From patchwork Mon Jul 24 02:33:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27846 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2FDDC41513 for ; Mon, 24 Jul 2023 02:33:48 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web11.39766.1690166024556210915 for ; Sun, 23 Jul 2023 19:33:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=f26xBHmC; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-6687446eaccso3682239b3a.3 for ; Sun, 23 Jul 2023 19:33:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166024; x=1690770824; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OMWdzChQD4oGPfaSSdkb8H5OQMQpCQg6q5UpPVqvY9s=; b=f26xBHmC3Ukh0Ekc5MeQBi566KpyfFx+tx4b4ortgoF2P0KvMnS9hJp6PuOLZQxCbe irNo3v/9nJHY09CnUHXZm343q8ODBjsqtGW5k/uBvE81df0kN/Y0L/WkVLyM9Knkg6E7 /gszf5sYdZVg5E+ZFoJiMT/frWpx1bQeH5u7hcZVBrxa6HF0EPbZUPt8JdW46uzVcKY9 TeMceIxfHzZlleMhp47wpPoisQx/tN//Qp4j4QJMnb8VO9tYRv3S8/Y1UqSl7t/MaFKj 8Stj9of+/qIZiEpZbORbhdhKwE9hRH84Mytk51TwbaH4s+GvR5p/7/Jxu0xbnjZmpl19 DlfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166024; x=1690770824; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OMWdzChQD4oGPfaSSdkb8H5OQMQpCQg6q5UpPVqvY9s=; b=C/wNzFmwpYfjk28FVyZYABNuGcwg6vKki9ylRxK3UbntVIvhSXsf+nsYoFKktktxih upv6Cz2JTAJu12k9d0zjFDlgcvWtaR7iFXVBNClRS3mSE2A/5Ow1TR03M6Lolt9vtwWl dRKFWhnU4LGe0vca+jS3sFM3oFgMYRpMocmSjPbnuKT6q1RPHieDdQp+FA0XTLUJ8t0l GlGLnKmr4D84xrmzXk2xsCNdn0vcI8KFZnWd4k6bHU6NXll8ZPGa22oCvzr6vSHBigem 4ld7NSBTwu2h30fyNPh1UK/WEBgozUV6Xq8Li0L7GtjVnsf1+Fd2IoumPzsc3oIZ6E5g Baxg== X-Gm-Message-State: ABy/qLZgdoRYDs4EiVq8ClC0uHIEk9ELGhRwSO1ejWMioELF9fq4Q0I3 F2y+D3kyPOwP16nZb5ZbXuDJouLb24agOm28uRi15Q== X-Google-Smtp-Source: APBJJlFTJYaiBZz1OzpK8LFZYjdYLNQXxFBQgqbkUdY11x2lsXw7VVHuU6A0Yx13GrVERkZExfjn1g== X-Received: by 2002:a05:6a00:170b:b0:686:2526:ee70 with SMTP id h11-20020a056a00170b00b006862526ee70mr10201072pfc.14.1690166023480; Sun, 23 Jul 2023 19:33:43 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:43 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 1/8] qemu: backport Debian patch to fix CVE-2023-0330 Date: Sun, 23 Jul 2023 16:33:26 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184770 From: Vijay Anusuri import patch from ubuntu to fix CVE-2023-0330 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches?h=ubuntu/jammy-security Upstream commit https://gitlab.com/qemu-project/qemu/-/commit/b987718bbb1d0eabf95499b976212dd5f0120d75] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-0330.patch | 75 +++++++++++++++++++ 2 files changed, 76 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 7f2b52fa88..c6c6e49ebf 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -93,6 +93,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2022-4144.patch \ file://0001-hw-display-qxl-Have-qxl_log_command-Return-early-if-.patch \ file://0001-hw-display-qxl-Pass-requested-buffer-size-to-qxl_phy.patch \ + file://CVE-2023-0330.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch b/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch new file mode 100644 index 0000000000..025075fd6d --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch @@ -0,0 +1,75 @@ +[Ubuntu note: remove fuzz-lsi53c895a-test.c changes since the file does not + exist for this release] +From b987718bbb1d0eabf95499b976212dd5f0120d75 Mon Sep 17 00:00:00 2001 +From: Thomas Huth +Date: Mon, 22 May 2023 11:10:11 +0200 +Subject: [PATCH] hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI + controller (CVE-2023-0330) + +We cannot use the generic reentrancy guard in the LSI code, so +we have to manually prevent endless reentrancy here. The problematic +lsi_execute_script() function has already a way to detect whether +too many instructions have been executed - we just have to slightly +change the logic here that it also takes into account if the function +has been called too often in a reentrant way. + +The code in fuzz-lsi53c895a-test.c has been taken from an earlier +patch by Mauro Matteo Cascella. + +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1563 +Message-Id: <20230522091011.1082574-1-thuth@redhat.com> +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Alexander Bulekov +Signed-off-by: Thomas Huth + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches/CVE-2023-0330.patch?h=ubuntu/jammy-security +Upstream commit https://gitlab.com/qemu-project/qemu/-/commit/b987718bbb1d0eabf95499b976212dd5f0120d75] +CVE: CVE-2023-0330 +Signed-off-by: Vijay Anusuri +--- + hw/scsi/lsi53c895a.c | 23 +++++++++++++++------ + tests/qtest/fuzz-lsi53c895a-test.c | 33 ++++++++++++++++++++++++++++++ + 2 files changed, 50 insertions(+), 6 deletions(-) + +--- qemu-6.2+dfsg.orig/hw/scsi/lsi53c895a.c ++++ qemu-6.2+dfsg/hw/scsi/lsi53c895a.c +@@ -1135,15 +1135,24 @@ static void lsi_execute_script(LSIState + uint32_t addr, addr_high; + int opcode; + int insn_processed = 0; ++ static int reentrancy_level; ++ ++ reentrancy_level++; + + s->istat1 |= LSI_ISTAT1_SRUN; + again: +- if (++insn_processed > LSI_MAX_INSN) { +- /* Some windows drivers make the device spin waiting for a memory +- location to change. If we have been executed a lot of code then +- assume this is the case and force an unexpected device disconnect. +- This is apparently sufficient to beat the drivers into submission. +- */ ++ /* ++ * Some windows drivers make the device spin waiting for a memory location ++ * to change. If we have executed more than LSI_MAX_INSN instructions then ++ * assume this is the case and force an unexpected device disconnect. This ++ * is apparently sufficient to beat the drivers into submission. ++ * ++ * Another issue (CVE-2023-0330) can occur if the script is programmed to ++ * trigger itself again and again. Avoid this problem by stopping after ++ * being called multiple times in a reentrant way (8 is an arbitrary value ++ * which should be enough for all valid use cases). ++ */ ++ if (++insn_processed > LSI_MAX_INSN || reentrancy_level > 8) { + if (!(s->sien0 & LSI_SIST0_UDC)) { + qemu_log_mask(LOG_GUEST_ERROR, + "lsi_scsi: inf. loop with UDC masked"); +@@ -1597,6 +1606,8 @@ again: + } + } + trace_lsi_execute_script_stop(); ++ ++ reentrancy_level--; + } + + static uint8_t lsi_reg_readb(LSIState *s, int offset) From patchwork Mon Jul 24 02:33:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27847 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9EE45C001DE for ; Mon, 24 Jul 2023 02:33:48 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web10.39378.1690166026301713022 for ; Sun, 23 Jul 2023 19:33:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=fdXN0MqZ; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-67ef5af0ce8so3713848b3a.2 for ; Sun, 23 Jul 2023 19:33:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166025; x=1690770825; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=CFw4t91agBRnRjxUomKpTtXNqqZOF8+BDEEGN/oi/0s=; b=fdXN0MqZvDSYCwfU8SKV6nnwd1c3M/Sjma8l/pGQLdEeAV8GlgBxA8FlcNd4LeG0D7 OYTXeFf/7Mcecxh9fmvEfWO4vTzWFABm8sLNFa5SPc8Of6WWXQud4Vv/mHEpNuJf7aHJ bbdwUF8QsyDZBadUYsI0bG71zuntTpPWY9n2cbvA4EJKD+X7qv/H0uMb0PAolSR0bYaV 8q3AcRsLw/KLRouSD7otBLUDP0uR4vPTFlPArIRKb2wHYyEMAXkT2MMgVCjLL6f2+7JD ICF+rVJL/mcCvRDNMAQbc7qsdvqxOvsokXxZ0VzI5VKJVXhX2Yscwu/ZDPt33sYnxfrH 1pNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166025; x=1690770825; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CFw4t91agBRnRjxUomKpTtXNqqZOF8+BDEEGN/oi/0s=; b=hmWaWF8WzUF7ypGxN9sNcb/ZOwsj8ke5JddGXagTpI+lc8IMcya0HVvfjK2zkgQjJb JCL8GGePEI/GeWMc0i3vKgC21Z0UMioYpYKXS/X/DT8BkKFTaugAfFcl6k/2S6QAkFxD WbDJXnQnxrlAtttsBvTjNe4RjPxA+yujBYlpXuW5toZcAlhvunjM6ACEngyBjKR9ecPL kp4KbFARwm11arTY2Cx2V9qfYodjOKzUuVKRIjApni4kG0NoPh+drI1yny69PBheWaJH B9PP55q5iVXT60d0IfRlM7pYOKVVlP8PPuH3SqfqEL4LfG+yOzMplklP3imVhC4PJ9Ha bLAg== X-Gm-Message-State: ABy/qLZ+aGlC02XeW0Ru21EwLpDn7KeE3Oa1K/DeHjCc+HwrYyJbQslC fIW66FPO/zZtd1Wyl85dEmAil80BbMpd53b2TwBeJA== X-Google-Smtp-Source: APBJJlHGu5++vCHqNHSjix9ULtYmmGcjizzth4lgPi53R/0wAMBfLY3BxYIInGC5u5hwDiC8roEG6g== X-Received: by 2002:a05:6a00:9a3:b0:680:d00c:b164 with SMTP id u35-20020a056a0009a300b00680d00cb164mr9045863pfg.34.1690166025236; Sun, 23 Jul 2023 19:33:45 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:44 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 2/8] ghostscript: fix CVE-2023-36664 Date: Sun, 23 Jul 2023 16:33:27 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:48 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184771 From: Archana Polampalli Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-36664 Upstream patches: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e65eeae225c7d02d447de5abaf4a8e6d234fcea https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fb342fdb60391073a69147cb71af1ac416a81099 Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- .../ghostscript/CVE-2023-36664-0001.patch | 146 ++++++++++++++++++ .../ghostscript/CVE-2023-36664-0002.patch | 60 +++++++ .../ghostscript/ghostscript_9.55.0.bb | 2 + 3 files changed, 208 insertions(+) create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0001.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0002.patch diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0001.patch new file mode 100644 index 0000000000..99fcc61b9b --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0001.patch @@ -0,0 +1,146 @@ +From ed607fedbcd41f4a0e71df6af4ba5b07dd630209 Mon Sep 17 00:00:00 2001 +From: Chris Liddell +Date: Wed, 7 Jun 2023 10:23:06 +0100 +Subject: [PATCH 1/2] Bug 706761: Don't "reduce" %pipe% file names for + permission validation + +For regular file names, we try to simplfy relative paths before we use them. + +Because the %pipe% device can, effectively, accept command line calls, we +shouldn't be simplifying that string, because the command line syntax can end +up confusing the path simplifying code. That can result in permitting a pipe +command which does not match what was originally permitted. + +Special case "%pipe" in the validation code so we always deal with the entire +string. + +Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e65eeae225c7d02d447de5abaf4a8e6d234fcea] +CVE: CVE-2023-36664 + +Signed-off-by: Archana Polampalli +--- + base/gpmisc.c | 31 +++++++++++++++++++-------- + base/gslibctx.c | 56 ++++++++++++++++++++++++++++++++++++------------- + 2 files changed, 64 insertions(+), 23 deletions(-) + +diff --git a/base/gpmisc.c b/base/gpmisc.c +index 8b6458a..c61ab3f 100644 +--- a/base/gpmisc.c ++++ b/base/gpmisc.c +@@ -1076,16 +1076,29 @@ gp_validate_path_len(const gs_memory_t *mem, + && !memcmp(path + cdirstrl, dirsepstr, dirsepstrl)) { + prefix_len = 0; + } +- rlen = len+1; +- bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + prefix_len, "gp_validate_path"); +- if (bufferfull == NULL) +- return gs_error_VMerror; +- +- buffer = bufferfull + prefix_len; +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; +- buffer[rlen] = 0; + ++ /* "%pipe%" do not follow the normal rules for path definitions, so we ++ don't "reduce" them to avoid unexpected results ++ */ ++ if (len > 5 && memcmp(path, "%pipe", 5) != 0) { ++ bufferfull = buffer = (char *)gs_alloc_bytes(mem->thread_safe_memory, len + 1, "gp_validate_path"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ memcpy(buffer, path, len); ++ buffer[len] = 0; ++ rlen = len; ++ } ++ else { ++ rlen = len+1; ++ bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + prefix_len, "gp_validate_path"); ++ if (bufferfull == NULL) ++ return gs_error_VMerror; ++ ++ buffer = bufferfull + prefix_len; ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) ++ return gs_error_invalidfileaccess; ++ buffer[rlen] = 0; ++ } + while (1) { + switch (mode[0]) + { +diff --git a/base/gslibctx.c b/base/gslibctx.c +index 5bf497b..5fdfe25 100644 +--- a/base/gslibctx.c ++++ b/base/gslibctx.c +@@ -734,14 +734,28 @@ gs_add_control_path_len_flags(const gs_memory_t *mem, gs_path_control_t type, co + return gs_error_rangecheck; + } + +- rlen = len+1; +- buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gp_validate_path"); +- if (buffer == NULL) +- return gs_error_VMerror; ++ /* "%pipe%" do not follow the normal rules for path definitions, so we ++ don't "reduce" them to avoid unexpected results ++ */ ++ if (len > 5 && memcmp(path, "%pipe", 5) != 0) { ++ buffer = (char *)gs_alloc_bytes(core->memory, len + 1, "gs_add_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ memcpy(buffer, path, len); ++ buffer[len] = 0; ++ rlen = len; ++ } ++ else { ++ rlen = len + 1; + +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; +- buffer[rlen] = 0; ++ buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gs_add_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) ++ return gs_error_invalidfileaccess; ++ buffer[rlen] = 0; ++ } + + n = control->num; + for (i = 0; i < n; i++) +@@ -827,14 +841,28 @@ gs_remove_control_path_len_flags(const gs_memory_t *mem, gs_path_control_t type, + return gs_error_rangecheck; + } + +- rlen = len+1; +- buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gp_validate_path"); +- if (buffer == NULL) +- return gs_error_VMerror; ++ /* "%pipe%" do not follow the normal rules for path definitions, so we ++ don't "reduce" them to avoid unexpected results ++ */ ++ if (len > 5 && memcmp(path, "%pipe", 5) != 0) { ++ buffer = (char *)gs_alloc_bytes(core->memory, len + 1, "gs_remove_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ memcpy(buffer, path, len); ++ buffer[len] = 0; ++ rlen = len; ++ } ++ else { ++ rlen = len+1; + +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; +- buffer[rlen] = 0; ++ buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gs_remove_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) ++ return gs_error_invalidfileaccess; ++ buffer[rlen] = 0; ++ } + + n = control->num; + for (i = 0; i < n; i++) { +-- +2.40.1 diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0002.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0002.patch new file mode 100644 index 0000000000..7d78e6b1b1 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-36664-0002.patch @@ -0,0 +1,60 @@ +From f96350aeb7f8c2e3f7129866c694a24f241db18c Mon Sep 17 00:00:00 2001 +From: Chris Liddell +Date: Wed, 14 Jun 2023 09:08:12 +0100 +Subject: [PATCH 2/2] Bug 706778: 706761 revisit + +Two problems with the original commit. The first a silly typo inverting the +logic of a test. + +The second was forgetting that we actually actually validate two candidate +strings for pipe devices. One with the expected "%pipe%" prefix, the other +using the pipe character prefix: "|". + +This addresses both those. + +Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fb342fdb60391073a69147cb71af1ac416a81099] +CVE: CVE-2023-36664 + +Signed-off-by: Archana Polampalli +--- + base/gpmisc.c | 2 +- + base/gslibctx.c | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/base/gpmisc.c b/base/gpmisc.c +index c61ab3f..e459f6a 100644 +--- a/base/gpmisc.c ++++ b/base/gpmisc.c +@@ -1080,7 +1080,7 @@ gp_validate_path_len(const gs_memory_t *mem, + /* "%pipe%" do not follow the normal rules for path definitions, so we + don't "reduce" them to avoid unexpected results + */ +- if (len > 5 && memcmp(path, "%pipe", 5) != 0) { ++ if (path[0] == '|' || (len > 5 && memcmp(path, "%pipe", 5) == 0)) { + bufferfull = buffer = (char *)gs_alloc_bytes(mem->thread_safe_memory, len + 1, "gp_validate_path"); + if (buffer == NULL) + return gs_error_VMerror; +diff --git a/base/gslibctx.c b/base/gslibctx.c +index 5fdfe25..2a1addf 100644 +--- a/base/gslibctx.c ++++ b/base/gslibctx.c +@@ -737,7 +737,7 @@ gs_add_control_path_len_flags(const gs_memory_t *mem, gs_path_control_t type, co + /* "%pipe%" do not follow the normal rules for path definitions, so we + don't "reduce" them to avoid unexpected results + */ +- if (len > 5 && memcmp(path, "%pipe", 5) != 0) { ++ if (path[0] == '|' || (len > 5 && memcmp(path, "%pipe", 5) == 0)) { + buffer = (char *)gs_alloc_bytes(core->memory, len + 1, "gs_add_control_path_len"); + if (buffer == NULL) + return gs_error_VMerror; +@@ -844,7 +844,7 @@ gs_remove_control_path_len_flags(const gs_memory_t *mem, gs_path_control_t type, + /* "%pipe%" do not follow the normal rules for path definitions, so we + don't "reduce" them to avoid unexpected results + */ +- if (len > 5 && memcmp(path, "%pipe", 5) != 0) { ++ if (path[0] == '|' || (len > 5 && memcmp(path, "%pipe", 5) == 0)) { + buffer = (char *)gs_alloc_bytes(core->memory, len + 1, "gs_remove_control_path_len"); + if (buffer == NULL) + return gs_error_VMerror; +-- +2.40.1 diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb index f29c57beea..48508fd6a2 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb @@ -35,6 +35,8 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d file://mkdir-p.patch \ file://CVE-2022-2085.patch \ file://cve-2023-28879.patch \ + file://CVE-2023-36664-0001.patch \ + file://CVE-2023-36664-0002.patch \ " SRC_URI = "${SRC_URI_BASE} \ From patchwork Mon Jul 24 02:33:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27850 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 86DA1C001E0 for ; Mon, 24 Jul 2023 02:33:58 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.39767.1690166028704735984 for ; Sun, 23 Jul 2023 19:33:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=r26bj1fk; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-68336d06620so3726791b3a.1 for ; Sun, 23 Jul 2023 19:33:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166027; x=1690770827; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=T7W+1z3X8OXyH5KcHz+QPkpFmP8CwgzfIJlgzl7p81Q=; b=r26bj1fk8WQhqW8JTjQtwv+8C4noC0OkHMSIhmAT/zgcxDxMxW5FYm1AYZmZv6qfVi 66WLaiKjiigEE0PmbAZNcBmF5I6yMeQBHF4fsbYKYbOJL4MStDw/DdapDTYqSfOZWQqI vT9CU/LcI8lvqiu3pwV625A805cX0aJvxrJiLsKRdeSpz7r7qa7xtxxVQ+fqzPLacBkE 50TBVikZ095H6nw642PGmlKgk1WBY0Tr5uEsIBL/gOf6G0eby1XY2kwLA9XIH5vCIiAh NaadG8dUOGI/AW6jT1wL1dibD23VUe1GwEM09Jwfyk/2ZrPnxKl2SQIfH4rhfgaw12pl vioQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166027; x=1690770827; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=T7W+1z3X8OXyH5KcHz+QPkpFmP8CwgzfIJlgzl7p81Q=; b=eDJhoTbYN6zPuyRN78RFSlyRVQQy+cahmyKuTALCvF5nWZtt2ntavnrY9b2M+0EXw4 uNcYvcYd2Qe/rRJHzIj+w8Skg7UZOK4MlkbBHHBKjBautf2e/w11OXhn+ZruNYSa7Mxw Uw52AwgKoGnWEJ2KxMNKSaFZ1D3f0VRFvNrH50UGVMno5AJiCtg/DtRovQUo60ZBaxT5 JmbGMAwPp+cJ4TCHNCa34LFJpf7y90MW4JM6zr7KeAJrbbLDLuKd3Zk8nzNcjXIGUuzw Ghna4rSi3izuthOG2I/V538wX4/4/UT3UaenC4xnCVFvs5iuhHUQiT2FB7nuYg2fBxkd cU2Q== X-Gm-Message-State: ABy/qLYdpYZ4bKtAR9S+E1jx67X/csSAe5swtyufSsG5OeYpm4ygtyLg 7FuIuUObGT4tTUt5+brlQdTHSNUtrvE8Qw669bka8g== X-Google-Smtp-Source: APBJJlGFrjDfoUZXOUvo9M3CwRjJ0dSuYlFCTelx09h3LotfbJAC+XYpc1Rvqnp58IgkKl+3A1ymaQ== X-Received: by 2002:a05:6a00:3911:b0:681:142f:e8e3 with SMTP id fh17-20020a056a00391100b00681142fe8e3mr9005480pfb.14.1690166027100; Sun, 23 Jul 2023 19:33:47 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:46 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 3/8] linux-yocto/5.15: update to v5.15.119 Date: Sun, 23 Jul 2023 16:33:28 