new file mode 100644
@@ -0,0 +1,76 @@
+From ac1f8db9a0790d2bf153711ff4cbf6101f89aace Mon Sep 17 00:00:00 2001
+From: Brice Goglin <Brice.Goglin@inria.fr>
+Date: Wed, 23 Aug 2023 19:52:47 +0200
+Subject: [PATCH] linux: handle glibc cpuset allocation failures
+
+Closes #544
+CVE-2022-47022
+
+CVE: CVE-2022-47022
+
+Upstream-Status: Backport [https://github.com/open-mpi/hwloc/commit/ac1f8db9a0790d2bf153711ff4cbf6101f89aace]
+
+Signed-off-by: Brice Goglin <Brice.Goglin@inria.fr>
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ hwloc/topology-linux.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/hwloc/topology-linux.c b/hwloc/topology-linux.c
+index 3f059465d..030076e7f 100644
+--- a/hwloc/topology-linux.c
++++ b/hwloc/topology-linux.c
+@@ -878,6 +878,8 @@ hwloc_linux_set_tid_cpubind(hwloc_topology_t topology __hwloc_attribute_unused,
+
+ setsize = CPU_ALLOC_SIZE(last+1);
+ plinux_set = CPU_ALLOC(last+1);
++ if (!plinux_set)
++ return -1;
+
+ CPU_ZERO_S(setsize, plinux_set);
+ hwloc_bitmap_foreach_begin(cpu, hwloc_set)
+@@ -958,7 +960,10 @@ hwloc_linux_find_kernel_nr_cpus(hwloc_topology_t topology)
+ while (1) {
+ cpu_set_t *set = CPU_ALLOC(nr_cpus);
+ size_t setsize = CPU_ALLOC_SIZE(nr_cpus);
+- int err = sched_getaffinity(0, setsize, set); /* always works, unless setsize is too small */
++ int err;
++ if (!set)
++ return -1; /* caller will return an error, and we'll try again later */
++ err = sched_getaffinity(0, setsize, set); /* always works, unless setsize is too small */
+ CPU_FREE(set);
+ nr_cpus = setsize * 8; /* that's the value that was actually tested */
+ if (!err)
+@@ -986,8 +991,12 @@ hwloc_linux_get_tid_cpubind(hwloc_topology_t topology __hwloc_attribute_unused,
+
+ /* find the kernel nr_cpus so as to use a large enough cpu_set size */
+ kernel_nr_cpus = hwloc_linux_find_kernel_nr_cpus(topology);
++ if (kernel_nr_cpus < 0)
++ return -1;
+ setsize = CPU_ALLOC_SIZE(kernel_nr_cpus);
+ plinux_set = CPU_ALLOC(kernel_nr_cpus);
++ if (!plinux_set)
++ return -1;
+
+ err = sched_getaffinity(tid, setsize, plinux_set);
+
+@@ -1341,6 +1350,8 @@ hwloc_linux_set_thread_cpubind(hwloc_topology_t topology, pthread_t tid, hwloc_c
+
+ setsize = CPU_ALLOC_SIZE(last+1);
+ plinux_set = CPU_ALLOC(last+1);
++ if (!plinux_set)
++ return -1;
+
+ CPU_ZERO_S(setsize, plinux_set);
+ hwloc_bitmap_foreach_begin(cpu, hwloc_set)
+@@ -1432,6 +1443,8 @@ hwloc_linux_get_thread_cpubind(hwloc_topology_t topology, pthread_t tid, hwloc_b
+
+ setsize = CPU_ALLOC_SIZE(last+1);
+ plinux_set = CPU_ALLOC(last+1);
++ if (!plinux_set)
++ return -1;
+
+ err = pthread_getaffinity_np(tid, setsize, plinux_set);
+ if (err) {
+--
+2.40.0
@@ -7,7 +7,9 @@ SECTION = "base"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=79179bb373cd55cbd834463a514fb714"
-SRC_URI = "https://www.open-mpi.org/software/${BPN}/v2.9/downloads/${BP}.tar.bz2"
+SRC_URI = "https://www.open-mpi.org/software/${BPN}/v2.9/downloads/${BP}.tar.bz2 \
+ file://CVE-2022-47022.patch \
+ "
SRC_URI[sha256sum] = "2070e963596a2421b9af8eca43bdec113ee1107aaf7ccb475d4d3767a8856887"
UPSTREAM_CHECK_URI = "https://www.open-mpi.org/software/hwloc/v2.9/"
An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. References: https://nvd.nist.gov/vuln/detail/CVE-2022-47022 https://github.com/open-mpi/hwloc/issues/544 Upstream patches: https://github.com/open-mpi/hwloc/commit/ac1f8db9a0790d2bf153711ff4cbf6101f89aace Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> --- .../hwloc/files/CVE-2022-47022.patch | 76 +++++++++++++++++++ meta-oe/recipes-extended/hwloc/hwloc_2.9.0.bb | 4 +- 2 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch