From patchwork Thu Oct 13 16:36:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13858 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5EE3C4321E for ; Thu, 13 Oct 2022 16:37:17 +0000 (UTC) Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web11.105.1665679032322272116 for ; Thu, 13 Oct 2022 09:37:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=CoP5y86F; spf=softfail (domain: sakoman.com, ip: 209.85.210.182, mailfrom: steve@sakoman.com) Received: by mail-pf1-f182.google.com with SMTP id y1so2443986pfr.3 for ; Thu, 13 Oct 2022 09:37:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=WhFV2ag1V5cKdfgp1+hCeZHmkeR9+UihVlWMV9BsxRE=; b=CoP5y86F7iQdTi1oHDumxfDZdnv5FccT2dY5S1uklVasH5fc+5zHxy75lq7ukFXWNi 2ZxM9sRiUmewHk/qlyZk6/K/hqACX+HmLjOohzqVUFZOTer3iRcnMhuFr8AcvzHSVbcD Yvt0cKrW6kjkZmWo2X4RqxKbmrebZAQ3i/Ybi38jPyDzrzp2wOaa9G0gz8Qi9lmMfyXN bJMnV+1QdskP0Pm3KYyDDGpoAubejxCG+4wM+UGScn3UrjgszBb9ILGDmJ0vtzpvPX17 sUSXinf5wVmoCvdxaXXEUzKYpuONNAa2ER1J51adWl/hOfzzPj1kcmLOJ+0ZRLsfKhYr N9yw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WhFV2ag1V5cKdfgp1+hCeZHmkeR9+UihVlWMV9BsxRE=; b=PYIuAbh+SqZIqNYv/bA5VxuGHUqm+JJ9H/hxlz8dlWJH3t58oqSdKzYFGtDOUtRy5S PyIyDWIDMOGuDRbM7oCKAv8QSbCMc7aL2ThktfmDn88GToBEQBJ9nSBqPF93OqEk1tGY eWhhqK1WuR5JcdjAzlYdCDA9W8HjcezG0UXbEEDwPLkw6UM/A2Xm6zfMMZfpEOJrU1y7 eWQfyRzO/PBsfy7MjMXUo1wvQkLx/XTKTIhgU0BtmbbUAeQltlN4IdnUL2XHqSZ44B6+ ZyRZhh9XSYiPPcvaFD6RqkD48ARIBBEUYMo3z9wx4Q9gSqvd+pEwx6h8vN+dtqkAfJ/w 6Y/g== X-Gm-Message-State: ACrzQf3skNCSAekheKFuTqNAObpCbZ50/mMDEiSoRImtWPYOM2ZUWyqF 3W6WGKY3JCFOnXFUhlRw//xGQd56yf7ZsJBI X-Google-Smtp-Source: AMsMyM6UHW59lJI7jLMeBYIRiojF6mcQOCYTkJC8Gg4hwf/o8FVTYPRk8O7mzJwlaQJdjEygbNAP3g== X-Received: by 2002:a62:ce8b:0:b0:562:9e5c:bb5 with SMTP id y133-20020a62ce8b000000b005629e5c0bb5mr350233pfg.45.1665679031192; Thu, 13 Oct 2022 09:37:11 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:10 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 1/9] dhcp: Fix CVE-2022-2928 & CVE-2022-2929 Date: Thu, 13 Oct 2022 06:36:48 -1000 Message-Id: <89d8ac907cbb5a0e214cb306a2d7bb4896165278.1665678874.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171709 From: Hitendra Prajapati Source: https://downloads.isc.org/isc/dhcp MR: 122797, 122812 Type: Security Fix Disposition: Backport from https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/ ChangeID: 31490133cae8fc9c77073f9023955d3ff39c0b6e Description: Fixed CVEs: 1. CVE-2022-2928 2. CVE-2022-2929 Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../dhcp/dhcp/CVE-2022-2928.patch | 120 ++++++++++++++++++ .../dhcp/dhcp/CVE-2022-2929.patch | 40 ++++++ meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb | 2 + 3 files changed, 162 insertions(+) create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch new file mode 100644 index 0000000000..11f162cbda --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch @@ -0,0 +1,120 @@ +From 8a5d739eea10ee6e193f053b1662142d5657cbc6 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Thu, 6 Oct 2022 09:39:18 +0530 +Subject: [PATCH] CVE-2022-2928 + +Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/] +CVE: CVE-2022-2928 +Signed-off-by: Hitendra Prajapati +--- + common/options.c | 7 +++++ + common/tests/option_unittest.c | 54 ++++++++++++++++++++++++++++++++++ + 2 files changed, 61 insertions(+) + +diff --git a/common/options.c b/common/options.c +index a7ed84c..4e53bb4 100644 +--- a/common/options.c ++++ b/common/options.c +@@ -4452,6 +4452,8 @@ add_option(struct option_state *options, + if (!option_cache_allocate(&oc, MDL)) { + log_error("No memory for option cache adding %s (option %d).", + option->name, option_num); ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); + return 0; + } + +@@ -4463,6 +4465,8 @@ add_option(struct option_state *options, + MDL)) { + log_error("No memory for constant data adding %s (option %d).", + option->name, option_num); ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); + option_cache_dereference(&oc, MDL); + return 0; + } +@@ -4471,6 +4475,9 @@ add_option(struct option_state *options, + save_option(&dhcp_universe, options, oc); + option_cache_dereference(&oc, MDL); + ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); ++ + return 1; + } + +diff --git a/common/tests/option_unittest.c b/common/tests/option_unittest.c +index cd52cfb..690704d 100644 +--- a/common/tests/option_unittest.c ++++ b/common/tests/option_unittest.c +@@ -130,6 +130,59 @@ ATF_TC_BODY(pretty_print_option, tc) + } + + ++ATF_TC(add_option_ref_cnt); ++ ++ATF_TC_HEAD(add_option_ref_cnt, tc) ++{ ++ atf_tc_set_md_var(tc, "descr", ++ "Verify add_option() does not leak option ref counts."); ++} ++ ++ATF_TC_BODY(add_option_ref_cnt, tc) ++{ ++ struct option_state *options = NULL; ++ struct option *option = NULL; ++ unsigned int cid_code = DHO_DHCP_CLIENT_IDENTIFIER; ++ char *cid_str = "1234"; ++ int refcnt_before = 0; ++ ++ // Look up the option we're going to add. ++ initialize_common_option_spaces(); ++ if (!option_code_hash_lookup(&option, dhcp_universe.code_hash, ++ &cid_code, 0, MDL)) { ++ atf_tc_fail("cannot find option definition?"); ++ } ++ ++ // Get the option's reference count before we call add_options. ++ refcnt_before = option->refcnt; ++ ++ // Allocate a option_state to which to add an option. ++ if (!option_state_allocate(&options, MDL)) { ++ atf_tc_fail("cannot allocat options state"); ++ } ++ ++ // Call add_option() to add the option to the option state. ++ if (!add_option(options, cid_code, cid_str, strlen(cid_str))) { ++ atf_tc_fail("add_option returned 0"); ++ } ++ ++ // Verify that calling add_option() only adds 1 to the option ref count. ++ if (option->refcnt != (refcnt_before + 1)) { ++ atf_tc_fail("after add_option(), count is wrong, before %d, after: %d", ++ refcnt_before, option->refcnt); ++ } ++ ++ // Derefrence the option_state, this should reduce the ref count to ++ // it's starting value. ++ option_state_dereference(&options, MDL); ++ ++ // Verify that dereferencing option_state restores option ref count. ++ if (option->refcnt != refcnt_before) { ++ atf_tc_fail("after state deref, count is wrong, before %d, after: %d", ++ refcnt_before, option->refcnt); ++ } ++} ++ + /* This macro defines main() method that will call specified + test cases. tp and simple_test_case names can be whatever you want + as long as it is a valid variable identifier. */ +@@ -137,6 +190,7 @@ ATF_TP_ADD_TCS(tp) + { + ATF_TP_ADD_TC(tp, option_refcnt); + ATF_TP_ADD_TC(tp, pretty_print_option); ++ ATF_TP_ADD_TC(tp, add_option_ref_cnt); + + return (atf_no_error()); + } +-- +2.25.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch new file mode 100644 index 0000000000..d605204f89 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch @@ -0,0 +1,40 @@ +From 5c959166ebee7605e2048de573f2475b4d731ff7 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Thu, 6 Oct 2022 09:42:59 +0530 +Subject: [PATCH] CVE-2022-2929 + +Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/] +CVE: CVE-2022-2929 +Signed-off-by: Hitendra Prajapati +--- + common/options.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/common/options.c b/common/options.c +index 4e53bb4..28800fc 100644 +--- a/common/options.c ++++ b/common/options.c +@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options, + while (s < &bp -> data[0] + length + 2) { + len = *s; + if (len > 63) { +- log_info ("fancy bits in fqdn option"); +- return 0; ++ log_info ("label length exceeds 63 in fqdn option"); ++ goto bad; + } + if (len == 0) { + terminated = 1; + break; + } + if (s + len > &bp -> data [0] + length + 3) { +- log_info ("fqdn tag longer than buffer"); +- return 0; ++ log_info ("fqdn label longer than buffer"); ++ goto bad; + } + + if (first_len == 0) { +-- +2.25.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb b/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb index 5609a350cc..d3c87d0d07 100644 --- a/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb +++ b/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb @@ -11,6 +11,8 @@ SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.pat file://0013-fixup_use_libbind.patch \ file://0001-workaround-busybox-limitation-in-linux-dhclient-script.patch \ file://CVE-2021-25217.patch \ + file://CVE-2022-2928.patch \ + file://CVE-2022-2929.patch \ " SRC_URI[md5sum] = "2afdaf8498dc1edaf3012efdd589b3e1" From patchwork Thu Oct 13 16:36:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13856 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA3DDC43217 for ; Thu, 13 Oct 2022 16:37:17 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.103.1665679034334826681 for ; Thu, 13 Oct 2022 09:37:14 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=ofOAEXQF; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id i3so2418928pfk.9 for ; Thu, 13 Oct 2022 09:37:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=SA+kYyJVHBnmcOC1LyBXahvJ5m9v9/iYhQtDzzARIVU=; b=ofOAEXQFaoX9yd+irDh3u1l2gO90a5B2ucpZ7p7jMk6Ii3OX+2ddh+gugea1DNzvxT sZ9UK75rOk5aIC/seyb3e3wwznU3NOyucyo4Q9oLFmghB22pKZ5wxLIO6GkM60PEYjiA rX9j+Tw2UKWuIm0QStztZJCDyPHTpvIQvhyTzT4VJOA97NpI15ex2OmlXbx9rDHdQiWt NNHlOJIuyyu2v63kPxjK5U1QpL7zyCjc9wOSb3/KcDtj/CMwC8pSsj4Ypc7DhdFa86DP 0NrmKaBhNPIixkLJ6rEtI2gxL3u1jzfwaGKyyW9Bs+buBufON+JH0RG/0XlRZXQUq0is uULg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SA+kYyJVHBnmcOC1LyBXahvJ5m9v9/iYhQtDzzARIVU=; b=KsEvQLwdxjcUfI5bPzhC+D8l1a5lpnyVYZLPwADsh+LVAtNSw361J5tbQI16lj3duB InwDUEvZR87V9TedqvwRHBZxA+rJCsRzcVCrVemrbQUg0OTHAXoblkKl8DzPozTtdoNP lzJET14PqJllfh+UbOW2RGCzvI6RmUUlj3yBGL6YNmL8KJfwnAT8Kf5Rcj6MtGgStk5A OGQH2Dj9Jsjc1tSKAuLVVjB3ie0cGrpRIemKbFCQ5S9ZmxjxixB6nsFI8GS15EKMPI51 J44NlCUfspc0bnud+u1nqQj7MCFo7iuPK1/JeXrAMII//pFYQl0xI8DfcvcrgYugWOJO tYlg== X-Gm-Message-State: ACrzQf118Q9fd2aBMFn0FTdJBvHGxpQaxKP7LPCD7AWW3C0Sl+3hyxTQ p1ftFaxYqX8V0jhphBG8V0S3WCDjN4yxXz2H X-Google-Smtp-Source: AMsMyM5HEjs3ZWLAKdFQ9owlE0V1byZCPUfHLh5hWCPzf3gYdkhP6Lnn4dPBFuOy3pqPcMWSBlUlFQ== X-Received: by 2002:a05:6a00:1d05:b0:563:5715:7f3d with SMTP id a5-20020a056a001d0500b0056357157f3dmr554354pfx.48.1665679033252; Thu, 13 Oct 2022 09:37:13 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:12 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 2/9] qemu: CVE-2021-3750 hcd-ehci: DMA reentrancy issue leads to use-after-free Date: Thu, 13 Oct 2022 06:36:49 -1000 Message-Id: <0f4b1db4fdc655e880ec66525eb7642978529e82.1665678874.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171710 From: Hitendra Prajapati Source: https://git.qemu.org/?p=qemu.git MR: 117886 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b9d383ab797f54ae5fa8746117770709921dc529 && https://git.qemu.org/?p=qemu.git;a=commit;h=3ab6fdc91b72e156da22848f0003ff4225690ced && https://git.qemu.org/?p=qemu.git;a=commit;h=58e74682baf4e1ad26b064d8c02e5bc99c75c5d9 ChangeID: 3af901d20ad8ff389468eda2c53b4943e3a77bb8 Description: CVE-2021-3750 QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free. Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-3750.patch | 180 ++++++++++++++++++ 2 files changed, 181 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 368be9979a..3c0b34d851 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -111,6 +111,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2021-4207.patch \ file://CVE-2022-0216-1.patch \ file://CVE-2022-0216-2.patch \ + file://CVE-2021-3750.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch new file mode 100644 index 0000000000..43630e71fb --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch @@ -0,0 +1,180 @@ +From 1938fbc7ec197e2612ab2ce36dd69bff19208aa5 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Mon, 10 Oct 2022 17:44:41 +0530 +Subject: [PATCH] CVE-2021-3750 + +Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=b9d383ab797f54ae5fa8746117770709921dc529 && https://git.qemu.org/?p=qemu.git;a=commit;h=3ab6fdc91b72e156da22848f0003ff4225690ced && https://git.qemu.org/?p=qemu.git;a=commit;h=58e74682baf4e1ad26b064d8c02e5bc99c75c5d9] +CVE: CVE-2021-3750 +Signed-off-by: Hitendra Prajapati +--- + exec.c | 55 +++++++++++++++++++++++++++++++------- + hw/intc/arm_gicv3_redist.c | 4 +-- + include/exec/memattrs.h | 9 +++++++ + 3 files changed, 56 insertions(+), 12 deletions(-) + +diff --git a/exec.c b/exec.c +index 1360051a..10581d8d 100644 +--- a/exec.c ++++ b/exec.c +@@ -39,6 +39,7 @@ + #include "qemu/config-file.h" + #include "qemu/error-report.h" + #include "qemu/qemu-print.h" ++#include "qemu/log.h" + #if defined(CONFIG_USER_ONLY) + #include "qemu.h" + #else /* !CONFIG_USER_ONLY */ +@@ -3118,6 +3119,33 @@ static bool prepare_mmio_access(MemoryRegion *mr) + return release_lock; + } + ++/** +++ * flatview_access_allowed +++ * @mr: #MemoryRegion to be accessed +++ * @attrs: memory transaction attributes +++ * @addr: address within that memory region +++ * @len: the number of bytes to access +++ * +++ * Check if a memory transaction is allowed. +++ * +++ * Returns: true if transaction is allowed, false if denied. +++ */ ++static bool flatview_access_allowed(MemoryRegion *mr, MemTxAttrs attrs, ++ hwaddr addr, hwaddr len) ++{ ++ if (likely(!attrs.memory)) { ++ return true; ++ } ++ if (memory_region_is_ram(mr)) { ++ return true; ++ } ++ qemu_log_mask(LOG_GUEST_ERROR, ++ "Invalid access to non-RAM device at " ++ "addr 0x%" HWADDR_PRIX ", size %" HWADDR_PRIu ", " ++ "region '%s'\n", addr, len, memory_region_name(mr)); ++ return false; ++} ++ + /* Called within RCU critical section. */ + static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr, + MemTxAttrs attrs, +@@ -3131,7 +3159,10 @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr, + bool release_lock = false; + + for (;;) { +- if (!memory_access_is_direct(mr, true)) { ++ if (!flatview_access_allowed(mr, attrs, addr1, l)) { ++ result |= MEMTX_ACCESS_ERROR; ++ /* Keep going. */ ++ } else if (!memory_access_is_direct(mr, true)) { + release_lock |= prepare_mmio_access(mr); + l = memory_access_size(mr, l, addr1); + /* XXX: could force current_cpu to NULL to avoid +@@ -3173,14 +3204,14 @@ static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs, + hwaddr l; + hwaddr addr1; + MemoryRegion *mr; +- MemTxResult result = MEMTX_OK; + + l = len; + mr = flatview_translate(fv, addr, &addr1, &l, true, attrs); +- result = flatview_write_continue(fv, addr, attrs, buf, len, +- addr1, l, mr); +- +- return result; ++ if (!flatview_access_allowed(mr, attrs, addr, len)) { ++ return MEMTX_ACCESS_ERROR; ++ } ++ return flatview_write_continue(fv, addr, attrs, buf, len, ++ addr1, l, mr); + } + + /* Called within RCU critical section. */ +@@ -3195,7 +3226,10 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr, + bool release_lock = false; + + for (;;) { +- if (!memory_access_is_direct(mr, false)) { ++ if (!flatview_access_allowed(mr, attrs, addr1, l)) { ++ result |= MEMTX_ACCESS_ERROR; ++ /* Keep going. */ ++ } else if (!memory_access_is_direct(mr, false)) { + /* I/O case */ + release_lock |= prepare_mmio_access(mr); + l = memory_access_size(mr, l, addr1); +@@ -3238,6 +3272,9 @@ static MemTxResult flatview_read(FlatView *fv, hwaddr addr, + + l = len; + mr = flatview_translate(fv, addr, &addr1, &l, false, attrs); ++ if (!flatview_access_allowed(mr, attrs, addr, len)) { ++ return MEMTX_ACCESS_ERROR; ++ } + return flatview_read_continue(fv, addr, attrs, buf, len, + addr1, l, mr); + } +@@ -3474,12 +3511,10 @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs) + { + FlatView *fv; +- bool result; + + RCU_READ_LOCK_GUARD(); + fv = address_space_to_flatview(as); +- result = flatview_access_valid(fv, addr, len, is_write, attrs); +- return result; ++ return flatview_access_valid(fv, addr, len, is_write, attrs); + } + + static hwaddr +diff --git a/hw/intc/arm_gicv3_redist.c b/hw/intc/arm_gicv3_redist.c +index 8645220d..44368e28 100644 +--- a/hw/intc/arm_gicv3_redist.c ++++ b/hw/intc/arm_gicv3_redist.c +@@ -450,7 +450,7 @@ MemTxResult gicv3_redist_read(void *opaque, hwaddr offset, uint64_t *data, + break; + } + +- if (r == MEMTX_ERROR) { ++ if (r != MEMTX_OK) { + qemu_log_mask(LOG_GUEST_ERROR, + "%s: invalid guest read at offset " TARGET_FMT_plx + "size %u\n", __func__, offset, size); +@@ -507,7 +507,7 @@ MemTxResult gicv3_redist_write(void *opaque, hwaddr offset, uint64_t data, + break; + } + +- if (r == MEMTX_ERROR) { ++ if (r != MEMTX_OK) { + qemu_log_mask(LOG_GUEST_ERROR, + "%s: invalid guest write at offset " TARGET_FMT_plx + "size %u\n", __func__, offset, size); +diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h +index 95f2d20d..9fb98bc1 100644 +--- a/include/exec/memattrs.h ++++ b/include/exec/memattrs.h +@@ -35,6 +35,14 @@ typedef struct MemTxAttrs { + unsigned int secure:1; + /* Memory access is usermode (unprivileged) */ + unsigned int user:1; ++ /* ++ * Bus interconnect and peripherals can access anything (memories, ++ * devices) by default. By setting the 'memory' bit, bus transaction ++ * are restricted to "normal" memories (per the AMBA documentation) ++ * versus devices. Access to devices will be logged and rejected ++ * (see MEMTX_ACCESS_ERROR). ++ */ ++ unsigned int memory:1; + /* Requester ID (for MSI for example) */ + unsigned int requester_id:16; + /* Invert endianness for this page */ +@@ -66,6 +74,7 @@ typedef struct MemTxAttrs { + #define MEMTX_OK 0 + #define MEMTX_ERROR (1U << 0) /* device returned an error */ + #define MEMTX_DECODE_ERROR (1U << 1) /* nothing at that address */ ++#define MEMTX_ACCESS_ERROR (1U << 2) /* access denied */ + typedef uint32_t MemTxResult; + + #endif +-- +2.25.1 + From patchwork Thu Oct 13 16:36:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13857 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D96D1C4332F for ; Thu, 13 Oct 2022 16:37:17 +0000 (UTC) Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com [209.85.216.41]) by mx.groups.io with SMTP id