* [warrior 01/10] python: update to 3.7.3
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 02/10] python3: upgrade 3.7.3 -> 3.7.4 Armin Kuster
` (8 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Alexander Kanavin <alex.kanavin@gmail.com>
License-update: copyright years
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ Backported patches removed. ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
...ysconfig-append-STAGING_LIBDIR-python-sys.patch | 2 +-
...2-distutils-prefix-is-inside-staging-area.patch | 2 +-
.../python/python3/CVE-2018-20852.patch | 124 -----------------
.../python/python3/CVE-2019-9636.patch | 154 ---------------------
.../python/{python3_3.7.2.bb => python3_3.7.3.bb} | 8 +-
5 files changed, 5 insertions(+), 285 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
rename meta/recipes-devtools/python/{python3_3.7.2.bb => python3_3.7.3.bb} (97%)
diff --git a/meta/recipes-devtools/python/python3/0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch b/meta/recipes-devtools/python/python3/0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch
index 8083345..1741f57 100644
--- a/meta/recipes-devtools/python/python3/0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch
+++ b/meta/recipes-devtools/python/python3/0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch
@@ -1,4 +1,4 @@
-From 4865615a2bc2b78c739e4c33f536712c7f9af061 Mon Sep 17 00:00:00 2001
+From 17796e353acf08acd604610f34840a4a9d2f4b54 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Thu, 31 Jan 2019 16:46:30 +0100
Subject: [PATCH] distutils/sysconfig: append
diff --git a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch
index dcc0932..3521317 100644
--- a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch
+++ b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch
@@ -1,4 +1,4 @@
-From 1397979ee445ff6826aa5469511e003539f77bb2 Mon Sep 17 00:00:00 2001
+From 12900d498bb77bcc990868a80eaf0ab257b88fff Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 14 May 2013 15:00:26 -0700
Subject: [PATCH] python3: Add target and native recipes
diff --git a/meta/recipes-devtools/python/python3/CVE-2018-20852.patch b/meta/recipes-devtools/python/python3/CVE-2018-20852.patch
deleted file mode 100644
index ff671d3..0000000
--- a/meta/recipes-devtools/python/python3/CVE-2018-20852.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-From e5123d81ffb3be35a1b2767d6ced1a097aaf77be Mon Sep 17 00:00:00 2001
-From: "Miss Islington (bot)"
- <31488909+miss-islington@users.noreply.github.com>
-Date: Sat, 9 Mar 2019 18:58:25 -0800
-Subject: [PATCH] bpo-35121: prefix dot in domain for proper subdomain
- validation (GH-10258) (GH-12261)
-
-Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with `http.cookiejar.DefaultCookiePolicy` policy. Patch by Karthikeyan Singaravelan.
-(cherry picked from commit ca7fe5063593958e5efdf90f068582837f07bd14)
-
-Co-authored-by: Xtreak <tir.karthi@gmail.com>
-Upstream-Status: Backport
-CVE: CVE-2018-20852
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- Lib/http/cookiejar.py | 13 ++++++--
- Lib/test/test_http_cookiejar.py | 30 +++++++++++++++++++
- .../2018-10-31-15-39-17.bpo-35121.EgHv9k.rst | 4 +++
- 3 files changed, 45 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2018-10-31-15-39-17.bpo-35121.EgHv9k.rst
-
-diff --git a/Lib/http/cookiejar.py b/Lib/http/cookiejar.py
-index e0f1032b2816..00cb1250a07e 100644
---- a/Lib/http/cookiejar.py
-+++ b/Lib/http/cookiejar.py
-@@ -1145,6 +1145,11 @@ def return_ok_domain(self, cookie, request):
- req_host, erhn = eff_request_host(request)
- domain = cookie.domain
-
-+ if domain and not domain.startswith("."):
-+ dotdomain = "." + domain
-+ else:
-+ dotdomain = domain
-+
- # strict check of non-domain cookies: Mozilla does this, MSIE5 doesn't
- if (cookie.version == 0 and
- (self.strict_ns_domain & self.DomainStrictNonDomain) and
-@@ -1157,7 +1162,7 @@ def return_ok_domain(self, cookie, request):
- _debug(" effective request-host name %s does not domain-match "
- "RFC 2965 cookie domain %s", erhn, domain)
- return False
-- if cookie.version == 0 and not ("."+erhn).endswith(domain):
-+ if cookie.version == 0 and not ("."+erhn).endswith(dotdomain):
- _debug(" request-host %s does not match Netscape cookie domain "
- "%s", req_host, domain)
- return False
-@@ -1171,7 +1176,11 @@ def domain_return_ok(self, domain, request):
- req_host = "."+req_host
- if not erhn.startswith("."):
- erhn = "."+erhn
-- if not (req_host.endswith(domain) or erhn.endswith(domain)):
-+ if domain and not domain.startswith("."):
-+ dotdomain = "." + domain
-+ else:
-+ dotdomain = domain
-+ if not (req_host.endswith(dotdomain) or erhn.endswith(dotdomain)):
- #_debug(" request domain %s does not match cookie domain %s",
- # req_host, domain)
- return False
-diff --git a/Lib/test/test_http_cookiejar.py b/Lib/test/test_http_cookiejar.py
-index abc625d672a7..6e1b30881310 100644
---- a/Lib/test/test_http_cookiejar.py
-+++ b/Lib/test/test_http_cookiejar.py
-@@ -415,6 +415,7 @@ def test_domain_return_ok(self):
- ("http://foo.bar.com/", ".foo.bar.com", True),
- ("http://foo.bar.com/", "foo.bar.com", True),
- ("http://foo.bar.com/", ".bar.com", True),
-+ ("http://foo.bar.com/", "bar.com", True),
- ("http://foo.bar.com/", "com", True),
- ("http://foo.com/", "rhubarb.foo.com", False),
- ("http://foo.com/", ".foo.com", True),
-@@ -425,6 +426,8 @@ def test_domain_return_ok(self):
- ("http://foo/", "foo", True),
- ("http://foo/", "foo.local", True),
- ("http://foo/", ".local", True),
-+ ("http://barfoo.com", ".foo.com", False),
-+ ("http://barfoo.com", "foo.com", False),
- ]:
- request = urllib.request.Request(url)
- r = pol.domain_return_ok(domain, request)
-@@ -959,6 +962,33 @@ def test_domain_block(self):
- c.add_cookie_header(req)
- self.assertFalse(req.has_header("Cookie"))
-
-+ c.clear()
-+
-+ pol.set_blocked_domains([])
-+ req = urllib.request.Request("http://acme.com/")
-+ res = FakeResponse(headers, "http://acme.com/")
-+ cookies = c.make_cookies(res, req)
-+ c.extract_cookies(res, req)
-+ self.assertEqual(len(c), 1)
-+
-+ req = urllib.request.Request("http://acme.com/")
-+ c.add_cookie_header(req)
-+ self.assertTrue(req.has_header("Cookie"))
-+
-+ req = urllib.request.Request("http://badacme.com/")
-+ c.add_cookie_header(req)
-+ self.assertFalse(pol.return_ok(cookies[0], req))
-+ self.assertFalse(req.has_header("Cookie"))
-+
-+ p = pol.set_blocked_domains(["acme.com"])
-+ req = urllib.request.Request("http://acme.com/")
-+ c.add_cookie_header(req)
-+ self.assertFalse(req.has_header("Cookie"))
-+
-+ req = urllib.request.Request("http://badacme.com/")
-+ c.add_cookie_header(req)
-+ self.assertFalse(req.has_header("Cookie"))
-+
- def test_secure(self):
- for ns in True, False:
- for whitespace in " ", "":
-diff --git a/Misc/NEWS.d/next/Security/2018-10-31-15-39-17.bpo-35121.EgHv9k.rst b/Misc/NEWS.d/next/Security/2018-10-31-15-39-17.bpo-35121.EgHv9k.rst
-new file mode 100644
-index 000000000000..d2eb8f1f352c
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2018-10-31-15-39-17.bpo-35121.EgHv9k.rst
-@@ -0,0 +1,4 @@
-+Don't send cookies of domain A without Domain attribute to domain B
-+when domain A is a suffix match of domain B while using a cookiejar
-+with :class:`http.cookiejar.DefaultCookiePolicy` policy. Patch by
-+Karthikeyan Singaravelan.
diff --git a/meta/recipes-devtools/python/python3/CVE-2019-9636.patch b/meta/recipes-devtools/python/python3/CVE-2019-9636.patch
deleted file mode 100644
index 72128f0..0000000
--- a/meta/recipes-devtools/python/python3/CVE-2019-9636.patch
+++ /dev/null
@@ -1,154 +0,0 @@
-From daad2c482c91de32d8305abbccc76a5de8b3a8be Mon Sep 17 00:00:00 2001
-From: Steve Dower <steve.dower@microsoft.com>
-Date: Thu, 7 Mar 2019 09:08:18 -0800
-Subject: [PATCH] bpo-36216: Add check for characters in netloc that normalize
- to separators (GH-12201)
-
-Upstream-Status: Backport
-CVE: CVE-2019-9636
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-
----
- Doc/library/urllib.parse.rst | 18 +++++++++++++++
- Lib/test/test_urlparse.py | 23 +++++++++++++++++++
- Lib/urllib/parse.py | 17 ++++++++++++++
- .../2019-03-06-09-38-40.bpo-36216.6q1m4a.rst | 3 +++
- 4 files changed, 61 insertions(+)
- create mode 100644 Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
-
-diff --git a/Doc/library/urllib.parse.rst b/Doc/library/urllib.parse.rst
-index 0c8f0f607314..b565e1edd321 100644
---- a/Doc/library/urllib.parse.rst
-+++ b/Doc/library/urllib.parse.rst
-@@ -124,6 +124,11 @@ or on combining URL components into a URL string.
