From patchwork Fri Feb 4 14:12:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3292 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B11CC433EF for ; Fri, 4 Feb 2022 14:12:55 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:12:54 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=FSkNtnDF; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983973; x=1675519973; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=GEtuFKBVP2RBCc0eF77gznXRgAPT9CIv3ISg6k1OIJQ=; b=FSkNtnDFI82BZE5yREB4v+rtzA9gc+eWrLWCjn8VniwR0DXj/vE2TbmL CZtvw8XThkX0FivouIHdytCbMBXJNRr+SLk57XYE6jjXi5lZnjLO8qqKa kz15Z/JKSqcFfOPYQrRtPF/knwgB6qdTuRsZSCgyd3Vf4z/GKQ0mebUzh Jf2NIMTVLpUUhIYiDeIMtsr7Hbvx7LGbuydu46gohW/6Si1IZmyQ8fxop zU4Pjpqfdwix/rBNTOOgo+/4zcqSO1vE4WNSQ3cvEkeQgirT9lr8bPkEG 0sa01voc0Yi4y5CqlG5Ds2KocCfU+ak/wdc/x7sqamnhvQRgV5BIxgVRx g==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321585" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321585" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:53 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566749991" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:52 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 01/17] kernel: introduce python3-dtschema-wrapper Date: Fri, 4 Feb 2022 22:12:27 +0800 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:12:55 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161348 From: Bruce Ashfield The 5.16 kernel introduced mandatory schema checking on any dtb file built through the kernel. That funcionality is provided via python3-dt-schema. The dependencies to enable that functionality is not small, and may not always be desired (in particular on architectures that do not support dtbs, or in development cycles). It may also be useful for allowing a non-conformant dts to be compiled. This commit introduces a set of wrapper scripts that when added as a depenency to the kernel, can pass both the validation testing and validation steps of a dts. Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie Backported from oe-core commit 2566563ad49d. Signed-off-by: Paul Barker Signed-off-by: Anuj Mittal --- meta/conf/distro/include/maintainers.inc | 1 + .../python3-dtschema-wrapper/dt-doc-validate | 20 +++++++++++++++++++ .../dtc/python3-dtschema-wrapper/dt-mk-schema | 20 +++++++++++++++++++ .../dtc/python3-dtschema-wrapper/dt-validate | 20 +++++++++++++++++++ .../dtc/python3-dtschema-wrapper_2021.10.bb | 17 ++++++++++++++++ 5 files changed, 78 insertions(+) create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc index b3b7711a0c..2b54d2d12f 100644 --- a/meta/conf/distro/include/maintainers.inc +++ b/meta/conf/distro/include/maintainers.inc @@ -592,6 +592,7 @@ RECIPE_MAINTAINER:pn-python3-cython = "Oleksandr Kravchuk +# License: MIT (see COPYING.MIT at the root of the repository for terms) + +for arg; do + case "$arg" in + --version) + echo "v2021.10" + ;; + esac +done + +# TBD: left for future consideration +# exec dt-doc-validate.real "$@" + +# we always succeed +exit 0 + diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema new file mode 100644 index 0000000000..24b89d8619 --- /dev/null +++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema @@ -0,0 +1,20 @@ +#!/bin/sh +# dt-mk-schema wrapper to allow kernel dt-validation to pass +# +# Copyright (C) 2021 Bruce Ashfield +# License: MIT (see COPYING.MIT at the root of the repository for terms) + +for arg; do + case "$arg" in + --version) + echo "v2021.10" + ;; + esac +done + +# TBD: left for future consideration +# exec dt-mk-schema.real "$@" + +# we always succeed +exit 0 + diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate new file mode 100644 index 0000000000..8a4710a7ed --- /dev/null +++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate @@ -0,0 +1,20 @@ +#!/bin/sh +# dt-validate wrapper to allow kernel dt-validation to pass +# +# Copyright (C) 2021 Bruce Ashfield +# License: MIT (see COPYING.MIT at the root of the repository for terms) + +for arg; do + case "$arg" in + --version) + echo "v2021.10" + ;; + esac +done + +# TBD: left for future consideration +# exec dt-validate.real "$@" + +# we always succeed +exit 0 + diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb b/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb new file mode 100644 index 0000000000..c869274d09 --- /dev/null +++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Wrapper for tooling for devicetree validation using YAML and jsonschema" +HOMEPAGE = "https://yoctoproject.org" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +SRC_URI = "file://dt-doc-validate \ + file://dt-mk-schema \ + file://dt-validate" + +do_install() { + install -d ${D}${bindir}/ + install -m 755 ${WORKDIR}/dt-doc-validate ${D}${bindir}/ + install -m 755 ${WORKDIR}/dt-mk-schema ${D}${bindir}/ + install -m 755 ${WORKDIR}/dt-validate ${D}${bindir}/ +} + +BBCLASSEXTEND = "native nativesdk" From patchwork Fri Feb 4 14:12:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3293 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25D1AC4332F for ; Fri, 4 Feb 2022 14:12:56 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:12:55 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=EVBKZh0R; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983975; x=1675519975; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=4biG4CgvShTvQSPwhjnUbnJUltfNn+iWoMBFSZmua5U=; b=EVBKZh0RkOYsZsIQg4ubFHYfcdpUDtt+1hPPdhCtu1Rb3GDe5TF8Q7mq NA9EWssl2LizPF5SjcBGwYarxhI7xtp4fVzWqxXEAiJfFMQcD4Ow8tzst R9P05Yr7UNPYs7Oswa9IkkcdakFlzg/Ze1urx5tN1E4FeVUXuokfaBxOE 4pR0M7a32jn6YJBoGg3Qb+mNpfQvE/WjMcOgmiU3E2WSII1iU91UVLpvw h0AGrHz+D7Sl6Wp5okiupgGmzrGbko9Kd2YLV15alOsNHBxTRsreXFYTP MJSkMhlmfn3hbxC2GgrgiWfvqdA8SXU/Lgxq+S53gkQ4b5ZeYuTnHJyBj g==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321587" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321587" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:55 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566749998" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:53 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 02/17] sstate: A third fix for for touching files inside pseudo Date: Fri, 4 Feb 2022 22:12:28 +0800 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:12:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161349 From: Peter Kjellerstedt This continues where commit676757f "sstate: fix touching files inside pseudo" and commit 29fc8599 "sstate: another fix for touching files inside pseudo" left off. The previous changes switched from trying to check if the sstate file is writable before touching it, to always touching the sstate file and ignoring any errors. However, if the sstate file is actually a symbolic link that links to nothing, this would actually result in an empty sstate file being created. And this in turn leads to that future setscene tasks will fail when they try to unpack the empty file. Change the code so that if an sstate file linking to nothing already exists, it is overwritten with the new sstate file. Also change it so that the temporary file that is used is always removed, even if ln fails to link the sstate file to it. Signed-off-by: Peter Kjellerstedt Signed-off-by: Richard Purdie Signed-off-by: Anuj Mittal --- meta/classes/sstate.bbclass | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass index ba2c9fee35..566a58dafb 100644 --- a/meta/classes/sstate.bbclass +++ b/meta/classes/sstate.bbclass @@ -852,14 +852,18 @@ sstate_create_package () { fi chmod 0664 $TFILE # Skip if it was already created by some other process - if [ ! -e ${SSTATE_PKG} ]; then + if [ -h ${SSTATE_PKG} ] && [ ! -e ${SSTATE_PKG} ]; then + # There is a symbolic link, but it links to nothing. + # Forcefully replace it with the new file. + ln -f $TFILE ${SSTATE_PKG} || true + elif [ ! -e ${SSTATE_PKG} ]; then # Move into place using ln to attempt an atomic op. # Abort if it already exists - ln $TFILE ${SSTATE_PKG} && rm $TFILE + ln $TFILE ${SSTATE_PKG} || true else - rm $TFILE + touch ${SSTATE_PKG} 2>/dev/null || true fi - touch ${SSTATE_PKG} 2>/dev/null || true + rm $TFILE } python sstate_sign_package () { @@ -889,7 +893,7 @@ python sstate_report_unihash() { sstate_unpack_package () { tar -xvzf ${SSTATE_PKG} # update .siginfo atime on local/NFS mirror if it is a symbolic link - [ ! -h ${SSTATE_PKG}.siginfo ] || touch -a ${SSTATE_PKG}.siginfo 2>/dev/null || true + [ ! -h ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch -a ${SSTATE_PKG}.siginfo 2>/dev/null || true # update each symbolic link instead of any referenced file touch --no-dereference ${SSTATE_PKG} 2>/dev/null || true [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig 2>/dev/null || true From patchwork Fri Feb 4 14:12:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3294 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2601DC433EF for ; Fri, 4 Feb 2022 14:12:57 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:12:56 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Jnx+LVy/; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983976; x=1675519976; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=ww5RM/fgc2bvuuxg1z1xiTkKXNEeSNQDSjtCKAyXkr8=; b=Jnx+LVy/5/ZgAOnLEaC5lFY4UrwDK2IJBkVBSpCe+BhgJLyy4mFybmlq WTQWJOQEHUXPxkGnPsnF6cm40Xcv+aq7OI57/sqAT3B4el31smH+y6Ur+ hLZLTaAHalokMsK5++8/v9jNyZptxDH2cuKisBjAniIpBVvj8Nq24HS3h H2iHtiZolBmbvgXW0qUDLuIi/1uRuBPt4gnxSdK+WCLXDLdyRJBepKzNz TfPfzIghdB7uhnHrkZmms+1LYQET4G+pxhQJBqtDVJEonsZ14MT7+YvKX yFefVv+W79IeFBWjtkcaoFwJ1U/UaLKquqj+C1uKGikf/JZTtHkyv3tHC g==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321592" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321592" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:56 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750008" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:55 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 03/17] insane.bbclass: Correct package_qa_check_empty_dirs() Date: Fri, 4 Feb 2022 22:12:29 +0800 Message-Id: <3f183a7f5b4704b32bd094d5ebbe8584ce26ae34.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:12:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161350 From: Peter Kjellerstedt The oe.qa.add_message() method is not available in Honister, use package_qa_add_message() instead. Signed-off-by: Peter Kjellerstedt Signed-off-by: Anuj Mittal --- meta/classes/insane.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass index bfaf2577d0..2c8f5338e5 100644 --- a/meta/classes/insane.bbclass +++ b/meta/classes/insane.bbclass @@ -945,7 +945,7 @@ def package_qa_check_empty_dirs(pkg, d, messages): recommendation = (d.getVar('QA_EMPTY_DIRS_RECOMMENDATION:' + dir) or "but it is expected to be empty") msg = "%s installs files in %s, %s" % (pkg, dir, recommendation) - oe.qa.add_message(messages, "empty-dirs", msg) + package_qa_add_message(messages, "empty-dirs", msg) def package_qa_check_encoding(keys, encode, d): def check_encoding(key, enc): From patchwork Fri Feb 4 14:12:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3295 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25FD6C433EF for ; Fri, 4 Feb 2022 14:12:59 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:12:58 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=fnLsnGzd; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983977; x=1675519977; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=fWO+daPh0XaM6YTxt0pkStSE5s+R9tUGEctZ6eE7gwY=; b=fnLsnGzddNRNeY0aEukVI9HhyjMno+MAeapFLtx9MZ1dNtwKGDWWEqOS 2tKqEBC6zk6qMPsKLkIhdU6XnaCLykY0Kj95CibP5uJFNGN3wqN24bVCj nhJjkqwK6NhS410g1ScSPfHTHAhklMhpB7q6HsTSmQfoYu8mhHu0Vf05O xrKo1HVkyFp4mJSwkW9cdYVEfVkVMTUiB3DuT6aN41GFgirpa6DPDEZgG Kf+4jsmYnjQWyCiIBThTXyDNCbfCjRlI+9vHw1UXjqGuWVjUgfRrGjcku N4W7IBgs0UMHESO6MoLYEFWjIZLiMEtNlOrMpkAo3P1lBfKUqAiTleCey w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321599" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321599" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:57 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750021" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:56 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 04/17] sstate: Improve failure to obtain archive message/handling Date: Fri, 4 Feb 2022 22:12:30 +0800 Message-Id: <25a7e8dae10dde6073dcdd80f1e2448b59dc9d1a.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:12:59 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161351 From: Richard Purdie The bb.fatal() case where sstate failed to find/use an archive in setcene tasks is suboptimal. Bitbakes handling of setscene tasks will be to warn but the fatal will turn this into an error, despite the real task being rerun. In these failure cases other messages would usually have been printed so turn this into a warning and raise a handled exception status so that bitbake knows to fail the task but not print more messages. Signed-off-by: Richard Purdie (cherry picked from commit 7875baeca7a3ed216b2442fb8771e51efbfa5a4f) Signed-off-by: Anuj Mittal --- meta/classes/sstate.bbclass | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass index 566a58dafb..103de01264 100644 --- a/meta/classes/sstate.bbclass +++ b/meta/classes/sstate.bbclass @@ -788,7 +788,9 @@ def sstate_setscene(d): shared_state = sstate_state_fromvars(d) accelerate = sstate_installpkg(shared_state, d) if not accelerate: - bb.fatal("No suitable staging package found") + msg = "No sstate archive obtainable, will run full task instead." + bb.warn(msg) + raise bb.BBHandledException(msg) python sstate_task_prefunc () { shared_state = sstate_state_fromvars(d) From patchwork Fri Feb 4 14:12:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3296 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2BF71C433FE for ; Fri, 4 Feb 2022 14:13:00 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:12:59 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=SZ+bWeg7; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983979; x=1675519979; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=0iHIdi+kRne/6sC50RPm5q7ArQD/lgKu0D7rLB3jaAk=; b=SZ+bWeg7G5O/SNmLzjfODXURNitybcc/cVtuwMUM840RkHYyXNrNZ5J3 fDcOdFpTFLZ9PyOqo+zR5OSq9URUFIk2h1y4d1yPkAkcIKm6RwZzE74d/ UTxv1sLSzLgLYpTMNNUs9qYOFcXQKtFUj7+eWgANIbEJnmG0urZUaMJ2w 2M/pR7suqgSKD3Twzk2x4ijUUD5Czu8XoP5+VoSlLN7hPDJXxJDu+uP2Z TNPD6p3mLt/A9E5KM01sYg/NjzFROIwN9ENnZ4EHpyJL3TmT1Z0C2Q8iK oN4XQB74aT6tI3yrocxzif+DTloh5YXRmRkweaWEtO6XoW3+LgnyFaF2e g==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321602" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321602" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:59 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750031" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:57 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 05/17] glibc : Fix CVE-2021-3998 Date: Fri, 4 Feb 2022 22:12:31 +0800 Message-Id: <184125f7213fc2fc024c4055d269a3a812504f60.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:00 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161352 From: Pgowda Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=062ff490c1467059f6cd64bb9c3d85f6cc6cf97a] Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5] Signed-off-by: pgowda Signed-off-by: Richard Purdie (cherry picked from commit 20cc83dd8d323d7ea86b3625f4e8da94c160def9) Signed-off-by: Anuj Mittal --- .../glibc/glibc/0001-CVE-2021-3998.patch | 282 ++++++++++++++++++ .../glibc/glibc/0002-CVE-2021-3998.patch | 138 +++++++++ meta/recipes-core/glibc/glibc_2.34.bb | 2 + 3 files changed, 422 insertions(+) create mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch create mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch new file mode 100644 index 0000000000..c6bd5916e3 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch @@ -0,0 +1,282 @@ +From fb7bff12e81c677a6622f724edd4d4987dd9d971 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 18 Jan 2022 13:29:36 +0530 +Subject: [PATCH] support: Add helpers to create paths longer than PATH_MAX + +Add new helpers support_create_and_chdir_toolong_temp_directory and +support_chdir_toolong_temp_directory to create and descend into +directory trees longer than PATH_MAX. + +Reviewed-by: Adhemerval Zanella +Signed-off-by: Siddhesh Poyarekar + +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=062ff490c1467059f6cd64bb9c3d85f6cc6cf97a] +CVE: CVE-2021-3998 + +Signed-off-by: Pgowda +--- + support/temp_file.c | 159 +++++++++++++++++++++++++++++++++++++++++--- + support/temp_file.h | 9 +++ + 2 files changed, 159 insertions(+), 9 deletions(-) + +diff --git a/support/temp_file.c b/support/temp_file.c +index e7bb8aadb9..e41128c2d4 100644 +--- a/support/temp_file.c ++++ b/support/temp_file.c +@@ -1,5 +1,6 @@ + /* Temporary file handling for tests. + Copyright (C) 1998-2021 Free Software Foundation, Inc. ++ Copyright The GNU Tools Authors. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -20,15 +21,17 @@ + some 32-bit platforms. */ + #define _FILE_OFFSET_BITS 64 + ++#include + #include + #include + #include + ++#include + #include + #include + #include + #include +-#include ++#include + + /* List of temporary files. */ + static struct temp_name_list +@@ -36,14 +39,20 @@ static struct temp_name_list + struct temp_name_list *next; + char *name; + pid_t owner; ++ bool toolong; + } *temp_name_list; + + /* Location of the temporary files. Set by the test skeleton via + support_set_test_dir. The string is not be freed. */ + static const char *test_dir = _PATH_TMP; + +-void +-add_temp_file (const char *name) ++/* Name of subdirectories in a too long temporary directory tree. */ ++static char toolong_subdir[NAME_MAX + 1]; ++static bool toolong_initialized; ++static size_t toolong_path_max; ++ ++static void ++add_temp_file_internal (const char *name, bool toolong) + { + struct temp_name_list *newp + = (struct temp_name_list *) xcalloc (sizeof (*newp), 1); +@@ -53,12 +62,19 @@ add_temp_file (const char *name) + newp->name = newname; + newp->next = temp_name_list; + newp->owner = getpid (); ++ newp->toolong = toolong; + temp_name_list = newp; + } + else + free (newp); + } + ++void ++add_temp_file (const char *name) ++{ ++ add_temp_file_internal (name, false); ++} ++ + int + create_temp_file_in_dir (const char *base, const char *dir, char **filename) + { +@@ -90,8 +106,8 @@ create_temp_file (const char *base, char + return create_temp_file_in_dir (base, test_dir, filename); + } + +-char * +-support_create_temp_directory (const char *base) ++static char * ++create_temp_directory_internal (const char *base, bool toolong) + { + char *path = xasprintf ("%s/%sXXXXXX", test_dir, base); + if (mkdtemp (path) == NULL) +@@ -99,16 +115,132 @@ support_create_temp_directory (const cha + printf ("error: mkdtemp (\"%s\"): %m", path); + exit (1); + } +- add_temp_file (path); ++ add_temp_file_internal (path, toolong); + return path; + } + +-/* Helper functions called by the test skeleton follow. */ ++char * ++support_create_temp_directory (const char *base) ++{ ++ return create_temp_directory_internal (base, false); ++} ++ ++static void ++ensure_toolong_initialized (void) ++{ ++ if (!toolong_initialized) ++ FAIL_EXIT1 ("uninitialized toolong directory tree\n"); ++} ++ ++static void ++initialize_toolong (const char *base) ++{ ++ long name_max = pathconf (base, _PC_NAME_MAX); ++ name_max = (name_max < 0 ? 64 ++ : (name_max < sizeof (toolong_subdir) ? name_max ++ : sizeof (toolong_subdir) - 1)); ++ ++ long path_max = pathconf (base, _PC_PATH_MAX); ++ path_max = (path_max < 0 ? 1024 ++ : path_max <= PTRDIFF_MAX ? path_max : PTRDIFF_MAX); ++ ++ /* Sanity check to ensure that the test does not create temporary directories ++ in different filesystems because this API doesn't support it. */ ++ if (toolong_initialized) ++ { ++ if (name_max != strlen (toolong_subdir)) ++ FAIL_UNSUPPORTED ("name_max: Temporary directories in different" ++ " filesystems not supported yet\n"); ++ if (path_max != toolong_path_max) ++ FAIL_UNSUPPORTED ("path_max: Temporary directories in different" ++ " filesystems not supported yet\n"); ++ return; ++ } ++ ++ toolong_path_max = path_max; ++ ++ size_t len = name_max; ++ memset (toolong_subdir, 'X', len); ++ toolong_initialized = true; ++} ++ ++char * ++support_create_and_chdir_toolong_temp_directory (const char *basename) ++{ ++ char *base = create_temp_directory_internal (basename, true); ++ xchdir (base); ++ ++ initialize_toolong (base); ++ ++ size_t sz = strlen (toolong_subdir); ++ ++ /* Create directories and descend into them so that the final path is larger ++ than PATH_MAX. */ ++ for (size_t i = 0; i <= toolong_path_max / sz; i++) ++ { ++ int ret = mkdir (toolong_subdir, S_IRWXU); ++ if (ret != 0 && errno == ENAMETOOLONG) ++ FAIL_UNSUPPORTED ("Filesystem does not support creating too long " ++ "directory trees\n"); ++ else if (ret != 0) ++ FAIL_EXIT1 ("Failed to create directory tree: %m\n"); ++ xchdir (toolong_subdir); ++ } ++ return base; ++} + + void +-support_set_test_dir (const char *path) ++support_chdir_toolong_temp_directory (const char *base) + { +- test_dir = path; ++ ensure_toolong_initialized (); ++ ++ xchdir (base); ++ ++ size_t sz = strlen (toolong_subdir); ++ for (size_t i = 0; i <= toolong_path_max / sz; i++) ++ xchdir (toolong_subdir); ++} ++ ++/* Helper functions called by the test skeleton follow. */ ++ ++static void ++remove_toolong_subdirs (const char *base) ++{ ++ ensure_toolong_initialized (); ++ ++ if (chdir (base) != 0) ++ { ++ printf ("warning: toolong cleanup base failed: chdir (\"%s\"): %m\n", ++ base); ++ return; ++ } ++ ++ /* Descend. */ ++ int levels = 0; ++ size_t sz = strlen (toolong_subdir); ++ for (levels = 0; levels <= toolong_path_max / sz; levels++) ++ if (chdir (toolong_subdir) != 0) ++ { ++ printf ("warning: toolong cleanup failed: chdir (\"%s\"): %m\n", ++ toolong_subdir); ++ break; ++ } ++ ++ /* Ascend and remove. */ ++ while (--levels >= 0) ++ { ++ if (chdir ("..") != 0) ++ { ++ printf ("warning: toolong cleanup failed: chdir (\"..\"): %m\n"); ++ return; ++ } ++ if (remove (toolong_subdir) != 0) ++ { ++ printf ("warning: could not remove subdirectory: %s: %m\n", ++ toolong_subdir); ++ return; ++ } ++ } + } + + void +@@ -123,6 +255,9 @@ support_delete_temp_files (void) + around, to prevent PID reuse.) */ + if (temp_name_list->owner == pid) + { ++ if (temp_name_list->toolong) ++ remove_toolong_subdirs (temp_name_list->name); ++ + if (remove (temp_name_list->name) != 0) + printf ("warning: could not remove temporary file: %s: %m\n", + temp_name_list->name); +@@ -147,3 +282,9 @@ support_print_temp_files (FILE *f) + fprintf (f, ")\n"); + } + } ++ ++void ++support_set_test_dir (const char *path) ++{ ++ test_dir = path; ++} +diff --git a/support/temp_file.h b/support/temp_file.h +index 50a443abe4..8459ddda72 100644 +--- a/support/temp_file.h ++++ b/support/temp_file.h +@@ -44,6 +44,15 @@ int create_temp_file_in_dir (const char + returns. The caller should free this string. */ + char *support_create_temp_directory (const char *base); + ++/* Create a temporary directory tree that is longer than PATH_MAX and schedule ++ it for deletion. BASENAME is used as a prefix for the unique directory ++ name, which the function returns. The caller should free this string. */ ++char *support_create_and_chdir_toolong_temp_directory (const char *basename); ++ ++/* Change into the innermost directory of the directory tree BASE, which was ++ created using support_create_and_chdir_toolong_temp_directory. */ ++void support_chdir_toolong_temp_directory (const char *base); ++ + __END_DECLS + + #endif /* SUPPORT_TEMP_FILE_H */ diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch new file mode 100644 index 0000000000..0a4c34452d --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch @@ -0,0 +1,138 @@ +From f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Thu, 13 Jan 2022 11:28:36 +0530 +Subject: [PATCH] realpath: Set errno to ENAMETOOLONG for result larger than + PATH_MAX [BZ #28770] + +realpath returns an allocated string when the result exceeds PATH_MAX, +which is unexpected when its second argument is not NULL. This results +in the second argument (resolved) being uninitialized and also results +in a memory leak since the caller expects resolved to be the same as the +returned value. + +Return NULL and set errno to ENAMETOOLONG if the result exceeds +PATH_MAX. This fixes [BZ #28770], which is CVE-2021-3998. + +Reviewed-by: Adhemerval Zanella +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit ee8d5e33adb284601c00c94687bc907e10aec9bb) + +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5] +CVE: CVE-2021-3998 + +Signed-off-by: Pgowda +--- + NEWS | 4 +++ + stdlib/Makefile | 1 + + stdlib/canonicalize.c | 12 +++++++-- + stdlib/tst-realpath-toolong.c | 49 +++++++++++++++++++++++++++++++++++ + 4 files changed, 64 insertions(+), 2 deletions(-) + create mode 100644 stdlib/tst-realpath-toolong.c + +diff --git a/NEWS b/NEWS +index 7e773bd005..b4f81c2668 100644 +--- a/NEWS ++++ b/NEWS +@@ -210,6 +210,10 @@ Security related changes: + legacy function could result in a stack-based buffer overflow when + using the "unix" protocol. Reported by Martin Sebor. + ++ CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath ++ function could result in a memory leak and potential access of ++ uninitialized memory. Reported by Qualys. ++ + The following bugs are resolved with this release: + + [4737] libc: fork is not async-signal-safe +diff --git a/stdlib/canonicalize.c b/stdlib/canonicalize.c +index 698f9ede25..7a23a51b3a 100644 +--- a/stdlib/canonicalize.c ++++ b/stdlib/canonicalize.c +@@ -400,8 +400,16 @@ realpath_stk (const char *name, char *re + + error: + *dest++ = '\0'; +- if (resolved != NULL && dest - rname <= get_path_max ()) +- rname = strcpy (resolved, rname); ++ if (resolved != NULL) ++ { ++ if (dest - rname <= get_path_max ()) ++ rname = strcpy (resolved, rname); ++ else ++ { ++ failed = true; ++ __set_errno (ENAMETOOLONG); ++ } ++ } + + error_nomem: + scratch_buffer_free (&extra_buffer); +diff --git a/stdlib/Makefile b/stdlib/Makefile +index 9bb5c221e8..a4ac30d1f6 100644 +--- a/stdlib/Makefile ++++ b/stdlib/Makefile +@@ -88,7 +88,8 @@ tests := tst-strtol tst-strtod testmb t + tst-swapcontext1 tst-setcontext4 tst-setcontext5 \ + tst-setcontext6 tst-setcontext7 tst-setcontext8 \ + tst-setcontext9 tst-bz20544 tst-canon-bz26341 \ +- tst-realpath ++ tst-realpath \ ++ tst-realpath-toolong + + tests-internal := tst-strtod1i tst-strtod3 tst-strtod4 tst-strtod5i \ + tst-tls-atexit tst-tls-atexit-nodelete +diff --git a/stdlib/tst-realpath-toolong.c b/stdlib/tst-realpath-toolong.c +new file mode 100644 +index 0000000000..8bed772460 +--- /dev/null ++++ b/stdlib/tst-realpath-toolong.c +@@ -0,0 +1,49 @@ ++/* Verify that realpath returns NULL with ENAMETOOLONG if the result exceeds ++ NAME_MAX. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#define BASENAME "tst-realpath-toolong." ++ ++int ++do_test (void) ++{ ++ char *base = support_create_and_chdir_toolong_temp_directory (BASENAME); ++ ++ char buf[PATH_MAX + 1]; ++ const char *res = realpath (".", buf); ++ ++ /* canonicalize.c states that if the real path is >= PATH_MAX, then ++ realpath returns NULL and sets ENAMETOOLONG. */ ++ TEST_VERIFY (res == NULL); ++ TEST_VERIFY (errno == ENAMETOOLONG); ++ ++ free (base); ++ return 0; ++} ++ ++#include diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb index 92787097aa..3504cf45a9 100644 --- a/meta/recipes-core/glibc/glibc_2.34.bb +++ b/meta/recipes-core/glibc/glibc_2.34.bb @@ -63,6 +63,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0002-CVE-2022-23218.patch \ file://0001-CVE-2022-23219.patch \ file://0002-CVE-2022-23219.patch \ + file://0001-CVE-2021-3998.patch \ + file://0002-CVE-2021-3998.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" From patchwork Fri Feb 4 14:12:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3297 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2CD3BC433EF for ; Fri, 4 Feb 2022 14:13:02 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:01 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=bk53sdfj; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983981; x=1675519981; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=HHalPp0TOwoq7SiNvjKdUyzC7Jt2Hff1HK+ZV+Be2Xc=; b=bk53sdfjrMGMg/4OGKUOPwkvfRwuyB6bAyzuew87CBgiCYAf4eU1aT6h AcIJHtb1iGFnKsnITkgw9iFX6KektCyiRcsibZdH1QAgU4JM+U8MaOi/f eWbhEAFf6rlvyfua2i25SjRDsXfESRmLMdSiajawzzRoowb6U/UWXaHXG v5W47yLEvuKtU0R3H8D0EVAvx1vAd8ogozvTvfx6LtAGIMJcRvKfmqTxT pjaQQnvV/KONvR3ek6uOxXAPmCQh9HGhETIQ3mS5o6eQeEFSzHIrSLSVs oagcmvA/g8wCxzpHcAEkhipOPBmB9pHNsxUYVQRTQDvFAAhAu5Zc5qS9W Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321607" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321607" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:01 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750046" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:12:59 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 06/17] glibc : Fix CVE-2021-3999 Date: Fri, 4 Feb 2022 22:12:32 +0800 Message-Id: <62de1f71d54a3474c687db95b6a36119f53feda8.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:02 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161353 From: Pgowda Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=8c8a71c85f2ed5cc90d08d82ce645513fc907cb6] Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=472e799a5f2102bc0c3206dbd5a801765fceb39c] Signed-off-by: pgowda Signed-off-by: Richard Purdie (cherry picked from commit e9532134b86211801206ff540c4c284f43006f7b) Signed-off-by: Anuj Mittal --- .../glibc/glibc/0001-CVE-2021-3999.patch | 36 ++ .../glibc/glibc/0002-CVE-2021-3999.patch | 357 ++++++++++++++++++ meta/recipes-core/glibc/glibc_2.34.bb | 2 + 3 files changed, 395 insertions(+) create mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch create mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch new file mode 100644 index 0000000000..64749390b5 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch @@ -0,0 +1,36 @@ +From 8c8a71c85f2ed5cc90d08d82ce645513fc907cb6 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Mon, 24 Jan 2022 10:57:09 +0530 +Subject: [PATCH] tst-realpath-toolong: Fix hurd build + +Define PATH_MAX to a constant if it isn't already defined, like in hurd. + +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit 976db046bc3a3738f69255ae00b0a09b8e77fd9c) + +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=8c8a71c85f2ed5cc90d08d82ce645513fc907cb6] +CVE: CVE-2021-3999 + +Signed-off-by: Pgowda +--- + stdlib/tst-realpath-toolong.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/stdlib/tst-realpath-toolong.c b/stdlib/tst-realpath-toolong.c +index 8bed772460..4388890294 100644 +--- a/stdlib/tst-realpath-toolong.c ++++ b/stdlib/tst-realpath-toolong.c +@@ -29,6 +29,10 @@ + + #define BASENAME "tst-realpath-toolong." + ++#ifndef PATH_MAX ++# define PATH_MAX 1024 ++#endif ++ + int + do_test (void) + { +-- +2.27.0 + diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch new file mode 100644 index 0000000000..ef3a504fdf --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch @@ -0,0 +1,357 @@ +From 472e799a5f2102bc0c3206dbd5a801765fceb39c Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Fri, 21 Jan 2022 23:32:56 +0530 +Subject: [PATCH] getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999) + +No valid path returned by getcwd would fit into 1 byte, so reject the +size early and return NULL with errno set to ERANGE. This change is +prompted by CVE-2021-3999, which describes a single byte buffer +underflow and overflow when all of the following conditions are met: + +- The buffer size (i.e. the second argument of getcwd) is 1 byte +- The current working directory is too long +- '/' is also mounted on the current working directory + +Sequence of events: + +- In sysdeps/unix/sysv/linux/getcwd.c, the syscall returns ENAMETOOLONG + because the linux kernel checks for name length before it checks + buffer size + +- The code falls back to the generic getcwd in sysdeps/posix + +- In the generic func, the buf[0] is set to '\0' on line 250 + +- this while loop on line 262 is bypassed: + + while (!(thisdev == rootdev && thisino == rootino)) + + since the rootfs (/) is bind mounted onto the directory and the flow + goes on to line 449, where it puts a '/' in the byte before the + buffer. + +- Finally on line 458, it moves 2 bytes (the underflowed byte and the + '\0') to the buf[0] and buf[1], resulting in a 1 byte buffer overflow. + +- buf is returned on line 469 and errno is not set. + +This resolves BZ #28769. + +Reviewed-by: Andreas Schwab +Reviewed-by: Adhemerval Zanella +Signed-off-by: Qualys Security Advisory +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit 23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e) + +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=472e799a5f2102bc0c3206dbd5a801765fceb39c] +CVE: CVE-2021-3999 + +Signed-off-by: Pgowda +--- + NEWS | 6 + + sysdeps/posix/getcwd.c | 7 + + sysdeps/unix/sysv/linux/Makefile | 7 +- + .../unix/sysv/linux/tst-getcwd-smallbuff.c | 241 ++++++++++++++++++ + 4 files changed, 260 insertions(+), 1 deletion(-) + create mode 100644 sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c + +diff --git a/NEWS b/NEWS +index b4f81c2668..8d7467d2c1 100644 +--- a/NEWS ++++ b/NEWS +@@ -214,6 +214,12 @@ Security related changes: + function could result in a memory leak and potential access of + uninitialized memory. Reported by Qualys. + ++ CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd ++ function may result in an off-by-one buffer underflow and overflow ++ when the current working directory is longer than PATH_MAX and also ++ corresponds to the / directory through an unprivileged mount ++ namespace. Reported by Qualys. ++ + The following bugs are resolved with this release: + + [4737] libc: fork is not async-signal-safe +diff --git a/sysdeps/posix/getcwd.c b/sysdeps/posix/getcwd.c +index 13680026ff..b6984a382c 100644 +--- a/sysdeps/posix/getcwd.c ++++ b/sysdeps/posix/getcwd.c +@@ -187,6 +187,13 @@ __getcwd_generic (char *buf, size_t size + size_t allocated = size; + size_t used; + ++ /* A size of 1 byte is never useful. */ ++ if (allocated == 1) ++ { ++ __set_errno (ERANGE); ++ return NULL; ++ } ++ + #if HAVE_MINIMALLY_WORKING_GETCWD + /* If AT_FDCWD is not defined, the algorithm below is O(N**2) and + this is much slower than the system getcwd (at least on +diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile +index 76ad06361c..9380d3848d 100644 +--- a/sysdeps/unix/sysv/linux/Makefile ++++ b/sysdeps/unix/sysv/linux/Makefile +@@ -331,7 +331,12 @@ sysdep_routines += xstatconv internal_st + + sysdep_headers += bits/fcntl-linux.h + +-tests += tst-fallocate tst-fallocate64 tst-o_path-locks ++tests += \ ++ tst-fallocate \ ++ tst-fallocate64 \ ++ tst-getcwd-smallbuff \ ++ tst-o_path-locks \ ++# tests + endif + + ifeq ($(subdir),elf) +diff --git a/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c +new file mode 100644 +index 0000000000..d460d6e766 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c +@@ -0,0 +1,241 @@ ++/* Verify that getcwd returns ERANGE for size 1 byte and does not underflow ++ buffer when the CWD is too long and is also a mount target of /. See bug ++ #28769 or CVE-2021-3999 for more context. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static char *base; ++#define BASENAME "tst-getcwd-smallbuff" ++#define MOUNT_NAME "mpoint" ++static int sockfd[2]; ++ ++static void ++do_cleanup (void) ++{ ++ support_chdir_toolong_temp_directory (base); ++ TEST_VERIFY_EXIT (rmdir (MOUNT_NAME) == 0); ++ free (base); ++} ++ ++static void ++send_fd (const int sock, const int fd) ++{ ++ struct msghdr msg = {0}; ++ union ++ { ++ struct cmsghdr hdr; ++ char buf[CMSG_SPACE (sizeof (int))]; ++ } cmsgbuf = {0}; ++ struct cmsghdr *cmsg; ++ struct iovec vec; ++ char ch = 'A'; ++ ssize_t n; ++ ++ msg.msg_control = &cmsgbuf.buf; ++ msg.msg_controllen = sizeof (cmsgbuf.buf); ++ ++ cmsg = CMSG_FIRSTHDR (&msg); ++ cmsg->cmsg_len = CMSG_LEN (sizeof (int)); ++ cmsg->cmsg_level = SOL_SOCKET; ++ cmsg->cmsg_type = SCM_RIGHTS; ++ memcpy (CMSG_DATA (cmsg), &fd, sizeof (fd)); ++ ++ vec.iov_base = &ch; ++ vec.iov_len = 1; ++ msg.msg_iov = &vec; ++ msg.msg_iovlen = 1; ++ ++ while ((n = sendmsg (sock, &msg, 0)) == -1 && errno == EINTR); ++ ++ TEST_VERIFY_EXIT (n == 1); ++} ++ ++static int ++recv_fd (const int sock) ++{ ++ struct msghdr msg = {0}; ++ union ++ { ++ struct cmsghdr hdr; ++ char buf[CMSG_SPACE(sizeof(int))]; ++ } cmsgbuf = {0}; ++ struct cmsghdr *cmsg; ++ struct iovec vec; ++ ssize_t n; ++ char ch = '\0'; ++ int fd = -1; ++ ++ vec.iov_base = &ch; ++ vec.iov_len = 1; ++ msg.msg_iov = &vec; ++ msg.msg_iovlen = 1; ++ ++ msg.msg_control = &cmsgbuf.buf; ++ msg.msg_controllen = sizeof (cmsgbuf.buf); ++ ++ while ((n = recvmsg (sock, &msg, 0)) == -1 && errno == EINTR); ++ if (n != 1 || ch != 'A') ++ return -1; ++ ++ cmsg = CMSG_FIRSTHDR (&msg); ++ if (cmsg == NULL) ++ return -1; ++ if (cmsg->cmsg_type != SCM_RIGHTS) ++ return -1; ++ memcpy (&fd, CMSG_DATA (cmsg), sizeof (fd)); ++ if (fd < 0) ++ return -1; ++ return fd; ++} ++ ++static int ++child_func (void * const arg) ++{ ++ xclose (sockfd[0]); ++ const int sock = sockfd[1]; ++ char ch; ++ ++ TEST_VERIFY_EXIT (read (sock, &ch, 1) == 1); ++ TEST_VERIFY_EXIT (ch == '1'); ++ ++ if (mount ("/", MOUNT_NAME, NULL, MS_BIND | MS_REC, NULL)) ++ FAIL_EXIT1 ("mount failed: %m\n"); ++ const int fd = xopen ("mpoint", ++ O_RDONLY | O_PATH | O_DIRECTORY | O_NOFOLLOW, 0); ++ ++ send_fd (sock, fd); ++ xclose (fd); ++ ++ TEST_VERIFY_EXIT (read (sock, &ch, 1) == 1); ++ TEST_VERIFY_EXIT (ch == 'a'); ++ ++ xclose (sock); ++ return 0; ++} ++ ++static void ++update_map (char * const mapping, const char * const map_file) ++{ ++ const size_t map_len = strlen (mapping); ++ ++ const int fd = xopen (map_file, O_WRONLY, 0); ++ xwrite (fd, mapping, map_len); ++ xclose (fd); ++} ++ ++static void ++proc_setgroups_write (const long child_pid, const char * const str) ++{ ++ const size_t str_len = strlen(str); ++ ++ char setgroups_path[sizeof ("/proc//setgroups") + INT_STRLEN_BOUND (long)]; ++ ++ snprintf (setgroups_path, sizeof (setgroups_path), ++ "/proc/%ld/setgroups", child_pid); ++ ++ const int fd = open (setgroups_path, O_WRONLY); ++ ++ if (fd < 0) ++ { ++ TEST_VERIFY_EXIT (errno == ENOENT); ++ FAIL_UNSUPPORTED ("/proc/%ld/setgroups not found\n", child_pid); ++ } ++ ++ xwrite (fd, str, str_len); ++ xclose(fd); ++} ++ ++static char child_stack[1024 * 1024]; ++ ++int ++do_test (void) ++{ ++ base = support_create_and_chdir_toolong_temp_directory (BASENAME); ++ ++ xmkdir (MOUNT_NAME, S_IRWXU); ++ atexit (do_cleanup); ++ ++ TEST_VERIFY_EXIT (socketpair (AF_UNIX, SOCK_STREAM, 0, sockfd) == 0); ++ pid_t child_pid = xclone (child_func, NULL, child_stack, ++ sizeof (child_stack), ++ CLONE_NEWUSER | CLONE_NEWNS | SIGCHLD); ++ ++ xclose (sockfd[1]); ++ const int sock = sockfd[0]; ++ ++ char map_path[sizeof ("/proc//uid_map") + INT_STRLEN_BOUND (long)]; ++ char map_buf[sizeof ("0 1") + INT_STRLEN_BOUND (long)]; ++ ++ snprintf (map_path, sizeof (map_path), "/proc/%ld/uid_map", ++ (long) child_pid); ++ snprintf (map_buf, sizeof (map_buf), "0 %ld 1", (long) getuid()); ++ update_map (map_buf, map_path); ++ ++ proc_setgroups_write ((long) child_pid, "deny"); ++ snprintf (map_path, sizeof (map_path), "/proc/%ld/gid_map", ++ (long) child_pid); ++ snprintf (map_buf, sizeof (map_buf), "0 %ld 1", (long) getgid()); ++ update_map (map_buf, map_path); ++ ++ TEST_VERIFY_EXIT (send (sock, "1", 1, MSG_NOSIGNAL) == 1); ++ const int fd = recv_fd (sock); ++ TEST_VERIFY_EXIT (fd >= 0); ++ TEST_VERIFY_EXIT (fchdir (fd) == 0); ++ ++ static char buf[2 * 10 + 1]; ++ memset (buf, 'A', sizeof (buf)); ++ ++ /* Finally, call getcwd and check if it resulted in a buffer underflow. */ ++ char * cwd = getcwd (buf + sizeof (buf) / 2, 1); ++ TEST_VERIFY (cwd == NULL); ++ TEST_VERIFY (errno == ERANGE); ++ ++ for (int i = 0; i < sizeof (buf); i++) ++ if (buf[i] != 'A') ++ { ++ printf ("buf[%d] = %02x\n", i, (unsigned int) buf[i]); ++ support_record_failure (); ++ } ++ ++ TEST_VERIFY_EXIT (send (sock, "a", 1, MSG_NOSIGNAL) == 1); ++ xclose (sock); ++ TEST_VERIFY_EXIT (xwaitpid (child_pid, NULL, 0) == child_pid); ++ ++ return 0; ++} ++ ++#define CLEANUP_HANDLER do_cleanup ++#include diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb index 3504cf45a9..6ceb677731 100644 --- a/meta/recipes-core/glibc/glibc_2.34.bb +++ b/meta/recipes-core/glibc/glibc_2.34.bb @@ -65,6 +65,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0002-CVE-2022-23219.patch \ file://0001-CVE-2021-3998.patch \ file://0002-CVE-2021-3998.patch \ + file://0001-CVE-2021-3999.patch \ + file://0002-CVE-2021-3999.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" From patchwork Fri Feb 4 14:12:33 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3298 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 273E7C433F5 for ; Fri, 4 Feb 2022 14:13:03 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:02 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=i4ABhb0b; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983982; x=1675519982; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=BSYI98KiQMyMW7XS2DsiQyEjaKwfV8m17DD6/MVP9Kc=; b=i4ABhb0boUHQNN4teBjRrpcRAXkUrSTqiszd9NMd1lmGlNOJZivNNPeS dvkzXDrL3L/hTiD6vDATh6iQ5U4iK7Tq8WcLIx4VXd8nh25cU+XPbz8cu QlYmZ3pD6RIp6ZnYyz9DR/3Y9bfqkVbdCyBHKqNDFtUn9qP20lPflx5o8 ohvomrl395kKrGmyuYnyzf0g7z0rX9LO6b47JDZu6J6inZyvN8G9xiGsw rWfEAanpCUOCOavIdjLDhuH39HwQJ4R2NsBCE2oOdMK9646qv2Xddac29 rY98tLJtm0LxytYzEtn97i8aJc0ScoYwuye9i0tdjvo6RkHckem9l9Yrz w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321610" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321610" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:02 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750063" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:01 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 07/17] icu: fix make_icudata dependencies Date: Fri, 4 Feb 2022 22:12:33 +0800 Message-Id: <18a43fe970b691250fbf48f39ed5f4f7ad121b75.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:03 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161354 From: Kory Maincent The make_icudata task is set before the configure task then the dependencies for this task are not populate yet. Fixed it by adding do_prepare_recipe_sysroot task dependency to the make_icudata task. Signed-off-by: Kory Maincent Signed-off-by: Richard Purdie (cherry picked from commit c134f62062a6359d2d5831ba4cb9694035e4f25a) Signed-off-by: Anuj Mittal --- meta/recipes-support/icu/icu_69.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-support/icu/icu_69.1.bb b/meta/recipes-support/icu/icu_69.1.bb index 4daf0fe82e..848ae9ab19 100644 --- a/meta/recipes-support/icu/icu_69.1.bb +++ b/meta/recipes-support/icu/icu_69.1.bb @@ -147,4 +147,4 @@ do_make_icudata() { : } -addtask make_icudata before do_configure after do_patch +addtask make_icudata before do_configure after do_patch do_prepare_recipe_sysroot From patchwork Fri Feb 4 14:12:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3299 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B673C433F5 for ; Fri, 4 Feb 2022 14:13:06 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:05 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=eVLCdzaU; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983984; x=1675519984; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=fRFlZvoY7pvei3uldJly9J51Mz5xVvPHJO0UNDN/rDU=; b=eVLCdzaUjSPxlW7Qj+G83C1hG79d5rtn2IfCAKIb8r0Mako/O5BVhdeA 7UmxUTLaYPD6bGA28syEjsNoUa3ybqLYSDNRi+gmUPVoYATOufJryqqeh U4XrX4ZcxMjPYdmYnLfbFGpdGCV59b3Z6njEwt2nnqyTQj7LcWXdgZB8O 9im1FTk/B/66RzQ9+Aj5Cqe7vEcAiPUNHzenznyqdAz4nMTBZFfO0ihvd Nv4tYaalNrVh2JXLX7qQSjopkiuZmO2aNhgo6z39RdIGtGufiL7ddNVxn 2ga1X0GGJzlpkGSMnf4Ax9bET9SzK6J+UtxTKJxcito0b3Fv5lCX3ThNR Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321617" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321617" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:04 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750075" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:02 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 08/17] tiff: backport fix for CVE-2022-22844 Date: Fri, 4 Feb 2022 22:12:34 +0800 Message-Id: <2948fdb7df4eb5824a06c1d73c6c70b3bcbb9448.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161355 From: Ross Burton Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit daf2880b7431aa641e02ebba8cbca40d81389088) Signed-off-by: Anuj Mittal --- ...al-buffer-overflow-for-ASCII-tags-wh.patch | 43 +++++++++++++++++++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 3 +- 2 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-multimedia/libtiff/files/0001-tiffset-fix-global-buffer-overflow-for-ASCII-tags-wh.patch diff --git a/meta/recipes-multimedia/libtiff/files/0001-tiffset-fix-global-buffer-overflow-for-ASCII-tags-wh.patch b/meta/recipes-multimedia/libtiff/files/0001-tiffset-fix-global-buffer-overflow-for-ASCII-tags-wh.patch new file mode 100644 index 0000000000..72776f09ba --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/0001-tiffset-fix-global-buffer-overflow-for-ASCII-tags-wh.patch @@ -0,0 +1,43 @@ +CVE: CVE-2022-22844 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From b12a0326e6064b6e0b051d1184a219877472f69b Mon Sep 17 00:00:00 2001 +From: 4ugustus +Date: Tue, 25 Jan 2022 16:25:28 +0000 +Subject: [PATCH] tiffset: fix global-buffer-overflow for ASCII tags where + count is required (fixes #355) + +--- + tools/tiffset.c | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/tools/tiffset.c b/tools/tiffset.c +index 8c9e23c5..e7a88c09 100644 +--- a/tools/tiffset.c ++++ b/tools/tiffset.c +@@ -146,9 +146,19 @@ main(int argc, char* argv[]) + + arg_index++; + if (TIFFFieldDataType(fip) == TIFF_ASCII) { +- if (TIFFSetField(tiff, TIFFFieldTag(fip), argv[arg_index]) != 1) +- fprintf( stderr, "Failed to set %s=%s\n", +- TIFFFieldName(fip), argv[arg_index] ); ++ if(TIFFFieldPassCount( fip )) { ++ size_t len; ++ len = strlen(argv[arg_index]) + 1; ++ if (len > UINT16_MAX || TIFFSetField(tiff, TIFFFieldTag(fip), ++ (uint16_t)len, argv[arg_index]) != 1) ++ fprintf( stderr, "Failed to set %s=%s\n", ++ TIFFFieldName(fip), argv[arg_index] ); ++ } else { ++ if (TIFFSetField(tiff, TIFFFieldTag(fip), ++ argv[arg_index]) != 1) ++ fprintf( stderr, "Failed to set %s=%s\n", ++ TIFFFieldName(fip), argv[arg_index] ); ++ } + } else if (TIFFFieldWriteCount(fip) > 0 + || TIFFFieldWriteCount(fip) == TIFF_VARIABLE) { + int ret = 1; +-- +2.25.1 diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 6852758c6a..ef8e8460fb 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -9,7 +9,8 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf" CVE_PRODUCT = "libtiff" SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ - " + file://0001-tiffset-fix-global-buffer-overflow-for-ASCII-tags-wh.patch" + SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" # exclude betas From patchwork Fri Feb 4 14:12:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3300 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C09DC433EF for ; Fri, 4 Feb 2022 14:13:06 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:05 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=YM7q8iYW; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983985; x=1675519985; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=JWEzqhTz596lwN3g1+XNipfki8CNCnOzLi5llgkucJg=; b=YM7q8iYWlmYdoYAKPgSabVMSxJCiiXZgfNRm01I1GHGpqng+VEAV04eF jnlEL3HLxQ+tZ3+BdFpvAulyGv2daoM2tE4YbMfHZ6pMwkrvz2d16GxIg Jy9tAGAVk0Zb/qsb8mDLpet1Tcar6ZI+AimL/zTWwR1dyUaPqLaAzG0v9 xgTdgDK/H/adR9o1IJ8XdI5Dm5C4QoaP7T7dJzNs9tvZYbjPk6r5PvJRa 4GyLapjwyrFFvBaIl7Taz2OzIEX42C689Nx5D5GyNHFiy5Ntcz/2mmTwg vxAdHzPDaYv/8RLa3y8h7EC87bNrDLArWEBt+n19WLS3ajubJkgwG1nat A==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321624" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321624" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:05 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750082" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:04 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 09/17] linux-yocto/5.10: update to v5.10.92 Date: Fri, 4 Feb 2022 22:12:35 +0800 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161356 From: Bruce Ashfield Updating linux-yocto/5.10 to the latest korg -stable release that comprises the following commits: c982c1a83932 Linux 5.10.92 c0091233f3d8 staging: greybus: fix stack size warning with UBSAN 66d21c005d9b drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() 2d4fda471dc3 staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() 3609fed7ac8b media: Revert "media: uvcvideo: Set unique vdev name based in type" 9b3c761e78d5 random: fix crash on multiple early calls to add_bootloader_randomness() 61cca7d191c7 random: fix data race on crng init time 3de9478230c3 random: fix data race on crng_node_pool 43c494294f30 can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} 45221a57b609 can: isotp: convert struct tpcon::{idx,len} to unsigned int bd61ae808b15 can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data f68e60001735 mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() 5f76445a31b7 veth: Do not record rx queue hint in veth_xmit ddfa53825f3d mmc: sdhci-pci: Add PCI ID for Intel ADL 2e691f9894cc ath11k: Fix buffer overflow when scanning with extraie a87cecf94375 USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status 15982330b61d USB: core: Fix bug in resuming hub's handling of wakeup requests 413108ce3b56 ARM: dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100 b6dd07023699 Bluetooth: bfusb: fix division by zero in send path 869e1677a058 Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0 c20021ce945f Bluetooth: btusb: Add support for Foxconn MT7922A 83493918380f Bluetooth: btusb: Add two more Bluetooth parts for WCN6855 294c0dd80d8a Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() 35ab8c9085b0 bpf: Fix out of bounds access from invalid *_or_null type verification c84fbba8a945 workqueue: Fix unbind_workers() VS wq_worker_running() race c39d68ab3836 md: revert io stats accounting Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit 35dfcd31518e66fc4dc1f2283bd3320f994c868b) Signed-off-by: Anuj Mittal --- .../linux/linux-yocto-rt_5.10.bb | 6 ++--- .../linux/linux-yocto-tiny_5.10.bb | 8 +++---- meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index 420d67031e..695356c482 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "85c14e209f1ab7cee673735c4561e656b4e65217" -SRCREV_meta ?= "de35f8006d0f932924752ddda94dd24e2da67fbc" +SRCREV_machine ?= "73ddd15bb13083c63f183814223b1f064f707964" +SRCREV_meta ?= "940dd7a24ebe6ad709d6912a24660dadf34ece83" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.91" +LINUX_VERSION ?= "5.10.92" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index dabcb97a79..e4b389367b 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.91" +LINUX_VERSION ?= "5.10.92" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine:qemuarm ?= "2227ab16358ca3193f03d0cd8509092076aeffbb" -SRCREV_machine ?= "b3fdab7a9f3c11a61565cead0445883a61081583" -SRCREV_meta ?= "de35f8006d0f932924752ddda94dd24e2da67fbc" +SRCREV_machine:qemuarm ?= "05c74d1b7b9b5ce5b386e2dbb787f1b00bbfdcb8" +SRCREV_machine ?= "3c4b46871c0220942e07fc2c73ba94ac04b0d9ca" +SRCREV_meta ?= "940dd7a24ebe6ad709d6912a24660dadf34ece83" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb index 9c43738135..412a872e62 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,17 +13,17 @@ KBRANCH:qemux86 ?= "v5.10/standard/base" KBRANCH:qemux86-64 ?= "v5.10/standard/base" KBRANCH:qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "fb570663823bd492e4c8d4339be825bda4210dc6" -SRCREV_machine:qemuarm64 ?= "5a52b700c1693a95b8efa54cb65bec7807a75cd2" -SRCREV_machine:qemumips ?= "8eb8a801f5f4764c362aefd5e97e704755cf740b" -SRCREV_machine:qemuppc ?= "21b014e385a6b54a2fd7d667a1b556c69cda77de" -SRCREV_machine:qemuriscv64 ?= "77c8d144b066f69e009ce2ee540a593b11eb736a" -SRCREV_machine:qemuriscv32 ?= "77c8d144b066f69e009ce2ee540a593b11eb736a" -SRCREV_machine:qemux86 ?= "77c8d144b066f69e009ce2ee540a593b11eb736a" -SRCREV_machine:qemux86-64 ?= "77c8d144b066f69e009ce2ee540a593b11eb736a" -SRCREV_machine:qemumips64 ?= "5468343e50389dba73b5d441289d5094bd0dc9f0" -SRCREV_machine ?= "77c8d144b066f69e009ce2ee540a593b11eb736a" -SRCREV_meta ?= "de35f8006d0f932924752ddda94dd24e2da67fbc" +SRCREV_machine:qemuarm ?= "1e8e1a5927984c545448b4b15974addf670b0f5d" +SRCREV_machine:qemuarm64 ?= "c42d48cae11e605f70cfc6f64dbc23711bfbf8cf" +SRCREV_machine:qemumips ?= "0366c14c30f0ca1f9d4a793632ba9cdc86e7225e" +SRCREV_machine:qemuppc ?= "4570b1179fe4eda809fa2b89a06e6acf95e35fc8" +SRCREV_machine:qemuriscv64 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" +SRCREV_machine:qemuriscv32 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" +SRCREV_machine:qemux86 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" +SRCREV_machine:qemux86-64 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" +SRCREV_machine:qemumips64 ?= "f2a78b852f4afb30a5e453a8b1eac3e785cbfc39" +SRCREV_machine ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" +SRCREV_meta ?= "940dd7a24ebe6ad709d6912a24660dadf34ece83" # remap qemuarm to qemuarma15 for the 5.8 kernel # KMACHINE:qemuarm ?= "qemuarma15" @@ -32,7 +32,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.91" +LINUX_VERSION ?= "5.10.92" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Fri Feb 4 14:12:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3301 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2D6A7C433F5 for ; Fri, 4 Feb 2022 14:13:08 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:07 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=j48y/c49; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983987; x=1675519987; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=SNidPtK2cvCbUK/bNRo29+xGQBwFxEgUZrmLta7yFlw=; b=j48y/c49ZHs4XHNIJLQ2w81qmbgUy97Ai6mSi0y7EUhoWzyzSDlpbfv4 4TK4YGCx+E6I6e146PXEjX8ikugMeLBZbR8V5GzbHtORUX7qat+IfD6yG Gb81lKSbwo7ihjibd6vBWT2feT+GoOau6UPyqvmphFR9pN9T2zbolRCf/ maAyzYfI3paMRX/vdZRTRZpUALAoEuausc2y+yu6iKRly8qrIT7Cbe8YG 1or9tPzetX/Oq1rkCTB/a6TGsJM27+lRD+P22BYliyjB5A1xRGtcs2W4j FHWUelkKVB+TOIiRWR3Rzeeiavg6BG4gkBEgc1sNBRIFNjiDzNE4u56FE w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321631" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321631" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:06 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750090" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:05 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 10/17] linux-yocto/5.10: update to v5.10.93 Date: Fri, 4 Feb 2022 22:12:36 +0800 Message-Id: <773b15f45639fbcae2f0476c4c2b615217f3f8bd.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161357 From: Bruce Ashfield Updating linux-yocto/5.10 to the latest korg -stable release that comprises the following commits: fd187a492557 Linux 5.10.93 bed97c903621 mtd: fixup CFI on ixp4xx f50803b519c3 powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS 68c1aa82be00 ALSA: hda/realtek: Re-order quirk entries for Lenovo 4d15a17d065d ALSA: hda/realtek: Add quirk for Legion Y9000X 2020 d7b41464f1b7 ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk 87246ae94b73 ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows 9c27e513fb33 ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices 4c7fb4d519e5 KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all 6b8c3a185377 firmware: qemu_fw_cfg: fix kobject leak in probe error path 889c73305b48 firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries ff9588cf1592 firmware: qemu_fw_cfg: fix sysfs information leak 358a4b054abe rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled 93c4506f9f8b media: uvcvideo: fix division by zero at stream start 4c3f70be6f3a video: vga16fb: Only probe for EGA and VGA 16 color graphic cards 161e43ab8cc1 9p: only copy valid iattrs in 9P2000.L setattr implementation 0e6c0f3f4055 KVM: s390: Clarify SIGP orders versus STOP/RESTART 413b427f5fff KVM: x86: Register Processor Trace interrupt hook iff PT enabled in guest 723acd75a062 perf: Protect perf_guest_cbs with RCU eadde287a62e vfs: fs_context: fix up param length parsing in legacy_parse_param c5f38277163e remoteproc: qcom: pil_info: Don't memcpy_toio more than is provided 5d88e24b23af orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() 0084fefe2960 devtmpfs regression fix: reconfigure on each mount ee40594c95ae kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit 4f3dd05c163efe6da87a58ab9e1df61b83ed4444) Signed-off-by: Anuj Mittal --- .../linux/linux-yocto-rt_5.10.bb | 6 ++--- .../linux/linux-yocto-tiny_5.10.bb | 8 +++---- meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +++++++++---------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index 695356c482..a8e8e604a3 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "73ddd15bb13083c63f183814223b1f064f707964" -SRCREV_meta ?= "940dd7a24ebe6ad709d6912a24660dadf34ece83" +SRCREV_machine ?= "ba47a407fe04203adb0ab5e164597c958cd9e334" +SRCREV_meta ?= "7df27e6d296dfa16f289883c0661eed45059360c" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.92" +LINUX_VERSION ?= "5.10.93" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index e4b389367b..32e42cbda4 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.92" +LINUX_VERSION ?= "5.10.93" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine:qemuarm ?= "05c74d1b7b9b5ce5b386e2dbb787f1b00bbfdcb8" -SRCREV_machine ?= "3c4b46871c0220942e07fc2c73ba94ac04b0d9ca" -SRCREV_meta ?= "940dd7a24ebe6ad709d6912a24660dadf34ece83" +SRCREV_machine:qemuarm ?= "ceb1f194e59c9dd3bdd83d51bb0994f3db23bf61" +SRCREV_machine ?= "878e5c1469550bb0f8778d16d4adbe7d48b0b28d" +SRCREV_meta ?= "7df27e6d296dfa16f289883c0661eed45059360c" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb index 412a872e62..3a0a43bc0b 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,17 +13,17 @@ KBRANCH:qemux86 ?= "v5.10/standard/base" KBRANCH:qemux86-64 ?= "v5.10/standard/base" KBRANCH:qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "1e8e1a5927984c545448b4b15974addf670b0f5d" -SRCREV_machine:qemuarm64 ?= "c42d48cae11e605f70cfc6f64dbc23711bfbf8cf" -SRCREV_machine:qemumips ?= "0366c14c30f0ca1f9d4a793632ba9cdc86e7225e" -SRCREV_machine:qemuppc ?= "4570b1179fe4eda809fa2b89a06e6acf95e35fc8" -SRCREV_machine:qemuriscv64 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" -SRCREV_machine:qemuriscv32 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" -SRCREV_machine:qemux86 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" -SRCREV_machine:qemux86-64 ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" -SRCREV_machine:qemumips64 ?= "f2a78b852f4afb30a5e453a8b1eac3e785cbfc39" -SRCREV_machine ?= "b0f8d81ad4c501e24f062e080f38fb8a7873b68a" -SRCREV_meta ?= "940dd7a24ebe6ad709d6912a24660dadf34ece83" +SRCREV_machine:qemuarm ?= "50c0e06718fb2b264619ce8d82608877d1e62a81" +SRCREV_machine:qemuarm64 ?= "7907c5eb81e9a51307b5269d546999ebf47d9d59" +SRCREV_machine:qemumips ?= "e9c51de36554662082afc08c6e54599b310c7951" +SRCREV_machine:qemuppc ?= "77f361ea5eb293dcfe122ecb65f33ba32fd12501" +SRCREV_machine:qemuriscv64 ?= "a1bbb29fe30c94c21309aa8b8c0d06fa12f3368d" +SRCREV_machine:qemuriscv32 ?= "a1bbb29fe30c94c21309aa8b8c0d06fa12f3368d" +SRCREV_machine:qemux86 ?= "a1bbb29fe30c94c21309aa8b8c0d06fa12f3368d" +SRCREV_machine:qemux86-64 ?= "a1bbb29fe30c94c21309aa8b8c0d06fa12f3368d" +SRCREV_machine:qemumips64 ?= "b668a352c94a8c29e585608e8302cacb1350f5ed" +SRCREV_machine ?= "a1bbb29fe30c94c21309aa8b8c0d06fa12f3368d" +SRCREV_meta ?= "7df27e6d296dfa16f289883c0661eed45059360c" # remap qemuarm to qemuarma15 for the 5.8 kernel # KMACHINE:qemuarm ?= "qemuarma15" @@ -32,7 +32,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.92" +LINUX_VERSION ?= "5.10.93" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" From patchwork Fri Feb 4 14:12:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3302 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2EC30C433FE for ; Fri, 4 Feb 2022 14:13:09 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:08 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=nDGMisxp; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983988; x=1675519988; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=kAIErnyzqhHF/UvJo8iiYQ16WDdGoWf09NjjBvMGw7c=; b=nDGMisxpHXgquss9brqEY3XiRDMvb3x/AsJ3SXrDogmGLf1m0kEQ7Yh4 clnGQV4cenqV8QPwfTHvtWlNwhRoJ64LpPd325zlKLY4kltHpcDLZRzCD 2MUKoV+4rkdtyKWFu6vv6iwUT5vPGYG8Ymn4LrcvGYk9/VfpB1LltRtH9 ebPBm8ppmn/ZamSBlmwLSh2v2DisOE43+wKYdS4kJxfpQOMr9qb+KYbgO kqz+tRyKIR2QQWmdpiO72QBJp5lohJNGyw0UlrDCzUaMwTu6Fl3Xos6Kr 4PSCprv9qd2GYOo61aB8RvcL5MxV4CmmiZRyFLHcZ5RfU87px9J1tiUbI g==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321638" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321638" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:08 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750096" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:07 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 11/17] linux-firmware: Add CLM blob to linux-firmware-bcm4373 package Date: Fri, 4 Feb 2022 22:12:37 +0800 Message-Id: <289a849f8f639cd2546153827fc265a9409f5538.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161358 From: Rudolf J Streif The Country Local Matrix (CLM) blob brcmfmac4373-sdio.clm_blob was not included with the files for the linux-firmware-bcm4373 package but instead packaged with linux-firmware. Signed-off-by: Rudolf J Streif Signed-off-by: Richard Purdie (cherry picked from commit 18ba64d4a12e7275381cf34fe72b757accbb1544) Signed-off-by: Anuj Mittal --- meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb index 65bfda1d9f..5f1b696092 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb @@ -751,6 +751,7 @@ FILES:${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pc FILES:${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \ ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \ ${nonarch_base_libdir}/firmware/cypress/cyfmac4373-sdio.bin \ + ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.clm_blob \ " LICENSE:${PN}-bcm-0bb4-0306 = "Firmware-cypress" From patchwork Fri Feb 4 14:12:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3303 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 28BE0C433F5 for ; Fri, 4 Feb 2022 14:13:11 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:10 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=gGnu0vx/; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983990; x=1675519990; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=oas/kyI2J/tbVwm/PtOefjSSv7M1hNxHyJBQe6zs4Hc=; b=gGnu0vx/+VQ13D652tjHKLkYnDA0ls13mi/dN7FD9hkdmPUJqQI1zvce 7/OwfZTSSRZ3BvxzwRJ1uOr6rpuksJFGnwXKmNSlytnLztWFLppYQWGlt K7NDrFKITL/7aNA2eQcGtjPpnAG2ILYmlgQ0DcHlPGtL6cHlLIuode2qb 0BBM6iRVDZaYhH1ALGk3+omHyu5b2uYFiJ1RqRuC/nHD+K47+IJXJ5Uqs BorUZBPrlbqcpFh+qcsu2I8SgA0meLyjmnqzFUlK4hRQglOMlw9avOsy0 4BwWCGhA5JWViRFZBIBm53mvUF3MoPskwbOuHWe3Am6oow52ickIQA6Ye w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321641" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321641" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:09 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750097" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:08 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 12/17] yocto-check-layer: add debug output for the layers that were found Date: Fri, 4 Feb 2022 22:12:38 +0800 Message-Id: <6ff05fe05a23d4355c3a33a03350dea025133689.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:11 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161359 From: Ross Burton When debugging weird yocto-check-layer output it is useful to know what the tool found when looking for layers. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 711e2d4d7baf36f8497741c14268d7f72d0db016) Signed-off-by: Anuj Mittal --- scripts/yocto-check-layer | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer index 2445ad5e43..f3cf139d8a 100755 --- a/scripts/yocto-check-layer +++ b/scripts/yocto-check-layer @@ -41,6 +41,12 @@ def test_layer(td, layer, test_software_layer_signatures): tc.loadTests(CASES_PATHS) return tc.runTests() +def dump_layer_debug(layer): + logger.debug("Found layer %s (%s)" % (layer["name"], layer["path"])) + collections = layer.get("collections", {}) + if collections: + logger.debug("%s collections: %s" % (layer["name"], ", ".join(collections))) + def main(): parser = argparse.ArgumentParser( description="Yocto Project layer checking tool", @@ -106,6 +112,13 @@ def main(): else: dep_layers = layers + logger.debug("Found additional layers:") + for l in additional_layers: + dump_layer_debug(l) + logger.debug("Found dependency layers:") + for l in dep_layers: + dump_layer_debug(l) + logger.info("Detected layers:") for layer in layers: if layer['type'] == LayerType.ERROR_BSP_DISTRO: From patchwork Fri Feb 4 14:12:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3305 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26B33C433EF for ; Fri, 4 Feb 2022 14:13:12 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:11 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Kt9N4dvk; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983991; x=1675519991; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=07P2QSXuVccqJDuv1/6ZvoJU5My8Gpe9r6f3p7FQDew=; b=Kt9N4dvk8oWwOQAj6qbrI6WtCRZWQOISvZ1Q/UEko5F3sOVSRiwUnBiP TEBCancNmq7Qz71joi/ce4ZCMKE1knR3styRln9BWd0xJP4BRWJ4i89C8 lz0VwDvt8zoz+PC7q+tIl2WHlIV9qWzgAhnzIWkugnF6f0ceXp9behktO WxcUMqWM0x3SzC0TtxfMVETSfo8BdZbXux6hPu19kTqOExtpyvixYN/kV K4QhERcof0nE/d36xJ4QRM2Xe8eHg9QVYdqGU58vjyQ1fpCc2JUVANvmo RKWkNS193BAcQFn0C7V1vJHAUZSP2QkWlOu+pYI9hmImwpcXBL7UHPdwJ g==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321648" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321648" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:11 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750101" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:10 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 13/17] libusb1: correct SRC_URI Date: Fri, 4 Feb 2022 22:12:39 +0800 Message-Id: <0fccab0724769a862e31e635ffa1db3ba2f37312.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:12 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161360 From: Alexander Kanavin Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit d4c37ca1f1e97d53045521e9894dc9ed5b1c22a1) Signed-off-by: Anuj Mittal --- meta/recipes-support/libusb/libusb1_1.0.24.bb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/libusb/libusb1_1.0.24.bb b/meta/recipes-support/libusb/libusb1_1.0.24.bb index 95a20958a1..e70021f4f7 100644 --- a/meta/recipes-support/libusb/libusb1_1.0.24.bb +++ b/meta/recipes-support/libusb/libusb1_1.0.24.bb @@ -1,7 +1,7 @@ SUMMARY = "Userspace library to access USB (version 1.0)" DESCRIPTION = "A cross-platform library to access USB devices from Linux, \ macOS, Windows, OpenBSD/NetBSD, Haiku and Solaris userspace." -HOMEPAGE = "http://libusb.sf.net" +HOMEPAGE = "https://libusb.info" BUGTRACKER = "http://www.libusb.org/report" SECTION = "libs" @@ -10,10 +10,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" BBCLASSEXTEND = "native nativesdk" -SRC_URI = "${SOURCEFORGE_MIRROR}/libusb/libusb-${PV}.tar.bz2 \ +SRC_URI = "https://github.com/libusb/libusb/releases/download/v${PV}/libusb-${PV}.tar.bz2 \ file://run-ptest \ " +UPSTREAM_CHECK_URI = "https://github.com/libusb/libusb/releases" + SRC_URI[sha256sum] = "7efd2685f7b327326dcfb85cee426d9b871fd70e22caa15bb68d595ce2a2b12a" S = "${WORKDIR}/libusb-${PV}" From patchwork Fri Feb 4 14:12:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3304 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2869FC433F5 for ; Fri, 4 Feb 2022 14:13:13 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:12 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=MUmbqakv; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983992; x=1675519992; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=ipaYADTlkPY0WcyAu+G28bNiUkXdUnPu9ac4PIJVFv4=; b=MUmbqakvnLxwA4ZAkXBhhUrxzbzyjZWntySZnva3KZhn7HRphGOeE/8w 0HFDN+NRKia+hoZfSAbRIcO/G2K8imLKUSFjHydNMsgsJ+EPnzRZqsIj1 cfblIOjLuFoKG1gKhyT+Uhj+pdDJDhoh/1dAjPz9OqdG890YUva+Zf8IR ct2Wp3HmEVVF2g0Dhghg4j7KeS/dGtwx6vaSw9OfcQFndASsBv8TENBLA NKEULtQTfO+JWvU/r59F/YeEsaxoakw9VUi4xqaluh/m+64OhirWhCwZQ ulb6HpZsHXHw7clkMS0BqDJ4X4UylRvlcR1q1Q2Vb032y43n9CqJElocG Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321658" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321658" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:12 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750107" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:11 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 14/17] expat: upgrade to 2.4.4 Date: Fri, 4 Feb 2022 22:12:40 +0800 Message-Id: <4857274b27712981e175c0bbc00fa650f5d3bcf2.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:13 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161361 From: Ross Burton Fixes CVE-2022-23852 and CVE-2022-23990. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 4ed96683893e7433804ccf7a4000a2dd18318ef5) Signed-off-by: Anuj Mittal --- meta/recipes-core/expat/{expat_2.4.3.bb => expat_2.4.4.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-core/expat/{expat_2.4.3.bb => expat_2.4.4.bb} (91%) diff --git a/meta/recipes-core/expat/expat_2.4.3.bb b/meta/recipes-core/expat/expat_2.4.4.bb similarity index 91% rename from meta/recipes-core/expat/expat_2.4.3.bb rename to meta/recipes-core/expat/expat_2.4.4.bb index 088ce81500..63d291ed40 100644 --- a/meta/recipes-core/expat/expat_2.4.3.bb +++ b/meta/recipes-core/expat/expat_2.4.4.bb @@ -15,7 +15,7 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" -SRC_URI[sha256sum] = "6f262e216a494fbf42d8c22bc841b3e117c21f2467a19dc4c27c991b5622f986" +SRC_URI[sha256sum] = "14c58c2a0b5b8b31836514dfab41bd191836db7aa7b84ae5c47bc0327a20d64a" EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" From patchwork Fri Feb 4 14:12:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3306 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 28B33C433EF for ; Fri, 4 Feb 2022 14:13:16 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:15 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ZklhDA2F; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983995; x=1675519995; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=mGvBn6cQI9Gtr4V2TIhABgjGdiB07pLF/yVCawZ8VNY=; b=ZklhDA2Fk6SqyuMP9C4jwWnImqAsXtL0KHtEkMIdgeKhyGKaN/6mhuuZ OMkgpzWAf/Z286EfL1KtLiWW0sENCH6T8UgqrQFVNoWbJINghoy3cmXeW gm6rj87iUDS4XZ5ZXX0nkHLX6DQa9+NjTL2mdIke1huW+R9tQeZ5CRsv/ bijE+an1AiDWXCE9fV4w8VtrPkLd7iyDadI4Qjq7gq2gbCBKBIerKDFwe 1p9tFRXR7mG3/O7KAjWLakchXeSu7G56oROVPGoIB2A2RBdN+D03sqQwu oW6KqFROpNuPw1oNiwgAP4QuW6zYzaoM+ly4brF4iBw0wWQT9z8dZ3aXy w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321661" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321661" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:14 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750113" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:12 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 15/17] vim: upgrade to patch 4269 Date: Fri, 4 Feb 2022 22:12:41 +0800 Message-Id: <61dcaeda02fe1136610f1cf4d4ec271f16dacfcf.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:16 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161362 From: Ross Burton Upgrade to the latest patch release to fix the following CVEs: - CVE-2022-0261 - CVE-2022-0318 - CVE-2022-0319 Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 96442e681c3acd82b09e3becd78e902709945f1f) Signed-off-by: Anuj Mittal --- meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index d68fade26a..6c70bb7529 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -20,8 +20,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://racefix.patch \ " -PV .= ".4118" -SRCREV = "0023f82a76cf43a12b41e71f97a2e860d0444e1b" +PV .= ".4269" +SRCREV = "48a604845e33399893d6bf293e71bcd2a412800d" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" From patchwork Fri Feb 4 14:12:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3307 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32117C433F5 for ; Fri, 4 Feb 2022 14:13:17 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:16 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=MOepCCXe; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983996; x=1675519996; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=AMWkw9wGqpKXzOUjN1aO/QAmYnV3dpzjgC7WwSCudOE=; b=MOepCCXeh+5JCDsH5X9Yq9s1IvKSyCoVBjrbdB648J72RCMPHcD+Vrq8 TIIV6ukcMHS361E5o560iW5gRoOvxwT+7QITTw6V/EjAUh/8uDT5NJjND K0zo322FNEvcHvvz7pt2pcKJw2hoc//hGhJTLufKxxx7M6nj/FShfGcZk 2kj/xcxmBARB15chYCH/Xqo5h18Ylv5fGf2iOzKKTc9VGwFUprHVAL5ZB xNh0ZxZJ3+sy3zQtG89PmDdwBAZvE/NhXR25sRDJ4sILZRzSJPpYB/51P GdqJYDdGlyMMGf5J01ctT1UjAfHTq/kDU0hkHnl7UpWdQH8uEProMEBh7 w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321664" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321664" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:15 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750119" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:14 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 16/17] core-image-sato-sdk: allocate more memory when in qemu Date: Fri, 4 Feb 2022 22:12:42 +0800 Message-Id: <593a10c37f7928ce4714dd16bd26dc0cb56446e9.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161363 From: Ross Burton Compiling code is memory-intensive, especially kernel modules like the SystemTap probes, so give the VM 768MB of RAM. Using 1GB appears to cause PCI error, interestingly. Hopefully this solves the intermittent failures caused by OOMs during the SystemTap test. [ YOCTO #14673 ] Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 50ff1f018a670c963e1979dee76ebd696153b4c1) Signed-off-by: Anuj Mittal --- meta/recipes-sato/images/core-image-sato-sdk.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-sato/images/core-image-sato-sdk.bb b/meta/recipes-sato/images/core-image-sato-sdk.bb index b52de0def0..afab473b52 100644 --- a/meta/recipes-sato/images/core-image-sato-sdk.bb +++ b/meta/recipes-sato/images/core-image-sato-sdk.bb @@ -10,3 +10,6 @@ IMAGE_FEATURES += "dev-pkgs tools-sdk \ IMAGE_INSTALL += "kernel-devsrc" +# Compiling stuff, specifically SystemTap probes, can require lots of memory +# See https://bugzilla.yoctoproject.org/show_bug.cgi?id=14673 +QB_MEM = "-m 768" From patchwork Fri Feb 4 14:12:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Mittal, Anuj" X-Patchwork-Id: 3308 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2ED00C433EF for ; Fri, 4 Feb 2022 14:13:18 +0000 (UTC) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web08.9481.1643983972820228964 for ; Fri, 04 Feb 2022 06:13:17 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Att9vaFf; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: anuj.mittal@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643983996; x=1675519996; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=0UPC+7w6mv3lAPJoqkyNhS/MWNB6J5ZHJ3Hvo5QC85o=; b=Att9vaFfA5rxIovA8PNa42S6zHsVEh8R6QXPgO9LJ5U1OfeNpVVV513W FXedB+Q+ZNUKufmH6/zZsv7V77QkR/pLtcNS8mEKJP5xixltJgM60MJzz xvi/kl+0whDtSYj3ZOIRPHTLCssWN6Mdqubf820FoAqzzGA76qG0m029Q mS+rHEZZxrfDj9IlHcJnN2Slyds7kasmnPU4+EYvARgrgrI/vPw4+wwf9 Vn2TeoPTXyuruUhg1WIpoYNydeiwRnXwxi3ioTN6oUvkxLhqHGoR02mVb QFkniYC2qnahQwNEAS36AMKRqQVqCpBmHUohBO68hQG4/fWEa2AB/dWo9 w==; X-IronPort-AV: E=McAfee;i="6200,9189,10247"; a="248321677" X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="248321677" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:16 -0800 X-IronPort-AV: E=Sophos;i="5.88,342,1635231600"; d="scan'208";a="566750123" Received: from raajloka-mobl.gar.corp.intel.com (HELO anmitta2-mobl3.intel.com) ([10.215.235.116]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Feb 2022 06:13:15 -0800 From: Anuj Mittal To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 17/17] libxml2: Backport python3-lxml workaround patch Date: Fri, 4 Feb 2022 22:12:43 +0800 Message-Id: <3e40efa0a05bbe9f9c3a5a2553319ce6a5f1b123.1643983711.git.anuj.mittal@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 04 Feb 2022 14:13:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/161364 From: Carlos Rafael Giani This is a workaround for the following issue that affects python3-lxml: https://gitlab.gnome.org/GNOME/libxml2/-/issues/255 Signed-off-by: Carlos Rafael Giani Signed-off-by: Richard Purdie (cherry picked from commit 2f52be7c42ea37243f9aea1898ef7052904f9290) Signed-off-by: Anuj Mittal --- .../0002-Work-around-lxml-API-abuse.patch | 213 ++++++++++++++++++ meta/recipes-core/libxml/libxml2_2.9.12.bb | 1 + 2 files changed, 214 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/0002-Work-around-lxml-API-abuse.patch diff --git a/meta/recipes-core/libxml/libxml2/0002-Work-around-lxml-API-abuse.patch b/meta/recipes-core/libxml/libxml2/0002-Work-around-lxml-API-abuse.patch new file mode 100644 index 0000000000..f09ce9707a --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/0002-Work-around-lxml-API-abuse.patch @@ -0,0 +1,213 @@ +From 85b1792e37b131e7a51af98a37f92472e8de5f3f Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 18 May 2021 20:08:28 +0200 +Subject: [PATCH] Work around lxml API abuse + +Make xmlNodeDumpOutput and htmlNodeDumpFormatOutput work with corrupted +parent pointers. This used to work with the old recursive code but the +non-recursive rewrite required parent pointers to be set correctly. + +Unfortunately, lxml relies on the old behavior and passes subtrees with +a corrupted structure. Fall back to a recursive function call if an +invalid parent pointer is detected. + +Fixes #255. + +Upstream-Status: Backport [85b1792e37b131e7a51af98a37f92472e8de5f3f] +--- + HTMLtree.c | 46 ++++++++++++++++++++++++++++------------------ + xmlsave.c | 31 +++++++++++++++++++++---------- + 2 files changed, 49 insertions(+), 28 deletions(-) + +diff --git a/HTMLtree.c b/HTMLtree.c +index 24434d45..bdd639c7 100644 +--- a/HTMLtree.c ++++ b/HTMLtree.c +@@ -744,7 +744,7 @@ void + htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + xmlNodePtr cur, const char *encoding ATTRIBUTE_UNUSED, + int format) { +- xmlNodePtr root; ++ xmlNodePtr root, parent; + xmlAttrPtr attr; + const htmlElemDesc * info; + +@@ -755,6 +755,7 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + } + + root = cur; ++ parent = cur->parent; + while (1) { + switch (cur->type) { + case XML_HTML_DOCUMENT_NODE: +@@ -762,13 +763,25 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + if (((xmlDocPtr) cur)->intSubset != NULL) { + htmlDtdDumpOutput(buf, (xmlDocPtr) cur, NULL); + } +- if (cur->children != NULL) { ++ /* Always validate cur->parent when descending. */ ++ if ((cur->parent == parent) && (cur->children != NULL)) { ++ parent = cur; + cur = cur->children; + continue; + } + break; + + case XML_ELEMENT_NODE: ++ /* ++ * Some users like lxml are known to pass nodes with a corrupted ++ * tree structure. Fall back to a recursive call to handle this ++ * case. ++ */ ++ if ((cur->parent != parent) && (cur->children != NULL)) { ++ htmlNodeDumpFormatOutput(buf, doc, cur, encoding, format); ++ break; ++ } ++ + /* + * Get specific HTML info for that node. + */ +@@ -817,6 +830,7 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + (cur->name != NULL) && + (cur->name[0] != 'p')) /* p, pre, param */ + xmlOutputBufferWriteString(buf, "\n"); ++ parent = cur; + cur = cur->children; + continue; + } +@@ -825,9 +839,9 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + (info != NULL) && (!info->isinline)) { + if ((cur->next->type != HTML_TEXT_NODE) && + (cur->next->type != HTML_ENTITY_REF_NODE) && +- (cur->parent != NULL) && +- (cur->parent->name != NULL) && +- (cur->parent->name[0] != 'p')) /* p, pre, param */ ++ (parent != NULL) && ++ (parent->name != NULL) && ++ (parent->name[0] != 'p')) /* p, pre, param */ + xmlOutputBufferWriteString(buf, "\n"); + } + +@@ -842,9 +856,9 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + break; + if (((cur->name == (const xmlChar *)xmlStringText) || + (cur->name != (const xmlChar *)xmlStringTextNoenc)) && +- ((cur->parent == NULL) || +- ((xmlStrcasecmp(cur->parent->name, BAD_CAST "script")) && +- (xmlStrcasecmp(cur->parent->name, BAD_CAST "style"))))) { ++ ((parent == NULL) || ++ ((xmlStrcasecmp(parent->name, BAD_CAST "script")) && ++ (xmlStrcasecmp(parent->name, BAD_CAST "style"))))) { + xmlChar *buffer; + + buffer = xmlEncodeEntitiesReentrant(doc, cur->content); +@@ -902,13 +916,9 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + break; + } + +- /* +- * The parent should never be NULL here but we want to handle +- * corrupted documents gracefully. +- */ +- if (cur->parent == NULL) +- return; +- cur = cur->parent; ++ cur = parent; ++ /* cur->parent was validated when descending. */ ++ parent = cur->parent; + + if ((cur->type == XML_HTML_DOCUMENT_NODE) || + (cur->type == XML_DOCUMENT_NODE)) { +@@ -939,9 +949,9 @@ htmlNodeDumpFormatOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, + (cur->next != NULL)) { + if ((cur->next->type != HTML_TEXT_NODE) && + (cur->next->type != HTML_ENTITY_REF_NODE) && +- (cur->parent != NULL) && +- (cur->parent->name != NULL) && +- (cur->parent->name[0] != 'p')) /* p, pre, param */ ++ (parent != NULL) && ++ (parent->name != NULL) && ++ (parent->name[0] != 'p')) /* p, pre, param */ + xmlOutputBufferWriteString(buf, "\n"); + } + } +diff --git a/xmlsave.c b/xmlsave.c +index 61a40459..aedbd5e7 100644 +--- a/xmlsave.c ++++ b/xmlsave.c +@@ -847,7 +847,7 @@ htmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + static void + xmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + int format = ctxt->format; +- xmlNodePtr tmp, root, unformattedNode = NULL; ++ xmlNodePtr tmp, root, unformattedNode = NULL, parent; + xmlAttrPtr attr; + xmlChar *start, *end; + xmlOutputBufferPtr buf; +@@ -856,6 +856,7 @@ xmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + buf = ctxt->buf; + + root = cur; ++ parent = cur->parent; + while (1) { + switch (cur->type) { + case XML_DOCUMENT_NODE: +@@ -868,7 +869,9 @@ xmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + break; + + case XML_DOCUMENT_FRAG_NODE: +- if (cur->children != NULL) { ++ /* Always validate cur->parent when descending. */ ++ if ((cur->parent == parent) && (cur->children != NULL)) { ++ parent = cur; + cur = cur->children; + continue; + } +@@ -887,7 +890,18 @@ xmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + break; + + case XML_ELEMENT_NODE: +- if ((cur != root) && (ctxt->format == 1) && (xmlIndentTreeOutput)) ++ /* ++ * Some users like lxml are known to pass nodes with a corrupted ++ * tree structure. Fall back to a recursive call to handle this ++ * case. ++ */ ++ if ((cur->parent != parent) && (cur->children != NULL)) { ++ xmlNodeDumpOutputInternal(ctxt, cur); ++ break; ++ } ++ ++ if ((ctxt->level > 0) && (ctxt->format == 1) && ++ (xmlIndentTreeOutput)) + xmlOutputBufferWrite(buf, ctxt->indent_size * + (ctxt->level > ctxt->indent_nr ? + ctxt->indent_nr : ctxt->level), +@@ -942,6 +956,7 @@ xmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + xmlOutputBufferWrite(buf, 1, ">"); + if (ctxt->format == 1) xmlOutputBufferWrite(buf, 1, "\n"); + if (ctxt->level >= 0) ctxt->level++; ++ parent = cur; + cur = cur->children; + continue; + } +@@ -1058,13 +1073,9 @@ xmlNodeDumpOutputInternal(xmlSaveCtxtPtr ctxt, xmlNodePtr cur) { + break; + } + +- /* +- * The parent should never be NULL here but we want to handle +- * corrupted documents gracefully. +- */ +- if (cur->parent == NULL) +- return; +- cur = cur->parent; ++ cur = parent; ++ /* cur->parent was validated when descending. */ ++ parent = cur->parent; + + if (cur->type == XML_ELEMENT_NODE) { + if (ctxt->level > 0) ctxt->level--; +-- +2.32.0 + diff --git a/meta/recipes-core/libxml/libxml2_2.9.12.bb b/meta/recipes-core/libxml/libxml2_2.9.12.bb index c387587dfd..a7939c9713 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.12.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.12.bb @@ -21,6 +21,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ file://remove-fuzz-from-ptests.patch \ + file://0002-Work-around-lxml-API-abuse.patch \ " SRC_URI[libtar.sha256sum] = "c8d6681e38c56f172892c85ddc0852e1fd4b53b4209e7f4ebf17f7e2eae71d92"