From patchwork Sat Jul 22 18:56:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27814 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D21A8C001E0 for ; Sat, 22 Jul 2023 18:57:09 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web11.11575.1690052226850436173 for ; Sat, 22 Jul 2023 11:57:06 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=rjpNO1tq; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-66767d628e2so1772146b3a.2 for ; Sat, 22 Jul 2023 11:57:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052226; x=1690657026; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=aqKTh6JU9E4o6Tbbl+uKMqcjQiPIz0h/9oxSjci2OVA=; b=rjpNO1tq8F0GKzyZ9xxUKIWbTLU2PeVG+ilvBBgmverTlNQKi0av9ChuFpKWLO0AUz eDu99Lig6Gih2DoP+8+20UdltOYKzktZBXtMgVh+kEiTXL1bwqQWCDGOngOMiCPTio8D KRrZDTt2qAFI46+vVTpQ7FhF3Rz4MZEsEPAfdD0nLXHjK44bh/CQQH6b57w/FH/D33gm j5zFgT6bOXoFRsghRitNcjRf6JIt/QepX1kqNLnTOqLz7rd6hQwEJ2GKCruxQqegvDHz F4dGvpuqYdsZZ1Qpl4rQbdn/RTJwEAqCJTh9YNkFMAb6ghUc5TVxAXE8afWdVPoWtuwS ZGBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052226; x=1690657026; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aqKTh6JU9E4o6Tbbl+uKMqcjQiPIz0h/9oxSjci2OVA=; b=QuiBpOJiUZyWWcPEThzT3Ule+s93NdEBnqh5SJ/9rZGWPylMB9AxM8WZTEXvfmQ6Dh qiOP2aNucfENeoHoFatHCSvjq6MjcGXwHZJRrdQuEEQ1g0Zt2PRvwhr4qlS9h+0genwd AAjQi6Mnvb2IDYGf01dVc6mv2Bu14v2lXnsmUqALIHCfdO52zfj2BZXvHkI9r6GPerU6 5RTdgGeIpJl6fMFUi0SNF4NNj0fvcIArj2yLEF4MhrXo5B1wnfvYhLRWaszDKZup4NES mP1cQHgHQEEXfDhhMQG6mgt/AIQbGHgOeXeIxcgK5xpAZGaycF+kDeNZGXiT1GyLsBqk 2bQw== X-Gm-Message-State: ABy/qLaA+MAkCX889xuR/qttaD+wla3CLiZVaIejeIS/BAUYSxJ/iKWs GcEHKbzbAqsgL63yerJOb22pNLuUV6A5bLVbfAY= X-Google-Smtp-Source: APBJJlFqeyoKSwwuVgY1+ifFPbIUO27PVyYgQkdOWGZtn6SbhD3JbllPMRna78ZdjOQgFqUgdl6D4A== X-Received: by 2002:a05:6a21:6d99:b0:138:dbff:f41b with SMTP id wl25-20020a056a216d9900b00138dbfff41bmr2089650pzb.27.1690052225877; Sat, 22 Jul 2023 11:57:05 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:05 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 01/11] qemu: fix CVE-2023-0330 Date: Sat, 22 Jul 2023 08:56:45 -1000 Message-Id: <3be283237a9e473112430bcb614b25b7ff7e64b2.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184724 From: Archana Polampalli A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. References: https://nvd.nist.gov/vuln/detail/CVE-2023-0330 Upstream patches: https://gitlab.com/qemu-project/qemu/-/commit/b987718bbb1d0eabf95499b976212dd5f0120d75 Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-0330.patch | 75 +++++++++++++++++++ 2 files changed, 76 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 4c9be91cb0..15eba6163f 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -36,6 +36,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://qemu-guest-agent.init \ file://qemu-guest-agent.udev \ file://ppc.patch \ + file://CVE-2023-0330.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch b/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch new file mode 100644 index 0000000000..f609ea29b4 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch @@ -0,0 +1,75 @@ +From b987718bbb1d0eabf95499b976212dd5f0120d75 Mon Sep 17 00:00:00 2001 +From: Thomas Huth +Date: Mon, 22 May 2023 11:10:11 +0200 +Subject: [PATCH] hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI + controller (CVE-2023-0330) + +We cannot use the generic reentrancy guard in the LSI code, so +we have to manually prevent endless reentrancy here. The problematic +lsi_execute_script() function has already a way to detect whether +too many instructions have been executed - we just have to slightly +change the logic here that it also takes into account if the function +has been called too often in a reentrant way. + +The code in fuzz-lsi53c895a-test.c has been taken from an earlier +patch by Mauro Matteo Cascella. + +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1563 +Message-Id: <20230522091011.1082574-1-thuth@redhat.com> +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Alexander Bulekov +Signed-off-by: Thomas Huth + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/b987718bbb1d0eabf95499b976212dd5f0120d75] +CVE: CVE-2023-0330 + +Signed-off-by: Archana Polampalli +--- + hw/scsi/lsi53c895a.c | 23 +++++++++++++++------ + tests/qtest/fuzz-lsi53c895a-test.c | 33 ++++++++++++++++++++++++++++++ + 2 files changed, 50 insertions(+), 6 deletions(-) + +diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c +index 048436352b7a..f7d45b0b20fb 100644 +--- a/hw/scsi/lsi53c895a.c ++++ b/hw/scsi/lsi53c895a.c +@@ -1134,15 +1134,24 @@ static void lsi_execute_script(LSIState *s) + uint32_t addr, addr_high; + int opcode; + int insn_processed = 0; ++ static int reentrancy_level; ++ ++ reentrancy_level++; + + s->istat1 |= LSI_ISTAT1_SRUN; + again: +- if (++insn_processed > LSI_MAX_INSN) { +- /* Some windows drivers make the device spin waiting for a memory +- location to change. If we have been executed a lot of code then +- assume this is the case and force an unexpected device disconnect. +- This is apparently sufficient to beat the drivers into submission. +- */ ++ /* ++ * Some windows drivers make the device spin waiting for a memory location ++ * to change. If we have executed more than LSI_MAX_INSN instructions then ++ * assume this is the case and force an unexpected device disconnect. This ++ * is apparently sufficient to beat the drivers into submission. ++ * ++ * Another issue (CVE-2023-0330) can occur if the script is programmed to ++ * trigger itself again and again. Avoid this problem by stopping after ++ * being called multiple times in a reentrant way (8 is an arbitrary value ++ * which should be enough for all valid use cases). ++ */ ++ if (++insn_processed > LSI_MAX_INSN || reentrancy_level > 8) { + if (!(s->sien0 & LSI_SIST0_UDC)) { + qemu_log_mask(LOG_GUEST_ERROR, + "lsi_scsi: inf. loop with UDC masked"); +@@ -1596,6 +1605,8 @@ static void lsi_execute_script(LSIState *s) + } + } + trace_lsi_execute_script_stop(); ++ ++ reentrancy_level--; + } + + static uint8_t lsi_reg_readb(LSIState *s, int offset) From patchwork Sat Jul 22 18:56:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27813 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D1725C001DC for ; Sat, 22 Jul 2023 18:57:09 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web10.11707.1690052228877613835 for ; Sat, 22 Jul 2023 11:57:09 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=kI74AABW; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-66767d628e2so1772151b3a.2 for ; Sat, 22 Jul 2023 11:57:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052228; x=1690657028; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=7v21QBA0aNEw7C8cHbhzhMJwOB/MA6ZfoFhMxn+OBpk=; b=kI74AABWDL33uwHreACYgGE0woK6Ng35OdQKkZi8X2wbZk7PoZkZo8eJow1z0TALN4 S1g/N9NSVqeyfZkj9MOa+2mKkn0S5wQJMEncAgrVUHHe9k/cSdhNDCLtaL5mGMMX/Nqx ErXrg1MZrj/6Lpc/w86ky1Fqt62wS/UN+07IgoRfYmo2zdpp5ZOI/iYCRnTow/vXjKRS t/jzRQbQ2efLmgrQA7eIO7qDSoRj/nevpIiT5KeM8Wmie37ucFWOmeMqQEd0X1/XoVWK DGzroVJjlihlymjgGOIniainEiCa+GUc6i+i3xYRnqlyYIo8ikRo3B4xMCnffB6dNHjp 4MKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052228; x=1690657028; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7v21QBA0aNEw7C8cHbhzhMJwOB/MA6ZfoFhMxn+OBpk=; b=SL/ukmd3tkRrSennMlQn20nmGfafefGYCc7GSY2NOfFp5PZOWBTWCUiCp5UW3V8Bg3 KuYIvYBjktPh+Mk+GOsy4t4asoDVdVYKVhv8rC+mtNMkh1ibnYRd/Icl0zPXp02cVsny NMTfiBCyOqydvVif+5Zunpp7AcbWkekM4/DoR9yXjax31FMAY4DA0lSa+fsnbY3Maxoq nPxseqQTqlHkKOgSXZcXlJkSzsRDLNo3NfTHhuqJmVg69vndVKZ0CAsdOrLh/rXEsAcT EdCtkKNwnPSCuF3vJyz6NKQob4bVjcwN9SeW9qIDfPMBMnLR742zRgHICr96UTMeAqj4 nFhA== X-Gm-Message-State: ABy/qLbt4vkr+CVcmVCckMmLsFRI2TnibBLJtlvBqnd6kSXN6TsTNiEf jPmI7o9sVJ5QPP0dxa1k5EtKnbu9ByeAxwkPFes= X-Google-Smtp-Source: APBJJlEL4bC3HxpSaxpoI3AiTPOTjhsIT9rEG3+qBZYKvQy0yeyAYmSOLOfn2qekbHaR5UkfrUafrg== X-Received: by 2002:a05:6a20:49a8:b0:137:3eba:b805 with SMTP id fs40-20020a056a2049a800b001373ebab805mr3267788pzb.37.1690052227725; Sat, 22 Jul 2023 11:57:07 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:07 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 02/11] go: fix CVE-2023-24531 Date: Sat, 22 Jul 2023 08:56:46 -1000 Message-Id: <5d80e920c7ceaf091ccace8a3b6781b720abafbf.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184725 From: Sakib Sajal Backport required commits to fix CVE-2023-24531. Signed-off-by: Sakib Sajal Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.20.5.inc | 2 + .../go/go/CVE-2023-24531_1.patch | 266 ++++++++++++++++++ .../go/go/CVE-2023-24531_2.patch | 47 ++++ 3 files changed, 315 insertions(+) create mode 100644 meta/recipes-devtools/go/go/CVE-2023-24531_1.patch create mode 100644 meta/recipes-devtools/go/go/CVE-2023-24531_2.patch diff --git a/meta/recipes-devtools/go/go-1.20.5.inc b/meta/recipes-devtools/go/go-1.20.5.inc index 4e4e57d5cb..9cc79a8073 100644 --- a/meta/recipes-devtools/go/go-1.20.5.inc +++ b/meta/recipes-devtools/go/go-1.20.5.inc @@ -14,5 +14,7 @@ SRC_URI += "\ file://0007-exec.go-do-not-write-linker-flags-into-buildids.patch \ file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ + file://CVE-2023-24531_1.patch \ + file://CVE-2023-24531_2.patch \ " SRC_URI[main.sha256sum] = "9a15c133ba2cfafe79652f4815b62e7cfc267f68df1b9454c6ab2a3ca8b96a88" diff --git a/meta/recipes-devtools/go/go/CVE-2023-24531_1.patch b/meta/recipes-devtools/go/go/CVE-2023-24531_1.patch new file mode 100644 index 0000000000..9de701b64b --- /dev/null +++ b/meta/recipes-devtools/go/go/CVE-2023-24531_1.patch @@ -0,0 +1,266 @@ +From c5463ec922a57d8b175c6639186ba9cbe15e6bc1 Mon Sep 17 00:00:00 2001 +From: Michael Matloob +Date: Mon, 24 Apr 2023 16:57:28 -0400 +Subject: [PATCH 1/2] cmd/go: sanitize go env outputs + +go env, without any arguments, outputs the environment variables in +the form of a script that can be run on the host OS. On Unix, single +quote the strings and place single quotes themselves outside the +single quoted strings. On windows use the set "var=val" syntax with +the quote starting before the variable. + +Fixes #58508 + +Change-Id: Iecd379a4af7285ea9b2024f0202250c74fd9a2bd +Reviewed-on: https://go-review.googlesource.com/c/go/+/488375 +TryBot-Result: Gopher Robot +Reviewed-by: Michael Matloob +Reviewed-by: Damien Neil +Run-TryBot: Michael Matloob +Reviewed-by: Bryan Mills +Reviewed-by: Quim Muntal + +CVE: CVE-2023-24531 +Upstream-Status: Backport [f379e78951a405e7e99a60fb231eeedbf976c108] + +Signed-off-by: Sakib Sajal +--- + src/cmd/go/internal/envcmd/env.go | 60 ++++++++++++- + src/cmd/go/internal/envcmd/env_test.go | 94 +++++++++++++++++++++ + src/cmd/go/testdata/script/env_sanitize.txt | 5 ++ + src/cmd/go/testdata/script/work_env.txt | 2 +- + 4 files changed, 158 insertions(+), 3 deletions(-) + create mode 100644 src/cmd/go/internal/envcmd/env_test.go + create mode 100644 src/cmd/go/testdata/script/env_sanitize.txt + +diff --git a/src/cmd/go/internal/envcmd/env.go b/src/cmd/go/internal/envcmd/env.go +index fb7448a..5b52fad 100644 +--- a/src/cmd/go/internal/envcmd/env.go ++++ b/src/cmd/go/internal/envcmd/env.go +@@ -6,6 +6,7 @@ + package envcmd + + import ( ++ "bytes" + "context" + "encoding/json" + "fmt" +@@ -17,6 +18,7 @@ import ( + "runtime" + "sort" + "strings" ++ "unicode" + "unicode/utf8" + + "cmd/go/internal/base" +@@ -413,9 +415,12 @@ func checkBuildConfig(add map[string]string, del map[string]bool) error { + func PrintEnv(w io.Writer, env []cfg.EnvVar) { + for _, e := range env { + if e.Name != "TERM" { ++ if runtime.GOOS != "plan9" && bytes.Contains([]byte(e.Value), []byte{0}) { ++ base.Fatalf("go: internal error: encountered null byte in environment variable %s on non-plan9 platform", e.Name) ++ } + switch runtime.GOOS { + default: +- fmt.Fprintf(w, "%s=\"%s\"\n", e.Name, e.Value) ++ fmt.Fprintf(w, "%s=%s\n", e.Name, shellQuote(e.Value)) + case "plan9": + if strings.IndexByte(e.Value, '\x00') < 0 { + fmt.Fprintf(w, "%s='%s'\n", e.Name, strings.ReplaceAll(e.Value, "'", "''")) +@@ -426,17 +431,68 @@ func PrintEnv(w io.Writer, env []cfg.EnvVar) { + if x > 0 { + fmt.Fprintf(w, " ") + } ++ // TODO(#59979): Does this need to be quoted like above? + fmt.Fprintf(w, "%s", s) + } + fmt.Fprintf(w, ")\n") + } + case "windows": +- fmt.Fprintf(w, "set %s=%s\n", e.Name, e.Value) ++ if hasNonGraphic(e.Value) { ++ base.Errorf("go: stripping unprintable or unescapable characters from %%%q%%", e.Name) ++ } ++ fmt.Fprintf(w, "set %s=%s\n", e.Name, batchEscape(e.Value)) + } + } + } + } + ++func hasNonGraphic(s string) bool { ++ for _, c := range []byte(s) { ++ if c == '\r' || c == '\n' || (!unicode.IsGraphic(rune(c)) && !unicode.IsSpace(rune(c))) { ++ return true ++ } ++ } ++ return false ++} ++ ++func shellQuote(s string) string { ++ var b bytes.Buffer ++ b.WriteByte('\'') ++ for _, x := range []byte(s) { ++ if x == '\'' { ++ // Close the single quoted string, add an escaped single quote, ++ // and start another single quoted string. ++ b.WriteString(`'\''`) ++ } else { ++ b.WriteByte(x) ++ } ++ } ++ b.WriteByte('\'') ++ return b.String() ++} ++ ++func batchEscape(s string) string { ++ var b bytes.Buffer ++ for _, x := range []byte(s) { ++ if x == '\r' || x == '\n' || (!unicode.IsGraphic(rune(x)) && !unicode.IsSpace(rune(x))) { ++ b.WriteRune(unicode.ReplacementChar) ++ continue ++ } ++ switch x { ++ case '%': ++ b.WriteString("%%") ++ case '<', '>', '|', '&', '^': ++ // These are special characters that need to be escaped with ^. See ++ // https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/set_1. ++ b.WriteByte('^') ++ b.WriteByte(x) ++ default: ++ b.WriteByte(x) ++ } ++ } ++ return b.String() ++} ++ + func printEnvAsJSON(env []cfg.EnvVar) { + m := make(map[string]string) + for _, e := range env { +diff --git a/src/cmd/go/internal/envcmd/env_test.go b/src/cmd/go/internal/envcmd/env_test.go +new file mode 100644 +index 0000000..32d99fd +--- /dev/null ++++ b/src/cmd/go/internal/envcmd/env_test.go +@@ -0,0 +1,94 @@ ++// Copyright 2022 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build unix || windows ++ ++package envcmd ++ ++import ( ++ "bytes" ++ "cmd/go/internal/cfg" ++ "fmt" ++ "internal/testenv" ++ "os" ++ "os/exec" ++ "path/filepath" ++ "runtime" ++ "testing" ++ "unicode" ++) ++ ++func FuzzPrintEnvEscape(f *testing.F) { ++ f.Add(`$(echo 'cc"'; echo 'OOPS="oops')`) ++ f.Add("$(echo shell expansion 1>&2)") ++ f.Add("''") ++ f.Add(`C:\"Program Files"\`) ++ f.Add(`\\"Quoted Host"\\share`) ++ f.Add("\xfb") ++ f.Add("0") ++ f.Add("") ++ f.Add("''''''''") ++ f.Add("\r") ++ f.Add("\n") ++ f.Add("E,%") ++ f.Fuzz(func(t *testing.T, s string) { ++ t.Parallel() ++ ++ for _, c := range []byte(s) { ++ if c == 0 { ++ t.Skipf("skipping %q: contains a null byte. Null bytes can't occur in the environment"+ ++ " outside of Plan 9, which has different code path than Windows and Unix that this test"+ ++ " isn't testing.", s) ++ } ++ if c > unicode.MaxASCII { ++ t.Skipf("skipping %#q: contains a non-ASCII character %q", s, c) ++ } ++ if !unicode.IsGraphic(rune(c)) && !unicode.IsSpace(rune(c)) { ++ t.Skipf("skipping %#q: contains non-graphic character %q", s, c) ++ } ++ if runtime.GOOS == "windows" && c == '\r' || c == '\n' { ++ t.Skipf("skipping %#q on Windows: contains unescapable character %q", s, c) ++ } ++ } ++ ++ var b bytes.Buffer ++ if runtime.GOOS == "windows" { ++ b.WriteString("@echo off\n") ++ } ++ PrintEnv(&b, []cfg.EnvVar{{Name: "var", Value: s}}) ++ var want string ++ if runtime.GOOS == "windows" { ++ fmt.Fprintf(&b, "echo \"%%var%%\"\n") ++ want += "\"" + s + "\"\r\n" ++ } else { ++ fmt.Fprintf(&b, "printf '%%s\\n' \"$var\"\n") ++ want += s + "\n" ++ } ++ scriptfilename := "script.sh" ++ if runtime.GOOS == "windows" { ++ scriptfilename = "script.bat" ++ } ++ scriptfile := filepath.Join(t.TempDir(), scriptfilename) ++ if err := os.WriteFile(scriptfile, b.Bytes(), 0777); err != nil { ++ t.Fatal(err) ++ } ++ t.Log(b.String()) ++ var cmd *exec.Cmd ++ if runtime.GOOS == "windows" { ++ cmd = testenv.Command(t, "cmd.exe", "/C", scriptfile) ++ } else { ++ cmd = testenv.Command(t, "sh", "-c", scriptfile) ++ } ++ out, err := cmd.Output() ++ t.Log(string(out)) ++ if err != nil { ++ t.Fatal(err) ++ } ++ ++ if string(out) != want { ++ t.Fatalf("output of running PrintEnv script and echoing variable: got: %q, want: %q", ++ string(out), want) ++ } ++ }) ++} +diff --git a/src/cmd/go/testdata/script/env_sanitize.txt b/src/cmd/go/testdata/script/env_sanitize.txt +new file mode 100644 +index 0000000..cc4d23a +--- /dev/null ++++ b/src/cmd/go/testdata/script/env_sanitize.txt +@@ -0,0 +1,5 @@ ++env GOFLAGS='$(echo ''cc"''; echo ''OOPS="oops'')' ++go env ++[GOOS:darwin] stdout 'GOFLAGS=''\$\(echo ''\\''''cc"''\\''''; echo ''\\''''OOPS="oops''\\''''\)''' ++[GOOS:linux] stdout 'GOFLAGS=''\$\(echo ''\\''''cc"''\\''''; echo ''\\''''OOPS="oops''\\''''\)''' ++[GOOS:windows] stdout 'set GOFLAGS=\$\(echo ''cc"''; echo ''OOPS="oops''\)' +diff --git a/src/cmd/go/testdata/script/work_env.txt b/src/cmd/go/testdata/script/work_env.txt +index 511bb4e..8b1779e 100644 +--- a/src/cmd/go/testdata/script/work_env.txt ++++ b/src/cmd/go/testdata/script/work_env.txt +@@ -1,7 +1,7 @@ + go env GOWORK + stdout '^'$GOPATH'[\\/]src[\\/]go.work$' + go env +-stdout '^(set )?GOWORK="?'$GOPATH'[\\/]src[\\/]go.work"?$' ++stdout '^(set )?GOWORK=''?'$GOPATH'[\\/]src[\\/]go.work''?