| Message ID | 20230921091109.6998-1-jonas.gorski@bisdn.de |
|---|---|
| State | Under Review |
| Headers | show |
| Series | [meta-networking,v2] frr: upgrade 8.4.4 -> 9.0.1 | expand |
seeing a build error on AB
| vtysh/vtysh_cmd.c:9:8: error: 'VTYSH_LIB' undeclared here (not in a
function); did you mean 'VTYSH_RIPD'?
| 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh,
| | ^~~~~~~~~
| ./lib/command.h:250:27: note: in definition of macro 'DEFUN_CMD_ELEMENT'
| 250 | .daemon = dnum,
\
| | ^~~~
| ./lib/command.h:320:9: note: in expansion of macro 'DEFSH_ATTR'
| 320 | DEFSH_ATTR(daemon, cmdname, cmdstr, helpstr, 0)
| | ^~~~~~~~~~
| vtysh/vtysh_cmd.c:9:1: note: in expansion of macro 'DEFSH'
| 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh,
| | ^~~~~
| make[1]: *** [Makefile:10563: vtysh/vtysh_cmd.o] Error 1
| make[1]: Leaving directory
'/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/9.0.1/git'
See
https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/3155/steps/15/logs/stdio
On Thu, Sep 21, 2023 at 2:11 AM Jonas Gorski <jonas.gorski@bisdn.de> wrote:
>
> Upgrade FRR to 9.0.1:
>
> * drop all existing patches since they are included in 9.0.1
> * add a patch fixing (harmless) error messages in log
> * license files moved to doc/licenses
> * protobuf-c-native (for protoc) and protobuf-c are now needed
>
> Changelogs:
> https://github.com/FRRouting/frr/releases/tag/frr-9.0.1
> https://github.com/FRRouting/frr/commit/31ed3dd753d62b5d8916998bc32814007e91364b
> https://github.com/FRRouting/frr/releases/tag/frr-9.0
> https://github.com/FRRouting/frr/commit/2863e7efbcd0cbfbd41d3be04c660d77df65d0ea
>
> Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
> ---
> v1 -> v2:
> * actually include the new patch
>
> ...check-for-python-x.y-emded.pc-not-py.patch | 33 ------
> ...-make-quiet-actually-suppress-output.patch | 58 ++++++++++
> .../frr/frr/CVE-2023-3748.patch | 54 ---------
> .../frr/frr/CVE-2023-41358.patch | 106 ------------------
> .../frr/frr/CVE-2023-41360.patch | 35 ------
> .../frr/{frr_8.4.4.bb => frr_9.0.1.bb} | 15 +--
> 6 files changed, 64 insertions(+), 237 deletions(-)
> delete mode 100644 meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch
> create mode 100644 meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch
> delete mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch
> delete mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch
> delete mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch
> rename meta-networking/recipes-protocols/frr/{frr_8.4.4.bb => frr_9.0.1.bb} (91%)
>
> diff --git a/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch b/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch
> deleted file mode 100644
> index 872a67c7840b..000000000000
> --- a/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch
> +++ /dev/null
> @@ -1,33 +0,0 @@
> -From a82d704b1ec6ece47b01d12e0e067d4b62b10894 Mon Sep 17 00:00:00 2001
> -From: Alexander Kanavin <alex@linutronix.de>
> -Date: Wed, 9 Nov 2022 20:24:45 +0100
> -Subject: [PATCH] m4/ax_python.m4: check for python-x.y-emded.pc, not
> - python-x.y.pc
> -
> -Only the embed version includes necessary linker flags to link
> -with libpython.
> -
> -Upstream-Status: Backport
> -[https://github.com/FRRouting/frr/commit/a82d704b1ec6ece47b01d12e0e067d4b62b10894]
> -
> -Signed-off-by: Alexander Kanavin <alex@linutronix.de>
> ----
> - m4/ax_python.m4 | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/m4/ax_python.m4 b/m4/ax_python.m4
> -index 91d12b99b..f5e603b96 100644
> ---- a/m4/ax_python.m4
> -+++ b/m4/ax_python.m4
> -@@ -206,7 +206,7 @@ AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
> - AC_MSG_CHECKING([whether pkg-config python-${tryver} is available])
> - unset PYTHON_CFLAGS
> - unset PYTHON_LIBS
> -- pkg="python-${tryver}"
> -+ pkg="python-${tryver}-embed"
> - pkg="${pkg%-}"
> - _PKG_CONFIG([PYTHON_CFLAGS], [cflags], [${pkg}])
> - _PKG_CONFIG([PYTHON_LIBS], [libs], [${pkg}])
> ---
> -2.25.1
> -
> diff --git a/meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch b/meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch
> new file mode 100644
> index 000000000000..3e93cf3c474c
> --- /dev/null
> +++ b/meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch
> @@ -0,0 +1,58 @@
> +From 312d5ee1592f8c5b616d330233d1de2643f759e2 Mon Sep 17 00:00:00 2001
> +From: Jonas Gorski <jonas.gorski@bisdn.de>
> +Date: Thu, 14 Sep 2023 17:04:16 +0200
> +Subject: [PATCH] tools: make --quiet actually suppress output
> +
> +When calling daemon_stop() with --quiet and e.g. the pidfile is empty,
> +it won't return early since while "$fail" is set, "$2" is "--quiet", so
> +the if condition isn't met and it will continue executing, resulting
> +in error messages in the log:
> +
> +> Sep 14 14:48:33 localhost watchfrr[2085]: [YFT0P-5Q5YX] Forked background command [pid 2086]: /usr/lib/frr/watchfrr.sh restart all
> +> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec
> +> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec
> +> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec
> +
> +Fix this by moving the --quiet check into the block to log_failure_msg(),
> +and also add the check to all other invocations of log_*_msg() to make
> +--quiet properly suppress output.