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184772 From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: 4af60700a60c Linux 5.15.119 10fbd2e04e40 act_mirred: remove unneded merge conflict markers 2230b3f874d9 i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle 907a069ec38f x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys 7949f83f7ecc vhost_net: revert upend_idx only on retriable error fdac0aa4a175 drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl f012d3037c15 drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl a44b4230d2ba drm/exynos: vidi: fix a wrong error return 79b4125bce96 ARM: dts: Fix erroneous ADS touchscreen polarities 9684c4fdeeca s390/purgatory: disable branch profiling 3c4d87e9fa8a ASoC: nau8824: Add quirk to active-high jack-detect d77eac1b14e0 soundwire: dmi-quirks: add new mapping for HP Spectre x360 53ad4af4ec90 ASoC: simple-card: Add missing of_node_put() in case of error bb45dc7b67c5 spi: lpspi: disable lpspi module irq in DMA mode f8d9d8f1727d s390/cio: unregister device when the only path is gone e10d15fdfced Input: soc_button_array - add invalid acpi_index DMI quirk handling 26bde09a1512 nvme: double KA polling frequency to avoid KATO with TBKAS on e3bbc148377d usb: gadget: udc: fix NULL dereference in remove() cce681383d34 nfcsim.c: Fix error checking for debugfs_create_dir 8a5ddd1430d4 media: cec: core: don't set last_initiator if tx in progress 01cf989090da arm64: Add missing Set/Way CMO encodings f97b16c0a538 HID: wacom: Add error check to wacom_parse_and_register() e8bdb1f88699 scsi: target: iscsi: Prevent login threads from racing between each other 1cc379d53b66 gpio: sifive: add missing check for platform_get_irq 497d40140865 gpiolib: Fix GPIO chip IRQ initialization restriction 7973c4b3b97d gpio: Allow per-parent interrupt data c1a2b52d999e sch_netem: acquire qdisc lock in netem_change() 3138c85031e8 selftests: forwarding: Fix race condition in mirror installation b7db41a86541 bpf/btf: Accept function names that contain dots 0f8d81254fd6 Revert "net: phy: dp83867: perform soft reset and retain established link" 57130334da4e netfilter: nfnetlink_osf: fix module autoload 53defc6ecff4 netfilter: nf_tables: disallow updates of anonymous sets 2f2f9eaa6da1 netfilter: nf_tables: reject unbound chain set before commit phase 2938e7d582d7 netfilter: nf_tables: reject unbound anonymous set before commit phase baa3ec1b31f5 netfilter: nf_tables: disallow element updates of bound anonymous sets 45eb6944d0f5 netfilter: nft_set_pipapo: .walk does not deal with generations 4004f12aaca8 netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain 314a8697d080 netfilter: nf_tables: fix chain binding transaction logic 1328e8d4c3ee be2net: Extend xmit workaround to BE3 chip 768f94c5f639 net: dsa: mt7530: fix handling of BPDUs on MT7530 switch aa528e7d379f net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch efea112a87b6 ipvs: align inner_mac_header for encapsulation 24d7d9aee03d mmc: usdhi60rol0: fix deferred probing d1e08bed0307 mmc: sh_mmcif: fix deferred probing 34c4906b9a06 mmc: sdhci-acpi: fix deferred probing 41f1e8dab08d mmc: owl: fix deferred probing b86ca9e08ca9 mmc: omap_hsmmc: fix deferred probing 445a9568dec1 mmc: omap: fix deferred probing 840deb8d1418 mmc: mvsdio: fix deferred probing 92f73c4f927c mmc: mtk-sd: fix deferred probing aedecd013d2c net: qca_spi: Avoid high load if QCA7000 is not available 156dd06fb337 xfrm: Linearize the skb after offloading if needed. d967bd7ea6cc selftests: net: fcnal-test: check if FIPS mode is enabled 964cfdfd4b4f xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets 25e89fa7b5a8 bpf: Fix verifier id tracking of scalars on spill 0b180495f6b0 bpf: track immediate values written to stack by BPF_ST instruction 3229a29e95f5 xfrm: Ensure policies always checked on XFRM-I input path d055ee18cab8 xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c 491ce3c1d98a xfrm: Treat already-verified secpath entries as optional 0ce3d0c068d9 ieee802154: hwsim: Fix possible memory leaks 29672dc47d99 mmc: meson-gx: fix deferred probing 9bac4a2b7326 memfd: check for non-NULL file_seals in memfd_create() syscall 103734b429b9 x86/mm: Avoid using set_pgd() outside of real PGD pages 793d0224bb60 nilfs2: prevent general protection fault in nilfs_clear_dirty_page() 96987c383c2b io_uring/net: disable partial retries for recvmsg with cmsg 25a543ca3005 io_uring/net: clear msg_controllen on partial sendmsg retry 34a7e5021a43 io_uring/net: save msghdr->msg_control for retries b07bb2914ada writeback: fix dereferencing NULL mapping->host on writeback_page_template 3c46a240ddba regmap: spi-avmm: Fix regmap_bus max_raw_write 4796d9b06917 regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK ba9952e2f50b ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN acee272283f4 mmc: mmci: stm32: fix max busy timeout calculation 999173f295cc mmc: meson-gx: remove redundant mmc_request_done() call from irq context 00010b52c705 mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 4a557910bbed cgroup: Do not corrupt task iteration when rebinding subsystem 815b24401165 PCI: hv: Add a per-bus mutex state_lock 34e21b8ff3e6 PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic 7d852ca7af37 PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev 5e0d33cc7813 Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally" ac0df91c7d98 PCI: hv: Fix a race condition bug in hv_pci_query_relations() 80c5d97b4aa1 Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs 4d31eb2e266c Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails 953dd7e2df81 KVM: Avoid illegal stage2 mapping on invalid memory slot 1d6c93206839 ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep() b12011cea56b nilfs2: fix buffer corruption due to concurrent device reads 485f6be2549c selftests: mptcp: join: skip check if MIB counter not supported 64cb73ea77ab selftests: mptcp: join: use 'iptables-legacy' if available 979a941d7ed3 selftests: mptcp: pm nl: remove hardcoded default limits ac65930751c4 selftests/mount_setattr: fix redefine struct mount_attr build error 726d033133e7 selftests: mptcp: lib: skip if not below kernel version b28fc26683b4 selftests: mptcp: lib: skip if missing symbol 024a24e5d4dd tick/common: Align tick period during sched_timer setup 3c1aa91b37f9 drm/amd/display: Add wrapper to call planes and stream update eea850c025b5 drm/amd/display: Use dc_update_planes_and_stream fb7c68bbccad drm/amd/display: Add minimal pipe split transition state b5f0e898f674 tpm, tpm_tis: Claim locality in interrupt handler 39e787253720 tracing: Add tracing_reset_all_online_cpus_unlocked() function 5a24be76af79 drm/amd/display: fix the system hang while disable PSR Signed-off-by: Bruce Ashfield Signed-off-by: Steve Sakoman (cherry picked from commit 8ecf81b1960ab1001efe41cb3d132accf985e3dc) Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_5.15.bb | 6 ++--- .../linux/linux-yocto-tiny_5.15.bb | 6 ++--- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 8e5ff78790..5507690d74 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "b2a7dbd4edac7627c091c2ab14fec83726a4c79b" -SRCREV_meta ?