$' + + cd .. + go env GOWORK +-- +2.39.0 + diff --git a/meta/recipes-devtools/go/go/CVE-2023-24531_2.patch b/meta/recipes-devtools/go/go/CVE-2023-24531_2.patch new file mode 100644 index 0000000000..dec36f9d42 --- /dev/null +++ b/meta/recipes-devtools/go/go/CVE-2023-24531_2.patch @@ -0,0 +1,47 @@ +From 24f1def536c5344e0067a3119790b83ee6224058 Mon Sep 17 00:00:00 2001 +From: miller +Date: Mon, 8 May 2023 16:56:21 +0100 +Subject: [PATCH 2/2] cmd/go: quote entries in list-valued variables for go env + in plan9 + +When 'go env' without an argument prints environment variables as +a script which can be executed by the shell, variables with a +list value in Plan 9 (such as GOPATH) need to be printed with each +element enclosed in single quotes in case it contains characters +significant to the Plan 9 shell (such as ' ' or '='). + +For #58508 + +Change-Id: Ia30f51307cc6d07a7e3ada6bf9d60bf9951982ff +Reviewed-on: https://go-review.googlesource.com/c/go/+/493535 +Run-TryBot: Cherry Mui +Reviewed-by: Cherry Mui +Reviewed-by: Russ Cox +TryBot-Result: Gopher Robot +Auto-Submit: Dmitri Shuralyov + +CVE: CVE-2023-24531 +Upstream-Status: Backport [05cc9e55876874462a4726ca0101c970838c80e5] + +Signed-off-by: Sakib Sajal +--- + src/cmd/go/internal/envcmd/env.go | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/cmd/go/internal/envcmd/env.go b/src/cmd/go/internal/envcmd/env.go +index 5b52fad..d4fc399 100644 +--- a/src/cmd/go/internal/envcmd/env.go ++++ b/src/cmd/go/internal/envcmd/env.go +@@ -431,8 +431,7 @@ func PrintEnv(w io.Writer, env []cfg.EnvVar) { + if x > 0 { + fmt.Fprintf(w, " ") + } +- // TODO(#59979): Does this need to be quoted like above? +- fmt.Fprintf(w, "%s", s) ++ fmt.Fprintf(w, "'%s'", strings.ReplaceAll(s, "'", "''")) + } + fmt.Fprintf(w, ")\n") + } +-- +2.39.0 + From patchwork Sat Jul 22 18:56:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27819 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A962AC001E0 for ; Sat, 22 Jul 2023 18:57:19 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.11576.1690052230291265763 for ; Sat, 22 Jul 2023 11:57:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=OohOkvtX; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-666eba6f3d6so1756064b3a.3 for ; Sat, 22 Jul 2023 11:57:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052229; x=1690657029; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TXEk/PivcJcdEHksCDV9+WDhR2dJrOg2ugPj05BNzno=; b=OohOkvtXOzgoSj2WjchVWljFITPBUX4rQM3vJZRPbVa0C7MPa6b/A2hYb4gG5W4OcX S/wUnOHEmepZ+9LI2y2JUuJbbFzT1GQe9OmwND0icSyt2ZKb614Oxn2jVhupxhox+cTx 89smWmWhDFexNkVC3T7zwhIuiMVC8ZBVyx8Ejyb9YWeaOyxU9Vw8u0P7dSDkeH1N061H 3y5yaSxov39AgFEA3x6e3KU9hZGFzSXkqQj2K+eQBxiVq/abwgIfV0vSghNN7MzQYzrq UIQJbyVEc2yPRPj45+YaJfmHLYVQLpNiKGiv+zAy1JBDjlgcegpEyrWsDDTkdC6EqNNG t+Fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052229; x=1690657029; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TXEk/PivcJcdEHksCDV9+WDhR2dJrOg2ugPj05BNzno=; b=KpwdGNI6p52Mf+yR/gzYES6QVf8NGyTVjSPZ6xjTMflFS3hJBgDlrA9HV0Z97IdFRa uflKq8xPAwkK2ELPvN6a4fIc6qit/otcpC8KefIIRPHk4cfLcuoUwnOekiaC38uvDZ9M VW7efrpdGW1DbSLvQbFi7/Nvdiw3GWwX8kPeXspdxMfzeHTgVjvvMl1fgNexumEHyfTf fTexlx6NtJd/0uVvVDeXbPmotqr2c5Ht/FU9IUL8yfc0xXkhmb31Tpna+M4maFSTQbGU 1tNQLEB5LecwhQDB83VTg4bKIoCSAcTvsPyAXqTxk4j8cAt9IgHLAaDQn62aAg64QUOk wtYw== X-Gm-Message-State: ABy/qLaLTvj+ZDoND8OnBPWi83jy8MmMuKWtnjs75plwLMemqJySDIl8 /hIGklvlv7+gxjp0ov2OueVsAT2d4LBdJqhcXo0= X-Google-Smtp-Source: APBJJlFYGeLNMPR9ypXlhhovzA33sI1VTIB2csDkV6Uv5VcZ2Mw9GvunXUPntwZWJclYX5U/WFA/6w== X-Received: by 2002:a05:6a20:7f84:b0:133:6b64:c92 with SMTP id d4-20020a056a207f8400b001336b640c92mr4790052pzj.44.1690052229415; Sat, 22 Jul 2023 11:57:09 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:09 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 03/11] webkitgtk: 2.38.5 -> 2.38.6 Date: Sat, 22 Jul 2023 08:56:47 -1000 Message-Id: <34bd08b121f1653907b45eb8d6192a77ef638005.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184726 From: Kai Kang Update webkitgtk from 2.38.5 to 2.38.6. It fixes CVE-2023-27932 and CVE-2023-27954. What’s new in the WebKitGTK 2.38.6 release? * Enable the Asynchronous Clipboard API to make certain pages work (e.g. GithHub started recently requiring it). * Support :has() CSS selectors in content filters. * Apply basic font properties as font variation settings. * The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. * Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. * Fix the build with journald support enabled when using elogind instead of the systemd libraries. * Fix the build with Link-Time Optimization enabled (-flto=auto). * Fix context menus not working in the remote Web Inspector. * Fix usage of the remote Web Inspector over HTTP. * Fix debug logs not being emitted in release builds. * Fix several crashes and rendering issues. Signed-off-by: Kai Kang Signed-off-by: Steve Sakoman --- .../webkit/{webkitgtk_2.38.5.bb => webkitgtk_2.38.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-sato/webkit/{webkitgtk_2.38.5.bb => webkitgtk_2.38.6.bb} (98%) diff --git a/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb b/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb similarity index 98% rename from meta/recipes-sato/webkit/webkitgtk_2.38.5.bb rename to meta/recipes-sato/webkit/webkitgtk_2.38.6.bb index 36c6233b33..5e8adf50fc 100644 --- a/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb +++ b/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb @@ -15,7 +15,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://0d3344e17d258106617b0e6d783d073b188a2548.patch \ file://d318bb461f040b90453bc4e100dcf967243ecd98.patch \ " -SRC_URI[sha256sum] = "40c20c43022274df5893f22b1054fa894c3eea057389bb08aee08c5b0bb0c1a7" +SRC_URI[sha256sum] = "1c614c9589389db1a79ea9ba4293bbe8ac3ab0a2234cac700935fae0724ad48b" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gi-docgen From patchwork Sat Jul 22 18:56:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27820 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9005C04A94 for ; Sat, 22 Jul 2023 18:57:19 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web11.11577.1690052232116402925 for ; Sat, 22 Jul 2023 11:57:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=d6Pw7CPD; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-666edfc50deso1985719b3a.0 for ; Sat, 22 Jul 2023 11:57:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052231; x=1690657031; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=5ERtPyHRQ62eETrL6xTByoR2SrtFOe8+AtJR8a1si/0=; b=d6Pw7CPDmTlz72mzHUFua5uQpzqJ7UnqPdwUJSRFqpcP+eEQ34e4wNlQbYiwl2k0oK tVDuOJVdIAQddSebQoohbpjG8EF6u5nmFo2IFzGSFtsmXz6m7FuAqm/h0vuUXMtz0yxX ypD+Fp38rga4DdW3VDS74EtMi8qjYSH7teRfkCicNSRqgmdHXFPJnIMogvVwR4jLtcar i/yTQAw2FYEkt/0xFuZsrzhfqkSJNqfLo1eZi/FBtSZeNi1xzs7Eo5KqS+pxQ5AXjGui Tkt/rY9LxmKznMRaC5Z3M4uHXVgQLV+1XTtzWr3RuTG7H2ptxnUgs7MEkX6y/4XjnGKk 9vlA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052231; x=1690657031; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5ERtPyHRQ62eETrL6xTByoR2SrtFOe8+AtJR8a1si/0=; b=fCb0jwnTAQr+lRCsbU9ISbkS81nubTbxdmb14CfKDcCaA/ZglSHaUswOsdN3167Pzc sXUa6sIi7JYVfrHNdV6FQx4yJt/wkPcROfZa2LSa7Xng9w9z9GeeJxRKU3vetA4ORAWM 2+Lu+EqoHozleqDCL1/RzZmTAqYY9I4dQAKwGvMglB/FFhDk8HeNiAV1t6fzh+futIgn MI6t2psSHwSEZyb5fA24vM1+MBkMWiONENJPxegYjy6iJjs2Js+EnQn1sQhxFxFZBLBf v7PPhxNDX4/j13axrJoZt1SmhCeiYMNpyXp2I4t8qdCLWssBO70xc1L/NbarGkQAmlfD UsSA== X-Gm-Message-State: ABy/qLYaDdTp63Y7PHS5bZsaM6k+0w7DiKSrbsqngcyuOj2Nr7v5R6jB hQ7sINidU6kOjUflMncOWTFA6CLh1Wuz6pOnTcU= X-Google-Smtp-Source: APBJJlEYw49m7qZe5lp1eIbU+mW1I5uyPQLWo3AkFFjiMstoIfWtVi7C2OFbN93Y5XJ010qjntf1ng== X-Received: by 2002:a05:6a00:a23:b0:686:626d:71e with SMTP id p35-20020a056a000a2300b00686626d071emr6401418pfh.2.1690052231129; Sat, 22 Jul 2023 11:57:11 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:10 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 04/11] linux-yocto/5.15: update to v5.15.119 Date: Sat, 22 Jul 2023 08:56:48 -1000 Message-Id: <35f0fb05f8be017e906626aa1060a81d4ca8e1c1.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184727 From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: 4af60700a60c Linux 5.15.119 10fbd2e04e40 act_mirred: remove unneded merge conflict markers 2230b3f874d9 i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle 907a069ec38f x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys 7949f83f7ecc vhost_net: revert upend_idx only on retriable error fdac0aa4a175 drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl f012d3037c15 drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl a44b4230d2ba drm/exynos: vidi: fix a wrong error return 79b4125bce96 ARM: dts: Fix erroneous ADS touchscreen polarities 9684c4fdeeca s390/purgatory: disable branch profiling 3c4d87e9fa8a ASoC: nau8824: Add quirk to active-high jack-detect d77eac1b14e0 soundwire: dmi-quirks: add new mapping for HP Spectre x360 53ad4af4ec90 ASoC: simple-card: Add missing of_node_put() in case of error bb45dc7b67c5 spi: lpspi: disable lpspi module irq in DMA mode f8d9d8f1727d s390/cio: unregister device when the only path is gone e10d15fdfced Input: soc_button_array - add invalid acpi_index DMI quirk handling 26bde09a1512 nvme: double KA polling frequency to avoid KATO with TBKAS on e3bbc148377d usb: gadget: udc: fix NULL dereference in remove() cce681383d34 nfcsim.c: Fix error checking for debugfs_create_dir 8a5ddd1430d4 media: cec: core: don't set last_initiator if tx in progress 01cf989090da arm64: Add missing Set/Way CMO encodings f97b16c0a538 HID: wacom: Add error check to wacom_parse_and_register() e8bdb1f88699 scsi: target: iscsi: Prevent login threads from racing between each other 1cc379d53b66 gpio: sifive: add missing check for platform_get_irq 497d40140865 gpiolib: Fix GPIO chip IRQ initialization restriction 7973c4b3b97d gpio: Allow per-parent interrupt data c1a2b52d999e sch_netem: acquire qdisc lock in netem_change() 3138c85031e8 selftests: forwarding: Fix race condition in mirror installation b7db41a86541 bpf/btf: Accept function names that contain dots 0f8d81254fd6 Revert "net: phy: dp83867: perform soft reset and retain established link" 57130334da4e netfilter: nfnetlink_osf: fix module autoload 53defc6ecff4 netfilter: nf_tables: disallow updates of anonymous sets 2f2f9eaa6da1 netfilter: nf_tables: reject unbound chain set before commit phase 2938e7d582d7 netfilter: nf_tables: reject unbound anonymous set before commit phase baa3ec1b31f5 netfilter: nf_tables: disallow element updates of bound anonymous sets 45eb6944d0f5 netfilter: nft_set_pipapo: .walk does not deal with generations 4004f12aaca8 netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain 314a8697d080 netfilter: nf_tables: fix chain binding transaction logic 1328e8d4c3ee be2net: Extend xmit workaround to BE3 chip 768f94c5f639 net: dsa: mt7530: fix handling of BPDUs on MT7530 switch aa528e7d379f net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch efea112a87b6 ipvs: align inner_mac_header for encapsulation 24d7d9aee03d mmc: usdhi60rol0: fix deferred probing d1e08bed0307 mmc: sh_mmcif: fix deferred probing 34c4906b9a06 mmc: sdhci-acpi: fix deferred probing 41f1e8dab08d mmc: owl: fix deferred probing b86ca9e08ca9 mmc: omap_hsmmc: fix deferred probing 445a9568dec1 mmc: omap: fix deferred probing 840deb8d1418 mmc: mvsdio: fix deferred probing 92f73c4f927c mmc: mtk-sd: fix deferred probing aedecd013d2c net: qca_spi: Avoid high load if QCA7000 is not available 156dd06fb337 xfrm: Linearize the skb after offloading if needed. d967bd7ea6cc selftests: net: fcnal-test: check if FIPS mode is enabled 964cfdfd4b4f xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets 25e89fa7b5a8 bpf: Fix verifier id tracking of scalars on spill 0b180495f6b0 bpf: track immediate values written to stack by BPF_ST instruction 3229a29e95f5 xfrm: Ensure policies always checked on XFRM-I input path d055ee18cab8 xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c 491ce3c1d98a xfrm: Treat already-verified secpath entries as optional 0ce3d0c068d9 ieee802154: hwsim: Fix possible memory leaks 29672dc47d99 mmc: meson-gx: fix deferred probing 9bac4a2b7326 memfd: check for non-NULL file_seals in memfd_create() syscall 103734b429b9 x86/mm: Avoid using set_pgd() outside of real PGD pages 793d0224bb60 nilfs2: prevent general protection fault in nilfs_clear_dirty_page() 96987c383c2b io_uring/net: disable partial retries for recvmsg with cmsg 25a543ca3005 io_uring/net: clear msg_controllen on partial sendmsg retry 34a7e5021a43 io_uring/net: save msghdr->msg_control for retries b07bb2914ada writeback: fix dereferencing NULL mapping->host on writeback_page_template 3c46a240ddba regmap: spi-avmm: Fix regmap_bus max_raw_write 4796d9b06917 regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK ba9952e2f50b ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN acee272283f4 mmc: mmci: stm32: fix max busy timeout calculation 999173f295cc mmc: meson-gx: remove redundant mmc_request_done() call from irq context 00010b52c705 mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 4a557910bbed cgroup: Do not corrupt task iteration when rebinding subsystem 815b24401165 PCI: hv: Add a per-bus mutex state_lock 34e21b8ff3e6 PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic 7d852ca7af37 PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev 5e0d33cc7813 Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally" ac0df91c7d98 PCI: hv: Fix a race condition bug in hv_pci_query_relations() 80c5d97b4aa1 Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs 4d31eb2e266c Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails 953dd7e2df81 KVM: Avoid illegal stage2 mapping on invalid memory slot 1d6c93206839 ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep() b12011cea56b nilfs2: fix buffer corruption due to concurrent device reads 485f6be2549c selftests: mptcp: join: skip check if MIB counter not supported 64cb73ea77ab selftests: mptcp: join: use 'iptables-legacy' if available 979a941d7ed3 selftests: mptcp: pm nl: remove hardcoded default limits ac65930751c4 selftests/mount_setattr: fix redefine struct mount_attr build error 726d033133e7 selftests: mptcp: lib: skip if not below kernel version b28fc26683b4 selftests: mptcp: lib: skip if missing symbol 024a24e5d4dd tick/common: Align tick period during sched_timer setup 3c1aa91b37f9 drm/amd/display: Add wrapper to call planes and stream update eea850c025b5 drm/amd/display: Use dc_update_planes_and_stream fb7c68bbccad drm/amd/display: Add minimal pipe split transition state b5f0e898f674 tpm, tpm_tis: Claim locality in interrupt handler 39e787253720 tracing: Add tracing_reset_all_online_cpus_unlocked() function 5a24be76af79 drm/amd/display: fix the system hang while disable PSR Signed-off-by: Bruce Ashfield Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_5.15.bb | 6 ++--- .../linux/linux-yocto-tiny_5.15.bb | 6 ++--- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 6ca7873910..a75eef5d8b 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "b2a7dbd4edac7627c091c2ab14fec83726a4c79b" -SRCREV_meta ?= "b647d9611cb4936536e60a438292fc22df2fe000" +SRCREV_machine ?= "482797bf5730cf22143afe28d489363ca4bf44a2" +SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "5.15.118" +LINUX_VERSION ?= "5.15.119" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 616cc47202..6d7939ba83 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.118" +LINUX_VERSION ?= "5.15.119" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "b79e89ab973aeb8ec48e2cd987436ab52678e795" -SRCREV_meta ?= "b647d9611cb4936536e60a438292fc22df2fe000" +SRCREV_machine ?= "ded230a888ef81ccedf0044bd8c2236f3b809599" +SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 4ae03f1cb4..dfe9171ddd 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "2290ac7e8d7fbb8e13a34468b85066c398c7d1f3" -SRCREV_machine:qemuarm64 ?= "3f3f2067c3ee4d9dffaed9b757583d013671cf25" -SRCREV_machine:qemumips ?= "f61a3b045bdfc9aa7da440852e0a79fd8d9b4d69" -SRCREV_machine:qemuppc ?= "7a2773ad8fb4ae4eb0183ccda8ec133098d13ec9" -SRCREV_machine:qemuriscv64 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemuriscv32 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemux86 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemux86-64 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemumips64 ?= "47d334232ab28f0f8d5316e07e11f8f14c6aaecc" -SRCREV_machine ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_meta ?= "b647d9611cb4936536e60a438292fc22df2fe000" +SRCREV_machine:qemuarm ?= "9ae4c8018039201ce683ff26bde47a3e3e6664ef" +SRCREV_machine:qemuarm64 ?= "58394274da1b4fdf69ca780001bf25eebfd1950f" +SRCREV_machine:qemumips ?= "bacfb28c9349b36afe3041e57d98551aa723bbc2" +SRCREV_machine:qemuppc ?= "d9efae0cb3731ab62cb81778c2fa5689594d34b1" +SRCREV_machine:qemuriscv64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemuriscv32 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemux86 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemux86-64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemumips64 ?= "2ae09c410d8a5a0ec66d50368579dd3d3616072b" +SRCREV_machine ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "f67653019430833d5003f16817d7fa85272a6a76" +SRCREV_machine:class-devupstream ?= "4af60700a60cc45ee4fb6d579cccf1b7bca20c34" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.118" +LINUX_VERSION ?= "5.15.119" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Sat Jul 22 18:56:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27818 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B81EDC04A6A for ; Sat, 22 Jul 2023 18:57:19 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web10.11709.1690052234034898166 for ; Sat, 22 Jul 2023 11:57:14 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=zczAK4ma; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-666e6541c98so2814063b3a.2 for ; Sat, 22 Jul 2023 11:57:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052233; x=1690657033; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=zPWAcplvFT/9WoqjlO69J3GFkIQYIMX8khz/aa5+PF4=; b=zczAK4maCkuEaO7/box3NQBXmp7UKYqIZGiDEdH/JKdar80bGCd5MxZZPDRuG5UbMq ys4EjlNno5iDLIZ2sg3g4ECCBSaHIm4emYbAom4LD0ZnFDtnSgmgV8StfBfj3OQHmwWx Lq1EkUOO35hmxfvbaqv6ElN8YfWNOdJAiiL1nCHn1Q7DmqhOReyLU9+HZ+4sdsB0r8dy aG082Spo31mobWYl6k54Y9H8IVvN+9HusOVt7Xf3RY7b21MZ0Kv+zA/e5CacNQvd+hVq z0uVZbvKfcoW2czulGwOxdVvazSNx4Baidiyw1oHHUh48D9oW+YbXWMJ8Mb7r9jgS/OK Je5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052233; x=1690657033; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zPWAcplvFT/9WoqjlO69J3GFkIQYIMX8khz/aa5+PF4=; b=Xx3lSx7IoblgJ730puYBeZ1KMZDWhpQYAsnuUHnvK0yWwZGxXvABIQe9EWVNOLS8hj OKZTk6BnRZa64Y3G2qFuVXGSpLfD52cl4wU3vjiMEpvtNIUQUV+FuWfzevwUsFpxQSo/ XzVoepLaZwvfUpMVNTEdyxCAAPZwfswlA0ZMDAZXQCg/Z+555s0oTnmJ5bw97RaTasa7 P0NcZuZJCeHysxCiDLl4JClT+h8Dkb+oYLnYYSpU7ZKmd7IeH+D8d5cHnFvEosdGeIuV o+F7jlcFvRMDhHxxZM/kYRNca/mZgxzHRvOj8JCnq6bME3Q4iwcHYGUjbvze22XmDcmE 5O4w== X-Gm-Message-State: ABy/qLZVS/5gGkE8QXVwbIt+PZf5fQzb0O+Ew3342ckr0nGKakBPsiVn aNGXk2Hwfsc1siq2CJAWCzn4o33LJWdRSkEyUUg= X-Google-Smtp-Source: APBJJlHaUywzZVbuB76i3dfziv1nLh+JHhszpAWotayAgaAYipjODsQpHEo0zAlDCcZwQOv2u3Xzqw== X-Received: by 2002:a05:6a20:4d9e:b0:134:1c06:1c1f with SMTP id gj30-20020a056a204d9e00b001341c061c1fmr6228878pzb.37.1690052232987; Sat, 22 Jul 2023 11:57:12 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:12 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 05/11] linux-yocto/5.15: update to v5.15.120 Date: Sat, 22 Jul 2023 08:56:49 -1000 Message-Id: <5209c9db1a918aa06c5d37163742efc59bb4503b.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184728 From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: d54cfc420586 Linux 5.15.120 c06edf13f4cf nubus: Partially revert proc_create_single_data() conversion 6e65fa33edf5 parisc: Delete redundant register definitions in b4d8f8900021 drm/amdgpu: Validate VM ioctl flags. 