- Unmatched square brackets in the :attr:`netloc` attribute will raise a
- :exc:`ValueError`.
-
-+ Characters in the :attr:`netloc` attribute that decompose under NFKC
-+ normalization (as used by the IDNA encoding) into any of ``/``, ``?``,
-+ ``#``, ``@``, or ``:`` will raise a :exc:`ValueError`. If the URL is
-+ decomposed before parsing, no error will be raised.
-+
- .. versionchanged:: 3.2
- Added IPv6 URL parsing capabilities.
-
-@@ -136,6 +141,10 @@ or on combining URL components into a URL string.
- Out-of-range port numbers now raise :exc:`ValueError`, instead of
- returning :const:`None`.
-
-+ .. versionchanged:: 3.7.3
-+ Characters that affect netloc parsing under NFKC normalization will
-+ now raise :exc:`ValueError`.
-+
-
- .. function:: parse_qs(qs, keep_blank_values=False, strict_parsing=False, encoding='utf-8', errors='replace', max_num_fields=None)
-
-@@ -257,10 +266,19 @@ or on combining URL components into a URL string.
- Unmatched square brackets in the :attr:`netloc` attribute will raise a
- :exc:`ValueError`.
-
-+ Characters in the :attr:`netloc` attribute that decompose under NFKC
-+ normalization (as used by the IDNA encoding) into any of ``/``, ``?``,
-+ ``#``, ``@``, or ``:`` will raise a :exc:`ValueError`. If the URL is
-+ decomposed before parsing, no error will be raised.
-+
- .. versionchanged:: 3.6
- Out-of-range port numbers now raise :exc:`ValueError`, instead of
- returning :const:`None`.
-
-+ .. versionchanged:: 3.7.3
-+ Characters that affect netloc parsing under NFKC normalization will
-+ now raise :exc:`ValueError`.
-+
-
- .. function:: urlunsplit(parts)
-
-diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
-index be50b47603aa..e6638aee2244 100644
---- a/Lib/test/test_urlparse.py
-+++ b/Lib/test/test_urlparse.py
-@@ -1,3 +1,5 @@
-+import sys
-+import unicodedata
- import unittest
- import urllib.parse
-
-@@ -984,6 +986,27 @@ def test_all(self):
- expected.append(name)
- self.assertCountEqual(urllib.parse.__all__, expected)
-
-+ def test_urlsplit_normalization(self):
-+ # Certain characters should never occur in the netloc,
-+ # including under normalization.
-+ # Ensure that ALL of them are detected and cause an error
-+ illegal_chars = '/:#?@'
-+ hex_chars = {'{:04X}'.format(ord(c)) for c in illegal_chars}
-+ denorm_chars = [
-+ c for c in map(chr, range(128, sys.maxunicode))
-+ if (hex_chars & set(unicodedata.decomposition(c).split()))
-+ and c not in illegal_chars
-+ ]
-+ # Sanity check that we found at least one such character
-+ self.assertIn('\u2100', denorm_chars)
-+ self.assertIn('\uFF03', denorm_chars)
-+
-+ for scheme in ["http", "https", "ftp"]:
-+ for c in denorm_chars:
-+ url = "{}://netloc{}false.netloc/path".format(scheme, c)
-+ with self.subTest(url=url, char='{:04X}'.format(ord(c))):
-+ with self.assertRaises(ValueError):
-+ urllib.parse.urlsplit(url)
-
- class Utility_Tests(unittest.TestCase):
- """Testcase to test the various utility functions in the urllib."""
-diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py
-index f691ab74f87f..39c5d6a80824 100644
---- a/Lib/urllib/parse.py
-+++ b/Lib/urllib/parse.py
-@@ -391,6 +391,21 @@ def _splitnetloc(url, start=0):
- delim = min(delim, wdelim) # use earliest delim position
- return url[start:delim], url[delim:] # return (domain, rest)
-
-+def _checknetloc(netloc):
-+ if not netloc or netloc.isascii():
-+ return
-+ # looking for characters like \u2100 that expand to 'a/c'
-+ # IDNA uses NFKC equivalence, so normalize for this check
-+ import unicodedata
-+ netloc2 = unicodedata.normalize('NFKC', netloc)
-+ if netloc == netloc2:
-+ return
-+ _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay
-+ for c in '/?#@:':
-+ if c in netloc2:
-+ raise ValueError("netloc '" + netloc2 + "' contains invalid " +
-+ "characters under NFKC normalization")
-+
- def urlsplit(url, scheme='', allow_fragments=True):
- """Parse a URL into 5 components:
- <scheme>://<netloc>/<path>?<query>#<fragment>
-@@ -419,6 +434,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
- url, fragment = url.split('#', 1)
- if '?' in url:
- url, query = url.split('?', 1)
-+ _checknetloc(netloc)
- v = SplitResult('http', netloc, url, query, fragment)
- _parse_cache[key] = v
- return _coerce_result(v)
-@@ -442,6 +458,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
- url, fragment = url.split('#', 1)
- if '?' in url:
- url, query = url.split('?', 1)
-+ _checknetloc(netloc)
- v = SplitResult(scheme, netloc, url, query, fragment)
- _parse_cache[key] = v
- return _coerce_result(v)
-diff --git a/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
-new file mode 100644
-index 000000000000..5546394157f9
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
-@@ -0,0 +1,3 @@
-+Changes urlsplit() to raise ValueError when the URL contains characters that
-+decompose under IDNA encoding (NFKC-normalization) into characters that
-+affect how the URL is parsed.
diff --git a/meta/recipes-devtools/python/python3_3.7.2.bb b/meta/recipes-devtools/python/python3_3.7.3.bb
similarity index 97%
rename from meta/recipes-devtools/python/python3_3.7.2.bb
rename to meta/recipes-devtools/python/python3_3.7.3.bb
index 6da806b..1f1441f 100644
--- a/meta/recipes-devtools/python/python3_3.7.2.bb
+++ b/meta/recipes-devtools/python/python3_3.7.3.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "http://www.python.org"
LICENSE = "PSFv2"
SECTION = "devel/python"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f257cc14f81685691652a3d3e1b5d754"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e466242989bd33c1bd2b6a526a742498"
SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://run-ptest \
@@ -22,8 +22,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0002-Don-t-do-runtime-test-to-get-float-byte-order.patch \
file://0003-setup.py-pass-missing-libraries-to-Extension-for-mul.patch \
file://0001-Lib-sysconfig.py-fix-another-place-where-lib-is-hard.patch \
- file://CVE-2018-20852.patch \
- file://CVE-2019-9636.patch \
file://CVE-2019-9740.patch \
"
@@ -35,8 +33,8 @@ SRC_URI_append_class-nativesdk = " \
file://0001-main.c-if-OEPYTHON3HOME-is-set-use-instead-of-PYTHON.patch \
"
-SRC_URI[md5sum] = "df6ec36011808205beda239c72f947cb"
-SRC_URI[sha256sum] = "d83fe8ce51b1bb48bbcf0550fd265b9a75cdfdfa93f916f9e700aef8444bf1bb"
+SRC_URI[md5sum] = "93df27aec0cd18d6d42173e601ffbbfd"
+SRC_URI[sha256sum] = "da60b54064d4cfcd9c26576f6df2690e62085123826cff2e667e72a91952d318"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 02/10] python3: upgrade 3.7.3 -> 3.7.4
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
2019-10-08 15:04 ` [warrior 01/10] python: update to 3.7.3 Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 03/10] json-c: Don't --enable-rdrand Armin Kuster
` (7 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
Also fixes CVE-2019-9740, CVE-2019-9948. For details, see:
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-4-final
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ Backported patch removed. ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../python/python3/CVE-2019-9740.patch | 151 ---------------------
.../python/{python3_3.7.3.bb => python3_3.7.4.bb} | 5 +-
2 files changed, 2 insertions(+), 154 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
rename meta/recipes-devtools/python/{python3_3.7.3.bb => python3_3.7.4.bb} (98%)
diff --git a/meta/recipes-devtools/python/python3/CVE-2019-9740.patch b/meta/recipes-devtools/python/python3/CVE-2019-9740.patch
deleted file mode 100644
index 9bb336d..0000000
--- a/meta/recipes-devtools/python/python3/CVE-2019-9740.patch
+++ /dev/null
@@ -1,151 +0,0 @@
-From 7e200e0763f5b71c199aaf98bd5588f291585619 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
-Date: Tue, 7 May 2019 17:28:47 +0200
-Subject: [PATCH] bpo-30458: Disallow control chars in http URLs. (GH-12755)
- (GH-13154)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Disallow control chars in http URLs in urllib.urlopen. This addresses a potential security problem for applications that do not sanity check their URLs where http request headers could be injected.