smtpd.web12.97.1665679036520801464 for ; Thu, 13 Oct 2022 09:37:16 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=CV3h6wc7; spf=softfail (domain: sakoman.com, ip: 209.85.216.41, mailfrom: steve@sakoman.com) Received: by mail-pj1-f41.google.com with SMTP id a5-20020a17090aa50500b002008eeb040eso5919796pjq.1 for ; Thu, 13 Oct 2022 09:37:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=7Q1iHr6eXHAseE6EPYjB6xbvIgha1LR630dBPbx8K7Q=; b=CV3h6wc7xHu996eGe05n1FIU6ZjbFxuCoWifT8G+38UjHnvGmDGxQuRssO7g/Pn5uD LlOA/w4QX0yj3J89pQosVoYYHeykt1v4NMGBLLfGUv6KZDJTrI4ieKGZD5M+TKiwX2dc 8jZ0lSv2PnO5NT37a8bp49vbzTn9m1DnrQC+K+MxtxcWIBgVVfect+lDdkoW2g/4OrIc hqVK2FL0nWCHruWjdEyNcZMQ+0QIBwBeUvCoRdo2uZX/8rqD2+FJ8gI7bcH68jibfh9v ItIvP8LZwd3M7ay+dqZK25/ul9gqXoZxf75H8n9fpsqvGvZbG8Js1r6Xzv4NGppgyd9l MjCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7Q1iHr6eXHAseE6EPYjB6xbvIgha1LR630dBPbx8K7Q=; b=M2D1a0DQWxyNvqEj6OQR8mXdM1Wgb4yek3+wQWiEn3rH4ENc+lZyfE5EEelEXgS6r4 Vz/ghhTohKgXhmmC11E5B9hTNHBlUPYJIOmRN5om348jpVjDrTke7kDEQFDPhdMOT8kD VNyUzo3JKfUBiSrgIljSMoUcZOmD4tegHLxKw4Edhjs0pvIOaH9+hIVs0eJEreOiUvn3 U/b9Z/ub4hxzzeF+xjh3jgtt1x4MFhSyj+tJ+Nx06JN9QC77XiTCOWKSUMfrrLggJ43Y U3ab20gsNX5SokdLJq7enYoZ8gpd7K5E3OtT0ehe1hhESUzQCAkkYWReaH/UScbx18cm r0Rg== X-Gm-Message-State: ACrzQf0hqD1Or+6k2RiWWNXKaYpwzSAjbAwMYpO2M3BwGyQlAa0UZTYw xeuYV8bbHZoH3sZCFr/3ukbbAk3ZsE0YROCd X-Google-Smtp-Source: AMsMyM522Hu7LoNkKEV5HFz8zhqSgTkZL4lkcAho0796e0766z3JeA/U9cCL7n6DY015fGD6NvjQtg== X-Received: by 2002:a17:90a:1b65:b0:1f7:4725:aa6e with SMTP id q92-20020a17090a1b6500b001f74725aa6emr660161pjq.179.1665679035350; Thu, 13 Oct 2022 09:37:15 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 3/9] python3: upgrade 3.8.13 -> 3.8.14 Date: Thu, 13 Oct 2022 06:36:50 -1000 Message-Id: <25fafd35a4698daa0d4abb814a91601e68223128.1665678874.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171711 From: Tim Orling Security and bug fixes. * Drop CVE-2021-28861.patch as it was merged in 3.8.14 release. Fixes: * CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 * CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 * CVE-2018-25032 https://nvd.nist.gov/vuln/detail/CVE-2018-25032 Python 3.8.14 Release Date: Sept. 6, 2022 This is a security release of Python 3.8 Note: The release you're looking at is Python 3.8.14, a security bugfix release for the legacy 3.8 series. Python 3.10 is now the latest feature release series of Python 3. Security content in this release CVE-2020-10735: converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. gh-93065: Fix contextvars HAMT implementation to handle iteration over deep trees to avoid a potential crash of the interpreter. gh-90355: Fix ensurepip environment isolation for the subprocess running pip. gh-80254: Raise ProgrammingError instead of segfaulting on recursive usage of cursors in sqlite3 converters. Signed-off-by: Tim Orling Signed-off-by: Steve Sakoman --- .../python/python3/CVE-2021-28861.patch | 135 ------------------ .../{python3_3.8.13.bb => python3_3.8.14.bb} | 5 +- 2 files changed, 2 insertions(+), 138 deletions(-) delete mode 100644 meta/recipes-devtools/python/python3/CVE-2021-28861.patch rename meta/recipes-devtools/python/{python3_3.8.13.bb => python3_3.8.14.bb} (98%) diff --git a/meta/recipes-devtools/python/python3/CVE-2021-28861.patch b/meta/recipes-devtools/python/python3/CVE-2021-28861.patch deleted file mode 100644 index dc97c6b4eb..0000000000 --- a/meta/recipes-devtools/python/python3/CVE-2021-28861.patch +++ /dev/null @@ -1,135 +0,0 @@ -From 4dc2cae3abd75f386374d0635d00443b897d0672 Mon Sep 17 00:00:00 2001 -From: "Miss Islington (bot)" - <31488909+miss-islington@users.noreply.github.com> -Date: Wed, 22 Jun 2022 01:42:52 -0700 -Subject: [PATCH] gh-87389: Fix an open redirection vulnerability in - http.server. (GH-93879) (GH-94094) - -Fix an open redirection vulnerability in the `http.server` module when -an URI path starts with `//` that could produce a 301 Location header -with a misleading target. Vulnerability discovered, and logic fix -proposed, by Hamza Avvan (@hamzaavvan). - -Test and comments authored by Gregory P. Smith [Google]. -(cherry picked from commit 4abab6b603dd38bec1168e9a37c40a48ec89508e) - -Co-authored-by: Gregory P. Smith - -Signed-off-by: Riyaz Khan - -CVE: CVE-2021-28861 - -Upstream-Status: Backport [https://github.com/python/cpython/commit/4dc2cae3abd75f386374d0635d00443b897d0672] - ---- - Lib/http/server.py | 7 +++ - Lib/test/test_httpservers.py | 53 ++++++++++++++++++- - ...2-06-15-20-09-23.gh-issue-87389.QVaC3f.rst | 3 ++ - 3 files changed, 61 insertions(+), 2 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst - -diff --git a/Lib/http/server.py b/Lib/http/server.py -index 38f7accad7a3..39de35458c38 100644 ---- a/Lib/http/server.py -+++ b/Lib/http/server.py -@@ -332,6 +332,13 @@ def parse_request(self): - return False - self.command, self.path = command, path - -+ # gh-87389: The purpose of replacing '//' with '/' is to protect -+ # against open redirect attacks possibly triggered if the path starts -+ # with '//' because http clients treat //path as an absolute URI -+ # without scheme (similar to http://path) rather than a path. -+ if self.path.startswith('//'): -+ self.path = '/' + self.path.lstrip('/') # Reduce to a single / -+ - # Examine the headers and look for a Connection directive. - try: - self.headers = http.client.parse_headers(self.rfile, -diff --git a/Lib/test/test_httpservers.py b/Lib/test/test_httpservers.py -index 87d4924a34b3..fb026188f0b4 100644 ---- a/Lib/test/test_httpservers.py -+++ b/Lib/test/test_httpservers.py -@@ -330,7 +330,7 @@ class request_handler(NoLogRequestHandler, SimpleHTTPRequestHandler): - pass - - def setUp(self): -- BaseTestCase.setUp(self) -+ super().setUp() - self.cwd = os.getcwd() - basetempdir = tempfile.gettempdir() - os.chdir(basetempdir) -@@ -358,7 +358,7 @@ def tearDown(self): - except: - pass - finally: -- BaseTestCase.tearDown(self) -+ super().tearDown() - - def check_status_and_reason(self, response, status, data=None): - def close_conn(): -@@ -414,6 +414,55 @@ def test_undecodable_filename(self): - self.check_status_and_reason(response, HTTPStatus.OK, - data=support.TESTFN_UNDECODABLE) - -+ def test_get_dir_redirect_location_domain_injection_bug(self): -+ """Ensure //evil.co/..%2f../../X does not put //evil.co/ in Location. -+ -+ //netloc/ in a Location header is a redirect to a new host. -+ https://github.com/python/cpython/issues/87389 -+ -+ This checks that a path resolving to a directory on our server cannot -+ resolve into a redirect to another server. -+ """ -+ os.mkdir(os.path.join(self.tempdir, 'existing_directory')) -+ url = f'/python.org/..%2f..%2f..%2f..%2f..%2f../%0a%0d/../{self.tempdir_name}/existing_directory' -+ expected_location = f'{url}/' # /python.org.../ single slash single prefix, trailing slash -+ # Canonicalizes to /tmp/tempdir_name/existing_directory which does -+ # exist and is a dir, triggering the 301 redirect logic. -+ response = self.request(url) -+ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) -+ location = response.getheader('Location') -+ self.assertEqual(location, expected_location, msg='non-attack failed!') -+ -+ # //python.org... multi-slash prefix, no trailing slash -+ attack_url = f'/{url}' -+ response = self.request(attack_url) -+ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) -+ location = response.getheader('Location') -+ self.assertFalse(location.startswith('//'), msg=location) -+ self.assertEqual(location, expected_location, -+ msg='Expected Location header to start with a single / and ' -+ 'end with a / as this is a directory redirect.') -+ -+ # ///python.org... triple-slash prefix, no trailing slash -+ attack3_url = f'//{url}' -+ response = self.request(attack3_url) -+ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) -+ self.assertEqual(response.getheader('Location'), expected_location) -+ -+ # If the second word in the http request (Request-URI for the http -+ # method) is a full URI, we don't worry about it, as that'll be parsed -+ # and reassembled as a full URI within BaseHTTPRequestHandler.send_head -+ # so no errant scheme-less //netloc//evil.co/ domain mixup can happen. -+ attack_scheme_netloc_2slash_url = f'https://pypi.org/{url}' -+ expected_scheme_netloc_location = f'{attack_scheme_netloc_2slash_url}/' -+ response = self.request(attack_scheme_netloc_2slash_url) -+ self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY) -+ location = response.getheader('Location') -+ # We're just ensuring that the scheme and domain make it through, if -+ # there are or aren't multiple slashes at the start of the path that -+ # follows that isn't important in this Location: header. -+ self.assertTrue(location.startswith('https://pypi.org/'), msg=location) -+ - def test_get(self): - #constructs the path relative to the root directory of the HTTPServer - response = self.request(self.base_url + '/test') -diff --git a/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst b/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst -new file mode 100644 -index 000000000000..029d437190de ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst -@@ -0,0 +1,3 @@ -+:mod:`http.server`: Fix an open redirection vulnerability in the HTTP server -+when an URI path starts with ``//``. Vulnerability discovered, and initial -+fix proposed, by Hamza Avvan. diff --git a/meta/recipes-devtools/python/python3_3.8.13.bb b/meta/recipes-devtools/python/python3_3.8.14.bb similarity index 98% rename from meta/recipes-devtools/python/python3_3.8.13.bb rename to meta/recipes-devtools/python/python3_3.8.14.bb index d87abe2351..035eda9ecd 100644 --- a/meta/recipes-devtools/python/python3_3.8.13.bb +++ b/meta/recipes-devtools/python/python3_3.8.14.bb @@ -34,7 +34,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-python3-Do-not-hardcode-lib-for-distutils.patch \ file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \ file://makerace.patch \ - file://CVE-2021-28861.patch \ " SRC_URI_append_class-native = " \ @@ -43,8 +42,8 @@ SRC_URI_append_class-native = " \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[md5sum] = "c4b7100dcaace9d33ab1fda9a3a038d6" -SRC_URI[sha256sum] = "6f309077012040aa39fe8f0c61db8c0fa1c45136763299d375c9e5756f09cf57" +SRC_URI[md5sum] = "78710eed185b71f4198d354502ff62c9" +SRC_URI[sha256sum] = "5d77e278271ba803e9909a41a4f3baca006181c93ada682a5e5fe8dc4a24c5f3" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" From patchwork Thu Oct 13 16:36:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13861 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4F3EC43217 for ; Thu, 13 Oct 2022 16:37:27 +0000 (UTC) Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web12.98.1665679038266229915 for ; Thu, 13 Oct 2022 09:37:18 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=6cKVGT9k; spf=softfail (domain: sakoman.com, ip: 209.85.214.171, mailfrom: steve@sakoman.com) Received: by mail-pl1-f171.google.com with SMTP id i6so2264254pli.12 for ; Thu, 13 Oct 2022 09:37:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=5ZNYaK1I/R1fyrg+z/qp74cnuMP7dZV4dd/WUM1rg28=; b=6cKVGT9kWBUKZosY8N81V5KME/k+5o7tl+JRGDwTFK4aU0j+1346eqB1Edx8KUiKN8 2hk6Lv3l95xxuFfjhU4E/7CZNaSB54CMc0b/mjfq41cDyCxC+JXZ+rTcwf44Dr4SlVKe IQGn1VnpX1YYXYBAIhoheyDz46ooYhbNliM9LKbmZHJRYSl1B9yxVeJP1kd7XEh7KW0O cYJ4HIOkwzLkprZl5vggFf5foNfcURHrwnZCxzHBoOIPS5jyXKa8iecRpSbyHvVax9rL 9Gu2uYrD/yIDpKKGEo+n4ztTdKsIlhpLcUWU06dm8Y6XNrxr1meIbGvCBB7eV1tAus0E lT/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5ZNYaK1I/R1fyrg+z/qp74cnuMP7dZV4dd/WUM1rg28=; b=PbppmVpOApYYICRjxPYYksKcDJxEfhpE4Jx3vAhXvaml49TC955nkwzg9j5FpS3j/P 24Zn7BTIsSmF5MqVNvZgLerLeOqw9TYXtDNju4/XFnmL4Oe8sZRI9dV3cJHireddJlUq 6vu/7bTZlaWqn4DNONxhvztpxdSQ/Nb+y4yix9Y7OQ2VQsr2wzORrvQ1+rruRbt3PjEt 0Vsw6AzsXibE/kS6362ot5A8ih7abHtV8DXwsdVV7c52UNzo5noG7OOIpg6ZQcoTdAhE 41tRWPyKf5o/ibRn6lFNiyn8mSZ+Z5Sq6zJCgkDOvnAWIW1lGbWBIebz0R37Is0zLrof 1OYg== X-Gm-Message-State: ACrzQf2egK2aFo9G6cwYEj1Emw/5nEA4Ch6rxXFQZ7Sj+oi9iagXEUL/ 1nrZSESLZmTOPi9fgIcDUdogi9ZtVEhPm3fW X-Google-Smtp-Source: AMsMyM51lGW8fnyp+53dTch6ietLmNBHRD+FlLSyOn+PQQA6z5DBtsUuTHxc+U6nDpwgNGmPE0tD9A== X-Received: by 2002:a17:902:6945:b0:17b:f38b:900f with SMTP id k5-20020a170902694500b0017bf38b900fmr500377plt.85.1665679037366; Thu, 13 Oct 2022 09:37:17 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 4/9] selftest: skip virgl test on ubuntu 22.04 Date: Thu, 13 Oct 2022 06:36:51 -1000 Message-Id: <8f53bba4936b79dfe8dfa30216990b3d440150a7.1665678874.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171712 This test will fail any time the host has libdrm > 2.4.107 Signed-off-by: Steve Sakoman --- meta/lib/oeqa/selftest/cases/runtime_test.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py index df11984713..399727de49 100644 --- a/meta/lib/oeqa/selftest/cases/runtime_test.py +++ b/meta/lib/oeqa/selftest/cases/runtime_test.py @@ -191,6 +191,8 @@ class TestImage(OESelftestTestCase): self.skipTest('virgl isn\'t working with Fedora 36') if distro and distro == 'opensuseleap-15.0': self.skipTest('virgl isn\'t working with Opensuse 15.0') + if distro and distro == 'ubuntu-22.04': + self.skipTest('virgl isn\'t working with Ubuntu 22.04') qemu_packageconfig = get_bb_var('PACKAGECONFIG', 'qemu-system-native') sdl_packageconfig = get_bb_var('PACKAGECONFIG', 'libsdl2-native') From patchwork Thu Oct 13 16:36:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13862 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1046C43219 for ; Thu, 13 Oct 2022 16:37:27 +0000 (UTC) Received: from mail-pg1-f173.google.com (mail-pg1-f173.google.com [209.85.215.173]) by mx.groups.io with SMTP id smtpd.web12.99.1665679040425115657 for ; Thu, 13 Oct 2022 09:37:20 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=d1Q3sYNk; spf=softfail (domain: sakoman.com, ip: 209.85.215.173, mailfrom: steve@sakoman.com) Received: by mail-pg1-f173.google.com with SMTP id q9so1998136pgq.8 for ; Thu, 13 Oct 2022 09:37:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/sQFI7zHg3r9Cygft81jQbjxjdmuJgNKsH6y+ID50nw=; b=d1Q3sYNk6ruftPa7u59aWF/y1tXTmd46eXaWhSZA45Vn0fIZOMqMNif+NY93dLFXKf hQu2zAw4VBOXO4Gj4YuqJweTSzcT20XLkCDUDLIU6P60gd1cf8aD3Q24XqQYDRH5EwNH aYztkyNM0fdgN4ZD/GfDsI3Gv+JQbBxYg2fwU5vkGAH6KX+AafwjIju+XN3vsyYXN7uv aME9pED2FGUZ1JR13qwp1/VgIuhhDRdMNH5VdNm3M41OZn1m5W0YQpoKdRnc1J+LRsa1 JARXBZQb8jd6Hal+s9rwr+UeDKAUGdBDp2b9fENqAGr+4a096FVKXmqFviZLf30BEyCs gaag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/sQFI7zHg3r9Cygft81jQbjxjdmuJgNKsH6y+ID50nw=; b=nAlGorwPG1WAxpRw21U9jc4diKNBzu5YSTBVNPdz6R4IUB/YenOlaBw/1QAEGoJqiq brwVtdg+ZLt0ENezLNd0JndC57+4I5tRIgpc21+SqHAH4TWjzv4Vb5jDs6VJdJz3EsDq PpouKaB5axZh2ujTF++RBZJ4LfhqRfYiV5GqKCoNFhJGKAs6Ui2hyeCjQdRwreJXGLtY fhk8sFkjE9SllLJCku47r9AS90RPhPRNJt9e6MNT70/2pQmCRgkafWTPrk6hEkSJgnbl INq5tiXSrVaBqv/qNgD6FLIWhNZBf6S4SCDxX/D4eI46+bw/jI5j0r+88oWIVUzD2li+ 3W9A== X-Gm-Message-State: ACrzQf10kzFTdJXqi2XX8+PLWRvezsE6XbGM7QIyrlLo3RXKpkJlU4lp yCHGcjf9Tr5Cnda2MobErm4+JE3doR1/ZtmI X-Google-Smtp-Source: AMsMyM4nCwZg1MSR1Qdsfja7BCidc9fgtFXby+G5aq5dxaXxcANOvK91fvbNeQe4rtj7UP+W0/GsEQ== X-Received: by 2002:a63:715a:0:b0:462:e812:b54f with SMTP id b26-20020a63715a000000b00462e812b54fmr638117pgn.556.1665679039453; Thu, 13 Oct 2022 09:37:19 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:18 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 5/9] uninative: Upgrade to 3.7 to work with glibc 2.36 Date: Thu, 13 Oct 2022 06:36:52 -1000 Message-Id: <1ca9b676175d7efc72185fed5b09aba40ac0f669.1665678874.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171713 From: Michael Halstead Update uninative to work with the new glibc 2.36 version Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit 410226b053e14e32add1f9b4b811f84a1c445a7c) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index 411fe45a24..7012db441b 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -6,10 +6,10 @@ # to the distro running on the build machine. # -UNINATIVE_MAXGLIBCVERSION = "2.35" -UNINATIVE_VERSION = "3.6" +UNINATIVE_MAXGLIBCVERSION = "2.36" +UNINATIVE_VERSION = "3.7" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "d64831cf2792c8e470c2e42230660e1a8e5de56a579cdd59978791f663c2f3ed" -UNINATIVE_CHECKSUM[i686] ?= "2f0ee9b66b1bb2c85e2b592fb3c9c7f5d77399fa638d74961330cdb8de34ca3b" -UNINATIVE_CHECKSUM[x86_64] ?= "9bfc4c970495b3716b2f9e52c4df9f968c02463a9a95000f6657fbc3fde1f098" +UNINATIVE_CHECKSUM[aarch64] ?= "6a29bcae4b5b716d2d520e18800b33943b65f8a835eac1ff8793fc5ee65b4be6" +UNINATIVE_CHECKSUM[i686] ?= "3f6d52e64996570c716108d49f8108baccf499a283bbefae438c7266b7a93305" +UNINATIVE_CHECKSUM[x86_64] ?= "b110bf2e10fe420f5ca2f3ec55f048ee5f0a54c7e34856a3594e51eb2aea0570" From patchwork Thu Oct 13 16:36:53 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13863 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C107EC4167B for ; Thu, 13 Oct 2022 16:37:27 +0000 (UTC) Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com [209.85.215.170]) by mx.groups.io with SMTP id smtpd.web11.107.1665679042784880442 for ; Thu, 13 Oct 2022 09:37:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=ieKqDb+Y; spf=softfail (domain: sakoman.com, ip: 209.85.215.170, mailfrom: steve@sakoman.com) Received: by mail-pg1-f170.google.com with SMTP id q1so1989296pgl.11 for ; Thu, 13 Oct 2022 09:37:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ieyVa81OmSKc+vjUo9uLGLFQ4ouBbZ+SspQmILGqLqk=; b=ieKqDb+YCsZR4ef4sr3lrjVhg6UTtTpSvN7Fi2gVxLEmn2U9GM6E2Oi/InBZ6Myhfk YdSsX+irZrwJLECg8I0Rt6KkRCIAILE3kQqYabOZCP8L8vfYoJdbAYgq55aM9BBknmpK WgDRkp7YAu0VHcrjyuOMrltPFltNpQ5NdYm4+cpWucc3GneI/UCw44tioxuMQ5hTwyX4 t9tOrfuDHQOzU93z9GegjE/pGIu8I8/wenN+zL0tRF0n0aXx+y6+qsoCf/ZaIkei5osB OLIeNQZJnzC6muZh3GK6R2omo1ggXG7csvKdh37fwCTOExOUAvmGGmxkbgmGuxhdcX0Z mfpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ieyVa81OmSKc+vjUo9uLGLFQ4ouBbZ+SspQmILGqLqk=; b=jAqI883axRN1of4H98BMmGG5Jnmsejn3YE908qHZsljwfaVF66fEFUDV3vHt/ltGCz 2S1t059mZmo2R6V0dLgM2VzpBihVzkCbW/Ve3rpjaD6yP49LT81LMP0u56FWbL6RIoIR hN3cD4lxhSBqeg5pPmOnZeSubqPpEufSiul5tpw0jEUJ9mY8CbJTWayiBdWIf+R7IUJz aEiMR+xaFSDJJzTXvIl8KjRzIueY6YYYVDA1NXRhPGKNcfnaRG6Uzf5BLsy9fvJ4Qi/B HfvZCFW0hMqDFT3pKzrjotzSr6P50xVjoWPQB8YfzfqhDgA/LPS6SW4MSXOdSLeXf4BG J5oA== X-Gm-Message-State: ACrzQf12vW6Q7Fx8Ei9UjxF7X/8y4DwDX2Kvx45jXPVuz7Tm8U1lYVv2 AHBxY+1d4F5rSWYPGQAy7qldDRzgVM0+Xtzi X-Google-Smtp-Source: AMsMyM5guxQvKi/Yf6puZImm9NgttCWionM9xrWOF4UKwBf9s+Eg3MX3IQcz45ZaeXgEtzgJxSrm8Q== X-Received: by 2002:a65:6c11:0:b0:46a:eec8:19f7 with SMTP id y17-20020a656c11000000b0046aeec819f7mr653840pgu.478.1665679041817; Thu, 13 Oct 2022 09:37:21 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 6/9] externalsrc: git submodule--helper list unsupported Date: Thu, 13 Oct 2022 06:36:53 -1000 Message-Id: <6c50d83af0af677c2dff864ac40c580ae446372b.1665678874.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171714 From: John Edward Broadbent Git has removed support for "git submodule--helper list". https://github.com/git/git/commit/31955475d1c283120d5d84247eb3fd55d9f5fdd9 This change provides an alternate method for gathering the submodules information. Tested: Build recipes with and without submodules Signed-off-by: Carson Labrado Signed-off-by: John Edward Broadbent Signed-off-by: Richard Purdie (cherry picked from commit 6d9364e5f3535954f65cbbc694ee7933ac1d664f) Signed-off-by: Steve Sakoman --- meta/classes/externalsrc.bbclass | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass index 0e0a3ae89c..291fcf5653 100644 --- a/meta/classes/externalsrc.bbclass +++ b/meta/classes/externalsrc.bbclass @@ -225,15 +225,16 @@ def srctree_hash_files(d, srcdir=None): env['GIT_INDEX_FILE'] = tmp_index.name subprocess.check_output(['git', 'add', '-A', '.'], cwd=s_dir, env=env) git_sha1 = subprocess.check_output(['git', 'write-tree'], cwd=s_dir, env=env).decode("utf-8") - submodule_helper = subprocess.check_output(['git', 'submodule--helper', 'list'], cwd=s_dir, env=env).decode("utf-8") - for line in submodule_helper.splitlines(): - module_dir = os.path.join(s_dir, line.rsplit(maxsplit=1)[1]) - if os.path.isdir(module_dir): - proc = subprocess.Popen(['git', 'add', '-A', '.'], cwd=module_dir, env=env, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) - proc.communicate() - proc = subprocess.Popen(['git', 'write-tree'], cwd=module_dir, env=env, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL) - stdout, _ = proc.communicate() - git_sha1 += stdout.decode("utf-8") + if os.path.exists(".gitmodules"): + submodule_helper = subprocess.check_output(["git", "config", "--file", ".gitmodules", "--get-regexp", "path"], cwd=s_dir, env=env).decode("utf-8") + for line in submodule_helper.splitlines(): + module_dir = os.path.join(s_dir, line.rsplit(maxsplit=1)[1]) + if os.path.isdir(module_dir): + proc = subprocess.Popen(['git', 'add', '-A', '.'], cwd=module_dir, env=env, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + proc.communicate() + proc = subprocess.Popen(['git', 'write-tree'], cwd=module_dir, env=env, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL) + stdout, _ = proc.communicate() + git_sha1 += stdout.decode("utf-8") sha1 = hashlib.sha1(git_sha1.encode("utf-8")).hexdigest() with open(oe_hash_file, 'w') as fobj: fobj.write(sha1) From patchwork Thu Oct 13 16:36:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13859 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4F10C4332F for ; Thu, 13 Oct 2022 16:37:27 +0000 (UTC) Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web11.105.1665679032322272116 for ; Thu, 13 Oct 2022 09:37:24 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=sGvDVw7W; spf=softfail (domain: sakoman.com, ip: 209.85.210.182, mailfrom: steve@sakoman.com) Received: by mail-pf1-f182.google.com with SMTP id y1so2444498pfr.3 for ; Thu, 13 Oct 2022 09:37:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BEO3J0pe5bDbgmqmD2nPt4FEJu8QGvQ6GMg7BwmufFY=; b=sGvDVw7WcMjIuAcdfsj5ErXrfOFoaClYl7Zuqq14GsLDzj5WSqR2iJjQHV+xzfCwoL zqww49P6fIkT8DCXwHsvPUgRxkSWF0S0I8ziWNei/2RsCHjJIE5bSIZWNipgEDisXspe MLKa7YyVxPVnrF5vH7+AA3ekxim+E+lRtIml6nLqPRl9z9UFvFmsm6UdZyBDNPvZwIM1 gkYYQC5ongBB80eCbYUdcmd8+rPWOGA+qhs7N/0wt+KSSfuTieLWoXsI4ulpAT45y/3L hGq1a6vWvKtQJz1JBGBWRj9yz3Xbvb0I+EpkjOrD9g+1FD5rwySMXlOO+u35/yYH31A8 AY/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BEO3J0pe5bDbgmqmD2nPt4FEJu8QGvQ6GMg7BwmufFY=; b=ES2cnhyPxJCIuJl9NQfoJXowitBPchHUCGMlDlKRzC/AVoiJ2VLvkczpfQOw0B7VN9 mPzeS8voVJMldykGMl96GCuabg9cdWkP4qR03vtXzQl0iB+18klDD0WzkTTu4YLoHU9n wIulS5TB5zDD7dqr3vH6KYe7emcRamX4wCOkOztkY+zWF8/PI96ymUgRn56gKF17qspt BHGDrFixnfnnYN2fh0EjMfCy5wIGaThQGfq/u5vdc45XnPa3kXu9dwY5igIF/kYqR6qy ts2G5MsjGJNVRYV8lrYwEO5Y0rNSoM7SGsZ48K5LqZw30h8lLZEvzlqdY5kPztvOz2rQ 7CnQ== X-Gm-Message-State: ACrzQf2ub0ePHEACYDBd/gxFmcWuKiyQqX0GZ6CHkKS0qeOUwD22YUHc /emVKj64gytOHYihF6XfktQxv2gyrrgTsLnw X-Google-Smtp-Source: AMsMyM6ajSVWbd/FxUpUoQ1ZOvBIVinhvOUXmxuMk0rqeVnErfNHWIncVMcllpQA7WHwKfJdxz0O4A== X-Received: by 2002:a63:411:0:b0:460:34da:df2f with SMTP id 17-20020a630411000000b0046034dadf2fmr607542pge.401.1665679043957; Thu, 13 Oct 2022 09:37:23 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:23 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 7/9] qemu: Avoid accidental libvdeplug linkage Date: Thu, 13 Oct 2022 06:36:54 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171715 Avoid accidentally linking to the vde library from the host by adding a PACKAGECONFIG for the option. Signed-off-by: Steve Sakoman Signed-off-by: Richard Purdie (cherry picked from commit 8839e9540528b0b46c4fb4f95e508f038bcef8b9) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 3c0b34d851..cdd615997f 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -275,6 +275,7 @@ PACKAGECONFIG[capstone] = "--enable-capstone,--disable-capstone" # libnfs is currently provided by meta-kodi PACKAGECONFIG[libnfs] = "--enable-libnfs,--disable-libnfs,libnfs" PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi" +PACKAGECONFIG[vde] = "--enable-vde,--disable-vde" INSANE_SKIP_${PN} = "arch" From patchwork Thu Oct 13 16:36:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13860 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5DE4C433FE for ; Thu, 13 Oct 2022 16:37:27 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web12.101.1665679047053060728 for ; Thu, 13 Oct 2022 09:37:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=lUqrV9+B; spf=softfail (domain: sakoman.com, ip: 209.85.214.176, mailfrom: steve@sakoman.com) Received: by mail-pl1-f176.google.com with SMTP id l4so2287648plb.8 for ; Thu, 13 Oct 2022 09:37:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MemJ3K4bCmL1aC5Hk11AbAEUwYIt8rWpMr8WzXcSQTg=; b=lUqrV9+Bq3sggu1nb3fFCLoH27xCpvkPExdavXA/QQlqwdkbksxeVqcUxFDA9UYFWr TXOUfrnSWknKw+t52GcYDYenD+oiRPZjL0dM3L+lspiUbNxcwRMAwnnVOBLvuuuLKubf fl6TIaPecpE5s/TgbwVTL/9ATGjqADEg4qCOM78kNW3KQFj7JqSBBo0FfS+uWpm2sG+I l9OLNLb9t98whMjf1taIblOhoYexw0OEM04wglg6Vfn7Ngc965rtG+VjzZ9XlqCLeRHx YDFhqLvipUGKQbA4Mx8xGlwHQTx4KQ6wpBgRdgrS2OW7YbcBL0UG01bWObSAs6kAPM2O slLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MemJ3K4bCmL1aC5Hk11AbAEUwYIt8rWpMr8WzXcSQTg=; b=Z8spS+Vr+vZ0OFoSnM8jHFFON4VCosnu/ygRKr7hmbcrxU5CbofPMEQM4KQZC1NNpL mTc+DbvvHuXm2opbRGg/eFtlPrWULIks+i2+nwmSy25Pe2ovg2ad1Lilkd1HQZKmjVgU 9ZlKdI2XpwcCXY+L3QJ8oubCb47FCosuLL/bh1/QYF2Jga3HalwGQgQAegEHmqU47BM0 W5MpllH75lpwf0yrPNAI2xpzuoeFqa7eeJxifEXkQOFiVv8JutY/NG8qoXTL6JfeSNgP WT1J7Jj/z323zfj3IWRLbzTgkwCeXdP++PD/R/E1ccut+PMqIlANEJXH0QiervjY8s8V 1/3g== X-Gm-Message-State: ACrzQf31GvmMfxIsjFkWoP+xLNkSP/bSpx9UZgveNEd37oCJICK9N3Gy TMUZEaBWpAxzpfNBhAObjtoEyKB5o5ccdr8H X-Google-Smtp-Source: AMsMyM46DbN9YMa1yvD7Y5mriIPQmdJxbmruDAPI7IU0d4TRLJirJxLI0uYOpEZHe3N5YUoY/AmpKg== X-Received: by 2002:a17:902:e88b:b0:17f:93a4:e31b with SMTP id w11-20020a170902e88b00b0017f93a4e31bmr585413plg.51.1665679046118; Thu, 13 Oct 2022 09:37:26 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:25 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 8/9] qemu: Add PACKAGECONFIG for rbd Date: Thu, 13 Oct 2022 06:36:55 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171716 Avoid accidentally linking to the rbd library from the host by adding a PACKAGECONFIG for the option. Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index cdd615997f..d85db8f800 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -276,6 +276,7 @@ PACKAGECONFIG[capstone] = "--enable-capstone,--disable-capstone" PACKAGECONFIG[libnfs] = "--enable-libnfs,--disable-libnfs,libnfs" PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi" PACKAGECONFIG[vde] = "--enable-vde,--disable-vde" +PACKAGECONFIG[rbd] = "--enable-rbd,--disable-rbd" INSANE_SKIP_${PN} = "arch" From patchwork Thu Oct 13 16:36:56 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 13864 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE101C433FE for ; Thu, 13 Oct 2022 16:37:37 +0000 (UTC) Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) by mx.groups.io with SMTP id smtpd.web09.87.1665679048953606531 for ; Thu, 13 Oct 2022 09:37:29 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=5QwGHMBm; spf=softfail (domain: sakoman.com, ip: 209.85.215.180, mailfrom: steve@sakoman.com) Received: by mail-pg1-f180.google.com with SMTP id bh13so2015187pgb.4 for ; Thu, 13 Oct 2022 09:37:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=bj/rwof5eVqhhCFdwG+vXFMcLMTHMCRmQJbZDzoqR2g=; b=5QwGHMBmncNm3OoxYK6zvOOJBiimXxySBYlCgOiMBE6dMshG7JUskkDZfakyaBZ5yz ijBhF8vXlo7DEO93gwOXzHw/Dzt2KTPDiFQiqnYCF12kTqzZWWUqcyUBEnUf+B34d2ev aiZMRrVKeoEibaGA4U170TFwrUpGFRHRQLc8RmV+a/hBlfdsiMGhMRjO00cxPzdjeamz KhoFDtHIB+9KGVBRRkkXRR7RuKVFoEDhYzf/c1XJ7ynttiQDCyEgXUuq6um3QtrPiaGZ Z0YKE+qSlbKcA8LKRpJQpKJtut74qTAFi9KTLwz/jzN4OXxgP1DggK7uz7t6ZobUSUiX zemg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bj/rwof5eVqhhCFdwG+vXFMcLMTHMCRmQJbZDzoqR2g=; b=s3jLlV0UWPVStYUG6vz+k66CUo6PGn+Q4RGR9tpVe5qHX/xxMSf2K3SWZUszryoR4J Ah936br1qcopeQBSXsirP9ZszPhqhQstBQ9Z3K29Cw7W9ZsvKiPfRLc4EPsgA3HE5Zri sVM/PzWT4MxJlBNumX+Z1eXVmg+pHvSSEgvQsULFSIXp4tpTdxviSo6gobQOU5/la+xp Psj06L6f4I9Qxcpwk5Jl87vL1vK3QS+Q25OZ+MKcDF8M5FdWUM3Dpnjtf3c+uY5L5wAz ArqzX8kbQSIDci06u/ZgPrQR7OVm1/7Bu1FqBQd8ky4JYCsZPX9JZj4HpjtsBE3/u358 E3Gg== X-Gm-Message-State: ACrzQf3aPlxM3w4nf4NJRta6nzhxUfH3QGhSkpZ+V774HvL74fvoeLO3 X4O9zndziov95fol7vbOQtRBCcFAz4MZaQEC X-Google-Smtp-Source: AMsMyM4fdGLXhREuMOF4SmU4we/FkUUvVYkej5amoq+GuBHTex6RgoGqa9cxKJ+JAJo3gHrSCzYF9g== X-Received: by 2002:a05:6a00:1d26:b0:54e:8c81:9f64 with SMTP id a38-20020a056a001d2600b0054e8c819f64mr385220pfx.58.1665679047996; Thu, 13 Oct 2022 09:37:27 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id d29-20020a634f1d000000b0043a09d5c32bsm3460615pgb.74.2022.10.13.09.37.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Oct 2022 09:37:27 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 9/9] qemu: Avoid accidental librdmacm linkage Date: Thu, 13 Oct 2022 06:36:56 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 13 Oct 2022 16:37:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/171717 From: Richard Purdie Avoid accidentally linking to the rdma library from the host by adding a PACKAGECONFIG for the option. This was found on new Fedora 36 autobuilder workers. Signed-off-by: Richard Purdie (cherry picked from commit 2a0f3cb225e4d5471155abbcd05d09bd6bf1620f) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index d85db8f800..28caefef07 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -277,6 +277,7 @@ PACKAGECONFIG[libnfs] = "--enable-libnfs,--disable-libnfs,libnfs" PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi" PACKAGECONFIG[vde] = "--enable-vde,--disable-vde" PACKAGECONFIG[rbd] = "--enable-rbd,--disable-rbd" +PACKAGECONFIG[rdma] = "--enable-rdma,--disable-rdma" INSANE_SKIP_${PN} = "arch"