26eb191bf5a0 scripts/tags.sh: Resolve gtags empty index generation 989b4a753c7e perf symbols: Symbol lookup with kcore can fail if multiple segments match stext 87f51cf60e3e Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe" 6a28f3490d3d HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651. 67ce7724637c HID: wacom: Use ktime_t rather than int when dealing with timestamps 347732317749 bpf: ensure main program has an extable d874cf9799a9 can: isotp: isotp_sendmsg(): fix return error fix on TX path 27d03d15bb8b x86/smp: Use dedicated cache-line for mwait_play_dead() d6c745ca4fc5 x86/microcode/AMD: Load late on both threads too 9052349685e9 drm/amdgpu: Set vmbo destroy after pt bo is created 796481bedc3e mm, hwpoison: when copy-on-write hits poison, take page offline 6713b8f11aa0 mm, hwpoison: try to recover from copy-on write faults b46021ab8304 mptcp: consolidate fallback and non fallback state machine 42ff95b4bd11 mptcp: fix possible divide by zero in recvmsg() Signed-off-by: Bruce Ashfield Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_5.15.bb | 6 ++--- .../linux/linux-yocto-tiny_5.15.bb | 6 ++--- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index a75eef5d8b..94b0df3f4d 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "482797bf5730cf22143afe28d489363ca4bf44a2" -SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" +SRCREV_machine ?= "0b2e44360ea08b441883f16826c4720546a0886c" +SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "5.15.119" +LINUX_VERSION ?= "5.15.120" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 6d7939ba83..e5d181598d 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.119" +LINUX_VERSION ?= "5.15.120" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "ded230a888ef81ccedf0044bd8c2236f3b809599" -SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" +SRCREV_machine ?= "bb0cc3f9542c03fba314f5da44e91556c641706f" +SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index dfe9171ddd..80cc5239cd 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "9ae4c8018039201ce683ff26bde47a3e3e6664ef" -SRCREV_machine:qemuarm64 ?= "58394274da1b4fdf69ca780001bf25eebfd1950f" -SRCREV_machine:qemumips ?= "bacfb28c9349b36afe3041e57d98551aa723bbc2" -SRCREV_machine:qemuppc ?= "d9efae0cb3731ab62cb81778c2fa5689594d34b1" -SRCREV_machine:qemuriscv64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemuriscv32 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemux86 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemux86-64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemumips64 ?= "2ae09c410d8a5a0ec66d50368579dd3d3616072b" -SRCREV_machine ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" +SRCREV_machine:qemuarm ?= "938c0c130bc6403d7e54ffc026a1eb32d10b34f9" +SRCREV_machine:qemuarm64 ?= "d248c07ace0f6bf2a94eaba26a2bdbdbcfb2ec15" +SRCREV_machine:qemumips ?= "19fdaea3b322820eb042622e68ede3cc99cdf87f" +SRCREV_machine:qemuppc ?= "8db87cbed6574bec3ece05bf4cbb275fd3497f50" +SRCREV_machine:qemuriscv64 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemuriscv32 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemux86 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemux86-64 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemumips64 ?= "f7673229ddb5c9f3d77b5fb521c98f7dcd20f2ea" +SRCREV_machine ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "4af60700a60cc45ee4fb6d579cccf1b7bca20c34" +SRCREV_machine:class-devupstream ?= "d54cfc420586425d418a53871290cc4a59d33501" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.119" +LINUX_VERSION ?= "5.15.120" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Sat Jul 22 18:56:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27817 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7E2AC41513 for ; Sat, 22 Jul 2023 18:57:19 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.11711.1690052235634931315 for ; Sat, 22 Jul 2023 11:57:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=VAXoiIjL; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-666eb03457cso1755492b3a.1 for ; Sat, 22 Jul 2023 11:57:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052235; x=1690657035; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=JtRsR5qrGc9NFbHuViNW8a/+oCiam+Iic4zYfIElTQc=; b=VAXoiIjLQ9zsEGcxKwZfebXUE0cxQO81E8NZcJkIEsjE9OAmFRofzleO7sfd3HNTJU SJJH+uJskYkIii5q0nwofQIJ9pJTiJOgEqyEizziAfw4choxpDLkhkhuR4WQTNJBDOCe iAQDqRooVPOyB6aoTjrd0+WzubOV9iBioRmxop0mcZX7UJ815z/7bo51fTvpk3hHP217 q4ajNelF6lHqkUq+ceOh+227/9bH65gn0lC+6OjkXzekKTRxU7LQWbzzN3ykMzeRMEdH WzRQ/RE0iFBjkr19LMZe7NZ13Zj1aSvF1OyxTOnH6//SEEIQYIp9v4zXKgtRJAm2US9g 8CWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052235; x=1690657035; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JtRsR5qrGc9NFbHuViNW8a/+oCiam+Iic4zYfIElTQc=; b=Fe3MkJqLuWr7S3JYamU2N1m85o4PMPGDNAkpmlA4Tp6wCkYejxvRlsYS/d4YTVupej dajxtNOhcWB7O9D562eXEdq3K1kbdDyjql3fL3uQG0TL7mlqgkM9I4j238Q/R4QR/baL ZfVEbqa2SANOp1h+1HUYLxURoYjo8XCoXSINOpwYI+ybI4d+NDU+StEfWjnZN1Yz9iac ZIn++3Rtj7F3iUdqvwiku5CC+pOq7kUy2EYSXqjRAWw+ooqQOYQuOBsJhr+AkT2v7cuL B0WxiBDWGfT044MlaRwFZrjoD94GX6pyaQ/y0+mXrMHun/2pkFP5YfWwXNmPp+7r5wdB PdAw== X-Gm-Message-State: ABy/qLa0H9/Ef+PbX3J8QhOe9XFf74wzQ09AJbMyC3nziTQsnNXdM1Co K5dRcgRnvD77cNlBxdICwG2XvuKcfh6qK52gYoc= X-Google-Smtp-Source: APBJJlHsA4rknmdjEPYnMadEinpwv7aLucyiNyUuh+X5fpRW2SVWbX0qnwIzCCxOLIHDJy+oB39tWA== X-Received: by 2002:a05:6a20:8f2a:b0:133:fd64:8d48 with SMTP id b42-20020a056a208f2a00b00133fd648d48mr4842864pzk.4.1690052234761; Sat, 22 Jul 2023 11:57:14 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 06/11] vim: upgrade 9.0.1527 -> 9.0.1592 Date: Sat, 22 Jul 2023 08:56:50 -1000 Message-Id: <5893c605060983db08a4b2d19b1dbfef23f9910d.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184729 From: Trevor Gamblin Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2609 d1ae836 patch 9.0.1531: crash when register contents ends up being invalid https://nvd.nist.gov/vuln/detail/CVE-2023-2610 ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text Signed-off-by: Trevor Gamblin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index e1d2563316..33ae0d8079 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".1527" -SRCREV = "c28e7a2b2f23dbd246a1ad7ad7aaa6f7ab2e5887" +PV .= ".1592" +SRCREV = "29b4c513b11deb37f0e0538df53d195f602fa42c" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" From patchwork Sat Jul 22 18:56:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27816 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7C96C001DE for ; Sat, 22 Jul 2023 18:57:19 +0000 (UTC) Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web10.11713.1690052237578607369 for ; Sat, 22 Jul 2023 11:57:17 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=ABj4ohDw; spf=softfail (domain: sakoman.com, ip: 209.85.210.182, mailfrom: steve@sakoman.com) Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-666ed230c81so2841265b3a.0 for ; Sat, 22 Jul 2023 11:57:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052237; x=1690657037; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=iEBwLAjXr5rUfhQxZOQLvyO423Cxjjl2eYxqC+BZG1o=; b=ABj4ohDwhLRSnZQIhDZTitt11oTxnPl1+N2uu/OsqVyBoAS/05rjHo5nEUa9V83HrV pLzkCRPVA57894yzIIlhfczXUzz8GRfOHyh9k3+PCmjwR4dHA2TTN+b5/BESuARXhUmx d5EIhunhLWZzK3Qt/N+6zkvHfJZC/b2W9ahTiMUMCp6ta5OJqZTGY79jCjfFD+e0zEfH VZG9Cd+RQ0uoM9j98Tk8PN+janLaNEP+9gfZIeQLFBbA7WDsSzvMRAryh8X0cOBAgEkR ECmrQaDnqPAfyD/ge2sw9y8lOIr4BiWwbdkF3cr/WiyLBbJK7lQ9CioytuJQrXuC+GkA sGfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052237; x=1690657037; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iEBwLAjXr5rUfhQxZOQLvyO423Cxjjl2eYxqC+BZG1o=; b=f+/Yx3SbQdZ72fve3BmDRRD7Cml0gElj7nn5LryDIt9e9I8gpQDj7m6kMh1u/JhGyc kyRdZRAyXmrsCtJao2oGZlaiC4SJhQpfESm62J2+VCYzL/NaCKppUEdue9DwLxB4qnl+ aDTJPE9sKroa5XW4NxgxWgeW21j/Ci6aNPIj2uvC4cg7PH8pauodaT+uw9lrnJ5oGQei diTG8gODW9kcUsdyzVkDZYNtRbbwrvoe0pq6p6JsVEWUwfnC39ITF/ZzYPRdrvK8V8kd S/l4FOY5HK18FWf280vuIrtNt8PvjsG3PkmB8VGlQ32hu3Tb3TCgrkTREGIQZWUFuktZ fxIQ== X-Gm-Message-State: ABy/qLYnGL5rNyN8JTHkOTv3HQJNhIERxPPEOe/kSU0U/lnoZLkh1QHj 1J33ti2KqL3QCBPZ7WoE17zulustW/TepuOB+lU= X-Google-Smtp-Source: APBJJlFHBlvppFe2WpJBvEeDeVbL2hoY2wD3OgcQs4XDN08NsbFTFdJGX3e9FfXn27Qrtullek54KA== X-Received: by 2002:a05:6a20:100d:b0:137:30db:bc35 with SMTP id gs13-20020a056a20100d00b0013730dbbc35mr5549236pzc.27.1690052236595; Sat, 22 Jul 2023 11:57:16 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 07/11] tiff: upgrade to 4.5.1 Date: Sat, 22 Jul 2023 08:56:51 -1000 Message-Id: <309b58071d14406ccdf90342f0a33285dc83c87c.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184730 From: Ross Burton Also remove old CVE_CHECK_IGNOREs which are no longer needed due to CPE updates. This is a backport from master. Mickledore had one extra CVE patch that was not on master at the time of upgrade, so it had to be manually removed here. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie Signed-off-by: Natasha Bailey Signed-off-by: Steve Sakoman --- .../libtiff/files/CVE-2022-48281.patch | 29 ---- .../libtiff/files/CVE-2023-25434.patch | 159 ------------------ .../libtiff/files/CVE-2023-26965.patch | 99 ----------- .../libtiff/files/CVE-2023-2731.patch | 39 ----- .../libtiff/{tiff_4.5.0.bb => tiff_4.5.1.bb} | 14 +- 5 files changed, 2 insertions(+), 338 deletions(-) delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch rename meta/recipes-multimedia/libtiff/{tiff_4.5.0.bb => tiff_4.5.1.bb} (81%) diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch b/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch deleted file mode 100644 index e356d377ea..0000000000 --- a/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch +++ /dev/null @@ -1,29 +0,0 @@ -CVE: CVE-2022-48281 -Upstream-Status: Backport -Signed-off-by: Ross Burton - -From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001 -From: Su Laus -Date: Sat, 21 Jan 2023 15:58:10 +0000 -Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488. - ---- - tools/tiffcrop.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index 14fa18da..7db69883 100644 ---- a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image, - cropsize + NUM_BUFF_OVERSIZE_BYTES); - else - { -- prev_cropsize = seg_buffs[0].size; -+ prev_cropsize = seg_buffs[i].size; - if (prev_cropsize < cropsize) - { - next_buff = _TIFFrealloc( --- -GitLab - diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch deleted file mode 100644 index a78c9709f9..0000000000 --- a/meta/recipes-multimedia/libtiff/files/CVE-2023-25434.patch +++ /dev/null @@ -1,159 +0,0 @@ -From 69818e2f2d246e6631ac2a2da692c3706b849c38 Mon Sep 17 00:00:00 2001 -From: Su_Laus -Date: Sun, 29 Jan 2023 11:09:26 +0100 -Subject: [PATCH] tiffcrop: Amend rotateImage() not to toggle the input (main) - image width and length parameters when only cropped image sections are - rotated. Remove buffptr from region structure because never used. - -Closes #492 #493 #494 #495 #499 #518 #519 - -Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d246e6631ac2a2da692c3706b849c38] -CVE: CVE-2023-25434 - -Signed-off-by: Siddharth Doshi ---- - tools/tiffcrop.c | 51 ++++++++++++++++++++++++++++-------------------- - 1 file changed, 30 insertions(+), 21 deletions(-) - -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index fc5b34b..6e1acc4 100644 ---- a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -296,7 +296,6 @@ struct region - uint32_t width; /* width in pixels */ - uint32_t length; /* length in pixels */ - uint32_t buffsize; /* size of buffer needed to hold the cropped region */ -- unsigned char *buffptr; /* address of start of the region */ - }; - - /* Cropping parameters from command line and image data -@@ -577,7 +576,7 @@ static int rotateContigSamples24bits(uint16_t, uint16_t, uint16_t, uint32_t, - static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t, - uint32_t, uint32_t, uint8_t *, uint8_t *); - static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t *, -- unsigned char **); -+ unsigned char **, int); - static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, - unsigned char *); - static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, -@@ -5779,7 +5778,6 @@ static void initCropMasks(struct crop_mask *cps) - cps->regionlist[i].width = 0; - cps->regionlist[i].length = 0; - cps->regionlist[i].buffsize = 0; -- cps->regionlist[i].buffptr = NULL; - cps->zonelist[i].position = 0; - cps->zonelist[i].total = 0; - } -@@ -7221,8 +7219,13 @@ static int correct_orientation(struct image_data *image, - return (-1); - } - -- if (rotateImage(rotation, image, &image->width, &image->length, -- work_buff_ptr)) -+ /* Dummy variable in order not to switch two times the -+ * image->width,->length within rotateImage(), -+ * but switch xres, yres there. */ -+ uint32_t width = image->width; -+ uint32_t length = image->length; -+ if (rotateImage(rotation, image, &width, &length, work_buff_ptr, -+ TRUE)) - { - TIFFError("correct_orientation", "Unable to rotate image"); - return (-1); -@@ -7291,7 +7294,6 @@ static int extractCompositeRegions(struct image_data *image, - /* These should not be needed for composite images */ - crop->regionlist[i].width = crop_width; - crop->regionlist[i].length = crop_length; -- crop->regionlist[i].buffptr = crop_buff; - - src_rowsize = ((img_width * bps * spp) + 7) / 8; - dst_rowsize = (((crop_width * bps * count) + 7) / 8); -@@ -7552,7 +7554,6 @@ static int extractSeparateRegion(struct image_data *image, - - crop->regionlist[region].width = crop_width; - crop->regionlist[region].length = crop_length; -- crop->regionlist[region].buffptr = crop_buff; - - src = read_buff; - dst = crop_buff; -@@ -8543,7 +8544,7 @@ static int processCropSelections(struct image_data *image, - reallocate the buffer */ - { - if (rotateImage(crop->rotation, image, &crop->combined_width, -- &crop->combined_length, &crop_buff)) -+ &crop->combined_length, &crop_buff, FALSE)) - { - TIFFError("processCropSelections", - "Failed to rotate composite regions by %" PRIu32 -@@ -8668,7 +8669,7 @@ static int processCropSelections(struct image_data *image, - */ - if (rotateImage(crop->rotation, image, - &crop->regionlist[i].width, -- &crop->regionlist[i].length, &crop_buff)) -+ &crop->regionlist[i].length, &crop_buff, FALSE)) - { - TIFFError("processCropSelections", - "Failed to rotate crop region by %" PRIu16 -@@ -8815,7 +8816,7 @@ static int createCroppedImage(struct image_data *image, struct crop_mask *crop, - CROP_ROTATE) /* rotate should be last as it can reallocate the buffer */ - { - if (rotateImage(crop->rotation, image, &crop->combined_width, -- &crop->combined_length, crop_buff_ptr)) -+ &crop->combined_length, crop_buff_ptr, TRUE)) - { - TIFFError("createCroppedImage", - "Failed to rotate image or cropped selection by %" PRIu16 -@@ -9531,7 +9532,7 @@ static int rotateContigSamples32bits(uint16_t rotation, uint16_t spp, - /* Rotate an image by a multiple of 90 degrees clockwise */ - static int rotateImage(uint16_t rotation, struct image_data *image, - uint32_t *img_width, uint32_t *img_length, -- unsigned char **ibuff_ptr) -+ unsigned char **ibuff_ptr, int rot_image_params) - { - int shift_width; - uint32_t bytes_per_pixel, bytes_per_sample; -@@ -9747,11 +9748,15 @@ static int rotateImage(uint16_t rotation, struct image_data *image, - - *img_width = length; - *img_length = width; -- image->width = length; -- image->length = width; -- res_temp = image->xres; -- image->xres = image->yres; -- image->yres = res_temp; -+ /* Only toggle image parameters if whole input image is rotated. */ -+ if (rot_image_params) -+ { -+ image->width = length; -+ image->length = width; -+ res_temp = image->xres; -+ image->xres = image->yres; -+ image->yres = res_temp; -+ } - break; - - case 270: -@@ -9834,11 +9839,15 @@ static int rotateImage(uint16_t rotation, struct image_data *image, - - *img_width = length; - *img_length = width; -- image->width = length; -- image->length = width; -- res_temp = image->xres; -- image->xres = image->yres; -- image->yres = res_temp; -+ /* Only toggle image parameters if whole input image is rotated. */ -+ if (rot_image_params) -+ { -+ image->width = length; -+ image->length = width; -+ res_temp = image->xres; -+ image->xres = image->yres; -+ image->yres = res_temp; -+ } - break; - default: - break; --- -2.35.7 - diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch deleted file mode 100644 index 09161c9165..0000000000 --- a/meta/recipes-multimedia/libtiff/files/CVE-2023-26965.patch +++ /dev/null @@ -1,99 +0,0 @@ -From ec8ef90c1f573c9eb1f17d6a056aa0015f184acf Mon Sep 17 00:00:00 2001 -From: Su_Laus -Date: Tue, 14 Feb 2023 20:43:43 +0100 -Subject: [PATCH] tiffcrop: Do not reuse input buffer for subsequent images. - Fix issue 527 - -Reuse of read_buff within loadImage() from previous image is quite unsafe, because other functions (like rotateImage() etc.) reallocate that buffer with different size without updating the local prev_readsize value. - -Closes #527 - -Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf] -CVE: CVE-2023-26965 -Signed-off-by: Siddharth Doshi ---- - tools/tiffcrop.c | 47 +++++++++++++---------------------------------- - 1 file changed, 13 insertions(+), 34 deletions(-) - -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index fb0fbb2..58ed3ab 100644 ---- a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -6746,9 +6746,7 @@ static int loadImage(TIFF *in, struct image_data *image, struct dump_opts *dump, - uint32_t tw = 0, tl = 0; /* Tile width and length */ - tmsize_t tile_rowsize = 0; - unsigned char *read_buff = NULL; -- unsigned char *new_buff = NULL; - int readunit = 0; -- static tmsize_t prev_readsize = 0; - - TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, &bps); - TIFFGetFieldDefaulted(in, TIFFTAG_SAMPLESPERPIXEL, &spp); -@@ -7072,43 +7070,25 @@ static int loadImage(TIFF *in, struct image_data *image, struct dump_opts *dump, - } - - read_buff = *read_ptr; -- /* +3 : add a few guard bytes since reverseSamples16bits() can read a bit */ -- /* outside buffer */ -- if (!read_buff) -+ /* +3 : add a few guard bytes since reverseSamples16bits() can read a bit -+ * outside buffer */ -+ /* Reuse of read_buff from previous image is quite unsafe, because other -+ * functions (like rotateImage() etc.) reallocate that buffer with different -+ * size without updating the local prev_readsize value. */ -+ if (read_buff) - { -- if (buffsize > 0xFFFFFFFFU - 3) -- { -- TIFFError("loadImage", "Unable to allocate/reallocate read buffer"); -- return (-1); -- } -- read_buff = -- (unsigned char *)limitMalloc(buffsize + NUM_BUFF_OVERSIZE_BYTES); -+ _TIFFfree(read_buff); - } -- else -+ if (buffsize > 0xFFFFFFFFU - 3) - { -- if (prev_readsize < buffsize) -- { -- if (buffsize > 0xFFFFFFFFU - 3) -- { -- TIFFError("loadImage", -- "Unable to allocate/reallocate read