From patchwork Sat Nov 12 14:09:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15371 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A333EC43219 for ; Sat, 12 Nov 2022 14:10:19 +0000 (UTC) Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com [209.85.215.182]) by mx.groups.io with SMTP id smtpd.web11.2914.1668262209303418385 for ; Sat, 12 Nov 2022 06:10:09 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=QyY3FXKf; spf=softfail (domain: sakoman.com, ip: 209.85.215.182, mailfrom: steve@sakoman.com) Received: by mail-pg1-f182.google.com with SMTP id f3so144839pgc.2 for ; Sat, 12 Nov 2022 06:10:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZMqEvf83jTTHbZq8r3QSPpvvEGMqZRKpzL4R9wJgEAU=; b=QyY3FXKfALWTUDsNSVUJ+fOTF+4GglYmk783HvysojUwXbZnnWey7XOAgCYatLva9L YP8C3+sYyMpWqBxktET/HUtzMrmKg3zu8V6n2HtWJcF9acZ6axi3mWWe4EzYrVp47OOQ EeLh6f/Es+NH8TkuhqirvIfaVGK43i2ZwX2NvcjT2Uim9cwzxl0yOEUcAlB+Z37FPmZD oDiTfMJ3YvpJyommsQw05UIhzSEKz4xmk40+2Tn6YbOigC2D4dkE6PZg9RNmTNG40qIr PRjaUInXODKs3GpQpLEDBL7g1QGImb6LIkoP05vNEKSNBMBmEUuxUCJ6gGNwiTuw5K/Z IR0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZMqEvf83jTTHbZq8r3QSPpvvEGMqZRKpzL4R9wJgEAU=; b=WVLekxeLmgC0zYMjpeXp24iOW6rJwpUReDLaA7/g9XPqV4d8p7O5LlYDh+KTGQJBmI xmYWTdfflfk33gXmBRnurkgp2irRIFj0+dZ5gWpQiSMo4Iy2c3dXP+BFq72GbhotVqW6 6YudIqyp49Rxo1rYKDoDHHRqIp2QWq6vtEEWkTNN7noFx3hlzmhUjp+80ecxH9sJLzdF aRRCQagh3M80aH05thVRwRNqyfwGvJUtSK13D51VyG2PhvqBHKUv19vDOTkK1VImmIVN 3DSJZbgzuikhV/EI0mInIfIcYUAtuVy/OnAwmrwKl8zj+g7CXw+XBSpOtkAMqpDGgTlC FAVA== X-Gm-Message-State: ANoB5plcnw5mxoW8xnJDnUM+C4bK68/N+ZdF/g2zXwnYDQ5K9MhLWed3 S6c3g6ZkJdUHJWvyhKt6Uvefz+IXiowIWXme X-Google-Smtp-Source: AA0mqf7dXEsJpZHRCQh0e3RORwgAcIrYA7yooUEewQ0MELIQfaxIQDYgVzd8HgHSwoNmw30N9Si9gg== X-Received: by 2002:a63:4d43:0:b0:41d:c892:2e9 with SMTP id n3-20020a634d43000000b0041dc89202e9mr5457532pgl.457.1668262208257; Sat, 12 Nov 2022 06:10:08 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:07 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 01/11] bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c Date: Sat, 12 Nov 2022 04:09:49 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173150 From: Hitendra Prajapati Upstream-Status: Backport from https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/monitor/jlink.c?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/bluez5/bluez5.inc | 1 + .../bluez5/bluez5/CVE-2022-3637.patch | 39 +++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index 7ad054b3a7..a71d339928 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc @@ -58,6 +58,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ file://CVE-2021-3658.patch \ file://CVE-2022-0204.patch \ file://CVE-2022-39176.patch \ + file://CVE-2022-3637.patch \ " S = "${WORKDIR}/bluez-${PV}" diff --git a/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch b/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch new file mode 100644 index 0000000000..4ca60f99d5 --- /dev/null +++ b/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch @@ -0,0 +1,39 @@ +From b808b2852a0b48c6f9dbb038f932613cea3126c2 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Thu, 27 Oct 2022 09:51:27 +0530 +Subject: [PATCH] CVE-2022-3637 + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/monitor/jlink.c?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f] +CVE: CVE-2022-3637 +Signed-off-by: Hitendra Prajapati + +monitor: Fix crash when using RTT backend + +This fix regression introduced by "monitor: Fix memory leaks". +J-Link shared library is in use if jlink_init() returns 0 and thus +handle shall not be closed. +--- + monitor/jlink.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/monitor/jlink.c b/monitor/jlink.c +index afa9d93..5bd4aed 100644 +--- a/monitor/jlink.c ++++ b/monitor/jlink.c +@@ -120,9 +120,12 @@ int jlink_init(void) + !jlink.tif_select || !jlink.setspeed || + !jlink.connect || !jlink.getsn || + !jlink.emu_getproductname || +- !jlink.rtterminal_control || !jlink.rtterminal_read) ++ !jlink.rtterminal_control || !jlink.rtterminal_read) { ++ dlclose(so); + return -EIO; ++ } + ++ /* don't dlclose(so) here cause symbols from it are in use now */ + return 0; + } + +-- +2.25.1 + From patchwork Sat Nov 12 14:09:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15372 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9419C4321E for ; Sat, 12 Nov 2022 14:10:19 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web09.2952.1668262211491441149 for ; Sat, 12 Nov 2022 06:10:11 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=Cj/urVWI; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id k15so7222462pfg.2 for ; Sat, 12 Nov 2022 06:10:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=YF9yRHSO2XAgo8lgNMn2QzQQPj3QmYnwUAuUGuCVcFE=; b=Cj/urVWIR8OXfvEt/3K66BkuCn+A2arP4UgbzfgVEg8T1P4KYAHuRpqlzTkTyyDNSt i3ulT4nTqD7RYaqTotnV81lPFmqLW/qC0O7JL/nhuJa2YJfITz9Dx1C/pC+aasNM2t1y PVUo54K3Nr0NA2FG5Vb9SC/aHVyteyZ6/Pk40bjkShky8XlVSXcgr3Od+wlqbpoVtFA9 wDY+b+hrtuF8B5+fJETigNZjOJps0+DS9BHPOVP4XSBmiEONxv3LjkOdhGo7pcyYFjzt aDJPvBTqshflvH/OesFwDqmy28fCugPdS5Lsv3s9P0jTMSZ5mP5XaElkPQiwJK2axlmO 4QOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YF9yRHSO2XAgo8lgNMn2QzQQPj3QmYnwUAuUGuCVcFE=; b=fljXQ554UD/PygKETjT6r+ibTI7HoVjs4Oe/NZF3DEiisOuNdtoy6ip83iyYf25un1 k4mxaDJYookGElZV/tDSKl8AKwLEHe0xPk5k48ZJVkldZCaX3CnCE+43MX1dnzT7kij3 m2cYYqXirHPRu5Mr0kmL1M43dJtrO7irVNuiUKyKAhGETLnpJ6aXeUx6RuHZinoKAw0A 6fb3t1pjE2roVbXOaVIrIbHdaEAPIQvGMBxYuhwJo/l2uE3Jplns4pWPFeQdockbJZx/ gaJAl4bbxRwz5fOAlRSg5DIrwN9jBzIQ+0j2h2Acckj7BnmwXGlFcwn9t4FnLX+U6Z9q B5NA== X-Gm-Message-State: ANoB5pkaID7jF8HfJiYR9z53gXS8aOqyUE05QAbphP/Eww/A2dkFjzpN nmTJhjCuqW8UdXZeQ5xzuhpzffy+XcEBbhyk X-Google-Smtp-Source: AA0mqf5ba7qFAGAX87+UDAvpWKqLKNP9SZ3nIqYSEgUGHKIF32TNMXKfFCg3Hxy2CpRSoosA4BpEVg== X-Received: by 2002:a63:e714:0:b0:46f:13b0:25ea with SMTP id b20-20020a63e714000000b0046f13b025eamr5604664pgi.291.1668262210251; Sat, 12 Nov 2022 06:10:10 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:09 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 02/11] go: Security Fix for CVE-2022-2879 Date: Sat, 12 Nov 2022 04:09:50 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173151 From: Sunil Kumar archive/tar: limit size of headers Set a 1MiB limit on special file blocks (PAX headers, GNU long names, GNU link names), to avoid reading arbitrarily large amounts of data into memory. Link: https://github.com/golang/go/commit/0a723816cd2 Signed-off-by: Sunil Kumar Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2022-2879.patch | 111 ++++++++++++++++++ 2 files changed, 112 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 3341beb159..e8ff1c4ec9 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -42,6 +42,7 @@ SRC_URI += "\ file://0003-CVE-2022-32190.patch \ file://0004-CVE-2022-32190.patch \ file://CVE-2022-2880.patch \ + file://CVE-2022-2879.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch b/meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch new file mode 100644 index 0000000000..ea04a82d16 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch @@ -0,0 +1,111 @@ +From 9d339f1d0f53c4116a7cb4acfa895f31a07212ee Mon Sep 17 00:00:00 2001 +From: Damien Neil +Date: Fri, 2 Sep 2022 20:45:18 -0700 +Subject: [PATCH] archive/tar: limit size of headers + +Set a 1MiB limit on special file blocks (PAX headers, GNU long names, +GNU link names), to avoid reading arbitrarily large amounts of data +into memory. + +Thanks to Adam Korczynski (ADA Logics) and OSS-Fuzz for reporting +this issue. + +Fixes CVE-2022-2879 +Updates #54853 +Fixes #55926 + +Change-Id: I85136d6ff1e0af101a112190e027987ab4335680 +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1565555 +Reviewed-by: Tatiana Bradley +Run-TryBot: Roland Shoemaker +Reviewed-by: Roland Shoemaker +(cherry picked from commit 6ee768cef6b82adf7a90dcf367a1699ef694f3b2) +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1591053 +Reviewed-by: Julie Qiu +Reviewed-by: Damien Neil +Reviewed-on: https://go-review.googlesource.com/c/go/+/438498 +TryBot-Result: Gopher Robot +Reviewed-by: Dmitri Shuralyov +Reviewed-by: Carlos Amedee +Reviewed-by: Dmitri Shuralyov +Run-TryBot: Carlos Amedee + +Upstream-Status: Backport [https://github.com/golang/go/commit/0a723816cd2] +CVE: CVE-2022-2879 +Signed-off-by: Sunil Kumar +--- + src/archive/tar/format.go | 4 ++++ + src/archive/tar/reader.go | 14 ++++++++++++-- + src/archive/tar/writer.go | 3 +++ + 3 files changed, 19 insertions(+), 2 deletions(-) + +diff --git a/src/archive/tar/format.go b/src/archive/tar/format.go +index cfe24a5..6642364 100644 +--- a/src/archive/tar/format.go ++++ b/src/archive/tar/format.go +@@ -143,6 +143,10 @@ const ( + blockSize = 512 // Size of each block in a tar stream + nameSize = 100 // Max length of the name field in USTAR format + prefixSize = 155 // Max length of the prefix field in USTAR format ++ ++ // Max length of a special file (PAX header, GNU long name or link). ++ // This matches the limit used by libarchive. ++ maxSpecialFileSize = 1 << 20 + ) + + // blockPadding computes the number of bytes needed to pad offset up to the +diff --git a/src/archive/tar/reader.go b/src/archive/tar/reader.go +index 4f9135b..e996595 100644 +--- a/src/archive/tar/reader.go ++++ b/src/archive/tar/reader.go +@@ -104,7 +104,7 @@ func (tr *Reader) next() (*Header, error) { + continue // This is a meta header affecting the next header + case TypeGNULongName, TypeGNULongLink: + format.mayOnlyBe(FormatGNU) +- realname, err := ioutil.ReadAll(tr) ++ realname, err := readSpecialFile(tr) + if err != nil { + return nil, err + } +@@ -294,7 +294,7 @@ func mergePAX(hdr *Header, paxHdrs map[string]string) (err error) { + // parsePAX parses PAX headers. + // If an extended header (type 'x') is invalid, ErrHeader is returned + func parsePAX(r io.Reader) (map[string]string, error) { +- buf, err := ioutil.ReadAll(r) ++ buf, err := readSpecialFile(r) + if err != nil { + return nil, err + } +@@ -827,6 +827,16 @@ func tryReadFull(r io.Reader, b []byte) (n int, err error) { + return n, err + } + ++// readSpecialFile is like ioutil.ReadAll except it returns ++// ErrFieldTooLong if more than maxSpecialFileSize is read. ++func readSpecialFile(r io.Reader) ([]byte, error) { ++ buf, err := ioutil.ReadAll(io.LimitReader(r, maxSpecialFileSize+1)) ++ if len(buf) > maxSpecialFileSize { ++ return nil, ErrFieldTooLong ++ } ++ return buf, err ++} ++ + // discard skips n bytes in r, reporting an error if unable to do so. + func discard(r io.Reader, n int64) error { + // If possible, Seek to the last byte before the end of the data section. +diff --git a/src/archive/tar/writer.go b/src/archive/tar/writer.go +index e80498d..893eac0 100644 +--- a/src/archive/tar/writer.go ++++ b/src/archive/tar/writer.go +@@ -199,6 +199,9 @@ func (tw *Writer) writePAXHeader(hdr *Header, paxHdrs map[string]string) error { + flag = TypeXHeader + } + data := buf.String() ++ if len(data) > maxSpecialFileSize { ++ return ErrFieldTooLong ++ } + if err := tw.writeRawFile(name, data, flag, FormatPAX); err != nil || isGlobal { + return err // Global headers return here + } +-- +2.7.4 From patchwork Sat Nov 12 14:09:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15370 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B1E51C43217 for ; Sat, 12 Nov 2022 14:10:19 +0000 (UTC) Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) by mx.groups.io with SMTP id smtpd.web09.2953.1668262213238848055 for ; Sat, 12 Nov 2022 06:10:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=aYzyA8Hl; spf=softfail (domain: sakoman.com, ip: 209.85.215.181, mailfrom: steve@sakoman.com) Received: by mail-pg1-f181.google.com with SMTP id e129so6545895pgc.9 for ; Sat, 12 Nov 2022 06:10:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=h4XKkeJR1dh/jg4UFfsgiizqK2IqPcfvDxZaqYGc1Ag=; b=aYzyA8Hlt69kT1xoqziidfAy+VlFFjCzLNuv3EhzUctBJ58IWK/N9RgV7eJ/6JA+6V ebm/JtqVfSg1sY3puhCgz4MEVrIBoyfSeSnY75xODNKO+85JopgtChXAQbXDBqUqsgm0 6lnCZWe+EvmtDzcwae0Kt8Y+WmJr7dFZLNEod1Jr/RaWuldNxYmM9xF8CJiwb9AGl8ea eSgZ1sYqk0OQcZjleLS250gcK4c9iWtsZ5GPEHhVqSzDheOXjv5ViWKrEqOZJgjWaeiD 4v++uXPD1f53UiAnye3gO1+zE3T9MkAsD+hu4wuQVd1UM+GVUwOdAVOosY3ei54stOdY Gd5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h4XKkeJR1dh/jg4UFfsgiizqK2IqPcfvDxZaqYGc1Ag=; b=Qu+XKRgstPcddy9Zj3kdysg6kM0p5/ZkLwDfOpBuqQadZ2EF3/cCcWCnQDysGxenia a3RmANoUJ8QPlWODiqx8uTIY+0ohsEX2Mqt9X3U9C6uY2VlYKHMmGQlxER5st75LHz6j EWeyRDbEanKAwFsc/z9M9vo6Ur4WeS2/6NgmzMtDfQy2HY7YMH2BbX2ra2GKSbdr1Fu4 uR4TQUeP+/y8Tbkors7V6MASU2jEXmOmc6DlQu2eOvg82VUdFl0dKPx9w70fHgTZ3nnn 1gLGAxaRFpv+1Ct/5dZHvaFbyMR8Q9dFw1RhznM8zoAWX/f2lbZm3TqBdYB2OAybLjJH 720Q== X-Gm-Message-State: ANoB5plbrtEA2ZuF3RQAg9pQflW++xc/l9oumb6YsuyAfLiP3J9Rvm9H g0pPmsGVJ7Ttq6/61+9MrMkTtVNRJtqMrFsL X-Google-Smtp-Source: AA0mqf45NoWHIl8Z7kZCnVVFn+1TTSgqizJHY2aPcyVC9y4x8FTjyde8/igyXMc4yfaIdwpR5bJxCQ== X-Received: by 2002:a62:7b53:0:b0:56b:83d3:a22 with SMTP id w80-20020a627b53000000b0056b83d30a22mr7106259pfc.32.1668262212200; Sat, 12 Nov 2022 06:10:12 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:11 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 03/11] curl: fix CVE-2022-32221 POST following PUT Date: Sat, 12 Nov 2022 04:09:51 -1000 Message-Id: <9af175e122acb93a412ad7a099f0eaa793a1c097.1668262073.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173152 From: Vivek Kumbhar Upstream-Status: Backport from https://github.com/curl/curl/commit/a64e3e59938abd7d6 Signed-off-by: Vivek Kumbhar Signed-off-by: Steve Sakoman --- .../curl/curl/CVE-2022-32221.patch | 29 +++++++++++++++++++ meta/recipes-support/curl/curl_7.69.1.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch diff --git a/meta/recipes-support/curl/curl/CVE-2022-32221.patch b/meta/recipes-support/curl/curl/CVE-2022-32221.patch new file mode 100644 index 0000000000..8e662abd3a --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-32221.patch @@ -0,0 +1,29 @@ +From 75c04a3e75e8e3025a17ca3033ca307da9691cd0 Mon Sep 17 00:00:00 2001 +From: Vivek Kumbhar +Date: Fri, 11 Nov 2022 10:49:58 +0530 +Subject: [PATCH] CVE-2022-32221 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/a64e3e59938abd7d6] +CVE: CVE-2022-32221 +Signed-off-by: Vivek Kumbhar + +setopt: when POST is set, reset the 'upload' field. +--- + lib/setopt.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/setopt.c b/lib/setopt.c +index bebb2e4..4d96f6b 100644 +--- a/lib/setopt.c ++++ b/lib/setopt.c +@@ -486,6 +486,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) + } + else + data->set.httpreq = HTTPREQ_GET; ++ data->set.upload = FALSE; + break; + + case CURLOPT_COPYPOSTFIELDS: +-- +2.25.1 + diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index ed37094049..31aa9d7185 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb @@ -39,6 +39,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://CVE-2022-32207.patch \ file://CVE-2022-32208.patch \ file://CVE-2022-35252.patch \ + file://CVE-2022-32221.patch \ " SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" From patchwork Sat Nov 12 14:09:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15369 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0609C433FE for ; Sat, 12 Nov 2022 14:10:19 +0000 (UTC) Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) by mx.groups.io with SMTP id smtpd.web09.2953.1668262213238848055 for ; Sat, 12 Nov 2022 06:10:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=mubkYVUN; spf=softfail (domain: sakoman.com, ip: 209.85.215.181, mailfrom: steve@sakoman.com) Received: by mail-pg1-f181.google.com with SMTP id e129so6545952pgc.9 for ; Sat, 12 Nov 2022 06:10:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=yacir9Yg22WFpBSDCUkSSTRgtEUU7ApTjGvv8pkD1y0=; b=mubkYVUNO/M5ZNI/CKQ1WAKgJFkTrv0eALbVzEoaJlYCyzIjhtYDYfEx0uC5LiKumk E16sgL8qn9JJS8KE+obVvCFOPtPMrFgy95RggDqktx5eFivWko/tEgmo/VsfvFKRrSwi zaXFKYrZ1krWCUsQMDzjJ5qJvGCAvBXXdKQpe+4mNPKkiKUsZmWyTu+Zldb1zDUaCzEX 1EVltM69zl6rJ54Ger7P7EN70NeM8ndPZWjlrKHdIxBrrWRGZf82zVDW0xaYfNnvi0Px MjE0MYe/utYLdaNaubFKCjh2M3xg+6B0eqRkwx0bH7OXTZ23JW70StxnowRX6MJ9ENNu zZTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yacir9Yg22WFpBSDCUkSSTRgtEUU7ApTjGvv8pkD1y0=; b=qgNiOstm1/zIzk+xDQJWE7vPnT5mV42ZSoJ0s4iAXtV4b55E4DzjrjCVNDdZlaI9gU PKEioWZ0fvJsbwgyMK5B854+bTy9BoyXy1yseHqlCuyZxMPK/etj5UTcUlzIOMarrPRE xt2l0r6QXMyUqRSIgRUMON7dbnfkL3G0hjoIUSO3mflqdRNVKD7ww8qN9tth7384FvSM njFT+6vgESlruXggmfEUwKovGigq6KAcP0kN9tZD6bMb51DtpgBFgB0Fx/fILS0PNL4G Aww2eTo/ZD7ZRlMKxd3cr5eretSkrUwWl//N+xC5YJFSRJNrWXdov/i+khoMBM3j2yR1 Lu4Q== X-Gm-Message-State: ANoB5pnkVbSJciaIFCDK71tjNPDNsMX9naS5214knorIg9kSOPea284E UHPLr2S/ryIl4ThneE3wwGeBBvldYDaTUNKU X-Google-Smtp-Source: AA0mqf7WHMtQgOBlPxuaCRV1T+QJeeQEr17vTv3s01cFRh0R+QY0GYiJmYVY7DlyXPSfRDfi++VU4A== X-Received: by 2002:aa7:8a41:0:b0:561:70b3:6a6 with SMTP id n1-20020aa78a41000000b0056170b306a6mr7091877pfa.25.1668262214110; Sat, 12 Nov 2022 06:10:14 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:13 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 04/11] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write Date: Sat, 12 Nov 2022 04:09:52 -1000 Message-Id: <8b5d38abdbfd3bdeb175c793b4d33f9054e89f77.1668262073.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173153 From: Vivek Kumbhar Upstream-Status: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html Signed-off-by: Vivek Kumbhar Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-3638.patch | 80 +++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 28caefef07..764f948a28 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -112,6 +112,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2022-0216-1.patch \ file://CVE-2022-0216-2.patch \ file://CVE-2021-3750.patch \ + file://CVE-2021-3638.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch new file mode 100644 index 0000000000..6e7af8540a --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch @@ -0,0 +1,80 @@ +From b68d13531d8882ba66994b9f767b6a8f822464f3 Mon Sep 17 00:00:00 2001 +From: Vivek Kumbhar +Date: Fri, 11 Nov 2022 12:43:26 +0530 +Subject: [PATCH] CVE-2021-3638 + +Upstream-Status: Backport [https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html] +CVE: CVE-2021-3638 +Signed-off-by: Vivek Kumbhar + +When building QEMU with DEBUG_ATI defined then running with +'-device ati-vga,romfile="" -d unimp,guest_errors -trace ati\*' +we get: + + ati_mm_write 4 0x16c0 DP_CNTL <- 0x1 + ati_mm_write 4 0x146c DP_GUI_MASTER_CNTL <- 0x2 + ati_mm_write 4 0x16c8 DP_MIX <- 0xff0000 + ati_mm_write 4 0x16c4 DP_DATATYPE <- 0x2 + ati_mm_write 4 0x224 CRTC_OFFSET <- 0x0 + ati_mm_write 4 0x142c DST_PITCH_OFFSET <- 0xfe00000 + ati_mm_write 4 0x1420 DST_Y <- 0x3fff + ati_mm_write 4 0x1410 DST_HEIGHT <- 0x3fff + ati_mm_write 4 0x1588 DST_WIDTH_X <- 0x3fff3fff + ati_2d_blt: vram:0x7fff5fa00000 addr:0 ds:0x7fff61273800 stride:2560 bpp:32 +rop:0xff + ati_2d_blt: 0 0 0, 0 127 0, (0,0) -> (16383,16383) 16383x16383 > ^ + ati_2d_blt: pixman_fill(dst:0x7fff5fa00000, stride:254, bpp:8, x:16383, +y:16383, w:16383, h:16383, xor:0xff000000) + Thread 3 "qemu-system-i38" received signal SIGSEGV, Segmentation fault. + (gdb) bt + #0 0x00007ffff7f62ce0 in sse2_fill.lto_priv () at /lib64/libpixman-1.so.0 + #1 0x00007ffff7f09278 in pixman_fill () at /lib64/libpixman-1.so.0 + #2 0x0000555557b5a9af in ati_2d_blt (s=0x631000028800) at +hw/display/ati_2d.c:196 + #3 0x0000555557b4b5a2 in ati_mm_write (opaque=0x631000028800, addr=5512, +data=1073692671, size=4) at hw/display/ati.c:843 + #4 0x0000555558b90ec4 in memory_region_write_accessor (mr=0x631000039cc0, +addr=5512, ..., size=4, ...) at softmmu/memory.c:492 + +Commit 584acf34cb0 ("ati-vga: Fix reverse bit blts") introduced +the local dst_x and dst_y which adjust the (x, y) coordinates +depending on the direction in the SRCCOPY ROP3 operation, but +forgot to address the same issue for the PATCOPY, BLACKNESS and +WHITENESS operations, which also call pixman_fill(). + +Fix that now by using the adjusted coordinates in the pixman_fill +call, and update the related debug printf(). +--- + hw/display/ati_2d.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c +index 4dc10ea7..692bec91 100644 +--- a/hw/display/ati_2d.c ++++ b/hw/display/ati_2d.c +@@ -84,7 +84,7 @@ void ati_2d_blt(ATIVGAState *s) + DPRINTF("%d %d %d, %d %d %d, (%d,%d) -> (%d,%d) %dx%d %c %c\n", + s->regs.src_offset, s->regs.dst_offset, s->regs.default_offset, + s->regs.src_pitch, s->regs.dst_pitch, s->regs.default_pitch, +- s->regs.src_x, s->regs.src_y, s->regs.dst_x, s->regs.dst_y, ++ s->regs.src_x, s->regs.src_y, dst_x, dst_y, + s->regs.dst_width, s->regs.dst_height, + (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ? '>' : '<'), + (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ? 'v' : '^')); +@@ -180,11 +180,11 @@ void ati_2d_blt(ATIVGAState *s) + dst_stride /= sizeof(uint32_t); + DPRINTF("pixman_fill(%p, %d, %d, %d, %d, %d, %d, %x)\n", + dst_bits, dst_stride, bpp, +- s->regs.dst_x, s->regs.dst_y, ++ dst_x, dst_y, + s->regs.dst_width, s->regs.dst_height, + filler); + pixman_fill((uint32_t *)dst_bits, dst_stride, bpp, +- s->regs.dst_x, s->regs.dst_y, ++ dst_x, dst_y, + s->regs.dst_width, s->regs.dst_height, + filler); + if (dst_bits >= s->vga.vram_ptr + s->vga.vbe_start_addr && +-- +2.25.1 + From patchwork Sat Nov 12 14:09:53 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15368 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9E555C4332F for ; Sat, 12 Nov 2022 14:10:19 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.web12.2832.1668262217273896503 for ; Sat, 12 Nov 2022 06:10:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=y0thQOj3; spf=softfail (domain: sakoman.com, ip: 209.85.216.49, mailfrom: steve@sakoman.com) Received: by mail-pj1-f49.google.com with SMTP id l6so6741122pjj.0 for ; Sat, 12 Nov 2022 06:10:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LF7MUPENG2fRUG5d/chtvgCmsAXhlqNinyFKx1srS/4=; b=y0thQOj3+QIaWyD9WM0ufgXs3w1EW6a27+kT4q1AfICU8qY8FsmQvrPY12J//my0+k rPd6UF1mSRFYBq3Id19HiOhuP/BopiUCFUTBnnn4lVYnw3iHGJ9vkN3YnZYXabO4BqQL rLYJqzxcQ4dTSi+xLmxuhBSDBBa6dFSykxJGLgr6Pgn/EsN/iwf0bT14BQitlSxp8aB9 OJWncNFssTwZeX2IWSrI00dNpowdwTdFY6Rqx3S7FDMOR6k5EXH0szB8eVT6nuZ8Q2eT anDwp5VWZTituXOXTs368v60qo9fUiw1nboQTh23Da9gF6U19pCn5Eay8ymPQA23JVqz Osqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LF7MUPENG2fRUG5d/chtvgCmsAXhlqNinyFKx1srS/4=; b=rKE5Q56bMYR+bJG3K/ajOCT6Fvp+netTfyjsgKeXcvRRLcfV2F5hZHMtYpVfrx+HnB 7NYsqVyZX8MwGA3hjSIGe3Bk4XxulId4V/Z7gRn2cWB6LeQc2vOgppjSbmMa5jlltwMZ Sp9P36WDENatdpHRRdcJEEFYGOlbPi0l6Z27w0/PLdzUFe0hT/78SrwxERmK93UyX5uY gNblBZPSUvCmy9HdoTEzm8EAIwZm3m03hKhCsJtHkmdQ23EcWEYy6m27tA995K7Bfnhd X/P2zr4AIxj5geELnchQNAhGUwNDY/z1t8/YrXYk8fkBRCRqdAya2M8jKbYQ9ZsvApbC VV4w== X-Gm-Message-State: ANoB5pmpF6pBvLo1D8L5cA5nDsTevKwTkdZ8i1UwlbCFbQPlGp7r0KfI LGliKAy7IxIUxWxU/aEeqBVWYRCZp3vvNajl X-Google-Smtp-Source: AA0mqf5ATnSfA/zxofKiBpqsaMAwxGsBVnayYQmldAE4KgWkf5cwMmfFYzoGDoU4lW31WKqzc2w+mw== X-Received: by 2002:a17:902:7598:b0:188:6c5b:ffb0 with SMTP id j24-20020a170902759800b001886c5bffb0mr6986871pll.125.1668262216068; Sat, 12 Nov 2022 06:10:16 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:15 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 05/11] binutils: stable 2.34 branch updates Date: Sat, 12 Nov 2022 04:09:53 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:19 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173154 From: Sundeep KOKKONDA Below commits on binutils-2.34 stable branch are updated. c4e78c0868a PR27755, powerpc-ld infinite loop 33973d228c9 gas, arm: PR26858 Fix availability of single precision vmul/vmla in arm mode 0c8652fe288 x86: Update GNU property tests 5c1bd3f52c6 x86: Properly merge -z ibt and -z shstk 93b9bf1651a PowerPC TPREL_HA/LO optimisation 58950a3bfd4 Date update e3b314d3a61 aarch64: set sh_entsize of .plt to 0 26b6ab7a0e4 S/390: z13: Accept vector alignment hints 7324292cd94 gas: Fix checking for backwards .org with negative offset 463ec189fe9 Prevent a potential use-after-fee memory corruption bug in the linker (for PE format files). ef2826c0fdb Fix the ARM assembler to generate a Realtime profile for armv8-r. 8524bb5bd28 Re: Fix tight loop on recursively-defined symbols 5768460022b Fix tight loop on recursively-defined symbols a72427b1ae0 gas: PR 25863: Fix scalar vmul inside it block when assembling for MVE 9f57ab49b32 BFD: Exclude sections with no content from compress check. aaf3f0599a2 Arm: Fix LSB of GOT for Thumb2 only PLT. 97f92b3e90a Arm: Fix thumb2 PLT branch offsets. 3053d7a163c include: Sync plugin-api.h with GCC f7aec2b8e09 PR25745, powerpc64-ld overflows string buffer in --stats mode 1b2bf0f65c1 include: Sync plugin-api.h with GCC 5e8619b9597 include: Sync lto-symtab.h and plugin-api.h with GCC 23820109ced plugin: Don't invoke LTO-wrapper 64f5c0afcc4 plugin: Use LDPT_ADD_SYMBOLS_V2 to get symbol type aaa1e160040 Silence warnings due to plugin API change e7c0ee5110c Include: Sync lto-symtab.h and plugin-api.h with GCC b6520be37fd Fix dwarf.c build with GCC 10 a560c29ca5a bfd: Change num_group to unsigned int 3ca4cd1ebde gas, arm: Fix bad backport b3174859c4b gas, arm: PR25660L Fix vadd/vsub with lt and le condition codes for MVE de9c1b7cfe6 powerpc64-ld infinite loop 0318fc4e18e Adjust PR25355 testcase 40bfb976274 Re: PR24511, nm should not mark symbols in .init_array as "t" 42b2380cdce Don't call lto-wrapper for ar and ranlib acc4a8b8ac8 PR25585, PHDR segment not covered by LOAD segment Signed-off-by: Sundeep KOKKONDA Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.34.inc | 2 +- .../binutils/binutils/CVE-2020-16593.patch | 4 +- .../binutils/binutils/CVE-2021-3549.patch | 80 +++++++++---------- 3 files changed, 41 insertions(+), 45 deletions(-) diff --git a/meta/recipes-devtools/binutils/binutils-2.34.inc b/meta/recipes-devtools/binutils/binutils-2.34.inc index ff0d467132..713e428a3e 100644 --- a/meta/recipes-devtools/binutils/binutils-2.34.inc +++ b/meta/recipes-devtools/binutils/binutils-2.34.inc @@ -24,7 +24,7 @@ BRANCH ?= "binutils-2_34-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P\d+_(\d_?)*)" -SRCREV ?= "d4b50999b3b287b5f984ade2f8734aa8c9359440" +SRCREV ?= "c4e78c0868a22971680217a41fdb73516a26813d" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${BRANCH};protocol=git" SRC_URI = "\ ${BINUTILS_GIT_URI} \ diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch b/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch index cbe4a50507..c7c7829261 100644 --- a/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch +++ b/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch @@ -199,6 +199,6 @@ Index: git/bfd/ChangeLog + * dwarf2.c (scan_unit_for_symbols): Wrap overlong lines. Don't + strdup(0). + - 2020-02-19 H.J. Lu + 2021-05-03 Alan Modra - PR binutils/25355 + PR 27755 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch b/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch index 4391db340a..5f56dd7696 100644 --- a/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch +++ b/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch @@ -7,31 +7,49 @@ Adds missing sanity checks for avr device info note, to avoid potential buffer overflows. Uses bfd_malloc_and_get_section for sanity checking section size. - PR 27290 - PR 27293 - PR 27295 - * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. - Use bfd_malloc_and_get_section. - (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity - check namesz. Return NULL if descsz is too small. Ensure - string table is terminated. - (elf32_avr_get_device_info): Formatting. Add note_size param. - Sanity check note. - (elf32_avr_dump_mem_usage): Adjust to suit. + PR 27290 + PR 27293 + PR 27295 + * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. + Use bfd_malloc_and_get_section. + (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity + check namesz. Return NULL if descsz is too small. Ensure + string table is terminated. + (elf32_avr_get_device_info): Formatting. Add note_size param. + Sanity check note. + (elf32_avr_dump_mem_usage): Adjust to suit. Upstream-Status: Backport CVE: CVE-2021-3549 Signed-of-by: Armin Kuster --- - binutils/ChangeLog | 14 +++++++++ - binutils/od-elf32_avr.c | 66 ++++++++++++++++++++++++++--------------- - 2 files changed, 56 insertions(+), 24 deletions(-) - -Index: git/binutils/od-elf32_avr.c -=================================================================== ---- git.orig/binutils/od-elf32_avr.c -+++ git/binutils/od-elf32_avr.c +diff --git a/binutils/ChangeLog b/binutils/ChangeLog +index 1e9a96c9bb6..02e5019204e 100644 +--- a/binutils/ChangeLog ++++ b/binutils/ChangeLog +@@ -1,3 +1,17 @@ ++2021-02-11 Alan Modra ++ ++ PR 27290 ++ PR 27293 ++ PR 27295 ++ * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. ++ Use bfd_malloc_and_get_section. ++ (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity ++ check namesz. Return NULL if descsz is too small. Ensure ++ string table is terminated. ++ (elf32_avr_get_device_info): Formatting. Add note_size param. ++ Sanity check note. ++ (elf32_avr_dump_mem_usage): Adjust to suit. ++ + 2020-03-25 H.J. Lu + + * ar.c (main): Update bfd_plugin_set_program_name call. +diff --git a/binutils/od-elf32_avr.c b/binutils/od-elf32_avr.c +index 5ec99957fe9..1d32bce918e 100644 +--- a/binutils/od-elf32_avr.c ++++ b/binutils/od-elf32_avr.c @@ -77,23 +77,29 @@ elf32_avr_filter (bfd *abfd) return bfd_get_flavour (abfd) == bfd_target_elf_flavour; } @@ -70,7 +88,7 @@ Index: git/binutils/od-elf32_avr.c { Elf_External_Note *xnp = (Elf_External_Note *) contents; Elf_Internal_Note in; -@@ -107,42 +113,54 @@ static char* elf32_avr_get_note_desc (bf +@@ -107,42 +113,54 @@ static char* elf32_avr_get_note_desc (bfd *abfd, char *contents, if (in.namesz > contents - in.namedata + size) return NULL; @@ -163,25 +181,3 @@ Index: git/binutils/od-elf32_avr.c } elf32_avr_get_memory_usage (abfd, &text_usage, &data_usage, -Index: git/binutils/ChangeLog -=================================================================== ---- git.orig/binutils/ChangeLog -+++ git/binutils/ChangeLog -@@ -1,3 +1,17 @@ -+2021-02-11 Alan Modra -+ -+ PR 27290 -+ PR 27293 -+ PR 27295 -+ * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. -+ Use bfd_malloc_and_get_section. -+ (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity -+ check namesz. Return NULL if descsz is too small. Ensure -+ string table is terminated. -+ (elf32_avr_get_device_info): Formatting. Add note_size param. -+ Sanity check note. -+ (elf32_avr_dump_mem_usage): Adjust to suit. -+ - 2020-02-01 Nick Clifton - - * configure: Regenerate. From patchwork Sat Nov 12 14:09:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15376 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A3B77C43217 for ; Sat, 12 Nov 2022 14:10:29 +0000 (UTC) Received: from mail-pj1-f51.google.com (mail-pj1-f51.google.com [209.85.216.51]) by mx.groups.io with SMTP id smtpd.web08.2923.1668262219473370113 for ; Sat, 12 Nov 2022 06:10:19 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=pYY2yHzg; spf=softfail (domain: sakoman.com, ip: 209.85.216.51, mailfrom: steve@sakoman.com) Received: by mail-pj1-f51.google.com with SMTP id c15-20020a17090a1d0f00b0021365864446so6923111pjd.4 for ; Sat, 12 Nov 2022 06:10:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZZqz6MBQj+R3dX3/U2riPav6evwMsbKQt5rMQwBjMjM=; b=pYY2yHzgHlIzMoTHn6Pq6KvmCDDzmKnJvaxHpvtD8I1RY6TrecUFgeqSzAuDM/lDGH VCuw87QzdFVT11arqU4Ol3otkMZ6IYW73Ptb2R2Xe0FQWKB5ftdDqonLk6dv9A7HgBlE A9gloDrikGjbWlAtohLctJaYQ36hKpyAoz9u9QKpjC8Vv6CcFJMRFN8fksi0kwqXFK77 Eax5qhaDyCTk3dZ1QESb7kKZV4vngNfMbJjm/ObWKNcuHC8NorjJkvdlHaNR5jMisCRM +JW0nX2X/sHNjBkC6YjBw8DN6KJwwU7jfenGpZpuxVo7gZkForGAUXCK/qLzvrpWNx00 lhQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZZqz6MBQj+R3dX3/U2riPav6evwMsbKQt5rMQwBjMjM=; b=VRh+DQ3DoMIblOglq5pkJggZNE6uYtJhTNfwamwOE6fOqUnKYdrCSIyYV2bGwrdxFY nvFwJv9J07lVVKvqn6x+tZeQVxeR+anbwsGSfU5B+EIyrs/alHnMt5ijxrhZqeLM8bSo fni1W++rM4z9SukRS8bW5K4vBTLtnALCNpWvUTlREEiDCyNXsiZlOjvRbi7hNrwCppt8 TFxKMOagHAtqrwEdCdem+t4RUsWEuZsiRUa1brrI3lnjCxKwLNgHlDxNkRt2mihxfKqG iQBHTeH2bRtDKHmWVSr+AyFXhvlMmt8zDKeVMqiblHYoVNxsoH6VfDBsRkdu6ctHmeuc ZRUg== X-Gm-Message-State: ANoB5pk/NTtTwNqsM3p2Vr1ADYe/+wERf+8dZPuo7l3WLLE1aQN2S7cG JRkrz3P949lWE/jYxwPGIjDbuhMw+2h5Z9gg X-Google-Smtp-Source: AA0mqf6CesqKXgr46bF5nkRpEy7QYvnqVGK2KPwMFA2wdtgPmlq+8waMrZE8Ne/Wnjq0KHMq9C+EIQ== X-Received: by 2002:a17:902:eb52:b0:186:abaf:8fe with SMTP id i18-20020a170902eb5200b00186abaf08femr6896325pli.95.1668262218206; Sat, 12 Nov 2022 06:10:18 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:17 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 06/11] glibc : stable 2.31 branch updates. Date: Sat, 12 Nov 2022 04:09:54 -1000 Message-Id: <1d047a1f19ea57f919180273589cdf7fb4dacaa3.1668262073.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173155 From: Sundeep KOKKONDA Below commits on glibc-2.31 stable branch are updated. d4b7559457 x86-64: Require BMI2 for avx2 functions [BZ #29611] b8bb48a18d x86-64: Require BMI2 for strchr-avx2.S [BZ #29611] c8f2a3e803 Add test for bug 29530 e6ae5b25cd Fix memmove call in vfprintf-internal.c:group_number 1dbe841a67 Remove most vfprintf width/precision-dependent allocations (bug 14231, bug 26211). 5a802723db stdio: Add tests for printf multibyte convertion leak [BZ#25691] ae7748e67f stdio: Remove memory leak from multibyte convertion [BZ#25691] 174d0b61c7 Linux: Require properly configured /dev/pts for PTYs 0a167374fd Linux: Detect user namespace support in io/tst-getcwd-smallbuff 4ad1659d8c getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999) 3319cea99e support: Add helpers to create paths longer than PATH_MAX f733e291bb support: Fix xclone build failures on ia64 and hppa 43757c70ee support: Add xclone 29d3aeb0e8 Add xchdir to libsupport. 2d7720f316 support: Add create_temp_file_in_dir 183709983d NEWS: Add a bug fix entry for BZ #28896 d385079bd5 x86: Fix TEST_NAME to make it a string in tst-strncmp-rtm.c 7df3ad6560 x86: Test wcscmp RTM in the wcsncmp overflow case [BZ #28896] fc133fcf49 x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case [BZ #28896] 775c05b28c string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755] c6b346ec55 x86-64: Test strlen and wcslen with 0 in the RSI register [BZ #28064] 0675185923 x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ #28064] 5db3239baf x86: Black list more Intel CPUs for TSX [BZ #27398] 5b99f172b8 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033] 70d293a158 NEWS: Add a bug fix entry for BZ #27974 a2be2c0f5d String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974] 489006c3c5 x86: Optimize strlen-evex.S 937f2c783a x86: Fix overflow bug in wcsnlen-sse4_1 and wcsnlen-avx2 [BZ #27974] 0058c73d11 x86-64: Add wcslen optimize for sse4.1 665d0252f1 x86-64: Move strlen.S to multiarch/strlen-vec.S 82ff13e2cc x86-64: Fix an unknown vector operation in memchr-evex.S 539b593a1d x86: Optimize memchr-evex.S 7b37ae60c6 x86: Optimize strlen-avx2.S 0381c1c10d x86: Fix overflow bug with wmemchr-sse2 and wmemchr-avx2 [BZ #27974] 10368cb76b x86: Optimize memchr-avx2.S 66ca40582e test-strnlen.c: Check that strnlen won't go beyond the maximum length 927bcaf892 test-strnlen.c: Initialize wchar_t string with wmemset [BZ #27655] 0d4159c36c x86-64: Require BMI2 for __strlen_evex and __strnlen_evex c0cbb9345e NEWS: Add a bug fix entry for BZ #27457 e81b975fcc x86-64: Fix ifdef indentation in strlen-evex.S aa4e48e73c x86-64: Use ZMM16-ZMM31 in AVX512 memmove family functions ac911d3b57 x86-64: Use ZMM16-ZMM31 in AVX512 memset family functions 20d37de533 x86: Add string/memory function tests in RTM region fbaa99ed41 x86-64: Add AVX optimized string/memory functions for RTM 096e14f632 x86-64: Add memcmp family functions with 256-bit EVEX f00fad4e4c x86-64: Add memset family functions with 256-bit EVEX cf239ddd2e x86-64: Add memmove family functions with 256-bit EVEX 7257ba7bf2 x86-64: Add strcpy family functions with 256-bit EVEX db9071c0f6 x86-64: Add ifunc-avx2.h functions with 256-bit EVEX 2d612b2c5f x86: Set Prefer_No_VZEROUPPER and add Prefer_AVX2_STRCMP 5b13651085 NEWS: Add a bug fix entry for BZ #28755 5ee8a436ab x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] Signed-off-by: Sundeep KOKKONDA Signed-off-by: Steve Sakoman --- meta/recipes-core/glibc/glibc-version.inc | 2 +- .../glibc/glibc/CVE-2021-33574_1.patch | 26 ++++++++----------- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 68efd09ece..5414297ba1 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.31/master" PV = "2.31+git${SRCPV}" -SRCREV_glibc ?= "3ef8be9b89ef98300951741f381eb79126ac029f" +SRCREV_glibc ?= "d4b75594574ab8a9c2c41209cd8c62aac76b5a04" SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch index cef0ce54ed..7561e87121 100644 --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch +++ b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch @@ -11,14 +11,10 @@ CVE: CVE-2021-33574 patch#1 Signed-off-by: Armin Kuster --- - NEWS | 4 ++++ - sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++----- - 2 files changed, 14 insertions(+), 5 deletions(-) - -Index: git/NEWS -=================================================================== ---- git.orig/NEWS -+++ git/NEWS +diff --git a/NEWS b/NEWS +index 8a20d3c4e3..be489243ac 100644 +--- a/NEWS ++++ b/NEWS @@ -7,6 +7,10 @@ using `glibc' in the "product" field. Version 2.31.1 @@ -28,12 +24,12 @@ Index: git/NEWS + attribute with a non-default affinity mask. + The following bugs are resolved with this release: + [14231] stdio-common tests memory requirements [19519] iconv(1) with -c option hangs on illegal multi-byte sequences - (CVE-2016-10228) -Index: git/sysdeps/unix/sysv/linux/mq_notify.c -=================================================================== ---- git.orig/sysdeps/unix/sysv/linux/mq_notify.c -+++ git/sysdeps/unix/sysv/linux/mq_notify.c +diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c +index f288bac477..dd47f0b777 100644 +--- a/sysdeps/unix/sysv/linux/mq_notify.c ++++ b/sysdeps/unix/sysv/linux/mq_notify.c @@ -135,8 +135,11 @@ helper_thread (void *arg) (void) __pthread_barrier_wait (¬ify_barrier); } @@ -48,7 +44,7 @@ Index: git/sysdeps/unix/sysv/linux/mq_notify.c } return NULL; } -@@ -257,8 +260,7 @@ mq_notify (mqd_t mqdes, const struct sig +@@ -257,8 +260,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification) if (data.attr == NULL) return -1; @@ -58,7 +54,7 @@ Index: git/sysdeps/unix/sysv/linux/mq_notify.c } /* Construct the new request. */ -@@ -272,7 +274,10 @@ mq_notify (mqd_t mqdes, const struct sig +@@ -272,7 +274,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification) /* If it failed, free the allocated memory. */ if (__glibc_unlikely (retval != 0)) From patchwork Sat Nov 12 14:09:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15373 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A825DC4321E for ; Sat, 12 Nov 2022 14:10:29 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web12.2834.1668262221307806564 for ; Sat, 12 Nov 2022 06:10:21 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=T/zzrYNm; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id m6so7240384pfb.0 for ; Sat, 12 Nov 2022 06:10:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=U04nW+ReiZv/SIq8qNjiR3NvNyoqNBfrb9SOpXkOlxs=; b=T/zzrYNmEnT+uMlKC0S944wKHsCgBlWkDlqLCGb3UX9qH+zvNqneKfnykLp7FrSJmb W9MfxDPZUjTYznhE4yBniFR22M5fvMuT1sUN4TAzeHJQEZ/b1TGIZTU3/NvnxJDOOQen BXSdFv4gga9+hIa6AN+Fn7XN3Pi78O7FqrdR9yohiHHWP6UWjHSzlpjaZAo2bQ+FgnTf hNk3SdPk06IpsZzGcspM70LsCs9Nt+48vAfYz3FgOljsVn7Wz/XPcShiEQX8pg0xg/Js 5+psqxjF5ntfBzQKFgfY2/0mZsjbAmwQg6LUhiyfuKYU9oLD9ir4qjVN93oIOWCX9n74 vVSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=U04nW+ReiZv/SIq8qNjiR3NvNyoqNBfrb9SOpXkOlxs=; b=O3MCfi4ikjHWkUDbb+98nZB+ypKgxYrzrnMP8glLouSgDlIIbHhzSPVRESOF7c7B+c KAHvybvdkuKNOyf48zoCj+9fRzg0O8I+sM6+EoaHy22FyCa8pg9buJL0lln9bHR7pNPj X1TRwFEW5kYnEEEC0qp7mzODx/dQs1QGKkTjweqe0+KTYE50DCPdh8Q1QF5JKTEfd71N 38CQyvmtB4O0jDy2pFWBpMrdXkB53hwYOq0XyizF8TOMPxVpsyAHNe2qtInaBZkLl9OM sijo/jkRduX78npoDpo4PIXsg3jStEgxOWGswo7oHoaQTviEloVrRnwfOdqh4w9BLfFD rEsw== X-Gm-Message-State: ANoB5plQ73wRyDrmU4RwjaYEqcjjHbKvCw3+3vuIcaCDLyCM4pG+0FkM gog+og/EgIPuUD6isHCy4HZ4RrOnXG+AyWK8 X-Google-Smtp-Source: AA0mqf7euD2khpkyeDLdWrC2pAD5b/JplWs9tfaAv0b1n5Ba0zmPivj+wmTV77v6QpKIV5H2crA1Dg== X-Received: by 2002:a63:5554:0:b0:46f:7e1c:77be with SMTP id f20-20020a635554000000b0046f7e1c77bemr5641564pgm.32.1668262220273; Sat, 12 Nov 2022 06:10:20 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:19 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 07/11] openssl: upgrade 1.1.1q to 1.1.1s Date: Sat, 12 Nov 2022 04:09:55 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173156 From: Alex Kiernan Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022] * Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the certificate data to be signed before signing the certificate. Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022] * Added a missing header for memcmp that caused compilation failure on some platforms Signed-off-by: Alex Kiernan Signed-off-by: Steve Sakoman --- .../openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-connectivity/openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} (98%) diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1q.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb similarity index 98% rename from meta/recipes-connectivity/openssl/openssl_1.1.1q.bb rename to meta/recipes-connectivity/openssl/openssl_1.1.1s.bb index 139b7fe935..6c8f285996 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1q.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb @@ -24,7 +24,7 @@ SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca" +SRC_URI[sha256sum] = "c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" From patchwork Sat Nov 12 14:09:56 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15377 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AA3BFC4167D for ; Sat, 12 Nov 2022 14:10:29 +0000 (UTC) Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) by mx.groups.io with SMTP id smtpd.web09.2953.1668262213238848055 for ; Sat, 12 Nov 2022 06:10:22 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=v8nOG7QF; spf=softfail (domain: sakoman.com, ip: 209.85.215.181, mailfrom: steve@sakoman.com) Received: by mail-pg1-f181.google.com with SMTP id e129so6546122pgc.9 for ; Sat, 12 Nov 2022 06:10:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=EqxTKAtQDFUCkwjMz+dGTj0DFbS5BqoW14jS9hBY9o0=; b=v8nOG7QFvKSfS9m1zh3PAQSK4dci08jLNylu1uIcxlBv/G1edKG9N9sc+pIjgwKHTd y9cZayOkWNfxS/7XQ5HYkOvXRF0OawKWdHgVbKKURX1/48rLilnwuKIEG6UMbx9qmL9W wRE+NWya84fdiUDzvCQQqWPLJARQJRgfXgeZWL8wVaBM7QB6fdMWhbNm0CmrEoNlwfJE xUxPh3vscCon3XcyJ1H1aAOYM69KEmSkwTz53mY+g0ef7sNC1pVEWcnaFRQsv50dj37f mlr6fgFvjHtL6L3z3zYco/pmpo8wNDiAcXKUoEbcgvvSFbn3DYpP/d0kqm4v/thlnudk vzYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EqxTKAtQDFUCkwjMz+dGTj0DFbS5BqoW14jS9hBY9o0=; b=DzOMwLf+HwoXNFEV31+2xi+ux+ErMMNTBhpc+UBR4DX26jEU0qnPosqQhwvVzHtJQf UTIyJVUu2TQoXjOSHFG1heMqbn3LDgfYZYm+KJNp93FYfcMj/SxlIzrUFSOoQ5qETffc kG23VKznakxmyZaaoH+pN9fTD32Wie/fLMhsWL5LZxfoGcMb1LR05lXC+K3iicW9Bl2i vjkVMJ6F15ipm0FPI/lYv9PS+1m59ePX3EQCA+xdb559mOxKTLC9ybCR48+OWaH2j1xs DT3zIb0/PFIP261Rb4QIuqojiH+fa9KfXV7zDcX35kWXoNeUGMIuPjhXfOzfy9zyB6DZ muJA== X-Gm-Message-State: ANoB5plZU3O4cX889IHP/9sdXXoTjMB8eM0IJFLNLiwj1yTgE5Q/TnYh 348q1wpsBd8I+Y3xXiqfydqpCXIYhTCW6ypU X-Google-Smtp-Source: AA0mqf73TAQsyTGBKJ9Uh/w4kXGxhxk+blZH7UySNIZYMHG5NH1lNEjXgfyHS8LOdBLhaZPUUUNzWg== X-Received: by 2002:a63:481c:0:b0:470:514e:1f15 with SMTP id v28-20020a63481c000000b00470514e1f15mr5580374pga.358.1668262222128; Sat, 12 Nov 2022 06:10:22 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:21 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 08/11] externalsrc.bbclass: fix git repo detection Date: Sat, 12 Nov 2022 04:09:56 -1000 Message-Id: <1f0e4de8d92edd7438d462c779d917ac0ccd5499.1668262073.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173157 From: Martin Jansa * fix issue introduced in: https://git.openembedded.org/openembedded-core/commit/?id=95fbac8dcad6c93f4c9737e9fe13e92ab6befa09 * it added check for s_dir + git-dir (typically '.git') isn't the same as ${TOPDIR} + git-dir, but due to copy-paste issue it was just comparing it with s_dir + git-dir again, resulting in most external repos (where git-dir is '.git') to be processed as regular directory (not taking advantage of git write-tree). * normally this wouldn't be an issue, but for big repo with a lot of files this added a lot of checksums in: d.setVarFlag('do_compile', 'file-checksums', '${@srctree_hash_files(d)}') and I mean *a lot, e.g. in chromium build it was 380227 paths which still wouldn't that bad, but the checksum processing in siggen.py isn't trivial and just looping through all these checksums takes very long time (over 1000sec on fast NVME drive with warm cache) and then https://git.openembedded.org/bitbake/commit/?id=b4975d2ecf615ac4c240808fbc5a3f879a93846b made the processing a bit more complicated and the loop in get_taskhash() function took 6448sec and to make things worse there was no output from bitbake during that time, so even with -DDD it looks like this: DEBUG: virtual/libgles2 resolved to: mesa (langdale/oe-core/meta/recipes-graphics/mesa/mesa_22.2.0.bb) Bitbake still alive (no events for 600s). Active tasks: Bitbake still alive (no events for 1200s). Active tasks: Bitbake still alive (no events for 1800s). Active tasks: Bitbake still alive (no events for 2400s). Active tasks: Bitbake still alive (no events for 3000s). Active tasks: Bitbake still alive (no events for 3600s). Active tasks: Bitbake still alive (no events for 4200s). Active tasks: Bitbake still alive (no events for 4800s). Active tasks: Bitbake still alive (no events for 5400s). Active tasks: Bitbake still alive (no events for 6000s). Active tasks: DEBUG: Starting bitbake-worker without -DDD it will get stuck for almost 2 hours in: "Initialising tasks..." before it finally writes sstate summary like: "Sstate summary: Wanted 3102 Local 0 Mirrors 0 Missed 3102 Current 1483 (0% match, 32% complete)" * fix the copy&paste typo to use git work-tree in most cases, but be aware that this issue still exists for huge local source trees not in git [YOCTO #14942] Signed-off-by: Martin Jansa Signed-off-by: Alexandre Belloni (cherry picked from commit 9102e5a94b8146cb1da27afbe41d3db999a914ff) Signed-off-by: Steve Sakoman --- meta/classes/externalsrc.bbclass | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass index 291fcf5653..fc20eedf4d 100644 --- a/meta/classes/externalsrc.bbclass +++ b/meta/classes/externalsrc.bbclass @@ -207,8 +207,8 @@ def srctree_hash_files(d, srcdir=None): try: git_dir = os.path.join(s_dir, subprocess.check_output(['git', '-C', s_dir, 'rev-parse', '--git-dir'], stderr=subprocess.DEVNULL).decode("utf-8").rstrip()) - top_git_dir = os.path.join(s_dir, subprocess.check_output(['git', '-C', d.getVar("TOPDIR"), 'rev-parse', '--git-dir'], - stderr=subprocess.DEVNULL).decode("utf-8").rstrip()) + top_git_dir = os.path.join(d.getVar("TOPDIR"), + subprocess.check_output(['git', '-C', d.getVar("TOPDIR"), 'rev-parse', '--git-dir'], stderr=subprocess.DEVNULL).decode("utf-8").rstrip()) if git_dir == top_git_dir: git_dir = None except subprocess.CalledProcessError: From patchwork Sat Nov 12 14:09:57 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15375 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9DA71C43219 for ; Sat, 12 Nov 2022 14:10:29 +0000 (UTC) Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com [209.85.216.50]) by mx.groups.io with SMTP id smtpd.web11.2917.1668262225152223694 for ; Sat, 12 Nov 2022 06:10:25 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=b+T352q2; spf=softfail (domain: sakoman.com, ip: 209.85.216.50, mailfrom: steve@sakoman.com) Received: by mail-pj1-f50.google.com with SMTP id m14-20020a17090a3f8e00b00212dab39bcdso10076230pjc.0 for ; Sat, 12 Nov 2022 06:10:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=M5krHqb5Et9hoWflJK3A67rriEl6B/NvlkbuN2HdIYg=; b=b+T352q2b+VYaKjsGXIy60MbhNOuipDSYHTPdnFFDS1dDIvSkv1AY2wgnWWmO401qJ wpPi5d+rHKjwvf7olSaHlwaOmfwOG/yBorrzyMLqIWp9kbHdk3gLceLRD2YjwBWTI5aL +KplMJMw0KeDI12f0ZSi0ecV0NAKyIkTd87mSPkXBXtuUcLyRdYpvTMYyQAWF1d3QSB6 OZwLBAl0UhbL71+i20SWSYl001GjDY/tssLFJ6FwZ7PDmS5cLcFa6GtRuxiz38rGeLkh SNBI2dgsIMvpyl6+kVxeE4Ek8NPjUKTqhpNqboEJuUk4bLWKlk3uGUA45obqAa877SVx 102A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=M5krHqb5Et9hoWflJK3A67rriEl6B/NvlkbuN2HdIYg=; b=JrJEaTr3JvuPunoVH2HYHXFEv+dDmuXft7f4MrMJ9j8k5Iwx2GHDZYUW7HkvPwofvy O+VtXlS01QuqWWNQJh1rg9SGu/3/dp0mzIqvJsZNg8A5EvKhPwzN6iXkdK1om0x1JDx6 f+vP7ZEesTFYEu0DxErMmzJUbWLp5Xi5OqO+zTYa0TqFEfQ/e8zMoRpoJgOmNnXqU5cM vanWMmGNZQoAB5r4pHHd5SwjKYlULow6tJAVWqX0RzVJXWkd8V4FEQmQL0/GU2Kn9tsj +68NFgHV+wCg5hnt6eDjuiuqmS1qwPLdEnxqSoWWWmUyQUoTmY7RTfeZliToHBlce/3x XwPw== X-Gm-Message-State: ANoB5pn/xCm4Rh9yPBufiOKKbidPV8TFUEN6svPGsc4B0SbeDfr1yl+T vjSkyk01y8fONSRBjwvjjZREsZzC6ibsn1jz X-Google-Smtp-Source: AA0mqf5S50Z+PzkrtIXVwyiPJiUpxh4FPnBmBKYH1B2YMbjEDUZcSeXz0wwiFAR3DNm/55a85urPww== X-Received: by 2002:a17:90a:a102:b0:218:f84:3f98 with SMTP id s2-20020a17090aa10200b002180f843f98mr6625404pjp.238.1668262224122; Sat, 12 Nov 2022 06:10:24 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:23 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 09/11] externalsrc.bbclass: Remove a trailing slash from ${B} Date: Sat, 12 Nov 2022 04:09:57 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173158 From: Peter Kjellerstedt The trailing slash in ${B} caused -fdebug-prefix-map=${B}=... to not match as intended, resulting in ${TMPDIR} ending up in files in ${PN}-dbg when externalsrc was in use, which in turn triggered buildpath QA warnings. Signed-off-by: Peter Kjellerstedt Signed-off-by: Alexandre Belloni (cherry picked from commit 9b5031ed5a0d102905fa75acc418246c23df6eef) Signed-off-by: Steve Sakoman --- meta/classes/externalsrc.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass index fc20eedf4d..3f7f533cc6 100644 --- a/meta/classes/externalsrc.bbclass +++ b/meta/classes/externalsrc.bbclass @@ -60,7 +60,7 @@ python () { if externalsrcbuild: d.setVar('B', externalsrcbuild) else: - d.setVar('B', '${WORKDIR}/${BPN}-${PV}/') + d.setVar('B', '${WORKDIR}/${BPN}-${PV}') local_srcuri = [] fetch = bb.fetch2.Fetch((d.getVar('SRC_URI') or '').split(), d) From patchwork Sat Nov 12 14:09:58 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15374 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9DA45C433FE for ; Sat, 12 Nov 2022 14:10:29 +0000 (UTC) Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by mx.groups.io with SMTP id smtpd.web12.2836.1668262227315437950 for ; Sat, 12 Nov 2022 06:10:27 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=JnmqvcNd; spf=softfail (domain: sakoman.com, ip: 209.85.214.174, mailfrom: steve@sakoman.com) Received: by mail-pl1-f174.google.com with SMTP id v17so6444305plo.1 for ; Sat, 12 Nov 2022 06:10:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=SrZ3+jOA/KgWS6rwNU3D7RUl077QPn6PwAiTrVVWjCY=; b=JnmqvcNdzaqrhbfYP1mVZgQdravZRqqczxK80oEuBnylRVUF8iv8Y2xZXaO9hI/3WE RVdimB3ysMAK7h5FMbFXiQNFJN4Bz5e+9kkR63cA473eb4koFH9h5pp5QUjiJeMgO1l5 Th6vVmj06yaW/6nA4G/U8snmw/ywZEWr7etY3uicL8HlbxxwkTLrPTzRAhcul4vLn2DL fbvC1ewLl/baPP1JF/Xhl81VbjHdHCRL3PeI/T3bYJsey1rDxXNOenizh+8st5k0fm0i G8oNesNvof7UFFIPRbxR4/UaUyCZ+ytEly/3KjlewRBhQtT1LXA1YnEtHkvNba91YCSn J98w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SrZ3+jOA/KgWS6rwNU3D7RUl077QPn6PwAiTrVVWjCY=; b=uwSseGz6fw0zuKSkEh4xV97FxSTmhM3H1IQQZM5mFdhXTzZTSWBrvv9TWDDQJ0Kycs BvaVIHNJj5pDBnUvGwAa6bJ45WMhcP6v5+uHnf//Wknuxb0EFjQqQYWHC340nSSvxshS lSM+JX2bJWWDOyQrr12CV90ayEZD3y4CQuHxX/5URd3aFcy7afHRm66zIhIAEOm8fCat C2H/XMRe7ON+Ay/Vel1kyJ/1rZOaWiqCNnNWr+0BePOsB1YHXYxARpR//pxTkasrX/Px 3yIlcT0Ac85zOkxU+q7tFe1fEDbEhUgYApquKxetNpT4B9pzgU3UhAe54JXG5HsDTSmp atgw== X-Gm-Message-State: ANoB5plF8EpPrNNyQAwPHLLbehuD50NxdxCtXKqCDYz20XfV3yFRtB6v 41K9hrPJekgpfeODcoquPaIZYgM1uHVZ8A97 X-Google-Smtp-Source: AA0mqf45RrmUYgkJRqG0T/K/NF6vkwzZOppvD888yw59V8QauJI0kGuWkOPwZnq7a963ebn8p+zmKg== X-Received: by 2002:a17:90b:2750:b0:212:c87e:dc8b with SMTP id qi16-20020a17090b275000b00212c87edc8bmr6599955pjb.229.1668262226312; Sat, 12 Nov 2022 06:10:26 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:25 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 10/11] sanity: check for GNU tar specifically Date: Sat, 12 Nov 2022 04:09:58 -1000 Message-Id: <8f852648fe730615c99bcdaace8a4748ef4e96a5.1668262073.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:29 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173159 From: Ross Burton We need the system tar to be GNU tar, as we reply on --xattrs. Some distributions may be using libarchive's tar binary, which is definitely not as featureful, so check for this and abort early with a clear message instead of later with mysterious errors. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni (cherry picked from commit 7dd2b1cd1bb10e67485dab8600c0787df6c2eee7) Signed-off-by: Steve Sakoman --- meta/classes/sanity.bbclass | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass index 37354af9d5..33e5e5952f 100644 --- a/meta/classes/sanity.bbclass +++ b/meta/classes/sanity.bbclass @@ -561,6 +561,14 @@ def check_tar_version(sanity_data): version = result.split()[3] if LooseVersion(version) < LooseVersion("1.28"): return "Your version of tar is older than 1.28 and does not have the support needed to enable reproducible builds. Please install a newer version of tar (you could use the project's buildtools-tarball from our last release or use scripts/install-buildtools).\n" + + try: + result = subprocess.check_output(["tar", "--help"], stderr=subprocess.STDOUT).decode('utf-8') + if "--xattrs" not in result: + return "Your tar doesn't support --xattrs, please use GNU tar.\n" + except subprocess.CalledProcessError as e: + return "Unable to execute tar --help, exit code %d\n%s\n" % (e.returncode, e.output) + return None # We use git parameters and functionality only found in 1.7.8 or later From patchwork Sat Nov 12 14:09:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 15378 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 98933C4332F for ; Sat, 12 Nov 2022 14:10:39 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web08.2925.1668262229786839138 for ; Sat, 12 Nov 2022 06:10:29 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=Pm7Y1kIl; spf=softfail (domain: sakoman.com, ip: 209.85.214.178, mailfrom: steve@sakoman.com) Received: by mail-pl1-f178.google.com with SMTP id j12so6430395plj.5 for ; Sat, 12 Nov 2022 06:10:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/MkfVQs9/YaOmzkJPjERSHvzRZVYsHgLFQOF5JFh6eQ=; b=Pm7Y1kIlc6CFKFt2OlqkB0Tpvhyg3F5T31k2c3FXjNzoXgw0oEWZaiIKU2T9BVMQpX wcjJpYEaMc6E9p7or9DyfnTu4w8ULtJ7p8jfhDg0RAaofeUQ1IxBXaXMX+bFc1s36Yig /50k2Gp8Kis7SnWPRJThxcqrTo9/4hiRh3uwDfPuHUZUy3arBj0yAILPzMNu15esnbeT XDZPds9/aUpufaHfIVM/PLUR3oHyugRCswglVi6oo4TY4CZvKyUSRvwwKXATeI6Pe1Ji 5WnGFUDJ4OorGbgPnkIyfCDEYoz17x+46IGP0Yl79H+3bQf5E6JSU5+jzM+MZoNlQ1Ef K43g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/MkfVQs9/YaOmzkJPjERSHvzRZVYsHgLFQOF5JFh6eQ=; b=NIALrbBjmBlZs5NA4mrGgXHcuaHQvI09AiQtvxZ3id1OUCxCVdNrW9IFYDLAGX0RDU kVB2YPlA6ygJLhIcRVanEx0+pek7OMmRWTJwARXWCWZzxTITfxLeiI3TYKfM8xBYbrKg asa+UFDQop/d9jTkl+Hn7p6OeBifBpvbj83EHtMPR+xEtoh3kOlpv7on9vyDIvOY2Auk SidBOK8iJSjIl4GgQxOHX9CMvt6iMzyejXPvBP3FPSP8b66RvzXfaK7A4e+4GNNl4hgp /uWRgSMo+rcRxzhZlaOxPqHoItNlHcoKRlyFmDHQC6d26x4Ky/Oy1MgaDdTQCvFAzw4e FMnQ== X-Gm-Message-State: ANoB5pmYNRf0VYpREQy8Us4N0JpRGWwWv8qRmAvyqIQHQZIWDxZQ258y HFEfeJL0s1btLHGJ6AKn18grEqE6+P0K1U5R X-Google-Smtp-Source: AA0mqf55AXx6IRDX2HTzYHG45YoX8FE1AMtBTpzBiVupzHbnnl8vdFWJPBpgh1KADKRG08NOihyJjg== X-Received: by 2002:a17:902:9a81:b0:185:378d:7c2a with SMTP id w1-20020a1709029a8100b00185378d7c2amr6802975plp.127.1668262228836; Sat, 12 Nov 2022 06:10:28 -0800 (PST) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id g10-20020a1709026b4a00b0018853dd8832sm3733883plt.4.2022.11.12.06.10.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Nov 2022 06:10:28 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 11/11] wic: swap partitions are not added to fstab Date: Sat, 12 Nov 2022 04:09:59 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 12 Nov 2022 14:10:39 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/173160 From: ciarancourtney - Regression in 7aa678ce804c21dc1dc51b9be442671bc33c4041 Signed-off-by: Ciaran Courtney Signed-off-by: Alexandre Belloni (cherry picked from commit f1243572ad6b6303fe562e4eb7a9826fd51ea3c3) Signed-off-by: Steve Sakoman --- scripts/lib/wic/plugins/imager/direct.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py index 2505c13fce..42704d1e10 100644 --- a/scripts/lib/wic/plugins/imager/direct.py +++ b/scripts/lib/wic/plugins/imager/direct.py @@ -115,7 +115,7 @@ class DirectPlugin(ImagerPlugin): updated = False for part in self.parts: if not part.realnum or not part.mountpoint \ - or part.mountpoint == "/" or not part.mountpoint.startswith('/'): + or part.mountpoint == "/" or not (part.mountpoint.startswith('/') or part.mountpoint == "swap"): continue if part.use_uuid: