[05/27] ppp: upgrade 2.4.9 -> 2.5.0

Message ID	20230509172344.1516743-5-alex@linutronix.de
State	Accepted, archived
Commit	5512bf4dfd299b8d5d474d9f26c2146b3e53514a
Headers	show Return-Path: <alex.kanavin@gmail.com> ip: 209.85.218.47, mailfrom: alex.kanavin@gmail.com) From: Alexander Kanavin <alex.kanavin@gmail.com> To: openembedded-core@lists.openembedded.org Cc: Alexander Kanavin <alex@linutronix.de> Subject: [PATCH 05/27] ppp: upgrade 2.4.9 -> 2.5.0 Date: Tue, 9 May 2023 19:23:22 +0200 Message-Id: <20230509172344.1516743-5-alex@linutronix.de> In-Reply-To: <20230509172344.1516743-1-alex@linutronix.de> References: <20230509172344.1516743-1-alex@linutronix.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[01/27] insane.bbclass: add a SUMMARY/HOMEPAGE check (oe-core recipes only) \| expand [01/27] insane.bbclass: add a SUMMARY/HOMEPAGE check (oe-core recipes only) [02/27] insane.bbclass: add a RECIPE_MAINTAINER check (oe-core recipes only) [03/27] apmd: remove recipe and apm MACHINE_FEATURE [04/27] glib-2.0: upgrade 2.74.6 -> 2.76.2 [05/27] ppp: upgrade 2.4.9 -> 2.5.0 [06/27] ovmf: update 202211 -> 202302 [07/27] btrfs-tools: update 6.1.3 -> 6.3 [08/27] elfutils: update 0.188 -> 0.189 [09/27] erofs-utils: update 1.5 -> 1.6 [10/27] llvm: update 15.0.7 -> 16.0.3 [11/27] meson: update 1.0.1 ->1.1.0 [12/27] perlcross: update 1.4 -> 1.4.1 [13/27] perl: update 5.36.0 -> 5.36.1 [14/27] rpm: update 4.18.0 -> 4.18.1 [15/27] valgrind: update 3.20.0 -> 3.21.0 [16/27] less: update 608 -> 633 [17/27] librsvf: update 2.54.5 -> 2.56.0 [18/27] libva: update 2.16 -> 2.18 [19/27] cryptodev: remove unneeded patch [20/27] gpgme: update 1.18.0 -> 1.20.0 [21/27] libatomic-ops: update 7.6.14 -> 7.8.0 [22/27] libgcrypt: update 1.10.1 -> 1.10.2 [23/27] libgpg-error: update 1.46 -> 1.47 [24/27] Remove usage of /var/volatile/tmp [25/27] gdb: enable python PACKAGECONFIG [26/27] createrepo-c: update 0.20.1 -> 0.21.1 [27/27] gcr: consider all versions, not only x.even.y

diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch deleted file mode 100644 index c91246dbf5c..00000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch +++ /dev/null @@ -1,36 +0,0 @@ -From aba3273273e826c6dc90f197ca9a3e800e826891 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@gmail.com> -Date: Fri, 5 Nov 2021 12:41:35 -0400 -Subject: [PATCH] ppp: fix build against 5.15 headers - -The 5.15 kernel has removed ipx support, along with the userspace -visible header. - -This support wasn't used previously (as it hasn't been very well -maintained in the kernel for several years), so we can simply -disable it in our build and wait for upstream to do a release that -drops the support. - -Upstream-Status: Inappropriate [OE-specific configuration/headers] - -Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> ---- - pppd/Makefile.linux | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index 22837c5..23b9b22 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -91,7 +91,7 @@ MAXOCTETS=y - - INCLUDE_DIRS= -I../include - --COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe -+COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP -pipe - - CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' - --- -2.25.1 - diff --git a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch b/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch deleted file mode 100644 index 4325b1d6b02..00000000000 --- a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch +++ /dev/null @@ -1,48 +0,0 @@ -From a75fb7b198eed50d769c80c36629f38346882cbf Mon Sep 17 00:00:00 2001 -From: Paul Mackerras <paulus@ozlabs.org> -Date: Thu, 4 Aug 2022 12:23:08 +1000 -Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer - -This fixes a potential vulnerability where data is written to spkt.buf -and rpkt.buf without a check on the array index. To fix this, we -check the array index (pkt->cnt) before storing the byte or -incrementing the count. This also means we no longer have a potential -signed integer overflow on the increment of pkt->cnt. - -Fortunately, pppdump is not used in the normal process of setting up a -PPP connection, is not installed setuid-root, and is not invoked -automatically in any scenario that I am aware of. - -Signed-off-by: Paul Mackerras <paulus@ozlabs.org> - -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> ---- - pppdump/pppdump.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c -index 2b815fc9..b85a8627 100644 ---- a/pppdump/pppdump.c -+++ b/pppdump/pppdump.c -@@ -297,6 +297,10 @@ dumpppp(f) - printf("%s aborted packet:\n ", dir); - q = " "; - } -+ if (pkt->cnt >= sizeof(pkt->buf)) { -+ printf("%s over-long packet truncated:\n ", dir); -+ q = " "; -+ } - nb = pkt->cnt; - p = pkt->buf; - pkt->cnt = 0; -@@ -400,7 +404,8 @@ dumpppp(f) - c ^= 0x20; - pkt->esc = 0; - } -- pkt->buf[pkt->cnt++] = c; -+ if (pkt->cnt < sizeof(pkt->buf)) -+ pkt->buf[pkt->cnt++] = c; - break; - } - } diff --git a/meta/recipes-connectivity/ppp/ppp/makefix.patch b/meta/recipes-connectivity/ppp/ppp/makefix.patch deleted file mode 100644 index fce068cae02..00000000000 --- a/meta/recipes-connectivity/ppp/ppp/makefix.patch +++ /dev/null @@ -1,40 +0,0 @@ -We were seeing reproducibility issues where one host would use the internal -logwtmp wrapper, another would use the one in libutil. The issue was that in -some cases the "\#include" was making it to CC, in others, "#include". The -issue seems to be related to shell escaping. - -The root cause looks to be: -http://git.savannah.gnu.org/cgit/make.git/commit/?id=c6966b323811c37acedff05b576b907b06aea5f4 - -Instead of relying on shell quoting, use make to indirect the variable -and avoid the problem. - -See https://github.com/paulusmack/ppp/issues/233 - -Upstream-Status: Backport [https://github.com/paulusmack/ppp/commit/b4430f7092ececdff2504d5f3393a4c6528c3686] -Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> - -Index: ppp-2.4.9/pppd/Makefile.linux -=================================================================== ---- ppp-2.4.9.orig/pppd/Makefile.linux -+++ ppp-2.4.9/pppd/Makefile.linux -@@ -80,7 +80,8 @@ PLUGIN=y - #USE_SRP=y - - # Use libutil; test if logwtmp is declared in <utmp.h> to detect --ifeq ($(shell echo '\#include <utmp.h>' | $(CC) -E - 2>/dev/null | grep -q logwtmp && echo yes),yes) -+UTMPHEADER = "\#include <utmp.h>" -+ifeq ($(shell echo $(UTMPHEADER) | $(CC) -E - 2>/dev/null | grep -q logwtmp && echo yes),yes) - USE_LIBUTIL=y - endif - -@@ -143,7 +144,8 @@ CFLAGS += -DHAS_SHADOW - #LIBS += -lshadow $(LIBS) - endif - --ifeq ($(shell echo '\#include <crypt.h>' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes) -+CRYPTHEADER = "\#include <crypt.h>" -+ifeq ($(shell echo $(CRYPTHEADER) | $(CC) -E - >/dev/null 2>&1 && echo yes),yes) - CFLAGS += -DHAVE_CRYPT_H=1 - LIBS += -lcrypt - endif diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb b/meta/recipes-connectivity/ppp/ppp_2.5.0.bb similarity index 77% rename from meta/recipes-connectivity/ppp/ppp_2.4.9.bb rename to meta/recipes-connectivity/ppp/ppp_2.5.0.bb index 7e3ae43b58e..4b052f8ed96 100644 --- a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb +++ b/meta/recipes-connectivity/ppp/ppp_2.5.0.bb @@ -12,7 +12,6 @@ LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77 file://chat/chat.c;beginline=1;endline=15;md5=0d374b8545ee5c62d7aff1acbd38add2" SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \ - file://makefix.patch \ file://pon \ file://poff \ file://init \ @@ -24,31 +23,15 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \ file://ppp_on_boot \ file://provider \ file://ppp@.service \ - file://0001-ppp-fix-build-against-5.15-headers.patch \ - file://CVE-2022-4603.patch \ " -SRC_URI[sha256sum] = "f938b35eccde533ea800b15a7445b2f1137da7f88e32a16898d02dee8adc058d" +SRC_URI[sha256sum] = "5cae0e8075f8a1755f16ca290eb44e6b3545d3f292af4da65ecffe897de636ff" -inherit autotools-brokensep systemd +inherit autotools systemd -TARGET_CC_ARCH += " ${LDFLAGS}" -EXTRA_OEMAKE = "CC='${CC}' STRIPPROG=${STRIP} MANDIR=${D}${datadir}/man/man8 INCDIR=${D}${includedir} LIBDIR=${D}${libdir}/pppd/${PV} BINDIR=${D}${sbindir}" -EXTRA_OECONF = "--disable-strip" - -# Package Makefile computes CFLAGS, referencing COPTS. -# Typically hard-coded to '-O2 -g' in the Makefile's. -# -EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl -I${S}/include"' - -EXTRA_OECONF:append:libc-musl = " --disable-ipxcp" - -do_configure () { - oe_runconf -} +EXTRA_OECONF += "--with-openssl=${STAGING_EXECPREFIXDIR}" do_install:append () { - make install-etcppp ETCDIR=${D}/${sysconfdir}/ppp mkdir -p ${D}${bindir}/ ${D}${sysconfdir}/init.d mkdir -p ${D}${sysconfdir}/ppp/ip-up.d/ mkdir -p ${D}${sysconfdir}/ppp/ip-down.d/ @@ -68,12 +51,6 @@ do_install:append () { install -m 0644 ${WORKDIR}/ppp@.service ${D}${systemd_system_unitdir} sed -i -e 's,@SBINDIR@,${sbindir},g' \ ${D}${systemd_system_unitdir}/ppp@.service - rm -rf ${D}/${mandir}/man8/man8 - chmod u+s ${D}${sbindir}/pppd -} - -do_install:append:libc-musl () { - install -Dm 0644 ${S}/include/net/ppp_defs.h ${D}${includedir}/net/ppp_defs.h } CONFFILES:${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options" @@ -96,5 +73,3 @@ SUMMARY:${PN}-password = "Plugin for PPP to get passwords via a pipe" SUMMARY:${PN}-l2tp = "Plugin for PPP for l2tp support" SUMMARY:${PN}-tools = "Additional tools for the PPP package" -# Ignore compatibility symlink rp-pppoe.so->pppoe.so -INSANE_SKIP:${PN}-oe += "dev-so"

[05/27] ppp: upgrade 2.4.9 -> 2.5.0

Commit Message

Patch