diff options
172 files changed, 3000 insertions, 1210 deletions
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass index 0cf27fbb91..cb9da78ab6 100644 --- a/meta/classes/base.bbclass +++ b/meta/classes/base.bbclass @@ -208,6 +208,7 @@ addtask do_deploy_source_date_epoch_setscene addtask do_deploy_source_date_epoch before do_configure after do_patch python create_source_date_epoch_stamp() { + # Version: 1 source_date_epoch = oe.reproducible.get_source_date_epoch(d, d.getVar('S')) oe.reproducible.epochfile_write(source_date_epoch, d.getVar('SDE_FILE'), d) } diff --git a/meta/classes/bin_package.bbclass b/meta/classes/bin_package.bbclass index c3aca20443..f0407e1329 100644 --- a/meta/classes/bin_package.bbclass +++ b/meta/classes/bin_package.bbclass @@ -30,8 +30,9 @@ bin_package_do_install () { bbfatal bin_package has nothing to install. Be sure the SRC_URI unpacks into S. fi cd ${S} + install -d ${D}${base_prefix} tar --no-same-owner --exclude='./patches' --exclude='./.pc' -cpf - . \ - | tar --no-same-owner -xpf - -C ${D} + | tar --no-same-owner -xpf - -C ${D}${base_prefix} } FILES:${PN} = "/" diff --git a/meta/classes/cargo_common.bbclass b/meta/classes/cargo_common.bbclass index 90fad75415..39f32829fd 100644 --- a/meta/classes/cargo_common.bbclass +++ b/meta/classes/cargo_common.bbclass @@ -45,7 +45,7 @@ cargo_common_do_configure () { directory = "${CARGO_VENDORING_DIRECTORY}" EOF - if [ -z "${EXTERNALSRC}" ] && [ ${CARGO_DISABLE_BITBAKE_VENDORING} = "0" ]; then + if [ ${CARGO_DISABLE_BITBAKE_VENDORING} = "0" ]; then cat <<- EOF >> ${CARGO_HOME}/config [source.crates-io] diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass index b2f216f361..90792a737b 100644 --- a/meta/classes/externalsrc.bbclass +++ b/meta/classes/externalsrc.bbclass @@ -68,7 +68,7 @@ python () { url_data = fetch.ud[url] parm = url_data.parm if (url_data.type == 'file' or - url_data.type == 'npmsw' or + url_data.type == 'npmsw' or url_data.type == 'crate' or 'type' in parm and parm['type'] == 'kmeta'): local_srcuri.append(url) diff --git a/meta/classes/gobject-introspection-data.bbclass b/meta/classes/gobject-introspection-data.bbclass index 2ef684626a..d90cdb4839 100644 --- a/meta/classes/gobject-introspection-data.bbclass +++ b/meta/classes/gobject-introspection-data.bbclass @@ -5,3 +5,8 @@ # so that qemu use can be avoided when necessary. GI_DATA_ENABLED ?= "${@bb.utils.contains('DISTRO_FEATURES', 'gobject-introspection-data', \ bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'True', 'False', d), 'False', d)}" + +do_compile:prepend() { + # This prevents g-ir-scanner from writing cache data to $HOME + export GI_SCANNER_DISABLE_CACHE=1 +} diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass index 6f6dcb3dd5..f3f80334f6 100644 --- a/meta/classes/insane.bbclass +++ b/meta/classes/insane.bbclass @@ -444,12 +444,14 @@ def package_qa_check_buildpaths(path, name, d, elf, messages): Check for build paths inside target files and error if paths are not explicitly ignored. """ + import stat # Ignore .debug files, not interesting if path.find(".debug") != -1: return - # Ignore symlinks - if os.path.islink(path): + # Ignore symlinks/devs/fifos + mode = os.lstat(path).st_mode + if stat.S_ISLNK(mode) or stat.S_ISBLK(mode) or stat.S_ISFIFO(mode) or stat.S_ISCHR(mode) or stat.S_ISSOCK(mode): return tmpdir = bytes(d.getVar('TMPDIR'), encoding="utf-8") diff --git a/meta/classes/kernel-arch.bbclass b/meta/classes/kernel-arch.bbclass index 07ec242e63..348a3adf22 100644 --- a/meta/classes/kernel-arch.bbclass +++ b/meta/classes/kernel-arch.bbclass @@ -61,7 +61,7 @@ HOST_LD_KERNEL_ARCH ?= "${TARGET_LD_KERNEL_ARCH}" TARGET_AR_KERNEL_ARCH ?= "" HOST_AR_KERNEL_ARCH ?= "${TARGET_AR_KERNEL_ARCH}" -KERNEL_CC = "${CCACHE}${HOST_PREFIX}gcc ${HOST_CC_KERNEL_ARCH} -fuse-ld=bfd ${DEBUG_PREFIX_MAP} -fdebug-prefix-map=${STAGING_KERNEL_DIR}=${KERNEL_SRC_PATH}" +KERNEL_CC = "${CCACHE}${HOST_PREFIX}gcc ${HOST_CC_KERNEL_ARCH} -fuse-ld=bfd ${DEBUG_PREFIX_MAP} -fdebug-prefix-map=${STAGING_KERNEL_DIR}=${KERNEL_SRC_PATH} -fdebug-prefix-map=${STAGING_KERNEL_BUILDDIR}=${KERNEL_SRC_PATH}" KERNEL_LD = "${CCACHE}${HOST_PREFIX}ld.bfd ${HOST_LD_KERNEL_ARCH}" KERNEL_AR = "${CCACHE}${HOST_PREFIX}ar ${HOST_AR_KERNEL_ARCH}" TOOLCHAIN = "gcc" diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass index 8299b394a7..c29bd3d5f3 100644 --- a/meta/classes/kernel.bbclass +++ b/meta/classes/kernel.bbclass @@ -629,7 +629,7 @@ kernel_do_configure() { do_savedefconfig() { bbplain "Saving defconfig to:\n${B}/defconfig" - oe_runmake -C ${B} savedefconfig + oe_runmake -C ${B} LD='${KERNEL_LD}' savedefconfig } do_savedefconfig[nostamp] = "1" addtask savedefconfig after do_configure diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass index 62050a18b8..97e97d2703 100644 --- a/meta/classes/package.bbclass +++ b/meta/classes/package.bbclass @@ -382,6 +382,11 @@ def splitdebuginfo(file, dvar, dv, d): debugfile = dvar + dest sources = [] + if file.endswith(".ko") and file.find("/lib/modules/") != -1: + if oe.package.is_kernel_module_signed(file): + bb.debug(1, "Skip strip on signed module %s" % file) + return (file, sources) + # Split the file... bb.utils.mkdirhier(os.path.dirname(debugfile)) #bb.note("Split %s -> %s" % (file, debugfile)) @@ -553,13 +558,25 @@ def copydebugsources(debugsrcdir, sources, d): strip = d.getVar("STRIP") objcopy = d.getVar("OBJCOPY") workdir = d.getVar("WORKDIR") + sdir = d.getVar("S") + sparentdir = os.path.dirname(os.path.dirname(sdir)) + sbasedir = os.path.basename(os.path.dirname(sdir)) + "/" + os.path.basename(sdir) workparentdir = os.path.dirname(os.path.dirname(workdir)) workbasedir = os.path.basename(os.path.dirname(workdir)) + "/" + os.path.basename(workdir) + # If S isnt based on WORKDIR we can infer our sources are located elsewhere, + # e.g. using externalsrc; use S as base for our dirs + if workdir in sdir or 'work-shared' in sdir: + basedir = workbasedir + parentdir = workparentdir + else: + basedir = sbasedir + parentdir = sparentdir + # If build path exists in sourcefile, it means toolchain did not use # -fdebug-prefix-map to compile if checkbuildpath(sourcefile, d): - localsrc_prefix = workparentdir + "/" + localsrc_prefix = parentdir + "/" else: localsrc_prefix = "/usr/src/debug/" @@ -581,7 +598,7 @@ def copydebugsources(debugsrcdir, sources, d): processdebugsrc += "sed 's#%s##g' | " processdebugsrc += "(cd '%s' ; cpio -pd0mlL --no-preserve-owner '%s%s' 2>/dev/null)" - cmd = processdebugsrc % (sourcefile, workbasedir, localsrc_prefix, workparentdir, dvar, debugsrcdir) + cmd = processdebugsrc % (sourcefile, basedir, localsrc_prefix, parentdir, dvar, debugsrcdir) try: subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT) except subprocess.CalledProcessError: @@ -591,9 +608,22 @@ def copydebugsources(debugsrcdir, sources, d): # cpio seems to have a bug with -lL together and symbolic links are just copied, not dereferenced. # Work around this by manually finding and copying any symbolic links that made it through. cmd = "find %s%s -type l -print0 -delete | sed s#%s%s/##g | (cd '%s' ; cpio -pd0mL --no-preserve-owner '%s%s')" % \ - (dvar, debugsrcdir, dvar, debugsrcdir, workparentdir, dvar, debugsrcdir) + (dvar, debugsrcdir, dvar, debugsrcdir, parentdir, dvar, debugsrcdir) subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT) + + # debugsources.list may be polluted from the host if we used externalsrc, + # cpio uses copy-pass and may have just created a directory structure + # matching the one from the host, if thats the case move those files to + # debugsrcdir to avoid host contamination. + # Empty dir structure will be deleted in the next step. + + # Same check as above for externalsrc + if workdir not in sdir: + if os.path.exists(dvar + debugsrcdir + sdir): + cmd = "mv %s%s%s/* %s%s" % (dvar, debugsrcdir, sdir, dvar,debugsrcdir) + subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT) + # The copy by cpio may have resulted in some empty directories! Remove these cmd = "find %s%s -empty -type d -delete" % (dvar, debugsrcdir) subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT) diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index fc179613fb..a59d9b5878 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass @@ -305,7 +305,7 @@ rootfs_trim_schemas () { } rootfs_check_host_user_contaminated () { - contaminated="${WORKDIR}/host-user-contaminated.txt" + contaminated="${S}/host-user-contaminated.txt" HOST_USER_UID="$(PSEUDO_UNLOAD=1 id -u)" HOST_USER_GID="$(PSEUDO_UNLOAD=1 id -g)" diff --git a/meta/lib/oe/package_manager/ipk/__init__.py b/meta/lib/oe/package_manager/ipk/__init__.py index 4cd3963111..9f60f3abcc 100644 --- a/meta/lib/oe/package_manager/ipk/__init__.py +++ b/meta/lib/oe/package_manager/ipk/__init__.py @@ -102,12 +102,14 @@ class OpkgDpkgPM(PackageManager): This method extracts the common parts for Opkg and Dpkg """ - try: - output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True).decode("utf-8") - except subprocess.CalledProcessError as e: + proc = subprocess.run(cmd, capture_output=True, encoding="utf-8", shell=True) + if proc.returncode: bb.fatal("Unable to list available packages. Command '%s' " - "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8"))) - return opkg_query(output) + "returned %d:\n%s" % (cmd, proc.returncode, proc.stderr)) + elif proc.stderr: + bb.note("Command '%s' returned stderr: %s" % (cmd, proc.stderr)) + + return opkg_query(proc.stdout) def extract(self, pkg, pkg_info): """ @@ -443,15 +445,16 @@ class OpkgPM(OpkgDpkgPM): cmd = "%s %s --noaction install %s " % (self.opkg_cmd, opkg_args, ' '.join(pkgs)) - try: - output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True) - except subprocess.CalledProcessError as e: + proc = subprocess.run(cmd, capture_output=True, encoding="utf-8", shell=True) + if proc.returncode: bb.fatal("Unable to dummy install packages. Command '%s' " - "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8"))) + "returned %d:\n%s" % (cmd, proc.returncode, proc.stderr)) + elif proc.stderr: + bb.note("Command '%s' returned stderr: %s" % (cmd, proc.stderr)) bb.utils.remove(temp_rootfs, True) - return output + return proc.stdout def backup_packaging_data(self): # Save the opkglib for increment ipk image generation diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py index 95b915a6ab..4ec9caed45 100644 --- a/meta/lib/oe/patch.py +++ b/meta/lib/oe/patch.py @@ -299,10 +299,10 @@ class GitApplyTree(PatchTree): PatchTree.__init__(self, dir, d) self.commituser = d.getVar('PATCH_GIT_USER_NAME') self.commitemail = d.getVar('PATCH_GIT_USER_EMAIL') - if not self._isInitialized(): + if not self._isInitialized(d): self._initRepo() - def _isInitialized(self): + def _isInitialized(self, d): cmd = "git rev-parse --show-toplevel" try: output = runcmd(cmd.split(), self.dir).strip() @@ -310,8 +310,8 @@ class GitApplyTree(PatchTree): ## runcmd returned non-zero which most likely means 128 ## Not a git directory return False - ## Make sure repo is in builddir to not break top-level git repos - return os.path.samefile(output, self.dir) + ## Make sure repo is in builddir to not break top-level git repos, or under workdir + return os.path.samefile(output, self.dir) or oe.path.is_path_parent(d.getVar('WORKDIR'), output) def _initRepo(self): runcmd("git init".split(), self.dir) diff --git a/meta/lib/oe/recipeutils.py b/meta/lib/oe/recipeutils.py index 872ff97b89..b04992c66d 100644 --- a/meta/lib/oe/recipeutils.py +++ b/meta/lib/oe/recipeutils.py @@ -666,7 +666,7 @@ def get_bbappend_path(d, destlayerdir, wildcardver=False): return (appendpath, pathok) -def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, machine=None, extralines=None, removevalues=None, redirect_output=None): +def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, machine=None, extralines=None, removevalues=None, redirect_output=None, params=None): """ Writes a bbappend file for a recipe Parameters: @@ -696,6 +696,9 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, redirect_output: If specified, redirects writing the output file to the specified directory (for dry-run purposes) + params: + Parameters to use when adding entries to SRC_URI. If specified, + should be a list of dicts with the same length as srcfiles. """ if not removevalues: @@ -762,12 +765,14 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, copyfiles = {} if srcfiles: instfunclines = [] - for newfile, origsrcfile in srcfiles.items(): + for i, (newfile, origsrcfile) in enumerate(srcfiles.items()): srcfile = origsrcfile srcurientry = None if not srcfile: srcfile = os.path.basename(newfile) srcurientry = 'file://%s' % srcfile + if params and params[i]: + srcurientry = '%s;%s' % (srcurientry, ';'.join('%s=%s' % (k,v) for k,v in params[i].items())) # Double-check it's not there already # FIXME do we care if the entry is added by another bbappend that might go away? if not srcurientry in rd.getVar('SRC_URI').split(): diff --git a/meta/lib/oe/reproducible.py b/meta/lib/oe/reproducible.py index 35b8be6d08..2e815df190 100644 --- a/meta/lib/oe/reproducible.py +++ b/meta/lib/oe/reproducible.py @@ -152,7 +152,6 @@ def fixed_source_date_epoch(d): def get_source_date_epoch(d, sourcedir): return ( get_source_date_epoch_from_git(d, sourcedir) or - get_source_date_epoch_from_known_files(d, sourcedir) or get_source_date_epoch_from_youngest_file(d, sourcedir) or fixed_source_date_epoch(d) # Last resort ) diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py index 7150bd0929..de65244932 100644 --- a/meta/lib/oe/sstatesig.py +++ b/meta/lib/oe/sstatesig.py @@ -24,10 +24,19 @@ def sstate_rundepfilter(siggen, fn, recipename, task, dep, depname, dataCaches): return "/allarch.bbclass" in inherits def isImage(mc, fn): return "/image.bbclass" in " ".join(dataCaches[mc].inherits[fn]) + def isSPDXTask(task): + return task in ("do_create_spdx", "do_create_runtime_spdx") depmc, _, deptaskname, depmcfn = bb.runqueue.split_tid_mcfn(dep) mc, _ = bb.runqueue.split_mc(fn) + # Keep all dependencies between SPDX tasks in the signature. SPDX documents + # are linked together by hashes, which means if a dependent document changes, + # all downstream documents must be re-written (even if they are "safe" + # dependencies). + if isSPDXTask(task) and isSPDXTask(deptaskname): + return True + # (Almost) always include our own inter-task dependencies (unless it comes # from a mcdepends). The exception is the special # do_kernel_configme->do_unpack_and_patch dependency from archiver.bbclass. diff --git a/meta/lib/oeqa/runtime/cases/rt.py b/meta/lib/oeqa/runtime/cases/rt.py new file mode 100644 index 0000000000..849ac1914e --- /dev/null +++ b/meta/lib/oeqa/runtime/cases/rt.py @@ -0,0 +1,17 @@ +# +# SPDX-License-Identifier: MIT +# + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends + +class RtTest(OERuntimeTestCase): + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_is_rt(self): + """ + Check that the kernel has CONFIG_PREEMPT_RT enabled. + """ + status, output = self.target.run("uname -a") + self.assertEqual(status, 0, msg=output) + # Split so we don't get a substring false-positive + self.assertIn("PREEMPT_RT", output.split()) diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py index ddf6c0c9f8..34fc791f3a 100644 --- a/meta/lib/oeqa/selftest/cases/devtool.py +++ b/meta/lib/oeqa/selftest/cases/devtool.py @@ -218,6 +218,34 @@ class DevtoolTestCase(OESelftestTestCase): filelist.append(' '.join(splitline)) return filelist + def _check_diff(self, diffoutput, addlines, removelines): + """Check output from 'git diff' matches expectation""" + remaining_addlines = addlines[:] + remaining_removelines = removelines[:] + for line in diffoutput.splitlines(): + if line.startswith('+++') or line.startswith('---'): + continue + elif line.startswith('+'): + matched = False + for item in addlines: + if re.match(item, line[1:].strip()): + matched = True + remaining_addlines.remove(item) + break + self.assertTrue(matched, 'Unexpected diff add line: %s' % line) + elif line.startswith('-'): + matched = False + for item in removelines: + if re.match(item, line[1:].strip()): + matched = True + remaining_removelines.remove(item) + break + self.assertTrue(matched, 'Unexpected diff remove line: %s' % line) + if remaining_addlines: + self.fail('Expected added lines not found: %s' % remaining_addlines) + if remaining_removelines: + self.fail('Expected removed lines not found: %s' % remaining_removelines) + class DevtoolBase(DevtoolTestCase): @@ -718,6 +746,7 @@ class DevtoolModifyTests(DevtoolBase): self.assertTrue(bbclassextended, 'None of these recipes are BBCLASSEXTENDed to native - need to adjust testrecipes list: %s' % ', '.join(testrecipes)) self.assertTrue(inheritnative, 'None of these recipes do "inherit native" - need to adjust testrecipes list: %s' % ', '.join(testrecipes)) + def test_devtool_modify_localfiles_only(self): # Check preconditions testrecipe = 'base-files' @@ -930,23 +959,7 @@ class DevtoolUpdateTests(DevtoolBase): srcurilines[0] = 'SRC_URI = "' + srcurilines[0] srcurilines.append('"') removelines = ['SRCREV = ".*"'] + srcurilines - for line in result.output.splitlines(): - if line.startswith('+++') or line.startswith('---'): - continue - elif line.startswith('+'): - matched = False - for item in addlines: - if re.match(item, line[1:].strip()): - matched = True - break - self.assertTrue(matched, 'Unexpected diff add line: %s' % line) - elif line.startswith('-'): - matched = False - for item in removelines: - if re.match(item, line[1:].strip()): - matched = True - break - self.assertTrue(matched, 'Unexpected diff remove line: %s' % line) + self._check_diff(result.output, addlines, removelines) # Now try with auto mode runCmd('cd %s; git checkout %s %s' % (os.path.dirname(recipefile), testrecipe, os.path.basename(recipefile))) result = runCmd('devtool update-recipe %s' % testrecipe) @@ -1316,6 +1329,73 @@ class DevtoolUpdateTests(DevtoolBase): expected_status = [] self._check_repo_status(os.path.dirname(recipefile), expected_status) + def test_devtool_finish_modify_git_subdir(self): + # Check preconditions + testrecipe = 'dos2unix' + bb_vars = get_bb_vars(['SRC_URI', 'S', 'WORKDIR', 'FILE'], testrecipe) + self.assertIn('git://', bb_vars['SRC_URI'], 'This test expects the %s recipe to be a git recipe' % testrecipe) + workdir_git = '%s/git/' % bb_vars['WORKDIR'] + if not bb_vars['S'].startswith(workdir_git): + self.fail('This test expects the %s recipe to be building from a subdirectory of the git repo' % testrecipe) + subdir = bb_vars['S'].split(workdir_git, 1)[1] + # Clean up anything in the workdir/sysroot/sstate cache + bitbake('%s -c cleansstate' % testrecipe) + # Try modifying a recipe + tempdir = tempfile.mkdtemp(prefix='devtoolqa') + self.track_for_cleanup(tempdir) + self.track_for_cleanup(self.workspacedir) + self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe) + self.add_command_to_tearDown('bitbake-layers remove-layer */workspace') + result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir)) + testsrcfile = os.path.join(tempdir, subdir, 'dos2unix.c') + self.assertExists(testsrcfile, 'Extracted source could not be found') + self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output) + self.assertNotExists(os.path.join(tempdir, subdir, '.git'), 'Subdirectory has been initialised as a git repo') + # Check git repo + self._check_src_repo(tempdir) + # Modify file + runCmd("sed -i '1s:^:/* Add a comment */\\n:' %s" % testsrcfile) + result = runCmd('git commit -a -m "Add a comment"', cwd=tempdir) + # Now try updating original recipe + recipefile = bb_vars['FILE'] + recipedir = os.path.dirname(recipefile) + self.add_command_to_tearDown('cd %s; rm -f %s/*.patch; git checkout .' % (recipedir, testrecipe)) + result = runCmd('devtool update-recipe %s' % testrecipe) + expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)), + ('??', '.*/%s/%s/$' % (testrecipe, testrecipe))] + self._check_repo_status(os.path.dirname(recipefile), expected_status) + result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile)) + removelines = ['SRC_URI = "git://.*"'] + addlines = [ + 'SRC_URI = "git://.* \\\\', + 'file://0001-Add-a-comment.patch;patchdir=.. \\\\', + '"' + ] + self._check_diff(result.output, addlines, removelines) + # Put things back so we can run devtool finish on a different layer + runCmd('cd %s; rm -f %s/*.patch; git checkout .' % (recipedir, testrecipe)) + # Run devtool finish + res = re.search('recipes-.*', recipedir) + self.assertTrue(res, 'Unable to find recipe subdirectory') + recipesubdir = res[0] + self.add_command_to_tearDown('rm -rf %s' % os.path.join(self.testlayer_path, recipesubdir)) + result = runCmd('devtool finish %s meta-selftest' % testrecipe) + # Check bbappend file contents + appendfn = os.path.join(self.testlayer_path, recipesubdir, '%s_%%.bbappend' % testrecipe) + with open(appendfn, 'r') as f: + appendlines = f.readlines() + expected_appendlines = [ + 'FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n', + '\n', + 'SRC_URI += "file://0001-Add-a-comment.patch;patchdir=.."\n', + '\n' + ] + self.assertEqual(appendlines, expected_appendlines) + self.assertExists(os.path.join(os.path.dirname(appendfn), testrecipe, '0001-Add-a-comment.patch')) + # Try building + bitbake('%s -c patch' % testrecipe) + + class DevtoolExtractTests(DevtoolBase): def test_devtool_extract(self): diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py index 8eacde40ad..857737f730 100644 --- a/meta/lib/oeqa/selftest/cases/runtime_test.py +++ b/meta/lib/oeqa/selftest/cases/runtime_test.py @@ -252,7 +252,7 @@ class TestImage(OESelftestTestCase): import subprocess, os distro = oe.lsb.distro_identifier() - if distro and distro in ['debian-9', 'debian-10', 'centos-7', 'centos-8', 'ubuntu-16.04', 'ubuntu-18.04', 'almalinux-8.5', 'almalinux-8.6']: + if distro and (distro in ['debian-9', 'debian-10', 'centos-7', 'centos-8', 'ubuntu-16.04', 'ubuntu-18.04'] or distro.startswith('almalinux')): self.skipTest('virgl headless cannot be tested with %s' %(distro)) render_hint = """If /dev/dri/renderD* is absent due to lack of suitable GPU, 'modprobe vgem' will create one suitable for mesa llvmpipe software renderer.""" diff --git a/meta/recipes-bsp/alsa-state/alsa-state.bb b/meta/recipes-bsp/alsa-state/alsa-state.bb index df546633f1..27b2eccbe4 100644 --- a/meta/recipes-bsp/alsa-state/alsa-state.bb +++ b/meta/recipes-bsp/alsa-state/alsa-state.bb @@ -8,8 +8,11 @@ SUMMARY = "Alsa scenario files to enable alsa state restoration" HOMEPAGE = "http://www.alsa-project.org/" DESCRIPTION = "Alsa Scenario Files - an init script and state files to restore \ sound state at system boot and save it at system shut down." -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +LICENSE = "MIT & GPL-2.0-or-later" +LIC_FILES_CHKSUM = " \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \ + file://alsa-state-init;beginline=3;endline=4;md5=3ff7ecbf534d7d503941abe8e268ef50 \ +" PV = "0.2.0" PR = "r5" diff --git a/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init b/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init index eee59cb321..a04cc27004 100755 --- a/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init +++ b/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init @@ -1,10 +1,9 @@ #! /bin/sh # # Copyright Matthias Hentges <devel@hentges.net> (c) 2007 -# License: GPL (see http://www.gnu.org/licenses/gpl.txt for a copy of the license) +# SPDX-License-Identifier: GPL-2.0-or-later # # Filename: alsa-state -# Date: 20070308 (YMD) # source function library . /etc/init.d/functions diff --git a/meta/recipes-bsp/efivar/efivar/0001-Fix-invalid-free-in-main.patch b/meta/recipes-bsp/efivar/efivar/0001-Fix-invalid-free-in-main.patch new file mode 100644 index 0000000000..7e63df578e --- /dev/null +++ b/meta/recipes-bsp/efivar/efivar/0001-Fix-invalid-free-in-main.patch @@ -0,0 +1,30 @@ +From 085f027e9e9f1478f68ddda705f83b244ee3bd88 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood <rharwood@redhat.com> +Date: Mon, 18 Apr 2022 13:08:18 -0400 +Subject: [PATCH] Fix invalid free in main() + +data is allocated by mmap() in prepare_data(). + +Resolves: #173 +Signed-off-by: Robbie Harwood <rharwood@redhat.com> +Upstream-Status: Backport +Link: https://github.com/rhboot/efivar/commit/6be2cb1c0139ac177e754b0767abf1ca1533847f +Signed-off-by: Grygorii Tertychnyi <grygorii.tertychnyi@leica-geosystems.com> + +--- + src/efivar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/efivar.c b/src/efivar.c +index 5cd1eb2bc73c..09f85edd0a38 100644 +--- a/src/efivar.c ++++ b/src/efivar.c +@@ -633,7 +633,7 @@ int main(int argc, char *argv[]) + if (sz < 0) + err(1, "Could not import data from \"%s\"", infile); + +- free(data); ++ munmap(data, data_size); + data = NULL; + data_size = 0; + diff --git a/meta/recipes-bsp/efivar/efivar_38.bb b/meta/recipes-bsp/efivar/efivar_38.bb index 53fe20a95b..42625fa041 100644 --- a/meta/recipes-bsp/efivar/efivar_38.bb +++ b/meta/recipes-bsp/efivar/efivar_38.bb @@ -11,6 +11,7 @@ SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=main;protocol=https \ file://0001-docs-do-not-build-efisecdb-manpage.patch \ file://0001-src-Makefile-build-util.c-separately-for-makeguids.patch \ file://efisecdb-fix-build-with-musl-libc.patch \ + file://0001-Fix-invalid-free-in-main.patch \ " SRCREV = "1753149d4176ebfb2b135ac0aaf79340bf0e7a93" diff --git a/meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch b/meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch new file mode 100644 index 0000000000..04ded5b119 --- /dev/null +++ b/meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch @@ -0,0 +1,126 @@ +From 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409 Mon Sep 17 00:00:00 2001 +From: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr> +Date: Fri, 10 Jun 2022 14:50:25 +0000 +Subject: [PATCH] i2c: fix stack buffer overflow vulnerability in i2c md + command + +When running "i2c md 0 0 80000100", the function do_i2c_md parses the +length into an unsigned int variable named length. The value is then +moved to a signed variable: + + int nbytes = length; + #define DISP_LINE_LEN 16 + int linebytes = (nbytes > DISP_LINE_LEN) ? DISP_LINE_LEN : nbytes; + ret = dm_i2c_read(dev, addr, linebuf, linebytes); + +On systems where integers are 32 bits wide, 0x80000100 is a negative +value to "nbytes > DISP_LINE_LEN" is false and linebytes gets assigned +0x80000100 instead of 16. + +The consequence is that the function which reads from the i2c device +(dm_i2c_read or i2c_read) is called with a 16-byte stack buffer to fill +but with a size parameter which is too large. In some cases, this could +trigger a crash. But with some i2c drivers, such as drivers/i2c/nx_i2c.c +(used with "nexell,s5pxx18-i2c" bus), the size is actually truncated to +a 16-bit integer. This is because function i2c_transfer expects an +unsigned short length. In such a case, an attacker who can control the +response of an i2c device can overwrite the return address of a function +and execute arbitrary code through Return-Oriented Programming. + +Fix this issue by using unsigned integers types in do_i2c_md. While at +it, make also alen unsigned, as signed sizes can cause vulnerabilities +when people forgot to check that they can be negative. + +Signed-off-by: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr> +Reviewed-by: Heiko Schocher <hs@denx.de> + +CVE: CVE-2022-34835 +Upstream-Status: Backport [8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + cmd/i2c.c | 24 ++++++++++++------------ + 1 file changed, 12 insertions(+), 12 deletions(-) + +diff --git a/cmd/i2c.c b/cmd/i2c.c +index 9050b2b8d2..bd04b14024 100644 +--- a/cmd/i2c.c ++++ b/cmd/i2c.c +@@ -200,10 +200,10 @@ void i2c_init_board(void) + * + * Returns the address length. + */ +-static uint get_alen(char *arg, int default_len) ++static uint get_alen(char *arg, uint default_len) + { +- int j; +- int alen; ++ uint j; ++ uint alen; + + alen = default_len; + for (j = 0; j < 8; j++) { +@@ -247,7 +247,7 @@ static int do_i2c_read(struct cmd_tbl *cmdtp, int flag, int argc, + { + uint chip; + uint devaddr, length; +- int