diff options
Diffstat (limited to 'poky')
431 files changed, 12396 insertions, 4926 deletions
diff --git a/poky/bitbake/bin/bitbake b/poky/bitbake/bin/bitbake index 382983e087..f494eaa132 100755 --- a/poky/bitbake/bin/bitbake +++ b/poky/bitbake/bin/bitbake @@ -27,7 +27,7 @@ from bb.main import bitbake_main, BitBakeConfigParameters, BBMainException bb.utils.check_system_locale() -__version__ = "2.9.0" +__version__ = "2.8.0" if __name__ == "__main__": if __version__ != bb.__version__: diff --git a/poky/bitbake/lib/bb/__init__.py b/poky/bitbake/lib/bb/__init__.py index 15013540c2..cdec9e4d6c 100644 --- a/poky/bitbake/lib/bb/__init__.py +++ b/poky/bitbake/lib/bb/__init__.py @@ -9,7 +9,7 @@ # SPDX-License-Identifier: GPL-2.0-only # -__version__ = "2.9.0" +__version__ = "2.8.0" import sys if sys.version_info < (3, 8, 0): @@ -36,6 +36,7 @@ class BBHandledException(Exception): import os import logging +from collections import namedtuple class NullHandler(logging.Handler): @@ -227,3 +228,14 @@ def deprecate_import(current, modulename, fromlist, renames = None): setattr(sys.modules[current], newname, newobj) +TaskData = namedtuple("TaskData", [ + "pn", + "taskname", + "fn", + "deps", + "provides", + "taskhash", + "unihash", + "hashfn", + "taskhash_deps", +]) diff --git a/poky/bitbake/lib/bb/cooker.py b/poky/bitbake/lib/bb/cooker.py index c5bfef55d6..6318ef4a8f 100644 --- a/poky/bitbake/lib/bb/cooker.py +++ b/poky/bitbake/lib/bb/cooker.py @@ -315,13 +315,13 @@ class BBCooker: dbfile = (self.data.getVar("PERSISTENT_DIR") or self.data.getVar("CACHE")) + "/hashserv.db" upstream = self.data.getVar("BB_HASHSERVE_UPSTREAM") or None if upstream: - import socket try: - sock = socket.create_connection(upstream.split(":"), 5) - sock.close() - except socket.error as e: + with hashserv.create_client(upstream) as client: + client.ping() + except (ConnectionError, ImportError) as e: bb.warn("BB_HASHSERVE_UPSTREAM is not valid, unable to connect hash equivalence server at '%s': %s" % (upstream, repr(e))) + upstream = None self.hashservaddr = "unix://%s/hashserve.sock" % self.data.getVar("TOPDIR") self.hashserv = hashserv.create_server( @@ -1459,7 +1459,6 @@ class BBCooker: if t in task or getAllTaskSignatures: try: - rq.rqdata.prepare_task_hash(tid) sig.append([pn, t, rq.rqdata.get_task_unihash(tid)]) except KeyError: sig.append(self.getTaskSignatures(target, [t])[0]) diff --git a/poky/bitbake/lib/bb/fetch2/gcp.py b/poky/bitbake/lib/bb/fetch2/gcp.py index f40ce2eaa5..eb3e0c6a6b 100644 --- a/poky/bitbake/lib/bb/fetch2/gcp.py +++ b/poky/bitbake/lib/bb/fetch2/gcp.py @@ -23,6 +23,7 @@ import urllib.parse, urllib.error from bb.fetch2 import FetchMethod from bb.fetch2 import FetchError from bb.fetch2 import logger +from bb.fetch2 import runfetchcmd class GCP(FetchMethod): """ diff --git a/poky/bitbake/lib/bb/fetch2/wget.py b/poky/bitbake/lib/bb/fetch2/wget.py index fbfa6938ac..2e92117634 100644 --- a/poky/bitbake/lib/bb/fetch2/wget.py +++ b/poky/bitbake/lib/bb/fetch2/wget.py @@ -108,7 +108,8 @@ class Wget(FetchMethod): fetchcmd = self.basecmd - localpath = os.path.join(d.getVar("DL_DIR"), ud.localfile) + ".tmp" + dldir = os.path.realpath(d.getVar("DL_DIR")) + localpath = os.path.join(dldir, ud.localfile) + ".tmp" bb.utils.mkdirhier(os.path.dirname(localpath)) fetchcmd += " -O %s" % shlex.quote(localpath) @@ -128,12 +129,21 @@ class Wget(FetchMethod): uri = ud.url.split(";")[0] if os.path.exists(ud.localpath): # file exists, but we didnt complete it.. trying again.. - fetchcmd += d.expand(" -c -P ${DL_DIR} '%s'" % uri) + fetchcmd += " -c -P " + dldir + " '" + uri + "'" else: - fetchcmd += d.expand(" -P ${DL_DIR} '%s'" % uri) + fetchcmd += " -P " + dldir + " '" + uri + "'" self._runwget(ud, d, fetchcmd, False) + # Sanity check since wget can pretend it succeed when it didn't + # Also, this used to happen if sourceforge sent us to the mirror page + if not os.path.exists(localpath): + raise FetchError("The fetch command returned success for url %s but %s doesn't exist?!" % (uri, localpath), uri) + + if os.path.getsize(localpath) == 0: + os.remove(localpath) + raise FetchError("The fetch of %s resulted in a zero size file?! Deleting and failing since this isn't right." % (uri), uri) + # Try and verify any checksum now, meaning if it isn't correct, we don't remove the # original file, which might be a race (imagine two recipes referencing the same # source, one with an incorrect checksum) @@ -143,15 +153,6 @@ class Wget(FetchMethod): # Our lock prevents multiple writers but mirroring code may grab incomplete files os.rename(localpath, localpath[:-4]) - # Sanity check since wget can pretend it succeed when it didn't - # Also, this used to happen if sourceforge sent us to the mirror page - if not os.path.exists(ud.localpath): - raise FetchError("The fetch command returned success for url %s but %s doesn't exist?!" % (uri, ud.localpath), uri) - - if os.path.getsize(ud.localpath) == 0: - os.remove(ud.localpath) - raise FetchError("The fetch of %s resulted in a zero size file?! Deleting and failing since this isn't right." % (uri), uri) - return True def checkstatus(self, fetch, ud, d, try_again=True): diff --git a/poky/bitbake/lib/bb/parse/__init__.py b/poky/bitbake/lib/bb/parse/__init__.py index a4358f1374..7ffdaa6fd7 100644 --- a/poky/bitbake/lib/bb/parse/__init__.py +++ b/poky/bitbake/lib/bb/parse/__init__.py @@ -49,20 +49,23 @@ class SkipPackage(SkipRecipe): __mtime_cache = {} def cached_mtime(f): if f not in __mtime_cache: - __mtime_cache[f] = os.stat(f)[stat.ST_MTIME] + res = os.stat(f) + __mtime_cache[f] = (res.st_mtime_ns, res.st_size, res.st_ino) return __mtime_cache[f] def cached_mtime_noerror(f): if f not in __mtime_cache: try: - __mtime_cache[f] = os.stat(f)[stat.ST_MTIME] + res = os.stat(f) + __mtime_cache[f] = (res.st_mtime_ns, res.st_size, res.st_ino) except OSError: return 0 return __mtime_cache[f] def check_mtime(f, mtime): try: - current_mtime = os.stat(f)[stat.ST_MTIME] + res = os.stat(f) + current_mtime = (res.st_mtime_ns, res.st_size, res.st_ino) __mtime_cache[f] = current_mtime except OSError: current_mtime = 0 @@ -70,7 +73,8 @@ def check_mtime(f, mtime): def update_mtime(f): try: - __mtime_cache[f] = os.stat(f)[stat.ST_MTIME] + res = os.stat(f) + __mtime_cache[f] = (res.st_mtime_ns, res.st_size, res.st_ino) except OSError: if f in __mtime_cache: del __mtime_cache[f] diff --git a/poky/bitbake/lib/bb/runqueue.py b/poky/bitbake/lib/bb/runqueue.py index bc7e18175d..93079a9776 100644 --- a/poky/bitbake/lib/bb/runqueue.py +++ b/poky/bitbake/lib/bb/runqueue.py @@ -1273,27 +1273,41 @@ class RunQueueData: bb.parse.siggen.set_setscene_tasks(self.runq_setscene_tids) + starttime = time.time() + lasttime = starttime + # Iterate over the task list and call into the siggen code dealtwith = set() todeal = set(self.runtaskentries) while todeal: + ready = set() for tid in todeal.copy(): if not (self.runtaskentries[tid].depends - dealtwith): - dealtwith.add(tid) - todeal.remove(tid) - self.prepare_task_hash(tid) - bb.event.check_for_interrupts(self.cooker.data) + self.runtaskentries[tid].taskhash_deps = bb.parse.siggen.prep_taskhash(tid, self.runtaskentries[tid].depends, self.dataCaches) + # get_taskhash for a given tid *must* be called before get_unihash* below + self.runtaskentries[tid].hash = bb.parse.siggen.get_taskhash(tid, self.runtaskentries[tid].depends, self.dataCaches) + ready.add(tid) + unihashes = bb.parse.siggen.get_unihashes(ready) + for tid in ready: + dealtwith.add(tid) + todeal.remove(tid) + self.runtaskentries[tid].unihash = unihashes[tid] + + bb.event.check_for_interrupts(self.cooker.data) + + if time.time() > (lasttime + 30): + lasttime = time.time() + hashequiv_logger.verbose("Initial setup loop progress: %s of %s in %s" % (len(todeal), len(self.runtaskentries), lasttime - starttime)) + + endtime = time.time() + if (endtime-starttime > 60): + hashequiv_logger.verbose("Initial setup loop took: %s" % (endtime-starttime)) bb.parse.siggen.writeout_file_checksum_cache() #self.dump_data() return len(self.runtaskentries) - def prepare_task_hash(self, tid): - bb.parse.siggen.prep_taskhash(tid, self.runtaskentries[tid].depends, self.dataCaches) - self.runtaskentries[tid].hash = bb.parse.siggen.get_taskhash(tid, self.runtaskentries[tid].depends, self.dataCaches) - self.runtaskentries[tid].unihash = bb.parse.siggen.get_unihash(tid) - def dump_data(self): """ Dump some debug information on the internal data structures @@ -2438,14 +2452,17 @@ class RunQueueExecute: taskdepdata_cache = {} for task in self.rqdata.runtaskentries: (mc, fn, taskname, taskfn) = split_tid_mcfn(task) - pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn] - deps = self.rqdata.runtaskentries[task].depends - provides = self.rqdata.dataCaches[mc].fn_provides[taskfn] - taskhash = self.rqdata.runtaskentries[task].hash - unihash = self.rqdata.runtaskentries[task].unihash - deps = self.filtermcdeps(task, mc, deps) - hashfn = self.rqdata.dataCaches[mc].hashfn[taskfn] - taskdepdata_cache[task] = [pn, taskname, fn, deps, provides, taskhash, unihash, hashfn] + taskdepdata_cache[task] = bb.TaskData( + pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn], + taskname = taskname, + fn = fn, + deps = self.filtermcdeps(task, mc, self.rqdata.runtaskentries[task].depends), + provides = self.rqdata.dataCaches[mc].fn_provides[taskfn], + taskhash = self.rqdata.runtaskentries[task].hash, + unihash = self.rqdata.runtaskentries[task].unihash, + hashfn = self.rqdata.dataCaches[mc].hashfn[taskfn], + taskhash_deps = self.rqdata.runtaskentries[task].taskhash_deps, + ) self.taskdepdata_cache = taskdepdata_cache @@ -2460,9 +2477,11 @@ class RunQueueExecute: while next: additional = [] for revdep in next: - self.taskdepdata_cache[revdep][6] = self.rqdata.runtaskentries[revdep].unihash + self.taskdepdata_cache[revdep] = self.taskdepdata_cache[revdep]._replace( + unihash=self.rqdata.runtaskentries[revdep].unihash + ) taskdepdata[revdep] = self.taskdepdata_cache[revdep] - for revdep2 in self.taskdepdata_cache[revdep][3]: + for revdep2 in self.taskdepdata_cache[revdep].deps: if revdep2 not in taskdepdata: additional.append(revdep2) next = additional @@ -2556,17 +2575,28 @@ class RunQueueExecute: elif self.rqdata.runtaskentries[p].depends.isdisjoint(total): next.add(p) + starttime = time.time() + lasttime = starttime + # When an item doesn't have dependencies in total, we can process it. Drop items from total when handled while next: current = next.copy() next = set() + ready = {} for tid in current: if self.rqdata.runtaskentries[p].depends and not self.rqdata.runtaskentries[tid].depends.isdisjoint(total): continue + # get_taskhash for a given tid *must* be called before get_unihash* below + ready[tid] = bb.parse.siggen.get_taskhash(tid, self.rqdata.runtaskentries[tid].depends, self.rqdata.dataCaches) + + unihashes = bb.parse.siggen.get_unihashes(ready.keys()) + + for tid in ready: orighash = self.rqdata.runtaskentries[tid].hash - newhash = bb.parse.siggen.get_taskhash(tid, self.rqdata.runtaskentries[tid].depends, self.rqdata.dataCaches) + newhash = ready[tid] origuni = self.rqdata.runtaskentries[tid].unihash - newuni = bb.parse.siggen.get_unihash(tid) + newuni = unihashes[tid] + # FIXME, need to check it can come from sstate at all for determinism? remapped = False if newuni == origuni: @@ -2587,6 +2617,15 @@ class RunQueueExecute: next |= self.rqdata.runtaskentries[tid].revdeps total.remove(tid) next.intersection_update(total) + bb.event.check_for_interrupts(self.cooker.data) + + if time.time() > (lasttime + 30): + lasttime = time.time() + hashequiv_logger.verbose("Rehash loop slow progress: %s in %s" % (len(total), lasttime - starttime)) + + endtime = time.time() + if (endtime-starttime > 60): + hashequiv_logger.verbose("Rehash loop took more than 60s: %s" % (endtime-starttime)) if changed: for mc in self.rq.worker: @@ -2806,13 +2845,19 @@ class RunQueueExecute: additional = [] for revdep in next: (mc, fn, taskname, taskfn) = split_tid_mcfn(revdep) - pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn] deps = getsetscenedeps(revdep) - provides = self.rqdata.dataCaches[mc].fn_provides[taskfn] - taskhash = self.rqdata.runtaskentries[revdep].hash - unihash = self.rqdata.runtaskentries[revdep].unihash - hashfn = self.rqdata.dataCaches[mc].hashfn[taskfn] - taskdepdata[revdep] = [pn, taskname, fn, deps, provides, taskhash, unihash, hashfn] + + taskdepdata[revdep] = bb.TaskData( + pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn], + taskname = taskname, + fn = fn, + deps = deps, + provides = self.rqdata.dataCaches[mc].fn_provides[taskfn], + taskhash = self.rqdata.runtaskentries[revdep].hash, + unihash = self.rqdata.runtaskentries[revdep].unihash, + hashfn = self.rqdata.dataCaches[mc].hashfn[taskfn], + taskhash_deps = self.rqdata.runtaskentries[revdep].taskhash_deps, + ) for revdep2 in deps: if revdep2 not in taskdepdata: additional.append(revdep2) diff --git a/poky/bitbake/lib/bb/siggen.py b/poky/bitbake/lib/bb/siggen.py index 8ab08ec961..65ca0811d5 100644 --- a/poky/bitbake/lib/bb/siggen.py +++ b/poky/bitbake/lib/bb/siggen.py @@ -381,7 +381,7 @@ class SignatureGeneratorBasic(SignatureGenerator): self.taints[tid] = taint logger.warning("%s is tainted from a forced run" % tid) - return + return set(dep for _, dep in self.runtaskdeps[tid]) def get_taskhash(self, tid, deps, dataCaches): @@ -726,10 +726,13 @@ class SignatureGeneratorUniHashMixIn(object): return result if self.max_parallel <= 1 or len(queries) <= 1: - # No parallelism required. Make the query serially with the single client + # No parallelism required. Make the query using a single client with self.client() as client: - for tid, args in queries.items(): - query_result[tid] = client.get_unihash(*args) + keys = list(queries.keys()) + unihashes = client.get_unihash_batch(queries[k] for k in keys) + + for idx, k in enumerate(keys): + query_result[k] = unihashes[idx] else: with self.client_pool() as client_pool: query_result = client_pool.get_unihashes(queries) diff --git a/poky/bitbake/lib/bb/tests/fetch.py b/poky/bitbake/lib/bb/tests/fetch.py index 85c1f79ff3..33cc9bcac6 100644 --- a/poky/bitbake/lib/bb/tests/fetch.py +++ b/poky/bitbake/lib/bb/tests/fetch.py @@ -1421,7 +1421,7 @@ class FetchLatestVersionTest(FetcherTest): # combination version pattern ("sysprof", "git://gitlab.gnome.org/GNOME/sysprof.git;protocol=https;branch=master", "cd44ee6644c3641507fb53b8a2a69137f2971219", "", "") : "1.2.0", - ("u-boot-mkimage", "git://git.denx.de/u-boot.git;branch=master;protocol=git", "62c175fbb8a0f9a926c88294ea9f7e88eb898f6c", "", "") + ("u-boot-mkimage", "git://source.denx.de/u-boot/u-boot.git;branch=master;protocol=https", "62c175fbb8a0f9a926c88294ea9f7e88eb898f6c", "", "") : "2014.01", # version pattern "yyyymmdd" ("mobile-broadband-provider-info", "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=master", "4ed19e11c2975105b71b956440acdb25d46a347d", "", "") @@ -1511,7 +1511,7 @@ class FetchLatestVersionTest(FetcherTest): def test_wget_latest_versionstring(self): testdata = os.path.dirname(os.path.abspath(__file__)) + "/fetch-testdata" - server = HTTPService(testdata) + server = HTTPService(testdata, host="127.0.0.1") server.start() port = server.port try: @@ -1519,10 +1519,10 @@ class FetchLatestVersionTest(FetcherTest): self.d.setVar("PN", k[0]) checkuri = "" if k[2]: - checkuri = "http://localhost:%s/" % port + k[2] + checkuri = "http://127.0.0.1:%s/" % port + k[2] self.d.setVar("UPSTREAM_CHECK_URI", checkuri) self.d.setVar("UPSTREAM_CHECK_REGEX", k[3]) - url = "http://localhost:%s/" % port + k[1] + url = "http://127.0.0.1:%s/" % port + k[1] ud = bb.fetch2.FetchData(url, self.d) pupver = ud.method.latest_versionstring(ud, self.d) verstring = pupver[0] diff --git a/poky/bitbake/lib/hashserv/client.py b/poky/bitbake/lib/hashserv/client.py index 0b254beddd..775faf935a 100644 --- a/poky/bitbake/lib/hashserv/client.py +++ b/poky/bitbake/lib/hashserv/client.py @@ -5,6 +5,7 @@ import logging import socket +import asyncio import bb.asyncrpc import json from . import create_async_client @@ -13,6 +14,66 @@ from . import create_async_client logger = logging.getLogger("hashserv.client") +class Batch(object): + def __init__(self): + self.done = False + self.cond = asyncio.Condition() + self.pending = [] + self.results = [] + self.sent_count = 0 + + async def recv(self, socket): + while True: + async with self.cond: + await self.cond.wait_for(lambda: self.pending or self.done) + + if not self.pending: + if self.done: + return + continue + + r = await socket.recv() + self.results.append(r) + + async with self.cond: + self.pending.pop(0) + + async def send(self, socket, msgs): + try: + # In the event of a restart due to a reconnect, all in-flight + # messages need to be resent first to keep to result count in sync + for m in self.pending: + await socket.send(m) + + for m in msgs: + # Add the message to the pending list before attempting to send + # it so that if the send fails it will be retried + async with self.cond: + self.pending.append(m) + self.cond.notify() + self.sent_count += 1 + + await socket.send(m) + + finally: + async with self.cond: + self.done = True + self.cond.notify() + + async def process(self, socket, msgs): + await asyncio.gather( + self.recv(socket), + self.send(socket, msgs), + ) + + if len(self.results) != self.sent_count: + raise ValueError( + f"Expected result count {len(self.results)}. Expected {self.sent_count}" + ) + + return self.results + + class AsyncClient(bb.asyncrpc.AsyncClient): MODE_NORMAL = 0 MODE_GET_STREAM = 1 @@ -36,11 +97,27 @@ class AsyncClient(bb.asyncrpc.AsyncClient): if become: await self.become_user(become) - async def send_stream(self, mode, msg): + async def send_stream_batch(self, mode, msgs): + """ + Does a "batch" process of stream messages. This sends the query + messages as fast as possible, and simultaneously attempts to read the + messages back. This helps to mitigate the effects of latency to the + hash equivalence server be allowing multiple queries to be "in-flight" + at once + + The implementation does more complicated tracking using a count of sent + messages so that `msgs` can be a generator function (i.e. its length is + unknown) + + """ + + b = Batch() + async def proc(): + nonlocal b + await self._set_mode(mode) - await self.socket.send(msg) - return await self.socket.recv() + return await b.process(self.socket, msgs) return await self._send_wrapper(proc) @@ -89,10 +166,15 @@ class AsyncClient(bb.asyncrpc.AsyncClient): self.mode = new_mode async def get_unihash(self, method, taskhash): - r = await self.send_stream(self.MODE_GET_STREAM, "%s %s" % (method, taskhash)) - if not r: - return None - return r + r = await self.get_unihash_batch([(method, taskhash)]) + return r[0] + + async def get_unihash_batch(self, args): + result = await self.send_stream_batch( + self.MODE_GET_STREAM, + (f"{method} {taskhash}" for method, taskhash in args), + ) + return [r if r else None for r in result] async def report_unihash(self, taskhash, method, outhash, unihash, extra={}): m = extra.copy() @@ -115,8 +197,12 @@ class AsyncClient(bb.asyncrpc.AsyncClient): ) async def unihash_exists(self, unihash): - r = await self.send_stream(self.MODE_EXIST_STREAM, unihash) - return r == "true" + r = await self.unihash_exists_batch([unihash]) + return r[0] + + async def unihash_exists_batch(self, unihashes): + result = await self.send_stream_batch(self.MODE_EXIST_STREAM, unihashes) + return [r == "true" for r in result] async def get_outhash(self, method, outhash, taskhash, with_unihash=True): return await self.invoke( @@ -237,10 +323,12 @@ class Client(bb.asyncrpc.Client): "connect_tcp", "connect_websocket", "get_unihash", + "get_unihash_batch", "report_unihash", "report_unihash_equiv", "get_taskhash", "unihash_exists", + "unihash_exists_batch", "get_outhash", "get_stats", "reset_stats", diff --git a/poky/bitbake/lib/hashserv/tests.py b/poky/bitbake/lib/hashserv/tests.py index 0809453cf8..5349cd5867 100644 --- a/poky/bitbake/lib/hashserv/tests.py +++ b/poky/bitbake/lib/hashserv/tests.py @@ -594,6 +594,43 @@ class HashEquivalenceCommonTests(object): 7: None, }) + def test_get_unihash_batch(self): + TEST_INPUT = ( + # taskhash outhash unihash + ('8aa96fcffb5831b3c2c0cb75f0431e3f8b20554a', 'afe240a439959ce86f5e322f8c208e1fedefea9e813f2140c81af866cc9edf7e','218e57509998197d570e2c98512d0105985dffc9'), + # Duplicated taskhash with multiple output hashes and unihashes. + ('8aa96fcffb5831b3c2c0cb75f0431e3f8b20554a', '0904a7fe3dc712d9fd8a74a616ddca2a825a8ee97adf0bd3fc86082c7639914d', 'ae9a7d252735f0dafcdb10e2e02561ca3a47314c'), + # Equivalent hash + ("044c2ec8aaf480685a00ff6ff49e6162e6ad34e1", '0904a7fe3dc712d9fd8a74a616ddca2a825a8ee97adf0bd3fc86082c7639914d', "def64766090d28f627e816454ed46894bb3aab36"), + ("e3da00593d6a7fb435c7e2114976c59c5fd6d561", "1cf8713e645f491eb9c959d20b5cae1c47133a292626dda9b10709857cbe688a", "3b5d3d83f07f259e9086fcb422c855286e18a57d"), + ('35788efcb8dfb0a02659d81cf2bfd695fb30faf9', '2765d4a5884be49b28601445c2760c5f21e7e5c0ee2b7e3fce98fd7e5970796f', 'f46d3fbb439bd9b921095da657a4de906510d2cd'), + ('35788efcb8dfb0a02659d81cf2bfd695fb30fafa', '2765d4a5884be49b28601445c2760c5f21e7e5c0ee2b7e3fce98fd7e5970796f', 'f46d3fbb439bd9b921095da657a4de906510d2ce'), + ('9d81d76242cc7cfaf7bf74b94b9cd2e29324ed74', '8470d56547eea6236d7c81a644ce74670ca0bbda998e13c629ef6bb3f0d60b69', '05d2a63c81e32f0a36542ca677e8ad852365c538'), + ) + EXTRA_QUERIES = ( + "6b6be7a84ab179b4240c4302518dc3f6", + ) + + for taskhash, outhash, unihash in TEST_INPUT: + self.client.report_unihash(taskhash, self.METHOD, outhash, unihash) + + + result = self.client.get_unihash_batch( + [(self.METHOD, data[0]) for data in TEST_INPUT] + + [(self.METHOD, e) for e in EXTRA_QUERIES] + ) + + self.assertListEqual(result, [ + "218e57509998197d570e2c98512d0105985dffc9", + "218e57509998197d570e2c98512d0105985dffc9", + "218e57509998197d570e2c98512d0105985dffc9", + "3b5d3d83f07f259e9086fcb422c855286e18a57d", + "f46d3fbb439bd9b921095da657a4de906510d2cd", + "f46d3fbb439bd9b921095da657a4de906510d2cd", + "05d2a63c81e32f0a36542ca677e8ad852365c538", + None, + ]) + def test_client_pool_unihash_exists(self): TEST_INPUT = ( # taskhash outhash unihash @@ -636,6 +673,44 @@ class HashEquivalenceCommonTests(object): result = client_pool.unihashes_exist(query) self.assertDictEqual(result, expected) + def test_unihash_exists_batch(self): + TEST_INPUT = ( + # taskhash outhash unihash + ('8aa96fcffb5831b3c2c0cb75f0431e3f8b20554a', 'afe240a439959ce86f5e322f8c208e1fedefea9e813f2140c81af866cc9edf7e','218e57509998197d570e2c98512d0105985dffc9'), + # Duplicated taskhash with multiple output hashes and unihashes. + ('8aa96fcffb5831b3c2c0cb75f0431e3f8b20554a', '0904a7fe3dc712d9fd8a74a616ddca2a825a8ee97adf0bd3fc86082c7639914d', 'ae9a7d252735f0dafcdb10e2e02561ca3a47314c'), + # Equivalent hash + ("044c2ec8aaf480685a00ff6ff49e6162e6ad34e1", '0904a7fe3dc712d9fd8a74a616ddca2a825a8ee97adf0bd3fc86082c7639914d', "def64766090d28f627e816454ed46894bb3aab36"), + ("e3da00593d6a7fb435c7e2114976c59c5fd6d561", "1cf8713e645f491eb9c959d20b5cae1c47133a292626dda9b10709857cbe688a", "3b5d3d83f07f259e9086fcb422c855286e18a57d"), + ('35788efcb8dfb0a02659d81cf2bfd695fb30faf9', '2765d4a5884be49b28601445c2760c5f21e7e5c0ee2b7e3fce98fd7e5970796f', 'f46d3fbb439bd9b921095da657a4de906510d2cd'), + ('35788efcb8dfb0a02659d81cf2bfd695fb30fafa', '2765d4a5884be49b28601445c2760c5f21e7e5c0ee2b7e3fce98fd7e5970796f', 'f46d3fbb439bd9b921095da657a4de906510d2ce'), + ('9d81d76242cc7cfaf7bf74b94b9cd2e29324ed74', '8470d56547eea6236d7c81a644ce74670ca0bbda998e13c629ef6bb3f0d60b69', '05d2a63c81e32f0a36542ca677e8ad852365c538'), + ) + EXTRA_QUERIES = ( + "6b6be7a84ab179b4240c4302518dc3f6", + ) + + result_unihashes = set() + + + for taskhash, outhash, unihash in TEST_INPUT: + result = self.client.report_unihash(taskhash, self.METHOD, outhash, unihash) + result_unihashes.add(result["unihash"]) + + query = [] + expected = [] + + for _, _, unihash in TEST_INPUT: + query.append(unihash) + expected.append(unihash in result_unihashes) + + + for unihash in EXTRA_QUERIES: + query.append(unihash) + expected.append(False) + + result = self.client.unihash_exists_batch(query) + self.assertListEqual(result, expected) def test_auth_read_perms(self): admin_client = self.start_auth_server() diff --git a/poky/documentation/brief-yoctoprojectqs/index.rst b/poky/documentation/brief-yoctoprojectqs/index.rst index 61c5cbec36..c5400e4ac8 100644 --- a/poky/documentation/brief-yoctoprojectqs/index.rst +++ b/poky/documentation/brief-yoctoprojectqs/index.rst @@ -251,11 +251,17 @@ an entire Linux distribution, including the toolchain, from source. To use such mirrors, uncomment the below lines in your ``conf/local.conf`` file in the :term:`Build Directory`:: - BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687" + BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws" SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH" BB_HASHSERVE = "auto" BB_SIGNATURE_HANDLER = "OEEquivHash" + The hash equivalence server needs the websockets python module version 9.1 + or later. Debian GNU/Linux 12 (Bookworm) and later, Fedora, CentOS Stream + 9 and later, and Ubuntu 22.04 (LTS) and later, all have a recent enough + package. Other supported distributions need to get the module some other + place than their package feed, e.g. via ``pip``. + #. **Start the Build:** Continue with the following command to build an OS image for the target, which is ``core-image-sato`` in this example: diff --git a/poky/documentation/migration-guides/release-4.0.rst b/poky/documentation/migration-guides/release-4.0.rst index 685799e268..d848b3ef64 100644 --- a/poky/documentation/migration-guides/release-4.0.rst +++ b/poky/documentation/migration-guides/release-4.0.rst @@ -24,3 +24,4 @@ Release 4.0 (kirkstone) release-notes-4.0.15 release-notes-4.0.16 release-notes-4.0.17 + release-notes-4.0.18 diff --git a/poky/documentation/migration-guides/release-notes-4.0.18.rst b/poky/documentation/migration-guides/release-notes-4.0.18.rst new file mode 100644 index 0000000000..fc8cd83c02 --- /dev/null +++ b/poky/documentation/migration-guides/release-notes-4.0.18.rst @@ -0,0 +1,191 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.18 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- curl: Fix :cve:`2024-2398` +- expat: fix :cve:`2023-52426` and :cve:`2024-28757` +- libssh2: fix :cve:`2023-48795` +- ncurses: Fix :cve:`2023-50495` +- nghttp2: Fix :cve:`2024-28182` and :cve:`2023-44487` +- openssh: Ignore :cve:`2023-51767` +- openssl: Fix :cve:`2024-2511` +- perl: Ignore :cve:`2023-47100` +- python3-cryptography: Fix :cve:`2024-26130` +- python3-urllib3: Fix :cve:`2023-45803` +- qemu: Fix :cve:`2023-6683` +- ruby: fix :cve_mitre:`2024-27281` +- rust: Ignore :cve:`2024-24576` +- tiff: Fix :cve:`2023-52356` and :cve:`2023-6277` +- xserver-xorg: Fix :cve:`2024-31080` and :cve:`2024-31081` +- xwayland: Fix :cve:`2023-6816`, :cve:`2024-0408` and :cve:`2024-0409` + + +Fixes in Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~ + +- build-appliance-image: Update to kirkstone head revision +- common-licenses: Backport missing license +- contributor-guide: add notes for tests +- contributor-guide: be more specific about meta-* trees +- cups: fix typo in :cve:`2023-32360` backport patch +- cve-update-nvd2-native: Add an age threshold for incremental update +- cve-update-nvd2-native: Fix CVE configuration update +- cve-update-nvd2-native: Fix typo in comment +- cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition +- cve-update-nvd2-native: Remove rejected CVE from database +- cve-update-nvd2-native: nvd_request_next: Improve comment +- dev-manual: improve descriptions of 'bitbake -S printdiff' +- dev-manual: packages: fix capitalization +- docs: conf.py: properly escape backslashes for latex_elements +- gcc: Backport sanitizer fix for 32-bit ALSR +- glibc: Fix subscript typos for get_nscd_addresses +- kernel-dev: join mkdir commands with -p +- linux-firmware: Upgrade to 20240220 +- manuals: add initial sphinx-lint support +- manuals: add initial stylechecks with Vale +- manuals: document VIRTUAL-RUNTIME variables +- manuals: fix duplicate "stylecheck" target +- manuals: fix incorrect double backticks +- manuals: fix trailing spaces +- manuals: refer to new yocto-patches mailing list wherever appropriate +- manuals: remove tab characters +- manuals: replace hyphens with em dashes +- manuals: use "manual page(s)" +- migration-guides: add release notes for 4.0.17 +- poky.conf: bump version for 4.0.18 +- profile-manual: usage.rst: fix reference to bug report +- profile-manual: usage.rst: formatting fixes +- profile-manual: usage.rst: further style improvements +- python3-urllib3: Upgrade to v1.26.18 +- ref-manual: add documentation of the variable :term:`SPDX_NAMESPACE_PREFIX` +- ref-manual: tasks: do_cleanall: recommend using '-f' instead +- ref-manual: tasks: do_cleansstate: recommend using '-f' instead for a shared sstate +- ref-manual: variables: adding multiple groups in :term:`GROUPADD_PARAM` +- ref-manual: variables: correct sdk installation default path +- stress-ng: avoid calling sync during do_compile +- systemd: Fix vlan qos mapping +- tcl: Add a way to skip ptests +- tcl: skip async and event tests in run-ptest +- tcl: skip timing-dependent tests in run-ptest +- valgrind: skip intermittently failing ptest +- wireless-regdb: Upgrade to 2024.01.23 +- yocto-uninative: Update to 4.4 for glibc 2.39 + + +Known Issues in Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alex Kiernan +- Alex Stewart +- Alexander Kanavin +- BELOUARGA Mohamed +- Claus Stovgaard +- Colin McAllister +- Geoff Parker +- Haitao Liu +- Harish Sadineni +- Johan Bezem +- Jonathan GUILLOT +- Jörg Sommer +- Khem Raj +- Lee Chee Yang +- Luca Ceresoli +- Martin Jansa +- Meenali Gupta +- Michael Halstead +- Michael Opdenacker +- Peter Marko +- Quentin Schulz +- Ross Burton +- Sana Kazi +- Simone Weiß +- Soumya Sambu +- Steve Sakoman +- Tan Wen Yan +- Vijay Anusuri +- Wang Mingyu +- Yoann Congal +- Yogita Urade +- Zahir Hussain + + +Repositories / Downloads for Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </poky/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`31751bba1c789f15f574773a659b8017d7bcf440 </poky/commit/?id=31751bba1c789f15f574773a659b8017d7bcf440>` +- Release Artefact: poky-31751bba1c789f15f574773a659b8017d7bcf440 +- sha: 72d5aa65c3c37766ebc24b212740272c1d52342468548f9c070241d3522ad2ca +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/poky-31751bba1c789f15f574773a659b8017d7bcf440.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/poky-31751bba1c789f15f574773a659b8017d7bcf440.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.18 </openembedded-core/log/?h=yocto-4.0.18>` +- Git Revision: :oe_git:`b7182571242dc4e23e5250a449d90348e62a6abc </openembedded-core/commit/?id=b7182571242dc4e23e5250a449d90348e62a6abc>` +- Release Artefact: oecore-b7182571242dc4e23e5250a449d90348e62a6abc +- sha: 6f257e50c10ebae673dcf61a833b3270db6d22781f02f6794a370aac839f1020 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/oecore-b7182571242dc4e23e5250a449d90348e62a6abc.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/oecore-b7182571242dc4e23e5250a449d90348e62a6abc.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </meta-mingw/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`f6b38ce3c90e1600d41c2ebb41e152936a0357d7 </meta-mingw/commit/?id=f6b38ce3c90e1600d41c2ebb41e152936a0357d7>` +- Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7 +- sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </meta-gplv2/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.18 </bitbake/log/?h=yocto-4.0.18>` +- Git Revision: :oe_git:`40fd5f4eef7460ca67f32cfce8e229e67e1ff607 </bitbake/commit/?id=40fd5f4eef7460ca67f32cfce8e229e67e1ff607>` +- Release Artefact: bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607 +- sha: 5d20a0e4c5d0fce44bd84778168714a261a30a4b83f67c88df3b8a7e7115e444 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </yocto-docs/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`fd1423141e7458ba557db465c171b0b4e9063987 </yocto-docs/commit/?id=fd1423141e7458ba557db465c171b0b4e9063987>` + diff --git a/poky/documentation/migration-guides/release-notes-5.0.rst b/poky/documentation/migration-guides/release-notes-5.0.rst index 4bd9125d17..800ba20a27 100644 --- a/poky/documentation/migration-guides/release-notes-5.0.rst +++ b/poky/documentation/migration-guides/release-notes-5.0.rst @@ -25,6 +25,10 @@ New Features / Enhancements in 5.0 - :term:`TARGET_DBGSRC_DIR`: specifies the target path to debug source files + - :term:`USERADD_DEPENDS`: provides a way to declare dependencies on the users + and/or groups created by other recipes, resolving a long-standing build + ordering issue + - Architecture-specific enhancements: - ``genericarm64``: a new :term:`MACHINE` to represent a 64-bit General Arm @@ -84,6 +88,9 @@ New Features / Enhancements in 5.0 a Sphinx extension to include jQuery on newer Sphinx releases. Recent versions of ``python3-sphinx-rtd-theme`` depend on it. + - `python3-websockets <https://pypi.org/project/websockets/>`__: a + library for building WebSocket servers and clients in Python. + - `python3-yamllint <https://github.com/adrienverge/yamllint>`__: a linter for YAML files. In U-Boot, the ``binman`` tool uses this linter to verify the configurations at compile time. @@ -155,6 +162,12 @@ New Features / Enhancements in 5.0 - Testing: + - Move `patchtest` to the core (as ``scripts/patchtest``, test cases under + ``meta/lib/patchtest/tests``) and make a number of improvements to enable + it to validate patches submitted on the mailing list again. Additionally, + make it work with the original upstream version of + `Patchwork <http://jk.ozlabs.org/projects/patchwork/>`__. + - Add an optional ``unimplemented-ptest`` QA warning to detect upstream packages with tests, that do not use ptest. @@ -163,6 +176,9 @@ New Features / Enhancements in 5.0 - ``oeqa``, ``oe-selftest``: add test cases for Maturin (SDK and runtime). + - Proof-of-concept of screenshot-based runtime UI test + (``meta/lib/oeqa/runtime/cases/login.py``) + - Enable ptests for ``python3-attrs``, ``python3-pyyaml``, ``xz`` - Utility script changes: @@ -191,8 +207,6 @@ New Features / Enhancements in 5.0 extra tasks if the system load is too high, especially in distributions where ``/proc/pressure`` is disabled. - - Add garbage collection to remove unused unihashes from the database. - - ``taskexp_ncurses``: add ncurses version of ``taskexp``, the dependency explorer originally implemented with GTK. @@ -208,6 +222,17 @@ New Features / Enhancements in 5.0 - ``git-make-shallow`` script: add support for Git's ``safe.bareRepository=explicit`` configuration setting. + - Hash equivalence gained a number of scalability improvements including: + + - Support for a wide range of database backends through `SQLAlchemy` + + - Support for hash equivalence server and client to communicate over websockets + + - Support for per-user permissions in the hashserver, and on the client side + specifying credentials via the environment or ``.netrc`` + + - Add garbage collection to remove unused unihashes from the database. + - devtool improvements: - Introduce a new ``ide-sdk`` plugin to generate a configuration to use @@ -255,6 +280,12 @@ New Features / Enhancements in 5.0 incremental update can be configured with :term:`CVE_DB_INCR_UPDATE_AGE_THRES` variable. +- Toaster Web UI improvements: + + - Numerous bugfixes, and additional input validation + + - Add `pytest` support and add/update test cases + - Prominent documentation updates: - Documentation for using the new ``devtool ide-sdk`` command and features. @@ -318,6 +349,7 @@ The following corrections have been made to the :term:`LICENSE` values set by re - ``elfutils``: split license for libraries & backend and utilities. - ``ghostscript``: correct :term:`LICENSE` to ``AGPL-3.0-or-later``. +- ``kbd``: update license for consolefont and keymaps. - ``libsystemd``: set its own :term:`LICENSE` value (``LGPL-2.1-or-later``) to add more granularity. - ``libtest-warnings-perl``: update :term:`LICENSE` ``Artistic-1.0`` to ``Artistic-1.0-Perl``. - ``linux-firmware``: set package :term:`LICENSE` appropriately for ``carl9170``, ``rockchip`` and ``powerpr``. @@ -350,7 +382,7 @@ Security Fixes in 5.0 - libxml2: :cve:`2023-45322` (ignored) - linux-yocto/6.6: :cve:`2020-16119` - openssh: :cve:`2023-48795`, :cve:`2023-51384`, :cve:`2023-51385` -- openssl: :cve:`2023-5363`, :cve:`2023-5678`, :cve:`2023-6129`, :cve_mitre:`2023-6237`, :cve:`2024-0727` +- openssl: :cve:`2023-5363`, :cve:`2023-5678`, :cve:`2023-6129`, :cve_mitre:`2023-6237`, :cve:`2024-0727`, :cve:`2024-2511` - perl: :cve:`2023-47100` - pixman: :cve:`2023-37769` (ignored) - python3-cryptography{-vectors}: :cve:`2023-49083`, :cve:`2024-26130` @@ -526,7 +558,7 @@ Recipe Upgrades in 5.0 - linux-yocto-dev 6.6+git -> 6.9+git - linux-yocto-rt 6.1.78+git, 6.5.13+git -> 6.6.23+git - linux-yocto-tiny 6.1.78+git, 6.5.13+git -> 6.6.23+git -- llvm 17.0.3 -> 18.1.2 +- llvm 17.0.3 -> 18.1.3 - lsof 4.98.0 -> 4.99.3 - ltp 20230516 -> 20240129 - lttng-modules 2.13.10 -> 2.13.12 @@ -562,7 +594,7 @@ Recipe Upgrades in 5.0 - ptest-runner 2.4.2+git -> 2.4.3+git - pulseaudio 16.1 -> 17.0 - puzzles 0.0+git (2d9e414ee316…) -> 0.0+git (80aac3104096…) -- python3 3.11.5 -> 3.12.2 +- python3 3.11.5 -> 3.12.3 - python3-alabaster 0.7.13 -> 0.7.16 - python3-attrs 23.1.0 -> 23.2.0 - python3-babel 2.12.1 -> 2.14.0 @@ -904,3 +936,58 @@ Thanks to the following people who contributed to this release: Repositories / Downloads for Yocto-5.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0 </poky/log/?h=yocto-5.0>` +- Git Revision: :yocto_git:`fb91a49387cfb0c8d48303bb3354325ba2a05587 </poky/commit/?id=fb91a49387cfb0c8d48303bb3354325ba2a05587>` +- Release Artefact: poky-fb91a49387cfb0c8d48303bb3354325ba2a05587 +- sha: 8a0dff4b677b9414ab814ed35d1880196123732ea16ab2fafa388bcc509b32ab +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/poky-fb91a49387cfb0c8d48303bb3354325ba2a05587.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/poky-fb91a49387cfb0c8d48303bb3354325ba2a05587.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>` +- Tag: :oe_git:`yocto-5.0 </openembedded-core/log/?h=yocto-5.0>` +- Git Revision: :oe_git:`b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277 </openembedded-core/commit/?id=b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277>` +- Release Artefact: oecore-b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277 +- sha: c7fd05d1a00c70acba2540e60dce01a1bdc4701ebff9a808784960240c69261d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/oecore-b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/oecore-b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0 </meta-mingw/log/?h=yocto-5.0>` +- Git Revision: :yocto_git:`acbba477893ef87388effc4679b7f40ee49fc852 </meta-mingw/commit/?id=acbba477893ef87388effc4679b7f40ee49fc852>` +- Release Artefact: meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852 +- sha: 3b7c2f475dad5130bace652b150367f587d44b391218b1364a8bbc430b48c54c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>` +- Tag: :oe_git:`yocto-5.0 </bitbake/log/?h=yocto-5.0>` +- Git Revision: :oe_git:`c86466d51e8ff14e57a734c1eec5bb651fdc73ef </bitbake/commit/?id=c86466d51e8ff14e57a734c1eec5bb651fdc73ef>` +- Release Artefact: bitbake-c86466d51e8ff14e57a734c1eec5bb651fdc73ef +- sha: 45c91294c1fa5a0044f1bb72a9bb69456bb458747114115af85c7664bf672d48 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/bitbake-c86466d51e8ff14e57a734c1eec5bb651fdc73ef.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/bitbake-c86466d51e8ff14e57a734c1eec5bb651fdc73ef.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0 </yocto-docs/log/?h=yocto-5.0>` +- Git Revision: :yocto_git:`0cdc0afd3332459d30cfc8f4c2e62bdcc23f5ed5 </yocto-docs/commit/?id=0cdc0afd3332459d30cfc8f4c2e62bdcc23f5ed5>` + diff --git a/poky/documentation/poky.yaml.in b/poky/documentation/poky.yaml.in index 7a686ac4e1..0c04b615ea 100644 --- a/poky/documentation/poky.yaml.in +++ b/poky/documentation/poky.yaml.in @@ -1,10 +1,10 @@ -DISTRO : "4.3" -DISTRO_NAME_NO_CAP : "nanbield" -DISTRO_NAME : "Nanbield" -DISTRO_NAME_NO_CAP_MINUS_ONE : "mickledore" -DISTRO_NAME_NO_CAP_LTS : "kirkstone" -YOCTO_DOC_VERSION : "4.3" -DISTRO_REL_TAG : "yocto-4.3" +DISTRO : "5.0" +DISTRO_NAME_NO_CAP : "scarthgap" +DISTRO_NAME : "Scarthgap" +DISTRO_NAME_NO_CAP_MINUS_ONE : "nanbield" +DISTRO_NAME_NO_CAP_LTS : "scarthgap" +YOCTO_DOC_VERSION : "5.0" +DISTRO_REL_TAG : "yocto-5.0" DOCCONF_VERSION : "dev" BITBAKE_SERIES : "" YOCTO_DL_URL : "https://downloads.yoctoproject.org" @@ -12,18 +12,18 @@ YOCTO_AB_URL : "https://autobuilder.yoctoproject.org" YOCTO_RELEASE_DL_URL : "&YOCTO_DL_URL;/releases/yocto/yocto-&DISTRO;" UBUNTU_HOST_PACKAGES_ESSENTIAL : "gawk wget git diffstat unzip texinfo gcc \ build-essential chrpath socat cpio python3 python3-pip python3-pexpect \ - xz-utils debianutils iputils-ping python3-git python3-jinja2 libegl1-mesa libsdl1.2-dev \ - python3-subunit mesa-common-dev zstd liblz4-tool file locales libacl1 + xz-utils debianutils iputils-ping python3-git python3-jinja2 \ + python3-subunit zstd liblz4-tool file locales libacl1 \n\ $ sudo locale-gen en_US.UTF-8" FEDORA_HOST_PACKAGES_ESSENTIAL : "gawk make wget tar bzip2 gzip python3 unzip perl patch \ diffutils diffstat git cpp gcc gcc-c++ glibc-devel texinfo chrpath \ ccache perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue perl-bignum socat \ python3-pexpect findutils which file cpio python python3-pip xz python3-GitPython \ - python3-jinja2 SDL-devel rpcgen mesa-libGL-devel perl-FindBin perl-File-Compare \ + python3-jinja2 rpcgen perl-FindBin perl-File-Compare \ perl-File-Copy perl-locale zstd lz4 hostname glibc-langpack-en libacl" OPENSUSE_HOST_PACKAGES_ESSENTIAL : "python gcc gcc-c++ git chrpath make wget python-xml \ diffstat makeinfo python-curses patch socat python3 python3-curses tar python3-pip \ - python3-pexpect xz which python3-Jinja2 Mesa-libEGL1 libSDL-devel rpcgen Mesa-dri-devel \ + python3-pexpect xz which python3-Jinja2 rpcgen \ zstd lz4 bzip2 gzip hostname libacl1 \n\ $ sudo pip3 install GitPython" ALMALINUX_HOST_PACKAGES_ESSENTIAL : "-y epel-release @@ -33,8 +33,8 @@ ALMALINUX_HOST_PACKAGES_ESSENTIAL : "-y epel-release \n\ $ sudo dnf install gawk make wget tar bzip2 gzip python3 unzip perl patch \ diffutils diffstat git cpp gcc gcc-c++ glibc-devel texinfo chrpath ccache \ socat perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue python3-pip \ - python3-GitPython python3-jinja2 python3-pexpect xz which SDL-devel \ - rpcgen mesa-libGL-devel zstd lz4 cpio glibc-langpack-en libacl" + python3-GitPython python3-jinja2 python3-pexpect xz which \ + rpcgen zstd lz4 cpio glibc-langpack-en libacl" PIP3_HOST_PACKAGES_DOC : "$ sudo pip3 install sphinx sphinx_rtd_theme pyyaml" MIN_PYTHON_VERSION : "3.8.0" MIN_TAR_VERSION : "1.28" diff --git a/poky/documentation/ref-manual/svg/releases.svg b/poky/documentation/ref-manual/svg/releases.svg index 198d4632b1..036aa467cc 100644 --- a/poky/documentation/ref-manual/svg/releases.svg +++ b/poky/documentation/ref-manual/svg/releases.svg @@ -3,8 +3,8 @@ version="1.1" id="svg2" width="2040.0006" - height="624.30518" - viewBox="0 0 2040.0006 624.30515" + height="669.30511" + viewBox="0 0 2040.0006 669.30509" sodipodi:docname="releases.svg" inkscape:version="1.1.2 (0a00cf5339, 2022-02-04)" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" @@ -409,8 +409,8 @@ id="namedview4" showgrid="true" inkscape:zoom="1.4472045" - inkscape:cx="736.24703" - inkscape:cy="312.32629" + inkscape:cx="987.76641" + inkscape:cy="357.93145" inkscape:window-x="1728" inkscape:window-y="0" inkscape:window-maximized="1" @@ -427,13 +427,13 @@ type="xygrid" id="grid1257" originx="-289.99936" - originy="325" /> + originy="369.99998" /> </sodipodi:namedview> <g inkscape:groupmode="layer" inkscape:label="Image" id="g10" - transform="translate(-289.99936,325.00004)"> + transform="translate(-289.99936,370.00003)"> <path style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" d="m 1080,220.00003 v -515.00007 0 0" @@ -669,11 +669,11 @@ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" id="tspan10317-2-9-1-4">4.2</tspan></text> <g - id="g1379"> + id="g1258"> <rect style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1" id="rect917-0-0-4-4-9-4-5-38" - width="140.00003" + width="120.00002" height="45.000004" x="1220" y="-230.00005" @@ -696,53 +696,76 @@ id="tspan10317-2-9-1-4-6">4.3</tspan></text> </g> <rect - style="opacity:0.75;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1" - id="rect917-0-0-4-4-9-4-5-3-9" - width="979.99994" + style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1" + id="rect917-0-0-4-4-9-4-5-3-9-2" + width="140" height="45.000004" - x="1320" - y="-285.00003" + x="1440" + y="-340.00003" ry="2.2558987" /> <text xml:space="preserve" style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" - x="1373.233" - y="-265.32928" - id="text1185-3-55-4-0-0-0-1-1-6"><tspan + x="1487.233" + y="-320.32928" + id="text1185-3-55-4-0-0-0-1-1-6-4"><tspan sodipodi:role="line" - x="1373.233" - y="-265.32928" + x="1487.233" + y="-320.32928" style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" - id="tspan957-2-8-6-3-9-7-4-2">Scarthgap</tspan><tspan + id="tspan957-2-8-6-3-9-7-4-2-0">Styhead</tspan><tspan sodipodi:role="line" - x="1373.233" - y="-247.33261" + x="1487.233" + y="-302.33261" style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" - id="tspan10317-2-9-1-4-6-5">5.0</tspan></text> - <rect + id="tspan10317-2-9-1-4-6-5-6">5.1</tspan></text> + <g + id="g1591"> + <rect + style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1" + id="rect917-0-0-4-4-9-9" + width="960.00012" + height="45.000004" + x="859.99994" + y="-64.999992" + ry="2.2558987" /> + <text + xml:space="preserve" + style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" + x="928.49872" + y="-45.648258" + id="text1185-3-55-4-0-0-9"><tspan + sodipodi:role="line" + x="928.49872" + y="-45.648258" + style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" + id="tspan957-2-8-6-3-6">Kirkstone (LTS)</tspan><tspan + sodipodi:role="line" + x="928.49872" + y="-27.651579" + style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" + id="tspan10317-2-9-0">4.0</tspan></text> + </g> + <path + id="rect917-0-0-4-4-9-9-9" style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1" - id="rect917-0-0-4-4-9-9" - width="960.00012" - height="45.000004" - x="859.99994" - y="-64.999992" - ry="2.2558987" /> + d="m 1322.3015,-285.00003 c -1.2753,0 -2.302,1.00609 -2.302,2.25586 v 40.48828 c 0,1.24977 1.0267,2.25586 2.302,2.25586 h 975.0412 c 1.2754,0 2.302,-1.00609 2.302,-2.25586 v -40.48828 c 0,-1.24977 -1.0266,-2.25586 -2.302,-2.25586 z" /> <text xml:space="preserve" style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" - x="928.49872" - y="-45.648258" - id="text1185-3-55-4-0-0-9"><tspan + x="1390.4988" + y="-265.64832" + id="text1185-3-55-4-0-0-9-0"><tspan sodipodi:role="line" - x="928.49872" - y="-45.648258" + x="1390.4988" + y="-265.64832" style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" - id="tspan957-2-8-6-3-6">Kirkstone (LTS)</tspan><tspan + id="tspan957-2-8-6-3-6-8">Scarthgap (LTS)</tspan><tspan sodipodi:role="line" - x="928.49872" - y="-27.651579" + x="1390.4988" + y="-247.65164" style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none" - id="tspan10317-2-9-0">4.0</tspan></text> + id="tspan10317-2-9-0-1">5.0</tspan></text> <text xml:space="preserve" style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" diff --git a/poky/documentation/ref-manual/variables.rst b/poky/documentation/ref-manual/variables.rst index 9cdcc1b61b..3f37f42f21 100644 --- a/poky/documentation/ref-manual/variables.rst +++ b/poky/documentation/ref-manual/variables.rst @@ -9771,6 +9771,12 @@ system and gives an overview of their function and contents. ``meta-poky/conf/templates/default/local.conf.sample`` in the :term:`Source Directory`. + :term:`USERADD_DEPENDS` + Specifies a list of recipes that create users / groups (via + :term:`USERADD_PARAM` / :term:`GROUPADD_PARAM`) which a recipe + depends upon. This ensures that those users / groups are available + when building a recipe. + :term:`USERADD_ERROR_DYNAMIC` If set to ``error``, forces the OpenEmbedded build system to produce an error if the user identification (``uid``) and group diff --git a/poky/documentation/set_versions.py b/poky/documentation/set_versions.py index 90e08fc5e0..dec0780834 100755 --- a/poky/documentation/set_versions.py +++ b/poky/documentation/set_versions.py @@ -26,9 +26,9 @@ ourversion = None if len(sys.argv) == 2: ourversion = sys.argv[1] -activereleases = ["nanbield", "kirkstone", "dunfell"] -devbranch = "scarthgap" -ltsseries = ["kirkstone", "dunfell"] +activereleases = ["scarthgap", "nanbield", "kirkstone", "dunfell"] +devbranch = "styhead" +ltsseries = ["scarthgap", "kirkstone", "dunfell"] # used by run-docs-builds to get the default page if ourversion == "getlatest": @@ -36,6 +36,7 @@ if ourversion == "getlatest": sys.exit(0) release_series = collections.OrderedDict() +release_series["styhead"] = "5.1" release_series["scarthgap"] = "5.0" release_series["nanbield"] = "4.3" release_series["mickledore"] = "4.2" @@ -68,6 +69,7 @@ release_series["laverne"] = "0.9" bitbake_mapping = { + "styhead" : "2.10", "scarthgap" : "2.8", "nanbield" : "2.6", "mickledore" : "2.4", diff --git a/poky/documentation/standards.md b/poky/documentation/standards.md index e0c0cba83c..bc403e393e 100644 --- a/poky/documentation/standards.md +++ b/poky/documentation/standards.md @@ -70,27 +70,30 @@ cannot be split without infringing syntactic rules or reducing readability, as well as for command output which should be kept unmodified. -### Project names +### File, tool and command names -Project names should be capitalized in the same -way they are on Wikipedia, in particular: +File, tool, command and package names should be double tick-quoted. +For example, ``` ``conf/local.conf`` ``` is preferred over +`"conf/local.conf"`. -* BitBake -* OpenEmbedded +### Project names -There are exceptions in which such names can be used -in lower case: +Project names should be introduced with single quotes, to have them rendered +with an italic font and make them easier to distinguish from command names +(double tick-quoted) and from regular English words. -* When referring to a package name -* When referring to the corresponding command name -* When used in a cross-reference title. Such - titles are usually in lower case. +An exception is when project names appear in hyperlinks, as nested markup +is not supported by Sphinx yet. -### File, tool and command names +Project names should also be capitalized (or not) in the same way they are on +Wikipedia, or on their own project pages if they are not described on +Wikipedia. If a project name isn't capitalized, it should remain so even +at the beginning of a sentence. -File, tool and command names should be double tick-quoted. -For example, ``` ``conf/local.conf`` ``` is preferred over -`"conf/local.conf"`. +For example: + +* ``` `BitBake` ``` +* ``` `ftrace` ``` ### Variables diff --git a/poky/meta-poky/conf/distro/poky.conf b/poky/meta-poky/conf/distro/poky.conf index 5285753c31..23d279db3b 100644 --- a/poky/meta-poky/conf/distro/poky.conf +++ b/poky/meta-poky/conf/distro/poky.conf @@ -1,7 +1,7 @@ DISTRO = "poky" DISTRO_NAME = "Poky (Yocto Project Reference Distro)" -DISTRO_VERSION = "5.0+snapshot-${METADATA_REVISION}" -DISTRO_CODENAME = "styhead" +DISTRO_VERSION = "5.0.2" +DISTRO_CODENAME = "scarthgap" SDK_VENDOR = "-pokysdk" SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}" SDK_VERSION[vardepvalue] = "${SDK_VERSION}" diff --git a/poky/meta-poky/conf/templates/default/local.conf.sample b/poky/meta-poky/conf/templates/default/local.conf.sample index 1a93c9bdcf..72d3566294 100644 --- a/poky/meta-poky/conf/templates/default/local.conf.sample +++ b/poky/meta-poky/conf/templates/default/local.conf.sample @@ -238,7 +238,7 @@ BB_DISKMON_DIRS ??= "\ # (CDN) kindly provided by JSDelivr, uncomment one of the SSTATE_MIRRORS lines, not both. # Using the CDN rather than the yoctoproject.org address is suggested/preferred. # -#BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687" +#BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws' #SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH" # ###SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH" diff --git a/poky/meta-selftest/classes/localpkgfeed.bbclass b/poky/meta-selftest/classes/localpkgfeed.bbclass new file mode 100644 index 0000000000..b796375e55 --- /dev/null +++ b/poky/meta-selftest/classes/localpkgfeed.bbclass @@ -0,0 +1,27 @@ +# Create a subset of the package feed that just contain the +# packages depended on by this recipe. + +LOCALPKGFEED_DIR = "${WORKDIR}/localpkgfeed" + +addtask localpkgfeed after do_build +do_localpkgfeed[cleandirs] = "${LOCALPKGFEED_DIR}" +do_localpkgfeed[nostamp] = "1" + +def get_packaging_class(d): + package_class = d.getVar("PACKAGE_CLASSES").split()[0] + return package_class.replace("package_", "") + +python () { + packaging = get_packaging_class(d) + d.setVarFlag("do_localpkgfeed", "rdeptask", "do_package_write_" + packaging) +} + +python do_localpkgfeed() { + import oe.package_manager + + packaging = get_packaging_class(d) + deploydir = d.getVar("DEPLOY_DIR_" + packaging.upper()) + task = "package_write_" + packaging + + oe.package_manager.create_packages_dir(d, d.getVar("LOCALPKGFEED_DIR"), deploydir, task, True, True) +} diff --git a/poky/meta-selftest/conf/layer.conf b/poky/meta-selftest/conf/layer.conf index 763ea011d4..48ca8464f9 100644 --- a/poky/meta-selftest/conf/layer.conf +++ b/poky/meta-selftest/conf/layer.conf @@ -11,4 +11,4 @@ BBFILE_PRIORITY_selftest = "5" addpylib ${LAYERDIR}/lib oeqa -LAYERSERIES_COMPAT_selftest = "styhead" +LAYERSERIES_COMPAT_selftest = "scarthgap" diff --git a/poky/meta-skeleton/conf/layer.conf b/poky/meta-skeleton/conf/layer.conf index 963d2d5ce9..0414fb51b6 100644 --- a/poky/meta-skeleton/conf/layer.conf +++ b/poky/meta-skeleton/conf/layer.conf @@ -14,4 +14,4 @@ LAYERVERSION_skeleton = "1" LAYERDEPENDS_skeleton = "core" -LAYERSERIES_COMPAT_skeleton = "styhead" +LAYERSERIES_COMPAT_skeleton = "scarthgap" diff --git a/poky/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb b/poky/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb index 9437240fcf..0879bb17b9 100644 --- a/poky/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb +++ b/poky/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb @@ -7,7 +7,7 @@ SUMMARY = "An example kernel recipe that uses the linux-yocto and oe-core" # To use linux-yocto-custom in your layer, copy this recipe (optionally # rename it as well) and modify it appropriately for your machine. i.e.: # -# COMPATIBLE_MACHINE_yourmachine = "yourmachine" +# COMPATIBLE_MACHINE:yourmachine = "yourmachine" # # You must also provide a Linux kernel configuration. The most direct # method is to copy your .config to files/defconfig in your layer, diff --git a/poky/meta/classes-global/insane.bbclass b/poky/meta/classes-global/insane.bbclass index e963001d09..c32dfffd83 100644 --- a/poky/meta/classes-global/insane.bbclass +++ b/poky/meta/classes-global/insane.bbclass @@ -298,7 +298,7 @@ def package_qa_check_libdir(d): try: elf.open() messages.append("%s: found library in wrong location: %s" % (package, rel_path)) - except (oe.qa.NotELFFileError): + except (oe.qa.NotELFFileError, FileNotFoundError): pass if exec_re.match(rel_path): if libdir not in rel_path and libexecdir not in rel_path: @@ -307,7 +307,7 @@ def package_qa_check_libdir(d): try: elf.open() messages.append("%s: found library in wrong location: %s" % (package, rel_path)) - except (oe.qa.NotELFFileError): + except (oe.qa.NotELFFileError, FileNotFoundError): pass if messages: diff --git a/poky/meta/classes-global/sstate.bbclass b/poky/meta/classes-global/sstate.bbclass index 04539bbb99..76a7b59636 100644 --- a/poky/meta/classes-global/sstate.bbclass +++ b/poky/meta/classes-global/sstate.bbclass @@ -1115,7 +1115,7 @@ def sstate_checkhashes(sq_data, d, siginfo=False, currentcount=0, summary=True, bb.parse.siggen.checkhashes(sq_data, missed, found, d) return found -setscene_depvalid[vardepsexclude] = "SSTATE_EXCLUDEDEPS_SYSROOT" +setscene_depvalid[vardepsexclude] = "SSTATE_EXCLUDEDEPS_SYSROOT _SSTATE_EXCLUDEDEPS_SYSROOT" BB_SETSCENE_DEPVALID = "setscene_depvalid" diff --git a/poky/meta/classes-recipe/go.bbclass b/poky/meta/classes-recipe/go.bbclass index cc3564c36a..d32509aa6d 100644 --- a/poky/meta/classes-recipe/go.bbclass +++ b/poky/meta/classes-recipe/go.bbclass @@ -48,8 +48,6 @@ GO_RPATH:class-native = "${@'-r ${STAGING_LIBDIR_NATIVE}/go/pkg/${TARGET_GOTUPLE GO_RPATH_LINK:class-native = "${@'-Wl,-rpath-link=${STAGING_LIBDIR_NATIVE}/go/pkg/${TARGET_GOTUPLE}_dynlink' if d.getVar('GO_DYNLINK') else ''}" GO_EXTLDFLAGS ?= "${HOST_CC_ARCH}${TOOLCHAIN_OPTIONS} ${GO_RPATH_LINK} ${LDFLAGS}" GO_LINKMODE ?= "" -GO_LINKMODE:class-nativesdk = "--linkmode=external" -GO_LINKMODE:class-native = "--linkmode=external" GO_EXTRA_LDFLAGS ?= "" GO_LINUXLOADER ?= "-I ${@get_linuxloader(d)}" # Use system loader. If uninative is used, the uninative loader will be patched automatically diff --git a/poky/meta/classes-recipe/goarch.bbclass b/poky/meta/classes-recipe/goarch.bbclass index 6899ec28e4..1ebe03864f 100644 --- a/poky/meta/classes-recipe/goarch.bbclass +++ b/poky/meta/classes-recipe/goarch.bbclass @@ -38,13 +38,13 @@ BASE_GOARM:armv5 = '5' # Go supports dynamic linking on a limited set of architectures. # See the supportsDynlink function in go/src/cmd/compile/internal/gc/main.go GO_DYNLINK = "" -GO_DYNLINK:arm = "" -GO_DYNLINK:aarch64 = "" -GO_DYNLINK:x86 = "" -GO_DYNLINK:x86-64 = "" -GO_DYNLINK:powerpc64 = "" -GO_DYNLINK:powerpc64le = "" -GO_DYNLINK:class-native = "" +GO_DYNLINK:arm ?= "1" +GO_DYNLINK:aarch64 ?= "1" +GO_DYNLINK:x86 ?= "1" +GO_DYNLINK:x86-64 ?= "1" +GO_DYNLINK:powerpc64 ?= "1" +GO_DYNLINK:powerpc64le ?= "1" +GO_DYNLINK:class-native ?= "" GO_DYNLINK:class-nativesdk = "" # define here because everybody inherits this class diff --git a/poky/meta/classes-recipe/image_types.bbclass b/poky/meta/classes-recipe/image_types.bbclass index 913cb8788c..2f948ecbf8 100644 --- a/poky/meta/classes-recipe/image_types.bbclass +++ b/poky/meta/classes-recipe/image_types.bbclass @@ -112,18 +112,22 @@ IMAGE_CMD:btrfs () { } oe_mksquashfs () { - local comp=$1 - local suffix=$2 + local comp=$1; shift + local extra_imagecmd="$@" + + if [ "$comp" = "zstd" ]; then + suffix="zst" + fi # Use the bitbake reproducible timestamp instead of the hardcoded squashfs one export SOURCE_DATE_EPOCH=$(stat -c '%Y' ${IMAGE_ROOTFS}) - mksquashfs ${IMAGE_ROOTFS} ${IMGDEPLOYDIR}/${IMAGE_NAME}.squashfs${comp:+-}${suffix:-$comp} ${EXTRA_IMAGECMD} -noappend ${comp:+-comp }$comp + mksquashfs ${IMAGE_ROOTFS} ${IMGDEPLOYDIR}/${IMAGE_NAME}.squashfs${comp:+-}${suffix:-$comp} -noappend ${comp:+-comp }$comp $extra_imagecmd } -IMAGE_CMD:squashfs = "oe_mksquashfs" -IMAGE_CMD:squashfs-xz = "oe_mksquashfs xz" -IMAGE_CMD:squashfs-lzo = "oe_mksquashfs lzo" -IMAGE_CMD:squashfs-lz4 = "oe_mksquashfs lz4" -IMAGE_CMD:squashfs-zst = "oe_mksquashfs zstd zst" +IMAGE_CMD:squashfs = "oe_mksquashfs '' ${EXTRA_IMAGECMD}" +IMAGE_CMD:squashfs-xz = "oe_mksquashfs xz ${EXTRA_IMAGECMD}" +IMAGE_CMD:squashfs-lzo = "oe_mksquashfs lzo ${EXTRA_IMAGECMD}" +IMAGE_CMD:squashfs-lz4 = "oe_mksquashfs lz4 ${EXTRA_IMAGECMD}" +IMAGE_CMD:squashfs-zst = "oe_mksquashfs zstd ${EXTRA_IMAGECMD}" IMAGE_CMD:erofs = "mkfs.erofs ${EXTRA_IMAGECMD} ${IMGDEPLOYDIR}/${IMAGE_NAME}.erofs ${IMAGE_ROOTFS}" IMAGE_CMD:erofs-lz4 = "mkfs.erofs -zlz4 ${EXTRA_IMAGECMD} ${IMGDEPLOYDIR}/${IMAGE_NAME}.erofs-lz4 ${IMAGE_ROOTFS}" diff --git a/poky/meta/classes-recipe/kernel.bbclass b/poky/meta/classes-recipe/kernel.bbclass index b084d6d69d..c0a2056fec 100644 --- a/poky/meta/classes-recipe/kernel.bbclass +++ b/poky/meta/classes-recipe/kernel.bbclass @@ -463,7 +463,7 @@ kernel_do_install() { rm -f "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/build" rm -f "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/source" # Remove empty module directories to prevent QA issues - find "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel" -type d -empty -delete + [ -d "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel" ] && find "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel" -type d -empty -delete else bbnote "no modules to install" fi diff --git a/poky/meta/classes-recipe/linuxloader.bbclass b/poky/meta/classes-recipe/linuxloader.bbclass index 2ea1b62254..a2e8f9837b 100644 --- a/poky/meta/classes-recipe/linuxloader.bbclass +++ b/poky/meta/classes-recipe/linuxloader.bbclass @@ -57,7 +57,7 @@ def get_glibc_loader(d): elif re.search("i.86", targetarch): dynamic_loader = "${base_libdir}/ld-linux.so.2" elif targetarch == "arm": - dynamic_loader = "${base_libdir}/ld-linux${@['-armhf', ''][d.getVar('TARGET_FPU') == 'soft']}.so.3" + dynamic_loader = "${base_libdir}/ld-linux${@['', '-armhf'][d.getVar('TARGET_FPU') == 'hard']}.so.3" elif targetarch.startswith("aarch64"): dynamic_loader = "${base_libdir}/ld-linux-aarch64${ARMPKGSFX_ENDIAN_64}.so.1" elif targetarch.startswith("riscv64"): diff --git a/poky/meta/classes-recipe/pypi.bbclass b/poky/meta/classes-recipe/pypi.bbclass index c6bbe8119a..b8c18ccf39 100644 --- a/poky/meta/classes-recipe/pypi.bbclass +++ b/poky/meta/classes-recipe/pypi.bbclass @@ -12,19 +12,14 @@ def pypi_package(d): return bpn[8:] return bpn -# The PyPi package name (defaults to PN without the python3- prefix) PYPI_PACKAGE ?= "${@pypi_package(d)}" -# The file extension of the source archive PYPI_PACKAGE_EXT ?= "tar.gz" -# An optional prefix for the download file in the case of name collisions +PYPI_ARCHIVE_NAME ?= "${PYPI_PACKAGE}-${PV}.${PYPI_PACKAGE_EXT}" PYPI_ARCHIVE_NAME_PREFIX ?= "" def pypi_src_uri(d): - """ - Construct a source URL as per https://warehouse.pypa.io/api-reference/integration-guide.html#predictable-urls. - """ package = d.getVar('PYPI_PACKAGE') - archive_name = d.expand('${PYPI_PACKAGE}-${PV}.${PYPI_PACKAGE_EXT}') + archive_name = d.getVar('PYPI_ARCHIVE_NAME') archive_downloadname = d.getVar('PYPI_ARCHIVE_NAME_PREFIX') + archive_name return 'https://files.pythonhosted.org/packages/source/%s/%s/%s;downloadfilename=%s' % (package[0], package, archive_name, archive_downloadname) diff --git a/poky/meta/classes-recipe/rootfs-postcommands.bbclass b/poky/meta/classes-recipe/rootfs-postcommands.bbclass index e81b69a239..920da94ba2 100644 --- a/poky/meta/classes-recipe/rootfs-postcommands.bbclass +++ b/poky/meta/classes-recipe/rootfs-postcommands.bbclass @@ -206,7 +206,9 @@ read_only_rootfs_hook () { # Also tweak the key location for dropbear in the same way. if [ -d ${IMAGE_ROOTFS}/etc/dropbear ]; then if [ ! -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ]; then - echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >> ${IMAGE_ROOTFS}/etc/default/dropbear + if ! grep -q "^DROPBEAR_RSAKEY_DIR=" ${IMAGE_ROOTFS}/etc/default/dropbear ; then + echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >> ${IMAGE_ROOTFS}/etc/default/dropbear + fi fi fi fi diff --git a/poky/meta/classes-recipe/uboot-sign.bbclass b/poky/meta/classes-recipe/uboot-sign.bbclass index 7a0b8047e4..c8e097f2f2 100644 --- a/poky/meta/classes-recipe/uboot-sign.bbclass +++ b/poky/meta/classes-recipe/uboot-sign.bbclass @@ -367,7 +367,7 @@ do_uboot_assemble_fitimage() { done for binary in ${UBOOT_BINARIES}; do - k=$(expr $j + 1); + k=$(expr $k + 1); if [ $k -eq $i ]; then break; fi diff --git a/poky/meta/classes/create-spdx-2.2.bbclass b/poky/meta/classes/create-spdx-2.2.bbclass index 486efadba9..4ea91f6499 100644 --- a/poky/meta/classes/create-spdx-2.2.bbclass +++ b/poky/meta/classes/create-spdx-2.2.bbclass @@ -28,7 +28,7 @@ SPDX_ARCHIVE_SOURCES ??= "0" SPDX_ARCHIVE_PACKAGED ??= "0" SPDX_UUID_NAMESPACE ??= "sbom.openembedded.org" -SPDX_NAMESPACE_PREFIX ??= "http://spdx.org/spdxdoc" +SPDX_NAMESPACE_PREFIX ??= "http://spdx.org/spdxdocs" SPDX_PRETTY ??= "0" SPDX_LICENSES ??= "${COREBASE}/meta/files/spdx-licenses.json" diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc index 20eb3a0446..180dfc1918 100644 --- a/poky/meta/conf/distro/include/maintainers.inc +++ b/poky/meta/conf/distro/include/maintainers.inc @@ -190,7 +190,7 @@ RECIPE_MAINTAINER:pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r RECIPE_MAINTAINER:pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>" -RECIPE_MAINTAINER:pn-gcc-source-13.2.0 = "Khem Raj <raj.khem@gmail.com>" +RECIPE_MAINTAINER:pn-gcc-source-13.3.0 = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gconf = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-gcr = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-gdb = "Khem Raj <raj.khem@gmail.com>" @@ -225,7 +225,6 @@ RECIPE_MAINTAINER:pn-go-cross-${TUNE_PKGARCH} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-go-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-go-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-go-helloworld = "Khem Raj <raj.khem@gmail.com>" -RECIPE_MAINTAINER:pn-go-native = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-go-runtime = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gobject-introspection = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-gperf = "Alexander Kanavin <alex.kanavin@gmail.com>" diff --git a/poky/meta/conf/distro/include/yocto-uninative.inc b/poky/meta/conf/distro/include/yocto-uninative.inc index 4ac66fd506..657c1032f9 100644 --- a/poky/meta/conf/distro/include/yocto-uninative.inc +++ b/poky/meta/conf/distro/include/yocto-uninative.inc @@ -7,9 +7,9 @@ # UNINATIVE_MAXGLIBCVERSION = "2.39" -UNINATIVE_VERSION = "4.4" +UNINATIVE_VERSION = "4.5" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "b61876130f494f75092f21086b4a64ea5fb064045769bf1d32e9cb6af17ea8ec" -UNINATIVE_CHECKSUM[i686] ?= "9f28627828f0082cc0344eede4d9a861a9a064bfa8f36e072e46212f0fe45fcc" -UNINATIVE_CHECKSUM[x86_64] ?= "d81c54284be2bb886931fc87281d58177a2cd381cf99d1981f8923039a72a302" +UNINATIVE_CHECKSUM[aarch64] ?= "df2e29e2e6feb187a3499abf3b1322a3b251da819c77a7b19d4fe952351365ab" +UNINATIVE_CHECKSUM[i686] ?= "8ef3eda53428b484c20157f6ec3c130b03080b3d4b3889067e0e184e05102d35" +UNINATIVE_CHECKSUM[x86_64] ?= "43ee6a25bcf5fce16ea87076d6a96e79ead6ced90690a058d07432f902773473" diff --git a/poky/meta/conf/layer.conf b/poky/meta/conf/layer.conf index f2bca0aa5b..efbf2610f9 100644 --- a/poky/meta/conf/layer.conf +++ b/poky/meta/conf/layer.conf @@ -7,12 +7,12 @@ BBFILE_COLLECTIONS += "core" BBFILE_PATTERN_core = "^${LAYERDIR}/" BBFILE_PRIORITY_core = "5" -LAYERSERIES_CORENAMES = "scarthgap styhead" +LAYERSERIES_CORENAMES = "scarthgap" # This should only be incremented on significant changes that will # cause compatibility issues with other layers LAYERVERSION_core = "15" -LAYERSERIES_COMPAT_core = "styhead" +LAYERSERIES_COMPAT_core = "scarthgap" BBLAYERS_LAYERINDEX_NAME_core = "openembedded-core" diff --git a/poky/meta/lib/oe/package_manager/__init__.py b/poky/meta/lib/oe/package_manager/__init__.py index 6774cdb794..d3b2317894 100644 --- a/poky/meta/lib/oe/package_manager/__init__.py +++ b/poky/meta/lib/oe/package_manager/__init__.py @@ -449,7 +449,7 @@ class PackageManager(object, metaclass=ABCMeta): return res return _append(uris, base_paths) -def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencies): +def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencies, include_self=False): """ Go through our do_package_write_X dependencies and hardlink the packages we depend upon into the repo directory. This prevents us seeing other packages that may @@ -486,14 +486,17 @@ def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencie bb.fatal("Couldn't find ourself in BB_TASKDEPDATA?") pkgdeps = set() start = [start] - seen = set(start) + if include_self: + seen = set() + else: + seen = set(start) # Support direct dependencies (do_rootfs -> do_package_write_X) # or indirect dependencies within PN (do_populate_sdk_ext -> do_rootfs -> do_package_write_X) while start: next = [] for dep2 in start: for dep in taskdepdata[dep2][3]: - if taskdepdata[dep][0] != pn: + if include_self or taskdepdata[dep][0] != pn: if "do_" + taskname in dep: pkgdeps.add(dep) elif dep not in seen: diff --git a/poky/meta/lib/oe/package_manager/ipk/__init__.py b/poky/meta/lib/oe/package_manager/ipk/__init__.py index 8cc9953a02..47e72cc7a6 100644 --- a/poky/meta/lib/oe/package_manager/ipk/__init__.py +++ b/poky/meta/lib/oe/package_manager/ipk/__init__.py @@ -4,6 +4,7 @@ # SPDX-License-Identifier: GPL-2.0-only # +import glob import re import shutil import subprocess @@ -134,11 +135,16 @@ class OpkgDpkgPM(PackageManager): tmp_dir = tempfile.mkdtemp() current_dir = os.getcwd() os.chdir(tmp_dir) - data_tar = 'data.tar.zst' try: cmd = [ar_cmd, 'x', pkg_path] output = subprocess.check_output(cmd, stderr=subprocess.STDOUT) + data_tar = glob.glob("data.tar.*") + if len(data_tar) != 1: + bb.fatal("Unable to extract %s package. Failed to identify " + "data tarball (found tarballs '%s').", + pkg_path, data_tar) + data_tar = data_tar[0] cmd = [tar_cmd, 'xf', data_tar] output = subprocess.check_output(cmd, stderr=subprocess.STDOUT) except subprocess.CalledProcessError as e: @@ -153,6 +159,7 @@ class OpkgDpkgPM(PackageManager): bb.note("Extracted %s to %s" % (pkg_path, tmp_dir)) bb.utils.remove(os.path.join(tmp_dir, "debian-binary")) bb.utils.remove(os.path.join(tmp_dir, "control.tar.gz")) + bb.utils.remove(os.path.join(tmp_dir, data_tar)) os.chdir(current_dir) return tmp_dir @@ -505,7 +512,4 @@ class OpkgPM(OpkgDpkgPM): bb.fatal("Unable to get information for package '%s' while " "trying to extract the package." % pkg) - tmp_dir = super(OpkgPM, self).extract(pkg, pkg_info) - bb.utils.remove(os.path.join(tmp_dir, "data.tar.zst")) - - return tmp_dir + return super(OpkgPM, self).extract(pkg, pkg_info) diff --git a/poky/meta/lib/oeqa/sdk/cases/assimp.py b/poky/meta/lib/oeqa/sdk/cases/assimp.py index e986838aea..d990b1e97d 100644 --- a/poky/meta/lib/oeqa/sdk/cases/assimp.py +++ b/poky/meta/lib/oeqa/sdk/cases/assimp.py @@ -25,10 +25,10 @@ class BuildAssimp(OESDKTestCase): def test_assimp(self): with tempfile.TemporaryDirectory(prefix="assimp", dir=self.tc.sdk_dir) as testdir: - tarball = self.fetch(testdir, self.td["DL_DIR"], "https://github.com/assimp/assimp/archive/v5.3.1.tar.gz") + tarball = self.fetch(testdir, self.td["DL_DIR"], "https://github.com/assimp/assimp/archive/v5.4.1.tar.gz") dirs = {} - dirs["source"] = os.path.join(testdir, "assimp-5.3.1") + dirs["source"] = os.path.join(testdir, "assimp-5.4.1") dirs["build"] = os.path.join(testdir, "build") dirs["install"] = os.path.join(testdir, "install") @@ -39,7 +39,7 @@ class BuildAssimp(OESDKTestCase): self._run("sed -i '/# ifdef _FILE_OFFSET_BITS/I,+2 d' {source}/contrib/zlib/gzguts.h".format(**dirs)) os.makedirs(dirs["build"]) - self._run("cd {build} && cmake -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -DASSIMP_BUILD_ZLIB=ON {source}".format(**dirs)) + self._run("cd {build} && cmake -DASSIMP_WARNINGS_AS_ERRORS=OFF -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -DASSIMP_BUILD_ZLIB=ON {source}".format(**dirs)) self._run("cmake --build {build} -- -j".format(**dirs)) self._run("cmake --build {build} --target install -- DESTDIR={install}".format(**dirs)) - self.check_elf(os.path.join(dirs["install"], "usr", "local", "lib", "libassimp.so.5.3.0")) + self.check_elf(os.path.join(dirs["install"], "usr", "local", "lib", "libassimp.so.5.4.1")) diff --git a/poky/meta/lib/oeqa/sdkext/cases/devtool.py b/poky/meta/lib/oeqa/sdkext/cases/devtool.py index 5ffb732556..d0746e68eb 100644 --- a/poky/meta/lib/oeqa/sdkext/cases/devtool.py +++ b/poky/meta/lib/oeqa/sdkext/cases/devtool.py @@ -69,10 +69,9 @@ class DevtoolTest(OESDKExtTestCase): self._test_devtool_build(self.myapp_cmake_dst) def test_extend_autotools_recipe_creation(self): - req = 'https://github.com/rdfa/librdfa' - recipe = "librdfa" - self._run('devtool sdk-install libxml2') - self._run('devtool add %s %s' % (recipe, req) ) + recipe = "test-dbus-wait" + self._run('devtool sdk-install dbus') + self._run('devtool add %s https://git.yoctoproject.org/git/dbus-wait' % (recipe) ) try: self._run('devtool build %s' % recipe) finally: diff --git a/poky/meta/lib/oeqa/selftest/cases/debuginfod.py b/poky/meta/lib/oeqa/selftest/cases/debuginfod.py index 505b4be837..46c0cd87bb 100644 --- a/poky/meta/lib/oeqa/selftest/cases/debuginfod.py +++ b/poky/meta/lib/oeqa/selftest/cases/debuginfod.py @@ -62,7 +62,7 @@ class Debuginfod(OESelftestTestCase): raise TimeoutError("Cannot connect debuginfod, still %d scan jobs running" % latest) - def start_debuginfod(self): + def start_debuginfod(self, feed_dir): # We assume that the caller has already bitbake'd elfutils-native:do_addto_recipe_sysroot # Save some useful paths for later @@ -82,7 +82,7 @@ class Debuginfod(OESelftestTestCase): # Disable rescanning, this is a one-shot test "--rescan-time=0", "--groom-time=0", - get_bb_var("DEPLOY_DIR"), + feed_dir, ] format = get_bb_var("PACKAGE_CLASSES").split()[0] @@ -114,11 +114,12 @@ class Debuginfod(OESelftestTestCase): self.write_config(""" TMPDIR = "${TOPDIR}/tmp-debuginfod" DISTRO_FEATURES:append = " debuginfod" +INHERIT += "localpkgfeed" """) - bitbake("elfutils-native:do_addto_recipe_sysroot xz xz:do_package") + bitbake("elfutils-native:do_addto_recipe_sysroot xz xz:do_package xz:do_localpkgfeed") try: - self.start_debuginfod() + self.start_debuginfod(get_bb_var("LOCALPKGFEED_DIR", "xz")) env = os.environ.copy() env["DEBUGINFOD_URLS"] = "http://localhost:%d/" % self.port @@ -141,12 +142,13 @@ DISTRO_FEATURES:append = " debuginfod" self.write_config(""" TMPDIR = "${TOPDIR}/tmp-debuginfod" DISTRO_FEATURES:append = " debuginfod" +INHERIT += "localpkgfeed" CORE_IMAGE_EXTRA_INSTALL += "elfutils xz" """) - bitbake("core-image-minimal elfutils-native:do_addto_recipe_sysroot") + bitbake("core-image-minimal elfutils-native:do_addto_recipe_sysroot xz:do_localpkgfeed") try: - self.start_debuginfod() + self.start_debuginfod(get_bb_var("LOCALPKGFEED_DIR", "xz")) with runqemu("core-image-minimal", runqemuparams="nographic") as qemu: cmd = "DEBUGINFOD_URLS=http://%s:%d/ debuginfod-find debuginfo /usr/bin/xz" % (qemu.server_ip, self.port) diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py index bc1e40ef83..fc08906117 100644 --- a/poky/meta/lib/oeqa/selftest/cases/devtool.py +++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py @@ -286,10 +286,13 @@ class DevtoolTestCase(OESelftestTestCase): else: self.skipTest('No tap devices found - you must set up tap devices with scripts/runqemu-gen-tapdevs before running this test') - def _test_devtool_add_git_url(self, git_url, version, pn, resulting_src_uri): + def _test_devtool_add_git_url(self, git_url, version, pn, resulting_src_uri, srcrev=None): self.track_for_cleanup(self.workspacedir) self.add_command_to_tearDown('bitbake-layers remove-layer */workspace') - result = runCmd('devtool add --version %s %s %s' % (version, pn, git_url)) + command = 'devtool add --version %s %s %s' % (version, pn, git_url) + if srcrev : + command += ' --srcrev %s' %srcrev + result = runCmd(command) self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created') # Check the recipe name is correct recipefile = get_bb_var('FILE', pn) @@ -479,11 +482,12 @@ class DevtoolAddTests(DevtoolBase): def test_devtool_add_git_style2(self): version = 'v3.1.0' + srcrev = 'v3.1.0' pn = 'mbedtls' # this will trigger reformat_git_uri with branch parameter in url git_url = "'git://git@github.com/ARMmbed/mbedtls.git;protocol=https'" - resulting_src_uri = "gitsm://git@github.com/ARMmbed/mbedtls.git;protocol=https;branch=master" - self._test_devtool_add_git_url(git_url, version, pn, resulting_src_uri) + resulting_src_uri = "git://git@github.com/ARMmbed/mbedtls.git;protocol=https;branch=master" + self._test_devtool_add_git_url(git_url, version, pn, resulting_src_uri, srcrev) def test_devtool_add_library(self): # Fetch source @@ -749,6 +753,25 @@ class DevtoolModifyTests(DevtoolBase): result = runCmd('devtool status') self.assertNotIn('mdadm', result.output) + def test_devtool_modify_go(self): + import oe.path + from tempfile import TemporaryDirectory + with TemporaryDirectory(prefix='devtoolqa') as tempdir: + self.track_for_cleanup(self.workspacedir) + self.add_command_to_tearDown('bitbake -c clean go-helloworld') + self.add_command_to_tearDown('bitbake-layers remove-layer */workspace') + result = runCmd('devtool modify go-helloworld -x %s' % tempdir) + self.assertExists( + oe.path.join(tempdir, 'src', 'golang.org', 'x', 'example', 'go.mod'), + 'Extracted source could not be found' + ) + self.assertExists( + oe.path.join(self.workspacedir, 'conf', 'layer.conf'), + 'Workspace directory not created' + ) + matches = glob.glob(oe.path.join(self.workspacedir, 'appends', 'go-helloworld_*.bbappend')) + self.assertTrue(matches, 'bbappend not created %s' % result.output) + def test_devtool_buildclean(self): def assertFile(path, *paths): f = os.path.join(path, *paths) @@ -1405,14 +1428,30 @@ class DevtoolUpdateTests(DevtoolBase): runCmd('echo "Bar" > new-file', cwd=tempdir) runCmd('git add new-file', cwd=tempdir) runCmd('git commit -m "Add new file"', cwd=tempdir) - self.add_command_to_tearDown('cd %s; git clean -fd .; git checkout .' % - os.path.dirname(recipefile)) runCmd('devtool update-recipe %s' % testrecipe) expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)), (' M', '.*/makedevs/makedevs.c$'), ('??', '.*/makedevs/new-local$'), ('??', '.*/makedevs/0001-Add-new-file.patch$')] self._check_repo_status(os.path.dirname(recipefile), expected_status) + # Now try to update recipe in another layer, so first, clean it + runCmd('cd %s; git clean -fd .; git checkout .' % os.path.dirname(recipefile)) + # Create a temporary layer and add it to bblayers.conf + self._create_temp_layer(templayerdir, True, 'templayer') + # Update recipe in templayer + result = runCmd('devtool update-recipe %s -a %s' % (testrecipe, templayerdir)) + self.assertNotIn('WARNING:', result.output) + # Check recipe is still clean + self._check_repo_status(os.path.dirname(recipefile), []) + splitpath = os.path.dirname(recipefile).split(os.sep) + appenddir = os.path.join(templayerdir, splitpath[-2], splitpath[-1]) + bbappendfile = self._check_bbappend(testrecipe, recipefile, appenddir) + patchfile = os.path.join(appenddir, testrecipe, '0001-Add-new-file.patch') + new_local_file = os.path.join(appenddir, testrecipe, 'new_local') + local_file = os.path.join(appenddir, testrecipe, 'makedevs.c') + self.assertExists(patchfile, 'Patch file 0001-Add-new-file.patch not created') + self.assertExists(local_file, 'File makedevs.c not created') + self.assertExists(patchfile, 'File new_local not created') def test_devtool_update_recipe_local_files_2(self): """Check local source files support when oe-local-files is in Git""" @@ -1753,6 +1792,8 @@ class DevtoolExtractTests(DevtoolBase): # Definitions testrecipe = 'mdadm' testfile = '/sbin/mdadm' + if "usrmerge" in get_bb_var('DISTRO_FEATURES'): + testfile = '/usr/sbin/mdadm' testimage = 'oe-selftest-image' testcommand = '/sbin/mdadm --help' # Build an image to run diff --git a/poky/meta/lib/oeqa/selftest/cases/recipetool.py b/poky/meta/lib/oeqa/selftest/cases/recipetool.py index aebea42502..126906df50 100644 --- a/poky/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/poky/meta/lib/oeqa/selftest/cases/recipetool.py @@ -120,9 +120,15 @@ class RecipetoolAppendTests(RecipetoolBase): self._try_recipetool_appendfile_fail('/dev/console', self.testfile, ['ERROR: /dev/console cannot be handled by this tool']) def test_recipetool_appendfile_alternatives(self): + lspath = '/bin/ls' + dirname = "base_bindir" + if "usrmerge" in get_bb_var('DISTRO_FEATURES'): + lspath = '/usr/bin/ls' + dirname = "bindir" + # Now try with a file we know should be an alternative # (this is very much a fake example, but one we know is reliably an alternative) - self._try_recipetool_appendfile_fail('/bin/ls', self.testfile, ['ERROR: File /bin/ls is an alternative possibly provided by the following recipes:', 'coreutils', 'busybox']) + self._try_recipetool_appendfile_fail(lspath, self.testfile, ['ERROR: File %s is an alternative possibly provided by the following recipes:' % lspath, 'coreutils', 'busybox']) # Need a test file - should be executable testfile2 = os.path.join(self.corebase, 'oe-init-build-env') testfile2name = os.path.basename(testfile2) @@ -131,12 +137,12 @@ class RecipetoolAppendTests(RecipetoolBase): 'SRC_URI += "file://%s"\n' % testfile2name, '\n', 'do_install:append() {\n', - ' install -d ${D}${base_bindir}\n', - ' install -m 0755 ${WORKDIR}/%s ${D}${base_bindir}/ls\n' % testfile2name, + ' install -d ${D}${%s}\n' % dirname, + ' install -m 0755 ${WORKDIR}/%s ${D}${%s}/ls\n' % (testfile2name, dirname), '}\n'] - self._try_recipetool_appendfile('coreutils', '/bin/ls', testfile2, '-r coreutils', expectedlines, [testfile2name]) + self._try_recipetool_appendfile('coreutils', lspath, testfile2, '-r coreutils', expectedlines, [testfile2name]) # Now try bbappending the same file again, contents should not change - bbappendfile, _ = self._try_recipetool_appendfile('coreutils', '/bin/ls', self.testfile, '-r coreutils', expectedlines, [testfile2name]) + bbappendfile, _ = self._try_recipetool_appendfile('coreutils', lspath, self.testfile, '-r coreutils', expectedlines, [testfile2name]) # But file should have copiedfile = os.path.join(os.path.dirname(bbappendfile), 'coreutils', testfile2name) result = runCmd('diff -q %s %s' % (testfile2, copiedfile), ignore_status=True) diff --git a/poky/meta/lib/oeqa/selftest/context.py b/poky/meta/lib/oeqa/selftest/context.py index 57844b289a..99186175e5 100644 --- a/poky/meta/lib/oeqa/selftest/context.py +++ b/poky/meta/lib/oeqa/selftest/context.py @@ -194,8 +194,23 @@ class OESelftestTestContextExecutor(OETestContextExecutor): parser.add_argument('-R', '--skip-tests', required=False, action='store', nargs='+', dest="skips", default=None, help='Skip the tests specified. Format should be <module>[.<class>[.<test_method>]]') + + def check_parallel_support(parameter): + if not parameter.isdigit(): + import argparse + raise argparse.ArgumentTypeError("argument -j/--num-processes: invalid int value: '%s' " % str(parameter)) + + processes = int(parameter) + if processes: + try: + import testtools, subunit + except ImportError: + print("Failed to import testtools or subunit, the testcases will run serially") + processes = None + return processes + parser.add_argument('-j', '--num-processes', dest='processes', action='store', - type=int, help="number of processes to execute in parallel with") + type=check_parallel_support, help="number of processes to execute in parallel with") parser.add_argument('-t', '--select-tag', dest="select_tags", action='append', default=None, diff --git a/poky/meta/lib/oeqa/utils/postactions.py b/poky/meta/lib/oeqa/utils/postactions.py index 8104400ac2..ecdddd2d40 100644 --- a/poky/meta/lib/oeqa/utils/postactions.py +++ b/poky/meta/lib/oeqa/utils/postactions.py @@ -25,7 +25,7 @@ def create_artifacts_directory(d, tc): def get_target_disk_usage(d, tc): output_file = os.path.join(get_json_result_dir(d), "artifacts", "target_disk_usage.txt") try: - (status, output) = tc.target.run('df -hl') + (status, output) = tc.target.run('df -h') with open(output_file, 'w') as f: f.write(output) f.write("\n") diff --git a/poky/meta/lib/patchtest/tests/test_metadata.py b/poky/meta/lib/patchtest/tests/test_metadata.py index be609dbd04..f5dbcf01ed 100644 --- a/poky/meta/lib/patchtest/tests/test_metadata.py +++ b/poky/meta/lib/patchtest/tests/test_metadata.py @@ -18,12 +18,12 @@ class TestMetadata(base.Metadata): lictag_re = pyparsing.AtLineStart("License-Update:") lic_chksum_added = pyparsing.AtLineStart("+" + metadata_chksum) lic_chksum_removed = pyparsing.AtLineStart("-" + metadata_chksum) - add_mark = pyparsing.Regex('\+ ') + add_mark = pyparsing.Regex('\\+ ') max_length = 200 metadata_src_uri = 'SRC_URI' md5sum = 'md5sum' sha256sum = 'sha256sum' - git_regex = pyparsing.Regex('^git\:\/\/.*') + git_regex = pyparsing.Regex('^git\\:\\/\\/.*') metadata_summary = 'SUMMARY' cve_check_ignore_var = 'CVE_CHECK_IGNORE' cve_status_var = 'CVE_STATUS' diff --git a/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb b/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb index 63edcbd864..3024ddcaf0 100644 --- a/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb +++ b/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb @@ -46,3 +46,9 @@ ALTERNATIVE_TARGET[rb] = "${bindir}/lrz" ALTERNATIVE_TARGET[sz] = "${bindir}/lsz" ALTERNATIVE_TARGET[sx] = "${bindir}/lsz" ALTERNATIVE_TARGET[sb] = "${bindir}/lsz" + +# http://errors.yoctoproject.org/Errors/Details/766929/ +# lrzsz-0.12.20/src/tcp.c:75:56: error: passing argument 3 of 'getsockname' from incompatible pointer type [-Wincompatible-pointer-types] +# lrzsz-0.12.20/src/tcp.c:83:52: error: passing argument 3 of 'getsockname' from incompatible pointer type [-Wincompatible-pointer-types] +# lrzsz-0.12.20/src/tcp.c:103:51: error: passing argument 3 of 'accept' from incompatible pointer type [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc index ca5357392a..1f17bd7d0a 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc +++ b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc @@ -12,7 +12,7 @@ PE = "1" # We use the revision in order to avoid having to fetch it from the # repo during parse -SRCREV = "25049ad560826f7dc1c4740883b0016014a59789" +SRCREV = "866ca972d6c3cabeaf6dbac431e8e08bb30b3c8e" SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2024.04.bb b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2024.01.bb index 7eaf721ca8..7eaf721ca8 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2024.04.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2024.01.bb diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2024.04.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2024.01.bb index b15bcaa818..b15bcaa818 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot_2024.04.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot_2024.01.bb diff --git a/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb index fcd154b4b0..8875cdc02c 100644 --- a/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb +++ b/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb @@ -28,3 +28,7 @@ RDEPENDS:${PN} = "connman" do_install:append() { install -m 0644 ${WORKDIR}/images/* ${D}/usr/share/icons/hicolor/22x22/apps/ } + +# http://errors.yoctoproject.org/Errors/Details/766926/ +# connman-client.c:200:15: error: assignment to 'GtkTreeModel *' {aka 'struct _GtkTreeModel *'} from incompatible pointer type 'GtkTreeStore *' {aka 'struct _GtkTreeStore *'} [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch deleted file mode 100644 index 74e3de1ce9..0000000000 --- a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch +++ /dev/null @@ -1,39 +0,0 @@ -From c25f8d1f7a6203dfeb10b39f80ffd314bb84a58d Mon Sep 17 00:00:00 2001 -From: Baruch Siach <baruch@tkos.co.il> -Date: Thu, 22 Dec 2016 15:26:30 +0200 -Subject: [PATCH] libc-compat.h: add musl workaround - -The libc-compat.h kernel header uses glibc specific macros (__GLIBC__ and -__USE_MISC) to solve conflicts with libc provided headers. This patch makes -libc-compat.h work for musl libc as well. - -Upstream-Status: Pending - -Taken From: -https://git.buildroot.net/buildroot/tree/package/iproute2/0001-Add-the-musl-workaround-to-the-libc-compat.h-copy.patch - -Signed-off-by: Baruch Siach <baruch@tkos.co.il> -Signed-off-by: Maxin B. John <maxin.john@intel.com> - ---- - include/uapi/linux/libc-compat.h | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/include/uapi/linux/libc-compat.h b/include/uapi/linux/libc-compat.h -index a159991..22198fa 100644 ---- a/include/uapi/linux/libc-compat.h -+++ b/include/uapi/linux/libc-compat.h -@@ -50,10 +50,12 @@ - #define _LIBC_COMPAT_H - - /* We have included glibc headers... */ --#if defined(__GLIBC__) -+#if 1 -+#define __USE_MISC - - /* Coordinate with glibc net/if.h header. */ - #if defined(_NET_IF_H) && defined(__USE_MISC) -+#define __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO 0 - - /* GLIBC headers included first so don't define anything - * that would already be defined. */ diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_6.7.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_6.7.0.bb index 8c460adf73..fd05707cec 100644 --- a/poky/meta/recipes-connectivity/iproute2/iproute2_6.7.0.bb +++ b/poky/meta/recipes-connectivity/iproute2/iproute2_6.7.0.bb @@ -11,9 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ DEPENDS = "flex-native bison-native iptables libcap" -SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ - file://0001-libc-compat.h-add-musl-workaround.patch \ - " +SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz" SRC_URI[sha256sum] = "ff942dd9828d7d1f867f61fe72ce433078c31e5d8e4a78e20f02cb5892e8841d" @@ -28,6 +26,8 @@ PACKAGECONFIG[selinux] = ",,libselinux" IPROUTE2_MAKE_SUBDIRS = "lib tc ip bridge misc genl ${@bb.utils.filter('PACKAGECONFIG', 'devlink tipc rdma', d)}" +# This is needed with GCC-14 and musl +CFLAGS += "-Wno-error=incompatible-pointer-types" # CFLAGS are computed in Makefile and reference CCOPTS # EXTRA_OEMAKE = "\ @@ -59,7 +59,6 @@ do_install () { INSANE_SKIP:${PN}-tc = "dev-so" IPROUTE2_PACKAGES =+ "\ - ${PN}-bridge \ ${PN}-devlink \ ${PN}-genl \ ${PN}-ifstat \ @@ -92,7 +91,6 @@ FILES:${PN}-tipc = "${base_sbindir}/tipc" FILES:${PN}-devlink = "${base_sbindir}/devlink" FILES:${PN}-rdma = "${base_sbindir}/rdma" FILES:${PN}-routel = "${base_sbindir}/routel" -FILES:${PN}-bridge = "${base_sbindir}/bridge" RDEPENDS:${PN}-routel = "python3-core" diff --git a/poky/meta/recipes-connectivity/kea/files/0001-kea-fix-reproducible-build-failure.patch b/poky/meta/recipes-connectivity/kea/files/0001-kea-fix-reproducible-build-failure.patch deleted file mode 100644 index 8a5bd00302..0000000000 --- a/poky/meta/recipes-connectivity/kea/files/0001-kea-fix-reproducible-build-failure.patch +++ /dev/null @@ -1,62 +0,0 @@ -From f9bcfed5a1d44d9211c5f6eba403a9898c8c9057 Mon Sep 17 00:00:00 2001 -From: Sudip Mukherjee <sudipm.mukherjee@gmail.com> -Date: Tue, 8 Aug 2023 19:03:13 +0100 -Subject: [PATCH] kea: fix reproducible build failure - -New version of Kea has started using path of build-dir instead of -src-dir which results in reproducible builds failure. -Use src-dir as is used in v2.2.0 - -Upstream-Status: Pending -https://gitlab.isc.org/isc-projects/kea/-/issues/3007 - -Upstream has confirmed the patch will not be accepted but discussions -with upstream is still going on, we might have a proper solution later. - -Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com> ---- - src/bin/admin/kea-admin.in | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/bin/admin/kea-admin.in b/src/bin/admin/kea-admin.in -index 034a0ee..8ab11ab 100644 ---- a/src/bin/admin/kea-admin.in -+++ b/src/bin/admin/kea-admin.in -@@ -51,14 +51,14 @@ dump_qry="" - if test -f "@datarootdir@/@PACKAGE_NAME@/scripts/admin-utils.sh"; then - . "@datarootdir@/@PACKAGE_NAME@/scripts/admin-utils.sh" - else -- . "@abs_top_builddir@/src/bin/admin/admin-utils.sh" -+ . "@abs_top_srcdir@/src/bin/admin/admin-utils.sh" - fi - - # Find the installed kea-lfc if available. Fallback to sources otherwise. - if test -x "@sbindir@/kea-lfc"; then - kea_lfc="@sbindir@/kea-lfc" - else -- kea_lfc="@abs_top_builddir@/src/bin/lfc/kea-lfc" -+ kea_lfc="@abs_top_srcdir@/src/bin/lfc/kea-lfc" - fi - - # Prints out usage version. -@@ -355,7 +355,7 @@ mysql_upgrade() { - # Check if there are any files in it - num_files=$(find "${upgrade_scripts_dir}" -name 'upgrade*.sh' -type f | wc -l) - if [ "$num_files" -eq 0 ]; then -- upgrade_scripts_dir=@abs_top_builddir@/src/share/database/scripts/mysql -+ upgrade_scripts_dir=@abs_top_srcdir@/src/share/database/scripts/mysql - - # Check if the scripts directory exists at all. - if [ ! -d ${upgrade_scripts_dir} ]; then -@@ -405,7 +405,7 @@ pgsql_upgrade() { - # Check if there are any files in it - num_files=$(find "${upgrade_scripts_dir}" -name 'upgrade*.sh' -type f | wc -l) - if [ "$num_files" -eq 0 ]; then -- upgrade_scripts_dir=@abs_top_builddir@/src/share/database/scripts/pgsql -+ upgrade_scripts_dir=@abs_top_srcdir@/src/share/database/scripts/pgsql - - # Check if the scripts directory exists at all. - if [ ! -d ${upgrade_scripts_dir} ]; then --- -2.39.2 - diff --git a/poky/meta/recipes-connectivity/kea/kea_2.4.1.bb b/poky/meta/recipes-connectivity/kea/kea_2.4.1.bb index c3aa4dc8f0..fcdb4889d9 100644 --- a/poky/meta/recipes-connectivity/kea/kea_2.4.1.bb +++ b/poky/meta/recipes-connectivity/kea/kea_2.4.1.bb @@ -17,7 +17,6 @@ SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \ file://fix-multilib-conflict.patch \ file://fix_pid_keactrl.patch \ file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \ - file://0001-kea-fix-reproducible-build-failure.patch \ " SRC_URI[sha256sum] = "815c61f5c271caa4a1db31dd656eb50a7f6ea973da3690f7c8581408e180131a" @@ -39,6 +38,7 @@ DEBUG_OPTIMIZATION:append:mipsel = " -O" BUILD_OPTIMIZATION:remove:mipsel = " -Og" BUILD_OPTIMIZATION:append:mipsel = " -O" +CXXFLAGS:remove = "-fvisibility-inlines-hidden" EXTRA_OECONF = "--with-boost-libs=-lboost_system \ --with-log4cplus=${STAGING_DIR_TARGET}${prefix} \ --with-openssl=${STAGING_DIR_TARGET}${prefix}" @@ -47,7 +47,7 @@ do_configure:prepend() { # replace abs_top_builddir to avoid introducing the build path # don't expand the abs_top_builddir on the target as the abs_top_builddir is meanlingless on the target find ${S} -type f -name *.sh.in | xargs sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" - sed -i "s:@abs_top_srcdir@:@abs_top_srcdir_placeholder@:g" ${S}/src/bin/admin/kea-admin.in + sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" ${S}/src/bin/admin/kea-admin.in } # patch out build host paths for reproducibility diff --git a/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch b/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch index f079d936a4..acda8f1ce9 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch +++ b/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch @@ -1,4 +1,4 @@ -From b02ef7621758f06eb686ef4f620636dbad086eda Mon Sep 17 00:00:00 2001 +From be187435911cde6cc3cef6982a508261074f1e56 Mon Sep 17 00:00:00 2001 From: Matt Jolly <Matt.Jolly@footclan.ninja> Date: Thu, 2 Feb 2023 21:05:40 +1100 Subject: [PATCH] systemd: Add optional support for systemd `sd_notify` @@ -15,10 +15,10 @@ Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> 2 files changed, 37 insertions(+) diff --git a/configure.ac b/configure.ac -index 82e8bb7..d1145d3 100644 +index 22fee70f..486c189f 100644 --- a/configure.ac +++ b/configure.ac -@@ -4870,6 +4870,29 @@ AC_SUBST([GSSLIBS]) +@@ -4835,6 +4835,29 @@ AC_SUBST([GSSLIBS]) AC_SUBST([K5LIBS]) AC_SUBST([CHANNELLIBS]) @@ -48,7 +48,7 @@ index 82e8bb7..d1145d3 100644 # Looking for programs, paths and files PRIVSEP_PATH=/var/empty -@@ -5688,6 +5711,7 @@ echo " libldns support: $LDNS_MSG" +@@ -5634,6 +5657,7 @@ echo " libldns support: $LDNS_MSG" echo " Solaris process contract support: $SPC_MSG" echo " Solaris project support: $SP_MSG" echo " Solaris privilege support: $SPP_MSG" @@ -57,7 +57,7 @@ index 82e8bb7..d1145d3 100644 echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" echo " BSD Auth support: $BSD_AUTH_MSG" diff --git a/sshd.c b/sshd.c -index b4f2b97..6820a41 100644 +index 6321936c..859d6a0b 100644 --- a/sshd.c +++ b/sshd.c @@ -88,6 +88,10 @@ @@ -71,7 +71,7 @@ index b4f2b97..6820a41 100644 #include "xmalloc.h" #include "ssh.h" #include "ssh2.h" -@@ -308,6 +312,10 @@ static void +@@ -310,6 +314,10 @@ static void sighup_restart(void) { logit("Received SIGHUP; restarting."); @@ -82,7 +82,7 @@ index b4f2b97..6820a41 100644 if (options.pid_file != NULL) unlink(options.pid_file); platform_pre_restart(); -@@ -2093,6 +2101,11 @@ main(int ac, char **av) +@@ -2086,6 +2094,11 @@ main(int ac, char **av) } } @@ -94,3 +94,6 @@ index b4f2b97..6820a41 100644 /* Accept a connection and return in a forked child */ server_accept_loop(&sock_in, &sock_out, &newsock, config_s); +-- +2.25.1 + diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch new file mode 100644 index 0000000000..3e7c707100 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch @@ -0,0 +1,27 @@ +Description: fix signal handler race condition +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2070497 + +CVE: CVE-2024-6387 + +Upstream-Status: Backport +https://git.launchpad.net/ubuntu/+source/openssh/commit/?h=applied/ubuntu/jammy-devel&id=b059bcfa928df4ff2d103ae2e8f4e3136ee03efc + +Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> + +--- a/log.c ++++ b/log.c +@@ -452,12 +452,14 @@ void + sshsigdie(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) + { ++#if 0 + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, + suffix, fmt, args); + va_end(args); ++#endif + _exit(1); + } + diff --git a/poky/meta/recipes-connectivity/openssh/openssh_9.7p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_9.6p1.bb index d1468c59fc..3cdf0327b0 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_9.7p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_9.6p1.bb @@ -27,8 +27,9 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://add-test-support-for-busybox.patch \ file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ + file://CVE-2024-6387.patch \ " -SRC_URI[sha256sum] = "490426f766d82a2763fcacd8d83ea3d70798750c7bd2aff2e57dc5660f773ffd" +SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here." diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch deleted file mode 100644 index 8772f716d5..0000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch +++ /dev/null @@ -1,120 +0,0 @@ -From e9d7083e241670332e0443da0f0d4ffb52829f08 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Tue, 5 Mar 2024 15:43:53 +0000 -Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3 - -In TLSv1.3 we create a new session object for each ticket that we send. -We do this by duplicating the original session. If SSL_OP_NO_TICKET is in -use then the new session will be added to the session cache. However, if -early data is not in use (and therefore anti-replay protection is being -used), then multiple threads could be resuming from the same session -simultaneously. If this happens and a problem occurs on one of the threads, -then the original session object could be marked as not_resumable. When we -duplicate the session object this not_resumable status gets copied into the -new session object. The new session object is then added to the session -cache even though it is not_resumable. - -Subsequently, another bug means that the session_id_length is set to 0 for -sessions that are marked as not_resumable - even though that session is -still in the cache. Once this happens the session can never be removed from -the cache. When that object gets to be the session cache tail object the -cache never shrinks again and grows indefinitely. - -CVE-2024-2511 - -Reviewed-by: Neil Horman <nhorman@openssl.org> -Reviewed-by: Tomas Mraz <tomas@openssl.org> -(Merged from https://github.com/openssl/openssl/pull/24043) - -CVE: CVE-2024-2511 -Upstream-Status: Backport [https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08] -Signed-off-by: Peter Marko <peter.marko@siemens.com> ---- - ssl/ssl_lib.c | 5 +++-- - ssl/ssl_sess.c | 28 ++++++++++++++++++++++------ - ssl/statem/statem_srvr.c | 5 ++--- - 3 files changed, 27 insertions(+), 11 deletions(-) - -diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c -index 4afb43bc86e54..c51529ddab5bb 100644 ---- a/ssl/ssl_lib.c -+++ b/ssl/ssl_lib.c -@@ -4457,9 +4457,10 @@ void ssl_update_cache(SSL_CONNECTION *s, int mode) - - /* - * If the session_id_length is 0, we are not supposed to cache it, and it -- * would be rather hard to do anyway :-) -+ * would be rather hard to do anyway :-). Also if the session has already -+ * been marked as not_resumable we should not cache it for later reuse. - */ -- if (s->session->session_id_length == 0) -+ if (s->session->session_id_length == 0 || s->session->not_resumable) - return; - - /* -diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c -index 3dcc4d81e5bc6..1fa6d17c46863 100644 ---- a/ssl/ssl_sess.c -+++ b/ssl/ssl_sess.c -@@ -127,16 +127,11 @@ SSL_SESSION *SSL_SESSION_new(void) - return ss; - } - --SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) --{ -- return ssl_session_dup(src, 1); --} -- - /* - * Create a new SSL_SESSION and duplicate the contents of |src| into it. If - * ticket == 0 then no ticket information is duplicated, otherwise it is. - */ --SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) -+static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket) - { - SSL_SESSION *dest; - -@@ -265,6 +260,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) - return NULL; - } - -+SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) -+{ -+ return ssl_session_dup_intern(src, 1); -+} -+ -+/* -+ * Used internally when duplicating a session which might be already shared. -+ * We will have resumed the original session. Subsequently we might have marked -+ * it as non-resumable (e.g. in another thread) - but this copy should be ok to -+ * resume from. -+ */ -+SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) -+{ -+ SSL_SESSION *sess = ssl_session_dup_intern(src, ticket); -+ -+ if (sess != NULL) -+ sess->not_resumable = 0; -+ -+ return sess; -+} -+ - const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) - { - if (len) -diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c -index 853af8c0aa9f9..d5f0ab091dacc 100644 ---- a/ssl/statem/statem_srvr.c -+++ b/ssl/statem/statem_srvr.c -@@ -2445,9 +2445,8 @@ CON_FUNC_RETURN tls_construct_server_hello(SSL_CONNECTION *s, WPACKET *pkt) - * so the following won't overwrite an ID that we're supposed - * to send back. - */ -- if (s->session->not_resumable || -- (!(SSL_CONNECTION_GET_CTX(s)->session_cache_mode & SSL_SESS_CACHE_SERVER) -- && !s->hit)) -+ if (!(SSL_CONNECTION_GET_CTX(s)->session_cache_mode & SSL_SESS_CACHE_SERVER) -+ && !s->hit) - s->session->session_id_length = 0; - - if (usetls13) { diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch new file mode 100644 index 0000000000..d5c178eeab --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch @@ -0,0 +1,113 @@ +From b63b4db52e10677db4ab46b608aabd55a44668aa Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 31 May 2024 11:14:33 +0100 +Subject: [PATCH 01/10] Fix SSL_select_next_proto + +Ensure that the provided client list is non-NULL and starts with a valid +entry. When called from the ALPN callback the client list should already +have been validated by OpenSSL so this should not cause a problem. When +called from the NPN callback the client list is locally configured and +will not have already been validated. Therefore SSL_select_next_proto +should not assume that it is correctly formatted. + +We implement stricter checking of the client protocol list. We also do the +same for the server list while we are about it. + +CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + ssl/ssl_lib.c | 63 ++++++++++++++++++++++++++++++++------------------- + 1 file changed, 40 insertions(+), 23 deletions(-) + +diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c +index 016135f..cf52b31 100644 +--- a/ssl/ssl_lib.c ++++ b/ssl/ssl_lib.c +@@ -3518,37 +3518,54 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, + unsigned int server_len, + const unsigned char *client, unsigned int client_len) + { +- unsigned int i, j; +- const unsigned char *result; +- int status = OPENSSL_NPN_UNSUPPORTED; ++ PACKET cpkt, csubpkt, spkt, ssubpkt; ++ ++ if (!PACKET_buf_init(&cpkt, client, client_len) ++ || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt) ++ || PACKET_remaining(&csubpkt) == 0) { ++ *out = NULL; ++ *outlen = 0; ++ return OPENSSL_NPN_NO_OVERLAP; ++ } ++ ++ /* ++ * Set the default opportunistic protocol. Will be overwritten if we find ++ * a match. ++ */ ++ *out = (unsigned char *)PACKET_data(&csubpkt); ++ *outlen = (unsigned char)PACKET_remaining(&csubpkt); + + /* + * For each protocol in server preference order, see if we support it. + */ +- for (i = 0; i < server_len;) { +- for (j = 0; j < client_len;) { +- if (server[i] == client[j] && +- memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) { +- /* We found a match */ +- result = &server[i]; +- status = OPENSSL_NPN_NEGOTIATED; +- goto found; ++ if (PACKET_buf_init(&spkt, server, server_len)) { ++ while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) { ++ if (PACKET_remaining(&ssubpkt) == 0) ++ continue; /* Invalid - ignore it */ ++ if (PACKET_buf_init(&cpkt, client, client_len)) { ++ while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) { ++ if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt), ++ PACKET_remaining(&ssubpkt))) { ++ /* We found a match */ ++ *out = (unsigned char *)PACKET_data(&ssubpkt); ++ *outlen = (unsigned char)PACKET_remaining(&ssubpkt); ++ return OPENSSL_NPN_NEGOTIATED; ++ } ++ } ++ /* Ignore spurious trailing bytes in the client list */ ++ } else { ++ /* This should never happen */ ++ return OPENSSL_NPN_NO_OVERLAP; + } +- j += client[j]; +- j++; + } +- i += server[i]; +- i++; ++ /* Ignore spurious trailing bytes in the server list */ + } + +- /* There's no overlap between our protocols and the server's list. */ +- result = client; +- status = OPENSSL_NPN_NO_OVERLAP; +- +- found: +- *out = (unsigned char *)result + 1; +- *outlen = result[0]; +- return status; ++ /* ++ * There's no overlap between our protocols and the server's list. We use ++ * the default opportunistic protocol selected earlier ++ */ ++ return OPENSSL_NPN_NO_OVERLAP; + } + + #ifndef OPENSSL_NO_NEXTPROTONEG +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch new file mode 100644 index 0000000000..7cc36f20ab --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch @@ -0,0 +1,203 @@ +From 61cad53901703944d22f1cd6a1b57460f2270599 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 21 Jun 2024 14:29:26 +0100 +Subject: [PATCH 10/10] Add a test for an empty NextProto message + +It is valid according to the spec for a NextProto message to have no +protocols listed in it. The OpenSSL implementation however does not allow +us to create such a message. In order to check that we work as expected +when communicating with a client that does generate such messages we have +to use a TLSProxy test. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/301b870546d1c7b2d8f0d66e04a2596142f0399f] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + test/recipes/70-test_npn.t | 73 +++++++++++++++++++++++++++++++++ + util/perl/TLSProxy/Message.pm | 9 ++++ + util/perl/TLSProxy/NextProto.pm | 54 ++++++++++++++++++++++++ + util/perl/TLSProxy/Proxy.pm | 1 + + 4 files changed, 137 insertions(+) + create mode 100644 test/recipes/70-test_npn.t + create mode 100644 util/perl/TLSProxy/NextProto.pm + +diff --git a/test/recipes/70-test_npn.t b/test/recipes/70-test_npn.t +new file mode 100644 +index 0000000..f82e71a +--- /dev/null ++++ b/test/recipes/70-test_npn.t +@@ -0,0 +1,73 @@ ++#! /usr/bin/env perl ++# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++use strict; ++use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file/; ++use OpenSSL::Test::Utils; ++ ++use TLSProxy::Proxy; ++ ++my $test_name = "test_npn"; ++setup($test_name); ++ ++plan skip_all => "TLSProxy isn't usable on $^O" ++ if $^O =~ /^(VMS)$/; ++ ++plan skip_all => "$test_name needs the dynamic engine feature enabled" ++ if disabled("engine") || disabled("dynamic-engine"); ++ ++plan skip_all => "$test_name needs the sock feature enabled" ++ if disabled("sock"); ++ ++plan skip_all => "$test_name needs NPN enabled" ++ if disabled("nextprotoneg"); ++ ++plan skip_all => "$test_name needs TLSv1.2 enabled" ++ if disabled("tls1_2"); ++ ++my $proxy = TLSProxy::Proxy->new( ++ undef, ++ cmdstr(app(["openssl"]), display => 1), ++ srctop_file("apps", "server.pem"), ++ (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ++); ++ ++$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; ++plan tests => 1; ++ ++my $npnseen = 0; ++ ++# Test 1: Check sending an empty NextProto message from the client works. This is ++# valid as per the spec, but OpenSSL does not allow you to send it. ++# Therefore we must be prepared to receive such a message but we cannot ++# generate it except via TLSProxy ++$proxy->clear(); ++$proxy->filter(\&npn_filter); ++$proxy->clientflags("-nextprotoneg foo -no_tls1_3"); ++$proxy->serverflags("-nextprotoneg foo"); ++$proxy->start(); ++ok($npnseen && TLSProxy::Message->success(), "Empty NPN message"); ++ ++sub npn_filter ++{ ++ my $proxy = shift; ++ my $message; ++ ++ # The NextProto message always appears in flight 2 ++ return if $proxy->flight != 2; ++ ++ foreach my $message (@{$proxy->message_list}) { ++ if ($message->mt == TLSProxy::Message::MT_NEXT_PROTO) { ++ # Our TLSproxy NextProto message support doesn't support parsing of ++ # the message. If we repack it just creates an empty NextProto ++ # message - which is exactly the scenario we want to test here. ++ $message->repack(); ++ $npnseen = 1; ++ } ++ } ++} +diff --git a/util/perl/TLSProxy/Message.pm b/util/perl/TLSProxy/Message.pm +index ce22187..fb41b2f 100644 +--- a/util/perl/TLSProxy/Message.pm ++++ b/util/perl/TLSProxy/Message.pm +@@ -384,6 +384,15 @@ sub create_message + [@message_frag_lens] + ); + $message->parse(); ++ } elsif ($mt == MT_NEXT_PROTO) { ++ $message = TLSProxy::NextProto->new( ++ $server, ++ $data, ++ [@message_rec_list], ++ $startoffset, ++ [@message_frag_lens] ++ ); ++ $message->parse(); + } else { + #Unknown message type + $message = TLSProxy::Message->new( +diff --git a/util/perl/TLSProxy/NextProto.pm b/util/perl/TLSProxy/NextProto.pm +new file mode 100644 +index 0000000..0e18347 +--- /dev/null ++++ b/util/perl/TLSProxy/NextProto.pm +@@ -0,0 +1,54 @@ ++# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++use strict; ++ ++package TLSProxy::NextProto; ++ ++use vars '@ISA'; ++push @ISA, 'TLSProxy::Message'; ++ ++sub new ++{ ++ my $class = shift; ++ my ($server, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens) = @_; ++ ++ my $self = $class->SUPER::new( ++ $server, ++ TLSProxy::Message::MT_NEXT_PROTO, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens); ++ ++ return $self; ++} ++ ++sub parse ++{ ++ # We don't support parsing at the moment ++} ++ ++# This is supposed to reconstruct the on-the-wire message data following changes. ++# For now though since we don't support parsing we just create an empty NextProto ++# message - this capability is used in test_npn ++sub set_message_contents ++{ ++ my $self = shift; ++ my $data; ++ ++ $data = pack("C32", 0x00, 0x1e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00); ++ $self->data($data); ++} ++1; +diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm +index 3de10ec..b707722 100644 +--- a/util/perl/TLSProxy/Proxy.pm ++++ b/util/perl/TLSProxy/Proxy.pm +@@ -23,6 +23,7 @@ use TLSProxy::CertificateRequest; + use TLSProxy::CertificateVerify; + use TLSProxy::ServerKeyExchange; + use TLSProxy::NewSessionTicket; ++use TLSProxy::NextProto; + + my $have_IPv6; + my $IP_factory; +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch new file mode 100644 index 0000000000..768304f00b --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch @@ -0,0 +1,43 @@ +From 6de1d37cd129b0af5b4a247c76f97b98e70b108b Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 31 May 2024 11:18:27 +0100 +Subject: [PATCH 02/10] More correctly handle a selected_len of 0 when + processing NPN + +In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but +the selected_len is 0 we should fail. Previously this would fail with an +internal_error alert because calling OPENSSL_malloc(selected_len) will +return NULL when selected_len is 0. We make this error detection more +explicit and return a handshake failure alert. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/015255851371757d54c2560643eb3b3a88123cf1] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + ssl/statem/extensions_clnt.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c +index 381a6c9..1ab3c13 100644 +--- a/ssl/statem/extensions_clnt.c ++++ b/ssl/statem/extensions_clnt.c +@@ -1560,8 +1560,8 @@ int tls_parse_stoc_npn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, + if (sctx->ext.npn_select_cb(SSL_CONNECTION_GET_SSL(s), + &selected, &selected_len, + PACKET_data(pkt), PACKET_remaining(pkt), +- sctx->ext.npn_select_cb_arg) != +- SSL_TLSEXT_ERR_OK) { ++ sctx->ext.npn_select_cb_arg) != SSL_TLSEXT_ERR_OK ++ || selected_len == 0) { + SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_EXTENSION); + return 0; + } +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch new file mode 100644 index 0000000000..d6d4d869be --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch @@ -0,0 +1,38 @@ +From 4f9334a33da89949f97927c8fe7df1003c42cda4 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 31 May 2024 11:22:13 +0100 +Subject: [PATCH 03/10] Use correctly formatted ALPN data in tserver + +The QUIC test server was using incorrectly formatted ALPN data. With the +previous implementation of SSL_select_next_proto this went unnoticed. With +the new stricter implemenation it was failing. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/6cc511826f09e513b4ec066d9b95acaf4f86d991] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + ssl/quic/quic_tserver.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/quic/quic_tserver.c b/ssl/quic/quic_tserver.c +index 86187d0..15694e7 100644 +--- a/ssl/quic/quic_tserver.c ++++ b/ssl/quic/quic_tserver.c +@@ -58,7 +58,7 @@ static int alpn_select_cb(SSL *ssl, const unsigned char **out, + + if (srv->args.alpn == NULL) { + alpn = alpndeflt; +- alpnlen = sizeof(alpn); ++ alpnlen = sizeof(alpndeflt); + } else { + alpn = srv->args.alpn; + alpnlen = srv->args.alpnlen; +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch new file mode 100644 index 0000000000..03fc1168f9 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch @@ -0,0 +1,82 @@ +From 5145a1f50e44c9f86127a76f01519a9f25157290 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 31 May 2024 11:46:38 +0100 +Subject: [PATCH 04/10] Clarify the SSL_select_next_proto() documentation + +We clarify the input preconditions and the expected behaviour in the event +of no overlap. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/8e81c57adbbf703dfb63955f65599765fdacc741] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + doc/man3/SSL_CTX_set_alpn_select_cb.pod | 26 +++++++++++++++++-------- + 1 file changed, 18 insertions(+), 8 deletions(-) + +diff --git a/doc/man3/SSL_CTX_set_alpn_select_cb.pod b/doc/man3/SSL_CTX_set_alpn_select_cb.pod +index 05fee2f..79e1a25 100644 +--- a/doc/man3/SSL_CTX_set_alpn_select_cb.pod ++++ b/doc/man3/SSL_CTX_set_alpn_select_cb.pod +@@ -52,7 +52,8 @@ SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated + SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to + set the list of protocols available to be negotiated. The B<protos> must be in + protocol-list format, described below. The length of B<protos> is specified in +-B<protos_len>. ++B<protos_len>. Setting B<protos_len> to 0 clears any existing list of ALPN ++protocols and no ALPN extension will be sent to the server. + + SSL_CTX_set_alpn_select_cb() sets the application callback B<cb> used by a + server to select which protocol to use for the incoming connection. When B<cb> +@@ -73,9 +74,16 @@ B<server_len> and B<client>, B<client_len> must be in the protocol-list format + described below. The first item in the B<server>, B<server_len> list that + matches an item in the B<client>, B<client_len> list is selected, and returned + in B<out>, B<outlen>. The B<out> value will point into either B<server> or +-B<client>, so it should be copied immediately. If no match is found, the first +-item in B<client>, B<client_len> is returned in B<out>, B<outlen>. This +-function can also be used in the NPN callback. ++B<client>, so it should be copied immediately. The client list must include at ++least one valid (nonempty) protocol entry in the list. ++ ++The SSL_select_next_proto() helper function can be useful from either the ALPN ++callback or the NPN callback (described below). If no match is found, the first ++item in B<client>, B<client_len> is returned in B<out>, B<outlen> and ++B<OPENSSL_NPN_NO_OVERLAP> is returned. This can be useful when implementating ++the NPN callback. In the ALPN case, the value returned in B<out> and B<outlen> ++must be ignored if B<OPENSSL_NPN_NO_OVERLAP> has been returned from ++SSL_select_next_proto(). + + SSL_CTX_set_next_proto_select_cb() sets a callback B<cb> that is called when a + client needs to select a protocol from the server's provided list, and a +@@ -85,9 +93,10 @@ must be set to point to the selected protocol (which may be within B<in>). + The length of the protocol name must be written into B<outlen>. The + server's advertised protocols are provided in B<in> and B<inlen>. The + callback can assume that B<in> is syntactically valid. The client must +-select a protocol. It is fatal to the connection if this callback returns +-a value other than B<SSL_TLSEXT_ERR_OK>. The B<arg> parameter is the pointer +-set via SSL_CTX_set_next_proto_select_cb(). ++select a protocol (although it may be an empty, zero length protocol). It is ++fatal to the connection if this callback returns a value other than ++B<SSL_TLSEXT_ERR_OK> or if the zero length protocol is selected. The B<arg> ++parameter is the pointer set via SSL_CTX_set_next_proto_select_cb(). + + SSL_CTX_set_next_protos_advertised_cb() sets a callback B<cb> that is called + when a TLS server needs a list of supported protocols for Next Protocol +@@ -154,7 +163,8 @@ A match was found and is returned in B<out>, B<outlen>. + =item OPENSSL_NPN_NO_OVERLAP + + No match was found. The first item in B<client>, B<client_len> is returned in +-B<out>, B<outlen>. ++B<out>, B<outlen> (or B<NULL> and 0 in the case where the first entry in ++B<client> is invalid). + + =back + +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch new file mode 100644 index 0000000000..e439d9b59a --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch @@ -0,0 +1,176 @@ +From 01d44bc7f50670002cad495654fd99a6371d7662 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 31 May 2024 16:35:16 +0100 +Subject: [PATCH 05/10] Add a test for SSL_select_next_proto + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/add5c52a25c549cec4a730cdf96e2252f0a1862d] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + test/sslapitest.c | 137 ++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 137 insertions(+) + +diff --git a/test/sslapitest.c b/test/sslapitest.c +index ce16332..15cb906 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -11741,6 +11741,142 @@ static int test_multi_resume(int idx) + return testresult; + } + ++static struct next_proto_st { ++ int serverlen; ++ unsigned char server[40]; ++ int clientlen; ++ unsigned char client[40]; ++ int expected_ret; ++ size_t selectedlen; ++ unsigned char selected[40]; ++} next_proto_tests[] = { ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 7, { 3, 'a', 'b', 'c', 2, 'a', 'b' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c', }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 7, { 3, 'a', 'b', 'c', 2, 'a', 'b', }, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c'}, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 7, { 2, 'b', 'c', 3, 'a', 'b', 'c' }, ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c'}, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 10, { 2, 'b', 'c', 3, 'a', 'b', 'c', 2, 'a', 'b' }, ++ 7, { 2, 'a', 'b', 3, 'a', 'b', 'c'}, ++ OPENSSL_NPN_NEGOTIATED, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'b', 'c', 'd' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 0, { 0 }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ -1, { 0 }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 0, { 0 }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 0, { 0 } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ -1, { 0 }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 0, { 0 } ++ }, ++ { ++ 3, { 3, 'a', 'b', 'c' }, ++ 4, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 3, { 'a', 'b', 'c' } ++ }, ++ { ++ 4, { 3, 'a', 'b', 'c' }, ++ 3, { 3, 'a', 'b', 'c' }, ++ OPENSSL_NPN_NO_OVERLAP, ++ 0, { 0 } ++ } ++}; ++ ++static int test_select_next_proto(int idx) ++{ ++ struct next_proto_st *np = &next_proto_tests[idx]; ++ int ret = 0; ++ unsigned char *out, *client, *server; ++ unsigned char outlen; ++ unsigned int clientlen, serverlen; ++ ++ if (np->clientlen == -1) { ++ client = NULL; ++ clientlen = 0; ++ } else { ++ client = np->client; ++ clientlen = (unsigned int)np->clientlen; ++ } ++ if (np->serverlen == -1) { ++ server = NULL; ++ serverlen = 0; ++ } else { ++ server = np->server; ++ serverlen = (unsigned int)np->serverlen; ++ } ++ ++ if (!TEST_int_eq(SSL_select_next_proto(&out, &outlen, server, serverlen, ++ client, clientlen), ++ np->expected_ret)) ++ goto err; ++ ++ if (np->selectedlen == 0) { ++ if (!TEST_ptr_null(out) || !TEST_uchar_eq(outlen, 0)) ++ goto err; ++ } else { ++ if (!TEST_mem_eq(out, outlen, np->selected, np->selectedlen)) ++ goto err; ++ } ++ ++ ret = 1; ++ err: ++ return ret; ++} ++ + OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n") + + int setup_tests(void) +@@ -12053,6 +12189,7 @@ int setup_tests(void) + ADD_ALL_TESTS(test_handshake_retry, 16); + ADD_TEST(test_data_retry); + ADD_ALL_TESTS(test_multi_resume, 5); ++ ADD_ALL_TESTS(test_select_next_proto, OSSL_NELEM(next_proto_tests)); + return 1; + + err: +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch new file mode 100644 index 0000000000..df24702fa6 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch @@ -0,0 +1,1173 @@ +From e344d0b5860560ffa59415ea4028ba7760b2a773 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Tue, 4 Jun 2024 15:47:32 +0100 +Subject: [PATCH 06/10] Allow an empty NPN/ALPN protocol list in the tests + +Allow ourselves to configure an empty NPN/ALPN protocol list and test what +happens if we do. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/7ea1f6a85b299b976cb3f756b2a7f0153f31b2b6] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + test/helpers/handshake.c | 6 + + test/ssl-tests/08-npn.cnf | 553 +++++++++++++++++++--------------- + test/ssl-tests/08-npn.cnf.in | 35 +++ + test/ssl-tests/09-alpn.cnf | 66 +++- + test/ssl-tests/09-alpn.cnf.in | 33 ++ + 5 files changed, 449 insertions(+), 244 deletions(-) + +diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c +index ae2ad59..b66b2f5 100644 +--- a/test/helpers/handshake.c ++++ b/test/helpers/handshake.c +@@ -444,6 +444,12 @@ static int parse_protos(const char *protos, unsigned char **out, size_t *outlen) + + len = strlen(protos); + ++ if (len == 0) { ++ *out = NULL; ++ *outlen = 0; ++ return 1; ++ } ++ + /* Should never have reuse. */ + if (!TEST_ptr_null(*out) + /* Test values are small, so we omit length limit checks. */ +diff --git a/test/ssl-tests/08-npn.cnf b/test/ssl-tests/08-npn.cnf +index f38b3f6..1931d02 100644 +--- a/test/ssl-tests/08-npn.cnf ++++ b/test/ssl-tests/08-npn.cnf +@@ -1,6 +1,6 @@ + # Generated with generate_ssl_tests.pl + +-num_tests = 20 ++num_tests = 22 + + test-0 = 0-npn-simple + test-1 = 1-npn-client-finds-match +@@ -8,20 +8,22 @@ test-2 = 2-npn-client-honours-server-pref + test-3 = 3-npn-client-first-pref-on-mismatch + test-4 = 4-npn-no-server-support + test-5 = 5-npn-no-client-support +-test-6 = 6-npn-with-sni-no-context-switch +-test-7 = 7-npn-with-sni-context-switch +-test-8 = 8-npn-selected-sni-server-supports-npn +-test-9 = 9-npn-selected-sni-server-does-not-support-npn +-test-10 = 10-alpn-preferred-over-npn +-test-11 = 11-sni-npn-preferred-over-alpn +-test-12 = 12-npn-simple-resumption +-test-13 = 13-npn-server-switch-resumption +-test-14 = 14-npn-client-switch-resumption +-test-15 = 15-npn-client-first-pref-on-mismatch-resumption +-test-16 = 16-npn-no-server-support-resumption +-test-17 = 17-npn-no-client-support-resumption +-test-18 = 18-alpn-preferred-over-npn-resumption +-test-19 = 19-npn-used-if-alpn-not-supported-resumption ++test-6 = 6-npn-empty-client-list ++test-7 = 7-npn-empty-server-list ++test-8 = 8-npn-with-sni-no-context-switch ++test-9 = 9-npn-with-sni-context-switch ++test-10 = 10-npn-selected-sni-server-supports-npn ++test-11 = 11-npn-selected-sni-server-does-not-support-npn ++test-12 = 12-alpn-preferred-over-npn ++test-13 = 13-sni-npn-preferred-over-alpn ++test-14 = 14-npn-simple-resumption ++test-15 = 15-npn-server-switch-resumption ++test-16 = 16-npn-client-switch-resumption ++test-17 = 17-npn-client-first-pref-on-mismatch-resumption ++test-18 = 18-npn-no-server-support-resumption ++test-19 = 19-npn-no-client-support-resumption ++test-20 = 20-alpn-preferred-over-npn-resumption ++test-21 = 21-npn-used-if-alpn-not-supported-resumption + # =========================================================== + + [0-npn-simple] +@@ -206,253 +208,318 @@ NPNProtocols = foo + + # =========================================================== + +-[6-npn-with-sni-no-context-switch] +-ssl_conf = 6-npn-with-sni-no-context-switch-ssl ++[6-npn-empty-client-list] ++ssl_conf = 6-npn-empty-client-list-ssl + +-[6-npn-with-sni-no-context-switch-ssl] +-server = 6-npn-with-sni-no-context-switch-server +-client = 6-npn-with-sni-no-context-switch-client +-server2 = 6-npn-with-sni-no-context-switch-server2 ++[6-npn-empty-client-list-ssl] ++server = 6-npn-empty-client-list-server ++client = 6-npn-empty-client-list-client + +-[6-npn-with-sni-no-context-switch-server] ++[6-npn-empty-client-list-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[6-npn-with-sni-no-context-switch-server2] ++[6-npn-empty-client-list-client] ++CipherString = DEFAULT ++MaxProtocol = TLSv1.2 ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-6] ++ExpectedClientAlert = HandshakeFailure ++ExpectedResult = ClientFail ++server = 6-npn-empty-client-list-server-extra ++client = 6-npn-empty-client-list-client-extra ++ ++[6-npn-empty-client-list-server-extra] ++NPNProtocols = foo ++ ++[6-npn-empty-client-list-client-extra] ++NPNProtocols = ++ ++ ++# =========================================================== ++ ++[7-npn-empty-server-list] ++ssl_conf = 7-npn-empty-server-list-ssl ++ ++[7-npn-empty-server-list-ssl] ++server = 7-npn-empty-server-list-server ++client = 7-npn-empty-server-list-client ++ ++[7-npn-empty-server-list-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[6-npn-with-sni-no-context-switch-client] ++[7-npn-empty-server-list-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-6] ++[test-7] ++ExpectedNPNProtocol = foo ++server = 7-npn-empty-server-list-server-extra ++client = 7-npn-empty-server-list-client-extra ++ ++[7-npn-empty-server-list-server-extra] ++NPNProtocols = ++ ++[7-npn-empty-server-list-client-extra] ++NPNProtocols = foo ++ ++ ++# =========================================================== ++ ++[8-npn-with-sni-no-context-switch] ++ssl_conf = 8-npn-with-sni-no-context-switch-ssl ++ ++[8-npn-with-sni-no-context-switch-ssl] ++server = 8-npn-with-sni-no-context-switch-server ++client = 8-npn-with-sni-no-context-switch-client ++server2 = 8-npn-with-sni-no-context-switch-server2 ++ ++[8-npn-with-sni-no-context-switch-server] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[8-npn-with-sni-no-context-switch-server2] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[8-npn-with-sni-no-context-switch-client] ++CipherString = DEFAULT ++MaxProtocol = TLSv1.2 ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-8] + ExpectedNPNProtocol = foo + ExpectedServerName = server1 +-server = 6-npn-with-sni-no-context-switch-server-extra +-server2 = 6-npn-with-sni-no-context-switch-server2-extra +-client = 6-npn-with-sni-no-context-switch-client-extra ++server = 8-npn-with-sni-no-context-switch-server-extra ++server2 = 8-npn-with-sni-no-context-switch-server2-extra ++client = 8-npn-with-sni-no-context-switch-client-extra + +-[6-npn-with-sni-no-context-switch-server-extra] ++[8-npn-with-sni-no-context-switch-server-extra] + NPNProtocols = foo + ServerNameCallback = IgnoreMismatch + +-[6-npn-with-sni-no-context-switch-server2-extra] ++[8-npn-with-sni-no-context-switch-server2-extra] + NPNProtocols = bar + +-[6-npn-with-sni-no-context-switch-client-extra] ++[8-npn-with-sni-no-context-switch-client-extra] + NPNProtocols = foo,bar + ServerName = server1 + + + # =========================================================== + +-[7-npn-with-sni-context-switch] +-ssl_conf = 7-npn-with-sni-context-switch-ssl ++[9-npn-with-sni-context-switch] ++ssl_conf = 9-npn-with-sni-context-switch-ssl + +-[7-npn-with-sni-context-switch-ssl] +-server = 7-npn-with-sni-context-switch-server +-client = 7-npn-with-sni-context-switch-client +-server2 = 7-npn-with-sni-context-switch-server2 ++[9-npn-with-sni-context-switch-ssl] ++server = 9-npn-with-sni-context-switch-server ++client = 9-npn-with-sni-context-switch-client ++server2 = 9-npn-with-sni-context-switch-server2 + +-[7-npn-with-sni-context-switch-server] ++[9-npn-with-sni-context-switch-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[7-npn-with-sni-context-switch-server2] ++[9-npn-with-sni-context-switch-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[7-npn-with-sni-context-switch-client] ++[9-npn-with-sni-context-switch-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-7] ++[test-9] + ExpectedNPNProtocol = bar + ExpectedServerName = server2 +-server = 7-npn-with-sni-context-switch-server-extra +-server2 = 7-npn-with-sni-context-switch-server2-extra +-client = 7-npn-with-sni-context-switch-client-extra ++server = 9-npn-with-sni-context-switch-server-extra ++server2 = 9-npn-with-sni-context-switch-server2-extra ++client = 9-npn-with-sni-context-switch-client-extra + +-[7-npn-with-sni-context-switch-server-extra] ++[9-npn-with-sni-context-switch-server-extra] + NPNProtocols = foo + ServerNameCallback = IgnoreMismatch + +-[7-npn-with-sni-context-switch-server2-extra] ++[9-npn-with-sni-context-switch-server2-extra] + NPNProtocols = bar + +-[7-npn-with-sni-context-switch-client-extra] ++[9-npn-with-sni-context-switch-client-extra] + NPNProtocols = foo,bar + ServerName = server2 + + + # =========================================================== + +-[8-npn-selected-sni-server-supports-npn] +-ssl_conf = 8-npn-selected-sni-server-supports-npn-ssl ++[10-npn-selected-sni-server-supports-npn] ++ssl_conf = 10-npn-selected-sni-server-supports-npn-ssl + +-[8-npn-selected-sni-server-supports-npn-ssl] +-server = 8-npn-selected-sni-server-supports-npn-server +-client = 8-npn-selected-sni-server-supports-npn-client +-server2 = 8-npn-selected-sni-server-supports-npn-server2 ++[10-npn-selected-sni-server-supports-npn-ssl] ++server = 10-npn-selected-sni-server-supports-npn-server ++client = 10-npn-selected-sni-server-supports-npn-client ++server2 = 10-npn-selected-sni-server-supports-npn-server2 + +-[8-npn-selected-sni-server-supports-npn-server] ++[10-npn-selected-sni-server-supports-npn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[8-npn-selected-sni-server-supports-npn-server2] ++[10-npn-selected-sni-server-supports-npn-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[8-npn-selected-sni-server-supports-npn-client] ++[10-npn-selected-sni-server-supports-npn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-8] ++[test-10] + ExpectedNPNProtocol = bar + ExpectedServerName = server2 +-server = 8-npn-selected-sni-server-supports-npn-server-extra +-server2 = 8-npn-selected-sni-server-supports-npn-server2-extra +-client = 8-npn-selected-sni-server-supports-npn-client-extra ++server = 10-npn-selected-sni-server-supports-npn-server-extra ++server2 = 10-npn-selected-sni-server-supports-npn-server2-extra ++client = 10-npn-selected-sni-server-supports-npn-client-extra + +-[8-npn-selected-sni-server-supports-npn-server-extra] ++[10-npn-selected-sni-server-supports-npn-server-extra] + ServerNameCallback = IgnoreMismatch + +-[8-npn-selected-sni-server-supports-npn-server2-extra] ++[10-npn-selected-sni-server-supports-npn-server2-extra] + NPNProtocols = bar + +-[8-npn-selected-sni-server-supports-npn-client-extra] ++[10-npn-selected-sni-server-supports-npn-client-extra] + NPNProtocols = foo,bar + ServerName = server2 + + + # =========================================================== + +-[9-npn-selected-sni-server-does-not-support-npn] +-ssl_conf = 9-npn-selected-sni-server-does-not-support-npn-ssl ++[11-npn-selected-sni-server-does-not-support-npn] ++ssl_conf = 11-npn-selected-sni-server-does-not-support-npn-ssl + +-[9-npn-selected-sni-server-does-not-support-npn-ssl] +-server = 9-npn-selected-sni-server-does-not-support-npn-server +-client = 9-npn-selected-sni-server-does-not-support-npn-client +-server2 = 9-npn-selected-sni-server-does-not-support-npn-server2 ++[11-npn-selected-sni-server-does-not-support-npn-ssl] ++server = 11-npn-selected-sni-server-does-not-support-npn-server ++client = 11-npn-selected-sni-server-does-not-support-npn-client ++server2 = 11-npn-selected-sni-server-does-not-support-npn-server2 + +-[9-npn-selected-sni-server-does-not-support-npn-server] ++[11-npn-selected-sni-server-does-not-support-npn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[9-npn-selected-sni-server-does-not-support-npn-server2] ++[11-npn-selected-sni-server-does-not-support-npn-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[9-npn-selected-sni-server-does-not-support-npn-client] ++[11-npn-selected-sni-server-does-not-support-npn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-9] ++[test-11] + ExpectedServerName = server2 +-server = 9-npn-selected-sni-server-does-not-support-npn-server-extra +-client = 9-npn-selected-sni-server-does-not-support-npn-client-extra ++server = 11-npn-selected-sni-server-does-not-support-npn-server-extra ++client = 11-npn-selected-sni-server-does-not-support-npn-client-extra + +-[9-npn-selected-sni-server-does-not-support-npn-server-extra] ++[11-npn-selected-sni-server-does-not-support-npn-server-extra] + NPNProtocols = bar + ServerNameCallback = IgnoreMismatch + +-[9-npn-selected-sni-server-does-not-support-npn-client-extra] ++[11-npn-selected-sni-server-does-not-support-npn-client-extra] + NPNProtocols = foo,bar + ServerName = server2 + + + # =========================================================== + +-[10-alpn-preferred-over-npn] +-ssl_conf = 10-alpn-preferred-over-npn-ssl ++[12-alpn-preferred-over-npn] ++ssl_conf = 12-alpn-preferred-over-npn-ssl + +-[10-alpn-preferred-over-npn-ssl] +-server = 10-alpn-preferred-over-npn-server +-client = 10-alpn-preferred-over-npn-client ++[12-alpn-preferred-over-npn-ssl] ++server = 12-alpn-preferred-over-npn-server ++client = 12-alpn-preferred-over-npn-client + +-[10-alpn-preferred-over-npn-server] ++[12-alpn-preferred-over-npn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[10-alpn-preferred-over-npn-client] ++[12-alpn-preferred-over-npn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-10] ++[test-12] + ExpectedALPNProtocol = foo +-server = 10-alpn-preferred-over-npn-server-extra +-client = 10-alpn-preferred-over-npn-client-extra ++server = 12-alpn-preferred-over-npn-server-extra ++client = 12-alpn-preferred-over-npn-client-extra + +-[10-alpn-preferred-over-npn-server-extra] ++[12-alpn-preferred-over-npn-server-extra] + ALPNProtocols = foo + NPNProtocols = bar + +-[10-alpn-preferred-over-npn-client-extra] ++[12-alpn-preferred-over-npn-client-extra] + ALPNProtocols = foo + NPNProtocols = bar + + + # =========================================================== + +-[11-sni-npn-preferred-over-alpn] +-ssl_conf = 11-sni-npn-preferred-over-alpn-ssl ++[13-sni-npn-preferred-over-alpn] ++ssl_conf = 13-sni-npn-preferred-over-alpn-ssl + +-[11-sni-npn-preferred-over-alpn-ssl] +-server = 11-sni-npn-preferred-over-alpn-server +-client = 11-sni-npn-preferred-over-alpn-client +-server2 = 11-sni-npn-preferred-over-alpn-server2 ++[13-sni-npn-preferred-over-alpn-ssl] ++server = 13-sni-npn-preferred-over-alpn-server ++client = 13-sni-npn-preferred-over-alpn-client ++server2 = 13-sni-npn-preferred-over-alpn-server2 + +-[11-sni-npn-preferred-over-alpn-server] ++[13-sni-npn-preferred-over-alpn-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[11-sni-npn-preferred-over-alpn-server2] ++[13-sni-npn-preferred-over-alpn-server2] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[11-sni-npn-preferred-over-alpn-client] ++[13-sni-npn-preferred-over-alpn-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-11] ++[test-13] + ExpectedNPNProtocol = bar + ExpectedServerName = server2 +-server = 11-sni-npn-preferred-over-alpn-server-extra +-server2 = 11-sni-npn-preferred-over-alpn-server2-extra +-client = 11-sni-npn-preferred-over-alpn-client-extra ++server = 13-sni-npn-preferred-over-alpn-server-extra ++server2 = 13-sni-npn-preferred-over-alpn-server2-extra ++client = 13-sni-npn-preferred-over-alpn-client-extra + +-[11-sni-npn-preferred-over-alpn-server-extra] ++[13-sni-npn-preferred-over-alpn-server-extra] + ALPNProtocols = foo + ServerNameCallback = IgnoreMismatch + +-[11-sni-npn-preferred-over-alpn-server2-extra] ++[13-sni-npn-preferred-over-alpn-server2-extra] + NPNProtocols = bar + +-[11-sni-npn-preferred-over-alpn-client-extra] ++[13-sni-npn-preferred-over-alpn-client-extra] + ALPNProtocols = foo + NPNProtocols = bar + ServerName = server2 +@@ -460,356 +527,356 @@ ServerName = server2 + + # =========================================================== + +-[12-npn-simple-resumption] +-ssl_conf = 12-npn-simple-resumption-ssl ++[14-npn-simple-resumption] ++ssl_conf = 14-npn-simple-resumption-ssl + +-[12-npn-simple-resumption-ssl] +-server = 12-npn-simple-resumption-server +-client = 12-npn-simple-resumption-client +-resume-server = 12-npn-simple-resumption-server +-resume-client = 12-npn-simple-resumption-client ++[14-npn-simple-resumption-ssl] ++server = 14-npn-simple-resumption-server ++client = 14-npn-simple-resumption-client ++resume-server = 14-npn-simple-resumption-server ++resume-client = 14-npn-simple-resumption-client + +-[12-npn-simple-resumption-server] ++[14-npn-simple-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[12-npn-simple-resumption-client] ++[14-npn-simple-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-12] ++[test-14] + ExpectedNPNProtocol = foo + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 12-npn-simple-resumption-server-extra +-resume-server = 12-npn-simple-resumption-server-extra +-client = 12-npn-simple-resumption-client-extra +-resume-client = 12-npn-simple-resumption-client-extra ++server = 14-npn-simple-resumption-server-extra ++resume-server = 14-npn-simple-resumption-server-extra ++client = 14-npn-simple-resumption-client-extra ++resume-client = 14-npn-simple-resumption-client-extra + +-[12-npn-simple-resumption-server-extra] ++[14-npn-simple-resumption-server-extra] + NPNProtocols = foo + +-[12-npn-simple-resumption-client-extra] ++[14-npn-simple-resumption-client-extra] + NPNProtocols = foo + + + # =========================================================== + +-[13-npn-server-switch-resumption] +-ssl_conf = 13-npn-server-switch-resumption-ssl ++[15-npn-server-switch-resumption] ++ssl_conf = 15-npn-server-switch-resumption-ssl + +-[13-npn-server-switch-resumption-ssl] +-server = 13-npn-server-switch-resumption-server +-client = 13-npn-server-switch-resumption-client +-resume-server = 13-npn-server-switch-resumption-resume-server +-resume-client = 13-npn-server-switch-resumption-client ++[15-npn-server-switch-resumption-ssl] ++server = 15-npn-server-switch-resumption-server ++client = 15-npn-server-switch-resumption-client ++resume-server = 15-npn-server-switch-resumption-resume-server ++resume-client = 15-npn-server-switch-resumption-client + +-[13-npn-server-switch-resumption-server] ++[15-npn-server-switch-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[13-npn-server-switch-resumption-resume-server] ++[15-npn-server-switch-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[13-npn-server-switch-resumption-client] ++[15-npn-server-switch-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-13] ++[test-15] + ExpectedNPNProtocol = baz + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 13-npn-server-switch-resumption-server-extra +-resume-server = 13-npn-server-switch-resumption-resume-server-extra +-client = 13-npn-server-switch-resumption-client-extra +-resume-client = 13-npn-server-switch-resumption-client-extra ++server = 15-npn-server-switch-resumption-server-extra ++resume-server = 15-npn-server-switch-resumption-resume-server-extra ++client = 15-npn-server-switch-resumption-client-extra ++resume-client = 15-npn-server-switch-resumption-client-extra + +-[13-npn-server-switch-resumption-server-extra] ++[15-npn-server-switch-resumption-server-extra] + NPNProtocols = bar,foo + +-[13-npn-server-switch-resumption-resume-server-extra] ++[15-npn-server-switch-resumption-resume-server-extra] + NPNProtocols = baz,foo + +-[13-npn-server-switch-resumption-client-extra] ++[15-npn-server-switch-resumption-client-extra] + NPNProtocols = foo,bar,baz + + + # =========================================================== + +-[14-npn-client-switch-resumption] +-ssl_conf = 14-npn-client-switch-resumption-ssl ++[16-npn-client-switch-resumption] ++ssl_conf = 16-npn-client-switch-resumption-ssl + +-[14-npn-client-switch-resumption-ssl] +-server = 14-npn-client-switch-resumption-server +-client = 14-npn-client-switch-resumption-client +-resume-server = 14-npn-client-switch-resumption-server +-resume-client = 14-npn-client-switch-resumption-resume-client ++[16-npn-client-switch-resumption-ssl] ++server = 16-npn-client-switch-resumption-server ++client = 16-npn-client-switch-resumption-client ++resume-server = 16-npn-client-switch-resumption-server ++resume-client = 16-npn-client-switch-resumption-resume-client + +-[14-npn-client-switch-resumption-server] ++[16-npn-client-switch-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[14-npn-client-switch-resumption-client] ++[16-npn-client-switch-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[14-npn-client-switch-resumption-resume-client] ++[16-npn-client-switch-resumption-resume-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-14] ++[test-16] + ExpectedNPNProtocol = bar + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 14-npn-client-switch-resumption-server-extra +-resume-server = 14-npn-client-switch-resumption-server-extra +-client = 14-npn-client-switch-resumption-client-extra +-resume-client = 14-npn-client-switch-resumption-resume-client-extra ++server = 16-npn-client-switch-resumption-server-extra ++resume-server = 16-npn-client-switch-resumption-server-extra ++client = 16-npn-client-switch-resumption-client-extra ++resume-client = 16-npn-client-switch-resumption-resume-client-extra + +-[14-npn-client-switch-resumption-server-extra] ++[16-npn-client-switch-resumption-server-extra] + NPNProtocols = foo,bar,baz + +-[14-npn-client-switch-resumption-client-extra] ++[16-npn-client-switch-resumption-client-extra] + NPNProtocols = foo,baz + +-[14-npn-client-switch-resumption-resume-client-extra] ++[16-npn-client-switch-resumption-resume-client-extra] + NPNProtocols = bar,baz + + + # =========================================================== + +-[15-npn-client-first-pref-on-mismatch-resumption] +-ssl_conf = 15-npn-client-first-pref-on-mismatch-resumption-ssl ++[17-npn-client-first-pref-on-mismatch-resumption] ++ssl_conf = 17-npn-client-first-pref-on-mismatch-resumption-ssl + +-[15-npn-client-first-pref-on-mismatch-resumption-ssl] +-server = 15-npn-client-first-pref-on-mismatch-resumption-server +-client = 15-npn-client-first-pref-on-mismatch-resumption-client +-resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server +-resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client ++[17-npn-client-first-pref-on-mismatch-resumption-ssl] ++server = 17-npn-client-first-pref-on-mismatch-resumption-server ++client = 17-npn-client-first-pref-on-mismatch-resumption-client ++resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server ++resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client + +-[15-npn-client-first-pref-on-mismatch-resumption-server] ++[17-npn-client-first-pref-on-mismatch-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[15-npn-client-first-pref-on-mismatch-resumption-resume-server] ++[17-npn-client-first-pref-on-mismatch-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[15-npn-client-first-pref-on-mismatch-resumption-client] ++[17-npn-client-first-pref-on-mismatch-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-15] ++[test-17] + ExpectedNPNProtocol = foo + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 15-npn-client-first-pref-on-mismatch-resumption-server-extra +-resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra +-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra +-resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra ++server = 17-npn-client-first-pref-on-mismatch-resumption-server-extra ++resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra ++client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra ++resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra + +-[15-npn-client-first-pref-on-mismatch-resumption-server-extra] ++[17-npn-client-first-pref-on-mismatch-resumption-server-extra] + NPNProtocols = bar + +-[15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra] ++[17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra] + NPNProtocols = baz + +-[15-npn-client-first-pref-on-mismatch-resumption-client-extra] ++[17-npn-client-first-pref-on-mismatch-resumption-client-extra] + NPNProtocols = foo,bar + + + # =========================================================== + +-[16-npn-no-server-support-resumption] +-ssl_conf = 16-npn-no-server-support-resumption-ssl ++[18-npn-no-server-support-resumption] ++ssl_conf = 18-npn-no-server-support-resumption-ssl + +-[16-npn-no-server-support-resumption-ssl] +-server = 16-npn-no-server-support-resumption-server +-client = 16-npn-no-server-support-resumption-client +-resume-server = 16-npn-no-server-support-resumption-resume-server +-resume-client = 16-npn-no-server-support-resumption-client ++[18-npn-no-server-support-resumption-ssl] ++server = 18-npn-no-server-support-resumption-server ++client = 18-npn-no-server-support-resumption-client ++resume-server = 18-npn-no-server-support-resumption-resume-server ++resume-client = 18-npn-no-server-support-resumption-client + +-[16-npn-no-server-support-resumption-server] ++[18-npn-no-server-support-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[16-npn-no-server-support-resumption-resume-server] ++[18-npn-no-server-support-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[16-npn-no-server-support-resumption-client] ++[18-npn-no-server-support-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-16] ++[test-18] + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 16-npn-no-server-support-resumption-server-extra +-client = 16-npn-no-server-support-resumption-client-extra +-resume-client = 16-npn-no-server-support-resumption-client-extra ++server = 18-npn-no-server-support-resumption-server-extra ++client = 18-npn-no-server-support-resumption-client-extra ++resume-client = 18-npn-no-server-support-resumption-client-extra + +-[16-npn-no-server-support-resumption-server-extra] ++[18-npn-no-server-support-resumption-server-extra] + NPNProtocols = foo + +-[16-npn-no-server-support-resumption-client-extra] ++[18-npn-no-server-support-resumption-client-extra] + NPNProtocols = foo + + + # =========================================================== + +-[17-npn-no-client-support-resumption] +-ssl_conf = 17-npn-no-client-support-resumption-ssl ++[19-npn-no-client-support-resumption] ++ssl_conf = 19-npn-no-client-support-resumption-ssl + +-[17-npn-no-client-support-resumption-ssl] +-server = 17-npn-no-client-support-resumption-server +-client = 17-npn-no-client-support-resumption-client +-resume-server = 17-npn-no-client-support-resumption-server +-resume-client = 17-npn-no-client-support-resumption-resume-client ++[19-npn-no-client-support-resumption-ssl] ++server = 19-npn-no-client-support-resumption-server ++client = 19-npn-no-client-support-resumption-client ++resume-server = 19-npn-no-client-support-resumption-server ++resume-client = 19-npn-no-client-support-resumption-resume-client + +-[17-npn-no-client-support-resumption-server] ++[19-npn-no-client-support-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[17-npn-no-client-support-resumption-client] ++[19-npn-no-client-support-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[17-npn-no-client-support-resumption-resume-client] ++[19-npn-no-client-support-resumption-resume-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-17] ++[test-19] + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 17-npn-no-client-support-resumption-server-extra +-resume-server = 17-npn-no-client-support-resumption-server-extra +-client = 17-npn-no-client-support-resumption-client-extra ++server = 19-npn-no-client-support-resumption-server-extra ++resume-server = 19-npn-no-client-support-resumption-server-extra ++client = 19-npn-no-client-support-resumption-client-extra + +-[17-npn-no-client-support-resumption-server-extra] ++[19-npn-no-client-support-resumption-server-extra] + NPNProtocols = foo + +-[17-npn-no-client-support-resumption-client-extra] ++[19-npn-no-client-support-resumption-client-extra] + NPNProtocols = foo + + + # =========================================================== + +-[18-alpn-preferred-over-npn-resumption] +-ssl_conf = 18-alpn-preferred-over-npn-resumption-ssl ++[20-alpn-preferred-over-npn-resumption] ++ssl_conf = 20-alpn-preferred-over-npn-resumption-ssl + +-[18-alpn-preferred-over-npn-resumption-ssl] +-server = 18-alpn-preferred-over-npn-resumption-server +-client = 18-alpn-preferred-over-npn-resumption-client +-resume-server = 18-alpn-preferred-over-npn-resumption-resume-server +-resume-client = 18-alpn-preferred-over-npn-resumption-client ++[20-alpn-preferred-over-npn-resumption-ssl] ++server = 20-alpn-preferred-over-npn-resumption-server ++client = 20-alpn-preferred-over-npn-resumption-client ++resume-server = 20-alpn-preferred-over-npn-resumption-resume-server ++resume-client = 20-alpn-preferred-over-npn-resumption-client + +-[18-alpn-preferred-over-npn-resumption-server] ++[20-alpn-preferred-over-npn-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[18-alpn-preferred-over-npn-resumption-resume-server] ++[20-alpn-preferred-over-npn-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[18-alpn-preferred-over-npn-resumption-client] ++[20-alpn-preferred-over-npn-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-18] ++[test-20] + ExpectedALPNProtocol = foo + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 18-alpn-preferred-over-npn-resumption-server-extra +-resume-server = 18-alpn-preferred-over-npn-resumption-resume-server-extra +-client = 18-alpn-preferred-over-npn-resumption-client-extra +-resume-client = 18-alpn-preferred-over-npn-resumption-client-extra ++server = 20-alpn-preferred-over-npn-resumption-server-extra ++resume-server = 20-alpn-preferred-over-npn-resumption-resume-server-extra ++client = 20-alpn-preferred-over-npn-resumption-client-extra ++resume-client = 20-alpn-preferred-over-npn-resumption-client-extra + +-[18-alpn-preferred-over-npn-resumption-server-extra] ++[20-alpn-preferred-over-npn-resumption-server-extra] + NPNProtocols = bar + +-[18-alpn-preferred-over-npn-resumption-resume-server-extra] ++[20-alpn-preferred-over-npn-resumption-resume-server-extra] + ALPNProtocols = foo + NPNProtocols = baz + +-[18-alpn-preferred-over-npn-resumption-client-extra] ++[20-alpn-preferred-over-npn-resumption-client-extra] + ALPNProtocols = foo + NPNProtocols = bar,baz + + + # =========================================================== + +-[19-npn-used-if-alpn-not-supported-resumption] +-ssl_conf = 19-npn-used-if-alpn-not-supported-resumption-ssl ++[21-npn-used-if-alpn-not-supported-resumption] ++ssl_conf = 21-npn-used-if-alpn-not-supported-resumption-ssl + +-[19-npn-used-if-alpn-not-supported-resumption-ssl] +-server = 19-npn-used-if-alpn-not-supported-resumption-server +-client = 19-npn-used-if-alpn-not-supported-resumption-client +-resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server +-resume-client = 19-npn-used-if-alpn-not-supported-resumption-client ++[21-npn-used-if-alpn-not-supported-resumption-ssl] ++server = 21-npn-used-if-alpn-not-supported-resumption-server ++client = 21-npn-used-if-alpn-not-supported-resumption-client ++resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server ++resume-client = 21-npn-used-if-alpn-not-supported-resumption-client + +-[19-npn-used-if-alpn-not-supported-resumption-server] ++[21-npn-used-if-alpn-not-supported-resumption-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[19-npn-used-if-alpn-not-supported-resumption-resume-server] ++[21-npn-used-if-alpn-not-supported-resumption-resume-server] + Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem + CipherString = DEFAULT + PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +-[19-npn-used-if-alpn-not-supported-resumption-client] ++[21-npn-used-if-alpn-not-supported-resumption-client] + CipherString = DEFAULT + MaxProtocol = TLSv1.2 + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + +-[test-19] ++[test-21] + ExpectedNPNProtocol = baz + HandshakeMode = Resume + ResumptionExpected = Yes +-server = 19-npn-used-if-alpn-not-supported-resumption-server-extra +-resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server-extra +-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra +-resume-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra ++server = 21-npn-used-if-alpn-not-supported-resumption-server-extra ++resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server-extra ++client = 21-npn-used-if-alpn-not-supported-resumption-client-extra ++resume-client = 21-npn-used-if-alpn-not-supported-resumption-client-extra + +-[19-npn-used-if-alpn-not-supported-resumption-server-extra] ++[21-npn-used-if-alpn-not-supported-resumption-server-extra] + ALPNProtocols = foo + NPNProtocols = bar + +-[19-npn-used-if-alpn-not-supported-resumption-resume-server-extra] ++[21-npn-used-if-alpn-not-supported-resumption-resume-server-extra] + NPNProtocols = baz + +-[19-npn-used-if-alpn-not-supported-resumption-client-extra] ++[21-npn-used-if-alpn-not-supported-resumption-client-extra] + ALPNProtocols = foo + NPNProtocols = bar,baz + +diff --git a/test/ssl-tests/08-npn.cnf.in b/test/ssl-tests/08-npn.cnf.in +index 30783e4..1dc2704 100644 +--- a/test/ssl-tests/08-npn.cnf.in ++++ b/test/ssl-tests/08-npn.cnf.in +@@ -110,6 +110,41 @@ our @tests = ( + "ExpectedNPNProtocol" => undef, + }, + }, ++ { ++ name => "npn-empty-client-list", ++ server => { ++ extra => { ++ "NPNProtocols" => "foo", ++ }, ++ }, ++ client => { ++ extra => { ++ "NPNProtocols" => "", ++ }, ++ "MaxProtocol" => "TLSv1.2" ++ }, ++ test => { ++ "ExpectedResult" => "ClientFail", ++ "ExpectedClientAlert" => "HandshakeFailure" ++ }, ++ }, ++ { ++ name => "npn-empty-server-list", ++ server => { ++ extra => { ++ "NPNProtocols" => "", ++ }, ++ }, ++ client => { ++ extra => { ++ "NPNProtocols" => "foo", ++ }, ++ "MaxProtocol" => "TLSv1.2" ++ }, ++ test => { ++ "ExpectedNPNProtocol" => "foo" ++ }, ++ }, + { + name => "npn-with-sni-no-context-switch", + server => { +diff --git a/test/ssl-tests/09-alpn.cnf b/test/ssl-tests/09-alpn.cnf +index e7e6cb9..dd66873 100644 +--- a/test/ssl-tests/09-alpn.cnf ++++ b/test/ssl-tests/09-alpn.cnf +@@ -1,6 +1,6 @@ + # Generated with generate_ssl_tests.pl + +-num_tests = 16 ++num_tests = 18 + + test-0 = 0-alpn-simple + test-1 = 1-alpn-server-finds-match +@@ -18,6 +18,8 @@ test-12 = 12-alpn-client-switch-resumption + test-13 = 13-alpn-alert-on-mismatch-resumption + test-14 = 14-alpn-no-server-support-resumption + test-15 = 15-alpn-no-client-support-resumption ++test-16 = 16-alpn-empty-client-list ++test-17 = 17-alpn-empty-server-list + # =========================================================== + + [0-alpn-simple] +@@ -617,3 +619,65 @@ ALPNProtocols = foo + ALPNProtocols = foo + + ++# =========================================================== ++ ++[16-alpn-empty-client-list] ++ssl_conf = 16-alpn-empty-client-list-ssl ++ ++[16-alpn-empty-client-list-ssl] ++server = 16-alpn-empty-client-list-server ++client = 16-alpn-empty-client-list-client ++ ++[16-alpn-empty-client-list-server] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[16-alpn-empty-client-list-client] ++CipherString = DEFAULT ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-16] ++server = 16-alpn-empty-client-list-server-extra ++client = 16-alpn-empty-client-list-client-extra ++ ++[16-alpn-empty-client-list-server-extra] ++ALPNProtocols = foo ++ ++[16-alpn-empty-client-list-client-extra] ++ALPNProtocols = ++ ++ ++# =========================================================== ++ ++[17-alpn-empty-server-list] ++ssl_conf = 17-alpn-empty-server-list-ssl ++ ++[17-alpn-empty-server-list-ssl] ++server = 17-alpn-empty-server-list-server ++client = 17-alpn-empty-server-list-client ++ ++[17-alpn-empty-server-list-server] ++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem ++CipherString = DEFAULT ++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem ++ ++[17-alpn-empty-server-list-client] ++CipherString = DEFAULT ++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem ++VerifyMode = Peer ++ ++[test-17] ++ExpectedResult = ServerFail ++ExpectedServerAlert = NoApplicationProtocol ++server = 17-alpn-empty-server-list-server-extra ++client = 17-alpn-empty-server-list-client-extra ++ ++[17-alpn-empty-server-list-server-extra] ++ALPNProtocols = ++ ++[17-alpn-empty-server-list-client-extra] ++ALPNProtocols = foo ++ ++ +diff --git a/test/ssl-tests/09-alpn.cnf.in b/test/ssl-tests/09-alpn.cnf.in +index 8133075..322b709 100644 +--- a/test/ssl-tests/09-alpn.cnf.in ++++ b/test/ssl-tests/09-alpn.cnf.in +@@ -322,4 +322,37 @@ our @tests = ( + "ExpectedALPNProtocol" => undef, + }, + }, ++ { ++ name => "alpn-empty-client-list", ++ server => { ++ extra => { ++ "ALPNProtocols" => "foo", ++ }, ++ }, ++ client => { ++ extra => { ++ "ALPNProtocols" => "", ++ }, ++ }, ++ test => { ++ "ExpectedALPNProtocol" => undef, ++ }, ++ }, ++ { ++ name => "alpn-empty-server-list", ++ server => { ++ extra => { ++ "ALPNProtocols" => "", ++ }, ++ }, ++ client => { ++ extra => { ++ "ALPNProtocols" => "foo", ++ }, ++ }, ++ test => { ++ "ExpectedResult" => "ServerFail", ++ "ExpectedServerAlert" => "NoApplicationProtocol", ++ }, ++ }, + ); +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch new file mode 100644 index 0000000000..7319d27bb8 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch @@ -0,0 +1,43 @@ +From 86351b8dd4c499de7a0c02313ee54966e978150f Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 21 Jun 2024 10:41:55 +0100 +Subject: [PATCH 07/10] Correct return values for + tls_construct_stoc_next_proto_neg + +Return EXT_RETURN_NOT_SENT in the event that we don't send the extension, +rather than EXT_RETURN_SENT. This actually makes no difference at all to +the current control flow since this return value is ignored in this case +anyway. But lets make it correct anyway. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/53f5677f358c4a4f69830d944ea40e71950673b8] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + ssl/statem/extensions_srvr.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c +index 64ccb3e..b821c7c 100644 +--- a/ssl/statem/extensions_srvr.c ++++ b/ssl/statem/extensions_srvr.c +@@ -1496,9 +1496,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL_CONNECTION *s, WPACKET *pkt, + return EXT_RETURN_FAIL; + } + s->s3.npn_seen = 1; ++ return EXT_RETURN_SENT; + } + +- return EXT_RETURN_SENT; ++ return EXT_RETURN_NOT_SENT; + } + #endif + +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch new file mode 100644 index 0000000000..f64938a5ca --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch @@ -0,0 +1,66 @@ +From 29f860914824cde6b0aea6ad818b93132930137f Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 21 Jun 2024 11:51:54 +0100 +Subject: [PATCH 08/10] Add ALPN validation in the client + +The ALPN protocol selected by the server must be one that we originally +advertised. We should verify that it is. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/195e15421df113d7283aab2ccff8b8fb06df5465] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + ssl/statem/extensions_clnt.c | 24 ++++++++++++++++++++++++ + 1 file changed, 24 insertions(+) + +diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c +index 1ab3c13..ff9c009 100644 +--- a/ssl/statem/extensions_clnt.c ++++ b/ssl/statem/extensions_clnt.c +@@ -1590,6 +1590,8 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, + X509 *x, size_t chainidx) + { + size_t len; ++ PACKET confpkt, protpkt; ++ int valid = 0; + + /* We must have requested it. */ + if (!s->s3.alpn_sent) { +@@ -1608,6 +1610,28 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, + SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION); + return 0; + } ++ ++ /* It must be a protocol that we sent */ ++ if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) { ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) { ++ if (PACKET_remaining(&protpkt) != len) ++ continue; ++ if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) { ++ /* Valid protocol found */ ++ valid = 1; ++ break; ++ } ++ } ++ ++ if (!valid) { ++ /* The protocol sent from the server does not match one we advertised */ ++ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION); ++ return 0; ++ } ++ + OPENSSL_free(s->s3.alpn_selected); + s->s3.alpn_selected = OPENSSL_malloc(len); + if (s->s3.alpn_selected == NULL) { +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch new file mode 100644 index 0000000000..fb1cef5067 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch @@ -0,0 +1,271 @@ +From 6a5484b0d3fcf9a868c7e3e5b62e5eedc90b6080 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 21 Jun 2024 10:09:41 +0100 +Subject: [PATCH 09/10] Add explicit testing of ALN and NPN in sslapitest + +We already had some tests elsewhere - but this extends that testing with +additional tests. + +Follow on from CVE-2024-5535 + +Reviewed-by: Neil Horman <nhorman@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/24717) + +Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/7c95191434415d1c9b7fe9b130df13cce630b6b5] +CVE: CVE-2024-5535 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + test/sslapitest.c | 229 ++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 229 insertions(+) + +diff --git a/test/sslapitest.c b/test/sslapitest.c +index 15cb906..7a55a2b 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -11877,6 +11877,231 @@ static int test_select_next_proto(int idx) + return ret; + } + ++static const unsigned char fooprot[] = {3, 'f', 'o', 'o' }; ++static const unsigned char barprot[] = {3, 'b', 'a', 'r' }; ++ ++#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) ++static int npn_advert_cb(SSL *ssl, const unsigned char **out, ++ unsigned int *outlen, void *arg) ++{ ++ int *idx = (int *)arg; ++ ++ switch (*idx) { ++ default: ++ case 0: ++ *out = fooprot; ++ *outlen = sizeof(fooprot); ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 1: ++ *outlen = 0; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 2: ++ return SSL_TLSEXT_ERR_NOACK; ++ } ++} ++ ++static int npn_select_cb(SSL *s, unsigned char **out, unsigned char *outlen, ++ const unsigned char *in, unsigned int inlen, void *arg) ++{ ++ int *idx = (int *)arg; ++ ++ switch (*idx) { ++ case 0: ++ case 1: ++ *out = (unsigned char *)(fooprot + 1); ++ *outlen = *fooprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 3: ++ *out = (unsigned char *)(barprot + 1); ++ *outlen = *barprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 4: ++ *outlen = 0; ++ return SSL_TLSEXT_ERR_OK; ++ ++ default: ++ case 2: ++ return SSL_TLSEXT_ERR_ALERT_FATAL; ++ } ++} ++ ++/* ++ * Test the NPN callbacks ++ * Test 0: advert = foo, select = foo ++ * Test 1: advert = <empty>, select = foo ++ * Test 2: no advert ++ * Test 3: advert = foo, select = bar ++ * Test 4: advert = foo, select = <empty> (should fail) ++ */ ++static int test_npn(int idx) ++{ ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *serverssl = NULL, *clientssl = NULL; ++ int testresult = 0; ++ ++ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), ++ TLS_client_method(), 0, TLS1_2_VERSION, ++ &sctx, &cctx, cert, privkey))) ++ goto end; ++ ++ SSL_CTX_set_next_protos_advertised_cb(sctx, npn_advert_cb, &idx); ++ SSL_CTX_set_next_proto_select_cb(cctx, npn_select_cb, &idx); ++ ++ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, ++ NULL))) ++ goto end; ++ ++ if (idx == 4) { ++ /* We don't allow empty selection of NPN, so this should fail */ ++ if (!TEST_false(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ } else { ++ const unsigned char *prot; ++ unsigned int protlen; ++ ++ if (!TEST_true(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ ++ SSL_get0_next_proto_negotiated(serverssl, &prot, &protlen); ++ switch (idx) { ++ case 0: ++ case 1: ++ if (!TEST_mem_eq(prot, protlen, fooprot + 1, *fooprot)) ++ goto end; ++ break; ++ case 2: ++ if (!TEST_uint_eq(protlen, 0)) ++ goto end; ++ break; ++ case 3: ++ if (!TEST_mem_eq(prot, protlen, barprot + 1, *barprot)) ++ goto end; ++ break; ++ default: ++ TEST_error("Should not get here"); ++ goto end; ++ } ++ } ++ ++ testresult = 1; ++ end: ++ SSL_free(serverssl); ++ SSL_free(clientssl); ++ SSL_CTX_free(sctx); ++ SSL_CTX_free(cctx); ++ ++ return testresult; ++} ++#endif /* !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) */ ++ ++static int alpn_select_cb2(SSL *ssl, const unsigned char **out, ++ unsigned char *outlen, const unsigned char *in, ++ unsigned int inlen, void *arg) ++{ ++ int *idx = (int *)arg; ++ ++ switch (*idx) { ++ case 0: ++ *out = (unsigned char *)(fooprot + 1); ++ *outlen = *fooprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 2: ++ *out = (unsigned char *)(barprot + 1); ++ *outlen = *barprot; ++ return SSL_TLSEXT_ERR_OK; ++ ++ case 3: ++ *outlen = 0; ++ return SSL_TLSEXT_ERR_OK; ++ ++ default: ++ case 1: ++ return SSL_TLSEXT_ERR_ALERT_FATAL; ++ } ++ return 0; ++} ++ ++/* ++ * Test the ALPN callbacks ++ * Test 0: client = foo, select = foo ++ * Test 1: client = <empty>, select = none ++ * Test 2: client = foo, select = bar (should fail) ++ * Test 3: client = foo, select = <empty> (should fail) ++ */ ++static int test_alpn(int idx) ++{ ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *serverssl = NULL, *clientssl = NULL; ++ int testresult = 0; ++ const unsigned char *prots = fooprot; ++ unsigned int protslen = sizeof(fooprot); ++ ++ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), ++ TLS_client_method(), 0, 0, ++ &sctx, &cctx, cert, privkey))) ++ goto end; ++ ++ SSL_CTX_set_alpn_select_cb(sctx, alpn_select_cb2, &idx); ++ ++ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, ++ NULL))) ++ goto end; ++ ++ if (idx == 1) { ++ prots = NULL; ++ protslen = 0; ++ } ++ ++ /* SSL_set_alpn_protos returns 0 for success! */ ++ if (!TEST_false(SSL_set_alpn_protos(clientssl, prots, protslen))) ++ goto end; ++ ++ if (idx == 2 || idx == 3) { ++ /* We don't allow empty selection of NPN, so this should fail */ ++ if (!TEST_false(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ } else { ++ const unsigned char *prot; ++ unsigned int protlen; ++ ++ if (!TEST_true(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ ++ SSL_get0_alpn_selected(clientssl, &prot, &protlen); ++ switch (idx) { ++ case 0: ++ if (!TEST_mem_eq(prot, protlen, fooprot + 1, *fooprot)) ++ goto end; ++ break; ++ case 1: ++ if (!TEST_uint_eq(protlen, 0)) ++ goto end; ++ break; ++ default: ++ TEST_error("Should not get here"); ++ goto end; ++ } ++ } ++ ++ testresult = 1; ++ end: ++ SSL_free(serverssl); ++ SSL_free(clientssl); ++ SSL_CTX_free(sctx); ++ SSL_CTX_free(cctx); ++ ++ return testresult; ++} ++ + OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n") + + int setup_tests(void) +@@ -12190,6 +12415,10 @@ int setup_tests(void) + ADD_TEST(test_data_retry); + ADD_ALL_TESTS(test_multi_resume, 5); + ADD_ALL_TESTS(test_select_next_proto, OSSL_NELEM(next_proto_tests)); ++#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_NEXTPROTONEG) ++ ADD_ALL_TESTS(test_npn, 5); ++#endif ++ ADD_ALL_TESTS(test_alpn, 4); + return 1; + + err: +-- +2.44.0 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl/bti.patch b/poky/meta/recipes-connectivity/openssl/openssl/bti.patch deleted file mode 100644 index 748576c30c..0000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl/bti.patch +++ /dev/null @@ -1,58 +0,0 @@ -From ba8a599395f8b770c76316b5f5b0f3838567014f Mon Sep 17 00:00:00 2001 -From: Tom Cosgrove <tom.cosgrove@arm.com> -Date: Tue, 26 Mar 2024 13:18:00 +0000 -Subject: [PATCH] aarch64: fix BTI in bsaes assembly code - -In Arm systems where BTI is enabled but the Crypto extensions are not (more -likely in FVPs than in real hardware), the bit-sliced assembler code will -be used. However, this wasn't annotated with BTI instructions when BTI was -enabled, so the moment libssl jumps into this code it (correctly) aborts. - -Solve this by adding the missing BTI landing pads. - -Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/23982] -Signed-off-by: Ross Burton <ross.burton@arm.com> ---- - crypto/aes/asm/bsaes-armv8.pl | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/crypto/aes/asm/bsaes-armv8.pl b/crypto/aes/asm/bsaes-armv8.pl -index b3c97e439f..c3c5ff3e05 100644 ---- a/crypto/aes/asm/bsaes-armv8.pl -+++ b/crypto/aes/asm/bsaes-armv8.pl -@@ -1018,6 +1018,7 @@ _bsaes_key_convert: - // Initialisation vector overwritten with last quadword of ciphertext - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_cbc_encrypt: -+ AARCH64_VALID_CALL_TARGET - cmp x2, #128 - bhs .Lcbc_do_bsaes - b AES_cbc_encrypt -@@ -1270,7 +1271,7 @@ ossl_bsaes_cbc_encrypt: - // Output text filled in - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_ctr32_encrypt_blocks: -- -+ AARCH64_VALID_CALL_TARGET - cmp x2, #8 // use plain AES for - blo .Lctr_enc_short // small sizes - -@@ -1476,6 +1477,7 @@ ossl_bsaes_ctr32_encrypt_blocks: - // Output ciphertext filled in - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_xts_encrypt: -+ AARCH64_VALID_CALL_TARGET - // Stack layout: - // sp -> - // nrounds*128-96 bytes: key schedule -@@ -1921,6 +1923,7 @@ ossl_bsaes_xts_encrypt: - // Output plaintext filled in - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_xts_decrypt: -+ AARCH64_VALID_CALL_TARGET - // Stack layout: - // sp -> - // nrounds*128-96 bytes: key schedule --- -2.34.1 - diff --git a/poky/meta/recipes-connectivity/openssl/openssl_3.2.1.bb b/poky/meta/recipes-connectivity/openssl/openssl_3.2.2.bb index d37b68abbb..3242dd69c6 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl_3.2.1.bb +++ b/poky/meta/recipes-connectivity/openssl/openssl_3.2.2.bb @@ -12,15 +12,23 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://0001-Configure-do-not-tweak-mips-cflags.patch \ file://0001-Added-handshake-history-reporting-when-test-fails.patch \ - file://bti.patch \ - file://CVE-2024-2511.patch \ + file://CVE-2024-5535_1.patch \ + file://CVE-2024-5535_2.patch \ + file://CVE-2024-5535_3.patch \ + file://CVE-2024-5535_4.patch \ + file://CVE-2024-5535_5.patch \ + file://CVE-2024-5535_6.patch \ + file://CVE-2024-5535_7.patch \ + file://CVE-2024-5535_8.patch \ + file://CVE-2024-5535_9.patch \ + file://CVE-2024-5535_10.patch \ " SRC_URI:append:class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "83c7329fe52c850677d75e5d0b0ca245309b97e8ecbcfdc1dfdc4ab9fac35b39" +SRC_URI[sha256sum] = "197149c18d9e9f292c43f0400acaba12e5f52cacfe050f3d199277ea738ec2e7" inherit lib_package multilib_header multilib_script ptest perlnative manpages MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" diff --git a/poky/meta/recipes-connectivity/ppp/ppp_2.5.0.bb b/poky/meta/recipes-connectivity/ppp/ppp_2.5.0.bb index 4b052f8ed9..5f0c75de83 100644 --- a/poky/meta/recipes-connectivity/ppp/ppp_2.5.0.bb +++ b/poky/meta/recipes-connectivity/ppp/ppp_2.5.0.bb @@ -5,7 +5,7 @@ SECTION = "console/network" HOMEPAGE = "http://samba.org/ppp/" BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs" DEPENDS = "libpcap openssl virtual/crypt" -LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & LGPL-2.0-or-later & PD" +LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & LGPL-2.0-or-later & PD & RSA-MD" LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ diff --git a/poky/meta/recipes-core/base-files/base-files/profile b/poky/meta/recipes-core/base-files/base-files/profile index bded3757cc..5e8393c91c 100644 --- a/poky/meta/recipes-core/base-files/base-files/profile +++ b/poky/meta/recipes-core/base-files/base-files/profile @@ -58,7 +58,7 @@ resize() { fi # only do this for /dev/tty[A-z] which are typically # serial ports - if [ $FIRSTTIMESETUP -eq 1 -a $SHLVL -eq 1 ] ; then + if [ $FIRSTTIMESETUP -eq 1 -a ${SHLVL:-1} -eq 1 ] ; then case $(tty 2>/dev/null) in /dev/tty[A-z]*) resize >/dev/null;; esac diff --git a/poky/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/poky/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch index 4635250170..ceb3ad7250 100644 --- a/poky/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch +++ b/poky/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch @@ -5,7 +5,7 @@ Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are returned for the hostname part CVE: CVE-2022-28391 -Upstream-Status: Pending +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001] Signed-off-by: Ariadne Conill <ariadne@dereferenced.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- diff --git a/poky/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/poky/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch index 0d7409ddc3..1dbc3388a4 100644 --- a/poky/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch +++ b/poky/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch @@ -8,7 +8,7 @@ Otherwise, terminal sequences can be injected, which enables various terminal in attacks from DNS results. CVE: CVE-2022-28391 -Upstream-Status: Pending +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001] Signed-off-by: Ariadne Conill <ariadne@dereferenced.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- diff --git a/poky/meta/recipes-core/coreutils/coreutils/0001-local.mk-fix-cross-compiling-problem.patch b/poky/meta/recipes-core/coreutils/coreutils/0001-local.mk-fix-cross-compiling-problem.patch index 97a6357ab9..66f9a716c9 100644 --- a/poky/meta/recipes-core/coreutils/coreutils/0001-local.mk-fix-cross-compiling-problem.patch +++ b/poky/meta/recipes-core/coreutils/coreutils/0001-local.mk-fix-cross-compiling-problem.patch @@ -1,7 +1,4 @@ -From 7cb2d20cfa2a27191255031d231cd41917dcffe8 Mon Sep 17 00:00:00 2001 -From: Chen Qi <Qi.Chen@windriver.com> -Date: Mon, 26 Dec 2016 16:10:35 +0800 -Subject: [PATCH] local.mk: fix cross compiling problem +Subject: local.mk: fix cross compiling problem We meet the following error when cross compiling. | Makefile:3418: *** Recursive variable 'INSTALL' references itself (eventually). Stop. @@ -15,12 +12,15 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/local.mk b/src/local.mk -index 96ee941..cdd47d6 100644 +index 36dfa4e..c5898cc 100644 --- a/src/local.mk +++ b/src/local.mk -@@ -704,4 +704,4 @@ cu_install_program = @INSTALL@ +@@ -649,4 +649,4 @@ cu_install_program = @INSTALL_PROGRAM@ else cu_install_program = src/ginstall endif -INSTALL = $(cu_install_program) -c +INSTALL_PROGRAM = $(cu_install_program) +-- +2.1.0 + diff --git a/poky/meta/recipes-core/coreutils/coreutils/0001-posixtm-pacify-clang-18.patch b/poky/meta/recipes-core/coreutils/coreutils/0001-posixtm-pacify-clang-18.patch new file mode 100644 index 0000000000..e6c84be3c4 --- /dev/null +++ b/poky/meta/recipes-core/coreutils/coreutils/0001-posixtm-pacify-clang-18.patch @@ -0,0 +1,38 @@ +From 67c298c36f69b6906840b7584be06b7b5f33f829 Mon Sep 17 00:00:00 2001 +From: Paul Eggert <eggert@cs.ucla.edu> +Date: Tue, 16 Jan 2024 17:21:08 -0800 +Subject: [PATCH] posixtm: pacify clang 18 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Problem reported by Khem Raj in: +https://lists.gnu.org/r/bug-gnulib/2024-01/msg00045.html +* lib/posixtm.c (posixtime): Pacify clang 18 by converting bool to int. +Arguably this is a bug in draft C2x, since the non-pointer args to +ckd_add should promote just like any other expressions do; +but that’s not clang’s fault. + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/bug-gnulib/2024-01/msg00046.html] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + ChangeLog | 10 ++++++++++ + lib/posixtm.c | 2 +- + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/lib/posixtm.c b/lib/posixtm.c +index ef9f55f873..a072c7cad0 100644 +--- a/lib/posixtm.c ++++ b/lib/posixtm.c +@@ -191,7 +191,7 @@ posixtime (time_t *p, const char *s, unsigned int syntax_bits) + | (tm0.tm_min ^ tm1.tm_min) + | (tm0.tm_sec ^ tm1.tm_sec))) + { +- if (ckd_add (&t, t, leapsec)) ++ if (ckd_add (&t, t, +leapsec)) + return false; + *p = t; + return true; +-- +2.43.0 + diff --git a/poky/meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch b/poky/meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch new file mode 100644 index 0000000000..0c68e2dce0 --- /dev/null +++ b/poky/meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch @@ -0,0 +1,39 @@ +From c4c5ed8f4e9cd55a12966d4f520e3a13101637d9 Mon Sep 17 00:00:00 2001 +From: Paul Eggert <eggert@cs.ucla.edu> +Date: Tue, 16 Jan 2024 13:48:32 -0800 +Subject: [PATCH 1/1] split: do not shrink hold buffer +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +* src/split.c (line_bytes_split): Do not shrink hold buffer. +If it’s large for this batch it’s likely to be large for the next +batch, and for ‘split’ it’s not worth the complexity/CPU hassle to +shrink it. Do not assume hold_size can be bufsize. + +CVE: CVE-2024-0684 +Upstream-Status: Backport [https://github.com/coreutils/coreutils/commit/c4c5ed8f4e9cd55a12966d4f520e3a13101637d9] +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> +--- + src/split.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/src/split.c b/src/split.c +index 64020c859..037960a59 100644 +--- a/src/split.c ++++ b/src/split.c +@@ -809,10 +809,7 @@ line_bytes_split (intmax_t n_bytes, char *buf, idx_t bufsize) + { + cwrite (n_out == 0, hold, n_hold); + n_out += n_hold; +- if (n_hold > bufsize) +- hold = xirealloc (hold, bufsize); + n_hold = 0; +- hold_size = bufsize; + } + + /* Output to eol if present. */ +-- +2.11.4.GIT + + diff --git a/poky/meta/recipes-core/coreutils/coreutils/remove-usr-local-lib-from-m4.patch b/poky/meta/recipes-core/coreutils/coreutils/remove-usr-local-lib-from-m4.patch index 718de0ab78..1a8a9b9983 100644 --- a/poky/meta/recipes-core/coreutils/coreutils/remove-usr-local-lib-from-m4.patch +++ b/poky/meta/recipes-core/coreutils/coreutils/remove-usr-local-lib-from-m4.patch @@ -1,4 +1,4 @@ -From f53ffb5b27ab7d4a4c62df00ebd6a1a6936d1709 Mon Sep 17 00:00:00 2001 +From a26530083a29eeee910bfd606ecc621acecd547a Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Wed, 3 Aug 2011 14:12:30 -0700 Subject: [PATCH] coreutils: Fix build on uclibc @@ -12,15 +12,16 @@ and make life easier for cross compilation process. Signed-off-by: Khem Raj <raj.khem@gmail.com> Upstream-Status: Inappropriate [Upstream does care for AIX while we may not] + --- m4/getloadavg.m4 | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/m4/getloadavg.m4 b/m4/getloadavg.m4 -index 9d0236f..68f7c52 100644 +index 8e96965..63782a2 100644 --- a/m4/getloadavg.m4 +++ b/m4/getloadavg.m4 -@@ -46,18 +46,6 @@ if test $ac_cv_func_getloadavg != yes; then +@@ -41,18 +41,6 @@ AC_CHECK_FUNC([getloadavg], [], [LIBS="-lutil $LIBS" gl_func_getloadavg_done=yes]) fi diff --git a/poky/meta/recipes-core/coreutils/coreutils_9.5.bb b/poky/meta/recipes-core/coreutils/coreutils_9.4.bb index 9a5f836ebe..62ecdea6ec 100644 --- a/poky/meta/recipes-core/coreutils/coreutils_9.5.bb +++ b/poky/meta/recipes-core/coreutils/coreutils_9.4.bb @@ -6,7 +6,7 @@ HOMEPAGE = "http://www.gnu.org/software/coreutils/" BUGTRACKER = "http://debbugs.gnu.org/coreutils" LICENSE = "GPL-3.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \ - file://src/ls.c;beginline=1;endline=15;md5=9ac94aaed7fd46fd8df7147a9e3410cb \ + file://src/ls.c;beginline=1;endline=15;md5=b720a8b317035d66c555fc6d89e3674c \ " DEPENDS = "gmp libcap" DEPENDS:class-native = "" @@ -16,9 +16,11 @@ inherit autotools gettext texinfo SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \ file://remove-usr-local-lib-from-m4.patch \ file://0001-local.mk-fix-cross-compiling-problem.patch \ + file://0001-posixtm-pacify-clang-18.patch \ + file://CVE-2024-0684.patch \ file://run-ptest \ " -SRC_URI[sha256sum] = "cd328edeac92f6a665de9f323c93b712af1858bc2e0d88f3f7100469470a1b8a" +SRC_URI[sha256sum] = "ea613a4cf44612326e917201bbbcdfbd301de21ffc3b59b6e5c07e040b275e52" # http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=v8.27-101-gf5d7c0842 # diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/fix-regex.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/fix-regex.patch deleted file mode 100644 index bdfbd55899..0000000000 --- a/poky/meta/recipes-core/glib-2.0/glib-2.0/fix-regex.patch +++ /dev/null @@ -1,54 +0,0 @@ -From cce3ae98a2c1966719daabff5a4ec6cf94a846f6 Mon Sep 17 00:00:00 2001 -From: Philip Withnall <pwithnall@gnome.org> -Date: Mon, 26 Feb 2024 16:55:44 +0000 -Subject: [PATCH] tests: Remove variable-length lookbehind tests for GRegex -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -PCRE2 10.43 has now introduced support for variable-length lookbehind, -so these tests now fail if GLib is built against PCRE2 10.43 or higher. - -See -https://github.com/PCRE2Project/pcre2/blob/e8db6fa7137f4c6f66cb87e0a3c9467252ec1ef7/ChangeLog#L94. - -Rather than making the tests conditional on the version of PCRE2 in use, -just remove them. They are mostly testing the PCRE2 code rather than -any code in GLib, so don’t have much value. - -This should fix CI runs on msys2-mingw32, which updated to PCRE2 10.43 2 -days ago. - -Signed-off-by: Philip Withnall <pwithnall@gnome.org> - -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/cce3ae98a2c1966719daabff5a4ec6cf94a846f6] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - glib/tests/regex.c | 10 ---------- - 1 file changed, 10 deletions(-) - -diff --git a/glib/tests/regex.c b/glib/tests/regex.c -index 1082526292..d7a698ec67 100644 ---- a/glib/tests/regex.c -+++ b/glib/tests/regex.c -@@ -1885,16 +1885,6 @@ test_lookbehind (void) - g_match_info_free (match); - g_regex_unref (regex); - -- regex = g_regex_new ("(?<!dogs?|cats?) x", G_REGEX_OPTIMIZE, G_REGEX_MATCH_DEFAULT, &error); -- g_assert (regex == NULL); -- g_assert_error (error, G_REGEX_ERROR, G_REGEX_ERROR_VARIABLE_LENGTH_LOOKBEHIND); -- g_clear_error (&error); -- -- regex = g_regex_new ("(?<=ab(c|de)) foo", G_REGEX_OPTIMIZE, G_REGEX_MATCH_DEFAULT, &error); -- g_assert (regex == NULL); -- g_assert_error (error, G_REGEX_ERROR, G_REGEX_ERROR_VARIABLE_LENGTH_LOOKBEHIND); -- g_clear_error (&error); -- - regex = g_regex_new ("(?<=abc|abde)foo", G_REGEX_OPTIMIZE, G_REGEX_MATCH_DEFAULT, &error); - g_assert (regex); - g_assert_no_error (error); --- -GitLab - - diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.78.4.bb b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb index b1669ead75..1a4278b1bc 100644 --- a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.78.4.bb +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb @@ -16,14 +16,13 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \ file://0001-Switch-from-the-deprecated-distutils-module-to-the-p.patch \ file://memory-monitor.patch \ - file://fix-regex.patch \ file://skip-timeout.patch \ " SRC_URI:append:class-native = " file://relocate-modules.patch \ file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \ " -SRC_URI[sha256sum] = "24b8e0672dca120cc32d394bccb85844e732e04fe75d18bb0573b2dbc7548f63" +SRC_URI[sha256sum] = "244854654dd82c7ebcb2f8e246156d2a05eb9cd1ad07ed7a779659b4602c9fae" # Find any meson cross files in FILESPATH that are relevant for the current # build (using siteinfo) and add them to EXTRA_OEMESON. diff --git a/poky/meta/recipes-core/glibc/glibc-common.inc b/poky/meta/recipes-core/glibc/glibc-common.inc index b9516e77f0..91a3f5bcd5 100644 --- a/poky/meta/recipes-core/glibc/glibc-common.inc +++ b/poky/meta/recipes-core/glibc/glibc-common.inc @@ -2,7 +2,7 @@ SUMMARY = "GLIBC (GNU C Library)" DESCRIPTION = "The GNU C Library is used as the system C library in most systems with the Linux kernel." HOMEPAGE = "http://www.gnu.org/software/libc/libc.html" SECTION = "libs" -LICENSE = "GPL-2.0-only & LGPL-2.1-only" +LICENSE = "GPL-2.0-only & LGPL-2.1-or-later" LIC_FILES_CHKSUM ?= "file://LICENSES;md5=f77e878d320e99e94ae9a4aea7f491d1 \ file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ diff --git a/poky/meta/recipes-core/glibc/glibc-version.inc b/poky/meta/recipes-core/glibc/glibc-version.inc index 618a574566..1e4a323d64 100644 --- a/poky/meta/recipes-core/glibc/glibc-version.inc +++ b/poky/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.39/master" PV = "2.39+git" -SRCREV_glibc ?= "1b9c1a0047fb26a65a9b2a7b8cd977243f7d353c" +SRCREV_glibc ?= "273a835fe7c685cc54266bb8b502787bad5e9bae" SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" diff --git a/poky/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch b/poky/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch index 066c3b1ea2..9bdfa76318 100644 --- a/poky/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch +++ b/poky/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch @@ -11,16 +11,15 @@ Upstream-Status: Inappropriate [ OE-Specific ] Signed-off-by: Khem Raj <raj.khem@gmail.com> --- - sysdeps/aarch64/bits/wordsize.h | 8 ++++++-- - sysdeps/arm/bits/wordsize.h | 1 + - 2 files changed, 7 insertions(+), 2 deletions(-) - create mode 120000 sysdeps/arm/bits/wordsize.h + sysdeps/aarch64/bits/wordsize.h | 11 +++++++++-- + sysdeps/arm/bits/wordsize.h | 22 +--------------------- + 2 files changed, 10 insertions(+), 23 deletions(-) diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/aarch64/bits/wordsize.h -index 118e59172d..b4b0692eb5 100644 +index 118e59172d..ff86359fe8 100644 --- a/sysdeps/aarch64/bits/wordsize.h +++ b/sysdeps/aarch64/bits/wordsize.h -@@ -17,12 +17,16 @@ +@@ -17,12 +17,19 @@ License along with the GNU C Library; if not, see <https://www.gnu.org/licenses/>. */ @@ -33,12 +32,42 @@ index 118e59172d..b4b0692eb5 100644 # define __WORDSIZE32_SIZE_ULONG 1 # define __WORDSIZE32_PTRDIFF_LONG 1 +#else -+# define __WORDSIZE 32 -+# define __WORDSIZE32_SIZE_ULONG 0 -+# define __WORDSIZE32_PTRDIFF_LONG 0 ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 #endif ++#ifdef __aarch64__ #define __WORDSIZE_TIME64_COMPAT32 0 ++#endif +diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h +deleted file mode 100644 +index 6ecbfe7c86..0000000000 +--- a/sysdeps/arm/bits/wordsize.h ++++ /dev/null +@@ -1,21 +0,0 @@ +-/* Copyright (C) 1999-2024 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library; if not, see +- <https://www.gnu.org/licenses/>. */ +- +-#define __WORDSIZE 32 +-#define __WORDSIZE_TIME64_COMPAT32 1 +-#define __WORDSIZE32_SIZE_ULONG 0 +-#define __WORDSIZE32_PTRDIFF_LONG 0 diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h new file mode 120000 index 0000000000..4c4a788ec2 diff --git a/poky/meta/recipes-core/glibc/glibc/0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch b/poky/meta/recipes-core/glibc/glibc/0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch deleted file mode 100644 index f6523c5498..0000000000 --- a/poky/meta/recipes-core/glibc/glibc/0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 73c26018ed0ecd9c807bb363cc2c2ab4aca66a82 Mon Sep 17 00:00:00 2001 -From: Szabolcs Nagy <szabolcs.nagy@arm.com> -Date: Wed, 13 Mar 2024 14:34:14 +0000 -Subject: [PATCH] aarch64: fix check for SVE support in assembler - -Due to GCC bug 110901 -mcpu can override -march setting when compiling -asm code and thus a compiler targetting a specific cpu can fail the -configure check even when binutils gas supports SVE. - -The workaround is that explicit .arch directive overrides both -mcpu -and -march, and since that's what the actual SVE memcpy uses the -configure check should use that too even if the GCC issue is fixed -independently. - -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=73c26018ed0ecd9c807bb363cc2c2ab4aca66a82] -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Reviewed-by: Florian Weimer <fweimer@redhat.com> ---- - sysdeps/aarch64/configure | 5 +++-- - sysdeps/aarch64/configure.ac | 5 +++-- - 2 files changed, 6 insertions(+), 4 deletions(-) - mode change 100644 => 100755 sysdeps/aarch64/configure - -diff --git a/sysdeps/aarch64/configure b/sysdeps/aarch64/configure -old mode 100644 -new mode 100755 -index ca57edce47..9606137e8d ---- a/sysdeps/aarch64/configure -+++ b/sysdeps/aarch64/configure -@@ -325,9 +325,10 @@ then : - printf %s "(cached) " >&6 - else $as_nop - cat > conftest.s <<\EOF -- ptrue p0.b -+ .arch armv8.2-a+sve -+ ptrue p0.b - EOF --if { ac_try='${CC-cc} -c -march=armv8.2-a+sve conftest.s 1>&5' -+if { ac_try='${CC-cc} -c conftest.s 1>&5' - { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 - (eval $ac_try) 2>&5 - ac_status=$? -diff --git a/sysdeps/aarch64/configure.ac b/sysdeps/aarch64/configure.ac -index 27874eceb4..56d12d661d 100644 ---- a/sysdeps/aarch64/configure.ac -+++ b/sysdeps/aarch64/configure.ac -@@ -90,9 +90,10 @@ LIBC_CONFIG_VAR([aarch64-variant-pcs], [$libc_cv_aarch64_variant_pcs]) - # Check if asm support armv8.2-a+sve - AC_CACHE_CHECK([for SVE support in assembler], [libc_cv_aarch64_sve_asm], [dnl - cat > conftest.s <<\EOF -- ptrue p0.b -+ .arch armv8.2-a+sve -+ ptrue p0.b - EOF --if AC_TRY_COMMAND(${CC-cc} -c -march=armv8.2-a+sve conftest.s 1>&AS_MESSAGE_LOG_FD); then -+if AC_TRY_COMMAND(${CC-cc} -c conftest.s 1>&AS_MESSAGE_LOG_FD); then - libc_cv_aarch64_sve_asm=yes - else - libc_cv_aarch64_sve_asm=no --- -2.44.0 - diff --git a/poky/meta/recipes-core/glibc/glibc/0024-qemu-stale-process.patch b/poky/meta/recipes-core/glibc/glibc/0023-qemu-stale-process.patch index c0a467fcec..c0a467fcec 100644 --- a/poky/meta/recipes-core/glibc/glibc/0024-qemu-stale-process.patch +++ b/poky/meta/recipes-core/glibc/glibc/0023-qemu-stale-process.patch diff --git a/poky/meta/recipes-core/glibc/glibc_2.39.bb b/poky/meta/recipes-core/glibc/glibc_2.39.bb index 9122472689..2484ae1cd9 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.39.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.39.bb @@ -16,6 +16,10 @@ CVE_STATUS[CVE-2019-1010025] = "disputed: \ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow \ easier access for another. 'ASLR bypass itself is not a vulnerability.'" +CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS" +CVE_STATUS_STABLE_BACKPORTS = "CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602" +CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash" + DEPENDS += "gperf-native bison-native" NATIVESDKFIXES ?= "" @@ -48,8 +52,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0020-tzselect.ksh-Use-bin-sh-default-shell-interpreter.patch \ file://0021-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \ file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \ - file://0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch \ - file://0024-qemu-stale-process.patch \ + file://0023-qemu-stale-process.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 4cf55519cc..bceeb4866f 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -26,8 +26,8 @@ inherit core-image setuptools3 features_check REQUIRED_DISTRO_FEATURES += "xattr" -SRCREV ?= "17723c6e34096a53fb186cc70cfc604bb30da8b9" -SRC_URI = "git://git.yoctoproject.org/poky;branch=master \ +SRCREV ?= "5d657e0f472ce481ab62bc9ebf3d2b81c04cf3f3" +SRC_URI = "git://git.yoctoproject.org/poky;branch=scarthgap \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ file://README_VirtualBox_Guest_Additions.txt \ diff --git a/poky/meta/recipes-core/libcgroup/libcgroup/0001-include-Makefile-install-systemd.h-by-default.patch b/poky/meta/recipes-core/libcgroup/libcgroup/0001-include-Makefile-install-systemd.h-by-default.patch new file mode 100644 index 0000000000..4b743f9b33 --- /dev/null +++ b/poky/meta/recipes-core/libcgroup/libcgroup/0001-include-Makefile-install-systemd.h-by-default.patch @@ -0,0 +1,37 @@ +From 592dcdcf243576bd2517d3da9bc18990de08e37e Mon Sep 17 00:00:00 2001 +From: Kamalesh Babulal <kamalesh.babulal@oracle.com> +Date: Mon, 27 Nov 2023 20:07:33 +0530 +Subject: [PATCH 1/1] include/Makefile: install systemd.h by default + +Install systemd.h header file by default, as we have stub and defined +versions of the systemd functions for both non-systemd and systemd +enabled configurations. This will help packagers to ship package +without systemd support (--enable-systemd=no). + +Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com> +Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> + +Upstream-Status: Backport [https://github.com/libcgroup/libcgroup/commit/592dcdcf243576bd2517d3da9bc18990de08e37e] + +Signed-off-by: Adriaan Schmidt <adriaan.schmidt@siemens.com> +--- + include/Makefile.am | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/include/Makefile.am b/include/Makefile.am +index 23cebaac..4cb05529 100644 +--- a/include/Makefile.am ++++ b/include/Makefile.am +@@ -2,8 +2,4 @@ + nobase_include_HEADERS = libcgroup.h libcgroup/error.h libcgroup/init.h \ + libcgroup/groups.h libcgroup/tasks.h \ + libcgroup/iterators.h libcgroup/config.h \ +- libcgroup/log.h libcgroup/tools.h +- +-if WITH_SYSTEMD +-nobase_include_HEADERS += libcgroup/systemd.h +-endif ++ libcgroup/log.h libcgroup/tools.h libcgroup/systemd.h +-- +2.39.2 + diff --git a/poky/meta/recipes-core/libcgroup/libcgroup_3.1.0.bb b/poky/meta/recipes-core/libcgroup/libcgroup_3.1.0.bb index 4b4f19e36f..a1d27c7e7f 100644 --- a/poky/meta/recipes-core/libcgroup/libcgroup_3.1.0.bb +++ b/poky/meta/recipes-core/libcgroup/libcgroup_3.1.0.bb @@ -13,6 +13,7 @@ DEPENDS = "bison-native flex-native" DEPENDS:append:libc-musl = " fts" SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.gz \ + file://0001-include-Makefile-install-systemd.h-by-default.patch \ " UPSTREAM_CHECK_URI = "https://github.com/libcgroup/libcgroup/tags" diff --git a/poky/meta/recipes-core/libxcrypt/files/configure-c99.patch b/poky/meta/recipes-core/libxcrypt/files/configure-c99.patch new file mode 100644 index 0000000000..b77ea7af07 --- /dev/null +++ b/poky/meta/recipes-core/libxcrypt/files/configure-c99.patch @@ -0,0 +1,39 @@ +From cfe9f4d6b0a5d10a15e10e987d528c5c513a42f1 Mon Sep 17 00:00:00 2001 +From: Florian Weimer <fweimer@redhat.com> +Date: Tue, 19 Dec 2023 11:00:11 +0100 +Subject: [PATCH] configure: Only text the makecontext signature we need + +The test/explicit-bzero.c test uses a start routine without any +arguments. There is no need for the multi-argument version. + +This avoids a build failure with glibc and future compilers. +The GNU C library declares the makecontext callback of +type void (*) (void), so no cast is needed. On other systems, +the type may be the (currently distinct) type void (*) (), +but given that this only affects the ability to execute a test, +no further machinery is added here to detect that different type. + +Upstream-Status: Submitted [https://github.com/besser82/libxcrypt/pull/178/] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + configure.ac | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 016997c..4b8afd8 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -303,13 +303,11 @@ AS_IF([test $ac_cv_header_ucontext_h = yes], + #include <ucontext.h> + static int x; + static void fn1(void) {} +-static void fn2(int a, int b) { x = a - b; } + ]], [[ + ucontext_t uc1, uc2; + if (getcontext(&uc1)) return 1; + if (setcontext(&uc1)) return 1; + makecontext(&uc1, fn1, 0); +- makecontext(&uc2, fn2, 2, 1, 1); + if (swapcontext(&uc1, &uc2)) return 1; + return x; + ]])], diff --git a/poky/meta/recipes-core/libxcrypt/libxcrypt.inc b/poky/meta/recipes-core/libxcrypt/libxcrypt.inc index ba93d91aef..ee6875aa05 100644 --- a/poky/meta/recipes-core/libxcrypt/libxcrypt.inc +++ b/poky/meta/recipes-core/libxcrypt/libxcrypt.inc @@ -13,7 +13,8 @@ SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH};protocol= SRCREV = "f531a36aa916a22ef2ce7d270ba381e264250cbf" SRCBRANCH ?= "master" -SRC_URI += "file://fix_cflags_handling.patch" +SRC_URI += "file://fix_cflags_handling.patch \ + file://configure-c99.patch" PROVIDES = "virtual/crypt" diff --git a/poky/meta/recipes-core/libxml/libxml2_2.12.6.bb b/poky/meta/recipes-core/libxml/libxml2_2.12.8.bb index 14fcff7fa4..fb103f0273 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.12.6.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.12.8.bb @@ -20,7 +20,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt file://install-tests.patch \ " -SRC_URI[archive.sha256sum] = "889c593a881a3db5fdd96cc9318c87df34eb648edfc458272ad46fd607353fbb" +SRC_URI[archive.sha256sum] = "43ad877b018bc63deb2468d71f95219c2fac196876ef36d1bee51d226173ec93" SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273" # Disputed as a security issue, but fixed in d39f780 diff --git a/poky/meta/recipes-core/ncurses/files/CVE-2023-45918.patch b/poky/meta/recipes-core/ncurses/files/CVE-2023-45918.patch new file mode 100644 index 0000000000..fbdae49a61 --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/CVE-2023-45918.patch @@ -0,0 +1,180 @@ +From bcf02d3242f1c7d57224a95f7903fcf4b5e7695d Mon Sep 17 00:00:00 2001 +From: Thomas E. Dickey <dickey@invisible-island.net> +Date: Fri, 16 Jun 2023 02:54:29 +0530 +Subject: [PATCH] Fix CVE-2023-45918 + +CVE: CVE-2023-45918 + +Upstream-Status: Backport [https://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=bcf02d3242f1c7d57224a95f7903fcf4b5e7695d] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + ncurses/tinfo/comp_error.c | 15 ++++++--- + ncurses/tinfo/read_entry.c | 65 ++++++++++++++++++++++++++------------ + 2 files changed, 56 insertions(+), 24 deletions(-) + +diff --git a/ncurses/tinfo/comp_error.c b/ncurses/tinfo/comp_error.c +index 48f48784..ee518e28 100644 +--- a/ncurses/tinfo/comp_error.c ++++ b/ncurses/tinfo/comp_error.c +@@ -60,8 +60,15 @@ _nc_get_source(void) + NCURSES_EXPORT(void) + _nc_set_source(const char *const name) + { +- FreeIfNeeded(SourceName); +- SourceName = strdup(name); ++ if (name == NULL) { ++ free(SourceName); ++ SourceName = NULL; ++ } else if (SourceName == NULL) { ++ SourceName = strdup(name); ++ } else if (strcmp(name, SourceName)) { ++ free(SourceName); ++ SourceName = strdup(name); ++ } + } + + NCURSES_EXPORT(void) +@@ -95,9 +102,9 @@ static NCURSES_INLINE void + where_is_problem(void) + { + fprintf(stderr, "\"%s\"", SourceName ? SourceName : "?"); +- if (_nc_curr_line >= 0) ++ if (_nc_curr_line > 0) + fprintf(stderr, ", line %d", _nc_curr_line); +- if (_nc_curr_col >= 0) ++ if (_nc_curr_col > 0) + fprintf(stderr, ", col %d", _nc_curr_col); + if (TermType != 0 && TermType[0] != '\0') + fprintf(stderr, ", terminal '%s'", TermType); +diff --git a/ncurses/tinfo/read_entry.c b/ncurses/tinfo/read_entry.c +index 341337d2..b0c3ad26 100644 +--- a/ncurses/tinfo/read_entry.c ++++ b/ncurses/tinfo/read_entry.c +@@ -138,12 +138,13 @@ convert_16bits(char *buf, NCURSES_INT2 *Numbers, int count) + } + #endif + +-static void +-convert_strings(char *buf, char **Strings, int count, int size, char *table) ++static bool ++convert_strings(char *buf, char **Strings, int count, int size, ++ char *table, bool always) + { + int i; + char *p; +- bool corrupt = FALSE; ++ bool success = TRUE; + + for (i = 0; i < count; i++) { + if (IS_NEG1(buf + 2 * i)) { +@@ -159,13 +160,10 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table) + TR(TRACE_DATABASE, ("Strings[%d] = %s", i, + _nc_visbuf(Strings[i]))); + } else { +- if (!corrupt) { +- corrupt = TRUE; +- TR(TRACE_DATABASE, +- ("ignore out-of-range index %d to Strings[]", nn)); +- _nc_warning("corrupt data found in convert_strings"); +- } +- Strings[i] = ABSENT_STRING; ++ TR(TRACE_DATABASE, ++ ("found out-of-range index %d to Strings[%d]", nn, i)); ++ success = FALSE; ++ break; + } + } + +@@ -175,10 +173,25 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table) + if (*p == '\0') + break; + /* if there is no NUL, ignore the string */ +- if (p >= table + size) ++ if (p >= table + size) { + Strings[i] = ABSENT_STRING; ++ } else if (p == Strings[i] && always) { ++ TR(TRACE_DATABASE, ++ ("found empty but required Strings[%d]", i)); ++ success = FALSE; ++ break; ++ } ++ } else if (always) { /* names are always needed */ ++ TR(TRACE_DATABASE, ++ ("found invalid but required Strings[%d]", i)); ++ success = FALSE; ++ break; + } + } ++ if (!success) { ++ _nc_warning("corrupt data found in convert_strings"); ++ } ++ return success; + } + + static int +@@ -382,7 +395,10 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit) + if (Read(string_table, (unsigned) str_size) != str_size) { + returnDB(TGETENT_NO); + } +- convert_strings(buf, ptr->Strings, str_count, str_size, string_table); ++ if (!convert_strings(buf, ptr->Strings, str_count, str_size, ++ string_table, FALSE)) { ++ returnDB(TGETENT_NO); ++ } + } + #if NCURSES_XNAMES + +@@ -483,8 +499,10 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit) + ("Before computing extended-string capabilities " + "str_count=%d, ext_str_count=%d", + str_count, ext_str_count)); +- convert_strings(buf, ptr->Strings + str_count, ext_str_count, +- ext_str_limit, ptr->ext_str_table); ++ if (!convert_strings(buf, ptr->Strings + str_count, ext_str_count, ++ ext_str_limit, ptr->ext_str_table, FALSE)) { ++ returnDB(TGETENT_NO); ++ } + for (i = ext_str_count - 1; i >= 0; i--) { + TR(TRACE_DATABASE, ("MOVE from [%d:%d] %s", + i, i + str_count, +@@ -516,10 +534,13 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit) + TR(TRACE_DATABASE, + ("ext_NAMES starting @%d in extended_strings, first = %s", + base, _nc_visbuf(ptr->ext_str_table + base))); +- convert_strings(buf + (2 * ext_str_count), +- ptr->ext_Names, +- (int) need, +- ext_str_limit, ptr->ext_str_table + base); ++ if (!convert_strings(buf + (2 * ext_str_count), ++ ptr->ext_Names, ++ (int) need, ++ ext_str_limit, ptr->ext_str_table + base, ++ TRUE)) { ++ returnDB(TGETENT_NO); ++ } + } + + TR(TRACE_DATABASE, +@@ -572,13 +593,17 @@ _nc_read_file_entry(const char *const filename, TERMTYPE2 *ptr) + int limit; + char buffer[MAX_ENTRY_SIZE + 1]; + +- if ((limit = (int) fread(buffer, sizeof(char), sizeof(buffer), fp)) +- > 0) { ++ limit = (int) fread(buffer, sizeof(char), sizeof(buffer), fp); ++ if (limit > 0) { ++ const char *old_source = _nc_get_source(); + + TR(TRACE_DATABASE, ("read terminfo %s", filename)); ++ if (old_source == NULL) ++ _nc_set_source(filename); + if ((code = _nc_read_termtype(ptr, buffer, limit)) == TGETENT_NO) { + _nc_free_termtype2(ptr); + } ++ _nc_set_source(old_source); + } else { + code = TGETENT_NO; + } +-- +2.40.0 diff --git a/poky/meta/recipes-core/ncurses/files/CVE-2023-50495.patch b/poky/meta/recipes-core/ncurses/files/CVE-2023-50495.patch new file mode 100644 index 0000000000..7d90ddd30f --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/CVE-2023-50495.patch @@ -0,0 +1,301 @@ +From 7daae3f2139a678fe0ae0b42fcf8d807cbff485c Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Sun, 4 Feb 2024 13:42:38 +0800 +Subject: [PATCH] parse_entry.c: check return value of _nc_save_str + +* check return value of _nc_save_str(), in special case for tic where +extended capabilities are processed but the terminal description was +not initialized (report by Ziqiao Kong). + +* regenerate llib-* files. + +CVE: CVE-2023-50495 + +Upstream-Status: Backport [http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=7723dd6799ab10b32047ec73b14df9f107bafe99] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + ncurses/llib-lncurses | 15 +++++++++++++++ + ncurses/llib-lncursest | 15 +++++++++++++++ + ncurses/llib-lncursestw | 15 +++++++++++++++ + ncurses/llib-lncursesw | 15 +++++++++++++++ + ncurses/llib-ltinfo | 15 +++++++++++++++ + ncurses/llib-ltinfot | 15 +++++++++++++++ + ncurses/llib-ltinfotw | 15 +++++++++++++++ + ncurses/llib-ltinfow | 15 +++++++++++++++ + ncurses/tinfo/parse_entry.c | 23 ++++++++++++++++------- + 9 files changed, 136 insertions(+), 7 deletions(-) + +diff --git a/ncurses/llib-lncurses b/ncurses/llib-lncurses +index 211cf3b7..e4190aa2 100644 +--- a/ncurses/llib-lncurses ++++ b/ncurses/llib-lncurses +@@ -3656,6 +3656,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-lncursest b/ncurses/llib-lncursest +index 1b09d676..e07abba6 100644 +--- a/ncurses/llib-lncursest ++++ b/ncurses/llib-lncursest +@@ -3741,6 +3741,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-lncursestw b/ncurses/llib-lncursestw +index 4576e0fc..747c6be8 100644 +--- a/ncurses/llib-lncursestw ++++ b/ncurses/llib-lncursestw +@@ -4702,6 +4702,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-lncursesw b/ncurses/llib-lncursesw +index 127350d2..862305d9 100644 +--- a/ncurses/llib-lncursesw ++++ b/ncurses/llib-lncursesw +@@ -4617,6 +4617,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-ltinfo b/ncurses/llib-ltinfo +index a5cd7cd3..31e5e9a6 100644 +--- a/ncurses/llib-ltinfo ++++ b/ncurses/llib-ltinfo +@@ -927,6 +927,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-ltinfot b/ncurses/llib-ltinfot +index bd3de812..48e5c25a 100644 +--- a/ncurses/llib-ltinfot ++++ b/ncurses/llib-ltinfot +@@ -1003,6 +1003,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-ltinfotw b/ncurses/llib-ltinfotw +index 4d35a1e1..64dfdfa5 100644 +--- a/ncurses/llib-ltinfotw ++++ b/ncurses/llib-ltinfotw +@@ -1025,6 +1025,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/llib-ltinfow b/ncurses/llib-ltinfow +index db846764..7e17a35f 100644 +--- a/ncurses/llib-ltinfow ++++ b/ncurses/llib-ltinfow +@@ -949,6 +949,21 @@ char *tiparm( + ...) + { return(*(char **)0); } + ++#undef tiparm_s ++char *tiparm_s( ++ int num_expected, ++ int tparm_type, ++ const char *string, ++ ...) ++ { return(*(char **)0); } ++ ++#undef tiscan_s ++int tiscan_s( ++ int *num_expected, ++ int *tparm_type, ++ const char *string) ++ { return(*(int *)0); } ++ + #undef _nc_tiparm + char *_nc_tiparm( + int expected, +diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c +index 14bcb67e..0a0b5637 100644 +--- a/ncurses/tinfo/parse_entry.c ++++ b/ncurses/tinfo/parse_entry.c +@@ -110,7 +110,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + /* Well, we are given a cancel for a name that we don't recognize */ + return _nc_extend_names(entryp, name, STRING); + default: +- return 0; ++ return NULL; + } + + /* Adjust the 'offset' (insertion-point) to keep the lists of extended +@@ -142,6 +142,11 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + for (last = (unsigned) (max - 1); last > tindex; last--) + + if (!found) { ++ char *saved; ++ ++ if ((saved = _nc_save_str(name)) == NULL) ++ return NULL; ++ + switch (token_type) { + case BOOLEAN: + tp->ext_Booleans++; +@@ -169,7 +174,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + TYPE_REALLOC(char *, actual, tp->ext_Names); + while (--actual > offset) + tp->ext_Names[actual] = tp->ext_Names[actual - 1]; +- tp->ext_Names[offset] = _nc_save_str(name); ++ tp->ext_Names[offset] = saved; + } + + temp.nte_name = tp->ext_Names[offset]; +@@ -364,6 +369,8 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) + bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0); + bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0); + if (is_use || is_tc) { ++ char *saved; ++ + if (!VALID_STRING(_nc_curr_token.tk_valstring) + || _nc_curr_token.tk_valstring[0] == '\0') { + _nc_warning("missing name for use-clause"); +@@ -377,11 +384,13 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) + _nc_curr_token.tk_valstring); + continue; + } +- entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring); +- entryp->uses[entryp->nuses].line = _nc_curr_line; +- entryp->nuses++; +- if (entryp->nuses > 1 && is_tc) { +- BAD_TC_USAGE ++ if ((saved = _nc_save_str(_nc_curr_token.tk_valstring)) != NULL) { ++ entryp->uses[entryp->nuses].name = saved; ++ entryp->uses[entryp->nuses].line = _nc_curr_line; ++ entryp->nuses++; ++ if (entryp->nuses > 1 && is_tc) { ++ BAD_TC_USAGE ++ } + } + } else { + /* normal token lookup */ +-- +2.25.1 + diff --git a/poky/meta/recipes-core/ncurses/ncurses_6.4.bb b/poky/meta/recipes-core/ncurses/ncurses_6.4.bb index 2c621525f9..97130c06d6 100644 --- a/poky/meta/recipes-core/ncurses/ncurses_6.4.bb +++ b/poky/meta/recipes-core/ncurses/ncurses_6.4.bb @@ -6,6 +6,8 @@ SRC_URI += "file://0001-tic-hang.patch \ file://exit_prototype.patch \ file://0001-Fix-CVE-2023-29491.patch \ file://0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch \ + file://CVE-2023-50495.patch \ + file://CVE-2023-45918.patch \ " # commit id corresponds to the revision in package version SRCREV = "79b9071f2be20a24c7be031655a5638f6032f29f" diff --git a/poky/meta/recipes-core/newlib/libgloss_git.bb b/poky/meta/recipes-core/newlib/libgloss_git.bb index 7e34e33c7a..3c97a7f296 100644 --- a/poky/meta/recipes-core/newlib/libgloss_git.bb +++ b/poky/meta/recipes-core/newlib/libgloss_git.bb @@ -6,7 +6,6 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/libgloss:" SRC_URI:append = " file://libgloss-build-without-nostdinc.patch" SRC_URI:append:powerpc = " file://fix-rs6000-crt0.patch" -SRC_URI:append:powerpc = " file://fix-rs6000-cflags.patch" do_configure() { ${S}/libgloss/configure ${EXTRA_OECONF} diff --git a/poky/meta/recipes-core/systemd/systemd_255.4.bb b/poky/meta/recipes-core/systemd/systemd_255.4.bb index e7498c802d..f58a1bc2b6 100644 --- a/poky/meta/recipes-core/systemd/systemd_255.4.bb +++ b/poky/meta/recipes-core/systemd/systemd_255.4.bb @@ -271,14 +271,16 @@ WATCHDOG_TIMEOUT ??= "60" do_install() { meson_do_install - # Change the root user's home directory in /lib/sysusers.d/basic.conf. - # This is done merely for backward compatibility with previous systemd recipes. - # systemd hardcodes root user's HOME to be "/root". Changing to use other values - # may have unexpected runtime behaviors. - if [ "${ROOT_HOME}" != "/root" ]; then - bbwarn "Using ${ROOT_HOME} as root user's home directory is not fully supported by systemd" - sed -i -e 's#/root#${ROOT_HOME}#g' ${D}${exec_prefix}/lib/sysusers.d/basic.conf - fi + if ${@bb.utils.contains('PACKAGECONFIG', 'sysusers', 'true', 'false', d)}; then + # Change the root user's home directory in /lib/sysusers.d/basic.conf. + # This is done merely for backward compatibility with previous systemd recipes. + # systemd hardcodes root user's HOME to be "/root". Changing to use other values + # may have unexpected runtime behaviors. + if [ "${ROOT_HOME}" != "/root" ]; then + bbwarn "Using ${ROOT_HOME} as root user's home directory is not fully supported by systemd" + sed -i -e 's#/root#${ROOT_HOME}#g' ${D}${exec_prefix}/lib/sysusers.d/basic.conf + fi + fi install -d ${D}/${base_sbindir} if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then # Provided by a separate recipe diff --git a/poky/meta/recipes-core/ttyrun/ttyrun_2.32.0.bb b/poky/meta/recipes-core/ttyrun/ttyrun_2.31.0.bb index 9a8be15dab..fac11d6310 100644 --- a/poky/meta/recipes-core/ttyrun/ttyrun_2.32.0.bb +++ b/poky/meta/recipes-core/ttyrun/ttyrun_2.31.0.bb @@ -7,7 +7,9 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=f5118f167b055bfd7c3450803f1847af" SRC_URI = "git://github.com/ibm-s390-linux/s390-tools;protocol=https;branch=master" -SRCREV = "9eea78b3ad8ab3710fb3b2d80b9cd058d7c8aba7" +SRCREV = "6f15ed326491a17d83ca60cd2bda47fb5e8a0175" + +CVE_PRODUCT = "s390-tools" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb b/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb index ba622fe716..27723c88ef 100644 --- a/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb +++ b/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb @@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f5354 SRC_URI = "git://git.yoctoproject.org/update-rc.d;branch=master;protocol=https" SRCREV = "b8f950105010270a768aa12245d6abf166346015" +PV .= "+git" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-core/util-linux/util-linux.inc b/poky/meta/recipes-core/util-linux/util-linux.inc index d506783f9a..48520ef951 100644 --- a/poky/meta/recipes-core/util-linux/util-linux.inc +++ b/poky/meta/recipes-core/util-linux/util-linux.inc @@ -40,6 +40,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin file://avoid_parallel_tests.patch \ file://0001-login-utils-include-libgen.h-for-basename-API.patch \ file://fcntl-lock.c \ + file://CVE-2024-28085-0001.patch \ + file://CVE-2024-28085-0002.patch \ " SRC_URI[sha256sum] = "7b6605e48d1a49f43cc4b4cfc59f313d0dd5402fa40b96810bd572e167dfed0f" diff --git a/poky/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch b/poky/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch new file mode 100644 index 0000000000..af39931b3f --- /dev/null +++ b/poky/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch @@ -0,0 +1,36 @@ +From 07f0f0f5bd1e5e2268257ae1ff6d76a9b6c6ea8b Mon Sep 17 00:00:00 2001 +From: Karel Zak <kzak@redhat.com> +Date: Wed, 17 Jan 2024 12:37:08 +0100 +Subject: [PATCH] wall: fix calloc cal [-Werror=calloc-transposed-args] + +term-utils/wall.c:143:37: error: xcalloc sizes specified with sizeof in the earlier argument and not in the later argument [-Werror=calloc-transposed-args] + 143 | buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups); + | ^ +term-utils/wall.c:143:37: note: earlier argument should specify number of elements, later size of each element + +Signed-off-by: Karel Zak <kzak@redhat.com> + +CVE: CVE-2024-28085 + +Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/07f0f0f5bd1e5e2268257ae1ff6d76a9b6c6ea8b] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + term-utils/wall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index 377db45..85c006a 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -135,7 +135,7 @@ static struct group_workspace *init_group_workspace(const char *group) + + buf->requested_group = get_group_gid(group); + buf->ngroups = sysconf(_SC_NGROUPS_MAX) + 1; /* room for the primary gid */ +- buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups); ++ buf->groups = xcalloc(buf->ngroups, sizeof(*buf->groups)); + + return buf; + } +-- +2.40.0 diff --git a/poky/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch b/poky/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch new file mode 100644 index 0000000000..a2b914d580 --- /dev/null +++ b/poky/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch @@ -0,0 +1,34 @@ +From 404b0781f52f7c045ca811b2dceec526408ac253 Mon Sep 17 00:00:00 2001 +From: Karel Zak <kzak@redhat.com> +Date: Thu, 21 Mar 2024 11:16:20 +0100 +Subject: [PATCH] wall: fix escape sequence Injection [CVE-2024-28085] + +Let's use for all cases the same output function. + +Reported-by: Skyler Ferrante <sjf5462@rit.edu> +Signed-off-by: Karel Zak <kzak@redhat.com> + +CVE: CVE-2024-28085 + +Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/404b0781f52f7c045ca811b2dceec526408ac253] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + term-utils/wall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index 85c006a..0212c03 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -328,7 +328,7 @@ static char *makemsg(char *fname, char **mvec, int mvecsz, + int i; + + for (i = 0; i < mvecsz; i++) { +- fputs(mvec[i], fs); ++ fputs_careful(mvec[i], fs, '^', true, TERM_WIDTH); + if (i < mvecsz - 1) + fputc(' ', fs); + } +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.42.inc b/poky/meta/recipes-devtools/binutils/binutils-2.42.inc index 3b6f47d4ce..c8f526b5c7 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -20,7 +20,7 @@ UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)" CVE_STATUS[CVE-2023-25584] = "cpe-incorrect: Applies only for version 2.40 and earlier" -SRCREV ?= "553c7f61b74badf91df484450944675efd9cd485" +SRCREV ?= "cbec9028dd3fa9b49e0204f1a989cea67cae32c6" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https" SRC_URI = "\ ${BINUTILS_GIT_URI} \ diff --git a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_6.8.bb b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_6.7.1.bb index 15cc7ac244..8132c2cc72 100644 --- a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_6.8.bb +++ b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_6.7.1.bb @@ -18,7 +18,7 @@ DEPENDS = "util-linux zlib" SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git;branch=master;protocol=https \ file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \ " -SRCREV = "3793e987d2b4e878410da16f33d963043d137d48" +SRCREV = "60abf7a90776c2405f616182ef6129474bbcb109" S = "${WORKDIR}/git" PACKAGECONFIG ??= " \ diff --git a/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb b/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb index bf8be1ad0c..ca9fc5988a 100644 --- a/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb +++ b/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb @@ -13,20 +13,28 @@ DEPENDS += "gnu-config-native" SRC_URI = " \ ${SOURCEFORGE_MIRROR}/project/cdrtools/cdrtools-${PV}.tar.bz2 \ file://0001-Don-t-set-uid-gid-during-install.patch \ - file://riscv64-linux-gcc.rul \ + file://riscv64-linux-gcc.rul \ + file://gcc14-fix.patch \ " SRC_URI[md5sum] = "7d45c5b7e1f78d85d1583b361aee6e8b" SRC_URI[sha256sum] = "ed282eb6276c4154ce6a0b5dee0bdb81940d0cbbfc7d03f769c4735ef5f5860f" -EXTRA_OEMAKE = "-e MAKEFLAGS=" +EXTRA_OEMAKE = "-e MAKEFLAGS= CPPOPTX='${CPPFLAGS}' COPTX='${CFLAGS}' C++OPTX='${CXXFLAGS}' LDOPTX='${LDFLAGS}' GMAKE_NOWARN='true'" # Stop failures when 'cc' can't be found export ac_cv_prog_CC = "${CC}" inherit native +# Use -std=gnu89 to build with gcc-14 (https://bugs.gentoo.org/903876) +# this needs to be after native inherit (which sets CFLAGS to BUILD_CFLAGS) +CFLAGS += "-std=gnu89" + do_configure() { + # cdda2wav does not build with GCC 14 + rm -f ${S}/TARGETS/55cdda2wav + install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S}/autoconf install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S}/autoconf install -m 0644 ${WORKDIR}/riscv64-linux-gcc.rul ${S}/RULES/ diff --git a/poky/meta/recipes-devtools/cdrtools/cdrtools/gcc14-fix.patch b/poky/meta/recipes-devtools/cdrtools/cdrtools/gcc14-fix.patch new file mode 100644 index 0000000000..ce02bb8bcf --- /dev/null +++ b/poky/meta/recipes-devtools/cdrtools/cdrtools/gcc14-fix.patch @@ -0,0 +1,13 @@ +Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com> +Upstream-Status: Inappropriate [native] +--- cdrtools-3.01/autoconf/configure~ 2015-07-06 23:41:27.000000000 +0200 ++++ cdrtools-3.01/autoconf/configure 2024-05-01 09:37:40.897253690 +0200 +@@ -1205,7 +1205,7 @@ + #line 1206 "configure" + #include "confdefs.h" + +-main(){return(0);} ++int main(){return(0);} + EOF + if { (eval echo configure:1211: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + ac_cv_prog_cc_works=yes diff --git a/poky/meta/recipes-devtools/createrepo-c/createrepo-c_1.1.0.bb b/poky/meta/recipes-devtools/createrepo-c/createrepo-c_1.0.4.bb index 1f97c99bde..f498bcb655 100644 --- a/poky/meta/recipes-devtools/createrepo-c/createrepo-c_1.1.0.bb +++ b/poky/meta/recipes-devtools/createrepo-c/createrepo-c_1.0.4.bb @@ -9,7 +9,7 @@ SRC_URI = "git://github.com/rpm-software-management/createrepo_c;branch=master;p file://0001-include-rpm-rpmstring.h.patch \ " -SRCREV = "10a8a7af4f1de3f98a21a7d08fe3a46ef306d197" +SRCREV = "4ade5ea5c4c636f045f29a2d8d8a57241fc5d24e" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/dnf/dnf_4.19.2.bb b/poky/meta/recipes-devtools/dnf/dnf_4.19.0.bb index cc91dbe400..184dbea963 100644 --- a/poky/meta/recipes-devtools/dnf/dnf_4.19.2.bb +++ b/poky/meta/recipes-devtools/dnf/dnf_4.19.0.bb @@ -20,7 +20,7 @@ SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protoc SRC_URI:append:class-native = "file://0001-dnf-write-the-log-lock-to-root.patch" -SRCREV = "9b2b2e8ddab99caba4bc8059cab4263163172e81" +SRCREV = "566a61f9d8a2830ac6dcc3a94c59224cef1c3d03" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/dpkg/dpkg.inc b/poky/meta/recipes-devtools/dpkg/dpkg.inc index 4c1d42e0af..b3e8c05d62 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg.inc +++ b/poky/meta/recipes-devtools/dpkg/dpkg.inc @@ -11,7 +11,7 @@ RDEPENDS:${PN}:class-native = "" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" -inherit autotools gettext perlnative pkgconfig perl-version update-alternatives bash-completion +inherit autotools gettext perlnative pkgconfig perl-version update-alternatives PERL:class-native = "${STAGING_BINDIR_NATIVE}/perl-native/perl" diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0001-Add-support-for-riscv32-CPU.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0001-Add-support-for-riscv32-CPU.patch index b8a8697585..52e85705fa 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0001-Add-support-for-riscv32-CPU.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0001-Add-support-for-riscv32-CPU.patch @@ -1,4 +1,4 @@ -From 21459bb8d9a997e6a92885a4ef337ede9cc5aba7 Mon Sep 17 00:00:00 2001 +From 279e4c274f5f295823cf9fa95d3ba131f6d711db Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Wed, 29 Apr 2020 22:02:23 -0700 Subject: [PATCH] Add support for riscv32 CPU @@ -11,10 +11,10 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> 2 files changed, 2 insertions(+) diff --git a/data/cputable b/data/cputable -index 575c008e3..7a801a03a 100644 +index 9f2a8e0..1d935b1 100644 --- a/data/cputable +++ b/data/cputable -@@ -43,6 +43,7 @@ powerpc powerpc (powerpc|ppc) 32 big +@@ -41,6 +41,7 @@ powerpc powerpc (powerpc|ppc) 32 big powerpcel powerpcle powerpcle 32 little ppc64 powerpc64 (powerpc|ppc)64 64 big ppc64el powerpc64le powerpc64le 64 little @@ -23,10 +23,10 @@ index 575c008e3..7a801a03a 100644 s390 s390 s390 32 big s390x s390x s390x 64 big diff --git a/scripts/Dpkg/Vendor/Debian.pm b/scripts/Dpkg/Vendor/Debian.pm -index fcf5b1e2a..175c9f436 100644 +index a352bbd..fa1d90b 100644 --- a/scripts/Dpkg/Vendor/Debian.pm +++ b/scripts/Dpkg/Vendor/Debian.pm -@@ -202,6 +202,7 @@ sub set_build_features { +@@ -306,6 +306,7 @@ sub _add_build_flags { powerpc ppc64 ppc64el @@ -34,3 +34,6 @@ index fcf5b1e2a..175c9f436 100644 riscv64 s390x sparc +-- +2.26.2 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0001-build.c-ignore-return-of-1-from-tar-cf.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0001-build.c-ignore-return-of-1-from-tar-cf.patch index 95a49053e8..f2367c95e9 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0001-build.c-ignore-return-of-1-from-tar-cf.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0001-build.c-ignore-return-of-1-from-tar-cf.patch @@ -1,4 +1,4 @@ -From 4c5e6c280a2ab4d2009d3264e94286f5fe244d0b Mon Sep 17 00:00:00 2001 +From e3ade3464b8a1129a55c2790cf114d9ae01e3cda Mon Sep 17 00:00:00 2001 From: Paul Eggleton <paul.eggleton@linux.microsoft.com> Date: Tue, 16 Jun 2020 03:57:25 +0000 Subject: [PATCH] build.c: ignore return of 1 from tar -cf @@ -23,15 +23,16 @@ Upstream-Status: Inappropriate [OE specific] Original patch by RP 2015/3/27, rebased by Paul Eggleton Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com> + --- src/deb/build.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/deb/build.c b/src/deb/build.c -index 92aba9553..6436b33da 100644 +index 76613adec..7c216d1a9 100644 --- a/src/deb/build.c +++ b/src/deb/build.c -@@ -481,6 +481,7 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, +@@ -482,6 +482,7 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, { int pipe_filenames[2], pipe_tarball[2]; pid_t pid_tar, pid_comp; @@ -39,7 +40,7 @@ index 92aba9553..6436b33da 100644 /* Fork off a tar. We will feed it a list of filenames on stdin later. */ m_pipe(pipe_filenames); -@@ -533,7 +534,9 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, +@@ -534,7 +535,9 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, /* All done, clean up wait for tar and <compress> to finish their job. */ close(pipe_filenames[1]); subproc_reap(pid_comp, _("<compress> from tar -cf"), 0); diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0001-dpkg-Support-muslx32-build.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0001-dpkg-Support-muslx32-build.patch index e8d8576f85..d66ab4476a 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0001-dpkg-Support-muslx32-build.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0001-dpkg-Support-muslx32-build.patch @@ -1,4 +1,4 @@ -From 1d192b60fc43e24e1c2d6ff452dabeee7a227cc0 Mon Sep 17 00:00:00 2001 +From a328c8bec0bf8071ae8f20fee4c7475205064ba1 Mon Sep 17 00:00:00 2001 From: sweeaun <swee.aun.khor@intel.com> Date: Sun, 10 Sep 2017 00:14:15 -0700 Subject: [PATCH] dpkg: Support muslx32 build @@ -13,10 +13,10 @@ Signed-off-by: sweeaun <swee.aun.khor@intel.com> 2 files changed, 2 insertions(+) diff --git a/data/ostable b/data/ostable -index 860355774..28779beca 100644 +index be64342..87db273 100644 --- a/data/ostable +++ b/data/ostable -@@ -21,6 +21,7 @@ base-uclibc-linux linux-uclibc linux[^-]*-uclibc +@@ -19,6 +19,7 @@ base-uclibc-linux linux-uclibc linux[^-]*-uclibc eabihf-musl-linux linux-musleabihf linux[^-]*-musleabihf eabi-musl-linux linux-musleabi linux[^-]*-musleabi base-musl-linux linux-musl linux[^-]*-musl @@ -25,14 +25,17 @@ index 860355774..28779beca 100644 eabi-gnu-linux linux-gnueabi linux[^-]*-gnueabi abin32-gnu-linux linux-gnuabin32 linux[^-]*-gnuabin32 diff --git a/data/tupletable b/data/tupletable -index 82ae3604e..707d85bdb 100644 +index 28f00bf..748ffab 100644 --- a/data/tupletable +++ b/data/tupletable -@@ -26,6 +26,7 @@ base-uclibc-linux-<cpu> uclibc-linux-<cpu> +@@ -10,6 +10,7 @@ base-uclibc-linux-<cpu> uclibc-linux-<cpu> eabihf-musl-linux-arm musl-linux-armhf eabi-musl-linux-arm musl-linux-armel base-musl-linux-<cpu> musl-linux-<cpu> +x32-musl-linux-amd64 x32 + ilp32-gnu-linux-arm64 arm64ilp32 eabihf-gnu-linux-arm armhf eabi-gnu-linux-arm armel - eabi-gnu-linux-armeb armeb +-- +2.7.4 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch index fc097e5a66..ef5f7c3ec3 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch @@ -1,8 +1,8 @@ -From 0cac67ce5920d6d0c9df4278bfa77da878a8a37a Mon Sep 17 00:00:00 2001 +From b4ea54158c399874e12394ebc91afe98954695e2 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Wed, 26 Aug 2015 16:16:16 +0300 -Subject: [PATCH] Adapt to linux-wrs kernel version, which has character '_' - inside. Remove the first-char-digit-check (as the 1.15.8.5 version does). +Subject: [PATCH 2/5] Adapt to linux-wrs kernel version, which has character + '_' inside. Remove the first-char-digit-check (as the 1.15.8.5 version does). Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> Signed-off-by: Constantin Musca <constantinx.musca@intel.com> @@ -32,4 +32,6 @@ index 63a36f55c..81901bd5a 100644 + if (!c_isdigit(*ptr) && !c_isalpha(*ptr) && strchr(".-+~_", *ptr) == NULL) return dpkg_put_warn(err, _("invalid character in revision number")); } - + +-- +2.11.0 diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch index 916c7dfb00..bd4d5d5353 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0003-Our-pre-postinsts-expect-D-to-be-set-when-running-in.patch @@ -1,4 +1,4 @@ -From b6c28222276704a1e1a544983e38dfa2f3fb481a Mon Sep 17 00:00:00 2001 +From ff325b35639a797edd92b373fbebf7b8b9f3f0c3 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Wed, 26 Aug 2015 16:25:45 +0300 Subject: [PATCH] Our pre/postinsts expect $D to be set when running in a @@ -11,12 +11,13 @@ RP 2011/12/07 ALIMON 2016/05/26 ALIMON 2017/02/21 KKang 2019/02/20 + --- src/main/script.c | 53 +++-------------------------------------------- 1 file changed, 3 insertions(+), 50 deletions(-) diff --git a/src/main/script.c b/src/main/script.c -index 017d92efe..181e7c710 100644 +index ecce4d842..16f4e6ff5 100644 --- a/src/main/script.c +++ b/src/main/script.c @@ -97,58 +97,11 @@ static const char * diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch index 35c0c246f6..bbd5aba418 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0004-The-lutimes-function-doesn-t-work-properly-for-all-s.patch @@ -1,7 +1,8 @@ -From 80ad29d22f8ca4033a6a79a726580fee17bdade9 Mon Sep 17 00:00:00 2001 +From adb6bfd0feeceaf030df0debe3343d7f73e708a0 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Wed, 26 Aug 2015 16:27:45 +0300 -Subject: [PATCH] The lutimes function doesn't work properly for all systems. +Subject: [PATCH 4/5] The lutimes function doesn't work properly for all + systems. Signed-off-by: Constantin Musca <constantinx.musca@intel.com> @@ -11,10 +12,10 @@ Upstream-Status: Inappropriate [embedded specific] 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/archives.c b/src/main/archives.c -index 7e399f922..ec3b6878f 100644 +index 92340b9..7a55c27 100644 --- a/src/main/archives.c +++ b/src/main/archives.c -@@ -491,8 +491,9 @@ tarobject_set_mtime(struct tar_entry *te, const char *path) +@@ -490,8 +490,9 @@ tarobject_set_mtime(struct tar_entry *te, const char *path) if (te->type == TAR_FILETYPE_SYMLINK) { #ifdef HAVE_LUTIMES @@ -25,3 +26,6 @@ index 7e399f922..ec3b6878f 100644 #endif } else { if (utimes(path, tv)) +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch index 8ac646b1a1..8797ea55c6 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0006-add-musleabi-to-known-target-tripets.patch @@ -1,10 +1,7 @@ -From 1c9e78dda91ba66fbd8fe02b66b6c603d08d3343 Mon Sep 17 00:00:00 2001 +From f8910022dc3ec622272f168cd0022dbdf6dff93a Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Wed, 30 Dec 2015 23:05:41 +0000 Subject: [PATCH] add musleabi to known target tripets -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit helps compiling dpkg for musl/arm-softfloat @@ -17,10 +14,10 @@ Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> 2 files changed, 2 insertions(+) diff --git a/data/ostable b/data/ostable -index 64f424490..860355774 100644 +index 99c1f889d..be6434271 100644 --- a/data/ostable +++ b/data/ostable -@@ -19,6 +19,7 @@ +@@ -17,6 +17,7 @@ eabi-uclibc-linux linux-uclibceabi linux[^-]*-uclibceabi base-uclibc-linux linux-uclibc linux[^-]*-uclibc eabihf-musl-linux linux-musleabihf linux[^-]*-musleabihf @@ -29,14 +26,17 @@ index 64f424490..860355774 100644 eabihf-gnu-linux linux-gnueabihf linux[^-]*-gnueabihf eabi-gnu-linux linux-gnueabi linux[^-]*-gnueabi diff --git a/data/tupletable b/data/tupletable -index 7436f8056..82ae3604e 100644 +index 5f500f6ca..28f00bfe6 100644 --- a/data/tupletable +++ b/data/tupletable -@@ -24,6 +24,7 @@ +@@ -8,6 +8,7 @@ eabi-uclibc-linux-arm uclibc-linux-armel base-uclibc-linux-<cpu> uclibc-linux-<cpu> eabihf-musl-linux-arm musl-linux-armhf +eabi-musl-linux-arm musl-linux-armel base-musl-linux-<cpu> musl-linux-<cpu> + ilp32-gnu-linux-arm64 arm64ilp32 eabihf-gnu-linux-arm armhf - eabi-gnu-linux-arm armel +-- +2.11.0 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch index 3d3a4f0bb9..117f9234ad 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch @@ -1,10 +1,7 @@ -From 6dd80236a91a505b5753bb74e5f1b47330d8b16b Mon Sep 17 00:00:00 2001 +From 8659eeeeda74d71e12080121f0b13a88cbdda433 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?An=C3=ADbal=20Lim=C3=B3n?= <anibal.limon@linux.intel.com> Date: Tue, 21 Feb 2017 11:23:27 -0600 Subject: [PATCH] dpkg-deb/build.c: Remove usage of --clamp-mtime in tar -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit Recently dpkg added --clamp-mtime to tar to create reproducible build tarballs [1]. @@ -27,10 +24,10 @@ Signed-off-by: Kai Kang <kai.kang@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/deb/build.c b/src/deb/build.c -index 1f0c050ee..92aba9553 100644 +index 5c74ff3..76613ad 100644 --- a/src/deb/build.c +++ b/src/deb/build.c -@@ -504,7 +504,7 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, +@@ -505,7 +505,7 @@ tarball_pack(const char *dir, filenames_feed_func *tar_filenames_feeder, command_init(&cmd, TAR, "tar -cf"); command_add_args(&cmd, "tar", "-cf", "-", "--format=gnu", @@ -39,3 +36,6 @@ index 1f0c050ee..92aba9553 100644 /* Mode might become a positional argument, pass it before -T. */ if (options->mode) command_add_args(&cmd, "--mode", options->mode, NULL); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/add_armeb_triplet_entry.patch b/poky/meta/recipes-devtools/dpkg/dpkg/add_armeb_triplet_entry.patch index cbdf01dbd9..d165616a19 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/add_armeb_triplet_entry.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/add_armeb_triplet_entry.patch @@ -1,11 +1,5 @@ -From 1c3a109df54b6092fa85a1fe2b7771e3b959655f Mon Sep 17 00:00:00 2001 -From: "Krishnanjanappa, Jagadeesh" - <jagadeesh.krishnanjanappa@caviumnetworks.com> -Date: Wed, 8 Apr 2015 18:08:14 +0530 -Subject: [PATCH] dpkg: add triplet entry to fix build error for armeb -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit +Author: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com> +Date: Wed Apr 8 18:08:14 2015 +0530 [PATCH] add armeb triplet entry into triplettable. @@ -31,19 +25,24 @@ Upstream-Status: Pending Signed-off-by: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com> Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> + --- data/tupletable | 1 + 1 file changed, 1 insertion(+) diff --git a/data/tupletable b/data/tupletable -index ae9f2ddb4..7436f8056 100644 +index b7802bec3..5f500f6ca 100644 --- a/data/tupletable +++ b/data/tupletable -@@ -27,6 +27,7 @@ eabihf-musl-linux-arm musl-linux-armhf - base-musl-linux-<cpu> musl-linux-<cpu> +@@ -12,6 +12,7 @@ base-musl-linux-<cpu> musl-linux-<cpu> + ilp32-gnu-linux-arm64 arm64ilp32 eabihf-gnu-linux-arm armhf eabi-gnu-linux-arm armel +eabi-gnu-linux-armeb armeb abin32-gnu-linux-mips64r6el mipsn32r6el abin32-gnu-linux-mips64r6 mipsn32r6 abin32-gnu-linux-mips64el mipsn32el +-- +2.11.0 + + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch b/poky/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch index df2cd88ca4..4e0d22acbb 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch @@ -1,8 +1,3 @@ -From bdf60ebbeb433a80e6cfcbde9d83d89564e79e20 Mon Sep 17 00:00:00 2001 -From: Joe Slater <jslater@windriver.com> -Date: Mon, 26 Aug 2013 23:38:45 +0000 -Subject: [PATCH] dpkg: fix configuration issue for mips64 - configure cannot determine the proper cpu, os, or architecture for mips64, and possibly other arch's because of faulty code added to Arch.pm in the latest @@ -11,15 +6,16 @@ release from upstream. We remove that code. Upstream-Status: Pending Signed-off-by: Joe Slater <jslater@windriver.com> + --- scripts/Dpkg/Arch.pm | 3 --- 1 file changed, 3 deletions(-) diff --git a/scripts/Dpkg/Arch.pm b/scripts/Dpkg/Arch.pm -index 0d352eeb9..4ef5fa307 100644 +index 1720847b8..6345ce3b9 100644 --- a/scripts/Dpkg/Arch.pm +++ b/scripts/Dpkg/Arch.pm -@@ -326,9 +326,6 @@ sub _load_tupletable() +@@ -323,9 +323,6 @@ sub _load_tupletable() (my $dt = $debtuple) =~ s/<cpu>/$_cpu/; (my $da = $debarch) =~ s/<cpu>/$_cpu/; @@ -29,3 +25,5 @@ index 0d352eeb9..4ef5fa307 100644 $debarch_to_debtuple{$da} = $dt; $debtuple_to_debarch{$dt} = $da; } +-- +2.11.0 diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/noman.patch b/poky/meta/recipes-devtools/dpkg/dpkg/noman.patch index e80549d740..6900716b11 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/noman.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/noman.patch @@ -1,15 +1,11 @@ -From 008ec5150dd086ffa3940cb520f1ca91939f138d Mon Sep 17 00:00:00 2001 -From: Chris Larson <kergoth@openedhand.com> -Date: Tue, 5 Sep 2006 07:24:58 +0000 -Subject: [PATCH] Add dpkg, modified from upstream oe. - Upstream-Status: Inappropriate [disable feature] + --- Makefile.am | 1 - 1 file changed, 1 deletion(-) diff --git a/Makefile.am b/Makefile.am -index 7186045d4..daca9faf2 100644 +index d963a10..7cef7f5 100644 --- a/Makefile.am +++ b/Makefile.am @@ -11,7 +11,6 @@ SUBDIRS = \ @@ -20,3 +16,6 @@ index 7186045d4..daca9faf2 100644 # EOL ACLOCAL_AMFLAGS = -I m4 +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/pager.patch b/poky/meta/recipes-devtools/dpkg/dpkg/pager.patch new file mode 100644 index 0000000000..e56b9d28af --- /dev/null +++ b/poky/meta/recipes-devtools/dpkg/dpkg/pager.patch @@ -0,0 +1,21 @@ +pager: Use less instead of pager + +pager is a Debianism. Istead use directly pager. + +Upstream-Status: Inappropriate [OE-Core integration specific] + +Suggested-by: Burton, Ross <ross.burton@intel.com> +Signed-off-by: Ricardo Ribalda <ricardo@ribalda.com> +diff --git a/lib/dpkg/dpkg.h b/lib/dpkg/dpkg.h +index 2bb067a..6cbce80 100644 +--- a/lib/dpkg/dpkg.h ++++ b/lib/dpkg/dpkg.h +@@ -95,7 +95,7 @@ DPKG_BEGIN_DECLS + #define MAXUPDATES 250 + + #define DEFAULTSHELL "sh" +-#define DEFAULTPAGER "pager" ++#define DEFAULTPAGER "less" + + #define MD5HASHLEN 32 + #define MAXTRIGDIRECTIVE 256 diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch b/poky/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch index 9307725e8b..ebf838ffe9 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch +++ b/poky/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch @@ -1,8 +1,4 @@ -From add92699ca1397205e1d7b46c3ab43de06b9a6c7 Mon Sep 17 00:00:00 2001 -From: Constantin Musca <constantinx.musca@intel.com> -Date: Tue, 28 Aug 2012 17:02:40 +0300 -Subject: [PATCH] busybox-1.19.4 tar utility doesn't support - --warning=no-timestamp +busybox-1.19.4 tar utility doesn't support --warning=no-timestamp Signed-off-by: Constantin Musca <constantinx.musca@intel.com> @@ -12,10 +8,10 @@ Upstream-Status: Inappropriate [configuration] 1 file changed, 1 deletion(-) diff --git a/src/deb/extract.c b/src/deb/extract.c -index 8b78a7eab..fd7595808 100644 +index a1b2dc0..95e2372 100644 --- a/src/deb/extract.c +++ b/src/deb/extract.c -@@ -338,7 +338,6 @@ extracthalf(const char *debar, const char *dir, +@@ -333,7 +333,6 @@ extracthalf(const char *debar, const char *dir, command_add_arg(&cmd, "-f"); command_add_arg(&cmd, "-"); @@ -23,3 +19,6 @@ index 8b78a7eab..fd7595808 100644 m_dup2(p2[0],0); close(p2[0]); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg_1.22.5.bb b/poky/meta/recipes-devtools/dpkg/dpkg_1.22.0.bb index 9f1d00e208..7eaae9f22e 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg_1.22.5.bb +++ b/poky/meta/recipes-devtools/dpkg/dpkg_1.22.0.bb @@ -12,11 +12,12 @@ SRC_URI = "git://salsa.debian.org/dpkg-team/dpkg.git;protocol=https;branch=main file://0006-add-musleabi-to-known-target-tripets.patch \ file://0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch \ file://0001-dpkg-Support-muslx32-build.patch \ + file://pager.patch \ file://0001-Add-support-for-riscv32-CPU.patch \ " SRC_URI:append:class-native = " file://0001-build.c-ignore-return-of-1-from-tar-cf.patch" -SRCREV = "1c92a4a8bfbeea30ceb0109b096c4ec845e3c6ce" +SRCREV = "744487c98a622b9b38c22c6ca330315af4a30a11" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/expect/expect/0001-Resolve-string-formatting-issues.patch b/poky/meta/recipes-devtools/expect/expect/0001-Resolve-string-formatting-issues.patch index af1d8c626c..bfb6dcd89a 100644 --- a/poky/meta/recipes-devtools/expect/expect/0001-Resolve-string-formatting-issues.patch +++ b/poky/meta/recipes-devtools/expect/expect/0001-Resolve-string-formatting-issues.patch @@ -3,7 +3,7 @@ From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Thu, 23 Mar 2017 13:44:41 +0200 Subject: [PATCH] Resolve string formatting issues. -Upstream-Status: Inappropriate [upstream seems dead] +Upstream-Status: Inactive-Upstream [no activity since 2018; cvs server went read-only] Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> --- exp_clib.c | 4 ++-- diff --git a/poky/meta/recipes-devtools/expect/expect/0001-configure.in.patch b/poky/meta/recipes-devtools/expect/expect/0001-configure.in.patch index 7595a254a8..618c4bee8e 100644 --- a/poky/meta/recipes-devtools/expect/expect/0001-configure.in.patch +++ b/poky/meta/recipes-devtools/expect/expect/0001-configure.in.patch @@ -1,7 +1,7 @@ Allow cross compiling. Signed-off-by: Anders Roxell <anders.roxell@enea.com> -Upstream-Status: Pending +Upstream-Status: Inactive-Upstream [no activity since 2018; cvs server went read-only] --- diff -uNr a/configure.in b/configure.in --- a/configure.in 2012-12-14 15:31:32.623180450 +0100 diff --git a/poky/meta/recipes-devtools/expect/expect/0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch b/poky/meta/recipes-devtools/expect/expect/0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch index 37512fb9bc..d73f4c3421 100644 --- a/poky/meta/recipes-devtools/expect/expect/0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch +++ b/poky/meta/recipes-devtools/expect/expect/0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch @@ -10,7 +10,7 @@ Aborted (core dumped) Use PATH_MAX to fix the problem. -Upstream-Status: Pending [Upstream seems dead] +Upstream-Status: Inactive-Upstream [no activity since 2018; cvs server went read-only] Signed-off-by: Robert Yang <liezhi.yang@windriver.com> --- diff --git a/poky/meta/recipes-devtools/expect/expect/0001-expect-Fix-segfaults-if-Tcl-is-built-with-stubs-and-.patch b/poky/meta/recipes-devtools/expect/expect/0001-expect-Fix-segfaults-if-Tcl-is-built-with-stubs-and-.patch index b1d322d5c9..40f7f3bd85 100644 --- a/poky/meta/recipes-devtools/expect/expect/0001-expect-Fix-segfaults-if-Tcl-is-built-with-stubs-and-.patch +++ b/poky/meta/recipes-devtools/expect/expect/0001-expect-Fix-segfaults-if-Tcl-is-built-with-stubs-and-.patch @@ -42,7 +42,7 @@ Example: } Author: Sergei Golovan <sgolovan@debian.org> -Upstream-Status: Pending +Upstream-Status: Inactive-Upstream [no activity since 2018; cvs server went read-only] This patch is backported from fedora changes for expect: http://pkgs.fedoraproject.org/cgit/rpms/expect.git/commit/ ?h=master&id=b6737eed550be93182f2ed194e836a6cbbcf4fa3 diff --git a/poky/meta/recipes-devtools/expect/expect/0002-tcl.m4.patch b/poky/meta/recipes-devtools/expect/expect/0002-tcl.m4.patch index dc4c6ba406..eb178f462a 100644 --- a/poky/meta/recipes-devtools/expect/expect/0002-tcl.m4.patch +++ b/poky/meta/recipes-devtools/expect/expect/0002-tcl.m4.patch @@ -1,7 +1,7 @@ Use proper -L path when cross compiling. Signed-off-by: Anders Roxell <anders.roxell@enea.com> -Upstream-Status: Pending +Upstream-Status: Inactive-Upstream [no activity since 2018; cvs server went read-only] --- diff -uNr a/tclconfig/tcl.m4 b/tclconfig/tcl.m4 --- a/tclconfig/tcl.m4 2012-12-14 09:16:58.789861281 +0100 diff --git a/poky/meta/recipes-devtools/expect/expect/expect-configure-c99.patch b/poky/meta/recipes-devtools/expect/expect/expect-configure-c99.patch new file mode 100644 index 0000000000..09bf180df7 --- /dev/null +++ b/poky/meta/recipes-devtools/expect/expect/expect-configure-c99.patch @@ -0,0 +1,201 @@ +Avoid calling exit without declaring the function. + +Add missing <string.h> include for memcpy. + +Use AC_TYPE_SIGNAL to fix REARM_SIG check. Add missing includes. + +Fix various implicit int return types of main. + +Upstream-Status: Submitted [https://sourceforge.net/p/expect/patches/24/] +Signed-off-by: Ross Burton <ross.burton@arm.com> + +diff --git a/configure.in b/configure.in +index 51558fa14d2bcf7e..055c88fbd8797eaa 100755 +--- a/configure.in ++++ b/configure.in +@@ -452,7 +452,11 @@ AC_CHECK_FUNC(siglongjmp, AC_DEFINE(HAVE_SIGLONGJMP)) + # because Unixware 2.0 handles it specially and refuses to compile + # autoconf's automatic test that is a call with no arguments + AC_MSG_CHECKING([for memcpy]) +-AC_TRY_LINK(,[ ++AC_TRY_LINK([ ++#ifdef HAVE_STRING_H ++#include <string.h> ++#endif ++],[ + char *s1, *s2; + memcpy(s1,s2,0); + ], +@@ -469,6 +473,7 @@ memcpy(s1,s2,0); + AC_MSG_CHECKING([if WNOHANG requires _POSIX_SOURCE]) + AC_TRY_RUN([ + #include <sys/wait.h> ++int + main() { + #ifndef WNOHANG + return 0; +@@ -489,6 +494,7 @@ rm -rf wnohang + AC_TRY_RUN([ + #include <stdio.h> + #include <sys/wait.h> ++int + main() { + #ifdef WNOHANG + FILE *fp = fopen("wnohang","w"); +@@ -527,16 +533,21 @@ else + AC_DEFINE(SELECT_MASK_TYPE, fd_set) + fi + +-dnl # Check for the data type of the function used in signal(). This +-dnl # must be before the test for rearming. +-dnl # echo checking return type of signal handlers +-dnl AC_HEADER_EGREP([(void|sighandler_t).*signal], signal.h, retsigtype=void,AC_DEFINE(RETSIGTYPE, int) retsigtype=int) ++AC_TYPE_SIGNAL + + # FIXME: check if alarm exists + AC_MSG_CHECKING([if signals need to be re-armed]) + AC_TRY_RUN([ + #include <signal.h> +-#define RETSIGTYPE $retsigtype ++#ifdef HAVE_STDLIB_H ++# include <stdlib.h> ++#endif ++#ifdef HAVE_UNISTD_H ++# include <unistd.h> ++#endif ++#ifndef NO_SYS_WAIT_H ++# include <sys/wait.h> ++#endif + + int signal_rearms = 0; + +@@ -553,6 +564,7 @@ int n; + signal_rearms++; + } + ++int + main() + { + signal(SIGINT,parent_sigint_handler); +@@ -714,10 +726,11 @@ fi + AC_MSG_CHECKING([for struct sgttyb]) + AC_TRY_RUN([ + #include <sgtty.h> ++int + main() + { + struct sgttyb tmp; +- exit(0); ++ return 0; + }], + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_SGTTYB) +@@ -738,10 +751,11 @@ if test $mach -eq 0 ; then + # pty_termios.c is set up to handle pty_termio. + AC_MSG_CHECKING([for struct termio]) + AC_TRY_RUN([#include <termio.h> ++ int + main() + { + struct termio tmp; +- exit(0); ++ return 0; + }], + AC_DEFINE(HAVE_TERMIO) + PTY_TYPE=termios +@@ -760,10 +774,11 @@ if test $mach -eq 0 ; then + # include <inttypes.h> + # endif + # include <termios.h> ++ int + main() + { + struct termios tmp; +- exit(0); ++ return 0; + }], + AC_DEFINE(HAVE_TERMIOS) + PTY_TYPE=termios +@@ -782,6 +797,7 @@ AC_TRY_RUN([ + #include <inttypes.h> + #endif + #include <termios.h> ++int + main() { + #if defined(TCGETS) || defined(TCGETA) + return 0; +@@ -804,6 +820,7 @@ AC_TRY_RUN([ + #include <inttypes.h> + #endif + #include <termios.h> ++int + main() { + #ifdef TIOCGWINSZ + return 0; +@@ -823,6 +840,7 @@ main() { + AC_MSG_CHECKING([for Cray-style ptys]) + SETUID=":" + AC_TRY_RUN([ ++int + main(){ + #ifdef CRAY + return 0; +@@ -878,12 +896,13 @@ AC_MSG_CHECKING([for SV-style timezone]) + AC_TRY_RUN([ + extern char *tzname[2]; + extern int daylight; ++int + main() + { + int *x = &daylight; + char **y = tzname; + +- exit(0); ++ return 0; + }], + AC_DEFINE(HAVE_SV_TIMEZONE) + AC_MSG_RESULT(yes), +diff --git a/tclconfig/tcl.m4 b/tclconfig/tcl.m4 +index 0689cab3da994068..ebe839e5553ba520 100644 +--- a/tclconfig/tcl.m4 ++++ b/tclconfig/tcl.m4 +@@ -2400,7 +2400,7 @@ AC_DEFUN([TEA_TIME_HANDLER], [ + AC_TRY_COMPILE([#include <time.h>], + [extern long timezone; + timezone += 1; +- exit (0);], ++ return 0;], + tcl_cv_timezone_long=yes, tcl_cv_timezone_long=no)]) + if test $tcl_cv_timezone_long = yes ; then + AC_DEFINE(HAVE_TIMEZONE_VAR, 1, [Should we use the global timezone variable?]) +@@ -2412,7 +2412,7 @@ AC_DEFUN([TEA_TIME_HANDLER], [ + AC_TRY_COMPILE([#include <time.h>], + [extern time_t timezone; + timezone += 1; +- exit (0);], ++ return 0;], + tcl_cv_timezone_time=yes, tcl_cv_timezone_time=no)]) + if test $tcl_cv_timezone_time = yes ; then + AC_DEFINE(HAVE_TIMEZONE_VAR, 1, [Should we use the global timezone variable?]) +@@ -2452,17 +2452,17 @@ AC_DEFUN([TEA_BUGGY_STRTOD], [ + double value; + value = strtod(infString, &term); + if ((term != infString) && (term[-1] == 0)) { +- exit(1); ++ return 1; + } + value = strtod(nanString, &term); + if ((term != nanString) && (term[-1] == 0)) { +- exit(1); ++ return 1; + } + value = strtod(spaceString, &term); + if (term == (spaceString+1)) { +- exit(1); ++ return 1; + } +- exit(0); ++ return 0; + }], tcl_cv_strtod_buggy=ok, tcl_cv_strtod_buggy=buggy, + tcl_cv_strtod_buggy=buggy)]) + if test "$tcl_cv_strtod_buggy" = buggy; then diff --git a/poky/meta/recipes-devtools/expect/expect_5.45.4.bb b/poky/meta/recipes-devtools/expect/expect_5.45.4.bb index 7b610b1ff2..174b35ec73 100644 --- a/poky/meta/recipes-devtools/expect/expect_5.45.4.bb +++ b/poky/meta/recipes-devtools/expect/expect_5.45.4.bb @@ -27,6 +27,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/expect/Expect/${PV}/${BPN}${PV}.tar.gz \ file://0001-exp_main_sub.c-Use-PATH_MAX-for-path.patch \ file://0001-fixline1-fix-line-1.patch \ file://0001-Add-prototype-to-function-definitions.patch \ + file://expect-configure-c99.patch \ file://run-ptest \ " SRC_URI[md5sum] = "00fce8de158422f5ccd2666512329bd2" @@ -81,3 +82,7 @@ FILES:${PN} += "${libdir}/libexpect${PV}.so \ " BBCLASSEXTEND = "native nativesdk" + +# http://errors.yoctoproject.org/Errors/Details/766950/ +# expect5.45.4/exp_chan.c:62:5: error: initialization of 'struct Tcl_ChannelTypeVersion_ *' from incompatible pointer type 'int (*)(void *, int)' [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch new file mode 100644 index 0000000000..095d00b1e2 --- /dev/null +++ b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch @@ -0,0 +1,46 @@ +From e7f9c9909c27d6ceed5aa4ca17023a1bc94b620a Mon Sep 17 00:00:00 2001 +From: Rod Smith <rodsmith@rodsbooks.com> +Date: Fri, 15 Apr 2022 18:10:14 -0400 +Subject: [PATCH] Fix failure & crash of sgdisk when compiled with latest popt + (commit 740; presumably eventually release 1.19) + +Upstream-Status: Backport [https://sourceforge.net/p/gptfdisk/code/ci/5d5e76d369a412bfb3d2cebb5fc0a7509cef878d/] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + NEWS | 8 ++++++++ + gptcl.cc | 2 +- + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index c7add56..9e153fd 100644 +--- a/NEWS ++++ b/NEWS +@@ -1,3 +1,11 @@ ++1.0.10 (?/??/2022): ++------------------- ++ ++- Fixed problem that caused sgdisk to crash with errors about being unable ++ to read the disk's partition table when compiled with the latest popt ++ (commit 740, which is pre-release as I type; presumably version 1.19 and ++ later once released). ++ + 1.0.9 (4/14/2022): + ------------------ + +diff --git a/gptcl.cc b/gptcl.cc +index 34c9421..0d578eb 100644 +--- a/gptcl.cc ++++ b/gptcl.cc +@@ -155,7 +155,7 @@ int GPTDataCL::DoOptions(int argc, char* argv[]) { + } // while + + // Assume first non-option argument is the device filename.... +- device = (char*) poptGetArg(poptCon); ++ device = strdup((char*) poptGetArg(poptCon)); + poptResetContext(poptCon); + + if (device != NULL) { +-- +2.35.5 + diff --git a/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Updated-guid.cc-to-deal-with-minor-change-in-libuuid.patch b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Updated-guid.cc-to-deal-with-minor-change-in-libuuid.patch new file mode 100644 index 0000000000..f358081092 --- /dev/null +++ b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Updated-guid.cc-to-deal-with-minor-change-in-libuuid.patch @@ -0,0 +1,27 @@ +From c640d9011a8330ebaad501784fb0ee1ce5e7a5ef Mon Sep 17 00:00:00 2001 +From: Rod Smith <rodsmith@rodsbooks.com> +Date: Sat, 16 Apr 2022 09:32:04 -0400 +Subject: [PATCH] Updated guid.cc to deal with minor change in libuuid + +Upstream-Status: Backport [https://sourceforge.net/p/gptfdisk/code/ci/6a8416cbd12d55f882bb751993b94f72d338d96f/] +Signed-off-by: Peter Bergin <peter@berginkonsult.se> +--- + guid.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/guid.cc b/guid.cc +index 1e73ab7..d3e4fd5 100644 +--- a/guid.cc ++++ b/guid.cc +@@ -141,7 +141,7 @@ void GUIDData::Zero(void) { + void GUIDData::Randomize(void) { + int i, uuidGenerated = 0; + +-#ifdef _UUID_UUID_H ++#if defined (_UUID_UUID_H) || defined (_UL_LIBUUID_UUID_H) + uuid_generate(uuidData); + ReverseBytes(&uuidData[0], 4); + ReverseBytes(&uuidData[4], 2); +-- +2.34.1 + diff --git a/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Use-64bit-time_t-on-linux-as-well.patch b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Use-64bit-time_t-on-linux-as-well.patch new file mode 100644 index 0000000000..80e6f1bc9c --- /dev/null +++ b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-Use-64bit-time_t-on-linux-as-well.patch @@ -0,0 +1,32 @@ +From cbdbabcc14e4ae4debcc64e41c0bb97d47b4eeef Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 12 Dec 2022 12:50:07 -0800 +Subject: [PATCH] Use 64bit time_t on linux as well + +Alias 64bit version of stat functions to original functions +we are already passing -D_FILE_OFFSET_BITS=64 in linux Makefile + +Upstream-Status: Submitted [https://sourceforge.net/p/gptfdisk/code/merge-requests/29/] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + diskio-unix.cc | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/diskio-unix.cc b/diskio-unix.cc +index 7780aeb..0897c56 100644 +--- a/diskio-unix.cc ++++ b/diskio-unix.cc +@@ -37,8 +37,12 @@ + + using namespace std; + +-#ifdef __APPLE__ ++#if defined(__APPLE__) || defined(__linux__) + #define off64_t off_t ++#define stat64 stat ++#define fstat64 fstat ++#define lstat64 lstat ++#define lseek64 lseek + #endif + + // Returns the official "real" name for a shortened version of same. diff --git a/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-gptcurses-correctly-include-curses.h.patch b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-gptcurses-correctly-include-curses.h.patch index 011eec36f9..266afbfa11 100644 --- a/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-gptcurses-correctly-include-curses.h.patch +++ b/poky/meta/recipes-devtools/fdisk/gptfdisk/0001-gptcurses-correctly-include-curses.h.patch @@ -1,16 +1,17 @@ -From 510d0d27f90dfb1c4afd0722580bb8a828b52b7f Mon Sep 17 00:00:00 2001 +From 6bc6e867c5b3a774c0d7819ee5a3d2885e97caa9 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Mon, 30 Mar 2020 17:11:19 +0200 Subject: [PATCH] gptcurses: correctly include curses.h Upstream-Status: Inappropriate [oe-core specific] Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> + --- gptcurses.cc | 4 ---- 1 file changed, 4 deletions(-) diff --git a/gptcurses.cc b/gptcurses.cc -index b476700..476fc43 100644 +index 71aa734..4ebfde1 100644 --- a/gptcurses.cc +++ b/gptcurses.cc @@ -23,11 +23,7 @@ diff --git a/poky/meta/recipes-devtools/fdisk/gptfdisk/popt-1.19-follow-up.patch b/poky/meta/recipes-devtools/fdisk/gptfdisk/popt-1.19-follow-up.patch new file mode 100644 index 0000000000..c7fa965ec9 --- /dev/null +++ b/poky/meta/recipes-devtools/fdisk/gptfdisk/popt-1.19-follow-up.patch @@ -0,0 +1,41 @@ +From f5de3401b974ce103ffd93af8f9d43505a04aaf9 Mon Sep 17 00:00:00 2001 +From: Damian Kurek <starfire24680@gmail.com> +Date: Thu, 7 Jul 2022 03:39:16 +0000 +Subject: [PATCH] Fix NULL dereference when duplicating string argument + +poptGetArg can return NULL if there are no additional arguments, which +makes strdup dereference NULL on strlen + +Upstream-Status: Submitted [https://sourceforge.net/p/gptfdisk/code/merge-requests/28/] + +--- + gptcl.cc | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/gptcl.cc b/gptcl.cc +index 0d578eb..ab95239 100644 +--- a/gptcl.cc ++++ b/gptcl.cc +@@ -155,10 +155,11 @@ int GPTDataCL::DoOptions(int argc, char* argv[]) { + } // while + + // Assume first non-option argument is the device filename.... +- device = strdup((char*) poptGetArg(poptCon)); +- poptResetContext(poptCon); ++ device = (char*) poptGetArg(poptCon); + + if (device != NULL) { ++ device = strdup(device); ++ poptResetContext(poptCon); + JustLooking(); // reset as necessary + BeQuiet(); // Tell called functions to be less verbose & interactive + if (LoadPartitions((string) device)) { +@@ -498,6 +499,7 @@ int GPTDataCL::DoOptions(int argc, char* argv[]) { + cerr << "Error encountered; not saving changes.\n"; + retval = 4; + } // if ++ free(device); + } // if (device != NULL) + poptFreeContext(poptCon); + return retval; + diff --git a/poky/meta/recipes-devtools/fdisk/gptfdisk_1.0.10.bb b/poky/meta/recipes-devtools/fdisk/gptfdisk_1.0.9.bb index ba891931ac..cf0a60a1a9 100644 --- a/poky/meta/recipes-devtools/fdisk/gptfdisk_1.0.10.bb +++ b/poky/meta/recipes-devtools/fdisk/gptfdisk_1.0.9.bb @@ -9,8 +9,12 @@ DEPENDS = "util-linux" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${PV}/${BP}.tar.gz \ file://0001-gptcurses-correctly-include-curses.h.patch \ + file://0001-Updated-guid.cc-to-deal-with-minor-change-in-libuuid.patch \ + file://0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch \ + file://0001-Use-64bit-time_t-on-linux-as-well.patch \ + file://popt-1.19-follow-up.patch \ " -SRC_URI[sha256sum] = "2abed61bc6d2b9ec498973c0440b8b804b7a72d7144069b5a9209b2ad693a282" +SRC_URI[sha256sum] = "dafead2693faeb8e8b97832b23407f6ed5b3219bc1784f482dd855774e2d50c2" UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/gptfdisk/files/gptfdisk/" UPSTREAM_CHECK_REGEX = "/gptfdisk/(?P<pver>(\d+[\.\-_]*)+)/" diff --git a/poky/meta/recipes-devtools/gcc/gcc-13.2.inc b/poky/meta/recipes-devtools/gcc/gcc-13.3.inc index 603377a49a..90f5ef88a9 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-13.2.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-13.3.inc @@ -2,11 +2,11 @@ require gcc-common.inc # Third digit in PV should be incremented after a minor release -PV = "13.2.0" +PV = "13.3.0" # BINV should be incremented to a revision after a minor gcc release -BINV = "13.2.0" +BINV = "13.3.0" FILESEXTRAPATHS =. "${FILE_DIRNAME}/gcc:${FILE_DIRNAME}/gcc/backport:" @@ -65,11 +65,9 @@ SRC_URI = "${BASEURI} \ file://0023-Fix-install-path-of-linux64.h.patch \ file://0024-Avoid-hardcoded-build-paths-into-ppc-libgcc.patch \ file://0025-gcc-testsuite-tweaks-for-mips-OE.patch \ - file://CVE-2023-4039.patch \ - file://0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch \ file://0027-Fix-gcc-vect-module-testcases.patch \ " -SRC_URI[sha256sum] = "e275e76442a6067341a27f04c5c6b83d8613144004c0413528863dc6b5c743da" +SRC_URI[sha256sum] = "0845e9621c9543a13f484e94584a49ffc0129970e9914624235fc1d061a0c083" S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/${SOURCEDIR}" B = "${WORKDIR}/gcc-${PV}/build.${HOST_SYS}.${TARGET_SYS}" diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_13.3.bb index bf53c5cd78..bf53c5cd78 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc-cross_13.3.bb index b43cca0c52..b43cca0c52 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-cross_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-cross_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-crosssdk_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc-crosssdk_13.3.bb index 40a6c4feff..40a6c4feff 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-crosssdk_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-crosssdk_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-runtime.inc b/poky/meta/recipes-devtools/gcc/gcc-runtime.inc index dbc9141000..89b0bebcfb 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-runtime.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-runtime.inc @@ -92,7 +92,7 @@ do_install () { mv ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/include/* ${D}${libdir}/${TARGET_SYS}/${BINV}/include rmdir --ignore-fail-on-non-empty -p ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/include fi - rm -rf ${D}${infodir}/libgomp.info ${D}${infodir}/dir + rm -rf ${D}${infodir}/libgomp.info* ${D}${infodir}/dir rm -rf ${D}${infodir}/libitm.info ${D}${infodir}/dir rm -rf ${D}${infodir}/libquadmath.info ${D}${infodir}/dir if [ -d ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/finclude ]; then diff --git a/poky/meta/recipes-devtools/gcc/gcc-runtime_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc-runtime_13.3.bb index dd430b57eb..dd430b57eb 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-runtime_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-runtime_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-sanitizers_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc-sanitizers_13.3.bb index 8bda2ccad6..8bda2ccad6 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-sanitizers_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-sanitizers_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-source_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc-source_13.3.bb index b890fa33ea..b890fa33ea 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-source_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-source_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc/0007-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch b/poky/meta/recipes-devtools/gcc/gcc/0007-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch index 079142c540..b0b77dbfa0 100644 --- a/poky/meta/recipes-devtools/gcc/gcc/0007-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch +++ b/poky/meta/recipes-devtools/gcc/gcc/0007-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch @@ -165,16 +165,21 @@ diff --git a/gcc/config/loongarch/gnu-user.h b/gcc/config/loongarch/gnu-user.h index aecaa02a199..62f88f7f9a2 100644 --- a/gcc/config/loongarch/gnu-user.h +++ b/gcc/config/loongarch/gnu-user.h -@@ -31,11 +31,11 @@ along with GCC; see the file COPYING3. If not see +@@ -31,16 +31,16 @@ along with GCC; see the file COPYING3. If not see #undef GLIBC_DYNAMIC_LINKER #define GLIBC_DYNAMIC_LINKER \ - "/lib" ABI_GRLEN_SPEC "/ld-linux-loongarch-" ABI_SPEC ".so.1" + SYSTEMLIBS_DIR "ld-linux-loongarch-" ABI_SPEC ".so.1" + + #define MUSL_ABI_SPEC \ + "%{mabi=lp64d:}" \ + "%{mabi=lp64f:-sp}" \ + "%{mabi=lp64s:-sf}" #undef MUSL_DYNAMIC_LINKER #define MUSL_DYNAMIC_LINKER \ -- "/lib" ABI_GRLEN_SPEC "/ld-musl-loongarch-" ABI_SPEC ".so.1" +- "/lib/ld-musl-loongarch" ABI_GRLEN_SPEC MUSL_ABI_SPEC ".so.1" + SYSTEMLIBS_DIR "ld-musl-loongarch-" ABI_SPEC ".so.1" #undef GNU_USER_TARGET_LINK_SPEC diff --git a/poky/meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch b/poky/meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch deleted file mode 100644 index a408a98698..0000000000 --- a/poky/meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch +++ /dev/null @@ -1,117 +0,0 @@ -From adb60dc78e0da4877747f32347cee339364775be Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Fri, 15 Sep 2023 09:19:14 +0100 -Subject: [PATCH] aarch64: Fix loose ldpstp check [PR111411] - -aarch64_operands_ok_for_ldpstp contained the code: - - /* One of the memory accesses must be a mempair operand. - If it is not the first one, they need to be swapped by the - peephole. */ - if (!aarch64_mem_pair_operand (mem_1, GET_MODE (mem_1)) - && !aarch64_mem_pair_operand (mem_2, GET_MODE (mem_2))) - return false; - -But the requirement isn't just that one of the accesses must be a -valid mempair operand. It's that the lower access must be, since -that's the access that will be used for the instruction operand. - -gcc/ - PR target/111411 - * config/aarch64/aarch64.cc (aarch64_operands_ok_for_ldpstp): Require - the lower memory access to a mem-pair operand. - -gcc/testsuite/ - PR target/111411 - * gcc.dg/rtl/aarch64/pr111411.c: New test. - -Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=2d38f45bcca62ca0c7afef4b579f82c5c2a01610] -Signed-off-by: Martin Jansa <martin.jansa@gmail.com> ---- - gcc/config/aarch64/aarch64.cc | 8 ++- - gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c | 57 +++++++++++++++++++++ - 2 files changed, 60 insertions(+), 5 deletions(-) - create mode 100644 gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 6118a3354ac..9b1f791ca8b 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -26154,11 +26154,9 @@ aarch64_operands_ok_for_ldpstp (rtx *operands, bool load, - gcc_assert (known_eq (GET_MODE_SIZE (GET_MODE (mem_1)), - GET_MODE_SIZE (GET_MODE (mem_2)))); - -- /* One of the memory accesses must be a mempair operand. -- If it is not the first one, they need to be swapped by the -- peephole. */ -- if (!aarch64_mem_pair_operand (mem_1, GET_MODE (mem_1)) -- && !aarch64_mem_pair_operand (mem_2, GET_MODE (mem_2))) -+ /* The lower memory access must be a mem-pair operand. */ -+ rtx lower_mem = reversed ? mem_2 : mem_1; -+ if (!aarch64_mem_pair_operand (lower_mem, GET_MODE (lower_mem))) - return false; - - if (REG_P (reg_1) && FP_REGNUM_P (REGNO (reg_1))) -diff --git a/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c b/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c -new file mode 100644 -index 00000000000..ad07e9c6c89 ---- /dev/null -+++ b/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c -@@ -0,0 +1,57 @@ -+/* { dg-do compile { target aarch64*-*-* } } */ -+/* { dg-require-effective-target lp64 } */ -+/* { dg-options "-O -fdisable-rtl-postreload -fpeephole2 -fno-schedule-fusion" } */ -+ -+extern int data[]; -+ -+void __RTL (startwith ("ira")) foo (void *ptr) -+{ -+ (function "foo" -+ (param "ptr" -+ (DECL_RTL (reg/v:DI <0> [ ptr ])) -+ (DECL_RTL_INCOMING (reg/v:DI x0 [ ptr ])) -+ ) ;; param "ptr" -+ (insn-chain -+ (block 2 -+ (edge-from entry (flags "FALLTHRU")) -+ (cnote 3 [bb 2] NOTE_INSN_BASIC_BLOCK) -+ (insn 4 (set (reg:DI <0>) (reg:DI x0))) -+ (insn 5 (set (reg:DI <1>) -+ (plus:DI (reg:DI <0>) (const_int 768)))) -+ (insn 6 (set (mem:SI (plus:DI (reg:DI <0>) -+ (const_int 508)) [1 &data+508 S4 A4]) -+ (const_int 0))) -+ (insn 7 (set (mem:SI (plus:DI (reg:DI <1>) -+ (const_int -256)) [1 &data+512 S4 A4]) -+ (const_int 0))) -+ (edge-to exit (flags "FALLTHRU")) -+ ) ;; block 2 -+ ) ;; insn-chain -+ ) ;; function -+} -+ -+void __RTL (startwith ("ira")) bar (void *ptr) -+{ -+ (function "bar" -+ (param "ptr" -+ (DECL_RTL (reg/v:DI <0> [ ptr ])) -+ (DECL_RTL_INCOMING (reg/v:DI x0 [ ptr ])) -+ ) ;; param "ptr" -+ (insn-chain -+ (block 2 -+ (edge-from entry (flags "FALLTHRU")) -+ (cnote 3 [bb 2] NOTE_INSN_BASIC_BLOCK) -+ (insn 4 (set (reg:DI <0>) (reg:DI x0))) -+ (insn 5 (set (reg:DI <1>) -+ (plus:DI (reg:DI <0>) (const_int 768)))) -+ (insn 6 (set (mem:SI (plus:DI (reg:DI <1>) -+ (const_int -256)) [1 &data+512 S4 A4]) -+ (const_int 0))) -+ (insn 7 (set (mem:SI (plus:DI (reg:DI <0>) -+ (const_int 508)) [1 &data+508 S4 A4]) -+ (const_int 0))) -+ (edge-to exit (flags "FALLTHRU")) -+ ) ;; block 2 -+ ) ;; insn-chain -+ ) ;; function -+} diff --git a/poky/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch b/poky/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch deleted file mode 100644 index 81b5067c33..0000000000 --- a/poky/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch +++ /dev/null @@ -1,3093 +0,0 @@ -From: Richard Sandiford <richard.sandiford@arm.com> -Subject: [PATCH 00/19] aarch64: Fix -fstack-protector issue -Date: Tue, 12 Sep 2023 16:25:10 +0100 - -This series of patches fixes deficiencies in GCC's -fstack-protector -implementation for AArch64 when using dynamically allocated stack space. -This is CVE-2023-4039. See: - -https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 -https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf - -for more details. - -The fix is to put the saved registers above the locals area when --fstack-protector is used. - -The series also fixes a stack-clash problem that I found while working -on the CVE. In unpatched sources, the stack-clash problem would only -trigger for unrealistic numbers of arguments (8K 64-bit arguments, or an -equivalent). But it would be a more significant issue with the new --fstack-protector frame layout. It's therefore important that both -problems are fixed together. - -Some reorganisation of the code seemed necessary to fix the problems in a -cleanish way. The series is therefore quite long, but only a handful of -patches should have any effect on code generation. - -See the individual patches for a detailed description. - -Tested on aarch64-linux-gnu. Pushed to trunk and to all active branches. -I've also pushed backports to GCC 7+ to vendors/ARM/heads/CVE-2023-4039. - -CVE: CVE-2023-4039 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - - -From 71a2aa2127283f450c623d3604dbcabe0e14a8d4 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:12 +0100 -Subject: [PATCH 01/19] aarch64: Use local frame vars in shrink-wrapping code - -aarch64_layout_frame uses a shorthand for referring to -cfun->machine->frame: - - aarch64_frame &frame = cfun->machine->frame; - -This patch does the same for some other heavy users of the structure. -No functional change intended. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_save_callee_saves): Use - a local shorthand for cfun->machine->frame. - (aarch64_restore_callee_saves, aarch64_get_separate_components): - (aarch64_process_components): Likewise. - (aarch64_allocate_and_probe_stack_space): Likewise. - (aarch64_expand_prologue, aarch64_expand_epilogue): Likewise. - (aarch64_layout_frame): Use existing shorthand for one more case. ---- - gcc/config/aarch64/aarch64.cc | 123 ++++++++++++++++++---------------- - 1 file changed, 64 insertions(+), 59 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 822a2b49a46..5d473d161d9 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8612,7 +8612,7 @@ aarch64_layout_frame (void) - frame.is_scs_enabled - = (!crtl->calls_eh_return - && sanitize_flags_p (SANITIZE_SHADOW_CALL_STACK) -- && known_ge (cfun->machine->frame.reg_offset[LR_REGNUM], 0)); -+ && known_ge (frame.reg_offset[LR_REGNUM], 0)); - - /* When shadow call stack is enabled, the scs_pop in the epilogue will - restore x30, and we don't need to pop x30 again in the traditional -@@ -9078,6 +9078,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - unsigned start, unsigned limit, bool skip_wb, - bool hard_fp_valid_p) - { -+ aarch64_frame &frame = cfun->machine->frame; - rtx_insn *insn; - unsigned regno; - unsigned regno2; -@@ -9092,8 +9093,8 @@ aarch64_save_callee_saves (poly_int64 start_offset, - bool frame_related_p = aarch64_emit_cfi_for_reg_p (regno); - - if (skip_wb -- && (regno == cfun->machine->frame.wb_push_candidate1 -- || regno == cfun->machine->frame.wb_push_candidate2)) -+ && (regno == frame.wb_push_candidate1 -+ || regno == frame.wb_push_candidate2)) - continue; - - if (cfun->machine->reg_is_wrapped_separately[regno]) -@@ -9101,7 +9102,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + cfun->machine->frame.reg_offset[regno]; -+ offset = start_offset + frame.reg_offset[regno]; - rtx base_rtx = stack_pointer_rtx; - poly_int64 sp_offset = offset; - -@@ -9114,7 +9115,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - { - gcc_assert (known_eq (start_offset, 0)); - poly_int64 fp_offset -- = cfun->machine->frame.below_hard_fp_saved_regs_size; -+ = frame.below_hard_fp_saved_regs_size; - if (hard_fp_valid_p) - base_rtx = hard_frame_pointer_rtx; - else -@@ -9136,8 +9137,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - && (regno2 = aarch64_next_callee_save (regno + 1, limit)) <= limit - && !cfun->machine->reg_is_wrapped_separately[regno2] - && known_eq (GET_MODE_SIZE (mode), -- cfun->machine->frame.reg_offset[regno2] -- - cfun->machine->frame.reg_offset[regno])) -+ frame.reg_offset[regno2] - frame.reg_offset[regno])) - { - rtx reg2 = gen_rtx_REG (mode, regno2); - rtx mem2; -@@ -9187,6 +9187,7 @@ static void - aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - unsigned limit, bool skip_wb, rtx *cfi_ops) - { -+ aarch64_frame &frame = cfun->machine->frame; - unsigned regno; - unsigned regno2; - poly_int64 offset; -@@ -9203,13 +9204,13 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - rtx reg, mem; - - if (skip_wb -- && (regno == cfun->machine->frame.wb_pop_candidate1 -- || regno == cfun->machine->frame.wb_pop_candidate2)) -+ && (regno == frame.wb_pop_candidate1 -+ || regno == frame.wb_pop_candidate2)) - continue; - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + cfun->machine->frame.reg_offset[regno]; -+ offset = start_offset + frame.reg_offset[regno]; - rtx base_rtx = stack_pointer_rtx; - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, -@@ -9220,8 +9221,7 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - && (regno2 = aarch64_next_callee_save (regno + 1, limit)) <= limit - && !cfun->machine->reg_is_wrapped_separately[regno2] - && known_eq (GET_MODE_SIZE (mode), -- cfun->machine->frame.reg_offset[regno2] -- - cfun->machine->frame.reg_offset[regno])) -+ frame.reg_offset[regno2] - frame.reg_offset[regno])) - { - rtx reg2 = gen_rtx_REG (mode, regno2); - rtx mem2; -@@ -9326,6 +9326,7 @@ offset_12bit_unsigned_scaled_p (machine_mode mode, poly_int64 offset) - static sbitmap - aarch64_get_separate_components (void) - { -+ aarch64_frame &frame = cfun->machine->frame; - sbitmap components = sbitmap_alloc (LAST_SAVED_REGNUM + 1); - bitmap_clear (components); - -@@ -9342,18 +9343,18 @@ aarch64_get_separate_components (void) - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - continue; - -- poly_int64 offset = cfun->machine->frame.reg_offset[regno]; -+ poly_int64 offset = frame.reg_offset[regno]; - - /* If the register is saved in the first SVE save slot, we use - it as a stack probe for -fstack-clash-protection. */ - if (flag_stack_clash_protection -- && maybe_ne (cfun->machine->frame.below_hard_fp_saved_regs_size, 0) -+ && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) - && known_eq (offset, 0)) - continue; - - /* Get the offset relative to the register we'll use. */ - if (frame_pointer_needed) -- offset -= cfun->machine->frame.below_hard_fp_saved_regs_size; -+ offset -= frame.below_hard_fp_saved_regs_size; - else - offset += crtl->outgoing_args_size; - -@@ -9372,11 +9373,11 @@ aarch64_get_separate_components (void) - /* If the spare predicate register used by big-endian SVE code - is call-preserved, it must be saved in the main prologue - before any saves that use it. */ -- if (cfun->machine->frame.spare_pred_reg != INVALID_REGNUM) -- bitmap_clear_bit (components, cfun->machine->frame.spare_pred_reg); -+ if (frame.spare_pred_reg != INVALID_REGNUM) -+ bitmap_clear_bit (components, frame.spare_pred_reg); - -- unsigned reg1 = cfun->machine->frame.wb_push_candidate1; -- unsigned reg2 = cfun->machine->frame.wb_push_candidate2; -+ unsigned reg1 = frame.wb_push_candidate1; -+ unsigned reg2 = frame.wb_push_candidate2; - /* If registers have been chosen to be stored/restored with - writeback don't interfere with them to avoid having to output explicit - stack adjustment instructions. */ -@@ -9485,6 +9486,7 @@ aarch64_get_next_set_bit (sbitmap bmp, unsigned int start) - static void - aarch64_process_components (sbitmap components, bool prologue_p) - { -+ aarch64_frame &frame = cfun->machine->frame; - rtx ptr_reg = gen_rtx_REG (Pmode, frame_pointer_needed - ? HARD_FRAME_POINTER_REGNUM - : STACK_POINTER_REGNUM); -@@ -9499,9 +9501,9 @@ aarch64_process_components (sbitmap components, bool prologue_p) - machine_mode mode = aarch64_reg_save_mode (regno); - - rtx reg = gen_rtx_REG (mode, regno); -- poly_int64 offset = cfun->machine->frame.reg_offset[regno]; -+ poly_int64 offset = frame.reg_offset[regno]; - if (frame_pointer_needed) -- offset -= cfun->machine->frame.below_hard_fp_saved_regs_size; -+ offset -= frame.below_hard_fp_saved_regs_size; - else - offset += crtl->outgoing_args_size; - -@@ -9526,14 +9528,14 @@ aarch64_process_components (sbitmap components, bool prologue_p) - break; - } - -- poly_int64 offset2 = cfun->machine->frame.reg_offset[regno2]; -+ poly_int64 offset2 = frame.reg_offset[regno2]; - /* The next register is not of the same class or its offset is not - mergeable with the current one into a pair. */ - if (aarch64_sve_mode_p (mode) - || !satisfies_constraint_Ump (mem) - || GP_REGNUM_P (regno) != GP_REGNUM_P (regno2) - || (crtl->abi->id () == ARM_PCS_SIMD && FP_REGNUM_P (regno)) -- || maybe_ne ((offset2 - cfun->machine->frame.reg_offset[regno]), -+ || maybe_ne ((offset2 - frame.reg_offset[regno]), - GET_MODE_SIZE (mode))) - { - insn = emit_insn (set); -@@ -9555,7 +9557,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - /* REGNO2 can be saved/restored in a pair with REGNO. */ - rtx reg2 = gen_rtx_REG (mode, regno2); - if (frame_pointer_needed) -- offset2 -= cfun->machine->frame.below_hard_fp_saved_regs_size; -+ offset2 -= frame.below_hard_fp_saved_regs_size; - else - offset2 += crtl->outgoing_args_size; - rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); -@@ -9650,6 +9652,7 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - bool frame_related_p, - bool final_adjustment_p) - { -+ aarch64_frame &frame = cfun->machine->frame; - HOST_WIDE_INT guard_size - = 1 << param_stack_clash_protection_guard_size; - HOST_WIDE_INT guard_used_by_caller = STACK_CLASH_CALLER_GUARD; -@@ -9670,25 +9673,25 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - register as a probe. We can't assume that LR was saved at position 0 - though, so treat any space below it as unprobed. */ - if (final_adjustment_p -- && known_eq (cfun->machine->frame.below_hard_fp_saved_regs_size, 0)) -+ && known_eq (frame.below_hard_fp_saved_regs_size, 0)) - { -- poly_int64 lr_offset = cfun->machine->frame.reg_offset[LR_REGNUM]; -+ poly_int64 lr_offset = frame.reg_offset[LR_REGNUM]; - if (known_ge (lr_offset, 0)) - min_probe_threshold -= lr_offset.to_constant (); - else - gcc_assert (!flag_stack_clash_protection || known_eq (poly_size, 0)); - } - -- poly_int64 frame_size = cfun->machine->frame.frame_size; -+ poly_int64 frame_size = frame.frame_size; - - /* We should always have a positive probe threshold. */ - gcc_assert (min_probe_threshold > 0); - - if (flag_stack_clash_protection && !final_adjustment_p) - { -- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; -- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; -- poly_int64 final_adjust = cfun->machine->frame.final_adjust; -+ poly_int64 initial_adjust = frame.initial_adjust; -+ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; -+ poly_int64 final_adjust = frame.final_adjust; - - if (known_eq (frame_size, 0)) - { -@@ -9977,17 +9980,18 @@ aarch64_epilogue_uses (int regno) - void - aarch64_expand_prologue (void) - { -- poly_int64 frame_size = cfun->machine->frame.frame_size; -- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; -- HOST_WIDE_INT callee_adjust = cfun->machine->frame.callee_adjust; -- poly_int64 final_adjust = cfun->machine->frame.final_adjust; -- poly_int64 callee_offset = cfun->machine->frame.callee_offset; -- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; -+ aarch64_frame &frame = cfun->machine->frame; -+ poly_int64 frame_size = frame.frame_size; -+ poly_int64 initial_adjust = frame.initial_adjust; -+ HOST_WIDE_INT callee_adjust = frame.callee_adjust; -+ poly_int64 final_adjust = frame.final_adjust; -+ poly_int64 callee_offset = frame.callee_offset; -+ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 below_hard_fp_saved_regs_size -- = cfun->machine->frame.below_hard_fp_saved_regs_size; -- unsigned reg1 = cfun->machine->frame.wb_push_candidate1; -- unsigned reg2 = cfun->machine->frame.wb_push_candidate2; -- bool emit_frame_chain = cfun->machine->frame.emit_frame_chain; -+ = frame.below_hard_fp_saved_regs_size; -+ unsigned reg1 = frame.wb_push_candidate1; -+ unsigned reg2 = frame.wb_push_candidate2; -+ bool emit_frame_chain = frame.emit_frame_chain; - rtx_insn *insn; - - if (flag_stack_clash_protection && known_eq (callee_adjust, 0)) -@@ -10018,7 +10022,7 @@ aarch64_expand_prologue (void) - } - - /* Push return address to shadow call stack. */ -- if (cfun->machine->frame.is_scs_enabled) -+ if (frame.is_scs_enabled) - emit_insn (gen_scs_push ()); - - if (flag_stack_usage_info) -@@ -10057,7 +10061,7 @@ aarch64_expand_prologue (void) - - /* The offset of the frame chain record (if any) from the current SP. */ - poly_int64 chain_offset = (initial_adjust + callee_adjust -- - cfun->machine->frame.hard_fp_offset); -+ - frame.hard_fp_offset); - gcc_assert (known_ge (chain_offset, 0)); - - /* The offset of the bottom of the save area from the current SP. */ -@@ -10160,16 +10164,17 @@ aarch64_use_return_insn_p (void) - void - aarch64_expand_epilogue (bool for_sibcall) - { -- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; -- HOST_WIDE_INT callee_adjust = cfun->machine->frame.callee_adjust; -- poly_int64 final_adjust = cfun->machine->frame.final_adjust; -- poly_int64 callee_offset = cfun->machine->frame.callee_offset; -- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; -+ aarch64_frame &frame = cfun->machine->frame; -+ poly_int64 initial_adjust = frame.initial_adjust; -+ HOST_WIDE_INT callee_adjust = frame.callee_adjust; -+ poly_int64 final_adjust = frame.final_adjust; -+ poly_int64 callee_offset = frame.callee_offset; -+ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 below_hard_fp_saved_regs_size -- = cfun->machine->frame.below_hard_fp_saved_regs_size; -- unsigned reg1 = cfun->machine->frame.wb_pop_candidate1; -- unsigned reg2 = cfun->machine->frame.wb_pop_candidate2; -- unsigned int last_gpr = (cfun->machine->frame.is_scs_enabled -+ = frame.below_hard_fp_saved_regs_size; -+ unsigned reg1 = frame.wb_pop_candidate1; -+ unsigned reg2 = frame.wb_pop_candidate2; -+ unsigned int last_gpr = (frame.is_scs_enabled - ? R29_REGNUM : R30_REGNUM); - rtx cfi_ops = NULL; - rtx_insn *insn; -@@ -10203,7 +10208,7 @@ aarch64_expand_epilogue (bool for_sibcall) - /* We need to add memory barrier to prevent read from deallocated stack. */ - bool need_barrier_p - = maybe_ne (get_frame_size () -- + cfun->machine->frame.saved_varargs_size, 0); -+ + frame.saved_varargs_size, 0); - - /* Emit a barrier to prevent loads from a deallocated stack. */ - if (maybe_gt (final_adjust, crtl->outgoing_args_size) -@@ -10284,7 +10289,7 @@ aarch64_expand_epilogue (bool for_sibcall) - } - - /* Pop return address from shadow call stack. */ -- if (cfun->machine->frame.is_scs_enabled) -+ if (frame.is_scs_enabled) - { - machine_mode mode = aarch64_reg_save_mode (R30_REGNUM); - rtx reg = gen_rtx_REG (mode, R30_REGNUM); -@@ -12740,24 +12745,24 @@ aarch64_can_eliminate (const int from ATTRIBUTE_UNUSED, const int to) - poly_int64 - aarch64_initial_elimination_offset (unsigned from, unsigned to) - { -+ aarch64_frame &frame = cfun->machine->frame; -+ - if (to == HARD_FRAME_POINTER_REGNUM) - { - if (from == ARG_POINTER_REGNUM) -- return cfun->machine->frame.hard_fp_offset; -+ return frame.hard_fp_offset; - - if (from == FRAME_POINTER_REGNUM) -- return cfun->machine->frame.hard_fp_offset -- - cfun->machine->frame.locals_offset; -+ return frame.hard_fp_offset - frame.locals_offset; - } - - if (to == STACK_POINTER_REGNUM) - { - if (from == FRAME_POINTER_REGNUM) -- return cfun->machine->frame.frame_size -- - cfun->machine->frame.locals_offset; -+ return frame.frame_size - frame.locals_offset; - } - -- return cfun->machine->frame.frame_size; -+ return frame.frame_size; - } - - --- -2.34.1 - - -From 89a9fa287706c5011f61926eaf65e7b996b963a3 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:12 +0100 -Subject: [PATCH 02/19] aarch64: Avoid a use of callee_offset - -When we emit the frame chain, i.e. when we reach Here in this statement -of aarch64_expand_prologue: - - if (emit_frame_chain) - { - // Here - ... - } - -the stack is in one of two states: - -- We've allocated up to the frame chain, but no more. - -- We've allocated the whole frame, and the frame chain is within easy - reach of the new SP. - -The offset of the frame chain from the current SP is available -in aarch64_frame as callee_offset. It is also available as the -chain_offset local variable, where the latter is calculated from other -data. (However, chain_offset is not always equal to callee_offset when -!emit_frame_chain, so chain_offset isn't redundant.) - -In c600df9a4060da3c6121ff4d0b93f179eafd69d1 I switched to using -chain_offset for the initialisation of the hard frame pointer: - - aarch64_add_offset (Pmode, hard_frame_pointer_rtx, -- stack_pointer_rtx, callee_offset, -+ stack_pointer_rtx, chain_offset, - tmp1_rtx, tmp0_rtx, frame_pointer_needed); - -But the later REG_CFA_ADJUST_CFA handling still used callee_offset. - -I think the difference is harmless, but it's more logical for the -CFA note to be in sync, and it's more convenient for later patches -if it uses chain_offset. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_expand_prologue): Use - chain_offset rather than callee_offset. ---- - gcc/config/aarch64/aarch64.cc | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 5d473d161d9..4f233c95140 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -9985,7 +9985,6 @@ aarch64_expand_prologue (void) - poly_int64 initial_adjust = frame.initial_adjust; - HOST_WIDE_INT callee_adjust = frame.callee_adjust; - poly_int64 final_adjust = frame.final_adjust; -- poly_int64 callee_offset = frame.callee_offset; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 below_hard_fp_saved_regs_size - = frame.below_hard_fp_saved_regs_size; -@@ -10098,8 +10097,7 @@ aarch64_expand_prologue (void) - implicit. */ - if (!find_reg_note (insn, REG_CFA_ADJUST_CFA, NULL_RTX)) - { -- rtx src = plus_constant (Pmode, stack_pointer_rtx, -- callee_offset); -+ rtx src = plus_constant (Pmode, stack_pointer_rtx, chain_offset); - add_reg_note (insn, REG_CFA_ADJUST_CFA, - gen_rtx_SET (hard_frame_pointer_rtx, src)); - } --- -2.34.1 - - -From b36a2a78040722dab6124366c5d6baf8eaf80aef Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:13 +0100 -Subject: [PATCH 03/19] aarch64: Explicitly handle frames with no saved - registers - -If a frame has no saved registers, it can be allocated in one go. -There is no need to treat the areas below and above the saved -registers as separate. - -And if we allocate the frame in one go, it should be allocated -as the initial_adjust rather than the final_adjust. This allows the -frame size to grow to guard_size - guard_used_by_caller before a stack -probe is needed. (A frame with no register saves is necessarily a -leaf frame.) - -This is a no-op as thing stand, since a leaf function will have -no outgoing arguments, and so all the frame will be above where -the saved registers normally go. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Explicitly - allocate the frame in one go if there are no saved registers. ---- - gcc/config/aarch64/aarch64.cc | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 4f233c95140..37643041ffb 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8639,9 +8639,11 @@ aarch64_layout_frame (void) - - HOST_WIDE_INT const_size, const_outgoing_args_size, const_fp_offset; - HOST_WIDE_INT const_saved_regs_size; -- if (frame.frame_size.is_constant (&const_size) -- && const_size < max_push_offset -- && known_eq (frame.hard_fp_offset, const_size)) -+ if (known_eq (frame.saved_regs_size, 0)) -+ frame.initial_adjust = frame.frame_size; -+ else if (frame.frame_size.is_constant (&const_size) -+ && const_size < max_push_offset -+ && known_eq (frame.hard_fp_offset, const_size)) - { - /* Simple, small frame with no outgoing arguments: - --- -2.34.1 - - -From ada2ab0093596be707f23a3466ac82cff59fcffe Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:13 +0100 -Subject: [PATCH 04/19] aarch64: Add bytes_below_saved_regs to frame info - -The frame layout code currently hard-codes the assumption that -the number of bytes below the saved registers is equal to the -size of the outgoing arguments. This patch abstracts that -value into a new field of aarch64_frame. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::bytes_below_saved_regs): New - field. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it, - and use it instead of crtl->outgoing_args_size. - (aarch64_get_separate_components): Use bytes_below_saved_regs instead - of outgoing_args_size. - (aarch64_process_components): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 71 ++++++++++++++++++----------------- - gcc/config/aarch64/aarch64.h | 5 +++ - 2 files changed, 41 insertions(+), 35 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 37643041ffb..dacc2b0e4dd 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8478,6 +8478,8 @@ aarch64_layout_frame (void) - gcc_assert (crtl->is_leaf - || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); - -+ frame.bytes_below_saved_regs = crtl->outgoing_args_size; -+ - /* Now assign stack slots for the registers. Start with the predicate - registers, since predicate LDR and STR have a relatively small - offset range. These saves happen below the hard frame pointer. */ -@@ -8582,18 +8584,18 @@ aarch64_layout_frame (void) - - poly_int64 varargs_and_saved_regs_size = offset + frame.saved_varargs_size; - -- poly_int64 above_outgoing_args -+ poly_int64 saved_regs_and_above - = aligned_upper_bound (varargs_and_saved_regs_size - + get_frame_size (), - STACK_BOUNDARY / BITS_PER_UNIT); - - frame.hard_fp_offset -- = above_outgoing_args - frame.below_hard_fp_saved_regs_size; -+ = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; - - /* Both these values are already aligned. */ -- gcc_assert (multiple_p (crtl->outgoing_args_size, -+ gcc_assert (multiple_p (frame.bytes_below_saved_regs, - STACK_BOUNDARY / BITS_PER_UNIT)); -- frame.frame_size = above_outgoing_args + crtl->outgoing_args_size; -+ frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; - - frame.locals_offset = frame.saved_varargs_size; - -@@ -8637,7 +8639,7 @@ aarch64_layout_frame (void) - else if (frame.wb_pop_candidate1 != INVALID_REGNUM) - max_push_offset = 256; - -- HOST_WIDE_INT const_size, const_outgoing_args_size, const_fp_offset; -+ HOST_WIDE_INT const_size, const_below_saved_regs, const_fp_offset; - HOST_WIDE_INT const_saved_regs_size; - if (known_eq (frame.saved_regs_size, 0)) - frame.initial_adjust = frame.frame_size; -@@ -8645,31 +8647,31 @@ aarch64_layout_frame (void) - && const_size < max_push_offset - && known_eq (frame.hard_fp_offset, const_size)) - { -- /* Simple, small frame with no outgoing arguments: -+ /* Simple, small frame with no data below the saved registers. - - stp reg1, reg2, [sp, -frame_size]! - stp reg3, reg4, [sp, 16] */ - frame.callee_adjust = const_size; - } -- else if (crtl->outgoing_args_size.is_constant (&const_outgoing_args_size) -+ else if (frame.bytes_below_saved_regs.is_constant (&const_below_saved_regs) - && frame.saved_regs_size.is_constant (&const_saved_regs_size) -- && const_outgoing_args_size + const_saved_regs_size < 512 -- /* We could handle this case even with outgoing args, provided -- that the number of args left us with valid offsets for all -- predicate and vector save slots. It's such a rare case that -- it hardly seems worth the effort though. */ -- && (!saves_below_hard_fp_p || const_outgoing_args_size == 0) -+ && const_below_saved_regs + const_saved_regs_size < 512 -+ /* We could handle this case even with data below the saved -+ registers, provided that that data left us with valid offsets -+ for all predicate and vector save slots. It's such a rare -+ case that it hardly seems worth the effort though. */ -+ && (!saves_below_hard_fp_p || const_below_saved_regs == 0) - && !(cfun->calls_alloca - && frame.hard_fp_offset.is_constant (&const_fp_offset) - && const_fp_offset < max_push_offset)) - { -- /* Frame with small outgoing arguments: -+ /* Frame with small area below the saved registers: - - sub sp, sp, frame_size -- stp reg1, reg2, [sp, outgoing_args_size] -- stp reg3, reg4, [sp, outgoing_args_size + 16] */ -+ stp reg1, reg2, [sp, bytes_below_saved_regs] -+ stp reg3, reg4, [sp, bytes_below_saved_regs + 16] */ - frame.initial_adjust = frame.frame_size; -- frame.callee_offset = const_outgoing_args_size; -+ frame.callee_offset = const_below_saved_regs; - } - else if (saves_below_hard_fp_p - && known_eq (frame.saved_regs_size, -@@ -8679,30 +8681,29 @@ aarch64_layout_frame (void) - - sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size - save SVE registers relative to SP -- sub sp, sp, outgoing_args_size */ -+ sub sp, sp, bytes_below_saved_regs */ - frame.initial_adjust = (frame.hard_fp_offset - + frame.below_hard_fp_saved_regs_size); -- frame.final_adjust = crtl->outgoing_args_size; -+ frame.final_adjust = frame.bytes_below_saved_regs; - } - else if (frame.hard_fp_offset.is_constant (&const_fp_offset) - && const_fp_offset < max_push_offset) - { -- /* Frame with large outgoing arguments or SVE saves, but with -- a small local area: -+ /* Frame with large area below the saved registers, or with SVE saves, -+ but with a small area above: - - stp reg1, reg2, [sp, -hard_fp_offset]! - stp reg3, reg4, [sp, 16] - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] -- sub sp, sp, outgoing_args_size */ -+ sub sp, sp, bytes_below_saved_regs */ - frame.callee_adjust = const_fp_offset; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -- frame.final_adjust = crtl->outgoing_args_size; -+ frame.final_adjust = frame.bytes_below_saved_regs; - } - else - { -- /* Frame with large local area and outgoing arguments or SVE saves, -- using frame pointer: -+ /* General case: - - sub sp, sp, hard_fp_offset - stp x29, x30, [sp, 0] -@@ -8710,10 +8711,10 @@ aarch64_layout_frame (void) - stp reg3, reg4, [sp, 16] - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] -- sub sp, sp, outgoing_args_size */ -+ sub sp, sp, bytes_below_saved_regs */ - frame.initial_adjust = frame.hard_fp_offset; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -- frame.final_adjust = crtl->outgoing_args_size; -+ frame.final_adjust = frame.bytes_below_saved_regs; - } - - /* Make sure the individual adjustments add up to the full frame size. */ -@@ -9358,7 +9359,7 @@ aarch64_get_separate_components (void) - if (frame_pointer_needed) - offset -= frame.below_hard_fp_saved_regs_size; - else -- offset += crtl->outgoing_args_size; -+ offset += frame.bytes_below_saved_regs; - - /* Check that we can access the stack slot of the register with one - direct load with no adjustments needed. */ -@@ -9507,7 +9508,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - if (frame_pointer_needed) - offset -= frame.below_hard_fp_saved_regs_size; - else -- offset += crtl->outgoing_args_size; -+ offset += frame.bytes_below_saved_regs; - - rtx addr = plus_constant (Pmode, ptr_reg, offset); - rtx mem = gen_frame_mem (mode, addr); -@@ -9561,7 +9562,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - if (frame_pointer_needed) - offset2 -= frame.below_hard_fp_saved_regs_size; - else -- offset2 += crtl->outgoing_args_size; -+ offset2 += frame.bytes_below_saved_regs; - rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); - rtx mem2 = gen_frame_mem (mode, addr2); - rtx set2 = prologue_p ? gen_rtx_SET (mem2, reg2) -@@ -9635,10 +9636,10 @@ aarch64_stack_clash_protection_alloca_probe_range (void) - registers. If POLY_SIZE is not large enough to require a probe this function - will only adjust the stack. When allocating the stack space - FRAME_RELATED_P is then used to indicate if the allocation is frame related. -- FINAL_ADJUSTMENT_P indicates whether we are allocating the outgoing -- arguments. If we are then we ensure that any allocation larger than the ABI -- defined buffer needs a probe so that the invariant of having a 1KB buffer is -- maintained. -+ FINAL_ADJUSTMENT_P indicates whether we are allocating the area below -+ the saved registers. If we are then we ensure that any allocation -+ larger than the ABI defined buffer needs a probe so that the -+ invariant of having a 1KB buffer is maintained. - - We emit barriers after each stack adjustment to prevent optimizations from - breaking the invariant that we never drop the stack more than a page. This -@@ -9847,7 +9848,7 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - /* Handle any residuals. Residuals of at least MIN_PROBE_THRESHOLD have to - be probed. This maintains the requirement that each page is probed at - least once. For initial probing we probe only if the allocation is -- more than GUARD_SIZE - buffer, and for the outgoing arguments we probe -+ more than GUARD_SIZE - buffer, and below the saved registers we probe - if the amount is larger than buffer. GUARD_SIZE - buffer + buffer == - GUARD_SIZE. This works that for any allocation that is large enough to - trigger a probe here, we'll have at least one, and if they're not large -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 73b09e20508..0b6faa3ddf1 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -777,6 +777,11 @@ struct GTY (()) aarch64_frame - /* The size of the callee-save registers with a slot in REG_OFFSET. */ - poly_int64 saved_regs_size; - -+ /* The number of bytes between the bottom of the static frame (the bottom -+ of the outgoing arguments) and the bottom of the register save area. -+ This value is always a multiple of STACK_BOUNDARY. */ -+ poly_int64 bytes_below_saved_regs; -+ - /* The size of the callee-save registers with a slot in REG_OFFSET that - are saved below the hard frame pointer. */ - poly_int64 below_hard_fp_saved_regs_size; --- -2.34.1 - - -From 82f6b3e1b596ef0f4e3ac3bb9c6e88fb4458f402 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:14 +0100 -Subject: [PATCH 05/19] aarch64: Add bytes_below_hard_fp to frame info - -Following on from the previous bytes_below_saved_regs patch, this one -records the number of bytes that are below the hard frame pointer. -This eventually replaces below_hard_fp_saved_regs_size. - -If a frame pointer is not needed, the epilogue adds final_adjust -to the stack pointer before restoring registers: - - aarch64_add_sp (tmp1_rtx, tmp0_rtx, final_adjust, true); - -Therefore, if the epilogue needs to restore the stack pointer from -the hard frame pointer, the directly corresponding offset is: - - -bytes_below_hard_fp + final_adjust - -i.e. go from the hard frame pointer to the bottom of the frame, -then add the same amount as if we were using the stack pointer -from the outset. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::bytes_below_hard_fp): New - field. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it. - (aarch64_expand_epilogue): Use it instead of - below_hard_fp_saved_regs_size. ---- - gcc/config/aarch64/aarch64.cc | 6 +++--- - gcc/config/aarch64/aarch64.h | 5 +++++ - 2 files changed, 8 insertions(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index dacc2b0e4dd..a3f7aabcc59 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8530,6 +8530,7 @@ aarch64_layout_frame (void) - of the callee save area. */ - bool saves_below_hard_fp_p = maybe_ne (offset, 0); - frame.below_hard_fp_saved_regs_size = offset; -+ frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs; - if (frame.emit_frame_chain) - { - /* FP and LR are placed in the linkage record. */ -@@ -10171,8 +10172,7 @@ aarch64_expand_epilogue (bool for_sibcall) - poly_int64 final_adjust = frame.final_adjust; - poly_int64 callee_offset = frame.callee_offset; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; -- poly_int64 below_hard_fp_saved_regs_size -- = frame.below_hard_fp_saved_regs_size; -+ poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp; - unsigned reg1 = frame.wb_pop_candidate1; - unsigned reg2 = frame.wb_pop_candidate2; - unsigned int last_gpr = (frame.is_scs_enabled -@@ -10230,7 +10230,7 @@ aarch64_expand_epilogue (bool for_sibcall) - is restored on the instruction doing the writeback. */ - aarch64_add_offset (Pmode, stack_pointer_rtx, - hard_frame_pointer_rtx, -- -callee_offset - below_hard_fp_saved_regs_size, -+ -bytes_below_hard_fp + final_adjust, - tmp1_rtx, tmp0_rtx, callee_adjust == 0); - else - /* The case where we need to re-use the register here is very rare, so -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 0b6faa3ddf1..4263d29d29d 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -786,6 +786,11 @@ struct GTY (()) aarch64_frame - are saved below the hard frame pointer. */ - poly_int64 below_hard_fp_saved_regs_size; - -+ /* The number of bytes between the bottom of the static frame (the bottom -+ of the outgoing arguments) and the hard frame pointer. This value is -+ always a multiple of STACK_BOUNDARY. */ -+ poly_int64 bytes_below_hard_fp; -+ - /* Offset from the base of the frame (incomming SP) to the - top of the locals area. This value is always a multiple of - STACK_BOUNDARY. */ --- -2.34.1 - - -From 86fa43e9fe4a8bf954f2919f07cbe3646d1d1df3 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:14 +0100 -Subject: [PATCH 06/19] aarch64: Tweak aarch64_save/restore_callee_saves - -aarch64_save_callee_saves and aarch64_restore_callee_saves took -a parameter called start_offset that gives the offset of the -bottom of the saved register area from the current stack pointer. -However, it's more convenient for later patches if we use the -bottom of the entire frame as the reference point, rather than -the bottom of the saved registers. - -Doing that removes the need for the callee_offset field. -Other than that, this is not a win on its own. It only really -makes sense in combination with the follow-on patches. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::callee_offset): Delete. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Remove - callee_offset handling. - (aarch64_save_callee_saves): Replace the start_offset parameter - with a bytes_below_sp parameter. - (aarch64_restore_callee_saves): Likewise. - (aarch64_expand_prologue): Update accordingly. - (aarch64_expand_epilogue): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 56 +++++++++++++++++------------------ - gcc/config/aarch64/aarch64.h | 4 --- - 2 files changed, 28 insertions(+), 32 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index a3f7aabcc59..46ae5cf7673 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8604,7 +8604,6 @@ aarch64_layout_frame (void) - frame.final_adjust = 0; - frame.callee_adjust = 0; - frame.sve_callee_adjust = 0; -- frame.callee_offset = 0; - - frame.wb_pop_candidate1 = frame.wb_push_candidate1; - frame.wb_pop_candidate2 = frame.wb_push_candidate2; -@@ -8672,7 +8671,6 @@ aarch64_layout_frame (void) - stp reg1, reg2, [sp, bytes_below_saved_regs] - stp reg3, reg4, [sp, bytes_below_saved_regs + 16] */ - frame.initial_adjust = frame.frame_size; -- frame.callee_offset = const_below_saved_regs; - } - else if (saves_below_hard_fp_p - && known_eq (frame.saved_regs_size, -@@ -9073,12 +9071,13 @@ aarch64_add_cfa_expression (rtx_insn *insn, rtx reg, - } - - /* Emit code to save the callee-saved registers from register number START -- to LIMIT to the stack at the location starting at offset START_OFFSET, -- skipping any write-back candidates if SKIP_WB is true. HARD_FP_VALID_P -- is true if the hard frame pointer has been set up. */ -+ to LIMIT to the stack. The stack pointer is currently BYTES_BELOW_SP -+ bytes above the bottom of the static frame. Skip any write-back -+ candidates if SKIP_WB is true. HARD_FP_VALID_P is true if the hard -+ frame pointer has been set up. */ - - static void --aarch64_save_callee_saves (poly_int64 start_offset, -+aarch64_save_callee_saves (poly_int64 bytes_below_sp, - unsigned start, unsigned limit, bool skip_wb, - bool hard_fp_valid_p) - { -@@ -9106,7 +9105,9 @@ aarch64_save_callee_saves (poly_int64 start_offset, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + frame.reg_offset[regno]; -+ offset = (frame.reg_offset[regno] -+ + frame.bytes_below_saved_regs -+ - bytes_below_sp); - rtx base_rtx = stack_pointer_rtx; - poly_int64 sp_offset = offset; - -@@ -9117,9 +9118,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - else if (GP_REGNUM_P (regno) - && (!offset.is_constant (&const_offset) || const_offset >= 512)) - { -- gcc_assert (known_eq (start_offset, 0)); -- poly_int64 fp_offset -- = frame.below_hard_fp_saved_regs_size; -+ poly_int64 fp_offset = frame.bytes_below_hard_fp - bytes_below_sp; - if (hard_fp_valid_p) - base_rtx = hard_frame_pointer_rtx; - else -@@ -9183,12 +9182,13 @@ aarch64_save_callee_saves (poly_int64 start_offset, - } - - /* Emit code to restore the callee registers from register number START -- up to and including LIMIT. Restore from the stack offset START_OFFSET, -- skipping any write-back candidates if SKIP_WB is true. Write the -- appropriate REG_CFA_RESTORE notes into CFI_OPS. */ -+ up to and including LIMIT. The stack pointer is currently BYTES_BELOW_SP -+ bytes above the bottom of the static frame. Skip any write-back -+ candidates if SKIP_WB is true. Write the appropriate REG_CFA_RESTORE -+ notes into CFI_OPS. */ - - static void --aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, -+aarch64_restore_callee_saves (poly_int64 bytes_below_sp, unsigned start, - unsigned limit, bool skip_wb, rtx *cfi_ops) - { - aarch64_frame &frame = cfun->machine->frame; -@@ -9214,7 +9214,9 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + frame.reg_offset[regno]; -+ offset = (frame.reg_offset[regno] -+ + frame.bytes_below_saved_regs -+ - bytes_below_sp); - rtx base_rtx = stack_pointer_rtx; - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, -@@ -9990,8 +9992,6 @@ aarch64_expand_prologue (void) - HOST_WIDE_INT callee_adjust = frame.callee_adjust; - poly_int64 final_adjust = frame.final_adjust; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; -- poly_int64 below_hard_fp_saved_regs_size -- = frame.below_hard_fp_saved_regs_size; - unsigned reg1 = frame.wb_push_candidate1; - unsigned reg2 = frame.wb_push_candidate2; - bool emit_frame_chain = frame.emit_frame_chain; -@@ -10067,8 +10067,8 @@ aarch64_expand_prologue (void) - - frame.hard_fp_offset); - gcc_assert (known_ge (chain_offset, 0)); - -- /* The offset of the bottom of the save area from the current SP. */ -- poly_int64 saved_regs_offset = chain_offset - below_hard_fp_saved_regs_size; -+ /* The offset of the current SP from the bottom of the static frame. */ -+ poly_int64 bytes_below_sp = frame_size - initial_adjust - callee_adjust; - - if (emit_frame_chain) - { -@@ -10076,7 +10076,7 @@ aarch64_expand_prologue (void) - { - reg1 = R29_REGNUM; - reg2 = R30_REGNUM; -- aarch64_save_callee_saves (saved_regs_offset, reg1, reg2, -+ aarch64_save_callee_saves (bytes_below_sp, reg1, reg2, - false, false); - } - else -@@ -10116,7 +10116,7 @@ aarch64_expand_prologue (void) - emit_insn (gen_stack_tie (stack_pointer_rtx, hard_frame_pointer_rtx)); - } - -- aarch64_save_callee_saves (saved_regs_offset, R0_REGNUM, R30_REGNUM, -+ aarch64_save_callee_saves (bytes_below_sp, R0_REGNUM, R30_REGNUM, - callee_adjust != 0 || emit_frame_chain, - emit_frame_chain); - if (maybe_ne (sve_callee_adjust, 0)) -@@ -10126,16 +10126,17 @@ aarch64_expand_prologue (void) - aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, - sve_callee_adjust, - !frame_pointer_needed, false); -- saved_regs_offset += sve_callee_adjust; -+ bytes_below_sp -= sve_callee_adjust; - } -- aarch64_save_callee_saves (saved_regs_offset, P0_REGNUM, P15_REGNUM, -+ aarch64_save_callee_saves (bytes_below_sp, P0_REGNUM, P15_REGNUM, - false, emit_frame_chain); -- aarch64_save_callee_saves (saved_regs_offset, V0_REGNUM, V31_REGNUM, -+ aarch64_save_callee_saves (bytes_below_sp, V0_REGNUM, V31_REGNUM, - callee_adjust != 0 || emit_frame_chain, - emit_frame_chain); - - /* We may need to probe the final adjustment if it is larger than the guard - that is assumed by the called. */ -+ gcc_assert (known_eq (bytes_below_sp, final_adjust)); - aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, final_adjust, - !frame_pointer_needed, true); - } -@@ -10170,7 +10171,6 @@ aarch64_expand_epilogue (bool for_sibcall) - poly_int64 initial_adjust = frame.initial_adjust; - HOST_WIDE_INT callee_adjust = frame.callee_adjust; - poly_int64 final_adjust = frame.final_adjust; -- poly_int64 callee_offset = frame.callee_offset; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp; - unsigned reg1 = frame.wb_pop_candidate1; -@@ -10240,9 +10240,9 @@ aarch64_expand_epilogue (bool for_sibcall) - - /* Restore the vector registers before the predicate registers, - so that we can use P4 as a temporary for big-endian SVE frames. */ -- aarch64_restore_callee_saves (callee_offset, V0_REGNUM, V31_REGNUM, -+ aarch64_restore_callee_saves (final_adjust, V0_REGNUM, V31_REGNUM, - callee_adjust != 0, &cfi_ops); -- aarch64_restore_callee_saves (callee_offset, P0_REGNUM, P15_REGNUM, -+ aarch64_restore_callee_saves (final_adjust, P0_REGNUM, P15_REGNUM, - false, &cfi_ops); - if (maybe_ne (sve_callee_adjust, 0)) - aarch64_add_sp (NULL_RTX, NULL_RTX, sve_callee_adjust, true); -@@ -10250,7 +10250,7 @@ aarch64_expand_epilogue (bool for_sibcall) - /* When shadow call stack is enabled, the scs_pop in the epilogue will - restore x30, we don't need to restore x30 again in the traditional - way. */ -- aarch64_restore_callee_saves (callee_offset - sve_callee_adjust, -+ aarch64_restore_callee_saves (final_adjust + sve_callee_adjust, - R0_REGNUM, last_gpr, - callee_adjust != 0, &cfi_ops); - -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 4263d29d29d..fd820b1be4e 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -813,10 +813,6 @@ struct GTY (()) aarch64_frame - It is zero when no push is used. */ - HOST_WIDE_INT callee_adjust; - -- /* The offset from SP to the callee-save registers after initial_adjust. -- It may be non-zero if no push is used (ie. callee_adjust == 0). */ -- poly_int64 callee_offset; -- - /* The size of the stack adjustment before saving or after restoring - SVE registers. */ - poly_int64 sve_callee_adjust; --- -2.34.1 - - -From 8ae9181426f2700c2e5a2909487fa630e6fa406b Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:15 +0100 -Subject: [PATCH 07/19] aarch64: Only calculate chain_offset if there is a - chain - -After previous patches, it is no longer necessary to calculate -a chain_offset in cases where there is no chain record. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_expand_prologue): Move the - calculation of chain_offset into the emit_frame_chain block. ---- - gcc/config/aarch64/aarch64.cc | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 46ae5cf7673..0e9b9717c08 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -10062,16 +10062,16 @@ aarch64_expand_prologue (void) - if (callee_adjust != 0) - aarch64_push_regs (reg1, reg2, callee_adjust); - -- /* The offset of the frame chain record (if any) from the current SP. */ -- poly_int64 chain_offset = (initial_adjust + callee_adjust -- - frame.hard_fp_offset); -- gcc_assert (known_ge (chain_offset, 0)); -- - /* The offset of the current SP from the bottom of the static frame. */ - poly_int64 bytes_below_sp = frame_size - initial_adjust - callee_adjust; - - if (emit_frame_chain) - { -+ /* The offset of the frame chain record (if any) from the current SP. */ -+ poly_int64 chain_offset = (initial_adjust + callee_adjust -+ - frame.hard_fp_offset); -+ gcc_assert (known_ge (chain_offset, 0)); -+ - if (callee_adjust == 0) - { - reg1 = R29_REGNUM; --- -2.34.1 - - -From 375794feb614cee1f41b710b9cc1b6f25da6c1cb Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:15 +0100 -Subject: [PATCH 08/19] aarch64: Rename locals_offset to bytes_above_locals -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -locals_offset was described as: - - /* Offset from the base of the frame (incomming SP) to the - top of the locals area. This value is always a multiple of - STACK_BOUNDARY. */ - -This is implicitly an “upside down” view of the frame: the incoming -SP is at offset 0, and anything N bytes below the incoming SP is at -offset N (rather than -N). - -However, reg_offset instead uses a “right way up” view; that is, -it views offsets in address terms. Something above X is at a -positive offset from X and something below X is at a negative -offset from X. - -Also, even on FRAME_GROWS_DOWNWARD targets like AArch64, -target-independent code views offsets in address terms too: -locals are allocated at negative offsets to virtual_stack_vars. - -It seems confusing to have *_offset fields of the same structure -using different polarities like this. This patch tries to avoid -that by renaming locals_offset to bytes_above_locals. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::locals_offset): Rename to... - (aarch64_frame::bytes_above_locals): ...this. - * config/aarch64/aarch64.cc (aarch64_layout_frame) - (aarch64_initial_elimination_offset): Update accordingly. ---- - gcc/config/aarch64/aarch64.cc | 6 +++--- - gcc/config/aarch64/aarch64.h | 6 +++--- - 2 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 0e9b9717c08..0a22f91520e 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8598,7 +8598,7 @@ aarch64_layout_frame (void) - STACK_BOUNDARY / BITS_PER_UNIT)); - frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; - -- frame.locals_offset = frame.saved_varargs_size; -+ frame.bytes_above_locals = frame.saved_varargs_size; - - frame.initial_adjust = 0; - frame.final_adjust = 0; -@@ -12754,13 +12754,13 @@ aarch64_initial_elimination_offset (unsigned from, unsigned to) - return frame.hard_fp_offset; - - if (from == FRAME_POINTER_REGNUM) -- return frame.hard_fp_offset - frame.locals_offset; -+ return frame.hard_fp_offset - frame.bytes_above_locals; - } - - if (to == STACK_POINTER_REGNUM) - { - if (from == FRAME_POINTER_REGNUM) -- return frame.frame_size - frame.locals_offset; -+ return frame.frame_size - frame.bytes_above_locals; - } - - return frame.frame_size; -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index fd820b1be4e..7ae12d13e2b 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -791,10 +791,10 @@ struct GTY (()) aarch64_frame - always a multiple of STACK_BOUNDARY. */ - poly_int64 bytes_below_hard_fp; - -- /* Offset from the base of the frame (incomming SP) to the -- top of the locals area. This value is always a multiple of -+ /* The number of bytes between the top of the locals area and the top -+ of the frame (the incomming SP). This value is always a multiple of - STACK_BOUNDARY. */ -- poly_int64 locals_offset; -+ poly_int64 bytes_above_locals; - - /* Offset from the base of the frame (incomming SP) to the - hard_frame_pointer. This value is always a multiple of --- -2.34.1 - - -From 1a9ea1c45c75615ffbfabe652b3598a1d7be2168 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:16 +0100 -Subject: [PATCH 09/19] aarch64: Rename hard_fp_offset to bytes_above_hard_fp -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Similarly to the previous locals_offset patch, hard_fp_offset -was described as: - - /* Offset from the base of the frame (incomming SP) to the - hard_frame_pointer. This value is always a multiple of - STACK_BOUNDARY. */ - poly_int64 hard_fp_offset; - -which again took an “upside-down” view: higher offsets meant lower -addresses. This patch renames the field to bytes_above_hard_fp instead. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::hard_fp_offset): Rename - to... - (aarch64_frame::bytes_above_hard_fp): ...this. - * config/aarch64/aarch64.cc (aarch64_layout_frame) - (aarch64_expand_prologue): Update accordingly. - (aarch64_initial_elimination_offset): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 26 +++++++++++++------------- - gcc/config/aarch64/aarch64.h | 6 +++--- - 2 files changed, 16 insertions(+), 16 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 0a22f91520e..95499ae49ba 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8590,7 +8590,7 @@ aarch64_layout_frame (void) - + get_frame_size (), - STACK_BOUNDARY / BITS_PER_UNIT); - -- frame.hard_fp_offset -+ frame.bytes_above_hard_fp - = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; - - /* Both these values are already aligned. */ -@@ -8639,13 +8639,13 @@ aarch64_layout_frame (void) - else if (frame.wb_pop_candidate1 != INVALID_REGNUM) - max_push_offset = 256; - -- HOST_WIDE_INT const_size, const_below_saved_regs, const_fp_offset; -+ HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; - HOST_WIDE_INT const_saved_regs_size; - if (known_eq (frame.saved_regs_size, 0)) - frame.initial_adjust = frame.frame_size; - else if (frame.frame_size.is_constant (&const_size) - && const_size < max_push_offset -- && known_eq (frame.hard_fp_offset, const_size)) -+ && known_eq (frame.bytes_above_hard_fp, const_size)) - { - /* Simple, small frame with no data below the saved registers. - -@@ -8662,8 +8662,8 @@ aarch64_layout_frame (void) - case that it hardly seems worth the effort though. */ - && (!saves_below_hard_fp_p || const_below_saved_regs == 0) - && !(cfun->calls_alloca -- && frame.hard_fp_offset.is_constant (&const_fp_offset) -- && const_fp_offset < max_push_offset)) -+ && frame.bytes_above_hard_fp.is_constant (&const_above_fp) -+ && const_above_fp < max_push_offset)) - { - /* Frame with small area below the saved registers: - -@@ -8681,12 +8681,12 @@ aarch64_layout_frame (void) - sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size - save SVE registers relative to SP - sub sp, sp, bytes_below_saved_regs */ -- frame.initial_adjust = (frame.hard_fp_offset -+ frame.initial_adjust = (frame.bytes_above_hard_fp - + frame.below_hard_fp_saved_regs_size); - frame.final_adjust = frame.bytes_below_saved_regs; - } -- else if (frame.hard_fp_offset.is_constant (&const_fp_offset) -- && const_fp_offset < max_push_offset) -+ else if (frame.bytes_above_hard_fp.is_constant (&const_above_fp) -+ && const_above_fp < max_push_offset) - { - /* Frame with large area below the saved registers, or with SVE saves, - but with a small area above: -@@ -8696,7 +8696,7 @@ aarch64_layout_frame (void) - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ -- frame.callee_adjust = const_fp_offset; -+ frame.callee_adjust = const_above_fp; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } -@@ -8711,7 +8711,7 @@ aarch64_layout_frame (void) - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ -- frame.initial_adjust = frame.hard_fp_offset; -+ frame.initial_adjust = frame.bytes_above_hard_fp; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } -@@ -10069,7 +10069,7 @@ aarch64_expand_prologue (void) - { - /* The offset of the frame chain record (if any) from the current SP. */ - poly_int64 chain_offset = (initial_adjust + callee_adjust -- - frame.hard_fp_offset); -+ - frame.bytes_above_hard_fp); - gcc_assert (known_ge (chain_offset, 0)); - - if (callee_adjust == 0) -@@ -12751,10 +12751,10 @@ aarch64_initial_elimination_offset (unsigned from, unsigned to) - if (to == HARD_FRAME_POINTER_REGNUM) - { - if (from == ARG_POINTER_REGNUM) -- return frame.hard_fp_offset; -+ return frame.bytes_above_hard_fp; - - if (from == FRAME_POINTER_REGNUM) -- return frame.hard_fp_offset - frame.bytes_above_locals; -+ return frame.bytes_above_hard_fp - frame.bytes_above_locals; - } - - if (to == STACK_POINTER_REGNUM) -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 7ae12d13e2b..3808f49e9ca 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -796,10 +796,10 @@ struct GTY (()) aarch64_frame - STACK_BOUNDARY. */ - poly_int64 bytes_above_locals; - -- /* Offset from the base of the frame (incomming SP) to the -- hard_frame_pointer. This value is always a multiple of -+ /* The number of bytes between the hard_frame_pointer and the top of -+ the frame (the incomming SP). This value is always a multiple of - STACK_BOUNDARY. */ -- poly_int64 hard_fp_offset; -+ poly_int64 bytes_above_hard_fp; - - /* The size of the frame. This value is the offset from base of the - frame (incomming SP) to the stack_pointer. This value is always --- -2.34.1 - - -From d202ce1ecf60a36a3e1009917dd76109248ce9be Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:16 +0100 -Subject: [PATCH 10/19] aarch64: Tweak frame_size comment -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch fixes another case in which a value was described with -an “upside-down” view. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::frame_size): Tweak comment. ---- - gcc/config/aarch64/aarch64.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 3808f49e9ca..108a5731b0d 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -801,8 +801,8 @@ struct GTY (()) aarch64_frame - STACK_BOUNDARY. */ - poly_int64 bytes_above_hard_fp; - -- /* The size of the frame. This value is the offset from base of the -- frame (incomming SP) to the stack_pointer. This value is always -+ /* The size of the frame, i.e. the number of bytes between the bottom -+ of the outgoing arguments and the incoming SP. This value is always - a multiple of STACK_BOUNDARY. */ - poly_int64 frame_size; - --- -2.34.1 - - -From f2b585375205b0a1802d79c682ba33766ecd1f0f Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:17 +0100 -Subject: [PATCH 11/19] aarch64: Measure reg_offset from the bottom of the - frame - -reg_offset was measured from the bottom of the saved register area. -This made perfect sense with the original layout, since the bottom -of the saved register area was also the hard frame pointer address. -It became slightly less obvious with SVE, since we save SVE -registers below the hard frame pointer, but it still made sense. - -However, if we want to allow different frame layouts, it's more -convenient and obvious to measure reg_offset from the bottom of -the frame. After previous patches, it's also a slight simplification -in its own right. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame): Add comment above - reg_offset. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Walk offsets - from the bottom of the frame, rather than the bottom of the saved - register area. Measure reg_offset from the bottom of the frame - rather than the bottom of the saved register area. - (aarch64_save_callee_saves): Update accordingly. - (aarch64_restore_callee_saves): Likewise. - (aarch64_get_separate_components): Likewise. - (aarch64_process_components): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 53 ++++++++++++++++------------------- - gcc/config/aarch64/aarch64.h | 3 ++ - 2 files changed, 27 insertions(+), 29 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 95499ae49ba..af99807ef8a 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8400,7 +8400,6 @@ aarch64_needs_frame_chain (void) - static void - aarch64_layout_frame (void) - { -- poly_int64 offset = 0; - int regno, last_fp_reg = INVALID_REGNUM; - machine_mode vector_save_mode = aarch64_reg_save_mode (V8_REGNUM); - poly_int64 vector_save_size = GET_MODE_SIZE (vector_save_mode); -@@ -8478,7 +8477,9 @@ aarch64_layout_frame (void) - gcc_assert (crtl->is_leaf - || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); - -- frame.bytes_below_saved_regs = crtl->outgoing_args_size; -+ poly_int64 offset = crtl->outgoing_args_size; -+ gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); -+ frame.bytes_below_saved_regs = offset; - - /* Now assign stack slots for the registers. Start with the predicate - registers, since predicate LDR and STR have a relatively small -@@ -8490,7 +8491,8 @@ aarch64_layout_frame (void) - offset += BYTES_PER_SVE_PRED; - } - -- if (maybe_ne (offset, 0)) -+ poly_int64 saved_prs_size = offset - frame.bytes_below_saved_regs; -+ if (maybe_ne (saved_prs_size, 0)) - { - /* If we have any vector registers to save above the predicate registers, - the offset of the vector register save slots need to be a multiple -@@ -8508,10 +8510,10 @@ aarch64_layout_frame (void) - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - else - { -- if (known_le (offset, vector_save_size)) -- offset = vector_save_size; -- else if (known_le (offset, vector_save_size * 2)) -- offset = vector_save_size * 2; -+ if (known_le (saved_prs_size, vector_save_size)) -+ offset = frame.bytes_below_saved_regs + vector_save_size; -+ else if (known_le (saved_prs_size, vector_save_size * 2)) -+ offset = frame.bytes_below_saved_regs + vector_save_size * 2; - else - gcc_unreachable (); - } -@@ -8528,9 +8530,10 @@ aarch64_layout_frame (void) - - /* OFFSET is now the offset of the hard frame pointer from the bottom - of the callee save area. */ -- bool saves_below_hard_fp_p = maybe_ne (offset, 0); -- frame.below_hard_fp_saved_regs_size = offset; -- frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs; -+ frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; -+ bool saves_below_hard_fp_p -+ = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); -+ frame.bytes_below_hard_fp = offset; - if (frame.emit_frame_chain) - { - /* FP and LR are placed in the linkage record. */ -@@ -8581,9 +8584,10 @@ aarch64_layout_frame (void) - - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - -- frame.saved_regs_size = offset; -+ frame.saved_regs_size = offset - frame.bytes_below_saved_regs; - -- poly_int64 varargs_and_saved_regs_size = offset + frame.saved_varargs_size; -+ poly_int64 varargs_and_saved_regs_size -+ = frame.saved_regs_size + frame.saved_varargs_size; - - poly_int64 saved_regs_and_above - = aligned_upper_bound (varargs_and_saved_regs_size -@@ -9105,9 +9109,7 @@ aarch64_save_callee_saves (poly_int64 bytes_below_sp, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = (frame.reg_offset[regno] -- + frame.bytes_below_saved_regs -- - bytes_below_sp); -+ offset = frame.reg_offset[regno] - bytes_below_sp; - rtx base_rtx = stack_pointer_rtx; - poly_int64 sp_offset = offset; - -@@ -9214,9 +9216,7 @@ aarch64_restore_callee_saves (poly_int64 bytes_below_sp, unsigned start, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = (frame.reg_offset[regno] -- + frame.bytes_below_saved_regs -- - bytes_below_sp); -+ offset = frame.reg_offset[regno] - bytes_below_sp; - rtx base_rtx = stack_pointer_rtx; - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, -@@ -9355,14 +9355,12 @@ aarch64_get_separate_components (void) - it as a stack probe for -fstack-clash-protection. */ - if (flag_stack_clash_protection - && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) -- && known_eq (offset, 0)) -+ && known_eq (offset, frame.bytes_below_saved_regs)) - continue; - - /* Get the offset relative to the register we'll use. */ - if (frame_pointer_needed) -- offset -= frame.below_hard_fp_saved_regs_size; -- else -- offset += frame.bytes_below_saved_regs; -+ offset -= frame.bytes_below_hard_fp; - - /* Check that we can access the stack slot of the register with one - direct load with no adjustments needed. */ -@@ -9509,9 +9507,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - rtx reg = gen_rtx_REG (mode, regno); - poly_int64 offset = frame.reg_offset[regno]; - if (frame_pointer_needed) -- offset -= frame.below_hard_fp_saved_regs_size; -- else -- offset += frame.bytes_below_saved_regs; -+ offset -= frame.bytes_below_hard_fp; - - rtx addr = plus_constant (Pmode, ptr_reg, offset); - rtx mem = gen_frame_mem (mode, addr); -@@ -9563,9 +9559,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - /* REGNO2 can be saved/restored in a pair with REGNO. */ - rtx reg2 = gen_rtx_REG (mode, regno2); - if (frame_pointer_needed) -- offset2 -= frame.below_hard_fp_saved_regs_size; -- else -- offset2 += frame.bytes_below_saved_regs; -+ offset2 -= frame.bytes_below_hard_fp; - rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); - rtx mem2 = gen_frame_mem (mode, addr2); - rtx set2 = prologue_p ? gen_rtx_SET (mem2, reg2) -@@ -9681,7 +9675,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - if (final_adjustment_p - && known_eq (frame.below_hard_fp_saved_regs_size, 0)) - { -- poly_int64 lr_offset = frame.reg_offset[LR_REGNUM]; -+ poly_int64 lr_offset = (frame.reg_offset[LR_REGNUM] -+ - frame.bytes_below_saved_regs); - if (known_ge (lr_offset, 0)) - min_probe_threshold -= lr_offset.to_constant (); - else -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 108a5731b0d..c8becb098c8 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -766,6 +766,9 @@ extern enum aarch64_processor aarch64_tune; - #ifdef HAVE_POLY_INT_H - struct GTY (()) aarch64_frame - { -+ /* The offset from the bottom of the static frame (the bottom of the -+ outgoing arguments) of each register save slot, or -2 if no save is -+ needed. */ - poly_int64 reg_offset[LAST_SAVED_REGNUM + 1]; - - /* The number of extra stack bytes taken up by register varargs. --- -2.34.1 - - -From 79faabda181d0d9fd29a3cf5726ba65bdee945b5 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:17 +0100 -Subject: [PATCH 12/19] aarch64: Simplify top of frame allocation - -After previous patches, it no longer really makes sense to allocate -the top of the frame in terms of varargs_and_saved_regs_size and -saved_regs_and_above. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Simplify - the allocation of the top of the frame. ---- - gcc/config/aarch64/aarch64.cc | 23 ++++++++--------------- - 1 file changed, 8 insertions(+), 15 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index af99807ef8a..31b00094c2a 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8586,23 +8586,16 @@ aarch64_layout_frame (void) - - frame.saved_regs_size = offset - frame.bytes_below_saved_regs; - -- poly_int64 varargs_and_saved_regs_size -- = frame.saved_regs_size + frame.saved_varargs_size; -- -- poly_int64 saved_regs_and_above -- = aligned_upper_bound (varargs_and_saved_regs_size -- + get_frame_size (), -- STACK_BOUNDARY / BITS_PER_UNIT); -- -- frame.bytes_above_hard_fp -- = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; -+ offset += get_frame_size (); -+ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -+ auto top_of_locals = offset; - -- /* Both these values are already aligned. */ -- gcc_assert (multiple_p (frame.bytes_below_saved_regs, -- STACK_BOUNDARY / BITS_PER_UNIT)); -- frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; -+ offset += frame.saved_varargs_size; -+ gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); -+ frame.frame_size = offset; - -- frame.bytes_above_locals = frame.saved_varargs_size; -+ frame.bytes_above_hard_fp = frame.frame_size - frame.bytes_below_hard_fp; -+ frame.bytes_above_locals = frame.frame_size - top_of_locals; - - frame.initial_adjust = 0; - frame.final_adjust = 0; --- -2.34.1 - - -From 4e62049e403b141e6f916176160dac8cbd65fe47 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:18 +0100 -Subject: [PATCH 13/19] aarch64: Minor initial adjustment tweak - -This patch just changes a calculation of initial_adjust -to one that makes it slightly more obvious that the total -adjustment is frame.frame_size. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Tweak - calculation of initial_adjust for frames in which all saves - are SVE saves. ---- - gcc/config/aarch64/aarch64.cc | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 31b00094c2a..1aa79da0673 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8675,11 +8675,10 @@ aarch64_layout_frame (void) - { - /* Frame in which all saves are SVE saves: - -- sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size -+ sub sp, sp, frame_size - bytes_below_saved_regs - save SVE registers relative to SP - sub sp, sp, bytes_below_saved_regs */ -- frame.initial_adjust = (frame.bytes_above_hard_fp -- + frame.below_hard_fp_saved_regs_size); -+ frame.initial_adjust = frame.frame_size - frame.bytes_below_saved_regs; - frame.final_adjust = frame.bytes_below_saved_regs; - } - else if (frame.bytes_above_hard_fp.is_constant (&const_above_fp) --- -2.34.1 - - -From aaa1a0a5912d9e5d571e5f1c6f09ceac99544ab5 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:18 +0100 -Subject: [PATCH 14/19] aarch64: Tweak stack clash boundary condition - -The AArch64 ABI says that, when stack clash protection is used, -there can be a maximum of 1KiB of unprobed space at sp on entry -to a function. Therefore, we need to probe when allocating ->= guard_size - 1KiB of data (>= rather than >). This is what -GCC does. - -If an allocation is exactly guard_size bytes, it is enough to allocate -those bytes and probe once at offset 1024. It isn't possible to use a -single probe at any other offset: higher would conmplicate later code, -by leaving more unprobed space than usual, while lower would risk -leaving an entire page unprobed. For simplicity, the code probes all -allocations at offset 1024. - -Some register saves also act as probes. If we need to allocate -more space below the last such register save probe, we need to -probe the allocation if it is > 1KiB. Again, this allocation is -then sometimes (but not always) probed at offset 1024. This sort of -allocation is currently only used for outgoing arguments, which are -rarely this big. - -However, the code also probed if this final outgoing-arguments -allocation was == 1KiB, rather than just > 1KiB. This isn't -necessary, since the register save then probes at offset 1024 -as required. Continuing to probe allocations of exactly 1KiB -would complicate later patches. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_allocate_and_probe_stack_space): - Don't probe final allocations that are exactly 1KiB in size (after - unprobed space above the final allocation has been deducted). - -gcc/testsuite/ - * gcc.target/aarch64/stack-check-prologue-17.c: New test. ---- - gcc/config/aarch64/aarch64.cc | 4 +- - .../aarch64/stack-check-prologue-17.c | 55 +++++++++++++++++++ - 2 files changed, 58 insertions(+), 1 deletion(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 1aa79da0673..5cad847977a 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -9648,9 +9648,11 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - HOST_WIDE_INT guard_size - = 1 << param_stack_clash_protection_guard_size; - HOST_WIDE_INT guard_used_by_caller = STACK_CLASH_CALLER_GUARD; -+ HOST_WIDE_INT byte_sp_alignment = STACK_BOUNDARY / BITS_PER_UNIT; -+ gcc_assert (multiple_p (poly_size, byte_sp_alignment)); - HOST_WIDE_INT min_probe_threshold - = (final_adjustment_p -- ? guard_used_by_caller -+ ? guard_used_by_caller + byte_sp_alignment - : guard_size - guard_used_by_caller); - /* When doing the final adjustment for the outgoing arguments, take into - account any unprobed space there is above the current SP. There are -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -new file mode 100644 -index 00000000000..0d8a25d73a2 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -@@ -0,0 +1,55 @@ -+/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void f(int, ...); -+void g(); -+ -+/* -+** test1: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1024 -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test1(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test2: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1040 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test2(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x); -+ } -+ g(); -+ return 1; -+} --- -2.34.1 - - -From 8433953434a7b58c0923140d39eb3c5988c1d097 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:19 +0100 -Subject: [PATCH 15/19] aarch64: Put LR save probe in first 16 bytes - --fstack-clash-protection uses the save of LR as a probe for the next -allocation. The next allocation could be: - -* another part of the static frame, e.g. when allocating SVE save slots - or outgoing arguments - -* an alloca in the same function - -* an allocation made by a callee function - -However, when -fomit-frame-pointer is used, the LR save slot is placed -above the other GPR save slots. It could therefore be up to 80 bytes -above the base of the GPR save area (which is also the hard fp address). - -aarch64_allocate_and_probe_stack_space took this into account when -deciding how much subsequent space could be allocated without needing -a probe. However, it interacted badly with: - - /* If doing a small final adjustment, we always probe at offset 0. - This is done to avoid issues when LR is not at position 0 or when - the final adjustment is smaller than the probing offset. */ - else if (final_adjustment_p && rounded_size == 0) - residual_probe_offset = 0; - -which forces any allocation that is smaller than the guard page size -to be probed at offset 0 rather than the usual offset 1024. It was -therefore possible to construct cases in which we had: - -* a probe using LR at SP + 80 bytes (or some other value >= 16) -* an allocation of the guard page size - 16 bytes -* a probe at SP + 0 - -which allocates guard page size + 64 consecutive unprobed bytes. - -This patch requires the LR probe to be in the first 16 bytes of the -save area when stack clash protection is active. Doing it -unconditionally would cause code-quality regressions. - -Putting LR before other registers prevents push/pop allocation -when shadow call stacks are enabled, since LR is restored -separately from the other callee-saved registers. - -The new comment doesn't say that the probe register is required -to be LR, since a later patch removes that restriction. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Ensure that - the LR save slot is in the first 16 bytes of the register save area. - Only form STP/LDP push/pop candidates if both registers are valid. - (aarch64_allocate_and_probe_stack_space): Remove workaround for - when LR was not in the first 16 bytes. - -gcc/testsuite/ - * gcc.target/aarch64/stack-check-prologue-18.c: New test. - * gcc.target/aarch64/stack-check-prologue-19.c: Likewise. - * gcc.target/aarch64/stack-check-prologue-20.c: Likewise. ---- - gcc/config/aarch64/aarch64.cc | 72 ++++++------- - .../aarch64/stack-check-prologue-18.c | 100 ++++++++++++++++++ - .../aarch64/stack-check-prologue-19.c | 100 ++++++++++++++++++ - .../aarch64/stack-check-prologue-20.c | 3 + - 4 files changed, 233 insertions(+), 42 deletions(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 5cad847977a..a765f92329d 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8534,26 +8534,34 @@ aarch64_layout_frame (void) - bool saves_below_hard_fp_p - = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); - frame.bytes_below_hard_fp = offset; -+ -+ auto allocate_gpr_slot = [&](unsigned int regno) -+ { -+ frame.reg_offset[regno] = offset; -+ if (frame.wb_push_candidate1 == INVALID_REGNUM) -+ frame.wb_push_candidate1 = regno; -+ else if (frame.wb_push_candidate2 == INVALID_REGNUM) -+ frame.wb_push_candidate2 = regno; -+ offset += UNITS_PER_WORD; -+ }; -+ - if (frame.emit_frame_chain) - { - /* FP and LR are placed in the linkage record. */ -- frame.reg_offset[R29_REGNUM] = offset; -- frame.wb_push_candidate1 = R29_REGNUM; -- frame.reg_offset[R30_REGNUM] = offset + UNITS_PER_WORD; -- frame.wb_push_candidate2 = R30_REGNUM; -- offset += 2 * UNITS_PER_WORD; -+ allocate_gpr_slot (R29_REGNUM); -+ allocate_gpr_slot (R30_REGNUM); - } -+ else if (flag_stack_clash_protection -+ && known_eq (frame.reg_offset[R30_REGNUM], SLOT_REQUIRED)) -+ /* Put the LR save slot first, since it makes a good choice of probe -+ for stack clash purposes. The idea is that the link register usually -+ has to be saved before a call anyway, and so we lose little by -+ stopping it from being individually shrink-wrapped. */ -+ allocate_gpr_slot (R30_REGNUM); - - for (regno = R0_REGNUM; regno <= R30_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) -- { -- frame.reg_offset[regno] = offset; -- if (frame.wb_push_candidate1 == INVALID_REGNUM) -- frame.wb_push_candidate1 = regno; -- else if (frame.wb_push_candidate2 == INVALID_REGNUM) -- frame.wb_push_candidate2 = regno; -- offset += UNITS_PER_WORD; -- } -+ allocate_gpr_slot (regno); - - poly_int64 max_int_offset = offset; - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -@@ -8631,10 +8639,13 @@ aarch64_layout_frame (void) - max_push_offset to 0, because no registers are popped at this time, - so callee_adjust cannot be adjusted. */ - HOST_WIDE_INT max_push_offset = 0; -- if (frame.wb_pop_candidate2 != INVALID_REGNUM) -- max_push_offset = 512; -- else if (frame.wb_pop_candidate1 != INVALID_REGNUM) -- max_push_offset = 256; -+ if (frame.wb_pop_candidate1 != INVALID_REGNUM) -+ { -+ if (frame.wb_pop_candidate2 != INVALID_REGNUM) -+ max_push_offset = 512; -+ else -+ max_push_offset = 256; -+ } - - HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; - HOST_WIDE_INT const_saved_regs_size; -@@ -9654,29 +9665,6 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - = (final_adjustment_p - ? guard_used_by_caller + byte_sp_alignment - : guard_size - guard_used_by_caller); -- /* When doing the final adjustment for the outgoing arguments, take into -- account any unprobed space there is above the current SP. There are -- two cases: -- -- - When saving SVE registers below the hard frame pointer, we force -- the lowest save to take place in the prologue before doing the final -- adjustment (i.e. we don't allow the save to be shrink-wrapped). -- This acts as a probe at SP, so there is no unprobed space. -- -- - When there are no SVE register saves, we use the store of the link -- register as a probe. We can't assume that LR was saved at position 0 -- though, so treat any space below it as unprobed. */ -- if (final_adjustment_p -- && known_eq (frame.below_hard_fp_saved_regs_size, 0)) -- { -- poly_int64 lr_offset = (frame.reg_offset[LR_REGNUM] -- - frame.bytes_below_saved_regs); -- if (known_ge (lr_offset, 0)) -- min_probe_threshold -= lr_offset.to_constant (); -- else -- gcc_assert (!flag_stack_clash_protection || known_eq (poly_size, 0)); -- } -- - poly_int64 frame_size = frame.frame_size; - - /* We should always have a positive probe threshold. */ -@@ -9856,8 +9844,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - if (final_adjustment_p && rounded_size != 0) - min_probe_threshold = 0; - /* If doing a small final adjustment, we always probe at offset 0. -- This is done to avoid issues when LR is not at position 0 or when -- the final adjustment is smaller than the probing offset. */ -+ This is done to avoid issues when the final adjustment is smaller -+ than the probing offset. */ - else if (final_adjustment_p && rounded_size == 0) - residual_probe_offset = 0; - -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -new file mode 100644 -index 00000000000..82447d20fff ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -@@ -0,0 +1,100 @@ -+/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void f(int, ...); -+void g(); -+ -+/* -+** test1: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #4064 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+** str x26, \[sp, #?4128\] -+** ... -+*/ -+int test1(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test2: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1040 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test2(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test3: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1024 -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test3(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -new file mode 100644 -index 00000000000..73ac3e4e4eb ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -@@ -0,0 +1,100 @@ -+/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12 -fsanitize=shadow-call-stack -ffixed-x18" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void f(int, ...); -+void g(); -+ -+/* -+** test1: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #4064 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+** str x26, \[sp, #?4128\] -+** ... -+*/ -+int test1(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test2: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1040 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test2(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test3: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1024 -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test3(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c -new file mode 100644 -index 00000000000..690aae8dfd5 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c -@@ -0,0 +1,3 @@ -+/* { dg-options "-O2 -fstack-protector-all -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12 -fsanitize=shadow-call-stack -ffixed-x18" } */ -+ -+#include "stack-check-prologue-19.c" --- -2.34.1 - - -From eea1759073e09dd1aefbc9a881601ab1eebfdd18 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:19 +0100 -Subject: [PATCH 16/19] aarch64: Simplify probe of final frame allocation - -Previous patches ensured that the final frame allocation only needs -a probe when the size is strictly greater than 1KiB. It's therefore -safe to use the normal 1024 probe offset in all cases. - -The main motivation for doing this is to simplify the code and -remove the number of special cases. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_allocate_and_probe_stack_space): - Always probe the residual allocation at offset 1024, asserting - that that is in range. - -gcc/testsuite/ - * gcc.target/aarch64/stack-check-prologue-17.c: Expect the probe - to be at offset 1024 rather than offset 0. - * gcc.target/aarch64/stack-check-prologue-18.c: Likewise. - * gcc.target/aarch64/stack-check-prologue-19.c: Likewise. ---- - gcc/config/aarch64/aarch64.cc | 12 ++++-------- - .../gcc.target/aarch64/stack-check-prologue-17.c | 2 +- - .../gcc.target/aarch64/stack-check-prologue-18.c | 4 ++-- - .../gcc.target/aarch64/stack-check-prologue-19.c | 4 ++-- - 4 files changed, 9 insertions(+), 13 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index a765f92329d..37809a306f7 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -9838,16 +9838,12 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - are still safe. */ - if (residual) - { -- HOST_WIDE_INT residual_probe_offset = guard_used_by_caller; -+ gcc_assert (guard_used_by_caller + byte_sp_alignment <= size); -+ - /* If we're doing final adjustments, and we've done any full page - allocations then any residual needs to be probed. */ - if (final_adjustment_p && rounded_size != 0) - min_probe_threshold = 0; -- /* If doing a small final adjustment, we always probe at offset 0. -- This is done to avoid issues when the final adjustment is smaller -- than the probing offset. */ -- else if (final_adjustment_p && rounded_size == 0) -- residual_probe_offset = 0; - - aarch64_sub_sp (temp1, temp2, residual, frame_related_p); - if (residual >= min_probe_threshold) -@@ -9858,8 +9854,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - HOST_WIDE_INT_PRINT_DEC " bytes, probing will be required." - "\n", residual); - -- emit_stack_probe (plus_constant (Pmode, stack_pointer_rtx, -- residual_probe_offset)); -+ emit_stack_probe (plus_constant (Pmode, stack_pointer_rtx, -+ guard_used_by_caller)); - emit_insn (gen_blockage ()); - } - } -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -index 0d8a25d73a2..f0ec1389771 100644 ---- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -@@ -33,7 +33,7 @@ int test1(int z) { - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #1040 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -index 82447d20fff..6383bec5ebc 100644 ---- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -@@ -9,7 +9,7 @@ void g(); - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #4064 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -@@ -50,7 +50,7 @@ int test1(int z) { - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #1040 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -index 73ac3e4e4eb..562039b5e9b 100644 ---- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -@@ -9,7 +9,7 @@ void g(); - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #4064 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -@@ -50,7 +50,7 @@ int test1(int z) { - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #1040 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... --- -2.34.1 - - -From 96d85187c3b9c9a7efc2fd698c3d452e80d8aa47 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:20 +0100 -Subject: [PATCH 17/19] aarch64: Explicitly record probe registers in frame - info - -The stack frame is currently divided into three areas: - -A: the area above the hard frame pointer -B: the SVE saves below the hard frame pointer -C: the outgoing arguments - -If the stack frame is allocated in one chunk, the allocation needs a -probe if the frame size is >= guard_size - 1KiB. In addition, if the -function is not a leaf function, it must probe an address no more than -1KiB above the outgoing SP. We ensured the second condition by - -(1) using single-chunk allocations for non-leaf functions only if - the link register save slot is within 512 bytes of the bottom - of the frame; and - -(2) using the link register save as a probe (meaning, for instance, - that it can't be individually shrink wrapped) - -If instead the stack is allocated in multiple chunks, then: - -* an allocation involving only the outgoing arguments (C above) requires - a probe if the allocation size is > 1KiB - -* any other allocation requires a probe if the allocation size - is >= guard_size - 1KiB - -* second and subsequent allocations require the previous allocation - to probe at the bottom of the allocated area, regardless of the size - of that previous allocation - -The final point means that, unlike for single allocations, -it can be necessary to have both a non-SVE register probe and -an SVE register probe. For example: - -* allocate A, probe using a non-SVE register save -* allocate B, probe using an SVE register save -* allocate C - -The non-SVE register used in this case was again the link register. -It was previously used even if the link register save slot was some -bytes above the bottom of the non-SVE register saves, but an earlier -patch avoided that by putting the link register save slot first. - -As a belt-and-braces fix, this patch explicitly records which -probe registers we're using and allows the non-SVE probe to be -whichever register comes first (as for SVE). - -The patch also avoids unnecessary probes in sve/pcs/stack_clash_3.c. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::sve_save_and_probe) - (aarch64_frame::hard_fp_save_and_probe): New fields. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize them. - Rather than asserting that a leaf function saves LR, instead assert - that a leaf function saves something. - (aarch64_get_separate_components): Prevent the chosen probe - registers from being individually shrink-wrapped. - (aarch64_allocate_and_probe_stack_space): Remove workaround for - probe registers that aren't at the bottom of the previous allocation. - -gcc/testsuite/ - * gcc.target/aarch64/sve/pcs/stack_clash_3.c: Avoid redundant probes. ---- - gcc/config/aarch64/aarch64.cc | 68 +++++++++++++++---- - gcc/config/aarch64/aarch64.h | 8 +++ - .../aarch64/sve/pcs/stack_clash_3.c | 6 +- - 3 files changed, 64 insertions(+), 18 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 37809a306f7..6c59c39a639 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8471,15 +8471,11 @@ aarch64_layout_frame (void) - && !crtl->abi->clobbers_full_reg_p (regno)) - frame.reg_offset[regno] = SLOT_REQUIRED; - -- /* With stack-clash, LR must be saved in non-leaf functions. The saving of -- LR counts as an implicit probe which allows us to maintain the invariant -- described in the comment at expand_prologue. */ -- gcc_assert (crtl->is_leaf -- || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); - - poly_int64 offset = crtl->outgoing_args_size; - gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); - frame.bytes_below_saved_regs = offset; -+ frame.sve_save_and_probe = INVALID_REGNUM; - - /* Now assign stack slots for the registers. Start with the predicate - registers, since predicate LDR and STR have a relatively small -@@ -8487,6 +8483,8 @@ aarch64_layout_frame (void) - for (regno = P0_REGNUM; regno <= P15_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) - { -+ if (frame.sve_save_and_probe == INVALID_REGNUM) -+ frame.sve_save_and_probe = regno; - frame.reg_offset[regno] = offset; - offset += BYTES_PER_SVE_PRED; - } -@@ -8524,6 +8522,8 @@ aarch64_layout_frame (void) - for (regno = V0_REGNUM; regno <= V31_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) - { -+ if (frame.sve_save_and_probe == INVALID_REGNUM) -+ frame.sve_save_and_probe = regno; - frame.reg_offset[regno] = offset; - offset += vector_save_size; - } -@@ -8533,10 +8533,18 @@ aarch64_layout_frame (void) - frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; - bool saves_below_hard_fp_p - = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); -+ gcc_assert (!saves_below_hard_fp_p -+ || (frame.sve_save_and_probe != INVALID_REGNUM -+ && known_eq (frame.reg_offset[frame.sve_save_and_probe], -+ frame.bytes_below_saved_regs))); -+ - frame.bytes_below_hard_fp = offset; -+ frame.hard_fp_save_and_probe = INVALID_REGNUM; - - auto allocate_gpr_slot = [&](unsigned int regno) - { -+ if (frame.hard_fp_save_and_probe == INVALID_REGNUM) -+ frame.hard_fp_save_and_probe = regno; - frame.reg_offset[regno] = offset; - if (frame.wb_push_candidate1 == INVALID_REGNUM) - frame.wb_push_candidate1 = regno; -@@ -8570,6 +8578,8 @@ aarch64_layout_frame (void) - for (regno = V0_REGNUM; regno <= V31_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) - { -+ if (frame.hard_fp_save_and_probe == INVALID_REGNUM) -+ frame.hard_fp_save_and_probe = regno; - /* If there is an alignment gap between integer and fp callee-saves, - allocate the last fp register to it if possible. */ - if (regno == last_fp_reg -@@ -8593,6 +8603,17 @@ aarch64_layout_frame (void) - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - - frame.saved_regs_size = offset - frame.bytes_below_saved_regs; -+ gcc_assert (known_eq (frame.saved_regs_size, -+ frame.below_hard_fp_saved_regs_size) -+ || (frame.hard_fp_save_and_probe != INVALID_REGNUM -+ && known_eq (frame.reg_offset[frame.hard_fp_save_and_probe], -+ frame.bytes_below_hard_fp))); -+ -+ /* With stack-clash, a register must be saved in non-leaf functions. -+ The saving of the bottommost register counts as an implicit probe, -+ which allows us to maintain the invariant described in the comment -+ at expand_prologue. */ -+ gcc_assert (crtl->is_leaf || maybe_ne (frame.saved_regs_size, 0)); - - offset += get_frame_size (); - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -@@ -8723,6 +8744,25 @@ aarch64_layout_frame (void) - frame.final_adjust = frame.bytes_below_saved_regs; - } - -+ /* The frame is allocated in pieces, with each non-final piece -+ including a register save at offset 0 that acts as a probe for -+ the following piece. In addition, the save of the bottommost register -+ acts as a probe for callees and allocas. Roll back any probes that -+ aren't needed. -+ -+ A probe isn't needed if it is associated with the final allocation -+ (including callees and allocas) that happens before the epilogue is -+ executed. */ -+ if (crtl->is_leaf -+ && !cfun->calls_alloca -+ && known_eq (frame.final_adjust, 0)) -+ { -+ if (maybe_ne (frame.sve_callee_adjust, 0)) -+ frame.sve_save_and_probe = INVALID_REGNUM; -+ else -+ frame.hard_fp_save_and_probe = INVALID_REGNUM; -+ } -+ - /* Make sure the individual adjustments add up to the full frame size. */ - gcc_assert (known_eq (frame.initial_adjust - + frame.callee_adjust -@@ -9354,13 +9394,6 @@ aarch64_get_separate_components (void) - - poly_int64 offset = frame.reg_offset[regno]; - -- /* If the register is saved in the first SVE save slot, we use -- it as a stack probe for -fstack-clash-protection. */ -- if (flag_stack_clash_protection -- && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) -- && known_eq (offset, frame.bytes_below_saved_regs)) -- continue; -- - /* Get the offset relative to the register we'll use. */ - if (frame_pointer_needed) - offset -= frame.bytes_below_hard_fp; -@@ -9395,6 +9428,13 @@ aarch64_get_separate_components (void) - - bitmap_clear_bit (components, LR_REGNUM); - bitmap_clear_bit (components, SP_REGNUM); -+ if (flag_stack_clash_protection) -+ { -+ if (frame.sve_save_and_probe != INVALID_REGNUM) -+ bitmap_clear_bit (components, frame.sve_save_and_probe); -+ if (frame.hard_fp_save_and_probe != INVALID_REGNUM) -+ bitmap_clear_bit (components, frame.hard_fp_save_and_probe); -+ } - - return components; - } -@@ -9931,8 +9971,8 @@ aarch64_epilogue_uses (int regno) - When probing is needed, we emit a probe at the start of the prologue - and every PARAM_STACK_CLASH_PROTECTION_GUARD_SIZE bytes thereafter. - -- We have to track how much space has been allocated and the only stores -- to the stack we track as implicit probes are the FP/LR stores. -+ We can also use register saves as probes. These are stored in -+ sve_save_and_probe and hard_fp_save_and_probe. - - For outgoing arguments we probe if the size is larger than 1KB, such that - the ABI specified buffer is maintained for the next callee. -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index c8becb098c8..fbfb73545ba 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -863,6 +863,14 @@ struct GTY (()) aarch64_frame - This is the register they should use. */ - unsigned spare_pred_reg; - -+ /* An SVE register that is saved below the hard frame pointer and that acts -+ as a probe for later allocations, or INVALID_REGNUM if none. */ -+ unsigned sve_save_and_probe; -+ -+ /* A register that is saved at the hard frame pointer and that acts -+ as a probe for later allocations, or INVALID_REGNUM if none. */ -+ unsigned hard_fp_save_and_probe; -+ - bool laid_out; - - /* True if shadow call stack should be enabled for the current function. */ -diff --git a/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c b/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c -index 3e01ec36c3a..3530a0d504b 100644 ---- a/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c -+++ b/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c -@@ -11,11 +11,10 @@ - ** mov x11, sp - ** ... - ** sub sp, sp, x13 --** str p4, \[sp\] - ** cbz w0, [^\n]* -+** str p4, \[sp\] - ** ... - ** ptrue p0\.b, all --** ldr p4, \[sp\] - ** addvl sp, sp, #1 - ** ldr x24, \[sp\], 32 - ** ret -@@ -39,13 +38,12 @@ test_1 (int n) - ** mov x11, sp - ** ... - ** sub sp, sp, x13 --** str p4, \[sp\] - ** cbz w0, [^\n]* -+** str p4, \[sp\] - ** str p5, \[sp, #1, mul vl\] - ** str p6, \[sp, #2, mul vl\] - ** ... - ** ptrue p0\.b, all --** ldr p4, \[sp\] - ** addvl sp, sp, #1 - ** ldr x24, \[sp\], 32 - ** ret --- -2.34.1 - - -From 56df065080950bb30dda9c260f71be54269bdda5 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:20 +0100 -Subject: [PATCH 18/19] aarch64: Remove below_hard_fp_saved_regs_size - -After previous patches, it's no longer necessary to store -saved_regs_size and below_hard_fp_saved_regs_size in the frame info. -All measurements instead use the top or bottom of the frame as -reference points. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::saved_regs_size) - (aarch64_frame::below_hard_fp_saved_regs_size): Delete. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Update accordingly. ---- - gcc/config/aarch64/aarch64.cc | 45 ++++++++++++++++------------------- - gcc/config/aarch64/aarch64.h | 7 ------ - 2 files changed, 21 insertions(+), 31 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 6c59c39a639..b95e805a8cc 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8530,9 +8530,8 @@ aarch64_layout_frame (void) - - /* OFFSET is now the offset of the hard frame pointer from the bottom - of the callee save area. */ -- frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; -- bool saves_below_hard_fp_p -- = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); -+ auto below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; -+ bool saves_below_hard_fp_p = maybe_ne (below_hard_fp_saved_regs_size, 0); - gcc_assert (!saves_below_hard_fp_p - || (frame.sve_save_and_probe != INVALID_REGNUM - && known_eq (frame.reg_offset[frame.sve_save_and_probe], -@@ -8602,9 +8601,8 @@ aarch64_layout_frame (void) - - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - -- frame.saved_regs_size = offset - frame.bytes_below_saved_regs; -- gcc_assert (known_eq (frame.saved_regs_size, -- frame.below_hard_fp_saved_regs_size) -+ auto saved_regs_size = offset - frame.bytes_below_saved_regs; -+ gcc_assert (known_eq (saved_regs_size, below_hard_fp_saved_regs_size) - || (frame.hard_fp_save_and_probe != INVALID_REGNUM - && known_eq (frame.reg_offset[frame.hard_fp_save_and_probe], - frame.bytes_below_hard_fp))); -@@ -8613,7 +8611,7 @@ aarch64_layout_frame (void) - The saving of the bottommost register counts as an implicit probe, - which allows us to maintain the invariant described in the comment - at expand_prologue. */ -- gcc_assert (crtl->is_leaf || maybe_ne (frame.saved_regs_size, 0)); -+ gcc_assert (crtl->is_leaf || maybe_ne (saved_regs_size, 0)); - - offset += get_frame_size (); - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -@@ -8670,7 +8668,7 @@ aarch64_layout_frame (void) - - HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; - HOST_WIDE_INT const_saved_regs_size; -- if (known_eq (frame.saved_regs_size, 0)) -+ if (known_eq (saved_regs_size, 0)) - frame.initial_adjust = frame.frame_size; - else if (frame.frame_size.is_constant (&const_size) - && const_size < max_push_offset -@@ -8683,7 +8681,7 @@ aarch64_layout_frame (void) - frame.callee_adjust = const_size; - } - else if (frame.bytes_below_saved_regs.is_constant (&const_below_saved_regs) -- && frame.saved_regs_size.is_constant (&const_saved_regs_size) -+ && saved_regs_size.is_constant (&const_saved_regs_size) - && const_below_saved_regs + const_saved_regs_size < 512 - /* We could handle this case even with data below the saved - registers, provided that that data left us with valid offsets -@@ -8702,8 +8700,7 @@ aarch64_layout_frame (void) - frame.initial_adjust = frame.frame_size; - } - else if (saves_below_hard_fp_p -- && known_eq (frame.saved_regs_size, -- frame.below_hard_fp_saved_regs_size)) -+ && known_eq (saved_regs_size, below_hard_fp_saved_regs_size)) - { - /* Frame in which all saves are SVE saves: - -@@ -8725,7 +8722,7 @@ aarch64_layout_frame (void) - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ - frame.callee_adjust = const_above_fp; -- frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -+ frame.sve_callee_adjust = below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } - else -@@ -8740,7 +8737,7 @@ aarch64_layout_frame (void) - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ - frame.initial_adjust = frame.bytes_above_hard_fp; -- frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -+ frame.sve_callee_adjust = below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } - -@@ -9936,17 +9933,17 @@ aarch64_epilogue_uses (int regno) - | local variables | <-- frame_pointer_rtx - | | - +-------------------------------+ -- | padding | \ -- +-------------------------------+ | -- | callee-saved registers | | frame.saved_regs_size -- +-------------------------------+ | -- | LR' | | -- +-------------------------------+ | -- | FP' | | -- +-------------------------------+ |<- hard_frame_pointer_rtx (aligned) -- | SVE vector registers | | \ -- +-------------------------------+ | | below_hard_fp_saved_regs_size -- | SVE predicate registers | / / -+ | padding | -+ +-------------------------------+ -+ | callee-saved registers | -+ +-------------------------------+ -+ | LR' | -+ +-------------------------------+ -+ | FP' | -+ +-------------------------------+ <-- hard_frame_pointer_rtx (aligned) -+ | SVE vector registers | -+ +-------------------------------+ -+ | SVE predicate registers | - +-------------------------------+ - | dynamic allocation | - +-------------------------------+ -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index fbfb73545ba..cfeaf4657ab 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -777,18 +777,11 @@ struct GTY (()) aarch64_frame - STACK_BOUNDARY. */ - HOST_WIDE_INT saved_varargs_size; - -- /* The size of the callee-save registers with a slot in REG_OFFSET. */ -- poly_int64 saved_regs_size; -- - /* The number of bytes between the bottom of the static frame (the bottom - of the outgoing arguments) and the bottom of the register save area. - This value is always a multiple of STACK_BOUNDARY. */ - poly_int64 bytes_below_saved_regs; - -- /* The size of the callee-save registers with a slot in REG_OFFSET that -- are saved below the hard frame pointer. */ -- poly_int64 below_hard_fp_saved_regs_size; -- - /* The number of bytes between the bottom of the static frame (the bottom - of the outgoing arguments) and the hard frame pointer. This value is - always a multiple of STACK_BOUNDARY. */ --- -2.34.1 - - -From b96e66fd4ef3e36983969fb8cdd1956f551a074b Mon Sep 17 00:00:00 2001 -From: Richard Sandiford <richard.sandiford@arm.com> -Date: Tue, 12 Sep 2023 16:07:21 +0100 -Subject: [PATCH 19/19] aarch64: Make stack smash canary protect saved - registers - -AArch64 normally puts the saved registers near the bottom of the frame, -immediately above any dynamic allocations. But this means that a -stack-smash attack on those dynamic allocations could overwrite the -saved registers without needing to reach as far as the stack smash -canary. - -The same thing could also happen for variable-sized arguments that are -passed by value, since those are allocated before a call and popped on -return. - -This patch avoids that by putting the locals (and thus the canary) below -the saved registers when stack smash protection is active. - -The patch fixes CVE-2023-4039. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_save_regs_above_locals_p): - New function. - (aarch64_layout_frame): Use it to decide whether locals should - go above or below the saved registers. - (aarch64_expand_prologue): Update stack layout comment. - Emit a stack tie after the final adjustment. - -gcc/testsuite/ - * gcc.target/aarch64/stack-protector-8.c: New test. - * gcc.target/aarch64/stack-protector-9.c: Likewise. ---- - gcc/config/aarch64/aarch64.cc | 46 +++++++-- - .../gcc.target/aarch64/stack-protector-8.c | 95 +++++++++++++++++++ - .../gcc.target/aarch64/stack-protector-9.c | 33 +++++++ - 3 files changed, 168 insertions(+), 6 deletions(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-protector-8.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-protector-9.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index b95e805a8cc..389c0e29353 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8394,6 +8394,20 @@ aarch64_needs_frame_chain (void) - return aarch64_use_frame_pointer; - } - -+/* Return true if the current function should save registers above -+ the locals area, rather than below it. */ -+ -+static bool -+aarch64_save_regs_above_locals_p () -+{ -+ /* When using stack smash protection, make sure that the canary slot -+ comes between the locals and the saved registers. Otherwise, -+ it would be possible for a carefully sized smash attack to change -+ the saved registers (particularly LR and FP) without reaching the -+ canary. */ -+ return crtl->stack_protect_guard; -+} -+ - /* Mark the registers that need to be saved by the callee and calculate - the size of the callee-saved registers area and frame record (both FP - and LR may be omitted). */ -@@ -8405,6 +8419,7 @@ aarch64_layout_frame (void) - poly_int64 vector_save_size = GET_MODE_SIZE (vector_save_mode); - bool frame_related_fp_reg_p = false; - aarch64_frame &frame = cfun->machine->frame; -+ poly_int64 top_of_locals = -1; - - frame.emit_frame_chain = aarch64_needs_frame_chain (); - -@@ -8471,9 +8486,16 @@ aarch64_layout_frame (void) - && !crtl->abi->clobbers_full_reg_p (regno)) - frame.reg_offset[regno] = SLOT_REQUIRED; - -+ bool regs_at_top_p = aarch64_save_regs_above_locals_p (); - - poly_int64 offset = crtl->outgoing_args_size; - gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); -+ if (regs_at_top_p) -+ { -+ offset += get_frame_size (); -+ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -+ top_of_locals = offset; -+ } - frame.bytes_below_saved_regs = offset; - frame.sve_save_and_probe = INVALID_REGNUM; - -@@ -8613,15 +8635,18 @@ aarch64_layout_frame (void) - at expand_prologue. */ - gcc_assert (crtl->is_leaf || maybe_ne (saved_regs_size, 0)); - -- offset += get_frame_size (); -- offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -- auto top_of_locals = offset; -- -+ if (!regs_at_top_p) -+ { -+ offset += get_frame_size (); -+ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -+ top_of_locals = offset; -+ } - offset += frame.saved_varargs_size; - gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); - frame.frame_size = offset; - - frame.bytes_above_hard_fp = frame.frame_size - frame.bytes_below_hard_fp; -+ gcc_assert (known_ge (top_of_locals, 0)); - frame.bytes_above_locals = frame.frame_size - top_of_locals; - - frame.initial_adjust = 0; -@@ -9930,10 +9955,10 @@ aarch64_epilogue_uses (int regno) - | for register varargs | - | | - +-------------------------------+ -- | local variables | <-- frame_pointer_rtx -+ | local variables (1) | <-- frame_pointer_rtx - | | - +-------------------------------+ -- | padding | -+ | padding (1) | - +-------------------------------+ - | callee-saved registers | - +-------------------------------+ -@@ -9945,6 +9970,10 @@ aarch64_epilogue_uses (int regno) - +-------------------------------+ - | SVE predicate registers | - +-------------------------------+ -+ | local variables (2) | -+ +-------------------------------+ -+ | padding (2) | -+ +-------------------------------+ - | dynamic allocation | - +-------------------------------+ - | padding | -@@ -9954,6 +9983,9 @@ aarch64_epilogue_uses (int regno) - +-------------------------------+ - | | <-- stack_pointer_rtx (aligned) - -+ The regions marked (1) and (2) are mutually exclusive. (2) is used -+ when aarch64_save_regs_above_locals_p is true. -+ - Dynamic stack allocations via alloca() decrease stack_pointer_rtx - but leave frame_pointer_rtx and hard_frame_pointer_rtx - unchanged. -@@ -10149,6 +10181,8 @@ aarch64_expand_prologue (void) - gcc_assert (known_eq (bytes_below_sp, final_adjust)); - aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, final_adjust, - !frame_pointer_needed, true); -+ if (emit_frame_chain && maybe_ne (final_adjust, 0)) -+ emit_insn (gen_stack_tie (stack_pointer_rtx, hard_frame_pointer_rtx)); - } - - /* Return TRUE if we can use a simple_return insn. -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c b/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c -new file mode 100644 -index 00000000000..e71d820e365 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c -@@ -0,0 +1,95 @@ -+/* { dg-options " -O -fstack-protector-strong -mstack-protector-guard=sysreg -mstack-protector-guard-reg=tpidr2_el0 -mstack-protector-guard-offset=16" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void g(void *); -+__SVBool_t *h(void *); -+ -+/* -+** test1: -+** sub sp, sp, #288 -+** stp x29, x30, \[sp, #?272\] -+** add x29, sp, #?272 -+** mrs (x[0-9]+), tpidr2_el0 -+** ldr (x[0-9]+), \[\1, #?16\] -+** str \2, \[sp, #?264\] -+** mov \2, #?0 -+** add x0, sp, #?8 -+** bl g -+** ... -+** mrs .* -+** ... -+** bne .* -+** ... -+** ldp x29, x30, \[sp, #?272\] -+** add sp, sp, #?288 -+** ret -+** bl __stack_chk_fail -+*/ -+int test1() { -+ int y[0x40]; -+ g(y); -+ return 1; -+} -+ -+/* -+** test2: -+** stp x29, x30, \[sp, #?-16\]! -+** mov x29, sp -+** sub sp, sp, #1040 -+** mrs (x[0-9]+), tpidr2_el0 -+** ldr (x[0-9]+), \[\1, #?16\] -+** str \2, \[sp, #?1032\] -+** mov \2, #?0 -+** add x0, sp, #?8 -+** bl g -+** ... -+** mrs .* -+** ... -+** bne .* -+** ... -+** add sp, sp, #?1040 -+** ldp x29, x30, \[sp\], #?16 -+** ret -+** bl __stack_chk_fail -+*/ -+int test2() { -+ int y[0x100]; -+ g(y); -+ return 1; -+} -+ -+#pragma GCC target "+sve" -+ -+/* -+** test3: -+** stp x29, x30, \[sp, #?-16\]! -+** mov x29, sp -+** addvl sp, sp, #-18 -+** ... -+** str p4, \[sp\] -+** ... -+** sub sp, sp, #272 -+** mrs (x[0-9]+), tpidr2_el0 -+** ldr (x[0-9]+), \[\1, #?16\] -+** str \2, \[sp, #?264\] -+** mov \2, #?0 -+** add x0, sp, #?8 -+** bl h -+** ... -+** mrs .* -+** ... -+** bne .* -+** ... -+** add sp, sp, #?272 -+** ... -+** ldr p4, \[sp\] -+** ... -+** addvl sp, sp, #18 -+** ldp x29, x30, \[sp\], #?16 -+** ret -+** bl __stack_chk_fail -+*/ -+__SVBool_t test3() { -+ int y[0x40]; -+ return *h(y); -+} -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c b/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c -new file mode 100644 -index 00000000000..58f322aa480 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c -@@ -0,0 +1,33 @@ -+/* { dg-options "-O2 -mcpu=neoverse-v1 -fstack-protector-all" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+/* -+** main: -+** ... -+** stp x29, x30, \[sp, #?-[0-9]+\]! -+** ... -+** sub sp, sp, #[0-9]+ -+** ... -+** str x[0-9]+, \[x29, #?-8\] -+** ... -+*/ -+int f(const char *); -+void g(void *); -+int main(int argc, char* argv[]) -+{ -+ int a; -+ int b; -+ char c[2+f(argv[1])]; -+ int d[0x100]; -+ char y; -+ -+ y=42; a=4; b=10; -+ c[0] = 'h'; c[1] = '\0'; -+ -+ c[f(argv[2])] = '\0'; -+ -+ __builtin_printf("%d %d\n%s\n", a, b, c); -+ g(d); -+ -+ return 0; -+} --- -2.34.1 - diff --git a/poky/meta/recipes-devtools/gcc/gcc_13.2.bb b/poky/meta/recipes-devtools/gcc/gcc_13.3.bb index 255fe552bd..255fe552bd 100644 --- a/poky/meta/recipes-devtools/gcc/gcc_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/libgcc-initial_13.2.bb b/poky/meta/recipes-devtools/gcc/libgcc-initial_13.3.bb index a259082b47..a259082b47 100644 --- a/poky/meta/recipes-devtools/gcc/libgcc-initial_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/libgcc-initial_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/libgcc_13.2.bb b/poky/meta/recipes-devtools/gcc/libgcc_13.3.bb index fdcd6cc0da..fdcd6cc0da 100644 --- a/poky/meta/recipes-devtools/gcc/libgcc_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/libgcc_13.3.bb diff --git a/poky/meta/recipes-devtools/gcc/libgfortran_13.2.bb b/poky/meta/recipes-devtools/gcc/libgfortran_13.3.bb index 71dd8b4bdc..71dd8b4bdc 100644 --- a/poky/meta/recipes-devtools/gcc/libgfortran_13.2.bb +++ b/poky/meta/recipes-devtools/gcc/libgfortran_13.3.bb diff --git a/poky/meta/recipes-devtools/git/git_2.44.0.bb b/poky/meta/recipes-devtools/git/git_2.44.1.bb index 90e555eba7..53d67eb40a 100644 --- a/poky/meta/recipes-devtools/git/git_2.44.0.bb +++ b/poky/meta/recipes-devtools/git/git_2.44.1.bb @@ -40,6 +40,7 @@ EXTRA_OECONF = "--with-perl=${STAGING_BINDIR_NATIVE}/perl-native/perl \ --without-iconv \ " EXTRA_OECONF:append:class-nativesdk = " --with-gitconfig=/etc/gitconfig " +EXTRA_OECONF:append:class-native = " --with-gitconfig=/etc/gitconfig " # Needs brokensep as this doesn't use automake inherit autotools-brokensep perlnative bash-completion manpages @@ -163,4 +164,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \ " EXTRA_OEMAKE += "NO_GETTEXT=1" -SRC_URI[tarball.sha256sum] = "f9e36f085458fe9688fbbe7846b8c4770b13d161fcd8953655f36b2b85f06b76" +SRC_URI[tarball.sha256sum] = "118214bb8d7ba971a62741416e757562b8f5451cefc087a407e91857897c92cc" diff --git a/poky/meta/recipes-devtools/go/go-1.22.2.inc b/poky/meta/recipes-devtools/go/go-1.22.4.inc index b399207311..44897daba4 100644 --- a/poky/meta/recipes-devtools/go/go-1.22.2.inc +++ b/poky/meta/recipes-devtools/go/go-1.22.4.inc @@ -15,4 +15,4 @@ SRC_URI += "\ file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ " -SRC_URI[main.sha256sum] = "374ea82b289ec738e968267cac59c7d5ff180f9492250254784b2044e90df5a9" +SRC_URI[main.sha256sum] = "fed720678e728a7ca30ba8d1ded1caafe27d16028fab0232b8ba8e22008fb784" diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.22.2.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.22.4.bb index 0f00509f03..61da51be3a 100644 --- a/poky/meta/recipes-devtools/go/go-binary-native_1.22.2.bb +++ b/poky/meta/recipes-devtools/go/go-binary-native_1.22.4.bb @@ -9,9 +9,9 @@ PROVIDES = "go-native" # Checksums available at https://go.dev/dl/ SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "5901c52b7a78002aeff14a21f93e0f064f74ce1360fce51c6ee68cd471216a17" -SRC_URI[go_linux_arm64.sha256sum] = "36e720b2d564980c162a48c7e97da2e407dfcc4239e1e58d98082dfa2486a0c1" -SRC_URI[go_linux_ppc64le.sha256sum] = "251a8886c5113be6490bdbb955ddee98763b49c9b1bf4c8364c02d3b482dab00" +SRC_URI[go_linux_amd64.sha256sum] = "ba79d4526102575196273416239cca418a651e049c2b099f3159db85e7bade7d" +SRC_URI[go_linux_arm64.sha256sum] = "a8e177c354d2e4a1b61020aca3562e27ea3e8f8247eca3170e3fa1e0c2f9e771" +SRC_URI[go_linux_ppc64le.sha256sum] = "a3e5834657ef92523f570f798fed42f1f87bc18222a16815ec76b84169649ec4" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.22.2.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.22.4.bb index 7ac9449e47..7ac9449e47 100644 --- a/poky/meta/recipes-devtools/go/go-cross-canadian_1.22.2.bb +++ b/poky/meta/recipes-devtools/go/go-cross-canadian_1.22.4.bb diff --git a/poky/meta/recipes-devtools/go/go-cross_1.22.2.bb b/poky/meta/recipes-devtools/go/go-cross_1.22.4.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/poky/meta/recipes-devtools/go/go-cross_1.22.2.bb +++ b/poky/meta/recipes-devtools/go/go-cross_1.22.4.bb diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.22.2.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.22.4.bb index 1857c8a577..1857c8a577 100644 --- a/poky/meta/recipes-devtools/go/go-crosssdk_1.22.2.bb +++ b/poky/meta/recipes-devtools/go/go-crosssdk_1.22.4.bb diff --git a/poky/meta/recipes-devtools/go/go-native_1.22.2.bb b/poky/meta/recipes-devtools/go/go-native_1.22.2.bb deleted file mode 100644 index ddf25b2c9b..0000000000 --- a/poky/meta/recipes-devtools/go/go-native_1.22.2.bb +++ /dev/null @@ -1,58 +0,0 @@ -# This recipe builds a native Go (written in Go) by first building an old Go 1.4 -# (written in C). However this old Go does not support all hosts platforms. - -require go-${PV}.inc - -inherit native - -SRC_URI += "https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4" -SRC_URI[bootstrap.sha256sum] = "f4ff5b5eb3a3cae1c993723f3eab519c5bae18866b5e5f96fe1102f0cb5c3e52" - -export GOOS = "${BUILD_GOOS}" -export GOARCH = "${BUILD_GOARCH}" -CC = "${@d.getVar('BUILD_CC').strip()}" - -GOMAKEARGS ?= "--no-banner" - -do_configure() { - cd ${WORKDIR}/go1.4/go/src - CGO_ENABLED=0 GOROOT=${WORKDIR}/go1.4/go ./make.bash -} - -do_compile() { - export GOROOT_FINAL="${libdir_native}/go" - export GOROOT_BOOTSTRAP="${WORKDIR}/go1.4/go" - - cd src - ./make.bash ${GOMAKEARGS} - cd ${B} -} -do_compile[cleandirs] += "${GOTMPDIR} ${B}/bin" - -make_wrapper() { - rm -f ${D}${bindir}/$2$3 - cat <<END >${D}${bindir}/$2$3 -#!/bin/bash -here=\`dirname \$0\` -export GOROOT="${GOROOT:-\`readlink -f \$here/../lib/go\`}" -\$here/../lib/go/bin/$1 "\$@" -END - chmod +x ${D}${bindir}/$2 -} - -do_install() { - install -d ${D}${libdir}/go - cp --preserve=mode,timestamps -R ${B}/pkg ${D}${libdir}/go/ - install -d ${D}${libdir}/go/src - (cd ${S}/src; for d in *; do \ - [ -d $d ] && cp -a ${S}/src/$d ${D}${libdir}/go/src/; \ - done) - find ${D}${libdir}/go/src -depth -type d -name testdata -exec rm -rf {} \; - install -d ${D}${bindir} ${D}${libdir}/go/bin - for f in ${B}/bin/* - do - base=`basename $f` - install -m755 $f ${D}${libdir}/go/bin - make_wrapper $base $base - done -} diff --git a/poky/meta/recipes-devtools/go/go-runtime.inc b/poky/meta/recipes-devtools/go/go-runtime.inc index 3f1e795dd9..413cf6d33f 100644 --- a/poky/meta/recipes-devtools/go/go-runtime.inc +++ b/poky/meta/recipes-devtools/go/go-runtime.inc @@ -15,7 +15,7 @@ export CGO_LDFLAGS = "${@ ' '.join(filter(lambda f: not f.startswith('-fdebug-pr export GOCACHE = "${B}/.cache" GO_EXTLDFLAGS ?= "${HOST_CC_ARCH}${TOOLCHAIN_OPTIONS} ${LDFLAGS}" -GO_SHLIB_LDFLAGS ?= '-ldflags="--linkmode=external -extldflags '${GO_EXTLDFLAGS}'"' +GO_SHLIB_LDFLAGS ?= '-ldflags="-extldflags '${GO_EXTLDFLAGS}'"' do_configure() { : diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.22.2.bb b/poky/meta/recipes-devtools/go/go-runtime_1.22.4.bb index 63464a1501..63464a1501 100644 --- a/poky/meta/recipes-devtools/go/go-runtime_1.22.2.bb +++ b/poky/meta/recipes-devtools/go/go-runtime_1.22.4.bb diff --git a/poky/meta/recipes-devtools/go/go_1.22.2.bb b/poky/meta/recipes-devtools/go/go_1.22.4.bb index 46f5fbc6be..46f5fbc6be 100644 --- a/poky/meta/recipes-devtools/go/go_1.22.2.bb +++ b/poky/meta/recipes-devtools/go/go_1.22.4.bb diff --git a/poky/meta/recipes-devtools/libcomps/libcomps_0.1.21.bb b/poky/meta/recipes-devtools/libcomps/libcomps_0.1.20.bb index 91170dfbed..1f59c5ea1e 100644 --- a/poky/meta/recipes-devtools/libcomps/libcomps_0.1.21.bb +++ b/poky/meta/recipes-devtools/libcomps/libcomps_0.1.20.bb @@ -8,7 +8,7 @@ SRC_URI = "git://github.com/rpm-software-management/libcomps.git;branch=master;p file://0002-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ " -SRCREV = "2e973ce22698dd64f472180e3a689755268fb06b" +SRCREV = "854fbb9fe733b774981e1ffcf825b2d2ce0f8072" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch b/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch index 48af6fc283..a5c53b6657 100644 --- a/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch +++ b/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch @@ -1,4 +1,4 @@ -From 86940d87026432683fb6741cd8a34d3b9b18e40d Mon Sep 17 00:00:00 2001 +From 3b30a9bda88374e8f03bf96e972aee5bd214b98b Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Fri, 27 Nov 2020 10:11:08 +0000 Subject: [PATCH] AsmMatcherEmitter: sort ClassInfo lists by name as well @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/llvm/utils/TableGen/AsmMatcherEmitter.cpp b/llvm/utils/TableGen/AsmMatcherEmitter.cpp -index ccf0959389b..1f801e83b7d 100644 +index 73724e662f9e..1ca9c73415db 100644 --- a/llvm/utils/TableGen/AsmMatcherEmitter.cpp +++ b/llvm/utils/TableGen/AsmMatcherEmitter.cpp -@@ -359,7 +359,10 @@ public: +@@ -361,7 +361,10 @@ public: // name of a class shouldn't be significant. However, some of the backends // accidentally rely on this behaviour, so it will have to stay like this // until they are fixed. diff --git a/poky/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch b/poky/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch new file mode 100644 index 0000000000..c05685e64d --- /dev/null +++ b/poky/meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch @@ -0,0 +1,1086 @@ +commit 78ff617d3f573fb3a9b2fef180fa0fd43d5584ea +Author: Lucas Duarte Prates <lucas.prates@arm.com> +Date: Thu Jun 20 10:22:01 2024 +0100 + + [ARM] CMSE security mitigation on function arguments and returned values (#89944) + + The ABI mandates two things related to function calls: + - Function arguments must be sign- or zero-extended to the register + size by the caller. + - Return values must be sign- or zero-extended to the register size by + the callee. + + As consequence, callees can assume that function arguments have been + extended and so can callers with regards to return values. + + Here lies the problem: Nonsecure code might deliberately ignore this + mandate with the intent of attempting an exploit. It might try to pass + values that lie outside the expected type's value range in order to + trigger undefined behaviour, e.g. out of bounds access. + + With the mitigation implemented, Secure code always performs extension + of values passed by Nonsecure code. + + This addresses the vulnerability described in CVE-2024-0151. + + Patches by Victor Campos. + + --------- + + Co-authored-by: Victor Campos <victor.campos@arm.com> + +Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/78ff617d3f573fb3a9b2fef180fa0fd43d5584ea] +CVE: CVE-2024-0151 +Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> +--- +diff --git a/llvm/lib/Target/ARM/ARMISelLowering.cpp b/llvm/lib/Target/ARM/ARMISelLowering.cpp +index bfe137b95602..5490c3c9df6c 100644 +--- a/llvm/lib/Target/ARM/ARMISelLowering.cpp ++++ b/llvm/lib/Target/ARM/ARMISelLowering.cpp +@@ -156,6 +156,17 @@ static const MCPhysReg GPRArgRegs[] = { + ARM::R0, ARM::R1, ARM::R2, ARM::R3 + }; + ++static SDValue handleCMSEValue(const SDValue &Value, const ISD::InputArg &Arg, ++ SelectionDAG &DAG, const SDLoc &DL) { ++ assert(Arg.ArgVT.isScalarInteger()); ++ assert(Arg.ArgVT.bitsLT(MVT::i32)); ++ SDValue Trunc = DAG.getNode(ISD::TRUNCATE, DL, Arg.ArgVT, Value); ++ SDValue Ext = ++ DAG.getNode(Arg.Flags.isSExt() ? ISD::SIGN_EXTEND : ISD::ZERO_EXTEND, DL, ++ MVT::i32, Trunc); ++ return Ext; ++} ++ + void ARMTargetLowering::addTypeForNEON(MVT VT, MVT PromotedLdStVT) { + if (VT != PromotedLdStVT) { + setOperationAction(ISD::LOAD, VT, Promote); +@@ -2196,7 +2207,7 @@ SDValue ARMTargetLowering::LowerCallResult( + SDValue Chain, SDValue InGlue, CallingConv::ID CallConv, bool isVarArg, + const SmallVectorImpl<ISD::InputArg> &Ins, const SDLoc &dl, + SelectionDAG &DAG, SmallVectorImpl<SDValue> &InVals, bool isThisReturn, +- SDValue ThisVal) const { ++ SDValue ThisVal, bool isCmseNSCall) const { + // Assign locations to each value returned by this call. + SmallVector<CCValAssign, 16> RVLocs; + CCState CCInfo(CallConv, isVarArg, DAG.getMachineFunction(), RVLocs, +@@ -2274,6 +2285,15 @@ SDValue ARMTargetLowering::LowerCallResult( + (VA.getValVT() == MVT::f16 || VA.getValVT() == MVT::bf16)) + Val = MoveToHPR(dl, DAG, VA.getLocVT(), VA.getValVT(), Val); + ++ // On CMSE Non-secure Calls, call results (returned values) whose bitwidth ++ // is less than 32 bits must be sign- or zero-extended after the call for ++ // security reasons. Although the ABI mandates an extension done by the ++ // callee, the latter cannot be trusted to follow the rules of the ABI. ++ const ISD::InputArg &Arg = Ins[VA.getValNo()]; ++ if (isCmseNSCall && Arg.ArgVT.isScalarInteger() && ++ VA.getLocVT().isScalarInteger() && Arg.ArgVT.bitsLT(MVT::i32)) ++ Val = handleCMSEValue(Val, Arg, DAG, dl); ++ + InVals.push_back(Val); + } + +@@ -2888,7 +2908,7 @@ ARMTargetLowering::LowerCall(TargetLowering::CallLoweringInfo &CLI, + // return. + return LowerCallResult(Chain, InGlue, CallConv, isVarArg, Ins, dl, DAG, + InVals, isThisReturn, +- isThisReturn ? OutVals[0] : SDValue()); ++ isThisReturn ? OutVals[0] : SDValue(), isCmseNSCall); + } + + /// HandleByVal - Every parameter *after* a byval parameter is passed +@@ -4485,8 +4505,6 @@ SDValue ARMTargetLowering::LowerFormalArguments( + *DAG.getContext()); + CCInfo.AnalyzeFormalArguments(Ins, CCAssignFnForCall(CallConv, isVarArg)); + +- SmallVector<SDValue, 16> ArgValues; +- SDValue ArgValue; + Function::const_arg_iterator CurOrigArg = MF.getFunction().arg_begin(); + unsigned CurArgIdx = 0; + +@@ -4541,6 +4559,7 @@ SDValue ARMTargetLowering::LowerFormalArguments( + // Arguments stored in registers. + if (VA.isRegLoc()) { + EVT RegVT = VA.getLocVT(); ++ SDValue ArgValue; + + if (VA.needsCustom() && VA.getLocVT() == MVT::v2f64) { + // f64 and vector types are split up into multiple registers or +@@ -4604,16 +4623,6 @@ SDValue ARMTargetLowering::LowerFormalArguments( + case CCValAssign::BCvt: + ArgValue = DAG.getNode(ISD::BITCAST, dl, VA.getValVT(), ArgValue); + break; +- case CCValAssign::SExt: +- ArgValue = DAG.getNode(ISD::AssertSext, dl, RegVT, ArgValue, +- DAG.getValueType(VA.getValVT())); +- ArgValue = DAG.getNode(ISD::TRUNCATE, dl, VA.getValVT(), ArgValue); +- break; +- case CCValAssign::ZExt: +- ArgValue = DAG.getNode(ISD::AssertZext, dl, RegVT, ArgValue, +- DAG.getValueType(VA.getValVT())); +- ArgValue = DAG.getNode(ISD::TRUNCATE, dl, VA.getValVT(), ArgValue); +- break; + } + + // f16 arguments have their size extended to 4 bytes and passed as if they +@@ -4623,6 +4632,15 @@ SDValue ARMTargetLowering::LowerFormalArguments( + (VA.getValVT() == MVT::f16 || VA.getValVT() == MVT::bf16)) + ArgValue = MoveToHPR(dl, DAG, VA.getLocVT(), VA.getValVT(), ArgValue); + ++ // On CMSE Entry Functions, formal integer arguments whose bitwidth is ++ // less than 32 bits must be sign- or zero-extended in the callee for ++ // security reasons. Although the ABI mandates an extension done by the ++ // caller, the latter cannot be trusted to follow the rules of the ABI. ++ const ISD::InputArg &Arg = Ins[VA.getValNo()]; ++ if (AFI->isCmseNSEntryFunction() && Arg.ArgVT.isScalarInteger() && ++ RegVT.isScalarInteger() && Arg.ArgVT.bitsLT(MVT::i32)) ++ ArgValue = handleCMSEValue(ArgValue, Arg, DAG, dl); ++ + InVals.push_back(ArgValue); + } else { // VA.isRegLoc() + // Only arguments passed on the stack should make it here. +diff --git a/llvm/lib/Target/ARM/ARMISelLowering.h b/llvm/lib/Target/ARM/ARMISelLowering.h +index 62a52bdb03f7..a255e9b6fc36 100644 +--- a/llvm/lib/Target/ARM/ARMISelLowering.h ++++ b/llvm/lib/Target/ARM/ARMISelLowering.h +@@ -891,7 +891,7 @@ class VectorType; + const SmallVectorImpl<ISD::InputArg> &Ins, + const SDLoc &dl, SelectionDAG &DAG, + SmallVectorImpl<SDValue> &InVals, bool isThisReturn, +- SDValue ThisVal) const; ++ SDValue ThisVal, bool isCmseNSCall) const; + + bool supportSplitCSR(MachineFunction *MF) const override { + return MF->getFunction().getCallingConv() == CallingConv::CXX_FAST_TLS && +diff --git a/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll b/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll +new file mode 100644 +index 0000000000..58eef443c25e +--- /dev/null ++++ b/llvm/test/CodeGen/ARM/cmse-harden-call-returned-values.ll +@@ -0,0 +1,552 @@ ++; RUN: llc %s -mtriple=thumbv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-LE ++; RUN: llc %s -mtriple=thumbebv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-BE ++; RUN: llc %s -mtriple=thumbv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-LE ++; RUN: llc %s -mtriple=thumbebv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-BE ++ ++@get_idx = hidden local_unnamed_addr global ptr null, align 4 ++@arr = hidden local_unnamed_addr global [256 x i32] zeroinitializer, align 4 ++ ++define i32 @access_i16() { ++; V8M-COMMON-LABEL: access_i16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call signext i16 %0() "cmse_nonsecure_call" ++ %idxprom = sext i16 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_u16() { ++; V8M-COMMON-LABEL: access_u16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i16 %0() "cmse_nonsecure_call" ++ %idxprom = zext i16 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i8() { ++; V8M-COMMON-LABEL: access_i8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call signext i8 %0() "cmse_nonsecure_call" ++ %idxprom = sext i8 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_u8() { ++; V8M-COMMON-LABEL: access_u8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i8 %0() "cmse_nonsecure_call" ++ %idxprom = zext i8 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i1() { ++; V8M-COMMON-LABEL: access_i1: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i1: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i1 %0() "cmse_nonsecure_call" ++ %idxprom = zext i1 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i5() { ++; V8M-COMMON-LABEL: access_i5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call signext i5 %0() "cmse_nonsecure_call" ++ %idxprom = sext i5 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_u5() { ++; V8M-COMMON-LABEL: access_u5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V8M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V8M-COMMON-NEXT: ldr r0, [r0] ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: and r0, r0, #31 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: movw r0, :lower16:get_idx ++; V81M-COMMON-NEXT: movt r0, :upper16:get_idx ++; V81M-COMMON-NEXT: ldr r0, [r0] ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: and r0, r0, #31 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %0 = load ptr, ptr @get_idx, align 4 ++ %call = tail call zeroext i5 %0() "cmse_nonsecure_call" ++ %idxprom = zext i5 %call to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %1 = load i32, ptr %arrayidx, align 4 ++ ret i32 %1 ++} ++ ++define i32 @access_i33(ptr %f) { ++; V8M-COMMON-LABEL: access_i33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: rsb.w r0, r0, #0 ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_i33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: rsb.w r0, r0, #0 ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %call = tail call i33 %f() "cmse_nonsecure_call" ++ %shr = ashr i33 %call, 32 ++ %conv = trunc nsw i33 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_u33(ptr %f) { ++; V8M-COMMON-LABEL: access_u33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: push {r7, lr} ++; V8M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-COMMON-NEXT: bic r0, r0, #1 ++; V8M-COMMON-NEXT: sub sp, #136 ++; V8M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V8M-COMMON-NEXT: mov r1, r0 ++; V8M-COMMON-NEXT: mov r2, r0 ++; V8M-COMMON-NEXT: mov r3, r0 ++; V8M-COMMON-NEXT: mov r4, r0 ++; V8M-COMMON-NEXT: mov r5, r0 ++; V8M-COMMON-NEXT: mov r6, r0 ++; V8M-COMMON-NEXT: mov r7, r0 ++; V8M-COMMON-NEXT: mov r8, r0 ++; V8M-COMMON-NEXT: mov r9, r0 ++; V8M-COMMON-NEXT: mov r10, r0 ++; V8M-COMMON-NEXT: mov r11, r0 ++; V8M-COMMON-NEXT: mov r12, r0 ++; V8M-COMMON-NEXT: msr apsr_nzcvq, r0 ++; V8M-COMMON-NEXT: blxns r0 ++; V8M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V8M-COMMON-NEXT: add sp, #136 ++; V8M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: pop {r7, pc} ++; ++; V81M-COMMON-LABEL: access_u33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: push {r7, lr} ++; V81M-COMMON-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-COMMON-NEXT: bic r0, r0, #1 ++; V81M-COMMON-NEXT: sub sp, #136 ++; V81M-COMMON-NEXT: vlstm sp, {d0 - d15} ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr} ++; V81M-COMMON-NEXT: blxns r0 ++; V81M-COMMON-NEXT: vlldm sp, {d0 - d15} ++; V81M-COMMON-NEXT: add sp, #136 ++; V81M-COMMON-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11} ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: pop {r7, pc} ++entry: ++ %call = tail call i33 %f() "cmse_nonsecure_call" ++ %shr = lshr i33 %call, 32 ++ %conv = trunc nuw nsw i33 %shr to i32 ++ ret i32 %conv ++} +diff --git a/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll b/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll +new file mode 100644 +index 0000000000..c66ab00566dd +--- /dev/null ++++ b/llvm/test/CodeGen/ARM/cmse-harden-entry-arguments.ll +@@ -0,0 +1,368 @@ ++; RUN: llc %s -mtriple=thumbv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-LE ++; RUN: llc %s -mtriple=thumbebv8m.main -o - | FileCheck %s --check-prefixes V8M-COMMON,V8M-BE ++; RUN: llc %s -mtriple=thumbv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-LE ++; RUN: llc %s -mtriple=thumbebv8.1m.main -o - | FileCheck %s --check-prefixes V81M-COMMON,V81M-BE ++ ++@arr = hidden local_unnamed_addr global [256 x i32] zeroinitializer, align 4 ++ ++define i32 @access_i16(i16 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = sext i16 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_u16(i16 zeroext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u16: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxth r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u16: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxth r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i16 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i8(i8 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = sext i8 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_u8(i8 zeroext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u8: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: uxtb r0, r0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u8: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: uxtb r0, r0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i8 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i1(i1 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i1: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: rsbs r0, r0, #0 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i1: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: rsbs r0, r0, #0 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i1 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i5(i5 signext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: sbfx r0, r0, #0, #5 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = sext i5 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_u5(i5 zeroext %idx) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u5: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: movw r1, :lower16:arr ++; V8M-COMMON-NEXT: and r0, r0, #31 ++; V8M-COMMON-NEXT: movt r1, :upper16:arr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u5: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: movw r1, :lower16:arr ++; V81M-COMMON-NEXT: and r0, r0, #31 ++; V81M-COMMON-NEXT: movt r1, :upper16:arr ++; V81M-COMMON-NEXT: ldr.w r0, [r1, r0, lsl #2] ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %idxprom = zext i5 %idx to i32 ++ %arrayidx = getelementptr inbounds [256 x i32], ptr @arr, i32 0, i32 %idxprom ++ %0 = load i32, ptr %arrayidx, align 4 ++ ret i32 %0 ++} ++ ++define i32 @access_i33(i33 %arg) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: rsbs r0, r0, #0 ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: rsbs r0, r0, #0 ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %shr = ashr i33 %arg, 32 ++ %conv = trunc nsw i33 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_u33(i33 %arg) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u33: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-LE-NEXT: and r0, r1, #1 ++; V8M-BE-NEXT: and r0, r0, #1 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u33: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-LE-NEXT: and r0, r1, #1 ++; V81M-BE-NEXT: and r0, r0, #1 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %shr = lshr i33 %arg, 32 ++ %conv = trunc nuw nsw i33 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_i65(ptr byval(i65) %0) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_i65: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: sub sp, #16 ++; V8M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V8M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V8M-LE-NEXT: and r0, r0, #1 ++; V8M-LE-NEXT: rsbs r0, r0, #0 ++; V8M-BE-NEXT: movs r1, #0 ++; V8M-BE-NEXT: sub.w r0, r1, r0, lsr #24 ++; V8M-COMMON-NEXT: add sp, #16 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_i65: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: sub sp, #16 ++; V81M-COMMON-NEXT: add sp, #4 ++; V81M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V81M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V81M-LE-NEXT: and r0, r0, #1 ++; V81M-LE-NEXT: rsbs r0, r0, #0 ++; V81M-BE-NEXT: movs r1, #0 ++; V81M-BE-NEXT: sub.w r0, r1, r0, lsr #24 ++; V81M-COMMON-NEXT: sub sp, #4 ++; V81M-COMMON-NEXT: add sp, #16 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %arg = load i65, ptr %0, align 8 ++ %shr = ashr i65 %arg, 64 ++ %conv = trunc nsw i65 %shr to i32 ++ ret i32 %conv ++} ++ ++define i32 @access_u65(ptr byval(i65) %0) "cmse_nonsecure_entry" { ++; V8M-COMMON-LABEL: access_u65: ++; V8M-COMMON: @ %bb.0: @ %entry ++; V8M-COMMON-NEXT: sub sp, #16 ++; V8M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V8M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V8M-BE-NEXT: lsrs r0, r0, #24 ++; V8M-COMMON-NEXT: add sp, #16 ++; V8M-COMMON-NEXT: mov r1, lr ++; V8M-COMMON-NEXT: mov r2, lr ++; V8M-COMMON-NEXT: mov r3, lr ++; V8M-COMMON-NEXT: mov r12, lr ++; V8M-COMMON-NEXT: msr apsr_nzcvq, lr ++; V8M-COMMON-NEXT: bxns lr ++; ++; V81M-COMMON-LABEL: access_u65: ++; V81M-COMMON: @ %bb.0: @ %entry ++; V81M-COMMON-NEXT: vstr fpcxtns, [sp, #-4]! ++; V81M-COMMON-NEXT: sub sp, #16 ++; V81M-COMMON-NEXT: add sp, #4 ++; V81M-COMMON-NEXT: stm.w sp, {r0, r1, r2, r3} ++; V81M-LE-NEXT: ldrb.w r0, [sp, #8] ++; V81M-BE-NEXT: lsrs r0, r0, #24 ++; V81M-COMMON-NEXT: sub sp, #4 ++; V81M-COMMON-NEXT: add sp, #16 ++; V81M-COMMON-NEXT: vscclrm {s0, s1, s2, s3, s4, s5, s6, s7, s8, s9, s10, s11, s12, s13, s14, s15, vpr} ++; V81M-COMMON-NEXT: vldr fpcxtns, [sp], #4 ++; V81M-COMMON-NEXT: clrm {r1, r2, r3, r12, apsr} ++; V81M-COMMON-NEXT: bxns lr ++entry: ++ %arg = load i65, ptr %0, align 8 ++ %shr = lshr i65 %arg, 64 ++ %conv = trunc nuw nsw i65 %shr to i32 ++ ret i32 %conv ++} diff --git a/poky/meta/recipes-devtools/llvm/llvm_git.bb b/poky/meta/recipes-devtools/llvm/llvm_18.1.5.bb index c4fd73f2d7..b03cf1465e 100644 --- a/poky/meta/recipes-devtools/llvm/llvm_git.bb +++ b/poky/meta/recipes-devtools/llvm/llvm_18.1.5.bb @@ -13,27 +13,27 @@ DEPENDS = "libffi libxml2 zlib zstd libedit ninja-native llvm-native" RDEPENDS:${PN}:append:class-target = " ncurses-terminfo" inherit cmake pkgconfig - # could be 'rcX' or 'git' or empty ( for release ) VER_SUFFIX = "" -PV = "18.1.3${VER_SUFFIX}" +PV .= "${VER_SUFFIX}" MAJOR_VERSION = "${@oe.utils.trim_version("${PV}", 1)}" LLVM_RELEASE = "${PV}" -BRANCH = "release/${MAJOR_VERSION}.x" -SRCREV = "c13b7485b87909fcf739f62cfa382b55407433c0" -SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=https \ +SRC_URI = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz \ file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \ file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \ + file://0002-llvm-Fix-CVE-2024-0151.patch;striplevel=2 \ file://llvm-config \ " +SRC_URI[sha256sum] = "3591a52761a7d390ede51af01ea73abfecc4b1d16445f9d019b67a57edd7de56" -UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)" +UPSTREAM_CHECK_URI = "https://github.com/llvm/llvm-project" +UPSTREAM_CHECK_REGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)" -S = "${WORKDIR}/git/llvm" +S = "${WORKDIR}/llvm-project-${PV}.src/llvm" LLVM_INSTALL_DIR = "${WORKDIR}/llvm-install" diff --git a/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb b/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb index a40d79c864..4b27528f64 100644 --- a/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb +++ b/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb @@ -11,9 +11,9 @@ inherit autotools pkgconfig update-alternatives DEPENDS = "zlib e2fsprogs util-linux" RDEPENDS:mtd-utils-tests += "bash" -PV = "2.2.0" +PV = "2.1.6" -SRCREV = "31e990c56aba7584cde310685d663bb122f16003" +SRCREV = "219e741f40f4801bae263e0b581b64888d887b4a" SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/perl/liburi-perl_5.28.bb b/poky/meta/recipes-devtools/perl/liburi-perl_5.27.bb index 1fc0efd3e5..e5db7b3cfe 100644 --- a/poky/meta/recipes-devtools/perl/liburi-perl_5.28.bb +++ b/poky/meta/recipes-devtools/perl/liburi-perl_5.27.bb @@ -12,7 +12,7 @@ SRC_URI = "${CPAN_MIRROR}/authors/id/O/OA/OALDERS/URI-${PV}.tar.gz \ file://0001-Skip-TODO-test-cases-that-fail.patch \ " -SRC_URI[sha256sum] = "e7985da359b15efd00917fa720292b711c396f2f9f9a7349e4e7dec74aa79765" +SRC_URI[sha256sum] = "11962d8a8a8496906e5d34774affc235a1c95c112d390c0b4171f3e91e9e2a97" S = "${WORKDIR}/URI-${PV}" diff --git a/poky/meta/recipes-devtools/pkgconf/pkgconf_2.2.0.bb b/poky/meta/recipes-devtools/pkgconf/pkgconf_2.1.1.bb index e98458ea55..33d69451bb 100644 --- a/poky/meta/recipes-devtools/pkgconf/pkgconf_2.2.0.bb +++ b/poky/meta/recipes-devtools/pkgconf/pkgconf_2.1.1.bb @@ -20,7 +20,7 @@ SRC_URI = "\ file://pkg-config-native.in \ file://pkg-config-esdk.in \ " -SRC_URI[sha256sum] = "b06ff63a83536aa8c2f6422fa80ad45e4833f590266feb14eaddfe1d4c853c69" +SRC_URI[sha256sum] = "3a224f2accf091b77a5781316e27b9ee3ba82c083cc2e539e08940b68a44fec5" inherit autotools diff --git a/poky/meta/recipes-devtools/python/python-cython.inc b/poky/meta/recipes-devtools/python/python-cython.inc index 2235aa9332..e54926ae6d 100644 --- a/poky/meta/recipes-devtools/python/python-cython.inc +++ b/poky/meta/recipes-devtools/python/python-cython.inc @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=61c3ee8961575861fa86c7e62bc9f69c" PYPI_PACKAGE = "Cython" BBCLASSEXTEND = "native nativesdk" -SRC_URI[sha256sum] = "a2d354f059d1f055d34cfaa62c5b68bc78ac2ceab6407148d47fb508cf3ba4f3" +SRC_URI[sha256sum] = "8333423d8fd5765e7cceea3a9985dd1e0a5dfeb2734629e1a2ed2d6233d39de6" UPSTREAM_CHECK_REGEX = "Cython-(?P<pver>.*)\.tar" inherit pypi diff --git a/poky/meta/recipes-devtools/python/python-pyasn1.inc b/poky/meta/recipes-devtools/python/python-pyasn1.inc index 7b269f2940..530ff1c7c3 100644 --- a/poky/meta/recipes-devtools/python/python-pyasn1.inc +++ b/poky/meta/recipes-devtools/python/python-pyasn1.inc @@ -3,7 +3,7 @@ HOMEPAGE = "http://pyasn1.sourceforge.net/" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=190f79253908c986e6cacf380c3a5f6d" -SRC_URI[sha256sum] = "3a35ab2c4b5ef98e17dfdec8ab074046fbda76e281c5a706ccd82328cfc8f64c" +SRC_URI[sha256sum] = "6d391a96e59b23130a5cfa74d6fd7f388dbbe26cc8f1edf39fdddf08d9d6676c" RDEPENDS:${PN}:class-target += " \ python3-codecs \ diff --git a/poky/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb b/poky/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb index 93fa645f33..57b08b3700 100644 --- a/poky/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb +++ b/poky/meta/recipes-devtools/python/python3-bcrypt_4.1.2.bb @@ -33,5 +33,4 @@ RDEPENDS:${PN}:class-target += "\ python3-cffi \ python3-ctypes \ python3-shell \ - python3-six \ " diff --git a/poky/meta/recipes-devtools/python/python3-beartype_0.18.2.bb b/poky/meta/recipes-devtools/python/python3-beartype_0.17.2.bb index 1b6ab6a42b..05fd74543b 100644 --- a/poky/meta/recipes-devtools/python/python3-beartype_0.18.2.bb +++ b/poky/meta/recipes-devtools/python/python3-beartype_0.17.2.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://beartype.readthedocs.io" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=e71f94261c1b39896cacacfeaf60560e" -SRC_URI[sha256sum] = "a6fbc0be9269889312388bfec6a9ddf41bf8fe31b68bcf9c8239db35cd38f411" +SRC_URI[sha256sum] = "e911e1ae7de4bccd15745f7643609d8732f64de5c2fb844e89cbbed1c5a8d495" inherit setuptools3 pypi diff --git a/poky/meta/recipes-devtools/python/python3-build_1.2.1.bb b/poky/meta/recipes-devtools/python/python3-build_1.1.1.bb index 0156861201..7fc3eef91b 100644 --- a/poky/meta/recipes-devtools/python/python3-build_1.2.1.bb +++ b/poky/meta/recipes-devtools/python/python3-build_1.1.1.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/pypa/build" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=310439af287b0fb4780b2ad6907c256c" -SRC_URI[sha256sum] = "526263f4870c26f26c433545579475377b2b7588b6f1eac76a001e873ae3e19d" +SRC_URI[sha256sum] = "8eea65bb45b1aac2e734ba2cc8dad3a6d97d97901a395bd0ed3e7b46953d2a31" inherit pypi python_flit_core diff --git a/poky/meta/recipes-devtools/python/python3-cython_3.0.9.bb b/poky/meta/recipes-devtools/python/python3-cython_3.0.8.bb index 07638d7ad7..07638d7ad7 100644 --- a/poky/meta/recipes-devtools/python/python3-cython_3.0.9.bb +++ b/poky/meta/recipes-devtools/python/python3-cython_3.0.8.bb diff --git a/poky/meta/recipes-devtools/python/python3-git_3.1.43.bb b/poky/meta/recipes-devtools/python/python3-git_3.1.42.bb index 45c988117b..19885a58c7 100644 --- a/poky/meta/recipes-devtools/python/python3-git_3.1.43.bb +++ b/poky/meta/recipes-devtools/python/python3-git_3.1.42.bb @@ -12,7 +12,7 @@ PYPI_PACKAGE = "GitPython" inherit pypi python_setuptools_build_meta -SRC_URI[sha256sum] = "35f314a9f878467f5453cc1fee295c3e18e52f1b99f10f6cf5b1682e968a9e7c" +SRC_URI[sha256sum] = "2d99869e0fef71a73cbd242528105af1d6c1b108c60dfabd994bf292f76c3ceb" DEPENDS += " python3-gitdb" diff --git a/poky/meta/recipes-devtools/python/python3-hatchling_1.22.4.bb b/poky/meta/recipes-devtools/python/python3-hatchling_1.21.1.bb index d2f32d8b1a..09d936aa7d 100644 --- a/poky/meta/recipes-devtools/python/python3-hatchling_1.22.4.bb +++ b/poky/meta/recipes-devtools/python/python3-hatchling_1.21.1.bb @@ -8,7 +8,7 @@ inherit pypi python_hatchling DEPENDS += "python3-pluggy-native python3-pathspec-native python3-packaging-native python3-editables-native python3-trove-classifiers-native" DEPENDS:remove:class-native = "python3-hatchling-native" -SRC_URI[sha256sum] = "8a2dcec96d7fb848382ef5848e5ac43fdae641f35a08a3fab5116bd495f3416e" +SRC_URI[sha256sum] = "bba440453a224e7d4478457fa2e8d8c3633765bafa02975a6b53b9bf917980bc" do_compile:prepend() { export PYTHONPATH=src diff --git a/poky/meta/recipes-devtools/python/python3-hypothesis_6.99.4.bb b/poky/meta/recipes-devtools/python/python3-hypothesis_6.98.15.bb index 64b8cf2c31..a17abe58c0 100644 --- a/poky/meta/recipes-devtools/python/python3-hypothesis_6.99.4.bb +++ b/poky/meta/recipes-devtools/python/python3-hypothesis_6.98.15.bb @@ -13,7 +13,7 @@ SRC_URI += " \ file://test_rle.py \ " -SRC_URI[sha256sum] = "edc8f984dba5d1b69a6a4564246b7850fa7ec351d2b27c9e7a43c91deab8d45c" +SRC_URI[sha256sum] = "1e31210951511b24ce8b3b6e04d791c466385a30ac3af571bf2223954b025d77" RDEPENDS:${PN} += " \ python3-attrs \ diff --git a/poky/meta/recipes-devtools/python/python3-importlib-metadata_7.1.0.bb b/poky/meta/recipes-devtools/python/python3-importlib-metadata_7.0.1.bb index fdb37cecef..0d3f0a5001 100644 --- a/poky/meta/recipes-devtools/python/python3-importlib-metadata_7.1.0.bb +++ b/poky/meta/recipes-devtools/python/python3-importlib-metadata_7.0.1.bb @@ -8,7 +8,7 @@ inherit pypi python_setuptools_build_meta PYPI_PACKAGE = "importlib_metadata" UPSTREAM_CHECK_REGEX = "/importlib-metadata/(?P<pver>(\d+[\.\-_]*)+)/" -SRC_URI[sha256sum] = "b78938b926ee8d5f020fc4772d487045805a55ddbad2ecf21c6d60938dc7fcd2" +SRC_URI[sha256sum] = "f238736bb06590ae52ac1fab06a3a9ef1d8dce2b7a35b5ab329371d6c8f5d2cc" S = "${WORKDIR}/importlib_metadata-${PV}" diff --git a/poky/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb b/poky/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb index 636fb35811..2c02037011 100644 --- a/poky/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb +++ b/poky/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb @@ -2,17 +2,17 @@ SUMMARY = "Python Jinja2: A small but fast and easy to use stand-alone template HOMEPAGE = "https://pypi.org/project/Jinja2/" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" -SRC_URI[sha256sum] = "ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90" +SRC_URI[sha256sum] = "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369" -PYPI_PACKAGE = "Jinja2" +PYPI_PACKAGE = "jinja2" CVE_PRODUCT = "jinja2 jinja" CLEANBROKEN = "1" -inherit pypi setuptools3 ptest +inherit pypi python_flit_core ptest SRC_URI += " \ file://run-ptest \ diff --git a/poky/meta/recipes-devtools/python/python3-libarchive-c_5.1.bb b/poky/meta/recipes-devtools/python/python3-libarchive-c_5.0.bb index 4e318e52f4..6ac86fc7a1 100644 --- a/poky/meta/recipes-devtools/python/python3-libarchive-c_5.1.bb +++ b/poky/meta/recipes-devtools/python/python3-libarchive-c_5.0.bb @@ -9,7 +9,7 @@ PYPI_PACKAGE = "libarchive-c" inherit pypi setuptools3 -SRC_URI[sha256sum] = "7bcce24ea6c0fa3bc62468476c6d2f6264156db2f04878a372027c10615a2721" +SRC_URI[sha256sum] = "d673f56673d87ec740d1a328fa205cafad1d60f5daca4685594deb039d32b159" RDEPENDS:${PN} += "\ libarchive \ diff --git a/poky/meta/recipes-devtools/python/python3-license-expression_30.3.0.bb b/poky/meta/recipes-devtools/python/python3-license-expression_30.2.0.bb index f36336b592..7059cf76ee 100644 --- a/poky/meta/recipes-devtools/python/python3-license-expression_30.3.0.bb +++ b/poky/meta/recipes-devtools/python/python3-license-expression_30.2.0.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/nexB/license-expression" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://apache-2.0.LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" -SRC_URI[sha256sum] = "1295406f736b4f395ff069aec1cebfad53c0fcb3cf57df0f5ec58fc7b905aea5" +SRC_URI[sha256sum] = "599928edd995c43fc335e0af342076144dc71cb858afa1ed9c1c30c4e81794f5" inherit pypi ptest python_setuptools_build_meta diff --git a/poky/meta/recipes-devtools/python/python3-lxml_5.1.0.bb b/poky/meta/recipes-devtools/python/python3-lxml_5.0.0.bb index 43719086f0..66cb8b0938 100644 --- a/poky/meta/recipes-devtools/python/python3-lxml_5.1.0.bb +++ b/poky/meta/recipes-devtools/python/python3-lxml_5.0.0.bb @@ -18,10 +18,11 @@ LIC_FILES_CHKSUM = "file://LICENSES.txt;md5=e4c045ebad958ead4b48008f70838403 \ DEPENDS += "libxml2 libxslt" -SRC_URI[sha256sum] = "3eea6ed6e6c918e468e693c41ef07f3c3acc310b70ddd9cc72d9ef84bc9564ca" +SRC_URI[sha256sum] = "2219cbf790e701acf9a21a31ead75f983e73daf0eceb9da6990212e4d20ebefe" SRC_URI += "${PYPI_SRC_URI}" inherit pkgconfig pypi setuptools3 +PYPI_PACKAGE_EXT = "zip" # {standard input}: Assembler messages: # {standard input}:1488805: Error: branch out of range diff --git a/poky/meta/recipes-devtools/python/python3-markdown_3.6.bb b/poky/meta/recipes-devtools/python/python3-markdown_3.5.2.bb index 7c64837395..1df7a98183 100644 --- a/poky/meta/recipes-devtools/python/python3-markdown_3.6.bb +++ b/poky/meta/recipes-devtools/python/python3-markdown_3.5.2.bb @@ -1,12 +1,12 @@ SUMMARY = "A Python implementation of John Gruber's Markdown." HOMEPAGE = "https://python-markdown.github.io/" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE.md;md5=ec58cdf7cfed06a21f7a9362627a5480" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=745aaad0c69c60039e638bff9ffc59ed" inherit pypi python_setuptools_build_meta PYPI_PACKAGE = "Markdown" -SRC_URI[sha256sum] = "ed4f41f6daecbeeb96e576ce414c41d2d876daa9a16cb35fa8ed8c2ddfad0224" +SRC_URI[sha256sum] = "e1ac7b3dc550ee80e602e71c1d168002f062e49f1b11e26a36264dafd4df2ef8" BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-packaging_24.0.bb b/poky/meta/recipes-devtools/python/python3-packaging_23.2.bb index 0942eeb15e..2d35936615 100644 --- a/poky/meta/recipes-devtools/python/python3-packaging_24.0.bb +++ b/poky/meta/recipes-devtools/python/python3-packaging_23.2.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/pypa/packaging" LICENSE = "Apache-2.0 | BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=faadaedca9251a90b205c9167578ce91" -SRC_URI[sha256sum] = "eb82c5e3e56209074766e6885bb04b8c38a0c015d0a30036ebe7ece34c9989e9" +SRC_URI[sha256sum] = "048fb0e9405036518eaaf48a55953c750c11e1a1b68e0dd1a9d62ed0c092cfc5" inherit pypi python_flit_core diff --git a/poky/meta/recipes-devtools/python/python3-pyasn1_0.6.0.bb b/poky/meta/recipes-devtools/python/python3-pyasn1_0.5.1.bb index 0519ba5edb..0519ba5edb 100644 --- a/poky/meta/recipes-devtools/python/python3-pyasn1_0.6.0.bb +++ b/poky/meta/recipes-devtools/python/python3-pyasn1_0.5.1.bb diff --git a/poky/meta/recipes-devtools/python/python3-pyelftools_0.31.bb b/poky/meta/recipes-devtools/python/python3-pyelftools_0.30.bb index 551fed6876..837edb7165 100644 --- a/poky/meta/recipes-devtools/python/python3-pyelftools_0.31.bb +++ b/poky/meta/recipes-devtools/python/python3-pyelftools_0.30.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "PD" LIC_FILES_CHKSUM = "file://LICENSE;md5=5ce2a2b07fca326bc7c146d10105ccfc" -SRC_URI[sha256sum] = "c774416b10310156879443b81187d182d8d9ee499660380e645918b50bc88f99" +SRC_URI[sha256sum] = "2fc92b0d534f8b081f58c7c370967379123d8e00984deb53c209364efd575b40" PYPI_PACKAGE = "pyelftools" diff --git a/poky/meta/recipes-devtools/python/python3-pygobject_3.48.1.bb b/poky/meta/recipes-devtools/python/python3-pygobject_3.46.0.bb index 4754e41c04..73a393051a 100644 --- a/poky/meta/recipes-devtools/python/python3-pygobject_3.48.1.bb +++ b/poky/meta/recipes-devtools/python/python3-pygobject_3.46.0.bb @@ -19,7 +19,7 @@ DEPENDS += "python3 glib-2.0" SRCNAME="pygobject" SRC_URI = "http://ftp.gnome.org/pub/GNOME/sources/${SRCNAME}/${@gnome_verdir("${PV}")}/${SRCNAME}-${PV}.tar.xz" -SRC_URI[sha256sum] = "3a0a2c0c0f25931b5840649c54834b9e58a63148d37fa9f6308887b7027e15c2" +SRC_URI[sha256sum] = "426008b2dad548c9af1c7b03b59df0440fde5c33f38fb5406b103a43d653cafc" S = "${WORKDIR}/${SRCNAME}-${PV}" diff --git a/poky/meta/recipes-devtools/python/python3-pyopenssl_24.1.0.bb b/poky/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb index e714ad838e..116f214bfa 100644 --- a/poky/meta/recipes-devtools/python/python3-pyopenssl_24.1.0.bb +++ b/poky/meta/recipes-devtools/python/python3-pyopenssl_24.0.0.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" DEPENDS += "openssl python3-cryptography" -SRC_URI[sha256sum] = "cabed4bfaa5df9f1a16c0ef64a0cb65318b5cd077a7eda7d6970131ca2f41a6f" +SRC_URI[sha256sum] = "6aa33039a93fffa4563e655b61d11364d01264be8ccb49906101e02a334530bf" PYPI_PACKAGE = "pyOpenSSL" inherit pypi setuptools3 @@ -15,7 +15,6 @@ FILES:${PN}-tests = "${libdir}/${PYTHON_DIR}/site-packages/OpenSSL/test" RDEPENDS:${PN}:class-target = " \ python3-cryptography \ - python3-six \ python3-threading \ " RDEPENDS:${PN}-tests = "${PN}" diff --git a/poky/meta/recipes-devtools/python/python3-pyparsing_3.1.2.bb b/poky/meta/recipes-devtools/python/python3-pyparsing_3.1.1.bb index 64210ade53..6f34091c86 100644 --- a/poky/meta/recipes-devtools/python/python3-pyparsing_3.1.2.bb +++ b/poky/meta/recipes-devtools/python/python3-pyparsing_3.1.1.bb @@ -10,7 +10,7 @@ BUGTRACKER = "https://github.com/pyparsing/pyparsing/issues" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=657a566233888513e1f07ba13e2f47f1" -SRC_URI[sha256sum] = "a1bac0ce561155ecc3ed78ca94d3c9378656ad4c94c1270de543f621420f94ad" +SRC_URI[sha256sum] = "ede28a1a32462f5a9705e07aea48001a08f7cf81a021585011deba701581a0db" UPSTREAM_CHECK_REGEX = "pyparsing-(?P<pver>.*)\.tar" diff --git a/poky/meta/recipes-devtools/python/python3-pytest-subtests_0.12.1.bb b/poky/meta/recipes-devtools/python/python3-pytest-subtests_0.11.0.bb index 0590be705f..44fa1e2b80 100644 --- a/poky/meta/recipes-devtools/python/python3-pytest-subtests_0.12.1.bb +++ b/poky/meta/recipes-devtools/python/python3-pytest-subtests_0.11.0.bb @@ -7,7 +7,7 @@ BUGTRACKER = "https://github.com/pytest-dev/pytest-subtests/issues" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=242b4e17fa287dcf7aef372f6bc3dcb1" -SRC_URI[sha256sum] = "d6605dcb88647e0b7c1889d027f8ef1c17d7a2c60927ebfdc09c7b0d8120476d" +SRC_URI[sha256sum] = "51865c88457545f51fb72011942f0a3c6901ee9e24cbfb6d1b9dc1348bafbe37" inherit pypi python_setuptools_build_meta diff --git a/poky/meta/recipes-devtools/python/python3-pytest_8.1.1.bb b/poky/meta/recipes-devtools/python/python3-pytest_8.0.2.bb index b1cf23fbc4..57e979e909 100644 --- a/poky/meta/recipes-devtools/python/python3-pytest_8.1.1.bb +++ b/poky/meta/recipes-devtools/python/python3-pytest_8.0.2.bb @@ -5,7 +5,7 @@ DESCRIPTION = "The pytest framework makes it easy to write small tests, yet scal LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=bd27e41b6550fe0fc45356d1d81ee37c" -SRC_URI[sha256sum] = "ac978141a75948948817d360297b7aae0fcb9d6ff6bc9ec6d514b85d5a65c044" +SRC_URI[sha256sum] = "d4051d623a2e0b7e51960ba963193b09ce6daeb9759a451844a21e4ddedfc1bd" DEPENDS += "python3-setuptools-scm-native" diff --git a/poky/meta/recipes-devtools/python/python3-referencing_0.34.0.bb b/poky/meta/recipes-devtools/python/python3-referencing_0.33.0.bb index 6fbd10d9cf..f675bbc67d 100644 --- a/poky/meta/recipes-devtools/python/python3-referencing_0.34.0.bb +++ b/poky/meta/recipes-devtools/python/python3-referencing_0.33.0.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/python-jsonschema/referencing" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=93eb9740964b59e9ba30281255b044e2" -SRC_URI[sha256sum] = "5773bd84ef41799a5a8ca72dc34590c041eb01bf9aa02632b4a973fb0181a844" +SRC_URI[sha256sum] = "c775fedf74bc0f9189c2a3be1c12fd03e8c23f4d371dce795df44e06c5b412f7" inherit pypi python_hatchling diff --git a/poky/meta/recipes-devtools/python/python3-requests_2.31.0.bb b/poky/meta/recipes-devtools/python/python3-requests_2.31.0.bb index df48cd54c3..287b4f8eee 100644 --- a/poky/meta/recipes-devtools/python/python3-requests_2.31.0.bb +++ b/poky/meta/recipes-devtools/python/python3-requests_2.31.0.bb @@ -1,5 +1,5 @@ SUMMARY = "Python HTTP for Humans." -HOMEPAGE = "http://python-requests.org" +HOMEPAGE = "https://requests.readthedocs.io" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658" @@ -8,12 +8,10 @@ SRC_URI[sha256sum] = "942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd inherit pypi setuptools3 RDEPENDS:${PN} += " \ + python3-certifi \ python3-email \ python3-json \ - python3-ndg-httpsclient \ python3-netserver \ - python3-pyasn1 \ - python3-pyopenssl \ python3-pysocks \ python3-urllib3 \ python3-chardet \ diff --git a/poky/meta/recipes-devtools/python/python3-scons_4.7.0.bb b/poky/meta/recipes-devtools/python/python3-scons_4.6.0.bb index bba6c799d4..c3cc3f0373 100644 --- a/poky/meta/recipes-devtools/python/python3-scons_4.7.0.bb +++ b/poky/meta/recipes-devtools/python/python3-scons_4.6.0.bb @@ -5,7 +5,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=d903b0b8027f461402bac9b5169b36f7" SRC_URI += " file://0001-Fix-man-page-installation.patch" -SRC_URI[sha256sum] = "d8b617f6610a73e46509de70dcf82f76861b79762ff602d546f4e80918ec81f3" +SRC_URI[sha256sum] = "7db28958b188b800f803c287d0680cc3ac7c422ed0b1cf9895042c52567803ec" PYPI_PACKAGE = "SCons" diff --git a/poky/meta/recipes-devtools/python/python3-setuptools/0001-conditionally-do-not-fetch-code-by-easy_install.patch b/poky/meta/recipes-devtools/python/python3-setuptools/0001-conditionally-do-not-fetch-code-by-easy_install.patch index e227c2889c..2a3c71fb62 100644 --- a/poky/meta/recipes-devtools/python/python3-setuptools/0001-conditionally-do-not-fetch-code-by-easy_install.patch +++ b/poky/meta/recipes-devtools/python/python3-setuptools/0001-conditionally-do-not-fetch-code-by-easy_install.patch @@ -1,4 +1,4 @@ -From 80fe63816eb3bfd1f5b6d354e1f2442805cff4e0 Mon Sep 17 00:00:00 2001 +From 40648dfa770f9f7b9b9efa501c9ef7af96be9f2d Mon Sep 17 00:00:00 2001 From: Hongxu Jia <hongxu.jia@windriver.com> Date: Tue, 17 Jul 2018 10:13:38 +0800 Subject: [PATCH] conditionally do not fetch code by easy_install @@ -14,10 +14,10 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> 1 file changed, 5 insertions(+) diff --git a/setuptools/command/easy_install.py b/setuptools/command/easy_install.py -index 858fb20..62bd853 100644 +index 5d6fd5c..377e575 100644 --- a/setuptools/command/easy_install.py +++ b/setuptools/command/easy_install.py -@@ -672,6 +672,11 @@ class easy_install(Command): +@@ -676,6 +676,11 @@ class easy_install(Command): os.path.exists(tmpdir) and _rmtree(tmpdir) def easy_install(self, spec, deps=False): diff --git a/poky/meta/recipes-devtools/python/python3-setuptools_69.2.0.bb b/poky/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb index 897398afc5..67475b68eb 100644 --- a/poky/meta/recipes-devtools/python/python3-setuptools_69.2.0.bb +++ b/poky/meta/recipes-devtools/python/python3-setuptools_69.1.1.bb @@ -11,12 +11,11 @@ SRC_URI:append:class-native = " file://0001-conditionally-do-not-fetch-code-by-e SRC_URI += " \ file://0001-_distutils-sysconfig.py-make-it-possible-to-substite.patch" -SRC_URI[sha256sum] = "0ff4183f8f42cd8fa3acea16c45205521a4ef28f73c6391d8a25e92893134f2e" +SRC_URI[sha256sum] = "5c0806c7d9af348e6dd3777b4f4dbb42c7ad85b190104837488eab9a7c945cf8" DEPENDS += "python3" RDEPENDS:${PN} = "\ - python3-2to3 \ python3-compile \ python3-compression \ python3-ctypes \ diff --git a/poky/meta/recipes-devtools/python/python3-trove-classifiers_2024.3.3.bb b/poky/meta/recipes-devtools/python/python3-trove-classifiers_2024.2.23.bb index b912efcf55..8514a52616 100644 --- a/poky/meta/recipes-devtools/python/python3-trove-classifiers_2024.3.3.bb +++ b/poky/meta/recipes-devtools/python/python3-trove-classifiers_2024.2.23.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/pypa/trove-classifiers" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" -SRC_URI[sha256sum] = "df7edff9c67ff86b733628998330b180e81d125b1e096536d83ac0fd79673fdc" +SRC_URI[sha256sum] = "8385160a12aac69c93fff058fb613472ed773a24a27eb3cd4b144cfbdd79f38c" inherit pypi python_setuptools_build_meta ptest diff --git a/poky/meta/recipes-devtools/python/python3-typing-extensions_4.11.0.bb b/poky/meta/recipes-devtools/python/python3-typing-extensions_4.10.0.bb index ad45b669ec..8698a80cc5 100644 --- a/poky/meta/recipes-devtools/python/python3-typing-extensions_4.11.0.bb +++ b/poky/meta/recipes-devtools/python/python3-typing-extensions_4.10.0.bb @@ -15,7 +15,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=fcf6b249c2641540219a727f35d8d2c2" # The name on PyPi is slightly different. PYPI_PACKAGE = "typing_extensions" -SRC_URI[sha256sum] = "83f085bd5ca59c80295fc2a82ab5dac679cbe02b9f33f7d83af68e241bea51b0" +SRC_URI[sha256sum] = "b0abd7c89e8fb96f98db18d86106ff1d90ab692004eb746cf6eda2682f91b3cb" inherit pypi python_flit_core diff --git a/poky/meta/recipes-devtools/python/python3-wheel_0.43.0.bb b/poky/meta/recipes-devtools/python/python3-wheel_0.42.0.bb index ba309ae5fc..807888e6c0 100644 --- a/poky/meta/recipes-devtools/python/python3-wheel_0.43.0.bb +++ b/poky/meta/recipes-devtools/python/python3-wheel_0.42.0.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=7ffb0db04527cfe380e4f2726bd05ebf" -SRC_URI[sha256sum] = "465ef92c69fa5c5da2d1cf8ac40559a8c940886afcef87dcf14b9470862f1d85" +SRC_URI[sha256sum] = "c45be39f7882c9d34243236f2d63cbd58039e360f85d0913425fbd7ceea617a8" inherit python_flit_core pypi diff --git a/poky/meta/recipes-devtools/python/python3-zipp_3.18.1.bb b/poky/meta/recipes-devtools/python/python3-zipp_3.17.0.bb index e43432469d..e9e220e315 100644 --- a/poky/meta/recipes-devtools/python/python3-zipp_3.18.1.bb +++ b/poky/meta/recipes-devtools/python/python3-zipp_3.17.0.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/jaraco/zipp" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=141643e11c48898150daa83802dbc65f" -SRC_URI[sha256sum] = "2884ed22e7d8961de1c9a05142eb69a247f120291bc0206a00a7642f09b5b715" +SRC_URI[sha256sum] = "84e64a1c28cf7e91ed2078bb8cc8c259cb19b76942096c8d7b84947690cabaf0" DEPENDS += "python3-setuptools-scm-native" diff --git a/poky/meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch b/poky/meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch new file mode 100644 index 0000000000..1d4cda18b1 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch @@ -0,0 +1,46 @@ +From 9d4cdbde100798ba9fa1cf3f82dbaf18fd10a543 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Wed, 8 May 2024 11:58:09 -0400 +Subject: [PATCH] test_shutdown: skip problematic test + +This test hangs frequently when run on the Autobuilder. Disable it in +testing until the cause can be determined. + +Upstream-Status: Inappropriate [OE-Specific] + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + Lib/test/test_concurrent_futures/test_shutdown.py | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/Lib/test/test_concurrent_futures/test_shutdown.py b/Lib/test/test_concurrent_futures/test_shutdown.py +index 7a4065afd4..6b878a48bf 100644 +--- a/Lib/test/test_concurrent_futures/test_shutdown.py ++++ b/Lib/test/test_concurrent_futures/test_shutdown.py +@@ -20,6 +20,7 @@ def sleep_and_print(t, msg): + sys.stdout.flush() + + ++@unittest.skip("skipping problematic test") + class ExecutorShutdownTest: + def test_run_after_shutdown(self): + self.executor.shutdown() +@@ -156,6 +157,7 @@ def timeout(_signum, _frame): + signal.signal(signal.SIGALRM, old_handler) + + ++@unittest.skip("skipping problematic test") + class ThreadPoolShutdownTest(ThreadPoolMixin, ExecutorShutdownTest, BaseTestCase): + def test_threads_terminate(self): + def acquire_lock(lock): +@@ -252,6 +254,7 @@ def test_cancel_futures_wait_false(self): + self.assertIn(out.strip(), [b"apple", b""]) + + ++@unittest.skip("skipping problematic test") + class ProcessPoolShutdownTest(ExecutorShutdownTest): + def test_processes_terminate(self): + def acquire_lock(lock): +-- +2.45.0 + diff --git a/poky/meta/recipes-devtools/python/python3_3.12.3.bb b/poky/meta/recipes-devtools/python/python3_3.12.4.bb index b49a58a101..0cb84b91b4 100644 --- a/poky/meta/recipes-devtools/python/python3_3.12.3.bb +++ b/poky/meta/recipes-devtools/python/python3_3.12.4.bb @@ -30,13 +30,14 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-skip-no_stdout_fileno-test-due-to-load-variability.patch \ file://0001-test_storlines-skip-due-to-load-variability.patch \ file://0001-gh-114492-Initialize-struct-termios-before-calling-t.patch \ + file://0001-test_shutdown-skip-problematic-test.patch \ " SRC_URI:append:class-native = " \ file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \ " -SRC_URI[sha256sum] = "56bfef1fdfc1221ce6720e43a661e3eb41785dd914ce99698d8c7896af4bdaa1" +SRC_URI[sha256sum] = "f6d419a6d8743ab26700801b4908d26d97e8b986e14f95de31b32de2b0e79554" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index 4501f84c2b..d22bc31ce3 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -42,6 +42,11 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2023-6683.patch \ file://qemu-guest-agent.init \ file://qemu-guest-agent.udev \ + file://CVE-2024-3446-01.patch \ + file://CVE-2024-3446-02.patch \ + file://CVE-2024-3446-03.patch \ + file://CVE-2024-3446-04.patch \ + file://CVE-2024-3567.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch new file mode 100644 index 0000000000..15dbca92cd --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch @@ -0,0 +1,73 @@ +rom eb546a3f49f45e6870ec91d792cd09f8a662c16e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org> +Date: Thu, 4 Apr 2024 20:56:11 +0200 +Subject: [PATCH] hw/virtio: Introduce virtio_bh_new_guarded() helper +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Introduce virtio_bh_new_guarded(), similar to qemu_bh_new_guarded() +but using the transport memory guard, instead of the device one +(there can only be one virtio device per virtio bus). + +Inspired-by: Gerd Hoffmann <kraxel@redhat.com> +Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> +Acked-by: Michael S. Tsirkin <mst@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> +Reviewed-by: Michael S. Tsirkin <mst@redhat.com> +Message-Id: <20240409105537.18308-2-philmd@linaro.org> +(cherry picked from commit ec0504b989ca61e03636384d3602b7bf07ffe4da) +Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/eb546a3f49f45e6870ec91d792cd09f8a662c16e] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + hw/virtio/virtio.c | 10 ++++++++++ + include/hw/virtio/virtio.h | 7 +++++++ + 2 files changed, 17 insertions(+) + +diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c +index 3a160f86e..8590b8971 100644 +--- a/hw/virtio/virtio.c ++++ b/hw/virtio/virtio.c +@@ -4095,3 +4095,13 @@ static void virtio_register_types(void) + } + + type_init(virtio_register_types) ++ ++QEMUBH *virtio_bh_new_guarded_full(DeviceState *dev, ++ QEMUBHFunc *cb, void *opaque, ++ const char *name) ++{ ++ DeviceState *transport = qdev_get_parent_bus(dev)->parent; ++ ++ return qemu_bh_new_full(cb, opaque, name, ++ &transport->mem_reentrancy_guard); ++} +diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h +index c8f72850b..7d5ffdc14 100644 +--- a/include/hw/virtio/virtio.h ++++ b/include/hw/virtio/virtio.h +@@ -22,6 +22,7 @@ + #include "standard-headers/linux/virtio_config.h" + #include "standard-headers/linux/virtio_ring.h" + #include "qom/object.h" ++#include "block/aio.h" + + /* + * A guest should never accept this. It implies negotiation is broken +@@ -508,4 +509,10 @@ static inline bool virtio_device_disabled(VirtIODevice *vdev) + bool virtio_legacy_allowed(VirtIODevice *vdev); + bool virtio_legacy_check_disabled(VirtIODevice *vdev); + ++QEMUBH *virtio_bh_new_guarded_full(DeviceState *dev, ++ QEMUBHFunc *cb, void *opaque, ++ const char *name); ++#define virtio_bh_new_guarded(dev, cb, opaque) \ ++ virtio_bh_new_guarded_full((dev), (cb), (opaque), (stringify(cb))) ++ + #endif +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch new file mode 100644 index 0000000000..843ed43ba8 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch @@ -0,0 +1,48 @@ +From 4f01537ced3e787bd985b8f8de5869b92657160a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org> +Date: Thu, 4 Apr 2024 20:56:41 +0200 +Subject: [PATCH] hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Replace qemu_bh_new_guarded() by virtio_bh_new_guarded() +so the bus and device use the same guard. Otherwise the +DMA-reentrancy protection can be bypassed. + +Fixes: CVE-2024-3446 +Cc: qemu-stable@nongnu.org +Suggested-by: Alexander Bulekov <alxndr@bu.edu> +Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> +Acked-by: Michael S. Tsirkin <mst@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> +Reviewed-by: Michael S. Tsirkin <mst@redhat.com> +Message-Id: <20240409105537.18308-5-philmd@linaro.org> +(cherry picked from commit f4729ec39ad97a42ceaa7b5697f84f440ea6e5dc) +Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/4f01537ced3e787bd985b8f8de5869b92657160a] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + hw/virtio/virtio-crypto.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c +index 0e2cc8d5a..4aaced74b 100644 +--- a/hw/virtio/virtio-crypto.c ++++ b/hw/virtio/virtio-crypto.c +@@ -1080,8 +1080,8 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp) + vcrypto->vqs[i].dataq = + virtio_add_queue(vdev, 1024, virtio_crypto_handle_dataq_bh); + vcrypto->vqs[i].dataq_bh = +- qemu_bh_new_guarded(virtio_crypto_dataq_bh, &vcrypto->vqs[i], +- &dev->mem_reentrancy_guard); ++ virtio_bh_new_guarded(dev, virtio_crypto_dataq_bh, ++ &vcrypto->vqs[i]); + vcrypto->vqs[i].vcrypto = vcrypto; + } + +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch new file mode 100644 index 0000000000..a24652dea3 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch @@ -0,0 +1,47 @@ +From fbeb0a160cbcc067c0e1f0d380cea4a31de213e3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org> +Date: Thu, 4 Apr 2024 20:56:35 +0200 +Subject: [PATCH] hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Replace qemu_bh_new_guarded() by virtio_bh_new_guarded() +so the bus and device use the same guard. Otherwise the +DMA-reentrancy protection can be bypassed. + +Fixes: CVE-2024-3446 +Cc: qemu-stable@nongnu.org +Suggested-by: Alexander Bulekov <alxndr@bu.edu> +Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> +Acked-by: Michael S. Tsirkin <mst@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> +Reviewed-by: Michael S. Tsirkin <mst@redhat.com> +Message-Id: <20240409105537.18308-4-philmd@linaro.org> +(cherry picked from commit b4295bff25f7b50de1d9cc94a9c6effd40056bca) +Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/fbeb0a160cbcc067c0e1f0d380cea4a31de213e3] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + hw/char/virtio-serial-bus.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c +index dd619f073..1221fb7f1 100644 +--- a/hw/char/virtio-serial-bus.c ++++ b/hw/char/virtio-serial-bus.c +@@ -985,8 +985,7 @@ static void virtser_port_device_realize(DeviceState *dev, Error **errp) + return; + } + +- port->bh = qemu_bh_new_guarded(flush_queued_data_bh, port, +- &dev->mem_reentrancy_guard); ++ port->bh = virtio_bh_new_guarded(dev, flush_queued_data_bh, port); + port->elem = NULL; + } + +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch new file mode 100644 index 0000000000..7f0293242d --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch @@ -0,0 +1,52 @@ +From 1b2a52712b249e14d246cd9c7db126088e6e64db Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org> +Date: Thu, 4 Apr 2024 20:56:27 +0200 +Subject: [PATCH] hw/display/virtio-gpu: Protect from DMA re-entrancy bugs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +qemu-system-i386: warning: Blocked re-entrant IO on MemoryRegion: virtio-pci-common-virtio-gpu at addr: 0x6 + +Fixes: CVE-2024-3446 +Cc: qemu-stable@nongnu.org +Reported-by: Alexander Bulekov <alxndr@bu.edu> +Reported-by: Yongkang Jia <kangel@zju.edu.cn> +Reported-by: Xiao Lei <nop.leixiao@gmail.com> +Reported-by: Yiming Tao <taoym@zju.edu.cn> +Buglink: https://bugs.launchpad.net/qemu/+bug/1888606 +Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> +Acked-by: Michael S. Tsirkin <mst@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> +Reviewed-by: Michael S. Tsirkin <mst@redhat.com> +Message-Id: <20240409105537.18308-3-philmd@linaro.org> +(cherry picked from commit ba28e0ff4d95b56dc334aac2730ab3651ffc3132) +Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1b2a52712b249e14d246cd9c7db126088e6e64db] +CVE: CVE-2024-3446 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + hw/display/virtio-gpu.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c +index b016d3bac..a7b16ba07 100644 +--- a/hw/display/virtio-gpu.c ++++ b/hw/display/virtio-gpu.c +@@ -1463,10 +1463,8 @@ void virtio_gpu_device_realize(DeviceState *qdev, Error **errp) + + g->ctrl_vq = virtio_get_queue(vdev, 0); + g->cursor_vq = virtio_get_queue(vdev, 1); +- g->ctrl_bh = qemu_bh_new_guarded(virtio_gpu_ctrl_bh, g, +- &qdev->mem_reentrancy_guard); +- g->cursor_bh = qemu_bh_new_guarded(virtio_gpu_cursor_bh, g, +- &qdev->mem_reentrancy_guard); ++ g->ctrl_bh = virtio_bh_new_guarded(qdev, virtio_gpu_ctrl_bh, g); ++ g->cursor_bh = virtio_bh_new_guarded(qdev, virtio_gpu_cursor_bh, g); + g->reset_bh = qemu_bh_new(virtio_gpu_reset_bh, g); + qemu_cond_init(&g->reset_cond); + QTAILQ_INIT(&g->reslist); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch new file mode 100644 index 0000000000..f14178f881 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch @@ -0,0 +1,48 @@ +From 1cfe45956e03070f894e91b304e233b4d5b99719 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org> +Date: Tue, 9 Apr 2024 19:54:05 +0200 +Subject: [PATCH] hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If a fragmented packet size is too short, do not try to +calculate its checksum. + +Fixes: CVE-2024-3567 +Cc: qemu-stable@nongnu.org +Reported-by: Zheyu Ma <zheyuma97@gmail.com> +Fixes: f199b13bc1 ("igb: Implement Tx SCTP CSO") +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2273 +Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> +Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> +Acked-by: Jason Wang <jasowang@redhat.com> +Message-Id: <20240410070459.49112-1-philmd@linaro.org> +(cherry picked from commit 83ddb3dbba2ee0f1767442ae6ee665058aeb1093) +Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719] +CVE: CVE-2024-3567 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + hw/net/net_tx_pkt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c +index 2e5f58b3c..d40d508a1 100644 +--- a/hw/net/net_tx_pkt.c ++++ b/hw/net/net_tx_pkt.c +@@ -141,6 +141,10 @@ bool net_tx_pkt_update_sctp_checksum(struct NetTxPkt *pkt) + uint32_t csum = 0; + struct iovec *pl_start_frag = pkt->vec + NET_TX_PKT_PL_START_FRAG; + ++ if (iov_size(pl_start_frag, pkt->payload_frags) < 8 + sizeof(csum)) { ++ return false; ++ } ++ + if (iov_from_buf(pl_start_frag, pkt->payload_frags, 8, &csum, sizeof(csum)) < sizeof(csum)) { + return false; + } +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/repo/repo_2.44.bb b/poky/meta/recipes-devtools/repo/repo_2.42.bb index 875897851a..9bb5000fab 100644 --- a/poky/meta/recipes-devtools/repo/repo_2.44.bb +++ b/poky/meta/recipes-devtools/repo/repo_2.42.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SRC_URI = "git://gerrit.googlesource.com/git-repo.git;protocol=https;branch=main \ " -SRCREV = "fff1d2d74c2078b62cc9c2561330e41a842dc197" +SRCREV = "5554572f02537b8646139d59ab520e59e1d5f7b3" MIRRORS += "git://gerrit.googlesource.com/git-repo.git git://github.com/GerritCodeReview/git-repo.git" diff --git a/poky/meta/recipes-devtools/rsync/files/0001-Add-missing-prototypes-to-function-declarations.patch b/poky/meta/recipes-devtools/rsync/files/0001-Add-missing-prototypes-to-function-declarations.patch index 2379de84f2..8895adad74 100644 --- a/poky/meta/recipes-devtools/rsync/files/0001-Add-missing-prototypes-to-function-declarations.patch +++ b/poky/meta/recipes-devtools/rsync/files/0001-Add-missing-prototypes-to-function-declarations.patch @@ -1,4 +1,4 @@ -From 2beb35c34c45320144f37b12ef4d72fb8734280e Mon Sep 17 00:00:00 2001 +From 651425fced0691d9063fe417388ba6ca1c38c40b Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Mon, 29 Aug 2022 19:53:28 -0700 Subject: [PATCH] Add missing prototypes to function declarations @@ -15,6 +15,7 @@ Fixes errors like Upstream-Status: Submitted [https://lists.samba.org/archive/rsync/2022-August/032858.html] Signed-off-by: Khem Raj <raj.khem@gmail.com> + --- checksum.c | 2 +- exclude.c | 2 +- @@ -29,10 +30,10 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> 10 files changed, 12 insertions(+), 13 deletions(-) diff --git a/checksum.c b/checksum.c -index cb21882..736818b 100644 +index 60de365..67a9e16 100644 --- a/checksum.c +++ b/checksum.c -@@ -779,7 +779,7 @@ static void verify_digest(struct name_num_item *nni, BOOL check_auth_list) +@@ -778,7 +778,7 @@ static void verify_digest(struct name_num_item *nni, BOOL check_auth_list) } #endif @@ -42,7 +43,7 @@ index cb21882..736818b 100644 #if defined SUPPORT_XXH3 || defined USE_OPENSSL struct name_num_item *nni; diff --git a/exclude.c b/exclude.c -index 87edbcf..ae0de2f 100644 +index ffe55b1..a85ea76 100644 --- a/exclude.c +++ b/exclude.c @@ -363,7 +363,7 @@ void implied_include_partial_string(const char *s_start, const char *s_end) @@ -95,10 +96,10 @@ index e4ba1cc..8482b71 100644 int options = LOG_PID; diff --git a/main.c b/main.c -index 0c60b86..4bc664a 100644 +index d2a7b9b..c50af45 100644 --- a/main.c +++ b/main.c -@@ -246,7 +246,7 @@ void read_del_stats(int f) +@@ -244,7 +244,7 @@ void read_del_stats(int f) stats.deleted_files += stats.deleted_specials = read_varint(f); } diff --git a/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch b/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch index 0c9ce8b8e3..92ed1f4419 100644 --- a/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch +++ b/poky/meta/recipes-devtools/rsync/files/makefile-no-rebuild.patch @@ -1,4 +1,4 @@ -From f446686c26c499e15ef17d495a93cfbc20e16090 Mon Sep 17 00:00:00 2001 +From 81700d1a0e51391028c761cc8ef1cd660084d114 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Tue, 12 Apr 2016 15:51:54 +0100 Subject: [PATCH] rsync: remove upstream's rebuild logic @@ -8,15 +8,16 @@ generally overcomplicated, and we ensure that autoreconf is invoked if required. Upstream-Status: Inappropriate Signed-off-by: Ross Burton <ross.burton@intel.com> + --- Makefile.in | 54 ----------------------------------------------------- 1 file changed, 54 deletions(-) diff --git a/Makefile.in b/Makefile.in -index a1253e5..a084935 100644 +index 3cde955..d963a70 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -192,60 +192,6 @@ gensend: gen +@@ -190,60 +190,6 @@ gensend: gen fi rsync -aic $(GENFILES) git-version.h $${SAMBA_HOST-samba.org}:/home/ftp/pub/rsync/generated-files/ || true diff --git a/poky/meta/recipes-devtools/rsync/rsync_3.3.0.bb b/poky/meta/recipes-devtools/rsync/rsync_3.2.7.bb index b42026331d..130581a785 100644 --- a/poky/meta/recipes-devtools/rsync/rsync_3.3.0.bb +++ b/poky/meta/recipes-devtools/rsync/rsync_3.2.7.bb @@ -16,7 +16,7 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \ file://determism.patch \ file://0001-Add-missing-prototypes-to-function-declarations.patch \ " -SRC_URI[sha256sum] = "7399e9a6708c32d678a72a63219e96f23be0be2336e50fd1348498d07041df90" +SRC_URI[sha256sum] = "4e7d9d3f6ed10878c58c5fb724a67dacf4b6aac7340b13e488fb2dc41346f2bb" inherit autotools-brokensep diff --git a/poky/meta/recipes-devtools/ruby/ruby/0001-extmk-fix-cross-compilation-of-external-gems.patch b/poky/meta/recipes-devtools/ruby/ruby/0001-extmk-fix-cross-compilation-of-external-gems.patch index 7402e76333..2e3156880e 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0001-extmk-fix-cross-compilation-of-external-gems.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0001-extmk-fix-cross-compilation-of-external-gems.patch @@ -1,7 +1,7 @@ -From caa03f46a3204a7e0f0e5d9d9cc9113304dc0382 Mon Sep 17 00:00:00 2001 +From a6e12b25a54d112c899b70c89c0bec9c5e5ebf3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> Date: Mon, 30 Sep 2019 16:57:01 +0100 -Subject: [PATCH] extmk: fix cross-compilation of external gems +Subject: [PATCH 1/3] extmk: fix cross-compilation of external gems MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -16,10 +16,10 @@ Signed-off-by: André Draszik <andre.draszik@jci.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/extmk.rb b/ext/extmk.rb -index 428ffc9..87eff71 100755 +index 1389dc4117..e4d923d7a7 100755 --- a/ext/extmk.rb +++ b/ext/extmk.rb -@@ -420,8 +420,8 @@ else +@@ -413,8 +413,8 @@ def $mflags.defined?(var) end $ruby = [$ruby] $ruby << "-I'$(topdir)'" @@ -29,3 +29,6 @@ index 428ffc9..87eff71 100755 $ruby << "-I'$(extout)/$(arch)'" << "-I'$(extout)/common'" if $extout ENV["RUBYLIB"] = "-" end +-- +2.23.0.rc1 + diff --git a/poky/meta/recipes-devtools/ruby/ruby/0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch b/poky/meta/recipes-devtools/ruby/ruby/0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch new file mode 100644 index 0000000000..1dff9c0f8c --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch @@ -0,0 +1,52 @@ +From 6b3c202b46b9312c5bb0789145f13d8086e70948 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 15 Jan 2023 02:34:17 -0800 +Subject: [PATCH] fiddle: Use C11 _Alignof to define ALIGN_OF when possible + +WG14 N2350 made very clear that it is an UB having type definitions +within "offsetof" [1]. This patch enhances the implementation of macro +ALIGN_OF to use builtin "_Alignof" to avoid undefined behavior +when using std=c11 or newer + +clang 16+ has started to flag this [2] + +Fixes build when using -std >= gnu11 and using clang16+ + +Older compilers gcc < 4.9 or clang < 8 has buggy _Alignof even though it +may support C11, exclude those compiler versions + +[1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2350.htm +[2] https://reviews.llvm.org/D133574 + +Upstream-Status: Submitted [https://github.com/ruby/fiddle/pull/120] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + ext/fiddle/fiddle.h | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/ext/fiddle/fiddle.h b/ext/fiddle/fiddle.h +index 10eb9ce..ffb395e 100644 +--- a/ext/fiddle/fiddle.h ++++ b/ext/fiddle/fiddle.h +@@ -196,7 +196,17 @@ + #endif + #define TYPE_UINTPTR_T (-TYPE_INTPTR_T) + +-#define ALIGN_OF(type) offsetof(struct {char align_c; type align_x;}, align_x) ++/* GCC releases before GCC 4.9 had a bug in _Alignof. See GCC bug 52023 ++ <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>. ++ clang versions < 8.0.0 have the same bug. */ ++#if (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112 \ ++ || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9) \ ++ && !defined __clang__) \ ++ || (defined __clang__ && __clang_major__ < 8)) ++# define ALIGN_OF(type) offsetof(struct {char align_c; type align_x;}, align_x) ++#else ++# define ALIGN_OF(type) _Alignof(type) ++#endif + + #define ALIGN_VOIDP ALIGN_OF(void*) + #define ALIGN_CHAR ALIGN_OF(char) +-- +2.39.0 + diff --git a/poky/meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch b/poky/meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch new file mode 100644 index 0000000000..226ef3af75 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch @@ -0,0 +1,32 @@ +From 2368d07660a93a2c41d63f3ab6054ca4daeef820 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Tue, 17 Nov 2020 18:31:40 +0000 +Subject: [PATCH] template/Makefile.in: do not write host cross-cc items into + target config + +This helps reproducibility. + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + template/Makefile.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/template/Makefile.in b/template/Makefile.in +index 10dc826..940ee07 100644 +--- a/template/Makefile.in ++++ b/template/Makefile.in +@@ -657,11 +657,11 @@ mjit_config.h: + echo '#endif'; \ + quote MJIT_MIN_HEADER_NAME "$(MJIT_MIN_HEADER_NAME)"; \ + sep=,; \ +- quote "MJIT_CC_COMMON " $(MJIT_CC); \ ++ quote "MJIT_CC_COMMON " ; \ + quote "MJIT_CFLAGS MJIT_ARCHFLAG" $(MJIT_CFLAGS); \ + quote "MJIT_OPTFLAGS " $(MJIT_OPTFLAGS); \ + quote "MJIT_DEBUGFLAGS " $(MJIT_DEBUGFLAGS); \ +- quote "MJIT_LDSHARED " $(MJIT_LDSHARED); \ ++ quote "MJIT_LDSHARED " ; \ + quote "MJIT_DLDFLAGS MJIT_ARCHFLAG" $(MJIT_DLDFLAGS); \ + quote "MJIT_LIBS " $(LIBRUBYARG_SHARED); \ + quote 'PRELOADENV "@PRELOADENV@"'; \ diff --git a/poky/meta/recipes-devtools/ruby/ruby/0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch b/poky/meta/recipes-devtools/ruby/ruby/0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch index 67054d6553..f7b7adb3fd 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch @@ -1,4 +1,4 @@ -From 980dcc5380db6f03451357140ae1487117300156 Mon Sep 17 00:00:00 2001 +From dfb22e4d6662bf72879eda806eaa78c7b52b519e Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Tue, 25 Jan 2022 20:29:14 -0800 Subject: [PATCH] vm_dump.c: Define REG_S1 and REG_S2 for musl/riscv @@ -14,7 +14,7 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> 1 file changed, 5 insertions(+) diff --git a/vm_dump.c b/vm_dump.c -index 444be4a..8a081a7 100644 +index a98f5aa..957b785 100644 --- a/vm_dump.c +++ b/vm_dump.c @@ -39,6 +39,11 @@ @@ -29,3 +29,6 @@ index 444be4a..8a081a7 100644 #define VM_CFP_CNT(ec, cfp) \ ((rb_control_frame_t *)((ec)->vm_stack + (ec)->vm_stack_size) - \ (rb_control_frame_t *)(cfp)) +-- +2.35.0 + diff --git a/poky/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch b/poky/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch index f3a65e785d..96ae86263b 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch @@ -1,19 +1,20 @@ -From 7f7facb85bd65adec24230fe8ca7f6a9863a1fd0 Mon Sep 17 00:00:00 2001 +From 21d8e7700fa0a9c4bf569dd366134060ae858832 Mon Sep 17 00:00:00 2001 From: Christopher Larson <chris_larson@mentor.com> Date: Thu, 5 May 2016 10:59:07 -0700 Subject: [PATCH] Obey LDFLAGS for the link of libruby Signed-off-by: Christopher Larson <chris_larson@mentor.com> Upstream-Status: Pending + --- template/Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/template/Makefile.in b/template/Makefile.in -index 8c462f2..2200c8c 100644 +index 1456313..15b98a4 100644 --- a/template/Makefile.in +++ b/template/Makefile.in -@@ -115,7 +115,7 @@ ENABLE_SHARED = @ENABLE_SHARED@ +@@ -127,7 +127,7 @@ ENABLE_SHARED = @ENABLE_SHARED@ LDSHARED = @LIBRUBY_LDSHARED@ DLDSHARED = @DLDSHARED@ XDLDFLAGS = @DLDFLAGS@ @@ -21,4 +22,4 @@ index 8c462f2..2200c8c 100644 +DLDFLAGS = @LIBRUBY_DLDFLAGS@ @LDFLAGS@ $(XLDFLAGS) $(ARCH_FLAG) SOLIBS = @SOLIBS@ ENABLE_DEBUG_ENV = @ENABLE_DEBUG_ENV@ - MAINLIBS = @MAINLIBS@ + MAINLIBS = $(YJIT_LIBS) @MAINLIBS@ diff --git a/poky/meta/recipes-devtools/ruby/ruby/0002-template-Makefile.in-filter-out-f-prefix-map.patch b/poky/meta/recipes-devtools/ruby/ruby/0002-template-Makefile.in-filter-out-f-prefix-map.patch new file mode 100644 index 0000000000..2efbad7513 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/0002-template-Makefile.in-filter-out-f-prefix-map.patch @@ -0,0 +1,42 @@ +Subject: [PATCH] template/Makefile.in: filter out -f*prefix-map + +If we add DEBUG_PREFIX_MAP into LDFLAGS, ruby and ruby-dbg are no longer +reproducible. Fix this. + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Tony Battersby <tonyb@cybernetics.com> +--- +--- a/tool/mjit_archflag.sh ++++ b/tool/mjit_archflag.sh +@@ -7,6 +7,20 @@ quote() { + echo + } + ++quote_filtered() { ++ printf "#${indent}define $1" ++ while shift && [ "$#" -gt 0 ]; do ++ case "$1" in ++ -ffile-prefix-map=*|-fdebug-prefix-map=*|-fmacro-prefix-map=*) ++ ;; ++ *) ++ printf ' "%s"'$sep "$1" ++ ;; ++ esac ++ done ++ echo ++} ++ + archs="" + arch_flag="" + +--- a/template/Makefile.in ++++ b/template/Makefile.in +@@ -666,7 +666,7 @@ mjit_config.h: + quote "MJIT_OPTFLAGS " $(MJIT_OPTFLAGS); \ + quote "MJIT_DEBUGFLAGS " $(MJIT_DEBUGFLAGS); \ + quote "MJIT_LDSHARED " ; \ +- quote "MJIT_DLDFLAGS MJIT_ARCHFLAG" $(MJIT_DLDFLAGS); \ ++ quote_filtered "MJIT_DLDFLAGS MJIT_ARCHFLAG" $(MJIT_DLDFLAGS); \ + quote "MJIT_LIBS " $(LIBRUBYARG_SHARED); \ + quote 'PRELOADENV "@PRELOADENV@"'; \ + indent=$${archs:+' '}; \ diff --git a/poky/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch b/poky/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch index e2d5b57c25..f92f0e1ba6 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch @@ -1,7 +1,6 @@ -From 5079e678ce2a81416088c04f9123cd8207d5def2 Mon Sep 17 00:00:00 2001 From: Christian Hofstaedtler <zeha@debian.org> Date: Tue, 10 Oct 2017 15:04:34 -0300 -Subject: [PATCH] rdoc: build reproducible documentation +Subject: rdoc: build reproducible documentation - provide a fixed timestamp to the gzip compression @@ -11,24 +10,23 @@ Signed-off-by: Antonio Terceiro <terceiro@debian.org> Signed-off-by: Christian Hofstaedtler <zeha@debian.org> --- lib/rdoc/generator/json_index.rb | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) + lib/rdoc/rdoc.rb | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) -diff --git a/lib/rdoc/generator/json_index.rb b/lib/rdoc/generator/json_index.rb -index c454910..24feab0 100644 --- a/lib/rdoc/generator/json_index.rb +++ b/lib/rdoc/generator/json_index.rb -@@ -178,7 +178,7 @@ class RDoc::Generator::JsonIndex +@@ -178,7 +178,7 @@ debug_msg "Writing gzipped search index to %s" % outfile - + Zlib::GzipWriter.open(outfile) do |gz| - gz.mtime = File.mtime(search_index_file) + gz.mtime = -1 gz.orig_name = search_index_file.basename.to_s gz.write search_index gz.close -@@ -196,7 +196,7 @@ class RDoc::Generator::JsonIndex +@@ -196,7 +196,7 @@ debug_msg "Writing gzipped file to %s" % outfile - + Zlib::GzipWriter.open(outfile) do |gz| - gz.mtime = File.mtime(dest) + gz.mtime = -1 diff --git a/poky/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch b/poky/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch index b14a731cfb..e0aca0dcfc 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch @@ -1,7 +1,6 @@ -From 99734381652602f76075017576a819c427ebb5f2 Mon Sep 17 00:00:00 2001 From: Reiner Herrmann <reiner@reiner-h.de> Date: Tue, 10 Oct 2017 15:06:13 -0300 -Subject: [PATCH] lib/mkmf.rb: sort list of object files in generated Makefile +Subject: lib/mkmf.rb: sort list of object files in generated Makefile Without sorting the list explicitly, its order is indeterministic, because readdir() is also not deterministic. @@ -16,11 +15,9 @@ Signed-off-by: Reiner Herrmann <reiner@reiner-h.de> lib/mkmf.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/lib/mkmf.rb b/lib/mkmf.rb -index 6da7dde..3af30a9 100644 --- a/lib/mkmf.rb +++ b/lib/mkmf.rb -@@ -2368,7 +2368,7 @@ LOCAL_LIBS = #{$LOCAL_LIBS} +@@ -2315,7 +2315,7 @@ LIBS = #{$LIBRUBYARG} #{$libs} #{$LIBS} ORIG_SRCS = #{orig_srcs.collect(&File.method(:basename)).join(' ')} SRCS = $(ORIG_SRCS) #{(srcs - orig_srcs).collect(&File.method(:basename)).join(' ')} diff --git a/poky/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch b/poky/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch index 24268625a2..41f206523e 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch @@ -1,4 +1,4 @@ -From 3bc324379aa3e322bad9353da8c0064cd671cc74 Mon Sep 17 00:00:00 2001 +From 6e1dc610724a7aa8368cbcddf4bbe21cccc0f731 Mon Sep 17 00:00:00 2001 From: Lucas Kanashiro <kanashiro@debian.org> Date: Fri, 1 Nov 2019 15:25:17 -0300 Subject: [PATCH] Make gemspecs reproducible @@ -12,20 +12,20 @@ Upstream-Status: Backport [debian] 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb -index a0c7faa..f0722d9 100644 +index 0d72cee..eb7bc25 100644 --- a/lib/rubygems/specification.rb +++ b/lib/rubygems/specification.rb -@@ -1774,7 +1774,9 @@ class Gem::Specification < Gem::BasicSpecification - raise(Gem::InvalidSpecificationException, - "invalid date format in specification: #{date.inspect}") - end -- when Time, DateLike then -+ when Time then -+ Time.utc(date.utc.year, date.utc.month, date.utc.day) -+ when DateLike then - Time.utc(date.year, date.month, date.day) - else - TODAY +@@ -1691,7 +1691,9 @@ class Gem::Specification < Gem::BasicSpecification + raise(Gem::InvalidSpecificationException, + "invalid date format in specification: #{date.inspect}") + end +- when Time, DateLike then ++ when Time then ++ Time.utc(date.utc.year, date.utc.month, date.utc.day) ++ when DateLike then + Time.utc(date.year, date.month, date.day) + else + TODAY -- -2.39.2 +2.25.1 diff --git a/poky/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch b/poky/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch index 21604dfc34..0a87cae17f 100644 --- a/poky/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch +++ b/poky/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch @@ -1,4 +1,4 @@ -From 1dc7ef09c3c567c4adb09ccfd97e0e59c58edb9f Mon Sep 17 00:00:00 2001 +From 3f60710bc29c1b08e128314d40101e87b7d2c9a1 Mon Sep 17 00:00:00 2001 From: Lucas Kanashiro <kanashiro@debian.org> Date: Fri, 1 Nov 2019 15:25:17 -0300 Subject: [PATCH] Make gemspecs reproducible @@ -7,6 +7,7 @@ Without an explicit date, they will get the current date and make the build unreproducible Upstream-Status: Backport [debian] + --- ext/bigdecimal/bigdecimal.gemspec | 1 + ext/fiddle/fiddle.gemspec | 1 + @@ -16,12 +17,12 @@ Upstream-Status: Backport [debian] 5 files changed, 5 insertions(+) diff --git a/ext/bigdecimal/bigdecimal.gemspec b/ext/bigdecimal/bigdecimal.gemspec -index f9f3b45..b9a469d 100644 +index d215757..5148d56 100644 --- a/ext/bigdecimal/bigdecimal.gemspec +++ b/ext/bigdecimal/bigdecimal.gemspec -@@ -14,6 +14,7 @@ Gem::Specification.new do |s| - s.name = name - s.version = source_version +@@ -4,6 +4,7 @@ Gem::Specification.new do |s| + s.name = "bigdecimal" + s.version = "3.1.3" s.authors = ["Kenta Murata", "Zachary Scott", "Shigeo Kobayashi"] + s.date = RUBY_RELEASE_DATE s.email = ["mrkn@mrkn.jp"] @@ -40,10 +41,10 @@ index 8781093..efdca32 100644 spec.email = ["aaron@tenderlovemaking.com", "hsbt@ruby-lang.org"] diff --git a/ext/io/console/io-console.gemspec b/ext/io/console/io-console.gemspec -index d4f5276..8f89611 100644 +index d26a757..cc88c55 100644 --- a/ext/io/console/io-console.gemspec +++ b/ext/io/console/io-console.gemspec -@@ -4,6 +4,7 @@ _VERSION = "0.7.1" +@@ -4,6 +4,7 @@ _VERSION = "0.6.0" Gem::Specification.new do |s| s.name = "io-console" s.version = _VERSION @@ -64,7 +65,7 @@ index 1f4798e..48743cf 100644 spec.email = ["knu@idaemons.org", "ume@mahoroba.org"] diff --git a/lib/rdoc/rdoc.gemspec b/lib/rdoc/rdoc.gemspec -index 93a281c..cc5c155 100644 +index 3c96f7d..fec0872 100644 --- a/lib/rdoc/rdoc.gemspec +++ b/lib/rdoc/rdoc.gemspec @@ -7,6 +7,7 @@ end diff --git a/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch new file mode 100644 index 0000000000..17c7e30176 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch @@ -0,0 +1,56 @@ +From 2ebb50d2dc302917a6f57c1239dc9e700dfe0e34 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada <nobu@ruby-lang.org> +Date: Thu, 27 Jul 2023 15:53:01 +0800 +Subject: [PATCH] Fix quadratic backtracking on invalid relative URI + +https://hackerone.com/reports/1958260 + +CVE: CVE-2023-36617 + +Upstream-Status: Backport [https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/uri/rfc2396_parser.rb | 4 ++-- + test/uri/test_parser.rb | 12 ++++++++++++ + 2 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb +index 76a8f99..00c66cf 100644 +--- a/lib/uri/rfc2396_parser.rb ++++ b/lib/uri/rfc2396_parser.rb +@@ -497,8 +497,8 @@ module URI + ret = {} + + # for URI::split +- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) +- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) ++ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) ++ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) + + # for URI::extract + ret[:URI_REF] = Regexp.new(pattern[:URI_REF]) +diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb +index 72fb590..721e05e 100644 +--- a/test/uri/test_parser.rb ++++ b/test/uri/test_parser.rb +@@ -79,4 +79,16 @@ class URI::TestParser < Test::Unit::TestCase + assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com")) + assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]")) + end ++ ++ def test_rfc2822_parse_relative_uri ++ pre = ->(length) { ++ " " * length + "\0" ++ } ++ parser = URI::RFC2396_Parser.new ++ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri| ++ assert_raise(URI::InvalidURIError) do ++ parser.split(uri) ++ end ++ end ++ end + end +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch new file mode 100644 index 0000000000..7c51deaa42 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch @@ -0,0 +1,52 @@ +From eea5868120509c245216c4b5c2d4b5db1c593d0e Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada <nobu@ruby-lang.org> +Date: Thu, 27 Jul 2023 16:16:30 +0800 +Subject: [PATCH] Fix quadratic backtracking on invalid port number + +https://hackerone.com/reports/1958260 + +CVE: CVE-2023-36617 + +Upstream-Status: Backport [https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/uri/rfc3986_parser.rb | 2 +- + test/uri/test_parser.rb | 10 ++++++++++ + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb +index dd24a40..9b1663d 100644 +--- a/lib/uri/rfc3986_parser.rb ++++ b/lib/uri/rfc3986_parser.rb +@@ -100,7 +100,7 @@ module URI + QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, + FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, + OPAQUE: /\A(?:[^\/].*)?\z/, +- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/, ++ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/, + } + end + +diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb +index 721e05e..cee0acb 100644 +--- a/test/uri/test_parser.rb ++++ b/test/uri/test_parser.rb +@@ -91,4 +91,14 @@ class URI::TestParser < Test::Unit::TestCase + end + end + end ++ ++ def test_rfc3986_port_check ++ pre = ->(length) {"\t" * length + "a"} ++ uri = URI.parse("http://my.example.com") ++ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port| ++ assert_raise(URI::InvalidComponentError) do ++ uri.port = port ++ end ++ end ++ end + end +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/ruby/ruby/remove_has_include_macros.patch b/poky/meta/recipes-devtools/ruby/ruby/remove_has_include_macros.patch new file mode 100644 index 0000000000..b78e3db892 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/remove_has_include_macros.patch @@ -0,0 +1,35 @@ +From e74b57febec9bd806e29025e6eeb8091e7021d75 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 26 Jan 2020 11:27:40 -0800 +Subject: [PATCH] Filter out __has_include* compiler defines + +They are internal to compiler and this header is later on includes in C +files, but newer gcc >= 10 complains about it. + +error in initial header file: +| In file included from /tmp/20200124-86625-14hiju4.c:1: +| /tmp/20200124-86625-11y6l6i.h:13849:9: error: "__has_include" cannot be used as a macro name +| 13849 | #define __has_include __has_include +| | ^~~~~~~~~~~~~ +| compilation terminated due to -Wfatal-errors. + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +--- + common.mk | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/common.mk b/common.mk +index 664f750..3b8fbe6 100644 +--- a/common.mk ++++ b/common.mk +@@ -238,6 +238,8 @@ $(TIMESTAMPDIR)/$(MJIT_HEADER:.h=)$(MJIT_HEADER_SUFFIX).time: probes.h vm.$(OBJE + $(ECHO) building $(@F:.time=.h) + $(Q)$(MINIRUBY) $(tooldir)/mjit_tabs.rb "$(MJIT_TABS)" \ + $(CPP) -DMJIT_HEADER $(MJIT_HEADER_FLAGS) $(CFLAGS) $(XCFLAGS) $(CPPFLAGS) $(srcdir)/vm.c $(CPPOUTFLAG)$(@F:.time=.h).new ++ $(Q)sed -i -e "/#define __has_include __has_include/d" $(@F:.time=.h).new ++ $(Q)sed -i -e "/#define __has_include_next __has_include_next/d" $(@F:.time=.h).new + $(Q) $(IFCHANGE) "--timestamp=$@" $(@F:.time=.h) $(@F:.time=.h).new + + $(MJIT_HEADER:.h=)$(MJIT_HEADER_SUFFIX).h: $(TIMESTAMPDIR)/$(MJIT_HEADER:.h=)$(MJIT_HEADER_SUFFIX).time diff --git a/poky/meta/recipes-devtools/ruby/ruby_3.3.0.bb b/poky/meta/recipes-devtools/ruby/ruby_3.2.2.bb index 17eb6d73c2..d1359e388c 100644 --- a/poky/meta/recipes-devtools/ruby/ruby_3.3.0.bb +++ b/poky/meta/recipes-devtools/ruby/ruby_3.2.2.bb @@ -10,7 +10,7 @@ LICENSE = "Ruby | BSD-2-Clause | BSD-3-Clause | GPL-2.0-only | ISC | MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=5b8c87559868796979806100db3f3805 \ file://BSDL;md5=8b50bc6de8f586dc66790ba11d064d75 \ file://GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://LEGAL;md5=81e6a4d81533b9263da4c3485a0ad883 \ + file://LEGAL;md5=bcd74b47bbaf2051c5e49811a5faa97a \ " DEPENDS = "zlib openssl libyaml gdbm readline libffi" @@ -21,12 +21,18 @@ SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}" SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://0001-extmk-fix-cross-compilation-of-external-gems.patch \ file://0002-Obey-LDFLAGS-for-the-link-of-libruby.patch \ + file://remove_has_include_macros.patch \ file://run-ptest \ + file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ + file://0002-template-Makefile.in-filter-out-f-prefix-map.patch \ file://0003-rdoc-build-reproducible-documentation.patch \ file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \ file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ file://0006-Make-gemspecs-reproducible.patch \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ + file://0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch \ + file://CVE-2023-36617_1.patch \ + file://CVE-2023-36617_2.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/" @@ -47,7 +53,7 @@ do_configure:prepend() { DEPENDS:append:libc-musl = " libucontext" -SRC_URI[sha256sum] = "96518814d9832bece92a85415a819d4893b307db5921ae1f0f751a9a89a56b7d" +SRC_URI[sha256sum] = "96c57558871a6748de5bc9f274e93f4b5aad06cd8f37befa0e8d94e7b8a423bc" PACKAGECONFIG ??= "" PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" diff --git a/poky/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service b/poky/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service index b6b81d5c1a..1ce19abcaf 100644 --- a/poky/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service +++ b/poky/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service @@ -7,7 +7,7 @@ Before=sysinit.target [Service] Type=oneshot ExecStart=#SBINDIR#/run-postinsts -ExecStartPost=#BASE_BINDIR#/systemctl --no-reload disable run-postinsts.service +ExecStartPost=#BASE_BINDIR#/systemctl disable run-postinsts.service RemainAfterExit=yes TimeoutSec=0 diff --git a/poky/meta/recipes-devtools/tcltk/tcl/alter-includedir.patch b/poky/meta/recipes-devtools/tcltk/tcl/alter-includedir.patch index bfc718cfd3..96d0ab2ad4 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl/alter-includedir.patch +++ b/poky/meta/recipes-devtools/tcltk/tcl/alter-includedir.patch @@ -1,4 +1,4 @@ -From 3130dca60636dc12d0d12df75b002fd123349e21 Mon Sep 17 00:00:00 2001 +From 27e5595c065ce3af687818555a882ab5e1dfbc2b Mon Sep 17 00:00:00 2001 From: Mingli Yu <mingli.yu@windriver.com> Date: Tue, 22 Nov 2022 18:48:27 +0800 Subject: [PATCH] tcl: update the header location @@ -19,6 +19,7 @@ to detect tcl doesn't find the header. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Mingli Yu <mingli.yu@windriver.com> + --- unix/Makefile.in | 2 +- unix/configure.in | 4 ++-- @@ -26,7 +27,7 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/unix/Makefile.in b/unix/Makefile.in -index a3b7d69..969ddb8 100644 +index 0b8179f..4824b28 100644 --- a/unix/Makefile.in +++ b/unix/Makefile.in @@ -57,7 +57,7 @@ SCRIPT_INSTALL_DIR = $(INSTALL_ROOT)$(TCL_LIBRARY) @@ -39,10 +40,10 @@ index a3b7d69..969ddb8 100644 # Path to the private tcl header dir: PRIVATE_INCLUDE_DIR = @PRIVATE_INCLUDE_DIR@ diff --git a/unix/configure.in b/unix/configure.in -index 4974fb6..a72934f 100644 +index 0354a0b..2d0c00f 100644 --- a/unix/configure.in +++ b/unix/configure.in -@@ -776,7 +776,7 @@ eval "TCL_LIB_FILE=libtcl${LIB_SUFFIX}" +@@ -774,7 +774,7 @@ eval "TCL_LIB_FILE=libtcl${LIB_SUFFIX}" eval "TCL_LIB_FILE=${TCL_LIB_FILE}" test -z "$TCL_LIBRARY" && TCL_LIBRARY='$(libdir)/tcl$(VERSION)' @@ -51,7 +52,7 @@ index 4974fb6..a72934f 100644 HTML_DIR='$(DISTDIR)/html' # Note: in the following variable, it's important to use the absolute -@@ -897,7 +897,7 @@ TCL_BUILD_STUB_LIB_PATH="`pwd`/${TCL_STUB_LIB_FILE}" +@@ -895,7 +895,7 @@ TCL_BUILD_STUB_LIB_PATH="`pwd`/${TCL_STUB_LIB_FILE}" TCL_STUB_LIB_PATH="${TCL_STUB_LIB_DIR}/${TCL_STUB_LIB_FILE}" # Install time header dir can be set via --includedir diff --git a/poky/meta/recipes-devtools/tcltk/tcl/fix_issue_with_old_distro_glibc.patch b/poky/meta/recipes-devtools/tcltk/tcl/fix_issue_with_old_distro_glibc.patch new file mode 100644 index 0000000000..2c31cec8e3 --- /dev/null +++ b/poky/meta/recipes-devtools/tcltk/tcl/fix_issue_with_old_distro_glibc.patch @@ -0,0 +1,39 @@ +Upstream-Status: Inappropriate [embedded specific] + +Fixes tcl target recipe build on old distros which have glibc older than 2.14 + +| + echo 'NOTE: make DESTDIR=/srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/image install' +| NOTE: make DESTDIR=/srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/image install +| + make DESTDIR=/srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/image install +| Making directory /srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/image/usr/lib +| Installing message catalogs +| Making directory /srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/image/usr/share/man +| tclsh: /lib64/libc.so.6: version `GLIBC_2.14' not found (required by /srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/tcl8.5.11/unix/libtcl8.5.so) +| Making directory /srv/home/nitin/builds/build-gcc47/tmp/work/x86_64-poky-linux/tcl-8.5.11-r5/image/usr/bin +| make: *** [install-msgs] Error 1 + +Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> +2012/04/26 + +Index: unix/Makefile.in +=================================================================== +--- a/unix.orig/Makefile.in 2013-11-10 23:38:01.787425628 -0800 ++++ b/unix/Makefile.in 2013-11-10 23:37:59.807425578 -0800 +@@ -686,7 +686,7 @@ + # tcltest executable gets the build directory burned into its ld search path. + # This keeps tcltest from picking up an already installed version of the Tcl + # library. +-SHELL_ENV = @LD_LIBRARY_PATH_VAR@=`pwd`:${@LD_LIBRARY_PATH_VAR@} \ ++SHELL_ENV = @LD_LIBRARY_PATH_VAR@=${@LD_LIBRARY_PATH_VAR@} \ + TCLLIBPATH="@abs_builddir@/pkgs" \ + TCL_LIBRARY="${TCL_BUILDTIME_LIBRARY}" + +@@ -712,7 +712,7 @@ + $(SHELL_ENV) ${TCLTEST_EXE} $(TOP_DIR)/tests/all.tcl $(TESTFLAGS) + + gdb-test: ${TCLTEST_EXE} +- @echo "set env @LD_LIBRARY_PATH_VAR@=`pwd`:$${@LD_LIBRARY_PATH_VAR@}" > gdb.run ++ @echo "set env @LD_LIBRARY_PATH_VAR@=$${@LD_LIBRARY_PATH_VAR@}" > gdb.run + @echo "set env TCL_LIBRARY=${TCL_BUILDTIME_LIBRARY}" >> gdb.run + @echo "set args $(TOP_DIR)/tests/all.tcl $(TESTFLAGS) -singleproc 1" >> gdb.run + $(GDB) ${TCLTEST_EXE} --command=gdb.run diff --git a/poky/meta/recipes-devtools/tcltk/tcl/fix_non_native_build_issue.patch b/poky/meta/recipes-devtools/tcltk/tcl/fix_non_native_build_issue.patch index 09c49daa2c..6dbef7077f 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl/fix_non_native_build_issue.patch +++ b/poky/meta/recipes-devtools/tcltk/tcl/fix_non_native_build_issue.patch @@ -1,18 +1,19 @@ -From 371aa300369e9ea3234cba22d5c0babc7d40dfdf Mon Sep 17 00:00:00 2001 +From 8a6c77cdd265fe7ce35929f58f1ade0c6bc4025b Mon Sep 17 00:00:00 2001 From: Nitin A Kamble <nitin.a.kamble@intel.com> Date: Fri, 13 Aug 2010 12:24:00 -0700 Subject: [PATCH] tcl: fix a build issue Upstream-Status: Inappropriate [upstream does not support installed tests] + --- unix/Makefile.in | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/unix/Makefile.in b/unix/Makefile.in -index 9dd053d..a3b7d69 100644 +index b110fe9..d7b35a8 100644 --- a/unix/Makefile.in +++ b/unix/Makefile.in -@@ -815,7 +815,7 @@ tcltest-real: +@@ -814,23 +814,23 @@ tcltest-real: test: test-tcl test-packages test-tcl: ${TCLTEST_EXE} @@ -20,11 +21,9 @@ index 9dd053d..a3b7d69 100644 + $(SHELL_ENV) ${TCLTEST_EXE} $(TOP_DIR)/tests/all.tcl $(TESTFLAGS) gdb-test: ${TCLTEST_EXE} - @printf '%s ' set env @LD_LIBRARY_PATH_VAR@=\"`pwd`$${@LD_LIBRARY_PATH_VAR@:+:$${@LD_LIBRARY_PATH_VAR}}\" > gdb.run -@@ -824,17 +824,17 @@ gdb-test: ${TCLTEST_EXE} - @printf '\n' >>gdb.run - @printf '%s ' set args $(call shquotequote,$(TOP_DIR))/tests/all.tcl\ - $(call shquotequote,$(TESTFLAGS)) -singleproc 1 >> gdb.run + @echo "set env @LD_LIBRARY_PATH_VAR@=`pwd`:$${@LD_LIBRARY_PATH_VAR@}" > gdb.run + @echo "set env TCL_LIBRARY=${TCL_BUILDTIME_LIBRARY}" >> gdb.run + @echo "set args $(TOP_DIR)/tests/all.tcl $(TESTFLAGS) -singleproc 1" >> gdb.run - $(GDB) ./${TCLTEST_EXE} --command=gdb.run + $(GDB) ${TCLTEST_EXE} --command=gdb.run rm gdb.run @@ -42,7 +41,7 @@ index 9dd053d..a3b7d69 100644 # The following target generates the shared libraries in dltest/ that are used # for testing; they are included as part of the "tcltest" target (via the -@@ -852,28 +852,28 @@ dltest.marker: ${STUB_LIB_FILE} +@@ -848,28 +848,28 @@ dltest.marker: ${STUB_LIB_FILE} # This target can be used to run tclsh from the build directory # via `make shell SCRIPT=/tmp/foo.tcl` shell: ${TCL_EXE} diff --git a/poky/meta/recipes-devtools/tcltk/tcl/interp.patch b/poky/meta/recipes-devtools/tcltk/tcl/interp.patch index 2e0dc94cff..95d6318f64 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl/interp.patch +++ b/poky/meta/recipes-devtools/tcltk/tcl/interp.patch @@ -1,19 +1,11 @@ -From 426aa2ff62dda77fd011e8f630b9d4ea17984817 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@arm.com> -Date: Mon, 12 Jul 2021 14:50:13 +0100 -Subject: [PATCH] tcl: fix race in interp.test - The interp-36.7 patch has race conditions and is missing cleanup. This patch by a Tcl maintainer should improve matters. Upstream-Status: Pending Signed-off-by: Ross Burton <ross.burton@arm.com> ---- - tests/interp.test | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/interp.test b/tests/interp.test -index d742484..fc90990 100644 +index d7424847f..fc90990f3 100644 --- a/tests/interp.test +++ b/tests/interp.test @@ -3595,17 +3595,18 @@ test interp-36.7 {ChildBgerror sets error handler of child [1999035]} -setup { diff --git a/poky/meta/recipes-devtools/tcltk/tcl/tcl-add-soname.patch b/poky/meta/recipes-devtools/tcltk/tcl/tcl-add-soname.patch index a0195e263c..3123d289a1 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl/tcl-add-soname.patch +++ b/poky/meta/recipes-devtools/tcltk/tcl/tcl-add-soname.patch @@ -1,19 +1,20 @@ -From b89fd73daf9b3eb2f889f65baba5f90d8a930c82 Mon Sep 17 00:00:00 2001 +From d6155ec08b355d64f1a7db407254d159037bb72a Mon Sep 17 00:00:00 2001 From: Richard Purdie <rpurdie@linux.intel.com> Date: Wed, 9 Dec 2009 23:59:44 +0000 Subject: [PATCH] tcl: Add tcltk from OE.dev but with legacy staging function Upstream-Status: Pending + --- unix/Makefile.in | 5 ++++- unix/tcl.m4 | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/unix/Makefile.in b/unix/Makefile.in -index 7619afc..9dd053d 100644 +index 398afd0..804532e 100644 --- a/unix/Makefile.in +++ b/unix/Makefile.in -@@ -904,7 +904,10 @@ install-binaries: binaries +@@ -893,7 +893,10 @@ install-binaries: binaries done @echo "Installing $(LIB_FILE) to $(DLL_INSTALL_DIR)/" @@INSTALL_LIB@ @@ -26,10 +27,10 @@ index 7619afc..9dd053d 100644 @$(INSTALL_PROGRAM) ${TCL_EXE} "$(BIN_INSTALL_DIR)/tclsh$(VERSION)${EXE_SUFFIX}" @echo "Installing tclConfig.sh to $(CONFIG_INSTALL_DIR)/" diff --git a/unix/tcl.m4 b/unix/tcl.m4 -index 0307a06..37c4d67 100644 +index f3d08ec..797c93f 100644 --- a/unix/tcl.m4 +++ b/unix/tcl.m4 -@@ -1378,6 +1378,9 @@ AC_DEFUN([SC_CONFIG_CFLAGS], [ +@@ -1382,6 +1382,9 @@ AC_DEFUN([SC_CONFIG_CFLAGS], [ # get rid of the warnings. #CFLAGS_OPTIMIZE="${CFLAGS_OPTIMIZE} -D__NO_STRING_INLINES -D__NO_MATH_INLINES" diff --git a/poky/meta/recipes-devtools/tcltk/tcl/tcl-remove-hardcoded-install-path.patch b/poky/meta/recipes-devtools/tcltk/tcl/tcl-remove-hardcoded-install-path.patch index 93e7877256..99c5faf02c 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl/tcl-remove-hardcoded-install-path.patch +++ b/poky/meta/recipes-devtools/tcltk/tcl/tcl-remove-hardcoded-install-path.patch @@ -1,4 +1,4 @@ -From 050fc597fbfa4da2c31bd0df58c871892a490470 Mon Sep 17 00:00:00 2001 +From 6efc98774681795712073c2b91e5e9d1763239b8 Mon Sep 17 00:00:00 2001 From: "Song.Li" <Song.Li@windriver.com> Date: Wed, 1 Aug 2012 19:05:51 +0800 Subject: [PATCH] tcl:install tcl to lib64 instead of lib on 64bit target @@ -13,14 +13,15 @@ Signed-off-by: Song.Li <Song.Li@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> --- - unix/configure.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) + configure | 2 +- + configure.in | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) -diff --git a/unix/configure.in b/unix/configure.in -index 4f62510..4974fb6 100644 ---- a/unix/configure.in -+++ b/unix/configure.in -@@ -775,7 +775,7 @@ eval "TCL_LIB_FILE=libtcl${LIB_SUFFIX}" +Index: unix/configure.in +=================================================================== +--- a/unix.orig/configure.in 2013-11-10 23:20:50.000000000 -0800 ++++ b/unix/configure.in 2013-11-10 23:39:41.199428131 -0800 +@@ -790,7 +790,7 @@ eval "TCL_LIB_FILE=${TCL_LIB_FILE}" diff --git a/poky/meta/recipes-devtools/tcltk/tcl_8.6.14.bb b/poky/meta/recipes-devtools/tcltk/tcl_8.6.13.bb index de4f5b878f..06bf900787 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl_8.6.14.bb +++ b/poky/meta/recipes-devtools/tcltk/tcl_8.6.13.bb @@ -19,12 +19,13 @@ BASE_SRC_URI = "${SOURCEFORGE_MIRROR}/tcl/tcl-core${PV}-src.tar.gz \ file://tcl-add-soname.patch" SRC_URI = "${BASE_SRC_URI} \ file://fix_non_native_build_issue.patch \ + file://fix_issue_with_old_distro_glibc.patch \ file://tcl-remove-hardcoded-install-path.patch \ file://alter-includedir.patch \ file://interp.patch \ file://run-ptest \ - " -SRC_URI[sha256sum] = "ff604f43862a778827d7ecd1ad7686950ac2ef48d9cf69d3424cea9de08d9a72" +" +SRC_URI[sha256sum] = "c61f0d6699e2bc7691f119b41963aaa8dc980f23532c4e937739832a5f4a6642" SRC_URI:class-native = "${BASE_SRC_URI}" diff --git a/poky/meta/recipes-devtools/vala/vala/0001-gtk4-Preserve-compatibility-with-4.14.patch b/poky/meta/recipes-devtools/vala/vala/0001-gtk4-Preserve-compatibility-with-4.14.patch new file mode 100644 index 0000000000..161474086e --- /dev/null +++ b/poky/meta/recipes-devtools/vala/vala/0001-gtk4-Preserve-compatibility-with-4.14.patch @@ -0,0 +1,39 @@ +From 17349020fb95454d06f827fd555b05248f10a370 Mon Sep 17 00:00:00 2001 +From: Rico Tzschichholz <ricotz@ubuntu.com> +Date: Thu, 7 Mar 2024 17:56:05 +0100 +Subject: [PATCH] gtk4: Preserve compatibility with < 4.14 + +Don't prefer new accessor methods for Calendar.day/month/year + +Fixes https://gitlab.gnome.org/GNOME/vala/issues/1531 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/vala/-/commit/e0c4ea8c4a0bbf859b5341a7465b395892789d9e] + +Signed-off-by: Markus Volk <f_l_k@t-online.de> +--- + vapi/gtk4.vapi | 3 +++ + vapi/metadata/Gtk-4.0.metadata | 5 +++++ + 2 files changed, 8 insertions(+) + +diff --git a/vapi/gtk4.vapi b/vapi/gtk4.vapi +index 49f8b2078..51ecea27d 100644 +--- a/vapi/gtk4.vapi ++++ b/vapi/gtk4.vapi +@@ -7350,11 +7350,14 @@ namespace Gtk { + [Version (since = "4.14")] + public void set_year (int year); + public void unmark_day (uint day); ++ [NoAccessorMethod] + public int day { get; set; } ++ [NoAccessorMethod] + public int month { get; set; } + public bool show_day_names { get; set; } + public bool show_heading { get; set; } + public bool show_week_numbers { get; set; } ++ [NoAccessorMethod] + public int year { get; set; } + public signal void day_selected (); + public signal void next_month (); +-- +2.44.0 + diff --git a/poky/meta/recipes-devtools/vala/vala_0.56.16.bb b/poky/meta/recipes-devtools/vala/vala_0.56.15.bb index 1c8e4fc673..915ddd8e4d 100644 --- a/poky/meta/recipes-devtools/vala/vala_0.56.16.bb +++ b/poky/meta/recipes-devtools/vala/vala_0.56.15.bb @@ -18,8 +18,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}" -SRC_URI = "http://ftp.gnome.org/pub/GNOME/sources/${BPN}/${SHRT_VER}/${BP}.tar.xz" -SRC_URI[sha256sum] = "05487b5600f5d2f09e66a753cccd8f39c1bff9f148aea1b7774d505b9c8bca9b" +SRC_URI = " \ + http://ftp.gnome.org/pub/GNOME/sources/${BPN}/${SHRT_VER}/${BP}.tar.xz \ + file://0001-gtk4-Preserve-compatibility-with-4.14.patch \ +" +SRC_URI[sha256sum] = "535b6452ed310fd5fb5c7dd6794b6213dac3b48e645e5bff3173741ec2cb3f2b" inherit autotools pkgconfig upstream-version-is-even diff --git a/poky/meta/recipes-extended/bash/bash/0001-fix-c99.patch b/poky/meta/recipes-extended/bash/bash/0001-fix-c99.patch new file mode 100644 index 0000000000..aa810f7d4e --- /dev/null +++ b/poky/meta/recipes-extended/bash/bash/0001-fix-c99.patch @@ -0,0 +1,41 @@ +From e9ed388e760ec33dcf9e72c639946c0d0abeec26 Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@arm.com> +Date: Wed, 19 Jun 2024 12:57:39 +0000 +Subject: [PATCH] Fix C99 problems + +Backport some fixes from upstream to fix configure checks that fail with GCC 14.1. + +Upstream-Status: Backport [devel branch] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + aclocal.m4 | 3 +++ + configure.ac | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/aclocal.m4 b/aclocal.m4 +index cc97bd4..7423b99 100644 +--- a/aclocal.m4 ++++ b/aclocal.m4 +@@ -238,6 +238,9 @@ AC_CACHE_VAL(bash_cv_dup2_broken, + #include <sys/types.h> + #include <fcntl.h> + #include <stdlib.h> ++#ifdef HAVE_UNISTD_H ++# include <unistd.h> ++#endif /* HAVE_UNISTD_H */ + int + main() + { +diff --git a/configure.ac b/configure.ac +index a3b5bd7..2a38c6b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -842,7 +842,7 @@ AC_CHECK_DECLS([strtold], [ + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[#include <stdlib.h>]], +- [[long double r; char *foo, bar; r = strtold(foo, &bar);]] ++ [[long double r; char *foo, *bar; r = strtold(foo, &bar);]] + )], + [bash_cv_strtold_broken=no],[bash_cv_strtold_broken=yes]) + ] diff --git a/poky/meta/recipes-extended/bash/bash/build-tests.patch b/poky/meta/recipes-extended/bash/bash/build-tests.patch index ea38bace9b..c1b9b8261f 100644 --- a/poky/meta/recipes-extended/bash/bash/build-tests.patch +++ b/poky/meta/recipes-extended/bash/bash/build-tests.patch @@ -4,7 +4,7 @@ Date: Wed, 19 Dec 2012 17:18:31 +0100 Subject: [PATCH] Add 'ptest' target to Makefile, to run tests without checking dependencies. -Upstream-Status: Pending +Upstream-Status: Inappropriate [ptest specific] Signed-off-by: Anders Roxell <anders.roxell@enea.com> Rebase to 5.0 diff --git a/poky/meta/recipes-extended/bash/bash/fix-filesubst-errexit.patch b/poky/meta/recipes-extended/bash/bash/fix-filesubst-errexit.patch new file mode 100644 index 0000000000..60f1852316 --- /dev/null +++ b/poky/meta/recipes-extended/bash/bash/fix-filesubst-errexit.patch @@ -0,0 +1,34 @@ +From 59ddfda14e3c9aa6286bb4c4c0748f7c1324a65a Mon Sep 17 00:00:00 2001 +From: Chet Ramey <chet.ramey@case.edu> +Date: Fri, 7 Apr 2023 00:28:46 -0700 +Subject: [PATCH] $(<nosuchfile) is no longer a fatal error with errexit + enabled + +This is a trimmed-down version of a commit in the bash 'devel' branch +[1] that contains this fix as well as other unrelated ones. + +[1] https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=ec9447ce9392a0f93d96789c3741285fede8a150 + +Upstream-Status: Backport + +Signed-off-by: Zev Weiss <zev@bewilderbeest.net> +--- + builtins/evalstring.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/builtins/evalstring.c b/builtins/evalstring.c +index df3dd68e2a7e..6612081cd646 100644 +--- a/builtins/evalstring.c ++++ b/builtins/evalstring.c +@@ -753,7 +753,7 @@ open_redir_file (r, fnp) + fd = open(fn, O_RDONLY); + if (fd < 0) + { +- file_error (fn); ++ internal_error ("%s: %s", fn, strerror (errno)); + free (fn); + if (fnp) + *fnp = 0; +-- +2.40.0 + diff --git a/poky/meta/recipes-extended/bash/bash_5.2.21.bb b/poky/meta/recipes-extended/bash/bash_5.2.21.bb index 46d921bbe6..ccfe5c47a7 100644 --- a/poky/meta/recipes-extended/bash/bash_5.2.21.bb +++ b/poky/meta/recipes-extended/bash/bash_5.2.21.bb @@ -13,6 +13,8 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ file://fix-run-builtins.patch \ file://use_aclocal.patch \ file://0001-changes-to-SIGINT-handler-while-waiting-for-a-child-.patch \ + file://fix-filesubst-errexit.patch \ + file://0001-fix-c99.patch \ " SRC_URI[tarball.sha256sum] = "c8e31bdc59b69aaffc5b36509905ba3e5cbb12747091d27b4b977f078560d5b8" diff --git a/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch b/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch index 20572b55c4..35229ae890 100644 --- a/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch +++ b/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch @@ -303,7 +303,7 @@ index 9396e1d..d0bb181 100644 + PWDICT tmp_pwp; + + memcpy(&tmp_pwp, pwp, sizeof(PWDICT)); -+ HwmsHostToBigEndian(tmp_pwp.hwms, sizeof(tmp_pwp.hwms), en_is32); ++ HwmsHostToBigEndian((char *)tmp_pwp.hwms, sizeof(tmp_pwp.hwms), en_is32); + fwrite(tmp_pwp.hwms, 1, sizeof(tmp_pwp.hwms), pwp->wfp); } } diff --git a/poky/meta/recipes-extended/cronie/cronie_1.7.1.bb b/poky/meta/recipes-extended/cronie/cronie_1.7.2.bb index 854b68163c..abdaff644d 100644 --- a/poky/meta/recipes-extended/cronie/cronie_1.7.1.bb +++ b/poky/meta/recipes-extended/cronie/cronie_1.7.2.bb @@ -25,7 +25,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/cronie-${PV}/cronie-${PV}.tar.gz \ PAM_SRC_URI = "file://crond_pam_config.patch" PAM_DEPS = "libpam libpam-runtime pam-plugin-access pam-plugin-loginuid" -SRC_URI[sha256sum] = "78033100c24413f0c40f93e6138774d6a4f55bc31050567b90db45a2f9f1b954" +SRC_URI[sha256sum] = "f1da374a15ba7605cf378347f96bc8b678d3d7c0765269c8242cfe5b0789c571" inherit autotools update-rc.d useradd systemd github-releases UPSTREAM_CHECK_REGEX = "releases/tag/cronie-(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-extended/cups/cups_2.4.7.bb b/poky/meta/recipes-extended/cups/cups_2.4.9.bb index f4b0282e4c..e0a3522004 100644 --- a/poky/meta/recipes-extended/cups/cups_2.4.7.bb +++ b/poky/meta/recipes-extended/cups/cups_2.4.9.bb @@ -2,4 +2,4 @@ require cups.inc LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI[sha256sum] = "dd54228dd903526428ce7e37961afaed230ad310788141da75cebaa08362cf6c" +SRC_URI[sha256sum] = "38fbf4535a10554113e013d54fedda03ee88007ea6a9761d626a04e1e4489e8c" diff --git a/poky/meta/recipes-extended/gawk/gawk/0001-m4-readline-add-missing-includes.patch b/poky/meta/recipes-extended/gawk/gawk/0001-m4-readline-add-missing-includes.patch new file mode 100644 index 0000000000..5be2fd97ee --- /dev/null +++ b/poky/meta/recipes-extended/gawk/gawk/0001-m4-readline-add-missing-includes.patch @@ -0,0 +1,38 @@ +From 4f4e84f139e2a8682f1374a592f2636c43ad857b Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@arm.com> +Date: Tue, 21 May 2024 15:10:11 +0000 +Subject: [PATCH] m4/readline: add missing includes + +The cross-specific code fragment only includes stdio.h, where the native +fragment also includes fcntl.h and unistd.h. This is important because +GCC 14.1 has made the implicit definitions an error: + +conftest.c: In function 'main': +conftest.c:144:9: error: implicit declaration of function 'close'; did you mean 'pclose'? [-Wimplicit-function-declaration] +conftest.c:146:14: error: implicit declaration of function 'open'; did you mean 'popen'? [-Wimplicit-function-declaration] + +Add the missing includes so that the check doesn't always fail due to +these errors. + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/bug-gawk/2024-05/msg00000.html] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + m4/readline.m4 | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/m4/readline.m4 b/m4/readline.m4 +index 38f96326..efd52d4e 100644 +--- a/m4/readline.m4 ++++ b/m4/readline.m4 +@@ -66,6 +66,8 @@ dnl action if false: + dnl action if cross compiling: + [AC_LINK_IFELSE( + [AC_LANG_PROGRAM([[#include <stdio.h> ++#include <fcntl.h> ++#include <unistd.h> + #include <readline/readline.h> + #include <readline/history.h>]], dnl includes + dnl function body +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/gawk/gawk_5.3.0.bb b/poky/meta/recipes-extended/gawk/gawk_5.3.0.bb index d7a0fc616d..e94cf19db4 100644 --- a/poky/meta/recipes-extended/gawk/gawk_5.3.0.bb +++ b/poky/meta/recipes-extended/gawk/gawk_5.3.0.bb @@ -16,6 +16,7 @@ PACKAGECONFIG[readline] = "--with-readline,--without-readline,readline" PACKAGECONFIG[mpfr] = "--with-mpfr,--without-mpfr, mpfr" SRC_URI = "${GNU_MIRROR}/gawk/gawk-${PV}.tar.gz \ + file://0001-m4-readline-add-missing-includes.patch \ file://run-ptest \ " diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch new file mode 100644 index 0000000000..692d35157f --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch @@ -0,0 +1,84 @@ +From 3b1735085ecef20b29e8db3416ab36de93e86d1f Mon Sep 17 00:00:00 2001 +From: Ken Sharp <Ken.Sharp@artifex.com> +Date: Thu, 21 Mar 2024 09:01:15 +0000 +Subject: [PATCH 5/5] Uniprint device - prevent string configuration changes + when SAFER + +Bug #707662 + +We cannot sanitise the string arguments used by the Uniprint device +because they can potentially include anything. + +This commit ensures that these strings are locked and cannot be +changed by PostScript once SAFER is activated. Full configuration from +the command line is still possible (see the *.upp files in lib). + +This addresses CVE-2024-29510 + +CVE: CVE-2024-29510 + +Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3b1735085ecef20b29e] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + devices/gdevupd.c | 31 +++++++++++++++++++++++++++++++ + 1 file changed, 31 insertions(+) + +diff --git a/devices/gdevupd.c b/devices/gdevupd.c +index 740dae0..a50571a 100644 +--- a/devices/gdevupd.c ++++ b/devices/gdevupd.c +@@ -1887,6 +1887,16 @@ out on this copies. + if(!upd_strings[i]) continue; + UPD_PARAM_READ(param_read_string,upd_strings[i],value,udev->memory); + if(0 == code) { ++ if (gs_is_path_control_active(udev->memory)) { ++ if (strings[i].size != value.size) ++ error = gs_error_invalidaccess; ++ else { ++ if (strings[i].data && memcmp(strings[i].data, value.data, strings[i].size) != 0) ++ error = gs_error_invalidaccess; ++ } ++ if (error < 0) ++ goto exit; ++ } + if(0 <= error) error |= UPD_PUT_STRINGS; + UPD_MM_DEL_PARAM(udev->memory, strings[i]); + if(!value.size) { +@@ -1904,6 +1914,26 @@ out on this copies. + if(!upd_string_a[i]) continue; + UPD_PARAM_READ(param_read_string_array,upd_string_a[i],value,udev->memory); + if(0 == code) { ++ if (gs_is_path_control_active(udev->memory)) { ++ if (string_a[i].size != value.size) ++ error = gs_error_invalidaccess; ++ else { ++ int loop; ++ for (loop = 0;loop < string_a[i].size;loop++) { ++ gs_param_string *tmp1 = (gs_param_string *)&(string_a[i].data[loop]); ++ gs_param_string *tmp2 = (gs_param_string *)&value.data[loop]; ++ ++ if (tmp1->size != tmp2->size) ++ error = gs_error_invalidaccess; ++ else { ++ if (tmp1->data && memcmp(tmp1->data, tmp2->data, tmp1->size) != 0) ++ error = gs_error_invalidaccess; ++ } ++ } ++ } ++ if (error < 0) ++ goto exit; ++ } + if(0 <= error) error |= UPD_PUT_STRING_A; + UPD_MM_DEL_APARAM(udev->memory, string_a[i]); + if(!value.size) { +@@ -2098,6 +2128,7 @@ transferred into the device-structure. In the case of "uniprint", this may + if(0 > code) error = code; + } + ++exit: + if(0 < error) { /* Actually something loaded without error */ + + if(!(upd = udev->upd)) { +-- +2.40.0 diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch new file mode 100644 index 0000000000..2f20c66ea3 --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch @@ -0,0 +1,39 @@ +From 5ae2e320d69a7d0973011796bd388cd5befa1a43 Mon Sep 17 00:00:00 2001 +From: Ken Sharp <Ken.Sharp@artifex.com> +Date: Tue, 26 Mar 2024 12:02:57 +0000 +Subject: [PATCH 2/5] Bug #707691 + +Part 1; when stripping a potential Current Working Dirctory specifier +from a path, make certain it really is a CWD, and not simply large +ebough to be a CWD. + +Reasons are in the bug thread, this is not (IMO) serious. + +This is part of the fix for CVE-2024-33869 + +CVE: CVE-2024-33869 + +Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5ae2e320d69a7d0973] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + base/gpmisc.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/base/gpmisc.c b/base/gpmisc.c +index c4a69b0..1d4d5d8 100644 +--- a/base/gpmisc.c ++++ b/base/gpmisc.c +@@ -1164,8 +1164,8 @@ gp_validate_path_len(const gs_memory_t *mem, + + continue; + } +- else if (code < 0 && cdirstrl > 0 && prefix_len == 0 && buffer == bufferfull) { +- buffer = bufferfull + cdirstrl + dirsepstrl; ++ else if (code < 0 && cdirstrl > 0 && prefix_len == 0 && buffer == bufferfull ++ && memcmp(buffer, cdirstr, cdirstrl) && !memcmp(buffer + cdirstrl, dirsepstr, dirsepstrl)) { + continue; + } + break; +-- +2.40.0 diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch new file mode 100644 index 0000000000..5dcbcca998 --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch @@ -0,0 +1,52 @@ +From f5336e5b4154f515ac83bc5b9eba94302e6618d4 Mon Sep 17 00:00:00 2001 +From: Ken Sharp <Ken.Sharp@artifex.com> +Date: Tue, 26 Mar 2024 12:07:18 +0000 +Subject: [PATCH 3/5] Bug 707691 part 2 + +See bug thread for details + +This is the second part of the fix for CVE-2024-33869 + +CVE: CVE-2024-33869 + +Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f5336e5b4154f515ac83] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + base/gpmisc.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/base/gpmisc.c b/base/gpmisc.c +index 1d4d5d8..b0d5c71 100644 +--- a/base/gpmisc.c ++++ b/base/gpmisc.c +@@ -1090,6 +1090,27 @@ gp_validate_path_len(const gs_memory_t *mem, + rlen = len; + } + else { ++ char *test = (char *)path, *test1; ++ uint tlen = len, slen; ++ ++ /* Look for any pipe (%pipe% or '|' specifications between path separators ++ * Reject any path spec which has a %pipe% or '|' anywhere except at the start. ++ */ ++ while (tlen > 0) { ++ if (test[0] == '|' || (tlen > 5 && memcmp(test, "%pipe", 5) == 0)) { ++ code = gs_note_error(gs_error_invalidfileaccess); ++ goto exit; ++ } ++ test1 = test; ++ slen = search_separator((const char **)&test, path + len, test1, 1); ++ if(slen == 0) ++ break; ++ test += slen; ++ tlen -= test - test1; ++ if (test >= path + len) ++ break; ++ } ++ + rlen = len+1; + bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + prefix_len, "gp_validate_path"); + if (bufferfull == NULL) +-- +2.40.0 diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch new file mode 100644 index 0000000000..9c2b9dcfa2 --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch @@ -0,0 +1,99 @@ +From 79aef19c685984dc3da2dc090450407d9fbcff80 Mon Sep 17 00:00:00 2001 +From: Ken Sharp <Ken.Sharp@artifex.com> +Date: Tue, 26 Mar 2024 12:00:14 +0000 +Subject: [PATCH 1/5] Bug #707686 + +See bug thread for details + +In addition to the noted bug; an error path (return from +gp_file_name_reduce not successful) could elad to a memory leak as we +did not free 'bufferfull'. Fix that too. + +This addresses CVE-2024-33870 + +CVE: CVE-2024-33870 + +Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=79aef19c685984dc] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + base/gpmisc.c | 36 ++++++++++++++++++++++++++++++++---- + 1 file changed, 32 insertions(+), 4 deletions(-) + +diff --git a/base/gpmisc.c b/base/gpmisc.c +index 2b0064b..c4a69b0 100644 +--- a/base/gpmisc.c ++++ b/base/gpmisc.c +@@ -1,4 +1,4 @@ +-/* Copyright (C) 2001-2023 Artifex Software, Inc. ++/* Copyright (C) 2001-2024 Artifex Software, Inc. + All Rights Reserved. + + This software is provided AS-IS with no warranty, either express or +@@ -1042,7 +1042,7 @@ gp_validate_path_len(const gs_memory_t *mem, + const uint len, + const char *mode) + { +- char *buffer, *bufferfull; ++ char *buffer, *bufferfull = NULL; + uint rlen; + int code = 0; + const char *cdirstr = gp_file_name_current(); +@@ -1096,8 +1096,10 @@ gp_validate_path_len(const gs_memory_t *mem, + return gs_error_VMerror; + + buffer = bufferfull + prefix_len; +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) { ++ code = gs_note_error(gs_error_invalidfileaccess); ++ goto exit; ++ } + buffer[rlen] = 0; + } + while (1) { +@@ -1132,9 +1134,34 @@ gp_validate_path_len(const gs_memory_t *mem, + code = gs_note_error(gs_error_invalidfileaccess); + } + if (code < 0 && prefix_len > 0 && buffer > bufferfull) { ++ uint newlen = rlen + cdirstrl + dirsepstrl; ++ char *newbuffer; ++ int code; ++ + buffer = bufferfull; + memcpy(buffer, cdirstr, cdirstrl); + memcpy(buffer + cdirstrl, dirsepstr, dirsepstrl); ++ ++ /* We've prepended a './' or similar for the current working directory. We need ++ * to execute file_name_reduce on that, to eliminate any '../' or similar from ++ * the (new) full path. ++ */ ++ newbuffer = (char *)gs_alloc_bytes(mem->thread_safe_memory, newlen + 1, "gp_validate_path"); ++ if (newbuffer == NULL) { ++ code = gs_note_error(gs_error_VMerror); ++ goto exit; ++ } ++ ++ memcpy(newbuffer, buffer, rlen + cdirstrl + dirsepstrl); ++ newbuffer[newlen] = 0x00; ++ ++ code = gp_file_name_reduce(newbuffer, (uint)newlen, buffer, &newlen); ++ gs_free_object(mem->thread_safe_memory, newbuffer, "gp_validate_path"); ++ if (code != gp_combine_success) { ++ code = gs_note_error(gs_error_invalidfileaccess); ++ goto exit; ++ } ++ + continue; + } + else if (code < 0 && cdirstrl > 0 && prefix_len == 0 && buffer == bufferfull) { +@@ -1153,6 +1180,7 @@ gp_validate_path_len(const gs_memory_t *mem, + gs_path_control_flag_is_scratch_file); + } + ++exit: + gs_free_object(mem->thread_safe_memory, bufferfull, "gp_validate_path"); + #ifdef EACCES + if (code == gs_error_invalidfileaccess) +-- +2.40.0 diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871.patch new file mode 100644 index 0000000000..abe6384997 --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871.patch @@ -0,0 +1,43 @@ +From 7145885041bb52cc23964f0aa2aec1b1c82b5908 Mon Sep 17 00:00:00 2001 +From: Zdenek Hutyra <zhutyra@centrum.cz> +Date: Mon, 22 Apr 2024 13:33:47 +0100 +Subject: [PATCH 4/5] OPVP device - prevent unsafe parameter change with SAFER + +Bug #707754 "OPVP device - Arbitrary code execution via custom Driver library" + +The "Driver" parameter for the "opvp"/"oprp" device specifies the name +of a dynamic library and allows any library to be loaded. + +The patch does not allow changing this parameter after activating path +control. + +This addresses CVE-2024-33871 + +CVE: CVE-2024-33871 + +Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7145885041bb52cc2396] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + contrib/opvp/gdevopvp.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/contrib/opvp/gdevopvp.c b/contrib/opvp/gdevopvp.c +index 74200cf..80eb23b 100644 +--- a/contrib/opvp/gdevopvp.c ++++ b/contrib/opvp/gdevopvp.c +@@ -3456,6 +3456,12 @@ _put_params(gx_device *dev, gs_param_list *plist) + code = param_read_string(plist, pname, &vdps); + switch (code) { + case 0: ++ if (gs_is_path_control_active(dev->memory) ++ && (!opdev->globals.vectorDriver || strlen(opdev->globals.vectorDriver) != vdps.size ++ || memcmp(opdev->globals.vectorDriver, vdps.data, vdps.size) != 0)) { ++ param_signal_error(plist, pname, gs_error_invalidaccess); ++ return_error(gs_error_invalidaccess); ++ } + buff = realloc(buff, vdps.size + 1); + memcpy(buff, vdps.data, vdps.size); + buff[vdps.size] = 0; +-- +2.40.0 diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/avoid-host-contamination.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/avoid-host-contamination.patch index 67f14bd368..15c7eb5a77 100644 --- a/poky/meta/recipes-extended/ghostscript/ghostscript/avoid-host-contamination.patch +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/avoid-host-contamination.patch @@ -1,7 +1,7 @@ -From b36713c8f1ba0e5755b78845a433354a63663b1a Mon Sep 17 00:00:00 2001 +From 0ccbaa134093bf6afc79f2d20d061bca5a8754ed Mon Sep 17 00:00:00 2001 From: Kai Kang <kai.kang@windriver.com> Date: Thu, 29 Mar 2018 16:02:05 +0800 -Subject: [PATCH] avoid host contamination +Subject: [PATCH 04/10] avoid host contamination Remove hardcode path refer to host to avoid host contamination. @@ -15,10 +15,10 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/devs.mak b/devices/devs.mak -index 186f704..88ab8c9 100644 +index 846aa50..9570182 100644 --- a/devices/devs.mak +++ b/devices/devs.mak -@@ -397,7 +397,7 @@ $(DEVOBJ)gdevxalt.$(OBJ) : $(DEVSRC)gdevxalt.c $(GDEVX) $(math__h) $(memory__h)\ +@@ -393,7 +393,7 @@ $(DEVOBJ)gdevxalt.$(OBJ) : $(DEVSRC)gdevxalt.c $(GDEVX) $(math__h) $(memory__h)\ ### NON PORTABLE, ONLY UNIX WITH GCC SUPPORT $(DEVOBJ)X11.so : $(x11alt_) $(x11_) $(DEVS_MAK) $(MAKEDIRS) @@ -27,3 +27,6 @@ index 186f704..88ab8c9 100644 ###### --------------- Memory-buffered printer devices --------------- ###### +-- +1.8.3.1 + diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/configure.ac-add-option-to-explicitly-disable-neon.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/configure.ac-add-option-to-explicitly-disable-neon.patch new file mode 100644 index 0000000000..7873396045 --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/configure.ac-add-option-to-explicitly-disable-neon.patch @@ -0,0 +1,99 @@ +From fd37229a17822c5ad21a369f670b8a6f6cc6b95b Mon Sep 17 00:00:00 2001 +From: Benjamin Bara <benjamin.bara@skidata.com> +Date: Mon, 4 Sep 2023 12:16:39 +0200 +Subject: [PATCH] configure.ac: add option to explicitly disable neon + +Uncomment an already existing possibility to explicitly disable neon and +use it on both implemented neon checks. + +Upstream-Status: Submitted [https://bugs.ghostscript.com/show_bug.cgi?id=707097] + +Signed-off-by: Benjamin Bara <benjamin.bara@skidata.com> +--- + configure.ac | 52 +++++++++++++++++++++++++++++----------------------- + 1 file changed, 29 insertions(+), 23 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 09d881dd1..62718e15e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -749,6 +749,33 @@ SUBCONFIG_OPTS="--build=$build --host=$host" + # SUBCONFIG_OPTS="$SUBCONFIG_OPTS --host=$host_alias" + #fi + ++dnl -------------------------------------------------- ++dnl Check for NEON support ++dnl -------------------------------------------------- ++save_cflags=$CFLAGS ++AC_MSG_CHECKING([neon support]) ++CFLAGS="$save_cflags $OPT_CFLAGS -mfpu=neon -mcpu=cortex-a53" ++HAVE_NEON="" ++AC_LINK_IFELSE( ++ [AC_LANG_PROGRAM([#include "arm_neon.h"], [ ++ int32x4_t round = vdupq_n_s32(10); ++ return(0); ++ ])], ++ [HAVE_NEON="-DHAVE_NEON"], [HAVE_NEON=""]) ++ ++AC_ARG_ENABLE([neon], AS_HELP_STRING([--disable-neon], ++ [Do not use neon instrinsics]), [ ++ if test "x$enable_neon" = xno; then ++ HAVE_NEON="" ++ fi]) ++ ++if test "x$HAVE_NEON" != x; then ++ AC_MSG_RESULT(yes) ++else ++ AC_MSG_RESULT(no) ++fi ++CFLAGS=$save_cflags ++ + dnl -------------------------------------------------- + dnl Check for libraries + dnl -------------------------------------------------- +@@ -971,11 +998,12 @@ if test x$with_tesseract != xno; then + [TESS_NEON="-mfpu=neon -mcpu=cortex-a53 -D__ARM_NEON__"], + [TESS_NEON=""]) + +- if test "x$TESS_NEON" != x; then ++ if test "x$TESS_NEON" != x && test "x$enable_neon" != xno; then + AC_MSG_RESULT(yes) + TESS_CXXFLAGS="$TESS_CXXFLAGS -DHAVE_NEON" + else + AC_MSG_RESULT(no) ++ TESS_NEON="" + fi + + CXXFLAGS="$save_cxxflags" +@@ -2387,28 +2415,6 @@ if test x$WITH_CAL != x0; then + AC_MSG_RESULT(no) + fi + +- AC_MSG_CHECKING([neon support]) +- CFLAGS="$save_cflags $OPT_CFLAGS -mfpu=neon -mcpu=cortex-a53" +- HAVE_NEON="" +- AC_LINK_IFELSE( +- [AC_LANG_PROGRAM([#include "arm_neon.h"], [ +- int32x4_t round = vdupq_n_s32(10); +- return(0); +- ])], +- [HAVE_NEON="-DHAVE_NEON"], [HAVE_NEON=""]) +- +- #AC_ARG_ENABLE([neon], AS_HELP_STRING([--disable-neon], +- # [Do not use neon instrinsics]), [ +- # if test "x$enable_neon" = xno; then +- # HAVE_NEON="" +- # fi]) +- +- if test "x$HAVE_NEON" != x; then +- AC_MSG_RESULT(yes) +- else +- AC_MSG_RESULT(no) +- fi +- + #AC_SUBST(HAVE_SSE4_2) + #AC_SUBST(HAVE_NEON) + CFLAGS=$save_cflags +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb b/poky/meta/recipes-extended/ghostscript/ghostscript_10.02.1.bb index ff7d38676e..db9481816a 100644 --- a/poky/meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb +++ b/poky/meta/recipes-extended/ghostscript/ghostscript_10.02.1.bb @@ -25,9 +25,15 @@ def gs_verdir(v): SRC_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${@gs_verdir("${PV}")}/${BPN}-${PV}.tar.gz \ file://ghostscript-9.16-Werror-return-type.patch \ file://avoid-host-contamination.patch \ + file://configure.ac-add-option-to-explicitly-disable-neon.patch \ + file://CVE-2024-33870.patch \ + file://CVE-2024-33869-0001.patch \ + file://CVE-2024-33869-0002.patch \ + file://CVE-2024-33871.patch \ + file://CVE-2024-29510.patch \ " -SRC_URI[sha256sum] = "6f2bc61023469fcf7c7c2d7f1bdd75b75f2b41836aa1d5e641396246d4abbb59" +SRC_URI[sha256sum] = "e429e4f5b01615a4f0f93a4128e8a1a4d932dff983b1774174c79c0630717ad9" PACKAGECONFIG ??= "" PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+3" diff --git a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb index 74f3520eae..98cd4d8103 100644 --- a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb +++ b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb @@ -6,7 +6,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" SRC_URI = "git://go.googlesource.com/example;branch=master;protocol=https" -SRCREV = "32022caedd6a177a7717aa8680cbe179e1045935" +SRCREV = "d9923f6970e9ba7e0d23aa9448ead71ea57235ae" UPSTREAM_CHECK_COMMITS = "1" GO_IMPORT = "golang.org/x/example" diff --git a/poky/meta/recipes-extended/iputils/iputils_20240117.bb b/poky/meta/recipes-extended/iputils/iputils_20240117.bb index 5a5e15528e..3880689742 100644 --- a/poky/meta/recipes-extended/iputils/iputils_20240117.bb +++ b/poky/meta/recipes-extended/iputils/iputils_20240117.bb @@ -35,7 +35,11 @@ ALTERNATIVE_PRIORITY = "100" ALTERNATIVE:${PN}-ping = "ping" ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" -SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff" +ALTERNATIVE:${PN}-ping6 = "ping6" +ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6" + +SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ping6', '', d)}" PACKAGES += "${SPLITPKGS}" ALLOW_EMPTY:${PN} = "1" @@ -43,6 +47,13 @@ RDEPENDS:${PN} += "${SPLITPKGS}" FILES:${PN} = "" FILES:${PN}-ping = "${base_bindir}/ping.${BPN}" +FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}" FILES:${PN}-arping = "${base_bindir}/arping" FILES:${PN}-tracepath = "${base_bindir}/tracepath" FILES:${PN}-clockdiff = "${base_bindir}/clockdiff" + +do_install:append() { + if ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'true', 'false', d)}; then + ln -sf ping ${D}/${base_bindir}/ping6 + fi +} diff --git a/poky/meta/recipes-extended/libarchive/libarchive/configurehack.patch b/poky/meta/recipes-extended/libarchive/libarchive/configurehack.patch index f3989d99eb..44720fdd53 100644 --- a/poky/meta/recipes-extended/libarchive/libarchive/configurehack.patch +++ b/poky/meta/recipes-extended/libarchive/libarchive/configurehack.patch @@ -2,12 +2,15 @@ To work with autoconf 2.73, tweak the macro ordering in configure.in. Upstream-Status: Pending Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> +--- + configure.ac | 26 +++++++++++++------------- + 1 file changed, 13 insertions(+), 13 deletions(-) -Index: libarchive-3.6.2/configure.ac -=================================================================== ---- libarchive-3.6.2.orig/configure.ac -+++ libarchive-3.6.2/configure.ac -@@ -357,6 +357,19 @@ if test "x$with_bz2lib" != "xno"; then +diff --git a/configure.ac b/configure.ac +index 5668d41..7e65e49 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -414,6 +414,19 @@ if test "x$with_bz2lib" != "xno"; then esac fi @@ -27,9 +30,9 @@ Index: libarchive-3.6.2/configure.ac AC_ARG_WITH([libb2], AS_HELP_STRING([--without-libb2], [Don't build support for BLAKE2 through libb2])) -@@ -558,19 +571,6 @@ LDFLAGS=$save_LDFLAGS +@@ -678,19 +691,6 @@ fi - AC_SUBST(GC_SECTIONS) + AC_SUBST(DEAD_CODE_REMOVAL) -# Checks for typedefs, structures, and compiler characteristics. -AC_C_CONST @@ -47,3 +50,5 @@ Index: libarchive-3.6.2/configure.ac # Check for tm_gmtoff in struct tm AC_CHECK_MEMBERS([struct tm.tm_gmtoff, struct tm.__tm_gmtoff],,, [ +-- +2.40.0 diff --git a/poky/meta/recipes-extended/libarchive/libarchive_3.7.2.bb b/poky/meta/recipes-extended/libarchive/libarchive_3.7.4.bb index 91f521fa4d..da85764116 100644 --- a/poky/meta/recipes-extended/libarchive/libarchive_3.7.2.bb +++ b/poky/meta/recipes-extended/libarchive/libarchive_3.7.4.bb @@ -33,7 +33,7 @@ SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz" SRC_URI += "file://configurehack.patch" UPSTREAM_CHECK_URI = "http://libarchive.org/" -SRC_URI[sha256sum] = "df404eb7222cf30b4f8f93828677890a2986b66ff8bf39dac32a804e96ddf104" +SRC_URI[sha256sum] = "7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8" CVE_STATUS[CVE-2023-30571] = "upstream-wontfix: upstream has documented that reported function is not thread-safe" diff --git a/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.75.bb b/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.74.bb index fc3b7e005d..7460d3d716 100644 --- a/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.75.bb +++ b/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.74.bb @@ -16,7 +16,7 @@ SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.t file://lighttpd \ " -SRC_URI[sha256sum] = "8b721ca939d312afaa6ef31dcbd6afb5161ed385ac828e6fccd4c5b76be189d6" +SRC_URI[sha256sum] = "5c08736e83088f7e019797159f306e88ec729abe976dc98fb3bed71b9d3e53b5" DEPENDS = "virtual/crypt" diff --git a/poky/meta/recipes-extended/ltp/ltp/0001-sched_stress-Use-time_t-instead-of-long-for-type.patch b/poky/meta/recipes-extended/ltp/ltp/0001-sched_stress-Use-time_t-instead-of-long-for-type.patch new file mode 100644 index 0000000000..ae8dc8706e --- /dev/null +++ b/poky/meta/recipes-extended/ltp/ltp/0001-sched_stress-Use-time_t-instead-of-long-for-type.patch @@ -0,0 +1,54 @@ +From 74074f9a71c876d6e95c2d72702888dd2fabc761 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 6 May 2024 11:43:20 -0700 +Subject: [PATCH] sched_stress: Use time_t instead of long for type + +This ensures it works across different architectures +Fixes + +| sched_driver.c:744:43: error: passing argument 1 of 'ctime' from incompatible pointer type [-Wincompatible-pointer-types] +| 744 | printf("\nend time = %s\n", ctime(&end_time)); +| | ^~~~~~~~~ + +With gcc-14 + +Upstream-Status: Backport [https://github.com/linux-test-project/ltp/commit/0a682f1af42d8d261202821be580fe26d17ee9b7] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + testcases/kernel/sched/sched_stress/sched_driver.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/testcases/kernel/sched/sched_stress/sched_driver.c b/testcases/kernel/sched/sched_stress/sched_driver.c +index 61573d788..5b8c187fe 100644 +--- a/testcases/kernel/sched/sched_stress/sched_driver.c ++++ b/testcases/kernel/sched/sched_stress/sched_driver.c +@@ -136,7 +136,7 @@ int debug = 0; + /* + * Function prototypes + */ +-void startup(long); ++void startup(time_t); + int start_testcase(char *, char *, char *, char *, char *, char *); + int process_slots_in_use(); + int available_user_process_slots(); +@@ -251,7 +251,7 @@ int main(int argc, char **argv) + * information to the screen and . It also initializes the * + * process id list and other global variables. * + *-----------------------------------------------------------------------*/ +-void startup(long start_time) ++void startup(time_t start_time) + { + char tempbuffer[50]; /* temporary buffer to hold names */ + +@@ -734,7 +734,7 @@ void kill_short_term_testcases() + void finishup(start_time) + long start_time; /* starting time to calculate elapsed time */ + { +- long end_time; /* time when program finished */ ++ time_t end_time; /* time when program finished */ + + /* + * Get the end time and calculate elapsed time; write all this out +-- +2.45.0 + diff --git a/poky/meta/recipes-extended/ltp/ltp_20240129.bb b/poky/meta/recipes-extended/ltp/ltp_20240129.bb index 3e896957d1..f8e6d3987e 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20240129.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20240129.bb @@ -29,6 +29,7 @@ SRCREV = "68737d20556d37364c95776044b1119c0912a36a" SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=https \ file://0001-Remove-OOM-tests-from-runtest-mm.patch \ file://0001-scenario_groups-default-remove-connectors.patch \ + file://0001-sched_stress-Use-time_t-instead-of-long-for-type.patch \ " S = "${WORKDIR}/git" @@ -98,6 +99,7 @@ RDEPENDS:${PN} = "\ gdb \ gzip \ iproute2 \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'iputils-ping6', '', d)} \ ldd \ libaio \ logrotate \ diff --git a/poky/meta/recipes-extended/lzip/lzip_1.24.1.bb b/poky/meta/recipes-extended/lzip/lzip_1.24.bb index 6eda012734..73040a6f00 100644 --- a/poky/meta/recipes-extended/lzip/lzip_1.24.1.bb +++ b/poky/meta/recipes-extended/lzip/lzip_1.24.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=76d6e300ffd8fb9d18bd9b136a9bba13 \ " SRC_URI = "${SAVANNAH_GNU_MIRROR}/lzip/lzip-${PV}.tar.gz" -SRC_URI[sha256sum] = "30c9cb6a0605f479c496c376eb629a48b0a1696d167e3c1e090c5defa481b162" +SRC_URI[sha256sum] = "d42659229b10e066eeb6e81eb673cdd893b672e512d26719c2d95975556ca56c" B = "${WORKDIR}/build" do_configure[cleandirs] = "${B}" diff --git a/poky/meta/recipes-extended/man-db/files/0001-man-Move-local-variable-declaration-to-function-scop.patch b/poky/meta/recipes-extended/man-db/files/0001-man-Move-local-variable-declaration-to-function-scop.patch index 57ecd48b1f..dc6966629c 100644 --- a/poky/meta/recipes-extended/man-db/files/0001-man-Move-local-variable-declaration-to-function-scop.patch +++ b/poky/meta/recipes-extended/man-db/files/0001-man-Move-local-variable-declaration-to-function-scop.patch @@ -1,4 +1,4 @@ -From e4125223631f0d555fc327da6d8705bcc8ee5ba5 Mon Sep 17 00:00:00 2001 +From 126dfefb5fddf411ad0a1316209e9c1b47abfcd2 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Wed, 9 Feb 2022 17:30:16 -0800 Subject: [PATCH] man: Move local variable declaration to function scope @@ -10,15 +10,16 @@ code without changing the logic, until its fixed in clang Upstream-Status: Inappropriate [Inappropriate: Clang bug] Signed-off-by: Khem Raj <raj.khem@gmail.com> + --- src/man.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/man.c b/src/man.c -index 195d35d..6870989 100644 +index f16fae8..333df03 100644 --- a/src/man.c +++ b/src/man.c -@@ -379,7 +379,7 @@ static void init_html_pager (void) +@@ -352,7 +352,7 @@ static void init_html_pager (void) static error_t parse_opt (int key, char *arg, struct argp_state *state) { static bool apropos, whatis; /* retain values between calls */ @@ -27,7 +28,7 @@ index 195d35d..6870989 100644 /* Please keep these keys in the same order as in options above. */ switch (key) { case 'C': -@@ -411,7 +411,7 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state) +@@ -384,7 +384,7 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state) case OPT_WARNINGS: #ifdef NROFF_WARNINGS { diff --git a/poky/meta/recipes-extended/man-db/man-db_2.12.1.bb b/poky/meta/recipes-extended/man-db/man-db_2.12.0.bb index 27b47a7f47..19dbb41d16 100644 --- a/poky/meta/recipes-extended/man-db/man-db_2.12.1.bb +++ b/poky/meta/recipes-extended/man-db/man-db_2.12.0.bb @@ -11,7 +11,7 @@ SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/man-db/man-db-${PV}.tar.xz \ file://99_mandb \ file://0001-man-Move-local-variable-declaration-to-function-scop.patch \ " -SRC_URI[sha256sum] = "ddee249daeb78cf92bab794ccd069cc8b575992265ea20e239e887156e880265" +SRC_URI[sha256sum] = "415a6284a22764ad22ff0f66710d853be7790dd451cd71436e3d25c74d996a95" DEPENDS = "libpipeline gdbm groff-native base-passwd" RDEPENDS:${PN} += "base-passwd" diff --git a/poky/meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch b/poky/meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch new file mode 100644 index 0000000000..cea435f83b --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch @@ -0,0 +1,148 @@ +From ca458f4dcc4de9403298f67543466ce4bbc8f8ae Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:07 -0600 +Subject: [PATCH 1/4] DDF: Cleanup validate_geometry_ddf_container() + +Move the function up so that the function declaration is not necessary +and remove the unused arguments to the function. + +No functional changes are intended but will help with a bug fix in the +next patch. + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=679bd9508a30 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + super-ddf.c | 88 ++++++++++++++++++++++++----------------------------- + 1 file changed, 39 insertions(+), 49 deletions(-) + +diff --git a/super-ddf.c b/super-ddf.c +index 3f304cd..65cf727 100644 +--- a/super-ddf.c ++++ b/super-ddf.c +@@ -503,13 +503,6 @@ struct ddf_super { + static int load_super_ddf_all(struct supertype *st, int fd, + void **sbp, char *devname); + static int get_svd_state(const struct ddf_super *, const struct vcl *); +-static int +-validate_geometry_ddf_container(struct supertype *st, +- int level, int layout, int raiddisks, +- int chunk, unsigned long long size, +- unsigned long long data_offset, +- char *dev, unsigned long long *freesize, +- int verbose); + + static int validate_geometry_ddf_bvd(struct supertype *st, + int level, int layout, int raiddisks, +@@ -3322,6 +3315,42 @@ static int reserve_space(struct supertype *st, int raiddisks, + return 1; + } + ++static int ++validate_geometry_ddf_container(struct supertype *st, ++ int level, int raiddisks, ++ unsigned long long data_offset, ++ char *dev, unsigned long long *freesize, ++ int verbose) ++{ ++ int fd; ++ unsigned long long ldsize; ++ ++ if (level != LEVEL_CONTAINER) ++ return 0; ++ if (!dev) ++ return 1; ++ ++ fd = dev_open(dev, O_RDONLY|O_EXCL); ++ if (fd < 0) { ++ if (verbose) ++ pr_err("ddf: Cannot open %s: %s\n", ++ dev, strerror(errno)); ++ return 0; ++ } ++ if (!get_dev_size(fd, dev, &ldsize)) { ++ close(fd); ++ return 0; ++ } ++ close(fd); ++ if (freesize) { ++ *freesize = avail_size_ddf(st, ldsize >> 9, INVALID_SECTORS); ++ if (*freesize == 0) ++ return 0; ++ } ++ ++ return 1; ++} ++ + static int validate_geometry_ddf(struct supertype *st, + int level, int layout, int raiddisks, + int *chunk, unsigned long long size, +@@ -3347,11 +3376,9 @@ static int validate_geometry_ddf(struct supertype *st, + level = LEVEL_CONTAINER; + if (level == LEVEL_CONTAINER) { + /* Must be a fresh device to add to a container */ +- return validate_geometry_ddf_container(st, level, layout, +- raiddisks, *chunk, +- size, data_offset, dev, +- freesize, +- verbose); ++ return validate_geometry_ddf_container(st, level, raiddisks, ++ data_offset, dev, ++ freesize, verbose); + } + + if (!dev) { +@@ -3449,43 +3476,6 @@ static int validate_geometry_ddf(struct supertype *st, + return 1; + } + +-static int +-validate_geometry_ddf_container(struct supertype *st, +- int level, int layout, int raiddisks, +- int chunk, unsigned long long size, +- unsigned long long data_offset, +- char *dev, unsigned long long *freesize, +- int verbose) +-{ +- int fd; +- unsigned long long ldsize; +- +- if (level != LEVEL_CONTAINER) +- return 0; +- if (!dev) +- return 1; +- +- fd = dev_open(dev, O_RDONLY|O_EXCL); +- if (fd < 0) { +- if (verbose) +- pr_err("ddf: Cannot open %s: %s\n", +- dev, strerror(errno)); +- return 0; +- } +- if (!get_dev_size(fd, dev, &ldsize)) { +- close(fd); +- return 0; +- } +- close(fd); +- if (freesize) { +- *freesize = avail_size_ddf(st, ldsize >> 9, INVALID_SECTORS); +- if (*freesize == 0) +- return 0; +- } +- +- return 1; +-} +- + static int validate_geometry_ddf_bvd(struct supertype *st, + int level, int layout, int raiddisks, + int *chunk, unsigned long long size, +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch b/poky/meta/recipes-extended/mdadm/files/0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch new file mode 100644 index 0000000000..9e3a30be23 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch @@ -0,0 +1,52 @@ +From 82c893bb9e01f914a6bdef1bef943af746cfc3e1 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 15 Jan 2023 12:42:18 -0800 +Subject: [PATCH] Define alignof using _Alignof when using C11 or newer + +WG14 N2350 made very clear that it is an UB having type definitions +within "offsetof" [1]. This patch enhances the implementation of macro +alignof_slot to use builtin "_Alignof" to avoid undefined behavior on +when using std=c11 or newer + +clang 16+ has started to flag this [2] + +Fixes build when using -std >= gnu11 and using clang16+ + +Older compilers gcc < 4.9 or clang < 8 has buggy _Alignof even though it +may support C11, exclude those compilers too + +[1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2350.htm +[2] https://reviews.llvm.org/D133574 + +Upstream-Status: Submitted [https://lore.kernel.org/linux-raid/20230118083236.24418-1-raj.khem@gmail.com/T/#u] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + sha1.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/sha1.c b/sha1.c +index 89b32f4..1e4ad5d 100644 +--- a/sha1.c ++++ b/sha1.c +@@ -229,7 +229,17 @@ sha1_process_bytes (const void *buffer, size_t len, struct sha1_ctx *ctx) + if (len >= 64) + { + #if !_STRING_ARCH_unaligned +-# define alignof(type) offsetof (struct { char c; type x; }, x) ++/* GCC releases before GCC 4.9 had a bug in _Alignof. See GCC bug 52023 ++ <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>. ++ clang versions < 8.0.0 have the same bug. */ ++# if (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112 \ ++ || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9) \ ++ && !defined __clang__) \ ++ || (defined __clang__ && __clang_major__ < 8)) ++# define alignof(type) offsetof (struct { char c; type x; }, x) ++# else ++# define alignof(type) _Alignof(type) ++# endif + # define UNALIGNED_P(p) (((size_t) p) % alignof (sha1_uint32) != 0) + if (UNALIGNED_P (buffer)) + while (len > 64) +-- +2.39.0 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-Fix-parsing-of-r-in-monitor-manager-mode.patch b/poky/meta/recipes-extended/mdadm/files/0001-Fix-parsing-of-r-in-monitor-manager-mode.patch new file mode 100644 index 0000000000..3fb46cc60a --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-Fix-parsing-of-r-in-monitor-manager-mode.patch @@ -0,0 +1,74 @@ +From 969fbb35e40100f599d4a9781911251f21792698 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 27 Jan 2022 17:53:01 +0800 +Subject: [PATCH] Fix parsing of "-r" in monitor/manager mode + +This revert commit 546047688e1 [mdadm: fix coredump of mdadm --monitor +-r], and fix the coredump issue of 'mdadm --monitor -r'. + +commit 546047688e1 make -r not work in manager mode, and testcase +00multipath failed. + +Upstream-Status: Submitted [send to maintainer jsorensen@fb.com] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> + +--- + ReadMe.c | 8 +++++--- + mdadm.c | 2 ++ + mdadm.h | 1 + + 3 files changed, 8 insertions(+), 3 deletions(-) + +diff --git a/ReadMe.c b/ReadMe.c +index 8139976..070eea5 100644 +--- a/ReadMe.c ++++ b/ReadMe.c +@@ -81,11 +81,13 @@ char Version[] = "mdadm - v" VERSION " - " VERS_DATE EXTRAVERSION "\n"; + * found, it is started. + */ + +-char short_options[]="-ABCDEFGIQhVXYWZ:vqbc:i:l:p:m:r:n:x:u:c:d:z:U:N:safRSow1tye:k"; ++char short_options[]="-ABCDEFGIQhVXYWZ:vqbc:i:l:p:m:n:x:u:c:d:z:U:N:sarfRSow1tye:k:"; + char short_bitmap_options[]= +- "-ABCDEFGIQhVXYWZ:vqb:c:i:l:p:m:r:n:x:u:c:d:z:U:N:sarfRSow1tye:k:"; ++ "-ABCDEFGIQhVXYWZ:vqb:c:i:l:p:m:n:x:u:c:d:z:U:N:sarfRSow1tye:k:"; + char short_bitmap_auto_options[]= +- "-ABCDEFGIQhVXYWZ:vqb:c:i:l:p:m:r:n:x:u:c:d:z:U:N:sa:rfRSow1tye:k:"; ++ "-ABCDEFGIQhVXYWZ:vqb:c:i:l:p:m:n:x:u:c:d:z:U:N:sa:rfRSow1tye:k:"; ++char short_increment_options[]= ++ "-ABCDEFGIQhVXYWZ:vqbc:i:l:r:p:m:n:x:u:c:d:z:U:N:safRSow1tye:k:"; + + struct option long_options[] = { + {"manage", 0, 0, ManageOpt}, +diff --git a/mdadm.c b/mdadm.c +index 26299b2..2a3b2ee 100644 +--- a/mdadm.c ++++ b/mdadm.c +@@ -227,6 +227,7 @@ int main(int argc, char *argv[]) + shortopt = short_bitmap_auto_options; + break; + case 'F': newmode = MONITOR; ++ shortopt = short_increment_options; + break; + case 'G': newmode = GROW; + shortopt = short_bitmap_options; +@@ -268,6 +269,7 @@ int main(int argc, char *argv[]) + + case NoSharing: + newmode = MONITOR; ++ shortopt = short_increment_options; + break; + } + if (mode && newmode == mode) { +diff --git a/mdadm.h b/mdadm.h +index ecfc137..42148dd 100644 +--- a/mdadm.h ++++ b/mdadm.h +@@ -421,6 +421,7 @@ enum mode { + extern char short_options[]; + extern char short_bitmap_options[]; + extern char short_bitmap_auto_options[]; ++extern char short_increment_options[]; + extern struct option long_options[]; + extern char Version[], Usage[], Help[], OptionHelp[], + *mode_help[], diff --git a/poky/meta/recipes-extended/mdadm/files/0001-Fix-the-path-of-corosync-and-dlm-header-files-check.patch b/poky/meta/recipes-extended/mdadm/files/0001-Fix-the-path-of-corosync-and-dlm-header-files-check.patch index fa1f0aa520..298f276cd6 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-Fix-the-path-of-corosync-and-dlm-header-files-check.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-Fix-the-path-of-corosync-and-dlm-header-files-check.patch @@ -1,4 +1,4 @@ -From 76856a34a4e339e4a53b09d028f89fcc520e3127 Mon Sep 17 00:00:00 2001 +From a9166bf422da1001bac9cc819386bf39b7cd1b73 Mon Sep 17 00:00:00 2001 From: "Maxin B. John" <maxin.john@intel.com> Date: Tue, 9 Feb 2016 11:44:01 +0200 Subject: [PATCH] Fix the path of corosync and dlm header files check @@ -9,15 +9,16 @@ Fix it. Upstream-Status: Inappropriate [Yocto specific] Signed-off-by: Maxin B. John <maxin.john@intel.com> + --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile -index cbdba49..7bfd336 100644 +index 2767ac6..46bf57b 100644 --- a/Makefile +++ b/Makefile -@@ -109,8 +109,8 @@ FAILED_SLOTS_DIR = $(RUN_DIR)/failed-slots +@@ -91,8 +91,8 @@ FAILED_SLOTS_DIR = $(RUN_DIR)/failed-slots SYSTEMD_DIR=/lib/systemd/system LIB_DIR=/usr/libexec/mdadm diff --git a/poky/meta/recipes-extended/mdadm/files/0001-Makefile-install-mdcheck.patch b/poky/meta/recipes-extended/mdadm/files/0001-Makefile-install-mdcheck.patch index a4be1aa8a1..3f76ef54d8 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-Makefile-install-mdcheck.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-Makefile-install-mdcheck.patch @@ -1,4 +1,4 @@ -From 0be066d57a7dd1aead5488d0a095863608f2e559 Mon Sep 17 00:00:00 2001 +From 97e776724ab9763c5bca9816370bb1635b7a8232 Mon Sep 17 00:00:00 2001 From: Chen Qi <Qi.Chen@windriver.com> Date: Tue, 25 Jan 2022 16:25:01 +0800 Subject: [PATCH] Makefile: install mdcheck @@ -14,10 +14,10 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile -index 1141971..f4059e2 100644 +index 2a51d813..db40c7fd 100644 --- a/Makefile +++ b/Makefile -@@ -325,6 +325,7 @@ install-systemd: systemd/mdmon@.service +@@ -303,6 +303,7 @@ install-systemd: systemd/mdmon@.service install-bin: mdadm mdmon $(INSTALL) -D $(STRIP) -m 755 mdadm $(DESTDIR)$(BINDIR)/mdadm $(INSTALL) -D $(STRIP) -m 755 mdmon $(DESTDIR)$(BINDIR)/mdmon @@ -25,3 +25,6 @@ index 1141971..f4059e2 100644 uninstall: rm -f $(DESTDIR)$(MAN8DIR)/mdadm.8 $(DESTDIR)$(MAN8DIR)/mdmon.8 $(DESTDIR)$(MAN4DIR)/md.4 $(DESTDIR)$(MAN5DIR)/mdadm.conf.5 $(DESTDIR)$(BINDIR)/mdadm +-- +2.17.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-Revert-tests-wait-for-complete-rebuild-in-integrity-.patch b/poky/meta/recipes-extended/mdadm/files/0001-Revert-tests-wait-for-complete-rebuild-in-integrity-.patch new file mode 100644 index 0000000000..fb4bc165fb --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-Revert-tests-wait-for-complete-rebuild-in-integrity-.patch @@ -0,0 +1,53 @@ +From 02a41c3fd560fb5250186dd6b3cff6b21daa2e2b Mon Sep 17 00:00:00 2001 +From: Mingli Yu <Mingli.Yu@windriver.com> +Date: Mon, 15 Jul 2019 14:12:24 +0800 +Subject: [PATCH] Revert "tests: wait for complete rebuild in integrity checks" + +This reverts commit e2a8e9dcf67a28bc722fa5ab2c49b0bc452d4d74 +as the logic "check state 'U*'" will make the test enters +infinite loop especially in qemu env, so revert it to +use the previous logic "check wait" which also used +commonly by other tests such as tests/02r5grow, tests/07revert-grow +and etc. + +Upstream-Status: Submitted [https://marc.info/?l=linux-raid&m=156317157314030&w=2] + +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> +--- + tests/01r5integ | 2 +- + tests/01raid6integ | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/01r5integ b/tests/01r5integ +index 48676a2..ffb30ce 100644 +--- a/tests/01r5integ ++++ b/tests/01r5integ +@@ -27,7 +27,7 @@ do + exit 1 + fi + mdadm $md0 -a $i +- while ! (check state 'U*'); do check wait; sleep 0.2; done ++ check wait + done + mdadm -S $md0 + done +diff --git a/tests/01raid6integ b/tests/01raid6integ +index 12f4d81..c6fcdae 100644 +--- a/tests/01raid6integ ++++ b/tests/01raid6integ +@@ -47,10 +47,10 @@ do + exit 1 + fi + mdadm $md0 -a $first +- while ! (check state 'U*_U*'); do check wait; sleep 0.2; done ++ check wait + done + mdadm $md0 -a $second +- while ! (check state 'U*'); do check wait; sleep 0.2; done ++ check wait + totest="$totest $second" + done + mdadm -S $md0 +-- +2.7.4 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-Use-CC-to-check-for-implicit-fallthrough-warning-sup.patch b/poky/meta/recipes-extended/mdadm/files/0001-Use-CC-to-check-for-implicit-fallthrough-warning-sup.patch index 16fdefbbd1..12bf6a5920 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-Use-CC-to-check-for-implicit-fallthrough-warning-sup.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-Use-CC-to-check-for-implicit-fallthrough-warning-sup.patch @@ -1,4 +1,4 @@ -From c29d086714b49a6d76ccca83b4a6fa2f139bad6e Mon Sep 17 00:00:00 2001 +From 37c35f94d9d95dbd2b5f8a919f5478be51453590 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Fri, 13 Oct 2017 10:27:34 -0700 Subject: [PATCH] Use CC to check for implicit-fallthrough warning support @@ -10,35 +10,19 @@ cross compile used for compiling mdadm is < version 7 Signed-off-by: Khem Raj <raj.khem@gmail.com> Upstream-Status: Pending --- - Makefile | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 7bfd336..9ab6a65 100644 +index 46bf57b..a075912 100644 --- a/Makefile +++ b/Makefile -@@ -56,21 +56,21 @@ CWFLAGS += -Wp -O3 +@@ -53,7 +53,7 @@ ifdef WARN_UNUSED + CWFLAGS += -Wp,-D_FORTIFY_SOURCE=2 -O3 endif - ifeq ($(origin FALLTHROUGH), undefined) -- FALLTHROUGH := $(shell gcc -Q --help=warnings 2>&1 | grep "implicit-fallthrough" | wc -l) -+ FALLTHROUGH := $(shell ${CC} -Q --help=warnings 2>&1 | grep "implicit-fallthrough" | wc -l) - ifneq "$(FALLTHROUGH)" "0" - CWFLAGS += -Wimplicit-fallthrough=0 - endif +-FALLTHROUGH := $(shell gcc -v --help 2>&1 | grep "implicit-fallthrough" | wc -l) ++FALLTHROUGH := $(shell ${CC} -v --help 2>&1 | grep "implicit-fallthrough" | wc -l) + ifneq "$(FALLTHROUGH)" "0" + CWFLAGS += -Wimplicit-fallthrough=0 endif - - ifeq ($(origin FORMATOVERFLOW), undefined) -- FORMATOVERFLOW := $(shell gcc -Q --help=warnings 2>&1 | grep "format-overflow" | wc -l) -+ FORMATOVERFLOW := $(shell ${CC} -Q --help=warnings 2>&1 | grep "format-overflow" | wc -l) - ifneq "$(FORMATOVERFLOW)" "0" - CWFLAGS += -Wformat-overflow - endif - endif - - ifeq ($(origin STRINGOPOVERFLOW), undefined) -- STRINGOPOVERFLOW := $(shell gcc -Q --help=warnings 2>&1 | grep "stringop-overflow" | wc -l) -+ STRINGOPOVERFLOW := $(shell ${CC} -Q --help=warnings 2>&1 | grep "stringop-overflow" | wc -l) - ifneq "$(STRINGOPOVERFLOW)" "0" - CWFLAGS += -Wstringop-overflow - endif diff --git a/poky/meta/recipes-extended/mdadm/files/0001-fix-gcc-8-format-truncation-warning.patch b/poky/meta/recipes-extended/mdadm/files/0001-fix-gcc-8-format-truncation-warning.patch index 3cf295106f..fa9c8cc835 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-fix-gcc-8-format-truncation-warning.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-fix-gcc-8-format-truncation-warning.patch @@ -1,4 +1,4 @@ -From 78e5bb08971a5644a56af60d51ef35e13522e811 Mon Sep 17 00:00:00 2001 +From 3158d3788c2e0fb75ace2c89840bd8a977fb4cb0 Mon Sep 17 00:00:00 2001 From: Hongxu Jia <hongxu.jia@windriver.com> Date: Fri, 14 Dec 2018 15:12:31 +0800 Subject: [PATCH] fix gcc-8 format-truncation warning @@ -22,7 +22,7 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/super0.c b/super0.c -index a7c5f81..a79b6bd 100644 +index 756cab5..12c28da 100644 --- a/super0.c +++ b/super0.c @@ -229,7 +229,7 @@ static void examine_super0(struct supertype *st, char *homehost) @@ -34,3 +34,6 @@ index a7c5f81..a79b6bd 100644 int wonly, failfast; if (d>=0) dp = &sb->disks[d]; else dp = &sb->this_disk; +-- +2.7.4 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-include-libgen.h-for-basename-API.patch b/poky/meta/recipes-extended/mdadm/files/0001-include-libgen.h-for-basename-API.patch deleted file mode 100644 index 70be43c15e..0000000000 --- a/poky/meta/recipes-extended/mdadm/files/0001-include-libgen.h-for-basename-API.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 7759ceda978aba38861d4846d0c1657465b72f04 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sun, 24 Mar 2024 23:13:32 -0700 -Subject: [PATCH] include libgen.h for basename API - -Musl does no more provide it via string.h therefore builds with newer -compilers e.g. clang-18 fails due to missing prototype for basename -therefore add libgen.h to included headers list - -Upstream-Status: Submitted [https://lore.kernel.org/linux-raid/20240325061537.275811-1-raj.khem@gmail.com/T/#u] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - Monitor.c | 1 + - platform-intel.c | 1 + - super-intel.c | 1 + - 3 files changed, 3 insertions(+) - -diff --git a/Monitor.c b/Monitor.c -index 824a69f..e3942e1 100644 ---- a/Monitor.c -+++ b/Monitor.c -@@ -26,6 +26,7 @@ - #include "udev.h" - #include "md_p.h" - #include "md_u.h" -+#include <libgen.h> - #include <sys/wait.h> - #include <limits.h> - #include <syslog.h> -diff --git a/platform-intel.c b/platform-intel.c -index ac282bc..5d6687d 100644 ---- a/platform-intel.c -+++ b/platform-intel.c -@@ -19,6 +19,7 @@ - #include "mdadm.h" - #include "platform-intel.h" - #include "probe_roms.h" -+#include <libgen.h> - #include <stdio.h> - #include <stdlib.h> - #include <string.h> -diff --git a/super-intel.c b/super-intel.c -index dbea235..881dbda 100644 ---- a/super-intel.c -+++ b/super-intel.c -@@ -23,6 +23,7 @@ - #include "dlink.h" - #include "sha1.h" - #include "platform-intel.h" -+#include <libgen.h> - #include <values.h> - #include <scsi/sg.h> - #include <ctype.h> --- -2.44.0 - diff --git a/poky/meta/recipes-extended/mdadm/files/0001-mdadm-Fix-optional-write-behind-parameter.patch b/poky/meta/recipes-extended/mdadm/files/0001-mdadm-Fix-optional-write-behind-parameter.patch new file mode 100644 index 0000000000..186d1e76f2 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-mdadm-Fix-optional-write-behind-parameter.patch @@ -0,0 +1,45 @@ +From 41edf6f45895193f4a523cb0a08d639c9ff9ccc9 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:12 -0600 +Subject: [PATCH] mdadm: Fix optional --write-behind parameter + +The commit noted below changed the behaviour of --write-behind to +require an argument. This broke the 06wrmostly test with the error: + + mdadm: Invalid value for maximum outstanding write-behind writes: (null). + Must be between 0 and 16383. + +To fix this, check if optarg is NULL before parising it, as the origial +code did. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=41edf6f45895193f4a523cb0a08d639c9ff9ccc9] + +Fixes: 60815698c0ac ("Refactor parse_num and use it to parse optarg.") +Cc: Mateusz Grzonka <mateusz.grzonka@intel.com> +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + mdadm.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/mdadm.c b/mdadm.c +index d0c5e6de..56722ed9 100644 +--- a/mdadm.c ++++ b/mdadm.c +@@ -1201,8 +1201,9 @@ int main(int argc, char *argv[]) + case O(BUILD, WriteBehind): + case O(CREATE, WriteBehind): + s.write_behind = DEFAULT_MAX_WRITE_BEHIND; +- if (parse_num(&s.write_behind, optarg) != 0 || +- s.write_behind < 0 || s.write_behind > 16383) { ++ if (optarg && ++ (parse_num(&s.write_behind, optarg) != 0 || ++ s.write_behind < 0 || s.write_behind > 16383)) { + pr_err("Invalid value for maximum outstanding write-behind writes: %s.\n\tMust be between 0 and 16383.\n", + optarg); + exit(2); +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-mdadm-add-option-y-for-use-syslog-to-recive-event-re.patch b/poky/meta/recipes-extended/mdadm/files/0001-mdadm-add-option-y-for-use-syslog-to-recive-event-re.patch index f224d0008d..e00287cab1 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-mdadm-add-option-y-for-use-syslog-to-recive-event-re.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-mdadm-add-option-y-for-use-syslog-to-recive-event-re.patch @@ -1,4 +1,4 @@ -From c27e128fdc062ec3fcdf7b48a8c5078615c538df Mon Sep 17 00:00:00 2001 +From 5fdc0173cb4fcf8656f0889ad364d2549795607f Mon Sep 17 00:00:00 2001 From: Changqing Li <changqing.li@windriver.com> Date: Mon, 1 Jul 2019 11:34:49 +0800 Subject: [PATCH] mdadm: add option -y for use syslog to recive event report @@ -14,12 +14,15 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemd/mdmonitor.service b/systemd/mdmonitor.service -index 9c36478..d289846 100644 +index 46f7b88..3fc4687 100644 --- a/systemd/mdmonitor.service +++ b/systemd/mdmonitor.service -@@ -14,4 +14,4 @@ Documentation=man:mdadm(8) +@@ -13,4 +13,4 @@ DefaultDependencies=no Environment= MDADM_MONITOR_ARGS=--scan EnvironmentFile=-/run/sysconfig/mdadm ExecStartPre=-/usr/lib/mdadm/mdadm_env.sh -ExecStart=BINDIR/mdadm --monitor $MDADM_MONITOR_ARGS +ExecStart=BINDIR/mdadm --monitor -y $MDADM_MONITOR_ARGS +-- +2.7.4 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-mdadm-skip-test-11spare-migration.patch b/poky/meta/recipes-extended/mdadm/files/0001-mdadm-skip-test-11spare-migration.patch new file mode 100644 index 0000000000..84517caade --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-mdadm-skip-test-11spare-migration.patch @@ -0,0 +1,43 @@ +From 1b83afa7c3121f819e72ea74883f8b6d61d6548e Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Fri, 6 Sep 2019 10:59:02 +0800 +Subject: [PATCH] mdadm: skip test 11spare-migration + +11spare-migration is a test series to check mdadm Monitor migrates spares +according to rules in /etc/mdadm.conf defined by POLICY lines. + +[snip] +for scan in no yes; do + for platform in 1.2 imsm; do + try + done +done +[snip] + +"try" includes near 20 sub testcase, so there are nearly 80 subcases need to run, +so it will take long time than ptest-runner timeout limit, skip it as workaround. + +Upstream-Status: Inappropriate [oe-specific] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + test | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/test b/test +index 711a3c7..880dd1d 100755 +--- a/test ++++ b/test +@@ -272,6 +272,9 @@ main() { + else + for script in $testdir/$prefix $testdir/$prefix*[^~] + do ++ if [ $script == "$testdir/11spare-migration" ];then ++ continue ++ fi + do_test $script + done + fi +-- +2.7.4 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-mdadm.h-Undefine-dprintf-before-redefining.patch b/poky/meta/recipes-extended/mdadm/files/0001-mdadm.h-Undefine-dprintf-before-redefining.patch index 52daea2a49..a1e7e59323 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-mdadm.h-Undefine-dprintf-before-redefining.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-mdadm.h-Undefine-dprintf-before-redefining.patch @@ -1,4 +1,4 @@ -From 4dd5c2659722b44409cee28b4cea68cdeaa1f987 Mon Sep 17 00:00:00 2001 +From b431cb4e1ed060122fa300dc0008f74080d38f73 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Mon, 9 May 2016 22:03:57 +0000 Subject: [PATCH] mdadm.h: Undefine dprintf before redefining @@ -20,10 +20,10 @@ Upstream-Status: Pending 1 file changed, 2 insertions(+) diff --git a/mdadm.h b/mdadm.h -index 1f28b3e..04996e2 100644 +index 387e681..bb943bf 100644 --- a/mdadm.h +++ b/mdadm.h -@@ -1869,11 +1869,13 @@ static inline sighandler_t signal_s(int sig, sighandler_t handler) +@@ -1649,11 +1649,13 @@ static inline char *to_subarray(struct mdstat_ent *ent, char *container) } #ifdef DEBUG diff --git a/poky/meta/recipes-extended/mdadm/files/0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch b/poky/meta/recipes-extended/mdadm/files/0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch index 13435ee418..142ed355ef 100644 --- a/poky/meta/recipes-extended/mdadm/files/0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch +++ b/poky/meta/recipes-extended/mdadm/files/0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch @@ -1,4 +1,4 @@ -From aa86de05cd6a75222b38e0789ac96fe00f705430 Mon Sep 17 00:00:00 2001 +From 6b861a267a6ef6f60f6cc21e4c8e6d7cdd2451dc Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Thu, 10 Nov 2022 12:31:22 -0800 Subject: [PATCH] restripe.c: Use _FILE_OFFSET_BITS to enable largefile support @@ -10,57 +10,9 @@ the width of types Upstream-Status: Submitted [https://lore.kernel.org/linux-raid/20221110225546.337164-1-raj.khem@gmail.com/] Signed-off-by: Khem Raj <raj.khem@gmail.com> --- - raid6check.c | 11 +++++++---- - restripe.c | 13 ++++++++----- - swap_super.c | 13 +++++++------ - 3 files changed, 22 insertions(+), 15 deletions(-) + restripe.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) -diff --git a/raid6check.c b/raid6check.c -index 9947776..8e7f142 100644 ---- a/raid6check.c -+++ b/raid6check.c -@@ -22,6 +22,9 @@ - * Based on "restripe.c" from "mdadm" codebase - */ - -+/* Enable largefile support */ -+#define _FILE_OFFSET_BITS 64 -+ - #include "mdadm.h" - #include <stdint.h> - #include <sys/mman.h> -@@ -284,9 +287,9 @@ int manual_repair(int chunk_size, int syndrome_disks, - } - - int write_res1, write_res2; -- off64_t seek_res; -+ off_t seek_res; - -- seek_res = lseek64(source[fd1], -+ seek_res = lseek(source[fd1], - offsets[fd1] + start * chunk_size, SEEK_SET); - if (seek_res < 0) { - fprintf(stderr, "lseek failed for failed_disk1\n"); -@@ -294,7 +297,7 @@ int manual_repair(int chunk_size, int syndrome_disks, - } - write_res1 = write(source[fd1], blocks[failed_slot1], chunk_size); - -- seek_res = lseek64(source[fd2], -+ seek_res = lseek(source[fd2], - offsets[fd2] + start * chunk_size, SEEK_SET); - if (seek_res < 0) { - fprintf(stderr, "lseek failed for failed_disk2\n"); -@@ -379,7 +382,7 @@ int check_stripes(struct mdinfo *info, int *source, unsigned long long *offsets, - goto exitCheck; - } - for (i = 0 ; i < raid_disks ; i++) { -- off64_t seek_res = lseek64(source[i], offsets[i] + start * chunk_size, -+ off_t seek_res = lseek(source[i], offsets[i] + start * chunk_size, - SEEK_SET); - if (seek_res < 0) { - fprintf(stderr, "lseek to source %d failed\n", i); -diff --git a/restripe.c b/restripe.c -index a7a7229..1c03577 100644 --- a/restripe.c +++ b/restripe.c @@ -22,6 +22,9 @@ @@ -73,7 +25,7 @@ index a7a7229..1c03577 100644 #include "mdadm.h" #include <stdint.h> -@@ -581,7 +584,7 @@ int save_stripes(int *source, unsigned long long *offsets, +@@ -581,7 +584,7 @@ int save_stripes(int *source, unsigned l raid_disks, level, layout); if (dnum < 0) abort(); if (source[dnum] < 0 || @@ -82,7 +34,7 @@ index a7a7229..1c03577 100644 offsets[dnum] + offset, 0) < 0 || read(source[dnum], buf+disk * chunk_size, chunk_size) != chunk_size) { -@@ -754,8 +757,8 @@ int restore_stripes(int *dest, unsigned long long *offsets, +@@ -754,8 +757,8 @@ int restore_stripes(int *dest, unsigned raid_disks, level, layout); if (src_buf == NULL) { /* read from file */ @@ -93,7 +45,7 @@ index a7a7229..1c03577 100644 rv = -1; goto abort; } -@@ -816,7 +819,7 @@ int restore_stripes(int *dest, unsigned long long *offsets, +@@ -816,7 +819,7 @@ int restore_stripes(int *dest, unsigned } for (i=0; i < raid_disks ; i++) if (dest[i] >= 0) { @@ -102,7 +54,7 @@ index a7a7229..1c03577 100644 offsets[i]+offset, 0) < 0) { rv = -1; goto abort; -@@ -866,7 +869,7 @@ int test_stripes(int *source, unsigned long long *offsets, +@@ -866,7 +869,7 @@ int test_stripes(int *source, unsigned l int disk; for (i = 0 ; i < raid_disks ; i++) { @@ -111,8 +63,48 @@ index a7a7229..1c03577 100644 (read(source[i], stripes[i], chunk_size) != chunk_size)) { free(q); -diff --git a/swap_super.c b/swap_super.c -index b6db574..18c89e2 100644 +--- a/raid6check.c ++++ b/raid6check.c +@@ -22,6 +22,9 @@ + * Based on "restripe.c" from "mdadm" codebase + */ + ++/* Enable largefile support */ ++#define _FILE_OFFSET_BITS 64 ++ + #include "mdadm.h" + #include <stdint.h> + #include <signal.h> +@@ -279,9 +282,9 @@ int manual_repair(int chunk_size, int sy + } + + int write_res1, write_res2; +- off64_t seek_res; ++ off_t seek_res; + +- seek_res = lseek64(source[fd1], ++ seek_res = lseek(source[fd1], + offsets[fd1] + start * chunk_size, SEEK_SET); + if (seek_res < 0) { + fprintf(stderr, "lseek failed for failed_disk1\n"); +@@ -289,7 +292,7 @@ int manual_repair(int chunk_size, int sy + } + write_res1 = write(source[fd1], blocks[failed_slot1], chunk_size); + +- seek_res = lseek64(source[fd2], ++ seek_res = lseek(source[fd2], + offsets[fd2] + start * chunk_size, SEEK_SET); + if (seek_res < 0) { + fprintf(stderr, "lseek failed for failed_disk2\n"); +@@ -374,7 +377,7 @@ int check_stripes(struct mdinfo *info, i + goto exitCheck; + } + for (i = 0 ; i < raid_disks ; i++) { +- off64_t seek_res = lseek64(source[i], offsets[i] + start * chunk_size, ++ off_t seek_res = lseek(source[i], offsets[i] + start * chunk_size, + SEEK_SET); + if (seek_res < 0) { + fprintf(stderr, "lseek to source %d failed\n", i); --- a/swap_super.c +++ b/swap_super.c @@ -1,3 +1,6 @@ diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-00raid0-add-a-test-that-validates-raid0-with-l.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-00raid0-add-a-test-that-validates-raid0-with-l.patch new file mode 100644 index 0000000000..1c95834a7e --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-00raid0-add-a-test-that-validates-raid0-with-l.patch @@ -0,0 +1,41 @@ +From 7539254342bc591717b0051734cc6c09c1b88640 Mon Sep 17 00:00:00 2001 +From: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Date: Wed, 22 Jun 2022 14:25:13 -0600 +Subject: [PATCH] tests/00raid0: add a test that validates raid0 with layout + fails for 0.9 + +329dfc28debb disallows the creation of raid0 with layouts for 0.9 +metadata. This test confirms the new behavior. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=7539254342bc591717b0051734cc6c09c1b88640] + +Signed-off-by: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Signed-off-by: Himanshu Madhani <himanshu.madhani@oracle.com> +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + tests/00raid0 | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/tests/00raid0 b/tests/00raid0 +index 8bc18985..e6b21cc4 100644 +--- a/tests/00raid0 ++++ b/tests/00raid0 +@@ -6,11 +6,9 @@ check raid0 + testdev $md0 3 $mdsize2_l 512 + mdadm -S $md0 + +-# now with version-0.90 superblock ++# verify raid0 with layouts fail for 0.90 + mdadm -CR $md0 -e0.90 -l0 -n4 $dev0 $dev1 $dev2 $dev3 +-check raid0 +-testdev $md0 4 $mdsize0 512 +-mdadm -S $md0 ++check opposite_result + + # now with no superblock + mdadm -B $md0 -l0 -n5 $dev0 $dev1 $dev2 $dev3 $dev4 +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-00readonly-Run-udevadm-settle-before-setting-r.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-00readonly-Run-udevadm-settle-before-setting-r.patch new file mode 100644 index 0000000000..c621c082e8 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-00readonly-Run-udevadm-settle-before-setting-r.patch @@ -0,0 +1,39 @@ +From 39b381252c32275079344d30de18b76fda4bba26 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 27 Jul 2022 15:52:45 -0600 +Subject: [PATCH] tests/00readonly: Run udevadm settle before setting ro + +In some recent kernel versions, 00readonly fails with: + + mdadm: failed to set readonly for /dev/md0: Device or resource busy + ERROR: array is not read-only! + +This was traced down to a race condition with udev holding a reference +to the block device at the same time as trying to set it read only. + +To fix this, call udevadm settle before setting the array read only. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=39b381252c32275079344d30de18b76fda4bba26] + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jsorensen@fb.com> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + tests/00readonly | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tests/00readonly b/tests/00readonly +index 39202487..afe243b3 100644 +--- a/tests/00readonly ++++ b/tests/00readonly +@@ -12,6 +12,7 @@ do + $dev1 $dev2 $dev3 $dev4 --assume-clean + check nosync + check $level ++ udevadm settle + mdadm -ro $md0 + check readonly + state=$(cat /sys/block/md0/md/array_state) +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-02lineargrow-clear-the-superblock-at-every-ite.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-02lineargrow-clear-the-superblock-at-every-ite.patch new file mode 100644 index 0000000000..1a7104b76d --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-02lineargrow-clear-the-superblock-at-every-ite.patch @@ -0,0 +1,33 @@ +From a2c832465fc75202e244327b2081231dfa974617 Mon Sep 17 00:00:00 2001 +From: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Date: Wed, 22 Jun 2022 14:25:16 -0600 +Subject: [PATCH] tests/02lineargrow: clear the superblock at every iteration + +This fixes 02lineargrow test as prior metadata causes --add operation +to misbehave. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=a2c832465fc75202e244327b2081231dfa974617] + +Signed-off-by: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Signed-off-by: Himanshu Madhani <himanshu.madhani@oracle.com> +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + tests/02lineargrow | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tests/02lineargrow b/tests/02lineargrow +index e05c219d..595bf9f2 100644 +--- a/tests/02lineargrow ++++ b/tests/02lineargrow +@@ -20,4 +20,6 @@ do + testdev $md0 3 $sz 1 + + mdadm -S $md0 ++ mdadm --zero /dev/loop2 ++ mdadm --zero /dev/loop3 + done +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-04update-metadata-avoid-passing-chunk-size-to.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-04update-metadata-avoid-passing-chunk-size-to.patch new file mode 100644 index 0000000000..9098fb2540 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-04update-metadata-avoid-passing-chunk-size-to.patch @@ -0,0 +1,41 @@ +From de045db607b1ac4b70fc2a8878463e029c2ab1dc Mon Sep 17 00:00:00 2001 +From: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Date: Wed, 22 Jun 2022 14:25:15 -0600 +Subject: [PATCH] tests/04update-metadata: avoid passing chunk size to raid1 + +'04update-metadata' test fails with error, "specifying chunk size is +forbidden for this level" added by commit, 5b30a34aa4b5e. Hence, +correcting the test to ignore passing chunk size to raid1. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=de045db607b1ac4b70fc2a8878463e029c2ab1dc] + +Signed-off-by: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Signed-off-by: Himanshu Madhani <himanshu.madhani@oracle.com> +[logang@deltatee.com: fix if/then style and dropped unrelated hunk] +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + tests/04update-metadata | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/tests/04update-metadata b/tests/04update-metadata +index 08c14af7..2b72a303 100644 +--- a/tests/04update-metadata ++++ b/tests/04update-metadata +@@ -11,7 +11,11 @@ dlist="$dev0 $dev1 $dev2 $dev3" + for ls in linear/4 raid1/1 raid5/3 raid6/2 + do + s=${ls#*/} l=${ls%/*} +- mdadm -CR --assume-clean -e 0.90 $md0 --level $l -n 4 -c 64 $dlist ++ if [[ $l == 'raid1' ]]; then ++ mdadm -CR --assume-clean -e 0.90 $md0 --level $l -n 4 $dlist ++ else ++ mdadm -CR --assume-clean -e 0.90 $md0 --level $l -n 4 -c 64 $dlist ++ fi + testdev $md0 $s 19904 64 + mdadm -S $md0 + mdadm -A $md0 --update=metadata $dlist +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch new file mode 100644 index 0000000000..5a6bf9e4bd --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch @@ -0,0 +1,39 @@ +From ee594b1a12833c06102de888248a361bc49cea09 Mon Sep 17 00:00:00 2001 +From: Ovidiu Panait <ovidiu.panait@windriver.com> +Date: Fri, 18 Aug 2023 12:20:40 +0300 +Subject: [PATCH] tests: add .broken files for 04update-uuid and + 07revert-inplace + +04update-uuid and 07revert-inplace tests are unreliable and fail intermittently +on the autobuilder. Unfortunately, the failures cannot be reproduced locally +and the logs cannot be retrieved from the AB. + +Mark the testcases as BROKEN to skip them when running ptest. + +Upstream-Status: Inappropriate + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + tests/04update-uuid.broken | 1 + + tests/07revert-inplace.broken | 1 + + 2 files changed, 2 insertions(+) + create mode 100644 tests/04update-uuid.broken + create mode 100644 tests/07revert-inplace.broken + +diff --git a/tests/04update-uuid.broken b/tests/04update-uuid.broken +new file mode 100644 +index 0000000..197b35b +--- /dev/null ++++ b/tests/04update-uuid.broken +@@ -0,0 +1 @@ ++fails infrequently +diff --git a/tests/07revert-inplace.broken b/tests/07revert-inplace.broken +new file mode 100644 +index 0000000..197b35b +--- /dev/null ++++ b/tests/07revert-inplace.broken +@@ -0,0 +1 @@ ++fails infrequently +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-fix-raid0-tests-for-0.90-metadata.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-fix-raid0-tests-for-0.90-metadata.patch new file mode 100644 index 0000000000..d2e7d8ee50 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-fix-raid0-tests-for-0.90-metadata.patch @@ -0,0 +1,102 @@ +From 14c2161edb77d7294199e8aa7daa9f9d1d0ad5d7 Mon Sep 17 00:00:00 2001 +From: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Date: Wed, 22 Jun 2022 14:25:14 -0600 +Subject: [PATCH] tests: fix raid0 tests for 0.90 metadata + +Some of the test cases fail because raid0 creation fails with the error, +"0.90 metadata does not support layouts for RAID0" added by commit, +329dfc28debb. Fix some of the test cases by switching from raid0 to +linear level for 0.9 metadata where possible. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=14c2161edb77d7294199e8aa7daa9f9d1d0ad5d7] + +Signed-off-by: Sudhakar Panneerselvam <sudhakar.panneerselvam@oracle.com> +Signed-off-by: Himanshu Madhani <himanshu.madhani@oracle.com> +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + tests/00raid0 | 4 ++-- + tests/00readonly | 4 ++++ + tests/03r0assem | 6 +++--- + tests/04r0update | 4 ++-- + tests/04update-metadata | 2 +- + 5 files changed, 12 insertions(+), 8 deletions(-) + +diff --git a/tests/00raid0 b/tests/00raid0 +index e6b21cc4..9b8896cb 100644 +--- a/tests/00raid0 ++++ b/tests/00raid0 +@@ -20,8 +20,8 @@ mdadm -S $md0 + # now same again with different chunk size + for chunk in 4 32 256 + do +- mdadm -CR $md0 -e0.90 -l raid0 --chunk $chunk -n3 $dev0 $dev1 $dev2 +- check raid0 ++ mdadm -CR $md0 -e0.90 -l linear --chunk $chunk -n3 $dev0 $dev1 $dev2 ++ check linear + testdev $md0 3 $mdsize0 $chunk + mdadm -S $md0 + +diff --git a/tests/00readonly b/tests/00readonly +index 28b0fa13..39202487 100644 +--- a/tests/00readonly ++++ b/tests/00readonly +@@ -4,6 +4,10 @@ for metadata in 0.9 1.0 1.1 1.2 + do + for level in linear raid0 raid1 raid4 raid5 raid6 raid10 + do ++ if [[ $metadata == "0.9" && $level == "raid0" ]]; ++ then ++ continue ++ fi + mdadm -CR $md0 -l $level -n 4 --metadata=$metadata \ + $dev1 $dev2 $dev3 $dev4 --assume-clean + check nosync +diff --git a/tests/03r0assem b/tests/03r0assem +index 6744e322..44df0645 100644 +--- a/tests/03r0assem ++++ b/tests/03r0assem +@@ -68,9 +68,9 @@ mdadm -S $md2 + ### Now for version 0... + + mdadm --zero-superblock $dev0 $dev1 $dev2 +-mdadm -CR $md2 -l0 --metadata=0.90 -n3 $dev0 $dev1 $dev2 +-check raid0 +-tst="testdev $md2 3 $mdsize0 512" ++mdadm -CR $md2 -llinear --metadata=0.90 -n3 $dev0 $dev1 $dev2 ++check linear ++tst="testdev $md2 3 $mdsize0 1" + $tst + + uuid=`mdadm -Db $md2 | sed 's/.*UUID=//'` +diff --git a/tests/04r0update b/tests/04r0update +index 73ee3b9f..b95efb06 100644 +--- a/tests/04r0update ++++ b/tests/04r0update +@@ -1,7 +1,7 @@ + + # create a raid0, re-assemble with a different super-minor +-mdadm -CR -e 0.90 $md0 -l0 -n3 $dev0 $dev1 $dev2 +-testdev $md0 3 $mdsize0 512 ++mdadm -CR -e 0.90 $md0 -llinear -n3 $dev0 $dev1 $dev2 ++testdev $md0 3 $mdsize0 1 + minor1=`mdadm -E $dev0 | sed -n -e 's/.*Preferred Minor : //p'` + mdadm -S /dev/md0 + +diff --git a/tests/04update-metadata b/tests/04update-metadata +index 232fc1ff..08c14af7 100644 +--- a/tests/04update-metadata ++++ b/tests/04update-metadata +@@ -8,7 +8,7 @@ set -xe + + dlist="$dev0 $dev1 $dev2 $dev3" + +-for ls in raid0/4 linear/4 raid1/1 raid5/3 raid6/2 ++for ls in linear/4 raid1/1 raid5/3 raid6/2 + do + s=${ls#*/} l=${ls%/*} + mdadm -CR --assume-clean -e 0.90 $md0 --level $l -n 4 -c 64 $dlist +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-util.c-add-limits.h-include-for-NAME_MAX-definition.patch b/poky/meta/recipes-extended/mdadm/files/0001-util.c-add-limits.h-include-for-NAME_MAX-definition.patch deleted file mode 100644 index 0916efafdf..0000000000 --- a/poky/meta/recipes-extended/mdadm/files/0001-util.c-add-limits.h-include-for-NAME_MAX-definition.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 8fa7d3cb96e8833743b635fb198675ad6c020b6e Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex@linutronix.de> -Date: Tue, 12 Mar 2024 10:51:51 +0100 -Subject: [PATCH] util.c: add limits.h include for NAME_MAX definition - -Upstream-Status: Submitted [mariusz.tkaczyk@linux.intel.com,linux-raid@vger.kernel.org] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - util.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util.c b/util.c -index b145447..a9cb6c4 100644 ---- a/util.c -+++ b/util.c -@@ -36,7 +36,7 @@ - #include <ctype.h> - #include <dirent.h> - #include <dlfcn.h> -- -+#include <limits.h> - - /* - * following taken from linux/blkpg.h because they aren't diff --git a/poky/meta/recipes-extended/mdadm/files/0002-Create.c-include-linux-falloc.h-for-FALLOC_FL_ZERO_R.patch b/poky/meta/recipes-extended/mdadm/files/0002-Create.c-include-linux-falloc.h-for-FALLOC_FL_ZERO_R.patch deleted file mode 100644 index 145c65477a..0000000000 --- a/poky/meta/recipes-extended/mdadm/files/0002-Create.c-include-linux-falloc.h-for-FALLOC_FL_ZERO_R.patch +++ /dev/null @@ -1,27 +0,0 @@ -From a22b2345b9773d362acd85dd4c4a6a3cda9100d4 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex@linutronix.de> -Date: Tue, 12 Mar 2024 10:54:08 +0100 -Subject: [PATCH] Create.c: include linux/falloc.h for FALLOC_FL_ZERO_RANGE - definition - -glibc provides this through fcntl.h but musl does not - should -be reported and fixed there. - -Upstream-Status: Inappropriate [musl-specific issue] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - Create.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/Create.c b/Create.c -index 8082f54..7071f0a 100644 ---- a/Create.c -+++ b/Create.c -@@ -31,6 +31,7 @@ - #include <signal.h> - #include <sys/signalfd.h> - #include <sys/wait.h> -+#include <linux/falloc.h> - - static int round_size_and_verify(unsigned long long *size, int chunk) - { diff --git a/poky/meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch b/poky/meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch new file mode 100644 index 0000000000..fafe88b49c --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch @@ -0,0 +1,56 @@ +From 14f110f0286d38e29ef5e51d7f72e049c2f18323 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:08 -0600 +Subject: [PATCH 2/4] DDF: Fix NULL pointer dereference in + validate_geometry_ddf() + +A relatively recent patch added a call to validate_geometry() in +Manage_add() that has level=LEVEL_CONTAINER and chunk=NULL. + +This causes some ddf tests to segfault which aborts the test suite. + +To fix this, avoid dereferencing chunk when the level is +LEVEL_CONTAINER or LEVEL_NONE. + +Fixes: 1f5d54a06df0 ("Manage: Call validate_geometry when adding drive to external container") +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=2b93288a5650 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + super-ddf.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/super-ddf.c b/super-ddf.c +index 65cf727..3ef1293 100644 +--- a/super-ddf.c ++++ b/super-ddf.c +@@ -3369,9 +3369,6 @@ static int validate_geometry_ddf(struct supertype *st, + * If given BVDs, we make an SVD, changing all the GUIDs in the process. + */ + +- if (*chunk == UnSet) +- *chunk = DEFAULT_CHUNK; +- + if (level == LEVEL_NONE) + level = LEVEL_CONTAINER; + if (level == LEVEL_CONTAINER) { +@@ -3381,6 +3378,9 @@ static int validate_geometry_ddf(struct supertype *st, + freesize, verbose); + } + ++ if (*chunk == UnSet) ++ *chunk = DEFAULT_CHUNK; ++ + if (!dev) { + mdu_array_info_t array = { + .level = level, +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch b/poky/meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch new file mode 100644 index 0000000000..a954ab027a --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch @@ -0,0 +1,91 @@ +From bd064da1469a6a07331b076a0294a8c6c3c38526 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:09 -0600 +Subject: [PATCH 3/4] mdadm/Grow: Fix use after close bug by closing after fork + +The test 07reshape-grow fails most of the time. But it succeeds around +1 in 5 times. When it does succeed, it causes the tests to die because +mdadm has segfaulted. + +The segfault was caused by mdadm attempting to repoen a file +descriptor that was already closed. The backtrace of the segfault +was: + + #0 __strncmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:101 + #1 0x000056146e31d44b in devnm2devid (devnm=0x0) at util.c:956 + #2 0x000056146e31dab4 in open_dev_flags (devnm=0x0, flags=0) + at util.c:1072 + #3 0x000056146e31db22 in open_dev (devnm=0x0) at util.c:1079 + #4 0x000056146e3202e8 in reopen_mddev (mdfd=4) at util.c:2244 + #5 0x000056146e329f36 in start_array (mdfd=4, + mddev=0x7ffc55342450 "/dev/md0", content=0x7ffc55342860, + st=0x56146fc78660, ident=0x7ffc55342f70, best=0x56146fc6f5d0, + bestcnt=10, chosen_drive=0, devices=0x56146fc706b0, okcnt=5, + sparecnt=0, rebuilding_cnt=0, journalcnt=0, c=0x7ffc55342e90, + clean=1, avail=0x56146fc78720 "\001\001\001\001\001", + start_partial_ok=0, err_ok=0, was_forced=0) + at Assemble.c:1206 + #6 0x000056146e32c36e in Assemble (st=0x56146fc78660, + mddev=0x7ffc55342450 "/dev/md0", ident=0x7ffc55342f70, + devlist=0x56146fc6e2d0, c=0x7ffc55342e90) + at Assemble.c:1914 + #7 0x000056146e312ac9 in main (argc=11, argv=0x7ffc55343238) + at mdadm.c:1510 + +The file descriptor was closed early in Grow_continue(). The noted commit +moved the close() call to close the fd above the fork which caused the +parent process to return with a closed fd. + +This meant reshape_array() and Grow_continue() would return in the parent +with the fd forked. The fd would eventually be passed to reopen_mddev() +which returned an unhandled NULL from fd2devnm() which would then be +dereferenced in devnm2devid. + +Fix this by moving the close() call below the fork. This appears to +fix the 07revert-grow test. While we're at it, switch to using +close_fd() to invalidate the file descriptor. + +Fixes: 77b72fa82813 ("mdadm/Grow: prevent md's fd from being occupied during delayed time") +Cc: Alex Wu <alexwu@synology.com> +Cc: BingJing Chang <bingjingc@synology.com> +Cc: Danny Shih <dannyshih@synology.com> +Cc: ChangSyun Peng <allenpeng@synology.com> +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=548e9b916f86 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + Grow.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/Grow.c b/Grow.c +index 9c6fc95..a8e4e83 100644 +--- a/Grow.c ++++ b/Grow.c +@@ -3501,7 +3501,6 @@ started: + return 0; + } + +- close(fd); + /* Now we just need to kick off the reshape and watch, while + * handling backups of the data... + * This is all done by a forked background process. +@@ -3522,6 +3521,9 @@ started: + break; + } + ++ /* Close unused file descriptor in the forked process */ ++ close_fd(&fd); ++ + /* If another array on the same devices is busy, the + * reshape will wait for them. This would mean that + * the first section that we suspend will stay suspended +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch b/poky/meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch new file mode 100644 index 0000000000..72cb40f782 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch @@ -0,0 +1,42 @@ +From 2296a4a441b4b8546e2eb32403930f1bb8f3ee4a Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:10 -0600 +Subject: [PATCH 4/4] monitor: Avoid segfault when calling NULL get_bad_blocks + +Not all struct superswitch implement a get_bad_blocks() function, +yet mdmon seems to call it without checking for NULL and thus +occasionally segfaults in the test 10ddf-geometry. + +Fix this by checking for NULL before calling it. + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=9ae62977b51d + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + monitor.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/monitor.c b/monitor.c +index afc3e50..8e43c0d 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -312,6 +312,9 @@ static int check_for_cleared_bb(struct active_array *a, struct mdinfo *mdi) + struct md_bb *bb; + int i; + ++ if (!ss->get_bad_blocks) ++ return -1; ++ + /* + * Get a list of bad blocks for an array, then read list of + * acknowledged bad blocks from kernel and compare it against metadata +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch b/poky/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch new file mode 100644 index 0000000000..c55bfb125b --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch @@ -0,0 +1,128 @@ +From feab1f72fcf032a4d21d0a69eb61b23a5ddb3352 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:18 -0600 +Subject: [PATCH 5/6] mdadm/test: Mark and ignore broken test failures + +Add functionality to continue if a test marked as broken fails. + +To mark a test as broken, a file with the same name but with the suffix +'.broken' should exist. The first line in the file will be printed with +a KNOWN BROKEN message; the rest of the file can describe the how the +test is broken. + +Also adds --skip-broken and --skip-always-broken to skip all the tests +that have a .broken file or to skip all tests whose .broken file's first +line contains the keyword always. + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=28520bf114b3 + +[OP: adjusted context for mdadm-4.2] +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + test | 37 +++++++++++++++++++++++++++++++++++-- + 1 file changed, 35 insertions(+), 2 deletions(-) + +diff --git a/test b/test +index 8f189d9..ee8fba1 100755 +--- a/test ++++ b/test +@@ -10,6 +10,8 @@ devlist= + + savelogs=0 + exitonerror=1 ++ctrl_c_error=0 ++skipbroken=0 + prefix='[0-9][0-9]' + + # use loop devices by default if doesn't specify --dev +@@ -35,6 +37,7 @@ die() { + + ctrl_c() { + exitonerror=1 ++ ctrl_c_error=1 + } + + # mdadm always adds --quiet, and we want to see any unexpected messages +@@ -79,8 +82,21 @@ mdadm() { + do_test() { + _script=$1 + _basename=`basename $_script` ++ _broken=0 ++ + if [ -f "$_script" ] + then ++ if [ -f "${_script}.broken" ]; then ++ _broken=1 ++ _broken_msg=$(head -n1 "${_script}.broken" | tr -d '\n') ++ if [ "$skipbroken" == "all" ]; then ++ return ++ elif [ "$skipbroken" == "always" ] && ++ [[ "$_broken_msg" == *always* ]]; then ++ return ++ fi ++ fi ++ + rm -f $targetdir/stderr + # this might have been reset: restore the default. + echo 2000 > /proc/sys/dev/raid/speed_limit_max +@@ -97,10 +113,15 @@ do_test() { + else + save_log fail + _fail=1 ++ if [ "$_broken" == "1" ]; then ++ echo " (KNOWN BROKEN TEST: $_broken_msg)" ++ fi + fi + [ "$savelogs" == "1" ] && + mv -f $targetdir/log $logdir/$_basename.log +- [ "$_fail" == "1" -a "$exitonerror" == "1" ] && exit 1 ++ [ "$ctrl_c_error" == "1" ] && exit 1 ++ [ "$_fail" == "1" -a "$exitonerror" == "1" \ ++ -a "$_broken" == "0" ] && exit 1 + fi + } + +@@ -117,6 +138,8 @@ do_help() { + --logdir=directory Directory to save all logfiles in + --save-logs Usually use with --logdir together + --keep-going | --no-error Don't stop on error, ie. run all tests ++ --skip-broken Skip tests that are known to be broken ++ --skip-always-broken Skip tests that are known to always fail + --dev=loop|lvm|ram|disk Use loop devices (default), LVM, RAM or disk + --disks= Provide a bunch of physical devices for test + --volgroup=name LVM volume group for LVM test +@@ -211,6 +234,12 @@ parse_args() { + --keep-going | --no-error ) + exitonerror=0 + ;; ++ --skip-broken ) ++ skipbroken=all ++ ;; ++ --skip-always-broken ) ++ skipbroken=always ++ ;; + --disable-multipath ) + unset MULTIPATH + ;; +@@ -275,7 +304,11 @@ main() { + if [ $script == "$testdir/11spare-migration" ];then + continue + fi +- do_test $script ++ case $script in ++ *.broken) ;; ++ *) ++ do_test $script ++ esac + done + fi + +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch b/poky/meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch new file mode 100644 index 0000000000..115b23bac5 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch @@ -0,0 +1,454 @@ +From fd1c26ba129b069d9f73afaefdbe53683de3814a Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:19 -0600 +Subject: [PATCH 6/6] tests: Add broken files for all broken tests + +Each broken file contains the rough frequency of brokeness as well +as a brief explanation of what happens when it breaks. Estimates +of failure rates are not statistically significant and can vary +run to run. + +This is really just a view from my window. Tests were done on a +small VM with the default loop devices, not real hardware. We've +seen different kernel configurations can cause bugs to appear as well +(ie. different block schedulers). It may also be that different race +conditions will be seen on machines with different performance +characteristics. + +These annotations were done with the kernel currently in md/md-next: + + facef3b96c5b ("md: Notify sysfs sync_completed in md_reap_sync_thread()") + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=daa86d663476 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + tests/01r5integ.broken | 7 ++++ + tests/01raid6integ.broken | 7 ++++ + tests/04r5swap.broken | 7 ++++ + tests/07autoassemble.broken | 8 ++++ + tests/07autodetect.broken | 5 +++ + tests/07changelevelintr.broken | 9 +++++ + tests/07changelevels.broken | 9 +++++ + tests/07reshape5intr.broken | 45 ++++++++++++++++++++++ + tests/07revert-grow.broken | 31 +++++++++++++++ + tests/07revert-shrink.broken | 9 +++++ + tests/07testreshape5.broken | 12 ++++++ + tests/09imsm-assemble.broken | 6 +++ + tests/09imsm-create-fail-rebuild.broken | 5 +++ + tests/09imsm-overlap.broken | 7 ++++ + tests/10ddf-assemble-missing.broken | 6 +++ + tests/10ddf-fail-create-race.broken | 7 ++++ + tests/10ddf-fail-two-spares.broken | 5 +++ + tests/10ddf-incremental-wrong-order.broken | 9 +++++ + tests/14imsm-r1_2d-grow-r1_3d.broken | 5 +++ + tests/14imsm-r1_2d-takeover-r0_2d.broken | 6 +++ + tests/18imsm-r10_4d-takeover-r0_2d.broken | 5 +++ + tests/18imsm-r1_2d-takeover-r0_1d.broken | 6 +++ + tests/19raid6auto-repair.broken | 5 +++ + tests/19raid6repair.broken | 5 +++ + 24 files changed, 226 insertions(+) + create mode 100644 tests/01r5integ.broken + create mode 100644 tests/01raid6integ.broken + create mode 100644 tests/04r5swap.broken + create mode 100644 tests/07autoassemble.broken + create mode 100644 tests/07autodetect.broken + create mode 100644 tests/07changelevelintr.broken + create mode 100644 tests/07changelevels.broken + create mode 100644 tests/07reshape5intr.broken + create mode 100644 tests/07revert-grow.broken + create mode 100644 tests/07revert-shrink.broken + create mode 100644 tests/07testreshape5.broken + create mode 100644 tests/09imsm-assemble.broken + create mode 100644 tests/09imsm-create-fail-rebuild.broken + create mode 100644 tests/09imsm-overlap.broken + create mode 100644 tests/10ddf-assemble-missing.broken + create mode 100644 tests/10ddf-fail-create-race.broken + create mode 100644 tests/10ddf-fail-two-spares.broken + create mode 100644 tests/10ddf-incremental-wrong-order.broken + create mode 100644 tests/14imsm-r1_2d-grow-r1_3d.broken + create mode 100644 tests/14imsm-r1_2d-takeover-r0_2d.broken + create mode 100644 tests/18imsm-r10_4d-takeover-r0_2d.broken + create mode 100644 tests/18imsm-r1_2d-takeover-r0_1d.broken + create mode 100644 tests/19raid6auto-repair.broken + create mode 100644 tests/19raid6repair.broken + +diff --git a/tests/01r5integ.broken b/tests/01r5integ.broken +new file mode 100644 +index 0000000..2073763 +--- /dev/null ++++ b/tests/01r5integ.broken +@@ -0,0 +1,7 @@ ++fails rarely ++ ++Fails about 1 in every 30 runs with a sha mismatch error: ++ ++ c49ab26e1b01def7874af9b8a6d6d0c29fdfafe6 /dev/md0 does not match ++ 15dc2f73262f811ada53c65e505ceec9cf025cb9 /dev/md0 with /dev/loop3 ++ missing +diff --git a/tests/01raid6integ.broken b/tests/01raid6integ.broken +new file mode 100644 +index 0000000..1df735f +--- /dev/null ++++ b/tests/01raid6integ.broken +@@ -0,0 +1,7 @@ ++fails infrequently ++ ++Fails about 1 in 5 with a sha mismatch: ++ ++ 8286c2bc045ae2cfe9f8b7ae3a898fa25db6926f /dev/md0 does not match ++ a083a0738b58caab37fd568b91b177035ded37df /dev/md0 with /dev/loop2 and ++ /dev/loop3 missing +diff --git a/tests/04r5swap.broken b/tests/04r5swap.broken +new file mode 100644 +index 0000000..e38987d +--- /dev/null ++++ b/tests/04r5swap.broken +@@ -0,0 +1,7 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: /dev/loop0 has no superblock - assembly aborted ++ ++ ERROR: no recovery happening +diff --git a/tests/07autoassemble.broken b/tests/07autoassemble.broken +new file mode 100644 +index 0000000..8be0940 +--- /dev/null ++++ b/tests/07autoassemble.broken +@@ -0,0 +1,8 @@ ++always fails ++ ++Prints lots of messages, but the array doesn't assemble. Error ++possibly related to: ++ ++ mdadm: /dev/md/1 is busy - skipping ++ mdadm: no recogniseable superblock on /dev/md/testing:0 ++ mdadm: /dev/md/2 is busy - skipping +diff --git a/tests/07autodetect.broken b/tests/07autodetect.broken +new file mode 100644 +index 0000000..294954a +--- /dev/null ++++ b/tests/07autodetect.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with error: ++ ++ ERROR: no resync happening +diff --git a/tests/07changelevelintr.broken b/tests/07changelevelintr.broken +new file mode 100644 +index 0000000..284b490 +--- /dev/null ++++ b/tests/07changelevelintr.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: this change will reduce the size of the array. ++ use --grow --array-size first to truncate array. ++ e.g. mdadm --grow /dev/md0 --array-size 56832 ++ ++ ERROR: no reshape happening +diff --git a/tests/07changelevels.broken b/tests/07changelevels.broken +new file mode 100644 +index 0000000..9b930d9 +--- /dev/null ++++ b/tests/07changelevels.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: /dev/loop0 is smaller than given size. 18976K < 19968K + metadata ++ mdadm: /dev/loop1 is smaller than given size. 18976K < 19968K + metadata ++ mdadm: /dev/loop2 is smaller than given size. 18976K < 19968K + metadata ++ ++ ERROR: /dev/md0 isn't a block device. +diff --git a/tests/07reshape5intr.broken b/tests/07reshape5intr.broken +new file mode 100644 +index 0000000..efe52a6 +--- /dev/null ++++ b/tests/07reshape5intr.broken +@@ -0,0 +1,45 @@ ++always fails ++ ++This patch, recently added to md-next causes the test to always fail: ++ ++7e6ba434cc60 ("md: don't unregister sync_thread with reconfig_mutex ++held") ++ ++The new error is simply: ++ ++ ERROR: no reshape happening ++ ++Before the patch, the error seen is below. ++ ++-- ++ ++fails infrequently ++ ++Fails roughly 1 in 4 runs with errors: ++ ++ mdadm: Merging with already-assembled /dev/md/0 ++ mdadm: cannot re-read metadata from /dev/loop6 - aborting ++ ++ ERROR: no reshape happening ++ ++Also have seen a random deadlock: ++ ++ INFO: task mdadm:109702 blocked for more than 30 seconds. ++ Not tainted 5.18.0-rc3-eid-vmlocalyes-dbg-00095-g3c2b5427979d #2040 ++ "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. ++ task:mdadm state:D stack: 0 pid:109702 ppid: 1 flags:0x00004000 ++ Call Trace: ++ <TASK> ++ __schedule+0x67e/0x13b0 ++ schedule+0x82/0x110 ++ mddev_suspend+0x2e1/0x330 ++ suspend_lo_store+0xbd/0x140 ++ md_attr_store+0xcb/0x130 ++ sysfs_kf_write+0x89/0xb0 ++ kernfs_fop_write_iter+0x202/0x2c0 ++ new_sync_write+0x222/0x330 ++ vfs_write+0x3bc/0x4d0 ++ ksys_write+0xd9/0x180 ++ __x64_sys_write+0x43/0x50 ++ do_syscall_64+0x3b/0x90 ++ entry_SYSCALL_64_after_hwframe+0x44/0xae +diff --git a/tests/07revert-grow.broken b/tests/07revert-grow.broken +new file mode 100644 +index 0000000..9b6db86 +--- /dev/null ++++ b/tests/07revert-grow.broken +@@ -0,0 +1,31 @@ ++always fails ++ ++This patch, recently added to md-next causes the test to always fail: ++ ++7e6ba434cc60 ("md: don't unregister sync_thread with reconfig_mutex held") ++ ++The errors are: ++ ++ mdadm: No active reshape to revert on /dev/loop0 ++ ERROR: active raid5 not found ++ ++Before the patch, the error seen is below. ++ ++-- ++ ++fails rarely ++ ++Fails about 1 in every 30 runs with errors: ++ ++ mdadm: Merging with already-assembled /dev/md/0 ++ mdadm: backup file /tmp/md-backup inaccessible: No such file or directory ++ mdadm: failed to add /dev/loop1 to /dev/md/0: Invalid argument ++ mdadm: failed to add /dev/loop2 to /dev/md/0: Invalid argument ++ mdadm: failed to add /dev/loop3 to /dev/md/0: Invalid argument ++ mdadm: failed to add /dev/loop0 to /dev/md/0: Invalid argument ++ mdadm: /dev/md/0 assembled from 1 drive - need all 5 to start it ++ (use --run to insist). ++ ++ grep: /sys/block/md*/md/sync_action: No such file or directory ++ ++ ERROR: active raid5 not found +diff --git a/tests/07revert-shrink.broken b/tests/07revert-shrink.broken +new file mode 100644 +index 0000000..c33c39e +--- /dev/null ++++ b/tests/07revert-shrink.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: this change will reduce the size of the array. ++ use --grow --array-size first to truncate array. ++ e.g. mdadm --grow /dev/md0 --array-size 53760 ++ ++ ERROR: active raid5 not found +diff --git a/tests/07testreshape5.broken b/tests/07testreshape5.broken +new file mode 100644 +index 0000000..a8ce03e +--- /dev/null ++++ b/tests/07testreshape5.broken +@@ -0,0 +1,12 @@ ++always fails ++ ++Test seems to run 'test_stripe' at $dir directory, but $dir is never ++set. If $dir is adjusted to $PWD, the test still fails with: ++ ++ mdadm: /dev/loop2 is not suitable for this array. ++ mdadm: create aborted ++ ++ return 1 ++ ++ cmp -s -n 8192 /dev/md0 /tmp/RandFile ++ ++ echo cmp failed ++ cmp failed ++ ++ exit 2 +diff --git a/tests/09imsm-assemble.broken b/tests/09imsm-assemble.broken +new file mode 100644 +index 0000000..a6d4d5c +--- /dev/null ++++ b/tests/09imsm-assemble.broken +@@ -0,0 +1,6 @@ ++fails infrequently ++ ++Fails roughly 1 in 10 runs with errors: ++ ++ mdadm: /dev/loop2 is still in use, cannot remove. ++ /dev/loop2 removal from /dev/md/container should have succeeded +diff --git a/tests/09imsm-create-fail-rebuild.broken b/tests/09imsm-create-fail-rebuild.broken +new file mode 100644 +index 0000000..40c4b29 +--- /dev/null ++++ b/tests/09imsm-create-fail-rebuild.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with error: ++ ++ **Error**: Array size mismatch - expected 3072, actual 16384 +diff --git a/tests/09imsm-overlap.broken b/tests/09imsm-overlap.broken +new file mode 100644 +index 0000000..e7ccab7 +--- /dev/null ++++ b/tests/09imsm-overlap.broken +@@ -0,0 +1,7 @@ ++always fails ++ ++Fails with errors: ++ ++ **Error**: Offset mismatch - expected 15360, actual 0 ++ **Error**: Offset mismatch - expected 15360, actual 0 ++ /dev/md/vol3 failed check +diff --git a/tests/10ddf-assemble-missing.broken b/tests/10ddf-assemble-missing.broken +new file mode 100644 +index 0000000..bfd8d10 +--- /dev/null ++++ b/tests/10ddf-assemble-missing.broken +@@ -0,0 +1,6 @@ ++always fails ++ ++Fails with errors: ++ ++ ERROR: /dev/md/vol0 has unexpected state on /dev/loop10 ++ ERROR: unexpected number of online disks on /dev/loop10 +diff --git a/tests/10ddf-fail-create-race.broken b/tests/10ddf-fail-create-race.broken +new file mode 100644 +index 0000000..6c0df02 +--- /dev/null ++++ b/tests/10ddf-fail-create-race.broken +@@ -0,0 +1,7 @@ ++usually fails ++ ++Fails about 9 out of 10 times with many errors: ++ ++ mdadm: cannot open MISSING: No such file or directory ++ ERROR: non-degraded array found ++ ERROR: disk 0 not marked as failed in meta data +diff --git a/tests/10ddf-fail-two-spares.broken b/tests/10ddf-fail-two-spares.broken +new file mode 100644 +index 0000000..eeea56d +--- /dev/null ++++ b/tests/10ddf-fail-two-spares.broken +@@ -0,0 +1,5 @@ ++fails infrequently ++ ++Fails roughly 1 in 3 with error: ++ ++ ERROR: /dev/md/vol1 should be optimal in meta data +diff --git a/tests/10ddf-incremental-wrong-order.broken b/tests/10ddf-incremental-wrong-order.broken +new file mode 100644 +index 0000000..a5af3ba +--- /dev/null ++++ b/tests/10ddf-incremental-wrong-order.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ERROR: sha1sum of /dev/md/vol0 has changed ++ ERROR: /dev/md/vol0 has unexpected state on /dev/loop10 ++ ERROR: unexpected number of online disks on /dev/loop10 ++ ERROR: /dev/md/vol0 has unexpected state on /dev/loop8 ++ ERROR: unexpected number of online disks on /dev/loop8 ++ ERROR: sha1sum of /dev/md/vol0 has changed +diff --git a/tests/14imsm-r1_2d-grow-r1_3d.broken b/tests/14imsm-r1_2d-grow-r1_3d.broken +new file mode 100644 +index 0000000..4ef1d40 +--- /dev/null ++++ b/tests/14imsm-r1_2d-grow-r1_3d.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with error: ++ ++ mdadm/tests/func.sh: line 325: dvsize/chunk: division by 0 (error token is "chunk") +diff --git a/tests/14imsm-r1_2d-takeover-r0_2d.broken b/tests/14imsm-r1_2d-takeover-r0_2d.broken +new file mode 100644 +index 0000000..89cd4e5 +--- /dev/null ++++ b/tests/14imsm-r1_2d-takeover-r0_2d.broken +@@ -0,0 +1,6 @@ ++always fails ++ ++Fails with error: ++ ++ tests/func.sh: line 325: dvsize/chunk: division by 0 (error token ++ is "chunk") +diff --git a/tests/18imsm-r10_4d-takeover-r0_2d.broken b/tests/18imsm-r10_4d-takeover-r0_2d.broken +new file mode 100644 +index 0000000..a27399f +--- /dev/null ++++ b/tests/18imsm-r10_4d-takeover-r0_2d.broken +@@ -0,0 +1,5 @@ ++fails rarely ++ ++Fails about 1 run in 100 with message: ++ ++ ERROR: size is wrong for /dev/md/vol0: 2 * 5120 (chunk=128) = 20480, not 0 +diff --git a/tests/18imsm-r1_2d-takeover-r0_1d.broken b/tests/18imsm-r1_2d-takeover-r0_1d.broken +new file mode 100644 +index 0000000..aa1982e +--- /dev/null ++++ b/tests/18imsm-r1_2d-takeover-r0_1d.broken +@@ -0,0 +1,6 @@ ++always fails ++ ++Fails with error: ++ ++ tests/func.sh: line 325: dvsize/chunk: division by 0 (error token ++ is "chunk") +diff --git a/tests/19raid6auto-repair.broken b/tests/19raid6auto-repair.broken +new file mode 100644 +index 0000000..e91a142 +--- /dev/null ++++ b/tests/19raid6auto-repair.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with: ++ ++ "should detect errors" +diff --git a/tests/19raid6repair.broken b/tests/19raid6repair.broken +new file mode 100644 +index 0000000..e91a142 +--- /dev/null ++++ b/tests/19raid6repair.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with: ++ ++ "should detect errors" +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/debian-no-Werror.patch b/poky/meta/recipes-extended/mdadm/files/debian-no-Werror.patch index b758fcd0ab..fa90647489 100644 --- a/poky/meta/recipes-extended/mdadm/files/debian-no-Werror.patch +++ b/poky/meta/recipes-extended/mdadm/files/debian-no-Werror.patch @@ -1,4 +1,4 @@ -From 319b3191f088cea7b0fb6038ab7625d5e049dcf7 Mon Sep 17 00:00:00 2001 +From adb75f0bdec97dbe4aa15cc988d349775f7995ff Mon Sep 17 00:00:00 2001 From: "martin f. krafft" <madduck@debian.org> Date: Mon, 3 Jan 2022 19:14:12 +0000 Subject: [PATCH] Remove -Werror from compiler flags @@ -10,20 +10,21 @@ use it to beautify the code, but remove it for out builds. Signed-off-by: martin f. krafft <madduck@debian.org> Upstream-Status: Pending + --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 9ab6a65..1141971 100644 +index 716c97c..40354ea 100644 --- a/Makefile +++ b/Makefile @@ -50,7 +50,7 @@ ifeq ($(origin CC),default) CC := $(CROSS_COMPILE)gcc endif CXFLAGS ?= -ggdb --CWFLAGS ?= -Wall -Werror -Wstrict-prototypes -Wextra -Wno-unused-parameter -Wformat -Wformat-security -Werror=format-security -fstack-protector-strong -fPIE -Warray-bounds -+CWFLAGS ?= -Wall -Wstrict-prototypes -Wextra -Wno-unused-parameter -Wformat -Wformat-security -Werror=format-security -fstack-protector-strong -fPIE -Warray-bounds +-CWFLAGS = -Wall -Werror -Wstrict-prototypes -Wextra -Wno-unused-parameter ++CWFLAGS = -Wall -Wstrict-prototypes -Wextra -Wno-unused-parameter ifdef WARN_UNUSED - CWFLAGS += -Wp -O3 + CWFLAGS += -Wp,-D_FORTIFY_SOURCE=2 -O3 endif diff --git a/poky/meta/recipes-extended/mdadm/files/include_sysmacros.patch b/poky/meta/recipes-extended/mdadm/files/include_sysmacros.patch new file mode 100644 index 0000000000..8a1d8342d8 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/include_sysmacros.patch @@ -0,0 +1,14 @@ +include sys/sysmacros.h for major/minor macro definitions + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- a/mdadm.h ++++ b/mdadm.h +@@ -35,6 +35,7 @@ extern __off64_t lseek64 __P ((int __fd, + + #include <sys/types.h> + #include <sys/stat.h> ++#include <sys/sysmacros.h> + #include <stdint.h> + #include <stdlib.h> + #include <time.h> diff --git a/poky/meta/recipes-extended/mdadm/files/mdadm-3.3.2_x32_abi_time_t.patch b/poky/meta/recipes-extended/mdadm/files/mdadm-3.3.2_x32_abi_time_t.patch index ecd1f037d0..7a2c888701 100644 --- a/poky/meta/recipes-extended/mdadm/files/mdadm-3.3.2_x32_abi_time_t.patch +++ b/poky/meta/recipes-extended/mdadm/files/mdadm-3.3.2_x32_abi_time_t.patch @@ -1,4 +1,4 @@ -From ca91d9fc07943f209988411f2596e4b69828f208 Mon Sep 17 00:00:00 2001 +From e37f7f6a0f1ef1b594574d11a8b90b8c861d047b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?An=C3=ADbal=20Lim=C3=B3n?= <anibal.limon@linux.intel.com> Date: Sun, 15 Mar 2015 09:02:14 +0000 Subject: [PATCH] mdadm: Fix build in x32 ABI @@ -12,15 +12,16 @@ data type in x32 ABI is long long int. Upstream-Status: Pending Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> + --- monitor.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/monitor.c b/monitor.c -index 4acec67..8dcdfd6 100644 +index 81537ed..7c33382 100644 --- a/monitor.c +++ b/monitor.c -@@ -447,9 +447,12 @@ static int read_and_act(struct active_array *a, fd_set *fds) +@@ -445,9 +445,12 @@ static int read_and_act(struct active_array *a, fd_set *fds) if (FD_ISSET(mdi->bb_fd, fds)) check_for_cleared_bb(a, mdi); } diff --git a/poky/meta/recipes-extended/mdadm/mdadm_4.3.bb b/poky/meta/recipes-extended/mdadm/mdadm_4.2.bb index 228fc6f84e..6f87249398 100644 --- a/poky/meta/recipes-extended/mdadm/mdadm_4.3.bb +++ b/poky/meta/recipes-extended/mdadm/mdadm_4.2.bb @@ -17,16 +17,31 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \ file://0001-Use-CC-to-check-for-implicit-fallthrough-warning-sup.patch \ file://0001-fix-gcc-8-format-truncation-warning.patch \ file://debian-no-Werror.patch \ + file://0001-Revert-tests-wait-for-complete-rebuild-in-integrity-.patch \ file://mdadm.init \ file://0001-mdadm-add-option-y-for-use-syslog-to-recive-event-re.patch \ + file://include_sysmacros.patch \ + file://0001-mdadm-skip-test-11spare-migration.patch \ + file://0001-Fix-parsing-of-r-in-monitor-manager-mode.patch \ file://0001-Makefile-install-mdcheck.patch \ file://0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch \ - file://0002-Create.c-include-linux-falloc.h-for-FALLOC_FL_ZERO_R.patch \ - file://0001-util.c-add-limits.h-include-for-NAME_MAX-definition.patch \ - file://0001-include-libgen.h-for-basename-API.patch \ + file://0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ + file://0001-mdadm-Fix-optional-write-behind-parameter.patch \ + file://0001-tests-02lineargrow-clear-the-superblock-at-every-ite.patch \ + file://0001-tests-00raid0-add-a-test-that-validates-raid0-with-l.patch \ + file://0001-tests-fix-raid0-tests-for-0.90-metadata.patch \ + file://0001-tests-00readonly-Run-udevadm-settle-before-setting-r.patch \ + file://0001-tests-04update-metadata-avoid-passing-chunk-size-to.patch \ + file://0001-DDF-Cleanup-validate_geometry_ddf_container.patch \ + file://0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch \ + file://0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch \ + file://0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch \ + file://0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch \ + file://0006-tests-Add-broken-files-for-all-broken-tests.patch \ + file://0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch \ " -SRC_URI[sha256sum] = "416727ae1f1080ea6e3090cea36dd076826fc369151e36ab736557ba92196f9f" +SRC_URI[sha256sum] = "461c215670864bb74a4d1a3620684aa2b2f8296dffa06743f26dda5557acf01d" inherit autotools-brokensep ptest systemd @@ -44,7 +59,7 @@ CFLAGS:append:mipsarchn64 = ' -D__SANE_USERSPACE_TYPES__' CFLAGS:append:mipsarchn32 = ' -D__SANE_USERSPACE_TYPES__' EXTRA_OEMAKE = 'CHECK_RUN_DIR=0 CXFLAGS="${CFLAGS}" SYSTEMD_DIR=${systemd_system_unitdir} \ - BINDIR="${base_sbindir}" UDEVDIR="${nonarch_base_libdir}/udev" LDFLAGS="${LDFLAGS}"' + BINDIR="${base_sbindir}" UDEVDIR="${nonarch_base_libdir}/udev"' DEBUG_OPTIMIZATION:append = " -Wno-error" @@ -76,6 +91,7 @@ do_install_ptest() { cp -R --no-dereference --preserve=mode,links -v ${S}/tests ${D}${PTEST_PATH}/tests cp ${S}/test ${D}${PTEST_PATH} sed -e 's!sleep 0.*!sleep 1!g; s!/var/tmp!/mdadm-testing-dir!g' -i ${D}${PTEST_PATH}/test + sed -e 's!/var/tmp!/mdadm-testing-dir!g' -i ${D}${PTEST_PATH}/tests/* sed -i -e '/echo -ne "$_script... "/d' \ -e 's/echo "succeeded"/echo -e "PASS: $_script"/g' \ -e '/save_log fail/N; /_fail=1/i\\t\t\techo -ne "FAIL: $_script"' \ diff --git a/poky/meta/recipes-extended/pam/libpam/0001-examples-Replace-use-of-termio.h-with-termios.h.patch b/poky/meta/recipes-extended/pam/libpam/0001-examples-Replace-use-of-termio.h-with-termios.h.patch new file mode 100644 index 0000000000..95c437df4f --- /dev/null +++ b/poky/meta/recipes-extended/pam/libpam/0001-examples-Replace-use-of-termio.h-with-termios.h.patch @@ -0,0 +1,39 @@ +From 9b96fcfa5748934b8b6a4db4ee25a5e3165905c0 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 1 Jul 2023 07:48:17 -0700 +Subject: [PATCH] examples: Replace use of termio.h with termios.h + +Fixes build with musl and makes it portable + +Upstream-Status: Backport [https://github.com/linux-pam/linux-pam/commit/5374f677e4cae669eb9accf2449178b602e8a40a] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + examples/tty_conv.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/examples/tty_conv.c b/examples/tty_conv.c +index 23f0684..db22500 100644 +--- a/examples/tty_conv.c ++++ b/examples/tty_conv.c +@@ -6,7 +6,8 @@ + #include <string.h> + #include <errno.h> + #include <unistd.h> +-#include <termio.h> ++#include <termios.h> ++#include <sys/ioctl.h> + #include <security/pam_appl.h> + + /*************************************** +@@ -16,7 +17,7 @@ + ***************************************/ + static void echoOff(int fd, int off) + { +- struct termio tty; ++ struct termios tty; + if (ioctl(fd, TCGETA, &tty) < 0) + { + fprintf(stderr, "TCGETA failed: %s\n", strerror(errno)); +-- +2.41.0 + diff --git a/poky/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch b/poky/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch new file mode 100644 index 0000000000..23d5646235 --- /dev/null +++ b/poky/meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch @@ -0,0 +1,69 @@ +From 80dc2d410595b5193d32f965185710df27f3984e Mon Sep 17 00:00:00 2001 +From: Md Zain Hasib <hasibm@vmware.com> +Date: Sat, 29 Jul 2023 11:01:35 +0530 +Subject: [PATCH] pam_pwhistory: fix passing NULL filename argument to + pwhistory helper + +This change fixes a bug when pwhistory_helper is invoked from +pam_pwhistory with an NULL filename, pwhistory_helper receives a short +circuited argc count of 3, ignoring the rest of the arguments passed +due to filename being NULL. To resolve the issue, an empty string is +passed in case the filename is empty, which is later changed back to +NULL in pwhistory_helper so that it can be passed to opasswd to read +the default opasswd file. + +* modules/pam_pwhistory/pam_pwhistory.c (run_save_helper, +run_check_helper): Replace NULL filename argument with an empty string. +* modules/pam_pwhistory/pwhistory_helper.c (main): Replace empty string +filename argument with NULL. + +Fixes: 11c35109a67f ("pam_pwhistory: Enable alternate location for password history file (#396)") +Signed-off-by: Dmitry V. Levin <ldv@strace.io> + +Upstream-Status: Backport +[https://github.com/linux-pam/linux-pam/commit/80dc2d410595b5193d32f965185710df27f3984e] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + modules/pam_pwhistory/pam_pwhistory.c | 4 ++-- + modules/pam_pwhistory/pwhistory_helper.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c +index 5a7fb811..98ddffce 100644 +--- a/modules/pam_pwhistory/pam_pwhistory.c ++++ b/modules/pam_pwhistory/pam_pwhistory.c +@@ -141,7 +141,7 @@ run_save_helper(pam_handle_t *pamh, const char *user, + args[0] = (char *)PWHISTORY_HELPER; + args[1] = (char *)"save"; + args[2] = (char *)user; +- args[3] = (char *)filename; ++ args[3] = (char *)((filename != NULL) ? filename : ""); + DIAG_POP_IGNORE_CAST_QUAL; + if (asprintf(&args[4], "%d", howmany) < 0 || + asprintf(&args[5], "%d", debug) < 0) +@@ -228,7 +228,7 @@ run_check_helper(pam_handle_t *pamh, const char *user, + args[0] = (char *)PWHISTORY_HELPER; + args[1] = (char *)"check"; + args[2] = (char *)user; +- args[3] = (char *)filename; ++ args[3] = (char *)((filename != NULL) ? filename : ""); + DIAG_POP_IGNORE_CAST_QUAL; + if (asprintf(&args[4], "%d", debug) < 0) + { +diff --git a/modules/pam_pwhistory/pwhistory_helper.c b/modules/pam_pwhistory/pwhistory_helper.c +index 469d95fa..fb9a1e31 100644 +--- a/modules/pam_pwhistory/pwhistory_helper.c ++++ b/modules/pam_pwhistory/pwhistory_helper.c +@@ -108,7 +108,7 @@ main(int argc, char *argv[]) + + option = argv[1]; + user = argv[2]; +- filename = argv[3]; ++ filename = (argv[3][0] != '\0') ? argv[3] : NULL; + + if (strcmp(option, "check") == 0 && argc == 5) + return check_history(user, filename, argv[4]); +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/pam/libpam/libpam-xtests.patch b/poky/meta/recipes-extended/pam/libpam/libpam-xtests.patch index f2dafa72a5..ea145899b4 100644 --- a/poky/meta/recipes-extended/pam/libpam/libpam-xtests.patch +++ b/poky/meta/recipes-extended/pam/libpam/libpam-xtests.patch @@ -1,21 +1,13 @@ -From 060726f7e60c8ecb5bf50fd776910b290d9a0a69 Mon Sep 17 00:00:00 2001 -From: Kang Kai <kai.kang@windriver.com> -Date: Tue, 19 Jul 2011 17:08:31 +0800 -Subject: [PATCH] This patch is used to create a new sub package libpam-xtests - to do more checks. +This patch is used to create a new sub package libpam-xtests to do more checks. Upstream-Status: Pending Signed-off-by: Kang Kai <kai.kang@windriver.com> ---- - xtests/Makefile.am | 17 ++++++++++++++++- - 1 file changed, 16 insertions(+), 1 deletion(-) - -diff --git a/xtests/Makefile.am b/xtests/Makefile.am -index acf9746..9826c9f 100644 ---- a/xtests/Makefile.am -+++ b/xtests/Makefile.am -@@ -8,7 +8,7 @@ AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include \ +Index: Linux-PAM-1.3.0/xtests/Makefile.am +=================================================================== +--- Linux-PAM-1.3.0.orig/xtests/Makefile.am ++++ Linux-PAM-1.3.0/xtests/Makefile.am +@@ -7,7 +7,7 @@ AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_src LDADD = $(top_builddir)/libpam/libpam.la \ $(top_builddir)/libpam_misc/libpam_misc.la @@ -24,7 +16,7 @@ index acf9746..9826c9f 100644 EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \ tst-pam_dispatch3.pamd tst-pam_dispatch4.pamd \ -@@ -55,3 +55,18 @@ EXTRA_PROGRAMS = $(XTESTS) +@@ -51,3 +51,18 @@ EXTRA_PROGRAMS = $(XTESTS) xtests: $(XTESTS) run-xtests.sh "$(srcdir)"/run-xtests.sh "$(srcdir)" ${XTESTS} ${NOSRCTESTS} diff --git a/poky/meta/recipes-extended/pam/libpam_1.6.0.bb b/poky/meta/recipes-extended/pam/libpam_1.5.3.bb index e1ed940d1e..ef32d19f3d 100644 --- a/poky/meta/recipes-extended/pam/libpam_1.6.0.bb +++ b/poky/meta/recipes-extended/pam/libpam_1.5.3.bb @@ -21,12 +21,14 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \ file://pam.d/common-session-noninteractive \ file://pam.d/other \ file://libpam-xtests.patch \ + file://0001-examples-Replace-use-of-termio.h-with-termios.h.patch \ file://run-ptest \ file://pam-volatiles.conf \ file://0001-pam_namespace-include-stdint-h.patch \ + file://0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch \ " -SRC_URI[sha256sum] = "fff4a34e5bbee77e2e8f1992f27631e2329bcbf8a0563ddeb5c3389b4e3169ad" +SRC_URI[sha256sum] = "7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283" DEPENDS = "bison-native flex-native cracklib libxml2-native virtual/crypt" diff --git a/poky/meta/recipes-extended/procps/procps/pidfd.patch b/poky/meta/recipes-extended/procps/procps/pidfd.patch new file mode 100644 index 0000000000..23d1a3cd3e --- /dev/null +++ b/poky/meta/recipes-extended/procps/procps/pidfd.patch @@ -0,0 +1,42 @@ +From c8f625e085b8249cc009e8b19c3a19100217eb35 Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@arm.com> +Date: Thu, 25 Apr 2024 13:33:15 +0000 +Subject: [PATCH] Fix pidfd_open detection + +This check for pidfd_open uses AC_CHECK_FUNC which just runs the specified code, but +src/pgrep.c checks HAVE_PIDFD_OPEN which will only be defined by AC_CHECK_FUNCS. + +Also pidfd_open is defined in sys/pidfd.h so that needs including. + +Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/229] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + +diff --git a/configure.ac b/configure.ac +index fec27e3f..024731c7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -170,7 +170,7 @@ AC_TRY_COMPILE([#include <errno.h>], + AC_MSG_RESULT(yes), + AC_MSG_RESULT(no)) + +-AC_CHECK_FUNC([pidfd_open], [enable_pidwait=yes], [ ++AC_CHECK_FUNCS([pidfd_open], [enable_pidwait=yes], [ + AC_MSG_CHECKING([for __NR_pidfd_open]) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([ + #include <sys/syscall.h> +diff --git a/src/pgrep.c b/src/pgrep.c +index d8e57dff..c5211aec 100644 +--- a/src/pgrep.c ++++ b/src/pgrep.c +@@ -44,7 +44,9 @@ + + #ifdef ENABLE_PIDWAIT + #include <sys/epoll.h> +-#ifndef HAVE_PIDFD_OPEN ++#ifdef HAVE_PIDFD_OPEN ++#include <sys/pidfd.h> ++#else + #include <sys/syscall.h> + #endif /* !HAVE_PIDFD_OPEN */ + #endif diff --git a/poky/meta/recipes-extended/procps/procps_4.0.4.bb b/poky/meta/recipes-extended/procps/procps_4.0.4.bb index 800384f22f..ec8c4b0261 100644 --- a/poky/meta/recipes-extended/procps/procps_4.0.4.bb +++ b/poky/meta/recipes-extended/procps/procps_4.0.4.bb @@ -14,6 +14,7 @@ inherit autotools gettext pkgconfig update-alternatives SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \ file://sysctl.conf \ + file://pidfd.patch \ " SRCREV = "4ddcef2fd843170c8e2d59a83042978f41037a2b" diff --git a/poky/meta/recipes-extended/psmisc/psmisc/0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch b/poky/meta/recipes-extended/psmisc/psmisc/0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch index 01335bdf40..ca13bdbd15 100644 --- a/poky/meta/recipes-extended/psmisc/psmisc/0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch +++ b/poky/meta/recipes-extended/psmisc/psmisc/0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch @@ -1,4 +1,4 @@ -From 338d2d46d1c20ebadf317938af98d0532a62f8d4 Mon Sep 17 00:00:00 2001 +From 115fcf1daff18aa2f2e130d63704f04031878db0 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Thu, 24 Mar 2016 15:46:14 +0000 Subject: [PATCH] Use UINTPTR_MAX instead of __WORDSIZE @@ -13,7 +13,7 @@ Upstream-Status: Pending 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/peekfd.c b/src/peekfd.c -index 36dff04..2b4b1dc 100644 +index 5aa990a..7e8e3fc 100644 --- a/src/peekfd.c +++ b/src/peekfd.c @@ -30,8 +30,11 @@ @@ -28,7 +28,7 @@ index 36dff04..2b4b1dc 100644 #include <getopt.h> #include <ctype.h> #include <dirent.h> -@@ -341,11 +344,11 @@ int main(int argc, char **argv) +@@ -266,11 +269,11 @@ int main(int argc, char **argv) if (WIFSTOPPED(status)) { #ifdef PPC struct pt_regs regs; diff --git a/poky/meta/recipes-extended/psmisc/psmisc_23.7.bb b/poky/meta/recipes-extended/psmisc/psmisc_23.6.bb index ea272cd92d..2e55ad00bd 100644 --- a/poky/meta/recipes-extended/psmisc/psmisc_23.7.bb +++ b/poky/meta/recipes-extended/psmisc/psmisc_23.6.bb @@ -5,5 +5,5 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https;branch=master \ file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \ " -SRCREV = "9091d6dbcce3d8fb87adf9249a2eb346d25a562c" +SRCREV = "3098e641dc1ddb210186f53464255670b480377b" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch b/poky/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch index 2e5503bfd4..d278a4cda3 100644 --- a/poky/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch +++ b/poky/meta/recipes-extended/shadow/files/0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch @@ -16,9 +16,11 @@ Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de> lib/copydir.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---- a/lib/copydir.c -+++ b/lib/copydir.c -@@ -400,6 +400,7 @@ static int copy_entry (const struct path +Index: shadow-4.14.2/lib/copydir.c +=================================================================== +--- shadow-4.14.2.orig/lib/copydir.c ++++ shadow-4.14.2/lib/copydir.c +@@ -415,6 +415,7 @@ static int copy_entry (const struct path { int err = 0; struct stat sb; @@ -26,12 +28,12 @@ Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de> struct link_name *lp; struct timespec mt[2]; -@@ -423,7 +424,7 @@ static int copy_entry (const struct path - * If the destination already exists do nothing. - * This is after the copy_dir above to still iterate into subdirectories. - */ -- if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) { -+ if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) { - return err; - } +@@ -436,7 +437,7 @@ static int copy_entry (const struct path + * If the destination already exists do nothing. + * This is after the copy_dir above to still iterate into subdirectories. + */ +- if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) { ++ if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) { + return 0; + } diff --git a/poky/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch b/poky/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch index cd99aad135..4a932d2dbb 100644 --- a/poky/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch +++ b/poky/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch @@ -1,4 +1,4 @@ -From f512071dd3a4c29d4bf048c5a89c4ba9160e37b1 Mon Sep 17 00:00:00 2001 +From a773c6b240d27e23d6be41decef0edf24fcee523 Mon Sep 17 00:00:00 2001 From: Chen Qi <Qi.Chen@windriver.com> Date: Thu, 17 Jul 2014 15:53:34 +0800 Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env @@ -20,10 +20,10 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/commonio.c b/lib/commonio.c -index 01a26c9..82b2868 100644 +index 73fdb3a..d1231e9 100644 --- a/lib/commonio.c +++ b/lib/commonio.c -@@ -601,10 +601,18 @@ int commonio_open (struct commonio_db *db, int mode) +@@ -606,10 +606,18 @@ int commonio_open (struct commonio_db *db, int mode) db->cursor = NULL; db->changed = false; @@ -46,3 +46,6 @@ index 01a26c9..82b2868 100644 db->fp = NULL; if (fd >= 0) { #ifdef WITH_TCB +-- +2.30.2 + diff --git a/poky/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch b/poky/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch index 1eacb8a53f..3b61b75e5b 100644 --- a/poky/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch +++ b/poky/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch @@ -1,8 +1,3 @@ -From 38882ab288fd4d2cc2e45dff222ae3412c8fe357 Mon Sep 17 00:00:00 2001 -From: Kang Kai <kai.kang@windriver.com> -Date: Wed, 20 Jul 2011 19:18:14 +0800 -Subject: [PATCH] shadow: update pam related configure files - The system-auth in the configure files is from Fedora which put all the 4 pam type rules in one file. In yocto it obey the way with Debian/Ubuntu, and the names are common-auth, common-account, @@ -14,102 +9,82 @@ See meta/recipes-extended/pam/libpam/pam.d/common-password Upstream-Status: Inappropriate [oe-core specific] Signed-off-by: Kang Kai <kai.kang@windriver.com> ---- - etc/pam.d/chage | 2 +- - etc/pam.d/chgpasswd | 2 +- - etc/pam.d/groupadd | 2 +- - etc/pam.d/groupdel | 2 +- - etc/pam.d/groupmems | 2 +- - etc/pam.d/groupmod | 2 +- - etc/pam.d/useradd | 2 +- - etc/pam.d/userdel | 2 +- - etc/pam.d/usermod | 2 +- - 9 files changed, 9 insertions(+), 9 deletions(-) -diff --git a/etc/pam.d/chage b/etc/pam.d/chage -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/chage -+++ b/etc/pam.d/chage +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chage shadow-4.1.4.3/etc/pam.d/chage +--- shadow-4.1.4.3/etc/pam.d.orig/chage 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/chage 2011-07-20 19:03:08.964844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/chgpasswd b/etc/pam.d/chgpasswd -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/chgpasswd -+++ b/etc/pam.d/chgpasswd +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chgpasswd shadow-4.1.4.3/etc/pam.d/chgpasswd +--- shadow-4.1.4.3/etc/pam.d.orig/chgpasswd 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/chgpasswd 2011-07-20 19:03:26.544844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/groupadd b/etc/pam.d/groupadd -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/groupadd -+++ b/etc/pam.d/groupadd +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupadd shadow-4.1.4.3/etc/pam.d/groupadd +--- shadow-4.1.4.3/etc/pam.d.orig/groupadd 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/groupadd 2011-07-20 19:04:08.124844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/groupdel b/etc/pam.d/groupdel -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/groupdel -+++ b/etc/pam.d/groupdel +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupdel shadow-4.1.4.3/etc/pam.d/groupdel +--- shadow-4.1.4.3/etc/pam.d.orig/groupdel 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/groupdel 2011-07-20 19:04:26.114844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/groupmems b/etc/pam.d/groupmems -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/groupmems -+++ b/etc/pam.d/groupmems +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmems shadow-4.1.4.3/etc/pam.d/groupmems +--- shadow-4.1.4.3/etc/pam.d.orig/groupmems 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/groupmems 2011-07-20 19:04:35.074844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/groupmod b/etc/pam.d/groupmod -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/groupmod -+++ b/etc/pam.d/groupmod +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmod shadow-4.1.4.3/etc/pam.d/groupmod +--- shadow-4.1.4.3/etc/pam.d.orig/groupmod 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/groupmod 2011-07-20 19:04:44.864844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/useradd b/etc/pam.d/useradd -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/useradd -+++ b/etc/pam.d/useradd +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/useradd shadow-4.1.4.3/etc/pam.d/useradd +--- shadow-4.1.4.3/etc/pam.d.orig/useradd 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/useradd 2011-07-20 19:07:26.244844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/userdel b/etc/pam.d/userdel -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/userdel -+++ b/etc/pam.d/userdel +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/userdel shadow-4.1.4.3/etc/pam.d/userdel +--- shadow-4.1.4.3/etc/pam.d.orig/userdel 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/userdel 2011-07-20 19:07:35.734844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so account required pam_permit.so -password include system-auth +password include common-password -diff --git a/etc/pam.d/usermod b/etc/pam.d/usermod -index 8f49f5c..b1f365d 100644 ---- a/etc/pam.d/usermod -+++ b/etc/pam.d/usermod +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/usermod shadow-4.1.4.3/etc/pam.d/usermod +--- shadow-4.1.4.3/etc/pam.d.orig/usermod 2011-07-20 19:02:27.384844958 +0800 ++++ shadow-4.1.4.3/etc/pam.d/usermod 2011-07-20 19:07:42.024844958 +0800 @@ -1,4 +1,4 @@ #%PAM-1.0 auth sufficient pam_rootok.so diff --git a/poky/meta/recipes-extended/shadow/shadow.inc b/poky/meta/recipes-extended/shadow/shadow.inc index 7b9763d6db..40e6ab0b30 100644 --- a/poky/meta/recipes-extended/shadow/shadow.inc +++ b/poky/meta/recipes-extended/shadow/shadow.inc @@ -25,7 +25,7 @@ SRC_URI:append:class-target = " \ SRC_URI:append:class-native = " \ file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ " -SRC_URI[sha256sum] = "377fe0d7c1a0aa5e3514c08fdf5ddc70c9dcbb391678c2134445ed97326bcc26" +SRC_URI[sha256sum] = "a305edf5d19bddbdf5e836d2d609fa8bff2d35458819de4d9f06306a1cf24342" # Additional Policy files for PAM PAM_SRC_URI = "file://pam.d/chfn \ @@ -40,7 +40,7 @@ inherit autotools gettext github-releases pkgconfig export CONFIG_SHELL="/bin/sh" -EXTRA_OECONF += " \ +EXTRA_OECONF += "--without-libcrack \ --with-group-name-max-length=24 \ --enable-subordinate-ids=yes \ --without-sssd \ diff --git a/poky/meta/recipes-extended/shadow/shadow_4.15.0.bb b/poky/meta/recipes-extended/shadow/shadow_4.14.2.bb index e57676c1da..e57676c1da 100644 --- a/poky/meta/recipes-extended/shadow/shadow_4.15.0.bb +++ b/poky/meta/recipes-extended/shadow/shadow_4.14.2.bb diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.17.06.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.17.05.bb index a52b70d22f..d4a427f89d 100644 --- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.17.06.bb +++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.17.05.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRC_URI = "git://github.com/ColinIanKing/stress-ng.git;protocol=https;branch=master \ " -SRCREV = "e6bda983cb48a201b6af173204372c7b37d6411f" +SRCREV = "4e68895f4fe68863b360ab4a6a57e2dfcff85d60" S = "${WORKDIR}/git" DEPENDS = "coreutils-native libbsd" diff --git a/poky/meta/recipes-extended/texinfo/texinfo/0001-texinfo-several-changes-to-build-without-zlib-and-nc.patch b/poky/meta/recipes-extended/texinfo/texinfo/disable-native-tools.patch index b43a115b23..3801d73883 100644 --- a/poky/meta/recipes-extended/texinfo/texinfo/0001-texinfo-several-changes-to-build-without-zlib-and-nc.patch +++ b/poky/meta/recipes-extended/texinfo/texinfo/disable-native-tools.patch @@ -1,8 +1,7 @@ -From ee9d23373b488c4a499c561d71e6b6ba7ca1bd31 Mon Sep 17 00:00:00 2001 +From e5d8f6d4a7652ea95c8d069ce9333494f2db868c Mon Sep 17 00:00:00 2001 From: Joshua Lock <josh@linux.intel.com> Date: Fri, 16 Sep 2011 15:35:48 -0700 -Subject: [PATCH 1/3] texinfo: several changes to build without zlib and - ncurses +Subject: [PATCH] texinfo: several changes to build without zlib and ncurses We already DEPEND on the native texinfo being present before building so there isn't any need to try and build the required native texinfo binaries @@ -11,15 +10,16 @@ before cross-compiling. This simplifies the recipe somewhat! Upstream-Status: Inappropriate oe specific Signed-off-by: Joshua Lock <josh@linux.intel.com> + --- configure.ac | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/configure.ac b/configure.ac -index 8094498..5b72fc1 100644 +index 6fcd3a0..c108df7 100644 --- a/configure.ac +++ b/configure.ac -@@ -247,29 +247,7 @@ AC_CANONICAL_BUILD +@@ -180,29 +180,7 @@ AC_CANONICAL_BUILD # $native_tools is also added to SUBDIRS in the main Makefile.am, # so that make compiles the native tools first. # @@ -50,6 +50,3 @@ index 8094498..5b72fc1 100644 AC_SUBST(native_tools) AM_CONDITIONAL(TOOLS_ONLY, [[test "x$tools_only" = x1]]) --- -2.39.2 - diff --git a/poky/meta/recipes-extended/texinfo/texinfo/0002-dont-depend-on-help2man.patch b/poky/meta/recipes-extended/texinfo/texinfo/dont-depend-on-help2man.patch index f3b6827d58..825887cc2e 100644 --- a/poky/meta/recipes-extended/texinfo/texinfo/0002-dont-depend-on-help2man.patch +++ b/poky/meta/recipes-extended/texinfo/texinfo/dont-depend-on-help2man.patch @@ -1,32 +1,33 @@ -From e02be81fa68ddc7f939abd99de4e42759a0d5d8c Mon Sep 17 00:00:00 2001 +From 451a9b9c3874872d575693fc7733fae02690a7d3 Mon Sep 17 00:00:00 2001 From: Edwin Plauchu <edwin.plauchu.camacho@intel.com> Date: Tue, 29 Nov 2016 13:43:24 -0600 -Subject: [PATCH 2/3] dont-depend-on-help2man +Subject: [PATCH] dont-depend-on-help2man Upstream-Status: Inappropriate Signed-off-by: Marko Lindqvist <cazfi74@gmail.com> Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com> + --- doc/Makefile.am | 2 +- man/Makefile.am | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/doc/Makefile.am b/doc/Makefile.am -index e9e6298..f1b9895 100644 +index 407a38c..6b5ff3e 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am -@@ -63,7 +63,7 @@ refcard/txirefcard.pdf refcard/txirefcard-a4.pdf: refcard/txirefcard.tex +@@ -55,7 +55,7 @@ refcard_files = refcard/Makefile refcard/txicmdcheck \ # Include our texinfo.tex, not Automake's. EXTRA_DIST = epsf.tex texinfo.tex \ fdl.texi \ - $(man_MANS) $(TXI_XLATE) \ + $(TXI_XLATE) \ $(refcard_files) \ + gendocs.chapter/gendocs_template \ texinfo-tex-test.texi texinfo-tex-test.WIDOWs \ - texinfo-ja.tex short-sample-ja.texi \ diff --git a/man/Makefile.am b/man/Makefile.am -index f2c703f..61caeeb 100644 +index d0cd72c..a19e52a 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -11,27 +11,27 @@ @@ -63,6 +64,3 @@ index f2c703f..61caeeb 100644 # Maintainers should be able to regenerate. MAINTAINERCLEANFILES = $(man_MANS) --- -2.39.2 - diff --git a/poky/meta/recipes-extended/texinfo/texinfo/link-zip.patch b/poky/meta/recipes-extended/texinfo/texinfo/link-zip.patch new file mode 100644 index 0000000000..72d7067aa9 --- /dev/null +++ b/poky/meta/recipes-extended/texinfo/texinfo/link-zip.patch @@ -0,0 +1,23 @@ +From c5050ac84c8a3cc3ff8c7e558f8c2fdb57f410d9 Mon Sep 17 00:00:00 2001 +From: Joshua Lock <josh@linux.intel.com> +Date: Mon, 29 Jul 2013 15:02:34 -0700 +Subject: [PATCH] install-info uses symbols from zlib so must link against it. + +Upstream-Status: Pending + +Signed-off-by: Joshua Lock <josh@linux.intel.com> + +--- + install-info/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/install-info/Makefile.am b/install-info/Makefile.am +index 9bcff71..68247f9 100644 +--- a/install-info/Makefile.am ++++ b/install-info/Makefile.am +@@ -33,4 +33,4 @@ AM_CPPFLAGS = \ + -I$(top_srcdir)/gnulib/lib \ + -I$(top_builddir)/gnulib/lib \ + -DLOCALEDIR=\"$(localedir)\" +-LDADD = $(top_builddir)/gnulib/lib/libgnu.a $(LIBINTL) $(LIBTHREAD) ++LDADD = $(top_builddir)/gnulib/lib/libgnu.a $(LIBINTL) $(LIBTHREAD) -lz diff --git a/poky/meta/recipes-extended/texinfo/texinfo/0003-texinfo-Update-to-5.1.patch b/poky/meta/recipes-extended/texinfo/texinfo/use_host_makedoc.patch index f99f8b87d5..c6c9952c9e 100644 --- a/poky/meta/recipes-extended/texinfo/texinfo/0003-texinfo-Update-to-5.1.patch +++ b/poky/meta/recipes-extended/texinfo/texinfo/use_host_makedoc.patch @@ -1,20 +1,21 @@ -From 33b85a3928895b812b37dc759c6de711802db45f Mon Sep 17 00:00:00 2001 +From 81ccd162b869c20e450073fa834b5cabbea8e3d4 Mon Sep 17 00:00:00 2001 From: Saul Wold <sgw@linux.intel.com> Date: Mon, 29 Jul 2013 15:02:34 -0700 -Subject: [PATCH 3/3] texinfo: Update to 5.1 +Subject: [PATCH] texinfo: Update to 5.1 Upstream-Status: Inappropriate [cross build specific] Signed-off-by: Saul Wold <sgw@linux.intel.com> + --- info/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/info/Makefile.am b/info/Makefile.am -index f57b341..a019aa7 100644 +index 35596b1..cae1421 100644 --- a/info/Makefile.am +++ b/info/Makefile.am -@@ -77,7 +77,7 @@ cmd_sources = $(srcdir)/session.c $(srcdir)/echo-area.c $(srcdir)/infodoc.c \ +@@ -69,7 +69,7 @@ cmd_sources = $(srcdir)/session.c $(srcdir)/echo-area.c $(srcdir)/infodoc.c \ # more than once. funs.h: makedoc$(EXEEXT) $(cmd_sources) rm -f $(generated_sources) @@ -23,6 +24,3 @@ index f57b341..a019aa7 100644 # The following hack is necessary to hint make before the automatic # dependencies are built. --- -2.39.2 - diff --git a/poky/meta/recipes-extended/texinfo/texinfo_7.1.bb b/poky/meta/recipes-extended/texinfo/texinfo_7.0.3.bb index 65d8252fb9..b149177b72 100644 --- a/poky/meta/recipes-extended/texinfo/texinfo_7.1.bb +++ b/poky/meta/recipes-extended/texinfo/texinfo_7.0.3.bb @@ -25,16 +25,17 @@ RDEPENDS:info += "${@compress_pkg(d)}" DEPENDS = "zlib ncurses texinfo-replacement-native" DEPENDS:class-native = "zlib-native ncurses-native" -TARGET_PATCH = "file://0003-texinfo-Update-to-5.1.patch" +TARGET_PATCH = "file://use_host_makedoc.patch" TARGET_PATCH:class-native = "" SRC_URI = "${GNU_MIRROR}/texinfo/${BP}.tar.gz \ - file://0001-texinfo-several-changes-to-build-without-zlib-and-nc.patch \ - file://0002-dont-depend-on-help2man.patch \ + file://disable-native-tools.patch \ + file://link-zip.patch \ + file://dont-depend-on-help2man.patch \ ${TARGET_PATCH} \ " -SRC_URI[sha256sum] = "dd5710b3a53ac002644677a06145748e260592a35be182dc830ebebb79c5d5a0" +SRC_URI[sha256sum] = "3cc5706fb086b895e1dc2b407aade9f95a3a233ff856273e2b659b089f117683" tex_texinfo = "texmf/tex/texinfo" @@ -43,7 +44,6 @@ inherit gettext autotools multilib_script MULTILIB_SCRIPTS = "${PN}:${bindir}/texi2any" EXTRA_AUTORECONF += "-I ${S}/gnulib/m4" -CACHED_CONFIGUREVARS += "texinfo_cv_sys_iconv_converts_euc_cn=yes" do_configure:prepend () { # autotools_do_configure updates po/Makefile.in.in, we also need diff --git a/poky/meta/recipes-extended/wget/wget/0002-improve-reproducibility.patch b/poky/meta/recipes-extended/wget/wget/0002-improve-reproducibility.patch index 5438bafdcb..050fc2c7e1 100644 --- a/poky/meta/recipes-extended/wget/wget/0002-improve-reproducibility.patch +++ b/poky/meta/recipes-extended/wget/wget/0002-improve-reproducibility.patch @@ -1,4 +1,4 @@ -From b86e57b68363d108fe77c6fd588a275d2696cabe Mon Sep 17 00:00:00 2001 +From 7f1357529d23b356b45fbb0dd7388588162e4cb8 Mon Sep 17 00:00:00 2001 From: Hongxu Jia <hongxu.jia@windriver.com> Date: Wed, 10 Jan 2018 14:43:20 +0800 Subject: [PATCH] src/Makefile.am: improve reproducibility @@ -44,10 +44,10 @@ Signed-off-by: Joe Slater <jslater@windriver.com> 1 file changed, 4 insertions(+) diff --git a/src/Makefile.am b/src/Makefile.am -index 18ec622..38d252d 100644 +index 28c0be2..44084a3 100644 --- a/src/Makefile.am +++ b/src/Makefile.am -@@ -108,9 +108,13 @@ version.c: $(wget_SOURCES) ../lib/libgnu.a +@@ -87,9 +87,13 @@ version.c: $(wget_SOURCES) ../lib/libgnu.a echo '#include "version.h"' >> $@ echo 'const char *version_string = "@VERSION@";' >> $@ echo 'const char *compilation_string = "'$(COMPILE)'";' \ @@ -61,3 +61,6 @@ index 18ec622..38d252d 100644 | $(ESCAPEQUOTE) >> $@ css.c: $(srcdir)/css.l +-- +1.8.3.1 + diff --git a/poky/meta/recipes-extended/wget/wget/CVE-2024-38428.patch b/poky/meta/recipes-extended/wget/wget/CVE-2024-38428.patch new file mode 100644 index 0000000000..ed99a05464 --- /dev/null +++ b/poky/meta/recipes-extended/wget/wget/CVE-2024-38428.patch @@ -0,0 +1,79 @@ +From ed0c7c7e0e8f7298352646b2fd6e06a11e242ace Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de> +Date: Sun, 2 Jun 2024 12:40:16 +0200 +Subject: Properly re-implement userinfo parsing (rfc2396) + +* src/url.c (url_skip_credentials): Properly re-implement userinfo parsing (rfc2396) + +The reason why the implementation is based on RFC 2396, an outdated standard, +is that the whole file is based on that RFC, and mixing standard here might be +dangerous. + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/wget.git/commit/?id=ed0c7c7e0e8f7298352646b2fd6e06a11e242ace] +CVE: CVE-2024-38428 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + src/url.c | 40 ++++++++++++++++++++++++++++++++++------ + 1 file changed, 34 insertions(+), 6 deletions(-) + +diff --git a/src/url.c b/src/url.c +index 69e948b..07c3bc8 100644 +--- a/src/url.c ++++ b/src/url.c +@@ -41,6 +41,7 @@ as that of the covered work. */ + #include "url.h" + #include "host.h" /* for is_valid_ipv6_address */ + #include "c-strcase.h" ++#include "c-ctype.h" + + #ifdef HAVE_ICONV + # include <iconv.h> +@@ -526,12 +527,39 @@ scheme_leading_string (enum url_scheme scheme) + static const char * + url_skip_credentials (const char *url) + { +- /* Look for '@' that comes before terminators, such as '/', '?', +- '#', or ';'. */ +- const char *p = (const char *)strpbrk (url, "@/?#;"); +- if (!p || *p != '@') +- return url; +- return p + 1; ++ /* ++ * This whole file implements https://www.rfc-editor.org/rfc/rfc2396 . ++ * RFC 2396 is outdated since 2005 and needs a rewrite or a thorough re-visit. ++ * ++ * The RFC says ++ * server = [ [ userinfo "@" ] hostport ] ++ * userinfo = *( unreserved | escaped | ";" | ":" | "&" | "=" | "+" | "$" | "," ) ++ * unreserved = alphanum | mark ++ * mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")" ++ */ ++ static const char *allowed = "-_.!~*'();:&=+$,"; ++ ++ for (const char *p = url; *p; p++) ++ { ++ if (c_isalnum(*p)) ++ continue; ++ ++ if (strchr(allowed, *p)) ++ continue; ++ ++ if (*p == '%' && c_isxdigit(p[1]) && c_isxdigit(p[2])) ++ { ++ p += 2; ++ continue; ++ } ++ ++ if (*p == '@') ++ return p + 1; ++ ++ break; ++ } ++ ++ return url; + } + + /* Parse credentials contained in [BEG, END). The region is expected +-- +cgit v1.1 + diff --git a/poky/meta/recipes-extended/wget/wget_1.24.5.bb b/poky/meta/recipes-extended/wget/wget_1.21.4.bb index 64e6ee80af..bc65a8f7c8 100644 --- a/poky/meta/recipes-extended/wget/wget_1.24.5.bb +++ b/poky/meta/recipes-extended/wget/wget_1.21.4.bb @@ -1,7 +1,8 @@ SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \ file://0002-improve-reproducibility.patch \ + file://CVE-2024-38428.patch \ " -SRC_URI[sha256sum] = "fa2dc35bab5184ecbc46a9ef83def2aaaa3f4c9f3c97d4bd19dcb07d4da637de" +SRC_URI[sha256sum] = "81542f5cefb8faacc39bbbc6c82ded80e3e4a88505ae72ea51df27525bcde04c" require wget.inc diff --git a/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Include-dirent.h-for-closedir-opendir-APIs.patch b/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Include-dirent.h-for-closedir-opendir-APIs.patch new file mode 100644 index 0000000000..0d3af37ded --- /dev/null +++ b/poky/meta/recipes-extended/zip/zip-3.0/0001-configure-Include-dirent.h-for-closedir-opendir-APIs.patch @@ -0,0 +1,45 @@ +From 9db2f8cdbbc0dfb359d3b4e5dfe48c18652ce531 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 8 May 2024 19:02:46 -0700 +Subject: [PATCH] configure: Include dirent.h for closedir/opendir APIs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC-14 is strict about function prototypes and since the +testcase tries to compile/link opendir/closedir functions +without including signatures, it fails to build the test +due to missing signatures which come from dirent.h + +Therefore include the needed system header and make it more +robust. + +Fixes +a.c:2:21: error: implicit declaration of function ‘closedir’ [-Wimplicit-function-declaration] + 2 | int main() { return closedir(opendir(".")); } + | ^~~~~~~~ +a.c:2:30: error: implicit declaration of function ‘opendir’ [-Wimplicit-function-declaration] + 2 | int main() { return closedir(opendir(".")); } + | ^~~~~~~ + +Upstream-Status: Inactive-Upstream +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + unix/configure | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/unix/configure b/unix/configure +index f917086..1dd98c6 100644 +--- a/unix/configure ++++ b/unix/configure +@@ -591,6 +591,7 @@ $CC $CFLAGS -c conftest.c >/dev/null 2>/dev/null + + echo Check for directory libraries + cat > conftest.c << _EOF_ ++#include <dirent.h> + int main() { return closedir(opendir(".")); } + _EOF_ + +-- +2.45.0 + diff --git a/poky/meta/recipes-extended/zip/zip-3.0/0002-unix.c-Do-not-redefine-DIR-as-FILE.patch b/poky/meta/recipes-extended/zip/zip-3.0/0002-unix.c-Do-not-redefine-DIR-as-FILE.patch deleted file mode 100644 index a86e03e620..0000000000 --- a/poky/meta/recipes-extended/zip/zip-3.0/0002-unix.c-Do-not-redefine-DIR-as-FILE.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 76f5bf3546d826dcbc03acbefcf0b10b972bf136 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 10 Aug 2022 17:19:38 -0700 -Subject: [PATCH 2/2] unix.c: Do not redefine DIR as FILE - -DIR is already provided on Linux via -/usr/include/dirent.h system header - -Upstream-Status: Inactive-Upstream -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - unix/unix.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/unix/unix.c b/unix/unix.c -index ba87614..6e6f4d2 100644 ---- a/unix/unix.c -+++ b/unix/unix.c -@@ -61,13 +61,11 @@ local time_t label_utim = 0; - /* Local functions */ - local char *readd OF((DIR *)); - -- - #ifdef NO_DIR /* for AT&T 3B1 */ - #include <sys/dir.h> - #ifndef dirent - # define dirent direct - #endif --typedef FILE DIR; - /* - ** Apparently originally by Rich Salz. - ** Cleaned up and modified by James W. Birdsall. --- -2.37.1 - diff --git a/poky/meta/recipes-extended/zip/zip_3.0.bb b/poky/meta/recipes-extended/zip/zip_3.0.bb index 70df5ab872..ec54206335 100644 --- a/poky/meta/recipes-extended/zip/zip_3.0.bb +++ b/poky/meta/recipes-extended/zip/zip_3.0.bb @@ -17,8 +17,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/Zip%203.x%20%28latest%29/3.0/zip30.tar. file://0002-configure-support-PIC-code-build.patch \ file://0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch \ file://0001-configure-Specify-correct-function-signatures-and-de.patch \ - file://0002-unix.c-Do-not-redefine-DIR-as-FILE.patch \ file://0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch \ + file://0001-configure-Include-dirent.h-for-closedir-opendir-APIs.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch index 7250fa3f62..24edda8102 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch @@ -1,4 +1,4 @@ -From 9d3b374e75692da3d1d05344a1693c85a3098f47 Mon Sep 17 00:00:00 2001 +From 325a4cde99a00b84116ab7111d27e6973f3c5026 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex@linutronix.de> Date: Thu, 26 Jan 2023 20:29:46 +0100 Subject: [PATCH] meson.build: allow (a subset of) tests in cross compile @@ -19,10 +19,10 @@ Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/meson.build b/meson.build -index 8a16c8f..7c8b20f 100644 +index 3eb3fcc..dc7e790 100644 --- a/meson.build +++ b/meson.build -@@ -369,10 +369,10 @@ subdir('gdk-pixbuf') +@@ -390,10 +390,10 @@ subdir('gdk-pixbuf') # i18n subdir('po') @@ -37,7 +37,7 @@ index 8a16c8f..7c8b20f 100644 endif diff --git a/tests/meson.build b/tests/meson.build -index 28c2525..c45e765 100644 +index 3781066..911b5fb 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -4,7 +4,7 @@ @@ -49,7 +49,7 @@ index 28c2525..c45e765 100644 # Resources; we cannot use gnome.compile_resources() here, because we need to # override the environment in order to use the utilities we just built instead # of the system ones -@@ -166,9 +166,11 @@ endif +@@ -164,9 +164,11 @@ endif test_deps = gdk_pixbuf_deps + [ gdkpixbuf_dep, ] test_args = [ '-k' ] test_env = environment() diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch index 23c68a0923..3b4bf62861 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch @@ -1,4 +1,4 @@ -From b511bd1efb43ffc49c753e309717a242ec686ef1 Mon Sep 17 00:00:00 2001 +From f78ab4edaee5f62663a9a4bcfa56e5c524da4474 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Tue, 1 Apr 2014 17:23:36 +0100 Subject: [PATCH] gdk-pixbuf: add an option so that loader errors are fatal @@ -8,13 +8,12 @@ non-zero if the loader had errors (missing libraries, generally). Upstream-Status: Submitted [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/144] Signed-off-by: Ross Burton <ross.burton@intel.com> - --- gdk-pixbuf/queryloaders.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/gdk-pixbuf/queryloaders.c b/gdk-pixbuf/queryloaders.c -index 1d39b44..2b00815 100644 +index baa9a5c..9b6fa89 100644 --- a/gdk-pixbuf/queryloaders.c +++ b/gdk-pixbuf/queryloaders.c @@ -216,7 +216,7 @@ write_loader_info (GString *contents, const char *path, GdkPixbufFormat *info) @@ -77,7 +76,7 @@ index 1d39b44..2b00815 100644 } g_free (cwd); } -@@ -490,5 +498,8 @@ int main (int argc, char **argv) +@@ -492,5 +500,8 @@ int main (int argc, char **argv) g_free (pixbuf_libdir); diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb index cca89a9059..9f825a68ef 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb @@ -22,7 +22,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \ " -SRC_URI[sha256sum] = "ee9b6c75d13ba096907a2e3c6b27b61bcd17f5c7ebeab5a5b439d2f2e39fe44b" +SRC_URI[sha256sum] = "b9505b3445b9a7e48ced34760c3bcb73e966df3ac94c95a148cb669ab748e3c7" inherit meson pkgconfig gettext pixbufcache ptest-gnome upstream-version-is-even gobject-introspection gi-docgen lib_package diff --git a/poky/meta/recipes-gnome/gnome/adwaita-icon-theme_46.0.bb b/poky/meta/recipes-gnome/gnome/adwaita-icon-theme_45.0.bb index 2f3e4e7b85..0bd98288f6 100644 --- a/poky/meta/recipes-gnome/gnome/adwaita-icon-theme_46.0.bb +++ b/poky/meta/recipes-gnome/gnome/adwaita-icon-theme_45.0.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c84cac88e46fc07647ea07e6c24eeb7c \ inherit gnomebase allarch gtk-icon-cache -SRC_URI[archive.sha256sum] = "4bcb539bd75d64da385d6fa08cbaa9ddeaceb6ac8e82b85ba6c41117bf5ba64e" +SRC_URI[archive.sha256sum] = "2442bfb06f4e6cc95bf6e2682fdff98fa5eddc688751b9d6215c623cb4e42ff1" DEPENDS += "librsvg-native" diff --git a/poky/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb b/poky/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb index ce733769a5..497be6805a 100644 --- a/poky/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb +++ b/poky/meta/recipes-gnome/gtk+/gtk4_4.14.1.bb @@ -76,6 +76,10 @@ PACKAGECONFIG[gstreamer] = "-Dmedia-gstreamer=enabled,-Dmedia-gstreamer=disabled PACKAGECONFIG[tracker] = "-Dtracker=enabled,-Dtracker=disabled,tracker,tracker-miners" PACKAGECONFIG[vulkan] = "-Dvulkan=enabled,-Dvulkan=disabled, vulkan-loader vulkan-headers shaderc-native" +# Disable int-conversion warning as error until [1] is fixed +# [1] https://gitlab.gnome.org/GNOME/gtk/-/issues/6033 +CFLAGS:append = " -Wno-error=int-conversion" + LIBV = "4.0.0" FILES:${PN}:append = " \ diff --git a/poky/meta/recipes-gnome/libxmlb/libxmlb/0001-xb-selftest.c-hardcode-G_TEST_SRCDIR.patch b/poky/meta/recipes-gnome/libxmlb/libxmlb/0001-xb-selftest.c-hardcode-G_TEST_SRCDIR.patch index 27081d8749..da8ce68df9 100644 --- a/poky/meta/recipes-gnome/libxmlb/libxmlb/0001-xb-selftest.c-hardcode-G_TEST_SRCDIR.patch +++ b/poky/meta/recipes-gnome/libxmlb/libxmlb/0001-xb-selftest.c-hardcode-G_TEST_SRCDIR.patch @@ -1,4 +1,4 @@ -From 8a1aa4c318b8dbe4c0c2b1c4968f867ea6641b32 Mon Sep 17 00:00:00 2001 +From dc208bafc57c1ccaa0ca260f99c8b4c976271ebc Mon Sep 17 00:00:00 2001 From: Markus Volk <f_l_k@t-online.de> Date: Sat, 16 Sep 2023 14:02:57 +0200 Subject: [PATCH] xb-self-test.c: hardcode G_TEST_SRCDIR @@ -18,10 +18,10 @@ Signed-off-by: Markus Volk <f_l_k@t-online.de> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/xb-self-test.c b/src/xb-self-test.c -index 1daca18..2e5b251 100644 +index 47d9728..8b3dd0e 100644 --- a/src/xb-self-test.c +++ b/src/xb-self-test.c -@@ -2876,7 +2876,7 @@ xb_speed_func(void) +@@ -2870,7 +2870,7 @@ xb_speed_func(void) int main(int argc, char **argv) { @@ -30,3 +30,6 @@ index 1daca18..2e5b251 100644 g_test_init(&argc, &argv, NULL); +-- +2.41.0 + diff --git a/poky/meta/recipes-gnome/libxmlb/libxmlb_0.3.17.bb b/poky/meta/recipes-gnome/libxmlb/libxmlb_0.3.15.bb index f403857fea..528e3e0bab 100644 --- a/poky/meta/recipes-gnome/libxmlb/libxmlb_0.3.17.bb +++ b/poky/meta/recipes-gnome/libxmlb/libxmlb_0.3.15.bb @@ -8,7 +8,7 @@ SRC_URI = " \ file://0001-xb-selftest.c-hardcode-G_TEST_SRCDIR.patch \ file://run-ptest \ " -SRCREV = "db54f1b3254334e59b29b01b6cb666f444746594" +SRCREV = "25a6384ad60f7e8550292e6cb4f262cc5da74be4" S = "${WORKDIR}/git" DEPENDS = "glib-2.0 xz zstd" diff --git a/poky/meta/recipes-graphics/glslang/glslang/0001-generate-glslang-pkg-config.patch b/poky/meta/recipes-graphics/glslang/glslang/0001-generate-glslang-pkg-config.patch index e6bb6ec8e3..316a57fa4a 100644 --- a/poky/meta/recipes-graphics/glslang/glslang/0001-generate-glslang-pkg-config.patch +++ b/poky/meta/recipes-graphics/glslang/glslang/0001-generate-glslang-pkg-config.patch @@ -1,4 +1,4 @@ -From fc33f1cf032a15c07044ef932bc991c346d62d62 Mon Sep 17 00:00:00 2001 +From 4cede5edcff96134baf35953d58595c4aa5f1fc5 Mon Sep 17 00:00:00 2001 From: Jose Quaresma <quaresma.jose@gmail.com> Date: Sun, 7 Feb 2021 01:30:39 +0000 Subject: [PATCH] generate glslang pkg-config @@ -15,12 +15,12 @@ Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> create mode 100644 glslang/glslang.pc.cmake.in diff --git a/glslang/CMakeLists.txt b/glslang/CMakeLists.txt -index e4690f09..8e660bc5 100644 +index 37eecaad..6974935c 100644 --- a/glslang/CMakeLists.txt +++ b/glslang/CMakeLists.txt -@@ -233,6 +233,8 @@ if(GLSLANG_ENABLE_INSTALL) - install(TARGETS MachineIndependent EXPORT glslang-targets) - install(TARGETS GenericCodeGen EXPORT glslang-targets) +@@ -251,6 +251,8 @@ if(PROJECT_IS_TOP_LEVEL) + ") + install(FILES "${CMAKE_CURRENT_BINARY_DIR}/glslangTargets.cmake" DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake) endif() + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/glslang.pc.cmake.in ${CMAKE_CURRENT_BINARY_DIR}/pkgconfig/glslang.pc @ONLY) + install(FILES ${CMAKE_CURRENT_BINARY_DIR}/pkgconfig/glslang.pc DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) diff --git a/poky/meta/recipes-graphics/glslang/glslang_1.3.280.0.bb b/poky/meta/recipes-graphics/glslang/glslang_1.3.275.0.bb index 637082c719..2fd1e72a26 100644 --- a/poky/meta/recipes-graphics/glslang/glslang_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/glslang/glslang_1.3.275.0.bb @@ -8,7 +8,7 @@ HOMEPAGE = "https://www.khronos.org/opengles/sdk/tools/Reference-Compiler" LICENSE = "BSD-3-Clause & BSD-2-Clause & MIT & Apache-2.0 & GPL-3-with-bison-exception" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2a2b5acd7bc4844964cfda45fe807dc3" -SRCREV = "ee2f5d09eaf8f4e8d0d598bd2172fce290d4ca60" +SRCREV = "a91631b260cba3f22858d6c6827511e636c2458a" SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https;branch=main \ file://0001-generate-glslang-pkg-config.patch \ " diff --git a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_8.3.1.bb b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_8.3.0.bb index fd4dcc2338..d733342682 100644 --- a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_8.3.1.bb +++ b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_8.3.0.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b98429b8e8e3c2a67cfef01e99e4893d \ " SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "f73e1eacd7e2ffae687bc3f056bb0c705b7a05aee86337686e09da8fc1c2030c" +SRC_URI[sha256sum] = "109501eaeb8bde3eadb25fab4164e993fbace29c3d775bcaa1c1e58e2f15f847" DEPENDS += "glib-2.0-native" diff --git a/poky/meta/recipes-graphics/mesa/mesa-gl_24.0.3.bb b/poky/meta/recipes-graphics/mesa/mesa-gl_24.0.5.bb index ca160f1bfc..ca160f1bfc 100644 --- a/poky/meta/recipes-graphics/mesa/mesa-gl_24.0.3.bb +++ b/poky/meta/recipes-graphics/mesa/mesa-gl_24.0.5.bb diff --git a/poky/meta/recipes-graphics/mesa/mesa.inc b/poky/meta/recipes-graphics/mesa/mesa.inc index 1c9fa66c72..77e9c80fcb 100644 --- a/poky/meta/recipes-graphics/mesa/mesa.inc +++ b/poky/meta/recipes-graphics/mesa/mesa.inc @@ -22,7 +22,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \ file://0001-Revert-meson-do-not-pull-in-clc-for-clover.patch \ " -SRC_URI[sha256sum] = "77aec9a2a37b7d3596ea1640b3cc53d0b5d9b3b52abed89de07e3717e91bfdbe" +SRC_URI[sha256sum] = "38cc245ca8faa3c69da6d2687f8906377001f63365348a62cc6f7fafb1e8c018" UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-graphics/mesa/mesa_24.0.3.bb b/poky/meta/recipes-graphics/mesa/mesa_24.0.5.bb index 96e8aa38d6..96e8aa38d6 100644 --- a/poky/meta/recipes-graphics/mesa/mesa_24.0.3.bb +++ b/poky/meta/recipes-graphics/mesa/mesa_24.0.5.bb diff --git a/poky/meta/recipes-graphics/shaderc/files/0001-cmake-disable-building-external-dependencies.patch b/poky/meta/recipes-graphics/shaderc/files/0001-cmake-disable-building-external-dependencies.patch index 5c49aa7fd5..4212512034 100644 --- a/poky/meta/recipes-graphics/shaderc/files/0001-cmake-disable-building-external-dependencies.patch +++ b/poky/meta/recipes-graphics/shaderc/files/0001-cmake-disable-building-external-dependencies.patch @@ -1,4 +1,4 @@ -From 941f5f5831e7a52c26168f81f25d0470860ca6f1 Mon Sep 17 00:00:00 2001 +From 792a46ef27ef879a21c9f01a198eae213ea535e6 Mon Sep 17 00:00:00 2001 From: Jose Quaresma <quaresma.jose@gmail.com> Date: Sat, 13 Feb 2021 00:45:56 +0000 Subject: [PATCH] cmake: disable building external dependencies @@ -15,7 +15,7 @@ Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt -index ffcb54b..cce715e 100644 +index 7bc8f5d..13fc535 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -62,6 +62,7 @@ else() @@ -26,7 +26,7 @@ index ffcb54b..cce715e 100644 set (CMAKE_CXX_STANDARD 17) -@@ -119,8 +120,14 @@ endif(MSVC) +@@ -123,8 +124,14 @@ endif(MSVC) # Configure subdirectories. @@ -43,9 +43,9 @@ index ffcb54b..cce715e 100644 add_subdirectory(libshaderc_util) add_subdirectory(libshaderc) -@@ -132,7 +139,7 @@ endif() +@@ -136,7 +143,7 @@ endif() add_custom_target(build-version - ${Python_EXECUTABLE} + ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/utils/update_build_version.py - ${shaderc_SOURCE_DIR} ${spirv-tools_SOURCE_DIR} ${glslang_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DIR}/build-version.inc + ${CMAKE_CURRENT_BINARY_DIR}/build-version.inc ${shaderc_SOURCE_DIR} ${spirv-tools_SOURCE_DIR} ${glslang_SOURCE_DIR} @@ -53,7 +53,7 @@ index ffcb54b..cce715e 100644 function(define_pkg_config_file NAME LIBS) diff --git a/utils/update_build_version.py b/utils/update_build_version.py -index b7ce5b8..95b34c5 100755 +index 11ee53e..d39e59d 100755 --- a/utils/update_build_version.py +++ b/utils/update_build_version.py @@ -30,6 +30,7 @@ import re diff --git a/poky/meta/recipes-graphics/shaderc/shaderc_2024.0.bb b/poky/meta/recipes-graphics/shaderc/shaderc_2023.8.bb index 9975c608ac..bc7afbdf5e 100644 --- a/poky/meta/recipes-graphics/shaderc/shaderc_2024.0.bb +++ b/poky/meta/recipes-graphics/shaderc/shaderc_2023.8.bb @@ -6,7 +6,7 @@ HOMEPAGE = "https://github.com/google/shaderc" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" -SRCREV = "9f56ca620c07d6c4d119c65c1c1f3f1c584c9985" +SRCREV = "f8a25c591bf5edbb462ca4aea99dcc666f096d13" SRC_URI = "git://github.com/google/shaderc.git;protocol=https;branch=main \ file://0001-cmake-disable-building-external-dependencies.patch \ file://0002-libshaderc_util-fix-glslang-header-file-location.patch \ diff --git a/poky/meta/recipes-graphics/spir/spirv-headers_1.3.280.0.bb b/poky/meta/recipes-graphics/spir/spirv-headers_1.3.275.0.bb index 26bfd9c4fa..598a8fc209 100644 --- a/poky/meta/recipes-graphics/spir/spirv-headers_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/spir/spirv-headers_1.3.275.0.bb @@ -2,9 +2,9 @@ SUMMARY = "Machine-readable files for the SPIR-V Registry" SECTION = "graphics" HOMEPAGE = "https://www.khronos.org/registry/spir-v" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=d14ee3b13f42e9c9674acc5925c3d741" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c938b85bceb8fb26c1a807f28a52ae2d" -SRCREV = "8b246ff75c6615ba4532fe4fde20f1be090c3764" +SRCREV = "1c6bb2743599e6eb6f37b2969acc0aef812e32e3" SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https;branch=main" PE = "1" # These recipes need to be updated in lockstep with each other: diff --git a/poky/meta/recipes-graphics/spir/spirv-tools_1.3.280.0.bb b/poky/meta/recipes-graphics/spir/spirv-tools_1.3.275.0.bb index d2b6acf946..05c6de1b50 100644 --- a/poky/meta/recipes-graphics/spir/spirv-tools_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/spir/spirv-tools_1.3.275.0.bb @@ -7,7 +7,7 @@ SECTION = "graphics" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRCREV = "04896c462d9f3f504c99a4698605b6524af813c1" +SRCREV = "f0cc85efdbbe3a46eae90e0f915dc1509836d0fc" SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git;branch=main;protocol=https" PE = "1" # These recipes need to be updated in lockstep with each other: diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.3.280.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.3.275.0.bb index 371cc7304d..aacec8cab1 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.3.275.0.bb @@ -11,7 +11,7 @@ LICENSE = "Apache-2.0 & MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=1bc355d8c4196f774c8b87ed1a8dd625" SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=main;protocol=https" -SRCREV = "577baa05033cf1d9236b3d078ca4b3269ed87a2b" +SRCREV = "217e93c664ec6704ec2d8c36fa116c1a4a1e2d40" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.3.280.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.3.275.0.bb index b738771801..7caed67207 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.3.275.0.bb @@ -9,8 +9,8 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=7dbefed23242760aa3475ee42801c5ac" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=vulkan-sdk-1.3.280;protocol=https" -SRCREV = "61a9c50248e09f3a0e0be7ce6f8bb1663855f979" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=vulkan-sdk-1.3.275;protocol=https" +SRCREV = "00893b9a03e526aec2c5bf487521d16dfa435229" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.3.280.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.3.275.0.bb index a7e4a67aaa..f86912c903 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.3.275.0.bb @@ -6,8 +6,8 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=vulkan-sdk-1.3.280;protocol=https" -SRCREV = "136976082d0b14dad8b9687982b2a80cc6e6a633" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=main;protocol=https" +SRCREV = "c86d42cf9eb620eeac377e3bff46ae342c5cd664" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-utility-libraries_1.3.280.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-utility-libraries_1.3.275.0.bb index 3ab31af96a..759a03926b 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-utility-libraries_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-utility-libraries_1.3.275.0.bb @@ -10,7 +10,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=4ca2d6799091aaa98a8520f1b793939b" SRC_URI = "git://github.com/KhronosGroup/Vulkan-Utility-Libraries.git;branch=main;protocol=https" -SRCREV = "a4140c5fd47dcf3a030726a60b293db61cfb54a3" +SRCREV = "4cfc176e3242b4dbdfd3f6c5680c5d8f2cb7db45" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-validation-layers_1.3.280.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-validation-layers_1.3.275.0.bb index c488309c91..239589108d 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-validation-layers_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-validation-layers_1.3.275.0.bb @@ -8,8 +8,8 @@ SECTION = "libs" LICENSE = "Apache-2.0 & MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=cd3c0bc366cd9b6a906e22f0bcb5910f" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-ValidationLayers.git;branch=vulkan-sdk-1.3.280;protocol=https" -SRCREV = "8506077b9a25a00684e8be24b779733ae1405a54" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-ValidationLayers.git;branch=vulkan-sdk-1.3.275;protocol=https" +SRCREV = "780c65337e111c7385109c7b720d757a778e4fe2" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-volk_1.3.280.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-volk_1.3.275.0.bb index 2ef12fedf8..f4e6e89aac 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-volk_1.3.280.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-volk_1.3.275.0.bb @@ -7,10 +7,10 @@ BUGTRACKER = "https://github.com/zeux/volk" SECTION = "libs" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.md;md5=12e6af3a0e2a5e5dbf7796aa82b64626" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=b2dd098d35668a801190a9d9d47461b0" SRC_URI = "git://github.com/zeux/volk.git;branch=master;protocol=https" -SRCREV = "01986ac85fa2e5c70df09aeae9c907e27c5d50b2" +SRCREV = "f2a16e3e19c2349b873343b2dc38a1d4c25af23a" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch b/poky/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch new file mode 100644 index 0000000000..4b3a0e7c4a --- /dev/null +++ b/poky/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch @@ -0,0 +1,28 @@ +From 0961787d2bf0d359a3ead89e9cec642818b32dea Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Tue, 5 Jul 2022 11:51:39 +0200 +Subject: [PATCH] meson.build: request native wayland-scanner + +This matters in cross compilation, as otherwise meson will +try to use a cross-binary, and fail. + +Upstream-Status: Submitted [https://gitlab.freedesktop.org/mesa/waffle/-/merge_requests/110] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> + +--- + meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meson.build b/meson.build +index ca6a212..3177bde 100644 +--- a/meson.build ++++ b/meson.build +@@ -110,7 +110,7 @@ else + 'wayland-egl', version : '>= 9.1', required : get_option('wayland'), + ) + dep_wayland_scanner = dependency( +- 'wayland-scanner', version : '>= 1.15', required : get_option('wayland'), ++ 'wayland-scanner', version : '>= 1.15', required : get_option('wayland'), native: true, + ) + if dep_wayland_scanner.found() + prog_wayland_scanner = find_program(dep_wayland_scanner.get_variable(pkgconfig: 'wayland_scanner')) diff --git a/poky/meta/recipes-graphics/waffle/waffle/0001-waffle-do-not-make-core-protocol-into-the-library.patch b/poky/meta/recipes-graphics/waffle/waffle/0001-waffle-do-not-make-core-protocol-into-the-library.patch index 31ac3e0dd1..60e6318f7a 100644 --- a/poky/meta/recipes-graphics/waffle/waffle/0001-waffle-do-not-make-core-protocol-into-the-library.patch +++ b/poky/meta/recipes-graphics/waffle/waffle/0001-waffle-do-not-make-core-protocol-into-the-library.patch @@ -1,4 +1,4 @@ -From 79b9e4338f803d79449e53a40b1ecc0a5a5889e4 Mon Sep 17 00:00:00 2001 +From 71f9399d6cea1e2e885a98b98d82eb628832a86e Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex@linutronix.de> Date: Tue, 26 Oct 2021 08:52:17 +0200 Subject: [PATCH] waffle: do not make core protocol into the library @@ -9,15 +9,16 @@ wayland.xml from the host. Upstream-Status: Inappropriate [oe-core specific] Signed-off-by: Alexander Kanavin <alex@linutronix.de> + --- src/waffle/meson.build | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/waffle/meson.build b/src/waffle/meson.build -index 1cc99f6..022745a 100644 +index e2636c7..3ff5762 100644 --- a/src/waffle/meson.build +++ b/src/waffle/meson.build -@@ -89,12 +89,6 @@ if build_surfaceless +@@ -88,12 +88,6 @@ if build_surfaceless endif if build_wayland @@ -30,7 +31,7 @@ index 1cc99f6..022745a 100644 wl_xdg_shell_proto_c = custom_target( 'wl-xdg-shell-proto.c', input: wayland_xdg_shell_xml, -@@ -115,7 +109,6 @@ if build_wayland +@@ -114,7 +108,6 @@ if build_wayland 'wayland/wayland_wrapper.c', ) files_libwaffle += [ diff --git a/poky/meta/recipes-graphics/waffle/waffle_1.8.0.bb b/poky/meta/recipes-graphics/waffle/waffle_1.7.2.bb index 12b31dcff1..cb917d8894 100644 --- a/poky/meta/recipes-graphics/waffle/waffle_1.8.0.bb +++ b/poky/meta/recipes-graphics/waffle/waffle_1.7.2.bb @@ -9,10 +9,11 @@ LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=4c5154407c2490750dd461c50ad94797 \ file://include/waffle-1/waffle.h;endline=24;md5=61dbf8697f61c78645e75a93c585b1bf" -SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=master \ +SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=maint-1.7 \ file://0001-waffle-do-not-make-core-protocol-into-the-library.patch \ + file://0001-meson.build-request-native-wayland-scanner.patch \ " -SRCREV = "580b912a30085528886603942c100c7b309b3bdb" +SRCREV = "f3b42a7216105498842bc6ba77d8481b90d6f5f9" S = "${WORKDIR}/git" inherit meson features_check lib_package bash-completion pkgconfig diff --git a/poky/meta/recipes-graphics/wayland/libinput_1.25.0.bb b/poky/meta/recipes-graphics/wayland/libinput_1.25.0.bb index 517b247fed..894858e361 100644 --- a/poky/meta/recipes-graphics/wayland/libinput_1.25.0.bb +++ b/poky/meta/recipes-graphics/wayland/libinput_1.25.0.bb @@ -32,7 +32,7 @@ do_configure:append() { PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}" PACKAGECONFIG[libwacom] = "-Dlibwacom=true,-Dlibwacom=false,libwacom" -PACKAGECONFIG[gui] = "-Ddebug-gui=true,-Ddebug-gui=false,cairo gtk+3" +PACKAGECONFIG[gui] = "-Ddebug-gui=true,-Ddebug-gui=false,cairo gtk+3 wayland-native" PACKAGECONFIG[tests] = "-Dtests=true -Dinstall-tests=true,-Dtests=false -Dinstall-tests=false,libcheck" UDEVDIR = "`pkg-config --variable=udevdir udev`" diff --git a/poky/meta/recipes-graphics/wayland/mtdev_1.1.7.bb b/poky/meta/recipes-graphics/wayland/mtdev_1.1.6.bb index 24803c4238..7c1cb5e4ec 100644 --- a/poky/meta/recipes-graphics/wayland/mtdev_1.1.7.bb +++ b/poky/meta/recipes-graphics/wayland/mtdev_1.1.6.bb @@ -12,6 +12,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=ea6bd0268bb0fcd6b27698616ceee5d6" SRC_URI = "http://bitmath.org/code/${BPN}/${BP}.tar.bz2" -SRC_URI[sha256sum] = "a107adad2101fecac54ac7f9f0e0a0dd155d954193da55c2340c97f2ff1d814e" +SRC_URI[md5sum] = "bf8ef2482e84a00b5db8fbd3ce00e249" +SRC_URI[sha256sum] = "15d7b28da8ac71d8bc8c9287c2045fd174267bc740bec10cfda332dc1204e0e0" inherit autotools pkgconfig diff --git a/poky/meta/recipes-graphics/wayland/wayland-protocols_1.34.bb b/poky/meta/recipes-graphics/wayland/wayland-protocols_1.33.bb index 8c12985714..074ea3663a 100644 --- a/poky/meta/recipes-graphics/wayland/wayland-protocols_1.34.bb +++ b/poky/meta/recipes-graphics/wayland/wayland-protocols_1.33.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c7b12b6702da38ca028ace54aae3d484 \ file://stable/presentation-time/presentation-time.xml;endline=26;md5=4646cd7d9edc9fa55db941f2d3a7dc53" SRC_URI = "https://gitlab.freedesktop.org/wayland/wayland-protocols/-/releases/${PV}/downloads/wayland-protocols-${PV}.tar.xz" -SRC_URI[sha256sum] = "c59b27cacd85f60baf4ee5f80df5c0d15760ead6a2432b00ab7e2e0574dcafeb" +SRC_URI[sha256sum] = "94f0c50b090d6e61a03f62048467b19abbe851be4e11ae7b36f65f8b98c3963a" UPSTREAM_CHECK_URI = "https://gitlab.freedesktop.org/wayland/wayland-protocols/-/tags" diff --git a/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator/Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch b/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator/Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch index 86982924a8..de0862599d 100644 --- a/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator/Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch +++ b/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator/Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch @@ -1,4 +1,4 @@ -Upstream-Status: Pending +Upstream-Status: Inactive-Upstream [last commits over a decade ago] From 14734a93bd3fc323325459e24b04795422e395e6 Mon Sep 17 00:00:00 2001 From: Laurentiu Palcu <laurentiu.palcu@intel.com> diff --git a/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.3.bb b/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.2.bb index aa79902a34..cd658ab219 100644 --- a/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.3.bb +++ b/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.2.bb @@ -15,7 +15,7 @@ RPROVIDES:${PN} += "mkfontdir" BBCLASSEXTEND = "native" -LIC_FILES_CHKSUM = "file://COPYING;md5=5a60c596d1b5f3dee9f005b703b3180d" +LIC_FILES_CHKSUM = "file://COPYING;md5=99b1e1269aba5179139b9e4380fc0934" SRC_URI_EXT = "xz" -SRC_URI[sha256sum] = "2921cdc344f1acee04bcd6ea1e29565c1308263006e134a9ee38cf9c9d6fe75e" +SRC_URI[sha256sum] = "8ae3fb5b1fe7436e1f565060acaa3e2918fe745b0e4979b5593968914fe2d5c4" diff --git a/poky/meta/recipes-graphics/xorg-app/xauth_1.1.3.bb b/poky/meta/recipes-graphics/xorg-app/xauth_1.1.2.bb index b0ca33bf4b..1ad18ef63b 100644 --- a/poky/meta/recipes-graphics/xorg-app/xauth_1.1.3.bb +++ b/poky/meta/recipes-graphics/xorg-app/xauth_1.1.2.bb @@ -9,7 +9,7 @@ DEPENDS += "libxau libxext libxmu" PE = "1" SRC_URI_EXT = "xz" -SRC_URI[sha256sum] = "e7075498bae332f917f01d660f9b940c0752b2556a8da61ccb62a44d0ffe9d33" +SRC_URI[sha256sum] = "78ba6afd19536ced1dddb3276cba6e9555a211b468a06f95f6a97c62ff8ee200" PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," diff --git a/poky/meta/recipes-graphics/xorg-app/xev_1.2.6.bb b/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb index 182aeff1b7..1d2e66b7b4 100644 --- a/poky/meta/recipes-graphics/xorg-app/xev_1.2.6.bb +++ b/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb @@ -12,6 +12,6 @@ PE = "1" DEPENDS += "libxrandr xorgproto" -SRC_URI[sha256sum] = "61e1c5e008ac9973aca7cdddf36e9df7410e77083b030eb04f4dc737c51807d7" +SRC_URI[sha256sum] = "c9461a4389714e0f33974f9e75934bdc38d836a0f059b8dc089c7cbf2ce36ec1" SRC_URI_EXT = "xz" diff --git a/poky/meta/recipes-graphics/xorg-font/encodings_1.1.0.bb b/poky/meta/recipes-graphics/xorg-font/encodings_1.0.7.bb index 7432c08ec0..5906da416a 100644 --- a/poky/meta/recipes-graphics/xorg-font/encodings_1.1.0.bb +++ b/poky/meta/recipes-graphics/xorg-font/encodings_1.0.7.bb @@ -11,7 +11,7 @@ PE = "1" DEPENDS = "mkfontscale-native mkfontdir-native font-util-native" RDEPENDS:${PN} = "" -SRC_URI[sha256sum] = "9ff13c621756cfa12e95f32ba48a5b23839e8f577d0048beda66c67dab4de975" +SRC_URI[sha256sum] = "3a39a9f43b16521cdbd9f810090952af4f109b44fa7a865cd555f8febcea70a4" SRC_URI_EXT = "xz" diff --git a/poky/meta/recipes-graphics/xorg-lib/libfontenc_1.1.8.bb b/poky/meta/recipes-graphics/xorg-lib/libfontenc_1.1.7.bb index 0fc117fc58..056a29af25 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libfontenc_1.1.8.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libfontenc_1.1.7.bb @@ -11,6 +11,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=96254c20ab81c63e65b26f0dbcd4a1c1" DEPENDS += "zlib xorgproto font-util" PE = "1" -SRC_URI[sha256sum] = "7b02c3d405236e0d86806b1de9d6868fe60c313628b38350b032914aa4fd14c6" +SRC_URI[sha256sum] = "c0d36991faee06551ddbaf5d99266e97becdc05edfae87a833c3ff7bf73cfec2" BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-graphics/xorg-lib/libpciaccess_0.18.1.bb b/poky/meta/recipes-graphics/xorg-lib/libpciaccess_0.18.bb index d311fd95e0..74b308c912 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libpciaccess_0.18.1.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libpciaccess_0.18.bb @@ -16,7 +16,7 @@ inherit features_check pkgconfig meson REQUIRED_DISTRO_FEATURES ?= "x11" -SRC_URI[sha256sum] = "4af43444b38adb5545d0ed1c2ce46d9608cc47b31c2387fc5181656765a6fa76" +SRC_URI[sha256sum] = "5461b0257d495254346f52a9c329b44b346262663675d3fecdb204a7e7c262a9" LICENSE = "MIT & MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=54c978968e565218eea36cf03ef24352" diff --git a/poky/meta/recipes-graphics/xorg-lib/libxcb_1.16.1.bb b/poky/meta/recipes-graphics/xorg-lib/libxcb_1.16.bb index de3290aa9f..04b1eaa910 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxcb_1.16.1.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxcb_1.16.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d763b081cb10c223435b01e00dc0aba7" SRC_URI = "http://xcb.freedesktop.org/dist/libxcb-${PV}.tar.xz \ file://0001-use-_Alignof-to-avoid-UB-in-ALIGNOF.patch" -SRC_URI[sha256sum] = "f24d187154c8e027b358fc7cb6588e35e33e6a92f11c668fe77396a7ae66e311" +SRC_URI[sha256sum] = "4348566aa0fbf196db5e0a576321c65966189210cb51328ea2bb2be39c711d71" BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-graphics/xorg-lib/libxdmcp_1.1.5.bb b/poky/meta/recipes-graphics/xorg-lib/libxdmcp_1.1.4.bb index d1a1a2e7f9..bf5d2d6721 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxdmcp_1.1.5.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxdmcp_1.1.4.bb @@ -22,7 +22,7 @@ XORG_PN = "libXdmcp" BBCLASSEXTEND = "native nativesdk" -SRC_URI[sha256sum] = "d8a5222828c3adab70adf69a5583f1d32eb5ece04304f7f8392b6a353aa2228c" +SRC_URI[sha256sum] = "2dce5cc317f8f0b484ec347d87d81d552cdbebb178bd13c5d8193b6b7cd6ad00" PACKAGECONFIG ??= "" PACKAGECONFIG[arc4] = "ac_cv_lib_bsd_arc4random_buf=yes,ac_cv_lib_bsd_arc4random_buf=no,libbsd" diff --git a/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.7.0.bb b/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.6.0.bb index 40cf616f0b..02045cc212 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.7.0.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxkbcommon_1.6.0.bb @@ -9,7 +9,7 @@ DEPENDS = "flex-native bison-native" SRC_URI = "http://xkbcommon.org/download/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "65782f0a10a4b455af9c6baab7040e2f537520caa2ec2092805cdfd36863b247" +SRC_URI[sha256sum] = "0edc14eccdd391514458bc5f5a4b99863ed2d651e4dd761a90abf4f46ef99c2b" UPSTREAM_CHECK_URI = "http://xkbcommon.org/" diff --git a/poky/meta/recipes-graphics/xorg-lib/libxmu_1.2.0.bb b/poky/meta/recipes-graphics/xorg-lib/libxmu_1.1.4.bb index d97bc7a3dd..3aae4030b7 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxmu_1.2.0.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxmu_1.1.4.bb @@ -27,4 +27,4 @@ FILES:libxmuu = "${libdir}/libXmuu.so.*" BBCLASSEXTEND = "native" -SRC_URI[sha256sum] = "072026fe305889538e5b0c5f9cbcd623d2c27d2b85dcd37ca369ab21590b6963" +SRC_URI[sha256sum] = "210de3ab9c3e9382572c25d17c2518a854ce6e2c62c5f8315deac7579e758244" diff --git a/poky/meta/recipes-graphics/xorg-proto/xorgproto_2024.1.bb b/poky/meta/recipes-graphics/xorg-proto/xorgproto_2023.2.bb index 3f56e21a55..94d37c56bc 100644 --- a/poky/meta/recipes-graphics/xorg-proto/xorgproto_2024.1.bb +++ b/poky/meta/recipes-graphics/xorg-proto/xorgproto_2023.2.bb @@ -9,7 +9,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING-x11proto;md5=0b9fe3db4015bcbe920e7c67a39ee3f1" SRC_URI = "${XORG_MIRROR}/individual/proto/${BP}.tar.xz" -SRC_URI[sha256sum] = "372225fd40815b8423547f5d890c5debc72e88b91088fbfb13158c20495ccb59" +SRC_URI[sha256sum] = "b61fbc7db82b14ce2dc705ab590efc32b9ad800037113d1973811781d5118c2c" inherit meson diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.11.bb b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.12.bb index 6506d775ca..570e08d5ae 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.11.bb +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.12.bb @@ -3,7 +3,7 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ " -SRC_URI[sha256sum] = "1d3dadbd57fb86b16a018e9f5f957aeeadf744f56c0553f55737628d06d326ef" +SRC_URI[sha256sum] = "1e016e2be1b5ccdd65eac3ea08e54bd13ce8f4f6c3fb32ad6fdac4e71729a90f" # These extensions are now integrated into the server, so declare the migration # path for in-place upgrades. diff --git a/poky/meta/recipes-kernel/kexec/kexec-tools/0001-x86-linux-setup.c-Use-POSIX-basename-API.patch b/poky/meta/recipes-kernel/kexec/kexec-tools/0001-x86-linux-setup.c-Use-POSIX-basename-API.patch new file mode 100644 index 0000000000..e223f45998 --- /dev/null +++ b/poky/meta/recipes-kernel/kexec/kexec-tools/0001-x86-linux-setup.c-Use-POSIX-basename-API.patch @@ -0,0 +1,54 @@ +From 32c8ffa7ace6f1b7e63f9ddffab00b00c36a7b57 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 15 May 2024 21:18:08 -0700 +Subject: [PATCH] x86-linux-setup.c: Use POSIX basename API + +Musl C library only supports POSIX basename function. while glibc has +both GNU extention as well as POSIX basename implemented. Switch to +using posix version, so it can work across musl and glibc + +basename prototype has been removed from string.h from latest musl [1] +compilers e.g. clang-18/GCC-14 flags the absense of prototype as error. +therefore include libgen.h for providing it. + +[1] https://git.musl-libc.org/cgit/musl/commit/?id=725e17ed6dff4d0cd22487bb64470881e86a92e7 + +Upstream-Status: Submitted [https://lists.infradead.org/pipermail/kexec/2024-May/030034.html] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + kexec/arch/i386/x86-linux-setup.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/kexec/arch/i386/x86-linux-setup.c b/kexec/arch/i386/x86-linux-setup.c +index 9a281dc..73251b9 100644 +--- a/kexec/arch/i386/x86-linux-setup.c ++++ b/kexec/arch/i386/x86-linux-setup.c +@@ -14,6 +14,7 @@ + * + */ + #define _GNU_SOURCE ++#include <libgen.h> + #include <stdint.h> + #include <stdio.h> + #include <string.h> +@@ -329,12 +330,14 @@ static int add_edd_entry(struct x86_linux_param_header *real_mode, + memset(edd_info, 0, sizeof(struct edd_info)); + + /* extract the device number */ +- if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) { ++ char* sysfs_name_copy = strdup(sysfs_name); ++ if (sscanf(basename(sysfs_name_copy), "int13_dev%hhx", &devnum) != 1) { + fprintf(stderr, "Invalid format of int13_dev dir " +- "entry: %s\n", basename(sysfs_name)); ++ "entry: %s\n", basename(sysfs_name_copy)); ++ free(sysfs_name_copy); + return -1; + } +- ++ free(sysfs_name_copy); + /* if there's a MBR signature, then add it */ + if (file_scanf(sysfs_name, "mbr_signature", "0x%x", &mbr_sig) == 1) { + real_mode->edd_mbr_sig_buffer[*current_mbr] = mbr_sig; +-- +2.45.1 + diff --git a/poky/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb b/poky/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb index dec821ea88..f0a484f884 100644 --- a/poky/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb +++ b/poky/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb @@ -18,6 +18,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/kexec/kexec-tools-${PV}.tar.gz file://0005-Disable-PIE-during-link.patch \ file://0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch \ file://Fix-building-on-x86_64-with-binutils-2.41.patch \ + file://0001-x86-linux-setup.c-Use-POSIX-basename-API.patch \ " SRC_URI[sha256sum] = "f33d2660b3e38d25a127e87097978e0f7a9a73ab5151a29eb80974d169ff6a29" diff --git a/poky/meta/recipes-kernel/libtraceevent/libtraceevent/meson.patch b/poky/meta/recipes-kernel/libtraceevent/libtraceevent/meson.patch index 0c21b2347a..6e96ba2167 100644 --- a/poky/meta/recipes-kernel/libtraceevent/libtraceevent/meson.patch +++ b/poky/meta/recipes-kernel/libtraceevent/libtraceevent/meson.patch @@ -1,20 +1,14 @@ -From 7f88c9ba5f27276e844252500a9f0ba2b350b919 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@arm.com> -Date: Sun, 27 Aug 2023 20:57:44 +0100 -Subject: [PATCH] Fixes for the Meson build of libtraceevent: +Fixes for the Meson build of libtraceevent: - Make the plugin directory the same as the Makefiles - Install the plugins as modules not static and versioned shared libraries +- Add an option to disable building the documentation (needs asciidoc and xmlto) -Upstream-Status: Pending +Upstream-Status: Submitted [https://lore.kernel.org/linux-trace-devel/20240311111140.1789879-1-alex@linutronix.de/T/#u] Signed-off-by: Ross Burton <ross.burton@arm.com> ---- - meson.build | 2 +- - plugins/meson.build | 3 +-- - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/meson.build b/meson.build -index 40ce38c..1eb7912 100644 +index b61c873..4bba4d8 100644 --- a/meson.build +++ b/meson.build @@ -25,7 +25,7 @@ htmldir = join_paths(prefixdir, get_option('htmldir')) @@ -26,6 +20,41 @@ index 40ce38c..1eb7912 100644 endif add_project_arguments( +@@ -45,10 +45,13 @@ if cunit_dep.found() + subdir('utest') + endif + subdir('samples') +-subdir('Documentation') + +-custom_target( +- 'docs', +- output: 'docs', +- depends: [html, man], +- command: ['echo']) ++if get_option('docs') ++ subdir('Documentation') ++ ++ custom_target( ++ 'docs', ++ output: 'docs', ++ depends: [html, man], ++ command: ['echo']) ++endif +diff --git a/meson_options.txt b/meson_options.txt +index b2294f6..0611216 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -4,6 +4,10 @@ + + option('plugindir', type : 'string', + description : 'set the plugin dir') ++ ++option('docs', type : 'boolean', value: true, ++ description : 'build documentation') ++ + option('htmldir', type : 'string', value : 'share/doc/libtraceevent-doc', + description : 'directory for HTML documentation') + option('asciidoctor', type : 'boolean', value: false, diff --git a/plugins/meson.build b/plugins/meson.build index 74ad664..4919be4 100644 --- a/plugins/meson.build diff --git a/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.8.2.bb b/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.3.bb index d4ace54884..bee7891832 100644 --- a/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.8.2.bb +++ b/poky/meta/recipes-kernel/libtraceevent/libtraceevent_1.7.3.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSES/GPL-2.0;md5=e6a75371ba4d16749254a51215d13f97 file://LICENSES/LGPL-2.1;md5=b370887980db5dd40659b50909238dbd" SECTION = "libs" -SRCREV = "6f6d5802f31992e7527a4c32b43a32fda6bf6bdf" +SRCREV = "dd148189b74da3e2f45c7e536319fec97cb71213" SRC_URI = "git://git.kernel.org/pub/scm/libs/libtrace/libtraceevent.git;branch=${BPN};protocol=https \ file://meson.patch" @@ -16,7 +16,7 @@ S = "${WORKDIR}/git" inherit meson pkgconfig -EXTRA_OEMESON = "-Ddoc=false" +EXTRA_OEMESON = "-Ddocs=false" PACKAGES += "${PN}-plugins" diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc index bb9ba49c48..9f1f03ac53 100644 --- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc +++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2024-03-28 16:40:04.102652+00:00 for version 6.6.23 +# Generated at 2024-05-02 12:41:43.351358+00:00 for version 6.6.29 python check_kernel_cve_status_version() { - this_version = "6.6.23" + this_version = "6.6.29" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -2980,6 +2980,10 @@ CVE_STATUS[CVE-2019-25044] = "fixed-version: Fixed from version 5.2rc4" CVE_STATUS[CVE-2019-25045] = "fixed-version: Fixed from version 5.1" +CVE_STATUS[CVE-2019-25160] = "fixed-version: Fixed from version 5.0" + +CVE_STATUS[CVE-2019-25162] = "fixed-version: Fixed from version 6.0rc1" + CVE_STATUS[CVE-2019-3016] = "fixed-version: Fixed from version 5.6rc1" CVE_STATUS[CVE-2019-3459] = "fixed-version: Fixed from version 5.1rc1" @@ -3452,6 +3456,32 @@ CVE_STATUS[CVE-2020-36694] = "fixed-version: Fixed from version 5.10" CVE_STATUS[CVE-2020-36766] = "fixed-version: Fixed from version 5.9rc1" +CVE_STATUS[CVE-2020-36775] = "fixed-version: Fixed from version 5.7rc1" + +CVE_STATUS[CVE-2020-36776] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36777] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36778] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36779] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36780] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36781] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36782] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36783] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36784] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36785] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36786] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2020-36787] = "fixed-version: Fixed from version 5.13rc1" + CVE_STATUS[CVE-2020-3702] = "fixed-version: Fixed from version 5.12rc1" CVE_STATUS[CVE-2020-4788] = "fixed-version: Fixed from version 5.10rc5" @@ -3940,6 +3970,540 @@ CVE_STATUS[CVE-2021-45868] = "fixed-version: Fixed from version 5.16rc1" CVE_STATUS[CVE-2021-46283] = "fixed-version: Fixed from version 5.13rc7" +CVE_STATUS[CVE-2021-46904] = "fixed-version: Fixed from version 5.12rc7" + +CVE_STATUS[CVE-2021-46905] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46906] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-46908] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46909] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46910] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46911] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46912] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46913] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46914] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46915] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46916] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46917] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46918] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46919] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46920] = "fixed-version: Fixed from version 5.12rc8" + +CVE_STATUS[CVE-2021-46921] = "fixed-version: Fixed from version 5.12" + +CVE_STATUS[CVE-2021-46922] = "fixed-version: Fixed from version 5.12" + +CVE_STATUS[CVE-2021-46923] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46924] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46925] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46926] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-46927] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46928] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-46929] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46930] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46931] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46932] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46933] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46934] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46935] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46936] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46937] = "fixed-version: Fixed from version 5.16rc8" + +CVE_STATUS[CVE-2021-46938] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46939] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46940] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46941] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46942] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46943] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46944] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46945] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46947] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46948] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46949] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46950] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46951] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46952] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46953] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46954] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46955] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46956] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46957] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46958] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46959] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46960] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46961] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46962] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46963] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46964] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46965] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46966] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46967] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46968] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46969] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46970] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46971] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46972] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46973] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46974] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46976] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46977] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46978] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46979] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46980] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46981] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46982] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46983] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46984] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46985] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46986] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46987] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46988] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46989] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46990] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-46991] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46992] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46993] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46994] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46995] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46996] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46997] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46998] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-46999] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47000] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47001] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47002] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47003] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47004] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47005] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47006] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47007] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47008] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47009] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-47010] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47011] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47012] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47013] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47014] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47015] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47016] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47017] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47018] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47019] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47020] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47021] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47022] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47023] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47024] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47025] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47026] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47027] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47028] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47029] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47030] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47031] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47032] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47033] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47034] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47035] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47036] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47037] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47038] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47039] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47040] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47041] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47042] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47043] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47044] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47045] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47046] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47047] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47048] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47049] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47050] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47051] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47052] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47053] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47054] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47055] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47056] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47057] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47058] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47059] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47060] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47061] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47062] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47063] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47064] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47065] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47066] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47067] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47068] = "fixed-version: Fixed from version 5.13rc1" + +CVE_STATUS[CVE-2021-47069] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47070] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47071] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47072] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47073] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47074] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47075] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47076] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47077] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47078] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47079] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47080] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47081] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47082] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47083] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47086] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47087] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47088] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47089] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47090] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47091] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47092] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47093] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47094] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47095] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47096] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47097] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47098] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47099] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47100] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47101] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47102] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47103] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47104] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47105] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47106] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47107] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47108] = "fixed-version: Fixed from version 5.16rc7" + +CVE_STATUS[CVE-2021-47109] = "fixed-version: Fixed from version 5.13rc7" + +CVE_STATUS[CVE-2021-47110] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-47111] = "fixed-version: Fixed from version 5.13rc6" + +CVE_STATUS[CVE-2021-47112] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-47113] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47114] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47116] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47117] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47118] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47119] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47120] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47121] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47122] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47123] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-47124] = "fixed-version: Fixed from version 5.13rc2" + +CVE_STATUS[CVE-2021-47125] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47126] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47127] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47128] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47129] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47130] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47131] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47132] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47133] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47134] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47135] = "fixed-version: Fixed from version 5.13rc5" + +CVE_STATUS[CVE-2021-47136] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47137] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47138] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47139] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47140] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47141] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47142] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47143] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47144] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47145] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47146] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47147] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47148] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47149] = "fixed-version: Fixed from version 5.13rc3" + +CVE_STATUS[CVE-2021-47150] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47151] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47152] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47153] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47158] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47159] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47160] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47161] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47162] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47163] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47164] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47165] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47166] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47167] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47168] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47169] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47170] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47171] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47172] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47173] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47174] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47175] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47176] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47177] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47178] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47179] = "fixed-version: Fixed from version 5.13rc4" + +CVE_STATUS[CVE-2021-47180] = "fixed-version: Fixed from version 5.13rc4" + CVE_STATUS[CVE-2022-0001] = "fixed-version: Fixed from version 5.17rc8" CVE_STATUS[CVE-2022-0002] = "fixed-version: Fixed from version 5.17rc8" @@ -4590,6 +5154,16 @@ CVE_STATUS[CVE-2022-48502] = "fixed-version: Fixed from version 6.2rc1" CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1" +CVE_STATUS[CVE-2022-48626] = "fixed-version: Fixed from version 5.17rc4" + +CVE_STATUS[CVE-2022-48627] = "fixed-version: Fixed from version 5.19rc7" + +CVE_STATUS[CVE-2022-48628] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2022-48629] = "fixed-version: Fixed from version 5.17" + +CVE_STATUS[CVE-2022-48630] = "fixed-version: Fixed from version 5.18" + CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" CVE_STATUS[CVE-2023-0045] = "fixed-version: Fixed from version 6.2rc3" @@ -4834,6 +5408,8 @@ CVE_STATUS[CVE-2023-28466] = "fixed-version: Fixed from version 6.3rc2" CVE_STATUS[CVE-2023-2860] = "fixed-version: Fixed from version 6.0rc5" +CVE_STATUS[CVE-2023-28746] = "cpe-stable-backport: Backported in 6.6.22" + CVE_STATUS[CVE-2023-28772] = "fixed-version: Fixed from version 5.14rc1" CVE_STATUS[CVE-2023-28866] = "fixed-version: Fixed from version 6.3rc4" @@ -5112,7 +5688,7 @@ CVE_STATUS[CVE-2023-46838] = "cpe-stable-backport: Backported in 6.6.14" CVE_STATUS[CVE-2023-46862] = "fixed-version: Fixed from version 6.6" -# CVE-2023-47233 has no known resolution +CVE_STATUS[CVE-2023-47233] = "cpe-stable-backport: Backported in 6.6.24" CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" @@ -5208,6 +5784,294 @@ CVE_STATUS[CVE-2023-52463] = "cpe-stable-backport: Backported in 6.6.14" CVE_STATUS[CVE-2023-52464] = "cpe-stable-backport: Backported in 6.6.14" +CVE_STATUS[CVE-2023-52465] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52467] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52468] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52469] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52470] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52471] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2023-52472] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52473] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52474] = "fixed-version: Fixed from version 6.4rc1" + +CVE_STATUS[CVE-2023-52475] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52476] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52477] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52478] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52479] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52480] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52481] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52482] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52483] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52484] = "fixed-version: Fixed from version 6.6rc5" + +# CVE-2023-52485 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2023-52486] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52487] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52488] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52489] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52490] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52491] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52492] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52493] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52494] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52495] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52497] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52498] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52499] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52500] = "fixed-version: Fixed from version 6.6rc2" + +CVE_STATUS[CVE-2023-52501] = "fixed-version: Fixed from version 6.6rc2" + +CVE_STATUS[CVE-2023-52502] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52503] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52504] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52505] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52506] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52507] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52508] = "fixed-version: Fixed from version 6.6rc2" + +CVE_STATUS[CVE-2023-52509] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52510] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52511] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2023-52512] = "fixed-version: Fixed from version 6.6rc6" + +CVE_STATUS[CVE-2023-52513] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52515] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52516] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2023-52517] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2023-52518] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52519] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52520] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52522] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52523] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52524] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52525] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52526] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52527] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52528] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52529] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52530] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52531] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52532] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52559] = "fixed-version: Fixed from version 6.6rc5" + +CVE_STATUS[CVE-2023-52560] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52561] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2023-52562] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52563] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52564] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52565] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52566] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52567] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52568] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52569] = "fixed-version: Fixed from version 6.6rc2" + +CVE_STATUS[CVE-2023-52570] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52571] = "fixed-version: Fixed from version 6.6rc4" + +CVE_STATUS[CVE-2023-52572] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52573] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52574] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52575] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52576] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52577] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52578] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52580] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52581] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52582] = "fixed-version: Fixed from version 6.6rc3" + +CVE_STATUS[CVE-2023-52583] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52584] = "cpe-stable-backport: Backported in 6.6.16" + +# CVE-2023-52585 needs backporting (fixed from 6.8rc1) + +# CVE-2023-52586 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2023-52587] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52588] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52589] = "cpe-stable-backport: Backported in 6.6.16" + +# CVE-2023-52590 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2023-52591] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52593] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52594] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52595] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52596] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52597] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52598] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52599] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52600] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52601] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52602] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52603] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52604] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52606] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52607] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52608] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52609] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52610] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52611] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52612] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52613] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2023-52614] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52615] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52616] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52617] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52618] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52619] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52620] = "fixed-version: Fixed from version 6.4" + +CVE_STATUS[CVE-2023-52621] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52622] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52623] = "cpe-stable-backport: Backported in 6.6.16" + +# CVE-2023-52624 needs backporting (fixed from 6.8rc1) + +# CVE-2023-52625 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2023-52626] = "fixed-version: only affects 6.7rc2 onwards" + +CVE_STATUS[CVE-2023-52627] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2023-52628] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2023-52629] = "fixed-version: Fixed from version 6.6rc1" + +CVE_STATUS[CVE-2023-52630] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2023-52631] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2023-52632] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52633] = "cpe-stable-backport: Backported in 6.6.16" + +# CVE-2023-52634 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2023-52635] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2023-52636] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2023-52637] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2023-52638] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2023-52639] = "cpe-stable-backport: Backported in 6.6.22" + +CVE_STATUS[CVE-2023-52640] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2023-52641] = "cpe-stable-backport: Backported in 6.6.19" + CVE_STATUS[CVE-2023-5345] = "fixed-version: Fixed from version 6.6rc4" CVE_STATUS[CVE-2023-5633] = "fixed-version: Fixed from version 6.6rc6" @@ -5232,15 +6096,15 @@ CVE_STATUS[CVE-2023-6200] = "cpe-stable-backport: Backported in 6.6.9" # CVE-2023-6240 has no known resolution -# CVE-2023-6270 has no known resolution +CVE_STATUS[CVE-2023-6270] = "cpe-stable-backport: Backported in 6.6.23" -# CVE-2023-6356 has no known resolution +CVE_STATUS[CVE-2023-6356] = "cpe-stable-backport: Backported in 6.6.14" CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.6.7" # CVE-2023-6535 has no known resolution -# CVE-2023-6536 has no known resolution +CVE_STATUS[CVE-2023-6536] = "cpe-stable-backport: Backported in 6.6.14" CVE_STATUS[CVE-2023-6546] = "fixed-version: Fixed from version 6.5rc7" @@ -5262,7 +6126,7 @@ CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.6.7" CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.6.5" -# CVE-2023-7042 has no known resolution +CVE_STATUS[CVE-2023-7042] = "cpe-stable-backport: Backported in 6.6.23" CVE_STATUS[CVE-2023-7192] = "fixed-version: Fixed from version 6.3rc1" @@ -5292,7 +6156,7 @@ CVE_STATUS[CVE-2024-0646] = "cpe-stable-backport: Backported in 6.6.7" CVE_STATUS[CVE-2024-0775] = "fixed-version: Fixed from version 6.4rc2" -# CVE-2024-0841 has no known resolution +CVE_STATUS[CVE-2024-0841] = "cpe-stable-backport: Backported in 6.6.18" CVE_STATUS[CVE-2024-1085] = "cpe-stable-backport: Backported in 6.6.14" @@ -5304,15 +6168,17 @@ CVE_STATUS[CVE-2024-1312] = "fixed-version: Fixed from version 6.5rc4" # CVE-2024-21803 has no known resolution -# CVE-2024-22099 has no known resolution +# CVE-2024-2193 has no known resolution + +CVE_STATUS[CVE-2024-22099] = "cpe-stable-backport: Backported in 6.6.23" # CVE-2024-22386 has no known resolution CVE_STATUS[CVE-2024-22705] = "cpe-stable-backport: Backported in 6.6.10" -# CVE-2024-23196 has no known resolution +CVE_STATUS[CVE-2024-23196] = "fixed-version: Fixed from version 6.5rc1" -# CVE-2024-23307 has no known resolution +CVE_STATUS[CVE-2024-23307] = "cpe-stable-backport: Backported in 6.6.24" # CVE-2024-23848 has no known resolution @@ -5332,7 +6198,7 @@ CVE_STATUS[CVE-2024-24855] = "fixed-version: Fixed from version 6.5rc2" CVE_STATUS[CVE-2024-24860] = "cpe-stable-backport: Backported in 6.6.14" -# CVE-2024-24861 has no known resolution +CVE_STATUS[CVE-2024-24861] = "cpe-stable-backport: Backported in 6.6.24" # CVE-2024-24864 has no known resolution @@ -5382,3 +6248,413 @@ CVE_STATUS[CVE-2024-26598] = "cpe-stable-backport: Backported in 6.6.14" CVE_STATUS[CVE-2024-26599] = "cpe-stable-backport: Backported in 6.6.14" +CVE_STATUS[CVE-2024-26600] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26601] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26602] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26603] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26604] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26605] = "fixed-version: only affects 6.7 onwards" + +CVE_STATUS[CVE-2024-26606] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26607] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26608] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26610] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26611] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26612] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26614] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26615] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26616] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26617] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26618] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26619] = "fixed-version: only affects 6.7rc5 onwards" + +CVE_STATUS[CVE-2024-26620] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26621] = "fixed-version: only affects 6.7 onwards" + +CVE_STATUS[CVE-2024-26622] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26623] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2024-26625] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2024-26626] = "fixed-version: only affects 6.8rc1 onwards" + +CVE_STATUS[CVE-2024-26627] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2024-26629] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26630] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26631] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2024-26632] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2024-26633] = "cpe-stable-backport: Backported in 6.6.14" + +CVE_STATUS[CVE-2024-26634] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26635] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26636] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26637] = "fixed-version: only affects 6.7 onwards" + +CVE_STATUS[CVE-2024-26638] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26639] = "fixed-version: only affects 6.8rc1 onwards" + +CVE_STATUS[CVE-2024-26640] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2024-26641] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2024-26642] = "cpe-stable-backport: Backported in 6.6.24" + +CVE_STATUS[CVE-2024-26643] = "cpe-stable-backport: Backported in 6.6.24" + +CVE_STATUS[CVE-2024-26644] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26645] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26646] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26647] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26648] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26649] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26650] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26651] = "cpe-stable-backport: Backported in 6.6.23" + +CVE_STATUS[CVE-2024-26652] = "cpe-stable-backport: Backported in 6.6.22" + +CVE_STATUS[CVE-2024-26653] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26654] = "cpe-stable-backport: Backported in 6.6.24" + +# CVE-2024-26655 needs backporting (fixed from 6.9rc2) + +CVE_STATUS[CVE-2024-26656] = "cpe-stable-backport: Backported in 6.6.24" + +CVE_STATUS[CVE-2024-26657] = "fixed-version: only affects 6.7rc1 onwards" + +# CVE-2024-26658 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2024-26659] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26660] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26661] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26662] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26663] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26664] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26665] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26666] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26667] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26668] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26669] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26670] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26671] = "cpe-stable-backport: Backported in 6.6.16" + +# CVE-2024-26672 needs backporting (fixed from 6.8rc1) + +CVE_STATUS[CVE-2024-26673] = "cpe-stable-backport: Backported in 6.6.16" + +CVE_STATUS[CVE-2024-26674] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26675] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26676] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26677] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26678] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26679] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26680] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26681] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26682] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26683] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26684] = "cpe-stable-backport: Backported in 6.6.17" + +CVE_STATUS[CVE-2024-26685] = "cpe-stable-backport: Backported in 6.6.18" + +# CVE-2024-26686 needs backporting (fixed from 6.8rc4) + +CVE_STATUS[CVE-2024-26687] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26688] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26689] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26690] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26691] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26692] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26693] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26694] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26695] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26696] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26697] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26698] = "cpe-stable-backport: Backported in 6.6.18" + +# CVE-2024-26699 needs backporting (fixed from 6.8rc5) + +CVE_STATUS[CVE-2024-26700] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26702] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26703] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26704] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26705] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26706] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26707] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26708] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26709] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26710] = "fixed-version: only affects 6.8rc1 onwards" + +CVE_STATUS[CVE-2024-26711] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26712] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26713] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26714] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26715] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26716] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26717] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26718] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26719] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26720] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26721] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26722] = "fixed-version: only affects 6.7rc5 onwards" + +CVE_STATUS[CVE-2024-26723] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26724] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26725] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26726] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26727] = "cpe-stable-backport: Backported in 6.6.18" + +CVE_STATUS[CVE-2024-26728] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26729] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26730] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26731] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26732] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26733] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26734] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26735] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26736] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26737] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26738] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26739] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26740] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26741] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26742] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26743] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26744] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26745] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26746] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26747] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26748] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26749] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26750] = "fixed-version: only affects 6.8rc5 onwards" + +CVE_STATUS[CVE-2024-26751] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26752] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26753] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26754] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26755] = "fixed-version: only affects 6.7rc1 onwards" + +# CVE-2024-26756 needs backporting (fixed from 6.8rc6) + +# CVE-2024-26757 needs backporting (fixed from 6.8rc6) + +# CVE-2024-26758 needs backporting (fixed from 6.8rc6) + +CVE_STATUS[CVE-2024-26759] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26760] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26761] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26762] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2024-26763] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26764] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26765] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26766] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26767] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26768] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26769] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26770] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26771] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26772] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26773] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26774] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26775] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26776] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26777] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26778] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26779] = "cpe-stable-backport: Backported in 6.6.19" + +CVE_STATUS[CVE-2024-26780] = "fixed-version: only affects 6.8rc4 onwards" + +CVE_STATUS[CVE-2024-26781] = "fixed-version: only affects 6.8rc6 onwards" + +CVE_STATUS[CVE-2024-26782] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26783] = "cpe-stable-backport: Backported in 6.6.22" + +# CVE-2024-26784 needs backporting (fixed from 6.8rc7) + +# CVE-2024-26785 needs backporting (fixed from 6.8rc7) + +CVE_STATUS[CVE-2024-26786] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26787] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26788] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26789] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26790] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26791] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26792] = "fixed-version: only affects 6.8rc4 onwards" + +CVE_STATUS[CVE-2024-26793] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26794] = "fixed-version: only affects 6.8rc6 onwards" + +CVE_STATUS[CVE-2024-26795] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26796] = "cpe-stable-backport: Backported in 6.6.21" + +# CVE-2024-26797 needs backporting (fixed from 6.8rc7) + +CVE_STATUS[CVE-2024-26798] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26799] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26800] = "fixed-version: only affects 6.8rc5 onwards" + +CVE_STATUS[CVE-2024-26801] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26802] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26803] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26804] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26805] = "cpe-stable-backport: Backported in 6.6.21" + +# CVE-2024-26806 needs backporting (fixed from 6.8rc7) + +CVE_STATUS[CVE-2024-26807] = "cpe-stable-backport: Backported in 6.6.21" + +CVE_STATUS[CVE-2024-26808] = "cpe-stable-backport: Backported in 6.6.15" + +CVE_STATUS[CVE-2024-26809] = "cpe-stable-backport: Backported in 6.6.23" + diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb index a44a08451a..dc1413ca94 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb @@ -14,13 +14,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "19813826de57a6425518c7b3daf8dd6a04d2321f" -SRCREV_meta ?= "f7f00b22efcfcae6489e9ec7db7002685fbc078b" +SRCREV_machine ?= "4209a548f26ad97f610f6c7acfee7fabe009dd3d" +SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "6.6.23" +LINUX_VERSION ?= "6.6.35" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb index db9e252572..f02a9c186a 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb @@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc # CVE exclusions include recipes-kernel/linux/cve-exclusion_6.6.inc -LINUX_VERSION ?= "6.6.23" +LINUX_VERSION ?= "6.6.35" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_meta ?= "f7f00b22efcfcae6489e9ec7db7002685fbc078b" +SRCREV_machine ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8" PV = "${LINUX_VERSION}+git" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb index 43696db59b..ca7c4e978a 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb @@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.6/standard/base" KBRANCH:qemuloongarch64 ?= "v6.6/standard/base" KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "ceb94a85299b59d8840ed7ed392b1d3e4c727678" -SRCREV_machine:qemuarm64 ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemuloongarch64 ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemumips ?= "c79ffc89f8909f60de52005ef258db9752634eda" -SRCREV_machine:qemuppc ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemuriscv64 ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemuriscv32 ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemux86 ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemux86-64 ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_machine:qemumips64 ?= "b0a73fa83073c8d7d7bc917bcbeac88d296ebe38" -SRCREV_machine ?= "2d01bc1d4eeade12518371139dd24a21438f523c" -SRCREV_meta ?= "f7f00b22efcfcae6489e9ec7db7002685fbc078b" +SRCREV_machine:qemuarm ?= "7558103b801174f277373aa9d7d7eedf3a30d5f8" +SRCREV_machine:qemuarm64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemuloongarch64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemumips ?= "cd21dc96adcb1d60ad6cc57446464abf4dd338fc" +SRCREV_machine:qemuppc ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemuriscv64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemuriscv32 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemux86 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemux86-64 ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_machine:qemumips64 ?= "6700dad2e55f71fea268db201a394b371ffdd78c" +SRCREV_machine ?= "f71bb11887bae80ab718b3f38f1c1e80c07676a3" +SRCREV_meta ?= "da275b53b13faafa834352e3f9dd3f91a2c03bb8" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "5c7587f69194bc9fc714953ab4c7203e6e68885b" +SRCREV_machine:class-devupstream ?= "5f2d0708acd0e1d2475d73c61819053de284bcc4" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v6.6/base" @@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "6.6.23" +LINUX_VERSION ?= "6.6.35" PV = "${LINUX_VERSION}+git" diff --git a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.7.bb b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.8.bb index 9509185bad..dddd3a5004 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.7.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.8.bb @@ -34,7 +34,7 @@ SRC_URI = "https://lttng.org/files/lttng-ust/lttng-ust-${PV}.tar.bz2 \ file://0001-Makefile.am-update-rpath-link.patch \ " -SRC_URI[sha256sum] = "5fb4f17c307c8c1b79c68561e89be9562d07e7425bf40e728c4d66755342a5eb" +SRC_URI[sha256sum] = "d4ef98dab9a37ad4f524ccafdfd50af4f266039b528dd5afabce78e49024d937" CVE_PRODUCT = "ust" diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/av1_ordering_info.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/av1_ordering_info.patch new file mode 100644 index 0000000000..bfc894563c --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/av1_ordering_info.patch @@ -0,0 +1,91 @@ +From cafb4c554845332eeb33284cf6498049997dc67e Mon Sep 17 00:00:00 2001 +From: Mark Thompson <sw@jkqxz.net> +Date: Wed, 20 Mar 2024 20:35:28 +0000 +Subject: [PATCH] lavc/cbs_av1: Save more frame ordering information + +This is wanted by the Vulkan decoder. + +Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> +Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/ecdc94b97f809d5f2b88640842fd0541951ad295] +--- + libavcodec/cbs_av1.h | 5 +++++ + libavcodec/cbs_av1_syntax_template.c | 25 +++++++++++++++++++++---- + 2 files changed, 26 insertions(+), 4 deletions(-) + +diff --git a/libavcodec/cbs_av1.h b/libavcodec/cbs_av1.h +index a5402f069d..a027013bc7 100644 +--- a/libavcodec/cbs_av1.h ++++ b/libavcodec/cbs_av1.h +@@ -427,6 +427,8 @@ typedef struct AV1ReferenceFrameState { + int bit_depth; // RefBitDepth + int order_hint; // RefOrderHint + ++ int saved_order_hints[AV1_TOTAL_REFS_PER_FRAME]; // SavedOrderHints[ref] ++ + int8_t loop_filter_ref_deltas[AV1_TOTAL_REFS_PER_FRAME]; + int8_t loop_filter_mode_deltas[2]; + uint8_t feature_enabled[AV1_MAX_SEGMENTS][AV1_SEG_LVL_MAX]; +@@ -464,6 +466,9 @@ typedef struct CodedBitstreamAV1Context { + int tile_rows; + int tile_num; + ++ int order_hints[AV1_TOTAL_REFS_PER_FRAME]; // OrderHints ++ int ref_frame_sign_bias[AV1_TOTAL_REFS_PER_FRAME]; // RefFrameSignBias ++ + AV1ReferenceFrameState ref[AV1_NUM_REF_FRAMES]; + + // AVOptions +diff --git a/libavcodec/cbs_av1_syntax_template.c b/libavcodec/cbs_av1_syntax_template.c +index 3be1f2d30f..2979c5d98f 100644 +--- a/libavcodec/cbs_av1_syntax_template.c ++++ b/libavcodec/cbs_av1_syntax_template.c +@@ -1414,6 +1414,8 @@ static int FUNC(uncompressed_header)(CodedBitstreamContext *ctx, RWContext *rw, + priv->ref[i].valid = 0; + priv->ref[i].order_hint = 0; + } ++ for (i = 0; i < AV1_REFS_PER_FRAME; i++) ++ priv->order_hints[i + AV1_REF_FRAME_LAST] = 0; + } + + flag(disable_cdf_update); +@@ -1568,11 +1570,20 @@ static int FUNC(uncompressed_header)(CodedBitstreamContext *ctx, RWContext *rw, + else + flag(use_ref_frame_mvs); + +- infer(allow_intrabc, 0); +- } ++ for (i = 0; i < AV1_REFS_PER_FRAME; i++) { ++ int ref_frame = AV1_REF_FRAME_LAST + i; ++ int hint = priv->ref[current->ref_frame_idx[i]].order_hint; ++ priv->order_hints[ref_frame] = hint; ++ if (!seq->enable_order_hint) { ++ priv->ref_frame_sign_bias[ref_frame] = 0; ++ } else { ++ priv->ref_frame_sign_bias[ref_frame] = ++ cbs_av1_get_relative_dist(seq, hint, ++ current->order_hint) > 0; ++ } ++ } + +- if (!frame_is_intra) { +- // Derive reference frame sign biases. ++ infer(allow_intrabc, 0); + } + + if (seq->reduced_still_picture_header || current->disable_cdf_update) +@@ -1674,6 +1685,12 @@ update_refs: + .bit_depth = priv->bit_depth, + .order_hint = priv->order_hint, + }; ++ ++ for (int j = 0; j < AV1_REFS_PER_FRAME; j++) { ++ priv->ref[i].saved_order_hints[j + AV1_REF_FRAME_LAST] = ++ priv->order_hints[j + AV1_REF_FRAME_LAST]; ++ } ++ + memcpy(priv->ref[i].loop_filter_ref_deltas, current->loop_filter_ref_deltas, + sizeof(current->loop_filter_ref_deltas)); + memcpy(priv->ref[i].loop_filter_mode_deltas, current->loop_filter_mode_deltas, +-- +2.25.1 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_av1_stable_API.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_av1_stable_API.patch new file mode 100644 index 0000000000..74db148b3b --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_av1_stable_API.patch @@ -0,0 +1,1382 @@ +From ecdc94b97f809d5f2b88640842fd0541951ad295 Mon Sep 17 00:00:00 2001 +From: Lynne <dev@lynne.ee> +Date: Fri, 19 Jan 2024 10:49:02 +1000 +Subject: [PATCH] vulkan_av1: port to the new stable API + +Co-Authored-by: Dave Airlie <airlied@redhat.com> +Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> +Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/ecdc94b97f809d5f2b88640842fd0541951ad295] +--- + configure | 4 +- + libavcodec/Makefile | 5 +- + libavcodec/vulkan_av1.c | 514 ++++++++++-------- + libavcodec/vulkan_decode.c | 31 +- + libavcodec/vulkan_decode.h | 2 +- + libavcodec/vulkan_video.h | 2 - + .../vulkan_video_codec_av1std_decode_mesa.h | 36 -- + libavcodec/vulkan_video_codec_av1std_mesa.h | 403 -------------- + libavutil/hwcontext_vulkan.c | 2 +- + libavutil/vulkan_functions.h | 2 +- + libavutil/vulkan_loader.h | 2 +- + 11 files changed, 306 insertions(+), 697 deletions(-) + delete mode 100644 libavcodec/vulkan_video_codec_av1std_decode_mesa.h + delete mode 100644 libavcodec/vulkan_video_codec_av1std_mesa.h + +diff --git a/configure b/configure +index e853deb51d..9fa639fca6 100755 +--- a/configure ++++ b/configure +@@ -7300,8 +7300,8 @@ enabled vdpau && + "in maintaining it." + + if enabled vulkan; then +- check_pkg_config_header_only vulkan "vulkan >= 1.3.255" "vulkan/vulkan.h" "defined VK_VERSION_1_3" || +- check_cpp_condition vulkan "vulkan/vulkan.h" "defined(VK_VERSION_1_4) || (defined(VK_VERSION_1_3) && VK_HEADER_VERSION >= 255)" ++ check_pkg_config_header_only vulkan "vulkan >= 1.3.277" "vulkan/vulkan.h" "defined VK_VERSION_1_3" || ++ check_cpp_condition vulkan "vulkan/vulkan.h" "defined(VK_VERSION_1_4) || (defined(VK_VERSION_1_3) && VK_HEADER_VERSION >= 277)" + fi + + if disabled vulkan; then +diff --git a/libavcodec/Makefile b/libavcodec/Makefile +index 7ef2e03ca6..9ce6d445c1 100644 +--- a/libavcodec/Makefile ++++ b/libavcodec/Makefile +@@ -1258,8 +1258,7 @@ SKIPHEADERS += %_tablegen.h \ + aacenc_quantization.h \ + aacenc_quantization_misc.h \ + bitstream_template.h \ +- vulkan_video_codec_av1std.h \ +- $(ARCH)/vpx_arith.h \ ++ $(ARCH)/vpx_arith.h \ + + SKIPHEADERS-$(CONFIG_AMF) += amfenc.h + SKIPHEADERS-$(CONFIG_D3D11VA) += d3d11va.h dxva2_internal.h +@@ -1280,7 +1279,7 @@ SKIPHEADERS-$(CONFIG_QSVENC) += qsvenc.h + SKIPHEADERS-$(CONFIG_VAAPI) += vaapi_decode.h vaapi_hevc.h vaapi_encode.h + SKIPHEADERS-$(CONFIG_VDPAU) += vdpau.h vdpau_internal.h + SKIPHEADERS-$(CONFIG_VIDEOTOOLBOX) += videotoolbox.h vt_internal.h +-SKIPHEADERS-$(CONFIG_VULKAN) += vulkan.h vulkan_video.h vulkan_decode.h vulkan_video_codec_av1std_decode.h ++SKIPHEADERS-$(CONFIG_VULKAN) += vulkan.h vulkan_video.h vulkan_decode.h + SKIPHEADERS-$(CONFIG_V4L2_M2M) += v4l2_buffers.h v4l2_context.h v4l2_m2m.h + SKIPHEADERS-$(CONFIG_ZLIB) += zlib_wrapper.h + +diff --git a/libavcodec/vulkan_av1.c b/libavcodec/vulkan_av1.c +index 5afd5353cc..c9e398eaec 100644 +--- a/libavcodec/vulkan_av1.c ++++ b/libavcodec/vulkan_av1.c +@@ -36,33 +36,47 @@ const FFVulkanDecodeDescriptor ff_vk_dec_av1_desc = { + typedef struct AV1VulkanDecodePicture { + FFVulkanDecodePicture vp; + +- /* Workaround for a spec issue. +- *Can be removed once no longer needed, and threading can be enabled. */ ++ /* TODO: investigate if this can be removed to make decoding completely ++ * independent. */ + FFVulkanDecodeContext *dec; + +- StdVideoAV1MESATile tiles[MAX_TILES]; +- StdVideoAV1MESATileList tile_list; +- const uint32_t *tile_offsets; ++ uint32_t tile_sizes[MAX_TILES]; + + /* Current picture */ +- VkVideoDecodeAV1DpbSlotInfoMESA vkav1_ref; +- StdVideoAV1MESAFrameHeader av1_frame_header; +- VkVideoDecodeAV1PictureInfoMESA av1_pic_info; ++ StdVideoDecodeAV1ReferenceInfo std_ref; ++ VkVideoDecodeAV1DpbSlotInfoKHR vkav1_ref; ++ uint16_t width_in_sbs_minus1[64]; ++ uint16_t height_in_sbs_minus1[64]; ++ uint16_t mi_col_starts[64]; ++ uint16_t mi_row_starts[64]; ++ StdVideoAV1TileInfo tile_info; ++ StdVideoAV1Quantization quantization; ++ StdVideoAV1Segmentation segmentation; ++ StdVideoAV1LoopFilter loop_filter; ++ StdVideoAV1CDEF cdef; ++ StdVideoAV1LoopRestoration loop_restoration; ++ StdVideoAV1GlobalMotion global_motion; ++ StdVideoAV1FilmGrain film_grain; ++ StdVideoDecodeAV1PictureInfo std_pic_info; ++ VkVideoDecodeAV1PictureInfoKHR av1_pic_info; + + /* Picture refs */ + const AV1Frame *ref_src [AV1_NUM_REF_FRAMES]; +- VkVideoDecodeAV1DpbSlotInfoMESA vkav1_refs[AV1_NUM_REF_FRAMES]; ++ StdVideoDecodeAV1ReferenceInfo std_refs [AV1_NUM_REF_FRAMES]; ++ VkVideoDecodeAV1DpbSlotInfoKHR vkav1_refs[AV1_NUM_REF_FRAMES]; + + uint8_t frame_id_set; + uint8_t frame_id; ++ uint8_t ref_frame_sign_bias_mask; + } AV1VulkanDecodePicture; + + static int vk_av1_fill_pict(AVCodecContext *avctx, const AV1Frame **ref_src, + VkVideoReferenceSlotInfoKHR *ref_slot, /* Main structure */ + VkVideoPictureResourceInfoKHR *ref, /* Goes in ^ */ +- VkVideoDecodeAV1DpbSlotInfoMESA *vkav1_ref, /* Goes in ^ */ ++ StdVideoDecodeAV1ReferenceInfo *vkav1_std_ref, ++ VkVideoDecodeAV1DpbSlotInfoKHR *vkav1_ref, /* Goes in ^ */ + const AV1Frame *pic, int is_current, int has_grain, +- int dpb_slot_index) ++ int *saved_order_hints) + { + FFVulkanDecodeContext *dec = avctx->internal->hwaccel_priv_data; + AV1VulkanDecodePicture *hp = pic->hwaccel_picture_private; +@@ -73,31 +87,42 @@ static int vk_av1_fill_pict(AVCodecContext *avctx, const AV1Frame **ref_src, + if (err < 0) + return err; + +- *vkav1_ref = (VkVideoDecodeAV1DpbSlotInfoMESA) { +- .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_DPB_SLOT_INFO_MESA, +- .frameIdx = hp->frame_id, ++ *vkav1_std_ref = (StdVideoDecodeAV1ReferenceInfo) { ++ .flags = (StdVideoDecodeAV1ReferenceInfoFlags) { ++ .disable_frame_end_update_cdf = pic->raw_frame_header->disable_frame_end_update_cdf, ++ .segmentation_enabled = pic->raw_frame_header->segmentation_enabled, ++ }, ++ .frame_type = pic->raw_frame_header->frame_type, ++ .OrderHint = pic->raw_frame_header->order_hint, ++ .RefFrameSignBias = hp->ref_frame_sign_bias_mask, + }; + +- for (unsigned i = 0; i < 7; i++) { +- const int idx = pic->raw_frame_header->ref_frame_idx[i]; +- vkav1_ref->ref_order_hint[i] = pic->raw_frame_header->ref_order_hint[idx]; +- } ++ if (saved_order_hints) ++ for (int i = 0; i < AV1_TOTAL_REFS_PER_FRAME; i++) ++ vkav1_std_ref->SavedOrderHints[i] = saved_order_hints[i]; ++ ++ *vkav1_ref = (VkVideoDecodeAV1DpbSlotInfoKHR) { ++ .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_DPB_SLOT_INFO_KHR, ++ .pStdReferenceInfo = vkav1_std_ref, ++ }; + +- vkav1_ref->disable_frame_end_update_cdf = pic->raw_frame_header->disable_frame_end_update_cdf; ++ vkav1_std_ref->flags.disable_frame_end_update_cdf = pic->raw_frame_header->disable_frame_end_update_cdf; ++ vkav1_std_ref->flags.segmentation_enabled = pic->raw_frame_header->segmentation_enabled; ++ vkav1_std_ref->frame_type = pic->raw_frame_header->frame_type; + + *ref = (VkVideoPictureResourceInfoKHR) { + .sType = VK_STRUCTURE_TYPE_VIDEO_PICTURE_RESOURCE_INFO_KHR, + .codedOffset = (VkOffset2D){ 0, 0 }, + .codedExtent = (VkExtent2D){ pic->f->width, pic->f->height }, + .baseArrayLayer = ((has_grain || dec->dedicated_dpb) && dec->layered_dpb) ? +- dpb_slot_index : 0, ++ hp->frame_id : 0, + .imageViewBinding = vkpic->img_view_ref, + }; + + *ref_slot = (VkVideoReferenceSlotInfoKHR) { + .sType = VK_STRUCTURE_TYPE_VIDEO_REFERENCE_SLOT_INFO_KHR, + .pNext = vkav1_ref, +- .slotIndex = dpb_slot_index, ++ .slotIndex = hp->frame_id, + .pPictureResource = ref, + }; + +@@ -115,15 +140,40 @@ static int vk_av1_create_params(AVCodecContext *avctx, AVBufferRef **buf) + + const AV1RawSequenceHeader *seq = s->raw_seq; + +- StdVideoAV1MESASequenceHeader av1_sequence_header; +- VkVideoDecodeAV1SessionParametersAddInfoMESA av1_params_info; +- VkVideoDecodeAV1SessionParametersCreateInfoMESA av1_params; ++ StdVideoAV1SequenceHeader av1_sequence_header; ++ StdVideoAV1TimingInfo av1_timing_info; ++ StdVideoAV1ColorConfig av1_color_config; ++ VkVideoDecodeAV1SessionParametersCreateInfoKHR av1_params; + VkVideoSessionParametersCreateInfoKHR session_params_create; + + int err; + +- av1_sequence_header = (StdVideoAV1MESASequenceHeader) { +- .flags = (StdVideoAV1MESASequenceHeaderFlags) { ++ av1_timing_info = (StdVideoAV1TimingInfo) { ++ .flags = (StdVideoAV1TimingInfoFlags) { ++ .equal_picture_interval = seq->timing_info.equal_picture_interval, ++ }, ++ .num_units_in_display_tick = seq->timing_info.num_units_in_display_tick, ++ .time_scale = seq->timing_info.time_scale, ++ .num_ticks_per_picture_minus_1 = seq->timing_info.num_ticks_per_picture_minus_1, ++ }; ++ ++ av1_color_config = (StdVideoAV1ColorConfig) { ++ .flags = (StdVideoAV1ColorConfigFlags) { ++ .mono_chrome = seq->color_config.mono_chrome, ++ .color_range = seq->color_config.color_range, ++ .separate_uv_delta_q = seq->color_config.separate_uv_delta_q, ++ }, ++ .BitDepth = seq->color_config.twelve_bit ? 12 : ++ seq->color_config.high_bitdepth ? 10 : 8, ++ .subsampling_x = seq->color_config.subsampling_x, ++ .subsampling_y = seq->color_config.subsampling_y, ++ .color_primaries = seq->color_config.color_primaries, ++ .transfer_characteristics = seq->color_config.transfer_characteristics, ++ .matrix_coefficients = seq->color_config.matrix_coefficients, ++ }; ++ ++ av1_sequence_header = (StdVideoAV1SequenceHeader) { ++ .flags = (StdVideoAV1SequenceHeaderFlags) { + .still_picture = seq->still_picture, + .reduced_still_picture_header = seq->reduced_still_picture_header, + .use_128x128_superblock = seq->use_128x128_superblock, +@@ -152,34 +202,15 @@ static int vk_av1_create_params(AVCodecContext *avctx, AVBufferRef **buf) + .delta_frame_id_length_minus_2 = seq->delta_frame_id_length_minus_2, + .additional_frame_id_length_minus_1 = seq->additional_frame_id_length_minus_1, + .order_hint_bits_minus_1 = seq->order_hint_bits_minus_1, +- .timing_info = (StdVideoAV1MESATimingInfo) { +- .flags = (StdVideoAV1MESATimingInfoFlags) { +- .equal_picture_interval = seq->timing_info.equal_picture_interval, +- }, +- .num_units_in_display_tick = seq->timing_info.num_units_in_display_tick, +- .time_scale = seq->timing_info.time_scale, +- .num_ticks_per_picture_minus_1 = seq->timing_info.num_ticks_per_picture_minus_1, +- }, +- .color_config = (StdVideoAV1MESAColorConfig) { +- .flags = (StdVideoAV1MESAColorConfigFlags) { +- .mono_chrome = seq->color_config.mono_chrome, +- .color_range = seq->color_config.color_range, +- .separate_uv_delta_q = seq->color_config.separate_uv_delta_q, +- }, +- .bit_depth = seq->color_config.twelve_bit ? 12 : +- seq->color_config.high_bitdepth ? 10 : 8, +- .subsampling_x = seq->color_config.subsampling_x, +- .subsampling_y = seq->color_config.subsampling_y, +- }, ++ .seq_force_integer_mv = seq->seq_force_integer_mv, ++ .seq_force_screen_content_tools = seq->seq_force_screen_content_tools, ++ .pTimingInfo = &av1_timing_info, ++ .pColorConfig = &av1_color_config, + }; + +- av1_params_info = (VkVideoDecodeAV1SessionParametersAddInfoMESA) { +- .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_ADD_INFO_MESA, +- .sequence_header = &av1_sequence_header, +- }; +- av1_params = (VkVideoDecodeAV1SessionParametersCreateInfoMESA) { +- .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_CREATE_INFO_MESA, +- .pParametersAddInfo = &av1_params_info, ++ av1_params = (VkVideoDecodeAV1SessionParametersCreateInfoKHR) { ++ .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_CREATE_INFO_KHR, ++ .pStdSequenceHeader = &av1_sequence_header, + }; + session_params_create = (VkVideoSessionParametersCreateInfoKHR) { + .sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR, +@@ -211,8 +242,14 @@ static int vk_av1_start_frame(AVCodecContext *avctx, + + const AV1RawFrameHeader *frame_header = s->raw_frame_header; + const AV1RawFilmGrainParams *film_grain = &s->cur_frame.film_grain; ++ CodedBitstreamAV1Context *cbs_ctx = (CodedBitstreamAV1Context *)(s->cbc->priv_data); ++ + const int apply_grain = !(avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN) && + film_grain->apply_grain; ++ StdVideoAV1FrameRestorationType remap_lr_type[4] = { STD_VIDEO_AV1_FRAME_RESTORATION_TYPE_NONE, ++ STD_VIDEO_AV1_FRAME_RESTORATION_TYPE_SWITCHABLE, ++ STD_VIDEO_AV1_FRAME_RESTORATION_TYPE_WIENER, ++ STD_VIDEO_AV1_FRAME_RESTORATION_TYPE_SGRPROJ }; + + if (!dec->session_params) { + err = vk_av1_create_params(avctx, &dec->session_params); +@@ -233,15 +270,31 @@ static int vk_av1_start_frame(AVCodecContext *avctx, + dec->frame_id_alloc_mask |= (1 << slot_idx); + } + +- /* Fill in references */ +- for (int i = 0; i < AV1_NUM_REF_FRAMES; i++) { +- const AV1Frame *ref_frame = &s->ref[i]; +- if (s->ref[i].f->pict_type == AV_PICTURE_TYPE_NONE) ++ ap->ref_frame_sign_bias_mask = 0x0; ++ for (int i = 0; i < STD_VIDEO_AV1_TOTAL_REFS_PER_FRAME; i++) ++ ap->ref_frame_sign_bias_mask |= cbs_ctx->ref_frame_sign_bias[i] << i; ++ ++ for (int i = 0; i < STD_VIDEO_AV1_REFS_PER_FRAME; i++) { ++ const int idx = pic->raw_frame_header->ref_frame_idx[i]; ++ const AV1Frame *ref_frame = &s->ref[idx]; ++ AV1VulkanDecodePicture *hp = ref_frame->hwaccel_picture_private; ++ int found = 0; ++ ++ if (ref_frame->f->pict_type == AV_PICTURE_TYPE_NONE) ++ continue; ++ ++ for (int j = 0; j < ref_count; j++) { ++ if (vp->ref_slots[j].slotIndex == hp->frame_id) { ++ found = 1; ++ break; ++ } ++ } ++ if (found) + continue; + +- err = vk_av1_fill_pict(avctx, &ap->ref_src[i], &vp->ref_slots[i], +- &vp->refs[i], &ap->vkav1_refs[i], +- ref_frame, 0, 0, i); ++ err = vk_av1_fill_pict(avctx, &ap->ref_src[ref_count], &vp->ref_slots[ref_count], ++ &vp->refs[ref_count], &ap->std_refs[ref_count], &ap->vkav1_refs[ref_count], ++ ref_frame, 0, 0, cbs_ctx->ref[idx].saved_order_hints); + if (err < 0) + return err; + +@@ -249,20 +302,32 @@ static int vk_av1_start_frame(AVCodecContext *avctx, + } + + err = vk_av1_fill_pict(avctx, NULL, &vp->ref_slot, &vp->ref, ++ &ap->std_ref, + &ap->vkav1_ref, +- pic, 1, apply_grain, 8); ++ pic, 1, apply_grain, NULL); + if (err < 0) + return err; + +- ap->tile_list.nb_tiles = 0; +- ap->tile_list.tile_list = ap->tiles; +- +- ap->av1_pic_info = (VkVideoDecodeAV1PictureInfoMESA) { +- .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PICTURE_INFO_MESA, +- .frame_header = &ap->av1_frame_header, +- .tile_list = &ap->tile_list, ++ ap->av1_pic_info = (VkVideoDecodeAV1PictureInfoKHR) { ++ .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PICTURE_INFO_KHR, ++ .pStdPictureInfo = &ap->std_pic_info, ++ .frameHeaderOffset = 0, ++ .tileCount = 0, ++ .pTileOffsets = NULL, ++ .pTileSizes = ap->tile_sizes, + }; + ++ for (int i = 0; i < STD_VIDEO_AV1_REFS_PER_FRAME; i++) { ++ const int idx = pic->raw_frame_header->ref_frame_idx[i]; ++ const AV1Frame *ref_frame = &s->ref[idx]; ++ AV1VulkanDecodePicture *hp = ref_frame->hwaccel_picture_private; ++ ++ if (ref_frame->f->pict_type == AV_PICTURE_TYPE_NONE) ++ ap->av1_pic_info.referenceNameSlotIndices[i] = -1; ++ else ++ ap->av1_pic_info.referenceNameSlotIndices[i] = hp->frame_id; ++ } ++ + vp->decode_info = (VkVideoDecodeInfoKHR) { + .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_INFO_KHR, + .pNext = &ap->av1_pic_info, +@@ -279,9 +344,87 @@ static int vk_av1_start_frame(AVCodecContext *avctx, + }, + }; + ++ ap->tile_info = (StdVideoAV1TileInfo) { ++ .flags = (StdVideoAV1TileInfoFlags) { ++ .uniform_tile_spacing_flag = frame_header->uniform_tile_spacing_flag, ++ }, ++ .TileCols = frame_header->tile_cols, ++ .TileRows = frame_header->tile_rows, ++ .context_update_tile_id = frame_header->context_update_tile_id, ++ .tile_size_bytes_minus_1 = frame_header->tile_size_bytes_minus1, ++ .pWidthInSbsMinus1 = ap->width_in_sbs_minus1, ++ .pHeightInSbsMinus1 = ap->height_in_sbs_minus1, ++ .pMiColStarts = ap->mi_col_starts, ++ .pMiRowStarts = ap->mi_row_starts, ++ }; ++ ++ ap->quantization = (StdVideoAV1Quantization) { ++ .flags.using_qmatrix = frame_header->using_qmatrix, ++ .flags.diff_uv_delta = frame_header->diff_uv_delta, ++ .base_q_idx = frame_header->base_q_idx, ++ .DeltaQYDc = frame_header->delta_q_y_dc, ++ .DeltaQUDc = frame_header->delta_q_u_dc, ++ .DeltaQUAc = frame_header->delta_q_u_ac, ++ .DeltaQVDc = frame_header->delta_q_v_dc, ++ .DeltaQVAc = frame_header->delta_q_v_ac, ++ .qm_y = frame_header->qm_y, ++ .qm_u = frame_header->qm_u, ++ .qm_v = frame_header->qm_v, ++ }; ++ ++ ap->loop_filter = (StdVideoAV1LoopFilter) { ++ .flags = (StdVideoAV1LoopFilterFlags) { ++ .loop_filter_delta_enabled = frame_header->loop_filter_delta_enabled, ++ .loop_filter_delta_update = frame_header->loop_filter_delta_update, ++ }, ++ .loop_filter_sharpness = frame_header->loop_filter_sharpness, ++ }; ++ ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_LOOP_FILTER_STRENGTHS; i++) ++ ap->loop_filter.loop_filter_level[i] = frame_header->loop_filter_level[i]; ++ for (int i = 0; i < STD_VIDEO_AV1_LOOP_FILTER_ADJUSTMENTS; i++) ++ ap->loop_filter.loop_filter_mode_deltas[i] = frame_header->loop_filter_mode_deltas[i]; ++ ++ ap->cdef = (StdVideoAV1CDEF) { ++ .cdef_damping_minus_3 = frame_header->cdef_damping_minus_3, ++ .cdef_bits = frame_header->cdef_bits, ++ }; ++ ++ ap->loop_restoration = (StdVideoAV1LoopRestoration) { ++ .FrameRestorationType[0] = remap_lr_type[frame_header->lr_type[0]], ++ .FrameRestorationType[1] = remap_lr_type[frame_header->lr_type[1]], ++ .FrameRestorationType[2] = remap_lr_type[frame_header->lr_type[2]], ++ .LoopRestorationSize[0] = 1 + frame_header->lr_unit_shift, ++ .LoopRestorationSize[1] = 1 + frame_header->lr_unit_shift - frame_header->lr_uv_shift, ++ .LoopRestorationSize[2] = 1 + frame_header->lr_unit_shift - frame_header->lr_uv_shift, ++ }; ++ ++ ap->film_grain = (StdVideoAV1FilmGrain) { ++ .flags = (StdVideoAV1FilmGrainFlags) { ++ .chroma_scaling_from_luma = film_grain->chroma_scaling_from_luma, ++ .overlap_flag = film_grain->overlap_flag, ++ .clip_to_restricted_range = film_grain->clip_to_restricted_range, ++ }, ++ .grain_scaling_minus_8 = film_grain->grain_scaling_minus_8, ++ .ar_coeff_lag = film_grain->ar_coeff_lag, ++ .ar_coeff_shift_minus_6 = film_grain->ar_coeff_shift_minus_6, ++ .grain_scale_shift = film_grain->grain_scale_shift, ++ .grain_seed = film_grain->grain_seed, ++ .film_grain_params_ref_idx = film_grain->film_grain_params_ref_idx, ++ .num_y_points = film_grain->num_y_points, ++ .num_cb_points = film_grain->num_cb_points, ++ .num_cr_points = film_grain->num_cr_points, ++ .cb_mult = film_grain->cb_mult, ++ .cb_luma_mult = film_grain->cb_luma_mult, ++ .cb_offset = film_grain->cb_offset, ++ .cr_mult = film_grain->cr_mult, ++ .cr_luma_mult = film_grain->cr_luma_mult, ++ .cr_offset = film_grain->cr_offset, ++ }; ++ + /* Setup frame header */ +- ap->av1_frame_header = (StdVideoAV1MESAFrameHeader) { +- .flags = (StdVideoAV1MESAFrameHeaderFlags) { ++ ap->std_pic_info = (StdVideoDecodeAV1PictureInfo) { ++ .flags = (StdVideoDecodeAV1PictureInfoFlags) { + .error_resilient_mode = frame_header->error_resilient_mode, + .disable_cdf_update = frame_header->disable_cdf_update, + .use_superres = frame_header->use_superres, +@@ -302,174 +445,92 @@ static int vk_av1_start_frame(AVCodecContext *avctx, + .reference_select = frame_header->reference_select, + .skip_mode_present = frame_header->skip_mode_present, + .delta_q_present = frame_header->delta_q_present, ++ .delta_lf_present = frame_header->delta_lf_present, ++ .delta_lf_multi = frame_header->delta_lf_multi, ++ .segmentation_enabled = frame_header->segmentation_enabled, ++ .segmentation_update_map = frame_header->segmentation_update_map, ++ .segmentation_temporal_update = frame_header->segmentation_temporal_update, ++ .segmentation_update_data = frame_header->segmentation_update_data, ++ .UsesLr = frame_header->lr_type[0] || frame_header->lr_type[1] || frame_header->lr_type[2], ++ .apply_grain = apply_grain, + }, +- .frame_to_show_map_idx = frame_header->frame_to_show_map_idx, +- .frame_presentation_time = frame_header->frame_presentation_time, +- .display_frame_id = frame_header->display_frame_id, + .frame_type = frame_header->frame_type, + .current_frame_id = frame_header->current_frame_id, +- .order_hint = frame_header->order_hint, ++ .OrderHint = frame_header->order_hint, + .primary_ref_frame = frame_header->primary_ref_frame, +- .frame_width_minus_1 = frame_header->frame_width_minus_1, +- .frame_height_minus_1 = frame_header->frame_height_minus_1, +- .coded_denom = frame_header->coded_denom, +- .render_width_minus_1 = frame_header->render_width_minus_1, +- .render_height_minus_1 = frame_header->render_height_minus_1, + .refresh_frame_flags = frame_header->refresh_frame_flags, + .interpolation_filter = frame_header->interpolation_filter, +- .tx_mode = frame_header->tx_mode, +- .tiling = (StdVideoAV1MESATileInfo) { +- .flags = (StdVideoAV1MESATileInfoFlags) { +- .uniform_tile_spacing_flag = frame_header->uniform_tile_spacing_flag, +- }, +- .tile_cols = frame_header->tile_cols, +- .tile_rows = frame_header->tile_rows, +- .context_update_tile_id = frame_header->context_update_tile_id, +- .tile_size_bytes_minus1 = frame_header->tile_size_bytes_minus1, +- }, +- .quantization = (StdVideoAV1MESAQuantization) { +- .flags.using_qmatrix = frame_header->using_qmatrix, +- .base_q_idx = frame_header->base_q_idx, +- .delta_q_y_dc = frame_header->delta_q_y_dc, +- .diff_uv_delta = frame_header->diff_uv_delta, +- .delta_q_u_dc = frame_header->delta_q_u_dc, +- .delta_q_u_ac = frame_header->delta_q_u_ac, +- .delta_q_v_dc = frame_header->delta_q_v_dc, +- .delta_q_v_ac = frame_header->delta_q_v_ac, +- .qm_y = frame_header->qm_y, +- .qm_u = frame_header->qm_u, +- .qm_v = frame_header->qm_v, +- }, +- .delta_q = (StdVideoAV1MESADeltaQ) { +- .flags = (StdVideoAV1MESADeltaQFlags) { +- .delta_lf_present = frame_header->delta_lf_present, +- .delta_lf_multi = frame_header->delta_lf_multi, +- }, +- .delta_q_res = frame_header->delta_q_res, +- .delta_lf_res = frame_header->delta_lf_res, +- }, +- .loop_filter = (StdVideoAV1MESALoopFilter) { +- .flags = (StdVideoAV1MESALoopFilterFlags) { +- .delta_enabled = frame_header->loop_filter_delta_enabled, +- .delta_update = frame_header->loop_filter_delta_update, +- }, +- .level = { +- frame_header->loop_filter_level[0], frame_header->loop_filter_level[1], +- frame_header->loop_filter_level[2], frame_header->loop_filter_level[3], +- }, +- .sharpness = frame_header->loop_filter_sharpness, +- .mode_deltas = { +- frame_header->loop_filter_mode_deltas[0], frame_header->loop_filter_mode_deltas[1], +- }, +- }, +- .cdef = (StdVideoAV1MESACDEF) { +- .damping_minus_3 = frame_header->cdef_damping_minus_3, +- .bits = frame_header->cdef_bits, +- }, +- .lr = (StdVideoAV1MESALoopRestoration) { +- .lr_unit_shift = frame_header->lr_unit_shift, +- .lr_uv_shift = frame_header->lr_uv_shift, +- .lr_type = { frame_header->lr_type[0], frame_header->lr_type[1], frame_header->lr_type[2] }, +- }, +- .segmentation = (StdVideoAV1MESASegmentation) { +- .flags = (StdVideoAV1MESASegmentationFlags) { +- .enabled = frame_header->segmentation_enabled, +- .update_map = frame_header->segmentation_update_map, +- .temporal_update = frame_header->segmentation_temporal_update, +- .update_data = frame_header->segmentation_update_data, +- }, +- }, +- .film_grain = (StdVideoAV1MESAFilmGrainParameters) { +- .flags = (StdVideoAV1MESAFilmGrainFlags) { +- .apply_grain = apply_grain, +- .chroma_scaling_from_luma = film_grain->chroma_scaling_from_luma, +- .overlap_flag = film_grain->overlap_flag, +- .clip_to_restricted_range = film_grain->clip_to_restricted_range, +- }, +- .grain_scaling_minus_8 = film_grain->grain_scaling_minus_8, +- .ar_coeff_lag = film_grain->ar_coeff_lag, +- .ar_coeff_shift_minus_6 = film_grain->ar_coeff_shift_minus_6, +- .grain_scale_shift = film_grain->grain_scale_shift, +- .grain_seed = film_grain->grain_seed, +- .num_y_points = film_grain->num_y_points, +- .num_cb_points = film_grain->num_cb_points, +- .num_cr_points = film_grain->num_cr_points, +- .cb_mult = film_grain->cb_mult, +- .cb_luma_mult = film_grain->cb_luma_mult, +- .cb_offset = film_grain->cb_offset, +- .cr_mult = film_grain->cr_mult, +- .cr_luma_mult = film_grain->cr_luma_mult, +- .cr_offset = film_grain->cr_offset, +- }, ++ .TxMode = frame_header->tx_mode, ++ .delta_q_res = frame_header->delta_q_res, ++ .delta_lf_res = frame_header->delta_lf_res, ++ .SkipModeFrame[0] = s->cur_frame.skip_mode_frame_idx[0], ++ .SkipModeFrame[1] = s->cur_frame.skip_mode_frame_idx[1], ++ .coded_denom = frame_header->coded_denom, ++ .pTileInfo = &ap->tile_info, ++ .pQuantization = &ap->quantization, ++ .pSegmentation = &ap->segmentation, ++ .pLoopFilter = &ap->loop_filter, ++ .pCDEF = &ap->cdef, ++ .pLoopRestoration = &ap->loop_restoration, ++ .pGlobalMotion = &ap->global_motion, ++ .pFilmGrain = apply_grain ? &ap->film_grain : NULL, + }; + + for (int i = 0; i < 64; i++) { +- ap->av1_frame_header.tiling.width_in_sbs_minus_1[i] = frame_header->width_in_sbs_minus_1[i]; +- ap->av1_frame_header.tiling.height_in_sbs_minus_1[i] = frame_header->height_in_sbs_minus_1[i]; +- ap->av1_frame_header.tiling.tile_start_col_sb[i] = frame_header->tile_start_col_sb[i]; +- ap->av1_frame_header.tiling.tile_start_row_sb[i] = frame_header->tile_start_row_sb[i]; ++ ap->width_in_sbs_minus1[i] = frame_header->width_in_sbs_minus_1[i]; ++ ap->height_in_sbs_minus1[i] = frame_header->height_in_sbs_minus_1[i]; ++ ap->mi_col_starts[i] = frame_header->tile_start_col_sb[i]; ++ ap->mi_row_starts[i] = frame_header->tile_start_row_sb[i]; + } + +- for (int i = 0; i < 8; i++) { +- ap->av1_frame_header.segmentation.feature_enabled_bits[i] = 0; +- for (int j = 0; j < 8; j++) { +- ap->av1_frame_header.segmentation.feature_enabled_bits[i] |= (frame_header->feature_enabled[i][j] << j); +- ap->av1_frame_header.segmentation.feature_data[i][j] = frame_header->feature_value[i][j]; ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_SEGMENTS; i++) { ++ ap->segmentation.FeatureEnabled[i] = 0x0; ++ for (int j = 0; j < STD_VIDEO_AV1_SEG_LVL_MAX; j++) { ++ ap->segmentation.FeatureEnabled[i] |= (frame_header->feature_enabled[i][j] << j); ++ ap->segmentation.FeatureData[i][j] = frame_header->feature_value[i][j]; + } +- +- ap->av1_frame_header.loop_filter.ref_deltas[i] = frame_header->loop_filter_ref_deltas[i]; +- +- ap->av1_frame_header.cdef.y_pri_strength[i] = frame_header->cdef_y_pri_strength[i]; +- ap->av1_frame_header.cdef.y_sec_strength[i] = frame_header->cdef_y_sec_strength[i]; +- ap->av1_frame_header.cdef.uv_pri_strength[i] = frame_header->cdef_uv_pri_strength[i]; +- ap->av1_frame_header.cdef.uv_sec_strength[i] = frame_header->cdef_uv_sec_strength[i]; +- +- ap->av1_frame_header.ref_order_hint[i] = frame_header->ref_order_hint[i]; +- ap->av1_frame_header.global_motion[i] = (StdVideoAV1MESAGlobalMotion) { +- .flags = (StdVideoAV1MESAGlobalMotionFlags) { +- .gm_invalid = s->cur_frame.gm_invalid[i], +- }, +- .gm_type = s->cur_frame.gm_type[i], +- .gm_params = { +- s->cur_frame.gm_params[i][0], s->cur_frame.gm_params[i][1], +- s->cur_frame.gm_params[i][2], s->cur_frame.gm_params[i][3], +- s->cur_frame.gm_params[i][4], s->cur_frame.gm_params[i][5], +- }, +- }; + } + +- for (int i = 0; i < 7; i++) { +- ap->av1_frame_header.ref_frame_idx[i] = frame_header->ref_frame_idx[i]; +- ap->av1_frame_header.delta_frame_id_minus1[i] = frame_header->delta_frame_id_minus1[i]; ++ for (int i = 0; i < STD_VIDEO_AV1_TOTAL_REFS_PER_FRAME; i++) ++ ap->loop_filter.loop_filter_ref_deltas[i] = frame_header->loop_filter_ref_deltas[i]; ++ ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_CDEF_FILTER_STRENGTHS; i++) { ++ ap->cdef.cdef_y_pri_strength[i] = frame_header->cdef_y_pri_strength[i]; ++ ap->cdef.cdef_y_sec_strength[i] = frame_header->cdef_y_sec_strength[i]; ++ ap->cdef.cdef_uv_pri_strength[i] = frame_header->cdef_uv_pri_strength[i]; ++ ap->cdef.cdef_uv_sec_strength[i] = frame_header->cdef_uv_sec_strength[i]; + } + +- ap->av1_pic_info.skip_mode_frame_idx[0] = s->cur_frame.skip_mode_frame_idx[0]; +- ap->av1_pic_info.skip_mode_frame_idx[1] = s->cur_frame.skip_mode_frame_idx[1]; ++ for (int i = 0; i < STD_VIDEO_AV1_NUM_REF_FRAMES; i++) { ++ ap->std_pic_info.OrderHints[i] = frame_header->ref_order_hint[i]; ++ ap->global_motion.GmType[i] = s->cur_frame.gm_type[i]; ++ for (int j = 0; j < STD_VIDEO_AV1_GLOBAL_MOTION_PARAMS; j++) { ++ ap->global_motion.gm_params[i][j] = s->cur_frame.gm_params[i][j]; ++ } ++ } + + if (apply_grain) { +- for (int i = 0; i < 14; i++) { +- ap->av1_frame_header.film_grain.point_y_value[i] = film_grain->point_y_value[i]; +- ap->av1_frame_header.film_grain.point_y_scaling[i] = film_grain->point_y_scaling[i]; ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_NUM_Y_POINTS; i++) { ++ ap->film_grain.point_y_value[i] = film_grain->point_y_value[i]; ++ ap->film_grain.point_y_scaling[i] = film_grain->point_y_scaling[i]; + } + +- for (int i = 0; i < 10; i++) { +- ap->av1_frame_header.film_grain.point_cb_value[i] = film_grain->point_cb_value[i]; +- ap->av1_frame_header.film_grain.point_cb_scaling[i] = film_grain->point_cb_scaling[i]; +- ap->av1_frame_header.film_grain.point_cr_value[i] = film_grain->point_cr_value[i]; +- ap->av1_frame_header.film_grain.point_cr_scaling[i] = film_grain->point_cr_scaling[i]; ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_NUM_CB_POINTS; i++) { ++ ap->film_grain.point_cb_value[i] = film_grain->point_cb_value[i]; ++ ap->film_grain.point_cb_scaling[i] = film_grain->point_cb_scaling[i]; ++ ap->film_grain.point_cr_value[i] = film_grain->point_cr_value[i]; ++ ap->film_grain.point_cr_scaling[i] = film_grain->point_cr_scaling[i]; + } + +- for (int i = 0; i < 24; i++) { +- ap->av1_frame_header.film_grain.ar_coeffs_y_plus_128[i] = film_grain->ar_coeffs_y_plus_128[i]; +- ap->av1_frame_header.film_grain.ar_coeffs_cb_plus_128[i] = film_grain->ar_coeffs_cb_plus_128[i]; +- ap->av1_frame_header.film_grain.ar_coeffs_cr_plus_128[i] = film_grain->ar_coeffs_cr_plus_128[i]; +- } ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_NUM_POS_LUMA; i++) ++ ap->film_grain.ar_coeffs_y_plus_128[i] = film_grain->ar_coeffs_y_plus_128[i]; + +- ap->av1_frame_header.film_grain.ar_coeffs_cb_plus_128[24] = film_grain->ar_coeffs_cb_plus_128[24]; +- ap->av1_frame_header.film_grain.ar_coeffs_cr_plus_128[24] = film_grain->ar_coeffs_cr_plus_128[24]; ++ for (int i = 0; i < STD_VIDEO_AV1_MAX_NUM_POS_CHROMA; i++) { ++ ap->film_grain.ar_coeffs_cb_plus_128[i] = film_grain->ar_coeffs_cb_plus_128[i]; ++ ap->film_grain.ar_coeffs_cr_plus_128[i] = film_grain->ar_coeffs_cr_plus_128[i]; ++ } + } + +- /* Workaround for a spec issue. */ + ap->dec = dec; + + return 0; +@@ -484,25 +545,20 @@ static int vk_av1_decode_slice(AVCodecContext *avctx, + AV1VulkanDecodePicture *ap = s->cur_frame.hwaccel_picture_private; + FFVulkanDecodePicture *vp = &ap->vp; + ++ /* Too many tiles, exceeding all defined levels in the AV1 spec */ ++ if (ap->av1_pic_info.tileCount > MAX_TILES) ++ return AVERROR(ENOSYS); ++ + for (int i = s->tg_start; i <= s->tg_end; i++) { +- ap->tiles[ap->tile_list.nb_tiles] = (StdVideoAV1MESATile) { +- .size = s->tile_group_info[i].tile_size, +- .offset = s->tile_group_info[i].tile_offset, +- .row = s->tile_group_info[i].tile_row, +- .column = s->tile_group_info[i].tile_column, +- .tg_start = s->tg_start, +- .tg_end = s->tg_end, +- }; ++ ap->tile_sizes[ap->av1_pic_info.tileCount] = s->tile_group_info[i].tile_size; + + err = ff_vk_decode_add_slice(avctx, vp, + data + s->tile_group_info[i].tile_offset, + s->tile_group_info[i].tile_size, 0, +- &ap->tile_list.nb_tiles, +- &ap->tile_offsets); ++ &ap->av1_pic_info.tileCount, ++ &ap->av1_pic_info.pTileOffsets); + if (err < 0) + return err; +- +- ap->tiles[ap->tile_list.nb_tiles - 1].offset = ap->tile_offsets[ap->tile_list.nb_tiles - 1]; + } + + return 0; +@@ -518,7 +574,7 @@ static int vk_av1_end_frame(AVCodecContext *avctx) + FFVulkanDecodePicture *rvp[AV1_NUM_REF_FRAMES] = { 0 }; + AVFrame *rav[AV1_NUM_REF_FRAMES] = { 0 }; + +- if (!ap->tile_list.nb_tiles) ++ if (!ap->av1_pic_info.tileCount) + return 0; + + if (!dec->session_params) { +@@ -536,7 +592,7 @@ static int vk_av1_end_frame(AVCodecContext *avctx) + } + + av_log(avctx, AV_LOG_VERBOSE, "Decoding frame, %"SIZE_SPECIFIER" bytes, %i tiles\n", +- vp->slices_size, ap->tile_list.nb_tiles); ++ vp->slices_size, ap->av1_pic_info.tileCount); + + return ff_vk_decode_frame(avctx, pic->f, vp, rav, rvp); + } +@@ -580,8 +636,6 @@ const FFHWAccel ff_av1_vulkan_hwaccel = { + * flexibility, this index cannot be present anywhere. + * The current implementation tracks the index for the driver and submits it + * as necessary information. Due to needing to modify the decoding context, +- * which is not thread-safe, on frame free, threading is disabled. +- * In the future, once this is fixed in the spec, the workarounds may be removed +- * and threading enabled. */ ++ * which is not thread-safe, on frame free, threading is disabled. */ + .caps_internal = HWACCEL_CAP_ASYNC_SAFE, + }; +diff --git a/libavcodec/vulkan_decode.c b/libavcodec/vulkan_decode.c +index 91929d165f..4561f26b62 100644 +--- a/libavcodec/vulkan_decode.c ++++ b/libavcodec/vulkan_decode.c +@@ -61,7 +61,7 @@ static const VkVideoProfileInfoKHR *get_video_profile(FFVulkanDecodeShared *ctx, + VkStructureType profile_struct_type = + codec_id == AV_CODEC_ID_H264 ? VK_STRUCTURE_TYPE_VIDEO_DECODE_H264_PROFILE_INFO_KHR : + codec_id == AV_CODEC_ID_HEVC ? VK_STRUCTURE_TYPE_VIDEO_DECODE_H265_PROFILE_INFO_KHR : +- codec_id == AV_CODEC_ID_AV1 ? VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PROFILE_INFO_MESA : ++ codec_id == AV_CODEC_ID_AV1 ? VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PROFILE_INFO_KHR : + 0; + + profile_list = ff_vk_find_struct(ctx->s.hwfc->create_pnext, +@@ -674,7 +674,7 @@ static VkResult vulkan_setup_profile(AVCodecContext *avctx, + const struct FFVkCodecMap *vk_codec, + VkVideoDecodeH264CapabilitiesKHR *h264_caps, + VkVideoDecodeH265CapabilitiesKHR *h265_caps, +- VkVideoDecodeAV1CapabilitiesMESA *av1_caps, ++ VkVideoDecodeAV1CapabilitiesKHR *av1_caps, + VkVideoCapabilitiesKHR *caps, + VkVideoDecodeCapabilitiesKHR *dec_caps, + int cur_profile) +@@ -685,7 +685,7 @@ static VkResult vulkan_setup_profile(AVCodecContext *avctx, + + VkVideoDecodeH264ProfileInfoKHR *h264_profile = &prof->h264_profile; + VkVideoDecodeH265ProfileInfoKHR *h265_profile = &prof->h265_profile; +- VkVideoDecodeAV1ProfileInfoMESA *av1_profile = &prof->av1_profile; ++ VkVideoDecodeAV1ProfileInfoKHR *av1_profile = &prof->av1_profile; + + const AVPixFmtDescriptor *desc = av_pix_fmt_desc_get(avctx->sw_pix_fmt); + if (!desc) +@@ -713,8 +713,9 @@ static VkResult vulkan_setup_profile(AVCodecContext *avctx, + } else if (avctx->codec_id == AV_CODEC_ID_AV1) { + dec_caps->pNext = av1_caps; + usage->pNext = av1_profile; +- av1_profile->sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PROFILE_INFO_MESA; +- av1_profile->stdProfileIdc = cur_profile; ++ av1_profile->sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PROFILE_INFO_KHR; ++ av1_profile->stdProfile = cur_profile; ++ av1_profile->filmGrainSupport = !(avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN); + } + + usage->sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_USAGE_INFO_KHR; +@@ -769,8 +770,8 @@ static int vulkan_decode_get_profile(AVCodecContext *avctx, AVBufferRef *frames_ + VkVideoDecodeH265CapabilitiesKHR h265_caps = { + .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_H265_CAPABILITIES_KHR, + }; +- VkVideoDecodeAV1CapabilitiesMESA av1_caps = { +- .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_CAPABILITIES_MESA, ++ VkVideoDecodeAV1CapabilitiesKHR av1_caps = { ++ .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_CAPABILITIES_KHR, + }; + + VkPhysicalDeviceVideoFormatInfoKHR fmt_info = { +@@ -789,7 +790,7 @@ static int vulkan_decode_get_profile(AVCodecContext *avctx, AVBufferRef *frames_ + cur_profile = avctx->profile; + base_profile = avctx->codec_id == AV_CODEC_ID_H264 ? AV_PROFILE_H264_CONSTRAINED_BASELINE : + avctx->codec_id == AV_CODEC_ID_H265 ? AV_PROFILE_HEVC_MAIN : +- avctx->codec_id == AV_CODEC_ID_AV1 ? STD_VIDEO_AV1_MESA_PROFILE_MAIN : ++ avctx->codec_id == AV_CODEC_ID_AV1 ? STD_VIDEO_AV1_PROFILE_MAIN : + 0; + + ret = vulkan_setup_profile(avctx, prof, hwctx, vk, vk_codec, +@@ -837,7 +838,7 @@ static int vulkan_decode_get_profile(AVCodecContext *avctx, AVBufferRef *frames_ + + max_level = avctx->codec_id == AV_CODEC_ID_H264 ? ff_vk_h264_level_to_av(h264_caps.maxLevelIdc) : + avctx->codec_id == AV_CODEC_ID_H265 ? ff_vk_h265_level_to_av(h265_caps.maxLevelIdc) : +- avctx->codec_id == AV_CODEC_ID_AV1 ? av1_caps.maxLevelIdc : ++ avctx->codec_id == AV_CODEC_ID_AV1 ? av1_caps.maxLevel : + 0; + + av_log(avctx, AV_LOG_VERBOSE, "Decoder capabilities for %s profile \"%s\":\n", +@@ -908,17 +909,11 @@ static int vulkan_decode_get_profile(AVCodecContext *avctx, AVBufferRef *frames_ + "VK_VIDEO_DECODE_CAPABILITY_DPB_AND_OUTPUT_COINCIDE_BIT_KHR set " + "but VK_VIDEO_CAPABILITY_SEPARATE_REFERENCE_IMAGES_BIT_KHR is unset!\n"); + return AVERROR_EXTERNAL; +- } else if (!(dec_caps->flags & VK_VIDEO_DECODE_CAPABILITY_DPB_AND_OUTPUT_DISTINCT_BIT_KHR) && +- avctx->codec_id == AV_CODEC_ID_AV1) { +- av_log(avctx, AV_LOG_ERROR, "Cannot initialize Vulkan decoding session, buggy driver: " +- "codec is AV1, but VK_VIDEO_DECODE_CAPABILITY_DPB_AND_OUTPUT_DISTINCT_BIT_KHR isn't set!\n"); +- return AVERROR_EXTERNAL; + } + + /* TODO: make dedicated_dpb tunable */ + dec->dedicated_dpb = !(dec_caps->flags & VK_VIDEO_DECODE_CAPABILITY_DPB_AND_OUTPUT_COINCIDE_BIT_KHR); + dec->layered_dpb = !(caps->flags & VK_VIDEO_CAPABILITY_SEPARATE_REFERENCE_IMAGES_BIT_KHR); +- dec->external_fg = av1_caps.flags & VK_VIDEO_DECODE_AV1_CAPABILITY_EXTERNAL_FILM_GRAIN_MESA; + + if (dec->dedicated_dpb) { + fmt_info.imageUsage = VK_IMAGE_USAGE_VIDEO_DECODE_DPB_BIT_KHR; +@@ -1126,8 +1121,10 @@ int ff_vk_decode_init(AVCodecContext *avctx) + VkVideoDecodeH265SessionParametersCreateInfoKHR h265_params = { + .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_H265_SESSION_PARAMETERS_CREATE_INFO_KHR, + }; +- VkVideoDecodeAV1SessionParametersCreateInfoMESA av1_params = { +- .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_CREATE_INFO_MESA, ++ StdVideoAV1SequenceHeader av1_empty_seq = { 0 }; ++ VkVideoDecodeAV1SessionParametersCreateInfoKHR av1_params = { ++ .sType = VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_CREATE_INFO_KHR, ++ .pStdSequenceHeader = &av1_empty_seq, + }; + VkVideoSessionParametersCreateInfoKHR session_params_create = { + .sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR, +diff --git a/libavcodec/vulkan_decode.h b/libavcodec/vulkan_decode.h +index a43e328d73..7ba8b239cb 100644 +--- a/libavcodec/vulkan_decode.h ++++ b/libavcodec/vulkan_decode.h +@@ -37,7 +37,7 @@ typedef struct FFVulkanDecodeDescriptor { + typedef struct FFVulkanDecodeProfileData { + VkVideoDecodeH264ProfileInfoKHR h264_profile; + VkVideoDecodeH265ProfileInfoKHR h265_profile; +- VkVideoDecodeAV1ProfileInfoMESA av1_profile; ++ VkVideoDecodeAV1ProfileInfoKHR av1_profile; + VkVideoDecodeUsageInfoKHR usage; + VkVideoProfileInfoKHR profile; + VkVideoProfileListInfoKHR profile_list; +diff --git a/libavcodec/vulkan_video.h b/libavcodec/vulkan_video.h +index bb69e920bb..01a1de7d9d 100644 +--- a/libavcodec/vulkan_video.h ++++ b/libavcodec/vulkan_video.h +@@ -22,8 +22,6 @@ + #include "vulkan.h" + + #include <vk_video/vulkan_video_codecs_common.h> +-#include "vulkan_video_codec_av1std.h" +-#include "vulkan_video_codec_av1std_decode.h" + + #define CODEC_VER_MAJ(ver) (ver >> 22) + #define CODEC_VER_MIN(ver) ((ver >> 12) & ((1 << 10) - 1)) +diff --git a/libavcodec/vulkan_video_codec_av1std_decode.h b/libavcodec/vulkan_video_codec_av1std_decode.h +deleted file mode 100644 +index e2f37b4e6e..0000000000 +--- a/libavcodec/vulkan_video_codec_av1std_decode.h ++++ /dev/null +@@ -1,36 +0,0 @@ +-/* Copyright 2023 Lynne +- * Copyright 2023 Dave Airlie +- * +- * Licensed under the Apache License, Version 2.0 (the "License"); +- * you may not use this file except in compliance with the License. +- * You may obtain a copy of the License at +- * +- * http://www.apache.org/licenses/LICENSE-2.0 +- * +- * Unless required by applicable law or agreed to in writing, software +- * distributed under the License is distributed on an "AS IS" BASIS, +- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +- * See the License for the specific language governing permissions and +- * limitations under the License. +- */ +- +-#ifndef VULKAN_VIDEO_CODEC_AV1STD_DECODE_H_ +-#define VULKAN_VIDEO_CODEC_AV1STD_DECODE_H_ 1 +- +-/* +-** This header is NOT YET generated from the Khronos Vulkan XML API Registry. +-** +-*/ +- +-#ifdef __cplusplus +-extern "C" { +-#endif +-#define vulkan_video_codec_av1std_decode 1 +- +- +- +-#ifdef __cplusplus +-} +-#endif +- +-#endif +diff --git a/libavcodec/vulkan_video_codec_av1std.h b/libavcodec/vulkan_video_codec_av1std.h +deleted file mode 100644 +index c91589eee2..0000000000 +--- a/libavcodec/vulkan_video_codec_av1std.h ++++ /dev/null +@@ -1,403 +0,0 @@ +-/* Copyright 2023 Lynne +- * Copyright 2023 Dave Airlie +- * +- * Licensed under the Apache License, Version 2.0 (the "License"); +- * you may not use this file except in compliance with the License. +- * You may obtain a copy of the License at +- * +- * http://www.apache.org/licenses/LICENSE-2.0 +- * +- * Unless required by applicable law or agreed to in writing, software +- * distributed under the License is distributed on an "AS IS" BASIS, +- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +- * See the License for the specific language governing permissions and +- * limitations under the License. +- */ +- +-#ifndef VULKAN_VIDEO_CODEC_AV1STD_H_ +-#define VULKAN_VIDEO_CODEC_AV1STD_H_ 1 +- +-/* +-** This header is NOT YET generated from the Khronos Vulkan XML API Registry. +-** +-*/ +- +-#ifdef __cplusplus +-extern "C" { +-#endif +-#define vulkan_video_codec_av1std 1 +- +-#define VK_MAKE_VIDEO_STD_VERSION(major, minor, patch) \ +- ((((uint32_t)(major)) << 22) | (((uint32_t)(minor)) << 12) | ((uint32_t)(patch))) +-#define VK_STD_VULKAN_VIDEO_CODEC_AV1_DECODE_API_VERSION_0_1_0 VK_MAKE_VIDEO_STD_VERSION(0, 1, 0) +-#define VK_STD_VULKAN_VIDEO_CODEC_AV1_DECODE_SPEC_VERSION VK_STD_VULKAN_VIDEO_CODEC_AV1_DECODE_API_VERSION_0_1_0 +-#define VK_STD_VULKAN_VIDEO_CODEC_AV1_DECODE_EXTENSION_NAME "VK_STD_vulkan_video_codec_av1_decode" +- +-typedef enum StdVideoAV1MESAProfile { +- STD_VIDEO_AV1_MESA_PROFILE_MAIN = 0, +- STD_VIDEO_AV1_MESA_PROFILE_HIGH = 1, +- STD_VIDEO_AV1_MESA_PROFILE_PROFESSIONAL = 2, +-} StdVideoAV1MESAProfile; +- +-typedef enum StdVideoAV1MESALevel { +- STD_VIDEO_AV1_MESA_LEVEL_2_0 = 0, +- STD_VIDEO_AV1_MESA_LEVEL_2_1 = 1, +- STD_VIDEO_AV1_MESA_LEVEL_2_2 = 2, +- STD_VIDEO_AV1_MESA_LEVEL_2_3 = 3, +- STD_VIDEO_AV1_MESA_LEVEL_3_0 = 4, +- STD_VIDEO_AV1_MESA_LEVEL_3_1 = 5, +- STD_VIDEO_AV1_MESA_LEVEL_3_2 = 6, +- STD_VIDEO_AV1_MESA_LEVEL_3_3 = 7, +- STD_VIDEO_AV1_MESA_LEVEL_4_0 = 8, +- STD_VIDEO_AV1_MESA_LEVEL_4_1 = 9, +- STD_VIDEO_AV1_MESA_LEVEL_4_2 = 10, +- STD_VIDEO_AV1_MESA_LEVEL_4_3 = 11, +- STD_VIDEO_AV1_MESA_LEVEL_5_0 = 12, +- STD_VIDEO_AV1_MESA_LEVEL_5_1 = 13, +- STD_VIDEO_AV1_MESA_LEVEL_5_2 = 14, +- STD_VIDEO_AV1_MESA_LEVEL_5_3 = 15, +- STD_VIDEO_AV1_MESA_LEVEL_6_0 = 16, +- STD_VIDEO_AV1_MESA_LEVEL_6_1 = 17, +- STD_VIDEO_AV1_MESA_LEVEL_6_2 = 18, +- STD_VIDEO_AV1_MESA_LEVEL_6_3 = 19, +- STD_VIDEO_AV1_MESA_LEVEL_7_0 = 20, +- STD_VIDEO_AV1_MESA_LEVEL_7_1 = 21, +- STD_VIDEO_AV1_MESA_LEVEL_7_2 = 22, +- STD_VIDEO_AV1_MESA_LEVEL_7_3 = 23, +- STD_VIDEO_AV1_MESA_LEVEL_MAX = 31, +-} StdVideoAV1MESALevel; +- +-typedef struct StdVideoAV1MESAFilmGrainFlags { +- uint8_t apply_grain; +- uint8_t chroma_scaling_from_luma; +- uint8_t overlap_flag; +- uint8_t clip_to_restricted_range; +-} StdVideoAV1MESAFilmGrainFlags; +- +-typedef struct StdVideoAV1MESAFilmGrainParameters { +- StdVideoAV1MESAFilmGrainFlags flags; +- uint32_t grain_scaling_minus_8; +- uint32_t ar_coeff_lag; +- uint32_t ar_coeff_shift_minus_6; +- uint32_t grain_scale_shift; +- +- uint16_t grain_seed; +- uint8_t num_y_points; +- uint8_t point_y_value[14]; +- uint8_t point_y_scaling[14]; +- +- uint8_t num_cb_points; +- uint8_t point_cb_value[10]; +- uint8_t point_cb_scaling[10]; +- +- uint8_t num_cr_points; +- uint8_t point_cr_value[10]; +- uint8_t point_cr_scaling[10]; +- +- int8_t ar_coeffs_y_plus_128[24]; +- int8_t ar_coeffs_cb_plus_128[25]; +- int8_t ar_coeffs_cr_plus_128[25]; +- uint8_t cb_mult; +- uint8_t cb_luma_mult; +- uint16_t cb_offset; +- uint8_t cr_mult; +- uint8_t cr_luma_mult; +- uint16_t cr_offset; +-} StdVideoAV1MESAFilmGrainParameters; +- +-typedef struct StdVideoAV1MESAGlobalMotionFlags { +- uint8_t gm_invalid; +-} StdVideoAV1MESAGlobalMotionFlags; +- +-typedef struct StdVideoAV1MESAGlobalMotion { +- StdVideoAV1MESAGlobalMotionFlags flags; +- uint8_t gm_type; +- uint32_t gm_params[6]; +-} StdVideoAV1MESAGlobalMotion; +- +-typedef struct StdVideoAV1MESALoopRestoration { +- uint8_t lr_type[3]; +- uint8_t lr_unit_shift; +- uint8_t lr_uv_shift; +-} StdVideoAV1MESALoopRestoration; +- +-typedef struct StdVideoAV1MESATileInfoFlags { +- uint8_t uniform_tile_spacing_flag; +-} StdVideoAV1MESATileInfoFlags; +- +-typedef struct StdVideoAV1MESATileInfo { +- StdVideoAV1MESATileInfoFlags flags; +- uint8_t tile_cols; +- uint8_t tile_rows; +- uint8_t tile_start_col_sb[64]; +- uint8_t tile_start_row_sb[64]; +- uint8_t width_in_sbs_minus_1[64]; +- uint8_t height_in_sbs_minus_1[64]; +- uint16_t context_update_tile_id; +- uint8_t tile_size_bytes_minus1; +-} StdVideoAV1MESATileInfo; +- +-typedef struct StdVideoAV1MESAQuantizationFlags { +- uint8_t using_qmatrix; +-} StdVideoAV1MESAQuantizationFlags; +- +-typedef struct StdVideoAV1MESAQuantization { +- StdVideoAV1MESAQuantizationFlags flags; +- uint8_t base_q_idx; +- int8_t delta_q_y_dc; +- uint8_t diff_uv_delta; +- int8_t delta_q_u_dc; +- int8_t delta_q_u_ac; +- int8_t delta_q_v_dc; +- int8_t delta_q_v_ac; +- uint8_t qm_y; +- uint8_t qm_u; +- uint8_t qm_v; +-} StdVideoAV1MESAQuantization; +- +-typedef struct StdVideoAV1MESACDEF { +- uint8_t damping_minus_3; +- uint8_t bits; +- uint8_t y_pri_strength[8]; +- uint8_t y_sec_strength[8]; +- uint8_t uv_pri_strength[8]; +- uint8_t uv_sec_strength[8]; +-} StdVideoAV1MESACDEF; +- +-typedef struct StdVideoAV1MESADeltaQFlags { +- uint8_t delta_lf_present; +- uint8_t delta_lf_multi; +-} StdVideoAV1MESADeltaQFlags; +- +-typedef struct StdVideoAV1MESADeltaQ { +- StdVideoAV1MESADeltaQFlags flags; +- uint8_t delta_q_res; +- uint8_t delta_lf_res; +-} StdVideoAV1MESADeltaQ; +- +-typedef struct StdVideoAV1MESASegmentationFlags { +- uint8_t enabled; +- uint8_t update_map; +- uint8_t temporal_update; +- uint8_t update_data; +-} StdVideoAV1MESASegmentationFlags; +- +-typedef struct StdVideoAV1MESASegmentation { +- StdVideoAV1MESASegmentationFlags flags; +- uint8_t feature_enabled_bits[8]; +- int16_t feature_data[8][8]; +-} StdVideoAV1MESASegmentation; +- +-typedef struct StdVideoAV1MESALoopFilterFlags { +- uint8_t delta_enabled; +- uint8_t delta_update; +-} StdVideoAV1MESALoopFilterFlags; +- +-typedef struct StdVideoAV1MESALoopFilter { +- StdVideoAV1MESALoopFilterFlags flags; +- uint8_t level[4]; +- uint8_t sharpness; +- int8_t ref_deltas[8]; +- int8_t mode_deltas[2]; +-} StdVideoAV1MESALoopFilter; +- +-typedef struct StdVideoAV1MESAFrameHeaderFlags { +- uint8_t error_resilient_mode; +- uint8_t disable_cdf_update; +- uint8_t use_superres; +- uint8_t render_and_frame_size_different; +- uint8_t allow_screen_content_tools; +- uint8_t is_filter_switchable; +- uint8_t force_integer_mv; +- uint8_t frame_size_override_flag; +- uint8_t buffer_removal_time_present_flag; +- uint8_t allow_intrabc; +- uint8_t frame_refs_short_signaling; +- uint8_t allow_high_precision_mv; +- uint8_t is_motion_mode_switchable; +- uint8_t use_ref_frame_mvs; +- uint8_t disable_frame_end_update_cdf; +- uint8_t allow_warped_motion; +- uint8_t reduced_tx_set; +- uint8_t reference_select; +- uint8_t skip_mode_present; +- uint8_t delta_q_present; +- uint8_t UsesLr; +-} StdVideoAV1MESAFrameHeaderFlags; +- +-typedef struct StdVideoAV1MESAFrameHeader { +- StdVideoAV1MESAFrameHeaderFlags flags; +- +- uint32_t frame_presentation_time; +- uint32_t display_frame_id; +- uint32_t current_frame_id; +- uint8_t frame_to_show_map_idx; +- uint8_t frame_type; +- uint8_t order_hint; +- uint8_t primary_ref_frame; +- uint16_t frame_width_minus_1; +- uint16_t frame_height_minus_1; +- uint16_t render_width_minus_1; +- uint16_t render_height_minus_1; +- uint8_t coded_denom; +- +- uint8_t refresh_frame_flags; +- uint8_t ref_order_hint[8]; +- int8_t ref_frame_idx[7]; +- uint32_t delta_frame_id_minus1[7]; +- +- uint8_t interpolation_filter; +- uint8_t tx_mode; +- +- StdVideoAV1MESATileInfo tiling; +- StdVideoAV1MESAQuantization quantization; +- StdVideoAV1MESASegmentation segmentation; +- StdVideoAV1MESADeltaQ delta_q; +- StdVideoAV1MESALoopFilter loop_filter; +- StdVideoAV1MESACDEF cdef; +- StdVideoAV1MESALoopRestoration lr; +- StdVideoAV1MESAGlobalMotion global_motion[8]; // One per ref frame +- StdVideoAV1MESAFilmGrainParameters film_grain; +-} StdVideoAV1MESAFrameHeader; +- +-typedef struct StdVideoAV1MESAScreenCoding { +- uint8_t seq_force_screen_content_tools; +-} StdVideoAV1MESAScreenCoding; +- +-typedef struct StdVideoAV1MESATimingInfoFlags { +- uint8_t equal_picture_interval; +-} StdVideoAV1MESATimingInfoFlags; +- +-typedef struct StdVideoAV1MESATimingInfo { +- StdVideoAV1MESATimingInfoFlags flags; +- uint32_t num_units_in_display_tick; +- uint32_t time_scale; +- uint32_t num_ticks_per_picture_minus_1; +-} StdVideoAV1MESATimingInfo; +- +-typedef struct StdVideoAV1MESAColorConfigFlags { +- uint8_t mono_chrome; +- uint8_t color_range; +- uint8_t separate_uv_delta_q; +-} StdVideoAV1MESAColorConfigFlags; +- +-typedef struct StdVideoAV1MESAColorConfig { +- StdVideoAV1MESAColorConfigFlags flags; +- uint8_t bit_depth; +- uint8_t subsampling_x; +- uint8_t subsampling_y; +-} StdVideoAV1MESAColorConfig; +- +-typedef struct StdVideoAV1MESASequenceHeaderFlags { +- uint8_t still_picture; +- uint8_t reduced_still_picture_header; +- uint8_t use_128x128_superblock; +- uint8_t enable_filter_intra; +- uint8_t enable_intra_edge_filter; +- uint8_t enable_interintra_compound; +- uint8_t enable_masked_compound; +- uint8_t enable_warped_motion; +- uint8_t enable_dual_filter; +- uint8_t enable_order_hint; +- uint8_t enable_jnt_comp; +- uint8_t enable_ref_frame_mvs; +- uint8_t frame_id_numbers_present_flag; +- uint8_t enable_superres; +- uint8_t enable_cdef; +- uint8_t enable_restoration; +- uint8_t film_grain_params_present; +- uint8_t timing_info_present_flag; +- uint8_t initial_display_delay_present_flag; +-} StdVideoAV1MESASequenceHeaderFlags; +- +-typedef struct StdVideoAV1MESASequenceHeader { +- StdVideoAV1MESASequenceHeaderFlags flags; +- +- StdVideoAV1MESAProfile seq_profile; +- uint8_t frame_width_bits_minus_1; +- uint8_t frame_height_bits_minus_1; +- uint16_t max_frame_width_minus_1; +- uint16_t max_frame_height_minus_1; +- uint8_t delta_frame_id_length_minus_2; +- uint8_t additional_frame_id_length_minus_1; +- uint8_t order_hint_bits_minus_1; +- uint8_t seq_choose_integer_mv; +- uint8_t seq_force_integer_mv; +- +- StdVideoAV1MESATimingInfo timing_info; +- StdVideoAV1MESAColorConfig color_config; +-} StdVideoAV1MESASequenceHeader; +- +-typedef struct StdVideoAV1MESATile { +- uint16_t tg_start; +- uint16_t tg_end; +- uint16_t row; +- uint16_t column; +- uint32_t size; +- uint32_t offset; +-} StdVideoAV1MESATile; +- +-typedef struct StdVideoAV1MESATileList { +- StdVideoAV1MESATile *tile_list; +- uint32_t nb_tiles; +-} StdVideoAV1MESATileList; +- +-typedef struct VkVideoDecodeAV1PictureInfoMESA { +- VkStructureType sType; +- const void *pNext; +- StdVideoAV1MESAFrameHeader *frame_header; +- StdVideoAV1MESATileList *tile_list; +- uint8_t skip_mode_frame_idx[2]; +-} VkVideoDecodeAV1PictureInfoMESA; +- +-typedef struct VkVideoDecodeAV1DpbSlotInfoMESA { +- VkStructureType sType; +- const void *pNext; +- uint8_t frameIdx; +- uint8_t ref_order_hint[7]; +- uint8_t disable_frame_end_update_cdf; +-} VkVideoDecodeAV1DpbSlotInfoMESA; +- +-typedef struct VkVideoDecodeAV1SessionParametersAddInfoMESA { +- VkStructureType sType; +- const void *pNext; +- StdVideoAV1MESASequenceHeader *sequence_header; +-} VkVideoDecodeAV1SessionParametersAddInfoMESA; +- +-typedef struct VkVideoDecodeAV1SessionParametersCreateInfoMESA { +- VkStructureType sType; +- const void *pNext; +- const VkVideoDecodeAV1SessionParametersAddInfoMESA *pParametersAddInfo; +-} VkVideoDecodeAV1SessionParametersCreateInfoMESA; +- +-typedef struct VkVideoDecodeAV1ProfileInfoMESA { +- VkStructureType sType; +- const void *pNext; +- StdVideoAV1MESAProfile stdProfileIdc; +-} VkVideoDecodeAV1ProfileInfoMESA; +- +-typedef enum VkVideoDecodeAV1CapabilityFlagBitsMESA { +- VK_VIDEO_DECODE_AV1_CAPABILITY_EXTERNAL_FILM_GRAIN_MESA = 0x00000001, +- VK_VIDEO_DECODE_AV1_CAPABILITY_FLAG_BITS_MAX_ENUM_MESA = 0x7FFFFFFF +-} VkVideoDecodeAV1CapabilityFlagBitsMESA; +-typedef VkFlags VkVideoDecodeAV1CapabilityFlagsMESA; +- +-typedef struct VkVideoDecodeAV1CapabilitiesMESA { +- VkStructureType sType; +- const void *pNext; +- VkVideoDecodeAV1CapabilityFlagsMESA flags; +- StdVideoAV1MESALevel maxLevelIdc; +-} VkVideoDecodeAV1CapabilitiesMESA; +- +-#define VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PICTURE_INFO_MESA 1000509000 +-#define VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_CREATE_INFO_MESA 1000509001 +-#define VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_SESSION_PARAMETERS_ADD_INFO_MESA 1000509002 +-#define VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_DPB_SLOT_INFO_MESA 1000509003 +-#define VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_CAPABILITIES_MESA 1000509004 +-#define VK_STRUCTURE_TYPE_VIDEO_DECODE_AV1_PROFILE_INFO_MESA 1000509005 +- +-#ifdef __cplusplus +-} +-#endif +- +-#endif +diff --git a/libavutil/hwcontext_vulkan.c b/libavutil/hwcontext_vulkan.c +index 91b9f96ccf..6e3b96b73a 100644 +--- a/libavutil/hwcontext_vulkan.c ++++ b/libavutil/hwcontext_vulkan.c +@@ -446,7 +446,7 @@ static const VulkanOptExtension optional_device_exts[] = { + { VK_KHR_VIDEO_DECODE_QUEUE_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_QUEUE }, + { VK_KHR_VIDEO_DECODE_H264_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_H264 }, + { VK_KHR_VIDEO_DECODE_H265_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_H265 }, +- { "VK_MESA_video_decode_av1", FF_VK_EXT_VIDEO_DECODE_AV1 }, ++ { VK_KHR_VIDEO_DECODE_AV1_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_AV1 }, + }; + + static VkBool32 VKAPI_CALL vk_dbg_callback(VkDebugUtilsMessageSeverityFlagBitsEXT severity, +diff --git a/libavutil/vulkan_functions.h b/libavutil/vulkan_functions.h +index 65021b04b1..6b379acf93 100644 +--- a/libavutil/vulkan_functions.h ++++ b/libavutil/vulkan_functions.h +@@ -43,7 +43,7 @@ typedef enum FFVulkanExtensions { + FF_VK_EXT_VIDEO_DECODE_QUEUE = 1ULL << 11, /* VK_KHR_video_decode_queue */ + FF_VK_EXT_VIDEO_DECODE_H264 = 1ULL << 12, /* VK_EXT_video_decode_h264 */ + FF_VK_EXT_VIDEO_DECODE_H265 = 1ULL << 13, /* VK_EXT_video_decode_h265 */ +- FF_VK_EXT_VIDEO_DECODE_AV1 = 1ULL << 14, /* VK_MESA_video_decode_av1 */ ++ FF_VK_EXT_VIDEO_DECODE_AV1 = 1ULL << 14, /* VK_KHR_video_decode_av1 */ + FF_VK_EXT_ATOMIC_FLOAT = 1ULL << 15, /* VK_EXT_shader_atomic_float */ + FF_VK_EXT_COOP_MATRIX = 1ULL << 16, /* VK_KHR_cooperative_matrix */ + +diff --git a/libavutil/vulkan_loader.h b/libavutil/vulkan_loader.h +index f9e739e1e3..73cf03935d 100644 +--- a/libavutil/vulkan_loader.h ++++ b/libavutil/vulkan_loader.h +@@ -58,7 +58,7 @@ static inline uint64_t ff_vk_extensions_to_mask(const char * const *extensions, + { VK_KHR_VIDEO_DECODE_QUEUE_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_QUEUE }, + { VK_KHR_VIDEO_DECODE_H264_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_H264 }, + { VK_KHR_VIDEO_DECODE_H265_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_H265 }, +- { "VK_MESA_video_decode_av1", FF_VK_EXT_VIDEO_DECODE_AV1 }, ++ { VK_KHR_VIDEO_DECODE_AV1_EXTENSION_NAME, FF_VK_EXT_VIDEO_DECODE_AV1 }, + }; + + FFVulkanExtensions mask = 0x0; +diff --git a/libavcodec/vulkan_video.c b/libavcodec/vulkan_video.c +--- ffmpeg-6.1.1.orig/libavcodec/vulkan_video.c ++++ ffmpeg-6.1.1/libavcodec/vulkan_video.c +@@ -37,7 +37,7 @@ const FFVkCodecMap ff_vk_codec_map[AV_CO + 0, + 0, + FF_VK_EXT_VIDEO_DECODE_AV1, +- 0x01000000 /* TODO fix this */ ++ VK_VIDEO_CODEC_OPERATION_DECODE_AV1_BIT_KHR + }, + }; + +-- +2.25.1 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_fix_gcc14.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_fix_gcc14.patch new file mode 100644 index 0000000000..960d34943e --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_fix_gcc14.patch @@ -0,0 +1,102 @@ +From 2f24f10d9cf34ddce274496c4daa73f732d370c1 Mon Sep 17 00:00:00 2001 +From: Sam James <sam@gentoo.org> +Date: Wed, 20 Dec 2023 12:32:43 +0000 +Subject: [PATCH] libavcodec: fix -Wint-conversion in vulkan +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +FIx warnings (soon to be errors in GCC 14, already so in Clang 15): +``` +src/libavcodec/vulkan_av1.c: In function ‘vk_av1_create_params’: +src/libavcodec/vulkan_av1.c:183:43: error: initialization of ‘long long unsigned int’ from ‘void *’ makes integer from pointer without a cast [-Wint-conversion] + 183 | .videoSessionParametersTemplate = NULL, + | ^~~~ +src/libavcodec/vulkan_av1.c:183:43: note: (near initialization for ‘(anonymous).videoSessionParametersTemplate’) +``` + +Use Vulkan's VK_NULL_HANDLE instead of bare NULL. + +Fix Trac ticket #10724. + +Was reported downstream in Gentoo at https://bugs.gentoo.org/919067. + +Signed-off-by: Sam James <sam@gentoo.org> +Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/2f24f10d9cf34ddce274496c4daa73f732d370c1] +--- + libavcodec/vulkan_av1.c | 2 +- + libavcodec/vulkan_decode.c | 6 +++--- + libavcodec/vulkan_h264.c | 2 +- + libavcodec/vulkan_hevc.c | 2 +- + libavcodec/vulkan_video.c | 2 +- + 5 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/libavcodec/vulkan_av1.c b/libavcodec/vulkan_av1.c +index 4998bf7ebc55f..9730e4b08dd40 100644 +--- a/libavcodec/vulkan_av1.c ++++ b/libavcodec/vulkan_av1.c +@@ -180,7 +180,7 @@ static int vk_av1_create_params(AVCodecContext *avctx, AVBufferRef **buf) + .sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR, + .pNext = &av1_params, + .videoSession = ctx->common.session, +- .videoSessionParametersTemplate = NULL, ++ .videoSessionParametersTemplate = VK_NULL_HANDLE, + }; + + err = ff_vk_decode_create_params(buf, avctx, ctx, &session_params_create); +diff --git a/libavcodec/vulkan_decode.c b/libavcodec/vulkan_decode.c +index a89d84fcaa972..fdbcbb450a1e0 100644 +--- a/libavcodec/vulkan_decode.c ++++ b/libavcodec/vulkan_decode.c +@@ -188,9 +188,9 @@ int ff_vk_decode_prepare_frame(FFVulkanDecodeContext *dec, AVFrame *pic, + return 0; + + vkpic->dpb_frame = NULL; +- vkpic->img_view_ref = NULL; +- vkpic->img_view_out = NULL; +- vkpic->img_view_dest = NULL; ++ vkpic->img_view_ref = VK_NULL_HANDLE; ++ vkpic->img_view_out = VK_NULL_HANDLE; ++ vkpic->img_view_dest = VK_NULL_HANDLE; + + vkpic->destroy_image_view = vk->DestroyImageView; + vkpic->wait_semaphores = vk->WaitSemaphores; +diff --git a/libavcodec/vulkan_h264.c b/libavcodec/vulkan_h264.c +index e727aafb162d3..39c123ddca57e 100644 +--- a/libavcodec/vulkan_h264.c ++++ b/libavcodec/vulkan_h264.c +@@ -315,7 +315,7 @@ static int vk_h264_create_params(AVCodecContext *avctx, AVBufferRef **buf) + .sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR, + .pNext = &h264_params, + .videoSession = ctx->common.session, +- .videoSessionParametersTemplate = NULL, ++ .videoSessionParametersTemplate = VK_NULL_HANDLE, + }; + + /* SPS list */ +diff --git a/libavcodec/vulkan_hevc.c b/libavcodec/vulkan_hevc.c +index 99fdcf3b45839..033172cbd6958 100644 +--- a/libavcodec/vulkan_hevc.c ++++ b/libavcodec/vulkan_hevc.c +@@ -653,7 +653,7 @@ static int vk_hevc_create_params(AVCodecContext *avctx, AVBufferRef **buf) + .sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR, + .pNext = &h265_params, + .videoSession = ctx->common.session, +- .videoSessionParametersTemplate = NULL, ++ .videoSessionParametersTemplate = VK_NULL_HANDLE, + }; + + HEVCHeaderSet *hdr; +diff --git a/libavcodec/vulkan_video.c b/libavcodec/vulkan_video.c +index 5fa8292b28eaf..fb20315db4bbf 100644 +--- a/libavcodec/vulkan_video.c ++++ b/libavcodec/vulkan_video.c +@@ -287,7 +287,7 @@ av_cold void ff_vk_video_common_uninit(FFVulkanContext *s, + if (common->session) { + vk->DestroyVideoSessionKHR(s->hwctx->act_dev, common->session, + s->hwctx->alloc); +- common->session = NULL; ++ common->session = VK_NULL_HANDLE; + } + + if (common->nb_mem && common->mem) diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb index aa59755034..dea1f54580 100644 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb @@ -22,7 +22,12 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://COPYING.LGPLv2.1;md5=bd7a443320af8c812e4c18d1b79df004 \ file://COPYING.LGPLv3;md5=e6a600fd5e1d9cbde2d983680233ad02" -SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz" +SRC_URI = " \ + https://www.ffmpeg.org/releases/${BP}.tar.xz \ + file://av1_ordering_info.patch \ + file://vulkan_av1_stable_API.patch \ + file://vulkan_fix_gcc14.patch \ +" SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968" diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb index 2be406192f..c30341d1f0 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV} file://0001-connect-has-a-different-signature-on-musl.patch \ " -SRC_URI[sha256sum] = "07766425ecb5bf857ab5ad3962321c55cd89f9386b720843f9df71c0a455eb9b" +SRC_URI[sha256sum] = "015ff62789dab423edafe979b019c7de4c849a2b7e74912b20b74a70e5b68f72" DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base" RRECOMMENDS:${PN} = "git" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb index f3287efa96..bd9ae2464e 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \ " SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz" -SRC_URI[sha256sum] = "6b13dcc9332ef27a7c1e7005c0196883874f91622f8aa6e52f218b05b15d2bf5" +SRC_URI[sha256sum] = "3b60d4cac2fbcd085a93e9389ca23e0443bee1ca75574d31d4f12bb1bbecab48" S = "${WORKDIR}/gst-libav-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb index 97348fb398..4db16ed10b 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz" -SRC_URI[sha256sum] = "18dfdf5f6b773d67e62a315c6cf6247da320b83603a5819493f53c69ed2eeef6" +SRC_URI[sha256sum] = "6b0685b92ac735032d7987d1028afaeab0a98ab726e0c51e5b9bfc8f2da7c8b1" S = "${WORKDIR}/gst-omx-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb index 523ee7a5ae..01c95ac85f 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb @@ -10,7 +10,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad file://0002-avoid-including-sys-poll.h-directly.patch \ file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \ " -SRC_URI[sha256sum] = "808d3b33fc4c71aeb2561c364a87c2e8a3e2343319a83244c8391be4b09499c8" +SRC_URI[sha256sum] = "388b4c4412f42e36a38b17cc34119bc11879bd4d9fbd4ff6d03b2c7fc6b4d494" S = "${WORKDIR}/gst-plugins-bad-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb index 7aa10eb646..5905c2d5b1 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba file://0003-viv-fb-Make-sure-config.h-is-included.patch \ file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \ " -SRC_URI[sha256sum] = "65eaf72296cc5edc985695a4d80affc931e64a79f4879d05615854f7a2cf5bd1" +SRC_URI[sha256sum] = "73cfadc3a6ffe77ed974cfd6fb391c605e4531f48db21dd6b9f42b8cb69bd8c1" S = "${WORKDIR}/gst-plugins-base-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb index edd8609b7c..8099d70791 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb @@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \ file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch" -SRC_URI[sha256sum] = "6ddd032381827d31820540735f0004b429436b0bdac19aaeab44fa22faad52e2" +SRC_URI[sha256sum] = "9c1913f981900bd8867182639b20907b28ed78ef7a222cfbf2d8ba9dab992fa7" S = "${WORKDIR}/gst-plugins-good-${PV}" @@ -52,7 +52,7 @@ PACKAGECONFIG[libpng] = "-Dpng=enabled,-Dpng=disabled,libpng" PACKAGECONFIG[libv4l2] = "-Dv4l2-libv4l2=enabled,-Dv4l2-libv4l2=disabled,v4l-utils" PACKAGECONFIG[mpg123] = "-Dmpg123=enabled,-Dmpg123=disabled,mpg123" PACKAGECONFIG[pulseaudio] = "-Dpulse=enabled,-Dpulse=disabled,pulseaudio" -PACKAGECONFIG[qt5] = "-Dqt5=enabled,-Dqt5=disabled,qtbase qtdeclarative qtbase-native ${QT5WAYLANDDEPENDS}" +PACKAGECONFIG[qt5] = "-Dqt5=enabled,-Dqt5=disabled,qtbase qtdeclarative qtbase-native qttools-native ${QT5WAYLANDDEPENDS}" PACKAGECONFIG[soup2] = "-Dsoup=enabled,,libsoup-2.4,,,soup3" PACKAGECONFIG[soup3] = "-Dsoup=enabled,,libsoup,,,soup2" PACKAGECONFIG[speex] = "-Dspeex=enabled,-Dspeex=disabled,speex" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb index 61f46fbf7e..714ee178d8 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb @@ -15,7 +15,7 @@ SRC_URI = " \ https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "7758b7decfd20c00cae5700822bcbbf03f98c723e33e17634db2e07ca1da60bf" +SRC_URI[sha256sum] = "d59a1aaf8dd2cc416dc5b5c0b7aecd02b1811bf1229aa724e6c2a503d3799083" S = "${WORKDIR}/gst-plugins-ugly-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb index 0fbb03f757..2eee5aee5e 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb @@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "f7a5450d93fd81bf46060dca7f4a048d095b6717961fec211731a11a994c99a7" +SRC_URI[sha256sum] = "d98d3226efea20d5c440a28988a20319a953f7c594895df2bba4538633108e9f" DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb index 554ed9ec8f..c89c22f334 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb @@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "ec49d474750a6ff6729c85b448abc607fb6840b21717ad7abc967e2adbf07a24" +SRC_URI[sha256sum] = "bf6c7871e7cf3528e4ec87ddc2f2949691cd269f98e536482ae744c1405cf451" S = "${WORKDIR}/${PNREAL}-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb index 87eb8484a1..ef75ed64b3 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "6eae1360658302b9b512fa46b4d06f5b818dfce5f2f43d7d710ca8142719d8ad" +SRC_URI[sha256sum] = "013ad729b2fe4fccda559bddc626bcb14230cfb90a2271049f8466bfec5d80df" S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb index 8965497d01..f4acb0977b 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.11.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb @@ -22,7 +22,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x file://0003-tests-use-a-dictionaries-for-environment.patch \ file://0004-tests-add-helper-script-to-run-the-installed_tests.patch \ " -SRC_URI[sha256sum] = "3d16259e9dab8b002c57ce208a09b350d8282f5b0197306c0cdba9a0d0799744" +SRC_URI[sha256sum] = "ac352f3d02caa67f3b169daa9aa78b04dea0fc08a727de73cb28d89bd54c6f61" PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \ check \ diff --git a/poky/meta/recipes-multimedia/libpng/libpng_1.6.43.bb b/poky/meta/recipes-multimedia/libpng/libpng_1.6.42.bb index f1febd0a02..cadbe957db 100644 --- a/poky/meta/recipes-multimedia/libpng/libpng_1.6.43.bb +++ b/poky/meta/recipes-multimedia/libpng/libpng_1.6.42.bb @@ -10,8 +10,8 @@ DEPENDS = "zlib" LIBV = "16" -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz" -SRC_URI[sha256sum] = "6a5ca0652392a2d7c9db2ae5b40210843c0bbc081cbd410825ab00cc59f14a6c" +SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${BP}.tar.xz" +SRC_URI[sha256sum] = "c919dbc11f4c03b05aba3f8884d8eb7adfe3572ad228af972bb60057bdb48450" MIRRORS += "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/ ${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/older-releases/" diff --git a/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb b/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb index 0c5ed5e55e..fc913c86b3 100644 --- a/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb +++ b/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb @@ -27,6 +27,8 @@ inherit autotools pkgconfig features_check mime-xdg REQUIRED_DISTRO_FEATURES = "x11" EXTRA_OECONF = "--with-gtk=3" +# GCC 14 finds extra incompatible pointer type warnings which are treated as errors +CFLAGS += "-Wno-error=incompatible-pointer-types" do_install:append () { install -d ${D}/${datadir} diff --git a/poky/meta/recipes-sato/webkit/libwpe_1.16.0.bb b/poky/meta/recipes-sato/webkit/libwpe_1.14.2.bb index 57f91ce87e..03ee88193d 100644 --- a/poky/meta/recipes-sato/webkit/libwpe_1.16.0.bb +++ b/poky/meta/recipes-sato/webkit/libwpe_1.14.2.bb @@ -11,7 +11,7 @@ inherit cmake features_check pkgconfig REQUIRED_DISTRO_FEATURES = "opengl" SRC_URI = "https://wpewebkit.org/releases/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "c7f3a3c6b3d006790d486dc7cceda2b6d2e329de07f33bc47dfc53f00f334b2a" +SRC_URI[sha256sum] = "8ae38022c50cb340c96fdbee1217f1e46ab57fbc1c8ba98142565abbedbe22ef" # This is a tweak of upstream-version-is-even needed because # ipstream directory contains tarballs for other components as well. diff --git a/poky/meta/recipes-sato/webkit/webkitgtk/2922af379dc70b4b1a63b01d67179eb431f03ac4.patch b/poky/meta/recipes-sato/webkit/webkitgtk/2922af379dc70b4b1a63b01d67179eb431f03ac4.patch deleted file mode 100644 index 3067500447..0000000000 --- a/poky/meta/recipes-sato/webkit/webkitgtk/2922af379dc70b4b1a63b01d67179eb431f03ac4.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 2922af379dc70b4b1a63b01d67179eb431f03ac4 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro <mcatanzaro@redhat.com> -Date: Mon, 18 Mar 2024 11:14:54 -0700 -Subject: [PATCH] REGRESSION(274077@main): failure to build on i586 (and likely - other 32bit arches): static assertion failed: Timer should stay small - https://bugs.webkit.org/show_bug.cgi?id=271108 - -Unreviewed build fix. This changes SameSizeOfTimer to ensure it matches -the size of Timer on 32-bit platforms. - -* Source/WebCore/platform/Timer.cpp: - -Canonical link: https://commits.webkit.org/276282@main - -Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/2922af379dc70b4b1a63b01d67179eb431f03ac4] - -Signed-off-by: Markus Volk <f_l_k@t-online.de> ---- - Source/WebCore/platform/Timer.cpp | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/Source/WebCore/platform/Timer.cpp b/Source/WebCore/platform/Timer.cpp -index 4f7c0f5c39ca9..0f3734cca2474 100644 ---- a/Source/WebCore/platform/Timer.cpp -+++ b/Source/WebCore/platform/Timer.cpp -@@ -263,7 +263,11 @@ struct SameSizeAsTimer { - - WeakPtr<TimerAlignment> timerAlignment; - double times[2]; -- void* pointers[3]; -+ void* pointers[2]; -+#if CPU(ADDRESS32) -+ uint8_t bitfields; -+#endif -+ void* pointer; - }; - - static_assert(sizeof(Timer) == sizeof(SameSizeAsTimer), "Timer should stay small"); diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.44.0.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.44.1.bb index 0819f6de0d..29e12bb8c5 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.44.0.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.44.1.bb @@ -16,9 +16,8 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://no-musttail-arm.patch \ file://t6-not-declared.patch \ file://30e1d5e22213fdaca2a29ec3400c927d710a37a8.patch \ - file://2922af379dc70b4b1a63b01d67179eb431f03ac4.patch \ " -SRC_URI[sha256sum] = "c66530e41ba59b1edba4ee89ef20b2188e273bed0497e95084729e3cfbe30c87" +SRC_URI[sha256sum] = "425b1459b0f04d0600c78d1abb5e7edfa3c060a420f8b231e9a6a2d5d29c5561" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gi-docgen diff --git a/poky/meta/recipes-support/appstream/appstream_1.0.2.bb b/poky/meta/recipes-support/appstream/appstream_1.0.3.bb index 7eb12a04c5..625e85a0ae 100644 --- a/poky/meta/recipes-support/appstream/appstream_1.0.2.bb +++ b/poky/meta/recipes-support/appstream/appstream_1.0.3.bb @@ -28,7 +28,7 @@ SRC_URI = " \ https://www.freedesktop.org/software/appstream/releases/AppStream-${PV}.tar.xz \ file://0001-remove-hardcoded-path.patch \ " -SRC_URI[sha256sum] = "1a5148ca97dcbf5eb6e9c380278bb0d20938569292ea8652df1b3cac8bd2736b" +SRC_URI[sha256sum] = "5ab6f6cf644e7875a9508593962e56bb430f4e59ae0bf03be6be7029deb6baa4" S = "${WORKDIR}/AppStream-${PV}" diff --git a/poky/meta/recipes-support/apr/apr/0001-Add-option-to-disable-timed-dependant-tests.patch b/poky/meta/recipes-support/apr/apr/0001-Add-option-to-disable-timed-dependant-tests.patch index a274f3a16e..b46dc76a86 100644 --- a/poky/meta/recipes-support/apr/apr/0001-Add-option-to-disable-timed-dependant-tests.patch +++ b/poky/meta/recipes-support/apr/apr/0001-Add-option-to-disable-timed-dependant-tests.patch @@ -7,7 +7,7 @@ The disabled tests rely on timing to pass correctly. On a virtualized system under heavy load, these tests randomly fail because they miss a timer or other timing related issues. -Upstream-Status: Pending +Upstream-Status: Submitted [https://github.com/apache/apr/pull/54] Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> --- diff --git a/poky/meta/recipes-support/atk/at-spi2-core_2.52.0.bb b/poky/meta/recipes-support/atk/at-spi2-core_2.50.1.bb index cf221e0389..6996ebebcd 100644 --- a/poky/meta/recipes-support/atk/at-spi2-core_2.52.0.bb +++ b/poky/meta/recipes-support/atk/at-spi2-core_2.50.1.bb @@ -11,7 +11,7 @@ MAJ_VER = "${@oe.utils.trim_version("${PV}", 2)}" SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "0ac3fc8320c8d01fa147c272ba7fa03806389c6b03d3c406d0823e30e35ff5ab" +SRC_URI[sha256sum] = "5727b5c0687ac57ba8040e79bd6731b714a36b8fcf32190f236b8fb3698789e7" DEPENDS = " \ dbus \ diff --git a/poky/meta/recipes-support/attr/attr_2.5.1.bb b/poky/meta/recipes-support/attr/attr_2.5.1.bb new file mode 100644 index 0000000000..5c5f7bcffb --- /dev/null +++ b/poky/meta/recipes-support/attr/attr_2.5.1.bb @@ -0,0 +1,5 @@ +require attr.inc + +SRC_URI[sha256sum] = "bae1c6949b258a0d68001367ce0c741cebdacdd3b62965d17e5eb23cd78adaf8" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/attr/attr_2.5.2.bb b/poky/meta/recipes-support/attr/attr_2.5.2.bb deleted file mode 100644 index 2110c6d885..0000000000 --- a/poky/meta/recipes-support/attr/attr_2.5.2.bb +++ /dev/null @@ -1,5 +0,0 @@ -require attr.inc - -SRC_URI[sha256sum] = "39bf67452fa41d0948c2197601053f48b3d78a029389734332a6309a680c6c87" - -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/bash-completion/bash-completion_2.13.0.bb b/poky/meta/recipes-support/bash-completion/bash-completion_2.12.0.bb index f75d61e219..66f65f565c 100644 --- a/poky/meta/recipes-support/bash-completion/bash-completion_2.13.0.bb +++ b/poky/meta/recipes-support/bash-completion/bash-completion_2.12.0.bb @@ -14,7 +14,7 @@ SECTION = "console/utils" SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "c5f99a39e40f0d154c03ff15438e87ece1f5ac666336a4459899e2ff4bedf3d1" +SRC_URI[sha256sum] = "3eb05b1783c339ef59ed576afb0f678fa4ef49a6de8a696397df3148f8345af9" GITHUB_BASE_URI = "https://github.com/scop/bash-completion/releases" PARALLEL_MAKE = "" diff --git a/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb b/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb index 346bd60e4d..0f2153d493 100644 --- a/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb +++ b/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb @@ -31,6 +31,9 @@ PACKAGECONFIG[pam] = "--enable-pam-module --with-pam-module-dir=${base_libdir}/s PACKAGECONFIG[polkit] = "--with-polkit,--without-polkit,polkit" PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}/,--with-systemdsystemunitdir=" +# Fails to build with GCC14 with incompatible pointer error warning being treated as error +CFLAGS += "-Wno-error=incompatible-pointer-types" + FILES:${PN} += "${exec_prefix}/lib/ConsoleKit \ ${libdir}/ConsoleKit ${systemd_unitdir} ${base_libdir} \ ${datadir}/dbus-1 ${datadir}/PolicyKit ${datadir}/polkit*" diff --git a/poky/meta/recipes-support/curl/curl/721941aadf4adf4f6aeb3f4c0ab489bb89610c36.patch b/poky/meta/recipes-support/curl/curl/721941aadf4adf4f6aeb3f4c0ab489bb89610c36.patch new file mode 100644 index 0000000000..98f7db93e8 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/721941aadf4adf4f6aeb3f4c0ab489bb89610c36.patch @@ -0,0 +1,64 @@ +From 721941aadf4adf4f6aeb3f4c0ab489bb89610c36 Mon Sep 17 00:00:00 2001 +From: Stefan Eissing <stefan@eissing.org> +Date: Mon, 1 Apr 2024 15:41:18 +0200 +Subject: [PATCH] http: with chunked POST forced, disable length check on read + callback + +- when an application forces HTTP/1.1 chunked transfer encoding + by setting the corresponding header and instructs curl to use + the CURLOPT_READFUNCTION, disregard any POST length information. +- this establishes backward compatibility with previous curl versions + +Applications are encouraged to not force "chunked", but rather +set length information for a POST. By setting -1, curl will +auto-select chunked on HTTP/1.1 and work properly on other HTTP +versions. + +Reported-by: Jeff King +Fixes #13229 +Closes #13257 +Upstream-Status: Backport +--- + lib/http.c | 22 ++++++++++++++++++++-- + 1 file changed, 20 insertions(+), 2 deletions(-) + +diff --git a/lib/http.c b/lib/http.c +index 92c04e69cd8373..a764d3c4403c39 100644 +--- a/lib/http.c ++++ b/lib/http.c +@@ -2046,8 +2046,19 @@ static CURLcode set_reader(struct Curl_easy *data, Curl_HttpReq httpreq) + else + result = Curl_creader_set_null(data); + } +- else { /* we read the bytes from the callback */ +- result = Curl_creader_set_fread(data, postsize); ++ else { ++ /* we read the bytes from the callback. In case "chunked" encoding ++ * is forced by the application, we disregard `postsize`. This is ++ * a backward compatibility decision to earlier versions where ++ * chunking disregarded this. See issue #13229. */ ++ bool chunked = FALSE; ++ char *ptr = Curl_checkheaders(data, STRCONST("Transfer-Encoding")); ++ if(ptr) { ++ /* Some kind of TE is requested, check if 'chunked' is chosen */ ++ chunked = Curl_compareheader(ptr, STRCONST("Transfer-Encoding:"), ++ STRCONST("chunked")); ++ } ++ result = Curl_creader_set_fread(data, chunked? -1 : postsize); + } + return result; + +@@ -2115,6 +2126,13 @@ CURLcode Curl_http_req_set_reader(struct Curl_easy *data, + data->req.upload_chunky = + Curl_compareheader(ptr, + STRCONST("Transfer-Encoding:"), STRCONST("chunked")); ++ if(data->req.upload_chunky && ++ Curl_use_http_1_1plus(data, data->conn) && ++ (data->conn->httpversion >= 20)) { ++ infof(data, "suppressing chunked transfer encoding on connection " ++ "using HTTP version 2 or higher"); ++ data->req.upload_chunky = FALSE; ++ } + } + else { + curl_off_t req_clen = Curl_creader_total_length(data); diff --git a/poky/meta/recipes-support/curl/curl_8.7.1.bb b/poky/meta/recipes-support/curl/curl_8.7.1.bb index c6654bbad6..3fdad6a4cf 100644 --- a/poky/meta/recipes-support/curl/curl_8.7.1.bb +++ b/poky/meta/recipes-support/curl/curl_8.7.1.bb @@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=eed2e5088e1ac619c9a1c747da291d75" SRC_URI = " \ https://curl.se/download/${BP}.tar.xz \ + file://721941aadf4adf4f6aeb3f4c0ab489bb89610c36.patch \ file://run-ptest \ file://disable-tests \ file://no-test-timeout.patch \ @@ -119,6 +120,7 @@ do_install_ptest() { RDEPENDS:${PN}-ptest += " \ bash \ + locale-base-en-us \ perl-module-b \ perl-module-base \ perl-module-cwd \ @@ -134,7 +136,6 @@ RDEPENDS:${PN}-ptest += " \ perl-module-storable \ perl-module-time-hires \ " -RDEPENDS:${PN}-ptest:append:libc-glibc = " locale-base-en-us" PACKAGES =+ "lib${BPN}" diff --git a/poky/meta/recipes-support/db/db_5.3.28.bb b/poky/meta/recipes-support/db/db_5.3.28.bb index a99d5cea62..a7d061e0da 100644 --- a/poky/meta/recipes-support/db/db_5.3.28.bb +++ b/poky/meta/recipes-support/db/db_5.3.28.bb @@ -116,3 +116,7 @@ INSANE_SKIP:${PN} = "dev-so" INSANE_SKIP:${PN}-cxx = "dev-so" BBCLASSEXTEND = "native nativesdk" + +# many configure tests are failing with gcc-14 +CFLAGS += "-Wno-error=implicit-int -Wno-error=implicit-function-declaration" +BUILD_CFLAGS += "-Wno-error=implicit-int -Wno-error=implicit-function-declaration" diff --git a/poky/meta/recipes-support/debianutils/debianutils_5.17.bb b/poky/meta/recipes-support/debianutils/debianutils_5.16.bb index c5f25bae40..ec629d8b73 100644 --- a/poky/meta/recipes-support/debianutils/debianutils_5.17.bb +++ b/poky/meta/recipes-support/debianutils/debianutils_5.16.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://debian/copyright;md5=4b667f30411d21bc8fd7db85d502a8e9 SRC_URI = "git://salsa.debian.org/debian/debianutils.git;protocol=https;branch=master \ " -SRCREV = "baf12e98a02883d1b76081e32f2185ee3497570b" +SRCREV = "9e0facf19b17b6d090a5dcc8cacb0c16e5ad9f72" inherit autotools update-alternatives diff --git a/poky/meta/recipes-support/diffoscope/diffoscope_260.bb b/poky/meta/recipes-support/diffoscope/diffoscope_259.bb index 297a53fb53..eca2c208fc 100644 --- a/poky/meta/recipes-support/diffoscope/diffoscope_260.bb +++ b/poky/meta/recipes-support/diffoscope/diffoscope_259.bb @@ -12,7 +12,7 @@ PYPI_PACKAGE = "diffoscope" inherit pypi setuptools3 -SRC_URI[sha256sum] = "405a55502c8b2c988e46c0800d6a93e8e4e7632c1542b0a540dda50aeea41dac" +SRC_URI[sha256sum] = "c1f14452467f84c4be804a3725cbfdd5eadf977ece7ad463be8b647d1a87fb42" RDEPENDS:${PN} += "\ binutils \ diff --git a/poky/meta/recipes-support/enchant/enchant2_2.6.9.bb b/poky/meta/recipes-support/enchant/enchant2_2.6.7.bb index aaf3525ad8..b31bdc422b 100644 --- a/poky/meta/recipes-support/enchant/enchant2_2.6.9.bb +++ b/poky/meta/recipes-support/enchant/enchant2_2.6.7.bb @@ -12,7 +12,7 @@ DEPENDS = "glib-2.0 groff-native" inherit autotools pkgconfig github-releases SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/enchant-${PV}.tar.gz" -SRC_URI[sha256sum] = "d9a5a10dc9b38a43b3a0fa22c76ed6ebb7e09eb535aff62954afcdbd40efff6b" +SRC_URI[sha256sum] = "a1c2e5b59acca000bbfb24810af4a1165733d407f2154786588e076c8cd57bfc" GITHUB_BASE_URI = "https://github.com/AbiWord/enchant/releases" diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.4.5.bb b/poky/meta/recipes-support/gnupg/gnupg_2.4.4.bb index 99996968b1..fff7d8c6da 100644 --- a/poky/meta/recipes-support/gnupg/gnupg_2.4.5.bb +++ b/poky/meta/recipes-support/gnupg/gnupg_2.4.4.bb @@ -23,7 +23,7 @@ SRC_URI:append:class-native = " file://0001-configure.ac-use-a-custom-value-for- file://relocate.patch" SRC_URI:append:class-nativesdk = " file://relocate.patch" -SRC_URI[sha256sum] = "f68f7d75d06cb1635c336d34d844af97436c3f64ea14bcb7c869782f96f44277" +SRC_URI[sha256sum] = "67ebe016ca90fa7688ce67a387ebd82c6261e95897db7b23df24ff335be85bc6" EXTRA_OECONF = "--disable-ldap \ --disable-ccid-driver \ diff --git a/poky/meta/recipes-support/icu/icu/fix-install-manx.patch b/poky/meta/recipes-support/icu/icu/fix-install-manx.patch index 7526bde370..16cabc8264 100644 --- a/poky/meta/recipes-support/icu/icu/fix-install-manx.patch +++ b/poky/meta/recipes-support/icu/icu/fix-install-manx.patch @@ -11,7 +11,9 @@ and one process tries to chown a file that the other process has just deleted. Also install-manx should be a phony target, and for clarity use $^ instead of $? in the install command. -Upstream-Status: Pending +Upstream ticket: https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-21172 + +Upstream-Status: Submitted [https://github.com/unicode-org/icu/pull/2966] Signed-off-by: Ross Burton <ross.burton@intel.com> --- Makefile.in | 8 ++++---- diff --git a/poky/meta/recipes-support/libassuan/libassuan_2.5.7.bb b/poky/meta/recipes-support/libassuan/libassuan_2.5.6.bb index d1e622635f..7e899e7399 100644 --- a/poky/meta/recipes-support/libassuan/libassuan_2.5.7.bb +++ b/poky/meta/recipes-support/libassuan/libassuan_2.5.6.bb @@ -20,7 +20,7 @@ SRC_URI = "${GNUPG_MIRROR}/libassuan/libassuan-${PV}.tar.bz2 \ file://libassuan-add-pkgconfig-support.patch \ " -SRC_URI[sha256sum] = "0103081ffc27838a2e50479153ca105e873d3d65d8a9593282e9c94c7e6afb76" +SRC_URI[sha256sum] = "e9fd27218d5394904e4e39788f9b1742711c3e6b41689a31aa3380bd5aa4f426" BINCONFIG = "${bindir}/libassuan-config" diff --git a/poky/meta/recipes-support/libbsd/libbsd_0.12.2.bb b/poky/meta/recipes-support/libbsd/libbsd_0.12.1.bb index 7d5e88f293..161dc6df43 100644 --- a/poky/meta/recipes-support/libbsd/libbsd_0.12.2.bb +++ b/poky/meta/recipes-support/libbsd/libbsd_0.12.1.bb @@ -38,7 +38,7 @@ SECTION = "libs" SRC_URI = "https://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "b88cc9163d0c652aaf39a99991d974ddba1c3a9711db8f1b5838af2a14731014" +SRC_URI[sha256sum] = "d7747f8ec1baa6ff5c096a9dd587c061233dec90da0f1aedd66d830f6db6996a" inherit autotools pkgconfig diff --git a/poky/meta/recipes-support/libfm/libfm_1.3.2.bb b/poky/meta/recipes-support/libfm/libfm_1.3.2.bb index 057c737029..1d7609165b 100644 --- a/poky/meta/recipes-support/libfm/libfm_1.3.2.bb +++ b/poky/meta/recipes-support/libfm/libfm_1.3.2.bb @@ -53,3 +53,7 @@ do_install:append () { rm -f ${D}${libdir}/libfm-extra.a rm -f ${D}${libdir}/libfm-extra.la } + +# http://errors.yoctoproject.org/Errors/Details/766924/ +# libfm-1.3.2/src/actions/action.c:2050:25: error: assignment to 'gchar **' {aka 'char **'} from incompatible pointer type 'const gchar * const*' {aka 'const char * const*'} [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-support/libical/libical_3.0.18.bb b/poky/meta/recipes-support/libical/libical_3.0.17.bb index 040d23b69d..b91912b048 100644 --- a/poky/meta/recipes-support/libical/libical_3.0.18.bb +++ b/poky/meta/recipes-support/libical/libical_3.0.17.bb @@ -7,7 +7,7 @@ HOMEPAGE = "https://github.com/libical/libical" BUGTRACKER = "https://github.com/libical/libical/issues" LICENSE = "LGPL-2.1-only | MPL-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=1910a2a76ddf6a9ba369182494170d87 \ - file://LICENSE.LGPL21.txt;md5=8f690bb538f4b301d931374a6eb864d0 \ + file://LICENSE.LGPL21.txt;md5=933adb561f159e7c3da079536f0ed871 \ file://LICENSE.MPL2.txt;md5=f75d2927d3c1ed2414ef72048f5ad640 \ " SECTION = "libs" @@ -15,7 +15,7 @@ SECTION = "libs" SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.gz \ file://0001-cmake-Do-not-export-CC-into-gir-compiler.patch \ " -SRC_URI[sha256sum] = "72b7dc1a5937533aee5a2baefc990983b66b141dd80d43b51f80aced4aae219c" +SRC_URI[sha256sum] = "bcda9a6db6870240328752854d1ea475af9bbc6356e6771018200e475e5f781b" inherit cmake pkgconfig gobject-introspection vala github-releases diff --git a/poky/meta/recipes-support/libunwind/libunwind_1.6.2.bb b/poky/meta/recipes-support/libunwind/libunwind_1.6.2.bb index 3208785124..c7b1604b61 100644 --- a/poky/meta/recipes-support/libunwind/libunwind_1.6.2.bb +++ b/poky/meta/recipes-support/libunwind/libunwind_1.6.2.bb @@ -40,3 +40,11 @@ do_install:append () { } BBCLASSEXTEND = "native" + +# http://errors.yoctoproject.org/Errors/Build/183144/ +# libunwind-1.6.2/include/tdep-aarch64/libunwind_i.h:123:47: error: passing argument 1 of '_ULaarch64_uc_addr' from incompatible pointer type [-Wincompatible-pointer-types] +# libunwind-1.6.2/src/aarch64/Ginit.c:348:28: error: initialization of 'unw_tdep_context_t *' from incompatible pointer type 'ucontext_t *' [-Wincompatible-pointer-types] +# libunwind-1.6.2/src/aarch64/Ginit.c:377:28: error: initialization of 'unw_tdep_context_t *' from incompatible pointer type 'ucontext_t *' [-Wincompatible-pointer-types] +# libunwind-1.6.2/src/aarch64/Ginit_local.c:51:9: error: assignment to 'ucontext_t *' from incompatible pointer type 'unw_context_t *' {aka 'unw_tdep_context_t *'} [-Wincompatible-pointer-types] +# libunwind-1.6.2/src/aarch64/Gresume.c:37:28: error: initialization of 'unw_tdep_context_t *' from incompatible pointer type 'ucontext_t *' [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-support/libusb/libusb1_1.0.27.bb b/poky/meta/recipes-support/libusb/libusb1_1.0.27.bb index f2431d75c8..5bf854f95d 100644 --- a/poky/meta/recipes-support/libusb/libusb1_1.0.27.bb +++ b/poky/meta/recipes-support/libusb/libusb1_1.0.27.bb @@ -8,6 +8,8 @@ SECTION = "libs" LICENSE = "LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" +CVE_PRODUCT = "libusb" + BBCLASSEXTEND = "native nativesdk" SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/libusb-${PV}.tar.bz2 \ diff --git a/poky/meta/recipes-support/npth/npth/0001-Revert-Fix-problem-with-regression-tests-on-recent-g.patch b/poky/meta/recipes-support/npth/npth/0001-Revert-Fix-problem-with-regression-tests-on-recent-g.patch new file mode 100644 index 0000000000..47c426b4a5 --- /dev/null +++ b/poky/meta/recipes-support/npth/npth/0001-Revert-Fix-problem-with-regression-tests-on-recent-g.patch @@ -0,0 +1,43 @@ +From e43524868bb4901703d63876f9d49f73ca75b3ab Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 12 May 2021 20:27:52 -0700 +Subject: [PATCH] Revert "Fix problem with regression tests on recent glibc." + +This reverts commit 3a9d32eb59194b989656548755066ccd9feb36ac. + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + configure.ac | 8 +++----- + 1 file changed, 3 insertions(+), 5 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 8a9373c..8cda28d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -284,11 +284,9 @@ AC_TYPE_SSIZE_T + # + # Checks for libraries and functions. + # +-# We test for pthread_detach because glibc 2.22 includes +-# pthread_create but not pthread_detach. + if test "$have_w32_system" = no; then +- AC_SEARCH_LIBS([pthread_detach],[pthread]) +- case "x$ac_cv_search_pthread_detach" in ++ AC_SEARCH_LIBS([pthread_create],[pthread]) ++ case "x$ac_cv_search_pthread_create" in + xno) + have_pthread=no + ;; +@@ -297,7 +295,7 @@ if test "$have_w32_system" = no; then + ;; + *) + have_pthread=yes +- config_libs="$config_libs $ac_cv_search_pthread_detach" ++ config_libs="$config_libs $ac_cv_search_pthread_create" + ;; + esac + if test "$have_pthread" != no; then +-- +2.31.1 + diff --git a/poky/meta/recipes-support/npth/npth/musl-fix.patch b/poky/meta/recipes-support/npth/npth/musl-fix.patch deleted file mode 100644 index fabe78b14c..0000000000 --- a/poky/meta/recipes-support/npth/npth/musl-fix.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 417abd56fd7bf45cd4948414050615cb1ad59134 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Fri, 1 Mar 2024 13:53:52 +0900 -Subject: [PATCH] Fix INSERT_EXPOSE_RWLOCK_API for musl C library. - -* configure.ac: Add a case for musl system. - -Upstream-Status: Backport [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=npth.git;a=commit;h=417abd56fd7bf45cd4948414050615cb1ad59134] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> --- - -GnuPG-bug-id: 5664 -Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> ---- - configure.ac | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index c1091b1..576a26e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -381,7 +381,10 @@ fi - AC_SUBST(INSERT_NO_RWLOCK) - - case "${host}" in -- *-*-linux*|*-*-gnu*) -+ *-*-linux-musl*) -+ INSERT_EXPOSE_RWLOCK_API="1" -+ ;; -+ *-*-linux-gnu*|*-*-gnu*) - INSERT_EXPOSE_RWLOCK_API="defined(__USE_UNIX98) || defined(__USE_XOPEN2K)" - ;; - *) --- -2.30.2 - - diff --git a/poky/meta/recipes-support/npth/npth/pkgconfig.patch b/poky/meta/recipes-support/npth/npth/pkgconfig.patch index e736921b43..b6a12e7309 100644 --- a/poky/meta/recipes-support/npth/npth/pkgconfig.patch +++ b/poky/meta/recipes-support/npth/npth/pkgconfig.patch @@ -1,51 +1,13 @@ -From ff19a9648f1c7d93087e2c33ca64bb881d53ea5a Mon Sep 17 00:00:00 2001 -From: Saul Wold <sgw@linux.intel.com> -Date: Mon, 10 Nov 2014 13:59:03 -0800 -Subject: [PATCH] Added npth pkgconfig file +Added npth pkgconfig file Upstream-Status: Pending Signed-off-by: Saul Wold <sgw@linux.intel.com> ---- - configure.ac | 1 + - src/Makefile.am | 4 +++- - src/npth.pc.in | 10 ++++++++++ - 3 files changed, 14 insertions(+), 1 deletion(-) - create mode 100644 src/npth.pc.in -diff --git a/configure.ac b/configure.ac -index 10f3629..65b76a1 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -476,6 +476,7 @@ src/Makefile - w32/Makefile - tests/Makefile]) - AC_CONFIG_FILES(npth-config, chmod +x npth-config) -+AC_CONFIG_FILES([src/npth.pc]) - AC_OUTPUT - - echo " -diff --git a/src/Makefile.am b/src/Makefile.am -index 7070118..6f01c64 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -17,8 +17,10 @@ - # License along with this program; if not, see <http://www.gnu.org/licenses/>. - - ## Process this file with automake to produce Makefile.in -+pkgconfigdir = $(libdir)/pkgconfig -+pkgconfig_DATA = npth.pc - --EXTRA_DIST = libnpth.vers -+EXTRA_DIST = libnpth.vers npth.pc - # versioninfo.rc.in - nodist_include_HEADERS = npth.h - -diff --git a/src/npth.pc.in b/src/npth.pc.in -new file mode 100644 -index 0000000..db091e8 +Index: npth-1.1/src/npth.pc.in +=================================================================== --- /dev/null -+++ b/src/npth.pc.in ++++ npth-1.1/src/npth.pc.in @@ -0,0 +1,10 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ @@ -57,3 +19,31 @@ index 0000000..db091e8 +Version: @VERSION@ +Libs: -L${libdir} -lnpth -lpthread +Cflags: -I${includedir} +Index: npth-1.1/src/Makefile.am +=================================================================== +--- npth-1.1.orig/src/Makefile.am ++++ npth-1.1/src/Makefile.am +@@ -27,8 +27,10 @@ + # License along with this program; if not, see <http://www.gnu.org/licenses/>. + + ## Process this file with automake to produce Makefile.in ++pkgconfigdir = $(libdir)/pkgconfig ++pkgconfig_DATA = npth.pc + +-EXTRA_DIST = libnpth.vers ++EXTRA_DIST = libnpth.vers npth.pc + # versioninfo.rc.in + nodist_include_HEADERS = npth.h + +Index: npth-1.1/configure.ac +=================================================================== +--- npth-1.1.orig/configure.ac ++++ npth-1.1/configure.ac +@@ -337,6 +337,7 @@ src/Makefile + w32/Makefile + tests/Makefile]) + AC_CONFIG_FILES(npth-config, chmod +x npth-config) ++AC_CONFIG_FILES([src/npth.pc]) + AC_OUTPUT + + echo " diff --git a/poky/meta/recipes-support/npth/npth_1.7.bb b/poky/meta/recipes-support/npth/npth_1.6.bb index f02a731f85..ef863d39b0 100644 --- a/poky/meta/recipes-support/npth/npth_1.7.bb +++ b/poky/meta/recipes-support/npth/npth_1.6.bb @@ -9,14 +9,18 @@ LIC_FILES_CHKSUM = "\ UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" SRC_URI = "${GNUPG_MIRROR}/npth/npth-${PV}.tar.bz2 \ file://pkgconfig.patch \ - file://musl-fix.patch \ - " + file://0001-Revert-Fix-problem-with-regression-tests-on-recent-g.patch \ + " -SRC_URI[sha256sum] = "8589f56937b75ce33b28d312fccbf302b3b71ec3f3945fde6aaa74027914ad05" +SRC_URI[md5sum] = "375d1a15ad969f32d25f1a7630929854" +SRC_URI[sha256sum] = "1393abd9adcf0762d34798dc34fdcf4d0d22a8410721e76f1e3afcd1daa4e2d1" + +BINCONFIG = "${bindir}/npth-config" inherit autotools binconfig-disabled multilib_header FILES:${PN} = "${libdir}/libnpth.so.*" +FILES:${PN}-dev += "${bindir}/npth-config" do_install:append() { oe_multilib_header npth.h diff --git a/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb b/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb index b7ebd44abc..2ede38deba 100644 --- a/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb +++ b/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb @@ -32,3 +32,13 @@ FILES:${PN} += " \ INSANE_SKIP:${PN} = "dev-so" BBCLASSEXTEND = "native nativesdk" + +# # This one is reproducible only on 32bit MACHINEs +# http://errors.yoctoproject.org/Errors/Details/766969/ +# git/p11-kit/import-object.c:223:62: error: passing argument 3 of 'p11_asn1_read' from incompatible pointer type [-Wincompatible-pointer-types] +# git/p11-kit/import-object.c:229:70: error: passing argument 3 of 'p11_asn1_read' from incompatible pointer type [-Wincompatible-pointer-types] +# git/p11-kit/import-object.c:264:78: error: passing argument 3 of 'p11_asn1_read' from incompatible pointer type [-Wincompatible-pointer-types] +# git/p11-kit/import-object.c:223:62: error: passing argument 3 of 'p11_asn1_read' from incompatible pointer type [-Wincompatible-pointer-types] +# git/p11-kit/import-object.c:229:70: error: passing argument 3 of 'p11_asn1_read' from incompatible pointer type [-Wincompatible-pointer-types] +# git/p11-kit/import-object.c:264:78: error: passing argument 3 of 'p11_asn1_read' from incompatible pointer type [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.3.bb b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.4.bb index e6668da01f..2263e07280 100644 --- a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.3.bb +++ b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.4.bb @@ -7,7 +7,7 @@ HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/" LICENSE = "GPL-2.0-or-later" LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" -SRCREV = "92c1b97bfdb4a94acc1cabcaf97eef52dc29144c" +SRCREV = "95f528cff0bc52903b98c292d4a322fcffa74471" PV .= "+git" SRC_URI = "git://git.yoctoproject.org/ptest-runner2;branch=master;protocol=https \ diff --git a/poky/meta/recipes-support/rng-tools/rng-tools_6.16.bb b/poky/meta/recipes-support/rng-tools/rng-tools_6.16.bb index f0aa3ff93f..5b66e3badf 100644 --- a/poky/meta/recipes-support/rng-tools/rng-tools_6.16.bb +++ b/poky/meta/recipes-support/rng-tools/rng-tools_6.16.bb @@ -67,3 +67,7 @@ do_install:append() { ${D}${systemd_system_unitdir}/rng-tools.service fi } + +# libargp detection fails +# http://errors.yoctoproject.org/Errors/Details/766951/ +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch b/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch index 91640d6044..c8e6eddfec 100644 --- a/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch +++ b/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch @@ -31,7 +31,7 @@ ERROR: scons install execution failed. and the installed paths (including the paths inside libserf*.pc) look correct -Upstream-Status: Pending +Upstream-Status: Inappropriate [removes block of code rather than fixing the problem in that block] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> diff --git a/poky/meta/recipes-support/taglib/taglib_2.0.bb b/poky/meta/recipes-support/taglib/taglib_2.0.1.bb index 4bf9be15ae..14f99aabbc 100644 --- a/poky/meta/recipes-support/taglib/taglib_2.0.bb +++ b/poky/meta/recipes-support/taglib/taglib_2.0.1.bb @@ -11,7 +11,7 @@ DEPENDS = "zlib utfcpp" SRC_URI = "http://taglib.github.io/releases/${BP}.tar.gz" -SRC_URI[sha256sum] = "e36ea877a6370810b97d84cf8f72b1e4ed205149ab3ac8232d44c850f38a2859" +SRC_URI[sha256sum] = "08c0a27b96aa5c4e23060fe0b6f93102ee9091a9385257b9d0ddcf467de0d925" UPSTREAM_CHECK_URI = "https://taglib.org/" UPSTREAM_CHECK_REGEX = "taglib-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/scripts/lib/devtool/ide_sdk.py b/poky/scripts/lib/devtool/ide_sdk.py index 7807b322b3..65873b088d 100755 --- a/poky/scripts/lib/devtool/ide_sdk.py +++ b/poky/scripts/lib/devtool/ide_sdk.py @@ -1052,7 +1052,7 @@ def register_commands(subparsers, context): parser_ide_sdk.add_argument( '-I', '--key', help='Specify ssh private key for connection to the target') parser_ide_sdk.add_argument( - '--skip-bitbake', help='Generate IDE configuration but skip calling bibtake to update the SDK.', action='store_true') + '--skip-bitbake', help='Generate IDE configuration but skip calling bitbake to update the SDK', action='store_true') parser_ide_sdk.add_argument( '-k', '--bitbake-k', help='Pass -k parameter to bitbake', action='store_true') parser_ide_sdk.add_argument( diff --git a/poky/scripts/lib/devtool/standard.py b/poky/scripts/lib/devtool/standard.py index 6674e67267..05161942b7 100644 --- a/poky/scripts/lib/devtool/standard.py +++ b/poky/scripts/lib/devtool/standard.py @@ -661,7 +661,18 @@ def _extract_source(srctree, keep_temp, devbranch, sync, config, basepath, works srctree_localdir = os.path.join(srctree, 'oe-local-files') if sync: - bb.process.run('git fetch file://' + srcsubdir + ' ' + devbranch + ':' + devbranch, cwd=srctree) + try: + logger.info('Backing up current %s branch as branch: %s.bak' % (devbranch, devbranch)) + bb.process.run('git branch -f ' + devbranch + '.bak', cwd=srctree) + + # Use git fetch to update the source with the current recipe + # To be able to update the currently checked out branch with + # possibly new history (no fast-forward) git needs to be told + # that's ok + logger.info('Syncing source files including patches to git branch: %s' % devbranch) + bb.process.run('git fetch --update-head-ok --force file://' + srcsubdir + ' ' + devbranch + ':' + devbranch, cwd=srctree) + except bb.process.ExecutionError as e: + raise DevtoolError("Error when syncing source files to local checkout: %s" % str(e)) # Move the oe-local-files directory to srctree. # As oe-local-files is not part of the constructed git tree, @@ -893,7 +904,10 @@ def modify(args, config, basepath, workspace): (stdout, _) = bb.process.run('git rev-list --reverse %s..HEAD' % initial_revs["."], cwd=srctree) commits["."] = stdout.split() check_commits = True - (stdout, _) = bb.process.run('git submodule --quiet foreach --recursive \'echo `git rev-parse devtool-base` $PWD\'', cwd=srctree) + try: + (stdout, _) = bb.process.run('git submodule --quiet foreach --recursive \'echo `git rev-parse devtool-base` $PWD\'', cwd=srctree) + except bb.process.ExecutionError: + stdout = "" for line in stdout.splitlines(): (rev, submodule_path) = line.split() submodule = os.path.relpath(submodule_path, srctree) @@ -1452,8 +1466,10 @@ def _export_local_files(srctree, rd, destdir, srctreebase): 1. updated - files that already exist in SRCURI 2. added - new files files that don't exist in SRCURI 3 removed - files that exist in SRCURI but not in exported files - In each dict the key is the 'basepath' of the URI and value is the - absolute path to the existing file in recipe space (if any). + In each dict the key is the 'basepath' of the URI and value is: + - for updated and added dicts, a dict with 1 optionnal key: + - 'path': the absolute path to the existing file in recipe space (if any) + - for removed dict, the absolute path to the existing file in recipe space """ import oe.recipeutils @@ -1535,9 +1551,9 @@ def _export_local_files(srctree, rd, destdir, srctreebase): origpath = existing_files.pop(fname) workpath = os.path.join(local_files_dir, fname) if not filecmp.cmp(origpath, workpath): - updated[fname] = origpath + updated[fname] = {'path' : origpath} elif fname != '.gitignore': - added[fname] = None + added[fname] = {} workdir = rd.getVar('WORKDIR') s = rd.getVar('S') @@ -1554,7 +1570,7 @@ def _export_local_files(srctree, rd, destdir, srctreebase): if os.path.exists(fpath): origpath = existing_files.pop(fname) if not filecmp.cmp(origpath, fpath): - updated[fpath] = origpath + updated[fpath] = {'path' : origpath} removed = existing_files return (updated, added, removed) @@ -1640,7 +1656,8 @@ def _update_recipe_srcrev(recipename, workspace, srctree, rd, appendlayerdir, wi redirect_output=dry_run_outdir) else: files_dir = _determine_files_dir(rd) - for basepath, path in upd_f.items(): + for basepath, param in upd_f.items(): + path = param['path'] logger.info('Updating file %s%s' % (basepath, dry_run_suffix)) if os.path.isabs(basepath): # Original file (probably with subdir pointing inside source tree) @@ -1650,7 +1667,8 @@ def _update_recipe_srcrev(recipename, workspace, srctree, rd, appendlayerdir, wi _move_file(os.path.join(local_files_dir, basepath), path, dry_run_outdir=dry_run_outdir, base_outdir=recipedir) update_srcuri= True - for basepath, path in new_f.items(): + for basepath, param in new_f.items(): + path = param['path'] logger.info('Adding new file %s%s' % (basepath, dry_run_suffix)) _move_file(os.path.join(local_files_dir, basepath), os.path.join(files_dir, basepath), @@ -1772,7 +1790,8 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil else: # Update existing files files_dir = _determine_files_dir(rd) - for basepath, path in upd_f.items(): + for basepath, param in upd_f.items(): + path = param['path'] logger.info('Updating file %s' % basepath) if os.path.isabs(basepath): # Original file (probably with subdir pointing inside source tree) @@ -1806,7 +1825,7 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil dry_run_outdir=dry_run_outdir, base_outdir=recipedir) updatefiles = True # Add any new files - for basepath, path in new_f.items(): + for basepath, param in new_f.items(): logger.info('Adding new file %s%s' % (basepath, dry_run_suffix)) _move_file(os.path.join(local_files_dir, basepath), os.path.join(files_dir, basepath), diff --git a/poky/scripts/lib/recipetool/create_go.py b/poky/scripts/lib/recipetool/create_go.py index c560831442..a85a2f2786 100644 --- a/poky/scripts/lib/recipetool/create_go.py +++ b/poky/scripts/lib/recipetool/create_go.py @@ -16,7 +16,7 @@ from html.parser import HTMLParser from recipetool.create import RecipeHandler, handle_license_vars from recipetool.create import guess_license, tidy_licenses, fixup_license from recipetool.create import determine_from_url -from urllib.error import URLError +from urllib.error import URLError, HTTPError import bb.utils import json @@ -225,7 +225,7 @@ class GoRecipeHandler(RecipeHandler): def __init__(self): super().__init__() - self.__srv = [] + self.__srv = {} def handle_starttag(self, tag, attrs): if tag == 'meta' and list( @@ -233,36 +233,34 @@ class GoRecipeHandler(RecipeHandler): content = list( filter(lambda a: (a[0] == 'content'), attrs)) if content: - self.__srv = content[0][1].split() + srv = content[0][1].split() + self.__srv[srv[0]] = srv - @property - def import_prefix(self): - return self.__srv[0] if len(self.__srv) else None - - @property - def vcs(self): - return self.__srv[1] if len(self.__srv) else None - - @property - def repourl(self): - return self.__srv[2] if len(self.__srv) else None + def go_import(self, modulepath): + if modulepath in self.__srv: + srv = self.__srv[modulepath] + return GoImport(srv[0], srv[1], srv[2], None) + return None url = url.geturl() + "?go-get=1" req = urllib.request.Request(url) try: - resp = urllib.request.urlopen(req) - + body = urllib.request.urlopen(req).read() + except HTTPError as http_err: + logger.warning( + "Unclean status when fetching page from [%s]: %s", url, str(http_err)) + body = http_err.fp.read() except URLError as url_err: logger.warning( "Failed to fetch page from [%s]: %s", url, str(url_err)) return None parser = GoImportHTMLParser() - parser.feed(resp.read().decode('utf-8')) + parser.feed(body.decode('utf-8')) parser.close() - return GoImport(parser.import_prefix, parser.vcs, parser.repourl, None) + return parser.go_import(modulepath) def __resolve_from_golang_proxy(self, modulepath, version): """ diff --git a/poky/scripts/lib/wic/partition.py b/poky/scripts/lib/wic/partition.py index 795707ec5d..bf2c34d594 100644 --- a/poky/scripts/lib/wic/partition.py +++ b/poky/scripts/lib/wic/partition.py @@ -284,19 +284,8 @@ class Partition(): extraopts = self.mkfs_extraopts or "-F -i 8192" - if os.getenv('SOURCE_DATE_EPOCH'): - sde_time = int(os.getenv('SOURCE_DATE_EPOCH')) - if pseudo: - pseudo = "export E2FSPROGS_FAKE_TIME=%s;%s " % (sde_time, pseudo) - else: - pseudo = "export E2FSPROGS_FAKE_TIME=%s; " % sde_time - - # Set hash_seed to generate deterministic directory indexes - namespace = uuid.UUID("e7429877-e7b3-4a68-a5c9-2f2fdf33d460") - if self.fsuuid: - namespace = uuid.UUID(self.fsuuid) - hash_seed = str(uuid.uuid5(namespace, str(sde_time))) - extraopts += " -E hash_seed=%s" % hash_seed + # use hash_seed to generate reproducible ext4 images + (extraopts, pseudo) = self.get_hash_seed_ext4(extraopts, pseudo) label_str = "" if self.label: @@ -344,6 +333,23 @@ class Partition(): self.check_for_Y2038_problem(rootfs, native_sysroot) + def get_hash_seed_ext4(self, extraopts, pseudo): + if os.getenv('SOURCE_DATE_EPOCH'): + sde_time = int(os.getenv('SOURCE_DATE_EPOCH')) + if pseudo: + pseudo = "export E2FSPROGS_FAKE_TIME=%s;%s " % (sde_time, pseudo) + else: + pseudo = "export E2FSPROGS_FAKE_TIME=%s; " % sde_time + + # Set hash_seed to generate deterministic directory indexes + namespace = uuid.UUID("e7429877-e7b3-4a68-a5c9-2f2fdf33d460") + if self.fsuuid: + namespace = uuid.UUID(self.fsuuid) + hash_seed = str(uuid.uuid5(namespace, str(sde_time))) + extraopts += " -E hash_seed=%s" % hash_seed + + return (extraopts, pseudo) + def prepare_rootfs_btrfs(self, rootfs, cr_workdir, oe_builddir, rootfs_dir, native_sysroot, pseudo): """ @@ -437,13 +443,16 @@ class Partition(): extraopts = self.mkfs_extraopts or "-i 8192" + # use hash_seed to generate reproducible ext4 images + (extraopts, pseudo) = self.get_hash_seed_ext4(extraopts, None) + label_str = "" if self.label: label_str = "-L %s" % self.label mkfs_cmd = "mkfs.%s -F %s %s -U %s %s" % \ (self.fstype, extraopts, label_str, self.fsuuid, rootfs) - exec_native_cmd(mkfs_cmd, native_sysroot) + exec_native_cmd(mkfs_cmd, native_sysroot, pseudo=pseudo) self.check_for_Y2038_problem(rootfs, native_sysroot) diff --git a/poky/scripts/oe-setup-build b/poky/scripts/oe-setup-build index 5364f2b481..c0476992a2 100755 --- a/poky/scripts/oe-setup-build +++ b/poky/scripts/oe-setup-build @@ -91,7 +91,16 @@ def setup_build_env(args): builddir = args.b if args.b else template["buildpath"] no_shell = args.no_shell coredir = os.path.abspath(os.path.join(os.path.dirname(os.path.realpath(__file__)), '..')) - cmd = "TEMPLATECONF={} . {} {}".format(template["templatepath"], os.path.join(coredir, 'oe-init-build-env'), builddir) + cmd_base = ". {} {}".format(os.path.join(coredir, 'oe-init-build-env'), os.path.abspath(builddir)) + + initbuild = os.path.join(builddir, 'init-build-env') + if not os.path.exists(initbuild): + os.makedirs(builddir, exist_ok=True) + with open(initbuild, 'w') as f: + f.write(cmd_base) + print("\nRun '. {}' to initialize the build in a current shell session.\n".format(initbuild)) + + cmd = "TEMPLATECONF={} {}".format(template["templatepath"], cmd_base) if not no_shell: cmd = cmd + " && {}".format(os.environ['SHELL']) print("Running:", cmd) |
