initrd without requiring the use
of mkimage to create uImage/uInitrd.

Gbp-Pq: Topic n900
Gbp-Pq: Name bootz_and_raw_initrd.patch

[PATCH] qemu-riscv64_smode, sifive-fu540: fix extlinux (define preboot)

From 3fc056f0b9f7c26e58a1e947c8c0184e55919614 Mon Sep 17 00:00:00 2001
Forwarded: https://patchwork.ozlabs.org/patch/1151125/

Commit 37304aaf60bf92a5dc3ef222ba520698bd862a44 removed preboot
commands in RISC-V targets and broke extlinux support as reported
by Fu Wei <wefu@redhat.com>.

The patch finishes migration of CONFIG_USE_PREBOOT and CONFIG_REBOOT
to Kconfig.

Signed-off-by: David Abdurachmanov <david.abdurachmanov@sifive.com>
Gbp-Pq: Topic riscv64
Gbp-Pq: Name qemu-riscv64_smode-sifive-fu540-fix-extlinux-define-.patch

[PATCH] arm: config: fix default console only to specify the device

This reverts commit 767edf0f6b3eaa0303f3fd6afdc14ddce0aca70c and restores
commit 232ed3ca534708527a9515c7c41bc3542949525c.

Debian's flash-kernel expect the console variable to just contain the device,
because it will set the bootargs to "console=${console}". So revert adding
"console=" to the console parameter, but also adjust the shipped bootscripts
for exynos boards to cope with it.

Bug-Debian: https://bugs.debian.org/920116
Signed-off-by: Benjamin Drung <bdrung@debian.org>
Gbp-Pq: Topic exynos
Gbp-Pq: Name 0001-arm-config-fix-default-console-only-to-specify-the-d.patch

test-imagetools-test-fixes

This patch allows testing in an alternate directory and also detects
failures to execute commands, treating that as a failure.

Gbp-Pq: Name test-imagetools-test-fixes

omap5_distro_bootcmd

Enable distro_bootcmd support (doc/README.distro) for omap5 targets.

Gbp-Pq: Topic am57xx
Gbp-Pq: Name omap5_distro_bootcmd

ensure-config-sandbox-for-make-env

Ensure that CONFIG_SANDBOX is set when running "make env", avoiding a
failure to build caused by config_distro_bootcmd.h following the wrong
codepath...

Gbp-Pq: Name ensure-config-sandbox-for-make-env.patch

Add spl/arndale-spl.bin rule

Gbp-Pq: Topic arndale
Gbp-Pq: Name board-spl-rule.diff

mx53loco

Enables support for ext4, the "load" command, and using bootz with raw initrds.

Gbp-Pq: Name mx53loco

Enable generic tools build

Gbp-Pq: Name tools-generic-builds.patch

add-debian-revision-to-u-boot-version

Add the debian revision to the U-boot version, which is displayed at
boot and can be helpful to determine which specific version is used.

Gbp-Pq: Name add-debian-revision-to-u-boot-version

u-boot (2021.01+dfsg-5+deb11u1) bullseye-security; urgency=medium

  * Non-maintainer upload by the Debian LTS team.
  * d/patches/CVE-2022-34835.patch: Add patch to fix CVE-2022-34835.
    - Fix an integer signedness error and resultant stack-based buffer overflow
      in the 'i2c md' command that enables the corruption of the return address
      pointer of the do_i2c_md function (closes: #1014529).
  * d/patches/CVE-2022-33967.patch: Add patch to fix CVE-2022-33967.
    - Fix a heap-based buffer overflow vulnerability due to a defect in the
      metadata reading process which may lead to a denial-of-service (DoS)
      condition or arbitrary code execution by loading a specially crafted
      squashfs image.
  * d/patches/CVE-2022-33103.patch: Add patch to fix CVE-2022-33103.
    - Fix an an out-of-bounds write (closes: #1014528).
  * d/patches/CVE-2022-30790.patch: Add patch to fix CVE-2022-30790 and
    CVE-2022-30552.
    - Fix a a Buffer Overflow (closes: #1014470).
  * d/patches/CVE-2022-30767.patch: Add patch to fix CVE-2022-30767.
    - Fix an unbounded memcpy with a failed length check, leading to a buffer
      overflow. This issue exists due to an incorrect fix for CVE-2019-14196
      (closes: #1014471).
  * d/patches/CVE-2022-2347.patch: Add patch to fix CVE-2022-2347.
    - Fix an unchecked length field leading to a heap overflow
      (closes: #1014959).
  * d/patches/CVE-2024-57254.patch: Add patch to fix CVE-2024-57254.
    - Fix an integer overflow in sqfs_inode_size (closes: 1098254).
  * d/patches/CVE-2024-57255.patch: Add patch to fix CVE-2024-57255.
    - Fix an integer overflow in sqfs_resolve_symlink (closes: #1098254).
  * d/patches/CVE-2024-57256.patch: Add patch to fix CVE-2024-57256.
    - Fix an integer overflow in ext4fs_read_symlink (closes: #1098254).
  * d/patches/CVE-2024-57257.patch: Add patch to fix CVE-2024-57257.
    - Fix a stack consumption issue in sqfs_size possible with deep symlink
      nesting (closes: #1098254).
  * d/patches/CVE-2024-57258-1.patch, d/patches/CVE-2024-57258-2.patch,
    d/patches/CVE-2024-57258-3.patch: Add patches to fx CVE-2024-57258.
    - Fix multiple integer overflows (closes: #1098254).
  * d/patches/CVE-2024-57259.patch: Add patch to fix CVE-2024-57259.
    - Fix an off-by-one error resulting in a heap memory corruption in
      sqfs_search_dir (closes: #1098254).

[dgit import unpatched u-boot 2021.01+dfsg-5+deb11u1]

Import u-boot_2021.01+dfsg-5+deb11u1.debian.tar.xz

[dgit import tarball u-boot 2021.01+dfsg-5+deb11u1 u-boot_2021.01+dfsg-5+deb11u1.debian.tar.xz]

Import u-boot_2021.01+dfsg.orig.tar.xz

[dgit import orig u-boot_2021.01+dfsg.orig.tar.xz]