OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2019.02-op-build 2019-03-25T16:36:23+00:00 2019-03-25T16:36:23+00:00 Baruch Siach baruch@tkos.co.il 2019-03-12T11:56:27+00:00 urn:sha1:c19f815add28c5dbd6bbf944c42236679da4593f Fixes CVE-2019-8936: Crafted null dereference attack in authenticated mode 6 packet. Drop upstream patches. Update COPYRIGHT file hash; text formatting (line width) changes. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 7ffdc08f04a87b0dd6f2bba250627389ce79a776) Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2019-02-04T14:14:18+00:00 Matt Weber matthew.weber@rockwellcollins.com 2019-02-03T22:38:51+00:00 urn:sha1:fcf9bcf014d654248dfc7d7fb6b7dbb34935e63e Previously the sysv init script install was conditional based on ntpd being selected, now that sntp also has an init script and could be selected independent of ntpd, a common install is necessary. Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2019-02-03T19:35:26+00:00 Matt Weber matthew.weber@rockwellcollins.com 2018-12-12T03:45:37+00:00 urn:sha1:5e08d929474a4ec84432f4829e113f524a103e3f This patch adds the installation of a startup script if the sntp utility is selected as an option. The utility is design to do a one time step/slew adjustment of the system time (similar to the ntpdate tool http://support.ntp.org/bin/view/Dev/DeprecatingNtpdate). One nice benefit over ntpdate is that sntp can run while ntpd is still running. However, ntpd may still need to be restarted if the time step was large enough. The script provides the ability to override the arguments as part of a /etc/defaults/sntp file. On a local LAN, the initial large step adjustment took less then one second to be retrieved and system time updated. If a user already has a RTC maintaining the time and the system was powered off for a long period of time, the script assumes a slew adjustment when +/- 128ms, rather then a time step(jump). This could be further tuned by a user with the /etc/defaults/sntp configuration file. One NTP pool server is being set as sntp uses all of the servers provided when the DNS is resolved as servers to attempt to retrieve time from before timing out. It looks like currently that is 4 servers per *pool.ntp.org hostname. Cc: Oscar Gomez Fuente <oscargomezf@gmail.com> Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Tested-by: Oscar Gomez Fuente <oscargomezf@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2018-10-16T12:48:27+00:00 Baruch Siach baruch@tkos.co.il 2018-10-15T18:38:28+00:00 urn:sha1:13dcc69a39da97f615627553e88113ba455875ea When threads support is missing the ntp build system builds the work_fork code. This code added call to set_user_group_ids() that is under HAVE_DROPROOT, which is disabled when libcap is not built. Add a patch fixing that. Fixes: http://autobuild.buildroot.net/results/ab9/ab9ceff1151b8b5e6b9fa77d39c0f9b0cac1a080/ Cc: Artyom Panfilov <apanfilov@spectracom.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2018-10-13T21:15:44+00:00 Baruch Siach baruch@tkos.co.il 2018-10-13T18:51:00+00:00 urn:sha1:7cf152852dd0b4bf30659e3e62d891171f1e4aa5 Commit 87d759ced5 (ntp: fix build for no-MMU) added a patch to make MMU dependent code hidden behind HAVE_WORKING_FORK. It turns out that the patch covers too much code. When libcap is enabled we pass --enable-linuxcaps, which in turn enables HAVE_DROPROOT. This adds calls to code that is covered by HAVE_WORKING_FORK. Update the no-MMU fix so that HAVE_WORKING_FORK only covers the no-MMU incompatible routine. Fixes: http://autobuild.buildroot.net/results/c5c/c5cf28bb969fec7c07864cdd094dedfa4d5439d2/ Cc: Artem Panfilov <apanfilov@spectracom.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2018-10-12T09:24:58+00:00 Baruch Siach baruch@tkos.co.il 2018-10-12T09:17:58+00:00 urn:sha1:87d759ced52cb461a4460f4c513f2f6993292bc2 Code rearrange in the latest ntp version exposed code that used to be hidden behind HAVE_WORKING_FORK. Put this code back where it belongs. Fixes: http://autobuild.buildroot.net/results/9f4/9f4710b451df1a60f95ab6503cfb7788ad998a65/ http://autobuild.buildroot.net/results/d0b/d0b20a6c0f37a8b06841afc2764c8aab6ffd27d2/ http://autobuild.buildroot.net/results/85c/85c89f5e9d36915567b8d14b9c99e3720c866577/ Cc: Artem Panfilov <apanfilov@spectracom.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2018-10-11T07:33:02+00:00 Artyom Panfilov apanfilov@spectracom.com 2018-10-10T21:01:45+00:00 urn:sha1:f3c6452729e89e546d58adfc3b288ddfae5876e2 Signed-off-by: Artem Panfilov <apanfilov@spectracom.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-10-10T19:27:23+00:00 Artyom Panfilov apanfilov@spectracom.com 2018-10-10T09:03:05+00:00 urn:sha1:cf9344c45e85ed274cf783271344f4c03138971d Release notes: https://www.nwtime.org/network-time-foundation-publishes-ntp-4-2-8p12 Fixed security issues: CVE-2016-1549 / CVE-2018-7170: Sybil vulnerability: ephemeral association attack CVE-2018-12327: The openhost() function used during command-line hostname processing by ntpq and ntpdc can write beyond its buffer limit Signed-off-by: Artem Panfilov <apanfilov@spectracom.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-07-08T10:22:15+00:00 Yann E. MORIN yann.morin.1998@free.fr 2018-07-08T09:45:45+00:00 urn:sha1:2319270de79e01ceb833baa909f2c5723d1926af Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2018-04-16T05:34:51+00:00 Carlos Santos casantos@datacom.ind.br 2018-04-16T02:29:33+00:00 urn:sha1:e8cd0800aa25a9298c0e58cecbae5a30eabba19d The test doesn't make sense. It just exits without any error if the binary doesn't exist, which is silly. Replace the DAEMON variable, which was used only once, by the full path of the binary file. Signed-off-by: Carlos Santos <casantos@datacom.ind.br> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>