alen; ++ uint alen; + u_char *memaddr; + int ret; + #if CONFIG_IS_ENABLED(DM_I2C) +@@ -301,7 +301,7 @@ static int do_i2c_write(struct cmd_tbl *cmdtp, int flag, int argc, + { + uint chip; + uint devaddr, length; +- int alen; ++ uint alen; + u_char *memaddr; + int ret; + #if CONFIG_IS_ENABLED(DM_I2C) +@@ -469,8 +469,8 @@ static int do_i2c_md(struct cmd_tbl *cmdtp, int flag, int argc, + { + uint chip; + uint addr, length; +- int alen; +- int j, nbytes, linebytes; ++ uint alen; ++ uint j, nbytes, linebytes; + int ret; + #if CONFIG_IS_ENABLED(DM_I2C) + struct udevice *dev; +@@ -589,9 +589,9 @@ static int do_i2c_mw(struct cmd_tbl *cmdtp, int flag, int argc, + { + uint chip; + ulong addr; +- int alen; ++ uint alen; + uchar byte; +- int count; ++ uint count; + int ret; + #if CONFIG_IS_ENABLED(DM_I2C) + struct udevice *dev; +@@ -676,8 +676,8 @@ static int do_i2c_crc(struct cmd_tbl *cmdtp, int flag, int argc, + { + uint chip; + ulong addr; +- int alen; +- int count; ++ uint alen; ++ uint count; + uchar byte; + ulong crc; + ulong err; +@@ -985,7 +985,7 @@ static int do_i2c_loop(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) + { + uint chip; +- int alen; ++ uint alen; + uint addr; + uint length; + u_char bytes[16]; +-- +2.25.1 + diff --git a/meta/recipes-bsp/u-boot/u-boot_2022.01.bb b/meta/recipes-bsp/u-boot/u-boot_2022.01.bb index 0d2464d74b..f2443723e2 100644 --- a/meta/recipes-bsp/u-boot/u-boot_2022.01.bb +++ b/meta/recipes-bsp/u-boot/u-boot_2022.01.bb @@ -3,6 +3,7 @@ require u-boot.inc SRC_URI:append = " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \ file://0001-riscv-fix-build-with-binutils-2.38.patch \ + file://0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch \ " DEPENDS += "bc-native dtc-native python3-setuptools-native" diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/0001-avoid-start-failure-with-bind-user.patch b/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch index ec1bc7b567..ec1bc7b567 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/0001-avoid-start-failure-with-bind-user.patch +++ b/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch index 4c10f33f04..4c10f33f04 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ b/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch index f1abd179e8..f1abd179e8 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/bind9 b/meta/recipes-connectivity/bind/bind-9.18.4/bind9 index 968679ff7f..968679ff7f 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/bind9 +++ b/meta/recipes-connectivity/bind/bind-9.18.4/bind9 diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/conf.patch b/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch index aa3642acec..aa3642acec 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/conf.patch +++ b/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh index 633e29c0e6..633e29c0e6 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/generate-rndc-key.sh +++ b/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/init.d-add-support-for-read-only-rootfs.patch b/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch index 11db95ede1..11db95ede1 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/init.d-add-support-for-read-only-rootfs.patch +++ b/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch index 146f3e35db..146f3e35db 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch +++ b/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/named.service b/meta/recipes-connectivity/bind/bind-9.18.4/named.service index cda56ef015..cda56ef015 100644 --- a/meta/recipes-connectivity/bind/bind-9.18.2/named.service +++ b/meta/recipes-connectivity/bind/bind-9.18.4/named.service diff --git a/meta/recipes-connectivity/bind/bind_9.18.2.bb b/meta/recipes-connectivity/bind/bind_9.18.4.bb index 1c77aceb9f..c3efaffeda 100644 --- a/meta/recipes-connectivity/bind/bind_9.18.2.bb +++ b/meta/recipes-connectivity/bind/bind_9.18.4.bb @@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "2e4b38779bba0a23ee634fdf7c525fd9794c41d692bfd83cda25823a2a3ed969" +SRC_URI[sha256sum] = "f277ae50159a00c300eb926a9c5d51953038a936bd8242d6913dfb6eac42761d" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # follow the ESV versions divisible by 2 @@ -46,8 +46,6 @@ EXTRA_OECONF = " --disable-devpoll --disable-auto-validation --enable-epoll \ " LDFLAGS:append = " -lz" -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native setuptools3-base', '', d)} - # dhcp needs .la so keep them REMOVE_LIBTOOL_LA = "0" @@ -67,12 +65,6 @@ do_install:append() { install -d "${D}${sysconfdir}/init.d" install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then - sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ - ${D}${sbindir}/dnssec-coverage \ - ${D}${sbindir}/dnssec-checkds \ - ${D}${sbindir}/dnssec-keymgr - fi # Install systemd related files install -d ${D}${sbindir} @@ -119,9 +111,4 @@ FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" FILES:${PN}-staticdev += "${libdir}/*.la" -PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" -FILES:python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ - ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" - RDEPENDS:${PN}-dev = "" -RDEPENDS:python3-bind = "python3-core python3-ply" diff --git a/meta/recipes-connectivity/libuv/libuv_1.44.1.bb b/meta/recipes-connectivity/libuv/libuv_1.44.2.bb index 4c96d80a65..4c1b8eed56 100644 --- a/meta/recipes-connectivity/libuv/libuv_1.44.1.bb +++ b/meta/recipes-connectivity/libuv/libuv_1.44.2.bb @@ -5,7 +5,7 @@ BUGTRACKER = "https://github.com/libuv/libuv/issues" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=ad93ca1fffe931537fcf64f6fcce084d" -SRCREV = "e8b7eb6908a847ffbe6ab2eec7428e43a0aa53a2" +SRCREV = "0c1fa696aa502eb749c2c4735005f41ba00a27b8" SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index a3a0016ce5..e4446280d9 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb @@ -160,7 +160,7 @@ FILES:${PN}-sftp-server = "${libexecdir}/sftp-server" FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" FILES:${PN}-keygen = "${bindir}/ssh-keygen" -RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" +RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen ${PN}-sftp-server" RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" RRECOMMENDS:${PN}-sshd:append:class-target = "\ ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \ diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.4.bb b/meta/recipes-connectivity/openssl/openssl_3.0.5.bb index d9d17378d4..e50ff7f8c5 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.4.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.5.bb @@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "2831843e9a668a0ab478e7020ad63d2d65e51f72977472dc73efcefbafc0c00f" +SRC_URI[sha256sum] = "aa7d8d9bef71ad6525c55ba11e5f4397889ce49c2c9349dcea6d3e4f0b024a7a" inherit lib_package multilib_header multilib_script ptest perlnative MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index 78f9f9adbd..2d6e64cf8d 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -12,6 +12,11 @@ DEPENDS = "zlib virtual/crypt" RPROVIDES:${PN} = "ssh sshd" RCONFLICTS:${PN} = "openssh-sshd openssh" +# break dependency on base package for -dev package +# otherwise SDK fails to build as the main openssh and dropbear packages +# conflict with each other +RDEPENDS:${PN}-dev = "" + DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ diff --git a/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch b/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch index fb50fff6a5..c0114397d8 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch +++ b/meta/recipes-core/glib-2.0/glib-2.0/relocate-modules.patch @@ -1,4 +1,4 @@ -From a30eb17c20e070124b55523d86729348f2929f95 Mon Sep 17 00:00:00 2001 +From 9a66887179d28d696562dcac43ad05d67580cfdb Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Fri, 11 Mar 2016 15:35:55 +0000 Subject: [PATCH] glib-2.0: relocate the GIO module directory for native builds diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.72.2.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb index c4a8a4b8ad..dd1ea508d2 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0_2.72.2.bb +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb @@ -19,7 +19,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ " SRC_URI:append:class-native = " file://relocate-modules.patch" -SRC_URI[sha256sum] = "78d599a133dba7fe2036dfa8db8fb6131ab9642783fc9578b07a20995252d2de" +SRC_URI[sha256sum] = "4a39a2f624b8512d500d5840173eda7fa85f51c109052eae806acece85d345f0" # Find any meson cross files in FILESPATH that are relevant for the current # build (using siteinfo) and add them to EXTRA_OEMESON. diff --git a/meta/recipes-core/glib-networking/glib-networking_2.72.0.bb b/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb index d578f17aa5..41f18d1c48 100644 --- a/meta/recipes-core/glib-networking/glib-networking_2.72.0.bb +++ b/meta/recipes-core/glib-networking/glib-networking_2.72.1.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SECTION = "libs" DEPENDS = "glib-2.0" -SRC_URI[archive.sha256sum] = "100aaebb369285041de52da422b6b716789d5e4d7549a3a71ba587b932e0823b" +SRC_URI[archive.sha256sum] = "6fc1bedc8062484dc8a0204965995ef2367c3db5c934058ff1607e5a24d95a74" PACKAGECONFIG ??= "openssl ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}" diff --git a/meta/recipes-core/glibc/glibc-tests_2.35.bb b/meta/recipes-core/glibc/glibc-tests_2.35.bb index 028e83e865..96d0569ff6 100644 --- a/meta/recipes-core/glibc/glibc-tests_2.35.bb +++ b/meta/recipes-core/glibc/glibc-tests_2.35.bb @@ -5,6 +5,7 @@ inherit ptest features_check REQUIRED_DISTRO_FEATURES = "ptest" SRC_URI:append = " \ + file://reproducible-paths.patch \ file://run-ptest \ " @@ -31,6 +32,8 @@ RRECOMMENDS:${PN} = "" RDEPENDS:${PN} = " glibc sed" DEPENDS:append = " sed" +export oe_srcdir="${exec_prefix}/src/debug/glibc/${PV}/" + # Just build tests for target - do not run them do_check:append () { oe_runmake -i check run-built-tests=no diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 080e905b6e..ccb41e5af6 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.35/master" PV = "2.35" -SRCREV_glibc ?= "24962427071fa532c3c48c918e9d64d719cc8a6c" +SRCREV_glibc ?= "0e5b239f45992e4b54c6f946ecb0c410afc8bb08" SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch b/meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch new file mode 100644 index 0000000000..2421a63605 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch @@ -0,0 +1,128 @@ +From 6b8959add09e425df262bf9178b39ca35bc4003c Mon Sep 17 00:00:00 2001 +From: Martin Jansa <Martin.Jansa@gmail.com> +Date: Sun, 24 Jul 2022 19:41:41 +0200 +Subject: [PATCH] Revert "Linux: Implement a useful version of _startup_fatal" + +This reverts commit 2d05ba7f8ef979947e910a37ae8115a816eb4d08. +Upstream-Status: Inappropriate [temporary work around] + +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> + +--- + sysdeps/unix/sysv/linux/i386/startup.h | 23 ++++++++++++--- + sysdeps/unix/sysv/linux/ia64/startup.h | 22 --------------- + sysdeps/unix/sysv/linux/startup.h | 39 -------------------------- + 3 files changed, 19 insertions(+), 65 deletions(-) + delete mode 100644 sysdeps/unix/sysv/linux/ia64/startup.h + delete mode 100644 sysdeps/unix/sysv/linux/startup.h + +diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h +index 213805d7d2..67c9310f3a 100644 +--- a/sysdeps/unix/sysv/linux/i386/startup.h ++++ b/sysdeps/unix/sysv/linux/i386/startup.h +@@ -1,5 +1,5 @@ + /* Linux/i386 definitions of functions used by static libc main startup. +- Copyright (C) 2022 Free Software Foundation, Inc. ++ Copyright (C) 2017-2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -16,7 +16,22 @@ + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +-/* Can't use "call *%gs:SYSINFO_OFFSET" during startup. */ +-#define I386_USE_SYSENTER 0 ++#if BUILD_PIE_DEFAULT ++/* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE. */ ++# define I386_USE_SYSENTER 0 + +-#include_next <startup.h> ++# include <sysdep.h> ++# include <abort-instr.h> ++ ++__attribute__ ((__noreturn__)) ++static inline void ++_startup_fatal (const char *message __attribute__ ((unused))) ++{ ++ /* This is only called very early during startup in static PIE. ++ FIXME: How can it be improved? */ ++ ABORT_INSTRUCTION; ++ __builtin_unreachable (); ++} ++#else ++# include_next <startup.h> ++#endif +diff --git a/sysdeps/unix/sysv/linux/ia64/startup.h b/sysdeps/unix/sysv/linux/ia64/startup.h +deleted file mode 100644 +index 77f29f15a2..0000000000 +--- a/sysdeps/unix/sysv/linux/ia64/startup.h ++++ /dev/null +@@ -1,22 +0,0 @@ +-/* Linux/ia64 definitions of functions used by static libc main startup. +- Copyright (C) 2022 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library; if not, see +- <https://www.gnu.org/licenses/>. */ +- +-/* This code is used before the TCB is set up. */ +-#define IA64_USE_NEW_STUB 0 +- +-#include_next <startup.h> +diff --git a/sysdeps/unix/sysv/linux/startup.h b/sysdeps/unix/sysv/linux/startup.h +deleted file mode 100644 +index 39859b404a..0000000000 +--- a/sysdeps/unix/sysv/linux/startup.h ++++ /dev/null +@@ -1,39 +0,0 @@ +-/* Linux definitions of functions used by static libc main startup. +- Copyright (C) 2017-2022 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library; if not, see +- <https://www.gnu.org/licenses/>. */ +- +-#ifdef SHARED +-# include_next <startup.h> +-#else +-# include <sysdep.h> +- +-/* Avoid a run-time invocation of strlen. */ +-#define _startup_fatal(message) \ +- do \ +- { \ +- size_t __message_length = __builtin_strlen (message); \ +- if (! __builtin_constant_p (__message_length)) \ +- { \ +- extern void _startup_fatal_not_constant (void); \ +- _startup_fatal_not_constant (); \ +- } \ +- INTERNAL_SYSCALL_CALL (write, STDERR_FILENO, (message), \ +- __message_length); \ +- INTERNAL_SYSCALL_CALL (exit_group, 127); \ +- } \ +- while (0) +-#endif /* !SHARED */ diff --git a/meta/recipes-core/glibc/glibc/reproducible-paths.patch b/meta/recipes-core/glibc/glibc/reproducible-paths.patch new file mode 100644 index 0000000000..0754dca62b --- /dev/null +++ b/meta/recipes-core/glibc/glibc/reproducible-paths.patch @@ -0,0 +1,23 @@ +Avoid hardcoded build time paths in the output binaries by replacing the compile +definitions with the output locations. + +Upstream-Status: Inappropriate [would need reworking somehow to be acceptable upstream] +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +Index: git/support/Makefile +=================================================================== +--- git.orig/support/Makefile ++++ git/support/Makefile +@@ -216,9 +216,9 @@ libsupport-inhibit-o += .o + endif + + CFLAGS-support_paths.c = \ +- -DSRCDIR_PATH=\"`cd .. ; pwd`\" \ +- -DOBJDIR_PATH=\"`cd $(objpfx)/..; pwd`\" \ +- -DOBJDIR_ELF_LDSO_PATH=\"`cd $(objpfx)/..; pwd`/elf/$(rtld-installed-name)\" \ ++ -DSRCDIR_PATH=\"$(oe_srcdir)\" \ ++ -DOBJDIR_PATH=\"$(libdir)/glibc-tests/ptest/tests/glibc-ptest\" \ ++ -DOBJDIR_ELF_LDSO_PATH=\"$(slibdir)/$(rtld-installed-name)\" \ + -DINSTDIR_PATH=\"$(prefix)\" \ + -DLIBDIR_PATH=\"$(libdir)\" \ + -DBINDIR_PATH=\"$(bindir)\" \ diff --git a/meta/recipes-core/glibc/glibc_2.35.bb b/meta/recipes-core/glibc/glibc_2.35.bb index 96fe39c548..df847e76bf 100644 --- a/meta/recipes-core/glibc/glibc_2.35.bb +++ b/meta/recipes-core/glibc/glibc_2.35.bb @@ -48,6 +48,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0022-sysdeps-gnu-configure.ac-Set-libc_cv_rootsbindir-onl.patch \ file://0023-timezone-Make-shell-interpreter-overridable-in-tzsel.patch \ file://0024-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \ + \ + file://0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 398481aef7..7acdd8c2ef 100644 --- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx" inherit core-image setuptools3 -SRCREV ?= "213f174999a16daee955296162e62fa3386f841d" +SRCREV ?= "60171200800c62820c9275b50c703e53ed6e7b28" SRC_URI = "git://git.yoctoproject.org/poky;branch=kirkstone \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh b/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh index 1fcd29e54c..4bd6ace7b3 100644 --- a/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh +++ b/meta/recipes-core/initrdscripts/files/init-install-efi-testfs.sh @@ -138,7 +138,7 @@ touch /ssd/etc/controllerimage if [ -d /ssd/etc/ ] ; then # We dont want udev to mount our root device while we're booting... if [ -d /ssd/etc/udev/ ] ; then - echo "/dev/${device}" >> /ssd/etc/udev/mount.blacklist + echo "/dev/${device}" >> /ssd/etc/udev/mount.ignorelist fi fi diff --git a/meta/recipes-core/initrdscripts/files/init-install-efi.sh b/meta/recipes-core/initrdscripts/files/init-install-efi.sh index f667518b89..ffd3870199 100644 --- a/meta/recipes-core/initrdscripts/files/init-install-efi.sh +++ b/meta/recipes-core/initrdscripts/files/init-install-efi.sh @@ -229,7 +229,7 @@ if [ -d /tgt_root/etc/ ] ; then echo "UUID=$boot_uuid /boot vfat defaults 1 2" >> /tgt_root/etc/fstab # We dont want udev to mount our root device while we're booting... if [ -d /tgt_root/etc/udev/ ] ; then - echo "${device}" >> /tgt_root/etc/udev/mount.blacklist + echo "${device}" >> /tgt_root/etc/udev/mount.ignorelist fi fi diff --git a/meta/recipes-core/initrdscripts/files/init-install-testfs.sh b/meta/recipes-core/initrdscripts/files/init-install-testfs.sh index 7b49001659..8ab74ddc5d 100644 --- a/meta/recipes-core/initrdscripts/files/init-install-testfs.sh +++ b/meta/recipes-core/initrdscripts/files/init-install-testfs.sh @@ -164,7 +164,7 @@ if [ -d /tgt_root/etc/ ] ; then echo "$bootfs /boot ext3 defaults 1 2" >> /tgt_root/etc/fstab # We dont want udev to mount our root device while we're booting... if [ -d /tgt_root/etc/udev/ ] ; then - echo "/dev/${device}" >> /tgt_root/etc/udev/mount.blacklist + echo "/dev/${device}" >> /tgt_root/etc/udev/mount.ignorelist fi fi umount /tgt_root diff --git a/meta/recipes-core/initrdscripts/files/init-install.sh b/meta/recipes-core/initrdscripts/files/init-install.sh index e71579631b..df33791ec7 100644 --- a/meta/recipes-core/initrdscripts/files/init-install.sh +++ b/meta/recipes-core/initrdscripts/files/init-install.sh @@ -261,7 +261,7 @@ if [ -d /tgt_root/etc/ ] ; then echo "$bootdev /boot ext3 defaults 1 2" >> /tgt_root/etc/fstab # We dont want udev to mount our root device while we're booting... if [ -d /tgt_root/etc/udev/ ] ; then - echo "${device}" >> /tgt_root/etc/udev/mount.blacklist + echo "${device}" >> /tgt_root/etc/udev/mount.ignorelist fi fi umount /tgt_root diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb index 2244d1b292..7c9d9ca4f1 100644 --- a/meta/recipes-core/initscripts/initscripts_1.0.bb +++ b/meta/recipes-core/initscripts/initscripts_1.0.bb @@ -130,7 +130,7 @@ do_install () { update-rc.d -r ${D} rmnologin.sh start 99 2 3 4 5 . update-rc.d -r ${D} sendsigs start 20 0 6 . update-rc.d -r ${D} urandom start 38 S 0 6 . - update-rc.d -r ${D} umountnfs.sh start 31 0 1 6 . + update-rc.d -r ${D} umountnfs.sh stop 31 0 1 6 . update-rc.d -r ${D} umountfs start 40 0 6 . update-rc.d -r ${D} reboot start 90 6 . update-rc.d -r ${D} halt start 90 0 . diff --git a/meta/recipes-core/systemd/systemd_250.5.bb b/meta/recipes-core/systemd/systemd_250.5.bb index 006b2f86ea..9923312830 100644 --- a/meta/recipes-core/systemd/systemd_250.5.bb +++ b/meta/recipes-core/systemd/systemd_250.5.bb @@ -779,7 +779,7 @@ pkg_prerm:${PN}:libc-glibc () { PACKAGE_WRITE_DEPS += "qemu-native" pkg_postinst:udev-hwdb () { if test -n "$D"; then - $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" base_bindir="${base_bindir}" else udevadm hwdb --update fi diff --git a/meta/recipes-core/udev/udev-extraconf/mount.blacklist b/meta/recipes-core/udev/udev-extraconf/mount.ignorelist index e49349428b..e49349428b 100644 --- a/meta/recipes-core/udev/udev-extraconf/mount.blacklist +++ b/meta/recipes-core/udev/udev-extraconf/mount.ignorelist diff --git a/meta/recipes-core/udev/udev-extraconf/mount.sh b/meta/recipes-core/udev/udev-extraconf/mount.sh index b23731870e..b7e86dbc0e 100644 --- a/meta/recipes-core/udev/udev-extraconf/mount.sh +++ b/meta/recipes-core/udev/udev-extraconf/mount.sh @@ -6,6 +6,7 @@ BASE_INIT="`readlink -f "@base_sbindir@/init"`" INIT_SYSTEMD="@systemd_unitdir@/systemd" +MOUNT_BASE="@MOUNT_BASE@" if [ "x$BASE_INIT" = "x$INIT_SYSTEMD" ];then # systemd as init uses systemd-mount to mount block devices @@ -26,11 +27,11 @@ fi PMOUNT="/usr/bin/pmount" -for line in `grep -h -v ^# /etc/udev/mount.blacklist /etc/udev/mount.blacklist.d/*` +for line in `grep -h -v ^# /etc/udev/mount.ignorelist /etc/udev/mount.ignorelist.d/*` do if [ ` expr match "$DEVNAME" "$line" ` -gt 0 ]; then - logger "udev/mount.sh" "[$DEVNAME] is blacklisted, ignoring" + logger "udev/mount.sh" "[$DEVNAME] is marked to ignore" exit 0 fi done @@ -39,11 +40,21 @@ automount_systemd() { name="`basename "$DEVNAME"`" # Skip already mounted partitions - if [ -f /run/systemd/transient/run-media-$name.mount ]; then - logger "mount.sh/automount" "/run/media/$name already mounted" + if [ -f /run/systemd/transient/$(echo $MOUNT_BASE | cut -d '/' -f 2- | sed 's#/#-#g')-*$name.mount ]; then + logger "mount.sh/automount" "$MOUNT_BASE/$name already mounted" return fi + # Get the unique name for mount point + get_label_name "${DEVNAME}" + + # Only go for auto-mounting when the device has been cleaned up in remove + # or has not been identified yet + if [ -e "/tmp/.automount-$name" ]; then + logger "mount.sh/automount" "[$MOUNT_BASE/$name] is already cached" + return + fi + # Skip the partition which are already in /etc/fstab grep "^[[:space:]]*$DEVNAME" /etc/fstab && return for n in LABEL PARTLABEL UUID PARTUUID; do @@ -53,7 +64,7 @@ automount_systemd() { grep "^[[:space:]]*$tmp" /etc/fstab && return done - [ -d "/run/media/$name" ] || mkdir -p "/run/media/$name" + [ -d "$MOUNT_BASE/$name" ] || mkdir -p "$MOUNT_BASE/$name" MOUNT="$MOUNT -o silent" @@ -65,18 +76,20 @@ automount_systemd() { ;; swap) return ;; + lvm*|LVM*) + return ;; # TODO *) ;; esac - if ! $MOUNT --no-block -t auto $DEVNAME "/run/media/$name" + if ! $MOUNT --no-block -t auto $DEVNAME "$MOUNT_BASE/$name" then - #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"/run/media/$name\" failed!" - rm_dir "/run/media/$name" + #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"$MOUNT_BASE/$name\" failed!" + rm_dir "$MOUNT_BASE/$name" else - logger "mount.sh/automount" "Auto-mount of [/run/media/$name] successful" - touch "/tmp/.automount-$name" + logger "mount.sh/automount" "Auto-mount of [$MOUNT_BASE/$name] successful" + echo "$name" > "/tmp/.automount-$name" fi } @@ -93,7 +106,17 @@ automount() { # configured in fstab grep -q "^$DEVNAME " /proc/mounts && return - ! test -d "/run/media/$name" && mkdir -p "/run/media/$name" + # Get the unique name for mount point + get_label_name "${DEVNAME}" + + # Only go for auto-mounting when the device has been cleaned up in remove + # or has not been identified yet + if [ -e "/tmp/.automount-$name" ]; then + logger "mount.sh/automount" "[$MOUNT_BASE/$name] is already cached" + return + fi + + ! test -d "$MOUNT_BASE/$name" && mkdir -p "$MOUNT_BASE/$name" # Silent util-linux's version of mounting auto if [ "x`readlink $MOUNT`" = "x/bin/mount.util-linux" ] ; then @@ -108,18 +131,23 @@ automount() { ;; swap) return ;; + lvm*|LVM*) + return ;; # TODO *) ;; esac - if ! $MOUNT -t auto $DEVNAME "/run/media/$name" + if ! $MOUNT -t auto $DEVNAME "$MOUNT_BASE/$name" then - #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"/run/media/$name\" failed!" - rm_dir "/run/media/$name" + #logger "mount.sh/automount" "$MOUNT -t auto $DEVNAME \"$MOUNT_BASE/$name\" failed!" + rm_dir "$MOUNT_BASE/$name" else - logger "mount.sh/automount" "Auto-mount of [/run/media/$name] successful" - touch "/tmp/.automount-$name" + logger "mount.sh/automount" "Auto-mount of [$MOUNT_BASE/$name] successful" + # The actual device might not be present in the remove event so blkid cannot + # be used to calculate what name was generated here. Simply save the mount + # name in our tmp file. + echo "$name" > "/tmp/.automount-$name" fi } @@ -133,6 +161,18 @@ rm_dir() { fi } +get_label_name() { + # Get the LABEL or PARTLABEL + LABEL=`/sbin/blkid | grep "$1:" | grep -o 'LABEL=".*"' | cut -d '"' -f2` + # If the $DEVNAME has a LABEL or a PARTLABEL + if [ -n "$LABEL" ]; then + # Set the mount location dir name to LABEL appended + # with $name e.g. label-sda. That would avoid overlapping + # mounts in case two devices have same LABEL + name="${LABEL}-${name}" + fi +} + # No ID_FS_TYPE for cdrom device, yet it should be mounted name="`basename "$DEVNAME"`" [ -e /sys/block/$name/device/media ] && media_type=`cat /sys/block/$name/device/media` @@ -150,12 +190,18 @@ if [ "$ACTION" = "add" ] && [ -n "$DEVNAME" ] && [ -n "$ID_FS_TYPE" -o "$media_t fi if [ "$ACTION" = "remove" ] || [ "$ACTION" = "change" ] && [ -x "$UMOUNT" ] && [ -n "$DEVNAME" ]; then - for mnt in `cat /proc/mounts | grep "$DEVNAME" | cut -f 2 -d " " ` - do - $UMOUNT $mnt - done - - # Remove empty directories from auto-mounter name="`basename "$DEVNAME"`" - test -e "/tmp/.automount-$name" && rm_dir "/run/media/$name" + tmpfile=`find /tmp | grep "\.automount-.*${name}$"` + if [ ! -e "/sys/$DEVPATH" -a -e "$tmpfile" ]; then + logger "mount.sh/remove" "cleaning up $DEVNAME, was mounted by the auto-mounter" + for mnt in `cat /proc/mounts | grep "$DEVNAME" | cut -f 2 -d " " ` + do + $UMOUNT $mnt + done + # Remove mount directory created by the auto-mounter + # and clean up our tmp cache file + mntdir=`cat "$tmpfile"` + rm_dir "$MOUNT_BASE/$mntdir" + rm "$tmpfile" + fi fi diff --git a/meta/recipes-core/udev/udev-extraconf_1.1.bb b/meta/recipes-core/udev/udev-extraconf_1.1.bb index 2ba35b0df6..30f1fe76d0 100644 --- a/meta/recipes-core/udev/udev-extraconf_1.1.bb +++ b/meta/recipes-core/udev/udev-extraconf_1.1.bb @@ -1,13 +1,13 @@ SUMMARY = "Extra machine specific configuration files" HOMEPAGE = "https://wiki.gentoo.org/wiki/Eudev" -DESCRIPTION = "Extra machine specific configuration files for udev, specifically blacklist information." +DESCRIPTION = "Extra machine specific configuration files for udev, specifically information on devices to ignore." LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" SRC_URI = " \ file://automount.rules \ file://mount.sh \ - file://mount.blacklist \ + file://mount.ignorelist \ file://autonet.rules \ file://network.sh \ file://localextra.rules \ @@ -15,6 +15,7 @@ SRC_URI = " \ S = "${WORKDIR}" +MOUNT_BASE = "/run/media" do_install() { install -d ${D}${sysconfdir}/udev/rules.d @@ -23,21 +24,33 @@ do_install() { install -m 0644 ${WORKDIR}/autonet.rules ${D}${sysconfdir}/udev/rules.d/autonet.rules install -m 0644 ${WORKDIR}/localextra.rules ${D}${sysconfdir}/udev/rules.d/localextra.rules - install -d ${D}${sysconfdir}/udev/mount.blacklist.d - install -m 0644 ${WORKDIR}/mount.blacklist ${D}${sysconfdir}/udev/ + install -d ${D}${sysconfdir}/udev/mount.ignorelist.d + install -m 0644 ${WORKDIR}/mount.ignorelist ${D}${sysconfdir}/udev/ install -d ${D}${sysconfdir}/udev/scripts/ install -m 0755 ${WORKDIR}/mount.sh ${D}${sysconfdir}/udev/scripts/mount.sh sed -i 's|@systemd_unitdir@|${systemd_unitdir}|g' ${D}${sysconfdir}/udev/scripts/mount.sh sed -i 's|@base_sbindir@|${base_sbindir}|g' ${D}${sysconfdir}/udev/scripts/mount.sh + sed -i 's|@MOUNT_BASE@|${MOUNT_BASE}|g' ${D}${sysconfdir}/udev/scripts/mount.sh install -m 0755 ${WORKDIR}/network.sh ${D}${sysconfdir}/udev/scripts } -FILES:${PN} = "${sysconfdir}/udev" -RDEPENDS:${PN} = "udev" -CONFFILES:${PN} = "${sysconfdir}/udev/mount.blacklist" +pkg_postinst:${PN} () { + if [ -e $D${systemd_unitdir}/system/systemd-udevd.service ]; then + sed -i "/\[Service\]/aMountFlags=shared" $D${systemd_unitdir}/system/systemd-udevd.service + fi +} + +pkg_postrm:${PN} () { + if [ -e $D${systemd_unitdir}/system/systemd-udevd.service ]; then + sed -i "/MountFlags=shared/d" $D${systemd_unitdir}/system/systemd-udevd.service + fi +} + +RDEPENDS:${PN} = "udev util-linux-blkid ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'util-linux-lsblk', '', d)}" +CONFFILES:${PN} = "${sysconfdir}/udev/mount.ignorelist" # to replace udev-extra-rules from meta-oe RPROVIDES:${PN} = "udev-extra-rules" diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index a069071c97..eed252976a 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -18,7 +18,7 @@ SRCBRANCH ?