> +
> +Fixes: 19a99d89f088 ("tools: suppress unuseful warnings during restarting frr")
> +Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
> +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/312d5ee1592f8c5b616d330233d1de2643f759e2]
> +---
> + tools/frrcommon.sh.in | 8 ++++----
> + 1 file changed, 4 insertions(+), 4 deletions(-)
> +
> +diff --git a/tools/frrcommon.sh.in b/tools/frrcommon.sh.in
> +index f1f70119097e..00b63a78e2bc 100755
> +--- a/tools/frrcommon.sh.in
> ++++ b/tools/frrcommon.sh.in
> +@@ -207,8 +207,8 @@ daemon_stop() {
> + [ -z "$fail" -a -z "$pid" ] && fail="pid file is empty"
> + [ -n "$fail" ] || kill -0 "$pid" 2>/dev/null || fail="pid $pid not running"
> +
> +- if [ -n "$fail" ] && [ "$2" != "--quiet" ]; then
> +- log_failure_msg "Cannot stop $dmninst: $fail"
> ++ if [ -n "$fail" ]; then
> ++ [ "$2" = "--quiet" ] || log_failure_msg "Cannot stop $dmninst: $fail"
> + return 1
> + fi
> +
> +@@ -220,11 +220,11 @@ daemon_stop() {
> + [ $(( cnt -= 1 )) -gt 0 ] || break
> + done
> + if kill -0 "$pid" 2>/dev/null; then
> +- log_failure_msg "Failed to stop $dmninst, pid $pid still running"
> ++ [ "$2" = "--quiet" ] || log_failure_msg "Failed to stop $dmninst, pid $pid still running"
> + still_running=1
> + return 1
> + else
> +- log_success_msg "Stopped $dmninst"
> ++ [ "$2" = "--quiet" ] || log_success_msg "Stopped $dmninst"
> + rm -f "$pidfile"
> + return 0
> + fi
> +--
> +2.42.0
> +
> diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch
> deleted file mode 100644
> index 4a8a7e1afdd8..000000000000
> --- a/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch
> +++ /dev/null
> @@ -1,54 +0,0 @@
> -From e61593f2ded104c4c7f01eb93e2b404e93e0c560 Mon Sep 17 00:00:00 2001
> -From: harryreps <harryreps@gmail.com>
> -Date: Fri, 3 Mar 2023 23:17:14 +0000
> -Subject: [PATCH] babeld: fix #11808 to avoid infinite loops
> -
> -Replacing continue in loops to goto done so that index of packet buffer
> -increases.
> -
> -Signed-off-by: harryreps <harryreps@gmail.com>
> -
> -CVE: CVE-2023-3748
> -
> -Upstream-Status: Backport
> -[https://github.com/FRRouting/frr/commit/ae1e0e1fed77716bc06f181ad68c4433fb5523d0]
> -
> -Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
> ----
> - babeld/message.c | 6 +++---
> - 1 file changed, 3 insertions(+), 3 deletions(-)
> -
> -diff --git a/babeld/message.c b/babeld/message.c
> -index 7d45d91bf..2bf233796 100644
> ---- a/babeld/message.c
> -+++ b/babeld/message.c
> -@@ -439,7 +439,7 @@ parse_packet(const unsigned char *from, struct interface *ifp,
> - debugf(BABEL_DEBUG_COMMON,
> - "Received Hello from %s on %s that does not have all 0's in the unused section of flags, ignoring",
> - format_address(from), ifp->name);
> -- continue;
> -+ goto done;
> - }
> -
> - /*
> -@@ -451,7 +451,7 @@ parse_packet(const unsigned char *from, struct interface *ifp,
> - debugf(BABEL_DEBUG_COMMON,
> - "Received Unicast Hello from %s on %s that FRR is not prepared to understand yet",
> - format_address(from), ifp->name);
> -- continue;
> -+ goto done;
> - }
> -
> - DO_NTOHS(seqno, message + 4);
> -@@ -469,7 +469,7 @@ parse_packet(const unsigned char *from, struct interface *ifp,
> - debugf(BABEL_DEBUG_COMMON,
> - "Received hello from %s on %s should be ignored as that this version of FRR does not know how to properly handle interval == 0",
> - format_address(from), ifp->name);
> -- continue;
> -+ goto done;
> - }
> -
> - changed = update_neighbour(neigh, seqno, interval);
> ---
> -2.25.1
> -
> diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch
> deleted file mode 100644
> index 59633ef69911..000000000000
> --- a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch
> +++ /dev/null
> @@ -1,106 +0,0 @@
> -From 9efd9a47db4f13ebf88c2ffe14301d7441bcb40d Mon Sep 17 00:00:00 2001
> -From: Donatas Abraitis <donatas@opensourcerouting.org>
> -Date: Tue, 22 Aug 2023 22:52:04 +0300
> -Subject: [PATCH 1/2] bgpd: Do not process NLRIs if the attribute length is
> - zero
> -
> -```
> -3 0x00007f423aa42476 in __GI_raise (sig=sig@entry=11) at ../sysdeps/posix/raise.c:26
> -4 0x00007f423aef9740 in core_handler (signo=11, siginfo=0x7fffc414deb0, context=<optimized out>) at lib/sigevent.c:246
> -5 <signal handler called>
> -6 0x0000564dea2fc71e in route_set_aspath_prepend (rule=0x564debd66d50, prefix=0x7fffc414ea30, object=0x7fffc414e400)
> - at bgpd/bgp_routemap.c:2258
> -7 0x00007f423aeec7e0 in route_map_apply_ext (map=<optimized out>, prefix=prefix@entry=0x7fffc414ea30,
> - match_object=match_object@entry=0x7fffc414e400, set_object=set_object@entry=0x7fffc414e400, pref=pref@entry=0x0) at lib/routemap.c:2690
> -8 0x0000564dea2d277e in bgp_input_modifier (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, attr=attr@entry=0x7fffc414e770,
> - afi=afi@entry=AFI_IP, safi=safi@entry=SAFI_UNICAST, rmap_name=rmap_name@entry=0x0, label=0x0, num_labels=0, dest=0x564debdd5130)
> - at bgpd/bgp_route.c:1772
> -9 0x0000564dea2df762 in bgp_update (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, addpath_id=addpath_id@entry=0,
> - attr=0x7fffc414eb50, afi=afi@entry=AFI_IP, safi=<optimized out>, safi@entry=SAFI_UNICAST, type=9, sub_type=0, prd=0x0, label=0x0,
> - num_labels=0, soft_reconfig=0, evpn=0x0) at bgpd/bgp_route.c:4374
> -10 0x0000564dea2e2047 in bgp_nlri_parse_ip (peer=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50, packet=0x7fffc414eaf0)
> - at bgpd/bgp_route.c:6249
> -11 0x0000564dea2c5a58 in bgp_nlri_parse (peer=peer@entry=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50,
> - packet=packet@entry=0x7fffc414eaf0, mp_withdraw=mp_withdraw@entry=false) at bgpd/bgp_packet.c:339
> -12 0x0000564dea2c5d66 in bgp_update_receive (peer=peer@entry=0x7f4238f59010, size=size@entry=109) at bgpd/bgp_packet.c:2024
> -13 0x0000564dea2c901d in bgp_process_packet (thread=<optimized out>) at bgpd/bgp_packet.c:2933
> -14 0x00007f423af0bf71 in event_call (thread=thread@entry=0x7fffc414ee40) at lib/event.c:1995
> -15 0x00007f423aebb198 in frr_run (master=0x564deb73c670) at lib/libfrr.c:1213
> -16 0x0000564dea261b83 in main (argc=<optimized out>, argv=<optimized out>) at bgpd/bgp_main.c:505
> -```
> -
> -With the configuration:
> -
> -```
> -frr version 9.1-dev-MyOwnFRRVersion
> -frr defaults traditional
> -hostname ip-172-31-13-140
> -log file /tmp/debug.log
> -log syslog
> -service integrated-vtysh-config
> -!
> -debug bgp keepalives
> -debug bgp neighbor-events
> -debug bgp updates in
> -debug bgp updates out
> -!
> -router bgp 100
> - bgp router-id 9.9.9.9
> - no bgp ebgp-requires-policy
> - bgp bestpath aigp
> - neighbor 172.31.2.47 remote-as 200
> - !
> - address-family ipv4 unicast
> - neighbor 172.31.2.47 default-originate
> - neighbor 172.31.2.47 route-map RM_IN in
> - exit-address-family
> -exit
> -!
> -route-map RM_IN permit 10
> - set as-path prepend 200
> -exit
> -!
> -```
> -
> -The issue is that we try to process NLRIs even if the attribute length is 0.
> -
> -Later bgp_update() will handle route-maps and a crash occurs because all the
> -attributes are NULL, including aspath, where we dereference.
> -
> -According to the RFC 4271:
> -
> -A value of 0 indicates that neither the Network Layer
> - Reachability Information field nor the Path Attribute field is
> - present in this UPDATE message.
> -
> -But with a fuzzed UPDATE message this can be faked. I think it's reasonable
> -to skip processing NLRIs if both update_len and attribute_len are 0.
> -
> -Reported-by: Iggy Frankovic <iggyfran@amazon.com>
> -Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
> -
> -Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/28ccc24d38df1d51ed8a563507e5d6f6171fdd38]
> -
> -CVE: CVE-2023-41358
> -
> -Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
> ----
> - bgpd/bgp_packet.c | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
> -index ec54943f3..3c2e73c59 100644
> ---- a/bgpd/bgp_packet.c
> -+++ b/bgpd/bgp_packet.c
> -@@ -1951,7 +1951,7 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size)
> - /* Network Layer Reachability Information. */
> - update_len = end - stream_pnt(s);
> -
> -- if (update_len) {
> -+ if (update_len && attribute_len) {
> - /* Set NLRI portion to structure. */
> - nlris[NLRI_UPDATE].afi = AFI_IP;
> - nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
> ---
> -2.35.5
> -
> diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch
> deleted file mode 100644
> index 8ee3985b428b..000000000000
> --- a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch
> +++ /dev/null
> @@ -1,35 +0,0 @@
> -From 9ecacf2176d2bac4b90e17d49facb8712c1b467a Mon Sep 17 00:00:00 2001
> -From: Donatas Abraitis <donatas@opensourcerouting.org>
> -Date: Sun, 20 Aug 2023 22:15:27 +0300
> -Subject: [PATCH 2/2] bgpd: Don't read the first byte of ORF header if we are
> - ahead of stream
> -
> -Reported-by: Iggy Frankovic iggyfran@amazon.com
> -Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
> -
> -Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/9b855a692e68e0d16467e190b466b4ecb6853702]
> -
> -CVE: CVE-2023-41360
> -
> -Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
> ----
> - bgpd/bgp_packet.c | 3 ++-
> - 1 file changed, 2 insertions(+), 1 deletion(-)
> -
> -diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
> -index 3c2e73c59..f1d0e54c0 100644
> ---- a/bgpd/bgp_packet.c
> -+++ b/bgpd/bgp_packet.c
> -@@ -2375,7 +2375,8 @@ static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
> - * and 7 bytes of ORF Address-filter entry from
> - * the stream
> - */
> -- if (*p_pnt & ORF_COMMON_PART_REMOVE_ALL) {
> -+ if (p_pnt < p_end &&
> -+ *p_pnt & ORF_COMMON_PART_REMOVE_ALL) {
> - if (bgp_debug_neighbor_events(peer))
> - zlog_debug(
> - "%pBP rcvd Remove-All pfxlist ORF request",
> ---
> -2.35.5
> -
> diff --git a/meta-networking/recipes-protocols/frr/frr_8.4.4.bb b/meta-networking/recipes-protocols/frr/frr_9.0.1.bb
> similarity index 91%
> rename from meta-networking/recipes-protocols/frr/frr_8.4.4.bb
> rename to meta-networking/recipes-protocols/frr/frr_9.0.1.bb
> index 826b6878065c..b656d91a97c0 100644
> --- a/meta-networking/recipes-protocols/frr/frr_8.4.4.bb
> +++ b/meta-networking/recipes-protocols/frr/frr_9.0.1.bb
> @@ -6,18 +6,15 @@ HOMEPAGE = "https://frrouting.org/"
> SECTION = "net"
>
> LICENSE = "GPL-2.0-only & LGPL-2.1-only"
> -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
> - file://COPYING-LGPLv2.1;md5=4fbd65380cdd255951079008b364516c"
> +LIC_FILES_CHKSUM = "file://doc/licenses/GPL-2.0;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
> + file://doc/licenses/LGPL-2.1;md5=4fbd65380cdd255951079008b364516c"
>
> -SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.4 \
> +SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/9.0 \
> file://frr.pam \
> - file://0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch \
> - file://CVE-2023-3748.patch \
> - file://CVE-2023-41358.patch \
> - file://CVE-2023-41360.patch \
> + file://0001-tools-make-quiet-actually-suppress-output.patch \
> "
>
> -SRCREV = "45e36c0c00a517ad1606135b18c5753e210cfc0d"
> +SRCREV = "31ed3dd753d62b5d8916998bc32814007e91364b"
>
> UPSTREAM_CHECK_GITTAGREGEX = "frr-(?P<pver>\d+(\.\d+)+)$"
>
> @@ -28,7 +25,7 @@ S = "${WORKDIR}/git"
> inherit autotools-brokensep python3native pkgconfig useradd systemd
>
> DEPENDS:class-native = "bison-native elfutils-native"
> -DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native"
> +DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native protobuf-c-native protobuf-c"
>
> RDEPENDS:${PN}:class-target = "iproute2 python3-core bash"
>
> --
> 2.42.0
>
>
> --
> BISDN GmbH
> Körnerstraße 7-10
> 10785 Berlin
> Germany
>
>
> Phone:
> +49-30-6108-1-6100
>
>
> Managing Directors:
> Dr.-Ing. Hagen Woesner, Andreas
> Köpsel
>
>
> Commercial register:
> Amtsgericht Berlin-Charlottenburg HRB 141569
> B
> VAT ID No: DE283257294
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#105040): https://lists.openembedded.org/g/openembedded-devel/message/105040
> Mute This Topic: https://lists.openembedded.org/mt/101496370/1997914
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [raj.khem@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Hi, Am Do., 21. Sept. 2023 um 23:34 Uhr schrieb Khem Raj <raj.khem@gmail.com>: > > seeing a build error on AB > > | vtysh/vtysh_cmd.c:9:8: error: 'VTYSH_LIB' undeclared here (not in a > function); did you mean 'VTYSH_RIPD'? > | 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh, > | | ^~~~~~~~~ > | ./lib/command.h:250:27: note: in definition of macro 'DEFUN_CMD_ELEMENT' > | 250 | .daemon = dnum, > \ > | | ^~~~ > | ./lib/command.h:320:9: note: in expansion of macro 'DEFSH_ATTR' > | 320 | DEFSH_ATTR(daemon, cmdname, cmdstr, helpstr, 0) > | | ^~~~~~~~~~ > | vtysh/vtysh_cmd.c:9:1: note: in expansion of macro 'DEFSH' > | 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh, > | | ^~~~~ > | make[1]: *** [Makefile:10563: vtysh/vtysh_cmd.o] Error 1 > | make[1]: Leaving directory > '/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/9.0.1/git' > > > See > https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/3155/steps/15/logs/stdio Weird, didn't happen for me, though admittedly, I used kirkstone for the (unmodified) recipe, since our distro is based on this. That line looks like this in my build: DEFSH (VTYSH_EIGRPD|VTYSH_OSPF6D|VTYSH_RIPD, accept_lifetime_day_month_day_month_cmd_vtysh, So it looks like something went wrong in generating that file. I'll (temporarily) switch our layers to master and try to replicate it there. Hooray for CI! Best Regards, Jonas
Am Fr., 22. Sept. 2023 um 10:25 Uhr schrieb Jonas Gorski <jonas.gorski@bisdn.de>: > > Hi, > > Am Do., 21. Sept. 2023 um 23:34 Uhr schrieb Khem Raj <raj.khem@gmail.com>: > > > > seeing a build error on AB > > > > | vtysh/vtysh_cmd.c:9:8: error: 'VTYSH_LIB' undeclared here (not in a > > function); did you mean 'VTYSH_RIPD'? > > | 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh, > > | | ^~~~~~~~~ > > | ./lib/command.h:250:27: note: in definition of macro 'DEFUN_CMD_ELEMENT' > > | 250 | .daemon = dnum, > > \ > > | | ^~~~ > > | ./lib/command.h:320:9: note: in expansion of macro 'DEFSH_ATTR' > > | 320 | DEFSH_ATTR(daemon, cmdname, cmdstr, helpstr, 0) > > | | ^~~~~~~~~~ > > | vtysh/vtysh_cmd.c:9:1: note: in expansion of macro 'DEFSH' > > | 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh, > > | | ^~~~~ > > | make[1]: *** [Makefile:10563: vtysh/vtysh_cmd.o] Error 1 > > | make[1]: Leaving directory > > '/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/9.0.1/git' > > > > > > See > > https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/3155/steps/15/logs/stdio > > Weird, didn't happen for me, though admittedly, I used kirkstone for > the (unmodified) recipe, since our distro is based on this. > > That line looks like this in my build: > > DEFSH (VTYSH_EIGRPD|VTYSH_OSPF6D|VTYSH_RIPD, > accept_lifetime_day_month_day_month_cmd_vtysh, > > So it looks like something went wrong in generating that file. > > I'll (temporarily) switch our layers to master and try to replicate it there. Could reproduce. Comparing e.g. the frr.xref generated on kirkstone and master shows this: @@ -3,7 +3,7 @@ "accept_lifetime_day_month_day_month_cmd": { "lib/libfrr.la": { "defun": { - "file": "lib/keychain.c", + "file": "/usr/src/debug/frr/9.0.1-r0/lib/keychain.c", "func": "accept_lifetime_day_month_day_month", "line": 620 }, so I guess somewhere there is now an absolute path instead of a relative path, and it doesn't find the files anymore, breaking stuff. Now to find out where that value comes from ... Jonas
Am Fr., 22. Sept. 2023 um 11:47 Uhr schrieb Jonas Gorski <jonas.gorski@bisdn.de>: > > Am Fr., 22. Sept. 2023 um 10:25 Uhr schrieb Jonas Gorski > <jonas.gorski@bisdn.de>: > > > > Hi, > > > > Am Do., 21. Sept. 2023 um 23:34 Uhr schrieb Khem Raj <raj.khem@gmail.com>: > > > > > > seeing a build error on AB > > > > > > | vtysh/vtysh_cmd.c:9:8: error: 'VTYSH_LIB' undeclared here (not in a > > > function); did you mean 'VTYSH_RIPD'? > > > | 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh, > > > | | ^~~~~~~~~ > > > | ./lib/command.h:250:27: note: in definition of macro 'DEFUN_CMD_ELEMENT' > > > | 250 | .daemon = dnum, > > > \ > > > | | ^~~~ > > > | ./lib/command.h:320:9: note: in expansion of macro 'DEFSH_ATTR' > > > | 320 | DEFSH_ATTR(daemon, cmdname, cmdstr, helpstr, 0) > > > | | ^~~~~~~~~~ > > > | vtysh/vtysh_cmd.c:9:1: note: in expansion of macro 'DEFSH' > > > | 9 | DEFSH (VTYSH_LIB, accept_lifetime_day_month_day_month_cmd_vtysh, > > > | | ^~~~~ > > > | make[1]: *** [Makefile:10563: vtysh/vtysh_cmd.o] Error 1 > > > | make[1]: Leaving directory > > > '/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/9.0.1/git' > > > > > > > > > See > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/3155/steps/15/logs/stdio > > > > Weird, didn't happen for me, though admittedly, I used kirkstone for > > the (unmodified) recipe, since our distro is based on this. > > > > That line looks like this in my build: > > > > DEFSH (VTYSH_EIGRPD|VTYSH_OSPF6D|VTYSH_RIPD, > > accept_lifetime_day_month_day_month_cmd_vtysh, > > > > So it looks like something went wrong in generating that file. > > > > I'll (temporarily) switch our layers to master and try to replicate it there. > > Could reproduce. > > Comparing e.g. the frr.xref generated on kirkstone and master shows this: > > @@ -3,7 +3,7 @@ > "accept_lifetime_day_month_day_month_cmd": { > "lib/libfrr.la": { > "defun": { > - "file": "lib/keychain.c", > + "file": "/usr/src/debug/frr/9.0.1-r0/lib/keychain.c", > "func": "accept_lifetime_day_month_day_month", > "line": 620 > }, > > so I guess somewhere there is now an absolute path instead of a > relative path, and it doesn't find the files anymore, breaking stuff. > > Now to find out where that value comes from ... So after an (automated) bisection I landed on [1] for FRR where stuff started to break with master, while inversely going through the CFLAGs passed, I landed on [2] which "broke" things. Reverting that commit makes FRR 9.0 compile in master. So I guess I'll add DEBUG_PREFIX_MAP:remove = "-fcanon-prefix-map" for now and send a v3. Best Regards, Jonas [1] https://github.com/FRRouting/frr/commit/89cb86aeb0262e17ee39c1d791effe9515bd0dc8 [2] https://git.openembedded.org/openembedded-core/commit/?id=abe97fa74b10c2c71d79bc3573d4edb509b111f5 b > > Jonas
diff --git a/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch b/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch deleted file mode 100644 index 872a67c7840b..000000000000 --- a/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch +++ /dev/null @@ -1,33 +0,0 @@ -From a82d704b1ec6ece47b01d12e0e067d4b62b10894 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex@linutronix.de> -Date: Wed, 9 Nov 2022 20:24:45 +0100 -Subject: [PATCH] m4/ax_python.m4: check for python-x.y-emded.pc, not - python-x.y.pc - -Only the embed version includes necessary linker flags to link -with libpython. - -Upstream-Status: Backport -[https://github.com/FRRouting/frr/commit/a82d704b1ec6ece47b01d12e0e067d4b62b10894] - -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - m4/ax_python.m4 | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/m4/ax_python.m4 b/m4/ax_python.m4 -index 91d12b99b..f5e603b96 100644 ---- a/m4/ax_python.m4 -+++ b/m4/ax_python.m4 -@@ -206,7 +206,7 @@ AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl - AC_MSG_CHECKING([whether pkg-config python-${tryver} is available]) - unset PYTHON_CFLAGS - unset PYTHON_LIBS -- pkg="python-${tryver}" -+ pkg="python-${tryver}-embed" - pkg="${pkg%-}" - _PKG_CONFIG([PYTHON_CFLAGS], [cflags], [${pkg}]) - _PKG_CONFIG([PYTHON_LIBS], [libs], [${pkg}]) --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch b/meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch new file mode 100644 index 000000000000..3e93cf3c474c --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch @@ -0,0 +1,58 @@ +From 312d5ee1592f8c5b616d330233d1de2643f759e2 Mon Sep 17 00:00:00 2001 +From: Jonas Gorski <jonas.gorski@bisdn.de> +Date: Thu, 14 Sep 2023 17:04:16 +0200 +Subject: [PATCH] tools: make --quiet actually suppress output + +When calling daemon_stop() with --quiet and e.g. the pidfile is empty, +it won't return early since while "$fail" is set, "$2" is "--quiet", so +the if condition isn't met and it will continue executing, resulting +in error messages in the log: + +> Sep 14 14:48:33 localhost watchfrr[2085]: [YFT0P-5Q5YX] Forked background command [pid 2086]: /usr/lib/frr/watchfrr.sh restart all +> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec +> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec +> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec + +Fix this by moving the --quiet check into the block to log_failure_msg(), +and also add the check to all other invocations of log_*_msg() to make +--quiet properly suppress output. + +Fixes: 19a99d89f088 ("tools: suppress unuseful warnings during restarting frr") +Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/312d5ee1592f8c5b616d330233d1de2643f759e2] +--- + tools/frrcommon.sh.in | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/tools/frrcommon.sh.in b/tools/frrcommon.sh.in +index f1f70119097e..00b63a78e2bc 100755 +--- a/tools/frrcommon.sh.in ++++ b/tools/frrcommon.sh.in +@@ -207,8 +207,8 @@ daemon_stop() { + [ -z "$fail" -a -z "$pid" ] && fail="pid file is empty" + [ -n "$fail" ] || kill -0 "$pid" 2>/dev/null || fail="pid $pid not running" + +- if [ -n "$fail" ] && [ "$2" != "--quiet" ]; then +- log_failure_msg "Cannot stop $dmninst: $fail" ++ if [ -n "$fail" ]; then ++ [ "$2" = "--quiet" ] || log_failure_msg "Cannot stop $dmninst: $fail" + return 1 + fi + +@@ -220,11 +220,11 @@ daemon_stop() { + [ $(( cnt -= 1 )) -gt 0 ] || break + done + if kill -0 "$pid" 2>/dev/null; then +- log_failure_msg "Failed to stop $dmninst, pid $pid still running" ++ [ "$2" = "--quiet" ] || log_failure_msg "Failed to stop $dmninst, pid $pid still running" + still_running=1 + return 1 + else +- log_success_msg "Stopped $dmninst" ++ [ "$2" = "--quiet" ] || log_success_msg "Stopped $dmninst" + rm -f "$pidfile" + return 0 + fi +-- +2.42.0 + diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch deleted file mode 100644 index 4a8a7e1afdd8..000000000000 --- a/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch +++ /dev/null @@ -1,54 +0,0 @@ -From e61593f2ded104c4c7f01eb93e2b404e93e0c560 Mon Sep 17 00:00:00 2001 -From: harryreps <harryreps@gmail.com> -Date: Fri, 3 Mar 2023 23:17:14 +0000 -Subject: [PATCH] babeld: fix #11808 to avoid infinite loops - -Replacing continue in loops to goto done so that index of packet buffer -increases. - -Signed-off-by: harryreps <harryreps@gmail.com> - -CVE: CVE-2023-3748 - -Upstream-Status: Backport -[https://github.com/FRRouting/frr/commit/ae1e0e1fed77716bc06f181ad68c4433fb5523d0] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - babeld/message.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/babeld/message.c b/babeld/message.c -index 7d45d91bf..2bf233796 100644 ---- a/babeld/message.c -+++ b/babeld/message.c -@@ -439,7 +439,7 @@ parse_packet(const unsigned char *from, struct interface *ifp, - debugf(BABEL_DEBUG_COMMON, - "Received Hello from %s on %s that does not have all 0's in the unused section of flags, ignoring", - format_address(from), ifp->name); -- continue; -+ goto done; - } - - /* -@@ -451,7 +451,7 @@ parse_packet(const unsigned char *from, struct interface *ifp, - debugf(BABEL_DEBUG_COMMON, - "Received Unicast Hello from %s on %s that FRR is not prepared to understand yet", - format_address(from), ifp->name); -- continue; -+ goto done; - } - - DO_NTOHS(seqno, message + 4); -@@ -469,7 +469,7 @@ parse_packet(const unsigned char *from, struct interface *ifp, - debugf(BABEL_DEBUG_COMMON, - "Received hello from %s on %s should be ignored as that this version of FRR does not know how to properly handle interval == 0", - format_address(from), ifp->name); -- continue; -+ goto done; - } - - changed = update_neighbour(neigh, seqno, interval); --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch deleted file mode 100644 index 59633ef69911..000000000000 --- a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 9efd9a47db4f13ebf88c2ffe14301d7441bcb40d Mon Sep 17 00:00:00 2001 -From: Donatas Abraitis <donatas@opensourcerouting.org> -Date: Tue, 22 Aug 2023 22:52:04 +0300 -Subject: [PATCH 1/2] bgpd: Do not process NLRIs if the attribute length is - zero - -``` -3 0x00007f423aa42476 in __GI_raise (sig=sig@entry=11) at ../sysdeps/posix/raise.c:26 -4 0x00007f423aef9740 in core_handler (signo=11, siginfo=0x7fffc414deb0, context=<optimized out>) at lib/sigevent.c:246 -5 <signal handler called> -6 0x0000564dea2fc71e in route_set_aspath_prepend (rule=0x564debd66d50, prefix=0x7fffc414ea30, object=0x7fffc414e400) - at bgpd/bgp_routemap.c:2258 -7 0x00007f423aeec7e0 in route_map_apply_ext (map=<optimized out>, prefix=prefix@entry=0x7fffc414ea30, - match_object=match_object@entry=0x7fffc414e400, set_object=set_object@entry=0x7fffc414e400, pref=pref@entry=0x0) at lib/routemap.c:2690 -8 0x0000564dea2d277e in bgp_input_modifier (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, attr=attr@entry=0x7fffc414e770, - afi=afi@entry=AFI_IP, safi=safi@entry=SAFI_UNICAST, rmap_name=rmap_name@entry=0x0, label=0x0, num_labels=0, dest=0x564debdd5130) - at bgpd/bgp_route.c:1772 -9 0x0000564dea2df762 in bgp_update (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, addpath_id=addpath_id@entry=0, - attr=0x7fffc414eb50, afi=afi@entry=AFI_IP, safi=<optimized out>, safi@entry=SAFI_UNICAST, type=9, sub_type=0, prd=0x0, label=0x0, - num_labels=0, soft_reconfig=0, evpn=0x0) at bgpd/bgp_route.c:4374 -10 0x0000564dea2e2047 in bgp_nlri_parse_ip (peer=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50, packet=0x7fffc414eaf0) - at bgpd/bgp_route.c:6249 -11 0x0000564dea2c5a58 in bgp_nlri_parse (peer=peer@entry=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50, - packet=packet@entry=0x7fffc414eaf0, mp_withdraw=mp_withdraw@entry=false) at bgpd/bgp_packet.c:339 -12 0x0000564dea2c5d66 in bgp_update_receive (peer=peer@entry=0x7f4238f59010, size=size@entry=109) at bgpd/bgp_packet.c:2024 -13 0x0000564dea2c901d in bgp_process_packet (thread=<optimized out>) at bgpd/bgp_packet.c:2933 -14 0x00007f423af0bf71 in event_call (thread=thread@entry=0x7fffc414ee40) at lib/event.c:1995 -15 0x00007f423aebb198 in frr_run (master=0x564deb73c670) at lib/libfrr.c:1213 -16 0x0000564dea261b83 in main (argc=<optimized out>, argv=<optimized out>) at bgpd/bgp_main.c:505 -``` - -With the configuration: - -``` -frr version 9.1-dev-MyOwnFRRVersion -frr defaults traditional -hostname ip-172-31-13-140 -log file /tmp/debug.log -log syslog -service integrated-vtysh-config -! -debug bgp keepalives -debug bgp neighbor-events -debug bgp updates in -debug bgp updates out -! -router bgp 100 - bgp router-id 9.9.9.9 - no bgp ebgp-requires-policy - bgp bestpath aigp - neighbor 172.31.2.47 remote-as 200 - ! - address-family ipv4 unicast - neighbor 172.31.2.47 default-originate - neighbor 172.31.2.47 route-map RM_IN in - exit-address-family -exit -! -route-map RM_IN permit 10 - set as-path prepend 200 -exit -! -``` - -The issue is that we try to process NLRIs even if the attribute length is 0. - -Later bgp_update() will handle route-maps and a crash occurs because all the -attributes are NULL, including aspath, where we dereference. - -According to the RFC 4271: - -A value of 0 indicates that neither the Network Layer - Reachability Information field nor the Path Attribute field is - present in this UPDATE message. - -But with a fuzzed UPDATE message this can be faked. I think it's reasonable -to skip processing NLRIs if both update_len and attribute_len are 0. - -Reported-by: Iggy Frankovic <iggyfran@amazon.com> -Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org> - -Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/28ccc24d38df1d51ed8a563507e5d6f6171fdd38] - -CVE: CVE-2023-41358 - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - bgpd/bgp_packet.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c -index ec54943f3..3c2e73c59 100644 ---- a/bgpd/bgp_packet.c -+++ b/bgpd/bgp_packet.c -@@ -1951,7 +1951,7 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size) - /* Network Layer Reachability Information. */ - update_len = end - stream_pnt(s); - -- if (update_len) { -+ if (update_len && attribute_len) { - /* Set NLRI portion to structure. */ - nlris[NLRI_UPDATE].afi = AFI_IP; - nlris[NLRI_UPDATE].safi = SAFI_UNICAST; --- -2.35.5 - diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch deleted file mode 100644 index 8ee3985b428b..000000000000 --- a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 9ecacf2176d2bac4b90e17d49facb8712c1b467a Mon Sep 17 00:00:00 2001 -From: Donatas Abraitis <donatas@opensourcerouting.org> -Date: Sun, 20 Aug 2023 22:15:27 +0300 -Subject: [PATCH 2/2] bgpd: Don't read the first byte of ORF header if we are - ahead of stream - -Reported-by: Iggy Frankovic iggyfran@amazon.com -Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org> - -Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/9b855a692e68e0d16467e190b466b4ecb6853702] - -CVE: CVE-2023-41360 - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - bgpd/bgp_packet.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c -index 3c2e73c59..f1d0e54c0 100644 ---- a/bgpd/bgp_packet.c -+++ b/bgpd/bgp_packet.c -@@ -2375,7 +2375,8 @@ static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size) - * and 7 bytes of ORF Address-filter entry from - * the stream - */ -- if (*p_pnt & ORF_COMMON_PART_REMOVE_ALL) { -+ if (p_pnt < p_end && -+ *p_pnt & ORF_COMMON_PART_REMOVE_ALL) { - if (bgp_debug_neighbor_events(peer)) - zlog_debug( - "%pBP rcvd Remove-All pfxlist ORF request", --- -2.35.5 - diff --git a/meta-networking/recipes-protocols/frr/frr_8.4.4.bb b/meta-networking/recipes-protocols/frr/frr_9.0.1.bb similarity index 91% rename from meta-networking/recipes-protocols/frr/frr_8.4.4.bb rename to meta-networking/recipes-protocols/frr/frr_9.0.1.bb index 826b6878065c..b656d91a97c0 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.4.4.bb +++ b/meta-networking/recipes-protocols/frr/frr_9.0.1.bb @@ -6,18 +6,15 @@ HOMEPAGE = "https://frrouting.org/" SECTION = "net" LICENSE = "GPL-2.0-only & LGPL-2.1-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING-LGPLv2.1;md5=4fbd65380cdd255951079008b364516c" +LIC_FILES_CHKSUM = "file://doc/licenses/GPL-2.0;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://doc/licenses/LGPL-2.1;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.4 \ +SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/9.0 \ file://frr.pam \ - file://0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch \ - file://CVE-2023-3748.patch \ - file://CVE-2023-41358.patch \ - file://CVE-2023-41360.patch \ + file://0001-tools-make-quiet-actually-suppress-output.patch \ " -SRCREV = "45e36c0c00a517ad1606135b18c5753e210cfc0d" +SRCREV = "31ed3dd753d62b5d8916998bc32814007e91364b" UPSTREAM_CHECK_GITTAGREGEX = "frr-(?P<pver>\d+(\.\d+)+)$" @@ -28,7 +25,7 @@ S = "${WORKDIR}/git" inherit autotools-brokensep python3native pkgconfig useradd systemd DEPENDS:class-native = "bison-native elfutils-native" -DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native" +DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native protobuf-c-native protobuf-c" RDEPENDS:${PN}:class-target = "iproute2 python3-core bash"
Upgrade FRR to 9.0.1: * drop all existing patches since they are included in 9.0.1 * add a patch fixing (harmless) error messages in log * license files moved to doc/licenses * protobuf-c-native (for protoc) and protobuf-c are now needed Changelogs: https://github.com/FRRouting/frr/releases/tag/frr-9.0.1 https://github.com/FRRouting/frr/commit/31ed3dd753d62b5d8916998bc32814007e91364b https://github.com/FRRouting/frr/releases/tag/frr-9.0 https://github.com/FRRouting/frr/commit/2863e7efbcd0cbfbd41d3be04c660d77df65d0ea Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> --- v1 -> v2: * actually include the new patch ...check-for-python-x.y-emded.pc-not-py.patch | 33 ------ ...-make-quiet-actually-suppress-output.patch | 58 ++++++++++ .../frr/frr/CVE-2023-3748.patch | 54 --------- .../frr/frr/CVE-2023-41358.patch | 106 ------------------ .../frr/frr/CVE-2023-41360.patch | 35 ------ .../frr/{frr_8.4.4.bb => frr_9.0.1.bb} | 15 +-- 6 files changed, 64 insertions(+), 237 deletions(-) delete mode 100644 meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/0001-tools-make-quiet-actually-suppress-output.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-41360.patch rename meta-networking/recipes-protocols/frr/{frr_8.4.4.bb => frr_9.0.1.bb} (91%)