From patchwork Wed Dec 20 02:17:51 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36674
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D5A23C46CD3
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:13 +0000 (UTC)
Received: from mail-oo1-f43.google.com (mail-oo1-f43.google.com
 [209.85.161.43])
 by mx.groups.io with SMTP id smtpd.web11.13002.1703038690154582890
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:10 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=R/qbCtIf;
 spf=softfail (domain: sakoman.com, ip: 209.85.161.43,
 mailfrom: steve@sakoman.com)
Received: by mail-oo1-f43.google.com with SMTP id
 006d021491bc7-593efe46fc2so642338eaf.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038689;
 x=1703643489; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=trNk0h2FZTwUYw/ygvKUTVoI+8zyDVt+gPKzRha7WII=;
        b=R/qbCtIfilQIIrOp4OuatoLTNB4x76DrB3J3vkPM5+zWruun0/znODKUiarcwJSp8A
         12axe++AHZ/HSxmp8BHb9IfRN/PfoxBlkm8qA5VCXQB56ZXHtgH70udRk7h2XiGe2BdF
         wOHGMx6jPYkjHlf2PYvCiuo+GWsediKs4IB66EAucNq/9kiep9SGAt9s7P4VGabE5qut
         wHKk8pSWFrTSIVqIwMEw9h6KO9j7w2bLeBm70onT6yRxw+lyKrB1ioE5MxGnwijZBFLw
         it55+kHSsgQUPpqUJn1PFV4w39LAU4fM6aUPIZaP16+UwBvudchWXY4FMRw0MRuymWmz
         lPhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038689; x=1703643489;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=trNk0h2FZTwUYw/ygvKUTVoI+8zyDVt+gPKzRha7WII=;
        b=wcpwwSRRxyV20WhxoNMyZAFOINwJ7HpGG7JscBHKWagpxgFSG1IKEheWvDD0Ygw5EX
         2419KPKSR9gmcqIa38409w35XpukoTCEd/vas3QSWdinHPBTyk6MdI9GuCRAlOf2Wd4J
         t8gbNKKebFoWLjaaGM+gAS4bYGcMSRBOvh+wekAJhd9jEwP54XIbwm7gLLh/GfeBwyYE
         frxyw2OgFPqpbHQJBn2ILCybNshM36H05GPoDWSeb/0r4u0Cp8+/uB8CuHtjQbku1q8M
         Z8CBuJlmSNgm5CNo0soqY/hfqQgB7x7r0bQ8dsHbuxHYWqyqjWgXZeViZC3OJ9SeKKEx
         C/hQ==
X-Gm-Message-State: AOJu0Yxdmf+HozHoHgy63QOpS1SfAq6NiGLk1GUlEm9mBSoYqBWYik3h
	4n2+duDVX2PUk8lBq3F5DkhlcZJy3tXAnWlYhXVnGA==
X-Google-Smtp-Source: 
 AGHT+IHqRpEZOM+tNy89gdcFBi4kunNlvmK+Z3PXPaC+C7704VESdWyF0hhE5Htjdh6N/QDE6+fNfw==
X-Received: by 2002:a05:6358:42aa:b0:173:530:3d65 with SMTP id
 s42-20020a05635842aa00b0017305303d65mr643761rwc.60.1703038688530;
        Tue, 19 Dec 2023 18:18:08 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.07
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:08 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 1/9] avahi: add CVE-2023-38473.patch to SRC_URL
Date: Tue, 19 Dec 2023 16:17:51 -1000
Message-Id: 
 <c9abf1f8395692080576d0fe9b2f28ea2240741b.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:13 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192760

From: Lee Chee Yang <chee.yang.lee@intel.com>

patch file added since Oe-Core rev a9203c46cd64c3ec5e5b00e381bbac85733f85df but not part of SRC_URI.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb
index aa395beaf9..bfd945c7ae 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -34,6 +34,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
            file://CVE-2023-38471-1.patch \
            file://CVE-2023-38471-2.patch \
            file://CVE-2023-38472.patch \
+           file://CVE-2023-38473.patch \
            "
 
 GITHUB_BASE_URI = "https://github.com/lathiat/avahi/releases/"

From patchwork Wed Dec 20 02:17:52 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36676
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EDF51C46CD4
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:13 +0000 (UTC)
Received: from mail-oi1-f175.google.com (mail-oi1-f175.google.com
 [209.85.167.175])
 by mx.groups.io with SMTP id smtpd.web11.13004.1703038691827480407
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:11 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=keGMa6M4;
 spf=softfail (domain: sakoman.com, ip: 209.85.167.175,
 mailfrom: steve@sakoman.com)
Received: by mail-oi1-f175.google.com with SMTP id
 5614622812f47-3ba14203a34so4801296b6e.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038690;
 x=1703643490; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=KV+WiQbL6O8FB4YZBGyOKYN8UkMK7Ldx35YiB+5MM+U=;
        b=keGMa6M4x1nWteoqSozIXXzJKKcvE2WFwC2PqoMANWsoNyepymrnjMy3pVrJplWlh3
         0PvMkeID+g9mXvDHINV+2Tx4TyzqyjsN1GxZccbuUYi2S7K9zkkX98rS0/o71xrNnFNz
         QprGnwQgw4LxQ47TYbvU0PHSsPU/BwqFUQfTWkiNZOiK6VwbtPgikSefYHFYBMCNBFPe
         O72zK2zT7ZUuGJiwuU4ksllZLiameoZB/8R9GOefNzUNPhLrJVvUpLtIrfDreYDI7c57
         SfYxFEiIlD5Z7vk71YJIs6pkXtd3PBSrZ2bieZFariji1f0l24FU+t6AKGsdc09BEIvr
         3/6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038690; x=1703643490;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=KV+WiQbL6O8FB4YZBGyOKYN8UkMK7Ldx35YiB+5MM+U=;
        b=ra7vGqewUhv600Ii8ewbIUEnl0cVNcsokKqctyLBwCs4pMG3lpDQh5ugAeqRrsi74X
         +05Ky9bVze0aaACYYyS7kudRaH2OgaEa+kX0bWw3AkWcJS7lojQg9d/8tEft52fT6D4B
         yWT8+ZQd4SrcIYjsVA4ZCRpdyVDUtUjkc7JVGj3/ithVNq1LcYPwDnCy5CzaAJlm8D6/
         AGgDVhsOkCfy0hePY+ehAKCRxx14ZvAxrm6vnrJ1HXQA2oqtshJLkMywmh7xOlRdfjHT
         Jauw6qzGOeL6Kdy1QbbLafDJzTpTON/ifm3bemLhiYEt3IXXRqIXJqK8VU6KX9dYjbE3
         TCMg==
X-Gm-Message-State: AOJu0YxgSl1uaLeqKF5RPy2kof80bSmapvMpbAM3PVWFcQG6btvFzjtQ
	TFkZIXN/FSatx8YZY0F7Is9wL2nLLb5KwkkZP7/yyw==
X-Google-Smtp-Source: 
 AGHT+IE7cYqDpw1XNTowfnmJ9FILrSMeEKM6aSDZB0A6OAzifU6MNXN2SCxeU/hAKJj/Rw12eWe8/Q==
X-Received: by 2002:a05:6808:13c4:b0:3b9:dd20:1424 with SMTP id
 d4-20020a05680813c400b003b9dd201424mr25139683oiw.69.1703038690334;
        Tue, 19 Dec 2023 18:18:10 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.09
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:09 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 2/9] grub: fix CVE-2023-4692 CVE-2023-4693
Date: Tue, 19 Dec 2023 16:17:52 -1000
Message-Id: 
 <915208a01ce3a5fc6a0c636225e96d385709986b.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:13 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192761

From: Lee Chee Yang <chee.yang.lee@intel.com>

checkout CVE-2023-4692.patch from OE-Core rev:
c89835b37366dde6c74f8221fd5a295ecabf8225

checkout CVE-2023-4693.patch from OE-Core rev:
1bbbba098dba85ec1b875512d75f7eca9026e781

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../grub/files/CVE-2023-4692.patch            | 97 +++++++++++++++++++
 .../grub/files/CVE-2023-4693.patch            | 62 ++++++++++++
 meta/recipes-bsp/grub/grub2.inc               |  2 +
 3 files changed, 161 insertions(+)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4692.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4693.patch

diff --git a/meta/recipes-bsp/grub/files/CVE-2023-4692.patch b/meta/recipes-bsp/grub/files/CVE-2023-4692.patch
new file mode 100644
index 0000000000..4780e35b7a
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/CVE-2023-4692.patch
@@ -0,0 +1,97 @@
+From  43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001
+From: Maxim Suhanov <dfirblog@gmail.com>
+Date: Thu, 16 Nov 2023 07:21:50 +0000
+Subject: [PATCH] fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST
+ attribute for the $MFT file
+
+When parsing an extremely fragmented $MFT file, i.e., the file described
+using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer
+containing bytes read from the underlying drive to store sector numbers,
+which are consumed later to read data from these sectors into another buffer.
+
+These sectors numbers, two 32-bit integers, are always stored at predefined
+offsets, 0x10 and 0x14, relative to first byte of the selected entry within
+the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem.
+
+However, when parsing a specially-crafted file system image, this may cause
+the NTFS code to write these integers beyond the buffer boundary, likely
+causing the GRUB memory allocator to misbehave or fail. These integers contain
+values which are controlled by on-disk structures of the NTFS file system.
+
+Such modification and resulting misbehavior may touch a memory range not
+assigned to the GRUB and owned by firmware or another EFI application/driver.
+
+This fix introduces checks to ensure that these sector numbers are never
+written beyond the boundary.
+
+Fixes: CVE-2023-4692
+
+Reported-by: Maxim Suhanov <dfirblog@gmail.com>
+Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+CVE: CVE-2023-4692
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ grub-core/fs/ntfs.c | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
+index 2f34f76..6009e49 100644
+--- a/grub-core/fs/ntfs.c
++++ b/grub-core/fs/ntfs.c
+@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
+     }
+   if (at->attr_end)
+     {
+-      grub_uint8_t *pa;
++      grub_uint8_t *pa, *pa_end;
+
+       at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
+       if (at->emft_buf == NULL)
+@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
+	    }
+	  at->attr_nxt = at->edat_buf;
+	  at->attr_end = at->edat_buf + u32at (pa, 0x30);
++	  pa_end = at->edat_buf + n;
+	}
+       else
+	{
+	  at->attr_nxt = at->attr_end + u16at (pa, 0x14);
+	  at->attr_end = at->attr_end + u32at (pa, 4);
++	  pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
+	}
+       at->flags |= GRUB_NTFS_AF_ALST;
+       while (at->attr_nxt < at->attr_end)
+@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
+	  at->flags |= GRUB_NTFS_AF_GPOS;
+	  at->attr_cur = at->attr_nxt;
+	  pa = at->attr_cur;
++
++	  if ((pa >= pa_end) || (pa_end - pa < 0x18))
++	    {
++	      grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
++	      return NULL;
++	    }
++
+	  grub_set_unaligned32 ((char *) pa + 0x10,
+				grub_cpu_to_le32 (at->mft->data->mft_start));
+	  grub_set_unaligned32 ((char *) pa + 0x14,
+@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
+	    {
+	      if (*pa != attr)
+		break;
++
++              if ((pa >= pa_end) || (pa_end - pa < 0x18))
++                {
++	          grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
++	          return NULL;
++		}
++
+	      if (read_attr
+		  (at, pa + 0x10,
+		   u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
+--
+2.40.0
diff --git a/meta/recipes-bsp/grub/files/CVE-2023-4693.patch b/meta/recipes-bsp/grub/files/CVE-2023-4693.patch
new file mode 100644
index 0000000000..1b6013d86d
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/CVE-2023-4693.patch
@@ -0,0 +1,62 @@
+From 0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Mon Sep 17 00:00:00 2001
+From: Maxim Suhanov <dfirblog@gmail.com>
+Date: Mon, 28 Aug 2023 16:32:33 +0300
+Subject: [PATCH] fs/ntfs: Fix an OOB read when reading data from the resident
+ $DATA attribute
+
+When reading a file containing resident data, i.e., the file data is stored in
+the $DATA attribute within the NTFS file record, not in external clusters,
+there are no checks that this resident data actually fits the corresponding
+file record segment.
+
+When parsing a specially-crafted file system image, the current NTFS code will
+read the file data from an arbitrary, attacker-chosen memory offset and of
+arbitrary, attacker-chosen length.
+
+This allows an attacker to display arbitrary chunks of memory, which could
+contain sensitive information like password hashes or even plain-text,
+obfuscated passwords from BS EFI variables.
+
+This fix implements a check to ensure that resident data is read from the
+corresponding file record segment only.
+
+Fixes: CVE-2023-4693
+
+Reported-by: Maxim Suhanov <dfirblog@gmail.com>
+Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+Upstream-Status: Backport [https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=0ed2458cc4eff6d9a9199527e2a0b6d445802f94]
+CVE: CVE-2023-4693
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ grub-core/fs/ntfs.c | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
+index 7e43fd6..8f63c83 100644
+--- a/grub-core/fs/ntfs.c
++++ b/grub-core/fs/ntfs.c
+@@ -401,7 +401,18 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
+     {
+       if (ofs + len > u32at (pa, 0x10))
+ 	return grub_error (GRUB_ERR_BAD_FS, "read out of range");
+-      grub_memcpy (dest, pa + u32at (pa, 0x14) + ofs, len);
++
++      if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
++	return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
++
++      if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
++	return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
++
++      if (u16at (pa, 0x14) + u32at (pa, 0x10) >
++	  (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
++	return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
++
++      grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
+       return 0;
+     }
+ 
+-- 
+2.25.1
+
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc
index 41839698dc..f594e7d3a4 100644
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -42,6 +42,8 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
            file://CVE-2022-3775.patch \
            file://0001-risc-v-Handle-R_RISCV_CALL_PLT-reloc.patch \
            file://0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch \
+           file://CVE-2023-4692.patch \
+           file://CVE-2023-4693.patch \
 "
 
 SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f"

From patchwork Wed Dec 20 02:17:53 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36678
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B9F70C41535
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:23 +0000 (UTC)
Received: from mail-oo1-f52.google.com (mail-oo1-f52.google.com
 [209.85.161.52])
 by mx.groups.io with SMTP id smtpd.web11.13008.1703038693626881696
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:13 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=KRM72Egu;
 spf=softfail (domain: sakoman.com, ip: 209.85.161.52,
 mailfrom: steve@sakoman.com)
Received: by mail-oo1-f52.google.com with SMTP id
 006d021491bc7-593fef9bb8cso273346eaf.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038692;
 x=1703643492; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=T0OQLZ3xUYK/Ru7uUJwIX2Ok4Kf1FNS+8djWJ0qwBWo=;
        b=KRM72EguTbTcVV5Wj0qVFDCTlObI2KdyLqVh7S/2C73Wf/NeCL0gk6+n8cVYCmotHU
         Y58yL3hfFwvgntIV96w/5wF3Ew9N5Fm4Q3iVN7aJnm3fbcd1BPi6PufFEy0wEITU5iMX
         MHj0xMdDwDBW03on3vBsKJBR55UGyz4YKHNxr0NyF+0Ew7aCbnNmXYX67lHgxcw3FJSe
         TG3GIHsYYKHvaHr0qVnqGy+AxQrfxRZS184CpaJpicRsyH+Sod7j/DpPTWNRWnQI9+LH
         p2ZIpKYwVsf6D8IaBLAHAcT83ZFeocKI0gKfHV/9m5YGj5RPf6mJ4FRSDc8f/XzN3E4m
         1scQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038692; x=1703643492;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=T0OQLZ3xUYK/Ru7uUJwIX2Ok4Kf1FNS+8djWJ0qwBWo=;
        b=OmzbQl29vM89cQjxduPBn7aS+5qjFsCZeh4hfjjPIaEaG0YobW4sLclrFXjKwZ6kMT
         dYkD5imMG49pioqzlOyErkTo7o13axDPsdBlFV6OXC2WOYwpZQW9+25uZzQZfOB3qksq
         OtSi0qJx2P2dvLtqnp63c+2R/RnKt8uX6bRU9+kp4ZPAeXqD9h1G+52DPk+E8px2VcSX
         aZYvaTrsUVSwMLoKgE4pEB+i9XFeXeg4e5F0cRiQ/7C/IZtm7d7NiCMgJ1s5ZYG68jWj
         jYvCiIOPjd+eXIxbrHgQ3ATjxERVlAWOh3OlX+UQjDAOBR9stfYS12rqC/o1YwRB1QyD
         S7TA==
X-Gm-Message-State: AOJu0Yz3/hLc94snjQo70IiwX5mlp6+Ksnz0Aza2IuvADGCT569JV1rQ
	5HLsr1WbDZKG6km6hhpyImBfnCvvJfzQ2QvNpIFlPA==
X-Google-Smtp-Source: 
 AGHT+IFhuXkohSNtqOesE6udslh03iObU3c6EwyxncV3cqVTJ37RJUeM5VfJjq/FTfRP2m73VyE8iA==
X-Received: by 2002:a05:6358:9209:b0:170:1d30:56e0 with SMTP id
 d9-20020a056358920900b001701d3056e0mr21020567rwb.30.1703038692091;
        Tue, 19 Dec 2023 18:18:12 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.11
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:11 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 3/9] curl: fix CVE-2023-46218
Date: Tue, 19 Dec 2023 16:17:53 -1000
Message-Id: 
 <000b2a380021f2c7fd102b6523a986c2e7ad20ae.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:23 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192762

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../curl/curl/CVE-2023-46218.patch            | 52 +++++++++++++++++++
 meta/recipes-support/curl/curl_8.4.0.bb       |  1 +
 2 files changed, 53 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-46218.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2023-46218.patch b/meta/recipes-support/curl/curl/CVE-2023-46218.patch
new file mode 100644
index 0000000000..de2f095664
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2023-46218.patch
@@ -0,0 +1,52 @@
+CVE: CVE-2023-46218 
+Upstream-Status: Backport [ https://github.com/curl/curl/commit/2b0994c29a721c91c57 ]
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+
+From 2b0994c29a721c91c572cff7808c572a24d251eb Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 23 Nov 2023 08:15:47 +0100
+Subject: [PATCH] cookie: lowercase the domain names before PSL checks
+
+Reported-by: Harry Sintonen
+
+Closes #12387
+---
+ lib/cookie.c | 24 ++++++++++++++++--------
+ 1 file changed, 16 insertions(+), 8 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 568cf537ad1b1f..9095cea3e97f22 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -1027,15 +1027,23 @@ Curl_cookie_add(struct Curl_easy *data,
+    * dereference it.
+    */
+   if(data && (domain && co->domain && !Curl_host_is_ipnum(co->domain))) {
+-    const psl_ctx_t *psl = Curl_psl_use(data);
+-    int acceptable;
+-
+-    if(psl) {
+-      acceptable = psl_is_cookie_domain_acceptable(psl, domain, co->domain);
+-      Curl_psl_release(data);
++    bool acceptable = FALSE;
++    char lcase[256];
++    char lcookie[256];
++    size_t dlen = strlen(domain);
++    size_t clen = strlen(co->domain);
++    if((dlen < sizeof(lcase)) && (clen < sizeof(lcookie))) {
++      const psl_ctx_t *psl = Curl_psl_use(data);
++      if(psl) {
++        /* the PSL check requires lowercase domain name and pattern */
++        Curl_strntolower(lcase, domain, dlen + 1);
++        Curl_strntolower(lcookie, co->domain, clen + 1);
++        acceptable = psl_is_cookie_domain_acceptable(psl, lcase, lcookie);
++        Curl_psl_release(data);
++      }
++      else
++        acceptable = !bad_domain(domain, strlen(domain));
+     }
+-    else
+-      acceptable = !bad_domain(domain, strlen(domain));
+ 
+     if(!acceptable) {
+       infof(data, "cookie '%s' dropped, domain '%s' must not "
diff --git a/meta/recipes-support/curl/curl_8.4.0.bb b/meta/recipes-support/curl/curl_8.4.0.bb
index 5f97730bf4..8f1ba52692 100644
--- a/meta/recipes-support/curl/curl_8.4.0.bb
+++ b/meta/recipes-support/curl/curl_8.4.0.bb
@@ -13,6 +13,7 @@ SRC_URI = " \
     https://curl.se/download/${BP}.tar.xz \
     file://run-ptest \
     file://disable-tests \
+    file://CVE-2023-46218.patch \
 "
 SRC_URI[sha256sum] = "16c62a9c4af0f703d28bda6d7bbf37ba47055ad3414d70dec63e2e6336f2a82d"
 

From patchwork Wed Dec 20 02:17:54 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36677
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id BB079C46CD4
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:23 +0000 (UTC)
Received: from mail-ot1-f52.google.com (mail-ot1-f52.google.com
 [209.85.210.52])
 by mx.groups.io with SMTP id smtpd.web10.13131.1703038695478194179
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:15 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=Uo90LJEM;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.52,
 mailfrom: steve@sakoman.com)
Received: by mail-ot1-f52.google.com with SMTP id
 46e09a7af769-6db963bd3acso1477519a34.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038694;
 x=1703643494; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=3QJKbplk84hWZzw51ChPPYHfJpsArUK/4uJnongMyFE=;
        b=Uo90LJEMxeJe/PBRZui7dedJNkWKFliLH/zsqm65OqBJbKJXR6yg5ApA8x7izuvp20
         EMgFwJ14NaK2pd2YIVrvM1RCR9MjXTponxXxDHRVjSceHSR0ApQcTWQlrwSA++6QkeN7
         TirbwgK6FoklKGaaar5/jmlxfXpWrXyJJmMgtJRJ3wRJ3Pl4c7K+aHN06ZNbIMrA2x1K
         KyISEBN4XIK/BSDQ35isPK2kdbIU7gWyIlnuVrf3vgZE339Cnz4fSMhbjlVr5PkEaUDq
         HXyl8k6Zs1dOFQ+eH2RzBGP3Y8pEUl+M0QunA91DWuzW6CAPUgK/TDm6NXogUsK4CsXu
         aHRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038694; x=1703643494;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=3QJKbplk84hWZzw51ChPPYHfJpsArUK/4uJnongMyFE=;
        b=t71GgD0qjK8kpUTD6YaFnqY346g84RpH2DF9vJOw1R/lYHZo9BfSxvE0Wpb0CuVk7W
         32NflCalDjtTth3RejlmvlgkZ4ccL7+a9+JHYXW0bWgavfxDUmOoSEAWACdXm4qq/jVy
         /EgVat+5d/QoRk7ahujqJ4vsHrFe4n0d3ARN3Rxt/Zt3SLW52mHNOPG/rTyosq6uUQaJ
         ZAxHv4dWPGW/7hfqPEkpfFN+5cLMTVNmJFauZdp+xkgfwwjaTFwPSHuM64qNDsRCT7AD
         ZpKlbl+r/C/h88GIV/dNp7cn+IJqQ4rO56JsLfgXYYf1d5j3DWVzA3YTezB3apSXI+Vs
         e5RA==
X-Gm-Message-State: AOJu0YzA6VNcNu4fUVxbjjOF4b/d+miC6LieUWFCzjF25iDZMp8HN/bA
	ahzf4sYNJ8BtNC0OvjRy6y/PXKnvpDIc3kTaJEj/Pw==
X-Google-Smtp-Source: 
 AGHT+IG+JALQwaObCbdDx0bDhW6F7dxy7sR3ufUw7AY4mkc14DhK+L7kKoURcAOgTQ1JVJXY7eBjPw==
X-Received: by 2002:a05:6830:1297:b0:6d8:74e2:634e with SMTP id
 z23-20020a056830129700b006d874e2634emr16215406otp.40.1703038694046;
        Tue, 19 Dec 2023 18:18:14 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.12
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:13 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 4/9] perlcross: update to 1.5.2
Date: Tue, 19 Dec 2023 16:17:54 -1000
Message-Id: 
 <70b521284f8dbe3b38a2be9b312c632b3a51ef73.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:23 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192763

From: Lee Chee Yang <chee.yang.lee@intel.com>

remove upstreamed 0001-cnf-configure_pfmt.sh-add-32-bit-integer-format-defi.patch

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...mt.sh-add-32-bit-integer-format-defi.patch | 28 -------------------
 .../{perlcross_1.5.bb => perlcross_1.5.2.bb}  |  3 +-
 2 files changed, 1 insertion(+), 30 deletions(-)
 delete mode 100644 meta/recipes-devtools/perl-cross/files/0001-cnf-configure_pfmt.sh-add-32-bit-integer-format-defi.patch
 rename meta/recipes-devtools/perl-cross/{perlcross_1.5.bb => perlcross_1.5.2.bb} (86%)

diff --git a/meta/recipes-devtools/perl-cross/files/0001-cnf-configure_pfmt.sh-add-32-bit-integer-format-defi.patch b/meta/recipes-devtools/perl-cross/files/0001-cnf-configure_pfmt.sh-add-32-bit-integer-format-defi.patch
deleted file mode 100644
index 4de4a5b955..0000000000
--- a/meta/recipes-devtools/perl-cross/files/0001-cnf-configure_pfmt.sh-add-32-bit-integer-format-defi.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 920abf3dc39c851a655b719622c76a6f0dc9981d Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex@linutronix.de>
-Date: Tue, 5 Sep 2023 19:47:33 +0200
-Subject: [PATCH] cnf/configure_pfmt.sh: add 32 bit integer format definitions
-
-These started to matter in perl 5.38 where they are used to print
-line numbers.
-
-Upstream-Status: Submitted [https://github.com/arsv/perl-cross/pull/143]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
----
- cnf/configure_pfmt.sh | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/cnf/configure_pfmt.sh b/cnf/configure_pfmt.sh
-index 8f93da1..7bb4b6f 100644
---- a/cnf/configure_pfmt.sh
-+++ b/cnf/configure_pfmt.sh
-@@ -52,3 +52,9 @@ else
- 	define uvxformat '"lx"'
- 	define uvXUformat '"lX"'
- fi
-+
-+define i32dformat 'PRId32'
-+define u32uformat 'PRIu32'
-+define u32oformat 'PRIo32'
-+define u32xformat 'PRIx32'
-+define u32XUformat 'PRIX32'
diff --git a/meta/recipes-devtools/perl-cross/perlcross_1.5.bb b/meta/recipes-devtools/perl-cross/perlcross_1.5.2.bb
similarity index 86%
rename from meta/recipes-devtools/perl-cross/perlcross_1.5.bb
rename to meta/recipes-devtools/perl-cross/perlcross_1.5.2.bb
index 7ca4977b97..b41c182fad 100644
--- a/meta/recipes-devtools/perl-cross/perlcross_1.5.bb
+++ b/meta/recipes-devtools/perl-cross/perlcross_1.5.2.bb
@@ -15,11 +15,10 @@ SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/perl-cross-${PV}.tar.gz;name=perl-c
            file://0001-perl-cross-add-LDFLAGS-when-linking-libperl.patch \
            file://determinism.patch \
            file://0001-Makefile-check-the-file-if-patched-or-not.patch \
-           file://0001-cnf-configure_pfmt.sh-add-32-bit-integer-format-defi.patch \
            "
 GITHUB_BASE_URI = "https://github.com/arsv/perl-cross/releases/"
 