= "binutils-2_38-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)" -SRCREV ?= "134f17ef688ba4c72a6c4e57af7382882cc1a705" +SRCREV ?= "5c0b4ee406035917d0e50aa138194fab57ae6bf8" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=git" SRC_URI = "\ ${BINUTILS_GIT_URI} \ diff --git a/meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch b/meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch new file mode 100644 index 0000000000..d249d854fb --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch @@ -0,0 +1,328 @@ +From 6d8a6799639f8853a2af1f9036bc70fddbfdd2a2 Mon Sep 17 00:00:00 2001 +From: Guillem Jover <guillem@debian.org> +Date: Tue, 3 May 2022 02:09:32 +0200 +Subject: [PATCH] Dpkg::Source::Archive: Prevent directory traversal for + in-place extracts + +For untrusted v2 and v3 source package formats that include a debian.tar +archive, when we are extracting it, we do that as an in-place extraction, +which can lead to directory traversal situations on specially crafted +orig.tar and debian.tar tarballs. + +GNU tar replaces entries on the filesystem by the entries present on +the tarball, but it will follow symlinks when the symlink pathname +itself is not present as an actual directory on the tarball. + +This means we can create an orig.tar where there's a symlink pointing +out of the source tree root directory, and then a debian.tar that +contains an entry within that symlink as if it was a directory, without +a directory entry for the symlink pathname itself, which will be +extracted following the symlink outside the source tree root. + +This is currently noted as expected in GNU tar documentation. But even +if there was a new extraction mode avoiding this problem we'd need such +new version. Using perl's Archive::Tar would solve the problem, but +switching to such different pure perl implementation, could cause +compatibility or performance issues. + +What we do is when we are requested to perform an in-place extract, we +instead still use a temporary directory, then walk that directory and +remove any matching entry in the destination directory, replicating what +GNU tar would do, but in addition avoiding the directory traversal issue +for symlinks. Which should work with any tar implementation and be safe. + +Reported-by: Max Justicz <max@justi.cz> +Stable-Candidates: 1.18.x 1.19.x 1.20.x +Fixes: commit 0c0057a27fecccab77d2b3cffa9a7d172846f0b4 (1.14.17) +Fixes: CVE-2022-1664 + +CVE: CVE-2022-1664 +Upstream-Status: Backport [7a6c03cb34d4a09f35df2f10779cbf1b70a5200b] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + scripts/Dpkg/Source/Archive.pm | 122 +++++++++++++++++++++++++------- + scripts/t/Dpkg_Source_Archive.t | 110 +++++++++++++++++++++++++++- + 2 files changed, 204 insertions(+), 28 deletions(-) + +diff --git a/scripts/Dpkg/Source/Archive.pm b/scripts/Dpkg/Source/Archive.pm +index 33c181b20..2ddd04af8 100644 +--- a/scripts/Dpkg/Source/Archive.pm ++++ b/scripts/Dpkg/Source/Archive.pm +@@ -21,9 +21,11 @@ use warnings; + our $VERSION = '0.01'; + + use Carp; ++use Errno qw(ENOENT); + use File::Temp qw(tempdir); + use File::Basename qw(basename); + use File::Spec; ++use File::Find; + use Cwd; + + use Dpkg (); +@@ -110,19 +112,13 @@ sub extract { + my %spawn_opts = (wait_child => 1); + + # Prepare destination +- my $tmp; +- if ($opts{in_place}) { +- $spawn_opts{chdir} = $dest; +- $tmp = $dest; # So that fixperms call works +- } else { +- my $template = basename($self->get_filename()) . '.tmp-extract.XXXXX'; +- unless (-e $dest) { +- # Kludge so that realpath works +- mkdir($dest) or syserr(g_('cannot create directory %s'), $dest); +- } +- $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1); +- $spawn_opts{chdir} = $tmp; ++ my $template = basename($self->get_filename()) . '.tmp-extract.XXXXX'; ++ unless (-e $dest) { ++ # Kludge so that realpath works ++ mkdir($dest) or syserr(g_('cannot create directory %s'), $dest); + } ++ my $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1); ++ $spawn_opts{chdir} = $tmp; + + # Prepare stuff that handles the input of tar + $self->ensure_open('r', delete_sig => [ 'PIPE' ]); +@@ -145,22 +141,94 @@ sub extract { + # have to be calculated using mount options and other madness. + fixperms($tmp) unless $opts{no_fixperms}; + +- # Stop here if we extracted in-place as there's nothing to move around +- return if $opts{in_place}; +- +- # Rename extracted directory +- opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp); +- my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh); +- closedir($dir_dh); +- my $done = 0; +- erasedir($dest); +- if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { +- rename("$tmp/$entries[0]", $dest) +- or syserr(g_('unable to rename %s to %s'), +- "$tmp/$entries[0]", $dest); ++ # If we are extracting "in-place" do not remove the destination directory. ++ if ($opts{in_place}) { ++ my $canon_basedir = Cwd::realpath($dest); ++ # On Solaris /dev/null points to /devices/pseudo/mm@0:null. ++ my $canon_devnull = Cwd::realpath('/dev/null'); ++ my $check_symlink = sub { ++ my $pathname = shift; ++ my $canon_pathname = Cwd::realpath($pathname); ++ if (not defined $canon_pathname) { ++ return if $! == ENOENT; ++ ++ syserr(g_("pathname '%s' cannot be canonicalized"), $pathname); ++ } ++ return if $canon_pathname eq $canon_devnull; ++ return if $canon_pathname eq $canon_basedir; ++ return if $canon_pathname =~ m{^\Q$canon_basedir/\E}; ++ warning(g_("pathname '%s' points outside source root (to '%s')"), ++ $pathname, $canon_pathname); ++ }; ++ ++ my $move_in_place = sub { ++ my $relpath = File::Spec->abs2rel($File::Find::name, $tmp); ++ my $destpath = File::Spec->catfile($dest, $relpath); ++ ++ my ($mode, $atime, $mtime); ++ lstat $File::Find::name ++ or syserr(g_('cannot get source pathname %s metadata'), $File::Find::name); ++ ((undef) x 2, $mode, (undef) x 5, $atime, $mtime) = lstat _; ++ my $src_is_dir = -d _; ++ ++ my $dest_exists = 1; ++ if (not lstat $destpath) { ++ if ($! == ENOENT) { ++ $dest_exists = 0; ++ } else { ++ syserr(g_('cannot get target pathname %s metadata'), $destpath); ++ } ++ } ++ my $dest_is_dir = -d _; ++ if ($dest_exists) { ++ if ($dest_is_dir && $src_is_dir) { ++ # Refresh the destination directory attributes with the ++ # ones from the tarball. ++ chmod $mode, $destpath ++ or syserr(g_('cannot change directory %s mode'), $File::Find::name); ++ utime $atime, $mtime, $destpath ++ or syserr(g_('cannot change directory %s times'), $File::Find::name); ++ ++ # We should do nothing, and just walk further tree. ++ return; ++ } elsif ($dest_is_dir) { ++ rmdir $destpath ++ or syserr(g_('cannot remove destination directory %s'), $destpath); ++ } else { ++ $check_symlink->($destpath); ++ unlink $destpath ++ or syserr(g_('cannot remove destination file %s'), $destpath); ++ } ++ } ++ # If we are moving a directory, we do not need to walk it. ++ if ($src_is_dir) { ++ $File::Find::prune = 1; ++ } ++ rename $File::Find::name, $destpath ++ or syserr(g_('cannot move %s to %s'), $File::Find::name, $destpath); ++ }; ++ ++ find({ ++ wanted => $move_in_place, ++ no_chdir => 1, ++ dangling_symlinks => 0, ++ }, $tmp); + } else { +- rename($tmp, $dest) +- or syserr(g_('unable to rename %s to %s'), $tmp, $dest); ++ # Rename extracted directory ++ opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp); ++ my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh); ++ closedir($dir_dh); ++ ++ erasedir($dest); ++ ++ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { ++ rename("$tmp/$entries[0]", $dest) ++ or syserr(g_('unable to rename %s to %s'), ++ "$tmp/$entries[0]", $dest); ++ } else { ++ rename($tmp, $dest) ++ or syserr(g_('unable to rename %s to %s'), $tmp, $dest); ++ } + } + erasedir($tmp); + } +diff --git a/scripts/t/Dpkg_Source_Archive.t b/scripts/t/Dpkg_Source_Archive.t +index 7b70da68e..504fbe1d4 100644 +--- a/scripts/t/Dpkg_Source_Archive.t ++++ b/scripts/t/Dpkg_Source_Archive.t +@@ -16,12 +16,120 @@ + use strict; + use warnings; + +-use Test::More tests => 1; ++use Test::More tests => 4; ++use Test::Dpkg qw(:paths); ++ ++use File::Spec; ++use File::Path qw(make_path rmtree); + + BEGIN { + use_ok('Dpkg::Source::Archive'); + } + ++use Dpkg; ++ ++my $tmpdir = test_get_temp_path(); ++ ++rmtree($tmpdir); ++ ++sub test_touch ++{ ++ my ($name, $data) = @_; ++ ++ open my $fh, '>', $name ++ or die "cannot touch file $name\n"; ++ print { $fh } $data if $data; ++ close $fh; ++} ++ ++sub test_path_escape ++{ ++ my $name = shift; ++ ++ my $treedir = File::Spec->rel2abs("$tmpdir/$name-tree"); ++ my $overdir = File::Spec->rel2abs("$tmpdir/$name-overlay"); ++ my $outdir = "$tmpdir/$name-out"; ++ my $expdir = "$tmpdir/$name-exp"; ++ ++ # This is the base directory, where we are going to be extracting stuff ++ # into, which include traps. ++ make_path("$treedir/subdir-a"); ++ test_touch("$treedir/subdir-a/file-a"); ++ test_touch("$treedir/subdir-a/file-pre-a"); ++ make_path("$treedir/subdir-b"); ++ test_touch("$treedir/subdir-b/file-b"); ++ test_touch("$treedir/subdir-b/file-pre-b"); ++ symlink File::Spec->abs2rel($outdir, $treedir), "$treedir/symlink-escape"; ++ symlink File::Spec->abs2rel("$outdir/nonexistent", $treedir), "$treedir/symlink-nonexistent"; ++ symlink "$treedir/file", "$treedir/symlink-within"; ++ test_touch("$treedir/supposed-dir"); ++ ++ # This is the overlay directory, which we'll pack and extract over the ++ # base directory. ++ make_path($overdir); ++ make_path("$overdir/subdir-a/aa"); ++ test_touch("$overdir/subdir-a/aa/file-aa", 'aa'); ++ test_touch("$overdir/subdir-a/file-a", 'a'); ++ make_path("$overdir/subdir-b/bb"); ++ test_touch("$overdir/subdir-b/bb/file-bb", 'bb'); ++ test_touch("$overdir/subdir-b/file-b", 'b'); ++ make_path("$overdir/symlink-escape"); ++ test_touch("$overdir/symlink-escape/escaped-file", 'escaped'); ++ test_touch("$overdir/symlink-nonexistent", 'nonexistent'); ++ make_path("$overdir/symlink-within"); ++ make_path("$overdir/supposed-dir"); ++ test_touch("$overdir/supposed-dir/supposed-file", 'something'); ++ ++ # Generate overlay tar. ++ system($Dpkg::PROGTAR, '-cf', "$overdir.tar", '-C', $overdir, qw( ++ subdir-a subdir-b ++ symlink-escape/escaped-file symlink-nonexistent symlink-within ++ supposed-dir ++ )) == 0 ++ or die "cannot create overlay tar archive\n"; ++ ++ # This is the expected directory, which we'll be comparing against. ++ make_path($expdir); ++ system('cp', '-a', $overdir, $expdir) == 0 ++ or die "cannot copy overlay hierarchy into expected directory\n"; ++ ++ # Store the expected and out reference directories into a tar to compare ++ # its structure against the result reference. ++ system($Dpkg::PROGTAR, '-cf', "$expdir.tar", '-C', $overdir, qw( ++ subdir-a subdir-b ++ symlink-escape/escaped-file symlink-nonexistent symlink-within ++ supposed-dir ++ ), '-C', $treedir, qw( ++ subdir-a/file-pre-a ++ subdir-b/file-pre-b ++ )) == 0 ++ or die "cannot create expected tar archive\n"; ++ ++ # This directory is supposed to remain empty, anything inside implies a ++ # directory traversal. ++ make_path($outdir); ++ ++ my $warnseen; ++ local $SIG{__WARN__} = sub { $warnseen = $_[0] }; ++ ++ # Perform the extraction. ++ my $tar = Dpkg::Source::Archive->new(filename => "$overdir.tar"); ++ $tar->extract($treedir, in_place => 1); ++ ++ # Store the result into a tar to compare its structure against a reference. ++ system($Dpkg::PROGTAR, '-cf', "$treedir.tar", '-C', $treedir, '.'); ++ ++ # Check results ++ ok(length $warnseen && $warnseen =~ m/points outside source root/, ++ 'expected warning seen'); ++ ok(system($Dpkg::PROGTAR, '--compare', '-f', "$expdir.tar", '-C', $treedir) == 0, ++ 'expected directory matches'); ++ ok(! -e "$outdir/escaped-file", ++ 'expected output directory is empty, directory traversal'); ++} ++ ++test_path_escape('in-place'); ++ + # TODO: Add actual test cases. + + 1; +-- +2.33.0 + diff --git a/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb b/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb index 681909f0bf..7ef6233ee4 100644 --- a/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb +++ b/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb @@ -14,6 +14,7 @@ SRC_URI = "git://salsa.debian.org/dpkg-team/dpkg.git;protocol=https;branch=main file://0001-dpkg-Support-muslx32-build.patch \ file://pager.patch \ file://0001-Add-support-for-riscv32-CPU.patch \ + file://0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch \ " SRC_URI:append:class-native = " file://0001-build.c-ignore-return-of-1-from-tar-cf.patch" diff --git a/meta/recipes-devtools/gcc/gcc-11.3.inc b/meta/recipes-devtools/gcc/gcc-11.3.inc index acbb43a25f..2cebeb2bc8 100644 --- a/meta/recipes-devtools/gcc/gcc-11.3.inc +++ b/meta/recipes-devtools/gcc/gcc-11.3.inc @@ -59,7 +59,7 @@ SRC_URI = "\ file://0027-libatomic-Do-not-enforce-march-on-aarch64.patch \ file://0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch \ file://0029-Fix-install-path-of-linux64.h.patch \ - \ + file://0030-rust-recursion-limit.patch \ file://0001-CVE-2021-42574.patch \ file://0002-CVE-2021-42574.patch \ file://0003-CVE-2021-42574.patch \ diff --git a/meta/recipes-devtools/gcc/gcc-runtime.inc b/meta/recipes-devtools/gcc/gcc-runtime.inc index e9f2cf16e8..8074bf1025 100644 --- a/meta/recipes-devtools/gcc/gcc-runtime.inc +++ b/meta/recipes-devtools/gcc/gcc-runtime.inc @@ -53,7 +53,7 @@ RUNTIMETARGET:libc-newlib = "libstdc++-v3" REL_S = "/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR}" DEBUG_PREFIX_MAP:class-target = " \ - -fdebug-prefix-map=${WORKDIR}/recipe-sysroot= \ + -fdebug-prefix-map=${WORKDIR}/${MLPREFIX}recipe-sysroot= \ -fdebug-prefix-map=${WORKDIR}/recipe-sysroot-native= \ -fdebug-prefix-map=${S}=${REL_S} \ -fdebug-prefix-map=${S}/include=${REL_S}/libstdc++-v3/../include \ @@ -68,7 +68,7 @@ do_configure () { # libstdc++ isn't built yet so CXX would error not able to find it which breaks stdc++'s configure # tests. Create a dummy empty lib for the purposes of configure. mkdir -p ${WORKDIR}/dummylib - touch ${WORKDIR}/dummylib/libstdc++.so + ${CC} -x c /dev/null -nostartfiles -shared -o ${WORKDIR}/dummylib/libstdc++.so for d in libgcc ${RUNTIMETARGET}; do echo "Configuring $d" rm -rf ${B}/${TARGET_SYS}/$d/ diff --git a/meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch b/meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch new file mode 100644 index 0000000000..bbe2f18f6f --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch @@ -0,0 +1,92 @@ +From 9234cdca6ee88badfc00297e72f13dac4e540c79 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Fri, 1 Jul 2022 15:58:52 +0100 +Subject: [PATCH] Add a recursion limit to the demangle_const function in the + Rust demangler. + +libiberty/ + PR demangler/105039 + * rust-demangle.c (demangle_const): Add recursion limit. + +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79] +--- + libiberty/rust-demangle.c | 29 ++++++++++++++++++++--------- + 1 file changed, 20 insertions(+), 9 deletions(-) + +diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c +index bb58d900e27..36afcfae278 100644 +--- a/libiberty/rust-demangle.c ++++ b/libiberty/rust-demangle.c +@@ -126,7 +126,7 @@ parse_integer_62 (struct rust_demangler *rdm) + return 0; + + x = 0; +- while (!eat (rdm, '_')) ++ while (!eat (rdm, '_') && !rdm->errored) + { + c = next (rdm); + x *= 62; +@@ -1148,6 +1148,15 @@ demangle_const (struct rust_demangler *rdm) + if (rdm->errored) + return; + ++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT) ++ { ++ ++ rdm->recursion; ++ if (rdm->recursion > RUST_MAX_RECURSION_COUNT) ++ /* FIXME: There ought to be a way to report ++ that the recursion limit has been reached. */ ++ goto fail_return; ++ } ++ + if (eat (rdm, 'B')) + { + backref = parse_integer_62 (rdm); +@@ -1158,7 +1167,7 @@ demangle_const (struct rust_demangler *rdm) + demangle_const (rdm); + rdm->next = old_next; + } +- return; ++ goto pass_return; + } + + ty_tag = next (rdm); +@@ -1167,7 +1176,7 @@ demangle_const (struct rust_demangler *rdm) + /* Placeholder. */ + case 'p': + PRINT ("_"); +- return; ++ goto pass_return; + + /* Unsigned integer types. */ + case 'h': +@@ -1200,18 +1209,20 @@ demangle_const (struct rust_demangler *rdm) + break; + + default: +- rdm->errored = 1; +- return; ++ goto fail_return; + } + +- if (rdm->errored) +- return; +- +- if (rdm->verbose) ++ if (!rdm->errored && rdm->verbose) + { + PRINT (": "); + PRINT (basic_type (ty_tag)); + } ++ ++ fail_return: ++ rdm->errored = 1; ++ pass_return: ++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT) ++ -- rdm->recursion; + } + + static void +-- +2.31.1 + diff --git a/meta/recipes-devtools/gcc/libgcc-common.inc b/meta/recipes-devtools/gcc/libgcc-common.inc index d48dc8b823..31f629acaa 100644 --- a/meta/recipes-devtools/gcc/libgcc-common.inc +++ b/meta/recipes-devtools/gcc/libgcc-common.inc @@ -45,10 +45,14 @@ do_install () { } do_install:append:libc-baremetal () { - rmdir ${D}${base_libdir} + if [ "${base_libdir}" != "${libdir}" ]; then + rmdir ${D}${base_libdir} + fi } do_install:append:libc-newlib () { - rmdir ${D}${base_libdir} + if [ "${base_libdir}" != "${libdir}" ]; then + rmdir ${D}${base_libdir} + fi } # No rpm package is actually created but -dev depends on it, avoid dnf error diff --git a/meta/recipes-devtools/git/git_2.35.3.bb b/meta/recipes-devtools/git/git_2.35.4.bb index 794045c8b7..18f39875db 100644 --- a/meta/recipes-devtools/git/git_2.35.3.bb +++ b/meta/recipes-devtools/git/git_2.35.4.bb @@ -165,4 +165,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \ " EXTRA_OEMAKE += "NO_GETTEXT=1" -SRC_URI[tarball.sha256sum] = "cad708072d5c0b390c71651f5edb44143f00b357766973470bf9adebc0944c03" +SRC_URI[tarball.sha256sum] = "4970108bdc227e2c3687899f8fc7501c54c839dcc42f4d999ac9e3e3f52df583" diff --git a/meta/recipes-devtools/go/go-1.17.10.inc b/meta/recipes-devtools/go/go-1.17.12.inc index e71feb5d02..77a983f9d0 100644 --- a/meta/recipes-devtools/go/go-1.17.10.inc +++ b/meta/recipes-devtools/go/go-1.17.12.inc @@ -17,7 +17,7 @@ SRC_URI += "\ file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \ file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ " -SRC_URI[main.sha256sum] = "299e55af30f15691b015d8dcf8ecae72412412569e5b2ece20361753a456f2f9" +SRC_URI[main.sha256sum] = "0d51b5b3f280c0f01f534598c0219db5878f337da6137a9ee698777413607209" # Upstream don't believe it is a signifiant real world issue and will only # fix in 1.17 onwards where we can drop this. diff --git a/meta/recipes-devtools/go/go-binary-native_1.17.10.bb b/meta/recipes-devtools/go/go-binary-native_1.17.12.bb index 0f49cebcb7..b034950721 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.17.10.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.17.12.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" PROVIDES = "go-native" SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "87fc728c9c731e2f74e4a999ef53cf07302d7ed3504b0839027bd9c10edaa3fd" -SRC_URI[go_linux_arm64.sha256sum] = "649141201efa7195403eb1301b95dc79c5b3e65968986a391da1370521701b0c" +SRC_URI[go_linux_amd64.sha256sum] = "6e5203fbdcade4aa4331e441fd2e1db8444681a6a6c72886a37ddd11caa415d4" +SRC_URI[go_linux_arm64.sha256sum] = "74a4832d0f150a2d768a6781553494ba84152e854ebef743c4092cd9d1f66a9f" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb b/meta/recipes-devtools/go/go-cross-canadian_1.17.12.bb index 7ac9449e47..7ac9449e47 100644 --- a/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb +++ b/meta/recipes-devtools/go/go-cross-canadian_1.17.12.bb diff --git a/meta/recipes-devtools/go/go-cross_1.17.10.bb b/meta/recipes-devtools/go/go-cross_1.17.12.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/meta/recipes-devtools/go/go-cross_1.17.10.bb +++ b/meta/recipes-devtools/go/go-cross_1.17.12.bb diff --git a/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb b/meta/recipes-devtools/go/go-crosssdk_1.17.12.bb index 1857c8a577..1857c8a577 100644 --- a/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb +++ b/meta/recipes-devtools/go/go-crosssdk_1.17.12.bb diff --git a/meta/recipes-devtools/go/go-native_1.17.10.bb b/meta/recipes-devtools/go/go-native_1.17.12.bb index 76c0ab73a6..76c0ab73a6 100644 --- a/meta/recipes-devtools/go/go-native_1.17.10.bb +++ b/meta/recipes-devtools/go/go-native_1.17.12.bb diff --git a/meta/recipes-devtools/go/go-runtime_1.17.10.bb b/meta/recipes-devtools/go/go-runtime_1.17.12.bb index 63464a1501..63464a1501 100644 --- a/meta/recipes-devtools/go/go-runtime_1.17.10.bb +++ b/meta/recipes-devtools/go/go-runtime_1.17.12.bb diff --git a/meta/recipes-devtools/go/go_1.17.10.bb b/meta/recipes-devtools/go/go_1.17.12.bb index 34dc89bb0c..34dc89bb0c 100644 --- a/meta/recipes-devtools/go/go_1.17.10.bb +++ b/meta/recipes-devtools/go/go_1.17.12.bb diff --git a/meta/recipes-devtools/log4cplus/log4cplus_2.0.7.bb b/meta/recipes-devtools/log4cplus/log4cplus_2.0.8.bb index 3798b93f76..bbf4ce6218 100644 --- a/meta/recipes-devtools/log4cplus/log4cplus_2.0.7.bb +++ b/meta/recipes-devtools/log4cplus/log4cplus_2.0.8.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=41e8e060c26822886b592ab4765c756b" SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}-stable/${PV}/${BP}.tar.gz \ " -SRC_URI[sha256sum] = "086451c7e7c582862cbd6c60d87bb6d9d63c4b65321dba85fa71766382f7ec6d" +SRC_URI[sha256sum] = "cdc3c738e00be84d8d03b580816b9f12628ecc1d71e1395080c802615d2d9ced" UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/log4cplus/files/log4cplus-stable/" UPSTREAM_CHECK_REGEX = "log4cplus-stable/(?P<pver>\d+(\.\d+)+)/" diff --git a/meta/recipes-devtools/lua/lua/CVE-2022-33099.patch b/meta/recipes-devtools/lua/lua/CVE-2022-33099.patch new file mode 100644 index 0000000000..fe7b6065c2 --- /dev/null +++ b/meta/recipes-devtools/lua/lua/CVE-2022-33099.patch @@ -0,0 +1,61 @@ +From 42d40581dd919fb134c07027ca1ce0844c670daf Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> +Date: Fri, 20 May 2022 13:14:33 -0300 +Subject: [PATCH] Save stack space while handling errors + +Because error handling (luaG_errormsg) uses slots from EXTRA_STACK, +and some errors can recur (e.g., string overflow while creating an +error message in 'luaG_runerror', or a C-stack overflow before calling +the message handler), the code should use stack slots with parsimony. + +This commit fixes the bug "Lua-stack overflow when C stack overflows +while handling an error". + +CVE: CVE-2022-33099 + +Upstream-Status: Backport [https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + ldebug.c | 5 ++++- + lvm.c | 6 ++++-- + 2 files changed, 8 insertions(+), 3 deletions(-) + +--- a/src/ldebug.c ++++ b/src/ldebug.c +@@ -824,8 +824,11 @@ l_noret luaG_runerror (lua_State *L, con + va_start(argp, fmt); + msg = luaO_pushvfstring(L, fmt, argp); /* format message */ + va_end(argp); +- if (isLua(ci)) /* if Lua function, add source:line information */ ++ if (isLua(ci)) { /* if Lua function, add source:line information */ + luaG_addinfo(L, msg, ci_func(ci)->p->source, getcurrentline(ci)); ++ setobjs2s(L, L->top - 2, L->top - 1); /* remove 'msg' from the stack */ ++ L->top--; ++ } + luaG_errormsg(L); + } + +--- a/src/lvm.c ++++ b/src/lvm.c +@@ -656,8 +656,10 @@ void luaV_concat (lua_State *L, int tota + /* collect total length and number of strings */ + for (n = 1; n < total && tostring(L, s2v(top - n - 1)); n++) { + size_t l = vslen(s2v(top - n - 1)); +- if (l_unlikely(l >= (MAX_SIZE/sizeof(char)) - tl)) ++ if (l_unlikely(l >= (MAX_SIZE/sizeof(char)) - tl)) { ++ L->top = top - total; /* pop strings to avoid wasting stack */ + luaG_runerror(L, "string length overflow"); ++ } + tl += l; + } + if (tl <= LUAI_MAXSHORTLEN) { /* is result a short string? */ +@@ -672,7 +674,7 @@ void luaV_concat (lua_State *L, int tota + setsvalue2s(L, top - n, ts); /* create result */ + } + total -= n-1; /* got 'n' strings to create 1 new */ +- L->top -= n-1; /* popped 'n' strings and pushed one */ ++ L->top = top - (n - 1); /* popped 'n' strings and pushed one */ + } while (total > 1); /* repeat until only 1 result left */ + } + diff --git a/meta/recipes-devtools/lua/lua/lua.pc.in b/meta/recipes-devtools/lua/lua/lua.pc.in index c27e86e85d..1fc288c4fe 100644 --- a/meta/recipes-devtools/lua/lua/lua.pc.in +++ b/meta/recipes-devtools/lua/lua/lua.pc.in @@ -1,6 +1,5 @@ -prefix=/usr -libdir=${prefix}/lib -includedir=${prefix}/include +libdir=@LIBDIR@ +includedir=@INCLUDEDIR@ Name: Lua Description: Lua language engine diff --git a/meta/recipes-devtools/lua/lua_5.4.4.bb b/meta/recipes-devtools/lua/lua_5.4.4.bb index d704841378..0b2e754b31 100644 --- a/meta/recipes-devtools/lua/lua_5.4.4.bb +++ b/meta/recipes-devtools/lua/lua_5.4.4.bb @@ -7,6 +7,7 @@ HOMEPAGE = "http://www.lua.org/" SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ file://CVE-2022-28805.patch \ + file://CVE-2022-33099.patch \ ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'http://www.lua.org/tests/lua-${PV_testsuites}-tests.tar.gz;name=tarballtest file://run-ptest ', '', d)} \ " @@ -45,7 +46,7 @@ do_install () { install install -d ${D}${libdir}/pkgconfig - sed -e s/@VERSION@/${PV}/ ${WORKDIR}/lua.pc.in > ${WORKDIR}/lua.pc + sed -e s/@VERSION@/${PV}/ -e s#@LIBDIR@#${libdir}# -e s#@INCLUDEDIR@#${includedir}# ${WORKDIR}/lua.pc.in > ${WORKDIR}/lua.pc install -m 0644 ${WORKDIR}/lua.pc ${D}${libdir}/pkgconfig/ rmdir ${D}${datadir}/lua/5.4 rmdir ${D}${datadir}/lua diff --git a/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb b/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb index e2c79d962b..881d5e672e 100644 --- a/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb +++ b/meta/recipes-devtools/perl/libmodule-build-perl_0.4231.bb @@ -37,6 +37,7 @@ EXTRA_CPAN_BUILD_FLAGS = "--create_packlist=0" do_install:append () { rm -rf ${D}${docdir}/perl/html + sed -i "s:^#!.*:#!/usr/bin/env perl:" ${D}${bindir}/config_data } do_install_ptest() { diff --git a/meta/recipes-devtools/perl/perl-ptest.inc b/meta/recipes-devtools/perl/perl-ptest.inc index 54c7807571..c233fab545 100644 --- a/meta/recipes-devtools/perl/perl-ptest.inc +++ b/meta/recipes-devtools/perl/perl-ptest.inc @@ -10,12 +10,12 @@ do_install_ptest () { sed -e "s:\/usr\/local:${bindir}:g" -i cpan/version/t/* sed -e "s:\/opt:\/usr:" -i Porting/add-package.pl sed -e "s:\/local\/gnu\/:\/:" -i hints/cxux.sh - tar -c --exclude=try --exclude=a.out --exclude='*.o' --exclude=libperl.so* --exclude=Makefile --exclude=makefile --exclude=hostperl \ + tar -c --exclude=try --exclude=a.out --exclude='*.o' --exclude=libperl.so* --exclude=[Mm]akefile --exclude=hostperl \ --exclude=cygwin --exclude=os2 --exclude=djgpp --exclude=qnx --exclude=symbian --exclude=haiku \ --exclude=vms --exclude=vos --exclude=NetWare --exclude=amigaos4 --exclude=buildcustomize.pl \ --exclude='win32/config.*' --exclude=plan9 --exclude=README.plan9 --exclude=perlplan9.pod --exclude=Configure \ --exclude=veryclean.sh --exclude=realclean.sh --exclude=getioctlsizes \ - --exclude=dl_aix.xs --exclude=sdbm.3 --exclude='cflags.SH' --exclude=makefile.old \ + --exclude=dl_aix.xs --exclude=sdbm.3 --exclude='cflags.SH' --exclude=[Mm]akefile.old \ --exclude=miniperl --exclude=generate_uudmap --exclude=patches --exclude='config.log' * | ( cd ${D}${PTEST_PATH} && tar -x ) ln -sf ${bindir}/perl ${D}${PTEST_PATH}/t/perl diff --git a/meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch b/meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch new file mode 100644 index 0000000000..6a58c35cc6 --- /dev/null +++ b/meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch @@ -0,0 +1,54 @@ +From 178a238f25ab8aff7689d7a09d66dc1583ecd6cb Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Wed, 4 May 2022 03:23:29 -0700 +Subject: [PATCH 01/40] gh-92036: Fix gc_fini_untrack() (GH-92037) + +Fix a crash in subinterpreters related to the garbage collector. When +a subinterpreter is deleted, untrack all objects tracked by its GC. +To prevent a crash in deallocator functions expecting objects to be +tracked by the GC, leak a strong reference to these objects on +purpose, so they are never deleted and their deallocator functions +are not called. +(cherry picked from commit 14243369b5f80613628a565c224bba7fb3fcacd8) + +Co-authored-by: Victor Stinner <vstinner@python.org> + +Upstream-Status: Backport +--- + .../2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst | 5 +++++ + Modules/gcmodule.c | 6 ++++++ + 2 files changed, 11 insertions(+) + create mode 100644 Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst + +diff --git a/Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst b/Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst +new file mode 100644 +index 0000000000..78094c5e4f +--- /dev/null ++++ b/Misc/NEWS.d/next/Core and Builtins/2022-04-28-23-37-30.gh-issue-92036.GZJAC9.rst +@@ -0,0 +1,5 @@ ++Fix a crash in subinterpreters related to the garbage collector. When a ++subinterpreter is deleted, untrack all objects tracked by its GC. To prevent a ++crash in deallocator functions expecting objects to be tracked by the GC, leak ++a strong reference to these objects on purpose, so they are never deleted and ++their deallocator functions are not called. Patch by Victor Stinner. +diff --git a/Modules/gcmodule.c b/Modules/gcmodule.c +index 805a159d53..43ae6fa98b 100644 +--- a/Modules/gcmodule.c ++++ b/Modules/gcmodule.c +@@ -2170,6 +2170,12 @@ gc_fini_untrack(PyGC_Head *list) + for (gc = GC_NEXT(list); gc != list; gc = GC_NEXT(list)) { + PyObject *op = FROM_GC(gc); + _PyObject_GC_UNTRACK(op); ++ // gh-92036: If a deallocator function expect the object to be tracked ++ // by the GC (ex: func_dealloc()), it can crash if called on an object ++ // which is no longer tracked by the GC. Leak one strong reference on ++ // purpose so the object is never deleted and its deallocator is not ++ // called. ++ Py_INCREF(op); + } + } + +-- +2.25.1 + diff --git a/meta/recipes-devtools/python/python3_3.10.4.bb b/meta/recipes-devtools/python/python3_3.10.4.bb index 357025f856..34fd2895a3 100644 --- a/meta/recipes-devtools/python/python3_3.10.4.bb +++ b/meta/recipes-devtools/python/python3_3.10.4.bb @@ -35,6 +35,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch \ file://deterministic_imports.patch \ file://0001-Avoid-shebang-overflow-on-python-config.py.patch \ + file://0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch \ " SRC_URI:append:class-native = " \ diff --git a/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb b/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb index bc5384d472..5ccede5095 100644 --- a/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb +++ b/meta/recipes-devtools/qemu/qemu-system-native_6.2.0.bb @@ -11,7 +11,7 @@ DEPENDS = "glib-2.0-native zlib-native pixman-native qemu-native bison-native me EXTRA_OECONF:append = " --target-list=${@get_qemu_system_target_list(d)}" -PACKAGECONFIG ??= "fdt alsa kvm pie \ +PACKAGECONFIG ??= "fdt alsa kvm pie slirp \ ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \ " diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index cc69eca9ae..54a68e1730 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -35,6 +35,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://pvrdma.patch \ file://CVE-2021-4206.patch \ file://CVE-2021-4207.patch \ + file://CVE-2022-35414.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" @@ -199,6 +200,11 @@ PACKAGECONFIG[pmem] = "--enable-libpmem,--disable-libpmem,pmdk" PACKAGECONFIG[pulsedio] = "--enable-pa,--disable-pa,pulseaudio" PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux" PACKAGECONFIG[bpf] = "--enable-bpf,--disable-bpf,libbpf" +PACKAGECONFIG[capstone] = "--enable-capstone,--disable-capstone" +PACKAGECONFIG[rdma] = "--enable-rdma,--disable-rdma" +PACKAGECONFIG[vde] = "--enable-vde,--disable-vde" +PACKAGECONFIG[slirp] = "--enable-slirp=internal,--disable-slirp" +PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi" INSANE_SKIP:${PN} = "arch" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch b/meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch new file mode 100644 index 0000000000..3786497f01 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch @@ -0,0 +1,53 @@ +From ee76e64ee1cb232b77652b21cc94ec6b6c7e4b13 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Wed, 27 Jul 2022 10:49:47 +0530 +Subject: [PATCH] CVE-2022-35414 + +Upstream-Status: Backport [https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c] +CVE: CVE-2022-35414 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + softmmu/physmem.c | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/softmmu/physmem.c b/softmmu/physmem.c +index 3524c04c2..3c467527d 100644 +--- a/softmmu/physmem.c ++++ b/softmmu/physmem.c +@@ -667,7 +667,7 @@ void tcg_iommu_init_notifier_list(CPUState *cpu) + + /* Called from RCU critical section */ + MemoryRegionSection * +-address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, ++address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr orig_addr, + hwaddr *xlat, hwaddr *plen, + MemTxAttrs attrs, int *prot) + { +@@ -676,6 +676,7 @@ address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, + IOMMUMemoryRegionClass *imrc; + IOMMUTLBEntry iotlb; + int iommu_idx; ++ hwaddr addr = orig_addr; + AddressSpaceDispatch *d = + qatomic_rcu_read(&cpu->cpu_ases[asidx].memory_dispatch); + +@@ -720,6 +721,16 @@ address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, + return section; + + translate_fail: ++ /* ++ * We should be given a page-aligned address -- certainly ++ * tlb_set_page_with_attrs() does so. The page offset of xlat ++ * is used to index sections[], and PHYS_SECTION_UNASSIGNED = 0. ++ * The page portion of xlat will be logged by memory_region_access_valid() ++ * when this memory access is rejected, so use the original untranslated ++ * physical address. ++ */ ++ assert((orig_addr & ~TARGET_PAGE_MASK) == 0); ++ *xlat = orig_addr; + return &d->map.sections[PHYS_SECTION_UNASSIGNED]; + } + +-- +2.25.1 + diff --git a/meta/recipes-devtools/qemu/qemu_6.2.0.bb b/meta/recipes-devtools/qemu/qemu_6.2.0.bb index 9f7fad9886..42e133967e 100644 --- a/meta/recipes-devtools/qemu/qemu_6.2.0.bb +++ b/meta/recipes-devtools/qemu/qemu_6.2.0.bb @@ -15,12 +15,12 @@ EXTRA_OECONF:append:class-target:mipsarcho32 = "${@bb.utils.contains('BBEXTENDCU EXTRA_OECONF:append:class-nativesdk = " --target-list=${@get_qemu_target_list(d)}" PACKAGECONFIG ??= " \ - fdt sdl kvm pie \ + fdt sdl kvm pie slirp \ ${@bb.utils.filter('DISTRO_FEATURES', 'alsa xen', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \ ${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)} \ " -PACKAGECONFIG:class-nativesdk ??= "fdt sdl kvm pie \ +PACKAGECONFIG:class-nativesdk ??= "fdt sdl kvm pie slirp \ ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \ " # ppc32 hosts are no longer supported in qemu diff --git a/meta/recipes-devtools/ruby/ruby_3.1.2.bb b/meta/recipes-devtools/ruby/ruby_3.1.2.bb index 38ba46731b..6fc1f53b18 100644 --- a/meta/recipes-devtools/ruby/ruby_3.1.2.bb +++ b/meta/recipes-devtools/ruby/ruby_3.1.2.bb @@ -25,6 +25,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6," # rdoc is off by default due to non-reproducibility reported in # https://bugs.ruby-lang.org/issues/18456 PACKAGECONFIG[rdoc] = "--enable-install-rdoc,--disable-install-rdoc," +PACKAGECONFIG[capstone] = "--with-capstone=yes, --with-capstone=no" EXTRA_OECONF = "\ --disable-versioned-paths \ diff --git a/meta/recipes-devtools/strace/strace_5.16.bb b/meta/recipes-devtools/strace/strace_5.16.bb index ae19318c20..23ffa25d29 100644 --- a/meta/recipes-devtools/strace/strace_5.16.bb +++ b/meta/recipes-devtools/strace/strace_5.16.bb @@ -19,6 +19,9 @@ SRC_URI[sha256sum] = "dc7db230ff3e57c249830ba94acab2b862da1fcaac55417e9b85041a83 inherit autotools ptest +# Not yet ported to rv32 +COMPATIBLE_HOST:riscv32 = "null" + PACKAGECONFIG:class-target ??= "\ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ " diff --git a/meta/recipes-devtools/vala/vala.inc b/meta/recipes-devtools/vala/vala.inc index 90e0b77de0..974baa33f5 100644 --- a/meta/recipes-devtools/vala/vala.inc +++ b/meta/recipes-devtools/vala/vala.inc @@ -60,3 +60,9 @@ vapigen_sysroot_preprocess() { } SSTATE_SCAN_FILES += "vapigen-wrapper" + +PACKAGE_PREPROCESS_FUNCS += "vala_package_preprocess" + +vala_package_preprocess () { + sed -i -e 's:${RECIPE_SYSROOT}::g;' ${PKGD}${bindir}/vapigen-wrapper +} diff --git a/meta/recipes-devtools/vala/vala_0.56.0.bb b/meta/recipes-devtools/vala/vala_0.56.0.bb deleted file mode 100644 index a4d6760f10..0000000000 --- a/meta/recipes-devtools/vala/vala_0.56.0.bb +++ /dev/null @@ -1,3 +0,0 @@ -require ${BPN}.inc - -SRC_URI[sha256sum] = "d92bd13c5630905eeb6a983dcb702204da9731460c2a6e4e39f867996f371040" diff --git a/meta/recipes-devtools/vala/vala_0.56.2.bb b/meta/recipes-devtools/vala/vala_0.56.2.bb new file mode 100644 index 0000000000..08c8ccca1d --- /dev/null +++ b/meta/recipes-devtools/vala/vala_0.56.2.bb @@ -0,0 +1,3 @@ +require ${BPN}.inc + +SRC_URI[sha256sum] = "66c9619bb17859fd1ac3aba0a57970613e38fd2a1ee30541174260c9fb90124c" diff --git a/meta/recipes-extended/gperf/gperf/1862c6e57a308a05889c80c048dbc58bdc378dcb.patch b/meta/recipes-extended/gperf/gperf/1862c6e57a308a05889c80c048dbc58bdc378dcb.patch new file mode 100644 index 0000000000..98959db0a8 --- /dev/null +++ b/meta/recipes-extended/gperf/gperf/1862c6e57a308a05889c80c048dbc58bdc378dcb.patch @@ -0,0 +1,181 @@ +From 1862c6e57a308a05889c80c048dbc58bdc378dcb Mon Sep 17 00:00:00 2001 +From: Bruno Haible <bruno@clisp.org> +Date: Tue, 5 Jul 2022 07:51:46 +0200 +Subject: [PATCH] Add support for reproducible builds. + +Suggested by Richard Purdie <richard.purdie@linuxfoundation.org> in +<https://lists.gnu.org/archive/html/bug-gperf/2022-07/msg00000.html>. + +* autogen.sh: Import also lib/filename.h. +* Makefile.in (IMPORTED_FILES): Add lib/filename.h. +* src/options.cc: Include filename.h. +(Options::print_options): Print only the base name of the program name. +* tests/*.exp: Update. + +Upstream-Status: Backport + +Index: gperf-3.1/ChangeLog +=================================================================== +--- gperf-3.1.orig/ChangeLog ++++ gperf-3.1/ChangeLog +@@ -1,3 +1,14 @@ ++2022-07-05 Bruno Haible <bruno@clisp.org> ++ ++ Add support for reproducible builds. ++ Suggested by Richard Purdie <richard.purdie@linuxfoundation.org> in ++ <https://lists.gnu.org/archive/html/bug-gperf/2022-07/msg00000.html>. ++ * autogen.sh: Import also lib/filename.h. ++ * Makefile.in (IMPORTED_FILES): Add lib/filename.h. ++ * src/options.cc: Include filename.h. ++ (Options::print_options): Print only the base name of the program name. ++ * tests/*.exp: Update. ++ + 2017-01-02 Marcel Schaible <marcel.schaible@studium.fernuni-hagen.de> + + * gperf-3.1 released. +Index: gperf-3.1/src/options.cc +=================================================================== +--- gperf-3.1.orig/src/options.cc ++++ gperf-3.1/src/options.cc +@@ -26,6 +26,7 @@ + #include <string.h> /* declares strcmp() */ + #include <ctype.h> /* declares isdigit() */ + #include <limits.h> /* defines CHAR_MAX */ ++#include "filename.h" + #include "getopt.h" + #include "version.h" + +@@ -280,6 +281,16 @@ Options::print_options () const + { + const char *arg = _argument_vector[i]; + ++ if (i == 0) ++ { ++ /* _argument_vector[0] is the program name. Print only its base name. ++ This is useful for reproducible builds. */ ++ const char *p = arg + strlen (arg); ++ while (p > arg && ! ISSLASH (p[-1])) ++ p--; ++ arg = p; ++ } ++ + /* Escape arg if it contains shell metacharacters. */ + if (*arg == '-') + { +Index: gperf-3.1/lib/filename.h +=================================================================== +--- /dev/null ++++ gperf-3.1/lib/filename.h +@@ -0,0 +1,112 @@ ++/* Basic filename support macros. ++ Copyright (C) 2001-2022 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <https://www.gnu.org/licenses/>. */ ++ ++/* From Paul Eggert and Jim Meyering. */ ++ ++#ifndef _FILENAME_H ++#define _FILENAME_H ++ ++#include <string.h> ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++ ++/* Filename support. ++ ISSLASH(C) tests whether C is a directory separator ++ character. ++ HAS_DEVICE(Filename) tests whether Filename contains a device ++ specification. ++ FILE_SYSTEM_PREFIX_LEN(Filename) length of the device specification ++ at the beginning of Filename, ++ index of the part consisting of ++ alternating components and slashes. ++ FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE ++ 1 when a non-empty device specification ++ can be followed by an empty or relative ++ part, ++ 0 when a non-empty device specification ++ must be followed by a slash, ++ 0 when device specification don't exist. ++ IS_ABSOLUTE_FILE_NAME(Filename) ++ tests whether Filename is independent of ++ any notion of "current directory". ++ IS_RELATIVE_FILE_NAME(Filename) ++ tests whether Filename may be concatenated ++ to a directory filename. ++ Note: On native Windows, OS/2, DOS, "c:" is neither an absolute nor a ++ relative file name! ++ IS_FILE_NAME_WITH_DIR(Filename) tests whether Filename contains a device ++ or directory specification. ++ */ ++#if defined _WIN32 || defined __CYGWIN__ \ ++ || defined __EMX__ || defined __MSDOS__ || defined __DJGPP__ ++ /* Native Windows, Cygwin, OS/2, DOS */ ++# define ISSLASH(C) ((C) == '/' || (C) == '\\') ++ /* Internal macro: Tests whether a character is a drive letter. */ ++# define _IS_DRIVE_LETTER(C) \ ++ (((C) >= 'A' && (C) <= 'Z') || ((C) >= 'a' && (C) <= 'z')) ++ /* Help the compiler optimizing it. This assumes ASCII. */ ++# undef _IS_DRIVE_LETTER ++# define _IS_DRIVE_LETTER(C) \ ++ (((unsigned int) (C) | ('a' - 'A')) - 'a' <= 'z' - 'a') ++# define HAS_DEVICE(Filename) \ ++ (_IS_DRIVE_LETTER ((Filename)[0]) && (Filename)[1] == ':') ++# define FILE_SYSTEM_PREFIX_LEN(Filename) (HAS_DEVICE (Filename) ? 2 : 0) ++# ifdef __CYGWIN__ ++# define FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE 0 ++# else ++ /* On native Windows, OS/2, DOS, the system has the notion of a ++ "current directory" on each drive. */ ++# define FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE 1 ++# endif ++# if FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE ++# define IS_ABSOLUTE_FILE_NAME(Filename) \ ++ ISSLASH ((Filename)[FILE_SYSTEM_PREFIX_LEN (Filename)]) ++# else ++# define IS_ABSOLUTE_FILE_NAME(Filename) \ ++ (ISSLASH ((Filename)[0]) || HAS_DEVICE (Filename)) ++# endif ++# define IS_RELATIVE_FILE_NAME(Filename) \ ++ (! (ISSLASH ((Filename)[0]) || HAS_DEVICE (Filename))) ++# define IS_FILE_NAME_WITH_DIR(Filename) \ ++ (strchr ((Filename), '/') != NULL || strchr ((Filename), '\\') != NULL \ ++ || HAS_DEVICE (Filename)) ++#else ++ /* Unix */ ++# define ISSLASH(C) ((C) == '/') ++# define HAS_DEVICE(Filename) ((void) (Filename), 0) ++# define FILE_SYSTEM_PREFIX_LEN(Filename) ((void) (Filename), 0) ++# define FILE_SYSTEM_DRIVE_PREFIX_CAN_BE_RELATIVE 0 ++# define IS_ABSOLUTE_FILE_NAME(Filename) ISSLASH ((Filename)[0]) ++# define IS_RELATIVE_FILE_NAME(Filename) (! ISSLASH ((Filename)[0])) ++# define IS_FILE_NAME_WITH_DIR(Filename) (strchr ((Filename), '/') != NULL) ++#endif ++ ++/* Deprecated macros. For backward compatibility with old users of the ++ 'filename' module. */ ++#define IS_ABSOLUTE_PATH IS_ABSOLUTE_FILE_NAME ++#define IS_PATH_WITH_DIR IS_FILE_NAME_WITH_DIR ++ ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* _FILENAME_H */ diff --git a/meta/recipes-extended/gperf/gperf_3.1.bb b/meta/recipes-extended/gperf/gperf_3.1.bb index 82750fca05..c9f09c7931 100644 --- a/meta/recipes-extended/gperf/gperf_3.1.bb +++ b/meta/recipes-extended/gperf/gperf_3.1.bb @@ -9,6 +9,8 @@ SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz" SRC_URI[md5sum] = "9e251c0a618ad0824b51117d5d9db87e" SRC_URI[sha256sum] = "588546b945bba4b70b6a3a616e80b4ab466e3f33024a352fc2198112cdbb3ae2" +SRC_URI += "file://1862c6e57a308a05889c80c048dbc58bdc378dcb.patch" + inherit autotools # The nested configures don't find the parent aclocal.m4 out of the box, so tell diff --git a/meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch b/meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch new file mode 100644 index 0000000000..3d5e5b8db9 --- /dev/null +++ b/meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch @@ -0,0 +1,155 @@ +From 3ee23a0a5a8c2261e788acbee67722fcbecbea28 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Wed, 27 Jul 2022 17:34:21 +0530 +Subject: [PATCH] CVE-2021-46828 + +Upstream-Status: Backport [http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed} +CVE: CVE-2021-46828 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + src/svc.c | 17 +++++++++++++- + src/svc_vc.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++- + 2 files changed, 77 insertions(+), 2 deletions(-) + +diff --git a/src/svc.c b/src/svc.c +index 6db164b..3a8709f 100644 +--- a/src/svc.c ++++ b/src/svc.c +@@ -57,7 +57,7 @@ + + #define max(a, b) (a > b ? a : b) + +-static SVCXPRT **__svc_xports; ++SVCXPRT **__svc_xports; + int __svc_maxrec; + + /* +@@ -194,6 +194,21 @@ __xprt_do_unregister (xprt, dolock) + rwlock_unlock (&svc_fd_lock); + } + ++int ++svc_open_fds() ++{ ++ int ix; ++ int nfds = 0; ++ ++ rwlock_rdlock (&svc_fd_lock); ++ for (ix = 0; ix < svc_max_pollfd; ++ix) { ++ if (svc_pollfd[ix].fd != -1) ++ nfds++; ++ } ++ rwlock_unlock (&svc_fd_lock); ++ return (nfds); ++} ++ + /* + * Add a service program to the callout list. + * The dispatch routine will be called when a rpc request for this +diff --git a/src/svc_vc.c b/src/svc_vc.c +index f1d9f00..3dc8a75 100644 +--- a/src/svc_vc.c ++++ b/src/svc_vc.c +@@ -64,6 +64,8 @@ + + + extern rwlock_t svc_fd_lock; ++extern SVCXPRT **__svc_xports; ++extern int svc_open_fds(); + + static SVCXPRT *makefd_xprt(int, u_int, u_int); + static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *); +@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *); + static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in); + static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq, + void *in); ++static int __svc_destroy_idle(int timeout); + + struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */ + u_int sendsize; +@@ -313,13 +316,14 @@ done: + return (xprt); + } + ++ + /*ARGSUSED*/ + static bool_t + rendezvous_request(xprt, msg) + SVCXPRT *xprt; + struct rpc_msg *msg; + { +- int sock, flags; ++ int sock, flags, nfds, cnt; + struct cf_rendezvous *r; + struct cf_conn *cd; + struct sockaddr_storage addr; +@@ -379,6 +383,16 @@ again: + + gettimeofday(&cd->last_recv_time, NULL); + ++ nfds = svc_open_fds(); ++ if (nfds >= (_rpc_dtablesize() / 5) * 4) { ++ /* destroy idle connections */ ++ cnt = __svc_destroy_idle(15); ++ if (cnt == 0) { ++ /* destroy least active */ ++ __svc_destroy_idle(0); ++ } ++ } ++ + return (FALSE); /* there is never an rpc msg to be processed */ + } + +@@ -820,3 +834,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock) + { + return FALSE; + } ++ ++static int ++__svc_destroy_idle(int timeout) ++{ ++ int i, ncleaned = 0; ++ SVCXPRT *xprt, *least_active; ++ struct timeval tv, tdiff, tmax; ++ struct cf_conn *cd; ++ ++ gettimeofday(&tv, NULL); ++ tmax.tv_sec = tmax.tv_usec = 0; ++ least_active = NULL; ++ rwlock_wrlock(&svc_fd_lock); ++ ++ for (i = 0; i <= svc_max_pollfd; i++) { ++ if (svc_pollfd[i].fd == -1) ++ continue; ++ xprt = __svc_xports[i]; ++ if (xprt == NULL || xprt->xp_ops == NULL || ++ xprt->xp_ops->xp_recv != svc_vc_recv) ++ continue; ++ cd = (struct cf_conn *)xprt->xp_p1; ++ if (!cd->nonblock) ++ continue; ++ if (timeout == 0) { ++ timersub(&tv, &cd->last_recv_time, &tdiff); ++ if (timercmp(&tdiff, &tmax, >)) { ++ tmax = tdiff; ++ least_active = xprt; ++ } ++ continue; ++ } ++ if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) { ++ __xprt_unregister_unlocked(xprt); ++ __svc_vc_dodestroy(xprt); ++ ncleaned++; ++ } ++ } ++ if (timeout == 0 && least_active != NULL) { ++ __xprt_unregister_unlocked(least_active); ++ __svc_vc_dodestroy(least_active); ++ ncleaned++; ++ } ++ rwlock_unlock(&svc_fd_lock); ++ return (ncleaned); ++} +-- +2.25.1 + diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb b/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb index 45b3d2befc..66bc4ecdd1 100644 --- a/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb +++ b/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb @@ -9,7 +9,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f835cce8852481e4b2bbbdd23b5e47f3 \ PROVIDES = "virtual/librpc" -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2" +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2 \ + file://CVE-2021-46828.patch \ + " UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/libtirpc/files/libtirpc/" UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)/" SRC_URI[sha256sum] = "e24eb88b8ce7db3b7ca6eb80115dd1284abc5ec32a8deccfed2224fc2532b9fd" diff --git a/meta/recipes-extended/parted/files/run-ptest b/meta/recipes-extended/parted/files/run-ptest index c3d6fca339..096078967f 100644 --- a/meta/recipes-extended/parted/files/run-ptest +++ b/meta/recipes-extended/parted/files/run-ptest @@ -1,7 +1,7 @@ #!/bin/sh -mkdir -p /etc/udev/mount.blacklist.d -echo /dev/sda1 >> /etc/udev/mount.blacklist.d/parted-tmp +mkdir -p /etc/udev/mount.ignorelist.d +echo /dev/sda1 >> /etc/udev/mount.ignorelist.d/parted-tmp rm -f tests/*.log make -C tests test-suite.log -rm /etc/udev/mount.blacklist.d/parted-tmp +rm /etc/udev/mount.ignorelist.d/parted-tmp diff --git a/meta/recipes-gnome/epiphany/epiphany_42.2.bb b/meta/recipes-gnome/epiphany/epiphany_42.3.bb index dc1b34ac92..f9d60ff2a9 100644 --- a/meta/recipes-gnome/epiphany/epiphany_42.2.bb +++ b/meta/recipes-gnome/epiphany/epiphany_42.3.bb @@ -28,7 +28,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@oe.utils.trim_version("${PV}", 1)}/${GN file://migrator.patch \ file://distributor.patch \ " -SRC_URI[archive.sha256sum] = "92c02cf886d10d2ccff5de658e1a420eab31d20bb50e746d430e9535b485192d" +SRC_URI[archive.sha256sum] = "7316d3c6500e825d8e57293fa58047c56727bee16cd6b6ac804ffe5d9b229560" PACKAGECONFIG_SOUP ?= "soup2" PACKAGECONFIG ??= "${PACKAGECONFIG_SOUP}" diff --git a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb index 355e77d107..9a47e908b7 100644 --- a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb +++ b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb @@ -113,9 +113,6 @@ EOF } do_compile:prepend() { - # This prevents g-ir-scanner from writing cache data to $HOME - export GI_SCANNER_DISABLE_CACHE=1 - # Needed to run g-ir unit tests, which won't be able to find the built libraries otherwise export GIR_EXTRA_LIBS_PATH=$B/.libs } diff --git a/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb b/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb index 392913fcc6..150eca9274 100644 --- a/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb +++ b/meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb @@ -18,6 +18,8 @@ PACKAGECONFIG ??= "${@bb.utils.contains("DISTRO_FEATURES", "api-documentation", PACKAGECONFIG[working-scripts] = ",,libxslt-native xmlto-native python3-six python3-pygments" PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,glib-2.0" +CACHED_CONFIGUREVARS += "ac_cv_path_XSLTPROC=xsltproc" + SRC_URI[archive.sha256sum] = "cc1b709a20eb030a278a1f9842a362e00402b7f834ae1df4c1998a723152bf43" SRC_URI += "file://0001-Do-not-hardocode-paths-to-perl-python-in-scripts.patch \ file://0001-Do-not-error-out-if-xsltproc-is-not-found.patch \ diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch new file mode 100644 index 0000000000..0f9b86973b --- /dev/null +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/0001-Fix-conditional.patch @@ -0,0 +1,25 @@ +From e421613e8f825508afa9a0b54d33085557c37441 Mon Sep 17 00:00:00 2001 +From: Behdad Esfahbod <behdad@behdad.org> +Date: Wed, 1 Jun 2022 09:07:57 -0600 +Subject: [PATCH] [sbix] Fix conditional + +Signed-off: Pavel Zhukov <pavel.zhukov@huawei.com> +Upstream-Status: Backport [e421613e8f825508afa9a0b54d33085557c37441] + +--- + src/hb-ot-color-sbix-table.hh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh +index 6efae43cda..d0e2235fb2 100644 +--- a/src/hb-ot-color-sbix-table.hh ++++ b/src/hb-ot-color-sbix-table.hh +@@ -298,7 +298,7 @@ struct sbix + + const PNGHeader &png = *blob->as<PNGHeader>(); + +- if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) ++ if (png.IHDR.height >= 65536 || png.IHDR.width >= 65536) + { + hb_blob_destroy (blob); + return false; diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch new file mode 100644 index 0000000000..931b9abe1e --- /dev/null +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch @@ -0,0 +1,35 @@ +From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001 +From: Behdad Esfahbod <behdad@behdad.org> +Date: Wed, 1 Jun 2022 07:38:21 -0600 +Subject: [PATCH] [sbix] Limit glyph extents + +Fixes https://github.com/harfbuzz/harfbuzz/issues/3557 + +Upstream-Status: Backport [https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593] +CVE:CVE-2022-33068 +Signed-off-by: Wentao Zhang<Wentao.Zhang@windriver.com> + +--- + src/hb-ot-color-sbix-table.hh | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh +index 9741ebd45..6efae43cd 100644 +--- a/src/hb-ot-color-sbix-table.hh ++++ b/src/hb-ot-color-sbix-table.hh +@@ -298,6 +298,12 @@ struct sbix + + const PNGHeader &png = *blob->as<PNGHeader>(); + ++ if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) ++ { ++ hb_blob_destroy (blob); ++ return false; ++ } ++ + extents->x_bearing = x_offset; + extents->y_bearing = png.IHDR.height + y_offset; + extents->width = png.IHDR.width; +-- +2.25.1 + diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb index bf77a5e56c..b639c276db 100644 --- a/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_4.0.1.bb @@ -11,7 +11,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6ee0f16281694fb6aa689cca1e0fb3da \ UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" UPSTREAM_CHECK_REGEX = "harfbuzz-(?P<pver>\d+(\.\d+)+).tar" -SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz" +SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.xz \ + file://CVE-2022-33068.patch \ + file://0001-Fix-conditional.patch" SRC_URI[sha256sum] = "98f68777272db6cd7a3d5152bac75083cd52a26176d87bc04c8b3929d33bce49" inherit meson pkgconfig lib_package gtk-doc gobject-introspection diff --git a/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch b/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch new file mode 100644 index 0000000000..1b62db92e9 --- /dev/null +++ b/meta/recipes-graphics/waffle/waffle/0001-meson.build-request-native-wayland-scanner.patch @@ -0,0 +1,27 @@ +From 2195cec1e5bc66128d72049c11ff381ca4516a4b Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Tue, 5 Jul 2022 11:51:39 +0200 +Subject: [PATCH] meson.build: request native wayland-scanner + +This matters in cross compilation, as otherwise meson will +try to use a cross-binary, and fail. + +Upstream-Status: Submitted [https://gitlab.freedesktop.org/mesa/waffle/-/merge_requests/110] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +--- + meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meson.build b/meson.build +index 0bb6128..0b6da1f 100644 +--- a/meson.build ++++ b/meson.build +@@ -108,7 +108,7 @@ else + 'wayland-egl', version : '>= 9.1', required : get_option('wayland'), + ) + dep_wayland_scanner = dependency( +- 'wayland-scanner', version : '>= 1.15', required : get_option('wayland'), ++ 'wayland-scanner', version : '>= 1.15', required : get_option('wayland'), native: true, + ) + if dep_wayland_scanner.found() + prog_wayland_scanner = find_program(dep_wayland_scanner.get_pkgconfig_variable('wayland_scanner')) diff --git a/meta/recipes-graphics/waffle/waffle_1.7.0.bb b/meta/recipes-graphics/waffle/waffle_1.7.0.bb index f1fd9e7630..dc475908d0 100644 --- a/meta/recipes-graphics/waffle/waffle_1.7.0.bb +++ b/meta/recipes-graphics/waffle/waffle_1.7.0.bb @@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=4c5154407c2490750dd461c50ad94797 \ SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=master \ file://0001-waffle-do-not-make-core-protocol-into-the-library.patch \ + file://0001-meson.build-request-native-wayland-scanner.patch \ " SRCREV = "905c6c10f2483adf0cbfa024e2d3c2ed541fb300" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/wayland/weston_10.0.0.bb b/meta/recipes-graphics/wayland/weston_10.0.1.bb index 93f7b59659..e27dac164e 100644 --- a/meta/recipes-graphics/wayland/weston_10.0.0.bb +++ b/meta/recipes-graphics/wayland/weston_10.0.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d79ee9e66bb0f95d3386a7acae780b70 \ file://libweston/compositor.c;endline=27;md5=eb6d5297798cabe2ddc65e2af519bcf0 \ " -SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \ +SRC_URI = "https://gitlab.freedesktop.org/wayland/weston/-/releases/${PV}/downloads/${BPN}-${PV}.tar.xz \ file://weston.png \ file://weston.desktop \ file://xwayland.weston-start \ @@ -15,7 +15,7 @@ SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \ SRC_URI:append:libc-musl = " file://dont-use-plane-add-prop.patch " -SRC_URI[sha256sum] = "5c23964112b90238bed39e5dd1e41cd71a79398813cdc3bbb15a9fdc94e547ae" +SRC_URI[sha256sum] = "8a9e52506a865a7410981b04f8341b89b84106db8531ab1f9fdd37b5dc034115" UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html" diff --git a/meta/recipes-graphics/xorg-app/mkfontscale_1.2.1.bb b/meta/recipes-graphics/xorg-app/mkfontscale_1.2.2.bb index 2d0c51a423..cd658ab219 100644 --- a/meta/recipes-graphics/xorg-app/mkfontscale_1.2.1.bb +++ b/meta/recipes-graphics/xorg-app/mkfontscale_1.2.2.bb @@ -17,5 +17,5 @@ BBCLASSEXTEND = "native" LIC_FILES_CHKSUM = "file://COPYING;md5=99b1e1269aba5179139b9e4380fc0934" -SRC_URI[md5sum] = "215940de158b1a3d8b3f8b442c606e2f" -SRC_URI[sha256sum] = "ca0495eb974a179dd742bfa6199d561bda1c8da4a0c5a667f21fd82aaab6bac7" +SRC_URI_EXT = "xz" +SRC_URI[sha256sum] = "8ae3fb5b1fe7436e1f565060acaa3e2918fe745b0e4979b5593968914fe2d5c4" diff --git a/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.2.bb b/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb index 2d10b7acca..e75a840b7d 100644 --- a/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.2.bb +++ b/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb @@ -14,7 +14,7 @@ PE = "1" SRC_URI += "file://disable-xkb.patch" -SRC_URI[md5sum] = "8809037bd48599af55dad81c508b6b39" -SRC_URI[sha256sum] = "30238ed915619e06ceb41721e5f747d67320555cc38d459e954839c189ccaf51" +SRC_URI_EXT = "xz" +SRC_URI[sha256sum] = "356d5fd62f3e98ee36d6becf1b32d4ab6112d618339fb4b592ccffbd9e0fc206" EXTRA_OECONF = "--disable-xkb" diff --git a/meta/recipes-graphics/xorg-app/xev_1.2.4.bb b/meta/recipes-graphics/xorg-app/xev_1.2.5.bb index 9407fa65f1..0e3def6eee 100644 --- a/meta/recipes-graphics/xorg-app/xev_1.2.4.bb +++ b/meta/recipes-graphics/xorg-app/xev_1.2.5.bb @@ -14,4 +14,6 @@ DEPENDS += "libxrandr xorgproto" SRC_URI += "file://diet-x11.patch" -SRC_URI[sha256sum] = "d700e08bfe751ed2dbf802baa204b056d0e49348b6eb3c6f9cb035d8ae4885e2" +SRC_URI[sha256sum] = "c9461a4389714e0f33974f9e75934bdc38d836a0f059b8dc089c7cbf2ce36ec1" + +SRC_URI_EXT = "xz" diff --git a/meta/recipes-graphics/xorg-app/xmodmap_1.0.10.bb b/meta/recipes-graphics/xorg-app/xmodmap_1.0.11.bb index 7dedb03a2b..dc955aa977 100644 --- a/meta/recipes-graphics/xorg-app/xmodmap_1.0.10.bb +++ b/meta/recipes-graphics/xorg-app/xmodmap_1.0.11.bb @@ -12,5 +12,6 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=272c17e96370e1e74773fa22d9989621" PE = "1" -SRC_URI[md5sum] = "51f1d30a525e9903280ffeea2744b1f6" -SRC_URI[sha256sum] = "473f0941d7439d501bb895ff358832b936ec34c749b9704c37a15e11c318487c" +SRC_URI[sha256sum] = "9a2f8168f7b0bc382828847403902cb6bf175e17658b36189eac87edda877e81" + +SRC_URI_EXT = "xz" diff --git a/meta/recipes-graphics/xorg-app/xorg-app-common.inc b/meta/recipes-graphics/xorg-app/xorg-app-common.inc index 1c64e20aac..5dbe8abe86 100644 --- a/meta/recipes-graphics/xorg-app/xorg-app-common.inc +++ b/meta/recipes-graphics/xorg-app/xorg-app-common.inc @@ -8,7 +8,8 @@ DEPENDS = "util-macros-native virtual/libx11" # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" -SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.bz2" +SRC_URI_EXT = "bz2" +SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.${SRC_URI_EXT}" inherit autotools pkgconfig features_check diff --git a/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb b/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb index 57b43ff28c..0e0347f768 100644 --- a/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb +++ b/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb @@ -11,8 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fe1608bdb33cf8c62a4438f7d34679b3" DEPENDS += "libxrandr libxrender" PE = "1" -SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.xz" - +SRC_URI_EXT = "xz" SRC_URI[md5sum] = "fe40f7a4fd39dd3a02248d3e0b1972e4" SRC_URI[sha256sum] = "7bc76daf9d72f8aff885efad04ce06b90488a1a169d118dea8a2b661832e8762" diff --git a/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/64bit_time_t_support.patch b/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/64bit_time_t_support.patch deleted file mode 100644 index 4bb7fb3e23..0000000000 --- a/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/64bit_time_t_support.patch +++ /dev/null @@ -1,51 +0,0 @@ -This patch avoids using time field of input_event structure which is not available -on 32bit arches supporting 64bit time_t structs, Patch makes it compatible with new -and keeps old input.h implementation functional as well. - -See https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- a/src/eventcomm.c -+++ b/src/eventcomm.c -@@ -575,10 +575,12 @@ SynapticsReadEvent(InputInfoPtr pInfo, s - ev->type = EV_SYN; - ev->code = SYN_REPORT; - ev->value = 0; -- ev->time = last_event_time; -- } else if (ev->type == EV_SYN) -- last_event_time = ev->time; -- -+ ev->input_event_sec = last_event_time.tv_sec; -+ ev->input_event_usec = last_event_time.tv_usec; -+ } else if (ev->type == EV_SYN) { -+ last_event_time.tv_sec = ev->input_event_sec; -+ last_event_time.tv_usec = ev->input_event_usec; -+ } - return TRUE; - } - -@@ -725,7 +727,7 @@ EventReadHwState(InputInfoPtr pInfo, - case SYN_REPORT: - hw->numFingers = count_fingers(pInfo, comm); - if (proto_data->have_monotonic_clock) -- hw->millis = 1000 * ev.time.tv_sec + ev.time.tv_usec / 1000; -+ hw->millis = 1000 * ev.input_event_sec + ev.input_event_usec / 1000; - else - hw->millis = GetTimeInMillis(); - SynapticsCopyHwState(hwRet, hw); ---- a/src/eventcomm.h -+++ b/src/eventcomm.h -@@ -34,6 +34,11 @@ - #include <xf86Xinput.h> - #include "synproto.h" - -+#ifndef input_event_sec -+#define input_event_sec time.tv_sec -+#define input_event_usec time.tv_usec -+#endif -+ - /* for auto-dev: */ - #define DEV_INPUT_EVENT "/dev/input" - #define EVENT_DEV_NAME "event" diff --git a/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.1.bb b/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.2.bb index 388350c96e..8e446290b2 100644 --- a/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.1.bb +++ b/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.2.bb @@ -10,9 +10,8 @@ advanced features of the touchpad to become available." LIC_FILES_CHKSUM = "file://COPYING;md5=55aacd3535a741824955c5eb8f061398" -SRC_URI += "file://64bit_time_t_support.patch" - -SRC_URI[md5sum] = "cfb79d3c975151f9bbf30b727c260cb9" -SRC_URI[sha256sum] = "7af83526eff1c76e8b9e1553b34245c203d029028d8044dd9dcf71eef1001576" +SRC_URI[sha256sum] = "b8fa4aab913fc63754bbd6439e020658c412743a055201ddf212760593962c38" DEPENDS += "libxi mtdev libxtst libevdev" + +XORG_DRIVER_COMPRESSOR = ".tar.xz" diff --git a/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch b/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch index ec7c7d80c1..9ee7abe775 100644 --- a/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch +++ b/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch @@ -1,4 +1,4 @@ -From b08c43a0842076e0a94e88ad6456a9326cd7ffc9 Mon Sep 17 00:00:00 2001 +From 0c0790e90a68bf8290da5c0e57142bf7c620f039 Mon Sep 17 00:00:00 2001 From: Richard Purdie <richard.purdie@linuxfoundation.org> Date: Tue, 17 May 2011 23:03:02 +0000 Subject: [PATCH] Improve handling of 'all' architecture recipes and their @@ -21,12 +21,12 @@ RP 17/5/2011 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac -index 622c27b..5ee84ed 100644 +index b80e3de..80208bb 100644 --- a/configure.ac +++ b/configure.ac -@@ -3,12 +3,12 @@ AC_INIT([encodings], [1.0.5], +@@ -3,12 +3,12 @@ AC_INIT([encodings], [1.0.6], [https://gitlab.freedesktop.org/xorg/font/encodings/issues]) - AM_INIT_AUTOMAKE([foreign dist-bzip2]) + AM_INIT_AUTOMAKE([foreign dist-xz]) -# Require xorg-macros: XORG_DEFAULT_OPTIONS m4_ifndef([XORG_MACROS_VERSION], diff --git a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb b/meta/recipes-graphics/xorg-font/encodings_1.0.6.bb index 8ddbaf24dd..be82414eef 100644 --- a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb +++ b/meta/recipes-graphics/xorg-font/encodings_1.0.6.bb @@ -7,14 +7,14 @@ require xorg-font-common.inc LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=9da93f2daf2d5572faa2bfaf0dbd9e76" PE = "1" -PR = "r3" DEPENDS = "mkfontscale-native mkfontdir-native font-util-native" RDEPENDS:${PN} = "" SRC_URI += "file://nocompiler.patch" -SRC_URI[md5sum] = "bbae4f247b88ccde0e85ed6a403da22a" -SRC_URI[sha256sum] = "bd96e16143a044b19e87f217cf6a3763a70c561d1076aad6f6d862ec41774a31" +SRC_URI[sha256sum] = "77e301de661f35a622b18f60b555a7e7d8c4d5f43ed41410e830d5ac9084fc26" + +SRC_URI_EXT = "xz" inherit allarch diff --git a/meta/recipes-graphics/xorg-font/font-util_1.3.2.bb b/meta/recipes-graphics/xorg-font/font-util_1.3.3.bb index b3e832756b..64c705770d 100644 --- a/meta/recipes-graphics/xorg-font/font-util_1.3.2.bb +++ b/meta/recipes-graphics/xorg-font/font-util_1.3.3.bb @@ -16,7 +16,8 @@ RDEPENDS:${PN}:class-native = "" BBCLASSEXTEND = "native" -SRC_URI[md5sum] = "3d6adb76fdd072db8c8fae41b40855e8" -SRC_URI[sha256sum] = "3ad880444123ac06a7238546fa38a2a6ad7f7e0cc3614de7e103863616522282" +SRC_URI[sha256sum] = "e791c890779c40056ab63aaed5e031bb6e2890a98418ca09c534e6261a2eebd2" SYSROOT_DIRS_IGNORE:remove = "${datadir}/fonts" + +SRC_URI_EXT = "xz" diff --git a/meta/recipes-graphics/xorg-font/xorg-font-common.inc b/meta/recipes-graphics/xorg-font/xorg-font-common.inc index 2df23efed4..edf7cf7642 100644 --- a/meta/recipes-graphics/xorg-font/xorg-font-common.inc +++ b/meta/recipes-graphics/xorg-font/xorg-font-common.inc @@ -9,7 +9,8 @@ RDEPENDS:${PN} = "encodings font-util font-alias" XORG_PN = "${BPN}" -SRC_URI = "${XORG_MIRROR}/individual/font/${XORG_PN}-${PV}.tar.bz2" +SRC_URI_EXT = "bz2" +SRC_URI = "${XORG_MIRROR}/individual/font/${XORG_PN}-${PV}.tar.${SRC_URI_EXT}" S = "${WORKDIR}/${XORG_PN}-${PV}" inherit autotools pkgconfig features_check diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch deleted file mode 100644 index df9332fae7..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 12041ad0610f1345d6b9994c32943fd4dd01f65d Mon Sep 17 00:00:00 2001 -From: Olivier Fourdan <ofourdan@redhat.com> -Date: Thu, 20 Jan 2022 10:20:38 +0100 -Subject: [PATCH] render: Fix build with gcc 12 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The xserver fails to compile with the latest gcc 12: - - render/picture.c: In function ‘CreateSolidPicture’: - render/picture.c:874:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds] - 874 | pPicture->pSourcePict->type = SourcePictTypeSolidFill; - | ^~ - render/picture.c:868:45: note: object of size 16 allocated by ‘malloc’ - 868 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - render/picture.c: In function ‘CreateLinearGradientPicture’: - render/picture.c:906:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds] - 906 | pPicture->pSourcePict->linear.type = SourcePictTypeLinear; - | ^~ - render/picture.c:899:45: note: object of size 32 allocated by ‘malloc’ - 899 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - render/picture.c: In function ‘CreateConicalGradientPicture’: - render/picture.c:989:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds] - 989 | pPicture->pSourcePict->conical.type = SourcePictTypeConical; - | ^~ - render/picture.c:982:45: note: object of size 32 allocated by ‘malloc’ - 982 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - cc1: some warnings being treated as errors - ninja: build stopped: subcommand failed. - -This is because gcc 12 has become stricter and raises a warning now. - -Fix the warning/error by allocating enough memory to store the union -struct. - -Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/c6b0dcb82d4db07a2f32c09a8c09c85a5f57248e] -Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> -Acked-by: Michel Dänzer <mdaenzer@redhat.com> -Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1256 ---- - render/picture.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/render/picture.c b/render/picture.c -index afa0d25..2be4b19 100644 ---- a/render/picture.c -+++ b/render/picture.c -@@ -865,7 +865,7 @@ CreateSolidPicture(Picture pid, xRenderColor * color, int *error) - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); -@@ -896,7 +896,7 @@ CreateLinearGradientPicture(Picture pid, xPointFixed * p1, xPointFixed * p2, - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); -@@ -936,7 +936,7 @@ CreateRadialGradientPicture(Picture pid, xPointFixed * inner, - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictRadialGradient)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); -@@ -979,7 +979,7 @@ CreateConicalGradientPicture(Picture pid, xPointFixed * center, xFixed angle, - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); --- -2.35.1 - diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb index 1f53ab5177..b9cbc9989e 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb @@ -1,10 +1,9 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ - file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ - file://0001-render-Fix-build-with-gcc-12.patch \ - " -SRC_URI[sha256sum] = "61d6aad5b6b47a116b960bd7f0cba4ee7e6da95d6bb0b127bde75d7d1acdebe5" + file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ + " +SRC_URI[sha256sum] = "5cc4be8ee47edb58d4a90e603a59d56b40291ad38371b0bd2471fc3cbee1c587" # These extensions are now integrated into the server, so declare the migration # path for in-place upgrades. diff --git a/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb b/meta/recipes-graphics/xwayland/xwayland_22.1.3.bb index b512b9932d..da1b27525d 100644 --- a/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb +++ b/meta/recipes-graphics/xwayland/xwayland_22.1.3.bb @@ -10,7 +10,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=5df87950af51ac2c5822094553ea1880" SRC_URI = "https://www.x.org/archive/individual/xserver/xwayland-${PV}.tar.xz" -SRC_URI[sha256sum] = "f5d0e0ba37e19bb87c62f61da5970bd204939f2120620964bed4cc8495baa657" +SRC_URI[sha256sum] = "a712eb7bce32cd934df36814b5dd046aa670899c16fe98f2afb003578f86a1c5" UPSTREAM_CHECK_REGEX = "xwayland-(?P<pver>\d+(\.(?!90\d)\d+)+)\.tar" diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20220708.bb index 78b38df461..91c32e49d6 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20220708.bb @@ -27,7 +27,6 @@ LICENSE = "\ & Firmware-go7007 \ & Firmware-GPLv2 \ & Firmware-hfi1_firmware \ - & Firmware-i2400m \ & Firmware-i915 \ & Firmware-ibt_firmware \ & Firmware-ice \ @@ -57,7 +56,6 @@ LICENSE = "\ & Firmware-rtlwifi_firmware \ & Firmware-imx-sdma_firmware \ & Firmware-siano \ - & Firmware-tda7706-firmware \ & Firmware-ti-connectivity \ & Firmware-ti-keystone \ & Firmware-ueagle-atm4-firmware \ @@ -69,7 +67,6 @@ LICENSE = "\ & WHENCE \ " -WHENCE_CHKSUM = "385947b278a6646ae4c3d39ba8c9b1bb" LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \ file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \ @@ -92,7 +89,6 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.go7007;md5=c0bb9f6aaaba55b0529ee9b30aa66beb \ file://GPL-2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://LICENSE.hfi1_firmware;md5=5e7b6e586ce7339d12689e49931ad444 \ - file://LICENCE.i2400m;md5=14b901969e23c41881327c0d9e4b7d36 \ file://LICENSE.i915;md5=2b0b2e0d20984affd4490ba2cba02570 \ file://LICENCE.ibt_firmware;md5=fdbee1ddfe0fb7ab0b2fcd6b454a366b \ file://LICENSE.ice;md5=742ab4850f2670792940e6d15c974b2f \ @@ -124,7 +120,6 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.rtlwifi_firmware.txt;md5=00d06cfd3eddd5a2698948ead2ad54a5 \ file://LICENSE.sdma_firmware;md5=51e8c19ecc2270f4b8ea30341ad63ce9 \ file://LICENCE.siano;md5=4556c1bf830067f12ca151ad953ec2a5 \ - file://LICENCE.tda7706-firmware.txt;md5=835997cf5e3c131d0dddd695c7d9103e \ file://LICENCE.ti-connectivity;md5=c5e02be633f1499c109d1652514d85ec \ file://LICENCE.ti-keystone;md5=3a86335d32864b0bef996bee26cc0f2c \ file://LICENCE.ueagle-atm4-firmware;md5=4ed7ea6b507ccc583b9d594417714118 \ @@ -135,6 +130,9 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \ file://WHENCE;md5=${WHENCE_CHKSUM} \ " +# WHENCE checksum is defined separately to ease overriding it if +# class-devupstream is selected. +WHENCE_CHKSUM = "def08711eb23ba967fb7e1f8cff66178" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -160,7 +158,6 @@ NO_GENERIC_LICENSE[Firmware-fw_sst_0f28] = "LICENCE.fw_sst_0f28" NO_GENERIC_LICENSE[Firmware-go7007] = "LICENCE.go7007" NO_GENERIC_LICENSE[Firmware-GPLv2] = "GPL-2" NO_GENERIC_LICENSE[Firmware-hfi1_firmware] = "LICENSE.hfi1_firmware" -NO_GENERIC_LICENSE[Firmware-i2400m] = "LICENCE.i2400m" NO_GENERIC_LICENSE[Firmware-i915] = "LICENSE.i915" NO_GENERIC_LICENSE[Firmware-ibt_firmware] = "LICENCE.ibt_firmware" NO_GENERIC_LICENSE[Firmware-ice] = "LICENSE.ice" @@ -191,7 +188,6 @@ NO_GENERIC_LICENSE[Firmware-ralink-firmware] = "LICENCE.ralink-firmware.txt" NO_GENERIC_LICENSE[Firmware-rtlwifi_firmware] = "LICENCE.rtlwifi_firmware.txt" NO_GENERIC_LICENSE[Firmware-siano] = "LICENCE.siano" NO_GENERIC_LICENSE[Firmware-imx-sdma_firmware] = "LICENSE.sdma_firmware" -NO_GENERIC_LICENSE[Firmware-tda7706-firmware] = "LICENCE.tda7706-firmware.txt" NO_GENERIC_LICENSE[Firmware-ti-connectivity] = "LICENCE.ti-connectivity" NO_GENERIC_LICENSE[Firmware-ti-keystone] = "LICENCE.ti-keystone" NO_GENERIC_LICENSE[Firmware-ueagle-atm4-firmware] = "LICENCE.ueagle-atm4-firmware" @@ -213,7 +209,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "faf3aedf89530e61f4fa1e8c7303dead9127cc24416945647797d079feb12837" +SRC_URI[sha256sum] = "0abec827a035c82bdcabdf82aa37ded247bc682ef05861bd409ea6f477bab81d" inherit allarch @@ -1033,7 +1029,6 @@ LICENSE:${PN} = "\ & Firmware-fw_sst_0f28 \ & Firmware-go7007 \ & Firmware-hfi1_firmware \ - & Firmware-i2400m \ & Firmware-ibt_firmware \ & Firmware-it913x \ & Firmware-IntcSST2 \ @@ -1054,7 +1049,6 @@ LICENSE:${PN} = "\ & Firmware-ralink-firmware \ & Firmware-imx-sdma_firmware \ & Firmware-siano \ - & Firmware-tda7706-firmware \ & Firmware-ti-connectivity \ & Firmware-ti-keystone \ & Firmware-ueagle-atm4-firmware \ diff --git a/meta/recipes-kernel/linux/kernel-devsrc.bb b/meta/recipes-kernel/linux/kernel-devsrc.bb index 9654488a54..f8f717199c 100644 --- a/meta/recipes-kernel/linux/kernel-devsrc.bb +++ b/meta/recipes-kernel/linux/kernel-devsrc.bb @@ -128,8 +128,12 @@ do_install() { # breaks workflows. cp -a --parents include/generated/autoconf.h $kerneldir/build 2>/dev/null || : - if [ -e $kerneldir/include/generated/.vdso-offsets.h.cmd ]; then - rm $kerneldir/include/generated/.vdso-offsets.h.cmd + if [ -e $kerneldir/include/generated/.vdso-offsets.h.cmd ] || + [ -e $kerneldir/build/include/generated/.vdso-offsets.h.cmd ] || + [ -e $kerneldir/build/include/generated/.vdso32-offsets.h.cmd ] ; then + rm -f $kerneldir/include/generated/.vdso-offsets.h.cmd + rm -f $kerneldir/build/include/generated/.vdso-offsets.h.cmd + rm -f $kerneldir/build/include/generated/.vdso32-offsets.h.cmd fi ) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index ce903a7372..9387c67cfb 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "5629d552de7759e4bb9821e210f3673c14900dd0" -SRCREV_meta ?= "2f6fa8da5f84c343e6ea57c76829eaca1cc6a840" +SRCREV_machine ?= "6df690626649ba5430a379f63a5f7b7423ce2e48" +SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.119" +LINUX_VERSION ?= "5.10.135" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index b052db8a15..32c7db2c74 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "83bec9a458bfdfb46c5dc62342bafae2806043d4" -SRCREV_meta ?= "947149960e1426ace478e4b52c28a28ef8d6e74b" +SRCREV_machine ?= "13ee019f28013cf8c102a3ffaadfa5e9ae9743e1" +SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.44" +LINUX_VERSION ?= "5.15.59" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index 625cdfd085..d7aa3281cc 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.119" +LINUX_VERSION ?= "5.10.135" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine:qemuarm ?= "50342ca6fc7dd66bfde9dfd1d6c336f99c55e0ab" -SRCREV_machine ?= "d2cfd8b4499710877d54129a9137351a9de166fb" -SRCREV_meta ?= "2f6fa8da5f84c343e6ea57c76829eaca1cc6a840" +SRCREV_machine:qemuarm ?= "3b1c4608c04d645b292f13cc550b5151e032794b" +SRCREV_machine ?= "cbfab86927ad95da60b8d49957ca941df615d877" +SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index f6110354a0..8eb138e78b 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.44" +LINUX_VERSION ?= "5.15.59" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "768cd295dfc0a311d2e53c1b05e19a246e184d0e" -SRCREV_meta ?= "947149960e1426ace478e4b52c28a28ef8d6e74b" +SRCREV_machine ?= "86c19d4c40f475e09a076d55391fa66d96a1b3ac" +SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb index fcb7b83cec..73a58e59a0 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,23 +13,23 @@ KBRANCH:qemux86 ?= "v5.10/standard/base" KBRANCH:qemux86-64 ?= "v5.10/standard/base" KBRANCH:qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "68264cfbddebea663543a7c4ad5131c6cf63d3d2" -SRCREV_machine:qemuarm64 ?= "b95be3e8c15d939ce402775de98ab80eda493b11" -SRCREV_machine:qemumips ?= "c6a8eaf00384dcce14bb9e28f2d68b5004e8c6f3" -SRCREV_machine:qemuppc ?= "6c1e46f34c6b9ababf8c6fcb4c01274099bb034f" -SRCREV_machine:qemuriscv64 ?= "f844c3765c3270321f0b3347992565cfdb938c99" -SRCREV_machine:qemuriscv32 ?= "f844c3765c3270321f0b3347992565cfdb938c99" -SRCREV_machine:qemux86 ?= "f844c3765c3270321f0b3347992565cfdb938c99" -SRCREV_machine:qemux86-64 ?= "f844c3765c3270321f0b3347992565cfdb938c99" -SRCREV_machine:qemumips64 ?= "8d66b3ad7fbc8554ba2248cfbe755f8d24cb5a1a" -SRCREV_machine ?= "f844c3765c3270321f0b3347992565cfdb938c99" -SRCREV_meta ?= "2f6fa8da5f84c343e6ea57c76829eaca1cc6a840" +SRCREV_machine:qemuarm ?= "23ab0f8300e7b90fdf1e0be923933d5cfd03b618" +SRCREV_machine:qemuarm64 ?= "5ff1949cbb7ff90ae3e4dc6fd0fd9876ffaab9d2" +SRCREV_machine:qemumips ?= "01c75770046189608bb4ea9977521ec58a15b6bf" +SRCREV_machine:qemuppc ?= "7dd170da9eacb57c6d8eff88ca24b8bf55ab042a" +SRCREV_machine:qemuriscv64 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemuriscv32 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemux86 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemux86-64 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemumips64 ?= "a099189ac94c7218c09f1519ea4222fb2d9070be" +SRCREV_machine ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.119" +LINUX_VERSION ?= "5.10.135" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 3cb5f93a21..083f87727b 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "1585df4dbb1e353cc1472748186504a377de5dce" -SRCREV_machine:qemuarm64 ?= "363482e730cbf7f772430c99c83f60ddc01d7518" -SRCREV_machine:qemumips ?= "f534cfa2119dc7cf07d546d9fed2b822af1bc838" -SRCREV_machine:qemuppc ?= "c019857d9af595336bb272c981150952b87d2639" -SRCREV_machine:qemuriscv64 ?= "eb3df10e3f3146911fc3235c458c8ef1660ae9df" -SRCREV_machine:qemuriscv32 ?= "eb3df10e3f3146911fc3235c458c8ef1660ae9df" -SRCREV_machine:qemux86 ?= "eb3df10e3f3146911fc3235c458c8ef1660ae9df" -SRCREV_machine:qemux86-64 ?= "eb3df10e3f3146911fc3235c458c8ef1660ae9df" -SRCREV_machine:qemumips64 ?= "a26ad766d7372a98d4d1f11d50953c45782f3a37" -SRCREV_machine ?= "eb3df10e3f3146911fc3235c458c8ef1660ae9df" -SRCREV_meta ?= "947149960e1426ace478e4b52c28a28ef8d6e74b" +SRCREV_machine:qemuarm ?= "c33f2e2ad3fdcc1c9539f80fb51b49f68c544c03" +SRCREV_machine:qemuarm64 ?= "e8a14fadeb24619f20d3caebc01c7f26c49f768a" +SRCREV_machine:qemumips ?= "c5f07eee39e4e03e90de3e71a3f6448fdb73921a" +SRCREV_machine:qemuppc ?= "b5873d3a40b837059a36179174863cb4c7f9e109" +SRCREV_machine:qemuriscv64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemuriscv32 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemux86 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemux86-64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemumips64 ?= "a6c0767511eed80395777e42d33fdc8405bff2b4" +SRCREV_machine ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "4e67be407725b1d8b829ed2075987037abec98ec" +SRCREV_machine:class-devupstream ?= "d676d6149a2f4b4d66b8ea0a1dfef30a54cf5750" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.44" +LINUX_VERSION ?= "5.15.59" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch b/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch deleted file mode 100644 index e988f7a3d5..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch +++ /dev/null @@ -1,37 +0,0 @@ -From c312bda00d2dc10ce5f6c1189acbefee5c6c8c6c Mon Sep 17 00:00:00 2001 -From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Date: Tue, 29 Mar 2022 16:34:07 -0400 -Subject: [PATCH 01/10] Fix: compaction migratepages event name - -The commit "fix: mm: compaction: fix the migration stats in trace_mm_compaction_migratepages() (v5.17)" - -Triggers this warning: - - LTTng: event provider mismatch: The event name needs to start with provider name + _ + one or more letter, provider: compaction, event name: mm_compaction_migratepages - -Upstream-Status: Backport - -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I01c7485af765084dafb33bf33ae392e60bfbf1e7 ---- - include/instrumentation/events/compaction.h | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/include/instrumentation/events/compaction.h b/include/instrumentation/events/compaction.h -index 340e41f5..15964537 100644 ---- a/include/instrumentation/events/compaction.h -+++ b/include/instrumentation/events/compaction.h -@@ -98,7 +98,9 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE_MAP(compaction_isolate_template, - #endif /* #else #if LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,0,0) */ - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) --LTTNG_TRACEPOINT_EVENT(mm_compaction_migratepages, -+LTTNG_TRACEPOINT_EVENT_MAP(mm_compaction_migratepages, -+ -+ compaction_migratepages, - - TP_PROTO(unsigned long nr_all, - unsigned int nr_succeeded), --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch b/meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch new file mode 100644 index 0000000000..ca6abea9c0 --- /dev/null +++ b/meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch @@ -0,0 +1,53 @@ +From d8254360c7f2ff9b3f945e9668d89c0b56b9bd91 Mon Sep 17 00:00:00 2001 +From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +Date: Fri, 29 Jul 2022 15:37:43 -0400 +Subject: [PATCH] fix: net: skb: introduce kfree_skb_reason() (v5.15.58..v5.16) + +See upstream commit : + + commit c504e5c2f9648a1e5c2be01e8c3f59d394192bd3 + Author: Menglong Dong <imagedong@tencent.com> + Date: Sun Jan 9 14:36:26 2022 +0800 + + net: skb: introduce kfree_skb_reason() + + Introduce the interface kfree_skb_reason(), which is able to pass + the reason why the skb is dropped to 'kfree_skb' tracepoint. + + Add the 'reason' field to 'trace_kfree_skb', therefor user can get + more detail information about abnormal skb with 'drop_monitor' or + eBPF. + + All drop reasons are defined in the enum 'skb_drop_reason', and + they will be print as string in 'kfree_skb' tracepoint in format + of 'reason: XXX'. + + ( Maybe the reasons should be defined in a uapi header file, so that + user space can use them? ) + +Upstream-Status: Backport + +Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +Change-Id: Ib3c039207739dad10f097cf76474e0822e351273 +--- + include/instrumentation/events/skb.h | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/include/instrumentation/events/skb.h b/include/instrumentation/events/skb.h +index 237e54ad..186732ea 100644 +--- a/include/instrumentation/events/skb.h ++++ b/include/instrumentation/events/skb.h +@@ -13,7 +13,9 @@ + /* + * Tracepoint for free an sk_buff: + */ +-#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0) \ ++ || LTTNG_KERNEL_RANGE(5,15,58, 5,16,0)) ++ + LTTNG_TRACEPOINT_ENUM(skb_drop_reason, + TP_ENUM_VALUES( + ctf_enum_value("NOT_SPECIFIED", SKB_DROP_REASON_NOT_SPECIFIED) +-- +2.17.1 + diff --git a/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch b/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch deleted file mode 100644 index d27cbc314f..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 13e4c978d45237b8780f1de6d404812b3af26a49 Mon Sep 17 00:00:00 2001 -From: He Zhe <zhe.he@windriver.com> -Date: Thu, 2 Jun 2022 06:36:08 +0000 -Subject: [PATCH] fix: random: remove unused tracepoints (v5.10, v5.15) - -The following kernel commit has been back ported to v5.10.119 and v5.15.44. - -commit 14c174633f349cb41ea90c2c0aaddac157012f74 -Author: Jason A. Donenfeld <Jason@zx2c4.com> -Date: Thu Feb 10 16:40:44 2022 +0100 - - random: remove unused tracepoints - - These explicit tracepoints aren't really used and show sign of aging. - It's work to keep these up to date, and before I attempted to keep them - up to date, they weren't up to date, which indicates that they're not - really used. These days there are better ways of introspecting anyway. - -Upstream-Status: Pending - -Signed-off-by: He Zhe <zhe.he@windriver.com> ---- - src/probes/Kbuild | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/probes/Kbuild b/src/probes/Kbuild -index 5478447..31e0ee8 100644 ---- a/src/probes/Kbuild -+++ b/src/probes/Kbuild -@@ -204,7 +204,10 @@ endif - - # Introduced in v3.6, remove in v5.18 - obj-$(CONFIG_LTTNG) += $(shell \ -- if [ \( ! \( $(VERSION) -ge 6 -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) \) \ -+ if [ \( ! \( $(VERSION) -ge 6 \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -eq 15 -a $(SUBLEVEL) -ge 44 \) \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -eq 10 -a $(SUBLEVEL) -ge 119 \) \) \) \ - -a \ - $(VERSION) -ge 4 \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -ge 6 \) \ --- -2.32.0 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch b/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch deleted file mode 100644 index b41053b6bc..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 9c5b8de32b5745f3ff31079c02da64595e101bee Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Tue, 17 May 2022 11:46:29 -0400 -Subject: [PATCH] fix: sched/tracing: Append prev_state to tp args instead - (v5.18) - -See upstream commit : - - commit 9c2136be0878c88c53dea26943ce40bb03ad8d8d - Author: Delyan Kratunov <delyank@fb.com> - Date: Wed May 11 18:28:36 2022 +0000 - - sched/tracing: Append prev_state to tp args instead - - Commit fa2c3254d7cf (sched/tracing: Don't re-read p->state when emitting - sched_switch event, 2022-01-20) added a new prev_state argument to the - sched_switch tracepoint, before the prev task_struct pointer. - - This reordering of arguments broke BPF programs that use the raw - tracepoint (e.g. tp_btf programs). The type of the second argument has - changed and existing programs that assume a task_struct* argument - (e.g. for bpf_task_storage access) will now fail to verify. - - If we instead append the new argument to the end, all existing programs - would continue to work and can conditionally extract the prev_state - argument on supported kernel versions. - - -Upstream-Status: Backport - -Change-Id: Ife2ec88a8bea2743562590cbd357068d7773863f -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/sched.h | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/include/instrumentation/events/sched.h b/include/instrumentation/events/sched.h -index 339bec94..c1c3df15 100644 ---- a/include/instrumentation/events/sched.h -+++ b/include/instrumentation/events/sched.h -@@ -356,11 +356,11 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(sched_wakeup_template, sched_wakeup_new, - LTTNG_TRACEPOINT_EVENT(sched_switch, - - TP_PROTO(bool preempt, -- unsigned int prev_state, - struct task_struct *prev, -- struct task_struct *next), -+ struct task_struct *next, -+ unsigned int prev_state), - -- TP_ARGS(preempt, prev_state, prev, next), -+ TP_ARGS(preempt, prev, next, prev_state), - - TP_FIELDS( - ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch b/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch deleted file mode 100644 index 00367eebf8..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch +++ /dev/null @@ -1,48 +0,0 @@ -From a7eb2e3d0a4beb1ee80b132927641dd05ef2d542 Mon Sep 17 00:00:00 2001 -From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Date: Mon, 4 Apr 2022 15:49:32 -0400 -Subject: [PATCH 02/10] Fix: tracepoint event: allow same provider and event - name - -Using the same name for the provider (TRACE_SYSTEM) and event name -causes a compilation error because the same identifiers are emitted -twice. - -Fix this by prefixing the provider identifier with -"__provider_event_desc___". - -Upstream-Status: Backport - -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I8cdf8f859e35b8bd5c19737860d12f1ed546dfc2 ---- - include/lttng/tracepoint-event-impl.h | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/include/lttng/tracepoint-event-impl.h b/include/lttng/tracepoint-event-impl.h -index 38b1dc43..dcb22247 100644 ---- a/include/lttng/tracepoint-event-impl.h -+++ b/include/lttng/tracepoint-event-impl.h -@@ -1255,7 +1255,7 @@ static const struct lttng_kernel_event_desc __event_desc___##_map = { \ - #define TP_ID1(_token, _system) _token##_system - #define TP_ID(_token, _system) TP_ID1(_token, _system) - --static const struct lttng_kernel_event_desc * const TP_ID(__event_desc___, TRACE_SYSTEM)[] = { -+static const struct lttng_kernel_event_desc * const TP_ID(__provider_event_desc___, TRACE_SYSTEM)[] = { - #include TRACE_INCLUDE(TRACE_INCLUDE_FILE) - }; - -@@ -1274,8 +1274,8 @@ static const struct lttng_kernel_event_desc * const TP_ID(__event_desc___, TRACE - /* non-const because list head will be modified when registered. */ - static __used struct lttng_kernel_probe_desc TP_ID(__probe_desc___, TRACE_SYSTEM) = { - .provider_name = __stringify(TRACE_SYSTEM), -- .event_desc = TP_ID(__event_desc___, TRACE_SYSTEM), -- .nr_events = ARRAY_SIZE(TP_ID(__event_desc___, TRACE_SYSTEM)), -+ .event_desc = TP_ID(__provider_event_desc___, TRACE_SYSTEM), -+ .nr_events = ARRAY_SIZE(TP_ID(__provider_event_desc___, TRACE_SYSTEM)), - .head = { NULL, NULL }, - .lazy_init_head = { NULL, NULL }, - .lazy = 0, --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch b/meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch deleted file mode 100644 index afe514de82..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch +++ /dev/null @@ -1,183 +0,0 @@ -From 8e52fd71e693619f7a58de2692e59f0c826e9988 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 13:52:57 -0400 -Subject: [PATCH 03/10] fix: sched/tracing: Don't re-read p->state when - emitting sched_switch event (v5.18) - -See upstream commit : - - commit fa2c3254d7cfff5f7a916ab928a562d1165f17bb - Author: Valentin Schneider <valentin.schneider@arm.com> - Date: Thu Jan 20 16:25:19 2022 +0000 - - sched/tracing: Don't re-read p->state when emitting sched_switch event - - As of commit - - c6e7bd7afaeb ("sched/core: Optimize ttwu() spinning on p->on_cpu") - - the following sequence becomes possible: - - p->__state = TASK_INTERRUPTIBLE; - __schedule() - deactivate_task(p); - ttwu() - READ !p->on_rq - p->__state=TASK_WAKING - trace_sched_switch() - __trace_sched_switch_state() - task_state_index() - return 0; - - TASK_WAKING isn't in TASK_REPORT, so the task appears as TASK_RUNNING in - the trace event. - - Prevent this by pushing the value read from __schedule() down the trace - event. - -Upstream-Status: Backport - -Change-Id: I46743cd006be4b4d573cae2d77df7d6d16744d04 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/sched.h | 88 +++++++++++++++++++++++--- - 1 file changed, 78 insertions(+), 10 deletions(-) - -diff --git a/include/instrumentation/events/sched.h b/include/instrumentation/events/sched.h -index 91953a6f..339bec94 100644 ---- a/include/instrumentation/events/sched.h -+++ b/include/instrumentation/events/sched.h -@@ -20,7 +20,37 @@ - #ifndef _TRACE_SCHED_DEF_ - #define _TRACE_SCHED_DEF_ - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,15,0)) -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+ -+static inline long __trace_sched_switch_state(bool preempt, -+ unsigned int prev_state, -+ struct task_struct *p) -+{ -+ unsigned int state; -+ -+#ifdef CONFIG_SCHED_DEBUG -+ BUG_ON(p != current); -+#endif /* CONFIG_SCHED_DEBUG */ -+ -+ /* -+ * Preemption ignores task state, therefore preempted tasks are always -+ * RUNNING (we will not have dequeued if state != RUNNING). -+ */ -+ if (preempt) -+ return TASK_REPORT_MAX; -+ -+ /* -+ * task_state_index() uses fls() and returns a value from 0-8 range. -+ * Decrement it by 1 (except TASK_RUNNING state i.e 0) before using -+ * it for left shift operation to get the correct task->state -+ * mapping. -+ */ -+ state = __task_state_index(prev_state, p->exit_state); -+ -+ return state ? (1 << (state - 1)) : state; -+} -+ -+#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,15,0)) - - static inline long __trace_sched_switch_state(bool preempt, struct task_struct *p) - { -@@ -321,43 +351,81 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(sched_wakeup_template, sched_wakeup_new, - /* - * Tracepoint for task switches, performed by the scheduler: - */ -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) - LTTNG_TRACEPOINT_EVENT(sched_switch, - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) - TP_PROTO(bool preempt, -- struct task_struct *prev, -- struct task_struct *next), -+ unsigned int prev_state, -+ struct task_struct *prev, -+ struct task_struct *next), - -- TP_ARGS(preempt, prev, next), -+ TP_ARGS(preempt, prev_state, prev, next), -+ -+ TP_FIELDS( -+ ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, prev_tid, prev->pid) -+ ctf_integer(int, prev_prio, prev->prio - MAX_RT_PRIO) -+#ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM -+ ctf_enum(task_state, long, prev_state, __trace_sched_switch_state(preempt, prev_state, prev)) - #else -- TP_PROTO(struct task_struct *prev, -+ ctf_integer(long, prev_state, __trace_sched_switch_state(preempt, prev_state, prev)) -+#endif -+ ctf_array_text(char, next_comm, next->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, next_tid, next->pid) -+ ctf_integer(int, next_prio, next->prio - MAX_RT_PRIO) -+ ) -+) -+ -+#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) -+ -+LTTNG_TRACEPOINT_EVENT(sched_switch, -+ -+ TP_PROTO(bool preempt, -+ struct task_struct *prev, - struct task_struct *next), - -- TP_ARGS(prev, next), --#endif /* #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) */ -+ TP_ARGS(preempt, prev, next), - - TP_FIELDS( - ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) - ctf_integer(pid_t, prev_tid, prev->pid) - ctf_integer(int, prev_prio, prev->prio - MAX_RT_PRIO) --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) - #ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM - ctf_enum(task_state, long, prev_state, __trace_sched_switch_state(preempt, prev)) - #else - ctf_integer(long, prev_state, __trace_sched_switch_state(preempt, prev)) - #endif -+ ctf_array_text(char, next_comm, next->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, next_tid, next->pid) -+ ctf_integer(int, next_prio, next->prio - MAX_RT_PRIO) -+ ) -+) -+ - #else -+ -+LTTNG_TRACEPOINT_EVENT(sched_switch, -+ -+ TP_PROTO(struct task_struct *prev, -+ struct task_struct *next), -+ -+ TP_ARGS(prev, next), -+ -+ TP_FIELDS( -+ ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, prev_tid, prev->pid) -+ ctf_integer(int, prev_prio, prev->prio - MAX_RT_PRIO) - #ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM - ctf_enum(task_state, long, prev_state, __trace_sched_switch_state(prev)) - #else - ctf_integer(long, prev_state, __trace_sched_switch_state(prev)) --#endif - #endif - ctf_array_text(char, next_comm, next->comm, TASK_COMM_LEN) - ctf_integer(pid_t, next_tid, next->pid) - ctf_integer(int, next_prio, next->prio - MAX_RT_PRIO) - ) - ) -+#endif - - /* - * Tracepoint for a task being migrated: --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch b/meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch deleted file mode 100644 index 9248ffe4ff..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 868e0b6db59159197c2cec3550fa4ad5e6572bc5 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 13:54:59 -0400 -Subject: [PATCH 04/10] fix: block: remove genhd.h (v5.18) - -See upstream commit : - - commit 322cbb50de711814c42fb088f6d31901502c711a - Author: Christoph Hellwig <hch@lst.de> - Date: Mon Jan 24 10:39:13 2022 +0100 - - block: remove genhd.h - - There is no good reason to keep genhd.h separate from the main blkdev.h - header that includes it. So fold the contents of genhd.h into blkdev.h - and remove genhd.h entirely. - -Upstream-Status: Backport - -Change-Id: I7cf2aaa3a4c133320b95f2edde49f790f9515dbd -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/wrapper/genhd.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/include/wrapper/genhd.h b/include/wrapper/genhd.h -index 3c6dbcbe..4a59b68e 100644 ---- a/include/wrapper/genhd.h -+++ b/include/wrapper/genhd.h -@@ -12,7 +12,11 @@ - #ifndef _LTTNG_WRAPPER_GENHD_H - #define _LTTNG_WRAPPER_GENHD_H - -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+#include <linux/blkdev.h> -+#else - #include <linux/genhd.h> -+#endif - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) - #define LTTNG_GENHD_FL_HIDDEN GENHD_FL_HIDDEN --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch b/meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch deleted file mode 100644 index 0751827613..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 2bc7cb7193124d20aa4e1b5dbad0410bfb97a470 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 14:12:13 -0400 -Subject: [PATCH 05/10] fix: scsi: block: Remove REQ_OP_WRITE_SAME support - (v5.18) - -See upstream commit : - - commit 73bd66d9c834220579c881a3eb020fd8917075d8 - Author: Christoph Hellwig <hch@lst.de> - Date: Wed Feb 9 09:28:28 2022 +0100 - - scsi: block: Remove REQ_OP_WRITE_SAME support - - No more users of REQ_OP_WRITE_SAME or drivers implementing it are left, - so remove the infrastructure. - -Upstream-Status: Backport - -Change-Id: Ifbff71f79f8b590436fc7cb79f82d90c6e033d84 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/block.h | 32 ++++++++++++++++++++++++++ - 1 file changed, 32 insertions(+) - -diff --git a/include/instrumentation/events/block.h b/include/instrumentation/events/block.h -index 3e1104d7..050a59a2 100644 ---- a/include/instrumentation/events/block.h -+++ b/include/instrumentation/events/block.h -@@ -66,6 +66,37 @@ LTTNG_TRACEPOINT_ENUM(block_rq_type, - #define lttng_bio_op(bio) bio_op(bio) - #define lttng_bio_rw(bio) ((bio)->bi_opf) - -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+#ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM -+#define blk_rwbs_ctf_integer(type, rwbs, op, rw, bytes) \ -+ ctf_enum(block_rq_type, type, rwbs, \ -+ ( (op) == REQ_OP_WRITE ? RWBS_FLAG_WRITE : \ -+ ( (op) == REQ_OP_DISCARD ? RWBS_FLAG_DISCARD : \ -+ ( (op) == REQ_OP_SECURE_ERASE ? (RWBS_FLAG_DISCARD | RWBS_FLAG_SECURE) : \ -+ ( (op) == REQ_OP_FLUSH ? RWBS_FLAG_FLUSH : \ -+ ( (op) == REQ_OP_READ ? RWBS_FLAG_READ : \ -+ ( 0 )))))) \ -+ | ((rw) & REQ_RAHEAD ? RWBS_FLAG_RAHEAD : 0) \ -+ | ((rw) & REQ_SYNC ? RWBS_FLAG_SYNC : 0) \ -+ | ((rw) & REQ_META ? RWBS_FLAG_META : 0) \ -+ | ((rw) & REQ_PREFLUSH ? RWBS_FLAG_PREFLUSH : 0) \ -+ | ((rw) & REQ_FUA ? RWBS_FLAG_FUA : 0)) -+#else -+#define blk_rwbs_ctf_integer(type, rwbs, op, rw, bytes) \ -+ ctf_integer(type, rwbs, \ -+ ( (op) == REQ_OP_WRITE ? RWBS_FLAG_WRITE : \ -+ ( (op) == REQ_OP_DISCARD ? RWBS_FLAG_DISCARD : \ -+ ( (op) == REQ_OP_SECURE_ERASE ? (RWBS_FLAG_DISCARD | RWBS_FLAG_SECURE) : \ -+ ( (op) == REQ_OP_FLUSH ? RWBS_FLAG_FLUSH : \ -+ ( (op) == REQ_OP_READ ? RWBS_FLAG_READ : \ -+ ( 0 )))))) \ -+ | ((rw) & REQ_RAHEAD ? RWBS_FLAG_RAHEAD : 0) \ -+ | ((rw) & REQ_SYNC ? RWBS_FLAG_SYNC : 0) \ -+ | ((rw) & REQ_META ? RWBS_FLAG_META : 0) \ -+ | ((rw) & REQ_PREFLUSH ? RWBS_FLAG_PREFLUSH : 0) \ -+ | ((rw) & REQ_FUA ? RWBS_FLAG_FUA : 0)) -+#endif /* CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM */ -+#else - #ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM - #define blk_rwbs_ctf_integer(type, rwbs, op, rw, bytes) \ - ctf_enum(block_rq_type, type, rwbs, \ -@@ -95,6 +126,7 @@ LTTNG_TRACEPOINT_ENUM(block_rq_type, - | ((rw) & REQ_PREFLUSH ? RWBS_FLAG_PREFLUSH : 0) \ - | ((rw) & REQ_FUA ? RWBS_FLAG_FUA : 0)) - #endif /* CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM */ -+#endif - - #elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(3,1,0)) - --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch b/meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch deleted file mode 100644 index 9c2f70d4af..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 369d82bb1746447514c877088d7c5fd0f39140f8 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 14:33:42 -0400 -Subject: [PATCH 06/10] fix: random: remove unused tracepoints (v5.18) - -See upstream commit : - - commit 14c174633f349cb41ea90c2c0aaddac157012f74 - Author: Jason A. Donenfeld <Jason@zx2c4.com> - Date: Thu Feb 10 16:40:44 2022 +0100 - - random: remove unused tracepoints - - These explicit tracepoints aren't really used and show sign of aging. - It's work to keep these up to date, and before I attempted to keep them - up to date, they weren't up to date, which indicates that they're not - really used. These days there are better ways of introspecting anyway. - -Upstream-Status: Backport - -Change-Id: I3b8c3e2732e7efdd76ce63204ac53a48784d0df6 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - src/probes/Kbuild | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/probes/Kbuild b/src/probes/Kbuild -index e26b4359..8d6ff0f2 100644 ---- a/src/probes/Kbuild -+++ b/src/probes/Kbuild -@@ -187,8 +187,11 @@ ifneq ($(CONFIG_FRAME_WARN),0) - CFLAGS_lttng-probe-printk.o += -Wframe-larger-than=2200 - endif - -+# Introduced in v3.6, remove in v5.18 - obj-$(CONFIG_LTTNG) += $(shell \ -- if [ $(VERSION) -ge 4 \ -+ if [ \( ! \( $(VERSION) -ge 6 -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) \) \ -+ -a \ -+ $(VERSION) -ge 4 \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -ge 6 \) \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -eq 5 -a $(SUBLEVEL) -ge 2 \) \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -eq 4 -a $(SUBLEVEL) -ge 9 \) \ --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch b/meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch deleted file mode 100644 index effd37ffe1..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 3c46ddc134621dba65030263aa321dd6bdae3ba3 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 15:02:10 -0400 -Subject: [PATCH 07/10] fix: kprobes: Use rethook for kretprobe if possible - (v5.18) - -See upstream commit : - - commit 73f9b911faa74ac5107879de05c9489c419f41bb - Author: Masami Hiramatsu <mhiramat@kernel.org> - Date: Sat Mar 26 11:27:05 2022 +0900 - - kprobes: Use rethook for kretprobe if possible - - Use rethook for kretprobe function return hooking if the arch sets - CONFIG_HAVE_RETHOOK=y. In this case, CONFIG_KRETPROBE_ON_RETHOOK is - set to 'y' automatically, and the kretprobe internal data fields - switches to use rethook. If not, it continues to use kretprobe - specific function return hooks. - -Upstream-Status: Backport - -Change-Id: I2b7670dc04e4769c1e3c372582ad2f555f6d7a66 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/wrapper/kprobes.h | 17 +++++++++++++++++ - src/probes/lttng-kretprobes.c | 2 +- - 2 files changed, 18 insertions(+), 1 deletion(-) - -diff --git a/include/wrapper/kprobes.h b/include/wrapper/kprobes.h -index b546d615..51d32b7c 100644 ---- a/include/wrapper/kprobes.h -+++ b/include/wrapper/kprobes.h -@@ -29,4 +29,21 @@ struct kretprobe *lttng_get_kretprobe(struct kretprobe_instance *ri) - - #endif /* LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) */ - -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+static inline -+unsigned long lttng_get_kretprobe_retaddr(struct kretprobe_instance *ri) -+{ -+ return get_kretprobe_retaddr(ri); -+} -+ -+#else -+ -+static inline -+unsigned long lttng_get_kretprobe_retaddr(struct kretprobe_instance *ri) -+{ -+ return (unsigned long) ri->ret_addr; -+} -+#endif -+ - #endif /* _LTTNG_WRAPPER_KPROBES_H */ -diff --git a/src/probes/lttng-kretprobes.c b/src/probes/lttng-kretprobes.c -index 5cb2e953..565df739 100644 ---- a/src/probes/lttng-kretprobes.c -+++ b/src/probes/lttng-kretprobes.c -@@ -81,7 +81,7 @@ int _lttng_kretprobes_handler(struct kretprobe_instance *krpi, - int ret; - - payload.ip = (unsigned long) lttng_get_kretprobe(krpi)->kp.addr; -- payload.parent_ip = (unsigned long) krpi->ret_addr; -+ payload.parent_ip = lttng_get_kretprobe_retaddr(krpi); - - lib_ring_buffer_ctx_init(&ctx, event_recorder, sizeof(payload), - lttng_alignof(payload), <tng_probe_ctx); --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch b/meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch deleted file mode 100644 index 13c504b859..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch +++ /dev/null @@ -1,44 +0,0 @@ -From e8d2f286b5b208ac8870d0a9c167b170e96169b3 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 15:08:48 -0400 -Subject: [PATCH 08/10] fix: scsi: core: Remove <scsi/scsi_request.h> (v5.18) - -See upstream commit : - - commit 26440303310591e29121964ede0048583cb3126d - Author: Christoph Hellwig <hch@lst.de> - Date: Thu Feb 24 18:55:52 2022 +0100 - - scsi: core: Remove <scsi/scsi_request.h> - - This header is empty now except for an include of <linux/blk-mq.h>, so - remove it. - -Upstream-Status: Backport - -Change-Id: Ic8ee3352f1e8bddfcd44c31be9b788db82f183aa -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/block.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/include/instrumentation/events/block.h b/include/instrumentation/events/block.h -index 050a59a2..882e6e08 100644 ---- a/include/instrumentation/events/block.h -+++ b/include/instrumentation/events/block.h -@@ -11,9 +11,9 @@ - #include <linux/trace_seq.h> - #include <lttng/kernel-version.h> - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,11,0)) -+#if LTTNG_KERNEL_RANGE(4,11,0, 5,18,0) - #include <scsi/scsi_request.h> --#endif /* (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,11,0)) */ -+#endif /* LTTNG_KERNEL_RANGE(4,11,0, 5,18,0) */ - - #ifndef _TRACE_BLOCK_DEF_ - #define _TRACE_BLOCK_DEF_ --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch b/meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch deleted file mode 100644 index 892d3f0d23..0000000000 --- a/meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch +++ /dev/null @@ -1,106 +0,0 @@ -From f9208dc00756dfa0a2f191799722030bdf3f793d Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 15:14:01 -0400 -Subject: [PATCH 10/10] fix: mm: compaction: cleanup the compaction trace - events (v5.18) - -See upstream commit : - - commit abd4349ff9b8d242376b67711254221f64f447c7 - Author: Baolin Wang <baolin.wang@linux.alibaba.com> - Date: Tue Mar 22 14:45:56 2022 -0700 - - mm: compaction: cleanup the compaction trace events - - As Steven suggested [1], we should access the pointers from the trace - event to avoid dereferencing them to the tracepoint function when the - tracepoint is disabled. - - [1] https://lkml.org/lkml/2021/11/3/409 - -Upstream-Status: Backport - -Change-Id: I6c08250df8596e8dbc76780ae5d95c899c12e6fe -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/compaction.h | 17 ++++++++++++++++- - src/probes/Kbuild | 17 ++++++++++++++++- - src/probes/lttng-probe-compaction.c | 5 +++++ - 3 files changed, 37 insertions(+), 2 deletions(-) - -diff --git a/include/instrumentation/events/compaction.h b/include/instrumentation/events/compaction.h -index 15964537..ecae39a8 100644 ---- a/include/instrumentation/events/compaction.h -+++ b/include/instrumentation/events/compaction.h -@@ -97,7 +97,22 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE_MAP(compaction_isolate_template, - - #endif /* #else #if LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,0,0) */ - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+LTTNG_TRACEPOINT_EVENT_MAP(mm_compaction_migratepages, -+ -+ compaction_migratepages, -+ -+ TP_PROTO(struct compact_control *cc, -+ unsigned int nr_succeeded), -+ -+ TP_ARGS(cc, nr_succeeded), -+ -+ TP_FIELDS( -+ ctf_integer(unsigned long, nr_migrated, nr_succeeded) -+ ctf_integer(unsigned long, nr_failed, cc->nr_migratepages - nr_succeeded) -+ ) -+) -+#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) - LTTNG_TRACEPOINT_EVENT_MAP(mm_compaction_migratepages, - - compaction_migratepages, -diff --git a/src/probes/Kbuild b/src/probes/Kbuild -index 8d6ff0f2..54784477 100644 ---- a/src/probes/Kbuild -+++ b/src/probes/Kbuild -@@ -167,7 +167,22 @@ ifneq ($(CONFIG_BTRFS_FS),) - endif # $(wildcard $(btrfs_dep)) - endif # CONFIG_BTRFS_FS - --obj-$(CONFIG_LTTNG) += lttng-probe-compaction.o -+# A dependency on internal header 'mm/internal.h' was introduced in v5.18 -+compaction_dep = $(srctree)/mm/internal.h -+compaction_dep_wildcard = $(wildcard $(compaction_dep)) -+compaction_dep_check = $(shell \ -+if [ \( $(VERSION) -ge 6 \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) -a \ -+ -z "$(compaction_dep_wildcard)" ] ; then \ -+ echo "warn" ; \ -+else \ -+ echo "ok" ; \ -+fi ;) -+ifeq ($(compaction_dep_check),ok) -+ obj-$(CONFIG_LTTNG) += lttng-probe-compaction.o -+else -+ $(warning Files $(compaction_dep) not found. Probe "compaction" is disabled. Use full kernel source tree to enable it.) -+endif # $(wildcard $(compaction_dep)) - - ifneq ($(CONFIG_EXT4_FS),) - ext4_dep = $(srctree)/fs/ext4/*.h -diff --git a/src/probes/lttng-probe-compaction.c b/src/probes/lttng-probe-compaction.c -index f8ddf384..ffaf45f0 100644 ---- a/src/probes/lttng-probe-compaction.c -+++ b/src/probes/lttng-probe-compaction.c -@@ -10,6 +10,11 @@ - - #include <linux/module.h> - #include <lttng/tracer.h> -+#include <lttng/kernel-version.h> -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+#include "../mm/internal.h" -+#endif - - /* - * Create the tracepoint static inlines from the kernel to validate that our --- -2.19.1 - diff --git a/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb b/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb index e049bdc6d2..bee2204b42 100644 --- a/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb +++ b/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb @@ -10,24 +10,14 @@ inherit module include lttng-platforms.inc SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \ - file://0001-Fix-compaction-migratepages-event-name.patch \ - file://0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch \ - file://0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch \ - file://0004-fix-block-remove-genhd.h-v5.18.patch \ - file://0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch \ - file://0006-fix-random-remove-unused-tracepoints-v5.18.patch \ - file://0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch \ - file://0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch \ file://0009-Rename-genhd-wrapper-to-blkdev.patch \ - file://0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch \ - file://0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch \ - file://0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch \ - " + file://0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch \ + " # Use :append here so that the patch is applied also when using devupstream SRC_URI:append = " file://0001-src-Kbuild-change-missing-CONFIG_TRACEPOINTS-to-warn.patch" -SRC_URI[sha256sum] = "7cf1acbb50b84116acc9b4281b81dcc2643d6018bbd1e8514ad1270239896c4b" +SRC_URI[sha256sum] = "6159d00e4e1d59546eec8d4a67e1aa39c1084ceb5e5afeb666eab4b8a5b5a9ee" export INSTALL_MOD_DIR="kernel/lttng-modules" diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb index adefc44eaa..95e7eae9fe 100644 --- a/meta/recipes-kernel/perf/perf.bb +++ b/meta/recipes-kernel/perf/perf.bb @@ -227,6 +227,15 @@ do_configure:prepend () { # reproducible. sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(PYTHON_AUTO)),$(notdir $(call get-executable-or-default\,PYTHON\,$(PYTHON_AUTO))),g' \ ${S}/tools/perf/Makefile.config + # The same line is in older releases, but looking explicitly for Python 2 + sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(PYTHON2)),$(notdir $(call get-executable-or-default\,PYTHON\,$(PYTHON2))),g' \ + ${S}/tools/perf/Makefile.config + + # likewise with this substitution. Kernels with commit 18f2967418d031a39 + # [perf tools: Use Python devtools for version autodetection rather than runtime] + # need this substitution for reproducibility. + sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(subst -config\,\,$(PYTHON_AUTO))),$(notdir $(call get-executable-or-default\,PYTHON\,$(subst -config\,\,$(PYTHON_AUTO)))),g' \ + ${S}/tools/perf/Makefile.config # The following line: # srcdir_SQ = $(patsubst %tools/perf,tools/perf,$(subst ','\'',$(srcdir))), diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.3.bb index 4819a34b26..c515e173c8 100644 --- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.3.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV} file://0001-connect-has-a-different-signature-on-musl.patch \ " -SRC_URI[sha256sum] = "b28dba953a92532208b30467ff91076295e266f65364b1b3482b4c4372d44b2a" +SRC_URI[sha256sum] = "bbbd45ead703367ea8f4be9b3c082d7b62bef47b240a39083f27844e28758c47" DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base" RRECOMMENDS:${PN} = "git" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.3.bb index 4ef9755c07..e8da49af99 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.3.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \ " SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz" -SRC_URI[sha256sum] = "b5c531dd8413bf771c79dab66b8e389f20b3991f745115133f0fa0b8e32809f9" +SRC_URI[sha256sum] = "3fedd10560fcdfaa1b6462cbf79a38c4e7b57d7f390359393fc0cef6dbf27dfe" S = "${WORKDIR}/gst-libav-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.3.bb index c4f5d719bb..fb48562a2b 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.3.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz" -SRC_URI[sha256sum] = "7efed7cc5b0acf9a669e38c5360a7892430a4e86c858daac6faa1ade2b151668" +SRC_URI[sha256sum] = "8db48040bb41f09edf8d17ff6d16c54888d7777ba4501c2c69f0083350ea9a15" S = "${WORKDIR}/gst-omx-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.3.bb index bb33e3822e..05de217c34 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.3.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad file://0003-ensure-valid-sentinals-for-gst_structure_get-etc.patch \ file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \ " -SRC_URI[sha256sum] = "4adc4c05f41051f8136b80cda99b0d049a34e777832f9fea7c5a70347658745b" +SRC_URI[sha256sum] = "7a11c13b55dd1d2386dd902219e41cbfcdda8e1e0aa3e738186c95074b35da4f" S = "${WORKDIR}/gst-plugins-bad-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.3.bb index e47851700a..7eebbba949 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.3.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba file://0003-viv-fb-Make-sure-config.h-is-included.patch \ file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \ " -SRC_URI[sha256sum] = "ab0656f2ad4d38292a803e0cb4ca090943a9b43c8063f650b4d3e3606c317f17" +SRC_URI[sha256sum] = "7e30b3dd81a70380ff7554f998471d6996ff76bbe6fc5447096f851e24473c9f" S = "${WORKDIR}/gst-plugins-base-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.3.bb index 6c52fb35b9..0235935a4a 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.3.bb @@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \ " -SRC_URI[sha256sum] = "83589007bf002b8f9ef627718f308c16d83351905f0db8e85c3060f304143aae" +SRC_URI[sha256sum] = "f8f3c206bf5cdabc00953920b47b3575af0ef15e9f871c0b6966f6d0aa5868b7" S = "${WORKDIR}/gst-plugins-good-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.3.bb index edc2ece979..ad7b84b5ab 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.3.bb @@ -14,7 +14,7 @@ LICENSE_FLAGS = "commercial" SRC_URI = " \ https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "b43fb4df94459afbf67ec22003ca58ffadcd19e763f276dca25b64c848adb7bf" +SRC_URI[sha256sum] = "8caa20789a09c304b49cf563d33cca9421b1875b84fcc187e4a385fa01d6aefd" S = "${WORKDIR}/gst-plugins-ugly-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.3.bb index 34bc4bf4f4..57026ba73b 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.3.bb @@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "853ea35a1088c762fb703e5aea9c30031a19222b59786b6599956e154620fa2f" +SRC_URI[sha256sum] = "db348120eae955b8cc4de3560a7ea06e36d6e1ddbaa99a7ad96b59846601cfdc" DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.3.bb index fd6e16c2bf..fd4f82fcc3 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.3.bb @@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "6a8e9d136bbee4fc03858a0680dd5cbf91e2e989c43da115858eb21fb1adbcab" +SRC_URI[sha256sum] = "ee402718be9b127f0e5e66ca4c1b4f42e4926ec93ba307b7ccca5dc6cc9794ca" S = "${WORKDIR}/${PNREAL}-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.3.bb index 40dc21cf45..6e580f9f79 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.3.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "30126ab6e3105dab8da76bd9951a68886149bcd70c7fee0bac68de564de41d3d" +SRC_URI[sha256sum] = "6ee99eb316abdde9ad37002915bd8c3867918f6fdc74b7cf2ac4c1ae0d690b45" S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.2.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.3.bb index 3aa9aa7048..1f4576c3e1 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.2.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.3.bb @@ -23,7 +23,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \ file://0005-tests-remove-gstbin-test_watch_for_state_change-test.patch \ " -SRC_URI[sha256sum] = "df24e8792691a02dfe003b3833a51f1dbc6c3331ae625d143b17da939ceb5e0a" +SRC_URI[sha256sum] = "607daf64bbbd5fb18af9d17e21c0d22c4d702fffe83b23cb22d1b1af2ca23a2a" PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \ check \ diff --git a/meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch b/meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch new file mode 100644 index 0000000000..a28df6ed8c --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch @@ -0,0 +1,182 @@ +From 029da2cf70e8e38f10d62d4b0be440fb9d145af0 Mon Sep 17 00:00:00 2001 +From: 4ugustus <wangdw.augustus@qq.com> +Date: Sat, 11 Jun 2022 09:31:43 +0000 +Subject: [PATCH] fix the FPE in tiffcrop (#415, #427, and #428) + +CVE: CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +Signed-off-by: Steve Sakoman <steve@sakoman.com> + +--- + libtiff/tif_aux.c | 9 +++++++ + libtiff/tiffiop.h | 1 + + tools/tiffcrop.c | 62 ++++++++++++++++++++++++++--------------------- + 3 files changed, 44 insertions(+), 28 deletions(-) + +diff --git a/libtiff/tif_aux.c b/libtiff/tif_aux.c +index 140f26c..5b88c8d 100644 +--- a/libtiff/tif_aux.c ++++ b/libtiff/tif_aux.c +@@ -402,6 +402,15 @@ float _TIFFClampDoubleToFloat( double val ) + return (float)val; + } + ++uint32_t _TIFFClampDoubleToUInt32(double val) ++{ ++ if( val < 0 ) ++ return 0; ++ if( val > 0xFFFFFFFFU || val != val ) ++ return 0xFFFFFFFFU; ++ return (uint32_t)val; ++} ++ + int _TIFFSeekOK(TIFF* tif, toff_t off) + { + /* Huge offsets, especially -1 / UINT64_MAX, can cause issues */ +diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h +index f1151f5..c1d0276 100644 +--- a/libtiff/tiffiop.h ++++ b/libtiff/tiffiop.h +@@ -368,6 +368,7 @@ extern double _TIFFUInt64ToDouble(uint64_t); + extern float _TIFFUInt64ToFloat(uint64_t); + + extern float _TIFFClampDoubleToFloat(double); ++extern uint32_t _TIFFClampDoubleToUInt32(double); + + extern tmsize_t + _TIFFReadEncodedStripAndAllocBuffer(TIFF* tif, uint32_t strip, +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index e407bf5..b9b13d8 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -5182,17 +5182,17 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image, + { + if ((crop->res_unit == RESUNIT_INCH) || (crop->res_unit == RESUNIT_CENTIMETER)) + { +- x1 = (uint32_t) (crop->corners[i].X1 * scale * xres); +- x2 = (uint32_t) (crop->corners[i].X2 * scale * xres); +- y1 = (uint32_t) (crop->corners[i].Y1 * scale * yres); +- y2 = (uint32_t) (crop->corners[i].Y2 * scale * yres); ++ x1 = _TIFFClampDoubleToUInt32(crop->corners[i].X1 * scale * xres); ++ x2 = _TIFFClampDoubleToUInt32(crop->corners[i].X2 * scale * xres); ++ y1 = _TIFFClampDoubleToUInt32(crop->corners[i].Y1 * scale * yres); ++ y2 = _TIFFClampDoubleToUInt32(crop->corners[i].Y2 * scale * yres); + } + else + { +- x1 = (uint32_t) (crop->corners[i].X1); +- x2 = (uint32_t) (crop->corners[i].X2); +- y1 = (uint32_t) (crop->corners[i].Y1); +- y2 = (uint32_t) (crop->corners[i].Y2); ++ x1 = _TIFFClampDoubleToUInt32(crop->corners[i].X1); ++ x2 = _TIFFClampDoubleToUInt32(crop->corners[i].X2); ++ y1 = _TIFFClampDoubleToUInt32(crop->corners[i].Y1); ++ y2 = _TIFFClampDoubleToUInt32(crop->corners[i].Y2); + } + if (x1 < 1) + crop->regionlist[i].x1 = 0; +@@ -5255,17 +5255,17 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image, + { + if (crop->res_unit != RESUNIT_INCH && crop->res_unit != RESUNIT_CENTIMETER) + { /* User has specified pixels as reference unit */ +- tmargin = (uint32_t)(crop->margins[0]); +- lmargin = (uint32_t)(crop->margins[1]); +- bmargin = (uint32_t)(crop->margins[2]); +- rmargin = (uint32_t)(crop->margins[3]); ++ tmargin = _TIFFClampDoubleToUInt32(crop->margins[0]); ++ lmargin = _TIFFClampDoubleToUInt32(crop->margins[1]); ++ bmargin = _TIFFClampDoubleToUInt32(crop->margins[2]); ++ rmargin = _TIFFClampDoubleToUInt32(crop->margins[3]); + } + else + { /* inches or centimeters specified */ +- tmargin = (uint32_t)(crop->margins[0] * scale * yres); +- lmargin = (uint32_t)(crop->margins[1] * scale * xres); +- bmargin = (uint32_t)(crop->margins[2] * scale * yres); +- rmargin = (uint32_t)(crop->margins[3] * scale * xres); ++ tmargin = _TIFFClampDoubleToUInt32(crop->margins[0] * scale * yres); ++ lmargin = _TIFFClampDoubleToUInt32(crop->margins[1] * scale * xres); ++ bmargin = _TIFFClampDoubleToUInt32(crop->margins[2] * scale * yres); ++ rmargin = _TIFFClampDoubleToUInt32(crop->margins[3] * scale * xres); + } + + if ((lmargin + rmargin) > image->width) +@@ -5295,24 +5295,24 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image, + if (crop->res_unit != RESUNIT_INCH && crop->res_unit != RESUNIT_CENTIMETER) + { + if (crop->crop_mode & CROP_WIDTH) +- width = (uint32_t)crop->width; ++ width = _TIFFClampDoubleToUInt32(crop->width); + else + width = image->width - lmargin - rmargin; + + if (crop->crop_mode & CROP_LENGTH) +- length = (uint32_t)crop->length; ++ length = _TIFFClampDoubleToUInt32(crop->length); + else + length = image->length - tmargin - bmargin; + } + else + { + if (crop->crop_mode & CROP_WIDTH) +- width = (uint32_t)(crop->width * scale * image->xres); ++ width = _TIFFClampDoubleToUInt32(crop->width * scale * image->xres); + else + width = image->width - lmargin - rmargin; + + if (crop->crop_mode & CROP_LENGTH) +- length = (uint32_t)(crop->length * scale * image->yres); ++ length = _TIFFClampDoubleToUInt32(crop->length * scale * image->yres); + else + length = image->length - tmargin - bmargin; + } +@@ -5711,13 +5711,13 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image, + { + if (page->res_unit == RESUNIT_INCH || page->res_unit == RESUNIT_CENTIMETER) + { /* inches or centimeters specified */ +- hmargin = (uint32_t)(page->hmargin * scale * page->hres * ((image->bps + 7) / 8)); +- vmargin = (uint32_t)(page->vmargin * scale * page->vres * ((image->bps + 7) / 8)); ++ hmargin = _TIFFClampDoubleToUInt32(page->hmargin * scale * page->hres * ((image->bps + 7) / 8)); ++ vmargin = _TIFFClampDoubleToUInt32(page->vmargin * scale * page->vres * ((image->bps + 7) / 8)); + } + else + { /* Otherwise user has specified pixels as reference unit */ +- hmargin = (uint32_t)(page->hmargin * scale * ((image->bps + 7) / 8)); +- vmargin = (uint32_t)(page->vmargin * scale * ((image->bps + 7) / 8)); ++ hmargin = _TIFFClampDoubleToUInt32(page->hmargin * scale * ((image->bps + 7) / 8)); ++ vmargin = _TIFFClampDoubleToUInt32(page->vmargin * scale * ((image->bps + 7) / 8)); + } + + if ((hmargin * 2.0) > (pwidth * page->hres)) +@@ -5755,13 +5755,13 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image, + { + if (page->mode & PAGE_MODE_PAPERSIZE ) + { +- owidth = (uint32_t)((pwidth * page->hres) - (hmargin * 2)); +- olength = (uint32_t)((plength * page->vres) - (vmargin * 2)); ++ owidth = _TIFFClampDoubleToUInt32((pwidth * page->hres) - (hmargin * 2)); ++ olength = _TIFFClampDoubleToUInt32((plength * page->vres) - (vmargin * 2)); + } + else + { +- owidth = (uint32_t)(iwidth - (hmargin * 2 * page->hres)); +- olength = (uint32_t)(ilength - (vmargin * 2 * page->vres)); ++ owidth = _TIFFClampDoubleToUInt32(iwidth - (hmargin * 2 * page->hres)); ++ olength = _TIFFClampDoubleToUInt32(ilength - (vmargin * 2 * page->vres)); + } + } + +@@ -5770,6 +5770,12 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image, + if (olength > ilength) + olength = ilength; + ++ if (owidth == 0 || olength == 0) ++ { ++ TIFFError("computeOutputPixelOffsets", "Integer overflow when calculating the number of pages"); ++ exit(EXIT_FAILURE); ++ } ++ + /* Compute the number of pages required for Portrait or Landscape */ + switch (page->orient) + { diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch new file mode 100644 index 0000000000..71b85cac10 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch @@ -0,0 +1,212 @@ +From 87881e093691a35c60b91cafed058ba2dd5d9807 Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Sun, 5 Dec 2021 14:37:46 +0100 +Subject: [PATCH] TIFFReadDirectory: fix OJPEG hack (fixes #319) + +to avoid having the size of the strip arrays inconsistent with the +number of strips returned by TIFFNumberOfStrips(), which may cause +out-ouf-bounds array read afterwards. + +One of the OJPEG hack that alters SamplesPerPixel may influence the +number of strips. Hence compute tif_dir.td_nstrips only afterwards. + +CVE: CVE-2022-1354 + +Upstream-Status: Backport +[https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + libtiff/tif_dirread.c | 162 ++++++++++++++++++++++-------------------- + 1 file changed, 83 insertions(+), 79 deletions(-) + +diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c +index 8f434ef5..14c031d1 100644 +--- a/libtiff/tif_dirread.c ++++ b/libtiff/tif_dirread.c +@@ -3794,50 +3794,7 @@ TIFFReadDirectory(TIFF* tif) + MissingRequired(tif,"ImageLength"); + goto bad; + } +- /* +- * Setup appropriate structures (by strip or by tile) +- */ +- if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS)) { +- tif->tif_dir.td_nstrips = TIFFNumberOfStrips(tif); +- tif->tif_dir.td_tilewidth = tif->tif_dir.td_imagewidth; +- tif->tif_dir.td_tilelength = tif->tif_dir.td_rowsperstrip; +- tif->tif_dir.td_tiledepth = tif->tif_dir.td_imagedepth; +- tif->tif_flags &= ~TIFF_ISTILED; +- } else { +- tif->tif_dir.td_nstrips = TIFFNumberOfTiles(tif); +- tif->tif_flags |= TIFF_ISTILED; +- } +- if (!tif->tif_dir.td_nstrips) { +- TIFFErrorExt(tif->tif_clientdata, module, +- "Cannot handle zero number of %s", +- isTiled(tif) ? "tiles" : "strips"); +- goto bad; +- } +- tif->tif_dir.td_stripsperimage = tif->tif_dir.td_nstrips; +- if (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE) +- tif->tif_dir.td_stripsperimage /= tif->tif_dir.td_samplesperpixel; +- if (!TIFFFieldSet(tif, FIELD_STRIPOFFSETS)) { +-#ifdef OJPEG_SUPPORT +- if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG) && +- (isTiled(tif)==0) && +- (tif->tif_dir.td_nstrips==1)) { +- /* +- * XXX: OJPEG hack. +- * If a) compression is OJPEG, b) it's not a tiled TIFF, +- * and c) the number of strips is 1, +- * then we tolerate the absence of stripoffsets tag, +- * because, presumably, all required data is in the +- * JpegInterchangeFormat stream. +- */ +- TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS); +- } else +-#endif +- { +- MissingRequired(tif, +- isTiled(tif) ? "TileOffsets" : "StripOffsets"); +- goto bad; +- } +- } ++ + /* + * Second pass: extract other information. + */ +@@ -4042,41 +3999,6 @@ TIFFReadDirectory(TIFF* tif) + } /* -- if (!dp->tdir_ignore) */ + } /* -- for-loop -- */ + +- if( tif->tif_mode == O_RDWR && +- tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && +- tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && +- tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && +- tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 ) +- { +- /* Directory typically created with TIFFDeferStrileArrayWriting() */ +- TIFFSetupStrips(tif); +- } +- else if( !(tif->tif_flags&TIFF_DEFERSTRILELOAD) ) +- { +- if( tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 ) +- { +- if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripoffset_entry), +- tif->tif_dir.td_nstrips, +- &tif->tif_dir.td_stripoffset_p)) +- { +- goto bad; +- } +- } +- if( tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 ) +- { +- if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripbytecount_entry), +- tif->tif_dir.td_nstrips, +- &tif->tif_dir.td_stripbytecount_p)) +- { +- goto bad; +- } +- } +- } +- + /* + * OJPEG hack: + * - If a) compression is OJPEG, and b) photometric tag is missing, +@@ -4147,6 +4069,88 @@ TIFFReadDirectory(TIFF* tif) + } + } + ++ /* ++ * Setup appropriate structures (by strip or by tile) ++ * We do that only after the above OJPEG hack which alters SamplesPerPixel ++ * and thus influences the number of strips in the separate planarconfig. ++ */ ++ if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS)) { ++ tif->tif_dir.td_nstrips = TIFFNumberOfStrips(tif); ++ tif->tif_dir.td_tilewidth = tif->tif_dir.td_imagewidth; ++ tif->tif_dir.td_tilelength = tif->tif_dir.td_rowsperstrip; ++ tif->tif_dir.td_tiledepth = tif->tif_dir.td_imagedepth; ++ tif->tif_flags &= ~TIFF_ISTILED; ++ } else { ++ tif->tif_dir.td_nstrips = TIFFNumberOfTiles(tif); ++ tif->tif_flags |= TIFF_ISTILED; ++ } ++ if (!tif->tif_dir.td_nstrips) { ++ TIFFErrorExt(tif->tif_clientdata, module, ++ "Cannot handle zero number of %s", ++ isTiled(tif) ? "tiles" : "strips"); ++ goto bad; ++ } ++ tif->tif_dir.td_stripsperimage = tif->tif_dir.td_nstrips; ++ if (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE) ++ tif->tif_dir.td_stripsperimage /= tif->tif_dir.td_samplesperpixel; ++ if (!TIFFFieldSet(tif, FIELD_STRIPOFFSETS)) { ++#ifdef OJPEG_SUPPORT ++ if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG) && ++ (isTiled(tif)==0) && ++ (tif->tif_dir.td_nstrips==1)) { ++ /* ++ * XXX: OJPEG hack. ++ * If a) compression is OJPEG, b) it's not a tiled TIFF, ++ * and c) the number of strips is 1, ++ * then we tolerate the absence of stripoffsets tag, ++ * because, presumably, all required data is in the ++ * JpegInterchangeFormat stream. ++ */ ++ TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS); ++ } else ++#endif ++ { ++ MissingRequired(tif, ++ isTiled(tif) ? "TileOffsets" : "StripOffsets"); ++ goto bad; ++ } ++ } ++ ++ if( tif->tif_mode == O_RDWR && ++ tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && ++ tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && ++ tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && ++ tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 ) ++ { ++ /* Directory typically created with TIFFDeferStrileArrayWriting() */ ++ TIFFSetupStrips(tif); ++ } ++ else if( !(tif->tif_flags&TIFF_DEFERSTRILELOAD) ) ++ { ++ if( tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 ) ++ { ++ if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripoffset_entry), ++ tif->tif_dir.td_nstrips, ++ &tif->tif_dir.td_stripoffset_p)) ++ { ++ goto bad; ++ } ++ } ++ if( tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 ) ++ { ++ if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripbytecount_entry), ++ tif->tif_dir.td_nstrips, ++ &tif->tif_dir.td_stripbytecount_p)) ++ { ++ goto bad; ++ } ++ } ++ } ++ + /* + * Make sure all non-color channels are extrasamples. + * If it's not the case, define them as such. +-- +2.25.1 + diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch new file mode 100644 index 0000000000..e59f5aad55 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch @@ -0,0 +1,62 @@ +From fb1db384959698edd6caeea84e28253d272a0f96 Mon Sep 17 00:00:00 2001 +From: Su_Laus <sulau@freenet.de> +Date: Sat, 2 Apr 2022 22:33:31 +0200 +Subject: [PATCH] tiffcp: avoid buffer overflow in "mode" string (fixes #400) + +CVE: CVE-2022-1355 + +Upstream-Status: Backport +[https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + tools/tiffcp.c | 25 ++++++++++++++++++++----- + 1 file changed, 20 insertions(+), 5 deletions(-) + +diff --git a/tools/tiffcp.c b/tools/tiffcp.c +index fd129bb7..8d944ff6 100644 +--- a/tools/tiffcp.c ++++ b/tools/tiffcp.c +@@ -274,19 +274,34 @@ main(int argc, char* argv[]) + deftilewidth = atoi(optarg); + break; + case 'B': +- *mp++ = 'b'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'b'; *mp = '\0'; ++ } + break; + case 'L': +- *mp++ = 'l'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'l'; *mp = '\0'; ++ } + break; + case 'M': +- *mp++ = 'm'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'm'; *mp = '\0'; ++ } + break; + case 'C': +- *mp++ = 'c'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'c'; *mp = '\0'; ++ } + break; + case '8': +- *mp++ = '8'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode)-1)) ++ { ++ *mp++ = '8'; *mp = '\0'; ++ } + break; + case 'x': + pageInSeq = 1; +-- +2.25.1 + diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 7a5e4816a6..149516508f 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -18,6 +18,9 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://0004-TIFFFetchNormalTag-avoid-calling-memcpy-with-a-null-.patch \ file://0005-fix-the-FPE-in-tiffcrop-393.patch \ file://0006-fix-heap-buffer-overflow-in-tiffcp-278.patch \ + file://0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch \ + file://CVE-2022-1354.patch \ + file://CVE-2022-1355.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" diff --git a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc index 821ce7d1df..61d5bb00ba 100644 --- a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc +++ b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc @@ -61,7 +61,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=0e5cd938de1a7a53ea5adac38cc10c39 \ " # libtool is needed for libltdl, used in module loading. -DEPENDS = "libatomic-ops libsndfile1 libtool" +DEPENDS = "m4-native libatomic-ops libsndfile1 libtool" # optional DEPENDS += "udev alsa-lib glib-2.0" DEPENDS += "speexdsp libxml-parser-perl-native libcap" diff --git a/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb b/meta/recipes-sato/webkit/webkitgtk_2.36.4.bb index 83b6f8a6ee..df4ff63121 100644 --- a/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb +++ b/meta/recipes-sato/webkit/webkitgtk_2.36.4.bb @@ -17,7 +17,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://0001-When-building-introspection-files-do-not-quote-CFLAG.patch \ " -SRC_URI[sha256sum] = "732fcf8c4ec644b8ed28b46ebbd7c1ebab9d9e0afea9bdf5e5d12786afc478d1" +SRC_URI[sha256sum] = "b6bebe1f85a479d968c19e44a4704622ef8cef61636ad1b2406b77d16ae2e2a8" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc diff --git a/meta/recipes-support/curl/curl/CVE-2022-32205.patch b/meta/recipes-support/curl/curl/CVE-2022-32205.patch new file mode 100644 index 0000000000..165fd8af47 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-32205.patch @@ -0,0 +1,174 @@ +From a91c22a072cbb32e296f1efba3502f1b7775dfaf Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Sun, 26 Jun 2022 11:00:48 +0200 +Subject: [PATCH] cookie: apply limits + +- Send no more than 150 cookies per request +- Cap the max length used for a cookie: header to 8K +- Cap the max number of received Set-Cookie: headers to 50 + +Bug: https://curl.se/docs/CVE-2022-32205.html +CVE-2022-32205 +Reported-by: Harry Sintonen +Closes #9048 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/48d7064a49148f0394] +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> +--- + lib/cookie.c | 14 ++++++++++++-- + lib/cookie.h | 21 +++++++++++++++++++-- + lib/http.c | 13 +++++++++++-- + lib/urldata.h | 1 + + 4 files changed, 43 insertions(+), 6 deletions(-) + +diff --git a/lib/cookie.c b/lib/cookie.c +index 1b8c8f9..8a6aa1a 100644 +--- a/lib/cookie.c ++++ b/lib/cookie.c +@@ -477,6 +477,10 @@ Curl_cookie_add(struct Curl_easy *data, + (void)data; + #endif + ++ DEBUGASSERT(MAX_SET_COOKIE_AMOUNT <= 255); /* counter is an unsigned char */ ++ if(data->req.setcookies >= MAX_SET_COOKIE_AMOUNT) ++ return NULL; ++ + /* First, alloc and init a new struct for it */ + co = calloc(1, sizeof(struct Cookie)); + if(!co) +@@ -816,7 +820,7 @@ Curl_cookie_add(struct Curl_easy *data, + freecookie(co); + return NULL; + } +- ++ data->req.setcookies++; + } + else { + /* +@@ -1354,7 +1358,8 @@ static struct Cookie *dup_cookie(struct Cookie *src) + * + * It shall only return cookies that haven't expired. + */ +-struct Cookie *Curl_cookie_getlist(struct CookieInfo *c, ++struct Cookie *Curl_cookie_getlist(struct Curl_easy *data, ++ struct CookieInfo *c, + const char *host, const char *path, + bool secure) + { +@@ -1409,6 +1414,11 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c, + mainco = newco; + + matches++; ++ if(matches >= MAX_COOKIE_SEND_AMOUNT) { ++ infof(data, "Included max number of cookies (%u) in request!", ++ matches); ++ break; ++ } + } + else + goto fail; +diff --git a/lib/cookie.h b/lib/cookie.h +index 0ffe08e..7411980 100644 +--- a/lib/cookie.h ++++ b/lib/cookie.h +@@ -81,10 +81,26 @@ struct CookieInfo { + */ + #define MAX_COOKIE_LINE 5000 + +-/* This is the maximum length of a cookie name or content we deal with: */ ++/* Maximum length of an incoming cookie name or content we deal with. Longer ++ cookies are ignored. */ + #define MAX_NAME 4096 + #define MAX_NAME_TXT "4095" + ++/* Maximum size for an outgoing cookie line libcurl will use in an http ++ request. This is the default maximum length used in some versions of Apache ++ httpd. */ ++#define MAX_COOKIE_HEADER_LEN 8190 ++ ++/* Maximum number of cookies libcurl will send in a single request, even if ++ there might be more cookies that match. One reason to cap the number is to ++ keep the maximum HTTP request within the maximum allowed size. */ ++#define MAX_COOKIE_SEND_AMOUNT 150 ++ ++/* Maximum number of Set-Cookie: lines accepted in a single response. If more ++ such header lines are received, they are ignored. This value must be less ++ than 256 since an unsigned char is used to count. */ ++#define MAX_SET_COOKIE_AMOUNT 50 ++ + struct Curl_easy; + /* + * Add a cookie to the internal list of cookies. The domain and path arguments +@@ -97,7 +113,8 @@ struct Cookie *Curl_cookie_add(struct Curl_easy *data, + const char *domain, const char *path, + bool secure); + +-struct Cookie *Curl_cookie_getlist(struct CookieInfo *c, const char *host, ++struct Cookie *Curl_cookie_getlist(struct Curl_easy *data, ++ struct CookieInfo *c, const char *host, + const char *path, bool secure); + void Curl_cookie_freelist(struct Cookie *cookies); + void Curl_cookie_clearall(struct CookieInfo *cookies); +diff --git a/lib/http.c b/lib/http.c +index 4433824..2c8b0c4 100644 +--- a/lib/http.c ++++ b/lib/http.c +@@ -2709,12 +2709,14 @@ CURLcode Curl_http_bodysend(struct Curl_easy *data, struct connectdata *conn, + } + + #if !defined(CURL_DISABLE_COOKIES) ++ + CURLcode Curl_http_cookies(struct Curl_easy *data, + struct connectdata *conn, + struct dynbuf *r) + { + CURLcode result = CURLE_OK; + char *addcookies = NULL; ++ bool linecap = FALSE; + if(data->set.str[STRING_COOKIE] && + !Curl_checkheaders(data, STRCONST("Cookie"))) + addcookies = data->set.str[STRING_COOKIE]; +@@ -2732,7 +2734,7 @@ CURLcode Curl_http_cookies(struct Curl_easy *data, + !strcmp(host, "127.0.0.1") || + !strcmp(host, "[::1]") ? TRUE : FALSE; + Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE); +- co = Curl_cookie_getlist(data->cookies, host, data->state.up.path, ++ co = Curl_cookie_getlist(data, data->cookies, host, data->state.up.path, + secure_context); + Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE); + } +@@ -2746,6 +2748,13 @@ CURLcode Curl_http_cookies(struct Curl_easy *data, + if(result) + break; + } ++ if((Curl_dyn_len(r) + strlen(co->name) + strlen(co->value) + 1) >= ++ MAX_COOKIE_HEADER_LEN) { ++ infof(data, "Restricted outgoing cookies due to header size, " ++ "'%s' not sent", co->name); ++ linecap = TRUE; ++ break; ++ } + result = Curl_dyn_addf(r, "%s%s=%s", count?"; ":"", + co->name, co->value); + if(result) +@@ -2756,7 +2765,7 @@ CURLcode Curl_http_cookies(struct Curl_easy *data, + } + Curl_cookie_freelist(store); + } +- if(addcookies && !result) { ++ if(addcookies && !result && !linecap) { + if(!count) + result = Curl_dyn_addn(r, STRCONST("Cookie: ")); + if(!result) { +diff --git a/lib/urldata.h b/lib/urldata.h +index e006495..54faf7d 100644 +--- a/lib/urldata.h ++++ b/lib/urldata.h +@@ -707,6 +707,7 @@ struct SingleRequest { + #ifndef CURL_DISABLE_DOH + struct dohdata *doh; /* DoH specific data for this request */ + #endif ++ unsigned char setcookies; + BIT(header); /* incoming data has HTTP header */ + BIT(content_range); /* set TRUE if Content-Range: was found */ + BIT(upload_done); /* set to TRUE when doing chunked transfer-encoding diff --git a/meta/recipes-support/curl/curl/CVE-2022-32206.patch b/meta/recipes-support/curl/curl/CVE-2022-32206.patch new file mode 100644 index 0000000000..25f5b27cc7 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-32206.patch @@ -0,0 +1,51 @@ +From e12531340b03d242d3f892aa8797faf12b56dddf Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Mon, 16 May 2022 16:28:13 +0200 +Subject: [PATCH] content_encoding: return error on too many compression steps + +The max allowed steps is arbitrarily set to 5. + +Bug: https://curl.se/docs/CVE-2022-32206.html +CVE-2022-32206 +Reported-by: Harry Sintonen +Closes #9049 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/3a09fbb7f264c67c43] +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> +--- + lib/content_encoding.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/lib/content_encoding.c b/lib/content_encoding.c +index c03637a..6f994b3 100644 +--- a/lib/content_encoding.c ++++ b/lib/content_encoding.c +@@ -1026,12 +1026,16 @@ static const struct content_encoding *find_encoding(const char *name, + return NULL; + } + ++/* allow no more than 5 "chained" compression steps */ ++#define MAX_ENCODE_STACK 5 ++ + /* Set-up the unencoding stack from the Content-Encoding header value. + * See RFC 7231 section 3.1.2.2. */ + CURLcode Curl_build_unencoding_stack(struct Curl_easy *data, + const char *enclist, int maybechunked) + { + struct SingleRequest *k = &data->req; ++ int counter = 0; + + do { + const char *name; +@@ -1066,6 +1070,11 @@ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data, + if(!encoding) + encoding = &error_encoding; /* Defer error at stack use. */ + ++ if(++counter >= MAX_ENCODE_STACK) { ++ failf(data, "Reject response due to %u content encodings", ++ counter); ++ return CURLE_BAD_CONTENT_ENCODING; ++ } + /* Stack the unencoding stage. */ + writer = new_unencoding_writer(data, encoding, k->writer_stack); + if(!writer) diff --git a/meta/recipes-support/curl/curl/CVE-2022-32207.patch b/meta/recipes-support/curl/curl/CVE-2022-32207.patch new file mode 100644 index 0000000000..bc16b62f39 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-32207.patch @@ -0,0 +1,283 @@ +From 759088694e2ba68ddc5ffe042b071dadad6ff675 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Wed, 25 May 2022 10:09:53 +0200 +Subject: [PATCH] fopen: add Curl_fopen() for better overwriting of files + +Bug: https://curl.se/docs/CVE-2022-32207.html +CVE-2022-32207 +Reported-by: Harry Sintonen +Closes #9050 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/20f9dd6bae50b] +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> +--- + CMakeLists.txt | 1 + + configure.ac | 1 + + lib/Makefile.inc | 2 + + lib/cookie.c | 19 ++----- + lib/curl_config.h.cmake | 3 ++ + lib/fopen.c | 113 ++++++++++++++++++++++++++++++++++++++++ + lib/fopen.h | 30 +++++++++++ + 7 files changed, 154 insertions(+), 15 deletions(-) + create mode 100644 lib/fopen.c + create mode 100644 lib/fopen.h + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index b77de6d..a0bfaad 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -1027,6 +1027,7 @@ elseif(HAVE_LIBSOCKET) + set(CMAKE_REQUIRED_LIBRARIES socket) + endif() + ++check_symbol_exists(fchmod "${CURL_INCLUDES}" HAVE_FCHMOD) + check_symbol_exists(basename "${CURL_INCLUDES}" HAVE_BASENAME) + check_symbol_exists(socket "${CURL_INCLUDES}" HAVE_SOCKET) + check_symbol_exists(select "${CURL_INCLUDES}" HAVE_SELECT) +diff --git a/configure.ac b/configure.ac +index d431870..7433bb9 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3351,6 +3351,7 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se + + + AC_CHECK_FUNCS([fnmatch \ ++ fchmod \ + geteuid \ + getpass_r \ + getppid \ +diff --git a/lib/Makefile.inc b/lib/Makefile.inc +index e8f110f..5139b03 100644 +--- a/lib/Makefile.inc ++++ b/lib/Makefile.inc +@@ -133,6 +133,7 @@ LIB_CFILES = \ + escape.c \ + file.c \ + fileinfo.c \ ++ fopen.c \ + formdata.c \ + ftp.c \ + ftplistparser.c \ +@@ -263,6 +264,7 @@ LIB_HFILES = \ + escape.h \ + file.h \ + fileinfo.h \ ++ fopen.h \ + formdata.h \ + ftp.h \ + ftplistparser.h \ +diff --git a/lib/cookie.c b/lib/cookie.c +index 8a6aa1a..cb0c03b 100644 +--- a/lib/cookie.c ++++ b/lib/cookie.c +@@ -96,8 +96,8 @@ Example set of cookies: + #include "curl_get_line.h" + #include "curl_memrchr.h" + #include "parsedate.h" +-#include "rand.h" + #include "rename.h" ++#include "fopen.h" + + /* The last 3 #include files should be in this order */ + #include "curl_printf.h" +@@ -1620,20 +1620,9 @@ static CURLcode cookie_output(struct Curl_easy *data, + use_stdout = TRUE; + } + else { +- unsigned char randsuffix[9]; +- +- if(Curl_rand_hex(data, randsuffix, sizeof(randsuffix))) +- return 2; +- +- tempstore = aprintf("%s.%s.tmp", filename, randsuffix); +- if(!tempstore) +- return CURLE_OUT_OF_MEMORY; +- +- out = fopen(tempstore, FOPEN_WRITETEXT); +- if(!out) { +- error = CURLE_WRITE_ERROR; ++ error = Curl_fopen(data, filename, &out, &tempstore); ++ if(error) + goto error; +- } + } + + fputs("# Netscape HTTP Cookie File\n" +@@ -1680,7 +1669,7 @@ static CURLcode cookie_output(struct Curl_easy *data, + if(!use_stdout) { + fclose(out); + out = NULL; +- if(Curl_rename(tempstore, filename)) { ++ if(tempstore && Curl_rename(tempstore, filename)) { + unlink(tempstore); + error = CURLE_WRITE_ERROR; + goto error; +diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake +index d2a0f43..c254359 100644 +--- a/lib/curl_config.h.cmake ++++ b/lib/curl_config.h.cmake +@@ -157,6 +157,9 @@ + /* Define to 1 if you have the <assert.h> header file. */ + #cmakedefine HAVE_ASSERT_H 1 + ++/* Define to 1 if you have the `fchmod' function. */ ++#cmakedefine HAVE_FCHMOD 1 ++ + /* Define to 1 if you have the `basename' function. */ + #cmakedefine HAVE_BASENAME 1 + +diff --git a/lib/fopen.c b/lib/fopen.c +new file mode 100644 +index 0000000..ad3691b +--- /dev/null ++++ b/lib/fopen.c +@@ -0,0 +1,113 @@ ++/*************************************************************************** ++ * _ _ ____ _ ++ * Project ___| | | | _ \| | ++ * / __| | | | |_) | | ++ * | (__| |_| | _ <| |___ ++ * \___|\___/|_| \_\_____| ++ * ++ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. ++ * ++ * This software is licensed as described in the file COPYING, which ++ * you should have received as part of this distribution. The terms ++ * are also available at https://curl.se/docs/copyright.html. ++ * ++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell ++ * copies of the Software, and permit persons to whom the Software is ++ * furnished to do so, under the terms of the COPYING file. ++ * ++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY ++ * KIND, either express or implied. ++ * ++ * SPDX-License-Identifier: curl ++ * ++ ***************************************************************************/ ++ ++#include "curl_setup.h" ++ ++#if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) || \ ++ !defined(CURL_DISABLE_HSTS) ++ ++#ifdef HAVE_FCNTL_H ++#include <fcntl.h> ++#endif ++ ++#include "urldata.h" ++#include "rand.h" ++#include "fopen.h" ++/* The last 3 #include files should be in this order */ ++#include "curl_printf.h" ++#include "curl_memory.h" ++#include "memdebug.h" ++ ++/* ++ * Curl_fopen() opens a file for writing with a temp name, to be renamed ++ * to the final name when completed. If there is an existing file using this ++ * name at the time of the open, this function will clone the mode from that ++ * file. if 'tempname' is non-NULL, it needs a rename after the file is ++ * written. ++ */ ++CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, ++ FILE **fh, char **tempname) ++{ ++ CURLcode result = CURLE_WRITE_ERROR; ++ unsigned char randsuffix[9]; ++ char *tempstore = NULL; ++ struct_stat sb; ++ int fd = -1; ++ *tempname = NULL; ++ ++ if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) { ++ /* a non-regular file, fallback to direct fopen() */ ++ *fh = fopen(filename, FOPEN_WRITETEXT); ++ if(*fh) ++ return CURLE_OK; ++ goto fail; ++ } ++ ++ result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix)); ++ if(result) ++ goto fail; ++ ++ tempstore = aprintf("%s.%s.tmp", filename, randsuffix); ++ if(!tempstore) { ++ result = CURLE_OUT_OF_MEMORY; ++ goto fail; ++ } ++ ++ result = CURLE_WRITE_ERROR; ++ fd = open(tempstore, O_WRONLY | O_CREAT | O_EXCL, 0600); ++ if(fd == -1) ++ goto fail; ++ ++#ifdef HAVE_FCHMOD ++ { ++ struct_stat nsb; ++ if((fstat(fd, &nsb) != -1) && ++ (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) { ++ /* if the user and group are the same, clone the original mode */ ++ if(fchmod(fd, sb.st_mode) == -1) ++ goto fail; ++ } ++ } ++#endif ++ ++ *fh = fdopen(fd, FOPEN_WRITETEXT); ++ if(!*fh) ++ goto fail; ++ ++ *tempname = tempstore; ++ return CURLE_OK; ++ ++fail: ++ if(fd != -1) { ++ close(fd); ++ unlink(tempstore); ++ } ++ ++ free(tempstore); ++ ++ *tempname = NULL; ++ return result; ++} ++ ++#endif /* ! disabled */ +diff --git a/lib/fopen.h b/lib/fopen.h +new file mode 100644 +index 0000000..289e55f +--- /dev/null ++++ b/lib/fopen.h +@@ -0,0 +1,30 @@ ++#ifndef HEADER_CURL_FOPEN_H ++#define HEADER_CURL_FOPEN_H ++/*************************************************************************** ++ * _ _ ____ _ ++ * Project ___| | | | _ \| | ++ * / __| | | | |_) | | ++ * | (__| |_| | _ <| |___ ++ * \___|\___/|_| \_\_____| ++ * ++ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. ++ * ++ * This software is licensed as described in the file COPYING, which ++ * you should have received as part of this distribution. The terms ++ * are also available at https://curl.se/docs/copyright.html. ++ * ++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell ++ * copies of the Software, and permit persons to whom the Software is ++ * furnished to do so, under the terms of the COPYING file. ++ * ++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY ++ * KIND, either express or implied. ++ * ++ * SPDX-License-Identifier: curl ++ * ++ ***************************************************************************/ ++ ++CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, ++ FILE **fh, char **tempname); ++ ++#endif diff --git a/meta/recipes-support/curl/curl/CVE-2022-32208.patch b/meta/recipes-support/curl/curl/CVE-2022-32208.patch new file mode 100644 index 0000000000..9a4e398370 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-32208.patch @@ -0,0 +1,67 @@ +From fd2ffddec315c029e923e6e6f2c049809d01a5fc Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Thu, 9 Jun 2022 09:27:24 +0200 +Subject: [PATCH] krb5: return error properly on decode errors + +Bug: https://curl.se/docs/CVE-2022-32208.html +CVE-2022-32208 +Reported-by: Harry Sintonen +Closes #9051 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/6ecdf5136b52af7] +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> +--- + lib/krb5.c | 18 +++++++++++------- + 1 file changed, 11 insertions(+), 7 deletions(-) + +diff --git a/lib/krb5.c b/lib/krb5.c +index 787137c..6f9e1f7 100644 +--- a/lib/krb5.c ++++ b/lib/krb5.c +@@ -140,11 +140,8 @@ krb5_decode(void *app_data, void *buf, int len, + enc.value = buf; + enc.length = len; + maj = gss_unwrap(&min, *context, &enc, &dec, NULL, NULL); +- if(maj != GSS_S_COMPLETE) { +- if(len >= 4) +- strcpy(buf, "599 "); ++ if(maj != GSS_S_COMPLETE) + return -1; +- } + + memcpy(buf, dec.value, dec.length); + len = curlx_uztosi(dec.length); +@@ -506,6 +503,7 @@ static CURLcode read_data(struct connectdata *conn, + { + int len; + CURLcode result; ++ int nread; + + result = socket_read(fd, &len, sizeof(len)); + if(result) +@@ -514,7 +512,10 @@ static CURLcode read_data(struct connectdata *conn, + if(len) { + /* only realloc if there was a length */ + len = ntohl(len); +- buf->data = Curl_saferealloc(buf->data, len); ++ if(len > CURL_MAX_INPUT_LENGTH) ++ len = 0; ++ else ++ buf->data = Curl_saferealloc(buf->data, len); + } + if(!len || !buf->data) + return CURLE_OUT_OF_MEMORY; +@@ -522,8 +523,11 @@ static CURLcode read_data(struct connectdata *conn, + result = socket_read(fd, buf->data, len); + if(result) + return result; +- buf->size = conn->mech->decode(conn->app_data, buf->data, len, +- conn->data_prot, conn); ++ nread = conn->mech->decode(conn->app_data, buf->data, len, ++ conn->data_prot, conn); ++ if(nread < 0) ++ return CURLE_RECV_ERROR; ++ buf->size = (size_t)nread; + buf->index = 0; + return CURLE_OK; + } diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index d5dfe62a39..67de0220c6 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -24,6 +24,10 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2022-27782-1.patch \ file://CVE-2022-27782-2.patch \ file://0001-openssl-fix-CN-check-error-code.patch \ + file://CVE-2022-32205.patch \ + file://CVE-2022-32206.patch \ + file://CVE-2022-32207.patch \ + file://CVE-2022-32208.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" diff --git a/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch b/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch index b58fbfe6f5..c4ede9ea5e 100644 --- a/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch +++ b/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch @@ -1,4 +1,4 @@ -From bdde1faa774753e29d582d79186e08a38597de9e Mon Sep 17 00:00:00 2001 +From 89b98553084fbefe1ef2c7cbff9e72cf43144c49 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Mon, 22 Jan 2018 18:00:21 +0200 Subject: [PATCH] configure.ac: use a custom value for the location of @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 5cdd316..e5f2d6a 100644 +index d86c60e..65c22b2 100644 --- a/configure.ac +++ b/configure.ac -@@ -1962,7 +1962,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", +@@ -1955,7 +1955,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool]) diff --git a/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch b/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch deleted file mode 100644 index b4106d3620..0000000000 --- a/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 9ace8f1b68ab708c44dce4c0152b975fbceb0398 Mon Sep 17 00:00:00 2001 -From: Saul Wold <sgw@linux.intel.com> -Date: Wed, 16 Aug 2017 11:18:01 +0800 -Subject: [PATCH] dirmngr uses libgpg error - -Upstream-Status: Pending -Signed-off-by: Saul Wold <sgw@linux.intel.com> - -Rebase to 2.1.23 - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> - ---- - dirmngr/Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am -index 77ca3f5..1446775 100644 ---- a/dirmngr/Makefile.am -+++ b/dirmngr/Makefile.am -@@ -86,7 +86,7 @@ endif - dirmngr_LDADD = $(libcommonpth) \ - $(DNSLIBS) $(LIBASSUAN_LIBS) \ - $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(NPTH_LIBS) \ -- $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) $(NETLIBS) -+ $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) $(NETLIBS) $(GPG_ERROR_LIBS) - if USE_LDAP - dirmngr_LDADD += $(ldaplibs) - endif diff --git a/meta/recipes-support/gnupg/gnupg/relocate.patch b/meta/recipes-support/gnupg/gnupg/relocate.patch index 74f48e9582..43999b8a6d 100644 --- a/meta/recipes-support/gnupg/gnupg/relocate.patch +++ b/meta/recipes-support/gnupg/gnupg/relocate.patch @@ -1,4 +1,4 @@ -From 1e34e1d477f843c0ee2f1a3fddc20201f0233e81 Mon Sep 17 00:00:00 2001 +From 89ae4f03307104689e1857d9857d452af6b35ac4 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Wed, 19 Sep 2018 14:44:40 +0100 Subject: [PATCH] Allow the environment to override where gnupg looks for its @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex@linutronix.de> 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/common/homedir.c b/common/homedir.c -index 174d961..f4c25fb 100644 +index 260aeb2..1aeb08d 100644 --- a/common/homedir.c +++ b/common/homedir.c -@@ -1161,7 +1161,7 @@ gnupg_socketdir (void) +@@ -1143,7 +1143,7 @@ gnupg_socketdir (void) if (!name) { unsigned int dummy; @@ -26,7 +26,7 @@ index 174d961..f4c25fb 100644 gpgrt_annotate_leaked_object (name); } -@@ -1193,7 +1193,7 @@ gnupg_sysconfdir (void) +@@ -1175,7 +1175,7 @@ gnupg_sysconfdir (void) if (dir) return dir; else @@ -35,7 +35,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1229,7 +1229,7 @@ gnupg_bindir (void) +@@ -1211,7 +1211,7 @@ gnupg_bindir (void) return name; } else @@ -44,7 +44,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1256,7 +1256,7 @@ gnupg_libexecdir (void) +@@ -1238,7 +1238,7 @@ gnupg_libexecdir (void) return name; } else @@ -53,7 +53,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1286,7 +1286,7 @@ gnupg_libdir (void) +@@ -1268,7 +1268,7 @@ gnupg_libdir (void) return name; } else @@ -62,7 +62,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1317,7 +1317,7 @@ gnupg_datadir (void) +@@ -1299,7 +1299,7 @@ gnupg_datadir (void) return name; } else @@ -71,7 +71,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1349,7 +1349,7 @@ gnupg_localedir (void) +@@ -1331,7 +1331,7 @@ gnupg_localedir (void) return name; } else diff --git a/meta/recipes-support/gnupg/gnupg_2.3.4.bb b/meta/recipes-support/gnupg/gnupg_2.3.7.bb index d27bddb8bd..da2b1c4deb 100644 --- a/meta/recipes-support/gnupg/gnupg_2.3.4.bb +++ b/meta/recipes-support/gnupg/gnupg_2.3.7.bb @@ -16,7 +16,6 @@ inherit autotools gettext texinfo pkgconfig UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ file://0002-use-pkgconfig-instead-of-npth-config.patch \ - file://0003-dirmngr-uses-libgpg-error.patch \ file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \ file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \ " @@ -24,7 +23,7 @@ SRC_URI:append:class-native = " file://0001-configure.ac-use-a-custom-value-for- file://relocate.patch" SRC_URI:append:class-nativesdk = " file://relocate.patch" -SRC_URI[sha256sum] = "f3468ecafb1d7f9ad7b51fd1db7aebf17ceb89d2efa8a05cf2f39b4d405402ae" +SRC_URI[sha256sum] = "ee163a5fb9ec99ffc1b18e65faef8d086800c5713d15a672ab57d3799da83669" EXTRA_OECONF = "--disable-ldap \ --disable-ccid-driver \ diff --git a/meta/recipes-support/libsoup/libsoup_3.0.6.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb index 17825ae6a4..59cc4a1d0a 100644 --- a/meta/recipes-support/libsoup/libsoup_3.0.6.bb +++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb @@ -12,7 +12,7 @@ DEPENDS = "glib-2.0 glib-2.0-native libxml2 sqlite3 libpsl nghttp2" SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}" SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz" -SRC_URI[sha256sum] = "b45d59f840b9acf9bb45fd45854e3ef672f57e3ab957401c3ad8d7502ac23da6" +SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8" PROVIDES = "libsoup-3.0" CVE_PRODUCT = "libsoup" diff --git a/meta/recipes-support/vim/files/crosscompile.patch b/meta/recipes-support/vim/files/crosscompile.patch new file mode 100644 index 0000000000..583d3fc7b0 --- /dev/null +++ b/meta/recipes-support/vim/files/crosscompile.patch @@ -0,0 +1,51 @@ +configure.ac: Fix create_timer solaris test for cross compiling + +A runtime test was added for create_timer however this meant cross compiling +would no longer work. Allow a cache value to be specified to allow cross +compiling again. + +Signed-off-by: Richard Purdie richard.purdie@linuxfoundation.org + +Upstream-Status: Submitted [https://github.com/vim/vim/pull/10777] + +Index: git/src/configure.ac +=================================================================== +--- git.orig/src/configure.ac ++++ git/src/configure.ac +@@ -3814,7 +3814,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM( + dnl Check for timer_create. It probably requires the 'rt' library. + dnl Run the program to find out if timer_create(CLOCK_MONOTONIC) actually + dnl works, on Solaris timer_create() exists but fails at runtime. +-AC_MSG_CHECKING([for timer_create]) ++AC_CACHE_CHECK([for timer_create], [vim_cv_timer_create], + save_LIBS="$LIBS" + LIBS="$LIBS -lrt" + AC_RUN_IFELSE([AC_LANG_PROGRAM([ +@@ -3831,7 +3831,7 @@ static void set_flag(union sigval sv) {} + if (timer_create(CLOCK_MONOTONIC, &action, &timer_id) < 0) + exit(1); // cannot create a monotonic timer + ])], +- AC_MSG_RESULT(yes; with -lrt); AC_DEFINE(HAVE_TIMER_CREATE), ++ AC_MSG_NOTICE(timer_create with -lrt); vim_cv_timer_create=yes, + LIBS="$save_LIBS" + AC_RUN_IFELSE([AC_LANG_PROGRAM([ + #include<signal.h> +@@ -3847,8 +3847,16 @@ static void set_flag(union sigval sv) {} + if (timer_create(CLOCK_MONOTONIC, &action, &timer_id) < 0) + exit(1); // cannot create a monotonic timer + ])], +- AC_MSG_RESULT(yes); AC_DEFINE(HAVE_TIMER_CREATE), +- AC_MSG_RESULT(no))) ++ vim_cv_timer_create=yes, ++ vim_cv_timer_create=no), ++ AC_MSG_ERROR(cross-compiling: please set 'vim_cv_timer_create') ++ ) ++) ++ ++if test "x$vim_cv_timer_create" = "xyes" ; then ++ AC_DEFINE(HAVE_TIMER_CREATE) ++fi ++ + + AC_CACHE_CHECK([whether stat() ignores a trailing slash], [vim_cv_stat_ignores_slash], + [ diff --git a/meta/recipes-support/vim/files/racefix.patch b/meta/recipes-support/vim/files/racefix.patch index 1cb8fb442f..34bd37d650 100644 --- a/meta/recipes-support/vim/files/racefix.patch +++ b/meta/recipes-support/vim/files/racefix.patch @@ -1,9 +1,13 @@ +po/Makefile: Avoid race over LINGUAS file + The creation of the LINGUAS file is duplicated for each desktop file -which can lead the commands to race against each other. Rework -the makefile to avoid this as the expense of leaving the file on disk. +which can lead the commands to race against each other. One target might +remove it before another has been able to use it. Rework the makefile to +avoid this as the expense of leaving the file on disk. + +Signed-off-by: Richard Purdie richard.purdie@linuxfoundation.org -Upstream-Status: Pending -RP 2021/2/15 +Upstream-Status: Submitted [https://github.com/vim/vim/pull/10776] Index: git/src/po/Makefile =================================================================== diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index b85f34d6c8..31229534e4 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -19,10 +19,11 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ file://racefix.patch \ + file://crosscompile.patch \ " -PV .= ".0005" -SRCREV = "040674129f3382822eeb7b590380efa5228124a8" +PV .= ".0063" +SRCREV = "d61efa50f8f5b9d9dcbc136705cc33874f0fdcb3" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" @@ -95,6 +96,10 @@ EXTRA_OECONF = " \ STRIP=/bin/true \ " +# Some host distros don't have it, disable consistently +EXTRA_OECONF:append:class-native = " vim_cv_timer_create=no" +EXTRA_OECONF:append:class-target = " vim_cv_timer_create=yes" + do_install() { autotools_do_install diff --git a/scripts/lib/devtool/standard.py b/scripts/lib/devtool/standard.py index 4b50e3c63b..c98bfe8195 100644 --- a/scripts/lib/devtool/standard.py +++ b/scripts/lib/devtool/standard.py @@ -520,7 +520,9 @@ def _extract_source(srctree, keep_temp, devbranch, sync, config, basepath, works for event in history: if not 'flag' in event: if event['op'].startswith((':append[', ':prepend[')): - extra_overrides.append(event['op'].split('[')[1].split(']')[0]) + override = event['op'].split('[')[1].split(']')[0] + if not override.startswith('pn-'): + extra_overrides.append(override) # We want to remove duplicate overrides. If a recipe had multiple # SRC_URI_override += values it would cause mulitple instances of # overrides. This doesn't play nicely with things like creating a @@ -1604,6 +1606,19 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil if not os.path.exists(append): raise DevtoolError('unable to find workspace bbappend for recipe %s' % recipename) + srctreebase = workspace[recipename]['srctreebase'] + relpatchdir = os.path.relpath(srctreebase, srctree) + if relpatchdir == '.': + patchdir_params = {} + else: + patchdir_params = {'patchdir': relpatchdir} + + def srcuri_entry(fname): + if patchdir_params: + paramstr = ';' + ';'.join('%s=%s' % (k,v) for k,v in patchdir_params.items()) + else: + paramstr = '' + return 'file://%s%s' % (basepath, paramstr) initial_rev, update_rev, changed_revs, filter_patches = _get_patchset_revs(srctree, append, initial_rev, force_patch_refresh) if not initial_rev: @@ -1625,7 +1640,6 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil new_f = {} del_f = {} else: - srctreebase = workspace[recipename]['srctreebase'] upd_f, new_f, del_f = _export_local_files(srctree, rd, local_files_dir, srctreebase) remove_files = [] @@ -1661,14 +1675,15 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil removedentries, remaining = _remove_file_entries( srcuri, remove_files) if removedentries or remaining: - remaining = ['file://' + os.path.basename(item) for + remaining = [srcuri_entry(os.path.basename(item)) for item in remaining] removevalues = {'SRC_URI': removedentries + remaining} appendfile, destpath = oe.recipeutils.bbappend_recipe( rd, appendlayerdir, files, wildcardver=wildcard_version, removevalues=removevalues, - redirect_output=dry_run_outdir) + redirect_output=dry_run_outdir, + params=[patchdir_params] * len(files)) else: logger.info('No patches or local source files needed updating') else: @@ -1692,7 +1707,7 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil # replace the entry in SRC_URI with our local version logger.info('Replacing remote patch %s with updated local version' % basepath) path = os.path.join(files_dir, basepath) - _replace_srcuri_entry(srcuri, basepath, 'file://%s' % basepath) + _replace_srcuri_entry(srcuri, basepath, srcuri_entry(basepath)) updaterecipe = True else: logger.info('Updating patch %s%s' % (basepath, dry_run_suffix)) @@ -1706,7 +1721,7 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil os.path.join(files_dir, basepath), dry_run_outdir=dry_run_outdir, base_outdir=recipedir) - srcuri.append('file://%s' % basepath) + srcuri.append(srcuri_entry(basepath)) updaterecipe = True for basepath, path in new_p.items(): logger.info('Adding new patch %s%s' % (basepath, dry_run_suffix)) @@ -1714,7 +1729,7 @@ def _update_recipe_patch(recipename, workspace, srctree, rd, appendlayerdir, wil os.path.join(files_dir, basepath), dry_run_outdir=dry_run_outdir, base_outdir=recipedir) - srcuri.append('file://%s' % basepath) + srcuri.append(srcuri_entry(basepath)) updaterecipe = True # Update recipe, if needed if _remove_file_entries(srcuri, remove_files)[0]: diff --git a/scripts/lib/wic/plugins/source/rootfs.py b/scripts/lib/wic/plugins/source/rootfs.py index 25bb41dd70..fc06312ee4 100644 --- a/scripts/lib/wic/plugins/source/rootfs.py +++ b/scripts/lib/wic/plugins/source/rootfs.py @@ -35,7 +35,7 @@ class RootfsPlugin(SourcePlugin): @staticmethod def __validate_path(cmd, rootfs_dir, path): if os.path.isabs(path): - logger.error("%s: Must be relative: %s" % (cmd, orig_path)) + logger.error("%s: Must be relative: %s" % (cmd, path)) sys.exit(1) # Disallow climbing outside of parent directory using '..', |