diff options
Diffstat (limited to 'poky/meta')
219 files changed, 8465 insertions, 1066 deletions
diff --git a/poky/meta/classes/archiver.bbclass b/poky/meta/classes/archiver.bbclass index 33070cd17f..dca4271a69 100644 --- a/poky/meta/classes/archiver.bbclass +++ b/poky/meta/classes/archiver.bbclass @@ -69,7 +69,6 @@ SSTATE_ALLOW_OVERLAP_FILES += "${DEPLOY_DIR_SRC}/mirror" do_dumpdata[dirs] = "${ARCHIVER_OUTDIR}" do_ar_recipe[dirs] = "${ARCHIVER_OUTDIR}" do_ar_original[dirs] = "${ARCHIVER_OUTDIR} ${ARCHIVER_WORKDIR}" -do_deploy_archives[dirs] = "${WORKDIR}" # This is a convenience for the shell script to use it @@ -460,7 +459,9 @@ def create_diff_gz(d, src_orig, src, ar_outdir): def is_work_shared(d): pn = d.getVar('PN') - return bb.data.inherits_class('kernel', d) or pn.startswith('gcc-source') + return pn.startswith('gcc-source') or \ + bb.data.inherits_class('kernel', d) or \ + (bb.data.inherits_class('kernelsrc', d) and d.getVar('S') == d.getVar('STAGING_KERNEL_DIR')) # Run do_unpack and do_patch python do_unpack_and_patch() { diff --git a/poky/meta/classes/core-image.bbclass b/poky/meta/classes/core-image.bbclass index 84fd3eeb38..740a6c1d3d 100644 --- a/poky/meta/classes/core-image.bbclass +++ b/poky/meta/classes/core-image.bbclass @@ -59,6 +59,10 @@ FEATURE_PACKAGES_hwcodecs = "${MACHINE_HWCODECS}" # IMAGE_FEATURES_REPLACES_foo = 'bar1 bar2' # Including image feature foo would replace the image features bar1 and bar2 IMAGE_FEATURES_REPLACES_ssh-server-openssh = "ssh-server-dropbear" +# Do not install openssh complementary packages if either packagegroup-core-ssh-dropbear or dropbear +# is installed # to avoid openssh-dropbear conflict +# see [Yocto #14858] for more information +PACKAGE_EXCLUDE_COMPLEMENTARY:append = "${@bb.utils.contains_any('PACKAGE_INSTALL', 'packagegroup-core-ssh-dropbear dropbear', 'openssh', '' , d)}" # IMAGE_FEATURES_CONFLICTS_foo = 'bar1 bar2' # An error exception would be raised if both image features foo and bar1(or bar2) are included diff --git a/poky/meta/classes/create-spdx.bbclass b/poky/meta/classes/create-spdx.bbclass index 37b6b569a1..d735f20c20 100644 --- a/poky/meta/classes/create-spdx.bbclass +++ b/poky/meta/classes/create-spdx.bbclass @@ -210,7 +210,7 @@ def add_package_files(d, doc, spdx_pkg, topdir, get_spdxid, get_types, *, archiv filepath = Path(subdir) / file filename = str(filepath.relative_to(topdir)) - if filepath.is_file() and not filepath.is_symlink(): + if not filepath.is_symlink() and filepath.is_file(): spdx_file = oe.spdx.SPDXFile() spdx_file.SPDXID = get_spdxid(file_counter) for t in get_types(filepath): @@ -445,7 +445,7 @@ python do_create_spdx() { recipe.name = d.getVar("PN") recipe.versionInfo = d.getVar("PV") recipe.SPDXID = oe.sbom.get_recipe_spdxid(d) - recipe.packageSupplier = d.getVar("SPDX_SUPPLIER") + recipe.supplier = d.getVar("SPDX_SUPPLIER") if bb.data.inherits_class("native", d) or bb.data.inherits_class("cross", d): recipe.annotations.append(create_annotation(d, "isNative")) @@ -555,7 +555,7 @@ python do_create_spdx() { spdx_package.name = pkg_name spdx_package.versionInfo = d.getVar("PV") spdx_package.licenseDeclared = convert_license_to_spdx(package_license, package_doc, d, found_licenses) - spdx_package.packageSupplier = d.getVar("SPDX_SUPPLIER") + spdx_package.supplier = d.getVar("SPDX_SUPPLIER") package_doc.packages.append(spdx_package) @@ -571,6 +571,7 @@ python do_create_spdx() { pkgdest / package, lambda file_counter: oe.sbom.get_packaged_file_spdxid(pkg_name, file_counter), lambda filepath: ["BINARY"], + ignore_top_level_dirs=['CONTROL', 'DEBIAN'], archive=archive, ) @@ -895,7 +896,7 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): image.name = d.getVar("PN") image.versionInfo = d.getVar("PV") image.SPDXID = rootfs_spdxid - image.packageSupplier = d.getVar("SPDX_SUPPLIER") + image.supplier = d.getVar("SPDX_SUPPLIER") doc.packages.append(image) diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index da7f93371c..16466586a7 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -139,17 +139,18 @@ python do_cve_check () { """ from oe.cve_check import get_patched_cves - if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): - try: - patched_cves = get_patched_cves(d) - except FileNotFoundError: - bb.fatal("Failure in searching patches") - ignored, patched, unpatched, status = check_cves(d, patched_cves) - if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status): - cve_data = get_cve_info(d, patched + unpatched + ignored) - cve_write_data(d, patched, unpatched, ignored, cve_data, status) - else: - bb.note("No CVE database found, skipping CVE check") + with bb.utils.fileslocked([d.getVar("CVE_CHECK_DB_FILE_LOCK")], shared=True): + if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): + try: + patched_cves = get_patched_cves(d) + except FileNotFoundError: + bb.fatal("Failure in searching patches") + ignored, patched, unpatched, status = check_cves(d, patched_cves) + if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status): + cve_data = get_cve_info(d, patched + unpatched + ignored) + cve_write_data(d, patched, unpatched, ignored, cve_data, status) + else: + bb.note("No CVE database found, skipping CVE check") } @@ -290,7 +291,8 @@ def check_cves(d, patched_cves): vendor = "%" # Find all relevant CVE IDs. - for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)): + cve_cursor = conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)) + for cverow in cve_cursor: cve = cverow[0] if cve in cve_ignore: @@ -309,7 +311,8 @@ def check_cves(d, patched_cves): vulnerable = False ignored = False - for row in conn.execute("SELECT * FROM PRODUCTS WHERE ID IS ? AND PRODUCT IS ? AND VENDOR LIKE ?", (cve, product, vendor)): + product_cursor = conn.execute("SELECT * FROM PRODUCTS WHERE ID IS ? AND PRODUCT IS ? AND VENDOR LIKE ?", (cve, product, vendor)) + for row in product_cursor: (_, _, _, version_start, operator_start, version_end, operator_end) = row #bb.debug(2, "Evaluating row " + str(row)) if cve in cve_ignore: @@ -353,10 +356,12 @@ def check_cves(d, patched_cves): bb.note("%s-%s is vulnerable to %s" % (pn, real_pv, cve)) cves_unpatched.append(cve) break + product_cursor.close() if not vulnerable: bb.note("%s-%s is not vulnerable to %s" % (pn, real_pv, cve)) patched_cves.add(cve) + cve_cursor.close() if not cves_in_product: bb.note("No CVE records found for product %s, pn %s" % (product, pn)) @@ -381,14 +386,15 @@ def get_cve_info(d, cves): conn = sqlite3.connect(db_file, uri=True) for cve in cves: - for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)): + cursor = conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)) + for row in cursor: cve_data[row[0]] = {} cve_data[row[0]]["summary"] = row[1] cve_data[row[0]]["scorev2"] = row[2] cve_data[row[0]]["scorev3"] = row[3] cve_data[row[0]]["modified"] = row[4] cve_data[row[0]]["vector"] = row[5] - + cursor.close() conn.close() return cve_data diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass index 90792a737b..8136d25cb1 100644 --- a/poky/meta/classes/externalsrc.bbclass +++ b/poky/meta/classes/externalsrc.bbclass @@ -90,16 +90,18 @@ python () { # Since configure will likely touch ${S}, ensure only we lock so one task has access at a time d.appendVarFlag(task, "lockfiles", " ${S}/singletask.lock") - for funcname in [task, "base_" + task, "kernel_" + task]: + for v in d.keys(): + cleandirs = d.getVarFlag(v, "cleandirs", False) + if cleandirs: # We do not want our source to be wiped out, ever (kernel.bbclass does this for do_clean) - cleandirs = oe.recipeutils.split_var_value(d.getVarFlag(funcname, 'cleandirs', False) or '') + cleandirs = oe.recipeutils.split_var_value(cleandirs) setvalue = False for cleandir in cleandirs[:]: if oe.path.is_path_parent(externalsrc, d.expand(cleandir)): cleandirs.remove(cleandir) setvalue = True if setvalue: - d.setVarFlag(funcname, 'cleandirs', ' '.join(cleandirs)) + d.setVarFlag(v, 'cleandirs', ' '.join(cleandirs)) fetch_tasks = ['do_fetch', 'do_unpack'] # If we deltask do_patch, there's no dependency to ensure do_unpack gets run, so add one diff --git a/poky/meta/classes/image_types_wic.bbclass b/poky/meta/classes/image_types_wic.bbclass index e3863c88a9..5374d6125e 100644 --- a/poky/meta/classes/image_types_wic.bbclass +++ b/poky/meta/classes/image_types_wic.bbclass @@ -84,6 +84,8 @@ do_image_wic[deptask] += "do_image_complete" WKS_FILE_DEPENDS_DEFAULT = '${@bb.utils.contains_any("BUILD_ARCH", [ 'x86_64', 'i686' ], "syslinux-native", "",d)}' WKS_FILE_DEPENDS_DEFAULT += "bmap-tools-native cdrtools-native btrfs-tools-native squashfs-tools-native e2fsprogs-native" +# Unified kernel images need objcopy +WKS_FILE_DEPENDS_DEFAULT += "virtual/${TARGET_PREFIX}binutils" WKS_FILE_DEPENDS_BOOTLOADERS = "" WKS_FILE_DEPENDS_BOOTLOADERS:x86 = "syslinux grub-efi systemd-boot os-release" WKS_FILE_DEPENDS_BOOTLOADERS:x86-64 = "syslinux grub-efi systemd-boot os-release" diff --git a/poky/meta/classes/insane.bbclass b/poky/meta/classes/insane.bbclass index f3f80334f6..0d93d50e58 100644 --- a/poky/meta/classes/insane.bbclass +++ b/poky/meta/classes/insane.bbclass @@ -1196,11 +1196,12 @@ python do_qa_patch() { import re from oe import patch + coremeta_path = os.path.join(d.getVar('COREBASE'), 'meta', '') for url in patch.src_patches(d): (_, _, fullpath, _, _, _) = bb.fetch.decodeurl(url) # skip patches not in oe-core - if '/meta/' not in fullpath: + if not os.path.abspath(fullpath).startswith(coremeta_path): continue kinda_status_re = re.compile(r"^.*upstream.*status.*$", re.IGNORECASE | re.MULTILINE) diff --git a/poky/meta/classes/kernel-fitimage.bbclass b/poky/meta/classes/kernel-fitimage.bbclass index 7e09b075ff..983392c23a 100644 --- a/poky/meta/classes/kernel-fitimage.bbclass +++ b/poky/meta/classes/kernel-fitimage.bbclass @@ -148,7 +148,7 @@ fitimage_emit_section_kernel() { kernel-$2 { description = "Linux kernel"; data = /incbin/("$3"); - type = "kernel"; + type = "${UBOOT_MKIMAGE_KERNEL_TYPE}"; arch = "${UBOOT_ARCH}"; os = "linux"; compression = "$4"; @@ -346,6 +346,7 @@ fitimage_emit_section_config() { conf_csum="${FIT_HASH_ALG}" conf_sign_algo="${FIT_SIGN_ALG}" + conf_padding_algo="${FIT_PAD_ALG}" if [ "${UBOOT_SIGN_ENABLE}" = "1" ] ; then conf_sign_keyname="${UBOOT_SIGN_KEYNAME}" fi @@ -465,6 +466,7 @@ EOF signature-1 { algo = "$conf_csum,$conf_sign_algo"; key-name-hint = "$conf_sign_keyname"; + padding = "$conf_padding_algo"; $sign_line }; EOF @@ -527,6 +529,10 @@ fitimage_assemble() { fi DTB=$(echo "$DTB" | tr '/' '_') + + # Skip DTB if we've picked it up previously + echo "$DTBS" | tr ' ' '\n' | grep -xq "$DTB" && continue + DTBS="$DTBS $DTB" fitimage_emit_section_dtb $1 $DTB $DTB_PATH done @@ -536,6 +542,10 @@ fitimage_assemble() { dtbcount=1 for DTB in $(find "${EXTERNAL_KERNEL_DEVICETREE}" \( -name '*.dtb' -o -name '*.dtbo' \) -printf '%P\n' | sort); do DTB=$(echo "$DTB" | tr '/' '_') + + # Skip DTB if we've picked it up previously + echo "$DTBS" | tr ' ' '\n' | grep -xq "$DTB" && continue + DTBS="$DTBS $DTB" fitimage_emit_section_dtb $1 $DTB "${EXTERNAL_KERNEL_DEVICETREE}/$DTB" done diff --git a/poky/meta/classes/kernel-uboot.bbclass b/poky/meta/classes/kernel-uboot.bbclass index 2facade818..1bc98e042d 100644 --- a/poky/meta/classes/kernel-uboot.bbclass +++ b/poky/meta/classes/kernel-uboot.bbclass @@ -2,6 +2,9 @@ FIT_KERNEL_COMP_ALG ?= "gzip" FIT_KERNEL_COMP_ALG_EXTENSION ?= ".gz" +# Kernel image type passed to mkimage (i.e. kernel kernel_noload...) +UBOOT_MKIMAGE_KERNEL_TYPE ?= "kernel" + uboot_prep_kimage() { if [ -e arch/${ARCH}/boot/compressed/vmlinux ]; then vmlinux_path="arch/${ARCH}/boot/compressed/vmlinux" diff --git a/poky/meta/classes/kernel-uimage.bbclass b/poky/meta/classes/kernel-uimage.bbclass index cedb4fa070..2e661ea916 100644 --- a/poky/meta/classes/kernel-uimage.bbclass +++ b/poky/meta/classes/kernel-uimage.bbclass @@ -30,6 +30,6 @@ do_uboot_mkimage() { awk '$3=="${UBOOT_ENTRYSYMBOL}" {print "0x"$1;exit}'` fi - uboot-mkimage -A ${UBOOT_ARCH} -O linux -T kernel -C "${linux_comp}" -a ${UBOOT_LOADADDRESS} -e $ENTRYPOINT -n "${DISTRO_NAME}/${PV}/${MACHINE}" -d linux.bin ${B}/arch/${ARCH}/boot/uImage + uboot-mkimage -A ${UBOOT_ARCH} -O linux -T ${UBOOT_MKIMAGE_KERNEL_TYPE} -C "${linux_comp}" -a ${UBOOT_LOADADDRESS} -e $ENTRYPOINT -n "${DISTRO_NAME}/${PV}/${MACHINE}" -d linux.bin ${B}/arch/${ARCH}/boot/uImage rm -f linux.bin } diff --git a/poky/meta/classes/kernel-yocto.bbclass b/poky/meta/classes/kernel-yocto.bbclass index afccffcf17..e8046bb8f6 100644 --- a/poky/meta/classes/kernel-yocto.bbclass +++ b/poky/meta/classes/kernel-yocto.bbclass @@ -322,7 +322,11 @@ do_patch() { meta_dir=$(kgit --meta) (cd ${meta_dir}; ln -sf patch.queue series) if [ -f "${meta_dir}/series" ]; then - kgit-s2q --gen -v --patches .kernel-meta/ + kgit_extra_args="" + if [ "${KERNEL_DEBUG_TIMESTAMPS}" != "1" ]; then + kgit_extra_args="--commit-sha author" + fi + kgit-s2q --gen -v $kgit_extra_args --patches .kernel-meta/ if [ $? -ne 0 ]; then bberror "Could not apply patches for ${KMACHINE}." bbfatal_log "Patch failures can be resolved in the linux source directory ${S})" diff --git a/poky/meta/classes/kernel.bbclass b/poky/meta/classes/kernel.bbclass index c29bd3d5f3..8dff68612d 100644 --- a/poky/meta/classes/kernel.bbclass +++ b/poky/meta/classes/kernel.bbclass @@ -231,8 +231,9 @@ UBOOT_LOADADDRESS ?= "${UBOOT_ENTRYPOINT}" # Some Linux kernel configurations need additional parameters on the command line KERNEL_EXTRA_ARGS ?= "" -EXTRA_OEMAKE = " HOSTCC="${BUILD_CC}" HOSTCFLAGS="${BUILD_CFLAGS}" HOSTLDFLAGS="${BUILD_LDFLAGS}" HOSTCPP="${BUILD_CPP}"" -EXTRA_OEMAKE += " HOSTCXX="${BUILD_CXX}" HOSTCXXFLAGS="${BUILD_CXXFLAGS}" PAHOLE=false" +EXTRA_OEMAKE += ' CC="${KERNEL_CC}" LD="${KERNEL_LD}"' +EXTRA_OEMAKE += ' HOSTCC="${BUILD_CC}" HOSTCFLAGS="${BUILD_CFLAGS}" HOSTLDFLAGS="${BUILD_LDFLAGS}" HOSTCPP="${BUILD_CPP}"' +EXTRA_OEMAKE += ' HOSTCXX="${BUILD_CXX}" HOSTCXXFLAGS="${BUILD_CXXFLAGS}" PAHOLE=false' KERNEL_ALT_IMAGETYPE ??= "" @@ -375,7 +376,7 @@ kernel_do_compile() { use_alternate_initrd=CONFIG_INITRAMFS_SOURCE=${B}/usr/${INITRAMFS_IMAGE_NAME}.cpio fi for typeformake in ${KERNEL_IMAGETYPE_FOR_MAKE} ; do - oe_runmake ${typeformake} CC="${KERNEL_CC}" LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} $use_alternate_initrd + oe_runmake ${typeformake} ${KERNEL_EXTRA_ARGS} $use_alternate_initrd done } @@ -407,7 +408,7 @@ do_compile_kernelmodules() { bbnote "KBUILD_BUILD_TIMESTAMP: $ts" fi if (grep -q -i -e '^CONFIG_MODULES=y$' ${B}/.config); then - oe_runmake -C ${B} ${PARALLEL_MAKE} modules CC="${KERNEL_CC}" LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} + oe_runmake -C ${B} ${PARALLEL_MAKE} modules ${KERNEL_EXTRA_ARGS} # Module.symvers gets updated during the # building of the kernel modules. We need to @@ -591,7 +592,7 @@ sysroot_stage_all () { : } -KERNEL_CONFIG_COMMAND ?= "oe_runmake_call -C ${S} CC="${KERNEL_CC}" LD="${KERNEL_LD}" O=${B} olddefconfig || oe_runmake -C ${S} O=${B} CC="${KERNEL_CC}" LD="${KERNEL_LD}" oldnoconfig" +KERNEL_CONFIG_COMMAND ?= "oe_runmake_call -C ${S} O=${B} olddefconfig || oe_runmake -C ${S} O=${B} oldnoconfig" python check_oldest_kernel() { oldest_kernel = d.getVar('OLDEST_KERNEL') @@ -629,14 +630,15 @@ kernel_do_configure() { do_savedefconfig() { bbplain "Saving defconfig to:\n${B}/defconfig" - oe_runmake -C ${B} LD='${KERNEL_LD}' savedefconfig + oe_runmake -C ${B} savedefconfig } do_savedefconfig[nostamp] = "1" addtask savedefconfig after do_configure inherit cml1 -KCONFIG_CONFIG_COMMAND:append = " PAHOLE=false LD='${KERNEL_LD}' HOSTLDFLAGS='${BUILD_LDFLAGS}'" +# Need LD, HOSTLDFLAGS and more for config operations +KCONFIG_CONFIG_COMMAND:append = " ${EXTRA_OEMAKE}" EXPORT_FUNCTIONS do_compile do_transform_kernel do_transform_bundled_initramfs do_install do_configure diff --git a/poky/meta/classes/nativesdk.bbclass b/poky/meta/classes/nativesdk.bbclass index f8e9607513..e46739e325 100644 --- a/poky/meta/classes/nativesdk.bbclass +++ b/poky/meta/classes/nativesdk.bbclass @@ -55,6 +55,7 @@ TARGET_CXXFLAGS = "${BUILDSDK_CXXFLAGS}" TARGET_LDFLAGS = "${BUILDSDK_LDFLAGS}" TARGET_FPU = "" EXTRA_OECONF_GCC_FLOAT = "" +TUNE_FEATURES = "" CPPFLAGS = "${BUILDSDK_CPPFLAGS}" CFLAGS = "${BUILDSDK_CFLAGS}" diff --git a/poky/meta/classes/npm.bbclass b/poky/meta/classes/npm.bbclass index ba50fcac20..8379c7b988 100644 --- a/poky/meta/classes/npm.bbclass +++ b/poky/meta/classes/npm.bbclass @@ -19,7 +19,7 @@ inherit python3native -DEPENDS:prepend = "nodejs-native " +DEPENDS:prepend = "nodejs-native nodejs-oe-cache-native " RDEPENDS:${PN}:append:class-target = " nodejs" EXTRA_OENPM = "" @@ -46,6 +46,7 @@ NPM_ARCH ?= "${@npm_target_arch_map(d.getVar("TARGET_ARCH"))}" NPM_PACKAGE = "${WORKDIR}/npm-package" NPM_CACHE = "${WORKDIR}/npm-cache" NPM_BUILD = "${WORKDIR}/npm-build" +NPM_REGISTRY = "${WORKDIR}/npm-registry" def npm_global_configs(d): """Get the npm global configuration""" @@ -57,13 +58,36 @@ def npm_global_configs(d): configs.append(("cache", d.getVar("NPM_CACHE"))) return configs +## 'npm pack' runs 'prepare' and 'prepack' scripts. Support for +## 'ignore-scripts' which prevents this behavior has been removed +## from nodejs 16. Use simple 'tar' instead of. def npm_pack(env, srcdir, workdir): - """Run 'npm pack' on a specified directory""" - import shlex - cmd = "npm pack %s" % shlex.quote(srcdir) - args = [("ignore-scripts", "true")] - tarball = env.run(cmd, args=args, workdir=workdir).strip("\n") - return os.path.join(workdir, tarball) + """Emulate 'npm pack' on a specified directory""" + import subprocess + import os + import json + + src = os.path.join(srcdir, 'package.json') + with open(src) as f: + j = json.load(f) + + # base does not really matter and is for documentation purposes + # only. But the 'version' part must exist because other parts of + # the bbclass rely on it. + base = j['name'].split('/')[-1] + tarball = os.path.join(workdir, "%s-%s.tgz" % (base, j['version'])); + + # TODO: real 'npm pack' does not include directories while 'tar' + # does. But this does not seem to matter... + subprocess.run(['tar', 'czf', tarball, + '--exclude', './node-modules', + '--exclude-vcs', + '--transform', 's,^\./,package/,', + '--mtime', '1985-10-26T08:15:00.000Z', + '.'], + check = True, cwd = srcdir) + + return (tarball, j) python npm_do_configure() { """ @@ -86,27 +110,24 @@ python npm_do_configure() { from bb.fetch2.npm import npm_unpack from bb.fetch2.npmsw import foreach_dependencies from bb.progress import OutOfProgressHandler + from oe.npm_registry import NpmRegistry bb.utils.remove(d.getVar("NPM_CACHE"), recurse=True) bb.utils.remove(d.getVar("NPM_PACKAGE"), recurse=True) env = NpmEnvironment(d, configs=npm_global_configs(d)) + registry = NpmRegistry(d.getVar('NPM_REGISTRY'), d.getVar('NPM_CACHE')) - def _npm_cache_add(tarball): - """Run 'npm cache add' for a specified tarball""" - cmd = "npm cache add %s" % shlex.quote(tarball) - env.run(cmd) + def _npm_cache_add(tarball, pkg): + """Add tarball to local registry and register it in the + cache""" + registry.add_pkg(tarball, pkg) def _npm_integrity(tarball): """Return the npm integrity of a specified tarball""" sha512 = bb.utils.sha512_file(tarball) return "sha512-" + base64.b64encode(bytes.fromhex(sha512)).decode() - def _npm_version(tarball): - """Return the version of a specified tarball""" - regex = r"-(\d+\.\d+\.\d+(-.*)?(\+.*)?)\.tgz" - return re.search(regex, tarball).group(1) - def _npmsw_dependency_dict(orig, deptree): """ Return the sub dictionary in the 'orig' dictionary corresponding to the @@ -163,11 +184,11 @@ python npm_do_configure() { with tempfile.TemporaryDirectory() as tmpdir: # Add the dependency to the npm cache destdir = os.path.join(d.getVar("S"), destsuffix) - tarball = npm_pack(env, destdir, tmpdir) - _npm_cache_add(tarball) + (tarball, pkg) = npm_pack(env, destdir, tmpdir) + _npm_cache_add(tarball, pkg) # Add its signature to the cached shrinkwrap dep = _npmsw_dependency_dict(cached_shrinkwrap, deptree) - dep["version"] = _npm_version(tarball) + dep["version"] = pkg['version'] dep["integrity"] = _npm_integrity(tarball) if params.get("dev", False): dep["dev"] = True @@ -184,7 +205,7 @@ python npm_do_configure() { # Configure the main package with tempfile.TemporaryDirectory() as tmpdir: - tarball = npm_pack(env, d.getVar("S"), tmpdir) + (tarball, _) = npm_pack(env, d.getVar("S"), tmpdir) npm_unpack(tarball, d.getVar("NPM_PACKAGE"), d) # Configure the cached manifest file and cached shrinkwrap file @@ -257,7 +278,7 @@ python npm_do_compile() { args.append(("build-from-source", "true")) # Pack and install the main package - tarball = npm_pack(env, d.getVar("NPM_PACKAGE"), tmpdir) + (tarball, _) = npm_pack(env, d.getVar("NPM_PACKAGE"), tmpdir) cmd = "npm install %s %s" % (shlex.quote(tarball), d.getVar("EXTRA_OENPM")) env.run(cmd, args=args) } diff --git a/poky/meta/classes/package_rpm.bbclass b/poky/meta/classes/package_rpm.bbclass index e9ff1f7e65..bbbef3793f 100644 --- a/poky/meta/classes/package_rpm.bbclass +++ b/poky/meta/classes/package_rpm.bbclass @@ -193,8 +193,6 @@ python write_specfile () { if path.endswith("DEBIAN") or path.endswith("CONTROL"): continue path = path.replace("%", "%%%%%%%%") - path = path.replace("[", "?") - path = path.replace("]", "?") # Treat all symlinks to directories as normal files. # os.walk() lists them as directories. @@ -214,8 +212,6 @@ python write_specfile () { if dir == "CONTROL" or dir == "DEBIAN": continue dir = dir.replace("%", "%%%%%%%%") - dir = dir.replace("[", "?") - dir = dir.replace("]", "?") # All packages own the directories their files are in... target.append('%dir "' + path + '/' + dir + '"') else: @@ -230,8 +226,6 @@ python write_specfile () { if file == "CONTROL" or file == "DEBIAN": continue file = file.replace("%", "%%%%%%%%") - file = file.replace("[", "?") - file = file.replace("]", "?") if conffiles.count(path + '/' + file): target.append('%config "' + path + '/' + file + '"') else: diff --git a/poky/meta/classes/rootfs-postcommands.bbclass b/poky/meta/classes/rootfs-postcommands.bbclass index a59d9b5878..5c0b3ec37c 100644 --- a/poky/meta/classes/rootfs-postcommands.bbclass +++ b/poky/meta/classes/rootfs-postcommands.bbclass @@ -14,7 +14,7 @@ ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'deb # Create /etc/timestamp during image construction to give a reasonably sane default time setting ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp; " -# Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled +# Tweak files in /etc if read-only-rootfs is enabled ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs", "read_only_rootfs_hook; ", "",d)}' # We also need to do the same for the kernel boot parameters, @@ -103,20 +103,24 @@ read_only_rootfs_hook () { # If we're using openssh and the /etc/ssh directory has no pre-generated keys, # we should configure openssh to use the configuration file /etc/ssh/sshd_config_readonly # and the keys under /var/run/ssh. - if [ -d ${IMAGE_ROOTFS}/etc/ssh ]; then - if [ -e ${IMAGE_ROOTFS}/etc/ssh/ssh_host_rsa_key ]; then - echo "SYSCONFDIR=\${SYSCONFDIR:-/etc/ssh}" >> ${IMAGE_ROOTFS}/etc/default/ssh - echo "SSHD_OPTS=" >> ${IMAGE_ROOTFS}/etc/default/ssh - else - echo "SYSCONFDIR=\${SYSCONFDIR:-/var/run/ssh}" >> ${IMAGE_ROOTFS}/etc/default/ssh - echo "SSHD_OPTS='-f /etc/ssh/sshd_config_readonly'" >> ${IMAGE_ROOTFS}/etc/default/ssh + # If overlayfs-etc is used this is not done as /etc is treated as writable + # If stateless-rootfs is enabled this is always done as we don't want to save keys then + if ${@ 'true' if not bb.utils.contains('IMAGE_FEATURES', 'overlayfs-etc', True, False, d) or bb.utils.contains('IMAGE_FEATURES', 'stateless-rootfs', True, False, d) else 'false'}; then + if [ -d ${IMAGE_ROOTFS}/etc/ssh ]; then + if [ -e ${IMAGE_ROOTFS}/etc/ssh/ssh_host_rsa_key ]; then + echo "SYSCONFDIR=\${SYSCONFDIR:-/etc/ssh}" >> ${IMAGE_ROOTFS}/etc/default/ssh + echo "SSHD_OPTS=" >> ${IMAGE_ROOTFS}/etc/default/ssh + else + echo "SYSCONFDIR=\${SYSCONFDIR:-/var/run/ssh}" >> ${IMAGE_ROOTFS}/etc/default/ssh + echo "SSHD_OPTS='-f /etc/ssh/sshd_config_readonly'" >> ${IMAGE_ROOTFS}/etc/default/ssh + fi fi - fi - # Also tweak the key location for dropbear in the same way. - if [ -d ${IMAGE_ROOTFS}/etc/dropbear ]; then - if [ ! -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ]; then - echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >> ${IMAGE_ROOTFS}/etc/default/dropbear + # Also tweak the key location for dropbear in the same way. + if [ -d ${IMAGE_ROOTFS}/etc/dropbear ]; then + if [ ! -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ]; then + echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >> ${IMAGE_ROOTFS}/etc/default/dropbear + fi fi fi diff --git a/poky/meta/classes/sanity.bbclass b/poky/meta/classes/sanity.bbclass index b1fac107d5..a79e36b594 100644 --- a/poky/meta/classes/sanity.bbclass +++ b/poky/meta/classes/sanity.bbclass @@ -351,6 +351,7 @@ def check_connectivity(d): if len(msg) == 0: msg = "%s.\n" % err msg += " Please ensure your host's network is configured correctly.\n" + msg += " Please ensure CONNECTIVITY_CHECK_URIS is correct and specified URIs are available.\n" msg += " If your ISP or network is blocking the above URL,\n" msg += " try with another domain name, for example by setting:\n" msg += " CONNECTIVITY_CHECK_URIS = \"https://www.example.com/\"" diff --git a/poky/meta/classes/uboot-sign.bbclass b/poky/meta/classes/uboot-sign.bbclass index 31ffe1f472..eecdec9160 100644 --- a/poky/meta/classes/uboot-sign.bbclass +++ b/poky/meta/classes/uboot-sign.bbclass @@ -73,6 +73,9 @@ UBOOT_FIT_HASH_ALG ?= "sha256" FIT_SIGN_ALG ?= "rsa2048" UBOOT_FIT_SIGN_ALG ?= "rsa2048" +# Kernel / U-Boot fitImage Padding Algo +FIT_PAD_ALG ?= "pkcs-1.5" + # Generate keys for signing Kernel / U-Boot fitImage FIT_GENERATE_KEYS ?= "0" UBOOT_FIT_GENERATE_KEYS ?= "0" diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf index 2a3cf6f8aa..516a30c963 100644 --- a/poky/meta/conf/bitbake.conf +++ b/poky/meta/conf/bitbake.conf @@ -924,7 +924,7 @@ SHELL[unexport] = "1" TRANSLATED_TARGET_ARCH ??= "${@d.getVar('TARGET_ARCH').replace("_", "-")}" # Set a default umask to use for tasks for determinism -BB_DEFAULT_UMASK = "022" +BB_DEFAULT_UMASK ??= "022" # Complete output from bitbake BB_CONSOLELOG ?= "${LOG_DIR}/cooker/${MACHINE}/${DATETIME}.log" diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc index 0a1897fc92..4778b1e5e6 100644 --- a/poky/meta/conf/distro/include/maintainers.inc +++ b/poky/meta/conf/distro/include/maintainers.inc @@ -544,10 +544,10 @@ RECIPE_MAINTAINER:pn-ofono = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-opensbi = "Alistair Francis <alistair.francis@wdc.com>" RECIPE_MAINTAINER:pn-openssh = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-openssl = "Alexander Kanavin <alex.kanavin@gmail.com>" -RECIPE_MAINTAINER:pn-opkg = "Alejandro del Castillo <alejandro.delcastillo@ni.com>" -RECIPE_MAINTAINER:pn-opkg-arch-config = "Alejandro del Castillo <alejandro.delcastillo@ni.com>" -RECIPE_MAINTAINER:pn-opkg-keyrings = "Alejandro del Castillo <alejandro.delcastillo@ni.com>" -RECIPE_MAINTAINER:pn-opkg-utils = "Alejandro del Castillo <alejandro.delcastillo@ni.com>" +RECIPE_MAINTAINER:pn-opkg = "Alex Stewart <alex.stewart@ni.com>" +RECIPE_MAINTAINER:pn-opkg-arch-config = "Alex Stewart <alex.stewart@ni.com>" +RECIPE_MAINTAINER:pn-opkg-keyrings = "Alex Stewart <alex.stewart@ni.com>" +RECIPE_MAINTAINER:pn-opkg-utils = "Alex Stewart <alex.stewart@ni.com>" RECIPE_MAINTAINER:pn-orc = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-os-release = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-ovmf = "Ricardo Neri <ricardo.neri-calderon@linux.intel.com>" diff --git a/poky/meta/conf/machine/include/arm/arch-armv9a.inc b/poky/meta/conf/machine/include/arm/arch-armv9a.inc new file mode 100644 index 0000000000..c38d6cfdf6 --- /dev/null +++ b/poky/meta/conf/machine/include/arm/arch-armv9a.inc @@ -0,0 +1,28 @@ +DEFAULTTUNE ?= "armv9a-crc" + +TUNEVALID[armv9a] = "Enable instructions for ARMv9-a" +TUNE_CCARGS_MARCH .= "${@bb.utils.contains('TUNE_FEATURES', 'armv9a', ' -march=armv9-a', '', d)}" +MACHINEOVERRIDES =. "${@bb.utils.contains('TUNE_FEATURES', 'armv9a', 'armv9a:', '', d)}" + +require conf/machine/include/arm/arch-arm64.inc +require conf/machine/include/arm/feature-arm-crc.inc +require conf/machine/include/arm/feature-arm-crypto.inc + +# Little Endian base configs +AVAILTUNES += "armv9a armv9a-crc armv9a-crc-crypto armv9a-crypto" +ARMPKGARCH:tune-armv9a ?= "armv9a" +ARMPKGARCH:tune-armv9a-crc ?= "armv9a" +ARMPKGARCH:tune-armv9a-crypto ?= "armv9a" +ARMPKGARCH:tune-armv9a-crc-crypto ?= "armv9a" +TUNE_FEATURES:tune-armv9a = "aarch64 armv9a" +TUNE_FEATURES:tune-armv9a-crc = "${TUNE_FEATURES:tune-armv9a} crc" +TUNE_FEATURES:tune-armv9a-crypto = "${TUNE_FEATURES:tune-armv9a} crypto" +TUNE_FEATURES:tune-armv9a-crc-crypto = "${TUNE_FEATURES:tune-armv9a-crc} crypto" +PACKAGE_EXTRA_ARCHS:tune-armv9a = "aarch64 armv9a" +PACKAGE_EXTRA_ARCHS:tune-armv9a-crc = "${PACKAGE_EXTRA_ARCHS:tune-armv9a} armv9a-crc" +PACKAGE_EXTRA_ARCHS:tune-armv9a-crypto = "${PACKAGE_EXTRA_ARCHS:tune-armv9a} armv9a-crypto" +PACKAGE_EXTRA_ARCHS:tune-armv9a-crc-crypto = "${PACKAGE_EXTRA_ARCHS:tune-armv9a-crc} armv9a-crypto armv9a-crc-crypto" +BASE_LIB:tune-armv9a = "lib64" +BASE_LIB:tune-armv9a-crc = "lib64" +BASE_LIB:tune-armv9a-crypto = "lib64" +BASE_LIB:tune-armv9a-crc-crypto = "lib64" diff --git a/poky/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc b/poky/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc index 36355f7bed..d26ab25e48 100644 --- a/poky/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc +++ b/poky/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc @@ -6,17 +6,15 @@ DEFAULTTUNE ?= "neoversen2" TUNEVALID[neoversen2] = "Enable Neoverse-N2 specific processor optimizations" TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'neoversen2', ' -mcpu=neoverse-n2', '', d)}" -# Even though the Neoverse N2 core implemnts the Arm v9.0-A architecture, -# but the support of it in GCC is based on the Arm v8.5-A architecture. -require conf/machine/include/arm/arch-armv8-5a.inc +require conf/machine/include/arm/arch-armv9a.inc # Little Endian base configs AVAILTUNES += "neoversen2 neoversen2-crypto" ARMPKGARCH:tune-neoversen2 = "neoversen2" ARMPKGARCH:tune-neoversen2-crypto = "neoversen2-crypto" -TUNE_FEATURES:tune-neoversen2 = "${TUNE_FEATURES:tune-armv8-5a} neoversen2" +TUNE_FEATURES:tune-neoversen2 = "${TUNE_FEATURES:tune-armv9a} neoversen2" TUNE_FEATURES:tune-neoversen2-crypto = "${TUNE_FEATURES:tune-neoversen2} crypto" -PACKAGE_EXTRA_ARCHS:tune-neoversen2 = "${PACKAGE_EXTRA_ARCHS:tune-armv8-5a} neoversen2" -PACKAGE_EXTRA_ARCHS:tune-neoversen2-crypto = "${PACKAGE_EXTRA_ARCHS:tune-armv8-5a-crypto} neoversen2 neoversen2-crypto" +PACKAGE_EXTRA_ARCHS:tune-neoversen2 = "${PACKAGE_EXTRA_ARCHS:tune-armv9a} neoversen2" +PACKAGE_EXTRA_ARCHS:tune-neoversen2-crypto = "${PACKAGE_EXTRA_ARCHS:tune-armv9a-crypto} neoversen2 neoversen2-crypto" BASE_LIB:tune-neoversen2 = "lib64" BASE_LIB:tune-neoversen2-crypto = "lib64" diff --git a/poky/meta/lib/oe/cve_check.py b/poky/meta/lib/oe/cve_check.py index aa06497727..f40f16d7ab 100644 --- a/poky/meta/lib/oe/cve_check.py +++ b/poky/meta/lib/oe/cve_check.py @@ -143,7 +143,7 @@ def get_cpe_ids(cve_product, version): else: vendor = "*" - cpe_id = f'cpe:2.3:a:{vendor}:{product}:{version}:*:*:*:*:*:*:*' + cpe_id = 'cpe:2.3:a:{}:{}:{}:*:*:*:*:*:*:*'.format(vendor, product, version) cpe_ids.append(cpe_id) return cpe_ids diff --git a/poky/meta/lib/oe/npm_registry.py b/poky/meta/lib/oe/npm_registry.py new file mode 100644 index 0000000000..96c0affb45 --- /dev/null +++ b/poky/meta/lib/oe/npm_registry.py @@ -0,0 +1,169 @@ +import bb +import json +import subprocess + +_ALWAYS_SAFE = frozenset('ABCDEFGHIJKLMNOPQRSTUVWXYZ' + 'abcdefghijklmnopqrstuvwxyz' + '0123456789' + '_.-~') + +MISSING_OK = object() + +REGISTRY = "https://registry.npmjs.org" + +# we can not use urllib.parse here because npm expects lowercase +# hex-chars but urllib generates uppercase ones +def uri_quote(s, safe = '/'): + res = "" + safe_set = set(safe) + for c in s: + if c in _ALWAYS_SAFE or c in safe_set: + res += c + else: + res += '%%%02x' % ord(c) + return res + +class PackageJson: + def __init__(self, spec): + self.__spec = spec + + @property + def name(self): + return self.__spec['name'] + + @property + def version(self): + return self.__spec['version'] + + @property + def empty_manifest(self): + return { + 'name': self.name, + 'description': self.__spec.get('description', ''), + 'versions': {}, + } + + def base_filename(self): + return uri_quote(self.name, safe = '@') + + def as_manifest_entry(self, tarball_uri): + res = {} + + ## NOTE: 'npm install' requires more than basic meta information; + ## e.g. it takes 'bin' from this manifest entry but not the actual + ## 'package.json' + for (idx,dflt) in [('name', None), + ('description', ""), + ('version', None), + ('bin', MISSING_OK), + ('man', MISSING_OK), + ('scripts', MISSING_OK), + ('directories', MISSING_OK), + ('dependencies', MISSING_OK), + ('devDependencies', MISSING_OK), + ('optionalDependencies', MISSING_OK), + ('license', "unknown")]: + if idx in self.__spec: + res[idx] = self.__spec[idx] + elif dflt == MISSING_OK: + pass + elif dflt != None: + res[idx] = dflt + else: + raise Exception("%s-%s: missing key %s" % (self.name, + self.version, + idx)) + + res['dist'] = { + 'tarball': tarball_uri, + } + + return res + +class ManifestImpl: + def __init__(self, base_fname, spec): + self.__base = base_fname + self.__spec = spec + + def load(self): + try: + with open(self.filename, "r") as f: + res = json.load(f) + except IOError: + res = self.__spec.empty_manifest + + return res + + def save(self, meta): + with open(self.filename, "w") as f: + json.dump(meta, f, indent = 2) + + @property + def filename(self): + return self.__base + ".meta" + +class Manifest: + def __init__(self, base_fname, spec): + self.__base = base_fname + self.__spec = spec + self.__lockf = None + self.__impl = None + + def __enter__(self): + self.__lockf = bb.utils.lockfile(self.__base + ".lock") + self.__impl = ManifestImpl(self.__base, self.__spec) + return self.__impl + + def __exit__(self, exc_type, exc_val, exc_tb): + bb.utils.unlockfile(self.__lockf) + +class NpmCache: + def __init__(self, cache): + self.__cache = cache + + @property + def path(self): + return self.__cache + + def run(self, type, key, fname): + subprocess.run(['oe-npm-cache', self.__cache, type, key, fname], + check = True) + +class NpmRegistry: + def __init__(self, path, cache): + self.__path = path + self.__cache = NpmCache(cache + '/_cacache') + bb.utils.mkdirhier(self.__path) + bb.utils.mkdirhier(self.__cache.path) + + @staticmethod + ## This function is critical and must match nodejs expectations + def _meta_uri(spec): + return REGISTRY + '/' + uri_quote(spec.name, safe = '@') + + @staticmethod + ## Exact return value does not matter; just make it look like a + ## usual registry url + def _tarball_uri(spec): + return '%s/%s/-/%s-%s.tgz' % (REGISTRY, + uri_quote(spec.name, safe = '@'), + uri_quote(spec.name, safe = '@/'), + spec.version) + + def add_pkg(self, tarball, pkg_json): + pkg_json = PackageJson(pkg_json) + base = os.path.join(self.__path, pkg_json.base_filename()) + + with Manifest(base, pkg_json) as manifest: + meta = manifest.load() + tarball_uri = self._tarball_uri(pkg_json) + + meta['versions'][pkg_json.version] = pkg_json.as_manifest_entry(tarball_uri) + + manifest.save(meta) + + ## Cache entries are a little bit dependent on the nodejs + ## version; version specific cache implementation must + ## mitigate differences + self.__cache.run('meta', self._meta_uri(pkg_json), manifest.filename); + self.__cache.run('tgz', tarball_uri, tarball); diff --git a/poky/meta/lib/oe/rootfs.py b/poky/meta/lib/oe/rootfs.py index 9e6b411fb6..91312f8353 100644 --- a/poky/meta/lib/oe/rootfs.py +++ b/poky/meta/lib/oe/rootfs.py @@ -384,6 +384,10 @@ def create_rootfs(d, manifest_dir=None, progress_reporter=None, logcatcher=None) def image_list_installed_packages(d, rootfs_dir=None): + # Theres no rootfs for baremetal images + if bb.data.inherits_class('baremetal-image', d): + return "" + if not rootfs_dir: rootfs_dir = d.getVar('IMAGE_ROOTFS') diff --git a/poky/meta/lib/oe/spdx.py b/poky/meta/lib/oe/spdx.py index 14ca706895..6d56ed90df 100644 --- a/poky/meta/lib/oe/spdx.py +++ b/poky/meta/lib/oe/spdx.py @@ -218,7 +218,7 @@ class SPDXPackage(SPDXObject): SPDXID = _String() versionInfo = _String() downloadLocation = _String(default="NOASSERTION") - packageSupplier = _String(default="NOASSERTION") + supplier = _String(default="NOASSERTION") homepage = _String() licenseConcluded = _String(default="NOASSERTION") licenseDeclared = _String(default="NOASSERTION") diff --git a/poky/meta/lib/oeqa/runtime/cases/dnf.py b/poky/meta/lib/oeqa/runtime/cases/dnf.py index f40c63026e..2cfb36425c 100644 --- a/poky/meta/lib/oeqa/runtime/cases/dnf.py +++ b/poky/meta/lib/oeqa/runtime/cases/dnf.py @@ -144,7 +144,7 @@ class DnfRepoTest(DnfTest): self.assertEqual(0, status, output) @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache']) - @skipIfNotInDataVar('DISTRO_FEATURES', 'usrmerge', 'Test run when enable usrmege') + @skipIfNotInDataVar('DISTRO_FEATURES', 'usrmerge', 'Test run when enable usrmerge') @OEHasPackage('busybox') def test_dnf_installroot_usrmerge(self): rootpath = '/home/root/chroot/test' diff --git a/poky/meta/lib/oeqa/runtime/cases/parselogs.py b/poky/meta/lib/oeqa/runtime/cases/parselogs.py index 1f9365f3a8..2d59bcf5f7 100644 --- a/poky/meta/lib/oeqa/runtime/cases/parselogs.py +++ b/poky/meta/lib/oeqa/runtime/cases/parselogs.py @@ -64,6 +64,7 @@ common_errors = [ "[pulseaudio] authkey.c: Failed to load authentication key", "was skipped because of a failed condition check", "was skipped because all trigger condition checks failed", + "xf86OpenConsole: Switching VT failed", ] video_related = [ @@ -140,6 +141,7 @@ ignore_errors = { 'Failed to initialize \'/amba/timer@101e3000\': -22', 'jitterentropy: Initialization failed with host not compliant with requirements: 2', 'clcd-pl11x: probe of 10120000.display failed with error -2', + 'arm-charlcd 10008000.lcd: error -ENXIO: IRQ index 0 not found' ] + common_errors, 'qemuarm64' : [ 'Fatal server error:', diff --git a/poky/meta/lib/oeqa/selftest/cases/fitimage.py b/poky/meta/lib/oeqa/selftest/cases/fitimage.py index e6bfd1257e..d732a9020d 100644 --- a/poky/meta/lib/oeqa/selftest/cases/fitimage.py +++ b/poky/meta/lib/oeqa/selftest/cases/fitimage.py @@ -738,6 +738,7 @@ UBOOT_LOADADDRESS = "0x80000000" UBOOT_DTB_LOADADDRESS = "0x82000000" UBOOT_ARCH = "arm" UBOOT_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000" +UBOOT_MKIMAGE_KERNEL_TYPE = "kernel" UBOOT_EXTLINUX = "0" FIT_GENERATE_KEYS = "1" KERNEL_IMAGETYPE_REPLACEMENT = "zImage" @@ -763,6 +764,7 @@ FIT_HASH_ALG = "sha256" kernel_load = str(get_bb_var('UBOOT_LOADADDRESS')) kernel_entry = str(get_bb_var('UBOOT_ENTRYPOINT')) + kernel_type = str(get_bb_var('UBOOT_MKIMAGE_KERNEL_TYPE')) kernel_compression = str(get_bb_var('FIT_KERNEL_COMP_ALG')) uboot_arch = str(get_bb_var('UBOOT_ARCH')) fit_hash_alg = str(get_bb_var('FIT_HASH_ALG')) @@ -775,7 +777,7 @@ FIT_HASH_ALG = "sha256" 'kernel-1 {', 'description = "Linux kernel";', 'data = /incbin/("linux.bin");', - 'type = "kernel";', + 'type = "' + kernel_type + '";', 'arch = "' + uboot_arch + '";', 'os = "linux";', 'compression = "' + kernel_compression + '";', diff --git a/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py b/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py index c809d7c9b1..978898b86f 100644 --- a/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py +++ b/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py @@ -43,12 +43,6 @@ class oeGoToolchainSelfTest(OESelftestTestCase): @classmethod def tearDownClass(cls): - # Go creates file which are readonly - for dirpath, dirnames, filenames in os.walk(cls.tmpdir_SDKQA): - for filename in filenames + dirnames: - f = os.path.join(dirpath, filename) - if not os.path.islink(f): - os.chmod(f, 0o775) shutil.rmtree(cls.tmpdir_SDKQA, ignore_errors=True) super(oeGoToolchainSelfTest, cls).tearDownClass() @@ -56,6 +50,8 @@ class oeGoToolchainSelfTest(OESelftestTestCase): cmd = "cd %s/src/%s/%s; " % (self.go_path, proj, name) cmd = cmd + ". %s; " % self.env_SDK cmd = cmd + "export GOPATH=%s; " % self.go_path + cmd = cmd + "export GOFLAGS=-modcacherw; " + cmd = cmd + "export CGO_ENABLED=1; " cmd = cmd + "${CROSS_COMPILE}go %s" % gocmd return runCmd(cmd).status diff --git a/poky/meta/lib/oeqa/selftest/cases/git.py b/poky/meta/lib/oeqa/selftest/cases/intercept.py index f12874dc7d..f12874dc7d 100644 --- a/poky/meta/lib/oeqa/selftest/cases/git.py +++ b/poky/meta/lib/oeqa/selftest/cases/intercept.py diff --git a/poky/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py b/poky/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py index 802a91a488..33bd6df2f3 100644 --- a/poky/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py +++ b/poky/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py @@ -3,6 +3,7 @@ # import os +import sys from oeqa.selftest.case import OESelftestTestCase import tempfile import operator @@ -11,15 +12,14 @@ from oeqa.utils.commands import get_bb_var class TestBlobParsing(OESelftestTestCase): def setUp(self): - import time self.repo_path = tempfile.mkdtemp(prefix='selftest-buildhistory', dir=get_bb_var('TOPDIR')) try: from git import Repo self.repo = Repo.init(self.repo_path) - except ImportError: - self.skipTest('Python module GitPython is not present') + except ImportError as e: + self.skipTest('Python module GitPython is not present (%s) (%s)' % (e, sys.path)) self.test_file = "test" self.var_map = {} diff --git a/poky/meta/lib/oeqa/selftest/cases/wic.py b/poky/meta/lib/oeqa/selftest/cases/wic.py index de74c07a03..49fb6fe52c 100644 --- a/poky/meta/lib/oeqa/selftest/cases/wic.py +++ b/poky/meta/lib/oeqa/selftest/cases/wic.py @@ -1420,7 +1420,7 @@ class ModifyTests(WicTestCase): # list directory content of the first partition result = runCmd("wic ls %s:1 -n %s" % (images[0], sysroot)) - self.assertIn('\n%s ' % kerneltype.upper(), result.output) + self.assertIn('\n%s ' % kerneltype.upper(), result.output) self.assertIn('\nEFI <DIR> ', result.output) # remove file. EFI partitions are case-insensitive so exercise that too diff --git a/poky/meta/lib/oeqa/utils/qemurunner.py b/poky/meta/lib/oeqa/utils/qemurunner.py index 76296d50cd..c19164e6e7 100644 --- a/poky/meta/lib/oeqa/utils/qemurunner.py +++ b/poky/meta/lib/oeqa/utils/qemurunner.py @@ -471,9 +471,9 @@ class QemuRunner: self.server_socket = qemusock stopread = True reachedlogin = True - self.logger.debug("Reached login banner in %s seconds (%s)" % + self.logger.debug("Reached login banner in %s seconds (%s, %s)" % (time.time() - (endtime - self.boottime), - time.strftime("%D %H:%M:%S"))) + time.strftime("%D %H:%M:%S"), time.time())) else: # no need to check if reachedlogin unless we support multiple connections self.logger.debug("QEMU socket disconnected before login banner reached. (%s)" % @@ -618,6 +618,8 @@ class QemuRunner: return self.qmp.cmd(command) def run_serial(self, command, raw=False, timeout=60): + # Returns (status, output) where status is 1 on success and 0 on error + # We assume target system have echo to get command status if not raw: command = "%s; echo $?\n" % command diff --git a/poky/meta/lib/rootfspostcommands.py b/poky/meta/lib/rootfspostcommands.py index fdb9f5b850..12f66d2ce2 100644 --- a/poky/meta/lib/rootfspostcommands.py +++ b/poky/meta/lib/rootfspostcommands.py @@ -58,3 +58,10 @@ def sort_passwd(sysconfdir): remove_backup(filename) if os.path.exists(filename): sort_file(filename, mapping) + # Drop other known backup shadow-utils. + for filename in ( + 'subgid', + 'subuid', + ): + filepath = os.path.join(sysconfdir, filename) + remove_backup(filepath) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch new file mode 100644 index 0000000000..7f7bb1acfe --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch @@ -0,0 +1,179 @@ +From e623866d9286410156e8b9d2c82d6253a1b22d08 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 6 Jul 2021 18:51:35 +1000 +Subject: [PATCH] video/readers/png: Drop greyscale support to fix heap + out-of-bounds write + +A 16-bit greyscale PNG without alpha is processed in the following loop: + + for (i = 0; i < (data->image_width * data->image_height); + i++, d1 += 4, d2 += 2) + { + d1[R3] = d2[1]; + d1[G3] = d2[1]; + d1[B3] = d2[1]; + } + +The increment of d1 is wrong. d1 is incremented by 4 bytes per iteration, +but there are only 3 bytes allocated for storage. This means that image +data will overwrite somewhat-attacker-controlled parts of memory - 3 bytes +out of every 4 following the end of the image. + +This has existed since greyscale support was added in 2013 in commit +3ccf16dff98f (grub-core/video/readers/png.c: Support grayscale). + +Saving starfield.png as a 16-bit greyscale image without alpha in the gimp +and attempting to load it causes grub-emu to crash - I don't think this code +has ever worked. + +Delete all PNG greyscale support. + +Fixes: CVE-2021-3695 + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2021-3695 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e623866d9286410156e8b9d2c82d6253a1b22d08 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/video/readers/png.c | 87 +++-------------------------------- + 1 file changed, 7 insertions(+), 80 deletions(-) + +diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c +index 35ae553c8..a3161e25b 100644 +--- a/grub-core/video/readers/png.c ++++ b/grub-core/video/readers/png.c +@@ -100,7 +100,7 @@ struct grub_png_data + + unsigned image_width, image_height; + int bpp, is_16bit; +- int raw_bytes, is_gray, is_alpha, is_palette; ++ int raw_bytes, is_alpha, is_palette; + int row_bytes, color_bits; + grub_uint8_t *image_data; + +@@ -296,13 +296,13 @@ grub_png_decode_image_header (struct grub_png_data *data) + data->bpp = 3; + else + { +- data->is_gray = 1; +- data->bpp = 1; ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "png: color type not supported"); + } + + if ((color_bits != 8) && (color_bits != 16) + && (color_bits != 4 +- || !(data->is_gray || data->is_palette))) ++ || !data->is_palette)) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, + "png: bit depth must be 8 or 16"); + +@@ -331,7 +331,7 @@ grub_png_decode_image_header (struct grub_png_data *data) + } + + #ifndef GRUB_CPU_WORDS_BIGENDIAN +- if (data->is_16bit || data->is_gray || data->is_palette) ++ if (data->is_16bit || data->is_palette) + #endif + { + data->image_data = grub_calloc (data->image_height, data->row_bytes); +@@ -899,27 +899,8 @@ grub_png_convert_image (struct grub_png_data *data) + int shift; + int mask = (1 << data->color_bits) - 1; + unsigned j; +- if (data->is_gray) +- { +- /* Generic formula is +- (0xff * i) / ((1U << data->color_bits) - 1) +- but for allowed bit depth of 1, 2 and for it's +- equivalent to +- (0xff / ((1U << data->color_bits) - 1)) * i +- Precompute the multipliers to avoid division. +- */ +- +- const grub_uint8_t multipliers[5] = { 0xff, 0xff, 0x55, 0x24, 0x11 }; +- for (i = 0; i < (1U << data->color_bits); i++) +- { +- grub_uint8_t col = multipliers[data->color_bits] * i; +- palette[i][0] = col; +- palette[i][1] = col; +- palette[i][2] = col; +- } +- } +- else +- grub_memcpy (palette, data->palette, 3 << data->color_bits); ++ ++ grub_memcpy (palette, data->palette, 3 << data->color_bits); + d1c = d1; + d2c = d2; + for (j = 0; j < data->image_height; j++, d1c += data->image_width * 3, +@@ -957,60 +938,6 @@ grub_png_convert_image (struct grub_png_data *data) + return; + } + +- if (data->is_gray) +- { +- switch (data->bpp) +- { +- case 4: +- /* 16-bit gray with alpha. */ +- for (i = 0; i < (data->image_width * data->image_height); +- i++, d1 += 4, d2 += 4) +- { +- d1[R4] = d2[3]; +- d1[G4] = d2[3]; +- d1[B4] = d2[3]; +- d1[A4] = d2[1]; +- } +- break; +- case 2: +- if (data->is_16bit) +- /* 16-bit gray without alpha. */ +- { +- for (i = 0; i < (data->image_width * data->image_height); +- i++, d1 += 4, d2 += 2) +- { +- d1[R3] = d2[1]; +- d1[G3] = d2[1]; +- d1[B3] = d2[1]; +- } +- } +- else +- /* 8-bit gray with alpha. */ +- { +- for (i = 0; i < (data->image_width * data->image_height); +- i++, d1 += 4, d2 += 2) +- { +- d1[R4] = d2[1]; +- d1[G4] = d2[1]; +- d1[B4] = d2[1]; +- d1[A4] = d2[0]; +- } +- } +- break; +- /* 8-bit gray without alpha. */ +- case 1: +- for (i = 0; i < (data->image_width * data->image_height); +- i++, d1 += 3, d2++) +- { +- d1[R3] = d2[0]; +- d1[G3] = d2[0]; +- d1[B3] = d2[0]; +- } +- break; +- } +- return; +- } +- + { + /* Only copy the upper 8 bit. */ + #ifndef GRUB_CPU_WORDS_BIGENDIAN +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch new file mode 100644 index 0000000000..f06514e665 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch @@ -0,0 +1,50 @@ +From 210245129c932dc9e1c2748d9d35524fb95b5042 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 6 Jul 2021 23:25:07 +1000 +Subject: [PATCH] video/readers/png: Avoid heap OOB R/W inserting huff table + items + +In fuzzing we observed crashes where a code would attempt to be inserted +into a huffman table before the start, leading to a set of heap OOB reads +and writes as table entries with negative indices were shifted around and +the new code written in. + +Catch the case where we would underflow the array and bail. + +Fixes: CVE-2021-3696 + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2021-3696 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=210245129c932dc9e1c2748d9d35524fb95b5042 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/video/readers/png.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c +index a3161e25b..d7ed5aa6c 100644 +--- a/grub-core/video/readers/png.c ++++ b/grub-core/video/readers/png.c +@@ -438,6 +438,13 @@ grub_png_insert_huff_item (struct huff_table *ht, int code, int len) + for (i = len; i < ht->max_length; i++) + n += ht->maxval[i]; + ++ if (n > ht->num_values) ++ { ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "png: out of range inserting huffman table item"); ++ return; ++ } ++ + for (i = 0; i < n; i++) + ht->values[ht->num_values - i] = ht->values[ht->num_values - i - 1]; + +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch new file mode 100644 index 0000000000..e9fc52df86 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch @@ -0,0 +1,84 @@ +From 22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Wed, 7 Jul 2021 15:38:19 +1000 +Subject: [PATCH] video/readers/jpeg: Block int underflow -> wild pointer write + +Certain 1 px wide images caused a wild pointer write in +grub_jpeg_ycrcb_to_rgb(). This was caused because in grub_jpeg_decode_data(), +we have the following loop: + +for (; data->r1 < nr1 && (!data->dri || rst); + data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3) + +We did not check if vb * width >= hb * nc1. + +On a 64-bit platform, if that turns out to be negative, it will underflow, +be interpreted as unsigned 64-bit, then be added to the 64-bit pointer, so +we see data->bitmap_ptr jump, e.g.: + +0x6180_0000_0480 to +0x6181_0000_0498 + ^ + ~--- carry has occurred and this pointer is now far away from + any object. + +On a 32-bit platform, it will decrement the pointer, creating a pointer +that won't crash but will overwrite random data. + +Catch the underflow and error out. + +Fixes: CVE-2021-3697 + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2021-3697 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/video/readers/jpeg.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c +index 579bbe8a4..09596fbf5 100644 +--- a/grub-core/video/readers/jpeg.c ++++ b/grub-core/video/readers/jpeg.c +@@ -23,6 +23,7 @@ + #include <grub/mm.h> + #include <grub/misc.h> + #include <grub/bufio.h> ++#include <grub/safemath.h> + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -699,6 +700,7 @@ static grub_err_t + grub_jpeg_decode_data (struct grub_jpeg_data *data) + { + unsigned c1, vb, hb, nr1, nc1; ++ unsigned stride_a, stride_b, stride; + int rst = data->dri; + grub_err_t err = GRUB_ERR_NONE; + +@@ -711,8 +713,14 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, + "jpeg: attempted to decode data before start of stream"); + ++ if (grub_mul(vb, data->image_width, &stride_a) || ++ grub_mul(hb, nc1, &stride_b) || ++ grub_sub(stride_a, stride_b, &stride)) ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: cannot decode image with these dimensions"); ++ + for (; data->r1 < nr1 && (!data->dri || rst); +- data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3) ++ data->r1++, data->bitmap_ptr += stride * 3) + for (c1 = 0; c1 < nc1 && (!data->dri || rst); + c1++, rst--, data->bitmap_ptr += hb * 3) + { +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch new file mode 100644 index 0000000000..8bf9090f94 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch @@ -0,0 +1,63 @@ +From 3e4817538de828319ba6d59ced2fbb9b5ca13287 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Mon, 20 Dec 2021 19:41:21 +1100 +Subject: [PATCH] net/ip: Do IP fragment maths safely + +We can receive packets with invalid IP fragmentation information. This +can lead to rsm->total_len underflowing and becoming very large. + +Then, in grub_netbuff_alloc(), we add to this very large number, which can +cause it to overflow and wrap back around to a small positive number. +The allocation then succeeds, but the resulting buffer is too small and +subsequent operations can write past the end of the buffer. + +Catch the underflow here. + +Fixes: CVE-2022-28733 + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2022-28733 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3e4817538de828319ba6d59ced2fbb9b5ca13287 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> + +--- + grub-core/net/ip.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/grub-core/net/ip.c b/grub-core/net/ip.c +index e3d62e97f..3c3d0be0e 100644 +--- a/grub-core/net/ip.c ++++ b/grub-core/net/ip.c +@@ -25,6 +25,7 @@ + #include <grub/net/netbuff.h> + #include <grub/mm.h> + #include <grub/priority_queue.h> ++#include <grub/safemath.h> + #include <grub/time.h> + + struct iphdr { +@@ -512,7 +513,14 @@ grub_net_recv_ip4_packets (struct grub_net_buff *nb, + { + rsm->total_len = (8 * (grub_be_to_cpu16 (iph->frags) & OFFSET_MASK) + + (nb->tail - nb->data)); +- rsm->total_len -= ((iph->verhdrlen & 0xf) * sizeof (grub_uint32_t)); ++ ++ if (grub_sub (rsm->total_len, (iph->verhdrlen & 0xf) * sizeof (grub_uint32_t), ++ &rsm->total_len)) ++ { ++ grub_dprintf ("net", "IP reassembly size underflow\n"); ++ return GRUB_ERR_NONE; ++ } ++ + rsm->asm_netbuff = grub_netbuff_alloc (rsm->total_len); + if (!rsm->asm_netbuff) + { +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch new file mode 100644 index 0000000000..f31167d315 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch @@ -0,0 +1,58 @@ +From b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 8 Mar 2022 19:04:40 +1100 +Subject: [PATCH] net/http: Error out on headers with LF without CR + +In a similar vein to the previous patch, parse_line() would write +a NUL byte past the end of the buffer if there was an HTTP header +with a LF rather than a CRLF. + +RFC-2616 says: + + Many HTTP/1.1 header field values consist of words separated by LWS + or special characters. These special characters MUST be in a quoted + string to be used within a parameter value (as defined in section 3.6). + +We don't support quoted sections or continuation lines, etc. + +If we see an LF that's not part of a CRLF, bail out. + +Fixes: CVE-2022-28734 + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2022-28734 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/net/http.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/grub-core/net/http.c b/grub-core/net/http.c +index 33a0a28c4..9291a13e2 100644 +--- a/grub-core/net/http.c ++++ b/grub-core/net/http.c +@@ -68,7 +68,15 @@ parse_line (grub_file_t file, http_data_t data, char *ptr, grub_size_t len) + char *end = ptr + len; + while (end > ptr && *(end - 1) == '\r') + end--; ++ ++ /* LF without CR. */ ++ if (end == ptr + len) ++ { ++ data->errmsg = grub_strdup (_("invalid HTTP header - LF without CR")); ++ return GRUB_ERR_NONE; ++ } + *end = 0; ++ + /* Trailing CRLF. */ + if (data->in_chunk_len == 1) + { +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch new file mode 100644 index 0000000000..e0ca1eec44 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch @@ -0,0 +1,56 @@ +From ec6bfd3237394c1c7dbf2fd73417173318d22f4b Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 8 Mar 2022 18:17:03 +1100 +Subject: [PATCH] net/http: Fix OOB write for split http headers + +GRUB has special code for handling an http header that is split +across two packets. + +The code tracks the end of line by looking for a "\n" byte. The +code for split headers has always advanced the pointer just past the +end of the line, whereas the code that handles unsplit headers does +not advance the pointer. This extra advance causes the length to be +one greater, which breaks an assumption in parse_line(), leading to +it writing a NUL byte one byte past the end of the buffer where we +reconstruct the line from the two packets. + +It's conceivable that an attacker controlled set of packets could +cause this to zero out the first byte of the "next" pointer of the +grub_mm_region structure following the current_line buffer. + +Do not advance the pointer in the split header case. + +Fixes: CVE-2022-28734 + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2022-28734 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ec6bfd3237394c1c7dbf2fd73417173318d22f4b + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/net/http.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/grub-core/net/http.c b/grub-core/net/http.c +index f8d7bf0cd..33a0a28c4 100644 +--- a/grub-core/net/http.c ++++ b/grub-core/net/http.c +@@ -190,9 +190,7 @@ http_receive (grub_net_tcp_socket_t sock __attribute__ ((unused)), + int have_line = 1; + char *t; + ptr = grub_memchr (nb->data, '\n', nb->tail - nb->data); +- if (ptr) +- ptr++; +- else ++ if (ptr == NULL) + { + have_line = 0; + ptr = (char *) nb->tail; +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch new file mode 100644 index 0000000000..7a59f10bfb --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch @@ -0,0 +1,111 @@ +From 6fe755c5c07bb386fda58306bfd19e4a1c974c53 Mon Sep 17 00:00:00 2001 +From: Julian Andres Klode <julian.klode@canonical.com> +Date: Thu, 2 Dec 2021 15:03:53 +0100 +Subject: [PATCH] kern/efi/sb: Reject non-kernel files in the shim_lock + verifier + +We must not allow other verifiers to pass things like the GRUB modules. +Instead of maintaining a blocklist, maintain an allowlist of things +that we do not care about. + +This allowlist really should be made reusable, and shared by the +lockdown verifier, but this is the minimal patch addressing +security concerns where the TPM verifier was able to mark modules +as verified (or the OpenPGP verifier for that matter), when it +should not do so on shim-powered secure boot systems. + +Fixes: CVE-2022-28735 + +Signed-off-by: Julian Andres Klode <julian.klode@canonical.com> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE:CVE-2022-28735 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6fe755c5c07bb386fda58306bfd19e4a1c974c53 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/kern/efi/sb.c | 39 ++++++++++++++++++++++++++++++++++++--- + include/grub/verify.h | 1 + + 2 files changed, 37 insertions(+), 3 deletions(-) + +diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c +index c52ec6226..89c4bb3fd 100644 +--- a/grub-core/kern/efi/sb.c ++++ b/grub-core/kern/efi/sb.c +@@ -119,10 +119,11 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)), + void **context __attribute__ ((unused)), + enum grub_verify_flags *flags) + { +- *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; ++ *flags = GRUB_VERIFY_FLAGS_NONE; + + switch (type & GRUB_FILE_TYPE_MASK) + { ++ /* Files we check. */ + case GRUB_FILE_TYPE_LINUX_KERNEL: + case GRUB_FILE_TYPE_MULTIBOOT_KERNEL: + case GRUB_FILE_TYPE_BSD_KERNEL: +@@ -130,11 +131,43 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)), + case GRUB_FILE_TYPE_PLAN9_KERNEL: + case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE: + *flags = GRUB_VERIFY_FLAGS_SINGLE_CHUNK; ++ return GRUB_ERR_NONE; + +- /* Fall through. */ ++ /* Files that do not affect secureboot state. */ ++ case GRUB_FILE_TYPE_NONE: ++ case GRUB_FILE_TYPE_LOOPBACK: ++ case GRUB_FILE_TYPE_LINUX_INITRD: ++ case GRUB_FILE_TYPE_OPENBSD_RAMDISK: ++ case GRUB_FILE_TYPE_XNU_RAMDISK: ++ case GRUB_FILE_TYPE_SIGNATURE: ++ case GRUB_FILE_TYPE_PUBLIC_KEY: ++ case GRUB_FILE_TYPE_PUBLIC_KEY_TRUST: ++ case GRUB_FILE_TYPE_PRINT_BLOCKLIST: ++ case GRUB_FILE_TYPE_TESTLOAD: ++ case GRUB_FILE_TYPE_GET_SIZE: ++ case GRUB_FILE_TYPE_FONT: ++ case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY: ++ case GRUB_FILE_TYPE_CAT: ++ case GRUB_FILE_TYPE_HEXCAT: ++ case GRUB_FILE_TYPE_CMP: ++ case GRUB_FILE_TYPE_HASHLIST: ++ case GRUB_FILE_TYPE_TO_HASH: ++ case GRUB_FILE_TYPE_KEYBOARD_LAYOUT: ++ case GRUB_FILE_TYPE_PIXMAP: ++ case GRUB_FILE_TYPE_GRUB_MODULE_LIST: ++ case GRUB_FILE_TYPE_CONFIG: ++ case GRUB_FILE_TYPE_THEME: ++ case GRUB_FILE_TYPE_GETTEXT_CATALOG: ++ case GRUB_FILE_TYPE_FS_SEARCH: ++ case GRUB_FILE_TYPE_LOADENV: ++ case GRUB_FILE_TYPE_SAVEENV: ++ case GRUB_FILE_TYPE_VERIFY_SIGNATURE: ++ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; ++ return GRUB_ERR_NONE; + ++ /* Other files. */ + default: +- return GRUB_ERR_NONE; ++ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("prohibited by secure boot policy")); + } + } + +diff --git a/include/grub/verify.h b/include/grub/verify.h +index cd129c398..672ae1692 100644 +--- a/include/grub/verify.h ++++ b/include/grub/verify.h +@@ -24,6 +24,7 @@ + + enum grub_verify_flags + { ++ GRUB_VERIFY_FLAGS_NONE = 0, + GRUB_VERIFY_FLAGS_SKIP_VERIFICATION = 1, + GRUB_VERIFY_FLAGS_SINGLE_CHUNK = 2, + /* Defer verification to another authority. */ +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch b/poky/meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch new file mode 100644 index 0000000000..2db9bcbbc5 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch @@ -0,0 +1,693 @@ +From 1f48917d8ddb490dcdc70176e0f58136b7f7811a Mon Sep 17 00:00:00 2001 +From: Elyes Haouas <ehaouas@noos.fr> +Date: Fri, 4 Mar 2022 07:42:13 +0100 +Subject: [PATCH] video: Remove trailing whitespaces + +Signed-off-by: Elyes Haouas <ehaouas@noos.fr> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=1f48917d8ddb490dcdc70176e0f58136b7f7811a + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/video/bochs.c | 2 +- + grub-core/video/capture.c | 2 +- + grub-core/video/cirrus.c | 4 ++-- + grub-core/video/coreboot/cbfb.c | 2 +- + grub-core/video/efi_gop.c | 22 +++++++++---------- + grub-core/video/fb/fbblit.c | 8 +++---- + grub-core/video/fb/video_fb.c | 10 ++++----- + grub-core/video/i386/pc/vbe.c | 34 ++++++++++++++--------------- + grub-core/video/i386/pc/vga.c | 6 ++--- + grub-core/video/ieee1275.c | 4 ++-- + grub-core/video/radeon_fuloong2e.c | 6 ++--- + grub-core/video/radeon_yeeloong3a.c | 6 ++--- + grub-core/video/readers/png.c | 2 +- + grub-core/video/readers/tga.c | 2 +- + grub-core/video/sis315_init.c | 2 +- + grub-core/video/sis315pro.c | 8 +++---- + grub-core/video/sm712.c | 10 ++++----- + grub-core/video/video.c | 8 +++---- + 18 files changed, 69 insertions(+), 69 deletions(-) + +diff --git a/grub-core/video/bochs.c b/grub-core/video/bochs.c +index 30ea1bd82..edc651697 100644 +--- a/grub-core/video/bochs.c ++++ b/grub-core/video/bochs.c +@@ -212,7 +212,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data) + + if (((class >> 16) & 0xffff) != 0x0300 || pciid != 0x11111234) + return 0; +- ++ + addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0); + framebuffer.base = grub_pci_read (addr) & GRUB_PCI_ADDR_MEM_MASK; + if (!framebuffer.base) +diff --git a/grub-core/video/capture.c b/grub-core/video/capture.c +index 4d3195e01..c653d89f9 100644 +--- a/grub-core/video/capture.c ++++ b/grub-core/video/capture.c +@@ -92,7 +92,7 @@ grub_video_capture_start (const struct grub_video_mode_info *mode_info, + framebuffer.ptr = grub_calloc (framebuffer.mode_info.height, framebuffer.mode_info.pitch); + if (!framebuffer.ptr) + return grub_errno; +- ++ + err = grub_video_fb_create_render_target_from_pointer (&framebuffer.render_target, + &framebuffer.mode_info, + framebuffer.ptr); +diff --git a/grub-core/video/cirrus.c b/grub-core/video/cirrus.c +index e2149e8ce..f5542ccdc 100644 +--- a/grub-core/video/cirrus.c ++++ b/grub-core/video/cirrus.c +@@ -354,11 +354,11 @@ grub_video_cirrus_setup (unsigned int width, unsigned int height, + grub_uint8_t sr_ext = 0, hidden_dac = 0; + + grub_vga_set_geometry (&config, grub_vga_cr_write); +- ++ + grub_vga_gr_write (GRUB_VGA_GR_MODE_256_COLOR | GRUB_VGA_GR_MODE_READ_MODE1, + GRUB_VGA_GR_MODE); + grub_vga_gr_write (GRUB_VGA_GR_GR6_GRAPHICS_MODE, GRUB_VGA_GR_GR6); +- ++ + grub_vga_sr_write (GRUB_VGA_SR_MEMORY_MODE_NORMAL, GRUB_VGA_SR_MEMORY_MODE); + + grub_vga_cr_write ((config.pitch >> CIRRUS_CR_EXTENDED_DISPLAY_PITCH_SHIFT) +diff --git a/grub-core/video/coreboot/cbfb.c b/grub-core/video/coreboot/cbfb.c +index 9af81fa5b..986003c51 100644 +--- a/grub-core/video/coreboot/cbfb.c ++++ b/grub-core/video/coreboot/cbfb.c +@@ -106,7 +106,7 @@ grub_video_cbfb_setup (unsigned int width, unsigned int height, + + grub_video_fb_set_palette (0, GRUB_VIDEO_FBSTD_NUMCOLORS, + grub_video_fbstd_colors); +- ++ + return err; + } + +diff --git a/grub-core/video/efi_gop.c b/grub-core/video/efi_gop.c +index b7590dc6c..7a5054631 100644 +--- a/grub-core/video/efi_gop.c ++++ b/grub-core/video/efi_gop.c +@@ -273,7 +273,7 @@ grub_video_gop_iterate (int (*hook) (const struct grub_video_mode_info *info, vo + grub_efi_status_t status; + struct grub_efi_gop_mode_info *info = NULL; + struct grub_video_mode_info mode_info; +- ++ + status = efi_call_4 (gop->query_mode, gop, mode, &size, &info); + + if (status) +@@ -390,7 +390,7 @@ grub_video_gop_setup (unsigned int width, unsigned int height, + found = 1; + } + } +- ++ + if (!found) + { + unsigned mode; +@@ -399,7 +399,7 @@ grub_video_gop_setup (unsigned int width, unsigned int height, + { + grub_efi_uintn_t size; + grub_efi_status_t status; +- ++ + status = efi_call_4 (gop->query_mode, gop, mode, &size, &info); + if (status) + { +@@ -472,11 +472,11 @@ grub_video_gop_setup (unsigned int width, unsigned int height, + framebuffer.ptr = (void *) (grub_addr_t) gop->mode->fb_base; + framebuffer.offscreen + = grub_malloc (framebuffer.mode_info.height +- * framebuffer.mode_info.width ++ * framebuffer.mode_info.width + * sizeof (struct grub_efi_gop_blt_pixel)); + + buffer = framebuffer.offscreen; +- ++ + if (!buffer) + { + grub_dprintf ("video", "GOP: couldn't allocate shadow\n"); +@@ -485,11 +485,11 @@ grub_video_gop_setup (unsigned int width, unsigned int height, + &framebuffer.mode_info); + buffer = framebuffer.ptr; + } +- ++ + grub_dprintf ("video", "GOP: initialising FB @ %p %dx%dx%d\n", + framebuffer.ptr, framebuffer.mode_info.width, + framebuffer.mode_info.height, framebuffer.mode_info.bpp); +- ++ + err = grub_video_fb_create_render_target_from_pointer + (&framebuffer.render_target, &framebuffer.mode_info, buffer); + +@@ -498,15 +498,15 @@ grub_video_gop_setup (unsigned int width, unsigned int height, + grub_dprintf ("video", "GOP: Couldn't create FB target\n"); + return err; + } +- ++ + err = grub_video_fb_set_active_render_target (framebuffer.render_target); +- ++ + if (err) + { + grub_dprintf ("video", "GOP: Couldn't set FB target\n"); + return err; + } +- ++ + err = grub_video_fb_set_palette (0, GRUB_VIDEO_FBSTD_NUMCOLORS, + grub_video_fbstd_colors); + +@@ -514,7 +514,7 @@ grub_video_gop_setup (unsigned int width, unsigned int height, + grub_dprintf ("video", "GOP: Couldn't set palette\n"); + else + grub_dprintf ("video", "GOP: Success\n"); +- ++ + return err; + } + +diff --git a/grub-core/video/fb/fbblit.c b/grub-core/video/fb/fbblit.c +index d55924837..1010ef393 100644 +--- a/grub-core/video/fb/fbblit.c ++++ b/grub-core/video/fb/fbblit.c +@@ -466,7 +466,7 @@ grub_video_fbblit_replace_24bit_indexa (struct grub_video_fbblit_info *dst, + for (i = 0; i < width; i++) + { + register grub_uint32_t col; +- if (*srcptr == 0xf0) ++ if (*srcptr == 0xf0) + col = palette[16]; + else + col = palette[*srcptr & 0xf]; +@@ -478,7 +478,7 @@ grub_video_fbblit_replace_24bit_indexa (struct grub_video_fbblit_info *dst, + *dstptr++ = col >> 0; + *dstptr++ = col >> 8; + *dstptr++ = col >> 16; +-#endif ++#endif + srcptr++; + } + +@@ -651,7 +651,7 @@ grub_video_fbblit_blend_24bit_indexa (struct grub_video_fbblit_info *dst, + for (i = 0; i < width; i++) + { + register grub_uint32_t col; +- if (*srcptr != 0xf0) ++ if (*srcptr != 0xf0) + { + col = palette[*srcptr & 0xf]; + #ifdef GRUB_CPU_WORDS_BIGENDIAN +@@ -662,7 +662,7 @@ grub_video_fbblit_blend_24bit_indexa (struct grub_video_fbblit_info *dst, + *dstptr++ = col >> 0; + *dstptr++ = col >> 8; + *dstptr++ = col >> 16; +-#endif ++#endif + } + else + dstptr += 3; +diff --git a/grub-core/video/fb/video_fb.c b/grub-core/video/fb/video_fb.c +index ae6b89f9a..fa4ebde26 100644 +--- a/grub-core/video/fb/video_fb.c ++++ b/grub-core/video/fb/video_fb.c +@@ -754,7 +754,7 @@ grub_video_fb_unmap_color_int (struct grub_video_fbblit_info * source, + *alpha = 0; + return; + } +- ++ + /* If we have an out-of-bounds color, return transparent black. */ + if (color > 255) + { +@@ -1141,7 +1141,7 @@ grub_video_fb_scroll (grub_video_color_t color, int dx, int dy) + /* If everything is aligned on 32-bit use 32-bit copy. */ + if ((grub_addr_t) grub_video_fb_get_video_ptr (&target, src_x, src_y) + % sizeof (grub_uint32_t) == 0 +- && (grub_addr_t) grub_video_fb_get_video_ptr (&target, dst_x, dst_y) ++ && (grub_addr_t) grub_video_fb_get_video_ptr (&target, dst_x, dst_y) + % sizeof (grub_uint32_t) == 0 + && linelen % sizeof (grub_uint32_t) == 0 + && linedelta % sizeof (grub_uint32_t) == 0) +@@ -1155,7 +1155,7 @@ grub_video_fb_scroll (grub_video_color_t color, int dx, int dy) + else if ((grub_addr_t) grub_video_fb_get_video_ptr (&target, src_x, src_y) + % sizeof (grub_uint16_t) == 0 + && (grub_addr_t) grub_video_fb_get_video_ptr (&target, +- dst_x, dst_y) ++ dst_x, dst_y) + % sizeof (grub_uint16_t) == 0 + && linelen % sizeof (grub_uint16_t) == 0 + && linedelta % sizeof (grub_uint16_t) == 0) +@@ -1170,7 +1170,7 @@ grub_video_fb_scroll (grub_video_color_t color, int dx, int dy) + { + grub_uint8_t *src, *dst; + DO_SCROLL +- } ++ } + } + + /* 4. Fill empty space with specified color. In this implementation +@@ -1615,7 +1615,7 @@ grub_video_fb_setup (unsigned int mode_type, unsigned int mode_mask, + framebuffer.render_target = framebuffer.back_target; + return GRUB_ERR_NONE; + } +- ++ + mode_info->mode_type &= ~(GRUB_VIDEO_MODE_TYPE_DOUBLE_BUFFERED + | GRUB_VIDEO_MODE_TYPE_UPDATING_SWAP); + +diff --git a/grub-core/video/i386/pc/vbe.c b/grub-core/video/i386/pc/vbe.c +index b7f911926..0e65b5206 100644 +--- a/grub-core/video/i386/pc/vbe.c ++++ b/grub-core/video/i386/pc/vbe.c +@@ -219,7 +219,7 @@ grub_vbe_disable_mtrr (int mtrr) + } + + /* Call VESA BIOS 0x4f09 to set palette data, return status. */ +-static grub_vbe_status_t ++static grub_vbe_status_t + grub_vbe_bios_set_palette_data (grub_uint32_t color_count, + grub_uint32_t start_index, + struct grub_vbe_palette_data *palette_data) +@@ -237,7 +237,7 @@ grub_vbe_bios_set_palette_data (grub_uint32_t color_count, + } + + /* Call VESA BIOS 0x4f00 to get VBE Controller Information, return status. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_get_controller_info (struct grub_vbe_info_block *ci) + { + struct grub_bios_int_registers regs; +@@ -251,7 +251,7 @@ grub_vbe_bios_get_controller_info (struct grub_vbe_info_block *ci) + } + + /* Call VESA BIOS 0x4f01 to get VBE Mode Information, return status. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_get_mode_info (grub_uint32_t mode, + struct grub_vbe_mode_info_block *mode_info) + { +@@ -285,7 +285,7 @@ grub_vbe_bios_set_mode (grub_uint32_t mode, + } + + /* Call VESA BIOS 0x4f03 to return current VBE Mode, return status. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_get_mode (grub_uint32_t *mode) + { + struct grub_bios_int_registers regs; +@@ -298,7 +298,7 @@ grub_vbe_bios_get_mode (grub_uint32_t *mode) + return regs.eax & 0xffff; + } + +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_getset_dac_palette_width (int set, int *dac_mask_size) + { + struct grub_bios_int_registers regs; +@@ -346,7 +346,7 @@ grub_vbe_bios_get_memory_window (grub_uint32_t window, + } + + /* Call VESA BIOS 0x4f06 to set scanline length (in bytes), return status. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_set_scanline_length (grub_uint32_t length) + { + struct grub_bios_int_registers regs; +@@ -354,14 +354,14 @@ grub_vbe_bios_set_scanline_length (grub_uint32_t length) + regs.ecx = length; + regs.eax = 0x4f06; + /* BL = 2, Set Scan Line in Bytes. */ +- regs.ebx = 0x0002; ++ regs.ebx = 0x0002; + regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT; + grub_bios_interrupt (0x10, ®s); + return regs.eax & 0xffff; + } + + /* Call VESA BIOS 0x4f06 to return scanline length (in bytes), return status. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_get_scanline_length (grub_uint32_t *length) + { + struct grub_bios_int_registers regs; +@@ -377,7 +377,7 @@ grub_vbe_bios_get_scanline_length (grub_uint32_t *length) + } + + /* Call VESA BIOS 0x4f07 to set display start, return status. */ +-static grub_vbe_status_t ++static grub_vbe_status_t + grub_vbe_bios_set_display_start (grub_uint32_t x, grub_uint32_t y) + { + struct grub_bios_int_registers regs; +@@ -390,7 +390,7 @@ grub_vbe_bios_set_display_start (grub_uint32_t x, grub_uint32_t y) + regs.edx = y; + regs.eax = 0x4f07; + /* BL = 80h, Set Display Start during Vertical Retrace. */ +- regs.ebx = 0x0080; ++ regs.ebx = 0x0080; + regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT; + grub_bios_interrupt (0x10, ®s); + +@@ -401,7 +401,7 @@ grub_vbe_bios_set_display_start (grub_uint32_t x, grub_uint32_t y) + } + + /* Call VESA BIOS 0x4f07 to get display start, return status. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_get_display_start (grub_uint32_t *x, + grub_uint32_t *y) + { +@@ -419,7 +419,7 @@ grub_vbe_bios_get_display_start (grub_uint32_t *x, + } + + /* Call VESA BIOS 0x4f0a. */ +-grub_vbe_status_t ++grub_vbe_status_t + grub_vbe_bios_get_pm_interface (grub_uint16_t *segment, grub_uint16_t *offset, + grub_uint16_t *length) + { +@@ -896,7 +896,7 @@ vbe2videoinfo (grub_uint32_t mode, + case GRUB_VBE_MEMORY_MODEL_YUV: + mode_info->mode_type |= GRUB_VIDEO_MODE_TYPE_YUV; + break; +- ++ + case GRUB_VBE_MEMORY_MODEL_DIRECT_COLOR: + mode_info->mode_type |= GRUB_VIDEO_MODE_TYPE_RGB; + break; +@@ -923,10 +923,10 @@ vbe2videoinfo (grub_uint32_t mode, + break; + case 8: + mode_info->bytes_per_pixel = 1; +- break; ++ break; + case 4: + mode_info->bytes_per_pixel = 0; +- break; ++ break; + } + + if (controller_info.version >= 0x300) +@@ -976,7 +976,7 @@ grub_video_vbe_iterate (int (*hook) (const struct grub_video_mode_info *info, vo + + static grub_err_t + grub_video_vbe_setup (unsigned int width, unsigned int height, +- grub_video_mode_type_t mode_type, ++ grub_video_mode_type_t mode_type, + grub_video_mode_type_t mode_mask) + { + grub_uint16_t *p; +@@ -1193,7 +1193,7 @@ grub_video_vbe_print_adapter_specific_info (void) + controller_info.version & 0xFF, + controller_info.oem_software_rev >> 8, + controller_info.oem_software_rev & 0xFF); +- ++ + /* The total_memory field is in 64 KiB units. */ + grub_printf_ (N_(" total memory: %d KiB\n"), + (controller_info.total_memory << 6)); +diff --git a/grub-core/video/i386/pc/vga.c b/grub-core/video/i386/pc/vga.c +index b2f776c99..50d0b5e02 100644 +--- a/grub-core/video/i386/pc/vga.c ++++ b/grub-core/video/i386/pc/vga.c +@@ -48,7 +48,7 @@ static struct + int back_page; + } framebuffer; + +-static unsigned char ++static unsigned char + grub_vga_set_mode (unsigned char mode) + { + struct grub_bios_int_registers regs; +@@ -182,10 +182,10 @@ grub_video_vga_setup (unsigned int width, unsigned int height, + + is_target = 1; + err = grub_video_fb_set_active_render_target (framebuffer.render_target); +- ++ + if (err) + return err; +- ++ + err = grub_video_fb_set_palette (0, GRUB_VIDEO_FBSTD_NUMCOLORS, + grub_video_fbstd_colors); + +diff --git a/grub-core/video/ieee1275.c b/grub-core/video/ieee1275.c +index f437fb0df..ca3d3c3b2 100644 +--- a/grub-core/video/ieee1275.c ++++ b/grub-core/video/ieee1275.c +@@ -233,7 +233,7 @@ grub_video_ieee1275_setup (unsigned int width, unsigned int height, + /* TODO. */ + return grub_error (GRUB_ERR_IO, "can't set mode %dx%d", width, height); + } +- ++ + err = grub_video_ieee1275_fill_mode_info (dev, &framebuffer.mode_info); + if (err) + { +@@ -260,7 +260,7 @@ grub_video_ieee1275_setup (unsigned int width, unsigned int height, + + grub_video_ieee1275_set_palette (0, framebuffer.mode_info.number_of_colors, + grub_video_fbstd_colors); +- ++ + return err; + } + +diff --git a/grub-core/video/radeon_fuloong2e.c b/grub-core/video/radeon_fuloong2e.c +index b4da34b5e..40917acb7 100644 +--- a/grub-core/video/radeon_fuloong2e.c ++++ b/grub-core/video/radeon_fuloong2e.c +@@ -75,7 +75,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data) + if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA + || pciid != 0x515a1002) + return 0; +- ++ + *found = 1; + + addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0); +@@ -139,7 +139,7 @@ grub_video_radeon_fuloong2e_setup (unsigned int width, unsigned int height, + framebuffer.mapped = 1; + + /* Prevent garbage from appearing on the screen. */ +- grub_memset (framebuffer.ptr, 0x55, ++ grub_memset (framebuffer.ptr, 0x55, + framebuffer.mode_info.height * framebuffer.mode_info.pitch); + + #ifndef TEST +@@ -152,7 +152,7 @@ grub_video_radeon_fuloong2e_setup (unsigned int width, unsigned int height, + return err; + + err = grub_video_fb_set_active_render_target (framebuffer.render_target); +- ++ + if (err) + return err; + +diff --git a/grub-core/video/radeon_yeeloong3a.c b/grub-core/video/radeon_yeeloong3a.c +index 52614feb6..48631c181 100644 +--- a/grub-core/video/radeon_yeeloong3a.c ++++ b/grub-core/video/radeon_yeeloong3a.c +@@ -74,7 +74,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data) + if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA + || pciid != 0x96151002) + return 0; +- ++ + *found = 1; + + addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0); +@@ -137,7 +137,7 @@ grub_video_radeon_yeeloong3a_setup (unsigned int width, unsigned int height, + #endif + + /* Prevent garbage from appearing on the screen. */ +- grub_memset (framebuffer.ptr, 0, ++ grub_memset (framebuffer.ptr, 0, + framebuffer.mode_info.height * framebuffer.mode_info.pitch); + + #ifndef TEST +@@ -150,7 +150,7 @@ grub_video_radeon_yeeloong3a_setup (unsigned int width, unsigned int height, + return err; + + err = grub_video_fb_set_active_render_target (framebuffer.render_target); +- ++ + if (err) + return err; + +diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c +index 0157ff742..54dfedf43 100644 +--- a/grub-core/video/readers/png.c ++++ b/grub-core/video/readers/png.c +@@ -916,7 +916,7 @@ grub_png_convert_image (struct grub_png_data *data) + } + return; + } +- ++ + if (data->is_gray) + { + switch (data->bpp) +diff --git a/grub-core/video/readers/tga.c b/grub-core/video/readers/tga.c +index 7cb9d1d2a..a9ec3a1b6 100644 +--- a/grub-core/video/readers/tga.c ++++ b/grub-core/video/readers/tga.c +@@ -127,7 +127,7 @@ tga_load_palette (struct tga_data *data) + + if (len > sizeof (data->palette)) + len = sizeof (data->palette); +- ++ + if (grub_file_read (data->file, &data->palette, len) + != (grub_ssize_t) len) + return grub_errno; +diff --git a/grub-core/video/sis315_init.c b/grub-core/video/sis315_init.c +index ae5c1419c..09c3c7bbe 100644 +--- a/grub-core/video/sis315_init.c ++++ b/grub-core/video/sis315_init.c +@@ -1,4 +1,4 @@ +-static const struct { grub_uint8_t reg; grub_uint8_t val; } sr_dump [] = ++static const struct { grub_uint8_t reg; grub_uint8_t val; } sr_dump [] = + { + { 0x28, 0x81 }, + { 0x2a, 0x00 }, +diff --git a/grub-core/video/sis315pro.c b/grub-core/video/sis315pro.c +index 22a0c85a6..4d2f9999a 100644 +--- a/grub-core/video/sis315pro.c ++++ b/grub-core/video/sis315pro.c +@@ -103,7 +103,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data) + if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA + || pciid != GRUB_SIS315PRO_PCIID) + return 0; +- ++ + *found = 1; + + addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0); +@@ -218,7 +218,7 @@ grub_video_sis315pro_setup (unsigned int width, unsigned int height, + + #ifndef TEST + /* Prevent garbage from appearing on the screen. */ +- grub_memset (framebuffer.ptr, 0, ++ grub_memset (framebuffer.ptr, 0, + framebuffer.mode_info.height * framebuffer.mode_info.pitch); + grub_arch_sync_dma_caches (framebuffer.ptr, + framebuffer.mode_info.height +@@ -231,7 +231,7 @@ grub_video_sis315pro_setup (unsigned int width, unsigned int height, + | GRUB_VGA_IO_MISC_EXTERNAL_CLOCK_0 + | GRUB_VGA_IO_MISC_28MHZ + | GRUB_VGA_IO_MISC_ENABLE_VRAM_ACCESS +- | GRUB_VGA_IO_MISC_COLOR, ++ | GRUB_VGA_IO_MISC_COLOR, + GRUB_VGA_IO_MISC_WRITE + GRUB_MACHINE_PCI_IO_BASE); + + grub_vga_sr_write (0x86, 5); +@@ -335,7 +335,7 @@ grub_video_sis315pro_setup (unsigned int width, unsigned int height, + { + if (read_sis_cmd (0x5) != 0xa1) + write_sis_cmd (0x86, 0x5); +- ++ + write_sis_cmd (read_sis_cmd (0x20) | 0xa1, 0x20); + write_sis_cmd (read_sis_cmd (0x1e) | 0xda, 0x1e); + +diff --git a/grub-core/video/sm712.c b/grub-core/video/sm712.c +index 10c46eb65..65f59f84b 100644 +--- a/grub-core/video/sm712.c ++++ b/grub-core/video/sm712.c +@@ -167,7 +167,7 @@ enum + GRUB_SM712_CR_SHADOW_VGA_VBLANK_START = 0x46, + GRUB_SM712_CR_SHADOW_VGA_VBLANK_END = 0x47, + GRUB_SM712_CR_SHADOW_VGA_VRETRACE_START = 0x48, +- GRUB_SM712_CR_SHADOW_VGA_VRETRACE_END = 0x49, ++ GRUB_SM712_CR_SHADOW_VGA_VRETRACE_END = 0x49, + GRUB_SM712_CR_SHADOW_VGA_OVERFLOW = 0x4a, + GRUB_SM712_CR_SHADOW_VGA_CELL_HEIGHT = 0x4b, + GRUB_SM712_CR_SHADOW_VGA_HDISPLAY_END = 0x4c, +@@ -375,7 +375,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data) + if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA + || pciid != GRUB_SM712_PCIID) + return 0; +- ++ + *found = 1; + + addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0); +@@ -471,7 +471,7 @@ grub_video_sm712_setup (unsigned int width, unsigned int height, + + #if !defined (TEST) && !defined(GENINIT) + /* Prevent garbage from appearing on the screen. */ +- grub_memset ((void *) framebuffer.cached_ptr, 0, ++ grub_memset ((void *) framebuffer.cached_ptr, 0, + framebuffer.mode_info.height * framebuffer.mode_info.pitch); + #endif + +@@ -482,7 +482,7 @@ grub_video_sm712_setup (unsigned int width, unsigned int height, + grub_sm712_sr_write (0x2, 0x6b); + grub_sm712_write_reg (0, GRUB_VGA_IO_PIXEL_MASK); + grub_sm712_sr_write (GRUB_VGA_SR_RESET_ASYNC, GRUB_VGA_SR_RESET); +- grub_sm712_write_reg (GRUB_VGA_IO_MISC_NEGATIVE_VERT_POLARITY ++ grub_sm712_write_reg (GRUB_VGA_IO_MISC_NEGATIVE_VERT_POLARITY + | GRUB_VGA_IO_MISC_NEGATIVE_HORIZ_POLARITY + | GRUB_VGA_IO_MISC_UPPER_64K + | GRUB_VGA_IO_MISC_EXTERNAL_CLOCK_0 +@@ -694,7 +694,7 @@ grub_video_sm712_setup (unsigned int width, unsigned int height, + for (i = 0; i < ARRAY_SIZE (dda_lookups); i++) + grub_sm712_write_dda_lookup (i, dda_lookups[i].compare, dda_lookups[i].dda, + dda_lookups[i].vcentering); +- ++ + /* Undocumented */ + grub_sm712_cr_write (0, 0x9c); + grub_sm712_cr_write (0, 0x9d); +diff --git a/grub-core/video/video.c b/grub-core/video/video.c +index 983424107..8937da745 100644 +--- a/grub-core/video/video.c ++++ b/grub-core/video/video.c +@@ -491,13 +491,13 @@ parse_modespec (const char *current_mode, int *width, int *height, int *depth) + current_mode); + + param++; +- ++ + *width = grub_strtoul (value, 0, 0); + if (grub_errno != GRUB_ERR_NONE) + return grub_error (GRUB_ERR_BAD_ARGUMENT, + N_("invalid video mode specification `%s'"), + current_mode); +- ++ + /* Find height value. */ + value = param; + param = grub_strchr(param, 'x'); +@@ -513,13 +513,13 @@ parse_modespec (const char *current_mode, int *width, int *height, int *depth) + { + /* We have optional color depth value. */ + param++; +- ++ + *height = grub_strtoul (value, 0, 0); + if (grub_errno != GRUB_ERR_NONE) + return grub_error (GRUB_ERR_BAD_ARGUMENT, + N_("invalid video mode specification `%s'"), + current_mode); +- ++ + /* Convert color depth value. */ + value = param; + *depth = grub_strtoul (value, 0, 0); +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch b/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch new file mode 100644 index 0000000000..0c7deae858 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch @@ -0,0 +1,264 @@ +From d5caac8ab79d068ad9a41030c772d03a4d4fbd7b Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Mon, 28 Jun 2021 14:16:14 +1000 +Subject: [PATCH] video/readers/jpeg: Abort sooner if a read operation fails + +Fuzzing revealed some inputs that were taking a long time, potentially +forever, because they did not bail quickly upon encountering an I/O error. + +Try to catch I/O errors sooner and bail out. + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=d5caac8ab79d068ad9a41030c772d03a4d4fbd7b + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/video/readers/jpeg.c | 86 +++++++++++++++++++++++++++------- + 1 file changed, 70 insertions(+), 16 deletions(-) + +diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c +index c47ffd651..806c56c78 100644 +--- a/grub-core/video/readers/jpeg.c ++++ b/grub-core/video/readers/jpeg.c +@@ -109,9 +109,17 @@ static grub_uint8_t + grub_jpeg_get_byte (struct grub_jpeg_data *data) + { + grub_uint8_t r; ++ grub_ssize_t bytes_read; + + r = 0; +- grub_file_read (data->file, &r, 1); ++ bytes_read = grub_file_read (data->file, &r, 1); ++ ++ if (bytes_read != 1) ++ { ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: unexpected end of data"); ++ return 0; ++ } + + return r; + } +@@ -120,9 +128,17 @@ static grub_uint16_t + grub_jpeg_get_word (struct grub_jpeg_data *data) + { + grub_uint16_t r; ++ grub_ssize_t bytes_read; + + r = 0; +- grub_file_read (data->file, &r, sizeof (grub_uint16_t)); ++ bytes_read = grub_file_read (data->file, &r, sizeof (grub_uint16_t)); ++ ++ if (bytes_read != sizeof (grub_uint16_t)) ++ { ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: unexpected end of data"); ++ return 0; ++ } + + return grub_be_to_cpu16 (r); + } +@@ -135,6 +151,11 @@ grub_jpeg_get_bit (struct grub_jpeg_data *data) + if (data->bit_mask == 0) + { + data->bit_save = grub_jpeg_get_byte (data); ++ if (grub_errno != GRUB_ERR_NONE) { ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: file read error"); ++ return 0; ++ } + if (data->bit_save == JPEG_ESC_CHAR) + { + if (grub_jpeg_get_byte (data) != 0) +@@ -143,6 +164,11 @@ grub_jpeg_get_bit (struct grub_jpeg_data *data) + "jpeg: invalid 0xFF in data stream"); + return 0; + } ++ if (grub_errno != GRUB_ERR_NONE) ++ { ++ grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: file read error"); ++ return 0; ++ } + } + data->bit_mask = 0x80; + } +@@ -161,7 +187,7 @@ grub_jpeg_get_number (struct grub_jpeg_data *data, int num) + return 0; + + msb = value = grub_jpeg_get_bit (data); +- for (i = 1; i < num; i++) ++ for (i = 1; i < num && grub_errno == GRUB_ERR_NONE; i++) + value = (value << 1) + (grub_jpeg_get_bit (data) != 0); + if (!msb) + value += 1 - (1 << num); +@@ -208,6 +234,8 @@ grub_jpeg_decode_huff_table (struct grub_jpeg_data *data) + while (data->file->offset + sizeof (count) + 1 <= next_marker) + { + id = grub_jpeg_get_byte (data); ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + ac = (id >> 4) & 1; + id &= 0xF; + if (id > 1) +@@ -258,6 +286,8 @@ grub_jpeg_decode_quan_table (struct grub_jpeg_data *data) + + next_marker = data->file->offset; + next_marker += grub_jpeg_get_word (data); ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + + if (next_marker > data->file->size) + { +@@ -269,6 +299,8 @@ grub_jpeg_decode_quan_table (struct grub_jpeg_data *data) + <= next_marker) + { + id = grub_jpeg_get_byte (data); ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + if (id >= 0x10) /* Upper 4-bit is precision. */ + return grub_error (GRUB_ERR_BAD_FILE_TYPE, + "jpeg: only 8-bit precision is supported"); +@@ -300,6 +332,9 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data) + next_marker = data->file->offset; + next_marker += grub_jpeg_get_word (data); + ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; ++ + if (grub_jpeg_get_byte (data) != 8) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, + "jpeg: only 8-bit precision is supported"); +@@ -325,6 +360,8 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid index"); + + ss = grub_jpeg_get_byte (data); /* Sampling factor. */ ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + if (!id) + { + grub_uint8_t vs, hs; +@@ -504,7 +541,7 @@ grub_jpeg_idct_transform (jpeg_data_unit_t du) + } + } + +-static void ++static grub_err_t + grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) + { + int h1, h2, qt; +@@ -519,6 +556,9 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) + data->dc_value[id] += + grub_jpeg_get_number (data, grub_jpeg_get_huff_code (data, h1)); + ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; ++ + du[0] = data->dc_value[id] * (int) data->quan_table[qt][0]; + pos = 1; + while (pos < ARRAY_SIZE (data->quan_table[qt])) +@@ -533,11 +573,13 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) + num >>= 4; + pos += num; + ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; ++ + if (pos >= ARRAY_SIZE (jpeg_zigzag_order)) + { +- grub_error (GRUB_ERR_BAD_FILE_TYPE, +- "jpeg: invalid position in zigzag order!?"); +- return; ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: invalid position in zigzag order!?"); + } + + du[jpeg_zigzag_order[pos]] = val * (int) data->quan_table[qt][pos]; +@@ -545,6 +587,7 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du) + } + + grub_jpeg_idct_transform (du); ++ return GRUB_ERR_NONE; + } + + static void +@@ -603,7 +646,8 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) + data_offset += grub_jpeg_get_word (data); + + cc = grub_jpeg_get_byte (data); +- ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + if (cc != 3 && cc != 1) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, + "jpeg: component count must be 1 or 3"); +@@ -616,7 +660,8 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) + id = grub_jpeg_get_byte (data) - 1; + if ((id < 0) || (id >= 3)) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid index"); +- ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + ht = grub_jpeg_get_byte (data); + data->comp_index[id][1] = (ht >> 4); + data->comp_index[id][2] = (ht & 0xF) + 2; +@@ -624,11 +669,14 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) + if ((data->comp_index[id][1] < 0) || (data->comp_index[id][1] > 3) || + (data->comp_index[id][2] < 0) || (data->comp_index[id][2] > 3)) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid hufftable index"); ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + } + + grub_jpeg_get_byte (data); /* Skip 3 unused bytes. */ + grub_jpeg_get_word (data); +- ++ if (grub_errno != GRUB_ERR_NONE) ++ return grub_errno; + if (data->file->offset != data_offset) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: extra byte in sos"); + +@@ -646,6 +694,7 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) + { + unsigned c1, vb, hb, nr1, nc1; + int rst = data->dri; ++ grub_err_t err = GRUB_ERR_NONE; + + vb = 8 << data->log_vs; + hb = 8 << data->log_hs; +@@ -666,17 +715,22 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) + + for (r2 = 0; r2 < (1U << data->log_vs); r2++) + for (c2 = 0; c2 < (1U << data->log_hs); c2++) +- grub_jpeg_decode_du (data, 0, data->ydu[r2 * 2 + c2]); ++ { ++ err = grub_jpeg_decode_du (data, 0, data->ydu[r2 * 2 + c2]); ++ if (err != GRUB_ERR_NONE) ++ return err; ++ } + + if (data->color_components >= 3) + { +- grub_jpeg_decode_du (data, 1, data->cbdu); +- grub_jpeg_decode_du (data, 2, data->crdu); ++ err = grub_jpeg_decode_du (data, 1, data->cbdu); ++ if (err != GRUB_ERR_NONE) ++ return err; ++ err = grub_jpeg_decode_du (data, 2, data->crdu); ++ if (err != GRUB_ERR_NONE) ++ return err; + } + +- if (grub_errno) +- return grub_errno; +- + nr2 = (data->r1 == nr1 - 1) ? (data->image_height - data->r1 * vb) : vb; + nc2 = (c1 == nc1 - 1) ? (data->image_width - c1 * hb) : hb; + +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch b/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch new file mode 100644 index 0000000000..91ecaad98a --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch @@ -0,0 +1,53 @@ +From 166a4d61448f74745afe1dac2f2cfb85d04909bf Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Mon, 28 Jun 2021 14:25:17 +1000 +Subject: [PATCH] video/readers/jpeg: Refuse to handle multiple start of + streams + +An invalid file could contain multiple start of stream blocks, which +would cause us to reallocate and leak our bitmap. Refuse to handle +multiple start of streams. + +Additionally, fix a grub_error() call formatting. + +Signed-off-by: Daniel Axtens <dja@axtens.net> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=166a4d61448f74745afe1dac2f2cfb85d04909bf + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + grub-core/video/readers/jpeg.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c +index 2284a6c06..579bbe8a4 100644 +--- a/grub-core/video/readers/jpeg.c ++++ b/grub-core/video/readers/jpeg.c +@@ -683,6 +683,9 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data) + if (data->file->offset != data_offset) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: extra byte in sos"); + ++ if (*data->bitmap) ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: too many start of scan blocks"); ++ + if (grub_video_bitmap_create (data->bitmap, data->image_width, + data->image_height, + GRUB_VIDEO_BLIT_FORMAT_RGB_888)) +@@ -705,8 +708,8 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data) + nc1 = (data->image_width + hb - 1) >> (3 + data->log_hs); + + if (data->bitmap_ptr == NULL) +- return grub_error(GRUB_ERR_BAD_FILE_TYPE, +- "jpeg: attempted to decode data before start of stream"); ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: attempted to decode data before start of stream"); + + for (; data->r1 < nr1 && (!data->dri || rst); + data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3) +-- +2.34.1 + diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc index 45852ab9b1..47ea561002 100644 --- a/poky/meta/recipes-bsp/grub/grub2.inc +++ b/poky/meta/recipes-bsp/grub/grub2.inc @@ -22,6 +22,16 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0001-RISC-V-Restore-the-typcast-to-long.patch \ file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \ file://0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch \ + file://video-Remove-trailing-whitespaces.patch \ + file://CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch \ + file://CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch \ + file://video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch \ + file://video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch \ + file://CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch \ + file://CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch \ + file://CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch \ + file://CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch \ + file://CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch \ " SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-fs-squashfs-Use-kcalloc-when-relevant.patch b/poky/meta/recipes-bsp/u-boot/files/0001-fs-squashfs-Use-kcalloc-when-relevant.patch new file mode 100644 index 0000000000..70fdbb1031 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0001-fs-squashfs-Use-kcalloc-when-relevant.patch @@ -0,0 +1,64 @@ +From 50d4b8b9effcf9dc9e5a90034de2f0003fb063f0 Mon Sep 17 00:00:00 2001 +From: Miquel Raynal <miquel.raynal@bootlin.com> +Date: Mon, 27 Jun 2022 12:20:03 +0200 +Subject: [PATCH] fs/squashfs: Use kcalloc when relevant + +A crafted squashfs image could embed a huge number of empty metadata +blocks in order to make the amount of malloc()'d memory overflow and be +much smaller than expected. Because of this flaw, any random code +positioned at the right location in the squashfs image could be memcpy'd +from the squashfs structures into U-Boot code location while trying to +access the rearmost blocks, before being executed. + +In order to prevent this vulnerability from being exploited in eg. a +secure boot environment, let's add a check over the amount of data +that is going to be allocated. Such a check could look like: + +if (!elem_size || n > SIZE_MAX / elem_size) + return NULL; + +The right way to do it would be to enhance the calloc() implementation +but this is quite an impacting change for such a small fix. Another +solution would be to add the check before the malloc call in the +squashfs implementation, but this does not look right. So for now, let's +use the kcalloc() compatibility function from Linux, which has this +check. + +Fixes: c5100613037 ("fs/squashfs: new filesystem") +Reported-by: Tatsuhiko Yasumatsu <Tatsuhiko.Yasumatsu@sony.com> +Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> +Tested-by: Tatsuhiko Yasumatsu <Tatsuhiko.Yasumatsu@sony.com> + +Upstream-Status: Backport [7f7fb9937c6cb49dd35153bd6708872b390b0a44] +CVE: CVE-2022-33967 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + fs/squashfs/sqfs.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c +index e2d91c654c..10e63afbce 100644 +--- a/fs/squashfs/sqfs.c ++++ b/fs/squashfs/sqfs.c +@@ -13,6 +13,7 @@ + #include <linux/types.h> + #include <linux/byteorder/little_endian.h> + #include <linux/byteorder/generic.h> ++#include <linux/compat.h> + #include <memalign.h> + #include <stdlib.h> + #include <string.h> +@@ -725,7 +726,8 @@ static int sqfs_read_inode_table(unsigned char **inode_table) + goto free_itb; + } + +- *inode_table = malloc(metablks_count * SQFS_METADATA_BLOCK_SIZE); ++ *inode_table = kcalloc(metablks_count, SQFS_METADATA_BLOCK_SIZE, ++ GFP_KERNEL); + if (!*inode_table) { + ret = -ENOMEM; + goto free_itb; +-- +2.33.0 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-fs-squashfs-sqfs_read-Prevent-arbitrary-code-executi.patch b/poky/meta/recipes-bsp/u-boot/files/0001-fs-squashfs-sqfs_read-Prevent-arbitrary-code-executi.patch new file mode 100644 index 0000000000..b1650f6baa --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0001-fs-squashfs-sqfs_read-Prevent-arbitrary-code-executi.patch @@ -0,0 +1,80 @@ +From 65f1066f5abe291c7b10b6075fd60776074a38a9 Mon Sep 17 00:00:00 2001 +From: Miquel Raynal <miquel.raynal@bootlin.com> +Date: Thu, 9 Jun 2022 16:02:06 +0200 +Subject: [PATCH] fs/squashfs: sqfs_read: Prevent arbitrary code execution + +Following Jincheng's report, an out-of-band write leading to arbitrary +code execution is possible because on one side the squashfs logic +accepts directory names up to 65535 bytes (u16), while U-Boot fs logic +accepts directory names up to 255 bytes long. + +Prevent such an exploit from happening by capping directory name sizes +to 255. Use a define for this purpose so that developers can link the +limitation to its source and eventually kill it some day by dynamically +allocating this array (if ever desired). + +Link: https://lore.kernel.org/all/CALO=DHFB+yBoXxVr5KcsK0iFdg+e7ywko4-e+72kjbcS8JBfPw@mail.gmail.com +Reported-by: Jincheng Wang <jc.w4ng@gmail.com> +Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> +Tested-by: Jincheng Wang <jc.w4ng@gmail.com> + +CVE: CVE-2022-33103 +Upstream-Status: Backport [2ac0baab4aff1a0b45067d0b62f00c15f4e86856] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + fs/squashfs/sqfs.c | 8 +++++--- + include/fs.h | 4 +++- + 2 files changed, 8 insertions(+), 4 deletions(-) + +diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c +index e2d91c654c..a145d754cc 100644 +--- a/fs/squashfs/sqfs.c ++++ b/fs/squashfs/sqfs.c +@@ -973,6 +973,7 @@ int sqfs_readdir(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp) + int i_number, offset = 0, ret; + struct fs_dirent *dent; + unsigned char *ipos; ++ u16 name_size; + + dirs = (struct squashfs_dir_stream *)fs_dirs; + if (!dirs->size) { +@@ -1055,9 +1056,10 @@ int sqfs_readdir(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp) + return -SQFS_STOP_READDIR; + } + +- /* Set entry name */ +- strncpy(dent->name, dirs->entry->name, dirs->entry->name_size + 1); +- dent->name[dirs->entry->name_size + 1] = '\0'; ++ /* Set entry name (capped at FS_DIRENT_NAME_LEN which is a U-Boot limitation) */ ++ name_size = min_t(u16, dirs->entry->name_size + 1, FS_DIRENT_NAME_LEN - 1); ++ strncpy(dent->name, dirs->entry->name, name_size); ++ dent->name[name_size] = '\0'; + + offset = dirs->entry->name_size + 1 + SQFS_ENTRY_BASE_LENGTH; + dirs->entry_count--; +diff --git a/include/fs.h b/include/fs.h +index 1c79e299fd..6cb7ec89f4 100644 +--- a/include/fs.h ++++ b/include/fs.h +@@ -161,6 +161,8 @@ int fs_write(const char *filename, ulong addr, loff_t offset, loff_t len, + #define FS_DT_REG 8 /* regular file */ + #define FS_DT_LNK 10 /* symbolic link */ + ++#define FS_DIRENT_NAME_LEN 256 ++ + /** + * struct fs_dirent - directory entry + * +@@ -181,7 +183,7 @@ struct fs_dirent { + /** change_time: time of last modification */ + struct rtc_time change_time; + /** name: file name */ +- char name[256]; ++ char name[FS_DIRENT_NAME_LEN]; + }; + + /* Note: fs_dir_stream should be treated as opaque to the user of fs layer */ +-- +2.33.0 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-net-Check-for-the-minimum-IP-fragmented-datagram-siz.patch b/poky/meta/recipes-bsp/u-boot/files/0001-net-Check-for-the-minimum-IP-fragmented-datagram-siz.patch new file mode 100644 index 0000000000..3f9cc7776b --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0001-net-Check-for-the-minimum-IP-fragmented-datagram-siz.patch @@ -0,0 +1,207 @@ +From c7cab39de5e4b22620248a190b3d2ee46cff38c2 Mon Sep 17 00:00:00 2001 +From: Fabio Estevam <festevam@denx.de> +Date: Thu, 26 May 2022 11:14:37 -0300 +Subject: [PATCH] net: Check for the minimum IP fragmented datagram size + +Nicolas Bidron and Nicolas Guigo reported the two bugs below: + +" +----------BUG 1---------- + +In compiled versions of U-Boot that define CONFIG_IP_DEFRAG, a value of +`ip->ip_len` (IP packet header's Total Length) higher than `IP_HDR_SIZE` +and strictly lower than `IP_HDR_SIZE+8` will lead to a value for `len` +comprised between `0` and `7`. This will ultimately result in a +truncated division by `8` resulting value of `0` forcing the hole +metadata and fragment to point to the same location. The subsequent +memcopy will overwrite the hole metadata with the fragment data. Through +a second fragment, this can be exploited to write to an arbitrary offset +controlled by that overwritten hole metadata value. + +This bug is only exploitable locally as it requires crafting two packets +the first of which would most likely be dropped through routing due to +its unexpectedly low Total Length. However, this bug can potentially be +exploited to root linux based embedded devices locally. + +```C +static struct ip_udp_hdr *__net_defragment(struct ip_udp_hdr *ip, int *lenp) +{ + static uchar pkt_buff[IP_PKTSIZE] __aligned(PKTALIGN); + static u16 first_hole, total_len; + struct hole *payload, *thisfrag, *h, *newh; + struct ip_udp_hdr *localip = (struct ip_udp_hdr *)pkt_buff; + uchar *indata = (uchar *)ip; + int offset8, start, len, done = 0; + u16 ip_off = ntohs(ip->ip_off); + + /* payload starts after IP header, this fragment is in there */ + payload = (struct hole *)(pkt_buff + IP_HDR_SIZE); + offset8 = (ip_off & IP_OFFS); + thisfrag = payload + offset8; + start = offset8 * 8; + len = ntohs(ip->ip_len) - IP_HDR_SIZE; +``` + +The last line of the previous excerpt from `u-boot/net/net.c` shows how +the attacker can control the value of `len` to be strictly lower than +`8` by issuing a packet with `ip_len` between `21` and `27` +(`IP_HDR_SIZE` has a value of `20`). + +Also note that `offset8` here is `0` which leads to `thisfrag = payload`. + +```C + } else if (h >= thisfrag) { + /* overlaps with initial part of the hole: move this hole */ + newh = thisfrag + (len / 8); + *newh = *h; + h = newh; + if (h->next_hole) + payload[h->next_hole].prev_hole = (h - payload); + if (h->prev_hole) + payload[h->prev_hole].next_hole = (h - payload); + else + first_hole = (h - payload); + + } else { +``` + +Lower down the same function, execution reaches the above code path. +Here, `len / 8` evaluates to `0` leading to `newh = thisfrag`. Also note +that `first_hole` here is `0` since `h` and `payload` point to the same +location. + +```C + /* finally copy this fragment and possibly return whole packet */ + memcpy((uchar *)thisfrag, indata + IP_HDR_SIZE, len); +``` + +Finally, in the above excerpt the `memcpy` overwrites the hole metadata +since `thisfrag` and `h` both point to the same location. The hole +metadata is effectively overwritten with arbitrary data from the +fragmented IP packet data. If `len` was crafted to be `6`, `last_byte`, +`next_hole`, and `prev_hole` of the `first_hole` can be controlled by +the attacker. + +Finally the arbitrary offset write occurs through a second fragment that +only needs to be crafted to write data in the hole pointed to by the +previously controlled hole metadata (`next_hole`) from the first packet. + + ### Recommendation + +Handle cases where `len` is strictly lower than 8 by preventing the +overwrite of the hole metadata during the memcpy of the fragment. This +could be achieved by either: +* Moving the location where the hole metadata is stored when `len` is +lower than `8`. +* Or outright rejecting fragmented IP datagram with a Total Length +(`ip_len`) lower than 28 bytes which is the minimum valid fragmented IP +datagram size (as defined as the minimum fragment of 8 octets in the IP +Specification Document: +[RFC791](https://datatracker.ietf.org/doc/html/rfc791) page 25). + +----------BUG 2---------- + +In compiled versions of U-Boot that define CONFIG_IP_DEFRAG, a value of +`ip->ip_len` (IP packet header's Total Length) lower than `IP_HDR_SIZE` +will lead to a negative value for `len` which will ultimately result in +a buffer overflow during the subsequent `memcpy` that uses `len` as it's +`count` parameter. + +This bug is only exploitable on local ethernet as it requires crafting +an invalid packet to include an unexpected `ip_len` value in the IP UDP +header that's lower than the minimum accepted Total Length of a packet +(21 as defined in the IP Specification Document: +[RFC791](https://datatracker.ietf.org/doc/html/rfc791)). Such packet +would in all likelihood be dropped while being routed to its final +destination through most routing equipment and as such requires the +attacker to be in a local position in order to be exploited. + +```C +static struct ip_udp_hdr *__net_defragment(struct ip_udp_hdr *ip, int *lenp) +{ + static uchar pkt_buff[IP_PKTSIZE] __aligned(PKTALIGN); + static u16 first_hole, total_len; + struct hole *payload, *thisfrag, *h, *newh; + struct ip_udp_hdr *localip = (struct ip_udp_hdr *)pkt_buff; + uchar *indata = (uchar *)ip; + int offset8, start, len, done = 0; + u16 ip_off = ntohs(ip->ip_off); + + /* payload starts after IP header, this fragment is in there */ + payload = (struct hole *)(pkt_buff + IP_HDR_SIZE); + offset8 = (ip_off & IP_OFFS); + thisfrag = payload + offset8; + start = offset8 * 8; + len = ntohs(ip->ip_len) - IP_HDR_SIZE; +``` + +The last line of the previous excerpt from `u-boot/net/net.c` shows +where the underflow to a negative `len` value occurs if `ip_len` is set +to a value strictly lower than 20 (`IP_HDR_SIZE` being 20). Also note +that in the above excerpt the `pkt_buff` buffer has a size of +`CONFIG_NET_MAXDEFRAG` which defaults to 16 KB but can range from 1KB to +64 KB depending on configurations. + +```C + /* finally copy this fragment and possibly return whole packet */ + memcpy((uchar *)thisfrag, indata + IP_HDR_SIZE, len); +``` + +In the above excerpt the `memcpy` overflows the destination by +attempting to make a copy of nearly 4 gigabytes in a buffer that's +designed to hold `CONFIG_NET_MAXDEFRAG` bytes at most which leads to a DoS. + + ### Recommendation + +Stop processing of the packet if `ip_len` is lower than 21 (as defined +by the minimum length of a data carrying datagram in the IP +Specification Document: +[RFC791](https://datatracker.ietf.org/doc/html/rfc791) page 34)." + +Add a check for ip_len lesser than 28 and stop processing the packet +in this case. + +Such a check covers the two reported bugs. + +Reported-by: Nicolas Bidron <nicolas.bidron@nccgroup.com> +Signed-off-by: Fabio Estevam <festevam@denx.de> + +Upstream-Status: Backport [b85d130ea0cac152c21ec38ac9417b31d41b5552] +CVE: CVE-2022-30552 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + include/net.h | 2 ++ + net/net.c | 3 +++ + 2 files changed, 5 insertions(+) + +diff --git a/include/net.h b/include/net.h +index cec8c98618..09d7e9b9e8 100644 +--- a/include/net.h ++++ b/include/net.h +@@ -397,6 +397,8 @@ struct ip_hdr { + + #define IP_HDR_SIZE (sizeof(struct ip_hdr)) + ++#define IP_MIN_FRAG_DATAGRAM_SIZE (IP_HDR_SIZE + 8) ++ + /* + * Internet Protocol (IP) + UDP header. + */ +diff --git a/net/net.c b/net/net.c +index c2992a0908..f5400e6dbc 100644 +--- a/net/net.c ++++ b/net/net.c +@@ -907,6 +907,9 @@ static struct ip_udp_hdr *__net_defragment(struct ip_udp_hdr *ip, int *lenp) + int offset8, start, len, done = 0; + u16 ip_off = ntohs(ip->ip_off); + ++ if (ip->ip_len < IP_MIN_FRAG_DATAGRAM_SIZE) ++ return NULL; ++ + /* payload starts after IP header, this fragment is in there */ + payload = (struct hole *)(pkt_buff + IP_HDR_SIZE); + offset8 = (ip_off & IP_OFFS); +-- +2.33.0 + diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb index f2443723e2..c4cfcbca19 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot_2022.01.bb @@ -1,9 +1,12 @@ require u-boot-common.inc require u-boot.inc -SRC_URI:append = " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \ +SRC_URI += " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \ file://0001-riscv-fix-build-with-binutils-2.38.patch \ file://0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch \ + file://0001-fs-squashfs-sqfs_read-Prevent-arbitrary-code-executi.patch \ + file://0001-net-Check-for-the-minimum-IP-fragmented-datagram-siz.patch \ + file://0001-fs-squashfs-Use-kcalloc-when-relevant.patch \ " DEPENDS += "bc-native dtc-native python3-setuptools-native" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.7/0001-avoid-start-failure-with-bind-user.patch index ec1bc7b567..ec1bc7b567 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/0001-avoid-start-failure-with-bind-user.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch index 4c10f33f04..4c10f33f04 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.7/bind-ensure-searching-for-json-headers-searches-sysr.patch index f1abd179e8..f1abd179e8 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/bind-ensure-searching-for-json-headers-searches-sysr.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.18.7/bind9 index 968679ff7f..968679ff7f 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/bind9 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.7/conf.patch index aa3642acec..aa3642acec 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/conf.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.18.7/generate-rndc-key.sh index 633e29c0e6..633e29c0e6 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/generate-rndc-key.sh diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.7/init.d-add-support-for-read-only-rootfs.patch index 11db95ede1..11db95ede1 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/init.d-add-support-for-read-only-rootfs.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.7/make-etc-initd-bind-stop-work.patch index 146f3e35db..146f3e35db 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/make-etc-initd-bind-stop-work.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service b/poky/meta/recipes-connectivity/bind/bind-9.18.7/named.service index cda56ef015..cda56ef015 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.7/named.service diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.7.bb index c3efaffeda..11c8a4e9d3 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.18.7.bb @@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "f277ae50159a00c300eb926a9c5d51953038a936bd8242d6913dfb6eac42761d" +SRC_URI[sha256sum] = "9e2acf1698f49d70ad12ffbad39ec6716a7da524e9ebd98429c7c70ba1262981" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # follow the ESV versions divisible by 2 diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc index 22dd07b348..79d4645ca8 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -53,7 +53,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ file://0001-test-gatt-Fix-hung-issue.patch \ - file://fix_service.patch \ " S = "${WORKDIR}/bluez-${PV}" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch deleted file mode 100644 index 96fdf6b299..0000000000 --- a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch +++ /dev/null @@ -1,30 +0,0 @@ -The systemd bluetooth service failed to start because the /var/lib/bluetooth -path of ReadWritePaths= is created by the bluetooth daemon itself. - -The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth -and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service. -The existing ProtectSystem=full option mounts the /usr, the boot loader -directories and /etc read-only. This means the two option are useless and could be removed. - -Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329] - -Index: bluez-5.64/src/bluetooth.service.in -=================================================================== ---- bluez-5.64.orig/src/bluetooth.service.in -+++ bluez-5.64/src/bluetooth.service.in -@@ -15,12 +15,12 @@ LimitNPROC=1 - - # Filesystem lockdown - ProtectHome=true --ProtectSystem=full -+ProtectSystem=strict - PrivateTmp=true - ProtectKernelTunables=true - ProtectControlGroups=true --ReadWritePaths=@statedir@ --ReadOnlyPaths=@confdir@ -+ConfigurationDirectory=bluetooth -+StateDirectory=bluetooth - - # Execute Mappings - MemoryDenyWriteExecute=true diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb index 4319f9aae8..4c15aeb46d 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb +++ b/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb @@ -1,6 +1,6 @@ require bluez5.inc -SRC_URI[sha256sum] = "ae437e65b6b3070c198bc5b0109fe9cdeb9eaa387380e2072f9de65fe8a1de34" +SRC_URI[sha256sum] = "2565a4d48354b576e6ad92e25b54ed66808296581c8abb80587051f9993d96d4" # These issues have kernel fixes rather than bluez fixes so exclude here CVE_CHECK_IGNORE += "CVE-2020-12352 CVE-2020-24490" diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch new file mode 100644 index 0000000000..182c5ca29c --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch @@ -0,0 +1,37 @@ +From d1a5ede5d255bde8ef707f8441b997563b9312bd Mon Sep 17 00:00:00 2001 +From: Nathan Crandall <ncrandall@tesla.com> +Date: Tue, 12 Jul 2022 08:56:34 +0200 +Subject: gweb: Fix OOB write in received_data() + +There is a mismatch of handling binary vs. C-string data with memchr +and strlen, resulting in pos, count, and bytes_read to become out of +sync and result in a heap overflow. Instead, do not treat the buffer +as an ASCII C-string. We calculate the count based on the return value +of memchr, instead of strlen. + +Fixes: CVE-2022-32292 + +CVE: CVE-2022-32292 + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + gweb/gweb.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gweb/gweb.c b/gweb/gweb.c +index 12fcb1d8..13c6c5f2 100644 +--- a/gweb/gweb.c ++++ b/gweb/gweb.c +@@ -918,7 +918,7 @@ static gboolean received_data(GIOChannel *channel, GIOCondition cond, + } + + *pos = '\0'; +- count = strlen((char *) ptr); ++ count = pos - ptr; + if (count > 0 && ptr[count - 1] == '\r') { + ptr[--count] = '\0'; + bytes_read--; +-- +cgit + diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch new file mode 100644 index 0000000000..b280203594 --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch @@ -0,0 +1,141 @@ +From 72343929836de80727a27d6744c869dff045757c Mon Sep 17 00:00:00 2001 +From: Daniel Wagner <wagi@monom.org> +Date: Tue, 5 Jul 2022 08:32:12 +0200 +Subject: wispr: Add reference counter to portal context + +Track the connman_wispr_portal_context live time via a +refcounter. This only adds the infrastructure to do proper reference +counting. + +Fixes: CVE-2022-32293 +CVE: CVE-2022-32293 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/wispr.c | 52 ++++++++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 42 insertions(+), 10 deletions(-) + +diff --git a/src/wispr.c b/src/wispr.c +index a07896ca..bde7e63b 100644 +--- a/src/wispr.c ++++ b/src/wispr.c +@@ -56,6 +56,7 @@ struct wispr_route { + }; + + struct connman_wispr_portal_context { ++ int refcount; + struct connman_service *service; + enum connman_ipconfig_type type; + struct connman_wispr_portal *wispr_portal; +@@ -97,6 +98,11 @@ static char *online_check_ipv4_url = NULL; + static char *online_check_ipv6_url = NULL; + static bool enable_online_to_ready_transition = false; + ++#define wispr_portal_context_ref(wp_context) \ ++ wispr_portal_context_ref_debug(wp_context, __FILE__, __LINE__, __func__) ++#define wispr_portal_context_unref(wp_context) \ ++ wispr_portal_context_unref_debug(wp_context, __FILE__, __LINE__, __func__) ++ + static void connman_wispr_message_init(struct connman_wispr_message *msg) + { + DBG(""); +@@ -162,9 +168,6 @@ static void free_connman_wispr_portal_context( + { + DBG("context %p", wp_context); + +- if (!wp_context) +- return; +- + if (wp_context->wispr_portal) { + if (wp_context->wispr_portal->ipv4_context == wp_context) + wp_context->wispr_portal->ipv4_context = NULL; +@@ -201,9 +204,38 @@ static void free_connman_wispr_portal_context( + g_free(wp_context); + } + ++static struct connman_wispr_portal_context * ++wispr_portal_context_ref_debug(struct connman_wispr_portal_context *wp_context, ++ const char *file, int line, const char *caller) ++{ ++ DBG("%p ref %d by %s:%d:%s()", wp_context, ++ wp_context->refcount + 1, file, line, caller); ++ ++ __sync_fetch_and_add(&wp_context->refcount, 1); ++ ++ return wp_context; ++} ++ ++static void wispr_portal_context_unref_debug( ++ struct connman_wispr_portal_context *wp_context, ++ const char *file, int line, const char *caller) ++{ ++ if (!wp_context) ++ return; ++ ++ DBG("%p ref %d by %s:%d:%s()", wp_context, ++ wp_context->refcount - 1, file, line, caller); ++ ++ if (__sync_fetch_and_sub(&wp_context->refcount, 1) != 1) ++ return; ++ ++ free_connman_wispr_portal_context(wp_context); ++} ++ + static struct connman_wispr_portal_context *create_wispr_portal_context(void) + { +- return g_try_new0(struct connman_wispr_portal_context, 1); ++ return wispr_portal_context_ref( ++ g_new0(struct connman_wispr_portal_context, 1)); + } + + static void free_connman_wispr_portal(gpointer data) +@@ -215,8 +247,8 @@ static void free_connman_wispr_portal(gpointer data) + if (!wispr_portal) + return; + +- free_connman_wispr_portal_context(wispr_portal->ipv4_context); +- free_connman_wispr_portal_context(wispr_portal->ipv6_context); ++ wispr_portal_context_unref(wispr_portal->ipv4_context); ++ wispr_portal_context_unref(wispr_portal->ipv6_context); + + g_free(wispr_portal); + } +@@ -452,7 +484,7 @@ static void portal_manage_status(GWebResult *result, + connman_info("Client-Timezone: %s", str); + + if (!enable_online_to_ready_transition) +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + + __connman_service_ipconfig_indicate_state(service, + CONNMAN_SERVICE_STATE_ONLINE, type); +@@ -616,7 +648,7 @@ static void wispr_portal_request_wispr_login(struct connman_service *service, + return; + } + +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + return; + } + +@@ -952,7 +984,7 @@ static int wispr_portal_detect(struct connman_wispr_portal_context *wp_context) + + if (wp_context->token == 0) { + err = -EINVAL; +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + } + } else if (wp_context->timeout == 0) { + wp_context->timeout = g_idle_add(no_proxy_callback, wp_context); +@@ -1001,7 +1033,7 @@ int __connman_wispr_start(struct connman_service *service, + + /* If there is already an existing context, we wipe it */ + if (wp_context) +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + + wp_context = create_wispr_portal_context(); + if (!wp_context) +-- +cgit + diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch new file mode 100644 index 0000000000..56f8fc82de --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch @@ -0,0 +1,174 @@ +From 416bfaff988882c553c672e5bfc2d4f648d29e8a Mon Sep 17 00:00:00 2001 +From: Daniel Wagner <wagi@monom.org> +Date: Tue, 5 Jul 2022 09:11:09 +0200 +Subject: wispr: Update portal context references + +Maintain proper portal context references to avoid UAF. + +Fixes: CVE-2022-32293 +CVE: CVE-2022-32293 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757c] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/wispr.c | 34 ++++++++++++++++++++++------------ + 1 file changed, 22 insertions(+), 12 deletions(-) + +diff --git a/src/wispr.c b/src/wispr.c +index bde7e63b..84bed33f 100644 +--- a/src/wispr.c ++++ b/src/wispr.c +@@ -105,8 +105,6 @@ static bool enable_online_to_ready_transition = false; + + static void connman_wispr_message_init(struct connman_wispr_message *msg) + { +- DBG(""); +- + msg->has_error = false; + msg->current_element = NULL; + +@@ -166,8 +164,6 @@ static void free_wispr_routes(struct connman_wispr_portal_context *wp_context) + static void free_connman_wispr_portal_context( + struct connman_wispr_portal_context *wp_context) + { +- DBG("context %p", wp_context); +- + if (wp_context->wispr_portal) { + if (wp_context->wispr_portal->ipv4_context == wp_context) + wp_context->wispr_portal->ipv4_context = NULL; +@@ -483,9 +479,6 @@ static void portal_manage_status(GWebResult *result, + &str)) + connman_info("Client-Timezone: %s", str); + +- if (!enable_online_to_ready_transition) +- wispr_portal_context_unref(wp_context); +- + __connman_service_ipconfig_indicate_state(service, + CONNMAN_SERVICE_STATE_ONLINE, type); + +@@ -546,14 +539,17 @@ static void wispr_portal_request_portal( + { + DBG(""); + ++ wispr_portal_context_ref(wp_context); + wp_context->request_id = g_web_request_get(wp_context->web, + wp_context->status_url, + wispr_portal_web_result, + wispr_route_request, + wp_context); + +- if (wp_context->request_id == 0) ++ if (wp_context->request_id == 0) { + wispr_portal_error(wp_context); ++ wispr_portal_context_unref(wp_context); ++ } + } + + static bool wispr_input(const guint8 **data, gsize *length, +@@ -618,13 +614,15 @@ static void wispr_portal_browser_reply_cb(struct connman_service *service, + return; + + if (!authentication_done) { +- wispr_portal_error(wp_context); + free_wispr_routes(wp_context); ++ wispr_portal_error(wp_context); ++ wispr_portal_context_unref(wp_context); + return; + } + + /* Restarting the test */ + __connman_service_wispr_start(service, wp_context->type); ++ wispr_portal_context_unref(wp_context); + } + + static void wispr_portal_request_wispr_login(struct connman_service *service, +@@ -700,11 +698,13 @@ static bool wispr_manage_message(GWebResult *result, + + wp_context->wispr_result = CONNMAN_WISPR_RESULT_LOGIN; + ++ wispr_portal_context_ref(wp_context); + if (__connman_agent_request_login_input(wp_context->service, + wispr_portal_request_wispr_login, +- wp_context) != -EINPROGRESS) ++ wp_context) != -EINPROGRESS) { + wispr_portal_error(wp_context); +- else ++ wispr_portal_context_unref(wp_context); ++ } else + return true; + + break; +@@ -753,6 +753,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + if (length > 0) { + g_web_parser_feed_data(wp_context->wispr_parser, + chunk, length); ++ wispr_portal_context_unref(wp_context); + return true; + } + +@@ -770,6 +771,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + + switch (status) { + case 000: ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->status_url, wp_context); +@@ -781,11 +783,14 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + if (g_web_result_get_header(result, "X-ConnMan-Status", + &str)) { + portal_manage_status(result, wp_context); ++ wispr_portal_context_unref(wp_context); + return false; +- } else ++ } else { ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->redirect_url, wp_context); ++ } + + break; + case 300: +@@ -798,6 +803,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + !g_web_result_get_header(result, "Location", + &redirect)) { + ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->status_url, wp_context); +@@ -808,6 +814,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + + wp_context->redirect_url = g_strdup(redirect); + ++ wispr_portal_context_ref(wp_context); + wp_context->request_id = g_web_request_get(wp_context->web, + redirect, wispr_portal_web_result, + wispr_route_request, wp_context); +@@ -820,6 +827,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + + break; + case 505: ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->status_url, wp_context); +@@ -832,6 +840,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + wp_context->request_id = 0; + done: + wp_context->wispr_msg.message_type = -1; ++ wispr_portal_context_unref(wp_context); + return false; + } + +@@ -890,6 +899,7 @@ static void proxy_callback(const char *proxy, void *user_data) + xml_wispr_parser_callback, wp_context); + + wispr_portal_request_portal(wp_context); ++ wispr_portal_context_unref(wp_context); + } + + static gboolean no_proxy_callback(gpointer user_data) +-- +cgit + diff --git a/poky/meta/recipes-connectivity/connman/connman_1.41.bb b/poky/meta/recipes-connectivity/connman/connman_1.41.bb index 736b78eaeb..79542b2175 100644 --- a/poky/meta/recipes-connectivity/connman/connman_1.41.bb +++ b/poky/meta/recipes-connectivity/connman/connman_1.41.bb @@ -5,6 +5,9 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ file://connman \ file://no-version-scripts.patch \ + file://CVE-2022-32293_p1.patch \ + file://CVE-2022-32293_p2.patch \ + file://CVE-2022-32292.patch \ " SRC_URI:append:libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch" diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch b/poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch new file mode 100644 index 0000000000..54040ad74c --- /dev/null +++ b/poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch @@ -0,0 +1,54 @@ +From d52349fa1b6baac77ffa2c74769636aa2ece2ec5 Mon Sep 17 00:00:00 2001 +From: Erik Auerswald <auerswal@unix-ag.uni-kl.de> +Date: Sat, 3 Sep 2022 16:58:16 +0200 +Subject: [PATCH] telnetd: Handle early IAC EC or IAC EL receipt + +Fix telnetd crash if the first two bytes of a new connection +are 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). + +The problem was reported in: +<https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html>. + +* NEWS: Mention fix. +* telnetd/state.c (telrcv): Handle zero slctab[SLC_EC].sptr and +zero slctab[SLC_EL].sptr. + +CVE: CVE-2022-39028 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=fae8263e467380483c28513c0e5fac143e46f94f] +Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com> +--- + telnetd/state.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/telnetd/state.c b/telnetd/state.c +index ffc6cba..c2d760f 100644 +--- a/telnetd/state.c ++++ b/telnetd/state.c +@@ -312,15 +312,21 @@ telrcv (void) + case EC: + case EL: + { +- cc_t ch; ++ cc_t ch = (cc_t) (_POSIX_VDISABLE); + + DEBUG (debug_options, 1, printoption ("td: recv IAC", c)); + ptyflush (); /* half-hearted */ + init_termbuf (); + if (c == EC) +- ch = *slctab[SLC_EC].sptr; ++ { ++ if (slctab[SLC_EC].sptr) ++ ch = *slctab[SLC_EC].sptr; ++ } + else +- ch = *slctab[SLC_EL].sptr; ++ { ++ if (slctab[SLC_EL].sptr) ++ ch = *slctab[SLC_EL].sptr; ++ } + if (ch != (cc_t) (_POSIX_VDISABLE)) + pty_output_byte ((unsigned char) ch); + break; +-- +2.37.3 + diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils_2.2.bb b/poky/meta/recipes-connectivity/inetutils/inetutils_2.2.bb index 6c9a299b71..d8062e2b21 100644 --- a/poky/meta/recipes-connectivity/inetutils/inetutils_2.2.bb +++ b/poky/meta/recipes-connectivity/inetutils/inetutils_2.2.bb @@ -21,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ file://tftpd.xinetd.inetutils \ file://inetutils-1.9-PATH_PROCNET_DEV.patch \ file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ + file://CVE-2022-39028.patch \ " inherit autotools gettext update-alternatives texinfo diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index e6f216e5cb..2cc92b7b47 100644 --- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -5,8 +5,8 @@ SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "3d5c8d0f7e0264768a2c000d0fd4b4d4a991e041" -PV = "20220511" +SRCREV = "fe19892a8168bf19d81e3bc4ee319bf7f9f058f5" +PV = "20220725" PE = "1" SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main" diff --git a/poky/meta/recipes-core/busybox/busybox/0001-devmem-add-128-bit-width.patch b/poky/meta/recipes-core/busybox/busybox/0001-devmem-add-128-bit-width.patch new file mode 100644 index 0000000000..985e2bf1d9 --- /dev/null +++ b/poky/meta/recipes-core/busybox/busybox/0001-devmem-add-128-bit-width.patch @@ -0,0 +1,128 @@ +From d432049f288c9acdc4a7caa729c68ceba3c5dca1 Mon Sep 17 00:00:00 2001 +From: Aaro Koskinen <aaro.koskinen@nokia.com> +Date: Thu, 25 Aug 2022 18:47:02 +0300 +Subject: [PATCH] devmem: add 128-bit width + +Add 128-bit width if the compiler provides the needed type. + +function old new delta +devmem_main 405 464 +59 +.rodata 109025 109043 +18 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 2/0 up/down: 77/0) Total: 77 bytes + +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=d432049f288c9acdc4a7caa729c68ceba3c5dca1] + +Signed-off-by: Aaro Koskinen <aaro.koskinen@nokia.com> +Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi> +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + miscutils/devmem.c | 68 ++++++++++++++++++++++++++++++---------------- + 1 file changed, 44 insertions(+), 24 deletions(-) + +diff --git a/miscutils/devmem.c b/miscutils/devmem.c +index f9f0276bc..f21621bd6 100644 +--- a/miscutils/devmem.c ++++ b/miscutils/devmem.c +@@ -29,7 +29,6 @@ int devmem_main(int argc UNUSED_PARAM, char **argv) + { + void *map_base, *virt_addr; + uint64_t read_result; +- uint64_t writeval = writeval; /* for compiler */ + off_t target; + unsigned page_size, mapped_size, offset_in_page; + int fd; +@@ -64,9 +63,6 @@ int devmem_main(int argc UNUSED_PARAM, char **argv) + width = strchrnul(bhwl, (argv[2][0] | 0x20)) - bhwl; + width = sizes[width]; + } +- /* VALUE */ +- if (argv[3]) +- writeval = bb_strtoull(argv[3], NULL, 0); + } else { /* argv[2] == NULL */ + /* make argv[3] to be a valid thing to fetch */ + argv--; +@@ -96,28 +92,46 @@ int devmem_main(int argc UNUSED_PARAM, char **argv) + virt_addr = (char*)map_base + offset_in_page; + + if (!argv[3]) { +- switch (width) { +- case 8: +- read_result = *(volatile uint8_t*)virt_addr; +- break; +- case 16: +- read_result = *(volatile uint16_t*)virt_addr; +- break; +- case 32: +- read_result = *(volatile uint32_t*)virt_addr; +- break; +- case 64: +- read_result = *(volatile uint64_t*)virt_addr; +- break; +- default: +- bb_simple_error_msg_and_die("bad width"); ++#ifdef __SIZEOF_INT128__ ++ if (width == 128) { ++ unsigned __int128 rd = ++ *(volatile unsigned __int128 *)virt_addr; ++ printf("0x%016llX%016llX\n", ++ (unsigned long long)(uint64_t)(rd >> 64), ++ (unsigned long long)(uint64_t)rd ++ ); ++ } else ++#endif ++ { ++ switch (width) { ++ case 8: ++ read_result = *(volatile uint8_t*)virt_addr; ++ break; ++ case 16: ++ read_result = *(volatile uint16_t*)virt_addr; ++ break; ++ case 32: ++ read_result = *(volatile uint32_t*)virt_addr; ++ break; ++ case 64: ++ read_result = *(volatile uint64_t*)virt_addr; ++ break; ++ default: ++ bb_simple_error_msg_and_die("bad width"); ++ } ++// printf("Value at address 0x%"OFF_FMT"X (%p): 0x%llX\n", ++// target, virt_addr, ++// (unsigned long long)read_result); ++ /* Zero-padded output shows the width of access just done */ ++ printf("0x%0*llX\n", (width >> 2), (unsigned long long)read_result); + } +-// printf("Value at address 0x%"OFF_FMT"X (%p): 0x%llX\n", +-// target, virt_addr, +-// (unsigned long long)read_result); +- /* Zero-padded output shows the width of access just done */ +- printf("0x%0*llX\n", (width >> 2), (unsigned long long)read_result); + } else { ++ /* parse VALUE */ ++#ifdef __SIZEOF_INT128__ ++ unsigned __int128 writeval = strtoumax(argv[3], NULL, 0); ++#else ++ uint64_t writeval = bb_strtoull(argv[3], NULL, 0); ++#endif + switch (width) { + case 8: + *(volatile uint8_t*)virt_addr = writeval; +@@ -135,6 +149,12 @@ int devmem_main(int argc UNUSED_PARAM, char **argv) + *(volatile uint64_t*)virt_addr = writeval; + // read_result = *(volatile uint64_t*)virt_addr; + break; ++#ifdef __SIZEOF_INT128__ ++ case 128: ++ *(volatile unsigned __int128 *)virt_addr = writeval; ++// read_result = *(volatile uint64_t*)virt_addr; ++ break; ++#endif + default: + bb_simple_error_msg_and_die("bad width"); + } +-- +2.25.1 + diff --git a/poky/meta/recipes-core/busybox/busybox_1.35.0.bb b/poky/meta/recipes-core/busybox/busybox_1.35.0.bb index edf896485e..e9ca6fdb1a 100644 --- a/poky/meta/recipes-core/busybox/busybox_1.35.0.bb +++ b/poky/meta/recipes-core/busybox/busybox_1.35.0.bb @@ -50,6 +50,7 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch \ file://0002-nslookup-sanitize-all-printed-strings-with-printable.patch \ file://CVE-2022-30065.patch \ + file://0001-devmem-add-128-bit-width.patch \ " SRC_URI:append:libc-musl = " file://musl.cfg " diff --git a/poky/meta/recipes-core/coreutils/coreutils_9.0.bb b/poky/meta/recipes-core/coreutils/coreutils_9.0.bb index 865cffd4cd..8a2fbeca32 100644 --- a/poky/meta/recipes-core/coreutils/coreutils_9.0.bb +++ b/poky/meta/recipes-core/coreutils/coreutils_9.0.bb @@ -49,6 +49,7 @@ PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl," PACKAGECONFIG[xattr] = "--enable-xattr,--disable-xattr,attr," PACKAGECONFIG[single-binary] = "--enable-single-binary,--disable-single-binary,," PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux" +PACKAGECONFIG[openssl] = "--with-openssl=yes,--with-openssl=no,openssl" # [ df mktemp nice printenv base64 gets a special treatment and is not included in this bindir_progs = "arch basename chcon cksum comm csplit cut dir dircolors dirname du \ diff --git a/poky/meta/recipes-core/ell/ell_0.49.bb b/poky/meta/recipes-core/ell/ell_0.50.bb index 9edd6fc92a..243ac01530 100644 --- a/poky/meta/recipes-core/ell/ell_0.49.bb +++ b/poky/meta/recipes-core/ell/ell_0.50.bb @@ -16,7 +16,7 @@ inherit autotools pkgconfig SRC_URI = "https://mirrors.edge.kernel.org/pub/linux/libs/${BPN}/${BPN}-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "a7ff8ecbc76b187d942dd22b61cb489711400897c790319ffb7e944791687c3f" +SRC_URI[sha256sum] = "0fe51d51c6eddc2a2784092f1dfdd1143a5ef27f15c274ecfbadd680d3a72fd9" do_configure:prepend () { mkdir -p ${S}/build-aux diff --git a/poky/meta/recipes-core/expat/expat_2.4.7.bb b/poky/meta/recipes-core/expat/expat_2.4.9.bb index bf1ca8d56e..cb007708c7 100644 --- a/poky/meta/recipes-core/expat/expat_2.4.7.bb +++ b/poky/meta/recipes-core/expat/expat_2.4.9.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/libexpat/libexpat" SECTION = "libs" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=9e2ce3b3c4c0f2670883a23bbd7c37a9" +LIC_FILES_CHKSUM = "file://COPYING;md5=7b3b078238d0901d3b339289117cb7fb" VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}" @@ -14,7 +14,7 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" -SRC_URI[sha256sum] = "e149bdd8b90254c62b3d195da53a09bd531a4d63a963b0d8a5268d48dd2f6a65" +SRC_URI[sha256sum] = "7f44d1469b110773a94b0d5abeeeffaef79f8bd6406b07e52394bcf48126437a" EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" diff --git a/poky/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb b/poky/meta/recipes-core/glib-networking/glib-networking_2.72.2.bb index 41f18d1c48..746d1bc39c 100644 --- a/poky/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb +++ b/poky/meta/recipes-core/glib-networking/glib-networking_2.72.2.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SECTION = "libs" DEPENDS = "glib-2.0" -SRC_URI[archive.sha256sum] = "6fc1bedc8062484dc8a0204965995ef2367c3db5c934058ff1607e5a24d95a74" +SRC_URI[archive.sha256sum] = "cd2a084c7bb91d78e849fb55d40e472f6d8f6862cddc9f12c39149359ba18268" PACKAGECONFIG ??= "openssl ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}" diff --git a/poky/meta/recipes-core/glibc/glibc-locale.inc b/poky/meta/recipes-core/glibc/glibc-locale.inc index b8de7d3192..7c14abfe99 100644 --- a/poky/meta/recipes-core/glibc/glibc-locale.inc +++ b/poky/meta/recipes-core/glibc/glibc-locale.inc @@ -87,10 +87,9 @@ do_install() { if [ ${PACKAGE_NO_GCONV} -eq 0 ]; then copy_locale_files ${libdir}/gconv 0755 copy_locale_files ${datadir}/i18n 0644 - else - # Remove the libdir if it is empty when gconv is not copied - find ${D}${libdir} -type d -empty -delete fi + # Remove empty dirs in libdir when gconv or locales are not copied + find ${D}${libdir} -type d -empty -delete copy_locale_files ${datadir}/locale 0644 install -m 0644 ${LOCALETREESRC}/SUPPORTED ${WORKDIR}/SUPPORTED } diff --git a/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb b/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb index 96d0569ff6..97d5dc29a3 100644 --- a/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb +++ b/poky/meta/recipes-core/glibc/glibc-tests_2.35.bb @@ -4,7 +4,7 @@ require glibc-tests.inc inherit ptest features_check REQUIRED_DISTRO_FEATURES = "ptest" -SRC_URI:append = " \ +SRC_URI += " \ file://reproducible-paths.patch \ file://run-ptest \ " @@ -30,7 +30,7 @@ python __anonymous() { RPROVIDES:${PN} = "${PN}" RRECOMMENDS:${PN} = "" RDEPENDS:${PN} = " glibc sed" -DEPENDS:append = " sed" +DEPENDS += "sed" export oe_srcdir="${exec_prefix}/src/debug/glibc/${PV}/" diff --git a/poky/meta/recipes-core/glibc/glibc-version.inc b/poky/meta/recipes-core/glibc/glibc-version.inc index ccb41e5af6..d3cea19f9c 100644 --- a/poky/meta/recipes-core/glibc/glibc-version.inc +++ b/poky/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.35/master" PV = "2.35" -SRCREV_glibc ?= "0e5b239f45992e4b54c6f946ecb0c410afc8bb08" +SRCREV_glibc ?= "f8ad66a4cab14ed294bf50e7a9eddb73da6cf307" SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 7acdd8c2ef..61a9cd4aa3 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx" inherit core-image setuptools3 -SRCREV ?= "60171200800c62820c9275b50c703e53ed6e7b28" +SRCREV ?= "d64bef1c7d713b92a51228e5ade945835e5a94a4" SRC_URI = "git://git.yoctoproject.org/poky;branch=kirkstone \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/poky/meta/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch b/poky/meta/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch new file mode 100644 index 0000000000..c6567ac878 --- /dev/null +++ b/poky/meta/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch @@ -0,0 +1,814 @@ +From 2c20198b1ddb1bfb47269b8caf929ffb83748f78 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Thu, 21 Apr 2022 00:45:58 +0200 +Subject: [PATCH] Port gentest.py to Python 3 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/343fc1421cdae097fa6c4cffeb1a065a40be6bbb] + +* fixes: + +make[1]: 'testReader' is up to date. + File "../libxml2-2.9.10/gentest.py", line 11 + print "libxml2 python bindings not available, skipping testapi.c generation" + ^ +SyntaxError: Missing parentheses in call to 'print'. Did you mean print("libxml2 python bindings not available, skipping testapi.c generation")? +make[1]: [Makefile:2078: testapi.c] Error 1 (ignored) + +... + +make[1]: 'testReader' is up to date. + File "../libxml2-2.9.10/gentest.py", line 271 + return 1 + ^ +TabError: inconsistent use of tabs and spaces in indentation +make[1]: [Makefile:2078: testapi.c] Error 1 (ignored) + +... + +aarch64-oe-linux-gcc: error: testapi.c: No such file or directory +aarch64-oe-linux-gcc: fatal error: no input files +compilation terminated. +make[1]: *** [Makefile:1275: testapi.o] Error 1 + +But there is still a bit mystery why it worked before, because check-am +calls gentest.py with $(PYTHON), so it ignores the shebang in the script +and libxml2 is using python3native (through python3targetconfig.bbclass) +so something like: + +libxml2/2.9.10-r0/recipe-sysroot-native/usr/bin/python3-native/python3 gentest.py + +But that still fails (now without SyntaxError) with: +libxml2 python bindings not available, skipping testapi.c generation + +because we don't have dependency on libxml2-native (to provide libxml2 +python bindings form python3native) and exported PYTHON_SITE_PACKAGES +might be useless (e.g. /usr/lib/python3.8/site-packages on Ubuntu-22.10 +which uses python 3.10 and there is no site-packages with libxml2) + +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> + +--- + gentest.py | 421 ++++++++++++++++++++++++++--------------------------- + 1 file changed, 209 insertions(+), 212 deletions(-) + +diff --git a/gentest.py b/gentest.py +index b6cd866..af15a4f 100755 +--- a/gentest.py ++++ b/gentest.py +@@ -8,7 +8,7 @@ import string + try: + import libxml2 + except: +- print "libxml2 python bindings not available, skipping testapi.c generation" ++ print("libxml2 python bindings not available, skipping testapi.c generation") + sys.exit(0) + + if len(sys.argv) > 1: +@@ -227,7 +227,7 @@ extra_post_call = { + if (old != NULL) { + xmlUnlinkNode(old); + xmlFreeNode(old) ; old = NULL ; } +- ret_val = NULL;""", ++\t ret_val = NULL;""", + "xmlTextMerge": + """if ((first != NULL) && (first->type != XML_TEXT_NODE)) { + xmlUnlinkNode(second); +@@ -236,7 +236,7 @@ extra_post_call = { + """if ((ret_val != NULL) && (ret_val != ncname) && + (ret_val != prefix) && (ret_val != memory)) + xmlFree(ret_val); +- ret_val = NULL;""", ++\t ret_val = NULL;""", + "xmlNewDocElementContent": + """xmlFreeDocElementContent(doc, ret_val); ret_val = NULL;""", + "xmlDictReference": "xmlDictFree(dict);", +@@ -268,29 +268,29 @@ modules = [] + def is_skipped_module(name): + for mod in skipped_modules: + if mod == name: +- return 1 ++ return 1 + return 0 + + def is_skipped_function(name): + for fun in skipped_functions: + if fun == name: +- return 1 ++ return 1 + # Do not test destructors +- if string.find(name, 'Free') != -1: ++ if name.find('Free') != -1: + return 1 + return 0 + + def is_skipped_memcheck(name): + for fun in skipped_memcheck: + if fun == name: +- return 1 ++ return 1 + return 0 + + missing_types = {} + def add_missing_type(name, func): + try: + list = missing_types[name] +- list.append(func) ++ list.append(func) + except: + missing_types[name] = [func] + +@@ -310,7 +310,7 @@ def add_missing_functions(name, module): + missing_functions_nr = missing_functions_nr + 1 + try: + list = missing_functions[module] +- list.append(name) ++ list.append(name) + except: + missing_functions[module] = [name] + +@@ -319,45 +319,45 @@ def add_missing_functions(name, module): + # + + def type_convert(str, name, info, module, function, pos): +-# res = string.replace(str, " ", " ") +-# res = string.replace(str, " ", " ") +-# res = string.replace(str, " ", " ") +- res = string.replace(str, " *", "_ptr") +-# res = string.replace(str, "*", "_ptr") +- res = string.replace(res, " ", "_") ++# res = str.replace(" ", " ") ++# res = str.replace(" ", " ") ++# res = str.replace(" ", " ") ++ res = str.replace(" *", "_ptr") ++# res = str.replace("*", "_ptr") ++ res = res.replace(" ", "_") + if res == 'const_char_ptr': +- if string.find(name, "file") != -1 or \ +- string.find(name, "uri") != -1 or \ +- string.find(name, "URI") != -1 or \ +- string.find(info, "filename") != -1 or \ +- string.find(info, "URI") != -1 or \ +- string.find(info, "URL") != -1: +- if string.find(function, "Save") != -1 or \ +- string.find(function, "Create") != -1 or \ +- string.find(function, "Write") != -1 or \ +- string.find(function, "Fetch") != -1: +- return('fileoutput') +- return('filepath') ++ if name.find("file") != -1 or \ ++ name.find("uri") != -1 or \ ++ name.find("URI") != -1 or \ ++ info.find("filename") != -1 or \ ++ info.find("URI") != -1 or \ ++ info.find("URL") != -1: ++ if function.find("Save") != -1 or \ ++ function.find("Create") != -1 or \ ++ function.find("Write") != -1 or \ ++ function.find("Fetch") != -1: ++ return('fileoutput') ++ return('filepath') + if res == 'void_ptr': + if module == 'nanoftp' and name == 'ctx': +- return('xmlNanoFTPCtxtPtr') ++ return('xmlNanoFTPCtxtPtr') + if function == 'xmlNanoFTPNewCtxt' or \ +- function == 'xmlNanoFTPConnectTo' or \ +- function == 'xmlNanoFTPOpen': +- return('xmlNanoFTPCtxtPtr') ++ function == 'xmlNanoFTPConnectTo' or \ ++ function == 'xmlNanoFTPOpen': ++ return('xmlNanoFTPCtxtPtr') + if module == 'nanohttp' and name == 'ctx': +- return('xmlNanoHTTPCtxtPtr') +- if function == 'xmlNanoHTTPMethod' or \ +- function == 'xmlNanoHTTPMethodRedir' or \ +- function == 'xmlNanoHTTPOpen' or \ +- function == 'xmlNanoHTTPOpenRedir': +- return('xmlNanoHTTPCtxtPtr'); ++ return('xmlNanoHTTPCtxtPtr') ++ if function == 'xmlNanoHTTPMethod' or \ ++ function == 'xmlNanoHTTPMethodRedir' or \ ++ function == 'xmlNanoHTTPOpen' or \ ++ function == 'xmlNanoHTTPOpenRedir': ++ return('xmlNanoHTTPCtxtPtr'); + if function == 'xmlIOHTTPOpen': +- return('xmlNanoHTTPCtxtPtr') +- if string.find(name, "data") != -1: +- return('userdata') +- if string.find(name, "user") != -1: +- return('userdata') ++ return('xmlNanoHTTPCtxtPtr') ++ if name.find("data") != -1: ++ return('userdata') ++ if name.find("user") != -1: ++ return('userdata') + if res == 'xmlDoc_ptr': + res = 'xmlDocPtr' + if res == 'xmlNode_ptr': +@@ -366,18 +366,18 @@ def type_convert(str, name, info, module, function, pos): + res = 'xmlDictPtr' + if res == 'xmlNodePtr' and pos != 0: + if (function == 'xmlAddChild' and pos == 2) or \ +- (function == 'xmlAddChildList' and pos == 2) or \ ++ (function == 'xmlAddChildList' and pos == 2) or \ + (function == 'xmlAddNextSibling' and pos == 2) or \ + (function == 'xmlAddSibling' and pos == 2) or \ + (function == 'xmlDocSetRootElement' and pos == 2) or \ + (function == 'xmlReplaceNode' and pos == 2) or \ + (function == 'xmlTextMerge') or \ +- (function == 'xmlAddPrevSibling' and pos == 2): +- return('xmlNodePtr_in'); ++ (function == 'xmlAddPrevSibling' and pos == 2): ++ return('xmlNodePtr_in'); + if res == 'const xmlBufferPtr': + res = 'xmlBufferPtr' + if res == 'xmlChar_ptr' and name == 'name' and \ +- string.find(function, "EatName") != -1: ++ function.find("EatName") != -1: + return('eaten_name') + if res == 'void_ptr*': + res = 'void_ptr_ptr' +@@ -393,7 +393,7 @@ def type_convert(str, name, info, module, function, pos): + res = 'debug_FILE_ptr'; + if res == 'int' and name == 'options': + if module == 'parser' or module == 'xmlreader': +- res = 'parseroptions' ++ res = 'parseroptions' + + return res + +@@ -402,28 +402,28 @@ known_param_types = [] + def is_known_param_type(name): + for type in known_param_types: + if type == name: +- return 1 ++ return 1 + return name[-3:] == 'Ptr' or name[-4:] == '_ptr' + + def generate_param_type(name, rtype): + global test + for type in known_param_types: + if type == name: +- return ++ return + for type in generated_param_types: + if type == name: +- return ++ return + + if name[-3:] == 'Ptr' or name[-4:] == '_ptr': + if rtype[0:6] == 'const ': +- crtype = rtype[6:] +- else: +- crtype = rtype ++ crtype = rtype[6:] ++ else: ++ crtype = rtype + + define = 0 +- if modules_defines.has_key(module): +- test.write("#ifdef %s\n" % (modules_defines[module])) +- define = 1 ++ if module in modules_defines: ++ test.write("#ifdef %s\n" % (modules_defines[module])) ++ define = 1 + test.write(""" + #define gen_nb_%s 1 + static %s gen_%s(int no ATTRIBUTE_UNUSED, int nr ATTRIBUTE_UNUSED) { +@@ -433,7 +433,7 @@ static void des_%s(int no ATTRIBUTE_UNUSED, %s val ATTRIBUTE_UNUSED, int nr ATTR + } + """ % (name, crtype, name, name, rtype)) + if define == 1: +- test.write("#endif\n\n") ++ test.write("#endif\n\n") + add_generated_param_type(name) + + # +@@ -445,7 +445,7 @@ known_return_types = [] + def is_known_return_type(name): + for type in known_return_types: + if type == name: +- return 1 ++ return 1 + return 0 + + # +@@ -471,7 +471,7 @@ def compare_and_save(): + try: + os.system("rm testapi.c; mv testapi.c.new testapi.c") + except: +- os.system("mv testapi.c.new testapi.c") ++ os.system("mv testapi.c.new testapi.c") + print("Updated testapi.c") + else: + print("Generated testapi.c is identical") +@@ -481,17 +481,17 @@ while line != "": + if line == "/* CUT HERE: everything below that line is generated */\n": + break; + if line[0:15] == "#define gen_nb_": +- type = string.split(line[15:])[0] +- known_param_types.append(type) ++ type = line[15:].split()[0] ++ known_param_types.append(type) + if line[0:19] == "static void desret_": +- type = string.split(line[19:], '(')[0] +- known_return_types.append(type) ++ type = line[19:].split('(')[0] ++ known_return_types.append(type) + test.write(line) + line = input.readline() + input.close() + + if line == "": +- print "Could not find the CUT marker in testapi.c skipping generation" ++ print("Could not find the CUT marker in testapi.c skipping generation") + test.close() + sys.exit(0) + +@@ -505,7 +505,7 @@ test.write("/* CUT HERE: everything below that line is generated */\n") + # + doc = libxml2.readFile(srcPref + 'doc/libxml2-api.xml', None, 0) + if doc == None: +- print "Failed to load doc/libxml2-api.xml" ++ print("Failed to load doc/libxml2-api.xml") + sys.exit(1) + ctxt = doc.xpathNewContext() + +@@ -519,9 +519,9 @@ for arg in args: + mod = arg.xpathEval('string(../@file)') + func = arg.xpathEval('string(../@name)') + if (mod not in skipped_modules) and (func not in skipped_functions): +- type = arg.xpathEval('string(@type)') +- if not argtypes.has_key(type): +- argtypes[type] = func ++ type = arg.xpathEval('string(@type)') ++ if type not in argtypes: ++ argtypes[type] = func + + # similarly for return types + rettypes = {} +@@ -531,8 +531,8 @@ for ret in rets: + func = ret.xpathEval('string(../@name)') + if (mod not in skipped_modules) and (func not in skipped_functions): + type = ret.xpathEval('string(@type)') +- if not rettypes.has_key(type): +- rettypes[type] = func ++ if type not in rettypes: ++ rettypes[type] = func + + # + # Generate constructors and return type handling for all enums +@@ -549,49 +549,49 @@ for enum in enums: + continue; + define = 0 + +- if argtypes.has_key(name) and is_known_param_type(name) == 0: +- values = ctxt.xpathEval("/api/symbols/enum[@type='%s']" % name) +- i = 0 +- vals = [] +- for value in values: +- vname = value.xpathEval('string(@name)') +- if vname == None: +- continue; +- i = i + 1 +- if i >= 5: +- break; +- vals.append(vname) +- if vals == []: +- print "Didn't find any value for enum %s" % (name) +- continue +- if modules_defines.has_key(module): +- test.write("#ifdef %s\n" % (modules_defines[module])) +- define = 1 +- test.write("#define gen_nb_%s %d\n" % (name, len(vals))) +- test.write("""static %s gen_%s(int no, int nr ATTRIBUTE_UNUSED) {\n""" % +- (name, name)) +- i = 1 +- for value in vals: +- test.write(" if (no == %d) return(%s);\n" % (i, value)) +- i = i + 1 +- test.write(""" return(0); ++ if (name in argtypes) and is_known_param_type(name) == 0: ++ values = ctxt.xpathEval("/api/symbols/enum[@type='%s']" % name) ++ i = 0 ++ vals = [] ++ for value in values: ++ vname = value.xpathEval('string(@name)') ++ if vname == None: ++ continue; ++ i = i + 1 ++ if i >= 5: ++ break; ++ vals.append(vname) ++ if vals == []: ++ print("Didn't find any value for enum %s" % (name)) ++ continue ++ if module in modules_defines: ++ test.write("#ifdef %s\n" % (modules_defines[module])) ++ define = 1 ++ test.write("#define gen_nb_%s %d\n" % (name, len(vals))) ++ test.write("""static %s gen_%s(int no, int nr ATTRIBUTE_UNUSED) {\n""" % ++ (name, name)) ++ i = 1 ++ for value in vals: ++ test.write(" if (no == %d) return(%s);\n" % (i, value)) ++ i = i + 1 ++ test.write(""" return(0); + } + + static void des_%s(int no ATTRIBUTE_UNUSED, %s val ATTRIBUTE_UNUSED, int nr ATTRIBUTE_UNUSED) { + } + + """ % (name, name)); +- known_param_types.append(name) ++ known_param_types.append(name) + + if (is_known_return_type(name) == 0) and (name in rettypes): +- if define == 0 and modules_defines.has_key(module): +- test.write("#ifdef %s\n" % (modules_defines[module])) +- define = 1 ++ if define == 0 and (module in modules_defines): ++ test.write("#ifdef %s\n" % (modules_defines[module])) ++ define = 1 + test.write("""static void desret_%s(%s val ATTRIBUTE_UNUSED) { + } + + """ % (name, name)) +- known_return_types.append(name) ++ known_return_types.append(name) + if define == 1: + test.write("#endif\n\n") + +@@ -615,9 +615,9 @@ for file in headers: + # do not test deprecated APIs + # + desc = file.xpathEval('string(description)') +- if string.find(desc, 'DEPRECATED') != -1: +- print "Skipping deprecated interface %s" % name +- continue; ++ if desc.find('DEPRECATED') != -1: ++ print("Skipping deprecated interface %s" % name) ++ continue; + + test.write("#include <libxml/%s.h>\n" % name) + modules.append(name) +@@ -679,7 +679,7 @@ def generate_test(module, node): + # and store the information for the generation + # + try: +- args = node.xpathEval("arg") ++ args = node.xpathEval("arg") + except: + args = [] + t_args = [] +@@ -687,37 +687,37 @@ def generate_test(module, node): + for arg in args: + n = n + 1 + rtype = arg.xpathEval("string(@type)") +- if rtype == 'void': +- break; +- info = arg.xpathEval("string(@info)") +- nam = arg.xpathEval("string(@name)") ++ if rtype == 'void': ++ break; ++ info = arg.xpathEval("string(@info)") ++ nam = arg.xpathEval("string(@name)") + type = type_convert(rtype, nam, info, module, name, n) +- if is_known_param_type(type) == 0: +- add_missing_type(type, name); +- no_gen = 1 ++ if is_known_param_type(type) == 0: ++ add_missing_type(type, name); ++ no_gen = 1 + if (type[-3:] == 'Ptr' or type[-4:] == '_ptr') and \ +- rtype[0:6] == 'const ': +- crtype = rtype[6:] +- else: +- crtype = rtype +- t_args.append((nam, type, rtype, crtype, info)) ++ rtype[0:6] == 'const ': ++ crtype = rtype[6:] ++ else: ++ crtype = rtype ++ t_args.append((nam, type, rtype, crtype, info)) + + try: +- rets = node.xpathEval("return") ++ rets = node.xpathEval("return") + except: + rets = [] + t_ret = None + for ret in rets: + rtype = ret.xpathEval("string(@type)") +- info = ret.xpathEval("string(@info)") ++ info = ret.xpathEval("string(@info)") + type = type_convert(rtype, 'return', info, module, name, 0) +- if rtype == 'void': +- break +- if is_known_return_type(type) == 0: +- add_missing_type(type, name); +- no_gen = 1 +- t_ret = (type, rtype, info) +- break ++ if rtype == 'void': ++ break ++ if is_known_return_type(type) == 0: ++ add_missing_type(type, name); ++ no_gen = 1 ++ t_ret = (type, rtype, info) ++ break + + if no_gen == 0: + for t_arg in t_args: +@@ -733,7 +733,7 @@ test_%s(void) { + + if no_gen == 1: + add_missing_functions(name, module) +- test.write(""" ++ test.write(""" + /* missing type support */ + return(test_ret); + } +@@ -742,22 +742,22 @@ test_%s(void) { + return + + try: +- conds = node.xpathEval("cond") +- for cond in conds: +- test.write("#if %s\n" % (cond.get_content())) +- nb_cond = nb_cond + 1 ++ conds = node.xpathEval("cond") ++ for cond in conds: ++ test.write("#if %s\n" % (cond.get_content())) ++ nb_cond = nb_cond + 1 + except: + pass + + define = 0 +- if function_defines.has_key(name): ++ if name in function_defines: + test.write("#ifdef %s\n" % (function_defines[name])) +- define = 1 ++ define = 1 + + # Declare the memory usage counter + no_mem = is_skipped_memcheck(name) + if no_mem == 0: +- test.write(" int mem_base;\n"); ++ test.write(" int mem_base;\n"); + + # Declare the return value + if t_ret != None: +@@ -766,29 +766,29 @@ test_%s(void) { + # Declare the arguments + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # add declaration +- test.write(" %s %s; /* %s */\n" % (crtype, nam, info)) +- test.write(" int n_%s;\n" % (nam)) ++ # add declaration ++ test.write(" %s %s; /* %s */\n" % (crtype, nam, info)) ++ test.write(" int n_%s;\n" % (nam)) + test.write("\n") + + # Cascade loop on of each argument list of values + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # +- test.write(" for (n_%s = 0;n_%s < gen_nb_%s;n_%s++) {\n" % ( +- nam, nam, type, nam)) ++ # ++ test.write(" for (n_%s = 0;n_%s < gen_nb_%s;n_%s++) {\n" % ( ++ nam, nam, type, nam)) + + # log the memory usage + if no_mem == 0: +- test.write(" mem_base = xmlMemBlocks();\n"); ++ test.write(" mem_base = xmlMemBlocks();\n"); + + # prepare the call + i = 0; + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # +- test.write(" %s = gen_%s(n_%s, %d);\n" % (nam, type, nam, i)) +- i = i + 1; ++ # ++ test.write(" %s = gen_%s(n_%s, %d);\n" % (nam, type, nam, i)) ++ i = i + 1; + + # add checks to avoid out-of-bounds array access + i = 0; +@@ -797,7 +797,7 @@ test_%s(void) { + # assume that "size", "len", and "start" parameters apply to either + # the nearest preceding or following char pointer + if type == "int" and (nam == "size" or nam == "len" or nam == "start"): +- for j in range(i - 1, -1, -1) + range(i + 1, len(t_args)): ++ for j in (*range(i - 1, -1, -1), *range(i + 1, len(t_args))): + (bnam, btype) = t_args[j][:2] + if btype == "const_char_ptr" or btype == "const_xmlChar_ptr": + test.write( +@@ -806,42 +806,42 @@ test_%s(void) { + " continue;\n" + % (bnam, nam, bnam)) + break +- i = i + 1; ++ i = i + 1; + + # do the call, and clanup the result +- if extra_pre_call.has_key(name): +- test.write(" %s\n"% (extra_pre_call[name])) ++ if name in extra_pre_call: ++ test.write(" %s\n"% (extra_pre_call[name])) + if t_ret != None: +- test.write("\n ret_val = %s(" % (name)) +- need = 0 +- for arg in t_args: +- (nam, type, rtype, crtype, info) = arg +- if need: +- test.write(", ") +- else: +- need = 1 +- if rtype != crtype: +- test.write("(%s)" % rtype) +- test.write("%s" % nam); +- test.write(");\n") +- if extra_post_call.has_key(name): +- test.write(" %s\n"% (extra_post_call[name])) +- test.write(" desret_%s(ret_val);\n" % t_ret[0]) ++ test.write("\n ret_val = %s(" % (name)) ++ need = 0 ++ for arg in t_args: ++ (nam, type, rtype, crtype, info) = arg ++ if need: ++ test.write(", ") ++ else: ++ need = 1 ++ if rtype != crtype: ++ test.write("(%s)" % rtype) ++ test.write("%s" % nam); ++ test.write(");\n") ++ if name in extra_post_call: ++ test.write(" %s\n"% (extra_post_call[name])) ++ test.write(" desret_%s(ret_val);\n" % t_ret[0]) + else: +- test.write("\n %s(" % (name)); +- need = 0; +- for arg in t_args: +- (nam, type, rtype, crtype, info) = arg; +- if need: +- test.write(", ") +- else: +- need = 1 +- if rtype != crtype: +- test.write("(%s)" % rtype) +- test.write("%s" % nam) +- test.write(");\n") +- if extra_post_call.has_key(name): +- test.write(" %s\n"% (extra_post_call[name])) ++ test.write("\n %s(" % (name)); ++ need = 0; ++ for arg in t_args: ++ (nam, type, rtype, crtype, info) = arg; ++ if need: ++ test.write(", ") ++ else: ++ need = 1 ++ if rtype != crtype: ++ test.write("(%s)" % rtype) ++ test.write("%s" % nam) ++ test.write(");\n") ++ if name in extra_post_call: ++ test.write(" %s\n"% (extra_post_call[name])) + + test.write(" call_tests++;\n"); + +@@ -849,32 +849,32 @@ test_%s(void) { + i = 0; + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # This is a hack to prevent generating a destructor for the +- # 'input' argument in xmlTextReaderSetup. There should be +- # a better, more generic way to do this! +- if string.find(info, 'destroy') == -1: +- test.write(" des_%s(n_%s, " % (type, nam)) +- if rtype != crtype: +- test.write("(%s)" % rtype) +- test.write("%s, %d);\n" % (nam, i)) +- i = i + 1; ++ # This is a hack to prevent generating a destructor for the ++ # 'input' argument in xmlTextReaderSetup. There should be ++ # a better, more generic way to do this! ++ if info.find('destroy') == -1: ++ test.write(" des_%s(n_%s, " % (type, nam)) ++ if rtype != crtype: ++ test.write("(%s)" % rtype) ++ test.write("%s, %d);\n" % (nam, i)) ++ i = i + 1; + + test.write(" xmlResetLastError();\n"); + # Check the memory usage + if no_mem == 0: +- test.write(""" if (mem_base != xmlMemBlocks()) { ++ test.write(""" if (mem_base != xmlMemBlocks()) { + printf("Leak of %%d blocks found in %s", +- xmlMemBlocks() - mem_base); +- test_ret++; ++\t xmlMemBlocks() - mem_base); ++\t test_ret++; + """ % (name)); +- for arg in t_args: +- (nam, type, rtype, crtype, info) = arg; +- test.write(""" printf(" %%d", n_%s);\n""" % (nam)) +- test.write(""" printf("\\n");\n""") +- test.write(" }\n") ++ for arg in t_args: ++ (nam, type, rtype, crtype, info) = arg; ++ test.write(""" printf(" %%d", n_%s);\n""" % (nam)) ++ test.write(""" printf("\\n");\n""") ++ test.write(" }\n") + + for arg in t_args: +- test.write(" }\n") ++ test.write(" }\n") + + test.write(" function_tests++;\n") + # +@@ -882,7 +882,7 @@ test_%s(void) { + # + while nb_cond > 0: + test.write("#endif\n") +- nb_cond = nb_cond -1 ++ nb_cond = nb_cond -1 + if define == 1: + test.write("#endif\n") + +@@ -900,10 +900,10 @@ test_%s(void) { + for module in modules: + # gather all the functions exported by that module + try: +- functions = ctxt.xpathEval("/api/symbols/function[@file='%s']" % (module)) ++ functions = ctxt.xpathEval("/api/symbols/function[@file='%s']" % (module)) + except: +- print "Failed to gather functions from module %s" % (module) +- continue; ++ print("Failed to gather functions from module %s" % (module)) ++ continue; + + # iterate over all functions in the module generating the test + i = 0 +@@ -923,14 +923,14 @@ test_%s(void) { + # iterate over all functions in the module generating the call + for function in functions: + name = function.xpathEval('string(@name)') +- if is_skipped_function(name): +- continue +- test.write(" test_ret += test_%s();\n" % (name)) ++ if is_skipped_function(name): ++ continue ++ test.write(" test_ret += test_%s();\n" % (name)) + + # footer + test.write(""" + if (test_ret != 0) +- printf("Module %s: %%d errors\\n", test_ret); ++\tprintf("Module %s: %%d errors\\n", test_ret); + return(test_ret); + } + """ % (module)) +@@ -948,7 +948,7 @@ test.write(""" return(0); + } + """); + +-print "Generated test for %d modules and %d functions" %(len(modules), nb_tests) ++print("Generated test for %d modules and %d functions" %(len(modules), nb_tests)) + + compare_and_save() + +@@ -960,11 +960,8 @@ for missing in missing_types.keys(): + n = len(missing_types[missing]) + missing_list.append((n, missing)) + +-def compare_missing(a, b): +- return b[0] - a[0] +- +-missing_list.sort(compare_missing) +-print "Missing support for %d functions and %d types see missing.lst" % (missing_functions_nr, len(missing_list)) ++missing_list.sort(key=lambda a: a[0]) ++print("Missing support for %d functions and %d types see missing.lst" % (missing_functions_nr, len(missing_list))) + lst = open("missing.lst", "w") + lst.write("Missing support for %d types" % (len(missing_list))) + lst.write("\n") +@@ -974,9 +971,9 @@ for miss in missing_list: + for n in missing_types[miss[1]]: + i = i + 1 + if i > 5: +- lst.write(" ...") +- break +- lst.write(" %s" % (n)) ++ lst.write(" ...") ++ break ++ lst.write(" %s" % (n)) + lst.write("\n") + lst.write("\n") + lst.write("\n") diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.14.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.14.bb index 3081ebf92f..519985bbae 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.9.14.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.9.14.bb @@ -22,6 +22,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;subdir=${BP};name=te file://fix-execution-of-ptests.patch \ file://remove-fuzz-from-ptests.patch \ file://libxml-m4-use-pkgconfig.patch \ + file://0001-Port-gentest.py-to-Python-3.patch \ " SRC_URI[archive.sha256sum] = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee" @@ -29,6 +30,10 @@ SRC_URI[testtar.sha256sum] = "96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c BINCONFIG = "${bindir}/xml2-config" +# Fixed since 2.9.11 via +# https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f +CVE_CHECK_IGNORE += "CVE-2016-3709" + PACKAGECONFIG ??= "python \ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " @@ -78,6 +83,16 @@ do_configure:prepend () { } do_compile_ptest() { + # Make sure that testapi.c is newer than gentests.py, because + # with reproducible builds, they will both get e.g. Jan 1 1970 + # modification time from SOURCE_DATE_EPOCH and then check-am + # might try to rebuild_testapi, which will fail even with + # 0001-Port-gentest.py-to-Python-3.patch, because it needs + # libxml2 module (libxml2-native dependency and correctly + # set PYTHON_SITE_PACKAGES), it's easier to + # just rely on pre-generated testapi.c from the release + touch ${S}/testapi.c + oe_runmake check-am } diff --git a/poky/meta/recipes-core/meta/cve-update-db-native.bb b/poky/meta/recipes-core/meta/cve-update-db-native.bb index 18af89b53e..944243fce9 100644 --- a/poky/meta/recipes-core/meta/cve-update-db-native.bb +++ b/poky/meta/recipes-core/meta/cve-update-db-native.bb @@ -66,9 +66,7 @@ python do_fetch() { # Connect to database conn = sqlite3.connect(db_file) - c = conn.cursor() - - initialize_db(c) + initialize_db(conn) with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f: total_years = date.today().year + 1 - YEAR_START @@ -98,19 +96,21 @@ python do_fetch() { return # Compare with current db last modified date - c.execute("select DATE from META where YEAR = ?", (year,)) - meta = c.fetchone() + cursor = conn.execute("select DATE from META where YEAR = ?", (year,)) + meta = cursor.fetchone() + cursor.close() + if not meta or meta[0] != last_modified: bb.debug(2, "Updating entries") # Clear products table entries corresponding to current year - c.execute("delete from PRODUCTS where ID like ?", ('CVE-%d%%' % year,)) + conn.execute("delete from PRODUCTS where ID like ?", ('CVE-%d%%' % year,)).close() # Update db with current year json file try: response = urllib.request.urlopen(json_url) if response: - update_db(c, gzip.decompress(response.read()).decode('utf-8')) - c.execute("insert or replace into META values (?, ?)", [year, last_modified]) + update_db(conn, gzip.decompress(response.read()).decode('utf-8')) + conn.execute("insert or replace into META values (?, ?)", [year, last_modified]).close() except urllib.error.URLError as e: cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n') bb.warn("Cannot parse CVE data (%s), update failed" % e.reason) @@ -129,21 +129,26 @@ do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" do_fetch[file-checksums] = "" do_fetch[vardeps] = "" -def initialize_db(c): - c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") +def initialize_db(conn): + with conn: + c = conn.cursor() + + c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") + + c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ + SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") - c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ - SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") + c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ + VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ + VERSION_END TEXT, OPERATOR_END TEXT)") + c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);") - c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ - VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ - VERSION_END TEXT, OPERATOR_END TEXT)") - c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);") + c.close() -def parse_node_and_insert(c, node, cveId): +def parse_node_and_insert(conn, node, cveId): # Parse children node if needed for child in node.get('children', ()): - parse_node_and_insert(c, child, cveId) + parse_node_and_insert(conn, child, cveId) def cpe_generator(): for cpe in node.get('cpe_match', ()): @@ -200,9 +205,9 @@ def parse_node_and_insert(c, node, cveId): # Save processing by representing as -. yield [cveId, vendor, product, '-', '', '', ''] - c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()) + conn.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()).close() -def update_db(c, jsondata): +def update_db(conn, jsondata): import json root = json.loads(jsondata) @@ -226,12 +231,12 @@ def update_db(c, jsondata): accessVector = accessVector or "UNKNOWN" cvssv3 = 0.0 - c.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", - [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]) + conn.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", + [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() configurations = elt['configurations']['nodes'] for config in configurations: - parse_node_and_insert(c, config, cveId) + parse_node_and_insert(conn, config, cveId) do_fetch[nostamp] = "1" diff --git a/poky/meta/recipes-core/meta/wic-tools.bb b/poky/meta/recipes-core/meta/wic-tools.bb index ba0916cb56..daaf3ea576 100644 --- a/poky/meta/recipes-core/meta/wic-tools.bb +++ b/poky/meta/recipes-core/meta/wic-tools.bb @@ -6,7 +6,8 @@ DEPENDS = "\ parted-native gptfdisk-native dosfstools-native \ mtools-native bmap-tools-native grub-native cdrtools-native \ btrfs-tools-native squashfs-tools-native pseudo-native \ - e2fsprogs-native util-linux-native tar-native\ + e2fsprogs-native util-linux-native tar-native \ + virtual/${TARGET_PREFIX}binutils \ " DEPENDS:append:x86 = " syslinux-native syslinux grub-efi systemd-boot" DEPENDS:append:x86-64 = " syslinux-native syslinux grub-efi systemd-boot" diff --git a/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb b/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb index 9523aadd15..e62567894b 100644 --- a/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb +++ b/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb @@ -98,11 +98,14 @@ RDEPENDS:packagegroup-self-hosted-sdk:append:libc-glibc = "\ glibc-utils \ rpcsvc-proto \ " + +STRACE = "strace" +STRACE:riscv32 = "" RDEPENDS:packagegroup-self-hosted-debug = " \ gdb \ gdbserver \ rsync \ - strace \ + ${STRACE} \ tcf-agent" diff --git a/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf b/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf index 87cbe1e7d3..c4277221a2 100644 --- a/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf +++ b/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf @@ -3,5 +3,6 @@ # inside /var/log. +d /run/lock 1777 - - - d /var/volatile/log - - - - d /var/volatile/tmp 1777 - - diff --git a/poky/meta/recipes-core/systemd/systemd_250.5.bb b/poky/meta/recipes-core/systemd/systemd_250.5.bb index 9923312830..5d568f639e 100644 --- a/poky/meta/recipes-core/systemd/systemd_250.5.bb +++ b/poky/meta/recipes-core/systemd/systemd_250.5.bb @@ -165,6 +165,7 @@ PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native do PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" +PACKAGECONFIG[no-dns-fallback] = "-Ddns-servers=" PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" diff --git a/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty b/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty index 699a1ead1a..3c31a95f7f 100644 --- a/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty +++ b/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty @@ -14,4 +14,7 @@ esac if [ -e /sys/class/tty/$2 -a -c /dev/$2 ]; then ${setsid:-} ${getty} -L $1 $2 $3 +else + # Prevent respawning to fast error if /dev entry does not exist + sleep 1000 fi diff --git a/poky/meta/recipes-core/util-linux/util-linux_2.37.4.bb b/poky/meta/recipes-core/util-linux/util-linux_2.37.4.bb index b39020884f..f6d3ea2bc1 100644 --- a/poky/meta/recipes-core/util-linux/util-linux_2.37.4.bb +++ b/poky/meta/recipes-core/util-linux/util-linux_2.37.4.bb @@ -69,7 +69,7 @@ EXTRA_OECONF = "\ --enable-libuuid --enable-libblkid \ \ --enable-fsck --enable-kill --enable-last --enable-mesg \ - --enable-mount --enable-partx --enable-raw --enable-rfkill \ + --enable-mount --enable-partx --enable-rfkill \ --enable-unshare --enable-write \ \ --disable-bfs --disable-login \ diff --git a/poky/meta/recipes-core/zlib/zlib/CVE-2022-37434.patch b/poky/meta/recipes-core/zlib/zlib/CVE-2022-37434.patch new file mode 100644 index 0000000000..d29e6e0f1f --- /dev/null +++ b/poky/meta/recipes-core/zlib/zlib/CVE-2022-37434.patch @@ -0,0 +1,44 @@ +From 8617d83d6939754ae3a04fc2d22daa18eeea2a43 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Wed, 17 Aug 2022 10:15:57 +0530 +Subject: [PATCH] CVE-2022-37434 + +Upstream-Status: Backport [https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 & https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d] +CVE: CVE-2022-37434 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> + +Fix a bug when getting a gzip header extra field with inflate(). + +If the extra field was larger than the space the user provided with +inflateGetHeader(), and if multiple calls of inflate() delivered +the extra header data, then there could be a buffer overflow of the +provided space. This commit assures that provided space is not +exceeded. + + Fix extra field processing bug that dereferences NULL state->head. + +The recent commit to fix a gzip header extra field processing bug +introduced the new bug fixed here. +--- + inflate.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index ac333e8..cd01857 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -759,8 +759,9 @@ int flush; + if (copy > have) copy = have; + if (copy) { + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); +-- +2.25.1 + diff --git a/poky/meta/recipes-core/zlib/zlib_1.2.11.bb b/poky/meta/recipes-core/zlib/zlib_1.2.11.bb index f8bcc0abcf..f768b41988 100644 --- a/poky/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/poky/meta/recipes-core/zlib/zlib_1.2.11.bb @@ -11,6 +11,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \ file://0001-configure-Pass-LDFLAGS-to-link-tests.patch \ file://CVE-2018-25032.patch \ file://run-ptest \ + file://CVE-2022-37434.patch \ " UPSTREAM_CHECK_URI = "http://zlib.net/" diff --git a/poky/meta/recipes-devtools/apt/apt_2.4.5.bb b/poky/meta/recipes-devtools/apt/apt_2.4.5.bb index 95c25e3036..b5ada2ef55 100644 --- a/poky/meta/recipes-devtools/apt/apt_2.4.5.bb +++ b/poky/meta/recipes-devtools/apt/apt_2.4.5.bb @@ -132,5 +132,5 @@ do_install:append:class-target() { do_install:append() { # Avoid non-reproducible -src package - sed -i -e "s,${B},,g" ${B}/apt-pkg/tagfile-keys.cc + sed -i -e "s,${B}/include/,,g" ${B}/apt-pkg/tagfile-keys.cc } diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/0001-Port-to-compilers-that-moan-about-K-R-func-decls.patch b/poky/meta/recipes-devtools/autoconf/autoconf/0001-Port-to-compilers-that-moan-about-K-R-func-decls.patch new file mode 100644 index 0000000000..4f15bf96c3 --- /dev/null +++ b/poky/meta/recipes-devtools/autoconf/autoconf/0001-Port-to-compilers-that-moan-about-K-R-func-decls.patch @@ -0,0 +1,138 @@ +From 7a3bbca81b803ba116b83c82de378e840cc35f81 Mon Sep 17 00:00:00 2001 +From: Paul Eggert <eggert@cs.ucla.edu> +Date: Thu, 1 Sep 2022 16:19:50 -0500 +Subject: [PATCH] Port to compilers that moan about K&R func decls +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* lib/autoconf/c.m4 (AC_LANG_CALL, AC_LANG_FUNC_LINK_TRY): +Use '(void)' rather than '()' in function prototypes, as the latter +provokes fatal errors in some compilers nowadays. +* lib/autoconf/functions.m4 (AC_FUNC_STRTOD): +* tests/fortran.at (AC_F77_DUMMY_MAIN usage): +* tests/semantics.at (AC_CHECK_DECLS): +Don’t use () in a function decl. + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/autoconf.git/commit/?id=8b5e2016c7ed2d67f31b03a3d2e361858ff5299b] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + doc/autoconf.texi | 7 +++---- + lib/autoconf/c.m4 | 6 +++--- + lib/autoconf/functions.m4 | 3 --- + tests/fortran.at | 8 ++++---- + tests/semantics.at | 2 +- + 5 files changed, 11 insertions(+), 15 deletions(-) + +--- a/doc/autoconf.texi ++++ b/doc/autoconf.texi +@@ -5465,9 +5465,7 @@ the @samp{#undef malloc}): + #include <config.h> + #undef malloc + +-#include <sys/types.h> +- +-void *malloc (); ++#include <stdlib.h> + + /* Allocate an N-byte block of memory from the heap. + If N is zero, allocate a 1-byte block. */ +@@ -8295,7 +8293,7 @@ needed: + # ifdef __cplusplus + extern "C" + # endif +- int F77_DUMMY_MAIN () @{ return 1; @} ++ int F77_DUMMY_MAIN (void) @{ return 1; @} + #endif + @end example + +--- a/lib/autoconf/c.m4 ++++ b/lib/autoconf/c.m4 +@@ -127,7 +127,7 @@ m4_if([$2], [main], , + [/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +-char $2 ();])], [return $2 ();])]) ++char $2 (void);])], [return $2 ();])]) + + + # AC_LANG_FUNC_LINK_TRY(C)(FUNCTION) +@@ -151,7 +151,7 @@ m4_define([AC_LANG_FUNC_LINK_TRY(C)], + #define $1 innocuous_$1 + + /* System header to define __stub macros and hopefully few prototypes, +- which can conflict with char $1 (); below. */ ++ which can conflict with char $1 (void); below. */ + + #include <limits.h> + #undef $1 +@@ -162,7 +162,7 @@ m4_define([AC_LANG_FUNC_LINK_TRY(C)], + #ifdef __cplusplus + extern "C" + #endif +-char $1 (); ++char $1 (void); + /* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +--- a/lib/autoconf/functions.m4 ++++ b/lib/autoconf/functions.m4 +@@ -1601,9 +1601,6 @@ AC_DEFUN([AC_FUNC_STRTOD], + AC_CACHE_CHECK(for working strtod, ac_cv_func_strtod, + [AC_RUN_IFELSE([AC_LANG_SOURCE([[ + ]AC_INCLUDES_DEFAULT[ +-#ifndef strtod +-double strtod (); +-#endif + int + main (void) + { +--- a/tests/fortran.at ++++ b/tests/fortran.at +@@ -233,7 +233,7 @@ void FOOBAR_F77 (double *x, double *y); + # ifdef __cplusplus + extern "C" + # endif +- int F77_DUMMY_MAIN () { return 1; } ++ int F77_DUMMY_MAIN (void) { return 1; } + #endif + + int main(int argc, char *argv[]) +@@ -315,7 +315,7 @@ void FOOBAR_FC(double *x, double *y); + # ifdef __cplusplus + extern "C" + # endif +- int FC_DUMMY_MAIN () { return 1; } ++ int FC_DUMMY_MAIN (void) { return 1; } + #endif + + int main (int argc, char *argv[]) +@@ -561,7 +561,7 @@ void @foobar@ (int *x); + # ifdef __cplusplus + extern "C" + # endif +- int F77_DUMMY_MAIN () { return 1; } ++ int F77_DUMMY_MAIN (void) { return 1; } + #endif + + int main(int argc, char *argv[]) +@@ -637,7 +637,7 @@ void @foobar@ (int *x); + # ifdef __cplusplus + extern "C" + # endif +- int FC_DUMMY_MAIN () { return 1; } ++ int FC_DUMMY_MAIN (void) { return 1; } + #endif + + int main(int argc, char *argv[]) +--- a/tests/semantics.at ++++ b/tests/semantics.at +@@ -207,7 +207,7 @@ AT_CHECK_MACRO([AC_CHECK_DECLS], + [[extern int yes; + enum { myenum }; + extern struct mystruct_s { int x[20]; } mystruct; +- extern int myfunc(); ++ extern int myfunc (int); + #define mymacro1(arg) arg + #define mymacro2]]) + # Ensure we can detect missing declarations of functions whose diff --git a/poky/meta/recipes-devtools/autoconf/autoconf_2.71.bb b/poky/meta/recipes-devtools/autoconf/autoconf_2.71.bb index 799191e2ca..97c241a3f5 100644 --- a/poky/meta/recipes-devtools/autoconf/autoconf_2.71.bb +++ b/poky/meta/recipes-devtools/autoconf/autoconf_2.71.bb @@ -18,6 +18,7 @@ SRC_URI = "${GNU_MIRROR}/autoconf/${BP}.tar.gz \ file://preferbash.patch \ file://autotest-automake-result-format.patch \ file://man-host-perl.patch \ + file://0001-Port-to-compilers-that-moan-about-K-R-func-decls.patch \ " SRC_URI:append:class-native = " file://no-man.patch" diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.38.inc b/poky/meta/recipes-devtools/binutils/binutils-2.38.inc index eed252976a..fc88d4a79e 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -33,5 +33,11 @@ SRC_URI = "\ file://0012-Check-for-clang-before-checking-gcc-version.patch \ file://0013-Avoid-as-info-race-condition.patch \ file://0014-CVE-2019-1010204.patch \ + file://0015-CVE-2022-38533.patch \ + file://0016-CVE-2022-38126.patch \ + file://0017-CVE-2022-38127-1.patch \ + file://0017-CVE-2022-38127-2.patch \ + file://0017-CVE-2022-38127-3.patch \ + file://0017-CVE-2022-38127-4.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch b/poky/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch new file mode 100644 index 0000000000..5d9ac2cb1f --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch @@ -0,0 +1,36 @@ +From ef186fe54aa6d281a3ff8a9528417e5cc614c797 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sat, 13 Aug 2022 15:32:47 +0930 +Subject: [PATCH] PR29482 - strip: heap-buffer-overflow + + PR 29482 + * coffcode.h (coff_set_section_contents): Sanity check _LIB. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + bfd/coffcode.h | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/bfd/coffcode.h b/bfd/coffcode.h +index 67aaf158ca1..52027981c3f 100644 +--- a/bfd/coffcode.h ++++ b/bfd/coffcode.h +@@ -4302,10 +4302,13 @@ coff_set_section_contents (bfd * abfd, + + rec = (bfd_byte *) location; + recend = rec + count; +- while (rec < recend) ++ while (recend - rec >= 4) + { ++ size_t len = bfd_get_32 (abfd, rec); ++ if (len == 0 || len > (size_t) (recend - rec) / 4) ++ break; ++ rec += len * 4; + ++section->lma; +- rec += bfd_get_32 (abfd, rec) * 4; + } + + BFD_ASSERT (rec == recend); diff --git a/poky/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-38126.patch b/poky/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-38126.patch new file mode 100644 index 0000000000..8200e28a81 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-38126.patch @@ -0,0 +1,34 @@ +From e3e5ae049371a27fd1737aba946fe26d06e029b5 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Mon, 27 Jun 2022 13:43:02 +0100 +Subject: [PATCH] Replace a run-time assertion failure with a warning message + when parsing corrupt DWARF data. + + PR 29289 + * dwarf.c (display_debug_names): Replace assert with a warning + message. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e3e5ae049371a27fd1737aba946fe26d06e029b5] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> +--- + binutils/dwarf.c | 7 ++++++- + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index 37b477b886d..b99c56987da 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -9802,7 +9802,12 @@ display_debug_names (struct dwarf_sectio + printf (_("Out of %lu items there are %zu bucket clashes" + " (longest of %zu entries).\n"), + (unsigned long) name_count, hash_clash_count, longest_clash); +- assert (name_count == buckets_filled + hash_clash_count); ++ ++ if (name_count != buckets_filled + hash_clash_count) ++ warn (_("The name_count (%lu) is not the same as the used bucket_count (%lu) + the hash clash count (%lu)"), ++ (unsigned long) name_count, ++ (unsigned long) buckets_filled, ++ (unsigned long) hash_clash_count); + + struct abbrev_lookup_entry + { diff --git a/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-1.patch b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-1.patch new file mode 100644 index 0000000000..9bbf1d6453 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-1.patch @@ -0,0 +1,1224 @@ +From 19c26da69d68d5d863f37c06ad73ab6292d02ffa Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 6 Apr 2022 14:43:37 +0100 +Subject: [PATCH] Add code to display the contents of .debug_loclists sections + which contain offset entry tables. + + PR 28981 + * dwarf.c (fetch_indexed_value): Rename to fecth_indexed_addr and + return the address, rather than a string. + (fetch_indexed_value): New function - returns a value indexed by a + DW_FORM_loclistx or DW_FORM_rnglistx form. + (read_and_display_attr_value): Add support for DW_FORM_loclistx + and DW_FORM_rnglistx. + (process_debug_info): Load the loclists and rnglists sections. + (display_loclists_list): Add support for DW_LLE_base_addressx, + DW_LLE_startx_endx, DW_LLE_startx_length and + DW_LLE_default_location. + (display_offset_entry_loclists): New function. Displays a + .debug_loclists section that contains offset entry tables. + (display_debug_loc): Call the new function. + (display_debug_rnglists_list): Add support for + DW_RLE_base_addressx, DW_RLE_startx_endx and DW_RLE_startx_length. + (display_debug_ranges): Display the contents of the section's + header. + * dwarf.h (struct debug_info): Add loclists_base field. + * testsuite/binutils-all/dw5.W: Update expected output. + * testsuite/binutils-all/x86-64/pr26808.dump: Likewise. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=19c26da69d68d5d863f37c06ad73ab6292d02ffa] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> +--- + binutils/ChangeLog | 24 + + binutils/dwarf.c | 513 +++++++++++++++--- + binutils/dwarf.h | 4 + + binutils/testsuite/binutils-all/dw5.W | 2 +- + .../binutils-all/x86-64/pr26808.dump | 82 +-- + gas/ChangeLog | 5 + + gas/testsuite/gas/elf/dwarf-5-irp.d | 2 +- + 7 files changed, 517 insertions(+), 115 deletions(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index 15b3c81a138..bc862f77c04 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -240,7 +240,7 @@ static const char * + dwarf_vmatoa_1 (const char *fmtch, dwarf_vma value, unsigned num_bytes) + { + /* As dwarf_vmatoa is used more then once in a printf call +- for output, we are cycling through an fixed array of pointers ++ for output, we are cycling through a fixed array of pointers + for return address. */ + static int buf_pos = 0; + static struct dwarf_vmatoa_buf +@@ -796,24 +796,70 @@ fetch_indexed_string (dwarf_vma idx, str + return ret; + } + +-static const char * +-fetch_indexed_value (dwarf_vma offset, dwarf_vma bytes) ++static dwarf_vma ++fetch_indexed_addr (dwarf_vma offset, uint32_t num_bytes) + { + struct dwarf_section *section = &debug_displays [debug_addr].section; + + if (section->start == NULL) +- return (_("<no .debug_addr section>")); ++ { ++ warn (_("<no .debug_addr section>")); ++ return 0; ++ } + +- if (offset + bytes > section->size) ++ if (offset + num_bytes > section->size) + { + warn (_("Offset into section %s too big: 0x%s\n"), + section->name, dwarf_vmatoa ("x", offset)); +- return "<offset too big>"; ++ return 0; + } + +- return dwarf_vmatoa ("x", byte_get (section->start + offset, bytes)); ++ return byte_get (section->start + offset, num_bytes); + } + ++/* Fetch a value from a debug section that has been indexed by ++ something in another section (eg DW_FORM_loclistx). ++ Returns 0 if the value could not be found. */ ++ ++static dwarf_vma ++fetch_indexed_value (dwarf_vma index, ++ enum dwarf_section_display_enum sec_enum) ++{ ++ struct dwarf_section *section = &debug_displays [sec_enum].section; ++ ++ if (section->start == NULL) ++ { ++ warn (_("Unable to locate %s section\n"), section->uncompressed_name); ++ return 0; ++ } ++ ++ uint32_t pointer_size, bias; ++ ++ if (byte_get (section->start, 4) == 0xffffffff) ++ { ++ pointer_size = 8; ++ bias = 20; ++ } ++ else ++ { ++ pointer_size = 4; ++ bias = 12; ++ } ++ ++ dwarf_vma offset = index * pointer_size; ++ ++ /* Offsets are biased by the size of the section header. */ ++ offset += bias; ++ ++ if (offset + pointer_size > section->size) ++ { ++ warn (_("Offset into section %s too big: 0x%s\n"), ++ section->name, dwarf_vmatoa ("x", offset)); ++ return 0; ++ } ++ ++ return byte_get (section->start + offset, pointer_size); ++} + + /* FIXME: There are better and more efficient ways to handle + these structures. For now though, I just want something that +@@ -1999,6 +2045,8 @@ skip_attr_bytes (unsigned long form, + case DW_FORM_strx: + case DW_FORM_GNU_addr_index: + case DW_FORM_addrx: ++ case DW_FORM_loclistx: ++ case DW_FORM_rnglistx: + READ_ULEB (uvalue, data, end); + break; + +@@ -2410,9 +2458,6 @@ read_and_display_attr_value (unsigned lo + + switch (form) + { +- default: +- break; +- + case DW_FORM_ref_addr: + if (dwarf_version == 2) + SAFE_BYTE_GET_AND_INC (uvalue, data, pointer_size, end); +@@ -2496,6 +2541,8 @@ read_and_display_attr_value (unsigned lo + case DW_FORM_udata: + case DW_FORM_GNU_addr_index: + case DW_FORM_addrx: ++ case DW_FORM_loclistx: ++ case DW_FORM_rnglistx: + READ_ULEB (uvalue, data, end); + break; + +@@ -2515,6 +2562,9 @@ read_and_display_attr_value (unsigned lo + case DW_FORM_implicit_const: + uvalue = implicit_const; + break; ++ ++ default: ++ break; + } + + switch (form) +@@ -2710,6 +2760,8 @@ read_and_display_attr_value (unsigned lo + case DW_FORM_addrx2: + case DW_FORM_addrx3: + case DW_FORM_addrx4: ++ case DW_FORM_loclistx: ++ case DW_FORM_rnglistx: + if (!do_loc) + { + dwarf_vma base; +@@ -2728,11 +2780,11 @@ read_and_display_attr_value (unsigned lo + /* We have already displayed the form name. */ + printf (_("%c(index: 0x%s): %s"), delimiter, + dwarf_vmatoa ("x", uvalue), +- fetch_indexed_value (offset, pointer_size)); ++ dwarf_vmatoa ("x", fetch_indexed_addr (offset, pointer_size))); + else + printf (_("%c(addr_index: 0x%s): %s"), delimiter, + dwarf_vmatoa ("x", uvalue), +- fetch_indexed_value (offset, pointer_size)); ++ dwarf_vmatoa ("x", fetch_indexed_addr (offset, pointer_size))); + } + break; + +@@ -2754,6 +2806,13 @@ read_and_display_attr_value (unsigned lo + { + switch (attribute) + { ++ case DW_AT_loclists_base: ++ if (debug_info_p->loclists_base) ++ warn (_("CU @ 0x%s has multiple loclists_base values"), ++ dwarf_vmatoa ("x", debug_info_p->cu_offset)); ++ debug_info_p->loclists_base = uvalue; ++ break; ++ + case DW_AT_frame_base: + have_frame_base = 1; + /* Fall through. */ +@@ -2776,7 +2835,8 @@ read_and_display_attr_value (unsigned lo + case DW_AT_GNU_call_site_target_clobbered: + if ((dwarf_version < 4 + && (form == DW_FORM_data4 || form == DW_FORM_data8)) +- || form == DW_FORM_sec_offset) ++ || form == DW_FORM_sec_offset ++ || form == DW_FORM_loclistx) + { + /* Process location list. */ + unsigned int lmax = debug_info_p->max_loc_offsets; +@@ -2796,11 +2856,17 @@ read_and_display_attr_value (unsigned lo + lmax, sizeof (*debug_info_p->have_frame_base)); + debug_info_p->max_loc_offsets = lmax; + } +- if (this_set != NULL) ++ ++ if (form == DW_FORM_loclistx) ++ uvalue = fetch_indexed_value (uvalue, loclists); ++ else if (this_set != NULL) + uvalue += this_set->section_offsets [DW_SECT_LOC]; ++ + debug_info_p->have_frame_base [num] = have_frame_base; + if (attribute != DW_AT_GNU_locviews) + { ++ uvalue += debug_info_p->loclists_base; ++ + /* Corrupt DWARF info can produce more offsets than views. + See PR 23062 for an example. */ + if (debug_info_p->num_loc_offsets +@@ -2844,7 +2910,8 @@ read_and_display_attr_value (unsigned lo + case DW_AT_ranges: + if ((dwarf_version < 4 + && (form == DW_FORM_data4 || form == DW_FORM_data8)) +- || form == DW_FORM_sec_offset) ++ || form == DW_FORM_sec_offset ++ || form == DW_FORM_rnglistx) + { + /* Process range list. */ + unsigned int lmax = debug_info_p->max_range_lists; +@@ -2858,6 +2925,10 @@ read_and_display_attr_value (unsigned lo + lmax, sizeof (*debug_info_p->range_lists)); + debug_info_p->max_range_lists = lmax; + } ++ ++ if (form == DW_FORM_rnglistx) ++ uvalue = fetch_indexed_value (uvalue, rnglists); ++ + debug_info_p->range_lists [num] = uvalue; + debug_info_p->num_range_lists++; + } +@@ -3231,6 +3302,7 @@ read_and_display_attr_value (unsigned lo + have_frame_base = 1; + /* Fall through. */ + case DW_AT_location: ++ case DW_AT_loclists_base: + case DW_AT_string_length: + case DW_AT_return_addr: + case DW_AT_data_member_location: +@@ -3248,7 +3320,8 @@ read_and_display_attr_value (unsigned lo + case DW_AT_GNU_call_site_target_clobbered: + if ((dwarf_version < 4 + && (form == DW_FORM_data4 || form == DW_FORM_data8)) +- || form == DW_FORM_sec_offset) ++ || form == DW_FORM_sec_offset ++ || form == DW_FORM_loclistx) + printf (_(" (location list)")); + /* Fall through. */ + case DW_AT_allocated: +@@ -3517,6 +3590,9 @@ process_debug_info (struct dwarf_section + } + + load_debug_section_with_follow (abbrev_sec, file); ++ load_debug_section_with_follow (loclists, file); ++ load_debug_section_with_follow (rnglists, file); ++ + if (debug_displays [abbrev_sec].section.start == NULL) + { + warn (_("Unable to locate %s section!\n"), +@@ -3729,6 +3805,7 @@ process_debug_info (struct dwarf_section + debug_information [unit].have_frame_base = NULL; + debug_information [unit].max_loc_offsets = 0; + debug_information [unit].num_loc_offsets = 0; ++ debug_information [unit].loclists_base = 0; + debug_information [unit].range_lists = NULL; + debug_information [unit].max_range_lists= 0; + debug_information [unit].num_range_lists = 0; +@@ -6465,20 +6542,21 @@ display_loc_list (struct dwarf_section * + /* Display a location list from a normal (ie, non-dwo) .debug_loclists section. */ + + static void +-display_loclists_list (struct dwarf_section *section, +- unsigned char **start_ptr, +- unsigned int debug_info_entry, +- dwarf_vma offset, +- dwarf_vma base_address, +- unsigned char **vstart_ptr, +- int has_frame_base) +-{ +- unsigned char *start = *start_ptr, *vstart = *vstart_ptr; +- unsigned char *section_end = section->start + section->size; +- dwarf_vma cu_offset; +- unsigned int pointer_size; +- unsigned int offset_size; +- int dwarf_version; ++display_loclists_list (struct dwarf_section * section, ++ unsigned char ** start_ptr, ++ unsigned int debug_info_entry, ++ dwarf_vma offset, ++ dwarf_vma base_address, ++ unsigned char ** vstart_ptr, ++ int has_frame_base) ++{ ++ unsigned char * start = *start_ptr; ++ unsigned char * vstart = *vstart_ptr; ++ unsigned char * section_end = section->start + section->size; ++ dwarf_vma cu_offset; ++ unsigned int pointer_size; ++ unsigned int offset_size; ++ unsigned int dwarf_version; + + /* Initialize it due to a false compiler warning. */ + dwarf_vma begin = -1, vbegin = -1; +@@ -6544,27 +6622,59 @@ display_loclists_list (struct dwarf_sect + case DW_LLE_end_of_list: + printf (_("<End of list>\n")); + break; ++ ++ case DW_LLE_base_addressx: ++ READ_ULEB (base_address, start, section_end); ++ print_dwarf_vma (base_address, pointer_size); ++ printf (_("(index into .debug_addr) ")); ++ base_address = fetch_indexed_addr (base_address, pointer_size); ++ print_dwarf_vma (base_address, pointer_size); ++ printf (_("(base address)\n")); ++ break; ++ ++ case DW_LLE_startx_endx: ++ READ_ULEB (begin, start, section_end); ++ begin = fetch_indexed_addr (begin, pointer_size); ++ READ_ULEB (end, start, section_end); ++ end = fetch_indexed_addr (end, pointer_size); ++ break; ++ ++ case DW_LLE_startx_length: ++ READ_ULEB (begin, start, section_end); ++ begin = fetch_indexed_addr (begin, pointer_size); ++ READ_ULEB (end, start, section_end); ++ end += begin; ++ break; ++ ++ case DW_LLE_default_location: ++ begin = end = 0; ++ break; ++ + case DW_LLE_offset_pair: + READ_ULEB (begin, start, section_end); + begin += base_address; + READ_ULEB (end, start, section_end); + end += base_address; + break; ++ ++ case DW_LLE_base_address: ++ SAFE_BYTE_GET_AND_INC (base_address, start, pointer_size, ++ section_end); ++ print_dwarf_vma (base_address, pointer_size); ++ printf (_("(base address)\n")); ++ break; ++ + case DW_LLE_start_end: + SAFE_BYTE_GET_AND_INC (begin, start, pointer_size, section_end); + SAFE_BYTE_GET_AND_INC (end, start, pointer_size, section_end); + break; ++ + case DW_LLE_start_length: + SAFE_BYTE_GET_AND_INC (begin, start, pointer_size, section_end); + READ_ULEB (end, start, section_end); + end += begin; + break; +- case DW_LLE_base_address: +- SAFE_BYTE_GET_AND_INC (base_address, start, pointer_size, +- section_end); +- print_dwarf_vma (base_address, pointer_size); +- printf (_("(base address)\n")); +- break; ++ + #ifdef DW_LLE_view_pair + case DW_LLE_view_pair: + if (vstart) +@@ -6578,15 +6688,17 @@ display_loclists_list (struct dwarf_sect + printf (_("views for:\n")); + continue; + #endif ++ + default: + error (_("Invalid location list entry type %d\n"), llet); + return; + } ++ + if (llet == DW_LLE_end_of_list) + break; +- if (llet != DW_LLE_offset_pair +- && llet != DW_LLE_start_end +- && llet != DW_LLE_start_length) ++ ++ if (llet == DW_LLE_base_address ++ || llet == DW_LLE_base_addressx) + continue; + + if (start == section_end) +@@ -6828,6 +6940,218 @@ loc_offsets_compar (const void *ap, cons + } + + static int ++display_offset_entry_loclists (struct dwarf_section *section) ++{ ++ unsigned char * start = section->start; ++ unsigned char * const end = start + section->size; ++ ++ introduce (section, false); ++ ++ do ++ { ++ dwarf_vma length; ++ unsigned short version; ++ unsigned char address_size; ++ unsigned char segment_selector_size; ++ uint32_t offset_entry_count; ++ uint32_t i; ++ bool is_64bit; ++ ++ printf (_("Table at Offset 0x%lx\n"), (long)(start - section->start)); ++ ++ SAFE_BYTE_GET_AND_INC (length, start, 4, end); ++ if (length == 0xffffffff) ++ { ++ is_64bit = true; ++ SAFE_BYTE_GET_AND_INC (length, start, 8, end); ++ } ++ else ++ is_64bit = false; ++ ++ SAFE_BYTE_GET_AND_INC (version, start, 2, end); ++ SAFE_BYTE_GET_AND_INC (address_size, start, 1, end); ++ SAFE_BYTE_GET_AND_INC (segment_selector_size, start, 1, end); ++ SAFE_BYTE_GET_AND_INC (offset_entry_count, start, 4, end); ++ ++ printf (_(" Length: 0x%s\n"), dwarf_vmatoa ("x", length)); ++ printf (_(" DWARF version: %u\n"), version); ++ printf (_(" Address size: %u\n"), address_size); ++ printf (_(" Segment size: %u\n"), segment_selector_size); ++ printf (_(" Offset entries: %u\n"), offset_entry_count); ++ ++ if (version < 5) ++ { ++ warn (_("The %s section contains a corrupt or " ++ "unsupported version number: %d.\n"), ++ section->name, version); ++ return 0; ++ } ++ ++ if (segment_selector_size != 0) ++ { ++ warn (_("The %s section contains an " ++ "unsupported segment selector size: %d.\n"), ++ section->name, segment_selector_size); ++ return 0; ++ } ++ ++ if (offset_entry_count == 0) ++ { ++ warn (_("The %s section contains a table without offset\n"), ++ section->name); ++ return 0; ++ } ++ ++ printf (_("\n Offset Entries starting at 0x%lx:\n"), ++ (long)(start - section->start)); ++ ++ if (is_64bit) ++ { ++ for (i = 0; i < offset_entry_count; i++) ++ { ++ dwarf_vma entry; ++ ++ SAFE_BYTE_GET_AND_INC (entry, start, 8, end); ++ printf (_(" [%6u] 0x%s\n"), i, dwarf_vmatoa ("x", entry)); ++ } ++ } ++ else ++ { ++ for (i = 0; i < offset_entry_count; i++) ++ { ++ uint32_t entry; ++ ++ SAFE_BYTE_GET_AND_INC (entry, start, 4, end); ++ printf (_(" [%6u] 0x%x\n"), i, entry); ++ } ++ } ++ ++ putchar ('\n'); ++ ++ uint32_t j; ++ ++ for (j = 1, i = 0; i < offset_entry_count;) ++ { ++ unsigned char lle; ++ dwarf_vma base_address = 0; ++ dwarf_vma begin; ++ dwarf_vma finish; ++ dwarf_vma off = start - section->start; ++ ++ if (j != i) ++ { ++ printf (_(" Offset Entry %u\n"), i); ++ j = i; ++ } ++ ++ printf (" "); ++ print_dwarf_vma (off, 4); ++ ++ SAFE_BYTE_GET_AND_INC (lle, start, 1, end); ++ ++ switch (lle) ++ { ++ case DW_LLE_end_of_list: ++ printf (_("<End of list>\n\n")); ++ i ++; ++ continue; ++ ++ case DW_LLE_base_addressx: ++ READ_ULEB (base_address, start, end); ++ print_dwarf_vma (base_address, address_size); ++ printf (_("(index into .debug_addr) ")); ++ base_address = fetch_indexed_addr (base_address, address_size); ++ print_dwarf_vma (base_address, address_size); ++ printf (_("(base address)\n")); ++ continue; ++ ++ case DW_LLE_startx_endx: ++ READ_ULEB (begin, start, end); ++ begin = fetch_indexed_addr (begin, address_size); ++ READ_ULEB (finish, start, end); ++ finish = fetch_indexed_addr (finish, address_size); ++ break; ++ ++ case DW_LLE_startx_length: ++ READ_ULEB (begin, start, end); ++ begin = fetch_indexed_addr (begin, address_size); ++ READ_ULEB (finish, start, end); ++ finish += begin; ++ break; ++ ++ case DW_LLE_offset_pair: ++ READ_ULEB (begin, start, end); ++ begin += base_address; ++ READ_ULEB (finish, start, end); ++ finish += base_address; ++ break; ++ ++ case DW_LLE_default_location: ++ begin = finish = 0; ++ break; ++ ++ case DW_LLE_base_address: ++ SAFE_BYTE_GET_AND_INC (base_address, start, address_size, end); ++ print_dwarf_vma (base_address, address_size); ++ printf (_("(base address)\n")); ++ continue; ++ ++ case DW_LLE_start_end: ++ SAFE_BYTE_GET_AND_INC (begin, start, address_size, end); ++ SAFE_BYTE_GET_AND_INC (finish, start, address_size, end); ++ break; ++ ++ case DW_LLE_start_length: ++ SAFE_BYTE_GET_AND_INC (begin, start, address_size, end); ++ READ_ULEB (finish, start, end); ++ finish += begin; ++ break; ++ ++ default: ++ error (_("Invalid location list entry type %d\n"), lle); ++ return 0; ++ } ++ ++ if (start == end) ++ { ++ warn (_("Location list starting at offset 0x%lx is not terminated.\n"), ++ (unsigned long) off); ++ break; ++ } ++ ++ print_dwarf_vma (begin, address_size); ++ print_dwarf_vma (finish, address_size); ++ ++ if (begin == finish) ++ fputs (_(" (start == end)"), stdout); ++ else if (begin > finish) ++ fputs (_(" (start > end)"), stdout); ++ ++ /* Read the counted location descriptions. */ ++ READ_ULEB (length, start, end); ++ ++ if (length > (size_t) (end - start)) ++ { ++ warn (_("Location list starting at offset 0x%lx is not terminated.\n"), ++ (unsigned long) off); ++ break; ++ } ++ ++ putchar (' '); ++ (void) decode_location_expression (start, address_size, address_size, ++ version, length, 0, section); ++ start += length; ++ putchar ('\n'); ++ } ++ ++ putchar ('\n'); ++ } ++ while (start < end); ++ ++ return 1; ++} ++ ++static int + display_debug_loc (struct dwarf_section *section, void *file) + { + unsigned char *start = section->start, *vstart = NULL; +@@ -6893,13 +7217,9 @@ display_debug_loc (struct dwarf_section + } + + SAFE_BYTE_GET_AND_INC (offset_entry_count, hdrptr, 4, end); ++ + if (offset_entry_count != 0) +- { +- warn (_("The %s section contains " +- "unsupported offset entry count: %d.\n"), +- section->name, offset_entry_count); +- return 0; +- } ++ return display_offset_entry_loclists (section); + + expected_start = hdrptr - section_begin; + } +@@ -6959,9 +7279,10 @@ display_debug_loc (struct dwarf_section + if (debug_information [first].num_loc_offsets > 0 + && debug_information [first].loc_offsets [0] != expected_start + && debug_information [first].loc_views [0] != expected_start) +- warn (_("Location lists in %s section start at 0x%s\n"), ++ warn (_("Location lists in %s section start at 0x%s rather than 0x%s\n"), + section->name, +- dwarf_vmatoa ("x", debug_information [first].loc_offsets [0])); ++ dwarf_vmatoa ("x", debug_information [first].loc_offsets [0]), ++ dwarf_vmatoa ("x", expected_start)); + + if (!locs_sorted) + array = (unsigned int *) xcmalloc (num_loc_list, sizeof (unsigned int)); +@@ -7639,24 +7960,44 @@ display_debug_rnglists_list (unsigned ch + case DW_RLE_end_of_list: + printf (_("<End of list>\n")); + break; +- case DW_RLE_base_address: +- SAFE_BYTE_GET_AND_INC (base_address, start, pointer_size, finish); ++ case DW_RLE_base_addressx: ++ READ_ULEB (base_address, start, finish); ++ print_dwarf_vma (base_address, pointer_size); ++ printf (_("(base address index) ")); ++ base_address = fetch_indexed_addr (base_address, pointer_size); + print_dwarf_vma (base_address, pointer_size); + printf (_("(base address)\n")); + break; +- case DW_RLE_start_length: +- SAFE_BYTE_GET_AND_INC (begin, start, pointer_size, finish); ++ case DW_RLE_startx_endx: ++ READ_ULEB (begin, start, finish); ++ READ_ULEB (end, start, finish); ++ begin = fetch_indexed_addr (begin, pointer_size); ++ end = fetch_indexed_addr (begin, pointer_size); ++ break; ++ case DW_RLE_startx_length: ++ READ_ULEB (begin, start, finish); + READ_ULEB (length, start, finish); ++ begin = fetch_indexed_addr (begin, pointer_size); + end = begin + length; + break; + case DW_RLE_offset_pair: + READ_ULEB (begin, start, finish); + READ_ULEB (end, start, finish); + break; ++ case DW_RLE_base_address: ++ SAFE_BYTE_GET_AND_INC (base_address, start, pointer_size, finish); ++ print_dwarf_vma (base_address, pointer_size); ++ printf (_("(base address)\n")); ++ break; + case DW_RLE_start_end: + SAFE_BYTE_GET_AND_INC (begin, start, pointer_size, finish); + SAFE_BYTE_GET_AND_INC (end, start, pointer_size, finish); + break; ++ case DW_RLE_start_length: ++ SAFE_BYTE_GET_AND_INC (begin, start, pointer_size, finish); ++ READ_ULEB (length, start, finish); ++ end = begin + length; ++ break; + default: + error (_("Invalid range list entry type %d\n"), rlet); + rlet = DW_RLE_end_of_list; +@@ -7664,7 +8005,7 @@ display_debug_rnglists_list (unsigned ch + } + if (rlet == DW_RLE_end_of_list) + break; +- if (rlet == DW_RLE_base_address) ++ if (rlet == DW_RLE_base_address || rlet == DW_RLE_base_addressx) + continue; + + /* Only a DW_RLE_offset_pair needs the base address added. */ +@@ -7709,6 +8050,8 @@ display_debug_ranges (struct dwarf_secti + return 0; + } + ++ introduce (section, false); ++ + if (is_rnglists) + { + dwarf_vma initial_length; +@@ -7745,19 +8088,19 @@ display_debug_ranges (struct dwarf_secti + } + } + +- /* Get and check the version number. */ ++ /* Get the other fields in the header. */ + SAFE_BYTE_GET_AND_INC (version, start, 2, finish); +- +- if (version != 5) +- { +- warn (_("Only DWARF version 5 debug_rnglists info " +- "is currently supported.\n")); +- return 0; +- } +- + SAFE_BYTE_GET_AND_INC (address_size, start, 1, finish); +- + SAFE_BYTE_GET_AND_INC (segment_selector_size, start, 1, finish); ++ SAFE_BYTE_GET_AND_INC (offset_entry_count, start, 4, finish); ++ ++ printf (_(" Length: 0x%s\n"), dwarf_vmatoa ("x", initial_length)); ++ printf (_(" DWARF version: %u\n"), version); ++ printf (_(" Address size: %u\n"), address_size); ++ printf (_(" Segment size: %u\n"), segment_selector_size); ++ printf (_(" Offset entries: %u\n"), offset_entry_count); ++ ++ /* Check the fields. */ + if (segment_selector_size != 0) + { + warn (_("The %s section contains " +@@ -7766,16 +8109,39 @@ display_debug_ranges (struct dwarf_secti + return 0; + } + +- SAFE_BYTE_GET_AND_INC (offset_entry_count, start, 4, finish); +- if (offset_entry_count != 0) ++ if (version < 5) + { +- warn (_("The %s section contains " +- "unsupported offset entry count: %u.\n"), +- section->name, offset_entry_count); ++ warn (_("Only DWARF version 5+ debug_rnglists info " ++ "is currently supported.\n")); + return 0; + } +- } + ++ if (offset_entry_count != 0) ++ { ++ printf (_("\n Offsets starting at 0x%lx:\n"), (long)(start - section->start)); ++ if (offset_size == 8) ++ { ++ for (i = 0; i < offset_entry_count; i++) ++ { ++ dwarf_vma entry; ++ ++ SAFE_BYTE_GET_AND_INC (entry, start, 8, finish); ++ printf (_(" [%6u] 0x%s\n"), i, dwarf_vmatoa ("x", entry)); ++ } ++ } ++ else ++ { ++ for (i = 0; i < offset_entry_count; i++) ++ { ++ uint32_t entry; ++ ++ SAFE_BYTE_GET_AND_INC (entry, start, 4, finish); ++ printf (_(" [%6u] 0x%x\n"), i, entry); ++ } ++ } ++ } ++ } ++ + if (load_debug_info (file) == 0) + { + warn (_("Unable to load/parse the .debug_info section, so cannot interpret the %s section.\n"), +@@ -7834,8 +8200,7 @@ display_debug_ranges (struct dwarf_secti + warn (_("Range lists in %s section start at 0x%lx\n"), + section->name, (unsigned long) range_entries[0].ranges_offset); + +- introduce (section, false); +- ++ putchar ('\n'); + printf (_(" Offset Begin End\n")); + + for (i = 0; i < num_range_list; i++) +@@ -7895,8 +8260,12 @@ display_debug_ranges (struct dwarf_secti + start = next; + last_start = next; + +- (is_rnglists ? display_debug_rnglists_list : display_debug_ranges_list) +- (start, finish, pointer_size, offset, base_address); ++ if (is_rnglists) ++ display_debug_rnglists_list ++ (start, finish, pointer_size, offset, base_address); ++ else ++ display_debug_ranges_list ++ (start, finish, pointer_size, offset, base_address); + } + putchar ('\n'); + +diff --git a/binutils/dwarf.h b/binutils/dwarf.h +index 4fc62abfa4c..ccce2461c81 100644 +--- a/binutils/dwarf.h ++++ b/binutils/dwarf.h +@@ -181,9 +181,13 @@ typedef struct + /* This is an array of offsets to the location view table. */ + dwarf_vma * loc_views; + int * have_frame_base; ++ ++ /* Information for associating location lists with CUs. */ + unsigned int num_loc_offsets; + unsigned int max_loc_offsets; + unsigned int num_loc_views; ++ dwarf_vma loclists_base; ++ + /* List of .debug_ranges offsets seen in this .debug_info. */ + dwarf_vma * range_lists; + unsigned int num_range_lists; +diff --git a/binutils/testsuite/binutils-all/dw5.W b/binutils/testsuite/binutils-all/dw5.W +index ebab8b7d3b0..bfcdac175ba 100644 +--- a/binutils/testsuite/binutils-all/dw5.W ++++ b/binutils/testsuite/binutils-all/dw5.W +@@ -281,7 +281,7 @@ Contents of the .debug_loclists section: + 00000039 <End of list> + + Contents of the .debug_rnglists section: +- ++#... + Offset Begin End + 0000000c 0000000000001234 0000000000001236 + 00000016 0000000000001234 0000000000001239 +diff --git a/binutils/testsuite/binutils-all/x86-64/pr26808.dump b/binutils/testsuite/binutils-all/x86-64/pr26808.dump +index f64f9d008f9..7ef73b24dc9 100644 +--- a/binutils/testsuite/binutils-all/x86-64/pr26808.dump ++++ b/binutils/testsuite/binutils-all/x86-64/pr26808.dump +@@ -30,13 +30,13 @@ Contents of the .debug_info.dwo section: + <a5> DW_AT_decl_file : 1 + <a6> DW_AT_decl_line : 30 + <a7> DW_AT_type : <0x90> +- <ab> DW_AT_low_pc : (addr_index: 0x0): <no .debug_addr section> ++ <ab> DW_AT_low_pc : (addr_index: 0x0): 0 + <ac> DW_AT_high_pc : 0x304 + <b4> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <b6> DW_AT_GNU_all_tail_call_sites: 1 + <b6> DW_AT_sibling : <0x11b> + <2><ba>: Abbrev Number: 14 (DW_TAG_lexical_block) +- <bb> DW_AT_low_pc : (addr_index: 0x1): <no .debug_addr section> ++ <bb> DW_AT_low_pc : (addr_index: 0x1): 0 + <bc> DW_AT_high_pc : 0x2fa + <3><c4>: Abbrev Number: 15 (DW_TAG_variable) + <c5> DW_AT_name : c1 +@@ -56,7 +56,7 @@ Contents of the .debug_info.dwo section: + <ff> DW_AT_artificial : 1 + <ff> DW_AT_location : 2 byte block: fb 2 (DW_OP_GNU_addr_index <0x2>) + <3><102>: Abbrev Number: 14 (DW_TAG_lexical_block) +- <103> DW_AT_low_pc : (addr_index: 0x3): <no .debug_addr section> ++ <103> DW_AT_low_pc : (addr_index: 0x3): 0 + <104> DW_AT_high_pc : 0x2f + <4><10c>: Abbrev Number: 17 (DW_TAG_variable) + <10d> DW_AT_name : i +@@ -274,7 +274,7 @@ Contents of the .debug_info.dwo section: + <2dd> DW_AT_decl_file : 1 + <2de> DW_AT_decl_line : 70 + <2df> DW_AT_linkage_name: _Z4f13iv +- <2e8> DW_AT_low_pc : (addr_index: 0x0): <no .debug_addr section> ++ <2e8> DW_AT_low_pc : (addr_index: 0x0): 0 + <2e9> DW_AT_high_pc : 0x6 + <2f1> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <2f3> DW_AT_GNU_all_call_sites: 1 +@@ -282,7 +282,7 @@ Contents of the .debug_info.dwo section: + <2f4> DW_AT_specification: <0x219> + <2f8> DW_AT_decl_file : 2 + <2f9> DW_AT_decl_line : 30 +- <2fa> DW_AT_low_pc : (addr_index: 0x1): <no .debug_addr section> ++ <2fa> DW_AT_low_pc : (addr_index: 0x1): 0 + <2fb> DW_AT_high_pc : 0x20 + <303> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <305> DW_AT_object_pointer: <0x30d> +@@ -300,7 +300,7 @@ Contents of the .debug_info.dwo section: + <31d> DW_AT_specification: <0x223> + <321> DW_AT_decl_file : 2 + <322> DW_AT_decl_line : 38 +- <323> DW_AT_low_pc : (addr_index: 0x2): <no .debug_addr section> ++ <323> DW_AT_low_pc : (addr_index: 0x2): 0 + <324> DW_AT_high_pc : 0x18 + <32c> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <32e> DW_AT_object_pointer: <0x336> +@@ -316,7 +316,7 @@ Contents of the .debug_info.dwo section: + <341> DW_AT_specification: <0x22d> + <345> DW_AT_decl_file : 2 + <346> DW_AT_decl_line : 46 +- <347> DW_AT_low_pc : (addr_index: 0x3): <no .debug_addr section> ++ <347> DW_AT_low_pc : (addr_index: 0x3): 0 + <348> DW_AT_high_pc : 0x18 + <350> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <352> DW_AT_object_pointer: <0x35a> +@@ -332,7 +332,7 @@ Contents of the .debug_info.dwo section: + <365> DW_AT_specification: <0x237> + <369> DW_AT_decl_file : 2 + <36a> DW_AT_decl_line : 54 +- <36b> DW_AT_low_pc : (addr_index: 0x4): <no .debug_addr section> ++ <36b> DW_AT_low_pc : (addr_index: 0x4): 0 + <36c> DW_AT_high_pc : 0x16 + <374> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <376> DW_AT_object_pointer: <0x37e> +@@ -348,7 +348,7 @@ Contents of the .debug_info.dwo section: + <389> DW_AT_specification: <0x26b> + <38d> DW_AT_decl_file : 2 + <38e> DW_AT_decl_line : 62 +- <38f> DW_AT_low_pc : (addr_index: 0x5): <no .debug_addr section> ++ <38f> DW_AT_low_pc : (addr_index: 0x5): 0 + <390> DW_AT_high_pc : 0x16 + <398> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <39a> DW_AT_object_pointer: <0x3a2> +@@ -366,7 +366,7 @@ Contents of the .debug_info.dwo section: + <3b2> DW_AT_specification: <0x275> + <3b6> DW_AT_decl_file : 2 + <3b7> DW_AT_decl_line : 72 +- <3b8> DW_AT_low_pc : (addr_index: 0x6): <no .debug_addr section> ++ <3b8> DW_AT_low_pc : (addr_index: 0x6): 0 + <3b9> DW_AT_high_pc : 0x1b + <3c1> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <3c3> DW_AT_object_pointer: <0x3cb> +@@ -382,7 +382,7 @@ Contents of the .debug_info.dwo section: + <3d6> DW_AT_specification: <0x27f> + <3da> DW_AT_decl_file : 2 + <3db> DW_AT_decl_line : 82 +- <3dc> DW_AT_low_pc : (addr_index: 0x7): <no .debug_addr section> ++ <3dc> DW_AT_low_pc : (addr_index: 0x7): 0 + <3dd> DW_AT_high_pc : 0x1b + <3e5> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <3e7> DW_AT_object_pointer: <0x3ef> +@@ -398,7 +398,7 @@ Contents of the .debug_info.dwo section: + <3fa> DW_AT_specification: <0x289> + <3fe> DW_AT_decl_file : 2 + <3ff> DW_AT_decl_line : 92 +- <400> DW_AT_low_pc : (addr_index: 0x8): <no .debug_addr section> ++ <400> DW_AT_low_pc : (addr_index: 0x8): 0 + <401> DW_AT_high_pc : 0x19 + <409> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <40b> DW_AT_object_pointer: <0x413> +@@ -414,7 +414,7 @@ Contents of the .debug_info.dwo section: + <41e> DW_AT_specification: <0x2ae> + <422> DW_AT_decl_file : 2 + <423> DW_AT_decl_line : 102 +- <424> DW_AT_low_pc : (addr_index: 0x9): <no .debug_addr section> ++ <424> DW_AT_low_pc : (addr_index: 0x9): 0 + <425> DW_AT_high_pc : 0x19 + <42d> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <42f> DW_AT_object_pointer: <0x437> +@@ -432,7 +432,7 @@ Contents of the .debug_info.dwo section: + <447> DW_AT_specification: <0x2b8> + <44b> DW_AT_decl_file : 2 + <44c> DW_AT_decl_line : 112 +- <44d> DW_AT_low_pc : (addr_index: 0xa): <no .debug_addr section> ++ <44d> DW_AT_low_pc : (addr_index: 0xa): 0 + <44e> DW_AT_high_pc : 0x1f + <456> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <458> DW_AT_object_pointer: <0x460> +@@ -451,7 +451,7 @@ Contents of the .debug_info.dwo section: + <471> DW_AT_decl_line : 120 + <472> DW_AT_linkage_name: _Z4f11av + <47b> DW_AT_type : <0x242> +- <47f> DW_AT_low_pc : (addr_index: 0xb): <no .debug_addr section> ++ <47f> DW_AT_low_pc : (addr_index: 0xb): 0 + <480> DW_AT_high_pc : 0xb + <488> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <48a> DW_AT_GNU_all_call_sites: 1 +@@ -459,7 +459,7 @@ Contents of the .debug_info.dwo section: + <48b> DW_AT_specification: <0x2c2> + <48f> DW_AT_decl_file : 2 + <490> DW_AT_decl_line : 126 +- <491> DW_AT_low_pc : (addr_index: 0xc): <no .debug_addr section> ++ <491> DW_AT_low_pc : (addr_index: 0xc): 0 + <492> DW_AT_high_pc : 0x20 + <49a> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <49c> DW_AT_object_pointer: <0x4a4> +@@ -478,7 +478,7 @@ Contents of the .debug_info.dwo section: + <4b4> DW_AT_decl_line : 134 + <4b5> DW_AT_linkage_name: _Z3t12v + <4bd> DW_AT_type : <0x249> +- <4c1> DW_AT_low_pc : (addr_index: 0xd): <no .debug_addr section> ++ <4c1> DW_AT_low_pc : (addr_index: 0xd): 0 + <4c2> DW_AT_high_pc : 0x19 + <4ca> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <4cc> DW_AT_GNU_all_tail_call_sites: 1 +@@ -489,7 +489,7 @@ Contents of the .debug_info.dwo section: + <4d2> DW_AT_decl_line : 142 + <4d3> DW_AT_linkage_name: _Z3t13v + <4db> DW_AT_type : <0x249> +- <4df> DW_AT_low_pc : (addr_index: 0xe): <no .debug_addr section> ++ <4df> DW_AT_low_pc : (addr_index: 0xe): 0 + <4e0> DW_AT_high_pc : 0x14 + <4e8> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <4ea> DW_AT_GNU_all_tail_call_sites: 1 +@@ -500,13 +500,13 @@ Contents of the .debug_info.dwo section: + <4f0> DW_AT_decl_line : 150 + <4f1> DW_AT_linkage_name: _Z3t14v + <4f9> DW_AT_type : <0x249> +- <4fd> DW_AT_low_pc : (addr_index: 0xf): <no .debug_addr section> ++ <4fd> DW_AT_low_pc : (addr_index: 0xf): 0 + <4fe> DW_AT_high_pc : 0x61 + <506> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <508> DW_AT_GNU_all_tail_call_sites: 1 + <508> DW_AT_sibling : <0x532> + <2><50c>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <50d> DW_AT_low_pc : (addr_index: 0x10): <no .debug_addr section> ++ <50d> DW_AT_low_pc : (addr_index: 0x10): 0 + <50e> DW_AT_high_pc : 0x57 + <3><516>: Abbrev Number: 25 (DW_TAG_variable) + <517> DW_AT_name : s1 +@@ -538,13 +538,13 @@ Contents of the .debug_info.dwo section: + <54b> DW_AT_decl_line : 163 + <54c> DW_AT_linkage_name: _Z3t15v + <554> DW_AT_type : <0x249> +- <558> DW_AT_low_pc : (addr_index: 0x11): <no .debug_addr section> ++ <558> DW_AT_low_pc : (addr_index: 0x11): 0 + <559> DW_AT_high_pc : 0x5d + <561> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <563> DW_AT_GNU_all_tail_call_sites: 1 + <563> DW_AT_sibling : <0x58d> + <2><567>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <568> DW_AT_low_pc : (addr_index: 0x12): <no .debug_addr section> ++ <568> DW_AT_low_pc : (addr_index: 0x12): 0 + <569> DW_AT_high_pc : 0x53 + <3><571>: Abbrev Number: 25 (DW_TAG_variable) + <572> DW_AT_name : s1 +@@ -576,7 +576,7 @@ Contents of the .debug_info.dwo section: + <5a9> DW_AT_decl_line : 176 + <5aa> DW_AT_linkage_name: _Z3t16v + <5b2> DW_AT_type : <0x249> +- <5b6> DW_AT_low_pc : (addr_index: 0x13): <no .debug_addr section> ++ <5b6> DW_AT_low_pc : (addr_index: 0x13): 0 + <5b7> DW_AT_high_pc : 0x13 + <5bf> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <5c1> DW_AT_GNU_all_tail_call_sites: 1 +@@ -587,13 +587,13 @@ Contents of the .debug_info.dwo section: + <5c7> DW_AT_decl_line : 184 + <5c8> DW_AT_linkage_name: _Z3t17v + <5d0> DW_AT_type : <0x249> +- <5d4> DW_AT_low_pc : (addr_index: 0x14): <no .debug_addr section> ++ <5d4> DW_AT_low_pc : (addr_index: 0x14): 0 + <5d5> DW_AT_high_pc : 0x5f + <5dd> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <5df> DW_AT_GNU_all_call_sites: 1 + <5df> DW_AT_sibling : <0x612> + <2><5e3>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <5e4> DW_AT_low_pc : (addr_index: 0x15): <no .debug_addr section> ++ <5e4> DW_AT_low_pc : (addr_index: 0x15): 0 + <5e5> DW_AT_high_pc : 0x59 + <3><5ed>: Abbrev Number: 25 (DW_TAG_variable) + <5ee> DW_AT_name : c +@@ -602,7 +602,7 @@ Contents of the .debug_info.dwo section: + <5f2> DW_AT_type : <0x53d> + <5f6> DW_AT_location : 2 byte block: 91 6f (DW_OP_fbreg: -17) + <3><5f9>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <5fa> DW_AT_low_pc : (addr_index: 0x16): <no .debug_addr section> ++ <5fa> DW_AT_low_pc : (addr_index: 0x16): 0 + <5fb> DW_AT_high_pc : 0x50 + <4><603>: Abbrev Number: 25 (DW_TAG_variable) + <604> DW_AT_name : i +@@ -620,13 +620,13 @@ Contents of the .debug_info.dwo section: + <618> DW_AT_decl_line : 199 + <619> DW_AT_linkage_name: _Z3t18v + <621> DW_AT_type : <0x249> +- <625> DW_AT_low_pc : (addr_index: 0x17): <no .debug_addr section> ++ <625> DW_AT_ow_pc : (addr_index: 0x17): 0 + <626> DW_AT_high_pc : 0x5f + <62e> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <630> DW_AT_GNU_all_tail_call_sites: 1 + <630> DW_AT_sibling : <0x67a> + <2><634>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <635> DW_AT_low_pc : (addr_index: 0x18): <no .debug_addr section> ++ <635> DW_AT_low_pc : (addr_index: 0x18): 0 + <636> DW_AT_high_pc : 0x55 + <3><63e>: Abbrev Number: 25 (DW_TAG_variable) + <63f> DW_AT_name : c +@@ -635,7 +635,7 @@ Contents of the .debug_info.dwo section: + <643> DW_AT_type : <0x53d> + <647> DW_AT_location : 2 byte block: 91 6f (DW_OP_fbreg: -17) + <3><64a>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <64b> DW_AT_low_pc : (addr_index: 0x19): <no .debug_addr section> ++ <64b> DW_AT_low_pc : (addr_index: 0x19): 0 + <64c> DW_AT_high_pc : 0x4c + <4><654>: Abbrev Number: 25 (DW_TAG_variable) + <655> DW_AT_name : i +@@ -644,7 +644,7 @@ Contents of the .debug_info.dwo section: + <659> DW_AT_type : <0x242> + <65d> DW_AT_location : 2 byte block: 91 68 (DW_OP_fbreg: -24) + <4><660>: Abbrev Number: 24 (DW_TAG_lexical_block) +- <661> DW_AT_low_pc : (addr_index: 0x1a): <no .debug_addr section> ++ <661> DW_AT_low_pc : (addr_index: 0x1a): 0 + <662> DW_AT_high_pc : 0x34 + <5><66a>: Abbrev Number: 25 (DW_TAG_variable) + <66b> DW_AT_name : s +@@ -786,7 +786,7 @@ Contents of the .debug_info.dwo section: + <7d3> DW_AT_decl_line : 32 + <7d4> DW_AT_linkage_name: _Z4t16av + <7dd> DW_AT_type : <0x7c4> +- <7e1> DW_AT_low_pc : (addr_index: 0x0): <no .debug_addr section> ++ <7e1> DW_AT_low_pc : (addr_index: 0x0): 0 + <7e2> DW_AT_high_pc : 0x13 + <7ea> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <7ec> DW_AT_GNU_all_tail_call_sites: 1 +@@ -878,14 +878,14 @@ Contents of the .debug_info.dwo section: + <908> DW_AT_decl_file : 1 + <909> DW_AT_decl_line : 70 + <90a> DW_AT_linkage_name: _Z4f13iv +- <913> DW_AT_low_pc : (addr_index: 0x0): <no .debug_addr section> ++ <913> DW_AT_low_pc : (addr_index: 0x0): 0 + <914> DW_AT_high_pc : 0x6 + <91c> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <91e> DW_AT_GNU_all_call_sites: 1 + <1><91e>: Abbrev Number: 17 (DW_TAG_subprogram) + <91f> DW_AT_specification: <0x8a8> + <923> DW_AT_decl_file : 2 +- <924> DW_AT_low_pc : (addr_index: 0x1): <no .debug_addr section> ++ <924> DW_AT_low_pc : (addr_index: 0x1): 0 + <925> DW_AT_high_pc : 0xf + <92d> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <92f> DW_AT_object_pointer: <0x937> +@@ -903,7 +903,7 @@ Contents of the .debug_info.dwo section: + <94b> DW_AT_specification: <0x89b> + <94f> DW_AT_decl_file : 2 + <950> DW_AT_decl_line : 36 +- <951> DW_AT_low_pc : (addr_index: 0x2): <no .debug_addr section> ++ <951> DW_AT_low_pc : (addr_index: 0x2): 0 + <952> DW_AT_high_pc : 0x20 + <95a> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <95c> DW_AT_object_pointer: <0x964> +@@ -922,7 +922,7 @@ Contents of the .debug_info.dwo section: + <978> DW_AT_decl_line : 72 + <979> DW_AT_linkage_name: _Z3f10v + <981> DW_AT_type : <0x8b7> +- <985> DW_AT_low_pc : (addr_index: 0x3): <no .debug_addr section> ++ <985> DW_AT_low_pc : (addr_index: 0x3): 0 + <986> DW_AT_high_pc : 0xb + <98e> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <990> DW_AT_GNU_all_call_sites: 1 +@@ -933,7 +933,7 @@ Contents of the .debug_info.dwo section: + <997> DW_AT_decl_line : 80 + <998> DW_AT_linkage_name: _Z4f11bPFivE + <9a5> DW_AT_type : <0x8b7> +- <9a9> DW_AT_low_pc : (addr_index: 0x4): <no .debug_addr section> ++ <9a9> DW_AT_low_pc : (addr_index: 0x4): 0 + <9aa> DW_AT_high_pc : 0x14 + <9b2> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <9b4> DW_AT_GNU_all_tail_call_sites: 1 +@@ -954,7 +954,7 @@ Contents of the .debug_info.dwo section: + <9d3> DW_AT_specification: <0x8e0> + <9d7> DW_AT_decl_file : 2 + <9d8> DW_AT_decl_line : 88 +- <9d9> DW_AT_low_pc : (addr_index: 0x5): <no .debug_addr section> ++ <9d9> DW_AT_low_pc : (addr_index: 0x5): 0 + <9da> DW_AT_high_pc : 0xf + <9e2> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <9e4> DW_AT_object_pointer: <0x9ec> +@@ -976,7 +976,7 @@ Contents of the .debug_info.dwo section: + <a06> DW_AT_decl_line : 96 + <a07> DW_AT_linkage_name: _Z3f13v + <a0f> DW_AT_type : <0xa1e> +- <a13> DW_AT_low_pc : (addr_index: 0x6): <no .debug_addr section> ++ <a13> DW_AT_low_pc : (addr_index: 0x6): 0 + <a14> DW_AT_high_pc : 0xb + <a1c> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <a1e> DW_AT_GNU_all_call_sites: 1 +@@ -990,7 +990,7 @@ Contents of the .debug_info.dwo section: + <a2a> DW_AT_decl_line : 104 + <a2b> DW_AT_linkage_name: _Z3f14v + <a33> DW_AT_type : <0xa42> +- <a37> DW_AT_low_pc : (addr_index: 0x7): <no .debug_addr section> ++ <a37> DW_AT_low_pc : (addr_index: 0x7): 0 + <a38> DW_AT_high_pc : 0xb + <a40> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <a42> DW_AT_GNU_all_call_sites: 1 +@@ -1010,7 +1010,7 @@ Contents of the .debug_info.dwo section: + <a5b> DW_AT_decl_line : 112 + <a5c> DW_AT_linkage_name: _Z3f15v + <a64> DW_AT_type : <0xa73> +- <a68> DW_AT_low_pc : (addr_index: 0x8): <no .debug_addr section> ++ <a68> DW_AT_low_pc : (addr_index: 0x8): 0 + <a69> DW_AT_high_pc : 0xb + <a71> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <a73> DW_AT_GNU_all_call_sites: 1 +@@ -1030,7 +1030,7 @@ Contents of the .debug_info.dwo section: + <a8f> DW_AT_decl_line : 127 + <a90> DW_AT_linkage_name: _Z3f18i + <a98> DW_AT_type : <0xa42> +- <a9c> DW_AT_low_pc : (addr_index: 0x9): <no .debug_addr section> ++ <a9c> DW_AT_low_pc : (addr_index: 0x9): 0 + <a9d> DW_AT_high_pc : 0x44 + <aa5> DW_AT_frame_base : 1 byte block: 9c (DW_OP_call_frame_cfa) + <aa7> DW_AT_GNU_all_call_sites: 1 diff --git a/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-2.patch b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-2.patch new file mode 100644 index 0000000000..0583bfcfab --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-2.patch @@ -0,0 +1,188 @@ +From ec41dd75c866599fc03c390c6afb5736c159c0ff Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 21 Jun 2022 16:37:27 +0100 +Subject: [PATCH] Binutils support for dwarf-5 (location and range lists + related) + + * dwarf.h (struct debug_info): Add rnglists_base field. + * dwarf.c (read_and_display_attr_value): Read attribute DW_AT_rnglists_base. + (display_debug_rnglists_list): While handling DW_RLE_base_addressx, + DW_RLE_startx_endx, DW_RLE_startx_length items, pass the proper parameter + value to fetch_indexed_addr(), i.e. fetch the proper entry in .debug_addr section. + (display_debug_ranges): Add rnglists_base to the .debug_rnglists base address. + (load_separate_debug_files): Load .debug_addr section, if exists. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=ec41dd75c866599fc03c390c6afb5736c159c0ff] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> +--- + binutils/ChangeLog | 10 +++++++++ + binutils/dwarf.c | 53 ++++++++++++++++++++++++++++++++++------------ + binutils/dwarf.h | 1 + + 3 files changed, 51 insertions(+), 13 deletions(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index cb2523af1f3..30b64ac68a8 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -2812,7 +2812,12 @@ read_and_display_attr_value (unsigned lo + dwarf_vmatoa ("x", debug_info_p->cu_offset)); + debug_info_p->loclists_base = uvalue; + break; +- ++ case DW_AT_rnglists_base: ++ if (debug_info_p->rnglists_base) ++ warn (_("CU @ 0x%s has multiple rnglists_base values"), ++ dwarf_vmatoa ("x", debug_info_p->cu_offset)); ++ debug_info_p->rnglists_base = uvalue; ++ break; + case DW_AT_frame_base: + have_frame_base = 1; + /* Fall through. */ +@@ -3303,6 +3308,7 @@ read_and_display_attr_value (unsigned lo + /* Fall through. */ + case DW_AT_location: + case DW_AT_loclists_base: ++ case DW_AT_rnglists_base: + case DW_AT_string_length: + case DW_AT_return_addr: + case DW_AT_data_member_location: +@@ -3322,7 +3328,10 @@ read_and_display_attr_value (unsigned lo + && (form == DW_FORM_data4 || form == DW_FORM_data8)) + || form == DW_FORM_sec_offset + || form == DW_FORM_loclistx) +- printf (_(" (location list)")); ++ { ++ if (attribute != DW_AT_rnglists_base) ++ printf (_(" (location list)")); ++ } + /* Fall through. */ + case DW_AT_allocated: + case DW_AT_associated: +@@ -3809,6 +3818,7 @@ process_debug_info (struct dwarf_section + debug_information [unit].range_lists = NULL; + debug_information [unit].max_range_lists= 0; + debug_information [unit].num_range_lists = 0; ++ debug_information [unit].rnglists_base = 0; + } + + if (!do_loc && dwarf_start_die == 0) +@@ -7932,9 +7942,16 @@ display_debug_rnglists_list (unsigned ch + unsigned char * finish, + unsigned int pointer_size, + dwarf_vma offset, +- dwarf_vma base_address) ++ dwarf_vma base_address, ++ unsigned int offset_size) + { + unsigned char *next = start; ++ unsigned int debug_addr_section_hdr_len; ++ ++ if (offset_size == 4) ++ debug_addr_section_hdr_len = 8; ++ else ++ debug_addr_section_hdr_len = 16; + + while (1) + { +@@ -7964,20 +7981,24 @@ display_debug_rnglists_list (unsigned ch + READ_ULEB (base_address, start, finish); + print_dwarf_vma (base_address, pointer_size); + printf (_("(base address index) ")); +- base_address = fetch_indexed_addr (base_address, pointer_size); ++ base_address = fetch_indexed_addr ((base_address * pointer_size) ++ + debug_addr_section_hdr_len, pointer_size); + print_dwarf_vma (base_address, pointer_size); + printf (_("(base address)\n")); + break; + case DW_RLE_startx_endx: + READ_ULEB (begin, start, finish); + READ_ULEB (end, start, finish); +- begin = fetch_indexed_addr (begin, pointer_size); +- end = fetch_indexed_addr (begin, pointer_size); ++ begin = fetch_indexed_addr ((begin * pointer_size) ++ + debug_addr_section_hdr_len, pointer_size); ++ end = fetch_indexed_addr ((begin * pointer_size) ++ + debug_addr_section_hdr_len, pointer_size); + break; + case DW_RLE_startx_length: + READ_ULEB (begin, start, finish); + READ_ULEB (length, start, finish); +- begin = fetch_indexed_addr (begin, pointer_size); ++ begin = fetch_indexed_addr ((begin * pointer_size) ++ + debug_addr_section_hdr_len, pointer_size); + end = begin + length; + break; + case DW_RLE_offset_pair: +@@ -8003,6 +8024,7 @@ display_debug_rnglists_list (unsigned ch + rlet = DW_RLE_end_of_list; + break; + } ++ + if (rlet == DW_RLE_end_of_list) + break; + if (rlet == DW_RLE_base_address || rlet == DW_RLE_base_addressx) +@@ -8043,6 +8065,7 @@ display_debug_ranges (struct dwarf_secti + /* Initialize it due to a false compiler warning. */ + unsigned char address_size = 0; + dwarf_vma last_offset = 0; ++ unsigned int offset_size = 0; + + if (bytes == 0) + { +@@ -8054,10 +8077,10 @@ display_debug_ranges (struct dwarf_secti + + if (is_rnglists) + { +- dwarf_vma initial_length; +- unsigned char segment_selector_size; +- unsigned int offset_size, offset_entry_count; +- unsigned short version; ++ dwarf_vma initial_length; ++ unsigned char segment_selector_size; ++ unsigned int offset_entry_count; ++ unsigned short version; + + /* Get and check the length of the block. */ + SAFE_BYTE_GET_AND_INC (initial_length, start, 4, finish); +@@ -8230,7 +8253,8 @@ display_debug_ranges (struct dwarf_secti + (unsigned long) offset, i); + continue; + } +- next = section_begin + offset; ++ ++ next = section_begin + offset + debug_info_p->rnglists_base; + + /* If multiple DWARF entities reference the same range then we will + have multiple entries in the `range_entries' list for the same +@@ -8262,7 +8286,7 @@ display_debug_ranges (struct dwarf_secti + + if (is_rnglists) + display_debug_rnglists_list +- (start, finish, pointer_size, offset, base_address); ++ (start, finish, pointer_size, offset, base_address, offset_size); + else + display_debug_ranges_list + (start, finish, pointer_size, offset, base_address); +@@ -11911,6 +11935,9 @@ load_separate_debug_files (void * file, + && load_debug_section (abbrev, file) + && load_debug_section (info, file)) + { ++ /* Load the .debug_addr section, if it exists. */ ++ load_debug_section (debug_addr, file); ++ + free_dwo_info (); + + if (process_debug_info (& debug_displays[info].section, file, abbrev, +diff --git a/binutils/dwarf.h b/binutils/dwarf.h +index 040e674c6ce..8a89c08e7c2 100644 +--- a/binutils/dwarf.h ++++ b/binutils/dwarf.h +@@ -192,6 +192,7 @@ typedef struct + dwarf_vma * range_lists; + unsigned int num_range_lists; + unsigned int max_range_lists; ++ dwarf_vma rnglists_base; + } + debug_info; + diff --git a/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-3.patch b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-3.patch new file mode 100644 index 0000000000..56331b1128 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-3.patch @@ -0,0 +1,211 @@ +From f18acc9c4e5d18f4783f3a7d59e3ec95d7af0199 Mon Sep 17 00:00:00 2001 +From: "Kumar N, Bhuvanendra" <Kavitha.Natarajan@amd.com> +Date: Wed, 22 Jun 2022 17:07:25 +0100 +Subject: [PATCH] Binutils support for split-dwarf and dwarf-5 + + * dwarf.c (fetch_indexed_string): Added new parameter + str_offsets_base to calculate the string offset. + (read_and_display_attr_value): Read DW_AT_str_offsets_base + attribute. + (process_debug_info): While allocating memory and initializing + debug_information, do it for do_debug_info also, if its true. + (load_separate_debug_files): Load .debug_str_offsets if exists. + * dwarf.h (struct debug_info): Add str_offsets_base field. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=f18acc9c4e5d18f4783f3a7d59e3ec95d7af0199] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> +--- + binutils/ChangeLog | 13 ++++++++++- + binutils/dwarf.c | 57 ++++++++++++++++++++++++++++++++++------------ + binutils/dwarf.h | 1 + + 3 files changed, 56 insertions(+), 15 deletions(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index f9c46cf54dd..d9a3144023c 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -687,8 +687,11 @@ fetch_indirect_line_string (dwarf_vma of + } + + static const char * +-fetch_indexed_string (dwarf_vma idx, struct cu_tu_set *this_set, +- dwarf_vma offset_size, bool dwo) ++fetch_indexed_string (dwarf_vma idx, ++ struct cu_tu_set * this_set, ++ dwarf_vma offset_size, ++ bool dwo, ++ dwarf_vma str_offsets_base) + { + enum dwarf_section_display_enum str_sec_idx = dwo ? str_dwo : str; + enum dwarf_section_display_enum idx_sec_idx = dwo ? str_index_dwo : str_index; +@@ -776,7 +779,15 @@ fetch_indexed_string (dwarf_vma idx, str + return _("<index offset is too big>"); + } + +- str_offset = byte_get (curr + index_offset, offset_size); ++ if (str_offsets_base > 0) ++ { ++ if (offset_size == 8) ++ str_offsets_base -= 16; ++ else ++ str_offsets_base -= 8; ++ } ++ ++ str_offset = byte_get (curr + index_offset + str_offsets_base, offset_size); + str_offset -= str_section->address; + if (str_offset >= str_section->size) + { +@@ -2721,11 +2732,13 @@ read_and_display_attr_value (unsigned lo + /* We have already displayed the form name. */ + printf (_("%c(offset: 0x%s): %s"), delimiter, + dwarf_vmatoa ("x", uvalue), +- fetch_indexed_string (uvalue, this_set, offset_size, dwo)); ++ fetch_indexed_string (uvalue, this_set, offset_size, dwo, ++ debug_info_p->str_offsets_base)); + else + printf (_("%c(indexed string: 0x%s): %s"), delimiter, + dwarf_vmatoa ("x", uvalue), +- fetch_indexed_string (uvalue, this_set, offset_size, dwo)); ++ fetch_indexed_string (uvalue, this_set, offset_size, dwo, ++ debug_info_p->str_offsets_base)); + } + break; + +@@ -2800,7 +2813,7 @@ read_and_display_attr_value (unsigned lo + break; + } + +- if ((do_loc || do_debug_loc || do_debug_ranges) ++ if ((do_loc || do_debug_loc || do_debug_ranges || do_debug_info) + && num_debug_info_entries == 0 + && debug_info_p != NULL) + { +@@ -2818,6 +2831,13 @@ read_and_display_attr_value (unsigned lo + dwarf_vmatoa ("x", debug_info_p->cu_offset)); + debug_info_p->rnglists_base = uvalue; + break; ++ case DW_AT_str_offsets_base: ++ if (debug_info_p->str_offsets_base) ++ warn (_("CU @ 0x%s has multiple str_offsets_base values"), ++ dwarf_vmatoa ("x", debug_info_p->cu_offset)); ++ debug_info_p->str_offsets_base = uvalue; ++ break; ++ + case DW_AT_frame_base: + have_frame_base = 1; + /* Fall through. */ +@@ -2956,7 +2976,9 @@ read_and_display_attr_value (unsigned lo + case DW_FORM_strx2: + case DW_FORM_strx3: + case DW_FORM_strx4: +- add_dwo_name (fetch_indexed_string (uvalue, this_set, offset_size, false), cu_offset); ++ add_dwo_name (fetch_indexed_string (uvalue, this_set, offset_size, false, ++ debug_info_p->str_offsets_base), ++ cu_offset); + break; + case DW_FORM_string: + add_dwo_name ((const char *) orig_data, cu_offset); +@@ -2988,7 +3010,9 @@ read_and_display_attr_value (unsigned lo + case DW_FORM_strx2: + case DW_FORM_strx3: + case DW_FORM_strx4: +- add_dwo_dir (fetch_indexed_string (uvalue, this_set, offset_size, false), cu_offset); ++ add_dwo_dir (fetch_indexed_string (uvalue, this_set, offset_size, false, ++ debug_info_p->str_offsets_base), ++ cu_offset); + break; + case DW_FORM_string: + add_dwo_dir ((const char *) orig_data, cu_offset); +@@ -3309,6 +3333,7 @@ read_and_display_attr_value (unsigned lo + case DW_AT_location: + case DW_AT_loclists_base: + case DW_AT_rnglists_base: ++ case DW_AT_str_offsets_base: + case DW_AT_string_length: + case DW_AT_return_addr: + case DW_AT_data_member_location: +@@ -3329,7 +3354,8 @@ read_and_display_attr_value (unsigned lo + || form == DW_FORM_sec_offset + || form == DW_FORM_loclistx) + { +- if (attribute != DW_AT_rnglists_base) ++ if (attribute != DW_AT_rnglists_base ++ && attribute != DW_AT_str_offsets_base) + printf (_(" (location list)")); + } + /* Fall through. */ +@@ -3562,7 +3588,7 @@ process_debug_info (struct dwarf_section + return false; + } + +- if ((do_loc || do_debug_loc || do_debug_ranges) ++ if ((do_loc || do_debug_loc || do_debug_ranges || do_debug_info) + && num_debug_info_entries == 0 + && ! do_types) + { +@@ -3797,7 +3823,7 @@ process_debug_info (struct dwarf_section + continue; + } + +- if ((do_loc || do_debug_loc || do_debug_ranges) ++ if ((do_loc || do_debug_loc || do_debug_ranges || do_debug_info) + && num_debug_info_entries == 0 + && alloc_num_debug_info_entries > unit + && ! do_types) +@@ -3819,6 +3845,7 @@ process_debug_info (struct dwarf_section + debug_information [unit].max_range_lists= 0; + debug_information [unit].num_range_lists = 0; + debug_information [unit].rnglists_base = 0; ++ debug_information [unit].str_offsets_base = 0; + } + + if (!do_loc && dwarf_start_die == 0) +@@ -4089,7 +4116,7 @@ process_debug_info (struct dwarf_section + + /* Set num_debug_info_entries here so that it can be used to check if + we need to process .debug_loc and .debug_ranges sections. */ +- if ((do_loc || do_debug_loc || do_debug_ranges) ++ if ((do_loc || do_debug_loc || do_debug_ranges || do_debug_info) + && num_debug_info_entries == 0 + && ! do_types) + { +@@ -6237,7 +6264,7 @@ display_debug_macro (struct dwarf_sectio + READ_ULEB (lineno, curr, end); + READ_ULEB (offset, curr, end); + string = (const unsigned char *) +- fetch_indexed_string (offset, NULL, offset_size, false); ++ fetch_indexed_string (offset, NULL, offset_size, false, 0); + if (op == DW_MACRO_define_strx) + printf (" DW_MACRO_define_strx "); + else +@@ -7851,7 +7878,7 @@ display_debug_str_offsets (struct dwarf_ + SAFE_BYTE_GET_AND_INC (offset, curr, entry_length, entries_end); + if (dwo) + string = (const unsigned char *) +- fetch_indexed_string (idx, NULL, entry_length, dwo); ++ fetch_indexed_string (idx, NULL, entry_length, dwo, 0); + else + string = fetch_indirect_string (offset); + +@@ -11937,6 +11964,8 @@ load_separate_debug_files (void * file, + { + /* Load the .debug_addr section, if it exists. */ + load_debug_section (debug_addr, file); ++ /* Load the .debug_str_offsets section, if it exists. */ ++ load_debug_section (str_index, file); + + free_dwo_info (); + +diff --git a/binutils/dwarf.h b/binutils/dwarf.h +index 8a89c08e7c2..adbf20f9a28 100644 +--- a/binutils/dwarf.h ++++ b/binutils/dwarf.h +@@ -193,6 +193,7 @@ typedef struct + unsigned int num_range_lists; + unsigned int max_range_lists; + dwarf_vma rnglists_base; ++ dwarf_vma str_offsets_base; + } + debug_info; + diff --git a/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-4.patch b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-4.patch new file mode 100644 index 0000000000..e59b19c184 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2022-38127-4.patch @@ -0,0 +1,43 @@ +From e98e7d9a70dcc987bff0e925f20b78cd4a2979ed Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Mon, 27 Jun 2022 13:30:35 +0100 +Subject: [PATCH] Fix NULL pointer indirection when parsing corrupt DWARF data. + + PR 29290 + * dwarf.c (read_and_display_attr_value): Check that debug_info_p + is set before dereferencing it. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e98e7d9a70dcc987bff0e925f20b78cd4a2979ed] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> +--- + binutils/dwarf.c | 11 +++++------ + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index bcabb61b871..37b477b886d 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -2727,18 +2727,17 @@ read_and_display_attr_value (unsigned lo + { + const char *suffix = strrchr (section->name, '.'); + bool dwo = suffix && strcmp (suffix, ".dwo") == 0; ++ const char *strng; + ++ strng = fetch_indexed_string (uvalue, this_set, offset_size, dwo, ++ debug_info_p ? debug_info_p->str_offsets_base : 0); + if (do_wide) + /* We have already displayed the form name. */ + printf (_("%c(offset: 0x%s): %s"), delimiter, +- dwarf_vmatoa ("x", uvalue), +- fetch_indexed_string (uvalue, this_set, offset_size, dwo, +- debug_info_p->str_offsets_base)); ++ dwarf_vmatoa ("x", uvalue), strng); + else + printf (_("%c(indexed string: 0x%s): %s"), delimiter, +- dwarf_vmatoa ("x", uvalue), +- fetch_indexed_string (uvalue, this_set, offset_size, dwo, +- debug_info_p->str_offsets_base)); ++ dwarf_vmatoa ("x", uvalue), strng); + } + break; + diff --git a/poky/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake b/poky/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake index 86446c3ace..3ddef12c83 100644 --- a/poky/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake +++ b/poky/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake @@ -1,7 +1,6 @@ set( CMAKE_SYSTEM_NAME Linux ) set( CMAKE_C_FLAGS $ENV{CFLAGS} CACHE STRING "" FORCE ) set( CMAKE_CXX_FLAGS $ENV{CXXFLAGS} CACHE STRING "" FORCE ) -set( CMAKE_ASM_FLAGS ${CMAKE_C_FLAGS} CACHE STRING "" FORCE ) set( CMAKE_SYSROOT $ENV{OECORE_TARGET_SYSROOT} ) set( CMAKE_FIND_ROOT_PATH $ENV{OECORE_TARGET_SYSROOT} ) diff --git a/poky/meta/recipes-devtools/gcc/gcc-11.3.inc b/poky/meta/recipes-devtools/gcc/gcc-11.3.inc index 2cebeb2bc8..27074a06ae 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-11.3.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-11.3.inc @@ -65,7 +65,12 @@ SRC_URI = "\ file://0003-CVE-2021-42574.patch \ file://0004-CVE-2021-42574.patch \ file://0001-CVE-2021-46195.patch \ + file://0001-aarch64-Update-Neoverse-N2-core-defini.patch \ + file://0002-aarch64-add-armv9-a-to-march.patch \ + file://0003-aarch64-Enable-FP16-feature-by-default-for-Armv9.patch \ + file://0004-arm-add-armv9-a-architecture-to-march.patch \ " + SRC_URI[sha256sum] = "b47cf2818691f5b1e21df2bb38c795fac2cfbd640ede2d0a5e1c89e338a3ac39" S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}" diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc index a87b446c4f..c36e4cba81 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian.inc @@ -9,6 +9,7 @@ GCCMULTILIB = "--enable-multilib" require gcc-configure-common.inc +EXTRA_OECONF += "--with-plugin-ld=ld" EXTRA_OECONF_PATHS = "\ --with-gxx-include-dir=/not/exist${target_includedir}/c++/${BINV} \ --with-build-time-tools=${STAGING_DIR_NATIVE}${prefix_native}/${TARGET_SYS}/bin \ @@ -134,8 +135,6 @@ do_install () { ln -sf ${BINRELPATH}/${TARGET_PREFIX}$t$suffix $dest$t$suffix done - t=real-ld - ln -sf ${BINRELPATH}/${TARGET_PREFIX}ld$suffix $dest$t$suffix # libquadmath headers need to be available in the gcc libexec dir install -d ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/include/ diff --git a/poky/meta/recipes-devtools/gcc/gcc-multilib-config.inc b/poky/meta/recipes-devtools/gcc/gcc-multilib-config.inc index 26bfed9507..2dbbc23c94 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-multilib-config.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-multilib-config.inc @@ -154,7 +154,7 @@ python gcc_multilib_setup() { gcc_header_config_files = { 'x86_64' : ['gcc/config/linux.h', 'gcc/config/i386/linux.h', 'gcc/config/i386/linux64.h'], 'i586' : ['gcc/config/linux.h', 'gcc/config/i386/linux.h', 'gcc/config/i386/linux64.h'], - 'i686' : ['gcc/config/linux.h', 'gcc/config/i386/linux64.h'], + 'i686' : ['gcc/config/linux.h', 'gcc/config/i386/linux.h', 'gcc/config/i386/linux64.h'], 'mips' : ['gcc/config/linux.h', 'gcc/config/mips/linux.h', 'gcc/config/mips/linux64.h'], 'mips64' : ['gcc/config/linux.h', 'gcc/config/mips/linux.h', 'gcc/config/mips/linux64.h'], 'powerpc' : ['gcc/config/linux.h', 'gcc/config/rs6000/linux64.h'], diff --git a/poky/meta/recipes-devtools/gcc/gcc/0001-aarch64-Update-Neoverse-N2-core-defini.patch b/poky/meta/recipes-devtools/gcc/gcc/0001-aarch64-Update-Neoverse-N2-core-defini.patch new file mode 100644 index 0000000000..8429242348 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0001-aarch64-Update-Neoverse-N2-core-defini.patch @@ -0,0 +1,42 @@ +From 9f37d31324f89d0b7b2abac988a976d121ae29c6 Mon Sep 17 00:00:00 2001 +From: Andre Vieira <andre.simoesdiasvieira@arm.com> +Date: Thu, 8 Sep 2022 06:02:18 +0000 +Subject: [PATCH 1/4] aarch64: Update Neoverse N2 core definition + +commit 9f37d31324f89d0b7b2abac988a976d121ae29c6 from upstream. + +gcc/ChangeLog: + + * config/aarch64/aarch64-cores.def: Update Neoverse N2 core entry. + +Upstream-Status: Backport +Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com> +--- + gcc/config/aarch64/aarch64-cores.def | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64-cores.def b/gcc/config/aarch64/aarch64-cores.def +index 4643e0e27..3478e567a 100644 +--- a/gcc/config/aarch64/aarch64-cores.def ++++ b/gcc/config/aarch64/aarch64-cores.def +@@ -145,9 +145,6 @@ AARCH64_CORE("neoverse-512tvb", neoverse512tvb, cortexa57, 8_4A, AARCH64_FL_FOR + /* Qualcomm ('Q') cores. */ + AARCH64_CORE("saphira", saphira, saphira, 8_4A, AARCH64_FL_FOR_ARCH8_4 | AARCH64_FL_CRYPTO | AARCH64_FL_RCPC, saphira, 0x51, 0xC01, -1) + +-/* Armv8.5-A Architecture Processors. */ +-AARCH64_CORE("neoverse-n2", neoversen2, cortexa57, 8_5A, AARCH64_FL_FOR_ARCH8_5 | AARCH64_FL_I8MM | AARCH64_FL_BF16 | AARCH64_FL_F16 | AARCH64_FL_SVE | AARCH64_FL_SVE2 | AARCH64_FL_SVE2_BITPERM | AARCH64_FL_RNG | AARCH64_FL_MEMTAG, neoversen2, 0x41, 0xd49, -1) +- + /* ARMv8-A big.LITTLE implementations. */ + + AARCH64_CORE("cortex-a57.cortex-a53", cortexa57cortexa53, cortexa53, 8A, AARCH64_FL_FOR_ARCH8 | AARCH64_FL_CRC, cortexa57, 0x41, AARCH64_BIG_LITTLE (0xd07, 0xd03), -1) +@@ -163,4 +160,7 @@ AARCH64_CORE("cortex-a76.cortex-a55", cortexa76cortexa55, cortexa53, 8_2A, AAR + /* Armv8-R Architecture Processors. */ + AARCH64_CORE("cortex-r82", cortexr82, cortexa53, 8R, AARCH64_FL_FOR_ARCH8_R, cortexa53, 0x41, 0xd15, -1) + ++/* Armv9-A Architecture Processors. */ ++AARCH64_CORE("neoverse-n2", neoversen2, cortexa57, 9A, AARCH64_FL_FOR_ARCH9 | AARCH64_FL_I8MM | AARCH64_FL_BF16 | AARCH64_FL_SVE2_BITPERM | AARCH64_FL_RNG | AARCH64_FL_MEMTAG | AARCH64_FL_PROFILE, neoversen2, 0x41, 0xd49, -1) ++ + #undef AARCH64_CORE +-- +2.32.0 + diff --git a/poky/meta/recipes-devtools/gcc/gcc/0002-aarch64-add-armv9-a-to-march.patch b/poky/meta/recipes-devtools/gcc/gcc/0002-aarch64-add-armv9-a-to-march.patch new file mode 100644 index 0000000000..2b1c17f53e --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0002-aarch64-add-armv9-a-to-march.patch @@ -0,0 +1,89 @@ +From d3cf45d15b2fabc767b2d10a0c6bb9fb845e4f99 Mon Sep 17 00:00:00 2001 +From: Przemyslaw Wirkus <przemyslaw.wirkus@arm.com> +Date: Fri, 1 Oct 2021 10:06:45 +0100 +Subject: [PATCH 2/4] aarch64: add armv9-a to -march + +commit f0688d42c9b74a6999548ff2e79ae440b049b87f from upstream + +gcc/ChangeLog: + + * config/aarch64/aarch64-arches.def (AARCH64_ARCH): Added + armv9-a. + * config/aarch64/aarch64.h (AARCH64_FL_V9): New. + (AARCH64_FL_FOR_ARCH9): New flags for Armv9-A. + (AARCH64_ISA_V9): New ISA flag. + * doc/invoke.texi: Update docs. + +Upstream-Status: Backport +Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com> +--- + gcc/config/aarch64/aarch64-arches.def | 1 + + gcc/config/aarch64/aarch64.h | 5 +++++ + gcc/doc/invoke.texi | 3 +++ + 3 files changed, 9 insertions(+) + +diff --git a/gcc/config/aarch64/aarch64-arches.def b/gcc/config/aarch64/aarch64-arches.def +index b7497277b..c47ca622c 100644 +--- a/gcc/config/aarch64/aarch64-arches.def ++++ b/gcc/config/aarch64/aarch64-arches.def +@@ -38,5 +38,6 @@ AARCH64_ARCH("armv8.4-a", generic, 8_4A, 8, AARCH64_FL_FOR_ARCH8_4) + AARCH64_ARCH("armv8.5-a", generic, 8_5A, 8, AARCH64_FL_FOR_ARCH8_5) + AARCH64_ARCH("armv8.6-a", generic, 8_6A, 8, AARCH64_FL_FOR_ARCH8_6) + AARCH64_ARCH("armv8-r", generic, 8R , 8, AARCH64_FL_FOR_ARCH8_R) ++AARCH64_ARCH("armv9-a", generic, 9A , 9, AARCH64_FL_FOR_ARCH9) + + #undef AARCH64_ARCH +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index bfffbcd6a..b914bfb5c 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -230,6 +230,8 @@ extern unsigned aarch64_architecture_version; + + /* Pointer Authentication (PAUTH) extension. */ + #define AARCH64_FL_PAUTH (1ULL << 40) ++/* Armv9.0-A. */ ++#define AARCH64_FL_V9 (1ULL << 41) /* Armv9.0-A Architecture. */ + + /* Has FP and SIMD. */ + #define AARCH64_FL_FPSIMD (AARCH64_FL_FP | AARCH64_FL_SIMD) +@@ -257,6 +259,8 @@ extern unsigned aarch64_architecture_version; + | AARCH64_FL_I8MM | AARCH64_FL_BF16) + #define AARCH64_FL_FOR_ARCH8_R \ + (AARCH64_FL_FOR_ARCH8_4 | AARCH64_FL_V8_R) ++#define AARCH64_FL_FOR_ARCH9 \ ++ (AARCH64_FL_FOR_ARCH8_5 | AARCH64_FL_SVE | AARCH64_FL_SVE2 | AARCH64_FL_V9) + + /* Macros to test ISA flags. */ + +@@ -295,6 +299,7 @@ extern unsigned aarch64_architecture_version; + #define AARCH64_ISA_SB (aarch64_isa_flags & AARCH64_FL_SB) + #define AARCH64_ISA_V8_R (aarch64_isa_flags & AARCH64_FL_V8_R) + #define AARCH64_ISA_PAUTH (aarch64_isa_flags & AARCH64_FL_PAUTH) ++#define AARCH64_ISA_V9 (aarch64_isa_flags & AARCH64_FL_V9) + + /* Crypto is an optional extension to AdvSIMD. */ + #define TARGET_CRYPTO (TARGET_SIMD && AARCH64_ISA_CRYPTO) +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +index c47cfd472..7184a62d0 100644 +--- a/gcc/doc/invoke.texi ++++ b/gcc/doc/invoke.texi +@@ -18270,6 +18270,8 @@ and the features that they enable by default: + @item @samp{armv8.4-a} @tab Armv8.4-A @tab @samp{armv8.3-a}, @samp{+flagm}, @samp{+fp16fml}, @samp{+dotprod} + @item @samp{armv8.5-a} @tab Armv8.5-A @tab @samp{armv8.4-a}, @samp{+sb}, @samp{+ssbs}, @samp{+predres} + @item @samp{armv8.6-a} @tab Armv8.6-A @tab @samp{armv8.5-a}, @samp{+bf16}, @samp{+i8mm} ++@item @samp{armv8.7-a} @tab Armv8.7-A @tab @samp{armv8.6-a}, @samp{+ls64} ++@item @samp{armv9-a} @tab Armv9-A @tab @samp{armv8.5-a}, @samp{+sve}, @samp{+sve2} + @item @samp{armv8-r} @tab Armv8-R @tab @samp{armv8-r} + @end multitable + +@@ -19692,6 +19694,7 @@ Permissible names are: + @samp{armv8.4-a}, + @samp{armv8.5-a}, + @samp{armv8.6-a}, ++@samp{armv9-a}, + @samp{armv7-r}, + @samp{armv8-r}, + @samp{armv6-m}, @samp{armv6s-m}, +-- +2.32.0 + diff --git a/poky/meta/recipes-devtools/gcc/gcc/0003-aarch64-Enable-FP16-feature-by-default-for-Armv9.patch b/poky/meta/recipes-devtools/gcc/gcc/0003-aarch64-Enable-FP16-feature-by-default-for-Armv9.patch new file mode 100644 index 0000000000..2e85384b43 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0003-aarch64-Enable-FP16-feature-by-default-for-Armv9.patch @@ -0,0 +1,38 @@ +From 49bfa1927813ae898dfa4e0d2bbde033c353e3dc Mon Sep 17 00:00:00 2001 +From: Andre Vieira <andre.simoesdiasvieira@arm.com> +Date: Tue, 22 Mar 2022 11:44:06 +0000 +Subject: [PATCH 3/4] aarch64: Enable FP16 feature by default for Armv9 + +commit 0bae246acc758d4b11dd575b05207fd69169109b from upstream + +This patch adds the feature bit for FP16 to the feature set for Armv9 since +Armv9 requires SVE to be implemented and SVE requires FP16 to be implemented. + +2022-03-22 Andre Vieira <andre.simoesdiasvieira@arm.com> + + * config/aarch64/aarch64.h (AARCH64_FL_FOR_ARCH9): Add FP16 feature + bit. + +Upstream-Status: Backport +Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com> +--- + gcc/config/aarch64/aarch64.h | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index b914bfb5c..55b60d540 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -260,7 +260,8 @@ extern unsigned aarch64_architecture_version; + #define AARCH64_FL_FOR_ARCH8_R \ + (AARCH64_FL_FOR_ARCH8_4 | AARCH64_FL_V8_R) + #define AARCH64_FL_FOR_ARCH9 \ +- (AARCH64_FL_FOR_ARCH8_5 | AARCH64_FL_SVE | AARCH64_FL_SVE2 | AARCH64_FL_V9) ++ (AARCH64_FL_FOR_ARCH8_5 | AARCH64_FL_SVE | AARCH64_FL_SVE2 | AARCH64_FL_V9 \ ++ | AARCH64_FL_F16) + + /* Macros to test ISA flags. */ + +-- +2.32.0 + diff --git a/poky/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch b/poky/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch new file mode 100644 index 0000000000..c38d1b9119 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0004-arm-add-armv9-a-architecture-to-march.patch @@ -0,0 +1,294 @@ +From e66a37acae62236611f951e706e9a2bfbd753f39 Mon Sep 17 00:00:00 2001 +From: Przemyslaw Wirkus <przemyslaw.wirkus@arm.com> +Date: Tue, 9 Nov 2021 09:40:05 +0000 +Subject: [PATCH 4/4] arm: add armv9-a architecture to -march + +commit 32ba7860ccaddd5219e6dae94a3d0653e124c9dd from upstream + +In this patch: + + Add `armv9-a` to -march. + + Update multilib with armv9-a and armv9-a+simd. + +gcc/ChangeLog: + + * config/arm/arm-cpus.in (armv9): New define. + (ARMv9a): New group. + (armv9-a): New arch definition. + * config/arm/arm-tables.opt: Regenerate. + * config/arm/arm.h (BASE_ARCH_9A): New arch enum value. + * config/arm/t-aprofile: Added armv9-a and armv9+simd. + * config/arm/t-arm-elf: Added arm9-a, v9_fps and all_v9_archs + to MULTILIB_MATCHES. + * config/arm/t-multilib: Added v9_a_nosimd_variants and + v9_a_simd_variants to MULTILIB_MATCHES. + * doc/invoke.texi: Update docs. + +gcc/testsuite/ChangeLog: + + * gcc.target/arm/multilib.exp: Update test with armv9-a entries. + * lib/target-supports.exp (v9a): Add new armflag. + (__ARM_ARCH_9A__): Add new armdef. + +Upstream-Status: Backport +Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com> +--- + gcc/config/arm/arm-cpus.in | 19 +++++++++++++++++ + gcc/config/arm/arm-tables.opt | 7 +++++-- + gcc/config/arm/arm.h | 3 ++- + gcc/config/arm/t-aprofile | 25 +++++++++++++++++++---- + gcc/config/arm/t-arm-elf | 9 ++++++++ + gcc/config/arm/t-multilib | 12 +++++++++++ + gcc/doc/invoke.texi | 1 + + gcc/testsuite/gcc.target/arm/multilib.exp | 8 ++++++++ + gcc/testsuite/lib/target-supports.exp | 3 ++- + 9 files changed, 79 insertions(+), 8 deletions(-) + +diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in +index bcc9ebe9f..58d83829c 100644 +--- a/gcc/config/arm/arm-cpus.in ++++ b/gcc/config/arm/arm-cpus.in +@@ -132,6 +132,9 @@ define feature cmse + # Architecture rel 8.1-M. + define feature armv8_1m_main + ++# Architecture rel 9.0. ++define feature armv9 ++ + # Floating point and Neon extensions. + # VFPv1 is not supported in GCC. + +@@ -293,6 +296,7 @@ define fgroup ARMv8m_base ARMv6m armv8 cmse tdiv + define fgroup ARMv8m_main ARMv7m armv8 cmse + define fgroup ARMv8r ARMv8a + define fgroup ARMv8_1m_main ARMv8m_main armv8_1m_main ++define fgroup ARMv9a ARMv8_5a armv9 + + # Useful combinations. + define fgroup VFPv2 vfpv2 +@@ -751,6 +755,21 @@ begin arch armv8.1-m.main + option cdecp7 add cdecp7 + end arch armv8.1-m.main + ++begin arch armv9-a ++ tune for cortex-a53 ++ tune flags CO_PROC ++ base 9A ++ profile A ++ isa ARMv9a ++ option simd add FP_ARMv8 DOTPROD ++ option fp16 add fp16 fp16fml FP_ARMv8 DOTPROD ++ option crypto add FP_ARMv8 CRYPTO DOTPROD ++ option nocrypto remove ALL_CRYPTO ++ option nofp remove ALL_FP ++ option i8mm add i8mm FP_ARMv8 DOTPROD ++ option bf16 add bf16 FP_ARMv8 DOTPROD ++end arch armv9-a ++ + begin arch iwmmxt + tune for iwmmxt + tune flags LDSCHED STRONG XSCALE +diff --git a/gcc/config/arm/arm-tables.opt b/gcc/config/arm/arm-tables.opt +index 5692d4fb7..ae3dd9414 100644 +--- a/gcc/config/arm/arm-tables.opt ++++ b/gcc/config/arm/arm-tables.opt +@@ -380,10 +380,13 @@ EnumValue + Enum(arm_arch) String(armv8.1-m.main) Value(30) + + EnumValue +-Enum(arm_arch) String(iwmmxt) Value(31) ++Enum(arm_arch) String(armv9-a) Value(31) + + EnumValue +-Enum(arm_arch) String(iwmmxt2) Value(32) ++Enum(arm_arch) String(iwmmxt) Value(32) ++ ++EnumValue ++Enum(arm_arch) String(iwmmxt2) Value(33) + + Enum + Name(arm_fpu) Type(enum fpu_type) +diff --git a/gcc/config/arm/arm.h b/gcc/config/arm/arm.h +index 47c13a9e5..088c7725c 100644 +--- a/gcc/config/arm/arm.h ++++ b/gcc/config/arm/arm.h +@@ -456,7 +456,8 @@ enum base_architecture + BASE_ARCH_8A = 8, + BASE_ARCH_8M_BASE = 8, + BASE_ARCH_8M_MAIN = 8, +- BASE_ARCH_8R = 8 ++ BASE_ARCH_8R = 8, ++ BASE_ARCH_9A = 9 + }; + + /* The major revision number of the ARM Architecture implemented by the target. */ +diff --git a/gcc/config/arm/t-aprofile b/gcc/config/arm/t-aprofile +index 8574ac3e2..68e2251c7 100644 +--- a/gcc/config/arm/t-aprofile ++++ b/gcc/config/arm/t-aprofile +@@ -26,8 +26,8 @@ + + # Arch and FPU variants to build libraries with + +-MULTI_ARCH_OPTS_A = march=armv7-a/march=armv7-a+fp/march=armv7-a+simd/march=armv7ve+simd/march=armv8-a/march=armv8-a+simd +-MULTI_ARCH_DIRS_A = v7-a v7-a+fp v7-a+simd v7ve+simd v8-a v8-a+simd ++MULTI_ARCH_OPTS_A = march=armv7-a/march=armv7-a+fp/march=armv7-a+simd/march=armv7ve+simd/march=armv8-a/march=armv8-a+simd/march=armv9-a/march=armv9-a+simd ++MULTI_ARCH_DIRS_A = v7-a v7-a+fp v7-a+simd v7ve+simd v8-a v8-a+simd v9-a v9-a+simd + + # ARMv7-A - build nofp, fp-d16 and SIMD variants + +@@ -46,6 +46,11 @@ MULTILIB_REQUIRED += mthumb/march=armv8-a/mfloat-abi=soft + MULTILIB_REQUIRED += mthumb/march=armv8-a+simd/mfloat-abi=hard + MULTILIB_REQUIRED += mthumb/march=armv8-a+simd/mfloat-abi=softfp + ++# Armv9-A - build nofp and SIMD variants. ++MULTILIB_REQUIRED += mthumb/march=armv9-a/mfloat-abi=soft ++MULTILIB_REQUIRED += mthumb/march=armv9-a+simd/mfloat-abi=hard ++MULTILIB_REQUIRED += mthumb/march=armv9-a+simd/mfloat-abi=softfp ++ + # Matches + + # Arch Matches +@@ -129,17 +134,29 @@ MULTILIB_MATCHES += march?armv8-a=march?armv8.6-a + MULTILIB_MATCHES += $(foreach ARCH, $(v8_6_a_simd_variants), \ + march?armv8-a+simd=march?armv8.6-a$(ARCH)) + ++# Armv9 without SIMD: map down to base architecture ++MULTILIB_MATCHES += $(foreach ARCH, $(v9_a_nosimd_variants), \ ++ march?armv9-a=march?armv9-a$(ARCH)) ++ ++# Armv9 with SIMD: map down to base arch + simd ++MULTILIB_MATCHES += march?armv9-a+simd=march?armv9-a+crc+simd \ ++ $(foreach ARCH, $(filter-out +simd, $(v9_a_simd_variants)), \ ++ march?armv9-a+simd=march?armv9-a$(ARCH) \ ++ march?armv9-a+simd=march?armv9-a+crc$(ARCH)) ++ + # Use Thumb libraries for everything. + + MULTILIB_REUSE += mthumb/march.armv7-a/mfloat-abi.soft=marm/march.armv7-a/mfloat-abi.soft + + MULTILIB_REUSE += mthumb/march.armv8-a/mfloat-abi.soft=marm/march.armv8-a/mfloat-abi.soft + ++MULTILIB_REUSE += mthumb/march.armv9-a/mfloat-abi.soft=marm/march.armv9-a/mfloat-abi.soft ++ + MULTILIB_REUSE += $(foreach ABI, hard softfp, \ +- $(foreach ARCH, armv7-a+fp armv7-a+simd armv7ve+simd armv8-a+simd, \ ++ $(foreach ARCH, armv7-a+fp armv7-a+simd armv7ve+simd armv8-a+simd armv9-a+simd, \ + mthumb/march.$(ARCH)/mfloat-abi.$(ABI)=marm/march.$(ARCH)/mfloat-abi.$(ABI))) + + # Softfp but no FP, use the soft-float libraries. + MULTILIB_REUSE += $(foreach MODE, arm thumb, \ +- $(foreach ARCH, armv7-a armv8-a, \ ++ $(foreach ARCH, armv7-a armv8-a armv9-a, \ + mthumb/march.$(ARCH)/mfloat-abi.soft=m$(MODE)/march.$(ARCH)/mfloat-abi.softfp)) +diff --git a/gcc/config/arm/t-arm-elf b/gcc/config/arm/t-arm-elf +index d68def308..b3a900e8c 100644 +--- a/gcc/config/arm/t-arm-elf ++++ b/gcc/config/arm/t-arm-elf +@@ -38,6 +38,8 @@ v7ve_fps := vfpv3-d16 vfpv3 vfpv3-d16-fp16 vfpv3-fp16 vfpv4 neon \ + # it seems to work ok. + v8_fps := simd fp16 crypto fp16+crypto dotprod fp16fml + ++v9_fps := simd fp16 crypto fp16+crypto dotprod fp16fml ++ + # We don't do anything special with these. Pre-v4t probably doesn't work. + all_early_nofp := armv4 armv4t armv5t + +@@ -49,6 +51,8 @@ all_v7_a_r := armv7-a armv7ve armv7-r + all_v8_archs := armv8-a armv8-a+crc armv8.1-a armv8.2-a armv8.3-a armv8.4-a \ + armv8.5-a armv8.6-a + ++all_v9_archs := armv9-a ++ + # No floating point variants, require thumb1 softfp + all_nofp_t := armv6-m armv6s-m armv8-m.base + +@@ -110,6 +114,11 @@ MULTILIB_MATCHES += $(foreach ARCH, $(all_v8_archs), \ + $(foreach FPARCH, $(v8_fps), \ + march?armv7+fp=march?$(ARCH)+$(FPARCH))) + ++MULTILIB_MATCHES += $(foreach ARCH, $(all_v9_archs), \ ++ march?armv7+fp=march?$(ARCH) \ ++ $(foreach FPARCH, $(v9_fps), \ ++ march?armv7+fp=march?$(ARCH)+$(FPARCH))) ++ + MULTILIB_MATCHES += $(foreach ARCH, armv7e-m armv8-m.mainline, \ + march?armv7+fp=march?$(ARCH)+fp.dp) + +diff --git a/gcc/config/arm/t-multilib b/gcc/config/arm/t-multilib +index ddc5033bf..d789b86ee 100644 +--- a/gcc/config/arm/t-multilib ++++ b/gcc/config/arm/t-multilib +@@ -78,6 +78,8 @@ v8_4_a_simd_variants := $(call all_feat_combs, simd fp16 crypto i8mm bf16) + v8_5_a_simd_variants := $(call all_feat_combs, simd fp16 crypto i8mm bf16) + v8_6_a_simd_variants := $(call all_feat_combs, simd fp16 crypto i8mm bf16) + v8_r_nosimd_variants := +crc ++v9_a_nosimd_variants := +crc ++v9_a_simd_variants := $(call all_feat_combs, simd fp16 crypto i8mm bf16) + + ifneq (,$(HAS_APROFILE)) + include $(srcdir)/config/arm/t-aprofile +@@ -202,6 +204,16 @@ MULTILIB_MATCHES += march?armv7=march?armv8.6-a + MULTILIB_MATCHES += $(foreach ARCH, $(v8_6_a_simd_variants), \ + march?armv7+fp=march?armv8.6-a$(ARCH)) + ++# Armv9 ++MULTILIB_MATCHES += march?armv7=march?armv9-a ++MULTILIB_MATCHES += $(foreach ARCH, $(v9_a_nosimd_variants), \ ++ march?armv7=march?armv9-a$(ARCH)) ++ ++# Armv9 with SIMD ++MULTILIB_MATCHES += march?armv7+fp=march?armv9-a+crc+simd \ ++ $(foreach ARCH, $(v9_a_simd_variants), \ ++ march?armv7+fp=march?armv9-a$(ARCH) \ ++ march?armv7+fp=march?armv9-a+crc$(ARCH)) + endif # Not APROFILE. + + # Use Thumb libraries for everything. +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +index 7184a62d0..9a712c0d6 100644 +--- a/gcc/doc/invoke.texi ++++ b/gcc/doc/invoke.texi +@@ -19701,6 +19701,7 @@ Permissible names are: + @samp{armv7-m}, @samp{armv7e-m}, + @samp{armv8-m.base}, @samp{armv8-m.main}, + @samp{armv8.1-m.main}, ++@samp{armv9-a}, + @samp{iwmmxt} and @samp{iwmmxt2}. + + Additionally, the following architectures, which lack support for the +diff --git a/gcc/testsuite/gcc.target/arm/multilib.exp b/gcc/testsuite/gcc.target/arm/multilib.exp +index 4b30025db..e3f06c316 100644 +--- a/gcc/testsuite/gcc.target/arm/multilib.exp ++++ b/gcc/testsuite/gcc.target/arm/multilib.exp +@@ -135,6 +135,14 @@ if {[multilib_config "aprofile"] } { + {-march=armv8.6-a+simd+fp16 -mfloat-abi=softfp} "thumb/v8-a+simd/softfp" + {-march=armv8.6-a+simd+fp16+nofp -mfloat-abi=softfp} "thumb/v8-a/nofp" + {-march=armv8.6-a+simd+nofp+fp16 -mfloat-abi=softfp} "thumb/v8-a+simd/softfp" ++ {-march=armv9-a+crypto -mfloat-abi=soft} "thumb/v9-a/nofp" ++ {-march=armv9-a+simd+crypto -mfloat-abi=softfp} "thumb/v9-a+simd/softfp" ++ {-march=armv9-a+simd+crypto+nofp -mfloat-abi=softfp} "thumb/v9-a/nofp" ++ {-march=armv9-a+simd+nofp+crypto -mfloat-abi=softfp} "thumb/v9-a+simd/softfp" ++ {-march=armv9-a+fp16 -mfloat-abi=soft} "thumb/v9-a/nofp" ++ {-march=armv9-a+simd+fp16 -mfloat-abi=softfp} "thumb/v9-a+simd/softfp" ++ {-march=armv9-a+simd+fp16+nofp -mfloat-abi=softfp} "thumb/v9-a/nofp" ++ {-march=armv9-a+simd+nofp+fp16 -mfloat-abi=softfp} "thumb/v9-a+simd/softfp" + {-mcpu=cortex-a53+crypto -mfloat-abi=hard} "thumb/v8-a+simd/hard" + {-mcpu=cortex-a53+nofp -mfloat-abi=softfp} "thumb/v8-a/nofp" + {-march=armv8-a+crc -mfloat-abi=hard -mfpu=vfp} "thumb/v8-a+simd/hard" +diff --git a/gcc/testsuite/lib/target-supports.exp b/gcc/testsuite/lib/target-supports.exp +index 857e57218..52e043917 100644 +--- a/gcc/testsuite/lib/target-supports.exp ++++ b/gcc/testsuite/lib/target-supports.exp +@@ -4820,7 +4820,8 @@ foreach { armfunc armflag armdefs } { + v8m_base "-march=armv8-m.base -mthumb -mfloat-abi=soft" + __ARM_ARCH_8M_BASE__ + v8m_main "-march=armv8-m.main -mthumb" __ARM_ARCH_8M_MAIN__ +- v8_1m_main "-march=armv8.1-m.main -mthumb" __ARM_ARCH_8M_MAIN__ } { ++ v8_1m_main "-march=armv8.1-m.main -mthumb" __ARM_ARCH_8M_MAIN__ ++ v9a "-march=armv9-a" __ARM_ARCH_9A__ } { + eval [string map [list FUNC $armfunc FLAG $armflag DEFS $armdefs ] { + proc check_effective_target_arm_arch_FUNC_ok { } { + return [check_no_compiler_messages arm_arch_FUNC_ok assembly { +-- +2.34.1 + diff --git a/poky/meta/recipes-devtools/go/go-1.17.12.inc b/poky/meta/recipes-devtools/go/go-1.17.13.inc index 77a983f9d0..b18de66f42 100644 --- a/poky/meta/recipes-devtools/go/go-1.17.12.inc +++ b/poky/meta/recipes-devtools/go/go-1.17.13.inc @@ -16,8 +16,9 @@ SRC_URI += "\ file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \ file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ + file://CVE-2022-27664.patch \ " -SRC_URI[main.sha256sum] = "0d51b5b3f280c0f01f534598c0219db5878f337da6137a9ee698777413607209" +SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd" # Upstream don't believe it is a signifiant real world issue and will only # fix in 1.17 onwards where we can drop this. diff --git a/poky/meta/recipes-devtools/go/go-1.18/CVE-2022-27664.patch b/poky/meta/recipes-devtools/go/go-1.18/CVE-2022-27664.patch new file mode 100644 index 0000000000..fba4f054ee --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.18/CVE-2022-27664.patch @@ -0,0 +1,102 @@ +From 5bc9106458fc07851ac324a4157132a91b1f3479 Mon Sep 17 00:00:00 2001 +From: Damien Neil <dneil@google.com> +Date: Mon, 22 Aug 2022 16:21:02 -0700 +Subject: [PATCH] [release-branch.go1.18] net/http: update bundled + golang.org/x/net/http2 + +Disable cmd/internal/moddeps test, since this update includes PRIVATE +track fixes. + +Fixes CVE-2022-27664 +Fixes #53977 +For #54658. + +Change-Id: I84b0b8f61e49e15ef55ef8d738730107a3cf849b +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1554415 +Reviewed-by: Roland Shoemaker <bracewell@google.com> +Reviewed-by: Tatiana Bradley <tatianabradley@google.com> +Reviewed-on: https://go-review.googlesource.com/c/go/+/428635 +Reviewed-by: Tatiana Bradley <tatiana@golang.org> +Run-TryBot: Michael Knyszek <mknyszek@google.com> +TryBot-Result: Gopher Robot <gobot@golang.org> +Reviewed-by: Carlos Amedee <carlos@golang.org> + +Upstream-Status: Backport +CVE: CVE-2022-27664 + +Reference to upstream patch: https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 +Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com> +--- + src/cmd/internal/moddeps/moddeps_test.go | 2 ++ + src/net/http/h2_bundle.go | 21 +++++++++++++-------- + 2 files changed, 15 insertions(+), 8 deletions(-) + +diff --git a/src/cmd/internal/moddeps/moddeps_test.go b/src/cmd/internal/moddeps/moddeps_test.go +index 56c3b2585c..3306e29431 100644 +--- a/src/cmd/internal/moddeps/moddeps_test.go ++++ b/src/cmd/internal/moddeps/moddeps_test.go +@@ -34,6 +34,8 @@ import ( + // See issues 36852, 41409, and 43687. + // (Also see golang.org/issue/27348.) + func TestAllDependencies(t *testing.T) { ++ t.Skip("TODO(#53977): 1.18.5 contains unreleased changes from vendored modules") ++ + goBin := testenv.GoToolPath(t) + + // Ensure that all packages imported within GOROOT +diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go +index bb82f24585..1e78f6cdb9 100644 +--- a/src/net/http/h2_bundle.go ++++ b/src/net/http/h2_bundle.go +@@ -3384,10 +3384,11 @@ func (s http2SettingID) String() string { + // name (key). See httpguts.ValidHeaderName for the base rules. + // + // Further, http2 says: +-// "Just as in HTTP/1.x, header field names are strings of ASCII +-// characters that are compared in a case-insensitive +-// fashion. However, header field names MUST be converted to +-// lowercase prior to their encoding in HTTP/2. " ++// ++// "Just as in HTTP/1.x, header field names are strings of ASCII ++// characters that are compared in a case-insensitive ++// fashion. However, header field names MUST be converted to ++// lowercase prior to their encoding in HTTP/2. " + func http2validWireHeaderFieldName(v string) bool { + if len(v) == 0 { + return false +@@ -3578,8 +3579,8 @@ func (s *http2sorter) SortStrings(ss []string) { + // validPseudoPath reports whether v is a valid :path pseudo-header + // value. It must be either: + // +-// *) a non-empty string starting with '/' +-// *) the string '*', for OPTIONS requests. ++// *) a non-empty string starting with '/' ++// *) the string '*', for OPTIONS requests. + // + // For now this is only used a quick check for deciding when to clean + // up Opaque URLs before sending requests from the Transport. +@@ -5053,6 +5054,9 @@ func (sc *http2serverConn) startGracefulShutdownInternal() { + func (sc *http2serverConn) goAway(code http2ErrCode) { + sc.serveG.check() + if sc.inGoAway { ++ if sc.goAwayCode == http2ErrCodeNo { ++ sc.goAwayCode = code ++ } + return + } + sc.inGoAway = true +@@ -6265,8 +6269,9 @@ func (rws *http2responseWriterState) writeChunk(p []byte) (n int, err error) { + // prior to the headers being written. If the set of trailers is fixed + // or known before the header is written, the normal Go trailers mechanism + // is preferred: +-// https://golang.org/pkg/net/http/#ResponseWriter +-// https://golang.org/pkg/net/http/#example_ResponseWriter_trailers ++// ++// https://golang.org/pkg/net/http/#ResponseWriter ++// https://golang.org/pkg/net/http/#example_ResponseWriter_trailers + const http2TrailerPrefix = "Trailer:" + + // promoteUndeclaredTrailers permits http.Handlers to set trailers +-- +2.36.1 + diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.17.12.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.17.13.bb index b034950721..4ee0148417 100644 --- a/poky/meta/recipes-devtools/go/go-binary-native_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go-binary-native_1.17.13.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" PROVIDES = "go-native" SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "6e5203fbdcade4aa4331e441fd2e1db8444681a6a6c72886a37ddd11caa415d4" -SRC_URI[go_linux_arm64.sha256sum] = "74a4832d0f150a2d768a6781553494ba84152e854ebef743c4092cd9d1f66a9f" +SRC_URI[go_linux_amd64.sha256sum] = "4cdd2bc664724dc7db94ad51b503512c5ae7220951cac568120f64f8e94399fc" +SRC_URI[go_linux_arm64.sha256sum] = "914daad3f011cc2014dea799bb7490442677e4ad6de0b2ac3ded6cee7e3f493d" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.12.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.13.bb index 7ac9449e47..7ac9449e47 100644 --- a/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.13.bb diff --git a/poky/meta/recipes-devtools/go/go-cross_1.17.12.bb b/poky/meta/recipes-devtools/go/go-cross_1.17.13.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/poky/meta/recipes-devtools/go/go-cross_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go-cross_1.17.13.bb diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.17.12.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.17.13.bb index 1857c8a577..1857c8a577 100644 --- a/poky/meta/recipes-devtools/go/go-crosssdk_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go-crosssdk_1.17.13.bb diff --git a/poky/meta/recipes-devtools/go/go-native_1.17.12.bb b/poky/meta/recipes-devtools/go/go-native_1.17.13.bb index 76c0ab73a6..ddf25b2c9b 100644 --- a/poky/meta/recipes-devtools/go/go-native_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go-native_1.17.13.bb @@ -5,7 +5,7 @@ require go-${PV}.inc inherit native -SRC_URI:append = " https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4" +SRC_URI += "https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4" SRC_URI[bootstrap.sha256sum] = "f4ff5b5eb3a3cae1c993723f3eab519c5bae18866b5e5f96fe1102f0cb5c3e52" export GOOS = "${BUILD_GOOS}" diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.17.12.bb b/poky/meta/recipes-devtools/go/go-runtime_1.17.13.bb index 63464a1501..63464a1501 100644 --- a/poky/meta/recipes-devtools/go/go-runtime_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go-runtime_1.17.13.bb diff --git a/poky/meta/recipes-devtools/go/go_1.17.12.bb b/poky/meta/recipes-devtools/go/go_1.17.13.bb index 34dc89bb0c..34dc89bb0c 100644 --- a/poky/meta/recipes-devtools/go/go_1.17.12.bb +++ b/poky/meta/recipes-devtools/go/go_1.17.13.bb diff --git a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb index e7ef6a730c..c34580b4ff 100644 --- a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -13,7 +13,7 @@ SRC_URI:append:class-nativesdk = " \ file://older-glibc-symbols.patch" SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "2b4b88eb513335b0ece55fe51854693d9b20de35" +SRCREV = "c9670c27ff67ab899007ce749254b16091577e55" S = "${WORKDIR}/git" PV = "1.9.0+git${SRCPV}" diff --git a/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb b/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb index 09a305edf8..6e28b87ba3 100644 --- a/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb +++ b/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb @@ -55,6 +55,8 @@ RDEPENDS:${PN} = "\ python3-unixadmin \ python3-xmlrpc \ python3-pickle \ + python3-distutils \ + python3-image \ " BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb b/poky/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb index 4abd181acf..e374979cb4 100644 --- a/poky/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb +++ b/poky/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb @@ -13,7 +13,7 @@ UPSTREAM_CHECK_REGEX = "/rfc3986-validator/(?P<pver>(\d+[\.\-_]*)+)/" inherit pypi setuptools3 -SRC_URI:append = " \ +SRC_URI += "\ file://0001-setup.py-move-pytest-runner-to-test_requirements.patch \ " diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index 54a68e1730..a493ac8add 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -36,6 +36,13 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2021-4206.patch \ file://CVE-2021-4207.patch \ file://CVE-2022-35414.patch \ + file://CVE-2021-3507_1.patch \ + file://CVE-2021-3507_2.patch \ + file://CVE-2021-3929.patch \ + file://CVE-2021-4158.patch \ + file://CVE-2022-0358.patch \ + file://CVE-2022-0216_1.patch \ + file://CVE-2022-0216_2.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3507_1.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3507_1.patch new file mode 100644 index 0000000000..4201610f4d --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3507_1.patch @@ -0,0 +1,92 @@ +From 963ac2cd5186b28fbfdecd15ac43afe1dbaf871a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com> +Date: Thu, 18 Nov 2021 12:57:32 +0100 +Subject: [PATCH 1/2] hw/block/fdc: Prevent end-of-track overrun + (CVE-2021-3507) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Per the 82078 datasheet, if the end-of-track (EOT byte in +the FIFO) is more than the number of sectors per side, the +command is terminated unsuccessfully: + +* 5.2.5 DATA TRANSFER TERMINATION + + The 82078 supports terminal count explicitly through + the TC pin and implicitly through the underrun/over- + run and end-of-track (EOT) functions. For full sector + transfers, the EOT parameter can define the last + sector to be transferred in a single or multisector + transfer. If the last sector to be transferred is a par- + tial sector, the host can stop transferring the data in + mid-sector, and the 82078 will continue to complete + the sector as if a hardware TC was received. The + only difference between these implicit functions and + TC is that they return "abnormal termination" result + status. Such status indications can be ignored if they + were expected. + +* 6.1.3 READ TRACK + + This command terminates when the EOT specified + number of sectors have been read. If the 82078 + does not find an I D Address Mark on the diskette + after the second· occurrence of a pulse on the + INDX# pin, then it sets the IC code in Status Regis- + ter 0 to "01" (Abnormal termination), sets the MA bit + in Status Register 1 to "1", and terminates the com- + mand. + +* 6.1.6 VERIFY + + Refer to Table 6-6 and Table 6-7 for information + concerning the values of MT and EC versus SC and + EOT value. + +* Table 6·6. Result Phase Table + +* Table 6-7. Verify Command Result Phase Table + +Fix by aborting the transfer when EOT > # Sectors Per Side. + +Cc: qemu-stable@nongnu.org +Cc: Hervé Poussineau <hpoussin@reactos.org> +Fixes: baca51faff0 ("floppy driver: disk geometry auto detect") +Reported-by: Alexander Bulekov <alxndr@bu.edu> +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/339 +Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Message-Id: <20211118115733.4038610-2-philmd@redhat.com> +Reviewed-by: Hanna Reitz <hreitz@redhat.com> +Signed-off-by: Kevin Wolf <kwolf@redhat.com> + +Upstream-Status: Backport [defac5e2fbddf8423a354ff0454283a2115e1367] +CVE: CVE-2021-3507 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/block/fdc.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/hw/block/fdc.c b/hw/block/fdc.c +index 21d18ac2e..24b05406e 100644 +--- a/hw/block/fdc.c ++++ b/hw/block/fdc.c +@@ -1529,6 +1529,14 @@ static void fdctrl_start_transfer(FDCtrl *fdctrl, int direction) + int tmp; + fdctrl->data_len = 128 << (fdctrl->fifo[5] > 7 ? 7 : fdctrl->fifo[5]); + tmp = (fdctrl->fifo[6] - ks + 1); ++ if (tmp < 0) { ++ FLOPPY_DPRINTF("invalid EOT: %d\n", tmp); ++ fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, FD_SR1_MA, 0x00); ++ fdctrl->fifo[3] = kt; ++ fdctrl->fifo[4] = kh; ++ fdctrl->fifo[5] = ks; ++ return; ++ } + if (fdctrl->fifo[0] & 0x80) + tmp += fdctrl->fifo[6]; + fdctrl->data_len *= tmp; +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3507_2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3507_2.patch new file mode 100644 index 0000000000..9f00d9c0d0 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3507_2.patch @@ -0,0 +1,115 @@ +From ec5725982f811d9728ad1f9940df0e9349397e67 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com> +Date: Thu, 18 Nov 2021 12:57:33 +0100 +Subject: [PATCH 2/2] tests/qtest/fdc-test: Add a regression test for + CVE-2021-3507 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add the reproducer from https://gitlab.com/qemu-project/qemu/-/issues/339 + +Without the previous commit, when running 'make check-qtest-i386' +with QEMU configured with '--enable-sanitizers' we get: + + ==4028352==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000062a00 at pc 0x5626d03c491a bp 0x7ffdb4199410 sp 0x7ffdb4198bc0 + READ of size 786432 at 0x619000062a00 thread T0 + #0 0x5626d03c4919 in __asan_memcpy (qemu-system-i386+0x1e65919) + #1 0x5626d1c023cc in flatview_write_continue softmmu/physmem.c:2787:13 + #2 0x5626d1bf0c0f in flatview_write softmmu/physmem.c:2822:14 + #3 0x5626d1bf0798 in address_space_write softmmu/physmem.c:2914:18 + #4 0x5626d1bf0f37 in address_space_rw softmmu/physmem.c:2924:16 + #5 0x5626d1bf14c8 in cpu_physical_memory_rw softmmu/physmem.c:2933:5 + #6 0x5626d0bd5649 in cpu_physical_memory_write include/exec/cpu-common.h:82:5 + #7 0x5626d0bd0a07 in i8257_dma_write_memory hw/dma/i8257.c:452:9 + #8 0x5626d09f825d in fdctrl_transfer_handler hw/block/fdc.c:1616:13 + #9 0x5626d0a048b4 in fdctrl_start_transfer hw/block/fdc.c:1539:13 + #10 0x5626d09f4c3e in fdctrl_write_data hw/block/fdc.c:2266:13 + #11 0x5626d09f22f7 in fdctrl_write hw/block/fdc.c:829:9 + #12 0x5626d1c20bc5 in portio_write softmmu/ioport.c:207:17 + + 0x619000062a00 is located 0 bytes to the right of 512-byte region [0x619000062800,0x619000062a00) + allocated by thread T0 here: + #0 0x5626d03c66ec in posix_memalign (qemu-system-i386+0x1e676ec) + #1 0x5626d2b988d4 in qemu_try_memalign util/oslib-posix.c:210:11 + #2 0x5626d2b98b0c in qemu_memalign util/oslib-posix.c:226:27 + #3 0x5626d09fbaf0 in fdctrl_realize_common hw/block/fdc.c:2341:20 + #4 0x5626d0a150ed in isabus_fdc_realize hw/block/fdc-isa.c:113:5 + #5 0x5626d2367935 in device_set_realized hw/core/qdev.c:531:13 + + SUMMARY: AddressSanitizer: heap-buffer-overflow (qemu-system-i386+0x1e65919) in __asan_memcpy + Shadow bytes around the buggy address: + 0x0c32800044f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x0c3280004500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 0x0c3280004510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 0x0c3280004520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 0x0c3280004530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + =>0x0c3280004540:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x0c3280004550: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x0c3280004560: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x0c3280004570: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x0c3280004580: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x0c3280004590: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd + Shadow byte legend (one shadow byte represents 8 application bytes): + Addressable: 00 + Heap left redzone: fa + Freed heap region: fd + ==4028352==ABORTING + +[ kwolf: Added snapshot=on to prevent write file lock failure ] + +Reported-by: Alexander Bulekov <alxndr@bu.edu> +Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Reviewed-by: Alexander Bulekov <alxndr@bu.edu> +Signed-off-by: Kevin Wolf <kwolf@redhat.com> + +Upstream-Status: Backport [46609b90d9e3a6304def11038a76b58ff43f77bc] +CVE: CVE-2021-3507 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + tests/qtest/fdc-test.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/tests/qtest/fdc-test.c b/tests/qtest/fdc-test.c +index 8f6eee84a..6f5850354 100644 +--- a/tests/qtest/fdc-test.c ++++ b/tests/qtest/fdc-test.c +@@ -583,6 +583,26 @@ static void test_cve_2021_20196(void) + qtest_quit(s); + } + ++static void test_cve_2021_3507(void) ++{ ++ QTestState *s; ++ ++ s = qtest_initf("-nographic -m 32M -nodefaults " ++ "-drive file=%s,format=raw,if=floppy,snapshot=on", ++ test_image); ++ qtest_outl(s, 0x9, 0x0a0206); ++ qtest_outw(s, 0x3f4, 0x1600); ++ qtest_outw(s, 0x3f4, 0x0000); ++ qtest_outw(s, 0x3f4, 0x0000); ++ qtest_outw(s, 0x3f4, 0x0000); ++ qtest_outw(s, 0x3f4, 0x0200); ++ qtest_outw(s, 0x3f4, 0x0200); ++ qtest_outw(s, 0x3f4, 0x0000); ++ qtest_outw(s, 0x3f4, 0x0000); ++ qtest_outw(s, 0x3f4, 0x0000); ++ qtest_quit(s); ++} ++ + int main(int argc, char **argv) + { + int fd; +@@ -614,6 +634,7 @@ int main(int argc, char **argv) + qtest_add_func("/fdc/read_no_dma_19", test_read_no_dma_19); + qtest_add_func("/fdc/fuzz-registers", fuzz_registers); + qtest_add_func("/fdc/fuzz/cve_2021_20196", test_cve_2021_20196); ++ qtest_add_func("/fdc/fuzz/cve_2021_3507", test_cve_2021_3507); + + ret = g_test_run(); + +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3929.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3929.patch new file mode 100644 index 0000000000..7555e5bc40 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3929.patch @@ -0,0 +1,70 @@ +From 12daeafc9868c1ebe482d580494f9e6d3d5c260f Mon Sep 17 00:00:00 2001 +From: Klaus Jensen <k.jensen@samsung.com> +Date: Fri, 17 Dec 2021 10:44:01 +0100 +Subject: [PATCH] hw/nvme: fix CVE-2021-3929 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This fixes CVE-2021-3929 "locally" by denying DMA to the iomem of the +device itself. This still allows DMA to MMIO regions of other devices +(e.g. doing P2P DMA to the controller memory buffer of another NVMe +device). + +Fixes: CVE-2021-3929 +Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com> +Reviewed-by: Keith Busch <kbusch@kernel.org> +Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> +Signed-off-by: Klaus Jensen <k.jensen@samsung.com> + +Upstream-Status: Backport [736b01642d85be832385063f278fe7cd4ffb5221] +CVE: CVE-2021-3929 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/nvme/ctrl.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c +index 5f573c417..eda52c6ac 100644 +--- a/hw/nvme/ctrl.c ++++ b/hw/nvme/ctrl.c +@@ -357,6 +357,24 @@ static inline void *nvme_addr_to_pmr(NvmeCtrl *n, hwaddr addr) + return memory_region_get_ram_ptr(&n->pmr.dev->mr) + (addr - n->pmr.cba); + } + ++static inline bool nvme_addr_is_iomem(NvmeCtrl *n, hwaddr addr) ++{ ++ hwaddr hi, lo; ++ ++ /* ++ * The purpose of this check is to guard against invalid "local" access to ++ * the iomem (i.e. controller registers). Thus, we check against the range ++ * covered by the 'bar0' MemoryRegion since that is currently composed of ++ * two subregions (the NVMe "MBAR" and the MSI-X table/pba). Note, however, ++ * that if the device model is ever changed to allow the CMB to be located ++ * in BAR0 as well, then this must be changed. ++ */ ++ lo = n->bar0.addr; ++ hi = lo + int128_get64(n->bar0.size); ++ ++ return addr >= lo && addr < hi; ++} ++ + static int nvme_addr_read(NvmeCtrl *n, hwaddr addr, void *buf, int size) + { + hwaddr hi = addr + size - 1; +@@ -614,6 +632,10 @@ static uint16_t nvme_map_addr(NvmeCtrl *n, NvmeSg *sg, hwaddr addr, size_t len) + + trace_pci_nvme_map_addr(addr, len); + ++ if (nvme_addr_is_iomem(n, addr)) { ++ return NVME_DATA_TRAS_ERROR; ++ } ++ + if (nvme_addr_is_cmb(n, addr)) { + cmb = true; + } else if (nvme_addr_is_pmr(n, addr)) { +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4158.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4158.patch new file mode 100644 index 0000000000..f6de53244f --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-4158.patch @@ -0,0 +1,46 @@ +From a0b64c6d078acb9bcfae600e22bf99a9a7deca7c Mon Sep 17 00:00:00 2001 +From: "Michael S. Tsirkin" <mst@redhat.com> +Date: Tue, 21 Dec 2021 09:45:44 -0500 +Subject: [PATCH] acpi: validate hotplug selector on access +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When bus is looked up on a pci write, we didn't +validate that the lookup succeeded. +Fuzzers thus can trigger QEMU crash by dereferencing the NULL +bus pointer. + +Fixes: b32bd763a1 ("pci: introduce acpi-index property for PCI device") +Fixes: CVE-2021-4158 +Cc: "Igor Mammedov" <imammedo@redhat.com> +Fixes: https://gitlab.com/qemu-project/qemu/-/issues/770 +Signed-off-by: Michael S. Tsirkin <mst@redhat.com> +Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Reviewed-by: Ani Sinha <ani@anisinha.ca> + +Upstream-Status: Backport [9bd6565ccee68f72d5012e24646e12a1c662827e] +CVE: CVE-2021-4158 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/acpi/pcihp.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c +index 30405b511..a5e182dd3 100644 +--- a/hw/acpi/pcihp.c ++++ b/hw/acpi/pcihp.c +@@ -491,6 +491,9 @@ static void pci_write(void *opaque, hwaddr addr, uint64_t data, + } + + bus = acpi_pcihp_find_hotplug_bus(s, s->hotplug_select); ++ if (!bus) { ++ break; ++ } + QTAILQ_FOREACH_SAFE(kid, &bus->qbus.children, sibling, next) { + Object *o = OBJECT(kid->child); + PCIDevice *dev = PCI_DEVICE(o); +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0216_1.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0216_1.patch new file mode 100644 index 0000000000..de7458fc72 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0216_1.patch @@ -0,0 +1,42 @@ +From 1cedc914b2c4b4e0c9dfcd1b0e02917af35b5eb6 Mon Sep 17 00:00:00 2001 +From: Mauro Matteo Cascella <mcascell@redhat.com> +Date: Tue, 5 Jul 2022 22:05:43 +0200 +Subject: [PATCH 1/3] scsi/lsi53c895a: fix use-after-free in lsi_do_msgout + (CVE-2022-0216) + +Set current_req->req to NULL to prevent reusing a free'd buffer in case of +repeated SCSI cancel requests. Thanks to Thomas Huth for suggesting the patch. + +Fixes: CVE-2022-0216 +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/972 +Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> +Reviewed-by: Thomas Huth <thuth@redhat.com> +Message-Id: <20220705200543.2366809-1-mcascell@redhat.com> +Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> + +Upstream-Status: Backport [6c8fa961da5e60f574bb52fd3ad44b1e9e8ad4b8] +CVE: CVE-2022-0216 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/scsi/lsi53c895a.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c +index 85e907a78..8033cf050 100644 +--- a/hw/scsi/lsi53c895a.c ++++ b/hw/scsi/lsi53c895a.c +@@ -1029,8 +1029,9 @@ static void lsi_do_msgout(LSIState *s) + case 0x0d: + /* The ABORT TAG message clears the current I/O process only. */ + trace_lsi_do_msgout_abort(current_tag); +- if (current_req) { ++ if (current_req && current_req->req) { + scsi_req_cancel(current_req->req); ++ current_req->req = NULL; + } + lsi_disconnect(s); + break; +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0216_2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0216_2.patch new file mode 100644 index 0000000000..12f5a602da --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0216_2.patch @@ -0,0 +1,52 @@ +From 8f2c2cb908758192d5ebc00605cbf0989b8a507c Mon Sep 17 00:00:00 2001 +From: Mauro Matteo Cascella <mcascell@redhat.com> +Date: Mon, 11 Jul 2022 14:33:16 +0200 +Subject: [PATCH 3/3] scsi/lsi53c895a: really fix use-after-free in + lsi_do_msgout (CVE-2022-0216) + +Set current_req to NULL, not current_req->req, to prevent reusing a free'd +buffer in case of repeated SCSI cancel requests. Also apply the fix to +CLEAR QUEUE and BUS DEVICE RESET messages as well, since they also cancel +the request. + +Thanks to Alexander Bulekov for providing a reproducer. + +Fixes: CVE-2022-0216 +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/972 +Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> +Tested-by: Alexander Bulekov <alxndr@bu.edu> +Message-Id: <20220711123316.421279-1-mcascell@redhat.com> +Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> + +Upstream-Status: Backport [4367a20cc442c56b05611b4224de9a61908f9eac] +CVE: CVE-2022-0216 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/scsi/lsi53c895a.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c +index 8033cf050..fbe3fa3dd 100644 +--- a/hw/scsi/lsi53c895a.c ++++ b/hw/scsi/lsi53c895a.c +@@ -1031,7 +1031,7 @@ static void lsi_do_msgout(LSIState *s) + trace_lsi_do_msgout_abort(current_tag); + if (current_req && current_req->req) { + scsi_req_cancel(current_req->req); +- current_req->req = NULL; ++ current_req = NULL; + } + lsi_disconnect(s); + break; +@@ -1057,6 +1057,7 @@ static void lsi_do_msgout(LSIState *s) + /* clear the current I/O process */ + if (s->current) { + scsi_req_cancel(s->current->req); ++ current_req = NULL; + } + + /* As the current implemented devices scsi_disk and scsi_generic +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0358.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0358.patch new file mode 100644 index 0000000000..8eb1475638 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-0358.patch @@ -0,0 +1,106 @@ +From 4d2558ec9336d3614a43f7437c9cf74793ae3a87 Mon Sep 17 00:00:00 2001 +From: Vivek Goyal <vgoyal@redhat.com> +Date: Tue, 25 Jan 2022 13:51:14 -0500 +Subject: [PATCH] virtiofsd: Drop membership of all supplementary groups + (CVE-2022-0358) + +At the start, drop membership of all supplementary groups. This is +not required. + +If we have membership of "root" supplementary group and when we switch +uid/gid using setresuid/setsgid, we still retain membership of existing +supplemntary groups. And that can allow some operations which are not +normally allowed. + +For example, if root in guest creates a dir as follows. + +$ mkdir -m 03777 test_dir + +This sets SGID on dir as well as allows unprivileged users to write into +this dir. + +And now as unprivileged user open file as follows. + +$ su test +$ fd = open("test_dir/priviledge_id", O_RDWR|O_CREAT|O_EXCL, 02755); + +This will create SGID set executable in test_dir/. + +And that's a problem because now an unpriviliged user can execute it, +get egid=0 and get access to resources owned by "root" group. This is +privilege escalation. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2044863 +Fixes: CVE-2022-0358 +Reported-by: JIETAO XIAO <shawtao1125@gmail.com> +Suggested-by: Miklos Szeredi <mszeredi@redhat.com> +Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> +Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> +Signed-off-by: Vivek Goyal <vgoyal@redhat.com> +Message-Id: <YfBGoriS38eBQrAb@redhat.com> +Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> + dgilbert: Fixed missing {}'s style nit + +Upstream-Status: Backport [449e8171f96a6a944d1f3b7d3627ae059eae21ca] +CVE: CVE-2022-0358 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + tools/virtiofsd/passthrough_ll.c | 27 +++++++++++++++++++++++++++ + 1 file changed, 27 insertions(+) + +diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c +index 64b5b4fbb..b3d0674f6 100644 +--- a/tools/virtiofsd/passthrough_ll.c ++++ b/tools/virtiofsd/passthrough_ll.c +@@ -54,6 +54,7 @@ + #include <sys/wait.h> + #include <sys/xattr.h> + #include <syslog.h> ++#include <grp.h> + + #include "qemu/cutils.h" + #include "passthrough_helpers.h" +@@ -1161,6 +1162,30 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name) + #define OURSYS_setresuid SYS_setresuid + #endif + ++static void drop_supplementary_groups(void) ++{ ++ int ret; ++ ++ ret = getgroups(0, NULL); ++ if (ret == -1) { ++ fuse_log(FUSE_LOG_ERR, "getgroups() failed with error=%d:%s\n", ++ errno, strerror(errno)); ++ exit(1); ++ } ++ ++ if (!ret) { ++ return; ++ } ++ ++ /* Drop all supplementary groups. We should not need it */ ++ ret = setgroups(0, NULL); ++ if (ret == -1) { ++ fuse_log(FUSE_LOG_ERR, "setgroups() failed with error=%d:%s\n", ++ errno, strerror(errno)); ++ exit(1); ++ } ++} ++ + /* + * Change to uid/gid of caller so that file is created with + * ownership of caller. +@@ -3926,6 +3951,8 @@ int main(int argc, char *argv[]) + + qemu_init_exec_dir(argv[0]); + ++ drop_supplementary_groups(); ++ + pthread_mutex_init(&lo.mutex, NULL); + lo.inodes = g_hash_table_new(lo_key_hash, lo_key_equal); + lo.root.fd = -1; +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch b/poky/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch deleted file mode 100644 index 044b4dd2a0..0000000000 --- a/poky/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 9a6871126f472feea057d5f803505ec8cc78f083 Mon Sep 17 00:00:00 2001 -From: Panu Matilainen <pmatilai@redhat.com> -Date: Thu, 30 Sep 2021 09:56:20 +0300 -Subject: [PATCH 1/3] Refactor pgpDigParams construction to helper function - -No functional changes, just to reduce code duplication and needed by -the following commits. - -CVE: CVE-2021-3521 -Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/9f03f42e2] - -Signed-off-by: Changqing Li <changqing.li@windriver.com> ---- - rpmio/rpmpgp.c | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c -index d0688ebe9a..e472b5320f 100644 ---- a/rpmio/rpmpgp.c -+++ b/rpmio/rpmpgp.c -@@ -1041,6 +1041,13 @@ unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype) - return algo; - } - -+static pgpDigParams pgpDigParamsNew(uint8_t tag) -+{ -+ pgpDigParams digp = xcalloc(1, sizeof(*digp)); -+ digp->tag = tag; -+ return digp; -+} -+ - int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, - pgpDigParams * ret) - { -@@ -1058,8 +1065,7 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, - if (pkttype && pkt.tag != pkttype) { - break; - } else { -- digp = xcalloc(1, sizeof(*digp)); -- digp->tag = pkt.tag; -+ digp = pgpDigParamsNew(pkt.tag); - } - } - -@@ -1105,8 +1111,7 @@ int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen, - digps = xrealloc(digps, alloced * sizeof(*digps)); - } - -- digps[count] = xcalloc(1, sizeof(**digps)); -- digps[count]->tag = PGPTAG_PUBLIC_SUBKEY; -+ digps[count] = pgpDigParamsNew(PGPTAG_PUBLIC_SUBKEY); - /* Copy UID from main key to subkey */ - digps[count]->userid = xstrdup(mainkey->userid); - --- -2.17.1 - diff --git a/poky/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch b/poky/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch index 6d236ac400..c6cf9d4c88 100644 --- a/poky/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch +++ b/poky/meta/recipes-devtools/rpm/files/0001-Do-not-hardcode-lib-rpm-as-the-installation-path-for.patch @@ -1,4 +1,4 @@ -From 8d013fe154a162305f76141151baf767dd04b598 Mon Sep 17 00:00:00 2001 +From 4ab6a4c5bbad65c3401016bb26b87214cdd0c59b Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Mon, 27 Feb 2017 09:43:30 +0200 Subject: [PATCH] Do not hardcode "lib/rpm" as the installation path for @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac -index eb7d6941b..10a889b5d 100644 +index 372875fc4..1b7add9ee 100644 --- a/configure.ac +++ b/configure.ac -@@ -871,7 +871,7 @@ else +@@ -884,7 +884,7 @@ else usrprefix=$prefix fi @@ -27,10 +27,10 @@ index eb7d6941b..10a889b5d 100644 AC_SUBST(OBJDUMP) diff --git a/macros.in b/macros.in -index a1f795e5f..689e784ef 100644 +index d53ab5ed5..9d10441c8 100644 --- a/macros.in +++ b/macros.in -@@ -933,7 +933,7 @@ package or when debugging this package.\ +@@ -911,7 +911,7 @@ package or when debugging this package.\ %_sharedstatedir %{_prefix}/com %_localstatedir %{_prefix}/var %_lib lib @@ -40,7 +40,7 @@ index a1f795e5f..689e784ef 100644 %_infodir %{_datadir}/info %_mandir %{_datadir}/man diff --git a/rpm.am b/rpm.am -index 7b57f433b..9bbb9ee96 100644 +index ebe4e40d1..e6920e258 100644 --- a/rpm.am +++ b/rpm.am @@ -1,10 +1,10 @@ @@ -55,4 +55,4 @@ index 7b57f433b..9bbb9ee96 100644 +rpmconfigdir = $(libdir)/rpm # Libtool version (current-revision-age) for all our libraries - rpm_version_info = 11:0:2 + rpm_version_info = 12:0:3 diff --git a/poky/meta/recipes-devtools/rpm/files/0001-When-cross-installing-execute-package-scriptlets-wit.patch b/poky/meta/recipes-devtools/rpm/files/0001-When-cross-installing-execute-package-scriptlets-wit.patch index 4020a31092..2a0069cafe 100644 --- a/poky/meta/recipes-devtools/rpm/files/0001-When-cross-installing-execute-package-scriptlets-wit.patch +++ b/poky/meta/recipes-devtools/rpm/files/0001-When-cross-installing-execute-package-scriptlets-wit.patch @@ -28,11 +28,18 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> lib/rpmscript.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) -diff --git a/lib/rpmscript.c b/lib/rpmscript.c -index cc98c4885..f8bd3df04 100644 --- a/lib/rpmscript.c +++ b/lib/rpmscript.c -@@ -394,8 +394,7 @@ exit: +@@ -17,7 +17,7 @@ + #include "rpmio/rpmio_internal.h" + + #include "lib/rpmplugins.h" /* rpm plugins hooks */ +- ++#include "lib/rpmchroot.h" /* rpmChrootOut */ + #include "debug.h" + + struct scriptNextFileFunc_s { +@@ -391,8 +391,7 @@ exit: Fclose(out); /* XXX dup'd STDOUT_FILENO */ if (fn) { @@ -42,7 +49,7 @@ index cc98c4885..f8bd3df04 100644 free(fn); } free(mline); -@@ -428,7 +427,13 @@ rpmRC rpmScriptRun(rpmScript script, int arg1, int arg2, FD_t scriptFd, +@@ -426,7 +425,13 @@ rpmRC rpmScriptRun(rpmScript script, int if (rc != RPMRC_FAIL) { if (script_type & RPMSCRIPTLET_EXEC) { @@ -57,6 +64,3 @@ index cc98c4885..f8bd3df04 100644 } else { rc = runLuaScript(plugins, prefixes, script->descr, lvl, scriptFd, &args, script->body, arg1, arg2, &script->nextFileFunc); } --- -2.11.0 - diff --git a/poky/meta/recipes-devtools/rpm/files/0001-configure.ac-add-linux-gnux32-variant-to-triplet-han.patch b/poky/meta/recipes-devtools/rpm/files/0001-configure.ac-add-linux-gnux32-variant-to-triplet-han.patch new file mode 100644 index 0000000000..2174a79e75 --- /dev/null +++ b/poky/meta/recipes-devtools/rpm/files/0001-configure.ac-add-linux-gnux32-variant-to-triplet-han.patch @@ -0,0 +1,31 @@ +From 8f51462d41d8fe942d5d0a06f08d47f625141995 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Thu, 4 Aug 2022 12:15:08 +0200 +Subject: [PATCH] configure.ac: add linux-gnux32 variant to triplet handling + +x32 is a 64 bit x86 ABI with 32 bit pointers. + +Upstream-Status: Submitted [https://github.com/rpm-software-management/rpm/pull/2143] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +--- + configure.ac | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/configure.ac b/configure.ac +index 372875fc49..7d6a3d274e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -845,6 +845,10 @@ if echo "$host_os" | grep '.*-gnuabi64$' > /dev/null ; then + host_os=`echo "${host_os}" | sed 's/-gnuabi64$//'` + host_os_gnu=-gnuabi64 + fi ++if echo "$host_os" | grep '.*-gnux32$' > /dev/null ; then ++ host_os=`echo "${host_os}" | sed 's/-gnux32$//'` ++ host_os_gnu=-gnux32 ++fi + if echo "$host_os" | grep '.*-gnu$' > /dev/null ; then + host_os=`echo "${host_os}" | sed 's/-gnu$//'` + fi +-- +2.30.2 + diff --git a/poky/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch b/poky/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch deleted file mode 100644 index 683b57d455..0000000000 --- a/poky/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch +++ /dev/null @@ -1,64 +0,0 @@ -From c4b1bee51bbdd732b94b431a951481af99117703 Mon Sep 17 00:00:00 2001 -From: Panu Matilainen <pmatilai@redhat.com> -Date: Thu, 30 Sep 2021 09:51:10 +0300 -Subject: [PATCH 2/3] Process MPI's from all kinds of signatures - -No immediate effect but needed by the following commits. - -CVE: CVE-2021-3521 -Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/b5e8bc74b] - -Signed-off-by: Changqing Li <changqing.li@windriver.com> - ---- - rpmio/rpmpgp.c | 13 +++++-------- - 1 file changed, 5 insertions(+), 8 deletions(-) - -diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c -index 25f67048fd..509e777e6d 100644 ---- a/rpmio/rpmpgp.c -+++ b/rpmio/rpmpgp.c -@@ -543,7 +543,7 @@ pgpDigAlg pgpDigAlgFree(pgpDigAlg alg) - return NULL; - } - --static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype, -+static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, - const uint8_t *p, const uint8_t *h, size_t hlen, - pgpDigParams sigp) - { -@@ -556,10 +556,8 @@ static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype, - int mpil = pgpMpiLen(p); - if (pend - p < mpil) - break; -- if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) { -- if (sigalg->setmpi(sigalg, i, p)) -- break; -- } -+ if (sigalg->setmpi(sigalg, i, p)) -+ break; - p += mpil; - } - -@@ -619,7 +617,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen, - } - - p = ((uint8_t *)v) + sizeof(*v); -- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp); -+ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp); - } break; - case 4: - { pgpPktSigV4 v = (pgpPktSigV4)h; -@@ -677,8 +675,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen, - p += 2; - if (p > hend) - return 1; -- -- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp); -+ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp); - } break; - default: - rpmlog(RPMLOG_WARNING, _("Unsupported version of signature: V%d\n"), version); --- -2.17.1 - diff --git a/poky/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch b/poky/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch deleted file mode 100644 index a5ec802501..0000000000 --- a/poky/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch +++ /dev/null @@ -1,329 +0,0 @@ -From 07676ca03ad8afcf1ca95a2353c83fbb1d970b9b Mon Sep 17 00:00:00 2001 -From: Panu Matilainen <pmatilai@redhat.com> -Date: Thu, 30 Sep 2021 09:59:30 +0300 -Subject: [PATCH 3/3] Validate and require subkey binding signatures on PGP - public keys - -All subkeys must be followed by a binding signature by the primary key -as per the OpenPGP RFC, enforce the presence and validity in the parser. - -The implementation is as kludgey as they come to work around our -simple-minded parser structure without touching API, to maximise -backportability. Store all the raw packets internally as we decode them -to be able to access previous elements at will, needed to validate ordering -and access the actual data. Add testcases for manipulated keys whose -import previously would succeed. - -Depends on the two previous commits: -7b399fcb8f52566e6f3b4327197a85facd08db91 and -236b802a4aa48711823a191d1b7f753c82a89ec5 - -Fixes CVE-2021-3521. - -Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/bd36c5dc9] -CVE:CVE-2021-3521 - -Signed-off-by: Changqing Li <changqing.li@windriver.com> - ---- - rpmio/rpmpgp.c | 99 +++++++++++++++++-- - tests/Makefile.am | 3 + - tests/data/keys/CVE-2021-3521-badbind.asc | 25 +++++ - .../data/keys/CVE-2021-3521-nosubsig-last.asc | 25 +++++ - tests/data/keys/CVE-2021-3521-nosubsig.asc | 37 +++++++ - tests/rpmsigdig.at | 28 ++++++ - 6 files changed, 209 insertions(+), 8 deletions(-) - create mode 100644 tests/data/keys/CVE-2021-3521-badbind.asc - create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig-last.asc - create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig.asc - -diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c -index 509e777e6d..371ad4d9b6 100644 ---- a/rpmio/rpmpgp.c -+++ b/rpmio/rpmpgp.c -@@ -1061,33 +1061,116 @@ static pgpDigParams pgpDigParamsNew(uint8_t tag) - return digp; - } - -+static int hashKey(DIGEST_CTX hash, const struct pgpPkt *pkt, int exptag) -+{ -+ int rc = -1; -+ if (pkt->tag == exptag) { -+ uint8_t head[] = { -+ 0x99, -+ (pkt->blen >> 8), -+ (pkt->blen ), -+ }; -+ -+ rpmDigestUpdate(hash, head, 3); -+ rpmDigestUpdate(hash, pkt->body, pkt->blen); -+ rc = 0; -+ } -+ return rc; -+} -+ -+static int pgpVerifySelf(pgpDigParams key, pgpDigParams selfsig, -+ const struct pgpPkt *all, int i) -+{ -+ int rc = -1; -+ DIGEST_CTX hash = NULL; -+ -+ switch (selfsig->sigtype) { -+ case PGPSIGTYPE_SUBKEY_BINDING: -+ hash = rpmDigestInit(selfsig->hash_algo, 0); -+ if (hash) { -+ rc = hashKey(hash, &all[0], PGPTAG_PUBLIC_KEY); -+ if (!rc) -+ rc = hashKey(hash, &all[i-1], PGPTAG_PUBLIC_SUBKEY); -+ } -+ break; -+ default: -+ /* ignore types we can't handle */ -+ rc = 0; -+ break; -+ } -+ -+ if (hash && rc == 0) -+ rc = pgpVerifySignature(key, selfsig, hash); -+ -+ rpmDigestFinal(hash, NULL, NULL, 0); -+ -+ return rc; -+} -+ - int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, - pgpDigParams * ret) - { - const uint8_t *p = pkts; - const uint8_t *pend = pkts + pktlen; - pgpDigParams digp = NULL; -- struct pgpPkt pkt; -+ pgpDigParams selfsig = NULL; -+ int i = 0; -+ int alloced = 16; /* plenty for normal cases */ -+ struct pgpPkt *all = xmalloc(alloced * sizeof(*all)); - int rc = -1; /* assume failure */ -+ int expect = 0; -+ int prevtag = 0; - - while (p < pend) { -- if (decodePkt(p, (pend - p), &pkt)) -+ struct pgpPkt *pkt = &all[i]; -+ if (decodePkt(p, (pend - p), pkt)) - break; - - if (digp == NULL) { -- if (pkttype && pkt.tag != pkttype) { -+ if (pkttype && pkt->tag != pkttype) { - break; - } else { -- digp = pgpDigParamsNew(pkt.tag); -+ digp = pgpDigParamsNew(pkt->tag); - } - } - -- if (pgpPrtPkt(&pkt, digp)) -+ if (expect) { -+ if (pkt->tag != expect) -+ break; -+ selfsig = pgpDigParamsNew(pkt->tag); -+ } -+ if (pgpPrtPkt(pkt, selfsig ? selfsig : digp)) - break; - -- p += (pkt.body - pkt.head) + pkt.blen; -- if (pkttype == PGPTAG_SIGNATURE) -- break; -+ if (selfsig) { -+ /* subkeys must be followed by binding signature */ -+ if (prevtag == PGPTAG_PUBLIC_SUBKEY) { -+ if (selfsig->sigtype != PGPSIGTYPE_SUBKEY_BINDING) -+ break; -+ } -+ -+ int xx = pgpVerifySelf(digp, selfsig, all, i); -+ -+ selfsig = pgpDigParamsFree(selfsig); -+ if (xx) -+ break; -+ expect = 0; -+ } -+ -+ if (pkt->tag == PGPTAG_PUBLIC_SUBKEY) -+ expect = PGPTAG_SIGNATURE; -+ prevtag = pkt->tag; -+ -+ i++; -+ p += (pkt->body - pkt->head) + pkt->blen; -+ if (pkttype == PGPTAG_SIGNATURE) -+ break; -+ -+ if (alloced <= i) { -+ alloced *= 2; -+ all = xrealloc(all, alloced * sizeof(*all)); -+ } -+ - } - - rc = (digp && (p == pend)) ? 0 : -1; -diff --git a/tests/Makefile.am b/tests/Makefile.am -index a41ce10de8..7bb23247f1 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -107,6 +107,9 @@ EXTRA_DIST += data/SPECS/hello-config-buildid.spec - EXTRA_DIST += data/SPECS/hello-cd.spec - EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.pub - EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.secret -+EXTRA_DIST += data/keys/CVE-2021-3521-badbind.asc -+EXTRA_DIST += data/keys/CVE-2022-3521-nosubsig.asc -+EXTRA_DIST += data/keys/CVE-2022-3521-nosubsig-last.asc - EXTRA_DIST += data/macros.testfile - EXTRA_DIST += data/macros.debug - EXTRA_DIST += data/SOURCES/foo.c -diff --git a/tests/data/keys/CVE-2021-3521-badbind.asc b/tests/data/keys/CVE-2021-3521-badbind.asc -new file mode 100644 -index 0000000000..aea00f9d7a ---- /dev/null -+++ b/tests/data/keys/CVE-2021-3521-badbind.asc -@@ -0,0 +1,25 @@ -+-----BEGIN PGP PUBLIC KEY BLOCK----- -+Version: rpm-4.17.90 (NSS-3) -+ -+mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g -+HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY -+91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8 -+eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas -+7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ -+1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl -+c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK -+CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf -+Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB -+BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr -+XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX -+fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq -++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN -+BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY -+zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz -+iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6 -+Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c -+KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m -+L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE= -+=WCfs -+-----END PGP PUBLIC KEY BLOCK----- -+ -diff --git a/tests/data/keys/CVE-2021-3521-nosubsig-last.asc b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc -new file mode 100644 -index 0000000000..aea00f9d7a ---- /dev/null -+++ b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc -@@ -0,0 +1,25 @@ -+-----BEGIN PGP PUBLIC KEY BLOCK----- -+Version: rpm-4.17.90 (NSS-3) -+ -+mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g -+HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY -+91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8 -+eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas -+7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ -+1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl -+c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK -+CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf -+Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB -+BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr -+XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX -+fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq -++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN -+BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY -+zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz -+iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6 -+Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c -+KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m -+L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE= -+=WCfs -+-----END PGP PUBLIC KEY BLOCK----- -+ -diff --git a/tests/data/keys/CVE-2021-3521-nosubsig.asc b/tests/data/keys/CVE-2021-3521-nosubsig.asc -new file mode 100644 -index 0000000000..3a2e7417f8 ---- /dev/null -+++ b/tests/data/keys/CVE-2021-3521-nosubsig.asc -@@ -0,0 +1,37 @@ -+-----BEGIN PGP PUBLIC KEY BLOCK----- -+Version: rpm-4.17.90 (NSS-3) -+ -+mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g -+HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY -+91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8 -+eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas -+7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ -+1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl -+c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK -+CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf -+Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB -+BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr -+XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX -+fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq -++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN -+BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY -+zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz -+iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6 -+Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c -+KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m -+L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAG5AQ0EWOY5GAEIAKT68NmshdC4 -+VcRhOhlXBvZq23NtskkKoPvW+ZlMuxbRDG48pGBtxhjOngriVUGceEWsXww5Q7En -+uRBYglkxkW34ENym0Ji6tsPYfhbbG+dZWKIL4vMIzPOIwlPrXrm558vgkdMM/ELZ -+8WIz3KtzvYubKUk2Qz+96lPXbwnlC/SBFRpBseJC5LoOb/5ZGdR/HeLz1JXiacHF -+v9Nr3cZWqg5yJbDNZKfASdZgC85v3kkvhTtzknl//5wqdAMexbuwiIh2xyxbO+B/ -+qqzZFrVmu3sV2Tj5lLZ/9p1qAuEM7ULbixd/ld8yTmYvQ4bBlKv2bmzXtVfF+ymB -+Tm6BzyQEl/MAEQEAAYkBHwQYAQgACQUCWOY5GAIbDAAKCRBDRFkeGWTF/PANB/9j -+mifmj6z/EPe0PJFhrpISt9PjiUQCt0IPtiL5zKAkWjHePIzyi+0kCTBF6DDLFxos -+3vN4bWnVKT1kBhZAQlPqpJTg+m74JUYeDGCdNx9SK7oRllATqyu+5rncgxjWVPnQ -+zu/HRPlWJwcVFYEVXYL8xzfantwQTqefjmcRmBRdA2XJITK+hGWwAmrqAWx+q5xX -+Pa8wkNMxVzNS2rUKO9SoVuJ/wlUvfoShkJ/VJ5HDp3qzUqncADfdGN35TDzscngQ -+gHvnMwVBfYfSCABV1hNByoZcc/kxkrWMmsd/EnIyLd1Q1baKqc3cEDuC6E6/o4yJ -+E4XX4jtDmdZPreZALsiB -+=rRop -+-----END PGP PUBLIC KEY BLOCK----- -+ -diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at -index 8e7c759b8f..e2d30a7f1b 100644 ---- a/tests/rpmsigdig.at -+++ b/tests/rpmsigdig.at -@@ -2,6 +2,34 @@ - - AT_BANNER([RPM signatures and digests]) - -+AT_SETUP([rpmkeys --import invalid keys]) -+AT_KEYWORDS([rpmkeys import]) -+RPMDB_INIT -+ -+AT_CHECK([ -+runroot rpmkeys --import /data/keys/CVE-2021-3521-badbind.asc -+], -+[1], -+[], -+[error: /data/keys/CVE-2021-3521-badbind.asc: key 1 import failed.] -+) -+AT_CHECK([ -+runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig.asc -+], -+[1], -+[], -+[error: /data/keys/CVE-2021-3521-nosubsig.asc: key 1 import failed.] -+) -+ -+AT_CHECK([ -+runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig-last.asc -+], -+[1], -+[], -+[error: /data/keys/CVE-2021-3521-nosubsig-last.asc: key 1 import failed.] -+) -+AT_CLEANUP -+ - # ------------------------------ - # Test pre-built package verification - AT_SETUP([rpmkeys -Kv <unsigned> 1]) --- -2.17.1 - diff --git a/poky/meta/recipes-devtools/rpm/rpm_4.17.0.bb b/poky/meta/recipes-devtools/rpm/rpm_4.17.1.bb index c392ac0db4..9b6446f265 100644 --- a/poky/meta/recipes-devtools/rpm/rpm_4.17.0.bb +++ b/poky/meta/recipes-devtools/rpm/rpm_4.17.1.bb @@ -39,13 +39,11 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.17.x;protoc file://0001-tools-Add-error.h-for-non-glibc-case.patch \ file://0001-docs-do-not-build-manpages-requires-pandoc.patch \ file://0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch \ - file://0001-CVE-2021-3521.patch \ - file://0002-CVE-2021-3521.patch \ - file://0003-CVE-2021-3521.patch \ + file://0001-configure.ac-add-linux-gnux32-variant-to-triplet-han.patch \ " PE = "1" -SRCREV = "3e74e8ba2dd5e76a5353d238dc7fc38651ce27b3" +SRCREV = "5bef402da334595ed9302b8bca1acdf5e88bfe11" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/rsync/files/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch b/poky/meta/recipes-devtools/rsync/files/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch deleted file mode 100644 index 2d51ddf965..0000000000 --- a/poky/meta/recipes-devtools/rsync/files/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch +++ /dev/null @@ -1,31 +0,0 @@ -From fbe85634d88e82fbb439ae2a5d1aca8b8c309bea Mon Sep 17 00:00:00 2001 -From: Matt McCutchen <matt@mattmccutchen.net> -Date: Wed, 26 Aug 2020 12:16:08 -0400 -Subject: [PATCH] rsync-ssl: Verify the hostname in the certificate when using - openssl. - -CVE: CVE-2020-14387 - -Upstream-Status: Backport [https://git.samba.org/?p=rsync.git;a=commit;h=c3f7414] - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - rsync-ssl | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/rsync-ssl b/rsync-ssl -index 8101975..46701af 100755 ---- a/rsync-ssl -+++ b/rsync-ssl -@@ -129,7 +129,7 @@ function rsync_ssl_helper { - fi - - if [[ $RSYNC_SSL_TYPE == openssl ]]; then -- exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port -+ exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port - elif [[ $RSYNC_SSL_TYPE == gnutls ]]; then - exec $RSYNC_SSL_GNUTLS --logfile=/dev/null $gnutls_cert_opt $gnutls_opts $hostname:$port - else --- -2.17.1 - diff --git a/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch b/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch index 4ba7665280..42a6372ba7 100644 --- a/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch +++ b/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch @@ -1,4 +1,4 @@ -From 1f29584e57f5fda09970c66f3b94f4720e09c1bb Mon Sep 17 00:00:00 2001 +From 81700d1a0e51391028c761cc8ef1cd660084d114 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Tue, 12 Apr 2016 15:51:54 +0100 Subject: [PATCH] rsync: remove upstream's rebuild logic @@ -14,12 +14,12 @@ Signed-off-by: Ross Burton <ross.burton@intel.com> 1 file changed, 54 deletions(-) diff --git a/Makefile.in b/Makefile.in -index 672fcc4..c12d8d4 100644 +index 3cde955..d963a70 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -168,60 +168,6 @@ gen: conf proto.h man - gensend: gen - rsync -aic $(GENFILES) $${SAMBA_HOST-samba.org}:/home/ftp/pub/rsync/generated-files/ +@@ -190,60 +190,6 @@ gensend: gen + fi + rsync -aic $(GENFILES) git-version.h $${SAMBA_HOST-samba.org}:/home/ftp/pub/rsync/generated-files/ || true -aclocal.m4: $(srcdir)/m4/*.m4 - aclocal -I $(srcdir)/m4 @@ -41,7 +41,7 @@ index 672fcc4..c12d8d4 100644 - else \ - echo "config.h.in has CHANGED."; \ - fi -- @if test -f configure.sh.old -o -f config.h.in.old; then \ +- @if test -f configure.sh.old || test -f config.h.in.old; then \ - if test "$(MAKECMDGOALS)" = reconfigure; then \ - echo 'Continuing with "make reconfigure".'; \ - else \ diff --git a/poky/meta/recipes-devtools/rsync/rsync_3.2.3.bb b/poky/meta/recipes-devtools/rsync/rsync_3.2.5.bb index 6168ee85fc..e43f35ea2f 100644 --- a/poky/meta/recipes-devtools/rsync/rsync_3.2.3.bb +++ b/poky/meta/recipes-devtools/rsync/rsync_3.2.5.bb @@ -6,7 +6,7 @@ SECTION = "console/network" # GPL-2.0-or-later (<< 3.0.0), GPL-3.0-or-later (>= 3.0.0) # Includes opennsh and xxhash dynamic link exception LICENSE = "GPL-3.0-or-later" -LIC_FILES_CHKSUM = "file://COPYING;md5=9e5a4f9b3a253d51520617aa54f8eb26" +LIC_FILES_CHKSUM = "file://COPYING;md5=24423708fe159c9d12be1ea29fcb18c7" DEPENDS = "popt" @@ -14,10 +14,9 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \ file://rsyncd.conf \ file://makefile-no-rebuild.patch \ file://determism.patch \ - file://0001-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch \ " -SRC_URI[sha256sum] = "becc3c504ceea499f4167a260040ccf4d9f2ef9499ad5683c179a697146ce50e" +SRC_URI[sha256sum] = "2ac4d21635cdf791867bc377c35ca6dda7f50d919a58be45057fd51600c69aba" # -16548 required for v3.1.3pre1. Already in v3.1.3. CVE_CHECK_IGNORE += " CVE-2017-16548 " @@ -41,7 +40,17 @@ PACKAGECONFIG[zstd] = "--enable-zstd,--disable-zstd,zstd" CACHED_CONFIGUREVARS += "rsync_cv_can_hardlink_special=yes rsync_cv_can_hardlink_symlink=yes" EXTRA_OEMAKE = 'STRIP=""' -EXTRA_OECONF = "--disable-simd --disable-md2man --disable-asm --with-nobody-group=nogroup" +EXTRA_OECONF = "--disable-md2man --with-nobody-group=nogroup" + +#| ./simd-checksum-x86_64.cpp: In function 'uint32_t get_checksum1_cpp(char*, int32_t)': +#| ./simd-checksum-x86_64.cpp:89:52: error: multiversioning needs 'ifunc' which is not supported on this target +#| 89 | __attribute__ ((target("default"))) MVSTATIC int32 get_checksum1_avx2_64(schar* buf, int32 len, int32 i, uint32* ps1, uint32* ps2) { return i; } +#| | ^~~~~~~~~~~~~~~~~~~~~ +#| ./simd-checksum-x86_64.cpp:480:1: error: use of multiversioned function without a default +#| 480 | } +#| | ^ +#| If you can't fix the issue, re-run ./configure with --disable-roll-simd. +EXTRA_OECONF:append:libc-musl = " --disable-roll-simd" # rsync 3.0 uses configure.sh instead of configure, and # makefile checks the existence of configure.sh diff --git a/poky/meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch b/poky/meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch new file mode 100644 index 0000000000..5d0f8fcc09 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch @@ -0,0 +1,36 @@ +From 222203297966f312109e8eaa2520f2cf2f59c09d Mon Sep 17 00:00:00 2001 +From: Alan Wu <XrXr@users.noreply.github.com> +Date: Thu, 31 Mar 2022 17:26:28 -0400 +Subject: [PATCH] Remove dependency on libcapstone + +We have received reports of build failures due to this configuration +check modifying compile flags. Since only YJIT devs use this library +we can remove it to make Ruby easier to build for users. + +See: https://github.com/rbenv/ruby-build/discussions/1933 + +Upstream-Status: Backport +--- + configure.ac | 9 --------- + 1 file changed, 9 deletions(-) + +Index: ruby-3.1.2/configure.ac +=================================================================== +--- ruby-3.1.2.orig/configure.ac ++++ ruby-3.1.2/configure.ac +@@ -1244,15 +1244,6 @@ AC_CHECK_LIB(dl, dlopen) # Dynamic linki + AC_CHECK_LIB(dld, shl_load) # Dynamic linking for HP-UX + AC_CHECK_LIB(socket, shutdown) # SunOS/Solaris + +-if pkg-config --exists capstone; then +- CAPSTONE_CFLAGS=`pkg-config --cflags capstone` +- CAPSTONE_LIB_L=`pkg-config --libs-only-L capstone` +- LDFLAGS="$LDFLAGS $CAPSTONE_LIB_L" +- CFLAGS="$CFLAGS $CAPSTONE_CFLAGS" +-fi +- +-AC_CHECK_LIB(capstone, cs_open) # Capstone disassembler for debugging YJIT +- + dnl Checks for header files. + AC_HEADER_DIRENT + dnl AC_HEADER_STDC has been checked in AC_USE_SYSTEM_EXTENSIONS diff --git a/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb index 6fc1f53b18..387bfa9b44 100644 --- a/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb +++ b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb @@ -12,6 +12,7 @@ SRC_URI += " \ file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ file://0006-Make-gemspecs-reproducible.patch \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ + file://0001-Remove-dependency-on-libcapstone.patch \ " SRC_URI[sha256sum] = "61843112389f02b735428b53bb64cf988ad9fb81858b8248e22e57336f24a83e" @@ -25,7 +26,6 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6," # rdoc is off by default due to non-reproducibility reported in # https://bugs.ruby-lang.org/issues/18456 PACKAGECONFIG[rdoc] = "--enable-install-rdoc,--disable-install-rdoc," -PACKAGECONFIG[capstone] = "--with-capstone=yes, --with-capstone=no" EXTRA_OECONF = "\ --disable-versioned-paths \ diff --git a/poky/meta/recipes-devtools/vala/vala_0.56.2.bb b/poky/meta/recipes-devtools/vala/vala_0.56.2.bb deleted file mode 100644 index 08c8ccca1d..0000000000 --- a/poky/meta/recipes-devtools/vala/vala_0.56.2.bb +++ /dev/null @@ -1,3 +0,0 @@ -require ${BPN}.inc - -SRC_URI[sha256sum] = "66c9619bb17859fd1ac3aba0a57970613e38fd2a1ee30541174260c9fb90124c" diff --git a/poky/meta/recipes-devtools/vala/vala_0.56.3.bb b/poky/meta/recipes-devtools/vala/vala_0.56.3.bb new file mode 100644 index 0000000000..83f61e5b2f --- /dev/null +++ b/poky/meta/recipes-devtools/vala/vala_0.56.3.bb @@ -0,0 +1,3 @@ +require ${BPN}.inc + +SRC_URI[sha256sum] = "e1066221bf7b89cb1fa7327a3888645cb33b604de3bf45aa81132fd040b699bf" diff --git a/poky/meta/recipes-extended/cracklib/cracklib_2.9.7.bb b/poky/meta/recipes-extended/cracklib/cracklib_2.9.8.bb index 629069e844..786940a7e0 100644 --- a/poky/meta/recipes-extended/cracklib/cracklib_2.9.7.bb +++ b/poky/meta/recipes-extended/cracklib/cracklib_2.9.8.bb @@ -11,9 +11,10 @@ EXTRA_OECONF = "--without-python --libdir=${base_libdir}" SRC_URI = "git://github.com/cracklib/cracklib;protocol=https;branch=master \ file://0001-packlib.c-support-dictionary-byte-order-dependent.patch \ - file://0002-craklib-fix-testnum-and-teststr-failed.patch" + file://0002-craklib-fix-testnum-and-teststr-failed.patch \ + " -SRCREV = "f83934cf3cced0c9600c7d81332f4169f122a2cf" +SRCREV = "d9e8f9f47718539aeba80f90f4e072549926dc9c" S = "${WORKDIR}/git/src" inherit autotools gettext diff --git a/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.64.bb b/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb index 8d2e77e011..801162867c 100644 --- a/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.64.bb +++ b/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb @@ -19,7 +19,7 @@ SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.t file://lighttpd \ " -SRC_URI[sha256sum] = "e1489d9fa7496fbf2e071c338b593b2300d38c23f1e5967e52c9ef482e1b0e26" +SRC_URI[sha256sum] = "47ac6e60271aa0196e65472d02d019556dc7c6d09df3b65df2c1ab6866348e3b" DEPENDS = "virtual/crypt" diff --git a/poky/meta/recipes-extended/ltp/ltp/0001-syscalls-pread02-extend-buffer-to-avoid-glibc-overflow-detection.patch b/poky/meta/recipes-extended/ltp/ltp/0001-syscalls-pread02-extend-buffer-to-avoid-glibc-overflow-detection.patch new file mode 100644 index 0000000000..94dd418f36 --- /dev/null +++ b/poky/meta/recipes-extended/ltp/ltp/0001-syscalls-pread02-extend-buffer-to-avoid-glibc-overflow-detection.patch @@ -0,0 +1,58 @@ +From de988c9b5605a711b306c4203545b8d761875177 Mon Sep 17 00:00:00 2001 +From: Jan Stancek <jstancek@redhat.com> +Date: Mon, 31 Jan 2022 12:00:46 +0100 +Subject: [PATCH] syscalls/pread02: extend buffer to avoid glibc overflow + detection + +Test started failing with recent glibc (glibc-2.34.9000-38.fc36), +which detects that buffer in pread is potentially too small: + tst_test.c:1431: TINFO: Timeout per run is 0h 05m 00s + *** buffer overflow detected ***: terminated + tst_test.c:1484: TBROK: Test killed by SIGIOT/SIGABRT! + +(gdb) bt + #0 __pthread_kill_implementation at pthread_kill.c:44 + #1 0x00007ffff7e46f73 in __pthread_kill_internal at pthread_kill.c:78 + #2 0x00007ffff7df6a36 in __GI_raise at ../sysdeps/posix/raise.c:26 + #3 0x00007ffff7de082f in __GI_abort () at abort.c:79 + #4 0x00007ffff7e3b01e in __libc_message at ../sysdeps/posix/libc_fatal.c:155 + #5 0x00007ffff7ed945a in __GI___fortify_fail at fortify_fail.c:26 + #6 0x00007ffff7ed7dc6 in __GI___chk_fail () at chk_fail.c:28 + #7 0x00007ffff7ed8214 in __pread_chk at pread_chk.c:26 + #8 0x0000000000404d1a in pread at /usr/include/bits/unistd.h:74 + #9 verify_pread (n=<optimized out>) at pread02.c:44 + #10 0x000000000040dc19 in run_tests () at tst_test.c:1246 + #11 testrun () at tst_test.c:1331 + #12 fork_testrun () at tst_test.c:1462 + #13 0x000000000040e9a1 in tst_run_tcases + #14 0x0000000000404bde in main + +Extend it to number of bytes we are trying to read from fd. + +Upstream-Status: Backport +[https://github.com/linux-test-project/ltp/commit/de988c9b5605a711b306c4203545b8d761875177] + +Signed-off-by: Jan Stancek <jstancek@redhat.com> +Acked-by: Petr Vorel <pvorel@suse.cz> +Reviewed-by: Cyril Hrubis <chrubis@suse.cz> +Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> +--- + testcases/kernel/syscalls/pread/pread02.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/testcases/kernel/syscalls/pread/pread02.c b/testcases/kernel/syscalls/pread/pread02.c +index de2a81fff..fda5fd190 100644 +--- a/testcases/kernel/syscalls/pread/pread02.c ++++ b/testcases/kernel/syscalls/pread/pread02.c +@@ -39,7 +39,7 @@ struct test_case_t { + static void verify_pread(unsigned int n) + { + struct test_case_t *tc = &tcases[n]; +- char buf; ++ char buf[K1]; + + TST_EXP_FAIL2(pread(*tc->fd, &buf, tc->nb, tc->offst), tc->exp_errno, + "pread(%d, %zu, %ld) %s", *tc->fd, tc->nb, tc->offst, tc->desc); +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/ltp/ltp_20220121.bb b/poky/meta/recipes-extended/ltp/ltp_20220121.bb index 8a13dcf9d0..4ae54492f3 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20220121.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20220121.bb @@ -28,6 +28,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=ht file://0001-Remove-OOM-tests-from-runtest-mm.patch \ file://0001-metadata-parse.sh-sort-filelist-for-reproducibility.patch \ file://disable_hanging_tests.patch \ + file://0001-syscalls-pread02-extend-buffer-to-avoid-glibc-overflow-detection.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/pam/libpam/99_pam b/poky/meta/recipes-extended/pam/libpam/99_pam index 97e990d10b..a88247be13 100644 --- a/poky/meta/recipes-extended/pam/libpam/99_pam +++ b/poky/meta/recipes-extended/pam/libpam/99_pam @@ -1 +1 @@ -d root root 0755 /var/run/sepermit none +d root root 0755 /run/sepermit none diff --git a/poky/meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch b/poky/meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch new file mode 100644 index 0000000000..6c04769713 --- /dev/null +++ b/poky/meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch @@ -0,0 +1,27 @@ +From aed5a184401fbbe901cb825be4004ced885b6f9a Mon Sep 17 00:00:00 2001 +From: Andrei Gherzan <andrei.gherzan@huawei.com> +Date: Wed, 24 Aug 2022 00:54:47 +0200 +Subject: [PATCH] Drop nsswitch.conf message when not in place - eg. musl + +Upstream-Status: Inappropriate [issue reported at https://github.com/shadow-maint/shadow/issues/557] +Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> +--- + lib/nss.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/nss.c b/lib/nss.c +index af3e95a..74e0e16 100644 +--- a/lib/nss.c ++++ b/lib/nss.c +@@ -57,7 +57,7 @@ void nss_init(char *nsswitch_path) { + // subid: files + nssfp = fopen(nsswitch_path, "r"); + if (!nssfp) { +- fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path); ++ //fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path); + atomic_store(&nss_init_completed, true); + return; + } +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/shadow/shadow.inc b/poky/meta/recipes-extended/shadow/shadow.inc index f5fdf436f7..5106b95571 100644 --- a/poky/meta/recipes-extended/shadow/shadow.inc +++ b/poky/meta/recipes-extended/shadow/shadow.inc @@ -26,6 +26,7 @@ SRC_URI:append:class-target = " \ SRC_URI:append:class-native = " \ file://0001-Disable-use-of-syslog-for-sysroot.patch \ file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ + file://0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch \ " SRC_URI:append:class-nativesdk = " \ file://0001-Disable-use-of-syslog-for-sysroot.patch \ @@ -33,6 +34,7 @@ SRC_URI:append:class-nativesdk = " \ SRC_URI[sha256sum] = "f262089be6a1011d50ec7849e14571b7b2e788334368f3dccb718513f17935ed" + # Additional Policy files for PAM PAM_SRC_URI = "file://pam.d/chfn \ file://pam.d/chpasswd \ @@ -149,6 +151,13 @@ do_install:append() { # Handle link properly after rename, otherwise missing files would # lead rpm failed dependencies. ln -sf newgrp.${BPN} ${D}${bindir}/sg + + # usermod requires the subuid/subgid files to be in place before being + # able to use the -v/-V flags otherwise it fails: + # usermod: /etc/subuid does not exist, you cannot use the flags -v or -V + install -d ${D}${sysconfdir} + touch ${D}${sysconfdir}/subuid + touch ${D}${sysconfdir}/subgid } PACKAGES =+ "${PN}-base" diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng-0.13.12/0001-stress-cpu-disable-float128-math-on-powerpc64-to-avo.patch b/poky/meta/recipes-extended/stress-ng/stress-ng-0.13.12/0001-stress-cpu-disable-float128-math-on-powerpc64-to-avo.patch new file mode 100644 index 0000000000..bb35b3030a --- /dev/null +++ b/poky/meta/recipes-extended/stress-ng/stress-ng-0.13.12/0001-stress-cpu-disable-float128-math-on-powerpc64-to-avo.patch @@ -0,0 +1,43 @@ +From ea9ee4dd64ee88e03a959b2c694aa8feb53c7e78 Mon Sep 17 00:00:00 2001 +From: He Zhe <zhe.he@windriver.com> +Date: Wed, 28 Sep 2022 16:47:24 +0800 +Subject: [PATCH] stress-cpu: disable float128 math on powerpc64 to avoid + SIGILL + +float128 requires instructions of xsmaddqp and xsmsubqp which are added to +qemu since v7.0 by the following commit. +https://github.com/qemu/qemu/commit/3bb1aed246d7b59ceee625a82628f7369d492a8f + +While kirkstone is still at v6.2 and thus experiences SIGILL as follow +root@qemuppc64:~# stress-ng --cpu 2 --timeout 30s +stress-ng: info: [972] setting to a 30 second run per stressor +stress-ng: info: [972] dispatching hogs: 2 cpu +stress-ng: info: [973] stressor terminated with unexpected signal signal 4 'SIGILL' +<snip> + +Upstream-Status: Inappropriate [This is specific to kirkstone since qemu on +master branch has upgraded to v7.1.] + +Signed-off-by: He Zhe <zhe.he@windriver.com> +--- + stress-cpu.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/stress-cpu.c b/stress-cpu.c +index 0a08f1d1..2849e715 100644 +--- a/stress-cpu.c ++++ b/stress-cpu.c +@@ -41,6 +41,10 @@ + #undef HAVE_FLOAT_DECIMAL128 + #endif + ++#if defined(STRESS_ARCH_PPC64) ++#undef HAVE_FLOAT128 ++#endif ++ + #define GAMMA (0.57721566490153286060651209008240243104215933593992L) + #define OMEGA (0.56714329040978387299996866221035554975381578718651L) + #define PSI (3.35988566624317755317201130291892717968890513373197L) +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.13.12.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.13.12.bb index fe177a4de0..807ecd3466 100644 --- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.13.12.bb +++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.13.12.bb @@ -5,7 +5,9 @@ HOMEPAGE = "https://github.com/ColinIanKing/stress-ng#readme" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/ColinIanKing/stress-ng.git;protocol=https;branch=master" +SRC_URI = "git://github.com/ColinIanKing/stress-ng.git;protocol=https;branch=master \ + file://0001-stress-cpu-disable-float128-math-on-powerpc64-to-avo.patch \ + " SRCREV = "f59bcb2fe1e25042e77d5e4942f72bfa026fa305" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/0001-Fix-implicit-function-declaration-warnings.patch b/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/0001-Fix-implicit-function-declaration-warnings.patch new file mode 100644 index 0000000000..ec793ac8ff --- /dev/null +++ b/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/0001-Fix-implicit-function-declaration-warnings.patch @@ -0,0 +1,109 @@ +From 9c97b5db237a793e0d1b6b0241570bdc6e35ee24 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 7 Aug 2022 17:42:24 -0700 +Subject: [PATCH] Fix implicit-function-declaration warnings + +These are seen with clang-15+ + +Upstream-Status: Inappropriate [upstream is dead] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + hosts_access.c | 3 +++ + safe_finger.c | 1 + + shell_cmd.c | 3 +++ + tcpd.c | 2 +- + tcpdchk.c | 1 + + workarounds.c | 1 + + 6 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/hosts_access.c b/hosts_access.c +index 0133e5e..58697ea 100644 +--- a/hosts_access.c ++++ b/hosts_access.c +@@ -33,6 +33,7 @@ static char sccsid[] = "@(#) hosts_access.c 1.21 97/02/12 02:13:22"; + #endif + #include <netinet/in.h> + #include <arpa/inet.h> ++#include <rpcsvc/ypclnt.h> + #include <stdio.h> + #include <stdlib.h> + #include <syslog.h> +@@ -45,6 +46,8 @@ static char sccsid[] = "@(#) hosts_access.c 1.21 97/02/12 02:13:22"; + #endif + + extern int errno; ++extern int match_pattern_ylo(const char *s, const char *pattern); ++extern unsigned long cidr_mask_addr(char* str); + + #ifndef INADDR_NONE + #define INADDR_NONE (-1) /* XXX should be 0xffffffff */ +diff --git a/safe_finger.c b/safe_finger.c +index 23afab1..a6458fb 100644 +--- a/safe_finger.c ++++ b/safe_finger.c +@@ -34,6 +34,7 @@ static char sccsid[] = "@(#) safe_finger.c 1.4 94/12/28 17:42:41"; + #include <syslog.h> + + extern void exit(); ++extern int pipe_stdin(char **argv); + + /* Local stuff */ + +diff --git a/shell_cmd.c b/shell_cmd.c +index 62d31bc..a566092 100644 +--- a/shell_cmd.c ++++ b/shell_cmd.c +@@ -16,10 +16,13 @@ static char sccsid[] = "@(#) shell_cmd.c 1.5 94/12/28 17:42:44"; + + #include <sys/types.h> + #include <sys/param.h> ++#include <sys/wait.h> ++#include <fcntl.h> + #include <signal.h> + #include <stdio.h> + #include <syslog.h> + #include <string.h> ++#include <unistd.h> + + extern void exit(); + +diff --git a/tcpd.c b/tcpd.c +index dc9ff17..4353caa 100644 +--- a/tcpd.c ++++ b/tcpd.c +@@ -46,7 +46,7 @@ void fix_options(struct request_info *); + int allow_severity = SEVERITY; /* run-time adjustable */ + int deny_severity = LOG_WARNING; /* ditto */ + +-main(argc, argv) ++void main(argc, argv) + int argc; + char **argv; + { +diff --git a/tcpdchk.c b/tcpdchk.c +index 5dca8bd..67c12ce 100644 +--- a/tcpdchk.c ++++ b/tcpdchk.c +@@ -38,6 +38,7 @@ static char sccsid[] = "@(#) tcpdchk.c 1.8 97/02/12 02:13:25"; + + extern int errno; + extern void exit(); ++extern unsigned long cidr_mask_addr(char* str); + extern int optind; + extern char *optarg; + +diff --git a/workarounds.c b/workarounds.c +index b22b378..6335049 100644 +--- a/workarounds.c ++++ b/workarounds.c +@@ -21,6 +21,7 @@ char sccsid[] = "@(#) workarounds.c 1.6 96/03/19 16:22:25"; + #include <stdio.h> + #include <syslog.h> + #include <string.h> ++#include <unistd.h> + + extern int errno; + +-- +2.37.1 + diff --git a/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers_7.6.bb b/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers_7.6.bb index 814d7fd913..8137d257c8 100644 --- a/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers_7.6.bb +++ b/poky/meta/recipes-extended/tcp-wrappers/tcp-wrappers_7.6.bb @@ -50,6 +50,7 @@ SRC_URI = "http://ftp.porcupine.org/pub/security/tcp_wrappers_${PV}.tar.gz \ file://fix_warnings.patch \ file://fix_warnings2.patch \ file://0001-Remove-fgets-extern-declaration.patch \ + file://0001-Fix-implicit-function-declaration-warnings.patch \ " SRC_URI[md5sum] = "e6fa25f71226d090f34de3f6b122fb5a" diff --git a/poky/meta/recipes-extended/timezone/timezone.inc b/poky/meta/recipes-extended/timezone/timezone.inc index cdd1a2ac3c..d3c78e9157 100644 --- a/poky/meta/recipes-extended/timezone/timezone.inc +++ b/poky/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2022a" +PV = "2022d" SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \ http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \ @@ -14,6 +14,6 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "f8575e7e33be9ee265df2081092526b81c80abac3f4a04399ae9d4d91cdadac7" -SRC_URI[tzdata.sha256sum] = "ef7fffd9f4f50f4f58328b35022a32a5a056b245c5cb3d6791dddb342f871664" +SRC_URI[tzcode.sha256sum] = "d644ba0f938899374ea8cb554e35fb4afa0f7bd7b716c61777cd00500b8759e0" +SRC_URI[tzdata.sha256sum] = "6ecdbee27fa43dcfa49f3d4fd8bb1dfef54c90da1abcd82c9abcf2dc4f321de0" diff --git a/poky/meta/recipes-extended/watchdog/watchdog/0001-shutdown-Do-not-guard-sys-quota.h-sys-swap.h-and-sys.patch b/poky/meta/recipes-extended/watchdog/watchdog/0001-shutdown-Do-not-guard-sys-quota.h-sys-swap.h-and-sys.patch new file mode 100644 index 0000000000..8c419e1d11 --- /dev/null +++ b/poky/meta/recipes-extended/watchdog/watchdog/0001-shutdown-Do-not-guard-sys-quota.h-sys-swap.h-and-sys.patch @@ -0,0 +1,37 @@ +From ca1d379fa13c4055d42d2ff3a647b4397768efcd Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 23 Aug 2022 19:23:26 -0700 +Subject: [PATCH] shutdown: Do not guard sys/quota.h sys/swap.h and + sys/reboot.h with __GLIBC__ + +These headers are provided by uclibc/musl/glibc and bionic so we can +assume they are not needed to be glibc specific includes. This also +ensures that we get proper declaration of reboot() API + +Upstream-Status: Submitted [https://sourceforge.net/p/watchdog/patches/12/] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/shutdown.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/src/shutdown.c b/src/shutdown.c +index 1d9a857..6aea0d0 100644 +--- a/src/shutdown.c ++++ b/src/shutdown.c +@@ -29,13 +29,9 @@ + #include "extern.h" + #include "ext2_mnt.h" + +-#if defined __GLIBC__ + #include <sys/quota.h> + #include <sys/swap.h> + #include <sys/reboot.h> +-#else /* __GLIBC__ */ +-#include <linux/quota.h> +-#endif /* __GLIBC__ */ + + #include <unistd.h> + +-- +2.37.2 + diff --git a/poky/meta/recipes-extended/watchdog/watchdog_5.16.bb b/poky/meta/recipes-extended/watchdog/watchdog_5.16.bb index 1163846ed8..26fcc10487 100644 --- a/poky/meta/recipes-extended/watchdog/watchdog_5.16.bb +++ b/poky/meta/recipes-extended/watchdog/watchdog_5.16.bb @@ -13,6 +13,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/watchdog/watchdog-${PV}.tar.gz \ file://watchdog.init \ file://wd_keepalive.init \ file://0001-wd_keepalive.service-use-run-instead-of-var-run.patch \ + file://0001-shutdown-Do-not-guard-sys-quota.h-sys-swap.h-and-sys.patch \ " SRC_URI[md5sum] = "1b4f51cabc64d1bee2fce7cdd626831f" diff --git a/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb index 62ee70d244..897417314d 100644 --- a/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb +++ b/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb @@ -30,6 +30,8 @@ INITSCRIPT_PARAMS = "defaults" PACKAGECONFIG ??= "tcp-wrappers" PACKAGECONFIG[tcp-wrappers] = "--with-libwrap,,tcp-wrappers" +CFLAGS += "-D_GNU_SOURCE" + CONFFILES:${PN} = "${sysconfdir}/xinetd.conf" do_install:append() { diff --git a/poky/meta/recipes-extended/xz/xz/CVE-2022-1271.patch b/poky/meta/recipes-extended/xz/xz/CVE-2022-1271.patch deleted file mode 100644 index e43e73cf12..0000000000 --- a/poky/meta/recipes-extended/xz/xz/CVE-2022-1271.patch +++ /dev/null @@ -1,96 +0,0 @@ -From dc932a1e9c0d9f1db71be11a9b82496e3a72f112 Mon Sep 17 00:00:00 2001 -From: Lasse Collin <lasse.collin@tukaani.org> -Date: Tue, 29 Mar 2022 19:19:12 +0300 -Subject: [PATCH] xzgrep: Fix escaping of malicious filenames (ZDI-CAN-16587). - -Malicious filenames can make xzgrep to write to arbitrary files -or (with a GNU sed extension) lead to arbitrary code execution. - -xzgrep from XZ Utils versions up to and including 5.2.5 are -affected. 5.3.1alpha and 5.3.2alpha are affected as well. -This patch works for all of them. - -This bug was inherited from gzip's zgrep. gzip 1.12 includes -a fix for zgrep. - -The issue with the old sed script is that with multiple newlines, -the N-command will read the second line of input, then the -s-commands will be skipped because it's not the end of the -file yet, then a new sed cycle starts and the pattern space -is printed and emptied. So only the last line or two get escaped. - -One way to fix this would be to read all lines into the pattern -space first. However, the included fix is even simpler: All lines -except the last line get a backslash appended at the end. To ensure -that shell command substitution doesn't eat a possible trailing -newline, a colon is appended to the filename before escaping. -The colon is later used to separate the filename from the grep -output so it is fine to add it here instead of a few lines later. - -The old code also wasn't POSIX compliant as it used \n in the -replacement section of the s-command. Using \<newline> is the -POSIX compatible method. - -LC_ALL=C was added to the two critical sed commands. POSIX sed -manual recommends it when using sed to manipulate pathnames -because in other locales invalid multibyte sequences might -cause issues with some sed implementations. In case of GNU sed, -these particular sed scripts wouldn't have such problems but some -other scripts could have, see: - - info '(sed)Locale Considerations' - -This vulnerability was discovered by: -cleemy desu wayo working with Trend Micro Zero Day Initiative - -Thanks to Jim Meyering and Paul Eggert discussing the different -ways to fix this and for coordinating the patch release schedule -with gzip. - -Upstream-Status: Backport [https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch] -CVE: CVE-2022-1271 - -Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> ---- - src/scripts/xzgrep.in | 20 ++++++++++++-------- - 1 file changed, 12 insertions(+), 8 deletions(-) - -diff --git a/src/scripts/xzgrep.in b/src/scripts/xzgrep.in -index 9db5c3a..f64dddb 100644 ---- a/src/scripts/xzgrep.in -+++ b/src/scripts/xzgrep.in -@@ -179,22 +179,26 @@ for i; do - { test $# -eq 1 || test $no_filename -eq 1; }; then - eval "$grep" - else -+ # Append a colon so that the last character will never be a newline -+ # which would otherwise get lost in shell command substitution. -+ i="$i:" -+ -+ # Escape & \ | and newlines only if such characters are present -+ # (speed optimization). - case $i in - (*' - '* | *'&'* | *'\'* | *'|'*) -- i=$(printf '%s\n' "$i" | -- sed ' -- $!N -- $s/[&\|]/\\&/g -- $s/\n/\\n/g -- ');; -+ i=$(printf '%s\n' "$i" | LC_ALL=C sed 's/[&\|]/\\&/g; $!s/$/\\/');; - esac -- sed_script="s|^|$i:|" -+ -+ # $i already ends with a colon so don't add it here. -+ sed_script="s|^|$i|" - - # Fail if grep or sed fails. - r=$( - exec 4>&1 -- (eval "$grep" 4>&-; echo $? >&4) 3>&- | sed "$sed_script" >&3 4>&- -+ (eval "$grep" 4>&-; echo $? >&4) 3>&- | -+ LC_ALL=C sed "$sed_script" >&3 4>&- - ) || r=2 - exit $r - fi >&3 5>&- diff --git a/poky/meta/recipes-extended/xz/xz_5.2.5.bb b/poky/meta/recipes-extended/xz/xz_5.2.6.bb index 720e070f4a..3482622471 100644 --- a/poky/meta/recipes-extended/xz/xz_5.2.5.bb +++ b/poky/meta/recipes-extended/xz/xz_5.2.6.bb @@ -24,11 +24,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=97d554a32881fee0aa283d96e47cb24a \ file://lib/getopt.c;endline=23;md5=2069b0ee710572c03bb3114e4532cd84 \ " -SRC_URI = "https://tukaani.org/xz/xz-${PV}.tar.gz \ - file://CVE-2022-1271.patch \ - " -SRC_URI[md5sum] = "0d270c997aff29708c74d53f599ef717" -SRC_URI[sha256sum] = "f6f4910fd033078738bd82bfba4f49219d03b17eb0794eb91efbae419f4aba10" +SRC_URI = "https://tukaani.org/xz/xz-${PV}.tar.gz" +SRC_URI[sha256sum] = "a2105abee17bcd2ebd15ced31b4f5eda6e17efd6b10f921a01cda4a44c91b3a0" UPSTREAM_CHECK_REGEX = "xz-(?P<pver>\d+(\.\d+)+)\.tar" CACHED_CONFIGUREVARS += "gl_cv_posix_shell=/bin/sh" diff --git a/poky/meta/recipes-gnome/epiphany/epiphany_42.3.bb b/poky/meta/recipes-gnome/epiphany/epiphany_42.4.bb index f9d60ff2a9..9efd2800da 100644 --- a/poky/meta/recipes-gnome/epiphany/epiphany_42.3.bb +++ b/poky/meta/recipes-gnome/epiphany/epiphany_42.4.bb @@ -28,7 +28,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@oe.utils.trim_version("${PV}", 1)}/${GN file://migrator.patch \ file://distributor.patch \ " -SRC_URI[archive.sha256sum] = "7316d3c6500e825d8e57293fa58047c56727bee16cd6b6ac804ffe5d9b229560" +SRC_URI[archive.sha256sum] = "370938ad2920eeb28bc2435944776b7ba55a0e2ede65836f79818cfb7e8f0860" PACKAGECONFIG_SOUP ?= "soup2" PACKAGECONFIG ??= "${PACKAGECONFIG_SOUP}" diff --git a/poky/meta/recipes-gnome/gcr/gcr_3.40.0.bb b/poky/meta/recipes-gnome/gcr/gcr_3.40.0.bb index 717c31c325..8719884f25 100644 --- a/poky/meta/recipes-gnome/gcr/gcr_3.40.0.bb +++ b/poky/meta/recipes-gnome/gcr/gcr_3.40.0.bb @@ -13,6 +13,8 @@ DEPENDS = "p11-kit glib-2.0 libgcrypt gnupg-native \ CACHED_CONFIGUREVARS += "ac_cv_path_GPG='gpg2'" +CFLAGS += "-D_GNU_SOURCE" + GNOMEBASEBUILDCLASS = "meson" GTKDOC_MESON_OPTION = "gtk_doc" inherit gnomebase gtk-icon-cache gtk-doc features_check upstream-version-is-even vala gobject-introspection gettext mime mime-xdg diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-Add-use_prebuilt_tools-option.patch b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-Add-use_prebuilt_tools-option.patch index a8206a4507..02cc9a2a70 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-Add-use_prebuilt_tools-option.patch +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-Add-use_prebuilt_tools-option.patch @@ -1,4 +1,4 @@ -From ba73bb0f3d2023839bc3b681c49b7ec1192cceb4 Mon Sep 17 00:00:00 2001 +From f81b60ebcbbfd9548c8aa1e388662c429068d1e3 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Sat, 8 May 2021 21:58:54 +0200 Subject: [PATCH] Add use_prebuilt_tools option @@ -18,7 +18,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 5 files changed, 42 insertions(+), 19 deletions(-) diff --git a/gdk-pixbuf/meson.build b/gdk-pixbuf/meson.build -index 8b0590b..7331491 100644 +index 54ff9dd..2e321cf 100644 --- a/gdk-pixbuf/meson.build +++ b/gdk-pixbuf/meson.build @@ -342,13 +342,20 @@ foreach bin: gdkpixbuf_bin @@ -45,16 +45,18 @@ index 8b0590b..7331491 100644 # load the installed cache; we always build it by default loaders_cache = custom_target('loaders.cache', diff --git a/meson.build b/meson.build -index 7a1409b..0bc73eb 100644 +index 813bd43..a93e6f7 100644 --- a/meson.build +++ b/meson.build -@@ -403,16 +403,16 @@ subdir('gdk-pixbuf') +@@ -369,18 +369,18 @@ subdir('gdk-pixbuf') # i18n subdir('po') -if not meson.is_cross_build() +if not meson.is_cross_build() or get_option('use_prebuilt_tools') - subdir('tests') + if get_option('tests') + subdir('tests') + endif - subdir('thumbnailer') endif +subdir('thumbnailer') @@ -69,10 +71,10 @@ index 7a1409b..0bc73eb 100644 gdk_pixbuf_bindir, gdk_pixbuf_libdir, diff --git a/meson_options.txt b/meson_options.txt -index 0ee6718..cc29855 100644 +index d198d99..1c899e9 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -49,4 +49,8 @@ option('gio_sniffing', +@@ -53,4 +53,8 @@ option('gio_sniffing', description: 'Perform file type detection using GIO (Unused on MacOS and Windows)', type: 'boolean', value: true) @@ -82,7 +84,7 @@ index 0ee6718..cc29855 100644 + value: false) diff --git a/tests/meson.build b/tests/meson.build -index 7c6cb11..1029e6a 100644 +index 28c2525..d97c02d 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -5,6 +5,12 @@ diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch index 25410b11ea..dd580f8162 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch @@ -1,4 +1,4 @@ -From f00603d58d844422363b896ea7d07aaf48ddaa66 Mon Sep 17 00:00:00 2001 +From b511bd1efb43ffc49c753e309717a242ec686ef1 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Tue, 1 Apr 2014 17:23:36 +0100 Subject: [PATCH] gdk-pixbuf: add an option so that loader errors are fatal @@ -14,10 +14,10 @@ Signed-off-by: Ross Burton <ross.burton@intel.com> 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/gdk-pixbuf/queryloaders.c b/gdk-pixbuf/queryloaders.c -index 312aa78..b813d99 100644 +index 1d39b44..2b00815 100644 --- a/gdk-pixbuf/queryloaders.c +++ b/gdk-pixbuf/queryloaders.c -@@ -212,7 +212,7 @@ write_loader_info (GString *contents, const char *path, GdkPixbufFormat *info) +@@ -216,7 +216,7 @@ write_loader_info (GString *contents, const char *path, GdkPixbufFormat *info) g_string_append_c (contents, '\n'); } @@ -26,7 +26,7 @@ index 312aa78..b813d99 100644 query_module (GString *contents, const char *dir, const char *file) { char *path; -@@ -221,6 +221,7 @@ query_module (GString *contents, const char *dir, const char *file) +@@ -225,6 +225,7 @@ query_module (GString *contents, const char *dir, const char *file) void (*fill_vtable) (GdkPixbufModule *module); gpointer fill_info_ptr; gpointer fill_vtable_ptr; @@ -34,7 +34,7 @@ index 312aa78..b813d99 100644 if (g_path_is_absolute (file)) path = g_strdup (file); -@@ -270,10 +271,13 @@ query_module (GString *contents, const char *dir, const char *file) +@@ -274,10 +275,13 @@ query_module (GString *contents, const char *dir, const char *file) g_module_error()); else g_fprintf (stderr, "Cannot load loader %s\n", path); @@ -47,8 +47,8 @@ index 312aa78..b813d99 100644 + return ret; } - #ifdef G_OS_WIN32 -@@ -314,6 +318,7 @@ int main (int argc, char **argv) + #if defined(G_OS_WIN32) && defined(GDK_PIXBUF_RELOCATABLE) +@@ -318,6 +322,7 @@ int main (int argc, char **argv) gint first_file = 1; GFile *pixbuf_libdir_file; gchar *pixbuf_libdir; @@ -56,7 +56,7 @@ index 312aa78..b813d99 100644 #ifdef G_OS_WIN32 gchar *libdir; -@@ -452,7 +457,9 @@ int main (int argc, char **argv) +@@ -456,7 +461,9 @@ int main (int argc, char **argv) } modules = g_list_sort (modules, (GCompareFunc)strcmp); for (l = modules; l != NULL; l = l->next) @@ -67,7 +67,7 @@ index 312aa78..b813d99 100644 g_list_free_full (modules, g_free); g_free (moduledir); #else -@@ -468,7 +475,8 @@ int main (int argc, char **argv) +@@ -472,7 +479,8 @@ int main (int argc, char **argv) infilename = g_locale_to_utf8 (infilename, -1, NULL, NULL, NULL); #endif @@ -77,7 +77,7 @@ index 312aa78..b813d99 100644 } g_free (cwd); } -@@ -486,5 +494,8 @@ int main (int argc, char **argv) +@@ -490,5 +498,8 @@ int main (int argc, char **argv) g_free (pixbuf_libdir); diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.6.bb b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.9.bb index 55c16e4d66..d33718e3ea 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.6.bb +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.9.bb @@ -23,7 +23,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://0001-Add-use_prebuilt_tools-option.patch \ " -SRC_URI[sha256sum] = "c4a6b75b7ed8f58ca48da830b9fa00ed96d668d3ab4b1f723dcf902f78bde77f" +SRC_URI[sha256sum] = "28f7958e7bf29a32d4e963556d241d0a41a6786582ff6a5ad11665e0347fc962" inherit meson pkgconfig gettext pixbufcache ptest-gnome upstream-version-is-even gobject-introspection gi-docgen lib_package @@ -39,16 +39,18 @@ PACKAGECONFIG = "${GDK_PIXBUF_LOADERS} \ ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}" PACKAGECONFIG:class-native = "${GDK_PIXBUF_LOADERS}" -PACKAGECONFIG[png] = "-Dpng=true,-Dpng=false,libpng" -PACKAGECONFIG[jpeg] = "-Djpeg=true,-Djpeg=false,jpeg" -PACKAGECONFIG[tiff] = "-Dtiff=true,-Dtiff=false,tiff" +PACKAGECONFIG[png] = "-Dpng=enabled,-Dpng=disabled,libpng" +PACKAGECONFIG[jpeg] = "-Djpeg=enabled,-Djpeg=disabled,jpeg" +PACKAGECONFIG[tiff] = "-Dtiff=enabled,-Dtiff=disabled,tiff" PACKAGECONFIG[tests] = "-Dinstalled_tests=true,-Dinstalled_tests=false" -EXTRA_OEMESON:class-target = " \ +EXTRA_OEMESON = "-Dman=false" + +EXTRA_OEMESON:append:class-target = " \ -Duse_prebuilt_tools=true \ " -EXTRA_OEMESON:class-nativesdk = " \ +EXTRA_OEMESON:append:class-nativesdk = " \ -Duse_prebuilt_tools=true \ " @@ -95,9 +97,11 @@ do_install:append() { } -# Remove a bad fuzzing attempt that sporadically fails without a way to reproduce do_install_ptest() { + # Remove a bad fuzzing attempt that sporadically fails without a way to reproduce rm ${D}/${datadir}/installed-tests/gdk-pixbuf/pixbuf-randomly-modified.test + # https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/215 + rm ${D}/${datadir}/installed-tests/gdk-pixbuf/pixbuf-jpeg.test } do_install:append:class-native() { diff --git a/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb b/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb index 67081bb8cb..ffb813d290 100644 --- a/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb +++ b/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb @@ -17,9 +17,13 @@ LICENSE:${PN}-doc = "MPL-1.1 | LGPL-2.1-only" LICENSE:${PN}-gobject = "MPL-1.1 | LGPL-2.1-only" LICENSE:${PN}-script-interpreter = "MPL-1.1 | LGPL-2.1-only" LICENSE:${PN}-perf-utils = "GPL-3.0-or-later" +# Adapt the licenses for cairo-dbg and cairo-src depending on whether +# cairo-trace is being built. +LICENSE:${PN}-dbg = "(MPL-1.1 | LGPL-2.1-only)${@bb.utils.contains('PACKAGECONFIG', 'trace', ' & GPL-3.0-or-later', '', d)}" +LICENSE:${PN}-src = "(MPL-1.1 | LGPL-2.1-only)${@bb.utils.contains('PACKAGECONFIG', 'trace', ' & GPL-3.0-or-later', '', d)}" LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77 \ - file://util/cairo-trace/COPYING-GPL-3;md5=d32239bcb673463ab874e80d47fae504" + ${@bb.utils.contains('PACKAGECONFIG', 'trace', 'file://util/cairo-trace/COPYING-GPL-3;md5=d32239bcb673463ab874e80d47fae504', '', d)}" DEPENDS = "fontconfig glib-2.0 libpng pixman zlib" diff --git a/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.3.bb b/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.4.bb index fdc035d5f7..1708fa97f0 100644 --- a/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.3.bb +++ b/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.4.bb @@ -14,7 +14,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \ file://0001-libjpeg-turbo-fix-package_qa-error.patch \ " -SRC_URI[sha256sum] = "467b310903832b033fe56cd37720d1b73a6a3bd0171dbf6ff0b620385f4f76d0" +SRC_URI[sha256sum] = "d3ed26a1131a13686dfca4935e520eb7c90ae76fbc45d98bb50a8dc86230342b" UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/libjpeg-turbo/files/" UPSTREAM_CHECK_REGEX = "/libjpeg-turbo/files/(?P<pver>(\d+[\.\-_]*)+)/" diff --git a/poky/meta/recipes-graphics/wayland/weston/dont-use-plane-add-prop.patch b/poky/meta/recipes-graphics/wayland/weston/dont-use-plane-add-prop.patch deleted file mode 100644 index 1ac0695222..0000000000 --- a/poky/meta/recipes-graphics/wayland/weston/dont-use-plane-add-prop.patch +++ /dev/null @@ -1,32 +0,0 @@ -From ece4c3d261aeec230869c0304ed1011ff6837c16 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 12 Sep 2020 14:04:04 -0700 -Subject: [PATCH] Fix atomic modesetting with musl - -atomic modesetting seems to fail with drm weston backend and this patch fixes -it, below errors are seen before weston exits - -atomic: couldn't commit new state: Invalid argument - -Upstream-Status: Submitted [https://gitlab.freedesktop.org/wayland/weston/-/issues/158] -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- - libweston/backend-drm/kms.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libweston/backend-drm/kms.c b/libweston/backend-drm/kms.c -index 780d007..9994da1 100644 ---- a/libweston/backend-drm/kms.c -+++ b/libweston/backend-drm/kms.c -@@ -1142,8 +1142,8 @@ drm_pending_state_apply_atomic(struct drm_pending_state *pending_state, - wl_list_for_each(plane, &b->plane_list, link) { - drm_debug(b, "\t\t[atomic] starting with plane %lu disabled\n", - (unsigned long) plane->plane_id); -- plane_add_prop(req, plane, WDRM_PLANE_CRTC_ID, 0); -- plane_add_prop(req, plane, WDRM_PLANE_FB_ID, 0); -+ //plane_add_prop(req, plane, WDRM_PLANE_CRTC_ID, 0); -+ //plane_add_prop(req, plane, WDRM_PLANE_FB_ID, 0); - } - - flags |= DRM_MODE_ATOMIC_ALLOW_MODESET; diff --git a/poky/meta/recipes-graphics/wayland/weston_10.0.1.bb b/poky/meta/recipes-graphics/wayland/weston_10.0.2.bb index e27dac164e..f81a33fd1e 100644 --- a/poky/meta/recipes-graphics/wayland/weston_10.0.1.bb +++ b/poky/meta/recipes-graphics/wayland/weston_10.0.2.bb @@ -13,9 +13,7 @@ SRC_URI = "https://gitlab.freedesktop.org/wayland/weston/-/releases/${PV}/downlo file://systemd-notify.weston-start \ " -SRC_URI:append:libc-musl = " file://dont-use-plane-add-prop.patch " - -SRC_URI[sha256sum] = "8a9e52506a865a7410981b04f8341b89b84106db8531ab1f9fdd37b5dc034115" +SRC_URI[sha256sum] = "89646ca0d9f8d413c2767e5c3828eaa3fa149c2a105b3729a6894fa7cf1549e7" UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html" diff --git a/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb index a6ab9ca56d..dea7b65a7c 100644 --- a/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb +++ b/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "\ DEPENDS = "git-native" -SRCREV = "90598a5fae1172e3f7782a1b02f7b7518efd32c8" +SRCREV = "ba600ef61a85966596126a6e8d936971905e8749" PV = "0.3+git${SRCPV}" inherit native diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220708.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220913.bb index 91c32e49d6..45c9d0e861 100644 --- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220708.bb +++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220913.bb @@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ " # WHENCE checksum is defined separately to ease overriding it if # class-devupstream is selected. -WHENCE_CHKSUM = "def08711eb23ba967fb7e1f8cff66178" +WHENCE_CHKSUM = "98ecc3d3223df7ebdc23b0ec56aafb20" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -209,7 +209,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "0abec827a035c82bdcabdf82aa37ded247bc682ef05861bd409ea6f477bab81d" +SRC_URI[sha256sum] = "26fd00f2d8e96c4af6f44269a6b893eb857253044f75ad28ef6706a2250cd8e9" inherit allarch @@ -311,6 +311,11 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \ ${PN}-qcom-adreno-a2xx ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a4xx ${PN}-qcom-adreno-a530 \ ${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \ ${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \ + ${PN}-qcom-sc8280xp-lenovo-x13s-compat \ + ${PN}-qcom-sc8280xp-lenovo-x13s-audio \ + ${PN}-qcom-sc8280xp-lenovo-x13s-adreno \ + ${PN}-qcom-sc8280xp-lenovo-x13s-compute \ + ${PN}-qcom-sc8280xp-lenovo-x13s-sensors \ ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \ ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \ ${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \ @@ -976,6 +981,11 @@ FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${n FILES:${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*" FILES:${PN}-qcom-apq8096-audio = "${nonarch_base_libdir}/firmware/qcom/apq8096/adsp*.*" FILES:${PN}-qcom-apq8096-modem = "${nonarch_base_libdir}/firmware/qcom/apq8096/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8096/modem*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/wlanmdsp.mbn" +FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compat = "${nonarch_base_libdir}/firmware/qcom/LENOVO/21BX" +FILES:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*adsp*.* ${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/battmgr.jsn" +FILES:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/qcdxkmsuc8280.mbn" +FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*cdsp*.*" +FILES:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*slpi*.*" FILES:${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*" FILES:${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*" FILES:${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn" @@ -996,12 +1006,21 @@ RDEPENDS:${PN}-qcom-adreno-a650 = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-adreno-a660 = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-apq8096-audio = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-apq8096-modem = "${PN}-qcom-license" +RDEPENDS:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${PN}-qcom-license" +RDEPENDS:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "${PN}-qcom-license" +RDEPENDS:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "${PN}-qcom-license" +RDEPENDS:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-sdm845-audio = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-sdm845-compute = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-sdm845-modem = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-sm8250-audio = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-sm8250-compute = "${PN}-qcom-license" +RRECOMMENDS:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${PN}-qcom-sc8280xp-lenovo-x13s-compat" +RRECOMMENDS:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "${PN}-qcom-sc8280xp-lenovo-x13s-compat" +RRECOMMENDS:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "${PN}-qcom-sc8280xp-lenovo-x13s-compat" +RRECOMMENDS:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "${PN}-qcom-sc8280xp-lenovo-x13s-compat" + FILES:${PN}-liquidio = "${nonarch_base_libdir}/firmware/liquidio" # For Amlogic VDEC @@ -1081,3 +1100,6 @@ python populate_packages:prepend () { # Firmware files are generally not ran on the CPU, so they can be # allarch despite being architecture specific INSANE_SKIP = "arch" + +# Don't warn about already stripped files +INSANE_SKIP:${PN} = "already-stripped" diff --git a/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.16.bb b/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.16.bb index c64629d094..d5039264c4 100644 --- a/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.16.bb +++ b/poky/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.16.bb @@ -7,7 +7,7 @@ SRC_URI:append:libc-musl = "\ file://0001-include-linux-stddef.h-in-swab.h-uapi-header.patch \ " -SRC_URI:append = "\ +SRC_URI += "\ file://0001-scripts-Use-fixed-input-and-output-files-instead-of-.patch \ file://0001-kbuild-install_headers.sh-Strip-_UAPI-from-if-define.patch \ " diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb b/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb index d35632071b..75b1cb2a49 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb @@ -50,7 +50,7 @@ PACKAGECONFIG[dt-validation] = ",,python3-dtschema-native" # we need the wrappers if validation isn't in the packageconfig DEPENDS += "${@bb.utils.contains('PACKAGECONFIG', 'dt-validation', '', 'python3-dtschema-wrapper-native', d)}" -COMPATIBLE_MACHINE = "(qemuarm|qemux86|qemuppc|qemumips|qemumips64|qemux86-64|qemuriscv32|qemuriscv64)" +COMPATIBLE_MACHINE = "^(qemuarm|qemux86|qemuppc|qemumips|qemumips64|qemux86-64|qemuriscv32|qemuriscv64)$" KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index 9387c67cfb..7ce21f0719 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "6df690626649ba5430a379f63a5f7b7423ce2e48" -SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" +SRCREV_machine ?= "932359383ea84843300c03ee6633881de1af488b" +SRCREV_meta ?= "92c947578207d27db250ee7250bacc11d9d80d4f" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.135" +LINUX_VERSION ?= "5.10.143" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" @@ -31,7 +31,7 @@ KCONF_BSP_AUDIT_LEVEL = "1" LINUX_KERNEL_TYPE = "preempt-rt" -COMPATIBLE_MACHINE = "(qemux86|qemux86-64|qemuarm|qemuarmv5|qemuarm64|qemuppc|qemumips)" +COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm|qemuarmv5|qemuarm64|qemuppc|qemumips)$" KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 32c7db2c74..6f8648e004 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "13ee019f28013cf8c102a3ffaadfa5e9ae9743e1" -SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" +SRCREV_machine ?= "dba1b7d90813231782bdeda1bd169c93b35c94e0" +SRCREV_meta ?= "1128d7bcdcde490d4f35cc00c97f5410bb240d99" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.59" +LINUX_VERSION ?= "5.15.68" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" @@ -31,7 +31,7 @@ KCONF_BSP_AUDIT_LEVEL = "1" LINUX_KERNEL_TYPE = "preempt-rt" -COMPATIBLE_MACHINE = "(qemux86|qemux86-64|qemuarm|qemuarmv5|qemuarm64|qemuppc|qemumips)" +COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm|qemuarmv5|qemuarm64|qemuppc|qemumips)$" KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index d7aa3281cc..760b2be437 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.135" +LINUX_VERSION ?= "5.10.143" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,16 +15,16 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine:qemuarm ?= "3b1c4608c04d645b292f13cc550b5151e032794b" -SRCREV_machine ?= "cbfab86927ad95da60b8d49957ca941df615d877" -SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" +SRCREV_machine:qemuarm ?= "f794496466680c6dbd36cb34b3e0884d0ee48d2d" +SRCREV_machine ?= "8173de3a22ec3395be1ae01dbe823d076313641a" +SRCREV_meta ?= "92c947578207d27db250ee7250bacc11d9d80d4f" PV = "${LINUX_VERSION}+git${SRCPV}" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -COMPATIBLE_MACHINE = "qemux86|qemux86-64|qemuarm|qemuarmv5" +COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm|qemuarmv5)$" # Functionality flags KERNEL_FEATURES = "" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 8eb138e78b..4f2bb48743 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.59" +LINUX_VERSION ?= "5.15.68" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,15 +14,15 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "86c19d4c40f475e09a076d55391fa66d96a1b3ac" -SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" +SRCREV_machine ?= "33e7eea5c4545a973cf01a849c2b45fa0cd1fa13" +SRCREV_meta ?= "1128d7bcdcde490d4f35cc00c97f5410bb240d99" PV = "${LINUX_VERSION}+git${SRCPV}" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -COMPATIBLE_MACHINE = "qemux86|qemux86-64|qemuarm64|qemuarm|qemuarmv5" +COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm64|qemuarm|qemuarmv5)$" # Functionality flags KERNEL_FEATURES = "" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto.inc b/poky/meta/recipes-kernel/linux/linux-yocto.inc index cabc8f4975..7ea661e138 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto.inc +++ b/poky/meta/recipes-kernel/linux/linux-yocto.inc @@ -60,7 +60,7 @@ do_install:append(){ KERNEL_FEATURES:append:qemuall=" features/kernel-sample/kernel-sample.scc" KERNEL_DEBUG_OPTIONS ?= "stack" -KERNEL_EXTRA_ARGS:append:x86-64 = "${@bb.utils.contains('KERNEL_DEBUG_OPTIONS', 'stack', 'HOST_LIBELF_LIBS="-L${RECIPE_SYSROOT_NATIVE}/usr/lib/pkgconfig/../../../usr/lib/ -lelf"', '', d)}" +KERNEL_EXTRA_ARGS:append:x86-64 = " ${@bb.utils.contains('KERNEL_DEBUG_OPTIONS', 'stack', 'HOST_LIBELF_LIBS="-L${RECIPE_SYSROOT_NATIVE}/usr/lib/pkgconfig/../../../usr/lib/ -lelf"', '', d)}" do_devshell:prepend() { # setup native pkg-config variables (kconfig scripts call pkg-config directly, cannot generically be overriden to pkg-config-native) diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb index 73a58e59a0..bf43f77100 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,23 +13,23 @@ KBRANCH:qemux86 ?= "v5.10/standard/base" KBRANCH:qemux86-64 ?= "v5.10/standard/base" KBRANCH:qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "23ab0f8300e7b90fdf1e0be923933d5cfd03b618" -SRCREV_machine:qemuarm64 ?= "5ff1949cbb7ff90ae3e4dc6fd0fd9876ffaab9d2" -SRCREV_machine:qemumips ?= "01c75770046189608bb4ea9977521ec58a15b6bf" -SRCREV_machine:qemuppc ?= "7dd170da9eacb57c6d8eff88ca24b8bf55ab042a" -SRCREV_machine:qemuriscv64 ?= "d09b184cbc0321794bda715ab560dec077a048d0" -SRCREV_machine:qemuriscv32 ?= "d09b184cbc0321794bda715ab560dec077a048d0" -SRCREV_machine:qemux86 ?= "d09b184cbc0321794bda715ab560dec077a048d0" -SRCREV_machine:qemux86-64 ?= "d09b184cbc0321794bda715ab560dec077a048d0" -SRCREV_machine:qemumips64 ?= "a099189ac94c7218c09f1519ea4222fb2d9070be" -SRCREV_machine ?= "d09b184cbc0321794bda715ab560dec077a048d0" -SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" +SRCREV_machine:qemuarm ?= "1cfbadeee39ed8d3a8840586a57eee0cf1686f62" +SRCREV_machine:qemuarm64 ?= "12f0f8c4af04c4d4cb7762b7a2e5cfaa917f8fe9" +SRCREV_machine:qemumips ?= "4b9e240c03b2b60be378ae2cc9a321922201de8f" +SRCREV_machine:qemuppc ?= "7914a529e3ccd64f347439d5cabc202d24af3ea0" +SRCREV_machine:qemuriscv64 ?= "8cf777336c9b7160ffdf1e8d7e4d8ee0cd8cdb37" +SRCREV_machine:qemuriscv32 ?= "8cf777336c9b7160ffdf1e8d7e4d8ee0cd8cdb37" +SRCREV_machine:qemux86 ?= "8cf777336c9b7160ffdf1e8d7e4d8ee0cd8cdb37" +SRCREV_machine:qemux86-64 ?= "8cf777336c9b7160ffdf1e8d7e4d8ee0cd8cdb37" +SRCREV_machine:qemumips64 ?= "05365e1787c60331f88bec98dd0fcca08ce78b06" +SRCREV_machine ?= "8cf777336c9b7160ffdf1e8d7e4d8ee0cd8cdb37" +SRCREV_meta ?= "92c947578207d27db250ee7250bacc11d9d80d4f" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.135" +LINUX_VERSION ?= "5.10.143" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" @@ -42,7 +42,7 @@ KCONF_BSP_AUDIT_LEVEL = "1" KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb" -COMPATIBLE_MACHINE = "qemuarm|qemuarmv5|qemuarm64|qemux86|qemuppc|qemuppc64|qemumips|qemumips64|qemux86-64|qemuriscv64|qemuriscv32" +COMPATIBLE_MACHINE = "^(qemuarm|qemuarmv5|qemuarm64|qemux86|qemuppc|qemuppc64|qemumips|qemumips64|qemux86-64|qemuriscv64|qemuriscv32)$" # Functionality flags KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 083f87727b..2f91fb7a37 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "c33f2e2ad3fdcc1c9539f80fb51b49f68c544c03" -SRCREV_machine:qemuarm64 ?= "e8a14fadeb24619f20d3caebc01c7f26c49f768a" -SRCREV_machine:qemumips ?= "c5f07eee39e4e03e90de3e71a3f6448fdb73921a" -SRCREV_machine:qemuppc ?= "b5873d3a40b837059a36179174863cb4c7f9e109" -SRCREV_machine:qemuriscv64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" -SRCREV_machine:qemuriscv32 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" -SRCREV_machine:qemux86 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" -SRCREV_machine:qemux86-64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" -SRCREV_machine:qemumips64 ?= "a6c0767511eed80395777e42d33fdc8405bff2b4" -SRCREV_machine ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" -SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" +SRCREV_machine:qemuarm ?= "efe28b4b16d4a1a19f59b4650a0bfb23ffc8c40e" +SRCREV_machine:qemuarm64 ?= "66986670c45f63d2ed2078e07aa817ede88025ad" +SRCREV_machine:qemumips ?= "aeeb80fd7f684aca830adb7daf32cfd80637cf3a" +SRCREV_machine:qemuppc ?= "5c6387a562af89ec92546c1374a120ac240f14e6" +SRCREV_machine:qemuriscv64 ?= "0e51e571701842db33ad96f6ddc8cc6b23230627" +SRCREV_machine:qemuriscv32 ?= "0e51e571701842db33ad96f6ddc8cc6b23230627" +SRCREV_machine:qemux86 ?= "0e51e571701842db33ad96f6ddc8cc6b23230627" +SRCREV_machine:qemux86-64 ?= "0e51e571701842db33ad96f6ddc8cc6b23230627" +SRCREV_machine:qemumips64 ?= "20ec37851f4ee9965120937dcf2567f15e72e07a" +SRCREV_machine ?= "0e51e571701842db33ad96f6ddc8cc6b23230627" +SRCREV_meta ?= "1128d7bcdcde490d4f35cc00c97f5410bb240d99" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "d676d6149a2f4b4d66b8ea0a1dfef30a54cf5750" +SRCREV_machine:class-devupstream ?= "dd20085f2a88b6cdb12bdcdbd2d7a761c86b184a" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.59" +LINUX_VERSION ?= "5.15.68" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" @@ -51,7 +51,7 @@ KCONF_BSP_AUDIT_LEVEL = "1" KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb" -COMPATIBLE_MACHINE = "qemuarm|qemuarmv5|qemuarm64|qemux86|qemuppc|qemuppc64|qemumips|qemumips64|qemux86-64|qemuriscv64|qemuriscv32" +COMPATIBLE_MACHINE = "^(qemuarm|qemuarmv5|qemuarm64|qemux86|qemuppc|qemuppc64|qemumips|qemumips64|qemux86-64|qemuriscv64|qemuriscv32)$" # Functionality flags KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc" diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-adjust-range-v5.10.137-in-block-probe.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-adjust-range-v5.10.137-in-block-probe.patch new file mode 100644 index 0000000000..1c3918be5c --- /dev/null +++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-adjust-range-v5.10.137-in-block-probe.patch @@ -0,0 +1,92 @@ +From 5dab3d515b6f5c5ac80c8e7674628495e3bf4ac6 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson <mjeanson@efficios.com> +Date: Mon, 22 Aug 2022 14:16:27 -0400 +Subject: [PATCH] fix: adjust range v5.10.137 in block probe + +See upstream commit, backported in v5.10.137 : + +commit 1cb3032406423b25aa984854b4d78e0100d292dd +Author: Christoph Hellwig <hch@lst.de> +Date: Thu Dec 3 17:21:39 2020 +0100 + + block: remove the request_queue to argument request based tracepoints + + [ Upstream commit a54895fa057c67700270777f7661d8d3c7fda88a ] + + The request_queue can trivially be derived from the request. + +Change-Id: I01f96a437641421faf993b4b031171c372bd0374 +Signed-off-by: Michael Jeanson <mjeanson@efficios.com> +Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> + +Upstream-Status: Backport [https://github.com/lttng/lttng-modules/commit/5dab3d515b6f5c5ac80c8e7674628495e3bf4ac6] +Signed-off-by: Steve Sakoman <steve@sakoman.com> + +--- + include/instrumentation/events/block.h | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git a/include/instrumentation/events/block.h b/include/instrumentation/events/block.h +index 882e6e08..d4821c12 100644 +--- a/include/instrumentation/events/block.h ++++ b/include/instrumentation/events/block.h +@@ -366,7 +366,8 @@ LTTNG_TRACEPOINT_EVENT(block_rq_requeue, + lttng_req_op(rq), lttng_req_rw(rq), blk_rq_bytes(rq)) + ) + ) +-#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) ++#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) \ ++ || LTTNG_KERNEL_RANGE(5,10,137, 5,11,0)) + /** + * block_rq_requeue - place block IO request back on a queue + * @rq: block IO operation request +@@ -611,7 +612,8 @@ LTTNG_TRACEPOINT_EVENT_CLASS(block_rq, + ctf_array_text(char, comm, current->comm, TASK_COMM_LEN) + ) + ) +-#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) ++#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) \ ++ || LTTNG_KERNEL_RANGE(5,10,137, 5,11,0)) + LTTNG_TRACEPOINT_EVENT_CLASS(block_rq, + + TP_PROTO(struct request *rq), +@@ -746,7 +748,8 @@ LTTNG_TRACEPOINT_EVENT_CLASS_CODE(block_rq, + ) + #endif /* #else #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,11,0)) */ + +-#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) \ ++ || LTTNG_KERNEL_RANGE(5,10,137, 5,11,0)) + /** + * block_rq_insert - insert block operation request into queue + * @rq: block IO operation request +@@ -781,7 +784,8 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(block_rq, block_rq_insert, + ) + #endif + +-#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) \ ++ || LTTNG_KERNEL_RANGE(5,10,137, 5,11,0)) + /** + * block_rq_issue - issue pending block IO request operation to device driver + * @rq: block IO operation operation request +@@ -812,7 +816,8 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(block_rq, block_rq_issue, + ) + #endif + +-#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) \ ++ || LTTNG_KERNEL_RANGE(5,10,137, 5,11,0)) + /** + * block_rq_merge - merge request with another one in the elevator + * @rq: block IO operation operation request +@@ -1632,7 +1637,8 @@ LTTNG_TRACEPOINT_EVENT(block_rq_remap, + lttng_req_op(rq), lttng_req_rw(rq), blk_rq_bytes(rq)) + ) + ) +-#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) ++#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) \ ++ || LTTNG_KERNEL_RANGE(5,10,137, 5,11,0)) + /** + * block_rq_remap - map request for a block operation request + * @rq: block IO operation request diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-compaction.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-compaction.patch new file mode 100644 index 0000000000..21e27ffc5e --- /dev/null +++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-compaction.patch @@ -0,0 +1,68 @@ +From 8e42c4821fb5f5cb816b6ddf73d9a13ba3298a63 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson <mjeanson@efficios.com> +Date: Wed, 10 Aug 2022 11:07:14 -0400 +Subject: [PATCH] fix: tie compaction probe build to CONFIG_COMPACTION + +The definition of 'struct compact_control' in 'mm/internal.h' depends on +CONFIG_COMPACTION being defined. Only build the compaction probe when +this configuration option is enabled. + +Thanks to Bruce Ashfield <bruce.ashfield@gmail.com> for reporting this +issue. + +Upstream-Status: Backport [https://review.lttng.org/c/lttng-modules/+/8660] + +Change-Id: I81e77aa9c1bf10452c152d432fe5224df0db42c9 +Signed-off-by: Michael Jeanson <mjeanson@efficios.com> +--- + src/probes/Kbuild | 34 ++++++++++++++++++---------------- + 1 file changed, 18 insertions(+), 16 deletions(-) + +diff --git a/src/probes/Kbuild b/src/probes/Kbuild +index 2908cf75..3e556b8e 100644 +--- a/src/probes/Kbuild ++++ b/src/probes/Kbuild +@@ -167,22 +167,24 @@ ifneq ($(CONFIG_BTRFS_FS),) + endif # $(wildcard $(btrfs_dep)) + endif # CONFIG_BTRFS_FS + +-# A dependency on internal header 'mm/internal.h' was introduced in v5.18 +-compaction_dep = $(srctree)/mm/internal.h +-compaction_dep_wildcard = $(wildcard $(compaction_dep)) +-compaction_dep_check = $(shell \ +-if [ \( $(VERSION) -ge 6 \ +- -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) -a \ +- -z "$(compaction_dep_wildcard)" ] ; then \ +- echo "warn" ; \ +-else \ +- echo "ok" ; \ +-fi ;) +-ifeq ($(compaction_dep_check),ok) +- obj-$(CONFIG_LTTNG) += lttng-probe-compaction.o +-else +- $(warning Files $(compaction_dep) not found. Probe "compaction" is disabled. Use full kernel source tree to enable it.) +-endif # $(wildcard $(compaction_dep)) ++ifneq ($(CONFIG_COMPACTION),) ++ # A dependency on internal header 'mm/internal.h' was introduced in v5.18 ++ compaction_dep = $(srctree)/mm/internal.h ++ compaction_dep_wildcard = $(wildcard $(compaction_dep)) ++ compaction_dep_check = $(shell \ ++ if [ \( $(VERSION) -ge 6 \ ++ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) -a \ ++ -z "$(compaction_dep_wildcard)" ] ; then \ ++ echo "warn" ; \ ++ else \ ++ echo "ok" ; \ ++ fi ;) ++ ifeq ($(compaction_dep_check),ok) ++ obj-$(CONFIG_LTTNG) += lttng-probe-compaction.o ++ else ++ $(warning Files $(compaction_dep) not found. Probe "compaction" is disabled. Use full kernel source tree to enable it.) ++ endif # $(wildcard $(compaction_dep)) ++endif # CONFIG_COMPACTION + + ifneq ($(CONFIG_EXT4_FS),) + ext4_dep = $(srctree)/fs/ext4/*.h +-- +2.34.1 + diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-mm-page_alloc-fix-tracepoint-mm_page_alloc_zone_.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-mm-page_alloc-fix-tracepoint-mm_page_alloc_zone_.patch new file mode 100644 index 0000000000..62376806c8 --- /dev/null +++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-mm-page_alloc-fix-tracepoint-mm_page_alloc_zone_.patch @@ -0,0 +1,106 @@ +From 8d5da4d2a3d7d9173208f4e8dc7a709f0bfc9820 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson <mjeanson@efficios.com> +Date: Wed, 8 Jun 2022 12:56:36 -0400 +Subject: [PATCH 1/3] fix: mm/page_alloc: fix tracepoint + mm_page_alloc_zone_locked() (v5.19) + +See upstream commit : + + commit 10e0f7530205799e7e971aba699a7cb3a47456de + Author: Wonhyuk Yang <vvghjk1234@gmail.com> + Date: Thu May 19 14:08:54 2022 -0700 + + mm/page_alloc: fix tracepoint mm_page_alloc_zone_locked() + + Currently, trace point mm_page_alloc_zone_locked() doesn't show correct + information. + + First, when alloc_flag has ALLOC_HARDER/ALLOC_CMA, page can be allocated + from MIGRATE_HIGHATOMIC/MIGRATE_CMA. Nevertheless, tracepoint use + requested migration type not MIGRATE_HIGHATOMIC and MIGRATE_CMA. + + Second, after commit 44042b4498728 ("mm/page_alloc: allow high-order pages + to be stored on the per-cpu lists") percpu-list can store high order + pages. But trace point determine whether it is a refiil of percpu-list by + comparing requested order and 0. + + To handle these problems, make mm_page_alloc_zone_locked() only be called + by __rmqueue_smallest with correct migration type. With a new argument + called percpu_refill, it can show roughly whether it is a refill of + percpu-list. + +Upstream-Status: Backport + +Change-Id: I2e4a57393757f12b9c5a4566c4d1102ee2474a09 +Signed-off-by: Michael Jeanson <mjeanson@efficios.com> +Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +--- + include/instrumentation/events/kmem.h | 45 +++++++++++++++++++++++++++ + 1 file changed, 45 insertions(+) + +diff --git a/include/instrumentation/events/kmem.h b/include/instrumentation/events/kmem.h +index 29c0fb7f..8c19e962 100644 +--- a/include/instrumentation/events/kmem.h ++++ b/include/instrumentation/events/kmem.h +@@ -218,6 +218,50 @@ LTTNG_TRACEPOINT_EVENT_MAP(mm_page_alloc, kmem_mm_page_alloc, + ) + ) + ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,19,0)) ++LTTNG_TRACEPOINT_EVENT_CLASS(kmem_mm_page, ++ ++ TP_PROTO(struct page *page, unsigned int order, int migratetype, ++ int percpu_refill), ++ ++ TP_ARGS(page, order, migratetype, percpu_refill), ++ ++ TP_FIELDS( ++ ctf_integer_hex(struct page *, page, page) ++ ctf_integer(unsigned long, pfn, ++ page ? page_to_pfn(page) : -1UL) ++ ctf_integer(unsigned int, order, order) ++ ctf_integer(int, migratetype, migratetype) ++ ctf_integer(int, percpu_refill, percpu_refill) ++ ) ++) ++ ++LTTNG_TRACEPOINT_EVENT_INSTANCE_MAP(kmem_mm_page, mm_page_alloc_zone_locked, ++ ++ kmem_mm_page_alloc_zone_locked, ++ ++ TP_PROTO(struct page *page, unsigned int order, int migratetype, ++ int percpu_refill), ++ ++ TP_ARGS(page, order, migratetype, percpu_refill) ++) ++ ++LTTNG_TRACEPOINT_EVENT_MAP(mm_page_pcpu_drain, ++ ++ kmem_mm_page_pcpu_drain, ++ ++ TP_PROTO(struct page *page, unsigned int order, int migratetype), ++ ++ TP_ARGS(page, order, migratetype), ++ ++ TP_FIELDS( ++ ctf_integer(unsigned long, pfn, ++ page ? page_to_pfn(page) : -1UL) ++ ctf_integer(unsigned int, order, order) ++ ctf_integer(int, migratetype, migratetype) ++ ) ++) ++#else + LTTNG_TRACEPOINT_EVENT_CLASS(kmem_mm_page, + + TP_PROTO(struct page *page, unsigned int order, int migratetype), +@@ -250,6 +294,7 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE_MAP(kmem_mm_page, mm_page_pcpu_drain, + + TP_ARGS(page, order, migratetype) + ) ++#endif + + #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(3,19,2) \ + || LTTNG_KERNEL_RANGE(3,14,36, 3,15,0) \ +-- +2.19.1 + diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0002-fix-fs-Remove-flags-parameter-from-aops-write_begin-.