-SRC_URI[perl-cross.sha256sum] = "d744a390939e2ebb9a12f6725b4d9c19255a141d90031eff90ea183fdfcbf211"
+SRC_URI[perl-cross.sha256sum] = "584dc54c48dca25e032b676a15bef377c1fed9de318b4fc140292a5dbf326e90"
 
 S = "${WORKDIR}/perl-cross-${PV}"
 

From patchwork Wed Dec 20 02:17:55 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36681
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C88C1C46CD3
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:23 +0000 (UTC)
Received: from mail-oi1-f179.google.com (mail-oi1-f179.google.com
 [209.85.167.179])
 by mx.groups.io with SMTP id smtpd.web10.13133.1703038696825160563
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:16 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=RCwzOil/;
 spf=softfail (domain: sakoman.com, ip: 209.85.167.179,
 mailfrom: steve@sakoman.com)
Received: by mail-oi1-f179.google.com with SMTP id
 5614622812f47-3ba2dc0f6b7so4166558b6e.2
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038696;
 x=1703643496; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=mlv9p/RRwVFk8POifBFEpodEQPLsYjS9NTtCOyLeThI=;
        b=RCwzOil/xyRsYIUNo0Lv6GJ3gOUgFiZlYH2H7dCoADTjBdON7KOXS2gWacoqxp5VwG
         V7bOW9j2YC8byWZDVhHW/iU0LPGji9URLX4ojzdk0LAjK5l18h12wkxW16R4P+igb/Xw
         AsaZoxnwOj4M9wetgQinYs40UGKpRp/xXlcwzb64kcmz9mDT68VEg+MDNWYSCZWxy7af
         zxddDPtfuiqDxjZZ4cDr0+wMrxllJHF0KVb7vUvFrNsQeVBsvmLkoDQKvW0/77X0mx6L
         wJ1X9JoyD1fB7kwZKowKVhgWgJM+fWEpb56SROvQnPr1UBE5s3aH8HjB2LAIE78UchXH
         B82Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038696; x=1703643496;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=mlv9p/RRwVFk8POifBFEpodEQPLsYjS9NTtCOyLeThI=;
        b=bo9k3Wrhhbf3zD+h+18RP6zGh3Ap09YqrXpEiq5JKbvgfDItVcxi2gorv1lqY8aV3e
         N+UEc0LdmssG0/XMu6M75jD/qERF6IqW5A5osnV6gmQxrdVP7GXDTBqQYsDNbzmTrjaM
         f8N1IJcJpkqcPeVchSc2XU4kgFQiCAbpz1gCWcWxcGtUjQLy94nhaikHDordWSWxHMH9
         S7SpqsnO0ueGsbeNaXyghN/mDZKbZvaGGGDP126D2eaufviWhInX0GxDfr2E4tcciA8S
         XDk5byOlaE/m14XYqIms7CSw6NSZFYl5evY+FqxT1qPXRUHdEMjEaxts+CfHbH4iMsKf
         yV0A==
X-Gm-Message-State: AOJu0Yx5fubdu5CHRN9Zu8droaVgyx/qUD1Bgv59WE2Akq2N1WSc05f8
	PFZFJudqQf533kjKFCRsE6624408vofg7f60WTudjA==
X-Google-Smtp-Source: 
 AGHT+IH9Yf0AMZmSgxbXmzf9K8loQfwdLHDaBhy8Zg6ffWP3GUXz5zLqtcTM4LMP+SDQyBh1u3SqvQ==
X-Received: by 2002:a05:6808:bc7:b0:3b8:b063:5048 with SMTP id
 o7-20020a0568080bc700b003b8b0635048mr23619819oik.73.1703038695836;
        Tue, 19 Dec 2023 18:18:15 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.14
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:15 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 5/9] perl: 5.38.0 -> 5.38.2
Date: Tue, 19 Dec 2023 16:17:55 -1000
Message-Id: 
 <d429d25beb8d4afba106b6dec957269356cb57ef.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:23 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192764

From: Lee Chee Yang <chee.yang.lee@intel.com>

update include fix for CVE-2023-47100.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/perl/{perl_5.38.0.bb => perl_5.38.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/perl/{perl_5.38.0.bb => perl_5.38.2.bb} (99%)

diff --git a/meta/recipes-devtools/perl/perl_5.38.0.bb b/meta/recipes-devtools/perl/perl_5.38.2.bb
similarity index 99%
rename from meta/recipes-devtools/perl/perl_5.38.0.bb
rename to meta/recipes-devtools/perl/perl_5.38.2.bb
index 639664e355..a9d684cfc5 100644
--- a/meta/recipes-devtools/perl/perl_5.38.0.bb
+++ b/meta/recipes-devtools/perl/perl_5.38.2.bb
@@ -26,7 +26,7 @@ SRC_URI:append:class-target = " \
            file://encodefix.patch \
 "
 
-SRC_URI[perl.sha256sum] = "213ef58089d2f2c972ea353517dc60ec3656f050dcc027666e118b508423e517"
+SRC_URI[perl.sha256sum] = "a0a31534451eb7b83c7d6594a497543a54d488bc90ca00f5e34762577f40655e"
 
 B = "${WORKDIR}/perl-${PV}-build"
 

From patchwork Wed Dec 20 02:17:56 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36679
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D84F9C46CD8
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:23 +0000 (UTC)
Received: from mail-oi1-f169.google.com (mail-oi1-f169.google.com
 [209.85.167.169])
 by mx.groups.io with SMTP id smtpd.web10.13135.1703038698606833380
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:18 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=vQVF8yYp;
 spf=softfail (domain: sakoman.com, ip: 209.85.167.169,
 mailfrom: steve@sakoman.com)
Received: by mail-oi1-f169.google.com with SMTP id
 5614622812f47-3ba46a19689so4163204b6e.3
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038697;
 x=1703643497; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=s+dAlJVKflfrRauGc7SJbfqHImgOUt2B/AajciRV4ag=;
        b=vQVF8yYpRQ60Le3A5M0y9uL3/n9kioxl1PRqkdzor5foNHmFJbgQPAzXxmdVz411qU
         2x/K57MOOCAOxfvdc0hIe+RO1UyWDdsP418MsUA8rJOgFihwghzMkvEtSxJMTrLRb4rD
         IkaMsOvejN4wzK+M6ruW5EPVouVmjeZ+2+x3DGYdslAZIuWtlvDZNtRAe6wM9FP/nvuZ
         A3mgJPel8rPts8qUp7K/bUTHcNBGBKvKZjRt0hmWlmR5aV9Bxe4dmnagQ18BcuJs2//h
         hLjP1EAa1BjMpVrxHj2CV7RFbFDmSl6oWtgNoxC7G3wLcVXK4dV965qhgnsx/rboMB3W
         AXWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038697; x=1703643497;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=s+dAlJVKflfrRauGc7SJbfqHImgOUt2B/AajciRV4ag=;
        b=q6x969UwIEYppSB/Kw1pr3OKuUFNo1RuDwcyTS86fSBmjjxW9VmGG8Bibb9NX/SkEY
         Zte7CdHkn3G2GtStX7v6LvNxePKpj2SvDKJYbD+UUvKYsEFg4p7aN6k42Jfmm/tZZKgQ
         OmeMDp9rax5IL3VvzzLmsOL0+jGggNqR1+XUyMxiJ2UGWtnnBjypwN73gpS+Kj0bX+kX
         yY3BtpF+I6BUbgYl+TwXagVFGVwLW6bSmSZotKGZd0D2ev0P06jevj6Ep/GSfSyZXuqp
         yw/p+d6hmaGkHb4qGsKJWBLU3vXxkKpvu9szlJ8fdC8/ApNYTG9+sjNGWBOSEM0XUJmp
         1S6g==
X-Gm-Message-State: AOJu0YwHBQ3MjFS6ZQDnNhtpvukiRUxJpcCr7oWWvI1Z7Psd3kHYnAbc
	iGHeLzJx2DjlF5FEQIwHcMLLfDzr7w0aV9T9kQmepw==
X-Google-Smtp-Source: 
 AGHT+IE/9/pVRcScmBcDbJxbWZejEhJvaQ7/9AQjtdyr+JgoBbl+aCVPJT6eDeEqLr9EvjP3p9HpOQ==
X-Received: by 2002:a05:6808:1642:b0:3b8:b063:addf with SMTP id
 az2-20020a056808164200b003b8b063addfmr23625400oib.60.1703038697606;
        Tue, 19 Dec 2023 18:18:17 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.16
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:17 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 6/9] ghostscript: upgrade 10.02.0 -> 10.02.1
Date: Tue, 19 Dec 2023 16:17:56 -1000
Message-Id: 
 <a26c9acc8a853bfa13f08916c596a52da26088e4.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:23 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192765

From: Wang Mingyu <wangmy@fujitsu.com>

upgrade include CVE-2023-46751.

(cherry pick from Oe-Core rev: 9492c2d51a08fbd4c107540a5a833b1a3fb70504 )

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../{ghostscript_10.02.0.bb => ghostscript_10.02.1.bb}          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/ghostscript/{ghostscript_10.02.0.bb => ghostscript_10.02.1.bb} (97%)

diff --git a/meta/recipes-extended/ghostscript/ghostscript_10.02.0.bb b/meta/recipes-extended/ghostscript/ghostscript_10.02.1.bb
similarity index 97%
rename from meta/recipes-extended/ghostscript/ghostscript_10.02.0.bb
rename to meta/recipes-extended/ghostscript/ghostscript_10.02.1.bb
index 4bad0f86e1..18c296128a 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_10.02.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_10.02.1.bb
@@ -28,7 +28,7 @@ SRC_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/downlo
            file://configure.ac-add-option-to-explicitly-disable-neon.patch \
            "
 
-SRC_URI[sha256sum] = "e54062f166708d84ca82de9f8304a04344466080f936118b88082bd55ed6dc97"
+SRC_URI[sha256sum] = "e429e4f5b01615a4f0f93a4128e8a1a4d932dff983b1774174c79c0630717ad9"
 
 PACKAGECONFIG ??= ""
 PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+3"

From patchwork Wed Dec 20 02:17:57 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36680
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CBCA5C4706C
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:23 +0000 (UTC)
Received: from mail-ot1-f49.google.com (mail-ot1-f49.google.com
 [209.85.210.49])
 by mx.groups.io with SMTP id smtpd.web11.13010.1703038700750815262
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:20 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=t7hjDnRt;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.49,
 mailfrom: steve@sakoman.com)
Received: by mail-ot1-f49.google.com with SMTP id
 46e09a7af769-6d855efb920so4140802a34.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038699;
 x=1703643499; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=2OshZ1sNUuabAQCh9MrIaJrimvpyStRpUWGGi+sZt3A=;
        b=t7hjDnRtx1kCysfnjXJVi7eWbqgnTuwgRQ1ZJzzJyQ67E7WgUSsJwB2mmd2c59SazT
         0EfK6YFLzLz9mWKSZQkQPgNVkGk5nmfdm6BMeh7MRjCrosWQF348S0XKNzjqZ7k5ay+K
         0E7+cJAkig0M0IRrJm9t5Z/t/nNzdLr57dZXmVfMtgkKn8oO35eUst+7ecIzO6yO+5p9
         3iiYTvJ2TJXsGLx9IPDLD4DMrWyOs/jj/0XwqHaAWHFZ8mgHlP6dNrVA8lflLt8ln24F
         kBNLlY6KwYcbqxKbvRItQAkrPTSRRit+yHGwOvqMxLjTQ03UiEVlTucds9v0tjxrn/JP
         dBeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038699; x=1703643499;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=2OshZ1sNUuabAQCh9MrIaJrimvpyStRpUWGGi+sZt3A=;
        b=Hm4DmhoVHWk9AdXz85U8LSGNXp8/RP/CqT83NtGoCiktbZOsOsmPJVm6P2GQ5p8z/o
         59UlL0WVLQU6OFr1u0zdoBIgDSuIlJ41NHNDENPWckpnHpuspbtmaFVB3QBABUF1IngQ
         R3UYNIQZT5TkEoLpiH03Lj+Wm2VeG94Hcgq6yfLfkCB0TT1KmT5ipptCTTanItgTgVRf
         eJaCbMtWUiyBxJKPj4oLKZLh1Vxk2Cp56XswlVRfcsEwwMqDY3M8obwq6V7MEjcvNaAb
         ByFavEqxuWMklZmpPWrOBEMdF/Md1+uXPr4ZjEDYFlZhOXTtCaDa64OkEj4VlRn905Gk
         8JcQ==
X-Gm-Message-State: AOJu0YypVqjo6CBKAnD1DIduazTvsbyWi37EuUSy33Dz5ZBbv5f7glc2
	qDKllvnPBY8d0ZKdSFITJ6H+Huwr3jY8gwbB6BAkKA==
X-Google-Smtp-Source: 
 AGHT+IGcMrQY/xWt63J8bqJvs51YxX7iapVd4ec9X+VyUV3C2a4zxWf8siPGqoGDN/xQVQ8q/4Nh6A==
X-Received: by 2002:a05:6830:1b70:b0:6db:a849:c69a with SMTP id
 d16-20020a0568301b7000b006dba849c69amr1102015ote.68.1703038699357;
        Tue, 19 Dec 2023 18:18:19 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.18
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:19 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 7/9] glibc: stable 2.38 branch updates
Date: Tue, 19 Dec 2023 16:17:57 -1000
Message-Id: 
 <88e95c24c4b7b440e4ab4653fb93bddcb7524a58.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:23 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192766

From: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>

Below commits on glibc-2.38 stable branch are updated.
44f757a636 LoongArch: Delete excessively allocated memory.
bf5aa419cb elf: Fix wrong break removal from 8ee878592c
63dbbc5c52 sysdeps: sem_open: Clear O_CREAT when semaphore file is expected to exist [BZ #30789]
1e04dcec49 Revert "elf: Move l_init_called_next to old place of l_text_end in link map"
719866ab2f Revert "elf: Always call destructors in reverse constructor order (bug 30785)"
e0b6c9706c Revert "elf: Remove unused l_text_end field from struct link_map"

Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 19b98bc11a..0ef4289557 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.38/master"
 PV = "2.38+git"
-SRCREV_glibc ?= "750a45a783906a19591fb8ff6b7841470f1f5701"
+SRCREV_glibc ?= "44f757a6364a546359809d48c76b3debd26e77d4"
 SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"

From patchwork Wed Dec 20 02:17:58 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36682
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E79B2C4706E
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:23 +0000 (UTC)
Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com
 [209.85.210.176])
 by mx.groups.io with SMTP id smtpd.web10.13139.1703038702448545297
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:22 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=Db70Wdv7;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.176,
 mailfrom: steve@sakoman.com)
Received: by mail-pf1-f176.google.com with SMTP id
 d2e1a72fcca58-6d940d14d69so579356b3a.1
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038701;
 x=1703643501; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=PzI7KYQTTBbPgc4ypCIGs6vUjHzzPvoRwp7K8Is9f7E=;
        b=Db70Wdv7Z2COC3C0R4VuFxGG8chd10q4DEcZAXkttOtnNmlkBTfxZUGH3lnrW0XKxQ
         e+AQvxfa5P1ZAyQRLlmXN0Abne6HV6L0v4FUTTwtmw3650UrV+q/G8Lv0AEk64rb3FLK
         zV6pgvTP579vLEvdQxYd4fzNwq1FSxVzaym5WnyscN8p+it836YiS5Lwtxk2rBdydQpt
         nd57VFcgupHdt/TChqiCkRD3yHklE3H4NHDSzPOcXZcBLyaZCKTTkjacDrRkvGKNGz9d
         EM/1DaEq5qUFy/mHA45KLmXEZMxP5ts9yTdOSh4XI7sbJ2705cUdKh0vGOQGyUlef7XG
         fNFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038701; x=1703643501;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=PzI7KYQTTBbPgc4ypCIGs6vUjHzzPvoRwp7K8Is9f7E=;
        b=VtN4PO6RvAUVNu6EJa2Uv2ir7IiTUKEhxJpWN8XoR9GwSrmm7+ttkCmPsmA7IQivQM
         wZy8ynvb7NCfqrD31D8Iv3oubjlKJr6gcIcWTnW5LODOerCaEySy3dE9cjkPtMi6v+CS
         6MzI+v+9tWnwYJeCRxCHKpFaDs/j8nCS8t4DFnkarAJy6sPHv2TDLjHi597fAHqBBXLK
         LFrpsDJ6PiLLbKa+0FKHKnLtgW/5Emgz9RbuEwvhQYzU8pw48nyOCrbAPsnOHPWgzJnB
         zhPjr1ClALbi3rN3aHgllaGGLA0ESDNUG3XQK1O5aZVj4quQJeSiprErBTK9lDV2SjZh
         DebQ==
X-Gm-Message-State: AOJu0YyR9Ijkt5lXpL492PVbtAFJTxdlL+manFVYq2d48z1W+98h5cgW
	8EkWauEPRmf7OIdU6b8z+mLa4QSsL41ZhZdD9HucgA==
X-Google-Smtp-Source: 
 AGHT+IGinbhvJoU88aQQjasTSLV+Y2lXUaOF5CUtbTWYp38t7mn2+AmInCx+plwpGdp9knzUCPOqog==
X-Received: by 2002:a05:6a00:9a7:b0:6d7:affe:100d with SMTP id
 u39-20020a056a0009a700b006d7affe100dmr3479836pfg.13.1703038701129;
        Tue, 19 Dec 2023 18:18:21 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.20
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:20 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 8/9] binutils: stable 2.41 branch updates
Date: Tue, 19 Dec 2023 16:17:58 -1000
Message-Id: 
 <8408a44331a0c9e5ea86d822cebec06dcf495694.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:23 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192767

From: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>

Below commits on binutils-2.41 stable branch are updated.
eb49941e7e1 Gold/MIPS: Add targ_extra_size=64 for mips32 triples
c27eff41737 Gold/MIPS: Use EM_MIPS instead of EM_MIPS_RS3_LE for little endian
7fe76f02413 x86-64: fix suffix-less PUSH of symbol address

Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/binutils/binutils-2.41.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/binutils/binutils-2.41.inc b/meta/recipes-devtools/binutils/binutils-2.41.inc
index b4934c02a8..d4b239258d 100644
--- a/meta/recipes-devtools/binutils/binutils-2.41.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.41.inc
@@ -18,7 +18,7 @@ SRCBRANCH ?= "binutils-2_41-branch"
 
 UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
 
-SRCREV ?= "cb4c3555ac4cf8aaf0935cb6e4b09e6882436d21"
+SRCREV ?= "e13f70c7fcb2f4a39ddad4ccb83660dbfee2caeb"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"
 SRC_URI = "\
      ${BINUTILS_GIT_URI} \

From patchwork Wed Dec 20 02:17:59 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve Sakoman <steve@sakoman.com>
X-Patchwork-Id: 36683
Return-Path: <steve@sakoman.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id DE3F8C41535
	for <webhook@archiver.kernel.org>; Wed, 20 Dec 2023 02:18:33 +0000 (UTC)
Received: from mail-ot1-f51.google.com (mail-ot1-f51.google.com
 [209.85.210.51])
 by mx.groups.io with SMTP id smtpd.web10.13141.1703038704316748210
 for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:24 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601
 header.b=yAS6atxR;
 spf=softfail (domain: sakoman.com, ip: 209.85.210.51,
 mailfrom: steve@sakoman.com)
Received: by mail-ot1-f51.google.com with SMTP id
 46e09a7af769-6d9f7af8918so4431550a34.0
        for <openembedded-core@lists.openembedded.org>;
 Tue, 19 Dec 2023 18:18:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1703038703;
 x=1703643503; darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Sv9XcYvKxFpqCORI4uNypTNU6QajM1q7A+fOEZUImwg=;
        b=yAS6atxRLzgiM9s6NfrITowBubRPqNJ2UEFUbkjvn9blUMrDXRyx780kyBZLYDb2T7
         GFywftbMPFOfCec8HkB+dHYMmd6B1sUQ6R7JmoAOHbeZgH3FHPcpI7Ge9flxh1jNYbyy
         Y0+BUzWr+IDERkyJt9S3ct9FVhKqqK2airV7CLfdsjBOJMFxBQeKcnp4evoVh6VNj5jS
         Pp+tmefZGlVQeWuNEX3QDun3rHqL4NzXL6M9fit10LR/un5gKlx+gFsTNUox7t9Hz4AZ
         amx053vYeBewlAxpua2yATnwXKKYB2VE9MT8N1S8LRSeaRZkH/nl5P9U9hdyqkTnOnwR
         IVeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1703038703; x=1703643503;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Sv9XcYvKxFpqCORI4uNypTNU6QajM1q7A+fOEZUImwg=;
        b=oTwAc705PVyI5BxLJnjS5V+mLd0XZGWmag7YMz5h3Gh8tNwe8GN9UA3PSQTCaZ5YM7
         PIsM73WBCnxPXBhoIGC8pXvaSLyIBHChROWrh7ni4JtNRVjUfi4hl1zj1u7APik3YWig
         7cIqzRmf+yTx1+AEjK9yZQOIO/cmbWv57LG4pSo1SN3QLP8aoe4/uCpKK30L/cK+2TaU
         smn8jIogO5w/I5QtnC1m2uF4pRAYitJiYzhf9moJrAaKBznP81Gwi9tTfkp5k/NZusnJ
         IcOo6J3LcaKwtyh7EohINUKNzzIjTlc9vAJHzeMUeDe4Vmgyyo8hKHAdu1UcOULiRlXa
         TPqA==
X-Gm-Message-State: AOJu0YwMQdLJJhyseDrp7/mpQnmpOo/GMA5k9Wpb7Bqqic8xg6Eyod35
	2IXICFqU+UsRddKl2BDCKD28RVK+7Tk3QjNet0ExEw==
X-Google-Smtp-Source: 
 AGHT+IHySIec2FVfvbUQmGYekSMvLMfUl0nyEiteFniSruGZqHywQGweb26MeDdZ2yvB4sjtz+s4JA==
X-Received: by 2002:a05:6808:17a6:b0:3b9:de62:3738 with SMTP id
 bg38-20020a05680817a600b003b9de623738mr24692397oib.26.1703038702882;
        Tue, 19 Dec 2023 18:18:22 -0800 (PST)
Received: from hexa.router0800d9.com (dhcp-72-234-108-41.hawaiiantel.net.
 [72.234.108.41])
        by smtp.gmail.com with ESMTPSA id
 d6-20020aa78146000000b006d945660076sm367103pfn.59.2023.12.19.18.18.22
        for <openembedded-core@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 18:18:22 -0800 (PST)
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 9/9] perf: lift TARGET_CC_ARCH modification out of
 security_flags.inc
Date: Tue, 19 Dec 2023 16:17:59 -1000
Message-Id: 
 <34f2f67055a9a29765629abef28ffa6b66c8ed41.1703038443.git.steve@sakoman.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1703038443.git.steve@sakoman.com>
References: <cover.1703038443.git.steve@sakoman.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Wed, 20 Dec 2023 02:18:33 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/192768

From: Rasmus Villemoes <rasmus.villemoes@prevas.dk>

Building perf without security_flags.inc being included in one's
distro results in the buildpaths warning

WARNING: perf-1.0-r9 do_package_qa: QA Issue: File /usr/bin/trace in
package perf contains reference to TMPDIR

because the ${DEBUG_PREFIX_MAP} does not get used. Most recipes get
that from CFLAGS, but the perf recipe explicitly unsets that.

Now ${SELECTED_OPTIMIZATION} of course contains more than just
${DEBUG_FLAGS}/${DEBUG_PREFIX_MAP}. For most TUs, perf's build system
adds its own optimization flags (-O6 for odd reasons), so for those
including the -O2 or -Og doesn't change anything. But looking at the
.o.cmd files show that there are some TUs which currently get built
without any -O flag. So for those adding the distro's
SELECTED_OPTIMIZATION seem to be the right thing to do.

(cherry-picked from Oe-Core rev: aa01c9122ef4a2159df503ef6ed25e802277f13a)

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/security_flags.inc | 1 -
 meta/recipes-kernel/perf/perf.bb            | 9 +++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index 2972f05b4e..d97a6edb0f 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -69,4 +69,3 @@ SECURITY_LDFLAGS:pn-xserver-xorg = "${SECURITY_X_LDFLAGS}"
 TARGET_CC_ARCH:append:pn-binutils = " ${SELECTED_OPTIMIZATION}"
 TARGET_CC_ARCH:append:pn-gcc = " ${SELECTED_OPTIMIZATION}"
 TARGET_CC_ARCH:append:pn-gdb = " ${SELECTED_OPTIMIZATION}"
-TARGET_CC_ARCH:append:pn-perf = " ${SELECTED_OPTIMIZATION}"
diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb
index 675acfaf26..a392166e73 100644
--- a/meta/recipes-kernel/perf/perf.bb
+++ b/meta/recipes-kernel/perf/perf.bb
@@ -73,6 +73,15 @@ SPDX_S = "${S}/tools/perf"
 # supported kernel.
 LDFLAGS="-ldl -lutil"
 
+# Perf's build system adds its own optimization flags for most TUs,
+# overriding the flags included here. But for some, perf does not add
+# any -O option, so ensure the distro's chosen optimization gets used
+# for those. Since ${SELECTED_OPTIMIZATION} always includes
+# ${DEBUG_FLAGS} which in turn includes ${DEBUG_PREFIX_MAP}, this also
+# ensures perf is built with appropriate -f*-prefix-map options,
+# avoiding the 'buildpaths' QA warning.
+TARGET_CC_ARCH += "${SELECTED_OPTIMIZATION}"
+
 EXTRA_OEMAKE = '\
     V=1 \
     VF=1 \