From patchwork Tue Jul 18 14:25:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27622 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1E1F2EB64DA for ; Tue, 18 Jul 2023 14:26:20 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.8991.1689690376551293150 for ; Tue, 18 Jul 2023 07:26:16 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=ppzcBhJ8; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-666ecb21f86so5796999b3a.3 for ; Tue, 18 Jul 2023 07:26:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690375; x=1692282375; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NE7UCODUc7HAcStqU4/nNFEjPbMAw8kW8g38Pnr97Ok=; b=ppzcBhJ8+w+CZXs16THTM67ydXr3HXOizY3drX1MVdyxBASuCHOi3IttO+3Lf4mH/Z fcuSejGXOUK05F3NO5SY8dGu1HP6hK6Ct4NmwR7aZFG4Ws+Y9ARTc/aj/XFzc/PRBQYB Dl9xS4X04aCX5+ny9E2GS55mMRiEW9i+k8g9/3vLpgmE9sWKqDj8auDtkvLZZHcHLKXX Q5CyoQlBlFj3FcuhaGHtAMBZzmMPeLfI9ezwn/cmUXh3ik64JZxeR0/gROO245RCy5JV lKWQjzI4LILu3cwNTe2+rW7DpCTXetY6c75UvErnxgB0WmePsSMiIWFf18FnjfEGWyMn 3Mpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690375; x=1692282375; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NE7UCODUc7HAcStqU4/nNFEjPbMAw8kW8g38Pnr97Ok=; b=BRLJg48tZfcrPcNIKJmk6SXSTEvPI9ZLDxprkSuZOj7lBUl3DUY0pz1GJHguSBjxVP 25HYIYeYOeD36qP6WXcYLWqB7hGACVa44w+wY6bvvV725vEFG8l8iuxRgnM3knZ5hpJZ KBo5xGKUbHTRnHzXULmH4xnnIh6ylkX0pt5d5kyZCJ6STBH9b1ruvZUHrw1M1c5lTHRA ruz9ZWOGEpM3K9HvazXb9NUVFaVrnT9QqU7HZ+5TmEHNjFRM2yEC6/+fBirn7bw1O8o1 GMrGuyM0iNp5VH3n6u0jYTh2oR2e5Ugrkpl3x5Kqp6DRpKCjUoKDzGiLzJ7nq4wyFN1C t+Uw== X-Gm-Message-State: ABy/qLZfGcqW4mvbf71hw/ZxvAN7iCxtVY1CujzSoAme34WNAhKmTH6q wpXcX6qt/yebSkUtUutngprM618Rb30PXjZ3cLI= X-Google-Smtp-Source: APBJJlE3lweAk+31tHHfStTseUPRZNeIfPH7gxkvJ01eAYwM3QzmTbDeyPLb+o+WtGRDRddGSyclrg== X-Received: by 2002:a05:6a00:1911:b0:682:5634:3df1 with SMTP id y17-20020a056a00191100b0068256343df1mr21452274pfi.10.1689690375351; Tue, 18 Jul 2023 07:26:15 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 01/27] perl: Fix CVE-2023-31486 Date: Tue, 18 Jul 2023 04:25:35 -1000 Message-Id: <5819c839e1de92ab7669a0d4997886d0306c4cc1.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184505 From: Soumya HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. References: https://nvd.nist.gov/vuln/detail/CVE-2023-31486 Upstream patches: https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d Signed-off-by: Soumya Signed-off-by: Steve Sakoman --- .../perl/files/CVE-2023-31486-0001.patch | 215 ++++++++++++++++++ .../perl/files/CVE-2023-31486-0002.patch | 36 +++ meta/recipes-devtools/perl/perl_5.34.1.bb | 2 + 3 files changed, 253 insertions(+) create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch diff --git a/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch b/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch new file mode 100644 index 0000000000..d29996ddcb --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch @@ -0,0 +1,215 @@ +From 77f557ef84698efeb6eed04e4a9704eaf85b741d +From: Stig Palmquist +Date: Mon Jun 5 16:46:22 2023 +0200 +Subject: [PATCH] Change verify_SSL default to 1, add ENV var to enable + insecure default - Changes the `verify_SSL` default parameter from `0` to `1` + + Based on patch by Dominic Hargreaves: + https://salsa.debian.org/perl-team/interpreter/perl/-/commit/1490431e40e22052f75a0b3449f1f53cbd27ba92 + + CVE: CVE-2023-31486 + +- Add check for `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` that + enables the previous insecure default behaviour if set to `1`. + + This provides a workaround for users who encounter problems with the + new `verify_SSL` default. + + Example to disable certificate checks: + ``` + $ PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 ./script.pl + ``` + +- Updates to documentation: + - Describe changing the verify_SSL value + - Describe the escape-hatch environment variable + - Remove rationale for not enabling verify_SSL + - Add missing certificate search paths + - Replace "SSL" with "TLS/SSL" where appropriate + - Use "machine-in-the-middle" instead of "man-in-the-middle" + +Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d] + +Signed-off-by: Soumya +--- + cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 86 ++++++++++++++++++++++----------- + 1 file changed, 57 insertions(+), 29 deletions(-) + +diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +index 5803e45..1808c41 100644 +--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm ++++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +@@ -39,10 +39,14 @@ sub _croak { require Carp; Carp::croak(@_) } + #pod C<$ENV{no_proxy}> —) + #pod * C — Request timeout in seconds (default is 60) If a socket open, + #pod read or write takes longer than the timeout, an exception is thrown. +-#pod * C — A boolean that indicates whether to validate the SSL +-#pod certificate of an C — connection (default is false) ++#pod * C — A boolean that indicates whether to validate the TLS/SSL ++#pod certificate of an C — connection (default is true). Changed from false ++#pod to true in version 0.083. + #pod * C — A hashref of C — options to pass through to + #pod L ++#pod * C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> - Changes the default ++#pod certificate verification behavior to not check server identity if set to 1. ++#pod Only effective if C is not set. Added in version 0.083. + #pod + #pod Passing an explicit C for C, C or C will + #pod prevent getting the corresponding proxies from the environment. +@@ -108,11 +112,17 @@ sub timeout { + sub new { + my($class, %args) = @_; + ++ # Support lower case verify_ssl argument, but only if verify_SSL is not ++ # true. ++ if ( exists $args{verify_ssl} ) { ++ $args{verify_SSL} ||= $args{verify_ssl}; ++ } ++ + my $self = { + max_redirect => 5, + timeout => defined $args{timeout} ? $args{timeout} : 60, + keep_alive => 1, +- verify_SSL => $args{verify_SSL} || $args{verify_ssl} || 0, # no verification by default ++ verify_SSL => defined $args{verify_SSL} ? $args{verify_SSL} : _verify_SSL_default(), + no_proxy => $ENV{no_proxy}, + }; + +@@ -131,6 +141,13 @@ sub new { + return $self; + } + ++sub _verify_SSL_default { ++ my ($self) = @_; ++ # Check if insecure default certificate verification behaviour has been ++ # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 ++ return (($ENV{PERL_HTTP_TINY_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; ++} ++ + sub _set_proxies { + my ($self) = @_; + +@@ -1038,7 +1055,7 @@ sub new { + timeout => 60, + max_line_size => 16384, + max_header_lines => 64, +- verify_SSL => 0, ++ verify_SSL => HTTP::Tiny::_verify_SSL_default(), + SSL_options => {}, + %args + }, $class; +@@ -2009,11 +2026,11 @@ proxy + timeout + verify_SSL + +-=head1 SSL SUPPORT ++=head1 TLS/SSL SUPPORT + + Direct C connections are supported only if L 1.56 or + greater and L 1.49 or greater are installed. An exception will be +-thrown if new enough versions of these modules are not installed or if the SSL ++thrown if new enough versions of these modules are not installed or if the TLS + encryption fails. You can also use C utility function + that returns boolean to see if the required modules are installed. + +@@ -2021,7 +2038,7 @@ An C connection may be made via an C proxy that supports the CONNEC + command (i.e. RFC 2817). You may not proxy C via a proxy that itself + requires C to communicate. + +-SSL provides two distinct capabilities: ++TLS/SSL provides two distinct capabilities: + + =over 4 + +@@ -2035,24 +2052,17 @@ Verification of server identity + + =back + +-B. +- +-Server identity verification is controversial and potentially tricky because it +-depends on a (usually paid) third-party Certificate Authority (CA) trust model +-to validate a certificate as legitimate. This discriminates against servers +-with self-signed certificates or certificates signed by free, community-driven +-CA's such as L. ++B. + +-By default, HTTP::Tiny does not make any assumptions about your trust model, +-threat level or risk tolerance. It just aims to give you an encrypted channel +-when you need one. ++This was changed in version 0.083 due to security concerns. The previous default ++behavior can be enabled by setting C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> ++to 1. + +-Setting the C attribute to a true value will make HTTP::Tiny verify +-that an SSL connection has a valid SSL certificate corresponding to the host +-name of the connection and that the SSL certificate has been verified by a CA. +-Assuming you trust the CA, this will protect against a L. If you are +-concerned about security, you should enable this option. ++Verification is done by checking that that the TLS/SSL connection has a valid ++certificate corresponding to the host name of the connection and that the ++certificate has been verified by a CA. Assuming you trust the CA, this will ++protect against L. + + Certificate verification requires a file containing trusted CA certificates. + +@@ -2060,9 +2070,7 @@ If the environment variable C is present, HTTP::Tiny + will try to find a CA certificate file in that location. + + If the L module is installed, HTTP::Tiny will use the CA file +-included with it as a source of trusted CA's. (This means you trust Mozilla, +-the author of Mozilla::CA, the CPAN mirror where you got Mozilla::CA, the +-toolchain used to install it, and your operating system security, right?) ++included with it as a source of trusted CA's. + + If that module is not available, then HTTP::Tiny will search several + system-specific default locations for a CA certificate file: +@@ -2081,13 +2089,33 @@ system-specific default locations for a CA certificate file: + + /etc/ssl/ca-bundle.pem + ++=item * ++ ++/etc/openssl/certs/ca-certificates.crt ++ ++=item * ++ ++/etc/ssl/cert.pem ++ ++=item * ++ ++/usr/local/share/certs/ca-root-nss.crt ++ ++=item * ++ ++/etc/pki/tls/cacert.pem ++ ++=item * ++ ++/etc/certs/ca-certificates.crt ++ + =back + + An exception will be raised if C is true and no CA certificate file + is available. + +-If you desire complete control over SSL connections, the C attribute +-lets you provide a hash reference that will be passed through to ++If you desire complete control over TLS/SSL connections, the C ++attribute lets you provide a hash reference that will be passed through to + C, overriding any options set by HTTP::Tiny. For + example, to provide your own trusted CA file: + +@@ -2097,7 +2125,7 @@ example, to provide your own trusted CA file: + + The C attribute could also be used for such things as providing a + client certificate for authentication to a server or controlling the choice of +-cipher used for the SSL connection. See L documentation for ++cipher used for the TLS/SSL connection. See L documentation for + details. + + =head1 PROXY SUPPORT +-- +2.40.0 diff --git a/meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch b/meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch new file mode 100644 index 0000000000..45452be389 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch @@ -0,0 +1,36 @@ +From a22785783b17cbaa28afaee4a024d81a1903701d +From: Stig Palmquist +Date: Sun Jun 18 11:36:05 2023 +0200 +Subject: [PATCH] Fix incorrect env var name for verify_SSL default + +The variable to override the verify_SSL default differed slightly in the +documentation from what was checked for in the code. + +This commit makes the code use `PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT` +as documented, instead of `PERL_HTTP_TINY_INSECURE_BY_DEFAULT` which was +missing `SSL_` + +CVE: CVE-2023-31486 + +Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d] + +Signed-off-by: Soumya +--- + cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +index ebc34a1..65ac8ff 100644 +--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm ++++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +@@ -148,7 +148,7 @@ sub _verify_SSL_default { + my ($self) = @_; + # Check if insecure default certificate verification behaviour has been + # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 +- return (($ENV{PERL_HTTP_TINY_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; ++ return (($ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; + } + + sub _set_proxies { +-- +2.40.0 diff --git a/meta/recipes-devtools/perl/perl_5.34.1.bb b/meta/recipes-devtools/perl/perl_5.34.1.bb index e0ee006e50..db306d0be3 100644 --- a/meta/recipes-devtools/perl/perl_5.34.1.bb +++ b/meta/recipes-devtools/perl/perl_5.34.1.bb @@ -19,6 +19,8 @@ SRC_URI = "https://www.cpan.org/src/5.0/perl-${PV}.tar.gz;name=perl \ file://0001-cpan-Sys-Syslog-Makefile.PL-Fix-_PATH_LOG-for-determ.patch \ file://0001-Fix-build-with-gcc-12.patch \ file://CVE-2023-31484.patch \ + file://CVE-2023-31486-0001.patch \ + file://CVE-2023-31486-0002.patch \ " SRC_URI:append:class-native = " \ file://perl-configpm-switch.patch \ From patchwork Tue Jul 18 14:25:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27621 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24282EB64DC for ; Tue, 18 Jul 2023 14:26:20 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.9089.1689690378407363613 for ; Tue, 18 Jul 2023 07:26:18 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=nf3RVyDi; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-66c729f5618so5817125b3a.1 for ; Tue, 18 Jul 2023 07:26:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690377; x=1692282377; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=tN2FSNDtvqyefG5h6cNjgbs2YxZShldtSNc77OER/7I=; b=nf3RVyDinrITtimhfzCzVhMfK6X9M2UsSx4pCVYIDZ787ljexYm8w3W6Ct+4Tgca+f P0vuaBtEMlcSCebL6AtdCLx1ljg/dNtA2mq3HG74W/akAOCqfSiQi+ACzPzt0W9eIlvW uG5PGvzNS1jwtET6uRxUdgaAPfG6UvVBMiyimcyWk8PcukD462CWOFu55wG8X54LAM5o HwMgs3/F+IhBRJhr2/dT6rlYBdE86lSNuUDybJJr7BABxoPqjEsJ1oI9uKw9P0Ix3erA G+i4XIANZCREgBIPqNcVwv0K//iaGkpThAkyZ64CAvnB0lOWflXmwAqnC+GzFMeMdl27 QmpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690377; x=1692282377; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tN2FSNDtvqyefG5h6cNjgbs2YxZShldtSNc77OER/7I=; b=JnyYfowj8XirKCWbd1PASAbFGjuY9c93DwpOr43SkKkpoCO0up/86xds8BZ01trxbR 5sZE7ZbMV6sWvL21M79WcRnDx7yhJoYGliRuuL1EA1jeVKkR/qThiaSltewkmx4XU2iU dAjrQHYEat/V6wyGGY9mpuvFJoo36bN7AjjcBSKKbyLM9LM+xmbTDTxOtzYNLGWV3xVd ynxn7fiwO9AweETirB5YW+ZzLGlvCV03k8dzWsg2oz/088rPXI3Uf+XJ+QvUvNjH9kQi Xz8wW+gqIK2VwWXuHgqftHkjdBXmppi2xB4nDWa1uXIchw4VsE6TfcdtHRWEGDRYp1d3 pigA== X-Gm-Message-State: ABy/qLZGIyR0rZ1U5TpTdYliwiU/HWuPEjLlD1A7QKP+qMcaVEjQOIPd 2vsmKlUAHajyfhqxGqT1dTRo9Zo3uipr6QvsSas= X-Google-Smtp-Source: APBJJlF+bPD1/ffNM1/7POvHWpvATaKJqn215hoHgoxa7WPaa6GKNDxUpqpB1g66NZbZ/mcjrJJ62A== X-Received: by 2002:a05:6a20:430b:b0:134:951c:acb3 with SMTP id h11-20020a056a20430b00b00134951cacb3mr8441920pzk.35.1689690377424; Tue, 18 Jul 2023 07:26:17 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 02/27] sqlite3: CVE-2023-36191 CLI fault on missing -nonce Date: Tue, 18 Jul 2023 04:25:36 -1000 Message-Id: <663713b2f95dee1e70f8921ece23b21d84d93805.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184506 From: Vijay Anusuri Upstream-Status: Backport [https://sqlite.org/src/info/cd24178bbaad4a1d] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../sqlite/files/CVE-2023-36191.patch | 37 +++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta/recipes-support/sqlite/files/CVE-2023-36191.patch diff --git a/meta/recipes-support/sqlite/files/CVE-2023-36191.patch b/meta/recipes-support/sqlite/files/CVE-2023-36191.patch new file mode 100644 index 0000000000..aca79c334a --- /dev/null +++ b/meta/recipes-support/sqlite/files/CVE-2023-36191.patch @@ -0,0 +1,37 @@ +From 4e8a0eb4e773b808d9e9697af94319599777169a Mon Sep 17 00:00:00 2001 +From: larrybr +Date: Fri, 2 Jun 2023 12:56:32 +0000 +Subject: [PATCH] Fix CLI fault on missing -nonce reported by [forum:/info/f8c14a1134|forum post f8c14a1134]. + +FossilOrigin-Name: cd24178bbaad4a1dafc3848e7d74240f90030160b5c43c93e1e0e11b073c2df5 + +Upstream-Status: Backport [https://sqlite.org/src/info/cd24178bbaad4a1d +Upstream commit https://github.com/sqlite/sqlite/commit/4e8a0eb4e773b808d9e9697af94319599777169a] +CVE: CVE-2023-36191 +Signed-off-by: Vijay Anusuri +--- + shell.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/shell.c b/shell.c +index 0200c0a..fa45d40 100644 +--- a/shell.c ++++ b/shell.c +@@ -23163,8 +23163,12 @@ int SQLITE_CDECL wmain(int argc, wchar_t **wargv){ + }else if( strcmp(z,"-bail")==0 ){ + bail_on_error = 1; + }else if( strcmp(z,"-nonce")==0 ){ +- free(data.zNonce); +- data.zNonce = strdup(argv[++i]); ++ if( data.zNonce ) free(data.zNonce); ++ if( i+1 < argc ) data.zNonce = strdup(argv[++i]); ++ else{ ++ data.zNonce = 0; ++ break; ++ } + }else if( strcmp(z,"-safe")==0 ){ + /* no-op - catch this on the second pass */ + } +-- +2.25.1 + diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb index 313c15dff4..55cc514412 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb @@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0 SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \ file://0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch \ file://CVE-2022-46908.patch \ + file://CVE-2023-36191.patch \ " SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c" From patchwork Tue Jul 18 14:25:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27623 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3832EB64DA for ; Tue, 18 Jul 2023 14:26:29 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.9092.1689690381519490113 for ; Tue, 18 Jul 2023 07:26:21 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=MXIj5qfv; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-666edfc50deso3575561b3a.0 for ; Tue, 18 Jul 2023 07:26:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690380; x=1692282380; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Nc+E6eX/285fpAG+zgKxr1yDgXXhCxrEV+imB1sYVnY=; b=MXIj5qfvNeNxCz32pXzl+d5MEd1IXGxraKGOuudY7WCXRdqLE02zaD1CchriAdPiVr Z08EOMlqhkzVlOQzYr1ef2wRKZNiyydXai2PjEb7E0mGS5A0hab7kbuW3J1fxatTjlDA G0UB5xS0+6C0loMwUTp4HWR79AREN8I4WvSK2V3/Hun4zoPZx4D/qzZp+nOGkqDFH1R4 ICdoCaLTw2m3wfzC+vnsqeyThcP2sktbbqf3eBXgt5b1NsHUWWPbOr4OXQMvtnJfcptU v7+EcQfPOxjIyE4XtGSKnuCDrXqWp1YaoQ/0qBTJNgPt30H4TK87hINO2CA7JcgpDxA+ sBpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690380; x=1692282380; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Nc+E6eX/285fpAG+zgKxr1yDgXXhCxrEV+imB1sYVnY=; b=M7LA3I4CIChwjjfx+28bGUiiAIsKp+aCr6IMLzIiy8L6y28iM05GWy2ku0cAdF7/AX pDZa51Vuq87tZuF4aGZy6GqHqcWK0+JMM3zKDq0QHVKmYf+qjwYHp9u7xep888NxPPnz atMt6oBlUmLlRc8cFh4oeweRu0g0vAHq1V9oG2RtVvJ8Knp9JljAHSUr82VxX5qIa4ra C/Q9a6v+Fk7y3MsiSqn1FhODlvSI0Bg7AU90a2VHek3isLz4W78VQs31jTn/gEAF+oq6 zFCZw9voLyFWIexkAa6h0FA7zMydCJCY8sWebnd+uRqe3nKBUljUkeBLqF4HxCiyUtPN c2Tw== X-Gm-Message-State: ABy/qLaO3i+3bsLNkgLasevxbLMJe0G8dGY+q1LEcEDGBRzRN8dClphP LBPpKiAVQGXzJOHNNOebxMRlWl68ABS7AoBKfoo= X-Google-Smtp-Source: APBJJlEB+nQSgmZSIdsYFeEzbjfb0oxumjikGRWmN21k8g+wh09cTlwBouRGgAXfVk/K2prrssFhCA== X-Received: by 2002:a05:6a20:430a:b0:f0:50c4:4c43 with SMTP id h10-20020a056a20430a00b000f050c44c43mr16291474pzk.5.1689690380390; Tue, 18 Jul 2023 07:26:20 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:19 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 03/27] bind : fix CVE-2023-2828 & CVE-2023-2911 Date: Tue, 18 Jul 2023 04:25:37 -1000 Message-Id: <08810d3fe6988ea821805eca16105b4632335654.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184507 From: Hitendra Prajapati Backport fixes for: * CVE-2023-2828 - Upstream-Status: Backport from https://gitlab.isc.org/isc-projects/bind9/-/commit/e9d5219fca9f6b819d953990b369d6acfb4e952b * CVE-2023-2911 - Upstream-Status: Backport from https://gitlab.isc.org/isc-projects/bind9/-/commit/240caa32b9cab90a38ab863fd64e6becf5d1393c && https://gitlab.isc.org/isc-projects/bind9/-/commit/ff5bacf17c2451e9d48c78a5ef96ec0c376ff33d Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../bind/bind-9.18.11/CVE-2023-2828.patch | 197 ++++++++++++++++++ .../bind/bind-9.18.11/CVE-2023-2911.patch | 97 +++++++++ .../recipes-connectivity/bind/bind_9.18.11.bb | 2 + 3 files changed, 296 insertions(+) create mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch create mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch b/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch new file mode 100644 index 0000000000..ef2d64b16c --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch @@ -0,0 +1,197 @@ +From e9d5219fca9f6b819d953990b369d6acfb4e952b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= +Date: Tue, 30 May 2023 08:46:17 +0200 +Subject: [PATCH] Improve RBT overmem cache cleaning + +When cache memory usage is over the configured cache size (overmem) and +we are cleaning unused entries, it might not be enough to clean just two +entries if the entries to be expired are smaller than the newly added +rdata. This could be abused by an attacker to cause a remote Denial of +Service by possibly running out of the operating system memory. + +Currently, the addrdataset() tries to do a single TTL-based cleaning +considering the serve-stale TTL and then optionally moves to overmem +cleaning if we are in that condition. Then the overmem_purge() tries to +do another single TTL based cleaning from the TTL heap and then continue +with LRU-based cleaning up to 2 entries cleaned. + +Squash the TTL-cleaning mechanism into single call from addrdataset(), +but ignore the serve-stale TTL if we are currently overmem. + +Then instead of having a fixed number of entries to clean, pass the size +of newly added rdatasetheader to the overmem_purge() function and +cleanup at least the size of the newly added data. This prevents the +cache going over the configured memory limit (`max-cache-size`). + +Additionally, refactor the overmem_purge() function to reduce for-loop +nesting for readability. + +Patch taken from : https://downloads.isc.org/isc/bind9/9.18.16/patches/0001-CVE-2023-2828.patch + +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/e9d5219fca9f6b819d953990b369d6acfb4e952b] +CVE: CVE-2023-2828 +Signed-off-by: Hitendra Prajapati +--- + lib/dns/rbtdb.c | 106 +++++++++++++++++++++++++++++------------------- + 1 file changed, 65 insertions(+), 41 deletions(-) + +diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c +index d1aee54..ba60a49 100644 +--- a/lib/dns/rbtdb.c ++++ b/lib/dns/rbtdb.c +@@ -561,7 +561,7 @@ static void + expire_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, bool tree_locked, + expire_t reason); + static void +-overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, isc_stdtime_t now, ++overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, size_t purgesize, + bool tree_locked); + static void + resign_insert(dns_rbtdb_t *rbtdb, int idx, rdatasetheader_t *newheader); +@@ -6787,6 +6787,16 @@ cleanup: + + static dns_dbmethods_t zone_methods; + ++static size_t ++rdataset_size(rdatasetheader_t *header) { ++ if (!NONEXISTENT(header)) { ++ return (dns_rdataslab_size((unsigned char *)header, ++ sizeof(*header))); ++ } ++ ++ return (sizeof(*header)); ++} ++ + static isc_result_t + addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + isc_stdtime_t now, dns_rdataset_t *rdataset, unsigned int options, +@@ -6951,7 +6961,8 @@ addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + } + + if (cache_is_overmem) { +- overmem_purge(rbtdb, rbtnode->locknum, now, tree_locked); ++ overmem_purge(rbtdb, rbtnode->locknum, rdataset_size(newheader), ++ tree_locked); + } + + NODE_LOCK(&rbtdb->node_locks[rbtnode->locknum].lock, +@@ -6970,11 +6981,18 @@ addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + } + + header = isc_heap_element(rbtdb->heaps[rbtnode->locknum], 1); +- if (header != NULL && +- header->rdh_ttl + STALE_TTL(header, rbtdb) < +- now - RBTDB_VIRTUAL) +- { +- expire_header(rbtdb, header, tree_locked, expire_ttl); ++ if (header != NULL) { ++ dns_ttl_t rdh_ttl = header->rdh_ttl; ++ ++ /* Only account for stale TTL if cache is not overmem */ ++ if (!cache_is_overmem) { ++ rdh_ttl += STALE_TTL(header, rbtdb); ++ } ++ ++ if (rdh_ttl < now - RBTDB_VIRTUAL) { ++ expire_header(rbtdb, header, tree_locked, ++ expire_ttl); ++ } + } + + /* +@@ -10114,52 +10132,58 @@ update_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, isc_stdtime_t now) { + ISC_LIST_PREPEND(rbtdb->rdatasets[header->node->locknum], header, link); + } + ++static size_t ++expire_lru_headers(dns_rbtdb_t *rbtdb, unsigned int locknum, size_t purgesize, ++ bool tree_locked) { ++ rdatasetheader_t *header, *header_prev; ++ size_t purged = 0; ++ ++ for (header = ISC_LIST_TAIL(rbtdb->rdatasets[locknum]); ++ header != NULL && purged <= purgesize; header = header_prev) ++ { ++ header_prev = ISC_LIST_PREV(header, link); ++ /* ++ * Unlink the entry at this point to avoid checking it ++ * again even if it's currently used someone else and ++ * cannot be purged at this moment. This entry won't be ++ * referenced any more (so unlinking is safe) since the ++ * TTL was reset to 0. ++ */ ++ ISC_LIST_UNLINK(rbtdb->rdatasets[locknum], header, link); ++ size_t header_size = rdataset_size(header); ++ expire_header(rbtdb, header, tree_locked, expire_lru); ++ purged += header_size; ++ } ++ ++ return (purged); ++} ++ + /*% +- * Purge some expired and/or stale (i.e. unused for some period) cache entries +- * under an overmem condition. To recover from this condition quickly, up to +- * 2 entries will be purged. This process is triggered while adding a new +- * entry, and we specifically avoid purging entries in the same LRU bucket as +- * the one to which the new entry will belong. Otherwise, we might purge +- * entries of the same name of different RR types while adding RRsets from a +- * single response (consider the case where we're adding A and AAAA glue records +- * of the same NS name). ++ * Purge some stale (i.e. unused for some period - LRU based cleaning) cache ++ * entries under the overmem condition. To recover from this condition quickly, ++ * we cleanup entries up to the size of newly added rdata (passed as purgesize). ++ * ++ * This process is triggered while adding a new entry, and we specifically avoid ++ * purging entries in the same LRU bucket as the one to which the new entry will ++ * belong. Otherwise, we might purge entries of the same name of different RR ++ * types while adding RRsets from a single response (consider the case where ++ * we're adding A and AAAA glue records of the same NS name). + */ + static void +-overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, isc_stdtime_t now, ++overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, size_t purgesize, + bool tree_locked) { +- rdatasetheader_t *header, *header_prev; + unsigned int locknum; +- int purgecount = 2; ++ size_t purged = 0; + + for (locknum = (locknum_start + 1) % rbtdb->node_lock_count; +- locknum != locknum_start && purgecount > 0; ++ locknum != locknum_start && purged <= purgesize; + locknum = (locknum + 1) % rbtdb->node_lock_count) + { + NODE_LOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_write); + +- header = isc_heap_element(rbtdb->heaps[locknum], 1); +- if (header && header->rdh_ttl < now - RBTDB_VIRTUAL) { +- expire_header(rbtdb, header, tree_locked, expire_ttl); +- purgecount--; +- } +- +- for (header = ISC_LIST_TAIL(rbtdb->rdatasets[locknum]); +- header != NULL && purgecount > 0; header = header_prev) +- { +- header_prev = ISC_LIST_PREV(header, link); +- /* +- * Unlink the entry at this point to avoid checking it +- * again even if it's currently used someone else and +- * cannot be purged at this moment. This entry won't be +- * referenced any more (so unlinking is safe) since the +- * TTL was reset to 0. +- */ +- ISC_LIST_UNLINK(rbtdb->rdatasets[locknum], header, +- link); +- expire_header(rbtdb, header, tree_locked, expire_lru); +- purgecount--; +- } ++ purged += expire_lru_headers(rbtdb, locknum, purgesize - purged, ++ tree_locked); + + NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_write); +-- +2.25.1 + diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch b/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch new file mode 100644 index 0000000000..8e9a358dee --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch @@ -0,0 +1,97 @@ +From ff5bacf17c2451e9d48c78a5ef96ec0c376ff33d Mon Sep 17 00:00:00 2001 +From: Matthijs Mekking +Date: Thu, 1 Jun 2023 10:03:48 +0200 +Subject: [PATCH] Fix serve-stale hang at shutdown + +The 'refresh_rrset' variable is used to determine if we can detach from +the client. This can cause a hang on shutdown. To fix this, move setting +of the 'nodetach' variable up to where 'refresh_rrset' is set (in +query_lookup(), and thus not in ns_query_done()), and set it to false +when actually refreshing the RRset, so that when this lookup is +completed, the client will be detached. + +Patch taken from :https://downloads.isc.org/isc/bind9/9.18.16/patches/0003-CVE-2023-2911.patch + +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/240caa32b9cab90a38ab863fd64e6becf5d1393c && https://gitlab.isc.org/isc-projects/bind9/-/commit/ff5bacf17c2451e9d48c78a5ef96ec0c376ff33d] +CVE: CVE-2023-2911 +Signed-off-by: Hitendra Prajapati +--- + lib/ns/query.c | 30 ++++++++++++++++++++++-------- + 1 file changed, 22 insertions(+), 8 deletions(-) + +diff --git a/lib/ns/query.c b/lib/ns/query.c +index 0d2ba6b..8945dd4 100644 +--- a/lib/ns/query.c ++++ b/lib/ns/query.c +@@ -5824,6 +5824,7 @@ query_refresh_rrset(query_ctx_t *orig_qctx) { + qctx.client->query.dboptions &= ~(DNS_DBFIND_STALETIMEOUT | + DNS_DBFIND_STALEOK | + DNS_DBFIND_STALEENABLED); ++ qctx.client->nodetach = false; + + /* + * We'll need some resources... +@@ -6076,7 +6077,14 @@ query_lookup(query_ctx_t *qctx) { + "%s stale answer used, an attempt to " + "refresh the RRset will still be made", + namebuf); ++ + qctx->refresh_rrset = STALE(qctx->rdataset); ++ /* ++ * If we are refreshing the RRSet, we must not ++ * detach from the client in query_send(). ++ */ ++ qctx->client->nodetach = qctx->refresh_rrset; ++ + ns_client_extendederror( + qctx->client, ede, + "stale data prioritized over lookup"); +@@ -6503,7 +6511,7 @@ ns_query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname, + if (recparam_match(&client->query.recparam, qtype, qname, qdomain)) { + ns_client_log(client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_QUERY, + ISC_LOG_INFO, "recursion loop detected"); +- return (ISC_R_FAILURE); ++ return (ISC_R_ALREADYRUNNING); + } + + recparam_update(&client->query.recparam, qtype, qname, qdomain); +@@ -7620,10 +7628,21 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) { + return (false); + } + +- if (result == DNS_R_DUPLICATE || result == DNS_R_DROP) { ++ if (qctx->refresh_rrset) { ++ /* ++ * This is a refreshing query, we have already prioritized ++ * stale data, so don't enable serve-stale again. ++ */ ++ return (false); ++ } ++ ++ if (result == DNS_R_DUPLICATE || result == DNS_R_DROP || ++ result == ISC_R_ALREADYRUNNING) ++ { + /* + * Don't enable serve-stale if the result signals a duplicate +- * query or query that is being dropped. ++ * query or a query that is being dropped or can't proceed ++ * because of a recursion loop. + */ + return (false); + } +@@ -11927,12 +11946,7 @@ ns_query_done(query_ctx_t *qctx) { + /* + * Client may have been detached after query_send(), so + * we test and store the flag state here, for safety. +- * If we are refreshing the RRSet, we must not detach from the client +- * in the query_send(), so we need to override the flag. + */ +- if (qctx->refresh_rrset) { +- qctx->client->nodetach = true; +- } + nodetach = qctx->client->nodetach; + query_send(qctx->client); + +-- +2.25.1 + diff --git a/meta/recipes-connectivity/bind/bind_9.18.11.bb b/meta/recipes-connectivity/bind/bind_9.18.11.bb index 0618129318..b3e3b8bef0 100644 --- a/meta/recipes-connectivity/bind/bind_9.18.11.bb +++ b/meta/recipes-connectivity/bind/bind_9.18.11.bb @@ -18,6 +18,8 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ file://0001-avoid-start-failure-with-bind-user.patch \ + file://CVE-2023-2828.patch \ + file://CVE-2023-2911.patch \ " SRC_URI[sha256sum] = "8ff3352812230cbcbda42df87cad961f94163d3da457c5e4bef8057fd5df2158" From patchwork Tue Jul 18 14:25:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27626 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19B87C04A6A for ; Tue, 18 Jul 2023 14:26:30 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.8998.1689690383808053410 for ; Tue, 18 Jul 2023 07:26:23 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=vVQvxkXD; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-668709767b1so4183982b3a.2 for ; Tue, 18 Jul 2023 07:26:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690383; x=1692282383; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LLPaWxGlFRLqKaP27e1awbWP3IA3/ln6sTVDiWXkoQA=; b=vVQvxkXDb10StPHVt+PvYjSuy8mdXH1g3BitrzUMgSk9wv+7RRvUJ0NkJ9pM5NbLnB w6kkni3B5PHn+dnyHnTKXKs0XaX+8d45iQQVUa9mhDM5GPheO5UzqSuwlyN8UsmPP9KO 3qouFiGCXpYCfI8vUzcxaTCK0k9pcP8zvEyMK8dn/i2gXNcYIHDVxGCdyeeQckJRzzh3 0MZ/CWcZt9Lqb/4nYDh0OYl5IUZW0xWAbh37SsVSeKF5b3UDyVV5SFFHLCpVbvUh5KYK MR7+OSpgc7QxfPX4PdBLTgs3DyUq8c7WwwkFfRftkJ64KWLSaL74NaJm3UGdyHWC0FCI wPog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690383; x=1692282383; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LLPaWxGlFRLqKaP27e1awbWP3IA3/ln6sTVDiWXkoQA=; b=WTTGHH3jEmOP2lfCHE7QaCHHXjywI19FN8yFWEtc0BeVQrPcDtUoCPRIquOc1EayPo ud54BOoonWztf5UFetDKb1fYLBBRbLfpCFLOPbEZFIQQ/qF4zYbfw8vMnnhQD2ix7qdS 8wH1+KMQeX2imlnXAwnbvpzu+TJve1F5kPW7g9LG2T532EoHR082/pD1q7hY9zxSWDjO HMTw8WJw7WFYO0RpiVGN4YECSoUXCmGEGlOAb4RVrt0xlcg+p8jazkn+iVw61fRp2B4Q 2FLw2FE5CXBbiqaSrBB61k95KLbi/vM/jdBpFhjoC46rtg8aXqYHZWhVf53OWA8b5GVI IAPQ== X-Gm-Message-State: ABy/qLZyvJ8qa+Bqt1yrOR6mLXNcozpcxOGoWV6LTTfF/Yq5qLgztStt zM18dlJ5299Clc0ZhS/w/Q8PMCRvsi3G1/WdIDE= X-Google-Smtp-Source: APBJJlE3v2NTsQs6e0cj0boLlX6AW0JGouawthhp1RwmAhvOBHgQHNEyNHtFdPcolTsttSm7QQGrtQ== X-Received: by 2002:a05:6a00:2389:b0:66a:4a45:e017 with SMTP id f9-20020a056a00238900b0066a4a45e017mr3266729pfc.20.1689690382784; Tue, 18 Jul 2023 07:26:22 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 04/27] libx11: Fix CVE-2023-3138 for kirkstone branch Date: Tue, 18 Jul 2023 04:25:38 -1000 Message-Id: <5491531d4681d3df5a34ebc180e29a8bf4e09e67.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184508 From: Poonam Jadhav Add patch to fix CVE-2023-3138 for kirkstone branch Link: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c.patch Signed-off-by: Poonam Jadhav Signed-off-by: Steve Sakoman --- .../xorg-lib/libx11/CVE-2023-3138.patch | 111 ++++++++++++++++++ .../xorg-lib/libx11_1.7.3.1.bb | 1 + 2 files changed, 112 insertions(+) create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch diff --git a/meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch b/meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch new file mode 100644 index 0000000000..c724cf8fdd --- /dev/null +++ b/meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch @@ -0,0 +1,111 @@ +From 304a654a0d57bf0f00d8998185f0360332cfa36c Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Sat, 10 Jun 2023 16:30:07 -0700 +Subject: [PATCH] InitExt.c: Add bounds checks for extension request, event, & + error codes + +Fixes CVE-2023-3138: X servers could return values from XQueryExtension +that would cause Xlib to write entries out-of-bounds of the arrays to +store them, though this would only overwrite other parts of the Display +struct, not outside the bounds allocated for that structure. + +Reported-by: Gregory James DUCK +Signed-off-by: Alan Coopersmith + +CVE: CVE-2023-3138 +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c.patch] +Signed-off-by: Poonam Jadhav +--- + src/InitExt.c | 42 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 42 insertions(+) + +diff --git a/src/InitExt.c b/src/InitExt.c +index 4de46f15..afc00a6b 100644 +--- a/src/InitExt.c ++++ b/src/InitExt.c +@@ -33,6 +33,18 @@ from The Open Group. + #include + #include + ++/* The X11 protocol spec reserves events 64 through 127 for extensions */ ++#ifndef LastExtensionEvent ++#define LastExtensionEvent 127 ++#endif ++ ++/* The X11 protocol spec reserves requests 128 through 255 for extensions */ ++#ifndef LastExtensionRequest ++#define FirstExtensionRequest 128 ++#define LastExtensionRequest 255 ++#endif ++ ++ + /* + * This routine is used to link a extension in so it will be called + * at appropriate times. +@@ -242,6 +254,12 @@ WireToEventType XESetWireToEvent( + WireToEventType proc) /* routine to call when converting event */ + { + register WireToEventType oldproc; ++ if (event_number < 0 || ++ event_number > LastExtensionEvent) { ++ fprintf(stderr, "Xlib: ignoring invalid extension event %d\n", ++ event_number); ++ return (WireToEventType)_XUnknownWireEvent; ++ } + if (proc == NULL) proc = (WireToEventType)_XUnknownWireEvent; + LockDisplay (dpy); + oldproc = dpy->event_vec[event_number]; +@@ -263,6 +281,12 @@ WireToEventCookieType XESetWireToEventCookie( + ) + { + WireToEventCookieType oldproc; ++ if (extension < FirstExtensionRequest || ++ extension > LastExtensionRequest) { ++ fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n", ++ extension); ++ return (WireToEventCookieType)_XUnknownWireEventCookie; ++ } + if (proc == NULL) proc = (WireToEventCookieType)_XUnknownWireEventCookie; + LockDisplay (dpy); + oldproc = dpy->generic_event_vec[extension & 0x7F]; +@@ -284,6 +308,12 @@ CopyEventCookieType XESetCopyEventCookie( + ) + { + CopyEventCookieType oldproc; ++ if (extension < FirstExtensionRequest || ++ extension > LastExtensionRequest) { ++ fprintf(stderr, "Xlib: ignoring invalid extension opcode %d\n", ++ extension); ++ return (CopyEventCookieType)_XUnknownCopyEventCookie; ++ } + if (proc == NULL) proc = (CopyEventCookieType)_XUnknownCopyEventCookie; + LockDisplay (dpy); + oldproc = dpy->generic_event_copy_vec[extension & 0x7F]; +@@ -305,6 +335,12 @@ EventToWireType XESetEventToWire( + EventToWireType proc) /* routine to call when converting event */ + { + register EventToWireType oldproc; ++ if (event_number < 0 || ++ event_number > LastExtensionEvent) { ++ fprintf(stderr, "Xlib: ignoring invalid extension event %d\n", ++ event_number); ++ return (EventToWireType)_XUnknownNativeEvent; ++ } + if (proc == NULL) proc = (EventToWireType) _XUnknownNativeEvent; + LockDisplay (dpy); + oldproc = dpy->wire_vec[event_number]; +@@ -325,6 +361,12 @@ WireToErrorType XESetWireToError( + WireToErrorType proc) /* routine to call when converting error */ + { + register WireToErrorType oldproc = NULL; ++ if (error_number < 0 || ++ error_number > LastExtensionError) { ++ fprintf(stderr, "Xlib: ignoring invalid extension error %d\n", ++ error_number); ++ return (WireToErrorType)_XDefaultWireError; ++ } + if (proc == NULL) proc = (WireToErrorType)_XDefaultWireError; + LockDisplay (dpy); + if (!dpy->error_vec) { +-- +GitLab diff --git a/meta/recipes-graphics/xorg-lib/libx11_1.7.3.1.bb b/meta/recipes-graphics/xorg-lib/libx11_1.7.3.1.bb index 3e6b50c0a3..19687d546b 100644 --- a/meta/recipes-graphics/xorg-lib/libx11_1.7.3.1.bb +++ b/meta/recipes-graphics/xorg-lib/libx11_1.7.3.1.bb @@ -17,6 +17,7 @@ SRC_URI = "${XORG_MIRROR}/individual/lib/${XORG_PN}-${PV}.tar.xz" SRC_URI += "file://disable_tests.patch \ file://CVE-2022-3554.patch \ file://CVE-2022-3555.patch \ + file://CVE-2023-3138.patch \ " SRC_URI[sha256sum] = "2ffd417266fb875028fdc0ef349694f63dbcd76d0b0cfacfb52e6151f4b60989" From patchwork Tue Jul 18 14:25:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27624 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0FB43C001DC for ; Tue, 18 Jul 2023 14:26:30 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web10.9095.1689690386107417017 for ; Tue, 18 Jul 2023 07:26:26 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=pvBZ7pwQ; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-6687096c6ddso3669905b3a.0 for ; Tue, 18 Jul 2023 07:26:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690385; x=1692282385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=0R+rbH+UNrllwl1lzqKg/oSl+rjubnNGA4+rQeZJbNs=; b=pvBZ7pwQVp9IZpnjQyl8AMNb9LbAzriVra5MxYPL9E8WBM0T5dgNrCOOtY9Dnc7iHe HDTZ480Lbs66TRpsA1YAXezU3pua6ZMEoFERjrgWmLt5OsLKfpEgNPoideRDs9U2iyb+ Z3Q80k4DhkAOZuYSPe81qDOvpoYc+nA7UmLp0DnvHKEsGKgZqwdVWop55C3TC/MwqQTX 2sw9F7U+PNBADO4nTuHknVcOUxyMSABTGGJWsUh4MbWhvimhHNK7Dow/AYyAqMvxP5kz Q7knOMY8HkLANVxxacGwttJdmsVw1N1YJ2eCGRtg1FF3yayg15WfZu6VVyU4ic5T7bio X+eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690385; x=1692282385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0R+rbH+UNrllwl1lzqKg/oSl+rjubnNGA4+rQeZJbNs=; b=He7tfNmEsKhNpbi9DjSz50nx0svGPcF/hAu8cEr4K7xBuzIaT4a4jqQfDbmoW8wrp6 hZDhMg+eR5oqbLJqowzyMzbgCTKuXiOh7wzkNhxYP7LTUiJuNL4xVWbYARi4q41hTzbz 7qhrdthbCl5kuobqW2OddJ4fKx0F6CoWWqCyEYpIurY8JssgPKf8wI6sLDPfqC4Tg2Qy qITmtfTlp0A/vprvAOdxfx4gnPFthRDvn54K8O20lgBp9Gry/NjkEMKvpoquZs5ycYrb 9GjnFXN41svh6sYyqgEiiKHVIvP6jEBs4bGfgn8himSdkKDqczk2WrrZxIUUlZtPRn4q qoQg== X-Gm-Message-State: ABy/qLZq4HAmM6hz240kHC951SkWliQYcb/qjVW5tYSHq/2XLF+iiDgL EPo5olX1l9hsL1Gp7U9tB9Ahiy/MP2jzx7uxvX4= X-Google-Smtp-Source: APBJJlGDr5Qfs8LFIK2RFSLtD6HWQu4Zfdd26+IIjhQEzkGWBeDCr/sydzYDiXVNiNrWZTr0BDY41w== X-Received: by 2002:a05:6a21:6da2:b0:134:1d88:1d88 with SMTP id wl34-20020a056a216da200b001341d881d88mr10073408pzb.58.1689690385076; Tue, 18 Jul 2023 07:26:25 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:24 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 05/27] curl: Added CVE-2023-28320 Follow-up patch Date: Tue, 18 Jul 2023 04:25:39 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184509 From: Vivek Kumbhar Introduced by: https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f (curl-7_9_8) Fixed by: https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2 (curl-8_1_0) Follow-up: https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3 (curl-8_1_0) Signed-off-by: Vivek Kumbhar Signed-off-by: Steve Sakoman --- .../curl/curl/CVE-2023-28320-fol1.patch | 197 ++++++++++++++++++ meta/recipes-support/curl/curl_7.82.0.bb | 1 + 2 files changed, 198 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch diff --git a/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch b/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch new file mode 100644 index 0000000000..2ba74aaaa9 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch @@ -0,0 +1,197 @@ +From f446258f0269a62289cca0210157cb8558d0edc3 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Tue, 16 May 2023 23:40:42 +0200 +Subject: [PATCH] hostip: include easy_lock.h before using + GLOBAL_INIT_IS_THREADSAFE + +Since that header file is the only place that define can be defined. + +Reported-by: Marc Deslauriers + +Follow-up to 13718030ad4b3209 + +Closes #11121 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3] +CVE: CVE-2023-28320 +Signed-off-by: Vivek Kumbhar +--- + lib/easy_lock.h | 109 ++++++++++++++++++++++++++++++++++++++++++++++++ + lib/hostip.c | 10 ++--- + lib/hostip.h | 9 ---- + 3 files changed, 113 insertions(+), 15 deletions(-) + create mode 100644 lib/easy_lock.h + +diff --git a/lib/easy_lock.h b/lib/easy_lock.h +new file mode 100644 +index 0000000..6399a39 +--- /dev/null ++++ b/lib/easy_lock.h +@@ -0,0 +1,109 @@ ++#ifndef HEADER_CURL_EASY_LOCK_H ++#define HEADER_CURL_EASY_LOCK_H ++/*************************************************************************** ++ * _ _ ____ _ ++ * Project ___| | | | _ \| | ++ * / __| | | | |_) | | ++ * | (__| |_| | _ <| |___ ++ * \___|\___/|_| \_\_____| ++ * ++ * Copyright (C) Daniel Stenberg, , et al. ++ * ++ * This software is licensed as described in the file COPYING, which ++ * you should have received as part of this distribution. The terms ++ * are also available at https://curl.se/docs/copyright.html. ++ * ++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell ++ * copies of the Software, and permit persons to whom the Software is ++ * furnished to do so, under the terms of the COPYING file. ++ * ++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY ++ * KIND, either express or implied. ++ * ++ * SPDX-License-Identifier: curl ++ * ++ ***************************************************************************/ ++ ++#include "curl_setup.h" ++ ++#define GLOBAL_INIT_IS_THREADSAFE ++ ++#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600 ++ ++#ifdef __MINGW32__ ++#ifndef __MINGW64_VERSION_MAJOR ++#if (__MINGW32_MAJOR_VERSION < 5) || \ ++ (__MINGW32_MAJOR_VERSION == 5 && __MINGW32_MINOR_VERSION == 0) ++/* mingw >= 5.0.1 defines SRWLOCK, and slightly different from MS define */ ++typedef PVOID SRWLOCK, *PSRWLOCK; ++#endif ++#endif ++#ifndef SRWLOCK_INIT ++#define SRWLOCK_INIT NULL ++#endif ++#endif /* __MINGW32__ */ ++ ++#define curl_simple_lock SRWLOCK ++#define CURL_SIMPLE_LOCK_INIT SRWLOCK_INIT ++ ++#define curl_simple_lock_lock(m) AcquireSRWLockExclusive(m) ++#define curl_simple_lock_unlock(m) ReleaseSRWLockExclusive(m) ++ ++#elif defined(HAVE_ATOMIC) && defined(HAVE_STDATOMIC_H) ++#include ++#if defined(HAVE_SCHED_YIELD) ++#include ++#endif ++ ++#define curl_simple_lock atomic_int ++#define CURL_SIMPLE_LOCK_INIT 0 ++ ++/* a clang-thing */ ++#ifndef __has_builtin ++#define __has_builtin(x) 0 ++#endif ++ ++#ifndef __INTEL_COMPILER ++/* The Intel compiler tries to look like GCC *and* clang *and* lies in its ++ __has_builtin() function, so override it. */ ++ ++/* if GCC on i386/x86_64 or if the built-in is present */ ++#if ( (defined(__GNUC__) && !defined(__clang__)) && \ ++ (defined(__i386__) || defined(__x86_64__))) || \ ++ __has_builtin(__builtin_ia32_pause) ++#define HAVE_BUILTIN_IA32_PAUSE ++#endif ++ ++#endif ++ ++static inline void curl_simple_lock_lock(curl_simple_lock *lock) ++{ ++ for(;;) { ++ if(!atomic_exchange_explicit(lock, true, memory_order_acquire)) ++ break; ++ /* Reduce cache coherency traffic */ ++ while(atomic_load_explicit(lock, memory_order_relaxed)) { ++ /* Reduce load (not mandatory) */ ++#ifdef HAVE_BUILTIN_IA32_PAUSE ++ __builtin_ia32_pause(); ++#elif defined(__aarch64__) ++ __asm__ volatile("yield" ::: "memory"); ++#elif defined(HAVE_SCHED_YIELD) ++ sched_yield(); ++#endif ++ } ++ } ++} ++ ++static inline void curl_simple_lock_unlock(curl_simple_lock *lock) ++{ ++ atomic_store_explicit(lock, false, memory_order_release); ++} ++ ++#else ++ ++#undef GLOBAL_INIT_IS_THREADSAFE ++ ++#endif ++ ++#endif /* HEADER_CURL_EASY_LOCK_H */ +diff --git a/lib/hostip.c b/lib/hostip.c +index e15c17a..c2e0962 100644 +--- a/lib/hostip.c ++++ b/lib/hostip.c +@@ -72,6 +72,8 @@ + #include + #endif + ++#include "easy_lock.h" ++ + #if defined(CURLRES_SYNCH) && \ + defined(HAVE_ALARM) && \ + defined(SIGALRM) && \ +@@ -81,10 +83,6 @@ + #define USE_ALARM_TIMEOUT + #endif + +-#ifdef USE_ALARM_TIMEOUT +-#include "easy_lock.h" +-#endif +- + #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */ + + /* +@@ -260,8 +258,8 @@ void Curl_hostcache_prune(struct Curl_easy *data) + /* Beware this is a global and unique instance. This is used to store the + return address that we can jump back to from inside a signal handler. This + is not thread-safe stuff. */ +-sigjmp_buf curl_jmpenv; +-curl_simple_lock curl_jmpenv_lock; ++static sigjmp_buf curl_jmpenv; ++static curl_simple_lock curl_jmpenv_lock; + #endif + + /* lookup address, returns entry if found and not stale */ +diff --git a/lib/hostip.h b/lib/hostip.h +index 1db5981..a46bdc6 100644 +--- a/lib/hostip.h ++++ b/lib/hostip.h +@@ -189,15 +189,6 @@ Curl_cache_addr(struct Curl_easy *data, struct Curl_addrinfo *addr, + #define CURL_INADDR_NONE INADDR_NONE + #endif + +-#ifdef HAVE_SIGSETJMP +-/* Forward-declaration of variable defined in hostip.c. Beware this +- * is a global and unique instance. This is used to store the return +- * address that we can jump back to from inside a signal handler. +- * This is not thread-safe stuff. +- */ +-extern sigjmp_buf curl_jmpenv; +-#endif +- + /* + * Function provided by the resolver backend to set DNS servers to use. + */ +-- +2.25.1 + diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 96280b31b2..7f18ef7ee6 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -47,6 +47,7 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2023-27536.patch \ file://CVE-2023-28319.patch \ file://CVE-2023-28320.patch \ + file://CVE-2023-28320-fol1.patch \ file://CVE-2023-28321.patch \ file://CVE-2023-28322-1.patch \ file://CVE-2023-28322-2.patch \ From patchwork Tue Jul 18 14:25:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27625 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 07F55C001DF for ; Tue, 18 Jul 2023 14:26:30 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web10.9097.1689690387892762612 for ; Tue, 18 Jul 2023 07:26:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=RqdX+rqX; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-66767d628e2so3733574b3a.2 for ; Tue, 18 Jul 2023 07:26:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690387; x=1692282387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=m9p0dKw7aC78ZrNl2J0zr4CVIAx/3bI2Xo0TxTfzgmo=; b=RqdX+rqXgWxbu1XAvdt2ZFxg7eZuWhjBRLLcgBgAu1ACIYPMlfvHOd8JN7Q0mUpBBw i0ZghMEl6ZzPL8s3mT4H/cMmWil6Gm6EI69oqKq8LH93HMEE+loz2zRUjd6nh9b9uEa4 Aaq5uM/hEP0UJ8IPJhApQawq/Z899ILcs94d1U+CNF7Q77qcmomfmms6XOzaYBGQJF2n r4BdSiKp/5vpcGC7Z+bJXoSa3UWK2Nfivjkh7RZtIOrYj1VW9/I439sOvozDqRh45PLM bNLw3BlMT7BcrB/WW37n7UF/Xf6Fp7O9A6acsEOuSpvLhHlPScAB5xaAO5W0OyJP+hYn 7fdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690387; x=1692282387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=m9p0dKw7aC78ZrNl2J0zr4CVIAx/3bI2Xo0TxTfzgmo=; b=dKT2YJ8yRKVPZnWK5hjmplayOUpTtvkewD7DHEes7+CNKAikvcbu1tEMtpGHo+DRE4 2ckMs9/qNP/qNL+tE0qgFnRZsSROPfRFrC86+RQcqDVs7yobd4oU72688DlDGtgtZN8V xWqUP6vITUMXhKqgPS3GEAPsukVE8XUJaqdlBlZshso3M/S15b6E2DCQrQlmcyq1flTf PCZQUN4r6Xc7hyW+A1il16lwlNDKRcx+zy/yPGtQozd/Psk+H+ZMqh1qDWqp3sH0PDzx G6oSWpGYHuHRo8nfek60e+BjdgmohTR5UWHU8nGf+8ELMd3qzB4uxIIXD8/g0rqCnirh 9Yqg== X-Gm-Message-State: ABy/qLZlAbsJWWxSKx+YK5nVUyemKg4eh6uCUU9oZmKq2MsCFZHcsKuT OUeq6x7B242jXHLre556z/lXnzWC9HroEWrg+SU= X-Google-Smtp-Source: APBJJlFDo+lSZAJHpTs9QXrxG0ymeoKHHlRhw/6QUdp1XL9ytYwn9JEfGCfNl9X0k/DuiNO4rBfHDQ== X-Received: by 2002:a05:6a20:7fa1:b0:11f:2714:f6f3 with SMTP id d33-20020a056a207fa100b0011f2714f6f3mr16483594pzj.11.1689690386950; Tue, 18 Jul 2023 07:26:26 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:26 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 06/27] libwebp: Fix CVE-2023-1999 Date: Tue, 18 Jul 2023 04:25:40 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184510 From: Soumya There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-1999 Upstream patch: https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129 Signed-off-by: Soumya Signed-off-by: Steve Sakoman --- .../webp/files/CVE-2023-1999.patch | 60 +++++++++++++++++++ meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 4 +- 2 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-1999.patch diff --git a/meta/recipes-multimedia/webp/files/CVE-2023-1999.patch b/meta/recipes-multimedia/webp/files/CVE-2023-1999.patch new file mode 100644 index 0000000000..895d01ea7d --- /dev/null +++ b/meta/recipes-multimedia/webp/files/CVE-2023-1999.patch @@ -0,0 +1,60 @@ +From a486d800b60d0af4cc0836bf7ed8f21e12974129 Mon Sep 17 00:00:00 2001 +From: James Zern +Date: Wed, 22 Feb 2023 22:15:47 -0800 +Subject: [PATCH] EncodeAlphaInternal: clear result->bw on error + +This avoids a double free should the function fail prior to +VP8BitWriterInit() and a previous trial result's buffer carried over. +Previously in ApplyFiltersAndEncode() trial.bw (with a previous +iteration's buffer) would be freed, followed by best.bw pointing to the +same buffer. + +Since: +187d379d add a fallback to ALPHA_NO_COMPRESSION + +In addition, check the return value of VP8BitWriterInit() in this +function. + +Bug: webp:603 +Change-Id: Ic258381ee26c8c16bc211d157c8153831c8c6910 + +CVE: CVE-2023-1999 + +Upstream-Status: Backport [https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129] + +Signed-off-by: Soumya +--- + src/enc/alpha_enc.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/enc/alpha_enc.c b/src/enc/alpha_enc.c +index f7c0269..7d20558 100644 +--- a/src/enc/alpha_enc.c ++++ b/src/enc/alpha_enc.c +@@ -13,6 +13,7 @@ + + #include + #include ++#include + + #include "src/enc/vp8i_enc.h" + #include "src/dsp/dsp.h" +@@ -148,6 +149,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, int width, int height, + } + } else { + VP8LBitWriterWipeOut(&tmp_bw); ++ memset(&result->bw, 0, sizeof(result->bw)); + return 0; + } + } +@@ -162,7 +164,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, int width, int height, + header = method | (filter << 2); + if (reduce_levels) header |= ALPHA_PREPROCESSED_LEVELS << 4; + +- VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size); ++ if (!VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size)) ok = 0; + ok = ok && VP8BitWriterAppend(&result->bw, &header, ALPHA_HEADER_LEN); + ok = ok && VP8BitWriterAppend(&result->bw, output, output_size); + +-- +2.40.0 diff --git a/meta/recipes-multimedia/webp/libwebp_1.2.4.bb b/meta/recipes-multimedia/webp/libwebp_1.2.4.bb index 263589846a..5d868b3b96 100644 --- a/meta/recipes-multimedia/webp/libwebp_1.2.4.bb +++ b/meta/recipes-multimedia/webp/libwebp_1.2.4.bb @@ -13,7 +13,9 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=6e8dee932c26f2dab503abf70c96d8bb \ file://PATENTS;md5=c6926d0cb07d296f886ab6e0cc5a85b7" -SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz" +SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz \ + file://CVE-2023-1999.patch \ + " SRC_URI[sha256sum] = "7bf5a8a28cc69bcfa8cb214f2c3095703c6b73ac5fba4d5480c205331d9494df" UPSTREAM_CHECK_URI = "http://downloads.webmproject.org/releases/webp/index.html" From patchwork Tue Jul 18 14:25:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27627 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06697EB64DD for ; Tue, 18 Jul 2023 14:26:30 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.9100.1689690389815579747 for ; Tue, 18 Jul 2023 07:26:29 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=rwQZBi2N; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-6686c74183cso5772246b3a.1 for ; Tue, 18 Jul 2023 07:26:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690389; x=1692282389; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BsAAXkhSia67lYmUiW39q3nSzzFD17qNN+iZGar2KLE=; b=rwQZBi2NQbqaF5Gmf7XgUhpymMmRJ5w77AphP8P8tWbKr4O/FAPPUKnTEI03Oe19Ci E5D0SfeJQWCuvnnrRyH67I0i3r/OKraiQTGkc4QK/YDqjtwYiFtrTKtNwY/byZwo2qXJ XvJ19i/DdVmo1Vk01ZD+TjJQMsstVx4qzkcItogEwiXPnRfnhiPP83Zy+03WAN3XG74r oohZL8yyy5YPdGW4wmeZjVvTlzAGZeJ5pPPcPxh02w/+XA2IFBONEqv/s/54FpTQ//XP rP1iubfSldcFG2ImIf78CilVJTt8keRp3ExlL2uZsdF+KoPW5wCf2VUfvLNfd6/ebhGy Eq2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690389; x=1692282389; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BsAAXkhSia67lYmUiW39q3nSzzFD17qNN+iZGar2KLE=; b=UfpbGz8uLrHlrGzGYO6bJ6/VY9KUiKFXK50Rhny79wJeFzDvNWIF4Y9PmrLgh72qQZ zpcPy+HBbBirl0AMPBeRVHmQcNKn2pM70l/gj6ItsgNRG4zMd9V3aR+yfg3Ly/RRLjab eSRFyBpb0rNyoWLrJOYs8NPXHhyEicyMwAuIY5Ch+0B+i3KsmZx60oLnSwlvI8LR9wdD HvAxjb7vP1R+SEE3gpW9LH58vlglMT8FxmmplW8pqjB82Z1jnra2PEh2bLG5HUuySfyf cblsIGk13aUJBQZ+xOKzEoVCPrTaofUA+zxComI5pWSmXGZhCX1MeLIo1blSsG+UVz+y 6Utw== X-Gm-Message-State: ABy/qLbbV36PSjcSj/i2dnPGiG9eYMLNK8ponWS/2jlV/+GThOxEmJdU dLxCJbSBJYc4BpiN9/3+VF2c5RQLTAt5vnUnKT0= X-Google-Smtp-Source: APBJJlHJeO2zr782rD59Xtjr/gpR/Dux27y5YTDnjgYHdSOx3eTj8NjrEyyaIZu0ibYz1cbIgGN10w== X-Received: by 2002:a05:6a00:846:b0:684:6bd8:4e3b with SMTP id q6-20020a056a00084600b006846bd84e3bmr13723744pfk.19.1689690388788; Tue, 18 Jul 2023 07:26:28 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:28 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 07/27] tzdata: upgrade to 2023c Date: Tue, 18 Jul 2023 04:25:41 -1000 Message-Id: <134bac52904722cd63fde07f5784c0cca3fbcb05.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184511 From: Ross Burton Drop a backport patch as it is now integrated. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni (cherry picked from commit 80d26d1da47dcd9213a7083d9493a7bce0897a57) Signed-off-by: Steve Sakoman --- meta/recipes-extended/timezone/timezone.inc | 6 +- .../timezone/tzcode-native.bb | 2 - ...0001-Fix-C23-related-conformance-bug.patch | 301 ------------------ 3 files changed, 3 insertions(+), 306 deletions(-) delete mode 100644 meta/recipes-extended/timezone/tzcode/0001-Fix-C23-related-conformance-bug.patch diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc index eec7177228..14a1ce18f3 100644 --- a/meta/recipes-extended/timezone/timezone.inc +++ b/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2022g" +PV = "2023c" SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode;subdir=tz \ http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata;subdir=tz \ @@ -16,5 +16,5 @@ S = "${WORKDIR}/tz" UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "9610bb0b9656ff404c361a41f3286da53064b5469d84f00c9cb2314c8614da74" -SRC_URI[tzdata.sha256sum] = "4491db8281ae94a84d939e427bdd83dc389f26764d27d9a5c52d782c16764478" +SRC_URI[tzcode.sha256sum] = "46d17f2bb19ad73290f03a203006152e0fa0d7b11e5b71467c4a823811b214e7" +SRC_URI[tzdata.sha256sum] = "3f510b5d1b4ae9bb38e485aa302a776b317fb3637bdb6404c4adf7b6cadd965c" diff --git a/meta/recipes-extended/timezone/tzcode-native.bb b/meta/recipes-extended/timezone/tzcode-native.bb index 6d52b3c422..d0b23a9d80 100644 --- a/meta/recipes-extended/timezone/tzcode-native.bb +++ b/meta/recipes-extended/timezone/tzcode-native.bb @@ -2,8 +2,6 @@ require timezone.inc SUMMARY = "tzcode, timezone zoneinfo utils -- zic, zdump, tzselect" -SRC_URI += "file://0001-Fix-C23-related-conformance-bug.patch" - inherit native EXTRA_OEMAKE += "cc='${CC}'" diff --git a/meta/recipes-extended/timezone/tzcode/0001-Fix-C23-related-conformance-bug.patch b/meta/recipes-extended/timezone/tzcode/0001-Fix-C23-related-conformance-bug.patch deleted file mode 100644 index c91ef93e95..0000000000 --- a/meta/recipes-extended/timezone/tzcode/0001-Fix-C23-related-conformance-bug.patch +++ /dev/null @@ -1,301 +0,0 @@ -From 509c5974398952618abdd17f39117b88e3f50057 Mon Sep 17 00:00:00 2001 -From: Paul Eggert -Date: Thu, 1 Dec 2022 10:28:04 -0800 -Subject: [PATCH] Fix C23-related conformance bug -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Problem reported by Houge Langley for ‘gcc -std=gnu99’ in: -https://bugs.gentoo.org/show_bug.cgi?id=883719 -* NEWS: Mention this. -* date.c, localtime.c, private.h, zdump.c, zic.c: -Use ATTRIBUTE_* at the start of function declarations, -not later (such as after the keyword ‘static’). -This is required for strict conformance to C23. - -Upstream-Status: Backport [https://github.com/eggert/tz/commit/9cfe9507fcc22cd4a0c4da486ea1c7f0de6b075f] - -NEWS change skipped to avoid conflicts. - -Signed-off-by: Martin Jansa ---- - date.c | 2 +- - localtime.c | 4 ++-- - private.h | 6 +++--- - zdump.c | 12 ++++++------ - zic.c | 34 +++++++++++++++++----------------- - 5 files changed, 29 insertions(+), 29 deletions(-) - -diff --git a/date.c b/date.c -index 11c5e5fe..97df6ab0 100644 ---- a/date.c -+++ b/date.c -@@ -42,7 +42,7 @@ static void display(const char *, time_t); - static void dogmt(void); - static void errensure(void); - static void timeout(FILE *, const char *, const struct tm *); --static ATTRIBUTE_NORETURN void usage(void); -+ATTRIBUTE_NORETURN static void usage(void); - - int - main(const int argc, char *argv[]) -diff --git a/localtime.c b/localtime.c -index 1d22d351..3bf1b911 100644 ---- a/localtime.c -+++ b/localtime.c -@@ -838,7 +838,7 @@ is_digit(char c) - ** Return a pointer to that character. - */ - --static ATTRIBUTE_REPRODUCIBLE const char * -+ATTRIBUTE_REPRODUCIBLE static const char * - getzname(register const char *strp) - { - register char c; -@@ -859,7 +859,7 @@ getzname(register const char *strp) - ** We don't do any checking here; checking is done later in common-case code. - */ - --static ATTRIBUTE_REPRODUCIBLE const char * -+ATTRIBUTE_REPRODUCIBLE static const char * - getqzname(register const char *strp, const int delim) - { - register int c; -diff --git a/private.h b/private.h -index 7a73eff7..ae522986 100644 ---- a/private.h -+++ b/private.h -@@ -628,7 +628,7 @@ char *asctime(struct tm const *); - char *asctime_r(struct tm const *restrict, char *restrict); - char *ctime(time_t const *); - char *ctime_r(time_t const *, char *); --double difftime(time_t, time_t) ATTRIBUTE_UNSEQUENCED; -+ATTRIBUTE_UNSEQUENCED double difftime(time_t, time_t); - size_t strftime(char *restrict, size_t, char const *restrict, - struct tm const *restrict); - # if HAVE_STRFTIME_L -@@ -740,10 +740,10 @@ timezone_t tzalloc(char const *); - void tzfree(timezone_t); - # ifdef STD_INSPIRED - # if TZ_TIME_T || !defined posix2time_z --time_t posix2time_z(timezone_t, time_t) ATTRIBUTE_REPRODUCIBLE; -+ATTRIBUTE_REPRODUCIBLE time_t posix2time_z(timezone_t, time_t); - # endif - # if TZ_TIME_T || !defined time2posix_z --time_t time2posix_z(timezone_t, time_t) ATTRIBUTE_REPRODUCIBLE; -+ATTRIBUTE_REPRODUCIBLE time_t time2posix_z(timezone_t, time_t); - # endif - # endif - #endif -diff --git a/zdump.c b/zdump.c -index 7acb3e2d..3e482ba3 100644 ---- a/zdump.c -+++ b/zdump.c -@@ -89,7 +89,7 @@ static bool warned; - static bool errout; - - static char const *abbr(struct tm const *); --static intmax_t delta(struct tm *, struct tm *) ATTRIBUTE_REPRODUCIBLE; -+ATTRIBUTE_REPRODUCIBLE static intmax_t delta(struct tm *, struct tm *); - static void dumptime(struct tm const *); - static time_t hunt(timezone_t, time_t, time_t, bool); - static void show(timezone_t, char *, time_t, bool); -@@ -97,7 +97,7 @@ static void showextrema(timezone_t, char *, time_t, struct tm *, time_t); - static void showtrans(char const *, struct tm const *, time_t, char const *, - char const *); - static const char *tformat(void); --static time_t yeartot(intmax_t) ATTRIBUTE_REPRODUCIBLE; -+ATTRIBUTE_REPRODUCIBLE static time_t yeartot(intmax_t); - - /* Is C an ASCII digit? */ - static bool -@@ -125,7 +125,7 @@ is_alpha(char a) - } - } - --static ATTRIBUTE_NORETURN void -+ATTRIBUTE_NORETURN static void - size_overflow(void) - { - fprintf(stderr, _("%s: size overflow\n"), progname); -@@ -134,7 +134,7 @@ size_overflow(void) - - /* Return A + B, exiting if the result would overflow either ptrdiff_t - or size_t. */ --static ATTRIBUTE_REPRODUCIBLE ptrdiff_t -+ATTRIBUTE_REPRODUCIBLE static ptrdiff_t - sumsize(size_t a, size_t b) - { - #ifdef ckd_add -@@ -151,7 +151,7 @@ sumsize(size_t a, size_t b) - - /* Return a pointer to a newly allocated buffer of size SIZE, exiting - on failure. SIZE should be nonzero. */ --static void * ATTRIBUTE_MALLOC -+ATTRIBUTE_MALLOC static void * - xmalloc(size_t size) - { - void *p = malloc(size); -@@ -920,7 +920,7 @@ showextrema(timezone_t tz, char *zone, time_t lo, struct tm *lotmp, time_t hi) - # include - - /* A substitute for snprintf that is good enough for zdump. */ --static int ATTRIBUTE_FORMAT((printf, 3, 4)) -+ATTRIBUTE_FORMAT((printf, 3, 4)) static int - my_snprintf(char *s, size_t size, char const *format, ...) - { - int n; -diff --git a/zic.c b/zic.c -index 892414af..f143fcef 100644 ---- a/zic.c -+++ b/zic.c -@@ -459,20 +459,20 @@ static char roll[TZ_MAX_LEAPS]; - ** Memory allocation. - */ - --static ATTRIBUTE_NORETURN void -+ATTRIBUTE_NORETURN static void - memory_exhausted(const char *msg) - { - fprintf(stderr, _("%s: Memory exhausted: %s\n"), progname, msg); - exit(EXIT_FAILURE); - } - --static ATTRIBUTE_NORETURN void -+ATTRIBUTE_NORETURN static void - size_overflow(void) - { - memory_exhausted(_("size overflow")); - } - --static ATTRIBUTE_REPRODUCIBLE ptrdiff_t -+ATTRIBUTE_REPRODUCIBLE static ptrdiff_t - size_sum(size_t a, size_t b) - { - #ifdef ckd_add -@@ -487,7 +487,7 @@ size_sum(size_t a, size_t b) - size_overflow(); - } - --static ATTRIBUTE_REPRODUCIBLE ptrdiff_t -+ATTRIBUTE_REPRODUCIBLE static ptrdiff_t - size_product(ptrdiff_t nitems, ptrdiff_t itemsize) - { - #ifdef ckd_mul -@@ -502,7 +502,7 @@ size_product(ptrdiff_t nitems, ptrdiff_t itemsize) - size_overflow(); - } - --static ATTRIBUTE_REPRODUCIBLE ptrdiff_t -+ATTRIBUTE_REPRODUCIBLE static ptrdiff_t - align_to(ptrdiff_t size, ptrdiff_t alignment) - { - ptrdiff_t lo_bits = alignment - 1, sum = size_sum(size, lo_bits); -@@ -526,7 +526,7 @@ memcheck(void *ptr) - return ptr; - } - --static void * ATTRIBUTE_MALLOC -+ATTRIBUTE_MALLOC static void * - emalloc(size_t size) - { - return memcheck(malloc(size)); -@@ -538,7 +538,7 @@ erealloc(void *ptr, size_t size) - return memcheck(realloc(ptr, size)); - } - --static char * ATTRIBUTE_MALLOC -+ATTRIBUTE_MALLOC static char * - estrdup(char const *str) - { - return memcheck(strdup(str)); -@@ -608,7 +608,7 @@ eat(int fnum, lineno num) - eats(fnum, num, 0, -1); - } - --static void ATTRIBUTE_FORMAT((printf, 1, 0)) -+ATTRIBUTE_FORMAT((printf, 1, 0)) static void - verror(const char *const string, va_list args) - { - /* -@@ -626,7 +626,7 @@ verror(const char *const string, va_list args) - fprintf(stderr, "\n"); - } - --static void ATTRIBUTE_FORMAT((printf, 1, 2)) -+ATTRIBUTE_FORMAT((printf, 1, 2)) static void - error(const char *const string, ...) - { - va_list args; -@@ -636,7 +636,7 @@ error(const char *const string, ...) - errors = true; - } - --static void ATTRIBUTE_FORMAT((printf, 1, 2)) -+ATTRIBUTE_FORMAT((printf, 1, 2)) static void - warning(const char *const string, ...) - { - va_list args; -@@ -666,7 +666,7 @@ close_file(FILE *stream, char const *dir, char const *name, - } - } - --static ATTRIBUTE_NORETURN void -+ATTRIBUTE_NORETURN static void - usage(FILE *stream, int status) - { - fprintf(stream, -@@ -3597,7 +3597,7 @@ lowerit(char a) - } - - /* case-insensitive equality */ --static ATTRIBUTE_REPRODUCIBLE bool -+ATTRIBUTE_REPRODUCIBLE static bool - ciequal(register const char *ap, register const char *bp) - { - while (lowerit(*ap) == lowerit(*bp++)) -@@ -3606,7 +3606,7 @@ ciequal(register const char *ap, register const char *bp) - return false; - } - --static ATTRIBUTE_REPRODUCIBLE bool -+ATTRIBUTE_REPRODUCIBLE static bool - itsabbr(register const char *abbr, register const char *word) - { - if (lowerit(*abbr) != lowerit(*word)) -@@ -3622,7 +3622,7 @@ itsabbr(register const char *abbr, register const char *word) - - /* Return true if ABBR is an initial prefix of WORD, ignoring ASCII case. */ - --static ATTRIBUTE_REPRODUCIBLE bool -+ATTRIBUTE_REPRODUCIBLE static bool - ciprefix(char const *abbr, char const *word) - { - do -@@ -3725,14 +3725,14 @@ getfields(char *cp, char **array, int arrayelts) - return nsubs; - } - --static ATTRIBUTE_NORETURN void -+ATTRIBUTE_NORETURN static void - time_overflow(void) - { - error(_("time overflow")); - exit(EXIT_FAILURE); - } - --static ATTRIBUTE_REPRODUCIBLE zic_t -+ATTRIBUTE_REPRODUCIBLE static zic_t - oadd(zic_t t1, zic_t t2) - { - #ifdef ckd_add -@@ -3746,7 +3746,7 @@ oadd(zic_t t1, zic_t t2) - time_overflow(); - } - --static ATTRIBUTE_REPRODUCIBLE zic_t -+ATTRIBUTE_REPRODUCIBLE static zic_t - tadd(zic_t t1, zic_t t2) - { - #ifdef ckd_add From patchwork Tue Jul 18 14:25:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27629 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1923EB64DA for ; Tue, 18 Jul 2023 14:26:39 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.9004.1689690391977317392 for ; Tue, 18 Jul 2023 07:26:32 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=UX7tpM+r; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-66869feb7d1so3832078b3a.3 for ; Tue, 18 Jul 2023 07:26:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690391; x=1692282391; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NGjFRNpZYoijGvrDmhLHVOxJkqeI4AXQfvu+eRAjabg=; b=UX7tpM+rLtJ5aI6zmBTuIEhRQIkgQlQXlXMzkOtA43SL09HfeUGuBEMvBtGhhyS9Rq uUF4qZJHqVxpiTFNVuJ5/S1XyBhZvPlX9NWWbOJpseUxM27O6hG+zFpqAGI5JRHm3dUJ tnhooDkc4qQ8MwUXraCfaLz/49R5FU6vtKEU+orjptOVe/trj3fD/+Jp7SLSA6aH6YX9 Vyuk4usJ0Xo5HIOFs2oICOCf2qQ09UKV9cPZHv/azutUCEDv14CZcw/rxE7LzqLwqd7X +ZHACvAVBSgQqVEhenITG90zzAxj0tZqOQ5IeKAmR26E9ol3pxtFDbBH3ZMiJSrT6iS0 5A0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690391; x=1692282391; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NGjFRNpZYoijGvrDmhLHVOxJkqeI4AXQfvu+eRAjabg=; b=lZzlT3Y9B+QU6j3zowB7vVZ135XeKe7tqedjuuUr7LQXaZ3Rdfb0fx4vrPKPJhYiHw qJQdxgQYGjkmNky1lNbl7tIP7sN7tySzWN2Df5ImBV6fJ5v95JazusJ6quJvlsRAKXEx o42VmUJBySvTOfcvWCXRy48I0bBqjNVzIFpQ43MjI3JazZzFO2yLK7XmNaiT465xpEx7 p3iFhPB4Qj4CoVbN48hdth3N06nMad1Vtn3ecKEUPhpwhrsFoC0NxgVYSQlue+on5N7M WzLMwUTy0XrCwnefISQq8mtr+GzFgwAMi5KndZVgQUPSyQ4HOO+rjv2/t/1bPoXXfo8r 8Ogw== X-Gm-Message-State: ABy/qLYwFzMZcvlJPhzb/nWZLAOYuceiDJm0ef+DO8tjfjfjlta7DKx7 jvdA3OPujXUMAmQXBLIwkjVpMaHXBGH+NK60lp8= X-Google-Smtp-Source: APBJJlFUF1KpQ8i0mBeHS+v96VEj5hsjQq/tnnaO1byNMWI5qXlpoWrorke4En8TF30b+6iFpVlwfQ== X-Received: by 2002:a05:6a20:3c8d:b0:134:d4d3:f0a8 with SMTP id b13-20020a056a203c8d00b00134d4d3f0a8mr5670574pzj.3.1689690390958; Tue, 18 Jul 2023 07:26:30 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:30 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 08/27] serf: upgrade 1.3.9 -> 1.3.10 Date: Tue, 18 Jul 2023 04:25:42 -1000 Message-Id: <275c6b7ac72330e14ba55907e8494314b63a9adf.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:39 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184512 From: Alexander Kanavin Apache Serf 1.3.10 [2023-05-31, from tags/1.3.10, r1910048] Support for OpenSSL 3 (r1901937, ...) Fix issue #171: Win32: Running tests fails with "no OPENSSL_Applink" error Fix issue #194: Win32: Linking error when building against OpenSSL 1.1+ Fix issue #198: OpenSSL BIO control method incorrectly handles unknown requests Fix issue #202: SSL tests are not passing with OpenSSL 3 Fix error handling when reading the outgoing request body (r1804534, ...) Fix handling of invalid chunk lengths in the dechunk bucket (r1804005, ...) Fix an endless loop in the deflate bucket with truncated input (r1805301) Fix BIO control handlers to support BIO_CTRL_EOF (r1902208) Fix a CRT mismatch issue caused by using certain OpenSSL functions (r1909252) Build changes to support VS2017, VS2019 and VS2022 (r1712131, ...) Build changes to support Python 3 (r1875933) As serf is undead, we need to reassess all the remaining patches. Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit 775cbcc876edcb6c339f342a3253f5afcf6ef163) Signed-off-by: Steve Sakoman (cherry picked from commit 17a46eee905f0ecfdbebb014533848dc7e906ec7) Signed-off-by: Steve Sakoman --- ...print-in-the-scons-file-to-unbreak-b.patch | 29 ------------------- ...sl_buckets.c-do-not-use-ERR_GET_FUNC.patch | 28 ------------------ ...11083-fix-building-with-scons-3.0.0-.patch | 29 ------------------- ...ories.without.sandbox-install.prefix.patch | 2 +- .../serf/{serf_1.3.9.bb => serf_1.3.10.bb} | 6 +--- 5 files changed, 2 insertions(+), 92 deletions(-) delete mode 100644 meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch delete mode 100644 meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch delete mode 100644 meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch rename meta/recipes-support/serf/{serf_1.3.9.bb => serf_1.3.10.bb} (78%) diff --git a/meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch b/meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch deleted file mode 100644 index 4a5832ac1a..0000000000 --- a/meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 99f6e1b0d68281b63218d6adfe68cd9e331ac5be Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Mon, 3 Sep 2018 10:50:08 -0700 -Subject: [PATCH] Fix syntax of a print() in the scons file to unbreak building - with most recent scons version. - -* SConstruct Use Python 3.0 valid syntax to make Scons 3.0.0 happy on both python - 3.0 and 2.7. - -Upstream-Status: Backport -[https://svn.apache.org/viewvc/serf/trunk/SConstruct?r1=1809132&r2=1811083&diff_format=h] -Signed-off-by: Khem Raj ---- - SConstruct | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/SConstruct b/SConstruct -index 1670459..18a45fa 100644 ---- a/SConstruct -+++ b/SConstruct -@@ -184,7 +184,7 @@ CALLOUT_OKAY = not (env.GetOption('clean') or env.GetOption('help')) - - unknown = opts.UnknownVariables() - if unknown: -- print 'Warning: Used unknown variables:', ', '.join(unknown.keys()) -+ print('Warning: Used unknown variables:', ', '.join(unknown.keys())) - - apr = str(env['APR']) - apu = str(env['APU']) diff --git a/meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch b/meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch deleted file mode 100644 index 91ccc8a474..0000000000 --- a/meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 2f45711a66ff99886b6e4a5708e2db01a63e5af4 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin -Date: Fri, 10 Sep 2021 11:05:10 +0200 -Subject: [PATCH] buckets/ssl_buckets.c: do not use ERR_GET_FUNC - -Upstream removed it in -https://github.com/openssl/openssl/pull/16004 - -Upstream-Status: Inactive-Upstream [lastrelease: 2015, lastcommit: 2019] -Signed-off-by: Alexander Kanavin ---- - buckets/ssl_buckets.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/buckets/ssl_buckets.c b/buckets/ssl_buckets.c -index b01e535..9801f87 100644 ---- a/buckets/ssl_buckets.c -+++ b/buckets/ssl_buckets.c -@@ -1325,8 +1325,7 @@ static int ssl_need_client_cert(SSL *ssl, X509 **cert, EVP_PKEY **pkey) - return 0; - } - else { -- printf("OpenSSL cert error: %d %d %d\n", ERR_GET_LIB(err), -- ERR_GET_FUNC(err), -+ printf("OpenSSL cert error: %d %d\n", ERR_GET_LIB(err), - ERR_GET_REASON(err)); - PKCS12_free(p12); - bio_meth_free(biom); diff --git a/meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch b/meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch deleted file mode 100644 index 02fa9e3a06..0000000000 --- a/meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 565211fd082ef653ca9c44a345350fc1451f5a0f Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Mon, 3 Sep 2018 11:12:38 -0700 -Subject: [PATCH] Follow-up to r1811083 fix building with scons 3.0.0 and - Python3 - -* SConstruct: Append decode('utf-8) to FILE.get_contents() to avoid - TypeError: cannot use a string pattern on a bytes-like object - -Upstream-Status: Backport -[https://svn.apache.org/viewvc/serf/trunk/SConstruct?r1=1811088&r2=1814604] -Signed-off-by: Khem Raj ---- - SConstruct | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/SConstruct b/SConstruct -index 877731e..7678bb1 100644 ---- a/SConstruct -+++ b/SConstruct -@@ -169,7 +169,7 @@ env.Append(BUILDERS = { - match = re.search('SERF_MAJOR_VERSION ([0-9]+).*' - 'SERF_MINOR_VERSION ([0-9]+).*' - 'SERF_PATCH_VERSION ([0-9]+)', -- env.File('serf.h').get_contents(), -+ env.File('serf.h').get_contents().decode('utf-8'), - re.DOTALL) - MAJOR, MINOR, PATCH = [int(x) for x in match.groups()] - env.Append(MAJOR=str(MAJOR)) diff --git a/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch b/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch index 4105868a7e..91640d6044 100644 --- a/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch +++ b/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch @@ -31,7 +31,7 @@ ERROR: scons install execution failed. and the installed paths (including the paths inside libserf*.pc) look correct -Upstream-Status: Inactive-Upstream [lastrelease: 2015, lastcommit: 2019] +Upstream-Status: Pending Signed-off-by: Martin Jansa diff --git a/meta/recipes-support/serf/serf_1.3.9.bb b/meta/recipes-support/serf/serf_1.3.10.bb similarity index 78% rename from meta/recipes-support/serf/serf_1.3.9.bb rename to meta/recipes-support/serf/serf_1.3.10.bb index 669f42b8e7..c6b51452aa 100644 --- a/meta/recipes-support/serf/serf_1.3.9.bb +++ b/meta/recipes-support/serf/serf_1.3.10.bb @@ -7,16 +7,12 @@ HOMEPAGE = "http://serf.apache.org/" SRC_URI = "${APACHE_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ file://norpath.patch \ file://env.patch \ - file://0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch \ file://0002-SConstruct-Fix-path-quoting-for-.def-generator.patch \ file://0003-gen_def.patch \ - file://0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch \ file://SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch \ - file://0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch \ " -SRC_URI[md5sum] = "370a6340ff20366ab088012cd13f2b57" -SRC_URI[sha256sum] = "549c2d21c577a8a9c0450facb5cca809f26591f048e466552240947bdf7a87cc" +SRC_URI[sha256sum] = "be81ef08baa2516ecda76a77adf7def7bc3227eeb578b9a33b45f7b41dc064e6" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" From patchwork Tue Jul 18 14:25:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27631 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 110A0EB64DD for ; Tue, 18 Jul 2023 14:26:40 +0000 (UTC) Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by mx.groups.io with SMTP id smtpd.web10.9102.1689690393467748559 for ; Tue, 18 Jul 2023 07:26:33 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Av1F8svI; spf=softfail (domain: sakoman.com, ip: 209.85.210.179, mailfrom: steve@sakoman.com) Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-666e3b15370so4192313b3a.0 for ; Tue, 18 Jul 2023 07:26:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690392; x=1692282392; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=9V9t49kFK3EdrLcwG+P562ZS41hbFeUPviasuScz7s0=; b=Av1F8svIdrHA1KirPNkptPMSLVLUwHUk6UeToNT0YXjkjh8RDAFBG58hSv+/NM1W7g UbiPUBj1pbXS+k+ySACIYYK7k+hkBPF1ds/rYx5ccyzWVs9HA67wrS9BpwNJbQtZIKFQ NGFSE7KyJrM01oIucHeHSZnloEPVgoW6P/yVh7gQ2tImxK9BSYNzKPxujRYoBZngmX2v H6hyvx363k1XazqGSaOOQWJwSMeraZxEQCIuUAdrmpD23t8gzWWR2D4hqb6iOzOv54aM i3yMRm3C+mjFFiyUlhLVCBBpWSNo+/r85Z7SYt9G5p/zpx2HYHlVG0jsbPboAk3Rbuea JvdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690392; x=1692282392; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9V9t49kFK3EdrLcwG+P562ZS41hbFeUPviasuScz7s0=; b=anOns0mWwMF5EypYOP3l6EA95pYWVofhIxcJAKqtdScmOtW7n4NAnjJXhNPL7G/dIf /lZkFE1kCA/DJ/9sRN/5OwTYEhVuk39LIMFTtwfB9tq0ko/M/nGnvqoWj0zB8RewdTpI 2BcvccqDWYadToQ8IE8V5K6AgnbXM0iNNmkTHaKM+JZDZ/1mQ+N2e+H8EvwiuqBcp/CD 0zdZ/fhwPV69b2N5awO5Binz4tOkW44eN2db0KrdKF146RHefQS18GQOY2TJsj7JYPsM gURufR97t1LXGm+tkEfNOwbVN9uCrqlHEBlraVl+XnMKsjKwi5mYhdlk6NP/2d0YwV8t tdSA== X-Gm-Message-State: ABy/qLaA0y6abqcHMS96zHOb9GFoGo3igaFb3PAHFcDFNf/fjvFjlloB Ws/boQAla47Nxh5QYPSR6zkwWRGXOKeceSCkLwg= X-Google-Smtp-Source: APBJJlGmQTvQIb8J/FaTTT5PQ+udFe5EZ+6+eo9DK0R+brZvdS+DJQY88EKS/RG+JqP3QRPRZDiSNw== X-Received: by 2002:a05:6a00:ad1:b0:67d:22a6:2f54 with SMTP id c17-20020a056a000ad100b0067d22a62f54mr3164683pfl.31.1689690392516; Tue, 18 Jul 2023 07:26:32 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:31 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 09/27] wget: upgrade 1.21.3 -> 1.21.4 Date: Tue, 18 Jul 2023 04:25:43 -1000 Message-Id: <024feac4827dc847ba83a64de82cef524156a9ea.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:40 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184513 From: Alexander Kanavin Stable version release Noteworthy changes in release 1.21.4 (2023-05-11) ** Document --retry-on-host-error in help text ** Increase read buffer size to 64k. This should speed up downloads on gigabit and faster connections ** Update deprecated option '--html-extension' to '--adjust-extension' in documentation ** Update gnulib compatibility layer. Fixes HSTS test failures on i686. (Thanks to Andreas Enge for ponting it out) License-Update: copyright years Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit 67ec2d5bab891cb92af9ca32304a4927daf51ed0) Signed-off-by: Steve Sakoman (cherry picked from commit 4e7ec4bef86c79b4221a800ace700c58ce033de1) Signed-off-by: Steve Sakoman --- meta/recipes-extended/wget/wget.inc | 2 +- meta/recipes-extended/wget/{wget_1.21.3.bb => wget_1.21.4.bb} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-extended/wget/{wget_1.21.3.bb => wget_1.21.4.bb} (60%) diff --git a/meta/recipes-extended/wget/wget.inc b/meta/recipes-extended/wget/wget.inc index 58cb5ca73d..30abaff7b7 100644 --- a/meta/recipes-extended/wget/wget.inc +++ b/meta/recipes-extended/wget/wget.inc @@ -7,7 +7,7 @@ FTP sites" HOMEPAGE = "https://www.gnu.org/software/wget/" SECTION = "console/network" LICENSE = "GPL-3.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=c678957b0c8e964aa6c70fd77641a71e" +LIC_FILES_CHKSUM = "file://COPYING;md5=6f65012d1daf98cb09b386cfb68df26b" inherit autotools gettext texinfo update-alternatives pkgconfig diff --git a/meta/recipes-extended/wget/wget_1.21.3.bb b/meta/recipes-extended/wget/wget_1.21.4.bb similarity index 60% rename from meta/recipes-extended/wget/wget_1.21.3.bb rename to meta/recipes-extended/wget/wget_1.21.4.bb index f176a1546c..1d31b0116d 100644 --- a/meta/recipes-extended/wget/wget_1.21.3.bb +++ b/meta/recipes-extended/wget/wget_1.21.4.bb @@ -2,6 +2,6 @@ SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \ file://0002-improve-reproducibility.patch \ " -SRC_URI[sha256sum] = "5726bb8bc5ca0f6dc7110f6416e4bb7019e2d2ff5bf93d1ca2ffcc6656f220e5" +SRC_URI[sha256sum] = "81542f5cefb8faacc39bbbc6c82ded80e3e4a88505ae72ea51df27525bcde04c" require wget.inc From patchwork Tue Jul 18 14:25:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27628 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 05D77C001DC for ; Tue, 18 Jul 2023 14:26:40 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web11.9007.1689690396642331346 for ; Tue, 18 Jul 2023 07:26:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=HqnEqVno; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-66767d628e2so3733688b3a.2 for ; Tue, 18 Jul 2023 07:26:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690396; x=1692282396; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DW7Wu7mxAK+eXexbz9GTusNt/WCsgIZSbqYMWzY1VWE=; b=HqnEqVnoeV3zfalb4+6UF/D1LFY9vGNYle3RbbT3ZAPmLmYfVh5BbKv961Sf5MPnxb 3vD3UfxXkqo49KyLRsKD8hiZazDHRE7c9XrIkMYL93fAyUGwnHTD/uALbPjdTrs7g/L2 VEKPxDA/HNCk2aLJINusOcn2X4gaVY3qLJhg5lxmtlmKlu7Oi9tV2WdDLh+bpHhaY4wL +3EPRejWAyjGyBZpBzSyAzU85yc+iPBEU4j2K1OFFQidAyD0JYhLLy+sgApFtnzg1FHf 7+oCGTTK1ECvaVLJ+80DC1QSl0Jkb896hMocZ4vyaQrnBlYkUJT+Anm3/gtGMb2FDd9R mKQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690396; x=1692282396; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DW7Wu7mxAK+eXexbz9GTusNt/WCsgIZSbqYMWzY1VWE=; b=RJu5l3CH47D8SrCETieeP2YiVtjfhRF1QY6WGOgkHZvZJWAN+8tO5zFhukjDk0/lju vBanuU5V+1yD0Y7klWvfFgq4P7Uhb5q/0xl78YiOaOfclfTSe1htSxCbu75erIMyy5ZT FywXSUQkYS48OH3wrPfWzhKNkYZC2IIJ8JHyG4IJj7BXVfI9nd0QI453LmfuTkGA8YGi qjhxquF93sU3+cisnM8PCKlFD8vn2rFvRZPayNos7eFIGWybmwzJqHClscXJrnIfSr+T bhcuZqqlXRawMFyOg56IHvfW/quP/J4W3/9eBqOHJMls05rE1H6eLBgToYsDr2BTp4NB ZA2g== X-Gm-Message-State: ABy/qLaQjGn1Cq6Kc+mRW2xICrJbuYdAT2hh2CIrhZzW2EuLRZOXHOTM APTls9brgGcq87Wd5IWp871E7b1A4c4tGDTpZLQ= X-Google-Smtp-Source: APBJJlGiNCgp8NQlVsrusyh2//t1hAwI1e293G82S8BRhDPvPCQHgRy1FKBSKb+boPZhU6Hfud/+Wg== X-Received: by 2002:a05:6a20:8f2a:b0:12e:7c29:a6dd with SMTP id b42-20020a056a208f2a00b0012e7c29a6ddmr15132485pzk.43.1689690395729; Tue, 18 Jul 2023 07:26:35 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:35 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 10/27] linux-firmware: upgrade 20230404 -> 20230515 Date: Tue, 18 Jul 2023 04:25:44 -1000 Message-Id: <8ac5ebfa83c3e1f5effca5154b771b2f2bed607d.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:40 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184514 From: Alexander Kanavin License-Update: additional firmwares Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit 64603f602d00999220fe5bafeed996ddcb56d36b) Signed-off-by: Steve Sakoman --- ...{linux-firmware_20230404.bb => linux-firmware_20230515.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230404.bb => linux-firmware_20230515.bb} (99%) diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb similarity index 99% rename from meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb rename to meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb index 7412c022ba..3470131294 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb @@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ " # WHENCE checksum is defined separately to ease overriding it if # class-devupstream is selected. -WHENCE_CHKSUM = "0782deea054d4b1b7f10c92c3a245da4" +WHENCE_CHKSUM = "a0997fc7a9af4e46d96529d6ef13b58a" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -212,7 +212,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "c3f9ad2bb5311cce2490f37a8052f836703d6936aabd840246b6576f1f71f607" +SRC_URI[sha256sum] = "8b1acfa16f1ee94732a6acb50d9d6c835cf53af11068bd89ed207bbe04a1e951" inherit allarch From patchwork Tue Jul 18 14:25:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27630 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F194AEB64DC for ; Tue, 18 Jul 2023 14:26:39 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.9106.1689690399127054709 for ; Tue, 18 Jul 2023 07:26:39 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=5cBjMAls; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-668709767b1so4184158b3a.2 for ; Tue, 18 Jul 2023 07:26:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690398; x=1692282398; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Kt/XbxmG+DaKiq4QLpH7zUl/F8V/rDu/vF363Vfl95I=; b=5cBjMAls6MNPUjklApMguWvUBsgB+k3zh7y5N6MQzzuw+1QLRGlcVXofQWsQh6E9Iy 5bgMz0SfMR+76Y8g5MtSE/6y6uM8Dqs/ErT0A2X8UKoOtAeh8/zunw5WgMfkLB3kOYHb tGydZhMhIgSMyxVKyk84netzqDD+dUFJ/BYuZu/TwR+G0S6cbuIpZdkABbF9HULSSfk9 /9Zu1zej/3ROaqzmjWNebLp6PDnRTw6dzHC4rL2PB4SI71D6D17nacHIa7m35sq2Lt91 IyIkCISwwuBCjcrI88kdZT/09tpszbaU2bZsXUGb9v91GuO0cTgw7ZtXx7XPtyBAcNOz 1uaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690398; x=1692282398; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Kt/XbxmG+DaKiq4QLpH7zUl/F8V/rDu/vF363Vfl95I=; b=Uu7eNzHao293C0GxqmSHHgXqgwP3k94U6XHbz1oBt3Fd33D8AkauH43Dc7UXq9Twpc KnZ7VZ+3EQiEYVam5RVLCGa/kcNf0o4fN/M4W6UHY8h43rb6CivYHOdISXcwV/euDht7 e2WKucB233C9r0Uee7JD31vfvPavzxSuLPq/M0/UZu2q9Zxzm1ZQ62rbag5XDxO+cBue O8xyIR9Hl9rtaV2qi0b4pVClhn/fPGNR9DIZNE8nTJlvql1Iw+onbf4sGtSw2OHps8MR s1g9N1glvFvIilHARTF4GGK3f/GL7o8zOAQlktUQYBtCAdEMdURORBVSCFA+3BmHheSM yAlQ== X-Gm-Message-State: ABy/qLaNMiLKLz5GBxmbov+cHA9HixjF1YrpnlyKNI1X0cVolvLRWbF3 rj/7JkO5ekHD+3omZZegFIcb/UG2P2NIS/ov6/U= X-Google-Smtp-Source: APBJJlE+vW0J/2EcpG20YVw5HI5zDBeuhuYGzPDpEs4uo9XcV/8b36IrizcXUOS+E0Uw/TLu5Iwi2Q== X-Received: by 2002:a05:6a00:ad1:b0:67d:22a6:2f54 with SMTP id c17-20020a056a000ad100b0067d22a62f54mr3165056pfl.31.1689690398293; Tue, 18 Jul 2023 07:26:38 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:37 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 11/27] wireless-regdb: upgrade 2023.02.13 -> 2023.05.03 Date: Tue, 18 Jul 2023 04:25:45 -1000 Message-Id: <1eebdfba70ceaa8d73ab46c3131d022e53245eaa.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:39 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184515 From: Alexander Kanavin Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit 47438402fa430499864a4b1f1a13eaac66aa21c0) Signed-off-by: Steve Sakoman --- ...ireless-regdb_2023.02.13.bb => wireless-regdb_2023.05.03.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.02.13.bb => wireless-regdb_2023.05.03.bb} (94%) diff --git a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.02.13.bb b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb similarity index 94% rename from meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.02.13.bb rename to meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb index ce60154f1e..cd3f52fc76 100644 --- a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.02.13.bb +++ b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb @@ -5,7 +5,7 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" -SRC_URI[sha256sum] = "fe81e8a8694dc4753a45087a1c4c7e1b48dee5a59f5f796ce374ea550f0b2e73" +SRC_URI[sha256sum] = "f254d08ab3765aeae2b856222e11a95d44aef519a6663877c71ef68fae4c8c12" inherit bin_package allarch From patchwork Tue Jul 18 14:25:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27633 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1BF3EB64DC for ; Tue, 18 Jul 2023 14:26:49 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web10.9110.1689690401517630767 for ; Tue, 18 Jul 2023 07:26:41 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=K/6VPwQY; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-666e64e97e2so3837673b3a.1 for ; Tue, 18 Jul 2023 07:26:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690400; x=1692282400; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MpW6zLGyGx0pBVvYz248dp9zo25tRFBwEDw286/kies=; b=K/6VPwQYjH8txDCxm7S9akW7Z3LD6B4rq1R67hermCYTCJo3OzoR4sI2ZeIJy0/PtP l+fgZfa0TPqDec6DDDcPTfnkfzw24vdFF8D2ulwur5oHQ4X7l6+JCmcqhpAl59Ym19m9 VS1q70ZVU2F6B2H5aT2bEErUmaxnwXLV4n4rOjTFZefAIXzgxBNrSzK9OkscXOtvcnpM GL6oVTxhW7o5YJkHfeNJA5GtPU46z4mkSP30b+K4bw8M31pmHvxZ4cNKaZU2XP+IIUcu 49nv30feSDAvT/5eknHuGGT0SqWs0eQ2ZxcO31utXl+boMuqpe0XVK46toPEJnchzWGc eBxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690400; x=1692282400; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MpW6zLGyGx0pBVvYz248dp9zo25tRFBwEDw286/kies=; b=l5k4H5dwydISC+msL/2ej2hgG4ZRYjD1hNC6MXs0ZaNUGCyZ3k4M17ehdDERYqmrmC caNv2+3Ui2NKrcdL0NE7bg2k1r7VnI4bkHnib/EKIPU3LsLnuQNvuTiywmZ5/jblSABI CsRQam6iY9Yne0Gg6ue/Uw/5/HKwCBd4PVyv+oypPFFS2bPG5nua5jWrNjyQQTnCzSEW N50qYUNmNopYDfrhtVhiu1SWMLOhWfcGWKjGfBHsqY3w8LxaVcyTUtYgVPzl6WezUoJN RcOCtH/R9UMH19HDX6x+hFtpqeLB0qh7PRtC8LZIPkiideuJoFf5BccBYVCPjjYSDiof ouiw== X-Gm-Message-State: ABy/qLY/7MzvqhjFDWMhUNzHN4PNS+NZORJjeFcpDA0/5+4Q7F57YO7l rZchNwDtVhiS2cI+QbYUc77m/3vCUg7jjudbICw= X-Google-Smtp-Source: APBJJlHugmUM8HHHYpLvn7QIlPAOX2YLMCZkYjXcujAoGmLvtGB1L8H9zhicOnSyYNO0T97yrcNHXA== X-Received: by 2002:a05:6a00:a1b:b0:682:9162:7218 with SMTP id p27-20020a056a000a1b00b0068291627218mr19373178pfh.15.1689690400544; Tue, 18 Jul 2023 07:26:40 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:39 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 12/27] vim: upgrade 9.0.1527 -> 9.0.1592 Date: Tue, 18 Jul 2023 04:25:46 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:49 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184516 From: Trevor Gamblin Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2609 d1ae836 patch 9.0.1531: crash when register contents ends up being invalid https://nvd.nist.gov/vuln/detail/CVE-2023-2610 ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text Signed-off-by: Trevor Gamblin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 1e4b4dfb4145bc00eb6937b5f54a41170e9a5b4c) Signed-off-by: Steve Sakoman --- meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index e1d2563316..33ae0d8079 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".1527" -SRCREV = "c28e7a2b2f23dbd246a1ad7ad7aaa6f7ab2e5887" +PV .= ".1592" +SRCREV = "29b4c513b11deb37f0e0538df53d195f602fa42c" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" From patchwork Tue Jul 18 14:25:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27632 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3F05C3DA41 for ; Tue, 18 Jul 2023 14:26:49 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.9115.1689690405416531227 for ; Tue, 18 Jul 2023 07:26:45 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=OcktTLBv; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-668711086f4so3573174b3a.1 for ; Tue, 18 Jul 2023 07:26:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690404; x=1692282404; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=s0hFXY7Q/PRQUXNK8QHa3v5nxDHxWGmeS0QiFQ1zDzI=; b=OcktTLBvt/RteorDWZnL2/zqxWBfuZMS24Z/pHrWmLpaXRJH4DDTURy/8KfNGVfmFv KEYrSGdBSO6JVJKSULYj//MBiEqFe/qbtYkkwpaZ/E8cD8ytYUO/+5MYSy9j97qsE29T aVux8IX4G6EyGhFnQbPKNxUoLnUR9lhCInD4hZgXRdurqzBFyZE/evUR+AzKnRu3bywR wy74B7d0PnRjGbYwVBrRlcjDur6XDw6yADAW8betAlfqolfZzl2rOw0EZ1YEA4JtZzEe /IDjWAq2dyWqF9OYVEzN7IyuZeBWeyZfmqeu5FjERgYLXl6ZQWn9AUp6FJyqS5LggBNv fA9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690404; x=1692282404; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=s0hFXY7Q/PRQUXNK8QHa3v5nxDHxWGmeS0QiFQ1zDzI=; b=JvIQXtGe32wBFCcKOnTjvHdkjPkRuVAYh5deLRWrImKRCgu9bke+w0rt6e3Na1fo7i d9ku2R2dEnmNCV38X6n48w4kneH+HnH3MjJx8apO5kocpdUhDQo/pjt7JFX2xypg+JqD fELXzNuu97z6AuawL87NX2fxjDfPDaJcDt29zEhWIy0MoEJFY/lG6DjIv8VSBv76PuBT UfoymcmG/Eq9deerQKUatxqO1zh0hXqDmNtdC61rOklTmb2kC0epc+1RLp8rug3EBDYj FhMVEHESETOP4RFH7BM3QJkEfhZDEeaex4x1TpB8zYRsWWjExXChocgNcTq/kdHZ9Iqs 1Ksg== X-Gm-Message-State: ABy/qLb+JKZ8KTg2T6YhvFGCAOiflEmsvyNV9YThN/ROnqjSTdRiYA/y 1D4vKR/Bq/zfcEd3XIaVpYQTLG4d2Qxng8xpH7U= X-Google-Smtp-Source: APBJJlEAlCoJm1NOKIZ0YgphFKiF8QCgmp0qoIiE4UO3/YGohtGyLdCaKngNczXxcqsqsjkyp+ddOg== X-Received: by 2002:a05:6a00:2da1:b0:682:93ce:4825 with SMTP id fb33-20020a056a002da100b0068293ce4825mr18040522pfb.3.1689690404507; Tue, 18 Jul 2023 07:26:44 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:43 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 13/27] selftest reproducible.py: support different build targets Date: Tue, 18 Jul 2023 04:25:47 -1000 Message-Id: <3b82a7d74995c0670a6914c58b3d7c42327b8ee9.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:49 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184517 From: Mikko Rapeli Allow users to set different build reproducibility targets than the defaults using OEQA_REPRODUCIBLE_TEST_TARGET and OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS variables in local.conf. Fixing all issues from "world" builds is not possible in some complex build environments with lots of layers. Limiting the focus to a smaller subset allows using this test to detect and fix build reproduction issues incrementally. Signed-off-by: Mikko Rapeli Signed-off-by: Alexandre Belloni (cherry picked from commit c66bebbce5995e386a1a4d055a914a39b6ee518d) Signed-off-by: Steve Sakoman --- meta/lib/oeqa/selftest/cases/reproducible.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py index 2c9bc0bf90..98259ae515 100644 --- a/meta/lib/oeqa/selftest/cases/reproducible.py +++ b/meta/lib/oeqa/selftest/cases/reproducible.py @@ -132,9 +132,13 @@ class ReproducibleTests(OESelftestTestCase): max_report_size = 250 * 1024 * 1024 # targets are the things we want to test the reproducibility of - targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline', 'core-image-weston', 'world'] + targets = get_bb_var("OEQA_REPRODUCIBLE_TEST_TARGET") + if targets: + targets = targets.split() + else: + targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline', 'core-image-weston', 'world'] # sstate targets are things to pull from sstate to potentially cut build/debugging time - sstate_targets = [] + sstate_targets = (get_bb_var("OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS") or "").split() save_results = False if 'OEQA_DEBUGGING_SAVED_OUTPUT' in os.environ: save_results = os.environ['OEQA_DEBUGGING_SAVED_OUTPUT'] From patchwork Tue Jul 18 14:25:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27634 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1BC4EB64DA for ; Tue, 18 Jul 2023 14:26:49 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.9015.1689690408136485139 for ; Tue, 18 Jul 2023 07:26:48 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=AqKTaPDU; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-668711086f4so3573213b3a.1 for ; Tue, 18 Jul 2023 07:26:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690407; x=1692282407; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=XIepBY8k7tKz2JB08d2zJjTMmG7jcBBJO59iVolCAbo=; b=AqKTaPDUk5a+VqrGiyX+t4CyQT+7ONVu9A0N05lM+HEBgoXYcKdMglMuFudWDIz4SI i+fmbs4QMEzYQn1e3PGJh1w+vPj3bGYM0a9MalwCriVUY08Pm8N+LZqnTivP8Z7ncnnJ IV+IKxL7NtYtGZK6sPknZ3yHVoyfTo7YE/g4dksqtPsIkJL3qxr5rgQ7rszOqATz32vp PUBtehIBk2BdCTFqUwE0lFmoRxAtjmAjf7SS+1CUbzXbZYsWrBBOHskcm0G7r5LHIKMo U29LQQcFLHjeZ/OECMxLv0D5Oh9B403BX6VFhON/KUf/XZiXmptm01U8jFHGPQlFXV6M zJtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690407; x=1692282407; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XIepBY8k7tKz2JB08d2zJjTMmG7jcBBJO59iVolCAbo=; b=Ri9oXMYZQ03e1e+ePiIiI9gmJ1WJJPAQajrJthYVVM7hRzqdSS1O3d7VM7KESdcTXd LpmjYHlZcECN+8VjqoYG6SCl6LAYd+chceu+Tj5uZ6zYwQAFq/wovlSIDP56v5T1nnFv 7Dk/zu+2pAE4Vu9yGLA/LXzJ1ggEWCbPFuYGewtO1LxmkYKYhULT4STYt17DavYAiDfm abvHjz+uLjkJ7/nD1DavyA+iS1Jk61peq1mfnkQqKAQ7HYNizpyPv2zI/3hFOvEofXvS NziCGiiQTOOtzJ1gc38E0Rq3hjk1qD5FnbJ8FN09dDpgl1nxBU321SFmqgosy3mf2Gra ZOzQ== X-Gm-Message-State: ABy/qLbfu/V8XH1LiJoneOONEWYnEZZbJ4DrAmbTiEl4l29m9CSTrRP+ /+Qq9zhuDWg/NMnhxmUEXwIeRsZnbWIVawts9sQ= X-Google-Smtp-Source: APBJJlHLzJ6W4jBVA5f+d61xTKodUb2Ms8cb+OZHkHNniTjkUk6KPMfy1oYZgaLKJudF96kAWEM1rg== X-Received: by 2002:a05:6a00:194c:b0:657:1fe5:eb63 with SMTP id s12-20020a056a00194c00b006571fe5eb63mr16324786pfk.7.1689690407179; Tue, 18 Jul 2023 07:26:47 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:46 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 14/27] selftest/reproducible: Allow chose the package manager Date: Tue, 18 Jul 2023 04:25:48 -1000 Message-Id: <4402b746f49611abe71719dd1d174de79bb030bb.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:49 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184518 From: Jose Quaresma This is a follow-up of 76e5fcb2 that also allow users to chose the package manager using OEQA_REPRODUCIBLE_TEST_PACKAGE Signed-off-by: Jose Quaresma Signed-off-by: Richard Purdie (cherry picked from commit 3d414d85b44077bac57aba36707b0fc699a73e97) Signed-off-by: Steve Sakoman --- meta/lib/oeqa/selftest/cases/reproducible.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py index 98259ae515..49318be43a 100644 --- a/meta/lib/oeqa/selftest/cases/reproducible.py +++ b/meta/lib/oeqa/selftest/cases/reproducible.py @@ -126,7 +126,11 @@ class DiffoscopeTests(OESelftestTestCase): class ReproducibleTests(OESelftestTestCase): # Test the reproducibility of whatever is built between sstate_targets and targets - package_classes = ['deb', 'ipk', 'rpm'] + package_classes = get_bb_var("OEQA_REPRODUCIBLE_TEST_PACKAGE") + if package_classes: + package_classes = package_classes.split() + else: + package_classes = ['deb', 'ipk', 'rpm'] # Maximum report size, in bytes max_report_size = 250 * 1024 * 1024 From patchwork Tue Jul 18 14:25:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27638 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F2CFBEB64DC for ; Tue, 18 Jul 2023 14:26:59 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web10.9116.1689690410490540754 for ; Tue, 18 Jul 2023 07:26:50 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=unv6i+SW; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-666ecb21f86so5797675b3a.3 for ; Tue, 18 Jul 2023 07:26:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690409; x=1692282409; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZwqUG5YjN/Tqh3qGmfG8HBt13NIUMTuJ9x2rkELZ3is=; b=unv6i+SWaa1cYunxMj0/RAjpitVkn5NC1i9vDDyN75I3rJ7XZSULBgmzQJDeP06iIV 2/O5RSVDVcaBMogUV5d7laaKkU5vQVqwhMTbtfW5oNRQ0+brAJ9eKKxv6dPgQqUsAzfT 3BwJpA1fEb11RU560e0w4V7aDkWL1JC9pA44rQzUMnLqmmantAHvaxsfa68VMUJ9o6qk jgtoNZh8WMwC0lqy2J0QiPzpSy2BOe39udDXwE5em7DxXh0/N6H4v6U7neCTWURrN7H2 +qCzI52e6SzneJSsQXKtrdG+d816mVqWv7wIPFfGc+hUq7BwwytokWjI5SQ0VxrRo0mF l9eA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690409; x=1692282409; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZwqUG5YjN/Tqh3qGmfG8HBt13NIUMTuJ9x2rkELZ3is=; b=AAbarVlCmSr0JsjGmIQc3z+gGK7AqYBQMT8CC2Wb7UrK7+gOoCjqhyjLxNvHOX1jKc HHPYB25lpD0zM0lH3/nCI8epr8mSZLcIjc01liw/rACW9KWbz9CnD+N0BI09rlL0o90s 36JzHGbOsvm9LtgWiwwiUy5+NHBcyInBm9KBhv6hNCrYGz7BYuHNtajvh+hGxbtRGW7V bhJSWk1yQKPKZOLmuQ5qy6ICN9FIgeuPGr/qYvipp/d7Kf7pDW6+LVprWTfqjGdJAnem n6NNUBEsDJxc+EfhZDZU5e6OQy80FvIkP341tZh2p1jpO4kuHGBzPzZwkMdmpL6/AYmT 2Gcw== X-Gm-Message-State: ABy/qLbbhAyQYBIxUft7GT1X91YYpoWGj6LqcayMJp3JDoVrOG9kNU1A MKYm7H8vekSfmSnvmJ0Npo1QQo3XgnDCdlWJcE8= X-Google-Smtp-Source: APBJJlFw63SOF8QqaxBc0G88W3gkWJURrM6LjbcXRtHy8y5VOVAkmyE7e48BwsXTwIRAD4YyoLo3aA== X-Received: by 2002:a05:6a00:2481:b0:666:d78c:33ab with SMTP id c1-20020a056a00248100b00666d78c33abmr20292253pfv.21.1689690409591; Tue, 18 Jul 2023 07:26:49 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:48 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 15/27] libpng: Add ptest for libpng Date: Tue, 18 Jul 2023 04:25:49 -1000 Message-Id: <2d58b38185ca7eed5d885b8d00ca549b57138554.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:59 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184519 From: Nikhil R libpng is a platform-independent library which supports all PNG features. This ptest executes the below binaries, parses the png image and prints the image features. 1. pngfix - provides information about PNG image copyrights details. 2. pngtest - tests, optimizes and optionally fixes the zlib header in PNG files. 3. pngstest - verifies the integrity of PNG image by dumping chunk level information. 4. timepng - provides details about PNG image chunks. Signed-off-by: Nikhil R Signed-off-by: Steve Sakoman --- .../distro/include/ptest-packagelists.inc | 1 + .../recipes-multimedia/libpng/files/run-ptest | 29 +++++++++++++++++++ .../libpng/libpng_1.6.39.bb | 16 ++++++++-- 3 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-multimedia/libpng/files/run-ptest diff --git a/meta/conf/distro/include/ptest-packagelists.inc b/meta/conf/distro/include/ptest-packagelists.inc index 5bcff83093..5c6a30635f 100644 --- a/meta/conf/distro/include/ptest-packagelists.inc +++ b/meta/conf/distro/include/ptest-packagelists.inc @@ -29,6 +29,7 @@ PTESTS_FAST = "\ libnl-ptest \ libmodule-build-perl-ptest \ libpcre-ptest \ + libpng-ptest \ libssh2-ptest \ libtimedate-perl-ptest \ libtest-needs-perl-ptest \ diff --git a/meta/recipes-multimedia/libpng/files/run-ptest b/meta/recipes-multimedia/libpng/files/run-ptest new file mode 100644 index 0000000000..9ab5d0c1f4 --- /dev/null +++ b/meta/recipes-multimedia/libpng/files/run-ptest @@ -0,0 +1,29 @@ +#!