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0002-fix-fs-Remove-flags-parameter-from-aops-write_begin-.patch new file mode 100644 index 0000000000..84c97d5f90 --- /dev/null +++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0002-fix-fs-Remove-flags-parameter-from-aops-write_begin-.patch @@ -0,0 +1,76 @@ +From b5d1c38665cd69d7d1c94231fe0609da5c8afbc3 Mon Sep 17 00:00:00 2001 +From: Michael Jeanson <mjeanson@efficios.com> +Date: Wed, 8 Jun 2022 13:07:59 -0400 +Subject: [PATCH 2/3] fix: fs: Remove flags parameter from aops->write_begin + (v5.19) + +See upstream commit : + + commit 9d6b0cd7579844761ed68926eb3073bab1dca87b + Author: Matthew Wilcox (Oracle) <willy@infradead.org> + Date: Tue Feb 22 14:31:43 2022 -0500 + + fs: Remove flags parameter from aops->write_begin + + There are no more aop flags left, so remove the parameter. + +Upstream-Status: Backport + +Change-Id: I82725b93e13d749f52a631b2ac60df81a5e839f8 +Signed-off-by: Michael Jeanson <mjeanson@efficios.com> +Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +--- + include/instrumentation/events/ext4.h | 30 +++++++++++++++++++++++++++ + 1 file changed, 30 insertions(+) + +diff --git a/include/instrumentation/events/ext4.h b/include/instrumentation/events/ext4.h +index 513762c0..222416ec 100644 +--- a/include/instrumentation/events/ext4.h ++++ b/include/instrumentation/events/ext4.h +@@ -122,6 +122,35 @@ LTTNG_TRACEPOINT_EVENT(ext4_begin_ordered_truncate, + ) + ) + ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,19,0)) ++LTTNG_TRACEPOINT_EVENT_CLASS(ext4__write_begin, ++ ++ TP_PROTO(struct inode *inode, loff_t pos, unsigned int len), ++ ++ TP_ARGS(inode, pos, len), ++ ++ TP_FIELDS( ++ ctf_integer(dev_t, dev, inode->i_sb->s_dev) ++ ctf_integer(ino_t, ino, inode->i_ino) ++ ctf_integer(loff_t, pos, pos) ++ ctf_integer(unsigned int, len, len) ++ ) ++) ++ ++LTTNG_TRACEPOINT_EVENT_INSTANCE(ext4__write_begin, ext4_write_begin, ++ ++ TP_PROTO(struct inode *inode, loff_t pos, unsigned int len), ++ ++ TP_ARGS(inode, pos, len) ++) ++ ++LTTNG_TRACEPOINT_EVENT_INSTANCE(ext4__write_begin, ext4_da_write_begin, ++ ++ TP_PROTO(struct inode *inode, loff_t pos, unsigned int len), ++ ++ TP_ARGS(inode, pos, len) ++) ++#else + LTTNG_TRACEPOINT_EVENT_CLASS(ext4__write_begin, + + TP_PROTO(struct inode *inode, loff_t pos, unsigned int len, +@@ -153,6 +182,7 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(ext4__write_begin, ext4_da_write_begin, + + TP_ARGS(inode, pos, len, flags) + ) ++#endif + + LTTNG_TRACEPOINT_EVENT_CLASS(ext4__write_end, + TP_PROTO(struct inode *inode, loff_t pos, unsigned int len, +-- +2.19.1 + diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-workqueue-Fix-type-of-cpu-in-trace-event-v5.19.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-workqueue-Fix-type-of-cpu-in-trace-event-v5.19.patch new file mode 100644 index 0000000000..63f9c40d92 --- /dev/null +++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-workqueue-Fix-type-of-cpu-in-trace-event-v5.19.patch @@ -0,0 +1,124 @@ +From 526f13c844cd29f89bd3e924867d9ddfe3c40ade Mon Sep 17 00:00:00 2001 +From: Michael Jeanson <mjeanson@efficios.com> +Date: Wed, 15 Jun 2022 12:07:16 -0400 +Subject: [PATCH 3/3] fix: workqueue: Fix type of cpu in trace event (v5.19) + +See upstream commit : + + commit 873a400938b31a1e443c4d94b560b78300787540 + Author: Wonhyuk Yang <vvghjk1234@gmail.com> + Date: Wed May 4 11:32:03 2022 +0900 + + workqueue: Fix type of cpu in trace event + + The trace event "workqueue_queue_work" use unsigned int type for + req_cpu, cpu. This casue confusing cpu number like below log. + + $ cat /sys/kernel/debug/tracing/trace + cat-317 [001] ...: workqueue_queue_work: ... req_cpu=8192 cpu=4294967295 + + So, change unsigned type to signed type in the trace event. After + applying this patch, cpu number will be printed as -1 instead of + 4294967295 as folllows. + + $ cat /sys/kernel/debug/tracing/trace + cat-1338 [002] ...: workqueue_queue_work: ... req_cpu=8192 cpu=-1 + +Upstream-Status: Backport + +Change-Id: I478083c350b6ec314d87e9159dc5b342b96daed7 +Signed-off-by: Michael Jeanson <mjeanson@efficios.com> +Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +--- + include/instrumentation/events/workqueue.h | 49 ++++++++++++++++++++-- + 1 file changed, 46 insertions(+), 3 deletions(-) + +diff --git a/include/instrumentation/events/workqueue.h b/include/instrumentation/events/workqueue.h +index 023b65a8..5693cf89 100644 +--- a/include/instrumentation/events/workqueue.h ++++ b/include/instrumentation/events/workqueue.h +@@ -28,10 +28,35 @@ LTTNG_TRACEPOINT_EVENT_CLASS(workqueue_work, + ) + ) + ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,19,0)) + /** + * workqueue_queue_work - called when a work gets queued + * @req_cpu: the requested cpu +- * @cwq: pointer to struct cpu_workqueue_struct ++ * @pwq: pointer to struct pool_workqueue ++ * @work: pointer to struct work_struct ++ * ++ * This event occurs when a work is queued immediately or once a ++ * delayed work is actually queued on a workqueue (ie: once the delay ++ * has been reached). ++ */ ++LTTNG_TRACEPOINT_EVENT(workqueue_queue_work, ++ ++ TP_PROTO(int req_cpu, struct pool_workqueue *pwq, ++ struct work_struct *work), ++ ++ TP_ARGS(req_cpu, pwq, work), ++ ++ TP_FIELDS( ++ ctf_integer_hex(void *, work, work) ++ ctf_integer_hex(void *, function, work->func) ++ ctf_integer(int, req_cpu, req_cpu) ++ ) ++) ++#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(3,9,0)) ++/** ++ * workqueue_queue_work - called when a work gets queued ++ * @req_cpu: the requested cpu ++ * @pwq: pointer to struct pool_workqueue + * @work: pointer to struct work_struct + * + * This event occurs when a work is queued immediately or once a +@@ -40,17 +65,34 @@ LTTNG_TRACEPOINT_EVENT_CLASS(workqueue_work, + */ + LTTNG_TRACEPOINT_EVENT(workqueue_queue_work, + +-#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(3,9,0)) + TP_PROTO(unsigned int req_cpu, struct pool_workqueue *pwq, + struct work_struct *work), + + TP_ARGS(req_cpu, pwq, work), ++ ++ TP_FIELDS( ++ ctf_integer_hex(void *, work, work) ++ ctf_integer_hex(void *, function, work->func) ++ ctf_integer(unsigned int, req_cpu, req_cpu) ++ ) ++) + #else ++/** ++ * workqueue_queue_work - called when a work gets queued ++ * @req_cpu: the requested cpu ++ * @cwq: pointer to struct cpu_workqueue_struct ++ * @work: pointer to struct work_struct ++ * ++ * This event occurs when a work is queued immediately or once a ++ * delayed work is actually queued on a workqueue (ie: once the delay ++ * has been reached). ++ */ ++LTTNG_TRACEPOINT_EVENT(workqueue_queue_work, ++ + TP_PROTO(unsigned int req_cpu, struct cpu_workqueue_struct *cwq, + struct work_struct *work), + + TP_ARGS(req_cpu, cwq, work), +-#endif + + TP_FIELDS( + ctf_integer_hex(void *, work, work) +@@ -58,6 +100,7 @@ LTTNG_TRACEPOINT_EVENT(workqueue_queue_work, + ctf_integer(unsigned int, req_cpu, req_cpu) + ) + ) ++#endif + + /** + * workqueue_activate_work - called when a work gets activated +-- +2.19.1 + diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb b/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb index bee2204b42..80b9ceec3f 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb @@ -11,7 +11,12 @@ include lttng-platforms.inc SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \ file://0009-Rename-genhd-wrapper-to-blkdev.patch \ + file://0001-fix-mm-page_alloc-fix-tracepoint-mm_page_alloc_zone_.patch \ + file://0002-fix-fs-Remove-flags-parameter-from-aops-write_begin-.patch \ + file://0003-fix-workqueue-Fix-type-of-cpu-in-trace-event-v5.19.patch \ file://0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch \ + file://0001-fix-compaction.patch \ + file://0001-fix-adjust-range-v5.10.137-in-block-probe.patch \ " # Use :append here so that the patch is applied also when using devupstream diff --git a/poky/meta/recipes-kernel/lttng/lttng-platforms.inc b/poky/meta/recipes-kernel/lttng/lttng-platforms.inc index 933c65d85d..900e36df82 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-platforms.inc +++ b/poky/meta/recipes-kernel/lttng/lttng-platforms.inc @@ -15,3 +15,7 @@ LTTNGUST:arc = "" COMPATIBLE_HOST:arc:pn-lttng-ust = "null" +# Whether the platform supports lttng-tools +# lttng-tools requires SYS_ppoll and SYS_pselect6 which are not supported on riscv32. +# It's also turned off for riscv32 in meta-riscv. See https://github.com/riscv/meta-riscv/blob/master/conf/layer.conf +COMPATIBLE_HOST:riscv32:pn-lttng-tools = "null" diff --git a/poky/meta/recipes-kernel/perf/perf.bb b/poky/meta/recipes-kernel/perf/perf.bb index 95e7eae9fe..772bc2dea1 100644 --- a/poky/meta/recipes-kernel/perf/perf.bb +++ b/poky/meta/recipes-kernel/perf/perf.bb @@ -144,6 +144,9 @@ do_install() { # we are checking for this make target to be compatible with older perf versions if ${@bb.utils.contains('PACKAGECONFIG', 'scripting', 'true', 'false', d)} && grep -q install-python_ext ${S}/tools/perf/Makefile*; then oe_runmake DESTDIR=${D} install-python_ext + if [ -e ${D}${libdir}/python*/site-packages/perf-*/SOURCES.txt ]; then + sed -i -e 's#${WORKDIR}##g' ${D}${libdir}/python*/site-packages/perf-*/SOURCES.txt + fi fi } @@ -203,7 +206,7 @@ do_configure:prepend () { if [ -e "${S}/tools/perf/Makefile.perf" ]; then sed -i -e 's,\ .config-detected, $(OUTPUT)/config-detected,g' \ ${S}/tools/perf/Makefile.perf - sed -i -e "s,prefix='\$(DESTDIR_SQ)/usr'$,prefix='\$(DESTDIR_SQ)/usr' --install-lib='\$(DESTDIR)\$(PYTHON_SITEPACKAGES_DIR)',g" \ + sed -i -e "s,prefix='\$(DESTDIR_SQ)/usr'$,prefix='\$(DESTDIR_SQ)/usr' --install-lib='\$(PYTHON_SITEPACKAGES_DIR)' --root='\$(DESTDIR)',g" \ ${S}/tools/perf/Makefile.perf # backport https://github.com/torvalds/linux/commit/e4ffd066ff440a57097e9140fa9e16ceef905de8 sed -i -e 's,\($(Q)$(SHELL) .$(arch_errno_tbl).\) $(CC) $(arch_errno_hdr_dir),\1 $(firstword $(CC)) $(arch_errno_hdr_dir),g' \ @@ -244,6 +247,9 @@ do_configure:prepend () { # change the Makefile line to remove everything before 'tools/perf' sed -i -e "s%srcdir_SQ = \$(subst ','\\\'',\$(srcdir))%srcdir_SQ = \$(patsubst \%tools/perf,tools/perf,\$(subst ','\\\'',\$(srcdir)))%g" \ ${S}/tools/perf/Makefile.config + # Avoid hardcoded path to python-native + sed -i -e 's#\(PYTHON_WORD := \)$(call shell-wordify,$(PYTHON))#\1 python3#g' \ + ${S}/tools/perf/Makefile.config fi if [ -e "${S}/tools/perf/tests/Build" ]; then # OUTPUT is the full path, we have python on the path so we remove it from the diff --git a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.06.06.bb b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.08.12.bb index 2eba4f873b..357e79d7e1 100644 --- a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.06.06.bb +++ b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.08.12.bb @@ -5,7 +5,7 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" -SRC_URI[sha256sum] = "ac00f97efecce5046ed069d1d93f3365fdf994c7c7854a8fc50831e959537230" +SRC_URI[sha256sum] = "59c8f7d17966db71b27f90e735ee8f5b42ca3527694a8c5e6e9b56bd379c3b84" inherit bin_package allarch diff --git a/poky/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/poky/meta/recipes-multimedia/libpng/libpng_1.6.38.bb index 61e3d92e95..dc627203ef 100644 --- a/poky/meta/recipes-multimedia/libpng/libpng_1.6.37.bb +++ b/poky/meta/recipes-multimedia/libpng/libpng_1.6.38.bb @@ -5,14 +5,13 @@ library for use in applications that read, create, and manipulate PNG \ HOMEPAGE = "http://www.libpng.org/" SECTION = "libs" LICENSE = "Libpng" -LIC_FILES_CHKSUM = "file://LICENSE;md5=b0085051bf265bac2bfc38bc89f50000" +LIC_FILES_CHKSUM = "file://LICENSE;md5=5c900cc124ba35a274073b5de7639b13" DEPENDS = "zlib" LIBV = "16" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz" -SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9" -SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca" +SRC_URI[sha256sum] = "b3683e8b8111ebf6f1ac004ebb6b0c975cd310ec469d98364388e9cedbfa68be" MIRRORS += "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/ ${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/older-releases/" diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-34526.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-34526.patch new file mode 100644 index 0000000000..48ca56982f --- /dev/null +++ b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-34526.patch @@ -0,0 +1,29 @@ +From 3fc1fdda0068981340cc7ae136173731275e2c5e Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Thu, 18 Aug 2022 10:46:30 +0530 +Subject: [PATCH] CVE-2022-34526 + +Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/275735d0354e39c0ac1dc3c0db2120d6f31d1990] +CVE: CVE-2022-34526 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + libtiff/tif_dirinfo.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c +index 8565dfb..0f722a5 100644 +--- a/libtiff/tif_dirinfo.c ++++ b/libtiff/tif_dirinfo.c +@@ -1157,6 +1157,9 @@ _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag) + default: + return 1; + } ++ if( !TIFFIsCODECConfigured(tif->tif_dir.td_compression) ) { ++ return 0; ++ } + /* Check if codec specific tags are allowed for the current + * compression scheme (codec) */ + switch (tif->tif_dir.td_compression) { +-- +2.25.1 + diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 149516508f..b5ccd859f3 100644 --- a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -21,6 +21,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch \ file://CVE-2022-1354.patch \ file://CVE-2022-1355.patch \ + file://CVE-2022-34526.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" diff --git a/poky/meta/recipes-multimedia/webp/libwebp_1.2.2.bb b/poky/meta/recipes-multimedia/webp/libwebp_1.2.4.bb index 281cff1bf2..263589846a 100644 --- a/poky/meta/recipes-multimedia/webp/libwebp_1.2.2.bb +++ b/poky/meta/recipes-multimedia/webp/libwebp_1.2.4.bb @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6e8dee932c26f2dab503abf70c96d8bb \ file://PATENTS;md5=c6926d0cb07d296f886ab6e0cc5a85b7" SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz" -SRC_URI[sha256sum] = "7656532f837af5f4cec3ff6bafe552c044dc39bf453587bd5b77450802f4aee6" +SRC_URI[sha256sum] = "7bf5a8a28cc69bcfa8cb214f2c3095703c6b73ac5fba4d5480c205331d9494df" UPSTREAM_CHECK_URI = "http://downloads.webmproject.org/releases/webp/index.html" diff --git a/poky/meta/recipes-sato/webkit/libwpe_1.12.0.bb b/poky/meta/recipes-sato/webkit/libwpe_1.12.3.bb index ac4ee3eb23..77ca517ef7 100644 --- a/poky/meta/recipes-sato/webkit/libwpe_1.12.0.bb +++ b/poky/meta/recipes-sato/webkit/libwpe_1.12.3.bb @@ -11,7 +11,7 @@ inherit cmake features_check pkgconfig REQUIRED_DISTRO_FEATURES = "opengl" SRC_URI = "https://wpewebkit.org/releases/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "e8eeca228a6b4c36294cfb63f7d3ba9ada47a430904a5a973b3c99c96a44c18c" +SRC_URI[sha256sum] = "b84fdbfbc849ce4fdf084bb28b58e5463b1b4b6cc8f200dc77b41f8545d5329d" # This is a tweak of upstream-version-is-even needed because # ipstream directory contains tarballs for other components as well. diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.36.4.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.36.7.bb index df4ff63121..026e24ae39 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.36.4.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.36.7.bb @@ -16,8 +16,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://reproducibility.patch \ file://0001-When-building-introspection-files-do-not-quote-CFLAG.patch \ " - -SRC_URI[sha256sum] = "b6bebe1f85a479d968c19e44a4704622ef8cef61636ad1b2406b77d16ae2e2a8" +SRC_URI[sha256sum] = "0c260cf2b32f0481d017670dfed1b61e554967cd067195606c9f9eb5fe731743" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc diff --git a/poky/meta/recipes-sato/webkit/wpebackend-fdo_1.12.0.bb b/poky/meta/recipes-sato/webkit/wpebackend-fdo_1.12.1.bb index 4a18467ea4..5f776c13e6 100644 --- a/poky/meta/recipes-sato/webkit/wpebackend-fdo_1.12.0.bb +++ b/poky/meta/recipes-sato/webkit/wpebackend-fdo_1.12.1.bb @@ -13,7 +13,7 @@ inherit meson features_check pkgconfig REQUIRED_DISTRO_FEATURES = "opengl" SRC_URI = "https://wpewebkit.org/releases/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "6239c9c15523410798d66315de6b491712ab30009ba180f3e0dd076d9b0074ac" +SRC_URI[sha256sum] = "45aa833c44ec292f31fa943b01b8cc75e54eb623ad7ba6a66fc2f118fe69e629" # Especially helps compiling with clang which enable this as error when # using c++11 diff --git a/poky/meta/recipes-support/apr/apr/0001-add-AC_CACHE_CHECK-for-strerror_r-return-type.patch b/poky/meta/recipes-support/apr/apr/0001-add-AC_CACHE_CHECK-for-strerror_r-return-type.patch new file mode 100644 index 0000000000..d0a9bd9129 --- /dev/null +++ b/poky/meta/recipes-support/apr/apr/0001-add-AC_CACHE_CHECK-for-strerror_r-return-type.patch @@ -0,0 +1,52 @@ +From 8ca3c3306f1a149e51a3be6a4b1e47e9aee88262 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 23 Aug 2022 22:42:03 -0700 +Subject: [PATCH] add AC_CACHE_CHECK for strerror_r return type + +APR's configure script uses AC_TRY_RUN to detect whether the return type +of strerror_r is int. When cross-compiling this defaults to no. + +This commit adds an AC_CACHE_CHECK so users who cross-compile APR may +influence the outcome with a configure variable. + +Upstream-Status: Backport [https://svn.apache.org/viewvc?view=revision&revision=1875065] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + build/apr_common.m4 | 11 ++++------- + 1 file changed, 4 insertions(+), 7 deletions(-) + +diff --git a/build/apr_common.m4 b/build/apr_common.m4 +index cbf2a4c..42e75cf 100644 +--- a/build/apr_common.m4 ++++ b/build/apr_common.m4 +@@ -525,8 +525,9 @@ dnl string. + dnl + dnl + AC_DEFUN([APR_CHECK_STRERROR_R_RC], [ +-AC_MSG_CHECKING(for type of return code from strerror_r) +-AC_TRY_RUN([ ++AC_CACHE_CHECK([whether return code from strerror_r has type int], ++[ac_cv_strerror_r_rc_int], ++[AC_TRY_RUN([ + #include <errno.h> + #include <string.h> + #include <stdio.h> +@@ -542,14 +543,10 @@ main() + }], [ + ac_cv_strerror_r_rc_int=yes ], [ + ac_cv_strerror_r_rc_int=no ], [ +- ac_cv_strerror_r_rc_int=no ] ) ++ ac_cv_strerror_r_rc_int=no ] ) ] ) + if test "x$ac_cv_strerror_r_rc_int" = xyes; then + AC_DEFINE(STRERROR_R_RC_INT, 1, [Define if strerror returns int]) +- msg="int" +-else +- msg="pointer" + fi +-AC_MSG_RESULT([$msg]) + ] ) + + dnl +-- +2.37.2 + diff --git a/poky/meta/recipes-support/apr/apr/0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch b/poky/meta/recipes-support/apr/apr/0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch new file mode 100644 index 0000000000..fa6202da79 --- /dev/null +++ b/poky/meta/recipes-support/apr/apr/0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch @@ -0,0 +1,62 @@ +From ee728971fd9d2da39356f1574d58d5daa3b24520 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 26 Aug 2022 00:28:08 -0700 +Subject: [PATCH] configure: Remove runtime test for mmap that can map + /dev/zero + +This never works for cross-compile moreover it ends up disabling +ac_cv_file__dev_zero which then results in compiler errors in shared +mutexes + +Upstream-Status: Inappropriate [Cross-compile specific] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + configure.in | 32 -------------------------------- + 1 file changed, 32 deletions(-) + +diff --git a/configure.in b/configure.in +index a99049d..f1f55c7 100644 +--- a/configure.in ++++ b/configure.in +@@ -1182,38 +1182,6 @@ AC_CHECK_FUNCS([mmap munmap shm_open shm_unlink shmget shmat shmdt shmctl \ + APR_CHECK_DEFINE(MAP_ANON, sys/mman.h) + AC_CHECK_FILE(/dev/zero) + +-# Not all systems can mmap /dev/zero (such as HP-UX). Check for that. +-if test "$ac_cv_func_mmap" = "yes" && +- test "$ac_cv_file__dev_zero" = "yes"; then +- AC_MSG_CHECKING(for mmap that can map /dev/zero) +- AC_TRY_RUN([ +-#include <sys/types.h> +-#include <sys/stat.h> +-#include <fcntl.h> +-#ifdef HAVE_SYS_MMAN_H +-#include <sys/mman.h> +-#endif +- int main() +- { +- int fd; +- void *m; +- fd = open("/dev/zero", O_RDWR); +- if (fd < 0) { +- return 1; +- } +- m = mmap(0, sizeof(void*), PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0); +- if (m == (void *)-1) { /* aka MAP_FAILED */ +- return 2; +- } +- if (munmap(m, sizeof(void*)) < 0) { +- return 3; +- } +- return 0; +- }], [], [ac_cv_file__dev_zero=no], [ac_cv_file__dev_zero=no]) +- +- AC_MSG_RESULT($ac_cv_file__dev_zero) +-fi +- + # Now we determine which one is our anonymous shmem preference. + haveshmgetanon="0" + havemmapzero="0" +-- +2.37.2 + diff --git a/poky/meta/recipes-support/apr/apr_1.7.0.bb b/poky/meta/recipes-support/apr/apr_1.7.0.bb index 9c826d4380..cb4bb936d7 100644 --- a/poky/meta/recipes-support/apr/apr_1.7.0.bb +++ b/poky/meta/recipes-support/apr/apr_1.7.0.bb @@ -24,6 +24,8 @@ SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.bz2 \ file://libtoolize_check.patch \ file://0001-Add-option-to-disable-timed-dependant-tests.patch \ file://autoconf270.patch \ + file://0001-add-AC_CACHE_CHECK-for-strerror_r-return-type.patch \ + file://0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch \ file://CVE-2021-35940.patch \ " @@ -36,17 +38,30 @@ OE_BINCONFIG_EXTRA_MANGLE = " -e 's:location=source:location=installed:'" # Added to fix some issues with cmake. Refer to https://github.com/bmwcarit/meta-ros/issues/68#issuecomment-19896928 CACHED_CONFIGUREVARS += "apr_cv_mutex_recursive=yes" - +# Enable largefile +CACHED_CONFIGUREVARS += "apr_cv_use_lfs64=yes" +# Additional AC_TRY_RUN tests which will need to be cached for cross compile +CACHED_CONFIGUREVARS += "apr_cv_epoll=yes epoll_create1=yes apr_cv_sock_cloexec=yes \ + ac_cv_struct_rlimit=yes \ + ac_cv_func_sem_open=yes \ + apr_cv_process_shared_works=yes \ + apr_cv_mutex_robust_shared=yes \ + " # Also suppress trying to use sctp. # CACHED_CONFIGUREVARS += "ac_cv_header_netinet_sctp_h=no ac_cv_header_netinet_sctp_uio_h=no" -CACHED_CONFIGUREVARS += "ac_cv_sizeof_struct_iovec=yes" +# ac_cv_sizeof_struct_iovec is deduced using runtime check which will fail during cross-compile +CACHED_CONFIGUREVARS += "${@['ac_cv_sizeof_struct_iovec=16','ac_cv_sizeof_struct_iovec=8'][d.getVar('SITEINFO_BITS') != '32']}" + CACHED_CONFIGUREVARS += "ac_cv_file__dev_zero=yes" +CACHED_CONFIGUREVARS:append:libc-musl = " ac_cv_strerror_r_rc_int=yes" PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" +PACKAGECONFIG:append:libc-musl = " xsi-strerror" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," PACKAGECONFIG[timed-tests] = "--enable-timed-tests,--disable-timed-tests," +PACKAGECONFIG[xsi-strerror] = "ac_cv_strerror_r_rc_int=yes,ac_cv_strerror_r_rc_int=no," do_configure:prepend() { # Avoid absolute paths for grep since it causes failures diff --git a/poky/meta/recipes-support/boost/boost/0001-Don-t-skip-install-targets-if-there-s-build-no-in-ur.patch b/poky/meta/recipes-support/boost/boost/0001-Don-t-skip-install-targets-if-there-s-build-no-in-ur.patch new file mode 100644 index 0000000000..df8b285700 --- /dev/null +++ b/poky/meta/recipes-support/boost/boost/0001-Don-t-skip-install-targets-if-there-s-build-no-in-ur.patch @@ -0,0 +1,82 @@ +From 78fd284a42caabe8815cb0870b46e5567872e75b Mon Sep 17 00:00:00 2001 +From: Dmitry <grisumbras@gmail.com> +Date: Sat, 11 Dec 2021 16:58:23 +0300 +Subject: [PATCH] Don't skip install targets if there's <build>no in ureqs + (#113) + +--- + src/tools/stage.jam | 4 ++++ + test/install_build_no.py | 26 ++++++++++++++++++++++++++ + test/test_all.py | 1 + + 3 files changed, 31 insertions(+) + create mode 100755 test/install_build_no.py + +Fixes install of boost fiber shared libraries which are missing in 1.78.0 +but working in 1.79.0. Only kirkstone affected by this. + +Upstream-Status: Backport + +Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> + +diff --git a/tools/build/src/tools/stage.jam b/tools/build/src/tools/stage.jam +index c5f02e3ba..325129dc8 100644 +--- a/tools/build/src/tools/stage.jam ++++ b/tools/build/src/tools/stage.jam +@@ -478,6 +478,10 @@ class install-target-class : basic-target + return [ sequence.unique $(result2) ] ; + } + ++ rule skip-from-usage-requirements ( ) ++ { ++ } ++ + # Returns true iff 'type' is subtype of some element of 'types-to-include'. + # + local rule include-type ( type : types-to-include * ) +diff --git a/tools/build/test/install_build_no.py b/tools/build/test/install_build_no.py +new file mode 100755 +index 000000000..0ccf3c5cc +--- /dev/null ++++ b/tools/build/test/install_build_no.py +@@ -0,0 +1,26 @@ ++#!/usr/bin/python ++ ++# Copyright 2021 Dmitry Arkhipov (grisumbras@gmail.com) ++# Distributed under the Boost Software License, Version 1.0. ++# (See accompanying file LICENSE.txt or https://www.bfgroup.xyz/b2/LICENSE.txt) ++ ++# Check that <build>no in usage-requirements of dependencies does not affect ++# install rule, i.e. a skipped installed target does not affect insallation of ++# other targets. ++ ++import BoostBuild ++ ++t = BoostBuild.Tester() ++ ++t.write("a.cpp", "int main() {}\n") ++ ++t.write("jamroot.jam", """ ++make x : : maker : <build>no ; ++exe a : a.cpp ; ++install install : x a ; ++""") ++ ++t.run_build_system() ++t.expect_addition("install/a.exe") ++ ++t.cleanup() +diff --git a/tools/build/test/test_all.py b/tools/build/test/test_all.py +index b7ef5ad70..9ed729d01 100644 +--- a/tools/build/test/test_all.py ++++ b/tools/build/test/test_all.py +@@ -250,6 +250,7 @@ tests = ["abs_workdir", + "inherit_toolset", + "inherited_dependency", + "inline", ++ "install_build_no", + "libjpeg", + "liblzma", + "libpng", +-- +2.20.1 + diff --git a/poky/meta/recipes-support/boost/boost_1.78.0.bb b/poky/meta/recipes-support/boost/boost_1.78.0.bb index 58be9dcf12..08364a4c3c 100644 --- a/poky/meta/recipes-support/boost/boost_1.78.0.bb +++ b/poky/meta/recipes-support/boost/boost_1.78.0.bb @@ -7,4 +7,5 @@ SRC_URI += "file://boost-CVE-2012-2677.patch \ file://0001-dont-setup-compiler-flags-m32-m64.patch \ file://de657e01635306085488290ea83de541ec393f8b.patch \ file://0001-futex-fix-build-on-32-bit-architectures-using-64-bit.patch \ + file://0001-Don-t-skip-install-targets-if-there-s-build-no-in-ur.patch \ " diff --git a/poky/meta/recipes-support/curl/curl/CVE-2022-35252.patch b/poky/meta/recipes-support/curl/curl/CVE-2022-35252.patch new file mode 100644 index 0000000000..7b6f81bd02 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2022-35252.patch @@ -0,0 +1,72 @@ +From 62c09239ac4e08239c8e363b06901fc80637d8c7 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Mon, 29 Aug 2022 00:09:17 +0200 +Subject: [PATCH] cookie: reject cookies with "control bytes" + +Rejects 0x01 - 0x1f (except 0x09) plus 0x7f + +Reported-by: Axel Chong + +Bug: https://curl.se/docs/CVE-2022-35252.html + +CVE-2022-35252 + +Closes #9381 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/8dfc93e573ca740544a2d79ebb] + +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> +--- + lib/cookie.c | 29 +++++++++++++++++++++++++++++ + 1 file changed, 29 insertions(+) + +diff --git a/lib/cookie.c b/lib/cookie.c +index cb0c03b..e0470a1 100644 +--- a/lib/cookie.c ++++ b/lib/cookie.c +@@ -438,6 +438,30 @@ static bool bad_domain(const char *domain) + return TRUE; + } + ++/* ++ RFC 6265 section 4.1.1 says a server should accept this range: ++ ++ cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E ++ ++ But Firefox and Chrome as of June 2022 accept space, comma and double-quotes ++ fine. The prime reason for filtering out control bytes is that some HTTP ++ servers return 400 for requests that contain such. ++*/ ++static int invalid_octets(const char *p) ++{ ++ /* Reject all bytes \x01 - \x1f (*except* \x09, TAB) + \x7f */ ++ static const char badoctets[] = { ++ "\x01\x02\x03\x04\x05\x06\x07\x08\x0a" ++ "\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14" ++ "\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x7f" ++ }; ++ size_t vlen, len; ++ /* scan for all the octets that are *not* in cookie-octet */ ++ len = strcspn(p, badoctets); ++ vlen = strlen(p); ++ return (len != vlen); ++} ++ + /* + * Curl_cookie_add + * +@@ -590,6 +614,11 @@ Curl_cookie_add(struct Curl_easy *data, + badcookie = TRUE; + break; + } ++ if(invalid_octets(whatptr) || invalid_octets(name)) { ++ infof(data, "invalid octets in name/value, cookie dropped"); ++ badcookie = TRUE; ++ break; ++ } + } + else if(!len) { + /* +-- +2.35.1 + diff --git a/poky/meta/recipes-support/curl/curl_7.82.0.bb b/poky/meta/recipes-support/curl/curl_7.82.0.bb index 67de0220c6..5368c91f5c 100644 --- a/poky/meta/recipes-support/curl/curl_7.82.0.bb +++ b/poky/meta/recipes-support/curl/curl_7.82.0.bb @@ -28,6 +28,7 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2022-32206.patch \ file://CVE-2022-32207.patch \ file://CVE-2022-32208.patch \ + file://CVE-2022-35252.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" diff --git a/poky/meta/recipes-support/gnutls/gnutls/CVE-2022-2509.patch b/poky/meta/recipes-support/gnutls/gnutls/CVE-2022-2509.patch new file mode 100644 index 0000000000..c1c1def194 --- /dev/null +++ b/poky/meta/recipes-support/gnutls/gnutls/CVE-2022-2509.patch @@ -0,0 +1,282 @@ +From 8161fec931f416f5ca6aa31bb53751e140a93046 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Tue, 16 Aug 2022 16:56:15 +0530 +Subject: [PATCH] CVE-2022-2509 + +Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2] +CVE: CVE-2022-2509 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + NEWS | 4 + + lib/x509/pkcs7.c | 3 +- + tests/Makefile.am | 2 +- + tests/pkcs7-verify-double-free.c | 215 +++++++++++++++++++++++++++++++ + 4 files changed, 222 insertions(+), 2 deletions(-) + create mode 100644 tests/pkcs7-verify-double-free.c + +diff --git a/NEWS b/NEWS +index 36381f0..02c4040 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,10 @@ See the end for copying conditions. + + * Version 3.7.4 (released 2022-03-17) + ++** libgnutls: Fixed double free during verification of pkcs7 signatures. ++ Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium] ++ [CVE-2022-2509] ++ + ** libgnutls: Added support for certificate compression as defined in RFC8879. + ** certtool: Added option --compress-cert that allows user to specify compression + methods for certificate compression. +diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c +index 1f35fab..d5be7f4 100644 +--- a/lib/x509/pkcs7.c ++++ b/lib/x509/pkcs7.c +@@ -1318,7 +1318,8 @@ gnutls_x509_crt_t find_signer(gnutls_pkcs7_t pkcs7, gnutls_x509_trust_list_t tl, + issuer = find_verified_issuer_of(pkcs7, issuer, purpose, vflags); + + if (issuer != NULL && gnutls_x509_crt_check_issuer(issuer, issuer)) { +- if (prev) gnutls_x509_crt_deinit(prev); ++ if (prev && prev != signer) ++ gnutls_x509_crt_deinit(prev); + prev = issuer; + break; + } +diff --git a/tests/Makefile.am b/tests/Makefile.am +index cec0a4e..b3cb56c 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -230,7 +230,7 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei + sign-verify-newapi sign-verify-deterministic iov aead-cipher-vec \ + tls13-without-timeout-func buffer status-request-revoked \ + set_x509_ocsp_multi_cli kdf-api keylog-func handshake-write \ +- x509cert-dntypes id-on-xmppAddr tls13-compat-mode ciphersuite-name ++ x509cert-dntypes id-on-xmppAddr tls13-compat-mode ciphersuite-name pkcs7-verify-double-free + + ctests += tls-channel-binding + +diff --git a/tests/pkcs7-verify-double-free.c b/tests/pkcs7-verify-double-free.c +new file mode 100644 +index 0000000..fadf307 +--- /dev/null ++++ b/tests/pkcs7-verify-double-free.c +@@ -0,0 +1,215 @@ ++/* ++ * Copyright (C) 2022 Red Hat, Inc. ++ * ++ * Author: Zoltan Fridrich ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software: you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS. If not, see <https://www.gnu.org/licenses/>. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <gnutls/pkcs7.h> ++#include <gnutls/x509.h> ++ ++#include "utils.h" ++ ++static char rca_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQKDApFeGFt\n" ++ "cGxlIENBMCAXDTE3MDcyMTE0NDMzNloYDzIyMjIwNzIxMTQ0MzM2WjAVMRMwEQYD\n" ++ "VQQKDApFeGFtcGxlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\n" ++ "v8hnKPJ/IA0SQB/A/a0Uh+npZ67vsgIMrtTQo0r0kJkmkBz5323xO3DVuJfB3QmX\n" ++ "v9zvoeCQLuDvWar5Aixfxgm6s5Q+yPvJj9t3NebDrU+Y4+qyewBIJUF8EF/5iBPC\n" ++ "ZHONmzbfIRWvQWGGgb2CRcOHp2J7AY/QLB6LsWPaLjs/DHva28Q13JaTTHIpdu8v\n" ++ "t6vHr0nXf66DN4MvtoF3N+o+v3snJCMsfXOqASi4tbWR7gtOfCfiz9uBjh0W2Dut\n" ++ "/jclBQkJkLe6esNSM+f4YiOpctVDjmfj8yoHCp394vt0wFqhG38wsTFAyVP6qIcf\n" ++ "5zoSu9ovEt2cTkhnZHjiiwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud\n" ++ "DwEB/wQEAwIBBjAdBgNVHQ4EFgQUhjeO6Uc5imbjOl2I2ltVA27Hu9YwHwYDVR0j\n" ++ "BBgwFoAUhjeO6Uc5imbjOl2I2ltVA27Hu9YwDQYJKoZIhvcNAQELBQADggEBAD+r\n" ++ "i/7FsbG0OFKGF2+JOnth6NjJQcMfM8LiglqAuBUijrv7vltoZ0Z3FJH1Vi4OeMXn\n" ++ "l7X/9tWUve0uFl75MfjDrf0+lCEdYRY1LCba2BrUgpbbkLywVUdnbsvndehegCgS\n" ++ "jss2/zys3Hlo3ZaHlTMQ/NQ4nrxcxkjOvkZSEOqgxJTLpzm6pr7YUts4k6c6lNiB\n" ++ "FSiJiDzsJCmWR9C3fBbUlfDfTJYGN3JwqX270KchXDElo8gNoDnF7jBMpLFFSEKm\n" ++ "MyfbNLX/srh+CEfZaN/OZV4A3MQ0L8vQEp6M4CJhvRLIuMVabZ2coJ0AzystrOMU\n" ++ "LirBWjg89RoAjFQ7bTE=\n" ++ "-----END CERTIFICATE-----\n"; ++ ++static char ca_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQKDApFeGFt\n" ++ "cGxlIENBMCAXDTE3MDcyMTE0NDQzNFoYDzIyMjIwNzIxMTQ0NDM0WjAiMSAwHgYD\n" ++ "VQQKDBdFeGFtcGxlIGludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQAD\n" ++ "ggEPADCCAQoCggEBAKb9ACB8u//sP6MfNU1OsVw68xz3eTPLgKxS0vpqexm6iGVg\n" ++ "ug/o9uYRLzqiEukv/eyz9WzHmY7sqlOJjOFdv92+SaNg79Jc51WHPFXgea4/qyfr\n" ++ "4y14PGs0SNxm6T44sXurUs7cXydQVUgnq2VCaWFOTUdxXoAWkV8r8GaUoPD/klVz\n" ++ "RqxSZVETmX1XBKhsMnnov41kRwVph2C+VfUspsbaUZaz/o/S1/nokhXRACzKsMBr\n" ++ "obqiGxbY35uVzsmbAW5ErhQz98AWJL3Bub1fsEMXg6OEMmPH4AtX888dTIYZNw0E\n" ++ "bUIESspz1kjJQTtVQDHTprhwz16YiSVeUonlLgMCAwEAAaNjMGEwDwYDVR0TAQH/\n" ++ "BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPBjxDWjMhjXERirKF9O\n" ++ "o/5Cllc5MB8GA1UdIwQYMBaAFIY3julHOYpm4zpdiNpbVQNux7vWMA0GCSqGSIb3\n" ++ "DQEBCwUAA4IBAQCTm+vv3hBa6lL5IT+Fw8aTxQ2Ne7mZ5oyazhvXYwwfKNMX3SML\n" ++ "W2JdPaL64ZwbxxxYvW401o5Z0CEgru3YFrsqB/hEdl0Uf8UWWJmE1rRa+miTmbjt\n" ++ "lrLNCWdrs6CiwvsPITTHg7jevB4KyZYsTSxQFcyr3N3xF+6EmOTC4IkhPPnXYXcp\n" ++ "248ih+WOavSYoRvzgB/Dip1WnPYU2mfIV3O8JReRryngA0TzWCLPLUoWR3R4jwtC\n" ++ "+1uSLoqaenz3qv3F1WEbke37az9YJuXx/5D8CqFQiZ62TUUtI6fYd8mkMBM4Qfh6\n" ++ "NW9XrCkI9wlpL5K9HllhuW0BhKeJkuPpyQ2p\n" ++ "-----END CERTIFICATE-----\n"; ++ ++static char ee_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQKDBdFeGFt\n" ++ "cGxlIGludGVybWVkaWF0ZSBDQTAgFw0yMjA3MjExNDQ1MzdaGA8yMjIyMDcyMTE0\n" ++ "NDUzN1owFTETMBEGA1UEAwwKSm9obiBTbWl0aDCCASIwDQYJKoZIhvcNAQEBBQAD\n" ++ "ggEPADCCAQoCggEBAMb1uuxppBFY+WVD45iyHUq7DkIJNNOI/JRaybVJfPktWq2E\n" ++ "eNe7XhV05KKnqZTbDO2iYqNHqGhZ8pz/IstDRTZP3z/q1vXTG0P9Gx28rEy5TaUY\n" ++ "QjtD+ZoFUQm0ORMDBjd8jikqtJ87hKeuOPMH4rzdydotMaPQSm7KLzHBGBr6gg7z\n" ++ "g1IxPWkhMyHapoMqqrhjwjzoTY97UIXpZTEoIA+KpEC8f9CciBtL0i1MPBjWozB6\n" ++ "Jma9q5iEwZXuRr3cnPYeIPlK2drgDZCMuSFcYiT8ApLw5OhKqY1m2EvfZ2ox2s9R\n" ++ "68/HzYdPi3kZwiNEtlBvMlpt5yKBJAflp76d7DkCAwEAAaNuMGwwCwYDVR0PBAQD\n" ++ "AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUc+Mi\n" ++ "kr8WMCk00SQo+P2iggp/oQkwHwYDVR0jBBgwFoAU8GPENaMyGNcRGKsoX06j/kKW\n" ++ "VzkwDQYJKoZIhvcNAQELBQADggEBAKU9+CUR0Jcfybd1+8Aqgh1RH96yQygnVuyt\n" ++ "Na9rFz4fM3ij9tGXDHXrkZw8bW1dWLU9quu8zeTxKxc3aiDIw739Alz0tukttDo7\n" ++ "dW7YqIb77zsIsWB9p7G9dlxT6ieUy+5IKk69BbeK8KR0vAciAG4KVQxPhuPy/LGX\n" ++ "PzqlJIJ4h61s3UOroReHPB1keLZgpORqrvtpClOmABH9TLFRJA/WFg8Q2XYB/p0x\n" ++ "l/pWiaoBC+8wK9cDoMUK5yOwXeuCLffCb+UlAD0+z/qxJ2pisE8E9X8rRKRrWI+i\n" ++ "G7LtJCEn86EQK8KuRlJxKgj8lClZhoULB0oL4jbblBuNow9WRmM=\n" ++ "-----END CERTIFICATE-----\n"; ++ ++static char msg_pem[] = ++ "-----BEGIN PKCS7-----\n" ++ "MIIK2QYJKoZIhvcNAQcCoIIKyjCCCsYCAQExDTALBglghkgBZQMEAgEwCwYJKoZI\n" ++ "hvcNAQcBoIIJTzCCAwowggHyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwFTETMBEG\n" ++ "A1UECgwKRXhhbXBsZSBDQTAgFw0xNzA3MjExNDQzMjFaGA8yMjIyMDcyMTE0NDMy\n" ++ "MVowFTETMBEGA1UECgwKRXhhbXBsZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP\n" ++ "ADCCAQoCggEBAL51eyE4j8wAKQKMGlO9HEY2iaGvsdPSJmidSdmCi1jnNK39Lx4Y\n" ++ "31h279hSHF5wtI6VM91HHfeLf1mjEZHlKrXXJQzBPLpbHWapD778drHBitOP8e56\n" ++ "fDMIfofLV4tkMk8690vPe4cJH1UHGspMyz6EQF9kPRaW80XtMV/6dalgL/9Esmaw\n" ++ "XBNPJAS1VutDuXQkJ/3/rWFLmkpYHHtGPjX782YRmT1s+VOVTsLqmKx0TEL8A381\n" ++ "bbElHPUAMjPcyWR5qqA8KWnS5Dwqk3LwI0AvuhQytCq0S7Xl4DXauvxwTRXv0UU7\n" ++ "W8r3MLAw9DnlnJiD/RFjw5rbGO3wMePk/qUCAwEAAaNjMGEwDwYDVR0TAQH/BAUw\n" ++ "AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFIh2KRoKJoe2VtpOwWMkRAkR\n" ++ "mLWKMB8GA1UdIwQYMBaAFIh2KRoKJoe2VtpOwWMkRAkRmLWKMA0GCSqGSIb3DQEB\n" ++ "CwUAA4IBAQBovvlOjoy0MCT5U0eWfcPQQjY4Ssrn3IiPNlVkqSNo+FHX+2baTLVQ\n" ++ "5QTHxwXwzdIJiwtjFWDdGEQXqmuIvnFG+u/whGbeg6oQygfnQ5Y+q6epOxCsPgLQ\n" ++ "mKKEaF7mvh8DauUx4QSbYCNGCctOZuB1vlN9bJ3/5QbH+2pFPOfCr5CAyPDwHo6S\n" ++ "qO3yPcutRwT9xS7gXEHM9HhLp+DmdCGh4eVBPiFilyZm1d92lWxU8oxoSfXgzDT/\n" ++ "GCzlMykNZNs4JD9QmiRClP/3U0dQbOhah/Fda+N+L90xaqEgGcvwKKZa3pzo59pl\n" ++ "BbkcIP4YPyHeinwkgAn5UVJg9DOxNCS0MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG\n" ++ "9w0BAQsFADAVMRMwEQYDVQQKDApFeGFtcGxlIENBMCAXDTE3MDcyMTE0NDQxM1oY\n" ++ "DzIyMjIwNzIxMTQ0NDEzWjAiMSAwHgYDVQQKDBdFeGFtcGxlIGludGVybWVkaWF0\n" ++ "ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPFDEvDANwvhviu\n" ++ "pwXTvaKyxyX94jVu1wgAhIRyQBVRiMbrn8MEufLG8oA0vKd8s92gv/lWe1jFb2rn\n" ++ "91jMkZWsjWjiJFD6SzqFfBo+XxOGikEqO1MAf92UqavmSGlXVRG1Vy7T7dWibZP0\n" ++ "WODhHYWayR0Y6owSz5IqNfrHXzDME+lSJxHgRFI7pK+b0OgiVmvyXDKFPvyU6GrP\n" ++ "lxXDi/XbjyPvC5gpiwtTgm+s8KERwmdlfZUNjkh2PpHx1g1joijHT3wIvO/Pek1E\n" ++ "C+Xs6w3XxGgL6TTL7FDuv4AjZVX9KK66/yBhX3aN8bkqAg+hs9XNk3zzWC0XEFOS\n" ++ "Qoh2va0CAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw\n" ++ "HQYDVR0OBBYEFHwi/7dUWGjkMWJctOm7MCjjQj1cMB8GA1UdIwQYMBaAFIh2KRoK\n" ++ "Joe2VtpOwWMkRAkRmLWKMA0GCSqGSIb3DQEBCwUAA4IBAQCF6sHCBdYRwBwvfCve\n" ++ "og9cPnmPqZrG4AtmSvtoSsMvgvKb/4z3/gG8oPtTBkeRcAHoMoEp/oA+B2ylwIAc\n" ++ "S5U7jx+lYH/Pqih0X/OcOLbaMv8uzGSGQxk+L9LuuIT6E/THfRRIPEvkDkzC+/uk\n" ++ "7vUbG17bSEWeF0o/6sjzAY2aH1jnbCDyu0UC78GXkc6bZ5QlH98uLMDMrOmqcZjS\n" ++ "JFfvuRDQyKV5yBdBkYaobsIWSQDsgYxJzf/2y8c3r+HXqT+jhrXPWJ3btgMPxpu7\n" ++ "E8KmoFgp9EM+48oYlXJ66rk08/KjaVmgN7R+Hm3e2+MFT2kme4fBKalLjcazTe3x\n" ++ "0FisMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQKDBdF\n" ++ "eGFtcGxlIGludGVybWVkaWF0ZSBDQTAgFw0yMjA3MjExNDQ1MzBaGA8yMjIyMDcy\n" ++ "MTE0NDUzMVowFTETMBEGA1UEAwwKSm9obiBTbWl0aDCCASIwDQYJKoZIhvcNAQEB\n" ++ "BQADggEPADCCAQoCggEBAMjhSqhdD5RjmOm6W3hG7zkgKBP9whRN/SipcdEMlkgc\n" ++ "F/U3QMu66qIfKwheNdWalC1JLtruLDWP92ysa6Vw+CCG8aSax1AgB//RKQB7kgPA\n" ++ "9js9hi/oCdBmCv2HJxhWSLz+MVoxgzW4C7S9FenI+btxe/99Uw4nOw7kwjsYDLKr\n" ++ "tMw8myv7aCW/63CuBYGtohiZupM3RI3kKFcZots+KRPLlZpjv+I2h9xSln8VxKNb\n" ++ "XiMrYwGfHB7iX7ghe1TvFjKatEUhsqa7AvIq7nfe/cyq97f0ODQO814njgZtk5iQ\n" ++ "JVavXHdhTVaypt1HdAFMuHX5UATylHxx9tRCgSIijUsCAwEAAaNuMGwwCwYDVR0P\n" ++ "BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQU\n" ++ "31+vHl4E/2Jpnwinbzf+d7usshcwHwYDVR0jBBgwFoAUfCL/t1RYaOQxYly06bsw\n" ++ "KONCPVwwDQYJKoZIhvcNAQELBQADggEBAAWe63DcNwmleQ3INFGDJZ/m2I/R/cBa\n" ++ "nnrxgR5Ey1ljHdA/x1z1JLTGmGVwqGExs5DNG9Q//Pmc9pZ1yPa8J4Xf8AvFcmkY\n" ++ "mWoH1HvW0xu/RF1UN5SAoD2PRQ+Vq4OSPD58IlEu/u4o1wZV7Wl91Cv6VNpiAb63\n" ++ "j9PA1YacOpOtcRqG59Vuj9HFm9f30ejHVo2+KJcpo290cR3Zg4fOm8mtjeMdt/QS\n" ++ "Atq+RqPAQ7yxqvEEv8zPIZj2kAOQm3mh/yYqBrR68lQUD/dBTP7ApIZkhUK3XK6U\n" ++ "nf9JvoF6Fn2+Cnqb//FLBgHSnoeqeQNwDLUXTsD02iYxHzJrhokSY4YxggFQMIIB\n" ++ "TAIBATAnMCIxIDAeBgNVBAoMF0V4YW1wbGUgaW50ZXJtZWRpYXRlIENBAgEBMAsG\n" ++ "CWCGSAFlAwQCATANBgkqhkiG9w0BAQEFAASCAQATHg6wNsBcs/Ub1GQfKwTpKCk5\n" ++ "8QXuNnZ0u7b6mKgrSY2Gf47fpL2aRgaR+BAQncbctu5EH/IL38pWjaGtOhFAj/5q\n" ++ "7luVQW11kuyJN3Bd/dtLqawWOwMmAIEigw6X50l5ZHnEVzFfxt+RKTNhk4XWVtbi\n" ++ "2iIlITOplW0rnvxYAwCxKL9ocaB7etK8au7ixMxbFp75Ts4iLX8dhlAFdCuFCk8k\n" ++ "B8mi9HHuwr3QYRqMPW61hu1wBL3yB8eoZNOwPXb0gkIh6ZvgptxgQzm/cc+Iw9fP\n" ++ "QkR0fTM7ElJ5QZmSV98AUbZDHmDvpmcjcUxfSPMc3IoT8T300usRu7QHqKJi\n" ++ "-----END PKCS7-----\n"; ++ ++const gnutls_datum_t rca_datum = { (void *)rca_pem, sizeof(rca_pem) - 1 }; ++const gnutls_datum_t ca_datum = { (void *)ca_pem, sizeof(ca_pem) - 1 }; ++const gnutls_datum_t ee_datum = { (void *)ee_pem, sizeof(ee_pem) - 1 }; ++const gnutls_datum_t msg_datum = { (void *)msg_pem, sizeof(msg_pem) - 1 }; ++ ++static void tls_log_func(int level, const char *str) ++{ ++ fprintf(stderr, "%s |<%d>| %s", "err", level, str); ++} ++ ++#define CHECK(X)\ ++{\ ++ r = X;\ ++ if (r < 0)\ ++ fail("error in %d: %s\n", __LINE__, gnutls_strerror(r));\ ++}\ ++ ++void doit(void) ++{ ++ int r; ++ gnutls_x509_crt_t rca_cert = NULL; ++ gnutls_x509_crt_t ca_cert = NULL; ++ gnutls_x509_crt_t ee_cert = NULL; ++ gnutls_x509_trust_list_t tlist = NULL; ++ gnutls_pkcs7_t pkcs7 = NULL; ++ gnutls_datum_t data = { (unsigned char *)"xxx", 3 }; ++ ++ if (debug) { ++ gnutls_global_set_log_function(tls_log_func); ++ gnutls_global_set_log_level(4711); ++ } ++ ++ // Import certificates ++ CHECK(gnutls_x509_crt_init(&rca_cert)); ++ CHECK(gnutls_x509_crt_import(rca_cert, &rca_datum, GNUTLS_X509_FMT_PEM)); ++ CHECK(gnutls_x509_crt_init(&ca_cert)); ++ CHECK(gnutls_x509_crt_import(ca_cert, &ca_datum, GNUTLS_X509_FMT_PEM)); ++ CHECK(gnutls_x509_crt_init(&ee_cert)); ++ CHECK(gnutls_x509_crt_import(ee_cert, &ee_datum, GNUTLS_X509_FMT_PEM)); ++ ++ // Setup trust store ++ CHECK(gnutls_x509_trust_list_init(&tlist, 0)); ++ CHECK(gnutls_x509_trust_list_add_named_crt(tlist, rca_cert, "rca", 3, 0)); ++ CHECK(gnutls_x509_trust_list_add_named_crt(tlist, ca_cert, "ca", 2, 0)); ++ CHECK(gnutls_x509_trust_list_add_named_crt(tlist, ee_cert, "ee", 2, 0)); ++ ++ // Setup pkcs7 structure ++ CHECK(gnutls_pkcs7_init(&pkcs7)); ++ CHECK(gnutls_pkcs7_import(pkcs7, &msg_datum, GNUTLS_X509_FMT_PEM)); ++ ++ // Signature verification ++ gnutls_pkcs7_verify(pkcs7, tlist, NULL, 0, 0, &data, 0); ++ ++ gnutls_x509_crt_deinit(rca_cert); ++ gnutls_x509_crt_deinit(ca_cert); ++ gnutls_x509_crt_deinit(ee_cert); ++ gnutls_x509_trust_list_deinit(tlist, 0); ++ gnutls_pkcs7_deinit(pkcs7); ++} +-- +2.25.1 + diff --git a/poky/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/poky/meta/recipes-support/gnutls/gnutls_3.7.4.bb index b34eb7f5f0..94e7f0d58e 100644 --- a/poky/meta/recipes-support/gnutls/gnutls_3.7.4.bb +++ b/poky/meta/recipes-support/gnutls/gnutls_3.7.4.bb @@ -21,6 +21,7 @@ SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}" SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \ file://arm_eabi.patch \ + file://CVE-2022-2509.patch \ " SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f" diff --git a/poky/meta/recipes-support/gnutls/libtasn1_4.18.0.bb b/poky/meta/recipes-support/gnutls/libtasn1_4.19.0.bb index db49adc1c2..5fb8b54c06 100644 --- a/poky/meta/recipes-support/gnutls/libtasn1_4.18.0.bb +++ b/poky/meta/recipes-support/gnutls/libtasn1_4.19.0.bb @@ -16,7 +16,7 @@ SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ DEPENDS = "bison-native" -SRC_URI[sha256sum] = "4365c154953563d64c67a024b607d1ee75c6db76e0d0f65709ea80a334cd1898" +SRC_URI[sha256sum] = "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a" inherit autotools texinfo lib_package gtk-doc diff --git a/poky/meta/recipes-support/iso-codes/iso-codes_4.10.0.bb b/poky/meta/recipes-support/iso-codes/iso-codes_4.11.0.bb index 857fe463ef..be573981b0 100644 --- a/poky/meta/recipes-support/iso-codes/iso-codes_4.10.0.bb +++ b/poky/meta/recipes-support/iso-codes/iso-codes_4.11.0.bb @@ -9,7 +9,7 @@ LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "git://salsa.debian.org/iso-codes-team/iso-codes.git;protocol=https;branch=main;" -SRCREV = "9a6c24ee40e737ab34273c1af13a8dabcae888dd" +SRCREV = "2651d7fe65582263c57385a852b0c6d8a49f6985" # inherit gettext cannot be used, because it adds gettext-native to BASEDEPENDS which # are inhibited by allarch diff --git a/poky/meta/recipes-support/libatomic-ops/libatomic-ops_7.6.12.bb b/poky/meta/recipes-support/libatomic-ops/libatomic-ops_7.6.14.bb index 8ea8436977..fad92df507 100644 --- a/poky/meta/recipes-support/libatomic-ops/libatomic-ops_7.6.12.bb +++ b/poky/meta/recipes-support/libatomic-ops/libatomic-ops_7.6.14.bb @@ -5,13 +5,13 @@ SECTION = "optional" PROVIDES += "libatomics-ops" LICENSE = "GPL-2.0-only & MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://doc/LICENSING.txt;md5=e00dd5c8ac03a14c5ae5225a4525fa2d \ + file://doc/LICENSING.txt;md5=dfc50c7cea7b66935844587a0f7389e7 \ " SRC_URI = "https://github.com/ivmai/libatomic_ops/releases/download/v${PV}/libatomic_ops-${PV}.tar.gz" UPSTREAM_CHECK_URI = "https://github.com/ivmai/libatomic_ops/releases" -SRC_URI[sha256sum] = "f0ab566e25fce08b560e1feab6a3db01db4a38e5bc687804334ef3920c549f3e" +SRC_URI[sha256sum] = "390f244d424714735b7050d056567615b3b8f29008a663c262fb548f1802d292" S = "${WORKDIR}/libatomic_ops-${PV}" diff --git a/poky/meta/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch b/poky/meta/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch index 9884fb5641..3f4c7e57ae 100644 --- a/poky/meta/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch +++ b/poky/meta/recipes-support/libcap/files/0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch @@ -1,4 +1,4 @@ -From fc60e000169618a4adced845b9462d36ced1efdd Mon Sep 17 00:00:00 2001 +From 1c234bc39446eb9b23896e85dd67b02976d46c3d Mon Sep 17 00:00:00 2001 From: Hongxu Jia <hongxu.jia@windriver.com> Date: Thu, 14 Oct 2021 15:57:36 +0800 Subject: [PATCH] nativesdk-libcap: Raise the size of arrays containing dl diff --git a/poky/meta/recipes-support/libcap/libcap_2.63.bb b/poky/meta/recipes-support/libcap/libcap_2.65.bb index 9e341c4bd0..8013d40769 100644 --- a/poky/meta/recipes-support/libcap/libcap_2.63.bb +++ b/poky/meta/recipes-support/libcap/libcap_2.65.bb @@ -20,7 +20,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/libs/security/linux-privs/${BPN}2/${BPN}-${ SRC_URI:append:class-nativesdk = " \ file://0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch \ " -SRC_URI[sha256sum] = "0c637b8f44fc7d8627787e9cf57f15ac06c1ddccb53e41feec5496be3466f77f" +SRC_URI[sha256sum] = "73e350020cc31fe15360879d19384ffa3395a825f065fcf6bda3a5cdf965bebd" UPSTREAM_CHECK_URI = "https://www.kernel.org/pub/linux/libs/security/linux-privs/${BPN}2/" diff --git a/poky/meta/recipes-support/liburcu/liburcu_0.13.1.bb b/poky/meta/recipes-support/liburcu/liburcu_0.13.2.bb index 66763349d2..6ecf2e21c0 100644 --- a/poky/meta/recipes-support/liburcu/liburcu_0.13.1.bb +++ b/poky/meta/recipes-support/liburcu/liburcu_0.13.2.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e548d28737289d75a8f1e01ba2fd7825 \ SRC_URI = "http://lttng.org/files/urcu/userspace-rcu-${PV}.tar.bz2" -SRC_URI[sha256sum] = "3213f33d2b8f710eb920eb1abb279ec04bf8ae6361f44f2513c28c20d3363083" +SRC_URI[sha256sum] = "1213fd9f1b0b74da7de2bb74335b76098db9738fec5d3cdc07c0c524f34fc032" S = "${WORKDIR}/userspace-rcu-${PV}" inherit autotools multilib_header diff --git a/poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch b/poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch deleted file mode 100644 index 5ac8f6691f..0000000000 --- a/poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 8301a21773ef61656225e264f4f06ae14462bca7 Mon Sep 17 00:00:00 2001 -From: Jasper Lievisse Adriaanse <j@jasper.la> -Date: Fri, 26 Feb 2021 15:21:20 +0100 -Subject: [PATCH] Fix potential memory corruption with negative memmove() size - -Upstream-Status: Backport -https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7 -CVE: CVE-2021-3520 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - lib/lz4.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: git/lib/lz4.c -=================================================================== ---- git.orig/lib/lz4.c -+++ git/lib/lz4.c -@@ -1665,7 +1665,7 @@ LZ4_decompress_generic( - const size_t dictSize /* note : = 0 if noDict */ - ) - { -- if (src == NULL) { return -1; } -+ if ((src == NULL) || (outputSize < 0)) { return -1; } - - { const BYTE* ip = (const BYTE*) src; - const BYTE* const iend = ip + srcSize; diff --git a/poky/meta/recipes-support/lz4/lz4_1.9.3.bb b/poky/meta/recipes-support/lz4/lz4_1.9.4.bb index 129a86b681..a2a178bab5 100644 --- a/poky/meta/recipes-support/lz4/lz4_1.9.3.bb +++ b/poky/meta/recipes-support/lz4/lz4_1.9.4.bb @@ -3,18 +3,16 @@ DESCRIPTION = "LZ4 is a very fast lossless compression algorithm, providing comp HOMEPAGE = "https://github.com/lz4/lz4" LICENSE = "BSD-2-Clause | GPL-2.0-only" -LIC_FILES_CHKSUM = "file://lib/LICENSE;md5=ebc2ea4814a64de7708f1571904b32cc \ +LIC_FILES_CHKSUM = "file://lib/LICENSE;md5=5cd5f851b52ec832b10eedb3f01f885a \ file://programs/COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://LICENSE;md5=d57c0d21cb917fb4e0af2454aa48b956 \ + file://LICENSE;md5=c5cc3cd6f9274b4d32988096df9c3ec3 \ " PE = "1" -SRCREV = "d44371841a2f1728a3f36839fd4b7e872d0927d3" +SRCREV = "5ff839680134437dbf4678f3d0c7b371d84f4964" -SRC_URI = "git://github.com/lz4/lz4.git;branch=release;protocol=https \ - file://CVE-2021-3520.patch \ - " +SRC_URI = "git://github.com/lz4/lz4.git;branch=release;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-support/pinentry/pinentry_1.2.0.bb b/poky/meta/recipes-support/pinentry/pinentry_1.2.0.bb index 169cac8965..e6cc71a547 100644 --- a/poky/meta/recipes-support/pinentry/pinentry_1.2.0.bb +++ b/poky/meta/recipes-support/pinentry/pinentry_1.2.0.bb @@ -32,5 +32,8 @@ PACKAGECONFIG[secret] = "--enable-libsecret, --disable-libsecret, libsecret" EXTRA_OECONF = " \ --disable-rpath \ " +EXTRA_OECONF:append:libc-musl = " \ + ac_cv_should_define__xopen_source=yes \ +" BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/sqlite/files/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch b/poky/meta/recipes-support/sqlite/files/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch new file mode 100644 index 0000000000..9e8f039ef6 --- /dev/null +++ b/poky/meta/recipes-support/sqlite/files/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch @@ -0,0 +1,26 @@ +From ec75530b8d8268cb07d8e476d79e1b0e59492fa2 Mon Sep 17 00:00:00 2001 +From: drh +Date: Thu, 18 Aug 2022 15:10:46 +0200 +Subject: [PATCH] sqlite: Increase the size of loop variables in the printf() implementation + +Increase the size of loop variables in the printf() implementation to avoid integer overflow on multi-gigabyte string arguments. CVE-2022-35737. + +This bug fix refers to: CVE-2022-35737 and it's a backport of a fix added in sqlite 3.39.2 (2022-07-21). + +Signed-off-by: Ghassane Ben El Aattar ghassaneb.aattar@huawei.com + +CVE: CVE-2022-35737 + +Upstream-Status: Backport [https://www.sqlite.org/src/info/aab790a16e1bdff7] +--- + sqlite3.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/sqlite3.c b/sqlite3.c +index f867d62..490199a 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -30234,1 +30234,2 @@ static int vxprintf( +- int i, j, k, n, isnull; ++ i64 i, j, k, n; ++ int isnull; diff --git a/poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb index d56a3a0209..628f630657 100644 --- a/poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb +++ b/poky/meta/recipes-support/sqlite/sqlite3_3.38.5.bb @@ -3,7 +3,9 @@ require sqlite3.inc LICENSE = "PD" LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66" -SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz" +SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \ + file://0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch \ +" SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c" # -19242 is only an issue in specific development branch commits diff --git a/poky/meta/recipes-support/vim/files/crosscompile.patch b/poky/meta/recipes-support/vim/files/crosscompile.patch deleted file mode 100644 index 583d3fc7b0..0000000000 --- a/poky/meta/recipes-support/vim/files/crosscompile.patch +++ /dev/null @@ -1,51 +0,0 @@ -configure.ac: Fix create_timer solaris test for cross compiling - -A runtime test was added for create_timer however this meant cross compiling -would no longer work. Allow a cache value to be specified to allow cross -compiling again. - -Signed-off-by: Richard Purdie richard.purdie@linuxfoundation.org - -Upstream-Status: Submitted [https://github.com/vim/vim/pull/10777] - -Index: git/src/configure.ac -=================================================================== ---- git.orig/src/configure.ac -+++ git/src/configure.ac -@@ -3814,7 +3814,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM( - dnl Check for timer_create. It probably requires the 'rt' library. - dnl Run the program to find out if timer_create(CLOCK_MONOTONIC) actually - dnl works, on Solaris timer_create() exists but fails at runtime. --AC_MSG_CHECKING([for timer_create]) -+AC_CACHE_CHECK([for timer_create], [vim_cv_timer_create], - save_LIBS="$LIBS" - LIBS="$LIBS -lrt" - AC_RUN_IFELSE([AC_LANG_PROGRAM([ -@@ -3831,7 +3831,7 @@ static void set_flag(union sigval sv) {} - if (timer_create(CLOCK_MONOTONIC, &action, &timer_id) < 0) - exit(1); // cannot create a monotonic timer - ])], -- AC_MSG_RESULT(yes; with -lrt); AC_DEFINE(HAVE_TIMER_CREATE), -+ AC_MSG_NOTICE(timer_create with -lrt); vim_cv_timer_create=yes, - LIBS="$save_LIBS" - AC_RUN_IFELSE([AC_LANG_PROGRAM([ - #include<signal.h> -@@ -3847,8 +3847,16 @@ static void set_flag(union sigval sv) {} - if (timer_create(CLOCK_MONOTONIC, &action, &timer_id) < 0) - exit(1); // cannot create a monotonic timer - ])], -- AC_MSG_RESULT(yes); AC_DEFINE(HAVE_TIMER_CREATE), -- AC_MSG_RESULT(no))) -+ vim_cv_timer_create=yes, -+ vim_cv_timer_create=no), -+ AC_MSG_ERROR(cross-compiling: please set 'vim_cv_timer_create') -+ ) -+) -+ -+if test "x$vim_cv_timer_create" = "xyes" ; then -+ AC_DEFINE(HAVE_TIMER_CREATE) -+fi -+ - - AC_CACHE_CHECK([whether stat() ignores a trailing slash], [vim_cv_stat_ignores_slash], - [ diff --git a/poky/meta/recipes-support/vim/files/racefix.patch b/poky/meta/recipes-support/vim/files/racefix.patch deleted file mode 100644 index 34bd37d650..0000000000 --- a/poky/meta/recipes-support/vim/files/racefix.patch +++ /dev/null @@ -1,37 +0,0 @@ -po/Makefile: Avoid race over LINGUAS file - -The creation of the LINGUAS file is duplicated for each desktop file -which can lead the commands to race against each other. One target might -remove it before another has been able to use it. Rework the makefile to -avoid this as the expense of leaving the file on disk. - -Signed-off-by: Richard Purdie richard.purdie@linuxfoundation.org - -Upstream-Status: Submitted [https://github.com/vim/vim/pull/10776] - -Index: git/src/po/Makefile -=================================================================== ---- git.orig/src/po/Makefile -+++ git/src/po/Makefile -@@ -207,17 +207,16 @@ $(PACKAGE).pot: $(PO_INPUTLIST) $(PO_VIM - # Delete the temporary files - rm *.js - --vim.desktop: vim.desktop.in $(POFILES) -+LINGUAS: - echo $(LANGUAGES) | tr " " "\n" |sed -e '/\./d' | sort > LINGUAS -+ -+vim.desktop: vim.desktop.in $(POFILES) LINGUAS - $(MSGFMT) --desktop -d . --template vim.desktop.in -o tmp_vim.desktop -- rm -f LINGUAS - if command -v desktop-file-validate; then desktop-file-validate tmp_vim.desktop; fi - mv tmp_vim.desktop vim.desktop - --gvim.desktop: gvim.desktop.in $(POFILES) -- echo $(LANGUAGES) | tr " " "\n" |sed -e '/\./d' | sort > LINGUAS -+gvim.desktop: gvim.desktop.in $(POFILES) LINGUAS - $(MSGFMT) --desktop -d . --template gvim.desktop.in -o tmp_gvim.desktop -- rm -f LINGUAS - if command -v desktop-file-validate; then desktop-file-validate tmp_gvim.desktop; fi - mv tmp_gvim.desktop gvim.desktop - diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc index 31229534e4..cbc370100b 100644 --- a/poky/meta/recipes-support/vim/vim.inc +++ b/poky/meta/recipes-support/vim/vim.inc @@ -18,12 +18,10 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://vim-add-knob-whether-elf.h-are-checked.patch \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ - file://racefix.patch \ - file://crosscompile.patch \ " -PV .= ".0063" -SRCREV = "d61efa50f8f5b9d9dcbc136705cc33874f0fdcb3" +PV .= ".0598" +SRCREV = "8279af514ca7e5fd3c31cf13b0864163d1a0bfeb" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" |