-
-Disable https related urllib tests on a build without ssl (GH-13032)
-These tests require an SSL enabled build. Skip these tests when python is built without SSL to fix test failures.
-
-Use http.client.InvalidURL instead of ValueError as the new error case's exception. (GH-13044)
-
-Backport Co-Authored-By: Miro Hrončok <miro@hroncok.cz>
-Upstream-Status: Backport[https://github.com/python/cpython/commit/7e200e0763f5b71c199aaf98bd5588f291585619]
-CVE: CVE-2019-9740
-CVE: CVE-2019-9947
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- Lib/http/client.py | 15 ++++++
- Lib/test/test_urllib.py | 53 +++++++++++++++++++
- Lib/test/test_xmlrpc.py | 7 ++-
- .../2019-04-10-08-53-30.bpo-30458.51E-DA.rst | 1 +
- 4 files changed, 75 insertions(+), 1 deletion(-)
- create mode 100644 Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst
-
-diff --git a/Lib/http/client.py b/Lib/http/client.py
-index 1de151c38e92..2afd452fe30f 100644
---- a/Lib/http/client.py
-+++ b/Lib/http/client.py
-@@ -140,6 +140,16 @@
- _is_legal_header_name = re.compile(rb'[^:\s][^:\r\n]*').fullmatch
- _is_illegal_header_value = re.compile(rb'\n(?![ \t])|\r(?![ \t\n])').search
-
-+# These characters are not allowed within HTTP URL paths.
-+# See https://tools.ietf.org/html/rfc3986#section-3.3 and the
-+# https://tools.ietf.org/html/rfc3986#appendix-A pchar definition.
-+# Prevents CVE-2019-9740. Includes control characters such as \r\n.
-+# We don't restrict chars above \x7f as putrequest() limits us to ASCII.
-+_contains_disallowed_url_pchar_re = re.compile('[\x00-\x20\x7f]')
-+# Arguably only these _should_ allowed:
-+# _is_allowed_url_pchars_re = re.compile(r"^[/!$&'()*+,;=:@%a-zA-Z0-9._~-]+$")
-+# We are more lenient for assumed real world compatibility purposes.
-+
- # We always set the Content-Length header for these methods because some
- # servers will otherwise respond with a 411
- _METHODS_EXPECTING_BODY = {'PATCH', 'POST', 'PUT'}
-@@ -1101,6 +1111,11 @@ def putrequest(self, method, url, skip_host=False,
- self._method = method
- if not url:
- url = '/'
-+ # Prevent CVE-2019-9740.
-+ match = _contains_disallowed_url_pchar_re.search(url)
-+ if match:
-+ raise InvalidURL(f"URL can't contain control characters. {url!r} "
-+ f"(found at least {match.group()!r})")
- request = '%s %s %s' % (method, url, self._http_vsn_str)
-
- # Non-ASCII characters should have been eliminated earlier
-diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
-index 2ac73b58d832..7214492eca9d 100644
---- a/Lib/test/test_urllib.py
-+++ b/Lib/test/test_urllib.py
-@@ -329,6 +329,59 @@ def test_willclose(self):
- finally:
- self.unfakehttp()
-
-+ @unittest.skipUnless(ssl, "ssl module required")
-+ def test_url_with_control_char_rejected(self):
-+ for char_no in list(range(0, 0x21)) + [0x7f]:
-+ char = chr(char_no)
-+ schemeless_url = f"//localhost:7777/test{char}/"
-+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
-+ try:
-+ # We explicitly test urllib.request.urlopen() instead of the top
-+ # level 'def urlopen()' function defined in this... (quite ugly)
-+ # test suite. They use different url opening codepaths. Plain
-+ # urlopen uses FancyURLOpener which goes via a codepath that
-+ # calls urllib.parse.quote() on the URL which makes all of the
-+ # above attempts at injection within the url _path_ safe.
-+ escaped_char_repr = repr(char).replace('\\', r'\\')
-+ InvalidURL = http.client.InvalidURL
-+ with self.assertRaisesRegex(
-+ InvalidURL, f"contain control.*{escaped_char_repr}"):
-+ urllib.request.urlopen(f"http:{schemeless_url}")
-+ with self.assertRaisesRegex(
-+ InvalidURL, f"contain control.*{escaped_char_repr}"):
-+ urllib.request.urlopen(f"https:{schemeless_url}")
-+ # This code path quotes the URL so there is no injection.
-+ resp = urlopen(f"http:{schemeless_url}")
-+ self.assertNotIn(char, resp.geturl())
-+ finally:
-+ self.unfakehttp()
-+
-+ @unittest.skipUnless(ssl, "ssl module required")
-+ def test_url_with_newline_header_injection_rejected(self):
-+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
-+ host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123"
-+ schemeless_url = "//" + host + ":8080/test/?test=a"
-+ try:
-+ # We explicitly test urllib.request.urlopen() instead of the top
-+ # level 'def urlopen()' function defined in this... (quite ugly)
-+ # test suite. They use different url opening codepaths. Plain
-+ # urlopen uses FancyURLOpener which goes via a codepath that
-+ # calls urllib.parse.quote() on the URL which makes all of the
-+ # above attempts at injection within the url _path_ safe.
-+ InvalidURL = http.client.InvalidURL
-+ with self.assertRaisesRegex(
-+ InvalidURL, r"contain control.*\\r.*(found at least . .)"):
-+ urllib.request.urlopen(f"http:{schemeless_url}")
-+ with self.assertRaisesRegex(InvalidURL, r"contain control.*\\n"):
-+ urllib.request.urlopen(f"https:{schemeless_url}")
-+ # This code path quotes the URL so there is no injection.
-+ resp = urlopen(f"http:{schemeless_url}")
-+ self.assertNotIn(' ', resp.geturl())
-+ self.assertNotIn('\r', resp.geturl())
-+ self.assertNotIn('\n', resp.geturl())
-+ finally:
-+ self.unfakehttp()
-+
- def test_read_0_9(self):
- # "0.9" response accepted (but not "simple responses" without
- # a status line)
-diff --git a/Lib/test/test_xmlrpc.py b/Lib/test/test_xmlrpc.py
-index 32263f7f0b3b..0e002ec4ef9f 100644
---- a/Lib/test/test_xmlrpc.py
-+++ b/Lib/test/test_xmlrpc.py
-@@ -945,7 +945,12 @@ def test_unicode_host(self):
- def test_partial_post(self):
- # Check that a partial POST doesn't make the server loop: issue #14001.
- conn = http.client.HTTPConnection(ADDR, PORT)
-- conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye')
-+ conn.send('POST /RPC2 HTTP/1.0\r\n'
-+ 'Content-Length: 100\r\n\r\n'
-+ 'bye HTTP/1.1\r\n'
-+ f'Host: {ADDR}:{PORT}\r\n'
-+ 'Accept-Encoding: identity\r\n'
-+ 'Content-Length: 0\r\n\r\n'.encode('ascii'))
- conn.close()
-
- def test_context_manager(self):
-diff --git a/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst b/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst
-new file mode 100644
-index 000000000000..ed8027fb4d64
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst
-@@ -0,0 +1 @@
-+Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an http.client.InvalidURL exception to be raised.
diff --git a/meta/recipes-devtools/python/python3_3.7.3.bb b/meta/recipes-devtools/python/python3_3.7.4.bb
similarity index 98%
rename from meta/recipes-devtools/python/python3_3.7.3.bb
rename to meta/recipes-devtools/python/python3_3.7.4.bb
index 1f1441f..dd16351 100644
--- a/meta/recipes-devtools/python/python3_3.7.3.bb
+++ b/meta/recipes-devtools/python/python3_3.7.4.bb
@@ -22,7 +22,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0002-Don-t-do-runtime-test-to-get-float-byte-order.patch \
file://0003-setup.py-pass-missing-libraries-to-Extension-for-mul.patch \
file://0001-Lib-sysconfig.py-fix-another-place-where-lib-is-hard.patch \
- file://CVE-2019-9740.patch \
"
SRC_URI_append_class-native = " \
@@ -33,8 +32,8 @@ SRC_URI_append_class-nativesdk = " \
file://0001-main.c-if-OEPYTHON3HOME-is-set-use-instead-of-PYTHON.patch \
"
-SRC_URI[md5sum] = "93df27aec0cd18d6d42173e601ffbbfd"
-SRC_URI[sha256sum] = "da60b54064d4cfcd9c26576f6df2690e62085123826cff2e667e72a91952d318"
+SRC_URI[md5sum] = "d33e4aae66097051c2eca45ee3604803"
+SRC_URI[sha256sum] = "fb799134b868199930b75f26678f18932214042639cd52b16da7fd134cd9b13f"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 03/10] json-c: Don't --enable-rdrand
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
2019-10-08 15:04 ` [warrior 01/10] python: update to 3.7.3 Armin Kuster
2019-10-08 15:04 ` [warrior 02/10] python3: upgrade 3.7.3 -> 3.7.4 Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 04/10] qemu: Fix CVE-2019-8934 Armin Kuster
` (6 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Adrian Bunk <bunk@stusta.de>
In recent years AMD CPUs have had various problems with RDRAND
giving either non-random data or no result at all, which is
problematic if either build or target machine has a CPU with
this problem.
The fallback is /dev/urandom, and I'd trust the kernel here.
--enable-rdrand was added in an upgrade to a new upstream
version without mentioning any reason.
[YOCTO #13534]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/json-c/json-c_0.13.1.bb | 2 --
1 file changed, 2 deletions(-)
diff --git a/meta/recipes-devtools/json-c/json-c_0.13.1.bb b/meta/recipes-devtools/json-c/json-c_0.13.1.bb
index 5b10e68..e6a3899 100644
--- a/meta/recipes-devtools/json-c/json-c_0.13.1.bb
+++ b/meta/recipes-devtools/json-c/json-c_0.13.1.bb
@@ -20,8 +20,6 @@ RPROVIDES_${PN} = "libjson"
inherit autotools
-EXTRA_OECONF = "--enable-rdrand"
-
do_configure_prepend() {
# Clean up autoconf cruft that should not be in the tarball
rm -f ${S}/config.status
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 04/10] qemu: Fix CVE-2019-8934
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (2 preceding siblings ...)
2019-10-08 15:04 ` [warrior 03/10] json-c: Don't --enable-rdrand Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 05/10] unzip: Fix CVE-2019-13232 Armin Kuster
` (5 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Dan Tran <msft.dantran@gmail.com>
Signed-off-by: Dan Tran <dantran@microsoft.com>
[Fix up against lastest warrior]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../recipes-devtools/qemu/qemu/CVE-2019-8934.patch | 215 +++++++++++++++++++++
2 files changed, 216 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 3de87d3..e720ddf 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -32,6 +32,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2019-3812.patch \
file://0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch \
file://CVE-2018-20815.patch \
+ file://CVE-2019-8934.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch b/meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch
new file mode 100644
index 0000000..d1d7d23
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch
@@ -0,0 +1,215 @@
+From 8c2e30a92d95d89e2cf45d229bce274881026cf7 Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Mon, 18 Feb 2019 23:43:49 +0530
+Subject: [PATCH] ppc: add host-serial and host-model machine attributes
+ (CVE-2019-8934)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+On ppc hosts, hypervisor shares following system attributes
+
+ - /proc/device-tree/system-id
+ - /proc/device-tree/model
+
+with a guest. This could lead to information leakage and misuse.[*]
+Add machine attributes to control such system information exposure
+to a guest.
+
+[*] https://wiki.openstack.org/wiki/OSSN/OSSN-0028
+
+Reported-by: Daniel P. Berrangé <berrange@redhat.com>
+Fix-suggested-by: Daniel P. Berrangé <berrange@redhat.com>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Message-Id: <20190218181349.23885-1-ppandit@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+Reviewed-by: Greg Kurz <groug@kaod.org>
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+
+CVE: CVE-2019-8934
+Upstream-Status: Backport
+[https://github.com/qemu/qemu/commit/27461d69a0f108dea756419251acc3ea65198f1b]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ hw/ppc/spapr.c | 128 ++++++++++++++++++++++++++++++++++++++---
+ include/hw/ppc/spapr.h | 2 +
+ 2 files changed, 123 insertions(+), 7 deletions(-)
+
+diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
+index 7afd1a175b..bcee7c162d 100644
+--- a/hw/ppc/spapr.c
++++ b/hw/ppc/spapr.c
+@@ -1244,13 +1244,30 @@ static void *spapr_build_fdt(sPAPRMachineState *spapr,
+ * Add info to guest to indentify which host is it being run on
+ * and what is the uuid of the guest
+ */
+- if (kvmppc_get_host_model(&buf)) {
+- _FDT(fdt_setprop_string(fdt, 0, "host-model", buf));
+- g_free(buf);
++ if (spapr->host_model && !g_str_equal(spapr->host_model, "none")) {
++ if (g_str_equal(spapr->host_model, "passthrough")) {
++ /* -M host-model=passthrough */
++ if (kvmppc_get_host_model(&buf)) {
++ _FDT(fdt_setprop_string(fdt, 0, "host-model", buf));
++ g_free(buf);
++ }
++ } else {
++ /* -M host-model=<user-string> */
++ _FDT(fdt_setprop_string(fdt, 0, "host-model", spapr->host_model));
++ }
+ }
+- if (kvmppc_get_host_serial(&buf)) {
+- _FDT(fdt_setprop_string(fdt, 0, "host-serial", buf));
+- g_free(buf);
++
++ if (spapr->host_serial && !g_str_equal(spapr->host_serial, "none")) {
++ if (g_str_equal(spapr->host_serial, "passthrough")) {
++ /* -M host-serial=passthrough */
++ if (kvmppc_get_host_serial(&buf)) {
++ _FDT(fdt_setprop_string(fdt, 0, "host-serial", buf));
++ g_free(buf);
++ }
++ } else {
++ /* -M host-serial=<user-string> */
++ _FDT(fdt_setprop_string(fdt, 0, "host-serial", spapr->host_serial));
++ }
+ }
+
+ buf = qemu_uuid_unparse_strdup(&qemu_uuid);
+@@ -3031,6 +3048,73 @@ static void spapr_set_vsmt(Object *obj, Visitor *v, const char *name,
+ visit_type_uint32(v, name, (uint32_t *)opaque, errp);
+ }
+
++static char *spapr_get_ic_mode(Object *obj, Error **errp)
++{
++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
++
++ if (spapr->irq == &spapr_irq_xics_legacy) {
++ return g_strdup("legacy");
++ } else if (spapr->irq == &spapr_irq_xics) {
++ return g_strdup("xics");
++ } else if (spapr->irq == &spapr_irq_xive) {
++ return g_strdup("xive");
++ } else if (spapr->irq == &spapr_irq_dual) {
++ return g_strdup("dual");
++ }
++ g_assert_not_reached();
++}
++
++static void spapr_set_ic_mode(Object *obj, const char *value, Error **errp)
++{
++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
++
++ if (SPAPR_MACHINE_GET_CLASS(spapr)->legacy_irq_allocation) {
++ error_setg(errp, "This machine only uses the legacy XICS backend, don't pass ic-mode");
++ return;
++ }
++
++ /* The legacy IRQ backend can not be set */
++ if (strcmp(value, "xics") == 0) {
++ spapr->irq = &spapr_irq_xics;
++ } else if (strcmp(value, "xive") == 0) {
++ spapr->irq = &spapr_irq_xive;
++ } else if (strcmp(value, "dual") == 0) {
++ spapr->irq = &spapr_irq_dual;
++ } else {
++ error_setg(errp, "Bad value for \"ic-mode\" property");
++ }
++}
++
++static char *spapr_get_host_model(Object *obj, Error **errp)
++{
++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
++
++ return g_strdup(spapr->host_model);
++}
++
++static void spapr_set_host_model(Object *obj, const char *value, Error **errp)
++{
++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
++
++ g_free(spapr->host_model);
++ spapr->host_model = g_strdup(value);
++}
++
++static char *spapr_get_host_serial(Object *obj, Error **errp)
++{
++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
++
++ return g_strdup(spapr->host_serial);
++}
++
++static void spapr_set_host_serial(Object *obj, const char *value, Error **errp)
++{
++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
++
++ g_free(spapr->host_serial);
++ spapr->host_serial = g_strdup(value);
++}
++
+ static void spapr_instance_init(Object *obj)
+ {
+ sPAPRMachineState *spapr = SPAPR_MACHINE(obj);
+@@ -3067,6 +3151,25 @@ static void spapr_instance_init(Object *obj)
+ " the host's SMT mode", &error_abort);
+ object_property_add_bool(obj, "vfio-no-msix-emulation",
+ spapr_get_msix_emulation, NULL, NULL);
++
++ /* The machine class defines the default interrupt controller mode */
++ spapr->irq = smc->irq;
++ object_property_add_str(obj, "ic-mode", spapr_get_ic_mode,
++ spapr_set_ic_mode, NULL);
++ object_property_set_description(obj, "ic-mode",
++ "Specifies the interrupt controller mode (xics, xive, dual)",
++ NULL);
++
++ object_property_add_str(obj, "host-model",
++ spapr_get_host_model, spapr_set_host_model,
++ &error_abort);
++ object_property_set_description(obj, "host-model",
++ "Set host's model-id to use - none|passthrough|string", &error_abort);
++ object_property_add_str(obj, "host-serial",
++ spapr_get_host_serial, spapr_set_host_serial,
++ &error_abort);
++ object_property_set_description(obj, "host-serial",
++ "Set host's system-id to use - none|passthrough|string", &error_abort);
+ }
+
+ static void spapr_machine_finalizefn(Object *obj)
+@@ -3965,7 +4068,18 @@ static void spapr_machine_3_1_instance_options(MachineState *machine)
+
+ static void spapr_machine_3_1_class_options(MachineClass *mc)
+ {
+- /* Defaults for the latest behaviour inherited from the base class */
++ sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc);
++ static GlobalProperty compat[] = {
++ { TYPE_SPAPR_MACHINE, "host-model", "passthrough" },
++ { TYPE_SPAPR_MACHINE, "host-serial", "passthrough" },
++ };
++
++ spapr_machine_4_0_class_options(mc);
++ compat_props_add(mc->compat_props, hw_compat_3_1, hw_compat_3_1_len);
++ compat_props_add(mc->compat_props, compat, G_N_ELEMENTS(compat));
++
++ mc->default_cpu_type = POWERPC_CPU_TYPE_NAME("power8_v2.0");
++ smc->update_dt_enabled = false;
+ }
+
+ DEFINE_SPAPR_MACHINE(3_1, "3.1", true);
+diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
+index 6279711fe8..63692a13bd 100644
+--- a/include/hw/ppc/spapr.h
++++ b/include/hw/ppc/spapr.h
+@@ -171,6 +171,8 @@ struct sPAPRMachineState {
+
+ /*< public >*/
+ char *kvm_type;
++ char *host_model;
++ char *host_serial;
+
+ const char *icp_type;
+ int32_t irq_map_nr;
+--
+2.22.0.vfs.1.1.57.gbaf16c8
+
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 05/10] unzip: Fix CVE-2019-13232
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (3 preceding siblings ...)
2019-10-08 15:04 ` [warrior 04/10] qemu: Fix CVE-2019-8934 Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 06/10] classes/image-live.bbclass: Don't hardcode cpio.gz Armin Kuster
` (4 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Dan Tran <dantran@microsoft.com>
Signed-off-by: Dan Tran <dantran@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../unzip/unzip/CVE-2019-13232_p1.patch | 33 ++
.../unzip/unzip/CVE-2019-13232_p2.patch | 356 +++++++++++++++++++++
.../unzip/unzip/CVE-2019-13232_p3.patch | 121 +++++++
meta/recipes-extended/unzip/unzip_6.0.bb | 3 +
4 files changed, 513 insertions(+)
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch
diff --git a/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch b/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch
new file mode 100644
index 0000000..d485a1b
--- /dev/null
+++ b/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch
@@ -0,0 +1,33 @@
+From 080d52c3c9416c731f637f9c6e003961ef43f079 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Mon, 27 May 2019 08:20:32 -0700
+Subject: [PATCH 1/3] Fix bug in undefer_input() that misplaced the input
+ state.
+
+CVE: CVE-2019-13232
+Upstream-Status: Backport
+[https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ fileio.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/fileio.c b/fileio.c
+index 7605a29..14460f3 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -532,8 +532,10 @@ void undefer_input(__G)
+ * This condition was checked when G.incnt_leftover was set > 0 in
+ * defer_leftover_input(), and it is NOT allowed to touch G.csize
+ * before calling undefer_input() when (G.incnt_leftover > 0)
+- * (single exception: see read_byte()'s "G.csize <= 0" handling) !!
++ * (single exception: see readbyte()'s "G.csize <= 0" handling) !!
+ */
++ if (G.csize < 0L)
++ G.csize = 0L;
+ G.incnt = G.incnt_leftover + (int)G.csize;
+ G.inptr = G.inptr_leftover - (int)G.csize;
+ G.incnt_leftover = 0;
+--
+2.22.0.vfs.1.1.57.gbaf16c8
diff --git a/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch b/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch
new file mode 100644
index 0000000..41037a8
--- /dev/null
+++ b/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch
@@ -0,0 +1,356 @@
+From 1aae47fa8935654a84403768f32c03ecbb1be470 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Tue, 11 Jun 2019 22:01:18 -0700
+Subject: [PATCH 2/3] Detect and reject a zip bomb using overlapped entries.
+
+This detects an invalid zip file that has at least one entry that
+overlaps with another entry or with the central directory to the
+end of the file. A Fifield zip bomb uses overlapped local entries
+to vastly increase the potential inflation ratio. Such an invalid
+zip file is rejected.
+
+See https://www.bamsoftware.com/hacks/zipbomb/ for David Fifield's
+analysis, construction, and examples of such zip bombs.
+
+The detection maintains a list of covered spans of the zip files
+so far, where the central directory to the end of the file and any
+bytes preceding the first entry at zip file offset zero are
+considered covered initially. Then as each entry is decompressed
+or tested, it is considered covered. When a new entry is about to
+be processed, its initial offset is checked to see if it is
+contained by a covered span. If so, the zip file is rejected as
+invalid.
+
+This commit depends on a preceding commit: "Fix bug in
+undefer_input() that misplaced the input state."
+
+CVE: CVE-2019-13232
+Upstream-Status: Backport
+[https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ extract.c | 190 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
+ globals.c | 1 +
+ globals.h | 3 +
+ process.c | 10 +++
+ unzip.h | 1 +
+ 5 files changed, 204 insertions(+), 1 deletion(-)
+
+diff --git a/extract.c b/extract.c
+index 24db2a8..2bb72ba 100644
+--- a/extract.c
++++ b/extract.c
+@@ -321,6 +321,125 @@ static ZCONST char Far UnsupportedExtraField[] =
+ "\nerror: unsupported extra-field compression type (%u)--skipping\n";
+ static ZCONST char Far BadExtraFieldCRC[] =
+ "error [%s]: bad extra-field CRC %08lx (should be %08lx)\n";
++static ZCONST char Far NotEnoughMemCover[] =
++ "error: not enough memory for bomb detection\n";
++static ZCONST char Far OverlappedComponents[] =
++ "error: invalid zip file with overlapped components (possible zip bomb)\n";
++
++
++
++
++
++/* A growable list of spans. */
++typedef zoff_t bound_t;
++typedef struct {
++ bound_t beg; /* start of the span */
++ bound_t end; /* one past the end of the span */
++} span_t;
++typedef struct {
++ span_t *span; /* allocated, distinct, and sorted list of spans */
++ size_t num; /* number of spans in the list */
++ size_t max; /* allocated number of spans (num <= max) */
++} cover_t;
++
++/*
++ * Return the index of the first span in cover whose beg is greater than val.
++ * If there is no such span, then cover->num is returned.
++ */
++static size_t cover_find(cover, val)
++ cover_t *cover;
++ bound_t val;
++{
++ size_t lo = 0, hi = cover->num;
++ while (lo < hi) {
++ size_t mid = (lo + hi) >> 1;
++ if (val < cover->span[mid].beg)
++ hi = mid;
++ else
++ lo = mid + 1;
++ }
++ return hi;
++}
++
++/* Return true if val lies within any one of the spans in cover. */
++static int cover_within(cover, val)
++ cover_t *cover;
++ bound_t val;
++{
++ size_t pos = cover_find(cover, val);
++ return pos > 0 && val < cover->span[pos - 1].end;
++}
++
++/*
++ * Add a new span to the list, but only if the new span does not overlap any
++ * spans already in the list. The new span covers the values beg..end-1. beg
++ * must be less than end.
++ *
++ * Keep the list sorted and merge adjacent spans. Grow the allocated space for
++ * the list as needed. On success, 0 is returned. If the new span overlaps any
++ * existing spans, then 1 is returned and the new span is not added to the
++ * list. If the new span is invalid because beg is greater than or equal to
++ * end, then -1 is returned. If the list needs to be grown but the memory
++ * allocation fails, then -2 is returned.
++ */
++static int cover_add(cover, beg, end)
++ cover_t *cover;
++ bound_t beg;
++ bound_t end;
++{
++ size_t pos;
++ int prec, foll;
++
++ if (beg >= end)
++ /* The new span is invalid. */
++ return -1;
++
++ /* Find where the new span should go, and make sure that it does not
++ overlap with any existing spans. */
++ pos = cover_find(cover, beg);
++ if ((pos > 0 && beg < cover->span[pos - 1].end) ||
++ (pos < cover->num && end > cover->span[pos].beg))
++ return 1;
++
++ /* Check for adjacencies. */
++ prec = pos > 0 && beg == cover->span[pos - 1].end;
++ foll = pos < cover->num && end == cover->span[pos].beg;
++ if (prec && foll) {
++ /* The new span connects the preceding and following spans. Merge the
++ following span into the preceding span, and delete the following
++ span. */
++ cover->span[pos - 1].end = cover->span[pos].end;
++ cover->num--;
++ memmove(cover->span + pos, cover->span + pos + 1,
++ (cover->num - pos) * sizeof(span_t));
++ }
++ else if (prec)
++ /* The new span is adjacent only to the preceding span. Extend the end
++ of the preceding span. */
++ cover->span[pos - 1].end = end;
++ else if (foll)
++ /* The new span is adjacent only to the following span. Extend the
++ beginning of the following span. */
++ cover->span[pos].beg = beg;
++ else {
++ /* The new span has gaps between both the preceding and the following
++ spans. Assure that there is room and insert the span. */
++ if (cover->num == cover->max) {
++ size_t max = cover->max == 0 ? 16 : cover->max << 1;
++ span_t *span = realloc(cover->span, max * sizeof(span_t));
++ if (span == NULL)
++ return -2;
++ cover->span = span;
++ cover->max = max;
++ }
++ memmove(cover->span + pos + 1, cover->span + pos,
++ (cover->num - pos) * sizeof(span_t));
++ cover->num++;
++ cover->span[pos].beg = beg;
++ cover->span[pos].end = end;
++ }
++ return 0;
++}
+
+
+
+@@ -376,6 +495,29 @@ int extract_or_test_files(__G) /* return PK-type error code */
+ }
+ #endif /* !SFX || SFX_EXDIR */
+
++ /* One more: initialize cover structure for bomb detection. Start with a
++ span that covers the central directory though the end of the file. */
++ if (G.cover == NULL) {
++ G.cover = malloc(sizeof(cover_t));
++ if (G.cover == NULL) {
++ Info(slide, 0x401, ((char *)slide,
++ LoadFarString(NotEnoughMemCover)));
++ return PK_MEM;
++ }
++ ((cover_t *)G.cover)->span = NULL;
++ ((cover_t *)G.cover)->max = 0;
++ }
++ ((cover_t *)G.cover)->num = 0;
++ if ((G.extra_bytes != 0 &&
++ cover_add((cover_t *)G.cover, 0, G.extra_bytes) != 0) ||
++ cover_add((cover_t *)G.cover,
++ G.extra_bytes + G.ecrec.offset_start_central_directory,
++ G.ziplen) != 0) {
++ Info(slide, 0x401, ((char *)slide,
++ LoadFarString(NotEnoughMemCover)));
++ return PK_MEM;
++ }
++
+ /*---------------------------------------------------------------------------
+ The basic idea of this function is as follows. Since the central di-
+ rectory lies at the end of the zipfile and the member files lie at the
+@@ -593,7 +735,8 @@ int extract_or_test_files(__G) /* return PK-type error code */
+ if (error > error_in_archive)
+ error_in_archive = error;
+ /* ...and keep going (unless disk full or user break) */
+- if (G.disk_full > 1 || error_in_archive == IZ_CTRLC) {
++ if (G.disk_full > 1 || error_in_archive == IZ_CTRLC ||
++ error == PK_BOMB) {
+ /* clear reached_end to signal premature stop ... */
+ reached_end = FALSE;
+ /* ... and cancel scanning the central directory */
+@@ -1062,6 +1205,11 @@ static int extract_or_test_entrylist(__G__ numchunk,
+
+ /* seek_zipf(__G__ pInfo->offset); */
+ request = G.pInfo->offset + G.extra_bytes;
++ if (cover_within((cover_t *)G.cover, request)) {
++ Info(slide, 0x401, ((char *)slide,
++ LoadFarString(OverlappedComponents)));
++ return PK_BOMB;
++ }
+ inbuf_offset = request % INBUFSIZ;
+ bufstart = request - inbuf_offset;
+
+@@ -1593,6 +1741,18 @@ reprompt:
+ return IZ_CTRLC; /* cancel operation by user request */
+ }
+ #endif
++ error = cover_add((cover_t *)G.cover, request,
++ G.cur_zipfile_bufstart + (G.inptr - G.inbuf));
++ if (error < 0) {
++ Info(slide, 0x401, ((char *)slide,
++ LoadFarString(NotEnoughMemCover)));
++ return PK_MEM;
++ }
++ if (error != 0) {
++ Info(slide, 0x401, ((char *)slide,
++ LoadFarString(OverlappedComponents)));
++ return PK_BOMB;
++ }
+ #ifdef MACOS /* MacOS is no preemptive OS, thus call event-handling by hand */
+ UserStop();
+ #endif
+@@ -1994,6 +2154,34 @@ static int extract_or_test_member(__G) /* return PK-type error code */
+ }
+
+ undefer_input(__G);
++
++ if ((G.lrec.general_purpose_bit_flag & 8) != 0) {
++ /* skip over data descriptor (harder than it sounds, due to signature
++ * ambiguity)
++ */
++# define SIG 0x08074b50
++# define LOW 0xffffffff
++ uch buf[12];
++ unsigned shy = 12 - readbuf((char *)buf, 12);
++ ulg crc = shy ? 0 : makelong(buf);
++ ulg clen = shy ? 0 : makelong(buf + 4);
++ ulg ulen = shy ? 0 : makelong(buf + 8); /* or high clen if ZIP64 */
++ if (crc == SIG && /* if not SIG, no signature */
++ (G.lrec.crc32 != SIG || /* if not SIG, have signature */
++ (clen == SIG && /* if not SIG, no signature */
++ ((G.lrec.csize & LOW) != SIG || /* if not SIG, have signature */
++ (ulen == SIG && /* if not SIG, no signature */
++ (G.zip64 ? G.lrec.csize >> 32 : G.lrec.ucsize) != SIG
++ /* if not SIG, have signature */
++ )))))
++ /* skip four more bytes to account for signature */
++ shy += 4 - readbuf((char *)buf, 4);
++ if (G.zip64)
++ shy += 8 - readbuf((char *)buf, 8); /* skip eight more for ZIP64 */
++ if (shy)
++ error = PK_ERR;
++ }
++
+ return error;
+
+ } /* end function extract_or_test_member() */
+diff --git a/globals.c b/globals.c
+index fa8cca5..1e0f608 100644
+--- a/globals.c
++++ b/globals.c
+@@ -181,6 +181,7 @@ Uz_Globs *globalsCtor()
+ # if (!defined(NO_TIMESTAMPS))
+ uO.D_flag=1; /* default to '-D', no restoration of dir timestamps */
+ # endif
++ G.cover = NULL; /* not allocated yet */
+ #endif
+
+ uO.lflag=(-1);
+diff --git a/globals.h b/globals.h
+index 11b7215..2bdcdeb 100644
+--- a/globals.h
++++ b/globals.h
+@@ -260,12 +260,15 @@ typedef struct Globals {
+ ecdir_rec ecrec; /* used in unzip.c, extract.c */
+ z_stat statbuf; /* used by main, mapname, check_for_newer */
+
++ int zip64; /* true if Zip64 info in extra field */
++
+ int mem_mode;
+ uch *outbufptr; /* extract.c static */
+ ulg outsize; /* extract.c static */
+ int reported_backslash; /* extract.c static */
+ int disk_full;
+ int newfile;
++ void **cover; /* used in extract.c for bomb detection */
+
+ int didCRlast; /* fileio static */
+ ulg numlines; /* fileio static: number of lines printed */
+diff --git a/process.c b/process.c
+index a3c1a4d..208619c 100644
+--- a/process.c
++++ b/process.c
+@@ -637,6 +637,13 @@ void free_G_buffers(__G) /* releases all memory allocated in global vars */
+ }
+ #endif
+
++ /* Free the cover span list and the cover structure. */
++ if (G.cover != NULL) {
++ free(*(G.cover));
++ free(G.cover);
++ G.cover = NULL;
++ }
++
+ } /* end function free_G_buffers() */
+
+
+@@ -1905,6 +1912,7 @@ int getZip64Data(__G__ ef_buf, ef_len)
+
+ #define Z64FLGS 0xffff
+ #define Z64FLGL 0xffffffff
++ G.zip64 = FALSE;
+
+ if (ef_len == 0 || ef_buf == NULL)
+ return PK_COOL;
+@@ -1964,6 +1972,8 @@ int getZip64Data(__G__ ef_buf, ef_len)
+ G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf);
+ offset += 4;
+ }
++
++ G.zip64 = TRUE;
+ #if 0
+ break; /* Expect only one EF_PKSZ64 block. */
+ #endif /* 0 */
+diff --git a/unzip.h b/unzip.h
+index 5b2a326..ed24a5b 100644
+--- a/unzip.h
++++ b/unzip.h
+@@ -645,6 +645,7 @@ typedef struct _Uzp_cdir_Rec {
+ #define PK_NOZIP 9 /* zipfile not found */
+ #define PK_PARAM 10 /* bad or illegal parameters specified */
+ #define PK_FIND 11 /* no files found */
++#define PK_BOMB 12 /* likely zip bomb */
+ #define PK_DISK 50 /* disk full */
+ #define PK_EOF 51 /* unexpected EOF */
+
+--
+2.22.0.vfs.1.1.57.gbaf16c8
diff --git a/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch b/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch
new file mode 100644
index 0000000..fd26fdd
--- /dev/null
+++ b/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch
@@ -0,0 +1,121 @@
+From be88aa4811af47ca06d8b7dcda294f899eba70ea Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Thu, 25 Jul 2019 20:43:17 -0700
+Subject: [PATCH 3/3] Do not raise a zip bomb alert for a misplaced central
+ directory.
+
+There is a zip-like file in the Firefox distribution, omni.ja,
+which is a zip container with the central directory placed at the
+start of the file instead of after the local entries as required
+by the zip standard. This commit marks the actual location of the
+central directory, as well as the end of central directory records,
+as disallowed locations. This now permits such containers to not
+raise a zip bomb alert, where in fact there are no overlaps.
+
+CVE: CVE-2019-13232
+Upstream-Status: Backport
+[https://github.com/madler/unzip/commit/6d351831be705cc26d897db44f878a978f4138fc]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ extract.c | 25 +++++++++++++++++++------
+ process.c | 6 ++++++
+ unzpriv.h | 10 ++++++++++
+ 3 files changed, 35 insertions(+), 6 deletions(-)
+
+diff --git a/extract.c b/extract.c
+index 2bb72ba..a9dcca8 100644
+--- a/extract.c
++++ b/extract.c
+@@ -495,8 +495,11 @@ int extract_or_test_files(__G) /* return PK-type error code */
+ }
+ #endif /* !SFX || SFX_EXDIR */
+
+- /* One more: initialize cover structure for bomb detection. Start with a
+- span that covers the central directory though the end of the file. */
++ /* One more: initialize cover structure for bomb detection. Start with
++ spans that cover any extra bytes at the start, the central directory,
++ the end of central directory record (including the Zip64 end of central
++ directory locator, if present), and the Zip64 end of central directory
++ record, if present. */
+ if (G.cover == NULL) {
+ G.cover = malloc(sizeof(cover_t));
+ if (G.cover == NULL) {
+@@ -508,15 +511,25 @@ int extract_or_test_files(__G) /* return PK-type error code */
+ ((cover_t *)G.cover)->max = 0;
+ }
+ ((cover_t *)G.cover)->num = 0;
+- if ((G.extra_bytes != 0 &&
+- cover_add((cover_t *)G.cover, 0, G.extra_bytes) != 0) ||
+- cover_add((cover_t *)G.cover,
++ if (cover_add((cover_t *)G.cover,
+ G.extra_bytes + G.ecrec.offset_start_central_directory,
+- G.ziplen) != 0) {
++ G.extra_bytes + G.ecrec.offset_start_central_directory +
++ G.ecrec.size_central_directory) != 0) {
+ Info(slide, 0x401, ((char *)slide,
+ LoadFarString(NotEnoughMemCover)));
+ return PK_MEM;
+ }
++ if ((G.extra_bytes != 0 &&
++ cover_add((cover_t *)G.cover, 0, G.extra_bytes) != 0) ||
++ (G.ecrec.have_ecr64 &&
++ cover_add((cover_t *)G.cover, G.ecrec.ec64_start,
++ G.ecrec.ec64_end) != 0) ||
++ cover_add((cover_t *)G.cover, G.ecrec.ec_start,
++ G.ecrec.ec_end) != 0) {
++ Info(slide, 0x401, ((char *)slide,
++ LoadFarString(OverlappedComponents)));
++ return PK_BOMB;
++ }
+
+ /*---------------------------------------------------------------------------
+ The basic idea of this function is as follows. Since the central di-
+diff --git a/process.c b/process.c
+index 208619c..5f8f6c6 100644
+--- a/process.c
++++ b/process.c
+@@ -1408,6 +1408,10 @@ static int find_ecrec64(__G__ searchlen) /* return PK-class error */
+
+ /* Now, we are (almost) sure that we have a Zip64 archive. */
+ G.ecrec.have_ecr64 = 1;
++ G.ecrec.ec_start -= ECLOC64_SIZE+4;
++ G.ecrec.ec64_start = ecrec64_start_offset;
++ G.ecrec.ec64_end = ecrec64_start_offset +
++ 12 + makeint64(&byterec[ECREC64_LENGTH]);
+
+ /* Update the "end-of-central-dir offset" for later checks. */
+ G.real_ecrec_offset = ecrec64_start_offset;
+@@ -1542,6 +1546,8 @@ static int find_ecrec(__G__ searchlen) /* return PK-class error */
+ makelong(&byterec[OFFSET_START_CENTRAL_DIRECTORY]);
+ G.ecrec.zipfile_comment_length =
+ makeword(&byterec[ZIPFILE_COMMENT_LENGTH]);
++ G.ecrec.ec_start = G.real_ecrec_offset;
++ G.ecrec.ec_end = G.ecrec.ec_start + 22 + G.ecrec.zipfile_comment_length;
+
+ /* Now, we have to read the archive comment, BEFORE the file pointer
+ is moved away backwards to seek for a Zip64 ECLOC64 structure.
+diff --git a/unzpriv.h b/unzpriv.h
+index c8d3eab..5e177c7 100644
+--- a/unzpriv.h
++++ b/unzpriv.h
+@@ -2185,6 +2185,16 @@ typedef struct VMStimbuf {
+ int have_ecr64; /* valid Zip64 ecdir-record exists */
+ int is_zip64_archive; /* Zip64 ecdir-record is mandatory */
+ ush zipfile_comment_length;
++ zusz_t ec_start, ec_end; /* offsets of start and end of the
++ end of central directory record,
++ including if present the Zip64
++ end of central directory locator,
++ which immediately precedes the
++ end of central directory record */
++ zusz_t ec64_start, ec64_end; /* if have_ecr64 is true, then these
++ are the offsets of the start and
++ end of the Zip64 end of central
++ directory record */
+ } ecdir_rec;
+
+
+--
+2.22.0.vfs.1.1.57.gbaf16c8
+
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb
index daba722..c1ea0a9 100644
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -22,6 +22,9 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/
file://symlink.patch \
file://0001-unzip-fix-CVE-2018-1000035.patch \
file://CVE-2018-18384.patch \
+ file://CVE-2019-13232_p1.patch \
+ file://CVE-2019-13232_p2.patch \
+ file://CVE-2019-13232_p3.patch \
"
UPSTREAM_VERSION_UNKNOWN = "1"
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 06/10] classes/image-live.bbclass: Don't hardcode cpio.gz
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (4 preceding siblings ...)
2019-10-08 15:04 ` [warrior 05/10] unzip: Fix CVE-2019-13232 Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 07/10] systemd: update SRCREV for systemd v241-stable Armin Kuster
` (3 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Andrii Bordunov via Openembedded-core <openembedded-core@lists.openembedded.org>
There's INITRAMFS_FSTYPES that can be set differently.
Signed-off-by: Böszörményi Zoltán <zboszor@pr.hu>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/classes/image-live.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/image-live.bbclass b/meta/classes/image-live.bbclass
index af71be5..54058b3 100644
--- a/meta/classes/image-live.bbclass
+++ b/meta/classes/image-live.bbclass
@@ -37,7 +37,7 @@ do_bootimg[depends] += "dosfstools-native:do_populate_sysroot \
LABELS_LIVE ?= "boot install"
ROOT_LIVE ?= "root=/dev/ram0"
INITRD_IMAGE_LIVE ?= "${MLPREFIX}core-image-minimal-initramfs"
-INITRD_LIVE ?= "${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE_LIVE}-${MACHINE}.cpio.gz"
+INITRD_LIVE ?= "${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE_LIVE}-${MACHINE}.${INITRAMFS_FSTYPES}"
LIVE_ROOTFS_TYPE ?= "ext4"
ROOTFS ?= "${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.${LIVE_ROOTFS_TYPE}"
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 07/10] systemd: update SRCREV for systemd v241-stable
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (5 preceding siblings ...)
2019-10-08 15:04 ` [warrior 06/10] classes/image-live.bbclass: Don't hardcode cpio.gz Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 08/10] qemu: fix build issue on new hosts with glibc 2.30 Armin Kuster
` (2 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Jan Klare <jan.klare@bisdn.de>
Currently systemd 241 does break for kernels 5.2+ with the error described here:
* https://github.com/systemd/systemd/issues/12784
The issue has been fixed in master and will be fixed in the release 243. The
necessary patches have been backported to systemd/systemd-stable in the branch
v241-stable, but currently in warrior an old version of that branch is pulled
in.
This patch updates the SRCREV to the latest commit from that branch and
therefore pulls in the needed fix to run systemd 241 on 5.2+ kernels.
Signed-off-by: Jan Klare <jan.klare@bisdn.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-core/systemd/systemd.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc
index 5bd88ed..2b9c291 100644
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -14,7 +14,7 @@ LICENSE = "GPLv2 & LGPLv2.1"
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
-SRCREV = "c1f8ff8d0de7e303b8004b02a0a47d4cc103a7f8"
+SRCREV = "511646b8ac5c82f210b16920044465756913d238"
SRCBRANCH = "v241-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}"
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 08/10] qemu: fix build issue on new hosts with glibc 2.30
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (6 preceding siblings ...)
2019-10-08 15:04 ` [warrior 07/10] systemd: update SRCREV for systemd v241-stable Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 09/10] meson: Fix native patch to python3 Armin Kuster
2019-10-08 15:04 ` [warrior 10/10] uninative: Update to 2.7 release Armin Kuster
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
This fixes the following error:
TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:254:16: error: static declaration of ‘gettid’ follows non-static declaration
254 | _syscall0(int, gettid)
| ^~~~~~
TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:185:13: note: in definition of macro ‘_syscall0’
185 | static type name (void) \
| ^~~~
In file included from /usr/include/unistd.h:1170,
from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/include/qemu/osdep.h:90,
from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20:
/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here
34 | extern __pid_t gettid (void) __THROW;
| ^~~~~~
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/qemu/qemu.inc | 2 +
...nux-user-assume-__NR_gettid-always-exists.patch | 49 +++++++++++
...rename-gettid-to-sys_gettid-to-avoid-clas.patch | 95 ++++++++++++++++++++++
3 files changed, 146 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index e720ddf..40c3174 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -33,6 +33,8 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch \
file://CVE-2018-20815.patch \
file://CVE-2019-8934.patch \
+ file://0001-linux-user-assume-__NR_gettid-always-exists.patch \
+ file://0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch b/meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch
new file mode 100644
index 0000000..b09ddbe
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch
@@ -0,0 +1,49 @@
+From 184943d827ce09375284e6fbb9fd5eeb9e369529 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Wed, 20 Mar 2019 16:18:41 +0000
+Subject: [PATCH] linux-user: assume __NR_gettid always exists
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The gettid syscall was introduced in Linux 2.4.11. This is old enough
+that we can assume it always exists and thus not bother with the
+conditional backcompat logic.
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Laurent Vivier <laurent@vivier.eu>
+Message-Id: <20190320161842.13908-2-berrange@redhat.com>
+Signed-off-by: Laurent Vivier <laurent@vivier.eu>
+
+Upstream-Status: Backport
+dependancy patch for fix
+
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+---
+
+
+ linux-user/syscall.c | 8 --------
+ 1 file changed, 8 deletions(-)
+
+Index: qemu-3.1.0/linux-user/syscall.c
+===================================================================
+--- qemu-3.1.0.orig/linux-user/syscall.c
++++ qemu-3.1.0/linux-user/syscall.c
+@@ -250,15 +250,7 @@ static type name (type1 arg1,type2 arg2,
+ #define TARGET_NR__llseek TARGET_NR_llseek
+ #endif
+
+-#ifdef __NR_gettid
+ _syscall0(int, gettid)
+-#else
+-/* This is a replacement for the host gettid() and must return a host
+- errno. */
+-static int gettid(void) {
+- return -ENOSYS;
+-}
+-#endif
+
+ /* For the 64-bit guest on 32-bit host case we must emulate
+ * getdents using getdents64, because otherwise the host
diff --git a/meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch b/meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch
new file mode 100644
index 0000000..86d7678
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch
@@ -0,0 +1,95 @@
+From 71ba74f67eaca21b0cc9d96f534ad3b9a7161400 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Wed, 20 Mar 2019 16:18:42 +0000
+Subject: [PATCH] linux-user: rename gettid() to sys_gettid() to avoid clash
+ with glibc
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The glibc-2.29.9000-6.fc31.x86_64 package finally includes the gettid()
+function as part of unistd.h when __USE_GNU is defined. This clashes
+with linux-user code which unconditionally defines this function name
+itself.
+
+/home/berrange/src/virt/qemu/linux-user/syscall.c:253:16: error: static declaration of ‘gettid’ follows non-static declaration
+ 253 | _syscall0(int, gettid)
+ | ^~~~~~
+/home/berrange/src/virt/qemu/linux-user/syscall.c:184:13: note: in definition of macro ‘_syscall0’
+ 184 | static type name (void) \
+ | ^~~~
+In file included from /usr/include/unistd.h:1170,
+ from /home/berrange/src/virt/qemu/include/qemu/osdep.h:107,
+ from /home/berrange/src/virt/qemu/linux-user/syscall.c:20:
+/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here
+ 34 | extern __pid_t gettid (void) __THROW;
+ | ^~~~~~
+ CC aarch64-linux-user/linux-user/signal.o
+make[1]: *** [/home/berrange/src/virt/qemu/rules.mak:69: linux-user/syscall.o] Error 1
+make[1]: *** Waiting for unfinished jobs....
+make: *** [Makefile:449: subdir-aarch64-linux-user] Error 2
+
+While we could make our definition conditional and rely on glibc's impl,
+this patch simply renames our definition to sys_gettid() which is a
+common pattern in this file.
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Laurent Vivier <laurent@vivier.eu>
+Message-Id: <20190320161842.13908-3-berrange@redhat.com>
+Signed-off-by: Laurent Vivier <laurent@vivier.eu>
+
+Upstream-status: Backport
+
+Fixes issue found on tumbleweed-ty-1
+Yocto bug: https://bugzilla.yoctoproject.org/show_bug.cgi?id=13577
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+---
+ linux-user/syscall.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+Index: qemu-3.1.0/linux-user/syscall.c
+===================================================================
+--- qemu-3.1.0.orig/linux-user/syscall.c
++++ qemu-3.1.0/linux-user/syscall.c
+@@ -250,7 +250,8 @@ static type name (type1 arg1,type2 arg2,
+ #define TARGET_NR__llseek TARGET_NR_llseek
+ #endif
+
+-_syscall0(int, gettid)
++#define __NR_sys_gettid __NR_gettid
++_syscall0(int, sys_gettid)
+
+ /* For the 64-bit guest on 32-bit host case we must emulate
+ * getdents using getdents64, because otherwise the host
+@@ -5483,7 +5484,7 @@ static void *clone_func(void *arg)
+ cpu = ENV_GET_CPU(env);
+ thread_cpu = cpu;
+ ts = (TaskState *)cpu->opaque;
+- info->tid = gettid();
++ info->tid = sys_gettid();
+ task_settid(ts);
+ if (info->child_tidptr)
+ put_user_u32(info->tid, info->child_tidptr);
+@@ -5628,9 +5629,9 @@ static int do_fork(CPUArchState *env, un
+ mapping. We can't repeat the spinlock hack used above because
+ the child process gets its own copy of the lock. */
+ if (flags & CLONE_CHILD_SETTID)
+- put_user_u32(gettid(), child_tidptr);
++ put_user_u32(sys_gettid(), child_tidptr);
+ if (flags & CLONE_PARENT_SETTID)
+- put_user_u32(gettid(), parent_tidptr);
++ put_user_u32(sys_gettid(), parent_tidptr);
+ ts = (TaskState *)cpu->opaque;
+ if (flags & CLONE_SETTLS)
+ cpu_set_tls (env, newtls);
+@@ -10588,7 +10589,7 @@ static abi_long do_syscall1(void *cpu_en
+ return TARGET_PAGE_SIZE;
+ #endif
+ case TARGET_NR_gettid:
+- return get_errno(gettid());
++ return get_errno(sys_gettid());
+ #ifdef TARGET_NR_readahead
+ case TARGET_NR_readahead:
+ #if TARGET_ABI_BITS == 32
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 09/10] meson: Fix native patch to python3
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (7 preceding siblings ...)
2019-10-08 15:04 ` [warrior 08/10] qemu: fix build issue on new hosts with glibc 2.30 Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
2019-10-08 15:04 ` [warrior 10/10] uninative: Update to 2.7 release Armin Kuster
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Ricardo Ribalda Delgado <ricardo@ribalda.com>
Fixes:
File "/workdir/build/tmp/work/dbfp4-poky-linux/qv4l2/1.17.0+gitAUTOINC+95f39aae48-r0/recipe-sysroot-native/usr/lib/python3.7/site-packages/mesonbuild/dependencies/base.py", line 574, in _call_pkgbin
cache[(self.pkgbin, targs, fenv)] = self._call_pkgbin_real(args, env, use_native)
File "/workdir/build/tmp/work/dbfp4-poky-linux/qv4l2/1.17.0+gitAUTOINC+95f39aae48-r0/recipe-sysroot-native/usr/lib/python3.7/site-packages/mesonbuild/dependencies/base.py", line 556, in _call_pkgbin_real
cmd = self.pkgbin.get_command() + "-native" + args
TypeError: can only concatenate list (not "str") to list
Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/meson/meson/0003-native_bindir.patch | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/meson/meson/0003-native_bindir.patch b/meta/recipes-devtools/meson/meson/0003-native_bindir.patch
index da47745..2b22531 100644
--- a/meta/recipes-devtools/meson/meson/0003-native_bindir.patch
+++ b/meta/recipes-devtools/meson/meson/0003-native_bindir.patch
@@ -51,7 +51,7 @@ index 6d3678f..90fdb80 100644
- cmd = self.pkgbin.get_command() + args
+ def _call_pkgbin_real(self, args, env, use_native=False):
+ if use_native:
-+ cmd = self.pkgbin.get_command() + "-native" + args
++ cmd = [self.pkgbin.get_command()[0] + "-native"] + args
+ else:
+ cmd = self.pkgbin.get_command() + args
p, out = Popen_safe(cmd, env=env)[0:2]
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread* [warrior 10/10] uninative: Update to 2.7 release
2019-10-08 15:04 [warrior 00/10] Pull request Armin Kuster
` (8 preceding siblings ...)
2019-10-08 15:04 ` [warrior 09/10] meson: Fix native patch to python3 Armin Kuster
@ 2019-10-08 15:04 ` Armin Kuster
9 siblings, 0 replies; 11+ messages in thread
From: Armin Kuster @ 2019-10-08 15:04 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
The 2.7 release updates glibc to version 2.30. Recently added to openSUSE
Tumbleweed and needed for Fedora Core 31.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/conf/distro/include/yocto-uninative.inc | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index df24346..ad75d3e 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,9 @@
# to the distro running on the build machine.
#
-UNINATIVE_MAXGLIBCVERSION = "2.29"
+UNINATIVE_MAXGLIBCVERSION = "2.30"
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.6/"
-UNINATIVE_CHECKSUM[aarch64] ?= "a37118fc8b423f48146120707b81dd15017512c3e8ef9e6ca2cb3a033f4f4046"
-UNINATIVE_CHECKSUM[i686] ?= "3234fc3ded810225071f23a0e9a99f4f8c2480059945a848eff076ce78122ade"
-UNINATIVE_CHECKSUM[x86_64] ?= "133387753a9acf3e1b788103c59fac91e968e2ee331d7a4b9498e926ada7be57"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.7/"
+UNINATIVE_CHECKSUM[aarch64] ?= "e76a45886ee8a0b3904b761c17ac8ff91edf9811ee455f1832d10763ba794dfc"
+UNINATIVE_CHECKSUM[i686] ?= "810d027dfb1c7675226afbcec07808770516c969ee7378f6d8240281083f8924"
+UNINATIVE_CHECKSUM[x86_64] ?= "9498d8bba047499999a7310ac2576d0796461184965351a56f6d32c888a1f216"
--
2.7.4
^ permalink raw reply related [flat|nested] 11+ messages in thread