/bin/sh + +set -eux + +./pngfix pngtest.png &> log.txt 2>&1 + +if grep -i "OK" log.txt 2>&1 ; then + echo "PASS: pngfix passed" +else + echo "FAIL: pngfix failed" +fi +rm -f log.txt + +./pngtest pngtest.png &> log.txt 2>&1 + +if grep -i "PASS" log.txt 2>&1 ; then + echo "PASS: pngtest passed" +else + echo "FAIL: pngtest failed" +fi +rm -f log.txt + +for i in pngstest timepng; do + if "./${i}" pngtest.png 2>&1; then + echo "PASS: $i" + else + echo "FAIL: $i" + fi +done diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.39.bb b/meta/recipes-multimedia/libpng/libpng_1.6.39.bb index d9dcf379e9..94db1d3f6b 100644 --- a/meta/recipes-multimedia/libpng/libpng_1.6.39.bb +++ b/meta/recipes-multimedia/libpng/libpng_1.6.39.bb @@ -10,7 +10,11 @@ DEPENDS = "zlib" LIBV = "16" -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz" +SRC_URI = "\ + ${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz \ + file://run-ptest \ + " + SRC_URI[sha256sum] = "1f4696ce70b4ee5f85f1e1623dc1229b210029fa4b7aee573df3e2ba7b036937" MIRRORS += "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/ ${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/older-releases/" @@ -19,7 +23,7 @@ UPSTREAM_CHECK_URI = "http://libpng.org/pub/png/libpng.html" BINCONFIG = "${bindir}/libpng-config ${bindir}/libpng16-config" -inherit autotools binconfig-disabled pkgconfig +inherit autotools binconfig-disabled pkgconfig ptest # Work around missing symbols EXTRA_OECONF:append:class-target = " ${@bb.utils.contains("TUNE_FEATURES", "neon", "--enable-arm-neon=on", "--enable-arm-neon=off", d)}" @@ -32,3 +36,11 @@ BBCLASSEXTEND = "native nativesdk" # CVE-2019-17371 is actually a memory leak in gif2png 2.x CVE_CHECK_IGNORE += "CVE-2019-17371" + +do_install_ptest() { + install -m644 "${S}/pngtest.png" "${D}${PTEST_PATH}" + install -m755 "${B}/.libs/pngfix" "${D}${PTEST_PATH}" + install -m755 "${B}/.libs/pngtest" "${D}${PTEST_PATH}" + install -m755 "${B}/.libs/pngstest" "${D}${PTEST_PATH}" + install -m755 "${B}/.libs/timepng" "${D}${PTEST_PATH}" +} From patchwork Tue Jul 18 14:25:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27635 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0DC2FC001DF for ; Tue, 18 Jul 2023 14:27:00 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web10.9117.1689690414292233111 for ; Tue, 18 Jul 2023 07:26:54 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=rnVMZWd2; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-666edfc50deso3575947b3a.0 for ; Tue, 18 Jul 2023 07:26:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690413; x=1692282413; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=w+IHXRY5JbNGdSeiFQNBd7KPJRdstYKTU0ojI7lo8S4=; b=rnVMZWd2+lgV99wrXI77zx3IfIhgf60Fj1W2ZvQgR8ZijyEYG2+lbzzdNu5NOr/VQH BjMWOvNPACNXDX3a+TOh8KkiEi9HogzdTOGvbzUPfddK7HR42SRs47EcYLkOBbiDZtjP DNdp7/AqJQ3imq1euXFa26ZVJ3J7pJfkhCaWABw8tEOczA0olef445GDpOlRzNQAZOGO kHJckQt3lAFStoUzdMsEk6Isiz8VXl2nt95gqnGnRwFiuQKJ3HgIDtSlpf/yBEbtqbdw 7rt59otD2kJ9K76JQnBsJDuCEk1sWLFYMTeLSrmg0/DQuPx6MYZs7v/jGUWFmfY9OIrT BKXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690413; x=1692282413; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=w+IHXRY5JbNGdSeiFQNBd7KPJRdstYKTU0ojI7lo8S4=; b=BDTH9qH+6EKxiezJLB3zFcxcuEqwLIXytu+RyxyrUnpko2BJ6VN6Co7MhqVPfL7pBF 0dafCdICUUXowBgBbN6isujHw81LHtaYxPncaLzW37oAy+UsuXKlOiIG3W+tksLqqpG/ OTofojIUcHFOnSy8xIfBkNHkXqCx1pLhnvUAOGWIqW3F2fG1dTGR2xm1q5REGd0cUf/a Z/8qyv7rrQflsxlMUIvlb27w9SAWzauvhSWy62vh9BU+Ayc7T7SmupyQGfZgci0wc0Ly vBBRlrBGfqERX40ywgzdm1EcOvwFv1sdwX/VfKKqq+fKT3idvyLFN28JPI8urFF3RRyf O2pw== X-Gm-Message-State: ABy/qLYj3VW4wUe7HQIs8H36FkStzYr6l3PoCsKluBQlDrOj4EwU/yD+ NLURXm5wX8npK/wsUik0aZBwPRhwZpK3C/lJJGY= X-Google-Smtp-Source: APBJJlFPE2B2uW0PwHOipz4P5/oJrMec1OnCPPWvC0TCrRcMkyU68b8ZWFW8zK5BbeQhzuYKL97LQQ== X-Received: by 2002:a05:6a20:7f93:b0:125:928d:6745 with SMTP id d19-20020a056a207f9300b00125928d6745mr19511343pzj.15.1689690413410; Tue, 18 Jul 2023 07:26:53 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:52 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 16/27] logrotate: Do not create logrotate.status file Date: Tue, 18 Jul 2023 04:25:50 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:00 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184520 From: Jermain Horsman The first time logrotate runs it reports an error: error: state file /var/lib/logrotate.status is world-readable and thus can be locked from other unprivileged users. Skipping lock acquisition... This check was added with https://github.com/logrotate/logrotate/commit/1f76a381e2caa0603ae3dbc51ed0f1aa0d6658b9 This error is only reported once as logrotate removes the world-readable permissions if this happens. Since logrotate creates this file if it does not exist, there should be no need to install it in the first place. Signed-off-by: Jermain Horsman Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit 8169cd2d18f1569e4357f082adbef492710e8c36) Signed-off-by: Jermain Horsman Signed-off-by: Steve Sakoman --- meta/recipes-extended/logrotate/logrotate_3.20.1.bb | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-extended/logrotate/logrotate_3.20.1.bb b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb index 35977535aa..3df6ebd26d 100644 --- a/meta/recipes-extended/logrotate/logrotate_3.20.1.bb +++ b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb @@ -67,7 +67,6 @@ do_install(){ install -p -m 644 ${S}/examples/logrotate.conf ${D}${sysconfdir}/logrotate.conf install -p -m 644 ${S}/examples/btmp ${D}${sysconfdir}/logrotate.d/btmp install -p -m 644 ${S}/examples/wtmp ${D}${sysconfdir}/logrotate.d/wtmp - touch ${D}${localstatedir}/lib/logrotate.status if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${systemd_system_unitdir} From patchwork Tue Jul 18 14:25:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27637 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F2219EB64DA for ; Tue, 18 Jul 2023 14:26:59 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.9020.1689690417213590334 for ; Tue, 18 Jul 2023 07:26:57 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=SCx07dgr; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-666e64e97e2so3837931b3a.1 for ; Tue, 18 Jul 2023 07:26:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690416; x=1692282416; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Pn+ECDFUIh1kmlXKUPZh9njPQVksFqQdtObNc1/5UiQ=; b=SCx07dgrvuF/4/wmWN5iP6r2cAXvg9VdBJo6nPpVva4G93yt2YwJKLsvqYcoO5rcto cpEyY/ZyIC/zT5HUr91A2xD9comSDZ2TYCgWqiwAC5tAqe/PGUe9p38zFywn3jny0Y36 5+mskyT7EbxJRw1Q8dAXlYTyd3Dpzy8apTpwBCbtIMmG22UR/xjYPaZirO9HqwPu0HLM YOiSvV6AB/jazTewUrTw5vTnEfzkThtfpkxIEDvr74xoUxv7sTtiErg3r3dnKLDmr84W +LQR6hbMlYyXiqN2KxeyjIntxdzsArUALDqYWGv9/vUl+V4txJO5rEci77TOxQcAx3OL lVaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690416; x=1692282416; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Pn+ECDFUIh1kmlXKUPZh9njPQVksFqQdtObNc1/5UiQ=; b=cvfjtJpZ6QIZZM7IQsiefiBZXxf57uPg0gm3eUloIvBs6fl/p2iyzQKISF8vz5peul CXp5j/x774qbRL/Qq9hxsEfTkv3hpjvcmaox3LlUQtYmaspDwLdVgRUPm9Kqeqg2xwE9 0ObKKb7XqEmAoute+DAZQbEmkwRksYWkyz/eLSDJ9xocTNI5egkoQc5Wnbge0Ay8Su1b Knc7ZjIPWgzmJh8dO8sOuLRBTSoTw+uQkquM72kHgYlLYUGFTx27wcrJ5KekDWZ2YSi6 7V7gU6KV8ajL69atVqrX7j6nEt8ToVEolW4LHNUwZv9u5j1o5FKii6QjNN6OJZ1oYkfq 11tg== X-Gm-Message-State: ABy/qLYNXpEGaSIg3IMsDr9IYiB8CWvfgPHyTMLbUPKFeJpn85x10EF5 uH4juVQIk305R5dG66cCkeTmhXaqFWm3vUld1wA= X-Google-Smtp-Source: APBJJlFAx6ph6ZfUStdnebsHPYzThltV5+QHEe9mP1/rAudzrupe5minqwOfkBpKav8fIVW5LWsTRQ== X-Received: by 2002:a05:6a20:3c8d:b0:134:d4d3:f0a8 with SMTP id b13-20020a056a203c8d00b00134d4d3f0a8mr5671903pzj.3.1689690416260; Tue, 18 Jul 2023 07:26:56 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 17/27] pybootchartgui: show elapsed time for each task Date: Tue, 18 Jul 2023 04:25:51 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:26:59 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184521 From: Mauro Queiros Currently, finding the elapsed time of each task in buildtimes.svg is a manual effort of checking the top axis and finding and subtracting the end and start time of the task. This change adds the elapsed time for each task, so that manual effort of comparing start/end time is avoided. Signed-off-by: Mauro Queiros Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 3efebd3404de548f0757863da237f2d18ce60013) Signed-off-by: Jose Quaresma Signed-off-by: Steve Sakoman --- scripts/pybootchartgui/pybootchartgui/draw.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/pybootchartgui/pybootchartgui/draw.py b/scripts/pybootchartgui/pybootchartgui/draw.py index fc708b55c3..707e7fe427 100644 --- a/scripts/pybootchartgui/pybootchartgui/draw.py +++ b/scripts/pybootchartgui/pybootchartgui/draw.py @@ -558,6 +558,11 @@ def render_processes_chart(ctx, options, trace, curr_y, w, h, sec_w): draw_rect(ctx, PROC_BORDER_COLOR, (x, y, w, proc_h)) draw_label_in_box(ctx, PROC_TEXT_COLOR, process, x, y + proc_h - 4, w, proc_h) + + # Show elapsed time for each task + elapsed_time = f"{trace.processes[process][1] - start}s" + draw_text(ctx, elapsed_time, PROC_TEXT_COLOR, x + w + 4, y + proc_h - 4) + y = y + proc_h return curr_y From patchwork Tue Jul 18 14:25:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27636 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06CFBC001DC for ; Tue, 18 Jul 2023 14:27:00 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web10.9121.1689690419593389201 for ; Tue, 18 Jul 2023 07:26:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=unLTRJUk; spf=softfail (domain: sakoman.com, ip: 209.85.210.174, mailfrom: steve@sakoman.com) Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-666eb03457cso3655417b3a.1 for ; Tue, 18 Jul 2023 07:26:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690419; x=1692282419; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=EYIxFsef8UGbyoxegMcmdB5VWoMEPTM/VKYGQlnVNUA=; b=unLTRJUky8XnC6W55a+73Yj2TBQeEApHW0oUEGLTI76wJ//ujkS2zTdkDBt/iYshE8 6s1Vvel2c8Yj9FenE8nVA2wptMnekAOWhUjF8JKrU9fi/tB6Ix6SPRce0AsvGyWzT2oA LjiyjC1FqlEoLgKnAMLEkvl4NQupaXDdVWSO7RPiexjfY47mOOMLD3kThyO+tPLwFgsJ DHvhcmcQoNvV3OL7cOacZrbBQPKMF1AqLgcN7Bc7H2fyOJa6Zns6toT+GO1LrKb0KJjk scDPL928LgX5KPeVo/+jMTxCeqkCUO0m/1eCW7L5MY6MovQdmuGtqUjmgIYIFYgX3VRR PFPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690419; x=1692282419; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EYIxFsef8UGbyoxegMcmdB5VWoMEPTM/VKYGQlnVNUA=; b=X6hjBJQXYndTleMw8/WOORmHD0+gIf3sKhKLsbBYGgIT56Jo2JcqfR2Nb0b1Dj9Kkb e93guoBGZAl2+Q5Dl6c5rDPYHN+QgUanvZqLMZkfW6l3H13n2tYRi94+Ajv7q7eIWmJg kfhvKgWufZgpKYeUe6VZQO0tQZ7SBtQKBImNybH88W2pWsN0KK6UCZeHowsw/CWDdUhq Aicfica+JobwVOUrHSNos8Q/d7ay8lS4WjVrkMQsiqkoW2NGTQQ+vPldQsTo5j8tw/8u 6ABE3zia70p4Rr8B7Id1nYXMpjzG26Gj/2ZOMIuUZOKarfyMQkPRmEAzqcmqzmNH1hDb 0zGw== X-Gm-Message-State: ABy/qLaAX3dhCr2hbVXxU9thLckChWXtfTT2xhdj9MHR6UlWOCevLf3E +G6qagik73ugBralUMeAcyjCQv/ntLblzEBGD20= X-Google-Smtp-Source: APBJJlGJsr1jEoDjQOf4eS9sDdykcu0fio5SAREReIdU2s7F3CF2yqIvUOJZ5H3xUoBNEhowPNqDcw== X-Received: by 2002:a05:6a00:2488:b0:673:5d1e:6657 with SMTP id c8-20020a056a00248800b006735d1e6657mr18441357pfv.7.1689690418394; Tue, 18 Jul 2023 07:26:58 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:26:57 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 18/27] systemd: Backport nspawn: make sure host root can write to the uidmapped mounts we prepare for the container payload Date: Tue, 18 Jul 2023 04:25:52 -1000 Message-Id: <6d190eb0caadcb95c5325ede32164a645abb61f3.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:00 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184522 From: Marek Vasut Backport fix for systemd nspawn uidmap handling from systemd v253 . Without this, attempt to start mkosi generated debian stable 12 container would ultimately fail (per "$ strace -ff") with: " symlinkat("usr/lib/aarch64-linux-gnu", 8, "lib64") = -1 EOVERFLOW (Value too large for defined data type) " Command to generate test container: " mkosi --distribution debian --release stable --architecture arm64 \ --cache-dir /home/oe/cache/ --format tar --compress-output xz \ --output-dir /home/oe/output/ --checksum 1 --root-password root \ --package systemd --package udev --package dbus " Command to import test container and start it, which triggers the failure: " $ machinectl pull-tar http://192.168.1.300/image.tar.xz default $ machinectl read-only default false $ rm -f /var/lib/machines/default/etc/machine-id $ dbus-uuidgen --ensure=/var/lib/machines/default/etc/machine-id $ machinectl start default " Minimal command to trigger the failure once container is imported: " $ strace -ff systemd-nspawn --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=default " Extracted from systemd MR: https://github.com/systemd/systemd/pull/22774 Further explanation by Christian Brauner at second half of: https://github.com/systemd/systemd/issues/20989 Signed-off-by: Marek Vasut Signed-off-by: Steve Sakoman --- ...-host-root-can-write-to-the-uidmappe.patch | 216 ++++++++++++++++++ meta/recipes-core/systemd/systemd_250.5.bb | 1 + 2 files changed, 217 insertions(+) create mode 100644 meta/recipes-core/systemd/systemd/0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch diff --git a/meta/recipes-core/systemd/systemd/0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch b/meta/recipes-core/systemd/systemd/0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch new file mode 100644 index 0000000000..8715019c99 --- /dev/null +++ b/meta/recipes-core/systemd/systemd/0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch @@ -0,0 +1,216 @@ +From e34fb1a4568bd080032065bb1506ab9b6c6606f1 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 17 Mar 2022 13:46:12 +0100 +Subject: [PATCH] nspawn: make sure host root can write to the uidmapped mounts + we prepare for the container payload +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When using user namespaces in conjunction with uidmapped mounts, nspawn +so far set up two uidmappings: + +1. One that is used for the uidmapped mount and that maps the UID range + 0…65535 on the backing fs to some high UID range X…X+65535 on the + uidmapped fs. (Let's call this mapping the "mount mapping") + +2. One that is used for the userns namespace the container payload + processes run in, that maps X…X+65535 back to 0…65535. (Let's call + this one the "process mapping"). + +These mappings hence are pretty much identical, one just moves things up +and one back down. (Reminder: we do all this so that the processes can +run under high UIDs while running off file systems that require no +recursive chown()ing, i.e. we want processes with high UID range but +files with low UID range.) + +This creates one problem, i.e. issue #20989: if nspawn (which runs as +host root, i.e. host UID 0) wants to add inodes to the uidmapped mount +it can't do that, since host UID 0 is not defined in the mount mapping +(only the X…X+65536 range is, after all, and X > 0), and processes whose +UID is not mapped in a uidmapped fs cannot create inodes in it since +those would be owned by an unmapped UID, which then triggers +the famous EOVERFLOW error. + +Let's fix this, by explicitly including an entry for the host UID 0 in +the mount mapping. Specifically, we'll extend the mount mapping to map +UID 2147483646 (which is INT32_MAX-1, see code for an explanation why I +picked this one) of the backing fs to UID 0 on the uidmapped fs. This +way nspawn can creates inode on the uidmapped as it likes (which will +then actually be owned by UID 2147483646 on the backing fs), and as it +always did. Note that we do *not* create a similar entry in the process +mapping. Thus any files created by nspawn that way (and not chown()ed to +something better) will appear as unmapped (i.e. as overflowuid/"nobody") +in the container payload. And that's good. Of course, the latter is +mostly theoretic, as nspawn should generally chown() the inodes it +creates to UID ranges that actually make sense for the container (and we +generally already do this correctly), but it#s good to know that we are +safe here, given we might accidentally forget to chown() some inodes we +create. + +Net effect: the two mappings will not be identical anymore. The mount +mapping has one entry more, and the only reason it exists is so that +nspawn can access the uidmapped fs reasonably independently from any +process mapping. + +Fixes: #20989 + +Upstream-Status: Backport [50ae2966d20b0b4a19def060de3b966b7a70b54a] +Signed-off-by: Marek Vasut +--- + src/basic/user-util.h | 13 +++++++++++++ + src/nspawn/nspawn-mount.c | 2 +- + src/nspawn/nspawn.c | 2 +- + src/shared/dissect-image.c | 2 +- + src/shared/mount-util.c | 28 +++++++++++++++++++++++----- + src/shared/mount-util.h | 13 ++++++++++++- + 6 files changed, 51 insertions(+), 9 deletions(-) + +diff --git a/src/basic/user-util.h b/src/basic/user-util.h +index ab1ce48b2d..0b9749ef8b 100644 +--- a/src/basic/user-util.h ++++ b/src/basic/user-util.h +@@ -59,6 +59,19 @@ int take_etc_passwd_lock(const char *root); + #define UID_NOBODY ((uid_t) 65534U) + #define GID_NOBODY ((gid_t) 65534U) + ++/* If REMOUNT_IDMAP_HOST_ROOT is set for remount_idmap() we'll include a mapping here that maps the host root ++ * user accessing the idmapped mount to the this user ID on the backing fs. This is the last valid UID in the ++ * *signed* 32bit range. You might wonder why precisely use this specific UID for this purpose? Well, we ++ * definitely cannot use the first 0…65536 UIDs for that, since in most cases that's precisely the file range ++ * we intend to map to some high UID range, and since UID mappings have to be bijective we thus cannot use ++ * them at all. Furthermore the UID range beyond INT32_MAX (i.e. the range above the signed 32bit range) is ++ * icky, since many APIs cannot use it (example: setfsuid() returns the old UID as signed integer). Following ++ * our usual logic of assigning a 16bit UID range to each container, so that the upper 16bit of a 32bit UID ++ * value indicate kind of a "container ID" and the lower 16bit map directly to the intended user you can read ++ * this specific UID as the "nobody" user of the container with ID 0x7FFF, which is kinda nice. */ ++#define UID_MAPPED_ROOT ((uid_t) (INT32_MAX-1)) ++#define GID_MAPPED_ROOT ((gid_t) (INT32_MAX-1)) ++ + #define ETC_PASSWD_LOCK_PATH "/etc/.pwd.lock" + + /* The following macros add 1 when converting things, since UID 0 is a valid UID, while the pointer +diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c +index 40773d90c1..f2fad0f462 100644 +--- a/src/nspawn/nspawn-mount.c ++++ b/src/nspawn/nspawn-mount.c +@@ -780,7 +780,7 @@ static int mount_bind(const char *dest, CustomMount *m, uid_t uid_shift, uid_t u + } + + if (idmapped) { +- r = remount_idmap(where, uid_shift, uid_range); ++ r = remount_idmap(where, uid_shift, uid_range, REMOUNT_IDMAP_HOST_ROOT); + if (r < 0) + return log_error_errno(r, "Failed to map ids for bind mount %s: %m", where); + } +diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c +index 8f17ab8810..fe0af8e42d 100644 +--- a/src/nspawn/nspawn.c ++++ b/src/nspawn/nspawn.c +@@ -3779,7 +3779,7 @@ static int outer_child( + IN_SET(arg_userns_ownership, USER_NAMESPACE_OWNERSHIP_MAP, USER_NAMESPACE_OWNERSHIP_AUTO) && + arg_uid_shift != 0) { + +- r = remount_idmap(directory, arg_uid_shift, arg_uid_range); ++ r = remount_idmap(directory, arg_uid_shift, arg_uid_range, REMOUNT_IDMAP_HOST_ROOT); + if (r == -EINVAL || ERRNO_IS_NOT_SUPPORTED(r)) { + /* This might fail because the kernel or file system doesn't support idmapping. We + * can't really distinguish this nicely, nor do we have any guarantees about the +diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c +index 39a7f4c3f2..471c165257 100644 +--- a/src/shared/dissect-image.c ++++ b/src/shared/dissect-image.c +@@ -1807,7 +1807,7 @@ static int mount_partition( + (void) fs_grow(node, p); + + if (remap_uid_gid) { +- r = remount_idmap(p, uid_shift, uid_range); ++ r = remount_idmap(p, uid_shift, uid_range, REMOUNT_IDMAP_HOST_ROOT); + if (r < 0) + return r; + } +diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c +index c75c02f5be..fb2e9a0711 100644 +--- a/src/shared/mount-util.c ++++ b/src/shared/mount-util.c +@@ -1049,14 +1049,31 @@ int make_mount_point(const char *path) { + return 1; + } + +-static int make_userns(uid_t uid_shift, uid_t uid_range) { +- char line[DECIMAL_STR_MAX(uid_t)*3+3+1]; ++static int make_userns(uid_t uid_shift, uid_t uid_range, RemountIdmapFlags flags) { + _cleanup_close_ int userns_fd = -1; ++ _cleanup_free_ char *line = NULL; + + /* Allocates a userns file descriptor with the mapping we need. For this we'll fork off a child + * process whose only purpose is to give us a new user namespace. It's killed when we got it. */ + +- xsprintf(line, UID_FMT " " UID_FMT " " UID_FMT "\n", 0, uid_shift, uid_range); ++ if (asprintf(&line, UID_FMT " " UID_FMT " " UID_FMT "\n", 0, uid_shift, uid_range) < 0) ++ return log_oom_debug(); ++ ++ /* If requested we'll include an entry in the mapping so that the host root user can make changes to ++ * the uidmapped mount like it normally would. Specifically, we'll map the user with UID_HOST_ROOT on ++ * the backing fs to UID 0. This is useful, since nspawn code wants to create various missing inodes ++ * in the OS tree before booting into it, and this becomes very easy and straightforward to do if it ++ * can just do it under its own regular UID. Note that in that case the container's runtime uidmap ++ * (i.e. the one the container payload processes run in) will leave this UID unmapped, i.e. if we ++ * accidentally leave files owned by host root in the already uidmapped tree around they'll show up ++ * as owned by 'nobody', which is safe. (Of course, we shouldn't leave such inodes around, but always ++ * chown() them to the container's own UID range, but it's good to have a safety net, in case we ++ * forget it.) */ ++ if (flags & REMOUNT_IDMAP_HOST_ROOT) ++ if (strextendf(&line, ++ UID_FMT " " UID_FMT " " UID_FMT "\n", ++ UID_MAPPED_ROOT, 0, 1) < 0) ++ return log_oom_debug(); + + /* We always assign the same UID and GID ranges */ + userns_fd = userns_acquire(line, line); +@@ -1069,7 +1086,8 @@ static int make_userns(uid_t uid_shift, uid_t uid_range) { + int remount_idmap( + const char *p, + uid_t uid_shift, +- uid_t uid_range) { ++ uid_t uid_range, ++ RemountIdmapFlags flags) { + + _cleanup_close_ int mount_fd = -1, userns_fd = -1; + int r; +@@ -1085,7 +1103,7 @@ int remount_idmap( + return log_debug_errno(errno, "Failed to open tree of mounted filesystem '%s': %m", p); + + /* Create a user namespace mapping */ +- userns_fd = make_userns(uid_shift, uid_range); ++ userns_fd = make_userns(uid_shift, uid_range, flags); + if (userns_fd < 0) + return userns_fd; + +diff --git a/src/shared/mount-util.h b/src/shared/mount-util.h +index ce73aebd4b..f53a64186f 100644 +--- a/src/shared/mount-util.h ++++ b/src/shared/mount-util.h +@@ -112,7 +112,18 @@ int mount_image_in_namespace(pid_t target, const char *propagate_path, const cha + + int make_mount_point(const char *path); + +-int remount_idmap(const char *p, uid_t uid_shift, uid_t uid_range); ++typedef enum RemountIdmapFlags { ++ /* Include a mapping from UID_MAPPED_ROOT (i.e. UID 2^31-2) on the backing fs to UID 0 on the ++ * uidmapped fs. This is useful to ensure that the host root user can safely add inodes to the ++ * uidmapped fs (which otherwise wouldn't work as the host root user is not defined on the uidmapped ++ * mount and any attempts to create inodes will then be refused with EOVERFLOW). The idea is that ++ * these inodes are quickly re-chown()ed to more suitable UIDs/GIDs. Any code that intends to be able ++ * to add inodes to file systems mapped this way should set this flag, but given it comes with ++ * certain security implications defaults to off, and requires explicit opt-in. */ ++ REMOUNT_IDMAP_HOST_ROOT = 1 << 0, ++} RemountIdmapFlags; ++ ++int remount_idmap(const char *p, uid_t uid_shift, uid_t uid_range, RemountIdmapFlags flags); + + /* Creates a mount point (not parents) based on the source path or stat - ie, a file or a directory */ + int make_mount_point_inode_from_stat(const struct stat *st, const char *dest, mode_t mode); +-- +2.40.1 + diff --git a/meta/recipes-core/systemd/systemd_250.5.bb b/meta/recipes-core/systemd/systemd_250.5.bb index 21a09d8594..c35557471a 100644 --- a/meta/recipes-core/systemd/systemd_250.5.bb +++ b/meta/recipes-core/systemd/systemd_250.5.bb @@ -31,6 +31,7 @@ SRC_URI += "file://touchscreen.rules \ file://CVE-2022-4415-1.patch \ file://CVE-2022-4415-2.patch \ file://0001-network-remove-only-managed-configs-on-reconfigure-o.patch \ + file://0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch \ " # patches needed by musl From patchwork Tue Jul 18 14:25:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27640 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F408EC001DC for ; Tue, 18 Jul 2023 14:27:09 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.9023.1689690422136913801 for ; Tue, 18 Jul 2023 07:27:02 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=AUsFs8jR; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-668711086f4so3573403b3a.1 for ; Tue, 18 Jul 2023 07:27:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690421; x=1692282421; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=B680sGUvSDNiRsyEtb8oZsmr8CS1hon49PHkaRLPd1U=; b=AUsFs8jRfmOITf0q/hjP/zHnHPZD5X88mFNSFt3FVwhcD21hwI9xWvWIAJmqgRSv7k 7TCkMuFsZ/R86dRCsrgi5N3pHm35s0pMzSBGhv7OtkVekJbdGAvtv/DEDSJH4Rush90A NiCWu7Nf37IjWWjc4jZAmomplIE9at1OUnn24NgqNRBHSUURCIUIMGCtP6scEQCOiFNw lNPF6RIba3ekeQQ5Lhkc2wHdiUfUotPxradHNKFeeHBkCioUtcIJ193T0NztoBfXC+Y8 ncdAAXmUDLmKxZClSgh0zWqakEPK+S2uLZiqyCuAPnmW6VKoI0f367GInIVm9yNoQNHd H+oQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690421; x=1692282421; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B680sGUvSDNiRsyEtb8oZsmr8CS1hon49PHkaRLPd1U=; b=b9X5xBuczgCQiTR5VoRPBA1aHHs85htEvfdLhXC5G1KcjpFrmCq2/VIuwXs14tL66Z 9h16M6QxPjeBR16HINARvoBkHsQTE4YMEd1a0Gh5bOwdtCZLHMnxvUiZFMfizge25jZb eSnyG9W8hynKD1OlEiTpgKfDOnDNMAWn7HVzskPuku5mKd29NZ67z8w1agvk7ErEEzKL uzinpxOWCIvwLy+wsA63Y3ZS9SbCigoPYkvBo9zMrjrVfsdjAkO7fEr0BSZ0sbDHMgoA rejOAtuDoyYG90edC3Xs9WPZW/vamsUC8sJxQ4A2NslYOQCH0pzeEX4O77zk75OA3Ste fVFw== X-Gm-Message-State: ABy/qLbkCDv74AYXApYUjTc/c+LFvXgupbKJd58Oe2f5WhUy4udc6R3R Zc7v9ThJZZWeRULI/M3Y0hOwLQU3HfZYUEUL2NI= X-Google-Smtp-Source: APBJJlFuvGnk08fhHPWoT2sqxVCSSA9UWl2w82edbXME2LBg+TSp0QSnBaL/syKR39kECKE5A5No6w== X-Received: by 2002:a05:6a00:2d24:b0:682:ffaa:ebba with SMTP id fa36-20020a056a002d2400b00682ffaaebbamr14827623pfb.13.1689690421182; Tue, 18 Jul 2023 07:27:01 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.26.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:00 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 19/27] rust-llvm: backport a fix for build with gcc-13 Date: Tue, 18 Jul 2023 04:25:53 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184523 From: Alexander Sverdlin * needed for rust-llvm-native on hosts with gcc-13 Based on commit 3382759cb6c5 ("llvm: backport a fix for build with gcc-13") Signed-off-by: Alexander Sverdlin Signed-off-by: Steve Sakoman --- meta/recipes-devtools/rust/rust-llvm.inc | 4 ++- ...-missing-cstdint-header-to-Signals.h.patch | 32 +++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-devtools/rust/rust-llvm/0003-Support-Add-missing-cstdint-header-to-Signals.h.patch diff --git a/meta/recipes-devtools/rust/rust-llvm.inc b/meta/recipes-devtools/rust/rust-llvm.inc index 5c2ccdac9a..e645e7a7ac 100644 --- a/meta/recipes-devtools/rust/rust-llvm.inc +++ b/meta/recipes-devtools/rust/rust-llvm.inc @@ -3,7 +3,9 @@ LICENSE ?= "Apache-2.0-with-LLVM-exception" HOMEPAGE = "http://www.rust-lang.org" SRC_URI += "file://0002-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \ - file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2" + file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \ + file://0003-Support-Add-missing-cstdint-header-to-Signals.h.patch;striplevel=2 \ +" S = "${RUSTSRC}/src/llvm-project/llvm" diff --git a/meta/recipes-devtools/rust/rust-llvm/0003-Support-Add-missing-cstdint-header-to-Signals.h.patch b/meta/recipes-devtools/rust/rust-llvm/0003-Support-Add-missing-cstdint-header-to-Signals.h.patch new file mode 100644 index 0000000000..6ed23aa9c5 --- /dev/null +++ b/meta/recipes-devtools/rust/rust-llvm/0003-Support-Add-missing-cstdint-header-to-Signals.h.patch @@ -0,0 +1,32 @@ +From a94bf34221fc4519bd8ec72560c2d363ffe2de4c Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich +Date: Mon, 23 May 2022 08:03:23 +0100 +Subject: [PATCH] [Support] Add missing header to Signals.h + +Without the change llvm build fails on this week's gcc-13 snapshot as: + + [ 0%] Building CXX object lib/Support/CMakeFiles/LLVMSupport.dir/Signals.cpp.o + In file included from llvm/lib/Support/Signals.cpp:14: + llvm/include/llvm/Support/Signals.h:119:8: error: variable or field 'CleanupOnSignal' declared void + 119 | void CleanupOnSignal(uintptr_t Context); + | ^~~~~~~~~~~~~~~ + +Upstream-Status: Backport [llvmorg-15.0.0 ff1681ddb303223973653f7f5f3f3435b48a1983] +Signed-off-by: Martin Jansa +Signed-off-by: Alexander Sverdlin +--- + llvm/include/llvm/Support/Signals.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/llvm/include/llvm/Support/Signals.h b/llvm/include/llvm/Support/Signals.h +index 44f5a750ff5c..937e0572d4a7 100644 +--- a/llvm/include/llvm/Support/Signals.h ++++ b/llvm/include/llvm/Support/Signals.h +@@ -14,6 +14,7 @@ + #ifndef LLVM_SUPPORT_SIGNALS_H + #define LLVM_SUPPORT_SIGNALS_H + ++#include + #include + + namespace llvm { From patchwork Tue Jul 18 14:25:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27641 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1E50EB64DA for ; Tue, 18 Jul 2023 14:27:09 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.9025.1689690425267173596 for ; Tue, 18 Jul 2023 07:27:05 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=upmf5yY7; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-666e5f0d60bso3648667b3a.3 for ; Tue, 18 Jul 2023 07:27:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690424; x=1692282424; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Dic2zELmVIDXD1cJG7n49VfpnTb4+RceaHOLwG+kVbA=; b=upmf5yY7BUtgrg7prF5zP07Cj0tM2vf0oKLmcHp04OCnrD1y5VQkGgrYPl6YgGwgL+ pC56P5prvzD0TpXH7WRsE7EwNhd3H27ra5uarhWbS78TxFu3pGrbD2oeOn4O2Wa6H8eM c9aDW4Gb4CyujwlWYKiBzcr9nokBh6Pfk2sm3b0MVilSfLnb7+MS/+I/dZKngyfKtFIC WPFHiAngWQCADN/rwjzKiJCr1rJRc5ParfmWlmx0URDMsMMSICh6JvXNE32+b4BrsKQy c65M82BFkWxJtpEn3C+QPFUKkyZfhDu5FujUXGXF2JxON2p3GQjXD2CihlhZc1ntsnsU MtaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690424; x=1692282424; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Dic2zELmVIDXD1cJG7n49VfpnTb4+RceaHOLwG+kVbA=; b=REKPxH/ijZvOxLqyymkhlTpzCrjmk0orA7HGbmLq7hSqmwwlrdqk6Nv2+WJSD4RPvc 4ZLK5P016IdvK9LR6sgH80RdyM99rc5z+sMBeK9edtOVGCkxPFzmAsmDbpz82uE4Shhx IKtRvwPNHr0ONKj5/RzkzPhyOK+x9aP+MhpxI6AKRxMJS63iK6deIEgCpZqieqvQNfLi hzRr2VszE7Mt4psr51Y134lCs3KxP7g/Q2frXN6wBmzwcXZU5nBX8gJQexx40FEc2QmK Xai79A2cg69vgDcYGDbz1Gby3B/Fo5vgU++vfPRaMjmAqsMP7IT4vuZcKLPi8Da9SiqY 6TOw== X-Gm-Message-State: ABy/qLbkUEQipM+S0IpEyApz+amd5OVV2io6PeSdFyFBOhi0515LCnnM kGbAqx3goV0qgNLI8b3O6SKl9YNOsDxLc1Vet5w= X-Google-Smtp-Source: APBJJlEjzjbHmOsHi54KjHOiyz6zRr9iXJUohOOO6tMPSK9fehYncWNjIChTaDmzLUle+RYxv0xevw== X-Received: by 2002:a05:6a21:32a4:b0:132:cb97:83e2 with SMTP id yt36-20020a056a2132a400b00132cb9783e2mr13853167pzb.50.1689690424280; Tue, 18 Jul 2023 07:27:04 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:03 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 20/27] bitbake.conf: add unzstd in HOSTTOOLS Date: Tue, 18 Jul 2023 04:25:54 -1000 Message-Id: <5cee002e34d16e9d82045d3e8e3931ba046403d2.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184524 From: Alberto Planas rpm2cpio.sh can make calls to unzstd to uncompress the RPM payload that conform the cpio file. zstd is already part of HOSTTOOLS, as a link to the system installed zstd. This patch add unzstd in HOSTOOLS list as a non-optional binary, so is available to rpm2cpio.sh when it is required. Signed-off-by: Alberto Planas Signed-off-by: Richard Purdie (cherry picked from commit bff58d337890e804d33d7decbaa46065a4d3bba4) Signed-off-by: Steve Sakoman --- meta/conf/bitbake.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 8ef4b00d08..290dfda6c8 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -523,7 +523,7 @@ HOSTTOOLS += " \ python3 pzstd ranlib readelf readlink realpath rm rmdir rpcgen sed seq sh \ sha1sum sha224sum sha256sum sha384sum sha512sum \ sleep sort split stat strings strip tail tar tee test touch tr true uname \ - uniq wc wget which xargs zstd \ + uniq unzstd wc wget which xargs zstd \ " # Tools needed to run testimage runtime image testing From patchwork Tue Jul 18 14:25:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27639 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1E79EB64DC for ; Tue, 18 Jul 2023 14:27:09 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web11.9028.1689690427681036511 for ; Tue, 18 Jul 2023 07:27:07 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Q9EYcDAF; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-6687446eaccso5767996b3a.3 for ; Tue, 18 Jul 2023 07:27:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690427; x=1692282427; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6EwG9jzXzKZaqF7lTz50dAdWZNH2o3hRF8bBW50tnoA=; b=Q9EYcDAFiXIDBoPu+UVxcxRizCYAZMN45Qcc39gcxTovuXlfGHrSDmNbYh1xFpnPaD bi1CFQ3k1z4s+ljX88mrkBTzvJAkxgkRqOB0r9X7iZELo3kbXGIOWbXZCdBWxhn8gGCI os7SJOtIfUIvY4mEuqxpa3xEDgUG6ZcM9uEN4QzLFnaGI7YoEjakxeUu33RPW0x3+o9D ogoM74IzbYSOI5qNPmCaR096NONGpaqtyn+w6eASN4Ionwzfbw+9g4oaSsXaPoL/sWWg A3Cuys4EeGxOrUJ+0eYDBCkyPvHRiyyF+jtjdtwd1bUmcqMPQgsNITCpr0I1J2DzzbLO uqTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690427; x=1692282427; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6EwG9jzXzKZaqF7lTz50dAdWZNH2o3hRF8bBW50tnoA=; b=Lt9FpBtPhLiHXwJKqYXjGX8LIIdSp8+dmIj7vAoopEC27um113TNP7pwxOsH3A04tb F8jDLkoNEycrlzQ3VwIeqUM2IO00RyGyJj4LWl1M2PxHolSOvXwHAPwcABRROVOnSbCZ 0hhHywiGpo2oaTcNsXwdNaZ0Tf7y+6KdSM6KKXyIESnKWFehwjlDRYcao2QluJERItfO xyU8hSGMSIo6FplvQvnuH9oNWzqrmK1CBVMEyuJI1MiB/pn8zM+EKkjeKp5fev1ndKMj QPYJcFzHWNayHcz2SL41UCurhqi65x0kI4xCTRxdKpd2g5/gpD9WAT1/wnktAXSf+OEV onmQ== X-Gm-Message-State: ABy/qLaI0t/x3Kc1h4PHmnW0vaMpzE56FKOILRch2WZx0Jgp/fi+s2CS unlRRwnDBABeWLSXWC1Tte5rRiI7hRBcTwkNOcg= X-Google-Smtp-Source: APBJJlGe1ez1HB8Ur15B5L4IlZh77DUOsU9srTkIj6bNJSS0bbkzDBk9FhLIVZUxr9Lf3H/be48lHQ== X-Received: by 2002:a05:6a20:d9:b0:134:4f86:7990 with SMTP id 25-20020a056a2000d900b001344f867990mr8386829pzh.3.1689690426826; Tue, 18 Jul 2023 07:27:06 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:06 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 21/27] sdk.py: error out when moving file fails Date: Tue, 18 Jul 2023 04:25:55 -1000 Message-Id: <4ed94fef70df05c874cf0c68dcc95c5636687825.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184525 From: Chen Qi Instead of printing an error message and continuing, we should just error out when moving file fails. Signed-off-by: Chen Qi Signed-off-by: Richard Purdie (cherry picked from commit 12aecd9da94b5f27041982c661e8bab316d365d4) Signed-off-by: Steve Sakoman --- meta/lib/oe/sdk.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oe/sdk.py b/meta/lib/oe/sdk.py index 27347667e8..2383bd58b7 100644 --- a/meta/lib/oe/sdk.py +++ b/meta/lib/oe/sdk.py @@ -68,7 +68,7 @@ class Sdk(object, metaclass=ABCMeta): #FIXME: using umbrella exc catching because bb.utils method raises it except Exception as e: bb.debug(1, "printing the stack trace\n %s" %traceback.format_exc()) - bb.error("unable to place %s in final SDK location" % sourcefile) + bb.fatal("unable to place %s in final SDK location" % sourcefile) def mkdirhier(self, dirpath): try: From patchwork Tue Jul 18 14:25:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27642 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0EDAEB64DC for ; Tue, 18 Jul 2023 14:27:19 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web10.9129.1689690430154451536 for ; Tue, 18 Jul 2023 07:27:10 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=0o8nJS3f; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-666e64e97e2so3838111b3a.1 for ; Tue, 18 Jul 2023 07:27:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690429; x=1692282429; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=aAbs1GHDQZzGwomCw1Vlrky/p6QTk4MBpA44/yJrOM4=; b=0o8nJS3fPFah/pejW7PZEm3DeAvQLC7TirWAt03eGtuFiUJsvCMom4zmljEz8inzPH yPC4yNbMzEQdqF8aI41JuKw0tXPKm4i0pwSiSfsvVzQBng/xsLTtwwcf7qs8glSXhtLL Xb/QFiD61X1zzyWWBA+FT7lCYtVnCHXXOdruDelPDtzkZPsSHy3y39oURiiEveW6MjpF K/ibLxjN1/LqY29uILDOy9u3fM/5hBeOURrXPkI43qF9eAERRKd+AwJCH7N0G49UY0I+ 8l8RX92htQRpzjUGtPq3l4ckpHSQdQbk1tHuNZIG1gCwH3mAYEb1K5nvpxOJ7yaIIRh0 mpVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690429; x=1692282429; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aAbs1GHDQZzGwomCw1Vlrky/p6QTk4MBpA44/yJrOM4=; b=PVkV9+PdCyRGxQZDLafUqNkj4UsFCaskVeZQFbH0QS23w8zB5OmtPNGAm/Ng2QQrZt qCT09Rz4O+qtOpIsOT1FxlEbQN1/D1kofEFrws+KmHiyTeCT95biNYbkqRre2UyGxZZ0 aziQCmY7zdUpTalIjJn35BF0FKMijlQoXqtNFOPXUe/E8eABCOShl8nuYULan3g5tFJl azEfCvJ9EgB5w/TgoIKUtiOmKIS98o2XZkO2h/9S4aAEdufwGx4EuRiQdSQSKgycr6jd Fp3uvIadGi4zprSqtfSsqJyqE3I7t+X0YwfTyNBWb2WDymewLQVnCs8nCaKI+z7LpCn2 jJ8A== X-Gm-Message-State: ABy/qLb0FAcOFeUNtx3Ej3niZZQzE39JPQzlW2a1rDnfVNvIkdZm4cx4 xAVSeFo88ptZXtRe82Cw1+2ThmTQP41RU5L2zXQ= X-Google-Smtp-Source: APBJJlEdPqThO69FirE9/yUVX9XmhsKxPNNjpHqaQIKh2wMQGT+mx6exegbEsix8woqyHFi+FVsz2A== X-Received: by 2002:a05:6a20:a122:b0:132:86ea:4725 with SMTP id q34-20020a056a20a12200b0013286ea4725mr16985273pzk.45.1689690429299; Tue, 18 Jul 2023 07:27:09 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:08 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 22/27] sdk.py: fix moving dnf contents Date: Tue, 18 Jul 2023 04:25:56 -1000 Message-Id: <006ff31ddad4c53c63adf1dacecbf2783404a546.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184526 From: Chen Qi The dnf contents should be moved to /etc/dnf/xxx instead of just /etc. Signed-off-by: Chen Qi Signed-off-by: Richard Purdie (cherry picked from commit 74b78d160a985e98f869c777847ab798e419dd2d) Signed-off-by: Steve Sakoman --- meta/lib/oe/package_manager/rpm/sdk.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/lib/oe/package_manager/rpm/sdk.py b/meta/lib/oe/package_manager/rpm/sdk.py index c5f232431f..04dccf49d7 100644 --- a/meta/lib/oe/package_manager/rpm/sdk.py +++ b/meta/lib/oe/package_manager/rpm/sdk.py @@ -110,5 +110,6 @@ class PkgSdk(Sdk): for f in glob.glob(os.path.join(self.sdk_output, "etc", "rpm*")): self.movefile(f, native_sysconf_dir) for f in glob.glob(os.path.join(self.sdk_output, "etc", "dnf", "*")): - self.movefile(f, native_sysconf_dir) + self.mkdirhier(native_sysconf_dir + "/dnf") + self.movefile(f, native_sysconf_dir + "/dnf") self.remove(os.path.join(self.sdk_output, "etc"), True) From patchwork Tue Jul 18 14:25:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27645 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0AE34C001DF for ; Tue, 18 Jul 2023 14:27:20 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web11.9030.1689690433354053181 for ; Tue, 18 Jul 2023 07:27:13 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=H5ztIDYq; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-68336d06620so5805042b3a.1 for ; Tue, 18 Jul 2023 07:27:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690432; x=1692282432; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DLO6KEYMnyhBtAOgNLcJJBI0aCsbFpVtlqZftSoSqN0=; b=H5ztIDYqlWN4GcRjr50l2ySGibId8UTStvniiUiJZ98ecFh4K4aMvJ3W1TkzT1ZhhJ x6rShRcWrB5Jw2WYnO2KE3/b2IFe6SLq38qv5WqzmoanU1ZUBcRzjJHYNAVhBt3t2K6N Vtg6uD7nX8keQD0cKrScRMCwB1VSOG3Pl3oqXtFAe/bADH33+RQrDpB8HxA9T7+MkgmM S6zvKhZ0y9LNuBaIMoOU881D+qEA+qW02dhY56WT1xawxvGfvEXQdAG6jWAi0Wi/6X4e odbmyWgNkRK5PuwR/UkBW1hhRs53Ch17QchwV2PI32GL7g/ouDchDNrXChsd3UaCYqx2 lSgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690432; x=1692282432; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DLO6KEYMnyhBtAOgNLcJJBI0aCsbFpVtlqZftSoSqN0=; b=lgdemA/Q3zZC5qlEikAxsFKK29Th/JSbtAat3J/4vv7fhpO8U6CDfiXrZX50dafYe/ iUL5LxPkwMW0FDDCVa5SSaDn0VTcS2gFOexQnO9W0WEhoMvS3WYuiVd+3ElqaL/r8ebF kAPS1XaNUqR18a2MhNRwoVsp9n1tNH14hsOpBUEFumypTlVn2AyxF78dK/z86wcbc20d TeOh1zm7fH4MvyyH3zjlp2FwWDTk7mxxXk1TKW7+BXPygq1VBXM2kJQOrIh6Vo0YDgbs dC1pl9UjaXy+jrXlZqZbDGhmYu0gqZSBkLFSrkjAQYpejhjF/s1K4CFlMTUFzH817Y1T eKNQ== X-Gm-Message-State: ABy/qLZPIR8VQZ8bvmc3Y1ysDzYL7Z7TAJ+iAkK0Ns3gAmkcVuq42BoB gj9LYBr81IPJcjW78gRdDV2ROgZjaJKEkaVq8ho= X-Google-Smtp-Source: APBJJlHfnkidyxnEw51ceKVV1gTqS2XQR8Zy8FsJZlSH+AhIQ0RP2Ymjam/R0tVJz4rFeY+VVOIPkw== X-Received: by 2002:a05:6a00:1797:b0:64f:35c8:8584 with SMTP id s23-20020a056a00179700b0064f35c88584mr21904375pfg.18.1689690432385; Tue, 18 Jul 2023 07:27:12 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:11 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 23/27] zip: fix configure check by using _Static_assert Date: Tue, 18 Jul 2023 04:25:57 -1000 Message-Id: <6f5986fb520ab89b0950d3e0fa8492de4de7798f.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184527 From: Chen Qi It's incorrect to run a cross-compiled program on build machine to check if some feature is available or not. As these two checks in zip are basically just checking the size, we can use _Static_assert and sizeof to do such check at compile time. Signed-off-by: Chen Qi Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit dda778d855b1838ae3004a9af310724b913490b4) Signed-off-by: Steve Sakoman --- ...se-_Static_assert-to-do-correct-dete.patch | 96 +++++++++++++++++++ meta/recipes-extended/zip/zip_3.0.bb | 1 + 2 files changed, 97 insertions(+) create mode 100644 meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch diff --git a/meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch b/meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch new file mode 100644 index 0000000000..106f246a7c --- /dev/null +++ b/meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch @@ -0,0 +1,96 @@ +From 9916fc6f1f93f3e092e3c6937c30dc8137c26d34 Mon Sep 17 00:00:00 2001 +From: Chen Qi +Date: Thu, 15 Jun 2023 18:31:26 +0800 +Subject: [PATCH] unix/configure: use _Static_assert to do correct detection + +We're doing cross compilation, running a cross-compiled problem +on host to detemine feature is not correct. Use _Static_assert +to do the detection correctly. + +Upstream-Status: Inactive-Upstream + +Signed-off-by: Chen Qi +--- + unix/configure | 42 ++++++++++++------------------------------ + 1 file changed, 12 insertions(+), 30 deletions(-) + +diff --git a/unix/configure b/unix/configure +index f2b3d02..f917086 100644 +--- a/unix/configure ++++ b/unix/configure +@@ -361,6 +361,10 @@ cat > conftest.c << _EOF_ + #include + #include + #include ++ ++_Static_assert(sizeof((struct stat){0}.st_uid) == 2, "sizeof st_uid is not 16 bit"); ++_Static_assert(sizeof((struct stat){0}.st_gid) == 2, "sizeof st_gid is not 16 bit"); ++ + int main() + { + struct stat s; +@@ -385,21 +389,7 @@ if [ $? -ne 0 ]; then + echo -- UID/GID test failed on compile - disabling old 16-bit UID/GID support + CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- UID not 2 bytes - disabling old 16-bit UID/GID support +- CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" +- elif [ $r -eq 2 ]; then +- echo -- GID not 2 bytes - disabling old 16-bit UID/GID support +- CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" +- elif [ $r -eq 3 ]; then +- echo -- 16-bit UIDs and GIDs - keeping old 16-bit UID/GID support +- else +- echo -- test failed - conftest returned $r - disabling old 16-bit UID/GID support +- CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" +- fi ++ echo -- 16-bit UIDs and GIDs - keeping old 16-bit UID/GID support + fi + + +@@ -417,6 +407,10 @@ cat > conftest.c << _EOF_ + #include + #include + #include ++ ++_Static_assert(sizeof(off_t) < 8, "sizeof off_t < 8 failed"); ++_Static_assert(sizeof((struct stat){0}.st_size) < 8, "sizeof st_size < 8 failed"); ++ + int main() + { + off_t offset; +@@ -436,24 +430,12 @@ _EOF_ + # compile it + $CC -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then +- echo -- no Large File Support ++ echo -- yes we have Large File Support! ++ CFLAGS="${CFLAGS} -DLARGE_FILE_SUPPORT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- no Large File Support - no 64-bit off_t +- elif [ $r -eq 2 ]; then +- echo -- no Large File Support - no 64-bit stat +- elif [ $r -eq 3 ]; then +- echo -- yes we have Large File Support! +- CFLAGS="${CFLAGS} -DLARGE_FILE_SUPPORT" +- else +- echo -- no Large File Support - conftest returned $r +- fi ++ echo -- no Large File Support + fi + +- + # Check for wide char for Unicode support + # Added 11/24/2005 EG + +-- +2.34.1 + diff --git a/meta/recipes-extended/zip/zip_3.0.bb b/meta/recipes-extended/zip/zip_3.0.bb index 07a67b9634..83e1e52e97 100644 --- a/meta/recipes-extended/zip/zip_3.0.bb +++ b/meta/recipes-extended/zip/zip_3.0.bb @@ -17,6 +17,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/Zip%203.x%20%28latest%29/3.0/zip30.tar. file://0001-configure-use-correct-CPP.patch \ file://0002-configure-support-PIC-code-build.patch \ file://0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch \ + file://0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" From patchwork Tue Jul 18 14:25:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27643 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 04A6AC001DC for ; Tue, 18 Jul 2023 14:27:20 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.9031.1689690435602762529 for ; Tue, 18 Jul 2023 07:27:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=PwrV6SHC; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-6687096c6ddso3670747b3a.0 for ; Tue, 18 Jul 2023 07:27:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690435; x=1692282435; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=vrL4hAyXflqP/pFawQn5LUZIaQ7qaJt6rMTjtY+uS4o=; b=PwrV6SHCxSJ/BVYZII2mKMUic/oW5gHa5SzxWjLCkE77b1ChDKLspAE424gvuEkCSj xMdxYBYvJOjAQ/FaBwXRIHr7PHceLIywECmpNTIXCly2UQhq948nNTep5nS3x1+AfF6/ z3dJhPVTIt6cBfO8kLOZnd9N9VRMIyFNq/QEHmWmPjljQN1W0xGNOcOWj3eb3ZNumqNP Lk+nU2GEe2IVIV5e/Vw2guS03EFS9DxL+VVoCvohpvZbXldMglwfk7qhp7yoO+mQRVJG 7qKHdSrq+DujPoWt+oDF8JcG/lfozYR93F9wsgtOYge7FIMNZqoFuYi9nPWwYBrkhPCk VXHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690435; x=1692282435; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vrL4hAyXflqP/pFawQn5LUZIaQ7qaJt6rMTjtY+uS4o=; b=jrp/8f+M4kBiiXROzVIqrd/S4068GrTSaWt/3UP9GqdBUs0Az5WcfxnLRjFqrI27Za GI1IS30L/082kxXZtfWhmpb/qeMJn6U9C/BO3dHZyDV8a/8J1M817Xt0vMQNkXv7YtFP sK4LWRrQVBVqh44yy9RDf8Ym5Tr8NXvyvOvzgZErQ2OgQ3U95jMXNeXG80W4n8j/o5ip W8CZgMF298WM5GiNoXvXhi7vdgQ2GDVQQo78pBtVOlL2T37xYx8J3FVF7Yc6/h+5QL1p 7zkhgoFAqoqf3BN/OI1Tn8sJaPNqsjr74WDW18MuAAw6PeXF73UDmCPNVAZuXk2RwePs zVGg== X-Gm-Message-State: ABy/qLZcE4Wq/H0SXr+wCeSaIfW9OtMyclbHNkn4/jPjArgdO2a6oMft TaFqb0iIF7rJDKVLa7jWCxx4Oby91Qv7Cfm257M= X-Google-Smtp-Source: APBJJlGPh5iwG+bi1gBtmx5al2OiiRRRdlBESzmxBDkQoD5zKlP3bWynyqx/c0DHa3W8laq18K8MbA== X-Received: by 2002:a05:6a21:9993:b0:133:b3db:c78b with SMTP id ve19-20020a056a21999300b00133b3dbc78bmr12411073pzb.36.1689690434639; Tue, 18 Jul 2023 07:27:14 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 24/27] unzip: fix configure check for cross compilation Date: Tue, 18 Jul 2023 04:25:58 -1000 Message-Id: <7d99f3a9a2a74fe2e8753b00553f07f305d14c87.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184528 From: Chen Qi The original configure runs a generated binary to determine features. This is not correct for cross compilation. So change the runtime tests into compile-time tests to fix the issue. Signed-off-by: Chen Qi Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit b9aca339b59238988c48b90ea5019bfc939ba4b3) Signed-off-by: Steve Sakoman --- ...-fix-detection-for-cross-compilation.patch | 103 ++++++++++++++++++ meta/recipes-extended/unzip/unzip_6.0.bb | 1 + 2 files changed, 104 insertions(+) create mode 100644 meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch diff --git a/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch b/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch new file mode 100644 index 0000000000..2fa7f481b7 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch @@ -0,0 +1,103 @@ +From 5cbf901b5c3b6a7d1d0ed91b6df4194bb6d25a40 Mon Sep 17 00:00:00 2001 +From: Chen Qi +Date: Thu, 15 Jun 2023 07:14:17 -0700 +Subject: [PATCH] unix/configure: fix detection for cross compilation + +We're doing cross compilation, running a cross-compiled problem +on host to detemine feature is not correct. So we change runtime +check into compile-time check to detect the features. + +Upstream-Status: Inactive-Upstream + +Signed-off-by: Chen Qi +--- + unix/configure | 44 +++++++++++++++----------------------------- + 1 file changed, 15 insertions(+), 29 deletions(-) + +diff --git a/unix/configure b/unix/configure +index 8fd82dd..68dee98 100755 +--- a/unix/configure ++++ b/unix/configure +@@ -259,6 +259,10 @@ cat > conftest.c << _EOF_ + #include + #include + #include ++ ++_Static_assert(sizeof(off_t) < 8, "sizeof off_t < 8 failed"); ++_Static_assert(sizeof((struct stat){0}.st_size) < 8, "sizeof st_size < 8 failed"); ++ + int main() + { + off_t offset; +@@ -278,21 +282,10 @@ _EOF_ + # compile it + $CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then +- echo -- no Large File Support ++ echo -- yes we have Large File Support! ++ CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- no Large File Support - no 64-bit off_t +- elif [ $r -eq 2 ]; then +- echo -- no Large File Support - no 64-bit stat +- elif [ $r -eq 3 ]; then +- echo -- yes we have Large File Support! +- CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" +- else +- echo -- no Large File Support - conftest returned $r +- fi ++ echo -- no Large File Support + fi + + # Added 11/24/2005 EG +@@ -302,6 +295,11 @@ cat > conftest.c << _EOF_ + #include + #include + #include ++ ++#ifndef __STDC_ISO_10646__ ++#error "__STDC_ISO_10646__ not defined ++#endif ++ + int main() + { + size_t wsize; +@@ -327,19 +325,8 @@ if [ $? -ne 0 ]; then + echo "-- no Unicode (wchar_t) support" + else + # have wide char support +-# run it +- ./conftest +- r=$? +- if [ $r -eq 0 ]; then +- echo -- no Unicode wchar_t support - wchar_t allocation error +- elif [ $r -eq 1 ]; then +- echo -- no Unicode support - wchar_t encoding unspecified +- elif [ $r -eq 2 ]; then +- echo -- have wchar_t with known UCS encoding - enabling Unicode support! +- CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" +- else +- echo "-- no Unicode (wchar_t) support - conftest returned $r" +- fi ++ echo -- have wchar_t with known UCS encoding - enabling Unicode support! ++ CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" + fi + + echo "Check for setlocale support (needed for UNICODE Native check)" +@@ -418,8 +405,7 @@ temp_link="link_$$" + echo "int main() { lchmod(\"${temp_file}\", 0666); }" \ + ) > conftest.c + ln -s "${temp_link}" "${temp_file}" && \ +- $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null && \ +- ./conftest ++ $CC -Werror=implicit-function-declaration $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHMOD" + rm -f "${temp_file}" + +-- +2.34.1 + diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb index f35856cf61..e3fffa30ab 100644 --- a/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/meta/recipes-extended/unzip/unzip_6.0.bb @@ -31,6 +31,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/ file://CVE-2021-4217.patch \ file://CVE-2022-0529.patch \ file://CVE-2022-0530.patch \ + file://0001-unix-configure-fix-detection-for-cross-compilation.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" From patchwork Tue Jul 18 14:25:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27644 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0BE3EB64DA for ; Tue, 18 Jul 2023 14:27:19 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web10.9135.1689690439259724352 for ; Tue, 18 Jul 2023 07:27:19 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Xx5CjDfX; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-666e6541c98so5801028b3a.2 for ; Tue, 18 Jul 2023 07:27:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690438; x=1692282438; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=8Uj+ogtp5VQwciraph6wuLYaxBa+mFhUOhtXk/2kwWU=; b=Xx5CjDfXTsoUeYQZ4tROJ1sVhgmv/qK5qtq7UeRF1Rl75hF6q3L1ewNT+Bqwh2C+na V8j251J2lTk+3tUEV/ITCXHXmz0Up6G7GzLSImj3IbpOCTP3L60d+C8aCWU/Jr9izHwQ Z6yvsePQE2WbJJ5eJ/y+WYWbBgD7QVsXC44xogDZ4FL9A9w6galb8ftHplbf57NPSS0n uM4j6cPRNEfXAYgpIYij4NyOLc/ccHHVbi5h3p7C1XxVtfaWD19ILsP2mBUxkJBgeYyo 8Ew1FewDKXWS+VgdnLgETxBkhfpAdr7Vziod7yYTe1fX6ugEjjFj8sMP99zwJsXJzF4L hJdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690438; x=1692282438; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8Uj+ogtp5VQwciraph6wuLYaxBa+mFhUOhtXk/2kwWU=; b=l4G7RGpCNkbMl2syB7dp+qD6XzrKbONWDUQ95+kxZbM2b6p/uFG49NlD0CCNE04Ucu K34PL2E0iVlPzYC2YYywxOttqU1d2Gujjj8cpzcJELbNC1LTYXm6qo2B6GgpO8rVV1p0 UCH2qmgGnCaDMXo3ZCRA72v6Mk2+OWKVua6vo1f8oeql3bTuPiUFDUdzSIuyz6N8fIq7 LvkD1oSRr/M9IOdmR/8eZIBfG2ZsaJnYLpvZGdxiEh/oNs9W8n26TvMultxIyzYv354T kDVcSvEcAFXbmneii90qQz2AYUadSpHnhBYUCBzFmPRA3NbpMN4sUUZDW8nMaTZWcs11 g6kQ== X-Gm-Message-State: ABy/qLavlmo/nxZlErKrO2rzZGJbQCAy7DpMNhwpZR2Tof40rHQRT5l+ ZLO/0enN+T7E71JmSx3oKTAf35Z4yS3dEjfu4Hk= X-Google-Smtp-Source: APBJJlEkL9UAkyWu32GV8iNOeIhZ8rGOf7YuG2tCZ4ZMjBozaBNhucmKPX8SRDZlBMW666JuVpPtTQ== X-Received: by 2002:a05:6a00:218f:b0:686:25a7:3cf3 with SMTP id h15-20020a056a00218f00b0068625a73cf3mr2199560pfi.29.1689690438332; Tue, 18 Jul 2023 07:27:18 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:17 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 25/27] sysfsutils: fetch a supported fork from github Date: Tue, 18 Jul 2023 04:25:59 -1000 Message-Id: <9f35ca9d9ed4be4d27318230f4ae42c4885d1f0c.1689689618.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184529 From: Alexander Kanavin Debian does the same: https://packages.debian.org/source/sid/sysfsutils Signed-off-by: Alexander Kanavin Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit 504b2f590cb94b217c5f48090cfb71a749bd5ac8) Signed-off-by: Steve Sakoman --- meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb b/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb index c90a02f131..fd72cf4165 100644 --- a/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb +++ b/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb @@ -10,18 +10,14 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3d06403ea54c7574a9e581c6478cc393 \ file://lib/LGPL;md5=b75d069791103ffe1c0d6435deeff72e" PR = "r5" -SRC_URI = "${SOURCEFORGE_MIRROR}/linux-diag/sysfsutils-${PV}.tar.gz \ +SRC_URI = "git://github.com/linux-ras/sysfsutils.git;protocol=https;branch=master \ file://sysfsutils-2.0.0-class-dup.patch \ file://obsolete_automake_macros.patch \ file://separatebuild.patch" -SRC_URI[md5sum] = "14e7dcd0436d2f49aa403f67e1ef7ddc" -SRC_URI[sha256sum] = "e865de2c1f559fff0d3fc936e660c0efaf7afe662064f2fb97ccad1ec28d208a" +SRCREV = "0d5456e1c9d969cdad6accef2ae2d4881d5db085" -UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/linux-diag/files/sysfsutils/" -UPSTREAM_CHECK_REGEX = "/sysfsutils/(?P(\d+[\.\-_]*)+)/" - -S = "${WORKDIR}/sysfsutils-${PV}" +S = "${WORKDIR}/git" inherit autotools From patchwork Tue Jul 18 14:26:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27647 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01A6EEB64DC for ; Tue, 18 Jul 2023 14:27:29 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web10.9138.1689690441553090104 for ; Tue, 18 Jul 2023 07:27:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Ee4nqCJN; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-6682909acadso3832653b3a.3 for ; Tue, 18 Jul 2023 07:27:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690441; x=1692282441; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ejovmf9k5ZUr6DBCalS1XZu2z2gHRlMjyOBmjrC/ZX8=; b=Ee4nqCJN9pxddHrGzs53/7H2kDg2r1lxm6flZRztdokOjLYvEREAC8u0n4b/SFF3w5 JYTE8Z/5TuR7jFJi5jyuCOhmPktww8VVcWtQRz5TwFtaSz3tESc+hYm6ZixkiR7hHhH7 RR9kgZOd75etx0zQ3UoXrHOI4dlJEfzqsR5gA/BM4IBDrQ45XqZ5AAUbgaT/pWcCEtl2 NrF56rG4mNYQWnpw9zxGfde4S9hZ6HCbpjNAd+9bGWjm+8Lj28U6tZxdoM8ykCALGW+n WFGAhoR9TkIaLvr+tFfOpWU+Lb7ZlBPX4SYP04cTF6ip7DSC/NFSmibw+Qr5BQcxH03B 0F2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690441; x=1692282441; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ejovmf9k5ZUr6DBCalS1XZu2z2gHRlMjyOBmjrC/ZX8=; b=KStejENxRet5+bDddn2uPQsAwrbwiV0VC2/REXMzP8eIg8X+/swfGapyFCcdTZOL+v a4/IWXd6JjDAsQMZpSkHR2BRiuHt9U8676S88+ADMmjVXI2meDSTDMTqmaNYjk323+/W +FWoqmLtXxYQkwIXSfNmCpmtkReurBK38SmyELb9GzmtSfefxKYmClh5WiU4uW7iKQUR 1KtAt10Q/Uw2ieGqpG2CzFno5eNP9ET7LxeBs3ir9uqwVsMoeF8Ju1FC/UyiKtlCmcH6 pd0OnISQP2HOkuvdiClWiKBB8HLWIy4eMAA/0YWwnW3shl4DJKUOsjOycXSswK06NNKn YX+w== X-Gm-Message-State: ABy/qLb1oUEGCJOYoSgxeCDlP+JGWENiaQunX02O46mOz9X9eHo/RmzK 0Aw6sbg1Ikml89mTMlNzURQuUV3uYLVTCPhyarA= X-Google-Smtp-Source: APBJJlEB1+Lp8BmeJSL+Ue+he3PgjFYdRFNWGgU581ZP0KTMxDNmMN8kLpI9avokZxkM7I2xs6m9Fg== X-Received: by 2002:a05:6a20:13da:b0:132:c07c:f042 with SMTP id ho26-20020a056a2013da00b00132c07cf042mr13174333pzc.15.1689690440662; Tue, 18 Jul 2023 07:27:20 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:19 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 26/27] wic: Add dependencies for erofs-utils Date: Tue, 18 Jul 2023 04:26:00 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184530 From: Heiko Thole In order to build erofs filesystems, wic must have the erofs-utils package installed into its sysroot. Signed-off-by: Heiko Thole Signed-off-by: Steve Sakoman --- meta/classes/image_types_wic.bbclass | 2 +- meta/recipes-core/meta/wic-tools.bb | 2 +- scripts/lib/wic/misc.py | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/meta/classes/image_types_wic.bbclass b/meta/classes/image_types_wic.bbclass index 6453dd1b74..8497916d48 100644 --- a/meta/classes/image_types_wic.bbclass +++ b/meta/classes/image_types_wic.bbclass @@ -83,7 +83,7 @@ do_image_wic[recrdeptask] += "do_deploy" do_image_wic[deptask] += "do_image_complete" WKS_FILE_DEPENDS_DEFAULT = '${@bb.utils.contains_any("BUILD_ARCH", [ 'x86_64', 'i686' ], "syslinux-native", "",d)}' -WKS_FILE_DEPENDS_DEFAULT += "bmap-tools-native cdrtools-native btrfs-tools-native squashfs-tools-native e2fsprogs-native" +WKS_FILE_DEPENDS_DEFAULT += "bmap-tools-native cdrtools-native btrfs-tools-native squashfs-tools-native e2fsprogs-native erofs-utils-native" # Unified kernel images need objcopy WKS_FILE_DEPENDS_DEFAULT += "virtual/${MLPREFIX}${TARGET_PREFIX}binutils" WKS_FILE_DEPENDS_BOOTLOADERS = "" diff --git a/meta/recipes-core/meta/wic-tools.bb b/meta/recipes-core/meta/wic-tools.bb index daaf3ea576..9282d36a4d 100644 --- a/meta/recipes-core/meta/wic-tools.bb +++ b/meta/recipes-core/meta/wic-tools.bb @@ -6,7 +6,7 @@ DEPENDS = "\ parted-native gptfdisk-native dosfstools-native \ mtools-native bmap-tools-native grub-native cdrtools-native \ btrfs-tools-native squashfs-tools-native pseudo-native \ - e2fsprogs-native util-linux-native tar-native \ + e2fsprogs-native util-linux-native tar-native erofs-utils-native \ virtual/${TARGET_PREFIX}binutils \ " DEPENDS:append:x86 = " syslinux-native syslinux grub-efi systemd-boot" diff --git a/scripts/lib/wic/misc.py b/scripts/lib/wic/misc.py index a8aab6c524..2b90821b30 100644 --- a/scripts/lib/wic/misc.py +++ b/scripts/lib/wic/misc.py @@ -36,6 +36,7 @@ NATIVE_RECIPES = {"bmaptool": "bmap-tools", "mkdosfs": "dosfstools", "mkisofs": "cdrtools", "mkfs.btrfs": "btrfs-tools", + "mkfs.erofs": "erofs-utils", "mkfs.ext2": "e2fsprogs", "mkfs.ext3": "e2fsprogs", "mkfs.ext4": "e2fsprogs", From patchwork Tue Jul 18 14:26:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27646 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01A41EB64DA for ; Tue, 18 Jul 2023 14:27:29 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web11.9035.1689690444470096672 for ; Tue, 18 Jul 2023 07:27:24 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=ys1a5lCG; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-666e6ecb52dso3647287b3a.2 for ; Tue, 18 Jul 2023 07:27:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1689690443; x=1692282443; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZBTOKyYV8XjRSeDqZbJGw6YozUa2vn1hbH4VC9ZE2Fk=; b=ys1a5lCGGk1sLSzWwLQL048+WKRQxJCPESDQuxrUrIoZiY15eeI4ybW7RSvFXxO8aC XQbOMZU1cFUBBUTo4HGpIFAjWE+mX2HSl8fMSxLbfzoV0YR1FiU5fSZQ7ZaoeS60L+qd IRZEN1J3XfOnAQKLpnFu0Zz+8gw2PjCazrf57+LwuO77fudLZ2FT8VyVTUztNKIkDoWA UO+4JBUAq0P8Nu8xsR+tzdPlbXiFuEp0fQ5uqpmm/9fJtKGHceeA5KlENhfvkXotC5aG zHKJvgil4vmrGl/0typqYiKCNTGGBCmM3JRmWcB3vo48sEYCjcruq9sga7/VP9xdUjL9 4VNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690443; x=1692282443; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZBTOKyYV8XjRSeDqZbJGw6YozUa2vn1hbH4VC9ZE2Fk=; b=SREnxEVIzsg3/EFSim42omkeDU2yBvAs3MoqWQpF1p+nml84NAeSL7Jh9pHPq67ysp H7KsI39VZvNYmjTKe5gsnoimbaPokG/fsDmWYcgx/2I7NFmmBDc2J1jk/np+ra/fURbb AOOF5Qib/EKruuWbfNi8jlYBAWCqDhF+jIbk/Dyx4YpIs2CaDRdZt8uOkbMWe/s20HIQ gJr19WzduaJOaB5MKPqaxc7CpvKv/sYF6vazSK1Z9DdsFkhuytzCyTVA1Vj+u51LQCrp MShl7Vs6OPKgirCMy2k4+uulKP54E6fGF4eJB0AuUGOFnxJ4ZUqK6FH4pCR8SrVskeEI FjsA== X-Gm-Message-State: ABy/qLZCZqSsZi9WmwTceHoJIqkrnb4DtR7jAIeJxmSk05mWH0c8s7R/ aqMhYb+mAVHPYuDsDitbtNKBxADiI5e5Db9eow4= X-Google-Smtp-Source: APBJJlFczSdyTKJuK4/s3ltRVVqLSC9T75hypWUeIOLzqtAz0ojHnN8tiOs4oUO3fGdBwy2jqnnBCA== X-Received: by 2002:a05:6a20:8e0d:b0:130:835b:e6b7 with SMTP id y13-20020a056a208e0d00b00130835be6b7mr14097175pzj.47.1689690443491; Tue, 18 Jul 2023 07:27:23 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j24-20020aa78d18000000b006732786b5f1sm1581732pfe.213.2023.07.18.07.27.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:27:22 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 27/27] cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK Date: Tue, 18 Jul 2023 04:26:01 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 18 Jul 2023 14:27:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184531 From: Tom Hochstein When building using an SDK, cmake complains that the target architecture 'cortexa53-crypto' is unknown. The same build in bitbake uses the target architecture 'aarch64'. Set CMAKE_SYSTEM_PROCESSOR the same as for bitbake. Signed-off-by: Tom Hochstein Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit d32a6225eefce2073a1cd401034b5b4c68351bfe) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake b/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake index 3ddef12c83..d6a1e0464c 100644 --- a/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake +++ b/meta/recipes-devtools/cmake/cmake/OEToolchainConfig.cmake @@ -11,10 +11,7 @@ set( CMAKE_FIND_ROOT_PATH_MODE_PACKAGE ONLY ) set(CMAKE_FIND_LIBRARY_CUSTOM_LIB_SUFFIX "$ENV{OE_CMAKE_FIND_LIBRARY_CUSTOM_LIB_SUFFIX}") -# Set CMAKE_SYSTEM_PROCESSOR from the sysroot name (assuming processor-distro-os). -if ($ENV{SDKTARGETSYSROOT} MATCHES "/sysroots/([a-zA-Z0-9_-]+)-.+-.+") - set(CMAKE_SYSTEM_PROCESSOR ${CMAKE_MATCH_1}) -endif() +set( CMAKE_SYSTEM_PROCESSOR $ENV{OECORE_TARGET_ARCH} ) # Include the toolchain configuration subscripts file( GLOB toolchain_config_files "${CMAKE_CURRENT_LIST_FILE}.d/*.cmake" )