buffer"); -- return (-1); -- } -- new_buff = -- _TIFFrealloc(read_buff, buffsize + NUM_BUFF_OVERSIZE_BYTES); -- if (!new_buff) -- { -- free(read_buff); -- read_buff = (unsigned char *)limitMalloc( -- buffsize + NUM_BUFF_OVERSIZE_BYTES); -- } -- else -- read_buff = new_buff; -- } -+ TIFFError("loadImage", "Required read buffer size too large"); -+ return (-1); - } -+ read_buff = -+ (unsigned char *)limitMalloc(buffsize + NUM_BUFF_OVERSIZE_BYTES); - if (!read_buff) - { -- TIFFError("loadImage", "Unable to allocate/reallocate read buffer"); -+ TIFFError("loadImage", "Unable to allocate read buffer"); - return (-1); - } - -@@ -7116,7 +7096,6 @@ static int loadImage(TIFF *in, struct image_data *image, struct dump_opts *dump, - read_buff[buffsize + 1] = 0; - read_buff[buffsize + 2] = 0; - -- prev_readsize = buffsize; - *read_ptr = read_buff; - - /* N.B. The read functions used copy separate plane data into a buffer as --- -2.35.7 - diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch deleted file mode 100644 index 7db0a35f72..0000000000 --- a/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 9be22b639ea69e102d3847dca4c53ef025e9527b Mon Sep 17 00:00:00 2001 -From: Even Rouault -Date: Sat, 29 Apr 2023 12:20:46 +0200 -Subject: [PATCH] LZWDecode(): avoid crash when trying to read again from a - strip whith a missing end-of-information marker (fixes #548) - -CVE: CVE-2023-2731 -Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/9be22b639ea69e102d3847dca4c53ef025e9527b] - ---- - libtiff/tif_lzw.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c -index ba75a07e..d631fa10 100644 ---- a/libtiff/tif_lzw.c -+++ b/libtiff/tif_lzw.c -@@ -423,6 +423,10 @@ static int LZWDecode(TIFF *tif, uint8_t *op0, tmsize_t occ0, uint16_t s) - - if (sp->read_error) - { -+ TIFFErrorExtR(tif, module, -+ "LZWDecode: Scanline %" PRIu32 " cannot be read due to " -+ "previous error", -+ tif->tif_row); - return 0; - } - -@@ -742,6 +746,7 @@ after_loop: - return (1); - - no_eoi: -+ sp->read_error = 1; - TIFFErrorExtR(tif, module, - "LZWDecode: Strip %" PRIu32 " not terminated with EOI code", - tif->tif_curstrip); --- -2.34.1 - diff --git a/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb similarity index 81% rename from meta/recipes-multimedia/libtiff/tiff_4.5.0.bb rename to meta/recipes-multimedia/libtiff/tiff_4.5.1.bb index 220f7e2816..5af3f84265 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb @@ -8,14 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=a3e32d664d6db1386b4689c8121531c3" CVE_PRODUCT = "libtiff" -SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ - file://CVE-2022-48281.patch \ - file://CVE-2023-2731.patch \ - file://CVE-2023-25434.patch \ - file://CVE-2023-26965.patch \ -" +SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz" -SRC_URI[sha256sum] = "c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464" +SRC_URI[sha256sum] = "d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b" # exclude betas UPSTREAM_CHECK_REGEX = "tiff-(?P\d+(\.\d+)+).tar" @@ -23,11 +18,6 @@ UPSTREAM_CHECK_REGEX = "tiff-(?P\d+(\.\d+)+).tar" # Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 # and 4.3.0 doesn't have the issue CVE_CHECK_IGNORE += "CVE-2015-7313" -# These issues only affect libtiff post-4.3.0 but before 4.4.0, -# caused by 3079627e and fixed by b4e79bfa. -CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623" -# Issue is in jbig which we don't enable -CVE_CHECK_IGNORE += "CVE-2022-1210" inherit autotools multilib_header From patchwork Sat Jul 22 18:56:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27815 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9AB76C0015E for ; Sat, 22 Jul 2023 18:57:19 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web10.11715.1690052239126306326 for ; Sat, 22 Jul 2023 11:57:19 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=iRa9CgxU; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-6686ef86110so1730383b3a.2 for ; Sat, 22 Jul 2023 11:57:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052238; x=1690657038; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=gw+r46iwmZo1MzTnQueqi5V1bUEhNZPfAC1U6x1oL7g=; b=iRa9CgxUMZHXsD4e3bqBdaRWT9HSRkkVzUNP7bdUwNiVLECXb59YMM9ZSFescXGsMm hyjFh21p4qjt6EJOJ2fvnLU6DlQkp8GGfm2nUyBG2zM1FDjqPVdrEk2OkhUSQ8BMio+A +JxxmO1N+5EAeaLBNeso826/S9tNI24uCLUQYhlpRi1acw6dG3A9hAgeaSiHHVCmeXvS 4ki90tpiM/teczPELahxCxo1rj2ZjFICIiWncWzqDjYtLyEA9j0POEQPKm0fSo1Fc6AG h/tl1AyxR5uB2nL4+x1BSuiDy+wtQEvTD43KB5Ro2AbW1mIHwiK1L2+RFDEK/+fzcEI/ fm3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052238; x=1690657038; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=gw+r46iwmZo1MzTnQueqi5V1bUEhNZPfAC1U6x1oL7g=; b=N9S6J7N70DY9ZltnYp+Z/vLmzWfCsQMENlSuqAE7nkn/mAPUYw8M8b2Dky4z9cJN8U t31eB90V+VArK2yeeh0tsSyn/SJsILLD9iZHj0dRAGCjzRR5zwBPPFSTYHHxkDzRMQNS UoBk6qA3fGe+CHj8QQ0VVRpAP/ksKGZPUcalia6htGPt5H9x0bSrU/LXPbwFndiAkB1k Cb+2oRls3mczL9T7/cGaQB8fWIfRjCiXTjeWdl2BXvpRmnmAGe6pQDMBIrCJvqb90UD4 0U2B95mzJqcEOCsuGOKipQA9lDPXQdBY7GGG/qOks6F+qmqzyobezYpjBtpaYbdXtlei FAhQ== X-Gm-Message-State: ABy/qLYu7YF0sxYy9SqZMeb1fs2aP6ahaLBngT0JJOyAuk+XU5aJUYW7 XzOOI2fYXR3tVS2rY8wEHDFMEpxpGt8UCH4qsRI= X-Google-Smtp-Source: APBJJlFH2yfeYKK8i1suqAmrIiWff5jmcACRuGYYHhQi/EyQk6z/J5DZIa7RwfmzNXwAHuBu8TWo8g== X-Received: by 2002:a05:6a20:1018:b0:137:48cc:9cfa with SMTP id gs24-20020a056a20101800b0013748cc9cfamr3349239pzc.24.1690052238288; Sat, 22 Jul 2023 11:57:18 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:17 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 08/11] gcc: don't pass --enable-standard-branch-protection Date: Sat, 22 Jul 2023 08:56:52 -1000 Message-Id: <81351d984bc6238e9b901ae83c0de6e3d3463c77.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184731 From: Ross Burton By changing the default code generation of GCC we're inadvertently breaking the GCC test suite, which has ~120K+ more failures when run for aarch64 compared to x86-64. This was because the generated code fragments included the BTI instructions, which the test case wasn't expecting. We can't tell the tests globally to run without branch protection, as that will break the tests which also turn it on. Remove the enabling of branch protection by standard in GCC, we'll enable it in the tune files instead. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit bb4b9017db6a893ed054a2d2ad4cc671dec09c42) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/gcc/gcc-configure-common.inc | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-devtools/gcc/gcc-configure-common.inc b/meta/recipes-devtools/gcc/gcc-configure-common.inc index e4cdb73f0a..dba25eb754 100644 --- a/meta/recipes-devtools/gcc/gcc-configure-common.inc +++ b/meta/recipes-devtools/gcc/gcc-configure-common.inc @@ -40,7 +40,6 @@ EXTRA_OECONF = "\ ${@get_gcc_mips_plt_setting(bb, d)} \ ${@get_gcc_ppc_plt_settings(bb, d)} \ ${@get_gcc_multiarch_setting(bb, d)} \ - --enable-standard-branch-protection \ " # glibc version is a minimum controlling whether features are enabled. From patchwork Sat Jul 22 18:56:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27822 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A06F1C001DC for ; Sat, 22 Jul 2023 18:57:29 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.11716.1690052240985295411 for ; Sat, 22 Jul 2023 11:57:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=Z94YtklP; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-6687096c6ddso1764066b3a.0 for ; Sat, 22 Jul 2023 11:57:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052240; x=1690657040; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=L8hi0fFIMc7RGotE9zL4OeAXM05v46L0ISABcU6tVrU=; b=Z94YtklPhacMkwUyeQLijk4ZkOev4b8Z8/0lgrUlgh8tKsgedWD0066AiCt/JJ9+8j +ng/lgg2Tzwl3/Dv4Nya3IhCHvGSrklhLdvEOpYULQj7zCqiNYwiaKiBYG6DCyIh2VzL E4rYKqmlh52YZU48wpV8Vm+iG1hk7GJJZZ0xUuFO1xoftbJQMp291+OIuefymDGlxWIe tgQ2e4SNiHkPlf8YqiKv6zTOwvhYZTAoAFVBE3pUUJz/llFIEc2FwiQreQN70oTkgpHD KDh1U2PdhggzA3bIfZsYNlwMUocwaPup0XGpWj//Q+CG8LOqh575jNQYtejh1NJDHI8u DUTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052240; x=1690657040; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L8hi0fFIMc7RGotE9zL4OeAXM05v46L0ISABcU6tVrU=; b=MKMndncZfhxQBm8cqfogPOGMWCydqWDTRxTHUcOUm0QCB7+eNwJWsF9ETJQqQKnJsK YJxa2MGcsrjFtMK+GalzPgvEtjj+/0XCl+UJRB0PDX3dyeO+bh3BHcfYIXmaZS+GNgv7 54GkHVOOoT9LWKNmiJx6k/wraPfAdrHin9VPfoWmT727JaoaaQpg5IAiHt2fd7me10IG hHKb+cboWpCff2MgYGUFCtS+lrj/bh7I77Kr6cLTc3eP1huP+CZRqHg0wgqR7g4DxdQo 6spSYnEJEtqQH7Io1HAWkCnjiXWrpSTTxc4v00XdCgJEIuX0ngvpyqQRa+IXNjLNI8Mj Jz7A== X-Gm-Message-State: ABy/qLZEP9CviQ97aIyzMtIQIoix3oCiH83Yy2YCvg/1d/RIyLfUxB4x 10AzvRVp7U0OcuDHt+NOQPRe2QmmMSXqePsuD44= X-Google-Smtp-Source: APBJJlE+ljvIB9GyMS5qZr4v3257ctsr5pL/fnP6L5bu2dcQ2k3Q9FPe5kVsno7rCw34GvATgMFlJA== X-Received: by 2002:a05:6a21:7890:b0:132:cb97:83e2 with SMTP id bf16-20020a056a21789000b00132cb9783e2mr4884300pzc.50.1690052240073; Sat, 22 Jul 2023 11:57:20 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:19 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 09/11] machine/arch-arm64: add -mbranch-protection=standard Date: Sat, 22 Jul 2023 08:56:53 -1000 Message-Id: <63ce207e15bdee7708754a178a19fca64c4c0ee9.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184732 From: Ross Burton Enable branch protection (PAC/BTI) for all aarch64 builds. This was previously enabled at a global level in the GCC build, but that breaks the gcc test suite. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 8905639d1cdc5ce809cc5ecd9672f5e86bf8a579) Signed-off-by: Steve Sakoman --- meta/conf/machine/include/arm/arch-arm64.inc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta/conf/machine/include/arm/arch-arm64.inc b/meta/conf/machine/include/arm/arch-arm64.inc index 0e2efb5a40..832d0000ac 100644 --- a/meta/conf/machine/include/arm/arch-arm64.inc +++ b/meta/conf/machine/include/arm/arch-arm64.inc @@ -37,3 +37,8 @@ TUNE_ARCH = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TUNE_ARCH_64}', TUNE_PKGARCH = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TUNE_PKGARCH_64}', '${TUNE_PKGARCH_32}', d)}" ABIEXTENSION = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${ABIEXTENSION_64}', '${ABIEXTENSION_32}', d)}" TARGET_FPU = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TARGET_FPU_64}', '${TARGET_FPU_32}', d)}" + +# Emit branch protection (PAC/BTI) instructions. On hardware that doesn't +# support these they're meaningless NOP instructions, so there's very little +# reason not to. +TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', ' -mbranch-protection=standard', '', d)}" From patchwork Sat Jul 22 18:56:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27821 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A05D2C0015E for ; Sat, 22 Jul 2023 18:57:29 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.11717.1690052242708584219 for ; Sat, 22 Jul 2023 11:57:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=XVux9Gc2; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-666e97fcc60so1775423b3a.3 for ; Sat, 22 Jul 2023 11:57:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052242; x=1690657042; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TNLxap/hBjr6Jmuwpr18Eb7WCBTH5tAE00EAwGjeQBg=; b=XVux9Gc2yZ12opifAWsC1jE5BS/JcE6DuT/BmoAIUsKNJvAbnlsY44TM8ZKsMMqpZK Tk20C8CAi7IL1M96u58W0uUA8RXF7eYZlnA9/yvawCi96nOCoU2N/j3tCOdEUqy0TCWi dxAw2h1ZOhARRCO2fTLG7M5T31CMiES8cdCcR7kH2zuNDM1ZibPmwMCIyeb8QlqJ9Lt3 MYLNKcYpRdUTh+YpGnCmXFRATIZDoT5Ki/ZN0pksOXQCoZpTJGPpZJ8STUezZmejB5w8 hCoNBgDffDXkmMQcwaCv3eInLASjarzxcKSw5M4/gl9LEIuMZYAqwVaG5auAF3b/TQY6 AY5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052242; x=1690657042; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TNLxap/hBjr6Jmuwpr18Eb7WCBTH5tAE00EAwGjeQBg=; b=Ak/SYWP+Xgy4dl5kzXH85l2ZmDTvdBBJ32/srhgbaf2u7YgGjhz2OIyY1Qng1sa1qT tq24XESC0ukr2E82kk5KJvADZglFmCv6Ngyh3cYlIDkR39mmmPZzcFolaAGCcXeLHD+U rK40Po4GRY+shAsYhPcJM/DPl8lPY9NGIZjSV+ocHb/qYGyHrxpspKvGyuOHjYuT+YLo /phU77Hs5ocxVe6zCoh7upFyFUZIQbd0P1+CPTyPExIV34UqtVM5pJ8GUzTVPIF16BsR Wm8VvM56yN3J0HxxCfzSzNakklsp8Qsg3Se038Bxb9i2M+EbIHnjhdF334Wh6i+HpMLz ceEg== X-Gm-Message-State: ABy/qLbqVzFU0UgnfK4iqJQMmjRIaWRjru/qc7U2RzBpPTXlMtOmB7N1 hB8p7pWspq830I6HtnBu1zfvEjNRzNnPfDRAVtI= X-Google-Smtp-Source: APBJJlEvoyD2DgNNrXtXXVeKYD94A/gbNydGORBxSi80HSXOu8uA90B6Wm+Uu0dwQJM+bkQDI8KCag== X-Received: by 2002:a17:902:da89:b0:1b8:2a4d:3eb9 with SMTP id j9-20020a170902da8900b001b82a4d3eb9mr4654327plx.34.1690052241861; Sat, 22 Jul 2023 11:57:21 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 10/11] gcc-testsuite: Fix ppc cpu specification Date: Sat, 22 Jul 2023 08:56:54 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184733 From: Richard Purdie After this change in qemu: https://gitlab.com/qemu-project/qemu/-/commit/c7e89de13224c1e6409152602ac760ac91f606b4 there is no 'max' cpu model on ppc. Drop it to clean up ppc gcc testsuite failures. In order for this to work we do need to pull in the alternative cpu option from QEMU_EXTRAOPTIONS on powerpc. Signed-off-by: Richard Purdie (cherry picked from commit c447f2b21b20fb2b1829d540af2cc0bf8242700c) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/gcc/gcc-testsuite.inc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/gcc/gcc-testsuite.inc b/meta/recipes-devtools/gcc/gcc-testsuite.inc index f68fec58ed..64f60c730f 100644 --- a/meta/recipes-devtools/gcc/gcc-testsuite.inc +++ b/meta/recipes-devtools/gcc/gcc-testsuite.inc @@ -51,9 +51,10 @@ python check_prepare() { # enable all valid instructions, since the test suite itself does not # limit itself to the target cpu options. # - valid for x86*, powerpc, arm, arm64 - if qemu_binary.lstrip("qemu-") in ["x86_64", "i386", "ppc", "arm", "aarch64"]: + if qemu_binary.lstrip("qemu-") in ["x86_64", "i386", "arm", "aarch64"]: args += ["-cpu", "max"] - + elif qemu_binary.lstrip("qemu-") in ["ppc"]: + args += d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('PACKAGE_ARCH')).split() sysroot = d.getVar("RECIPE_SYSROOT") args += ["-L", sysroot] # lib paths are static here instead of using $libdir since this is used by a -cross recipe From patchwork Sat Jul 22 18:56:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27823 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0604C41513 for ; Sat, 22 Jul 2023 18:57:29 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web10.11719.1690052244495776132 for ; Sat, 22 Jul 2023 11:57:24 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=epk3Po18; spf=softfail (domain: sakoman.com, ip: 209.85.210.174, mailfrom: steve@sakoman.com) Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-668730696a4so1737876b3a.1 for ; Sat, 22 Jul 2023 11:57:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690052243; x=1690657043; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=KfZvbTN2GEkAPZmswqhMqXRInWgAGIds9257sx+T6xw=; b=epk3Po181cAc20nZx2PP4cWeoQYAvCt0+auOJmWVP4gB65leyBukblsy3gSS+r+Dig aZvZAuzJcUGX22b5oSvv1GH3+0dJbrb4wpqE4MvcMDKnrcECoDsspMCVnLOKaEftl95F GxESD1JnoAgFCVO86T8YDKQkj1qK7GfuZQmcxbWpEb6Ey1hv7htXEUrBlfsAlREbAcf2 OSH8k8uN7Mhet1Iz1q7RjH6Zpdx36bjxud7qCisnTeCvV4/PxBD4NMVJkOkv2C/hHb8z gQTAf7HVqPzFpzzFLdTWazgfmTORU9/e4YvLYQXcM8hEb1Wbi7BFFwIDuiK3fJ8VSGnw IQOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690052243; x=1690657043; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KfZvbTN2GEkAPZmswqhMqXRInWgAGIds9257sx+T6xw=; b=Cddh1i1gBbM48QM9eTXX5D6/TpJRB1rfN9Vgj8kupoH2vYhe9gBYQNyXgzwmKytxbG NpBDx+iccjR5oKs+riroi54nBJkHt84nQja4k9I4Nt5fQPtUk+xmqWUkDFk11Uj+DBSU N95E5SGl7pRjXL5stSHus1CmuiALm8jlroGgB7cwHSVbPDIhRykBHY8SnH1ls4eKeza6 3WMbChQvKzzwwkRRbvaTb81e2bgJU4w/ApuJJz6dPIGipx6fMJr+Ekt1wAwZuf18KG4O q5X9T1cbZbXpj/xuEIINRb9ecXBuj0+3RkQNHP1qczZlzzZBMfsHnjC3WEnX37kw04Ft VrCw== X-Gm-Message-State: ABy/qLb4sWxWtQ4B2Ih+cmd7eQa4OsGyiUrJU7WqUgujyOQVsDyCMA+I TEKghyTcthuYx6bY1agDUr9SFR4+77Sy60UlFZs= X-Google-Smtp-Source: APBJJlH3shv7JuoOPJuWbe6hdbt6XiSsedLY48daFjduxNkCBYAB7GTnlwf8hfnhjXqjoKlzFARuOw== X-Received: by 2002:a05:6a00:2347:b0:668:7e84:32e6 with SMTP id j7-20020a056a00234700b006687e8432e6mr2863231pfj.29.1690052243637; Sat, 22 Jul 2023 11:57:23 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id g28-20020a63375c000000b00553ad4ae5e5sm5400572pgn.22.2023.07.22.11.57.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Jul 2023 11:57:23 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 11/11] acpica: Update SRC_URI Date: Sat, 22 Jul 2023 08:56:55 -1000 Message-Id: <4724b382d183a2b3b8426c77c23b368f509411e7.1690052101.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 22 Jul 2023 18:57:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184734 From: Mingli Yu Update the SRC_URI to fix the do_fetch warning. $ wget https://acpica.org/sites/acpica/files/acpica-unix-20220331.tar.gz --2023-07-19 02:45:33-- https://acpica.org/sites/acpica/files/acpica-unix-20220331.tar.gz Resolving acpica.org... 20.29.206.128 Connecting to acpica.org|20.29.206.128|:443... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/overview.html [following] --2023-07-19 02:45:33-- https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/overview.html Resolving www.intel.com... 23.72.14.54 Connecting to www.intel.com|23.72.14.54|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2023-07-19 02:45:34 ERROR 403: Forbidden. $ wget https://downloadmirror.intel.com/774879/acpica-unix-20220331.tar.gz --2023-07-19 02:46:04-- https://downloadmirror.intel.com/774879/acpica-unix-20220331.tar.gz Resolving downloadmirror.intel.com... 18.164.154.85, 18.164.154.5, 18.164.154.74, ... Connecting to downloadmirror.intel.com|18.164.154.85|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1911044 (1.8M) [application/gzip] Saving to: ‘acpica-unix-20220331.tar.gz’ acpica-unix-20220331.tar.gz 100%[=========================================================================>] 1.82M 1.61MB/s in 1.1s 2023-07-19 02:46:06 (1.61 MB/s) - ‘acpica-unix-20220331.tar.gz’ saved [1911044/1911044] Signed-off-by: Mingli Yu Signed-off-by: Steve Sakoman --- meta/recipes-extended/acpica/acpica_20220331.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/acpica/acpica_20220331.bb b/meta/recipes-extended/acpica/acpica_20220331.bb index 2c554f863a..73b9154ee7 100644 --- a/meta/recipes-extended/acpica/acpica_20220331.bb +++ b/meta/recipes-extended/acpica/acpica_20220331.bb @@ -16,7 +16,7 @@ COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" DEPENDS = "m4-native flex-native bison-native" -SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix-${PV}.tar.gz" +SRC_URI = "https://downloadmirror.intel.com/774879/acpica-unix-${PV}.tar.gz" SRC_URI[sha256sum] = "acaff68b14f1e0804ebbfc4b97268a4ccbefcfa053b02ed9924f2b14d8a98e21" UPSTREAM_CHECK_URI = "https://acpica.org/downloads"