= "b647d9611cb4936536e60a438292fc22df2fe000" +SRCREV_machine ?= "482797bf5730cf22143afe28d489363ca4bf44a2" +SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.118" +LINUX_VERSION ?= "5.15.119" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 77e11c100b..2641fe60f8 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.118" +LINUX_VERSION ?= "5.15.119" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "b79e89ab973aeb8ec48e2cd987436ab52678e795" -SRCREV_meta ?= "b647d9611cb4936536e60a438292fc22df2fe000" +SRCREV_machine ?= "ded230a888ef81ccedf0044bd8c2236f3b809599" +SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index c4266c6f30..9ee7a350d3 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "2290ac7e8d7fbb8e13a34468b85066c398c7d1f3" -SRCREV_machine:qemuarm64 ?= "3f3f2067c3ee4d9dffaed9b757583d013671cf25" -SRCREV_machine:qemumips ?= "f61a3b045bdfc9aa7da440852e0a79fd8d9b4d69" -SRCREV_machine:qemuppc ?= "7a2773ad8fb4ae4eb0183ccda8ec133098d13ec9" -SRCREV_machine:qemuriscv64 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemuriscv32 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemux86 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemux86-64 ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_machine:qemumips64 ?= "47d334232ab28f0f8d5316e07e11f8f14c6aaecc" -SRCREV_machine ?= "079c88490578df99b38570c8968b836b8347ed44" -SRCREV_meta ?= "b647d9611cb4936536e60a438292fc22df2fe000" +SRCREV_machine:qemuarm ?= "9ae4c8018039201ce683ff26bde47a3e3e6664ef" +SRCREV_machine:qemuarm64 ?= "58394274da1b4fdf69ca780001bf25eebfd1950f" +SRCREV_machine:qemumips ?= "bacfb28c9349b36afe3041e57d98551aa723bbc2" +SRCREV_machine:qemuppc ?= "d9efae0cb3731ab62cb81778c2fa5689594d34b1" +SRCREV_machine:qemuriscv64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemuriscv32 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemux86 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemux86-64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_machine:qemumips64 ?= "2ae09c410d8a5a0ec66d50368579dd3d3616072b" +SRCREV_machine ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" +SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "f67653019430833d5003f16817d7fa85272a6a76" +SRCREV_machine:class-devupstream ?= "4af60700a60cc45ee4fb6d579cccf1b7bca20c34" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.118" +LINUX_VERSION ?= "5.15.119" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Mon Jul 24 02:33:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27853 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2A0AC00528 for ; Mon, 24 Jul 2023 02:33:58 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web10.39379.1690166029797037470 for ; Sun, 23 Jul 2023 19:33:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=kpctfA3s; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-668730696a4so2059552b3a.1 for ; Sun, 23 Jul 2023 19:33:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166029; x=1690770829; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=9Z2J5I+jcLzi5UVbFD4ugKEVZiaKOWZ0peYbOd/tzvw=; b=kpctfA3sMpeTfByHaEteejLo7imv58VkSavtEca16IKFcbU70weL+KwZfCx62K83M3 xyy2qP7eaZa0IX30HUTK2tt+/k7y7iuP8ankTx6E0+us/QoclqgGv47YrkBLVqnCVidK M3+VVZO2StBS0CfSNWqmazQS44IqpPvVH6LBsk0ksq7a8vX1+TLf92b6sniOhhY8f2JG OupxOV3bSfN8Yjbhv4Q74WoNNBPy9NVb5qG3hgeC8KlGkPEtMZif1jmsdMlWbuHGoo/s Wr8hOlKR5dujohw57UixCAp/+7X8icweBDrAQ6DAcgAgeGSAqw4RMqGjR3bZXgC6RNe5 i3pg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166029; x=1690770829; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9Z2J5I+jcLzi5UVbFD4ugKEVZiaKOWZ0peYbOd/tzvw=; b=jV9gwVkKB0FAWl8zProIpTKX2CWkc2naHZp81cR+IJzRcwLKZgt4p4wqbBOWVCMmTN MTacIR3qGBusquxZ5+7iQGf2Tfu0NCq4oyjgJx3lc4YzZD4m+X9pBfzEcYyte0AMaZ0/ X/rt9s2U6vgvXUQekU9Y1nmFSZxFMYxorZfUpRrMaqvT7aOUPztVLpDdoJww8mRiP9j1 CqsH7mTMGdQrYATNMR0EDKK2TLNgembNvZryhIcv1AgX85RbZILOu7zfbQTgx4kdEDAP XT1OdBg9nUK5t43V4bp8GE/+ExiFNy3rdpbJZ+Ipi8ylHgqqXTVyUBFstPJSwNfQI1cS VU3w== X-Gm-Message-State: ABy/qLZ5J/66ROUYddOZoALfbp/YkOFpJK5VPkjShzGu4cM5Q7L5tKtT QiSev9JahqXNoF31lJSfN7tQfonu7UKNO6pXw44Ltw== X-Google-Smtp-Source: APBJJlFvdxr5cDdHfB7Ex25tJ5UJZ+Yflk1Q/yOAxTK6Siti4XFPx+33BelqyClaAdSczDihwkou3g== X-Received: by 2002:a05:6a00:2e82:b0:668:6eed:7c12 with SMTP id fd2-20020a056a002e8200b006686eed7c12mr7682711pfb.22.1690166028761; Sun, 23 Jul 2023 19:33:48 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:48 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 4/8] linux-yocto/5.15: update to v5.15.120 Date: Sun, 23 Jul 2023 16:33:29 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184773 From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: d54cfc420586 Linux 5.15.120 c06edf13f4cf nubus: Partially revert proc_create_single_data() conversion 6e65fa33edf5 parisc: Delete redundant register definitions in b4d8f8900021 drm/amdgpu: Validate VM ioctl flags. 26eb191bf5a0 scripts/tags.sh: Resolve gtags empty index generation 989b4a753c7e perf symbols: Symbol lookup with kcore can fail if multiple segments match stext 87f51cf60e3e Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe" 6a28f3490d3d HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651. 67ce7724637c HID: wacom: Use ktime_t rather than int when dealing with timestamps 347732317749 bpf: ensure main program has an extable d874cf9799a9 can: isotp: isotp_sendmsg(): fix return error fix on TX path 27d03d15bb8b x86/smp: Use dedicated cache-line for mwait_play_dead() d6c745ca4fc5 x86/microcode/AMD: Load late on both threads too 9052349685e9 drm/amdgpu: Set vmbo destroy after pt bo is created 796481bedc3e mm, hwpoison: when copy-on-write hits poison, take page offline 6713b8f11aa0 mm, hwpoison: try to recover from copy-on write faults b46021ab8304 mptcp: consolidate fallback and non fallback state machine 42ff95b4bd11 mptcp: fix possible divide by zero in recvmsg() Signed-off-by: Bruce Ashfield Signed-off-by: Steve Sakoman (cherry picked from commit 51c474534c27ac0739a6373595a49ebbc52c3715) Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_5.15.bb | 6 ++--- .../linux/linux-yocto-tiny_5.15.bb | 6 ++--- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index 5507690d74..8361787bdb 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "482797bf5730cf22143afe28d489363ca4bf44a2" -SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" +SRCREV_machine ?= "0b2e44360ea08b441883f16826c4720546a0886c" +SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.119" +LINUX_VERSION ?= "5.15.120" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 2641fe60f8..517aede49c 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.119" +LINUX_VERSION ?= "5.15.120" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "ded230a888ef81ccedf0044bd8c2236f3b809599" -SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" +SRCREV_machine ?= "bb0cc3f9542c03fba314f5da44e91556c641706f" +SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 9ee7a350d3..dc2cd79f97 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "9ae4c8018039201ce683ff26bde47a3e3e6664ef" -SRCREV_machine:qemuarm64 ?= "58394274da1b4fdf69ca780001bf25eebfd1950f" -SRCREV_machine:qemumips ?= "bacfb28c9349b36afe3041e57d98551aa723bbc2" -SRCREV_machine:qemuppc ?= "d9efae0cb3731ab62cb81778c2fa5689594d34b1" -SRCREV_machine:qemuriscv64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemuriscv32 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemux86 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemux86-64 ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_machine:qemumips64 ?= "2ae09c410d8a5a0ec66d50368579dd3d3616072b" -SRCREV_machine ?= "a05c1b953b7b7dbd195b7f826e8879d79587a4a3" -SRCREV_meta ?= "58ef8845366aea0e1719d00618444be34a765c15" +SRCREV_machine:qemuarm ?= "938c0c130bc6403d7e54ffc026a1eb32d10b34f9" +SRCREV_machine:qemuarm64 ?= "d248c07ace0f6bf2a94eaba26a2bdbdbcfb2ec15" +SRCREV_machine:qemumips ?= "19fdaea3b322820eb042622e68ede3cc99cdf87f" +SRCREV_machine:qemuppc ?= "8db87cbed6574bec3ece05bf4cbb275fd3497f50" +SRCREV_machine:qemuriscv64 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemuriscv32 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemux86 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemux86-64 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_machine:qemumips64 ?= "f7673229ddb5c9f3d77b5fb521c98f7dcd20f2ea" +SRCREV_machine ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a" +SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the /base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "4af60700a60cc45ee4fb6d579cccf1b7bca20c34" +SRCREV_machine:class-devupstream ?= "d54cfc420586425d418a53871290cc4a59d33501" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.119" +LINUX_VERSION ?= "5.15.120" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Mon Jul 24 02:33:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27851 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8FFDFC001DE for ; Mon, 24 Jul 2023 02:33:58 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web10.39381.1690166031378755815 for ; Sun, 23 Jul 2023 19:33:51 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=1Q+yGZoJ; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-66f5faba829so2367734b3a.3 for ; Sun, 23 Jul 2023 19:33:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166030; x=1690770830; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=gw+r46iwmZo1MzTnQueqi5V1bUEhNZPfAC1U6x1oL7g=; b=1Q+yGZoJx/97SYVdRVnD9ohu6tiPSL7q3omCkfIzZpH0g6CqzcbHZ5XE2cP2dyeeDb FU2YStlOzYnVZAawCHQTQmOAYS8FqFm+Jiq1eEkN0wSO4tfuWnFM0lsW0H+WaH7EXbLP ZpNgMvhKZftMgj4ySloQaRNxpxXVxZmQGrK5MPypw4+RXiu8fU8ArCSb372ttl1b+6Ni 5z4lZ4PuyzfOMHW38hh53bVfFPjyPhoTtjXhaJJu9A96oqOCPxAGXoihD280BbuSZ08l qiREwEx2+7z17qblDsyB22NjDKET4ujIQweGLvRcZvChxynePmg83tZgjdWGHw2W/iUC OpuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166030; x=1690770830; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=gw+r46iwmZo1MzTnQueqi5V1bUEhNZPfAC1U6x1oL7g=; b=lD4r4jAAAS6zsP0nsWJbInLcVfcUDcqZnlDYKDJJ2M2F7rrbmcSEFG8V5ToDF6ADNR nYhNcW8jDOTK2N+Rf0cz5OqIqGjh7UBsYRSrXx1xq+vKy/ahpHuQfMF0eBT41AnzSoNa NJCrtRzCBLO9agzVbuU7jr6eFpMXvPBQFwlEc0SAL5rebWAPHIHrOtXp/DAC3rsflgnR IVHq4ZTw6CRpwlJmHTLwhkJaDtAZOqM4kqGD0VwWbvPssQp9YrlvXMLaNJzXo5tV9kh5 AM5UqzNMziQDaTRVf4NkdGl2TFl/nxT4QUO1pMEEw9Rw0IbGs/JZyUpDt0YKv/GxbnBD YGrw== X-Gm-Message-State: ABy/qLYmhRdx77wRbkT5bWSmQpSUmMQFkux0Bpg8X3W3qI+ECmFBB8jy K4vI8KLuSi6Jk0J4zsWT9qmJd3wItFdeBBXUYOuu5g== X-Google-Smtp-Source: APBJJlHy6KdTfuxFKglYVaw97y+ON5p6TlUogEvsla4J0k80/J2lE/fx28ZFKnOBVa/Ie4sbWlkzHA== X-Received: by 2002:a05:6a00:17a8:b0:679:bc89:e5b with SMTP id s40-20020a056a0017a800b00679bc890e5bmr8950465pfg.19.1690166030425; Sun, 23 Jul 2023 19:33:50 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:50 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 5/8] gcc: don't pass --enable-standard-branch-protection Date: Sun, 23 Jul 2023 16:33:30 -1000 Message-Id: <759327cf6bd79118bae0c68e63742ae4721471d8.1690165924.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184774 From: Ross Burton By changing the default code generation of GCC we're inadvertently breaking the GCC test suite, which has ~120K+ more failures when run for aarch64 compared to x86-64. This was because the generated code fragments included the BTI instructions, which the test case wasn't expecting. We can't tell the tests globally to run without branch protection, as that will break the tests which also turn it on. Remove the enabling of branch protection by standard in GCC, we'll enable it in the tune files instead. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit bb4b9017db6a893ed054a2d2ad4cc671dec09c42) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/gcc/gcc-configure-common.inc | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-devtools/gcc/gcc-configure-common.inc b/meta/recipes-devtools/gcc/gcc-configure-common.inc index e4cdb73f0a..dba25eb754 100644 --- a/meta/recipes-devtools/gcc/gcc-configure-common.inc +++ b/meta/recipes-devtools/gcc/gcc-configure-common.inc @@ -40,7 +40,6 @@ EXTRA_OECONF = "\ ${@get_gcc_mips_plt_setting(bb, d)} \ ${@get_gcc_ppc_plt_settings(bb, d)} \ ${@get_gcc_multiarch_setting(bb, d)} \ - --enable-standard-branch-protection \ " # glibc version is a minimum controlling whether features are enabled. From patchwork Mon Jul 24 02:33:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27854 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 92E94C04A6A for ; Mon, 24 Jul 2023 02:33:58 +0000 (UTC) Received: from mail-yw1-f178.google.com (mail-yw1-f178.google.com [209.85.128.178]) by mx.groups.io with SMTP id smtpd.web10.39383.1690166033465697364 for ; Sun, 23 Jul 2023 19:33:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=3kuTWqPf; spf=softfail (domain: sakoman.com, ip: 209.85.128.178, mailfrom: steve@sakoman.com) Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-57026f4bccaso48276627b3.2 for ; Sun, 23 Jul 2023 19:33:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166032; x=1690770832; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=L8hi0fFIMc7RGotE9zL4OeAXM05v46L0ISABcU6tVrU=; b=3kuTWqPfUvaJLGnQ3sRyAxal+3NivibSz3IV4UjPTnoTHNrf/0JhjpEA3q+RD/XCsO RindoRzJkE8FV8RIeDEu1Sav4O6+bl2s5zqzgba5B49jnU9KPKUX+G4IOU6KTo9FOYxA U1+J/UpO2c3aOVxK0Sds+L8uTerHcLVUnjZ1VoJmS5VFEjA82YaWErTF6EQK0P8yBFI5 99jyhfwRQyXka/DSPqIKj85T68N+KxIWSUsInKY12UMLWXharg2Jq9n2x+MKwQxFmmLh FIk9Opey6yDv0E6mSFdyvmgF1wkq8e9K9E/pMVv1VI5dcP6jRYzzrHqzr3YZTqQmARsd 0GzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166032; x=1690770832; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L8hi0fFIMc7RGotE9zL4OeAXM05v46L0ISABcU6tVrU=; b=Nvo0IQpTkjLazGicpzb2f6N/H8FxWbRtWaRAxPh8qXX2aOf7D8AXRoMEXxcrE1ZN+o EZSsGlOV1hrq0vwx8uXHUui5pI2r2LRJ/WinbwqMvCYtCiTwSN54Toa/4DMLPlCL/WFb 3Y410Haypbiizr/e7/A6fScVsF1gE92LDjUQyBBHOd6wMTmDeC9DzPpif8fAodqRoJzf AOqt4rOUhFy40pikTRkVpDLUoAKOs5T0vES0Ye+6PsWMN9QcL7Q1Plyz9KimMjkg8tsk 7SS14CoU7xWAOCuycNKCWAuOOEdCHA9QzmXcg7XDLxbgXr2QtWGghfPehWatJGYIO+er fPbQ== X-Gm-Message-State: ABy/qLagFNNuqNxSEX+nhsbSRSjC+QrVqC+8D1XwgH51rezJRZwfA1EG qM1fJ63N6Zt5UWBnB6MuxTSvL2pu3xL0o6nUwbZJUA== X-Google-Smtp-Source: APBJJlGvXx8HRLEuYz46ltX1eHYp1J4tSbInFY1WER4cBh7yRleUlethdyssjabKbezyVykbAfLKcA== X-Received: by 2002:a81:48c7:0:b0:56f:fcf0:2da3 with SMTP id v190-20020a8148c7000000b0056ffcf02da3mr5875396ywa.12.1690166032205; Sun, 23 Jul 2023 19:33:52 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:51 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 6/8] machine/arch-arm64: add -mbranch-protection=standard Date: Sun, 23 Jul 2023 16:33:31 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184775 From: Ross Burton Enable branch protection (PAC/BTI) for all aarch64 builds. This was previously enabled at a global level in the GCC build, but that breaks the gcc test suite. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 8905639d1cdc5ce809cc5ecd9672f5e86bf8a579) Signed-off-by: Steve Sakoman --- meta/conf/machine/include/arm/arch-arm64.inc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta/conf/machine/include/arm/arch-arm64.inc b/meta/conf/machine/include/arm/arch-arm64.inc index 0e2efb5a40..832d0000ac 100644 --- a/meta/conf/machine/include/arm/arch-arm64.inc +++ b/meta/conf/machine/include/arm/arch-arm64.inc @@ -37,3 +37,8 @@ TUNE_ARCH = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TUNE_ARCH_64}', TUNE_PKGARCH = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TUNE_PKGARCH_64}', '${TUNE_PKGARCH_32}', d)}" ABIEXTENSION = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${ABIEXTENSION_64}', '${ABIEXTENSION_32}', d)}" TARGET_FPU = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TARGET_FPU_64}', '${TARGET_FPU_32}', d)}" + +# Emit branch protection (PAC/BTI) instructions. On hardware that doesn't +# support these they're meaningless NOP instructions, so there's very little +# reason not to. +TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', ' -mbranch-protection=standard', '', d)}" From patchwork Mon Jul 24 02:33:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27849 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 81E18C001B0 for ; Mon, 24 Jul 2023 02:33:58 +0000 (UTC) Received: from mail-il1-f180.google.com (mail-il1-f180.google.com [209.85.166.180]) by mx.groups.io with SMTP id smtpd.web10.39384.1690166034990545033 for ; Sun, 23 Jul 2023 19:33:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=H9ILo603; spf=softfail (domain: sakoman.com, ip: 209.85.166.180, mailfrom: steve@sakoman.com) Received: by mail-il1-f180.google.com with SMTP id e9e14a558f8ab-34884a8f285so23130755ab.0 for ; Sun, 23 Jul 2023 19:33:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166034; x=1690770834; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TNLxap/hBjr6Jmuwpr18Eb7WCBTH5tAE00EAwGjeQBg=; b=H9ILo603WMkJFVX2HrqxbvRGT6YlVHDQSdcMeCTuc4PpGa6leISUHcK+F+RWNDoEfH HoG2fWvDpGGiQtWva7WtmKXMOFJOlx6uNBY9yhjpZbrVDeeqLk+Onqk/9k26ZxCafIKw DNYIYH+NTuHgL2uNFKdKvhZorwhB8ms0N2MCg1KTNC1eb5O2w9lsc7KkREBCftNwaiR5 TIwiPSmeJMX88ztpoGz2CRjRo8OiqnB0DD2HS6DQ97XgE7h/fkDnCXPtxq08r/92TI10 HNmPnxTA8PbkXVwBsQX1oEiApaS9yz556NFVc6RuRKpBL5AgPXA6SdOm+ARwN8b+0wMh KbBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166034; x=1690770834; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TNLxap/hBjr6Jmuwpr18Eb7WCBTH5tAE00EAwGjeQBg=; b=GalLsH6U5K4boiU3tBRbBSDx9FclBDVhSIGz21f8LTExCdTEkY2T7Yauoag99HmPiT w53yFoiK/AU8veMn2DzWJWEby1X4AQlJPxYwU/0UYKk1yfnFByw2eS2FW0QpscDqMxa2 PBbchFetileGtdAUaawMQdtF6GTNIpVZPyJrhfxqlevEz22Q01ZSOPNwrxVQIe5MlPY6 chav/zKeWpMiG8/zaQSNlUT5kKZ72SH48aODjjkxSk+sjAeHQTY+iyy+Mcwz0vo4Gq1B Nt+Vm3cZikZyNnKu5LbG9/0kz2Gop57I6X+gupvmmjcZqCEiHE+x/aCD6D6Sj3qNEVu4 Rukw== X-Gm-Message-State: ABy/qLY49zXP/tKmSdTg2sjUlSf9d2IJ24JyFzj5FxugTGD77VH3upOE nCNaMrwUvIV1fKVF3rfPwZLItFDp1dTTWAk6S3DuUg== X-Google-Smtp-Source: APBJJlH9QdQAT7hsBnLr/JiCcZW8sZC5I9iUx69k90ov8E9dA0MZ89IZy283nsJ3lkqb3+XXX/VHnQ== X-Received: by 2002:a05:6e02:1290:b0:346:66f6:4da2 with SMTP id y16-20020a056e02129000b0034666f64da2mr7201646ilq.10.1690166033892; Sun, 23 Jul 2023 19:33:53 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:53 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 7/8] gcc-testsuite: Fix ppc cpu specification Date: Sun, 23 Jul 2023 16:33:32 -1000 Message-Id: <3a1b9f300a796e1216d0094043dba7b0f39ec869.1690165924.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184776 From: Richard Purdie After this change in qemu: https://gitlab.com/qemu-project/qemu/-/commit/c7e89de13224c1e6409152602ac760ac91f606b4 there is no 'max' cpu model on ppc. Drop it to clean up ppc gcc testsuite failures. In order for this to work we do need to pull in the alternative cpu option from QEMU_EXTRAOPTIONS on powerpc. Signed-off-by: Richard Purdie (cherry picked from commit c447f2b21b20fb2b1829d540af2cc0bf8242700c) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/gcc/gcc-testsuite.inc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/gcc/gcc-testsuite.inc b/meta/recipes-devtools/gcc/gcc-testsuite.inc index f68fec58ed..64f60c730f 100644 --- a/meta/recipes-devtools/gcc/gcc-testsuite.inc +++ b/meta/recipes-devtools/gcc/gcc-testsuite.inc @@ -51,9 +51,10 @@ python check_prepare() { # enable all valid instructions, since the test suite itself does not # limit itself to the target cpu options. # - valid for x86*, powerpc, arm, arm64 - if qemu_binary.lstrip("qemu-") in ["x86_64", "i386", "ppc", "arm", "aarch64"]: + if qemu_binary.lstrip("qemu-") in ["x86_64", "i386", "arm", "aarch64"]: args += ["-cpu", "max"] - + elif qemu_binary.lstrip("qemu-") in ["ppc"]: + args += d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('PACKAGE_ARCH')).split() sysroot = d.getVar("RECIPE_SYSROOT") args += ["-L", sysroot] # lib paths are static here instead of using $libdir since this is used by a -cross recipe From patchwork Mon Jul 24 02:33:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 27852 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 83A7AC41513 for ; Mon, 24 Jul 2023 02:33:58 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web11.39769.1690166036556652196 for ; Sun, 23 Jul 2023 19:33:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20221208.gappssmtp.com header.s=20221208 header.b=q/MHBTk9; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-666e6ecb52dso2021698b3a.2 for ; Sun, 23 Jul 2023 19:33:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20221208.gappssmtp.com; s=20221208; t=1690166036; x=1690770836; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=w8NP6uuwqOanog0SLh8u7o0mk6XhOnub5IoFtlf/RXs=; b=q/MHBTk9HMPo5vBp5072d8zWtZ9dwyNtTIia6iEkTMCGDaLFMUQS6MiGXoAghGmMXa k3qIhAybJcGlcx1ivg2uCrEinGO4D2ID5QSpbkWjQjWtnsgCF5VEZ0ycKzi2qyVPFEBR drZnncWWMmBYBjJBdteEvJVAK31qxY6FYWit6a4asUHbpOhZmwgQ1Xl9ssBmAyRBsol/ qOwPnRJYbxJrtCFKlbZWdhNMQ3jPL7uztgxmVoZ9FUN+esCKieD6H4iKhxQuvkP0CIFh CRQPjImHw1az0BWgh4JdI1SzHxcvA3/Z39xSsM47go0ttSNx4+xny0FyjjoyfHZBcjVc aj2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690166036; x=1690770836; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=w8NP6uuwqOanog0SLh8u7o0mk6XhOnub5IoFtlf/RXs=; b=kwx86mtjnrdg3/NQxA53a7C0feiONBuwVVAiQIpNV+Oz02pCFH6vGsG4n8cPRdDNw2 O4DgDxyym5Cov4zG7OmRHDuWcBacBhtG0nIXfuO7sHlNxV72b2mDoQB2e+Jdie9FoIB+ 0qloBYznz+ngquhA6P1pklxgwrzRSjr3xhn8zud0bfLndUJp8h2zi97JclmlztZ52t+G BCESy0iBP6mCQn6Ory3Q8MnestbY+GqWg5vPcd9NXKA4XZavqw9Qd6yFvDO3R6QMh7Zi piTfWd/9KS9KwX9hV3NmM3NCMZ5Knj97AVYLm4One2AI0ausc5DVvQpnHU2sHFTmzH2V qhcg== X-Gm-Message-State: ABy/qLZjclTWTy2KvF0e+mLU+AnHTRAu8/dyxcApjTNnEnYSCmPwjWYu NGBsPvl2NfQiXzwt9LAv3xIeUjfp8LIFVr/1UPS+Kw== X-Google-Smtp-Source: APBJJlH6mnSnSvOiNGji9+BHJF72nl7jFdEYlDxZz0e2cIUWDBbvzB3wYCT3L/3Cjmvc1snMGU1BHQ== X-Received: by 2002:a05:6a00:2312:b0:644:d775:60bb with SMTP id h18-20020a056a00231200b00644d77560bbmr4899026pfh.20.1690166035609; Sun, 23 Jul 2023 19:33:55 -0700 (PDT) Received: from hexa.lan (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id j1-20020aa783c1000000b0063f00898245sm1024174pfn.146.2023.07.23.19.33.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Jul 2023 19:33:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 8/8] package.bbclass: moving field data process before variable process in process_pkgconfig Date: Sun, 23 Jul 2023 16:33:33 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 24 Jul 2023 02:33:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/184777 From: Xiangyu Chen Currently, the latest version abseil-cpp contains a new library named "absl_log_internal_format", it's basic package config(.pc file) as below: prefix=/usr exec_prefix=${prefix} ...... Requires: absl_config = 20230125, absl_core_headers = 20230125, absl_log_internal_append_truncated = 20230125, absl_log_internal_config = 20230125, absl_log_internal_globals = 20230125, absl_log_severity = 20230125, absl_strings = 20230125, absl_str_format = 20230125, absl_time = 20230125, absl_span = 20230125 ...... Normally, the process_pkgconfig() would process variable data before field data in a .pc file, but in the absl_log_internal_format, the field data in "Requires" section contains "xxxx = xxxx" format, the process_pkgconfig() treats them as normal variable and using the setVar() in bitbake's data_smart.py try to process. The absl_log_internal_format field data contains "_append_", this hit the setVar() checking and finally bitbake stop building and reporting an error as below: "Variable xxx contains an operation using the old override syntax. Please convert this layer/metadata before attempting to use with a newer bitbake." This patch move the field data process before variable process to avoid the process_pkgconfig() treat the field data as variable. Signed-off-by: Xiangyu Chen (cherry picked from commit a73e269d3e591a10bb397b94b82e3fb960112d33) Signed-off-by: Clément Péron Signed-off-by: Steve Sakoman --- meta/classes/package.bbclass | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass index fed2f5531d..67351b2510 100644 --- a/meta/classes/package.bbclass +++ b/meta/classes/package.bbclass @@ -2178,18 +2178,18 @@ python package_do_pkgconfig () { with open(file, 'r') as f: lines = f.readlines() for l in lines: - m = var_re.match(l) - if m: - name = m.group(1) - val = m.group(2) - pd.setVar(name, pd.expand(val)) - continue m = field_re.match(l) if m: hdr = m.group(1) exp = pd.expand(m.group(2)) if hdr == 'Requires': pkgconfig_needed[pkg] += exp.replace(',', ' ').split() + continue + m = var_re.match(l) + if m: + name = m.group(1) + val = m.group(2) + pd.setVar(name, pd.expand(val)) for pkg in packages.split(): pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist")