* [gatesgarth][PATCH 00/52] review request
@ 2021-03-05 4:20 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 01/52] local.conf.sample.extended: prefer INIT_MANAGER Anuj Mittal
` (51 more replies)
0 siblings, 52 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
Please review these next set of changes for gatesgarth. Builds cleanly
on autobuilder except for one intermittent and unrelated failure.
Thanks,
Anuj
The following changes since commit 0e5605af9ebbfceffd510e42013d4eaa76c4e820:
acpica: Fix reproducibility issues (2021-02-22 23:53:37 +0800)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib anujm/gatesgarth
Andrei Gherzan (1):
oe/recipeutils: Fix copying patches when BBLAYERS entries are not
normalised
Bruce Ashfield (2):
linux-yocto/5.4: update to v5.4.96
linux-yocto/5.4: update to v5.4.98
Florian Bezdeka (1):
wic: Warn if an ext filesystem affected by the Y2038 problem is used
Jan-Simon Möller (1):
package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm
class
Khem Raj (2):
go: Update to 1.15.8
oeqa/pam: Need shadow installed for the tests
Lee Chee Yang (2):
python3: fix CVE-2021-23336
libsdl2: fix CVE-2020-14409 CVE-2020-14410
Martin Jansa (1):
sstatesig.py: show an error instead of warning when sstate manifest
isn't found
Michael Halstead (2):
yocto-uninative.inc: version 2.11 updates glibc to 2.33
yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround
Mike Crowe (1):
externalsrc: Pass through npmsw URIs in SRC_URI
Milan Shah (1):
report-error.bbclass: Add layer and bitbake version info to error
report
Mingli Yu (1):
python3: Fix python interpreter line length for nativesdk
Minjae Kim (1):
bind: fix CVE-2020-8625
Peter Kjellerstedt (1):
asciidoc: Switch to using the main branch
Richard Purdie (19):
xorg-fonts-minimal: Fix reproducibility
xorg-minimal-fonts: Really fix determinism
git: Fix determinism issue
groff: Fix determinism issue
oeqa/commands: Fix compatibility with python 3.9
linux-firmware: upgrade 20201218 -> 20210208
rsync: Fix a file sorting determinism issue
rsync: Fix group name determinism issue
libevdev: Update patch status to backport
babeltrace2: Fix reproducibility
cups: Fix reproducibility issues
gcr: Fix reproducibility issue
epiphany: Fix reproducibility issue
epiphany: Fix distributor contamination from /etc/os-release
image: Add directories to PSEUDO_IGNORE_PATHS
populate_sdk: Add directories to PSEUDO_IGNORE_PATHS
bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image
class
bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable
parted: Fix reproducibility issue
Ross Burton (1):
rootfs_deb: handle aarch64 SDK_ARCH
Scott Murray (1):
screen: fix CVE-2021-26937
Stefan Ghinea (2):
wpa-supplicant: fix CVE-2021-0326
cups: fix CVE-2020-10001
Thomas Viehweger (1):
mtd-utils: Remove duplicate assignments to alternative link names
Tomasz Dziendzielski (1):
bitbake.conf: Introduce FAKEROOTLOGS variable used by bitbake to print
pseudo.log
Vivien Didelot (2):
local.conf.sample.extended: prefer INIT_MANAGER
systemd: Fix importd requirements comment
Wang Mingyu (1):
openssl: upgrade 1.1.1i -> 1.1.1j
Wes Lindauer (1):
df.py: Add feature check for read-only-rootfs
Yi Fan Yu (2):
valgrind: Disable ptest nlcontrolc for x86-64
valgrind: Increase timeout duration 30 -> 90 s
Yoann Congal (1):
npm.bbclass: avoid building target nodejs for native npm recipes
Zbigniew Bodek (1):
wpebackend-fdo: Fix missing .so symlink when using dev package
akuster (2):
cve-check.bbclass: add layer to cve log
cve-check: add include/exclude layers
meta/classes/cve-check.bbclass | 21 +
meta/classes/externalsrc.bbclass | 1 +
meta/classes/image.bbclass | 2 +
meta/classes/npm.bbclass | 2 +-
meta/classes/package_rpm.bbclass | 1 +
meta/classes/populate_sdk_base.bbclass | 2 +-
meta/classes/report-error.bbclass | 4 +
meta/classes/rootfs_deb.bbclass | 4 +
meta/conf/bitbake.conf | 6 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/conf/local.conf.sample.extended | 21 +-
meta/lib/oe/recipeutils.py | 2 +-
meta/lib/oe/sstatesig.py | 2 +-
meta/lib/oeqa/runtime/cases/df.py | 2 +
meta/lib/oeqa/runtime/cases/pam.py | 3 +
meta/lib/oeqa/utils/commands.py | 4 +-
.../bind/bind-9.16.7/CVE-2020-8625.patch | 29 +
meta/recipes-connectivity/bind/bind_9.16.7.bb | 1 +
.../{openssl_1.1.1i.bb => openssl_1.1.1j.bb} | 2 +-
.../wpa-supplicant/CVE-2021-0326.patch | 45 +
.../wpa-supplicant/wpa-supplicant_2.9.bb | 1 +
meta/recipes-core/systemd/systemd_246.9.bb | 2 +-
meta/recipes-devtools/git/git.inc | 3 +-
meta/recipes-devtools/git/git/fixsort.patch | 31 +
meta/recipes-devtools/go/go-1.15.inc | 4 +-
...e_1.15.6.bb => go-binary-native_1.15.8.bb} | 4 +-
meta/recipes-devtools/mtd/mtd-utils_git.bb | 2 -
.../python/python3/CVE-2021-23336.patch | 548 +++++++++
meta/recipes-devtools/python/python3_3.8.5.bb | 5 +
.../rsync/files/determism.patch | 28 +
meta/recipes-devtools/rsync/rsync_3.2.3.bb | 3 +-
...Disable-nlcontrolc.vgtest-for-x86-64.patch | 36 +
...est-wrapper-to-support-PTEST-formats.patch | 9 +-
.../valgrind/valgrind_3.16.1.bb | 1 +
.../asciidoc/asciidoc_9.0.2.bb | 2 +-
meta/recipes-extended/cups/cups.inc | 3 +
.../cups/cups/CVE-2020-10001.patch | 74 ++
.../groff/files/0001-Include-config.h.patch | 1026 +----------------
meta/recipes-extended/groff/groff_1.22.4.bb | 11 +
meta/recipes-extended/parted/parted_3.3.bb | 1 +
.../screen/screen/CVE-2021-26937.patch | 68 ++
meta/recipes-extended/screen/screen_4.8.0.bb | 1 +
.../recipes-gnome/epiphany/epiphany_3.36.4.bb | 2 +
.../epiphany/files/distributor.patch | 17 +
.../epiphany/files/migrator.patch | 24 +
meta/recipes-gnome/gcr/gcr_3.36.0.bb | 10 +
.../libsdl2/CVE-2020-14409-14410.patch | 79 ++
.../libsdl2/libsdl2_2.0.12.bb | 1 +
.../xorg-font/xorg-minimal-fonts.bb | 8 +-
...20201218.bb => linux-firmware_20210208.bb} | 4 +-
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../recipes-kernel/lttng/babeltrace2_2.0.3.bb | 2 +-
.../webkit/wpebackend-fdo_1.7.1.bb | 3 +
.../libevdev/libevdev/determinism.patch | 3 +-
scripts/lib/wic/canned-wks/common.wks.inc | 2 +-
scripts/lib/wic/canned-wks/directdisk-gpt.wks | 2 +-
scripts/lib/wic/canned-wks/mkefidisk.wks | 2 +-
scripts/lib/wic/misc.py | 1 +
scripts/lib/wic/partition.py | 38 +
61 files changed, 1171 insertions(+), 1090 deletions(-)
create mode 100644 meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch
rename meta/recipes-connectivity/openssl/{openssl_1.1.1i.bb => openssl_1.1.1j.bb} (98%)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch
create mode 100644 meta/recipes-devtools/git/git/fixsort.patch
rename meta/recipes-devtools/go/{go-binary-native_1.15.6.bb => go-binary-native_1.15.8.bb} (83%)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2021-23336.patch
create mode 100644 meta/recipes-devtools/rsync/files/determism.patch
create mode 100644 meta/recipes-devtools/valgrind/valgrind/0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch
create mode 100644 meta/recipes-extended/cups/cups/CVE-2020-10001.patch
create mode 100644 meta/recipes-extended/screen/screen/CVE-2021-26937.patch
create mode 100644 meta/recipes-gnome/epiphany/files/distributor.patch
create mode 100644 meta/recipes-gnome/epiphany/files/migrator.patch
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2020-14409-14410.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20201218.bb => linux-firmware_20210208.bb} (99%)
--
2.29.2
^ permalink raw reply [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 01/52] local.conf.sample.extended: prefer INIT_MANAGER
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 02/52] rootfs_deb: handle aarch64 SDK_ARCH Anuj Mittal
` (50 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Vivien Didelot <vdidelot@pbsc.com>
Since the INIT_MANAGER variable has been introduced, there is no need
to append the distro features and set the init manager manually.
Replace the busybox/mdev and systemd examples with the 4 values
currently supported for the INIT_MANAGER variable.
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 514454651522f97590d1403c50effd9c79df827a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/conf/local.conf.sample.extended | 21 +++++----------------
1 file changed, 5 insertions(+), 16 deletions(-)
diff --git a/meta/conf/local.conf.sample.extended b/meta/conf/local.conf.sample.extended
index 411717b615..5b04be8892 100644
--- a/meta/conf/local.conf.sample.extended
+++ b/meta/conf/local.conf.sample.extended
@@ -371,23 +371,12 @@
#
#
-# Use busybox/mdev for system initialization
-#
-#VIRTUAL-RUNTIME_dev_manager = "busybox-mdev"
-#VIRTUAL-RUNTIME_login_manager = "busybox"
-#VIRTUAL-RUNTIME_init_manager = "busybox"
-#VIRTUAL-RUNTIME_initscripts = "initscripts"
-#VIRTUAL-RUNTIME_keymaps = "keymaps"
-#DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
-
-#
-# Use systemd for system initialization
+# System initialization
#
-#DISTRO_FEATURES_append = " systemd"
-#DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
-#VIRTUAL-RUNTIME_login_manager = "shadow-base"
-#VIRTUAL-RUNTIME_init_manager = "systemd"
-#VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"
+#INIT_MANAGER = "none"
+#INIT_MANAGER = "sysvinit"
+#INIT_MANAGER = "systemd"
+#INIT_MANAGER = "mdev-busybox"
#
# Use a full set of packages instead of busybox for base utils
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 02/52] rootfs_deb: handle aarch64 SDK_ARCH
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 01/52] local.conf.sample.extended: prefer INIT_MANAGER Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 03/52] xorg-fonts-minimal: Fix reproducibility Anuj Mittal
` (49 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross@burtonini.com>
This class maps from OE architectures to dpkg architectures, but wasn't
handling aarch64 correctly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 315fe8ab3b5bb8a709be98cd8998d4525fbe8725)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/rootfs_deb.bbclass | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/classes/rootfs_deb.bbclass b/meta/classes/rootfs_deb.bbclass
index ef616da229..0469ba7059 100644
--- a/meta/classes/rootfs_deb.bbclass
+++ b/meta/classes/rootfs_deb.bbclass
@@ -32,4 +32,8 @@ python () {
d.setVar('DEB_SDK_ARCH', 'amd64')
elif darch == "arm":
d.setVar('DEB_SDK_ARCH', 'armel')
+ elif darch == "aarch64":
+ d.setVar('DEB_SDK_ARCH', 'arm64')
+ else:
+ bb.fatal("Unhandled SDK_ARCH %s" % darch)
}
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 03/52] xorg-fonts-minimal: Fix reproducibility
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 01/52] local.conf.sample.extended: prefer INIT_MANAGER Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 02/52] rootfs_deb: handle aarch64 SDK_ARCH Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 04/52] xorg-minimal-fonts: Really fix determinism Anuj Mittal
` (48 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
When installing the font files, preserve their timestamp rather than using
the current time which fixes reproducibility issues.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a0c4f4b0182a995f0eb2709cc9b3c852527ab936)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb b/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb
index 1ea08a6c99..e1e470bf34 100644
--- a/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb
+++ b/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb
@@ -26,7 +26,7 @@ RDEPENDS_${PN} += "font-alias"
do_install() {
install -d ${D}/${datadir}/fonts/X11/misc
- install -m 0644 ${S}/* ${D}/${datadir}/fonts/X11/misc/
+ install -m 0644 -p ${S}/* ${D}/${datadir}/fonts/X11/misc/
install -d ${D}/${libdir}/X11
ln -sf ${datadir}/fonts/X11/ ${D}/${libdir}/X11/fonts -s
}
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 04/52] xorg-minimal-fonts: Really fix determinism
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (2 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 03/52] xorg-fonts-minimal: Fix reproducibility Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 05/52] git: Fix determinism issue Anuj Mittal
` (47 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
My previous fix wasn't correct as the file timestamps do vary by git checkout
or modification time and aren't correct here. Instead use a specific
date/time for the files to be deterministic.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 725a30a30052540a4b7fc2933396fe9eb946eeac)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb b/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb
index e1e470bf34..bf8385fe6d 100644
--- a/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb
+++ b/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb
@@ -10,8 +10,12 @@ LIC_FILES_CHKSUM = "file://../misc/fonts.dir;md5=82a143d94d6a974aafe97132d2d519a
SRC_URI = "file://misc"
+SOURCE_DATE_EPOCH = "1613559011"
+
PE = "1"
-PR = "r2"
+PR = "r3"
+HASHEQUIV_HASH_VERSION .= ".1"
+
inherit allarch features_check
@@ -26,7 +30,9 @@ RDEPENDS_${PN} += "font-alias"
do_install() {
install -d ${D}/${datadir}/fonts/X11/misc
- install -m 0644 -p ${S}/* ${D}/${datadir}/fonts/X11/misc/
+ install -m 0644 ${S}/* ${D}/${datadir}/fonts/X11/misc/
+ # Pick a date/time as otherwise it would be the git checkout/modify time
+ touch -d @1613559011 ${D}/${datadir}/fonts/X11/misc/*
install -d ${D}/${libdir}/X11
ln -sf ${datadir}/fonts/X11/ ${D}/${libdir}/X11/fonts -s
}
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 05/52] git: Fix determinism issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (3 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 04/52] xorg-minimal-fonts: Really fix determinism Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 06/52] valgrind: Disable ptest nlcontrolc for x86-64 Anuj Mittal
` (46 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9ae740939f8315c64fe7571f912404127a29dc89)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-devtools/git/git.inc | 3 +-
meta/recipes-devtools/git/git/fixsort.patch | 31 +++++++++++++++++++++
2 files changed, 33 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-devtools/git/git/fixsort.patch
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index 544e23c844..586a305b27 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -7,7 +7,8 @@ DEPENDS = "openssl curl zlib expat"
PROVIDES_append_class-native = " git-replacement-native"
SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
- ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages"
+ ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
+ file://fixsort.patch"
S = "${WORKDIR}/git-${PV}"
diff --git a/meta/recipes-devtools/git/git/fixsort.patch b/meta/recipes-devtools/git/git/fixsort.patch
new file mode 100644
index 0000000000..07a487e8ca
--- /dev/null
+++ b/meta/recipes-devtools/git/git/fixsort.patch
@@ -0,0 +1,31 @@
+[PATCH] generate-configlist.sh: Fix determinism issue
+
+Currently git binaries are not entirely reproducible, at least partly
+due to config-list.h differing in order depending on the system's
+locale settings. Under different locales, the entries:
+
+"sendemail.identity",
+"sendemail.<identity>.*",
+
+would differ in order for example and this leads to differences in
+the debug symbols for the binaries.
+
+This can be fixed by specifying the C locale for the sort in the
+shell script generating the header.
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Upstream-Status: Submitted [https://public-inbox.org/git/f029a942dd3d50d85e60bd37d8e454524987842f.camel@linuxfoundation.org/T/#u]
+
+Index: git-2.30.0/generate-configlist.sh
+===================================================================
+--- git-2.30.0.orig/generate-configlist.sh
++++ git-2.30.0/generate-configlist.sh
+@@ -9,7 +9,7 @@ static const char *config_name_list[] =
+ EOF
+ grep -h '^[a-zA-Z].*\..*::$' Documentation/*config.txt Documentation/config/*.txt |
+ sed '/deprecated/d; s/::$//; s/, */\n/g' |
+- sort |
++ LC_ALL=C sort |
+ sed 's/^.*$/ "&",/'
+ cat <<EOF
+ NULL,
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 06/52] valgrind: Disable ptest nlcontrolc for x86-64
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (4 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 05/52] git: Fix determinism issue Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 07/52] linux-yocto/5.4: update to v5.4.96 Anuj Mittal
` (45 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Yi Fan Yu <yifan.yu@windriver.com>
Test hangs after glibc 2.33 uprev.
Using gdb `p t[0]` to modify the timeout
argument no longer affects how long `select` wait.
https://bugs.kde.org/show_bug.cgi?id=432870
[YOCTO #14223]
Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb991a24952ebf02cf0092c194d2b3a54a8b2e5b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
...Disable-nlcontrolc.vgtest-for-x86-64.patch | 36 +++++++++++++++++++
.../valgrind/valgrind_3.16.1.bb | 1 +
2 files changed, 37 insertions(+)
create mode 100644 meta/recipes-devtools/valgrind/valgrind/0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch
diff --git a/meta/recipes-devtools/valgrind/valgrind/0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch b/meta/recipes-devtools/valgrind/valgrind/0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch
new file mode 100644
index 0000000000..0bd8273cd8
--- /dev/null
+++ b/meta/recipes-devtools/valgrind/valgrind/0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch
@@ -0,0 +1,36 @@
+From d8c19e0bb9ca2fd48f223e1fdeffcafeb0aa1745 Mon Sep 17 00:00:00 2001
+From: Yi Fan Yu <yifan.yu@windriver.com>
+Date: Wed, 17 Feb 2021 14:53:44 -0500
+Subject: [PATCH] gdbserver_tests: Disable nlcontrolc.vgtest for x86-64
+
+Test hangs after glibc 2.33 uprev
+
+Using gdb to modify the timeout argument no longer
+affects how long `select` wait.
+
+https://bugs.kde.org/show_bug.cgi?id=432870
+Upstream-Status: Pending
+Waiting for upstream to take action.
+
+Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
+---
+ gdbserver_tests/nlcontrolc.vgtest | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/gdbserver_tests/nlcontrolc.vgtest b/gdbserver_tests/nlcontrolc.vgtest
+index bb5308403..96d2b52bb 100644
+--- a/gdbserver_tests/nlcontrolc.vgtest
++++ b/gdbserver_tests/nlcontrolc.vgtest
+@@ -13,7 +13,8 @@ args: 1000000000 1000000000 1000000000 BSBSBSBS 1
+ vgopts: --tool=none --vgdb=yes --vgdb-error=0 --vgdb-prefix=./vgdb-prefix-nlcontrolc
+ stderr_filter: filter_stderr
+ # Bug 338633 nlcontrol hangs on arm64 currently.
+-prereq: test -e gdb -a -f vgdb.invoker && ! ../tests/arch_test arm64 && ! ../tests/os_test solaris
++# Bug 432870 nlcontrolc hangs on x86-64 starting with glibc 2.33
++prereq: test -e gdb -a -f vgdb.invoker && ! ../tests/arch_test arm64 && ! ../tests/os_test solaris && ! ../tests/arch_test amd64
+ progB: gdb
+ argsB: --quiet -l 60 --nx ./sleepers
+ stdinB: nlcontrolc.stdinB.gdb
+--
+2.29.2
+
diff --git a/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb b/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb
index 25fa58249c..fc070dec78 100644
--- a/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb
+++ b/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb
@@ -44,6 +44,7 @@ SRC_URI = "https://sourceware.org/pub/valgrind/valgrind-${PV}.tar.bz2 \
file://0001-drd-Port-to-Fedora-33.patch \
file://0001-drd-musl-fix.patch \
file://0001-helgrind-Intercept-libc-functions.patch \
+ file://0001-gdbserver_tests-Disable-nlcontrolc.vgtest-for-x86-64.patch \
"
SRC_URI[md5sum] = "d1b153f1ab17cf1f311705e7a83ef589"
SRC_URI[sha256sum] = "c91f3a2f7b02db0f3bc99479861656154d241d2fdb265614ba918cc6720a33ca"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 07/52] linux-yocto/5.4: update to v5.4.96
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (5 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 06/52] valgrind: Disable ptest nlcontrolc for x86-64 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 08/52] linux-yocto/5.4: update to v5.4.98 Anuj Mittal
` (44 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
d4716ee8751b Linux 5.4.96
b1a1c262e4b0 workqueue: Restrict affinity change to rescuer
5b1e4fc2984e kthread: Extract KTHREAD_IS_PER_CPU
2d7ca4a84b58 objtool: Don't fail on missing symbol table
88240f7ac221 drm/amd/display: Change function decide_dp_link_settings to avoid infinite looping
53c10bbf9186 drm/amd/display: Update dram_clock_change_latency for DCN2.1
c6eb3dfdac44 selftests/powerpc: Only test lwm/stmw on big endian
805e9cdb5793 nvme: check the PRINFO bit before deciding the host buffer length
8e59209d53c9 udf: fix the problem that the disc content is not displayed
2d1593543418 ALSA: hda: Add Cometlake-R PCI ID
c03ecc192c8e scsi: ibmvfc: Set default timeout to avoid crash during migration
02cc1ee3e8d1 mac80211: fix fast-rx encryption check
efd061fc77f3 ASoC: SOF: Intel: hda: Resume codec to do jack detection
e0f1ba38f788 scsi: fnic: Fix memleak in vnic_dev_init_devcmd2
935fa0d5a5c5 scsi: libfc: Avoid invoking response handler twice if ep is already completed
335bbffdd90c scsi: scsi_transport_srp: Don't block target in failfast state
b1f680ffc25b x86: __always_inline __{rd,wr}msr()
d1aed452c05f platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352
c99ac7213638 platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on Estar Beauty HD tablet
6f705e80fb87 phy: cpcap-usb: Fix warning for missing regulator_disable
fd4c12f31209 net_sched: gen_estimator: support large ewma log
27afc7128345 btrfs: backref, use correct count to resolve normal data refs
66bcf5f6f989 btrfs: backref, only search backref entries from leaves of the same root
c3089b06d6fe btrfs: backref, don't add refs from shared block when resolving normal backref
21a0c97fb27c btrfs: backref, only collect file extent items matching backref offset
1960c3d40b69 tcp: make TCP_USER_TIMEOUT accurate for zero window probes
55cb8e232f9a arm64: Do not pass tagged addresses to __is_lm_address()
b28387cf8f1c arm64: Fix kernel address detection of __is_lm_address()
11084836e5fb ACPI: thermal: Do not call acpi_thermal_check() directly
1410d2b68207 Revert "Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT""
5e8776df14fa ibmvnic: Ensure that CRQ entry read are correctly ordered
bc4e7277cc93 net: switchdev: don't set port_obj_info->handled true when -EOPNOTSUPP
9edebe46010c net: dsa: bcm_sf2: put device node before return
e89428970c23 Linux 5.4.95
e7aeca61cb9b tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
3e93b9efc3bb team: protect features update by RCU to avoid deadlock
489e35c6829a ASoC: topology: Fix memory corruption in soc_tplg_denum_create_values()
9a4d367b2783 NFC: fix possible resource leak
c929c76e98b0 NFC: fix resource leak when target index is invalid
b2f4a59a2216 rxrpc: Fix memory leak in rxrpc_lookup_local
6d25d788efa4 iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
66f4f98ee363 iommu/vt-d: Gracefully handle DMAR units with no supported address widths
0551a2fd456c selftests: forwarding: Specify interface when invoking mausezahn
e4405451dd6e nvme-multipath: Early exit if no path is available
64a4ec1850f7 can: dev: prevent potential information leak in can_fill_info()
4dc2395d8f14 net/mlx5e: Reduce tc unsupported key print level
a66705277baf net/mlx5e: E-switch, Fix rate calculation for overflow
dbc13deeec6a net/mlx5: Fix memory leak on flow table creation error flow
02ef126a002d igc: fix link speed advertising
873d1a4740d6 i40e: acquire VSI pointer only after VF is initialized
cf9276211563 mac80211: pause TX while changing interface type
46c67a4c1a76 iwlwifi: pcie: reschedule in long-running memory reads
563daf7c0f4a iwlwifi: pcie: use jiffies for memory read spin time limit
f39fce916a7b pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
a3c5fec1e09f ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete
748c2cd57615 RDMA/cxgb4: Fix the reported max_recv_sge value
72797bfc5f77 firmware: imx: select SOC_BUS to fix firmware build
347feca03881 ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
f7c6e6c9b62c arm64: dts: ls1028a: fix the offset of the reset register
78fc9ef35d18 xfrm: Fix wraparound in xfrm_policy_addr_delta()
f5e7db4fcd38 selftests: xfrm: fix test return value override issue in xfrm_policy.sh
dac256de1fe2 xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
a7edea0fe85a xfrm: Fix oops in xfrm_replay_advance_bmp
deb8d5dfeb63 netfilter: nft_dynset: add timeout extension to template
347a1a20b195 ARM: imx: build suspend-imx6.S with arm instruction set
61bdab3d770b xen-blkfront: allow discard-* nodes to be optional
65543408f257 tee: optee: replace might_sleep with cond_resched
ad3d896ef55c drm/i915: Check for all subplatform bits
59546420c51b drm/nouveau/svm: fail NOUVEAU_SVM_INIT ioctl on unsupported devices
37ef9b59f479 mt7601u: fix rx buffer refcounting
77771158182f mt7601u: fix kernel crash unplugging the device
2c4f52b9cddf arm64: dts: broadcom: Fix USB DMA address translation for Stingray
6aceac245059 leds: trigger: fix potential deadlock with libata
2c7b4b25293a xen: Fix XenStore initialisation for XS_LOCAL
632a7728da9b KVM: Forbid the use of tagged userspace addresses for memslots
ba668a507788 KVM: x86: get smi pending status correctly
ff5f6de29faf KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
2fc14cafefb3 KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh()
c547d39feb65 KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[]
e1ae9aab8029 btrfs: fix possible free space tree corruption with online conversion
d30cb3d348b8 drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
082dc611fdc8 drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
53fd4e4003a6 PM: hibernate: flush swap writer after marking
7f9a267c67af s390/vfio-ap: No need to disable IRQ after queue reset
9077bc37d2d1 net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
8aba60ebcfc3 wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
720032d3dc84 ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
b24dc0aa7e9b media: rc: ensure that uevent can be read directly after rc device register
5d6fd0357057 ALSA: hda/via: Apply the workaround generically for Clevo machines
f78803928481 ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256
8de2109f4670 kernel: kexec: remove the lock operation of system_transition_mutex
93603a27fc31 ACPI: sysfs: Prefer "compatible" modalias
587c6b75d7fd nbd: freeze the queue while we're adding connections
b8fcb8f53995 IPv6: reply ICMP error if the first fragment don't include all headers
1f58e378a17e ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b39a6de2c1175e4554c688a44c905c24367fa57a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../linux/linux-yocto-rt_5.4.bb | 6 ++---
.../linux/linux-yocto-tiny_5.4.bb | 8 +++----
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +++++++++----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index f280e0efbd..0047667c0d 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "84a6ec1f97d6b6afebe3514e772536342a4189fc"
-SRCREV_meta ?= "e120076c07e69166ebeac0eee011c085bbde2139"
+SRCREV_machine ?= "d713e8f61a93d8f6e8c1960b2478f19ba616f1e1"
+SRCREV_meta ?= "ab2e5b4ded74e18c58efd99ca6f1661a4f299255"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.94"
+LINUX_VERSION ?= "5.4.96"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index bd21c619c9..63e452641c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.94"
+LINUX_VERSION ?= "5.4.96"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "768311f24c5d817e7cb9ee0803790ee284e9ff30"
-SRCREV_machine ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_meta ?= "e120076c07e69166ebeac0eee011c085bbde2139"
+SRCREV_machine_qemuarm ?= "7ddf91d07b54aaf7d9160375b7a084dd115684b1"
+SRCREV_machine ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_meta ?= "ab2e5b4ded74e18c58efd99ca6f1661a4f299255"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 9c616f7a07..73cc1e909c 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "17b04c3b496d6a89d5de8ef97ce8c2675ac19814"
-SRCREV_machine_qemuarm64 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_machine_qemumips ?= "4b4534a5bb1e765574349baf31dddceb521e6bec"
-SRCREV_machine_qemuppc ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_machine_qemuriscv64 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_machine_qemux86 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_machine_qemux86-64 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_machine_qemumips64 ?= "a3b16f0dc7b90e68e5a7d38e0ab70cbe290ec9a6"
-SRCREV_machine ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_meta ?= "e120076c07e69166ebeac0eee011c085bbde2139"
+SRCREV_machine_qemuarm ?= "e35ee9d9faf9994d4987746db31e9122732d4066"
+SRCREV_machine_qemuarm64 ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_machine_qemumips ?= "76bd925d349e98d13f23aed590d3cdb811beea7d"
+SRCREV_machine_qemuppc ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_machine_qemuriscv64 ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_machine_qemux86 ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_machine_qemux86-64 ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_machine_qemumips64 ?= "6da088d17f3a6038e01627b47e499899be55f6e2"
+SRCREV_machine ?= "621e232db8554748a51c80f522ec759303cde5d2"
+SRCREV_meta ?= "ab2e5b4ded74e18c58efd99ca6f1661a4f299255"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.94"
+LINUX_VERSION ?= "5.4.96"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 08/52] linux-yocto/5.4: update to v5.4.98
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (6 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 07/52] linux-yocto/5.4: update to v5.4.96 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 09/52] groff: Fix determinism issue Anuj Mittal
` (43 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
5b9a4104c902 Linux 5.4.98
3654a0ed0bdc squashfs: add more sanity checks in xattr id lookup
d78a70667738 squashfs: add more sanity checks in inode lookup
a814355e7057 squashfs: add more sanity checks in id lookup
848bcb0a1d96 Fix unsynchronized access to sev members through svm_register_enc_region
78e2f71b89b2 bpf: Fix 32 bit src register truncation on div/mod
8589eda99cb1 regulator: Fix lockdep warning resolving supplies
513fee2aee13 blk-cgroup: Use cond_resched() when destroy blkgs
d1eb41833408 i2c: mediatek: Move suspend and resume handling to NOIRQ phase
618b65dbde7a SUNRPC: Handle 0 length opaque XDR object data properly
19b56e8433e7 SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
fa758032a546 iwlwifi: mvm: guard against device removal in reprobe
2fa76f19dc15 iwlwifi: mvm: invalidate IDs of internal stations at mvm start
c82793ef4f3b iwlwifi: pcie: fix context info memory leak
b301eaf27f86 iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
01742ade9286 iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time()
8f630ed7e98e iwlwifi: mvm: skip power command when unbinding vif during CSA
589cf152fe47 ASoC: ak4458: correct reset polarity
e96d10250227 pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process()
a5c70e57c4c1 chtls: Fix potential resource leak
8b6d5013cd70 ASoC: Intel: Skylake: Zero snd_ctl_elem_value
db272cd2bc9e mac80211: 160MHz with extended NSS BW in CSA
26548561cb92 regulator: core: avoid regulator_resolve_supply() race condition
03d76df5f164 af_key: relax availability checks for skb size calculation
968b1b034136 tracing/kprobe: Fix to support kretprobe events on unloaded modules
5e1942063dc3 Linux 5.4.97
40af962eb1d4 usb: host: xhci: mvebu: make USB 3.0 PHY optional for Armada 3720
76ab33055fbc net: sched: replaced invalid qdisc tree flush helper in qdisc_replace
e65d331755de net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
5d3007b6cc7b net: ip_tunnel: fix mtu calculation
90d7459d24b8 neighbour: Prevent a dead entry from updating gc_list
271ea7072901 igc: Report speed and duplex as unknown when device is runtime suspended
7018edb19a92 md: Set prev_flush_start and flush_bio in an atomic way
e857e21eb200 iommu/vt-d: Do not use flush-queue when caching-mode is on
5fdf672759e9 Input: xpad - sync supported devices with fork on GitHub
03d56dab56ae iwlwifi: mvm: don't send RFH_QUEUE_CONFIG_CMD with no queues
2d5705150707 x86/apic: Add extra serialization for non-serializing MSRs
bc1a3aeeff0f x86/build: Disable CET instrumentation in the kernel
40d0fff29761 mm: thp: fix MADV_REMOVE deadlock on shmem THP
56d61cd652dd mm, compaction: move high_pfn to the for loop scope
90ef21e5806f mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
af5508b1e862 mm: hugetlb: fix a race between isolating and freeing page
3264a763174f mm: hugetlb: fix a race between freeing and dissolving the page
108f56ed354f mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
75be4852490f ARM: footbridge: fix dc21285 PCI configuration accessors
b2640b08c43c KVM: x86: Update emulator context mode if SYSENTER xfers to 64-bit mode
6d3201c77be5 KVM: SVM: Treat SVM as unsupported when running as an SEV guest
f9be9445e494 nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
f9034fcb27c0 drm/amd/display: Revert "Fix EDID parsing after resume from suspend"
6844143e2198 mmc: core: Limit retries when analyse of SDIO tuples fails
68c825bd2726 smb3: fix crediting for compounding when only one request in flight
eaf2f835b52c smb3: Fix out-of-bounds bug in SMB2_negotiate()
00f581964b66 cifs: report error instead of invalid when revalidating a dentry fails
fd6dc98f66ef xhci: fix bounce buffer usage for non-sg list case
f6a47f2ce090 genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
c9654bbe52b5 libnvdimm/dimm: Avoid race between probe and available_slots_show()
d0f36951ead4 kretprobe: Avoid re-registration of the same kretprobe earlier
e80f9021d5be fgraph: Initialize tracing_graph_pause at task creation
efa17285b338 mac80211: fix station rate table updates on assoc
ecdd962c4b9b ovl: fix dentry leak in ovl_get_redirect
6b9a2e5c0c42 usb: host: xhci-plat: add priv quirk for skip PHY initialization
ddc682d33024 usb: xhci-mtk: break loop when find the endpoint to drop
32410786279f usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints
f4e4f067f94c usb: xhci-mtk: fix unreleased bandwidth data
1f9e9c1048b8 usb: dwc3: fix clock issue during resume in OTG mode
9d058a06149b usb: dwc2: Fix endpoint direction check in ep_from_windex
2a968ab0d2dd usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
4d1d959348c1 USB: usblp: don't call usb_set_interface if there's a single alt
522567fe540d USB: gadget: legacy: fix an error code in eth_bind()
e57d70c59bb7 memblock: do not start bottom-up allocations with kernel_end
7e6dcaeadc0e nvmet-tcp: fix out-of-bounds access when receiving multiple h2cdata PDUs
f1c87b4b2c7b ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode
d97a821b2e9c r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set
c545879e8080 net: mvpp2: TCAM entry enable should be written after SRAM data
bf0507fb2073 net: lapb: Copy the skb before sending a packet
1cef1d46add8 net/mlx5: Fix leak upon failure of rule creation
67b7f73bbe3f i40e: Revert "i40e: don't report link up for a VF who hasn't enabled queues"
6380ef64b9eb igc: check return value of ret_val in igc_config_fc_after_link_up
ec68581f7479 igc: set the default return value to -IGC_ERR_NVM in igc_write_nvm_srwr
5ce999efcaa7 arm64: dts: ls1046a: fix dcfg address range
68e798fa3c0e rxrpc: Fix deadlock around release of dst cached on udp tunnel
98650c3d0e33 um: virtio: free vu_dev only with the contained struct device
02531b5549eb bpf, cgroup: Fix problematic bounds check
9146fffc5d2a bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
4921f81ce65a arm64: dts: rockchip: fix vopl iommu irq on px30
831132b13f0d arm64: dts: amlogic: meson-g12: Set FL-adj property value
829bf438cb39 Input: i8042 - unbreak Pegatron C15B
0d6e0a192e2e arm64: dts: qcom: c630: keep both touchpad devices enabled
96dcfabef504 USB: serial: option: Adding support for Cinterion MV31
5ad95c521fd5 USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
dfa820563c67 USB: serial: cp210x: add pid/vid for WSDA-200-USB
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98bb6a3cb528abe02b6edc291d05e240985ca80e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../linux/linux-yocto-rt_5.4.bb | 6 ++---
.../linux/linux-yocto-tiny_5.4.bb | 8 +++----
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +++++++++----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 0047667c0d..d5b6b642e5 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "d713e8f61a93d8f6e8c1960b2478f19ba616f1e1"
-SRCREV_meta ?= "ab2e5b4ded74e18c58efd99ca6f1661a4f299255"
+SRCREV_machine ?= "0406e600800a40015d02b16ee6a4a46c6673c66f"
+SRCREV_meta ?= "4f6d6c23cc8ca5d9c39b1efc2619b1dfec1ef2bc"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.96"
+LINUX_VERSION ?= "5.4.98"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 63e452641c..ff03fd4197 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.96"
+LINUX_VERSION ?= "5.4.98"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "7ddf91d07b54aaf7d9160375b7a084dd115684b1"
-SRCREV_machine ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_meta ?= "ab2e5b4ded74e18c58efd99ca6f1661a4f299255"
+SRCREV_machine_qemuarm ?= "fc95a485415d22eb772359b8d350c03b85c0cd1b"
+SRCREV_machine ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_meta ?= "4f6d6c23cc8ca5d9c39b1efc2619b1dfec1ef2bc"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 73cc1e909c..7fdb1e93e9 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "e35ee9d9faf9994d4987746db31e9122732d4066"
-SRCREV_machine_qemuarm64 ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_machine_qemumips ?= "76bd925d349e98d13f23aed590d3cdb811beea7d"
-SRCREV_machine_qemuppc ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_machine_qemuriscv64 ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_machine_qemux86 ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_machine_qemux86-64 ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_machine_qemumips64 ?= "6da088d17f3a6038e01627b47e499899be55f6e2"
-SRCREV_machine ?= "621e232db8554748a51c80f522ec759303cde5d2"
-SRCREV_meta ?= "ab2e5b4ded74e18c58efd99ca6f1661a4f299255"
+SRCREV_machine_qemuarm ?= "28bc6b294bb1e49da671b2848234f9011efcad88"
+SRCREV_machine_qemuarm64 ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_machine_qemumips ?= "105568d1696f86625cf7bc30d8c5c921732de2f4"
+SRCREV_machine_qemuppc ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_machine_qemuriscv64 ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_machine_qemux86 ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_machine_qemux86-64 ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_machine_qemumips64 ?= "c76ba20ee1b1de859736f85f0210459c2104b8df"
+SRCREV_machine ?= "2d0a4ea86fe97f13a4bc2a92a097e4edb51d737d"
+SRCREV_meta ?= "4f6d6c23cc8ca5d9c39b1efc2619b1dfec1ef2bc"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.96"
+LINUX_VERSION ?= "5.4.98"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 09/52] groff: Fix determinism issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (7 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 08/52] linux-yocto/5.4: update to v5.4.98 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 10/52] df.py: Add feature check for read-only-rootfs Anuj Mittal
` (42 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Sometimes bison would regenerate source files and sometimes it would not
This is likely related to the patching of generated files by on of the
patches.
Drop those changes and force the files to regenerate in all cases since
we depend on bison-native anyway. This ensures the results are always
consistent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4449fa226e94f7124215c5ead43aadda7967f3af)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../groff/files/0001-Include-config.h.patch | 1026 +----------------
meta/recipes-extended/groff/groff_1.22.4.bb | 11 +
2 files changed, 14 insertions(+), 1023 deletions(-)
diff --git a/meta/recipes-extended/groff/files/0001-Include-config.h.patch b/meta/recipes-extended/groff/files/0001-Include-config.h.patch
index 348a61d9df..46065bc513 100644
--- a/meta/recipes-extended/groff/files/0001-Include-config.h.patch
+++ b/meta/recipes-extended/groff/files/0001-Include-config.h.patch
@@ -17,6 +17,9 @@ In file included from TOPDIR/build/tmp/work/aarch64-yoe-linux-musl/groff/1.22.4-
^
./lib/math.h:40:1: error: unknown type name '_GL_INLINE_HEADER_BEGIN'
+We delete eqn.cpp and qen.hpp in do_configure
+to ensure they're regenerated and deterministic.
+
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
@@ -140,1029 +143,6 @@ index f95c05e..d875045 100644
#include <string.h>
#include <stdlib.h>
-diff --git a/src/preproc/eqn/eqn.cpp b/src/preproc/eqn/eqn.cpp
-index 4ede465..fdd9484 100644
---- a/src/preproc/eqn/eqn.cpp
-+++ b/src/preproc/eqn/eqn.cpp
-@@ -1,8 +1,9 @@
--/* A Bison parser, made by GNU Bison 3.2. */
-+/* A Bison parser, made by GNU Bison 3.4.1. */
-
- /* Bison implementation for Yacc-like parsers in C
-
-- Copyright (C) 1984, 1989-1990, 2000-2015, 2018 Free Software Foundation, Inc.
-+ Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2019 Free Software Foundation,
-+ Inc.
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
-@@ -47,7 +48,7 @@
- #define YYBISON 1
-
- /* Bison version. */
--#define YYBISON_VERSION "3.2"
-+#define YYBISON_VERSION "3.4.1"
-
- /* Skeleton name. */
- #define YYSKELETON_NAME "yacc.c"
-@@ -65,7 +66,11 @@
-
-
- /* First part of user prologue. */
--#line 18 "../src/preproc/eqn/eqn.ypp" /* yacc.c:338 */
-+#line 18 "src/preproc/eqn/eqn.ypp"
-+
-+#if HAVE_CONFIG_H
-+# include <config.h>
-+#endif
-
- #include <stdio.h>
- #include <string.h>
-@@ -77,7 +82,8 @@ extern int non_empty_flag;
- int yylex();
- void yyerror(const char *);
-
--#line 81 "src/preproc/eqn/eqn.cpp" /* yacc.c:338 */
-+#line 86 "src/preproc/eqn/eqn.cpp"
-+
- # ifndef YY_NULLPTR
- # if defined __cplusplus
- # if 201103L <= __cplusplus
-@@ -98,8 +104,8 @@ void yyerror(const char *);
- # define YYERROR_VERBOSE 0
- #endif
-
--/* In a future release of Bison, this section will be replaced
-- by #include "y.tab.h". */
-+/* Use api.header.include to #include this header
-+ instead of duplicating it here. */
- #ifndef YY_YY_SRC_PREPROC_EQN_EQN_HPP_INCLUDED
- # define YY_YY_SRC_PREPROC_EQN_EQN_HPP_INCLUDED
- /* Debug traces. */
-@@ -237,10 +243,9 @@ extern int yydebug;
-
- /* Value type. */
- #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
--
- union YYSTYPE
- {
--#line 30 "../src/preproc/eqn/eqn.ypp" /* yacc.c:353 */
-+#line 34 "src/preproc/eqn/eqn.ypp"
-
- char *str;
- box *b;
-@@ -249,9 +254,9 @@ union YYSTYPE
- int n;
- column *col;
-
--#line 253 "src/preproc/eqn/eqn.cpp" /* yacc.c:353 */
--};
-+#line 258 "src/preproc/eqn/eqn.cpp"
-
-+};
- typedef union YYSTYPE YYSTYPE;
- # define YYSTYPE_IS_TRIVIAL 1
- # define YYSTYPE_IS_DECLARED 1
-@@ -366,6 +371,8 @@ typedef short yytype_int16;
- #endif
-
-
-+#define YY_ASSERT(E) ((void) (0 && (E)))
-+
- #if ! defined yyoverflow || YYERROR_VERBOSE
-
- /* The parser invokes alloca or malloc; define the necessary symbols. */
-@@ -508,16 +515,16 @@ union yyalloc
- /* YYNSTATES -- Number of states. */
- #define YYNSTATES 142
-
--/* YYTRANSLATE[YYX] -- Symbol number corresponding to YYX as returned
-- by yylex, with out-of-bounds checking. */
- #define YYUNDEFTOK 2
- #define YYMAXUTOK 315
-
-+/* YYTRANSLATE(TOKEN-NUM) -- Symbol number corresponding to TOKEN-NUM
-+ as returned by yylex, with out-of-bounds checking. */
- #define YYTRANSLATE(YYX) \
- ((unsigned) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK)
-
- /* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM
-- as returned by yylex, without out-of-bounds checking. */
-+ as returned by yylex. */
- static const yytype_uint8 yytranslate[] =
- {
- 0, 2, 2, 2, 2, 2, 2, 2, 2, 63,
-@@ -558,14 +565,14 @@ static const yytype_uint8 yytranslate[] =
- /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */
- static const yytype_uint16 yyrline[] =
- {
-- 0, 121, 121, 123, 128, 130, 141, 143, 145, 150,
-- 152, 154, 156, 158, 163, 165, 167, 169, 174, 176,
-- 181, 183, 185, 190, 192, 194, 196, 198, 200, 202,
-- 204, 206, 208, 210, 212, 214, 216, 218, 220, 222,
-- 224, 226, 228, 230, 232, 234, 236, 238, 240, 242,
-- 244, 246, 248, 250, 252, 254, 259, 269, 271, 276,
-- 278, 283, 285, 290, 292, 297, 299, 304, 306, 308,
-- 310, 314, 316, 321, 323, 325
-+ 0, 125, 125, 127, 132, 134, 145, 147, 149, 154,
-+ 156, 158, 160, 162, 167, 169, 171, 173, 178, 180,
-+ 185, 187, 189, 194, 196, 198, 200, 202, 204, 206,
-+ 208, 210, 212, 214, 216, 218, 220, 222, 224, 226,
-+ 228, 230, 232, 234, 236, 238, 240, 242, 244, 246,
-+ 248, 250, 252, 254, 256, 258, 263, 273, 275, 280,
-+ 282, 287, 289, 294, 296, 301, 303, 308, 310, 312,
-+ 314, 318, 320, 325, 327, 329
- };
- #endif
-
-@@ -818,22 +825,22 @@ static const yytype_uint8 yyr2[] =
-
- #define YYRECOVERING() (!!yyerrstatus)
-
--#define YYBACKUP(Token, Value) \
--do \
-- if (yychar == YYEMPTY) \
-- { \
-- yychar = (Token); \
-- yylval = (Value); \
-- YYPOPSTACK (yylen); \
-- yystate = *yyssp; \
-- goto yybackup; \
-- } \
-- else \
-- { \
-- yyerror (YY_("syntax error: cannot back up")); \
-- YYERROR; \
-- } \
--while (0)
-+#define YYBACKUP(Token, Value) \
-+ do \
-+ if (yychar == YYEMPTY) \
-+ { \
-+ yychar = (Token); \
-+ yylval = (Value); \
-+ YYPOPSTACK (yylen); \
-+ yystate = *yyssp; \
-+ goto yybackup; \
-+ } \
-+ else \
-+ { \
-+ yyerror (YY_("syntax error: cannot back up")); \
-+ YYERROR; \
-+ } \
-+ while (0)
-
- /* Error token number */
- #define YYTERROR 1
-@@ -948,7 +955,7 @@ yy_reduce_print (yytype_int16 *yyssp, YYSTYPE *yyvsp, int yyrule)
- YYFPRINTF (stderr, " $%d = ", yyi + 1);
- yy_symbol_print (stderr,
- yystos[yyssp[yyi + 1 - yynrhs]],
-- &(yyvsp[(yyi + 1) - (yynrhs)])
-+ &yyvsp[(yyi + 1) - (yynrhs)]
- );
- YYFPRINTF (stderr, "\n");
- }
-@@ -1052,7 +1059,10 @@ yytnamerr (char *yyres, const char *yystr)
- case '\\':
- if (*++yyp != '\\')
- goto do_not_strip_quotes;
-- /* Fall through. */
-+ else
-+ goto append;
-+
-+ append:
- default:
- if (yyres)
- yyres[yyn] = *yyp;
-@@ -1148,10 +1158,10 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
- yyarg[yycount++] = yytname[yyx];
- {
- YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULLPTR, yytname[yyx]);
-- if (! (yysize <= yysize1
-- && yysize1 <= YYSTACK_ALLOC_MAXIMUM))
-+ if (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)
-+ yysize = yysize1;
-+ else
- return 2;
-- yysize = yysize1;
- }
- }
- }
-@@ -1175,9 +1185,10 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
-
- {
- YYSIZE_T yysize1 = yysize + yystrlen (yyformat);
-- if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM))
-+ if (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)
-+ yysize = yysize1;
-+ else
- return 2;
-- yysize = yysize1;
- }
-
- if (*yymsg_alloc < yysize)
-@@ -1303,23 +1314,33 @@ yyparse (void)
- yychar = YYEMPTY; /* Cause a token to be read. */
- goto yysetstate;
-
-+
- /*------------------------------------------------------------.
--| yynewstate -- Push a new state, which is found in yystate. |
-+| yynewstate -- push a new state, which is found in yystate. |
- `------------------------------------------------------------*/
-- yynewstate:
-+yynewstate:
- /* In all cases, when you get here, the value and location stacks
- have just been pushed. So pushing a state here evens the stacks. */
- yyssp++;
-
-- yysetstate:
-+
-+/*--------------------------------------------------------------------.
-+| yynewstate -- set current state (the top of the stack) to yystate. |
-+`--------------------------------------------------------------------*/
-+yysetstate:
-+ YYDPRINTF ((stderr, "Entering state %d\n", yystate));
-+ YY_ASSERT (0 <= yystate && yystate < YYNSTATES);
- *yyssp = (yytype_int16) yystate;
-
- if (yyss + yystacksize - 1 <= yyssp)
-+#if !defined yyoverflow && !defined YYSTACK_RELOCATE
-+ goto yyexhaustedlab;
-+#else
- {
- /* Get the current used size of the three stacks, in elements. */
- YYSIZE_T yysize = (YYSIZE_T) (yyssp - yyss + 1);
-
--#ifdef yyoverflow
-+# if defined yyoverflow
- {
- /* Give user a chance to reallocate the stack. Use copies of
- these so that the &'s don't force the real ones into
-@@ -1338,10 +1359,7 @@ yyparse (void)
- yyss = yyss1;
- yyvs = yyvs1;
- }
--#else /* no yyoverflow */
--# ifndef YYSTACK_RELOCATE
-- goto yyexhaustedlab;
--# else
-+# else /* defined YYSTACK_RELOCATE */
- /* Extend the stack our own way. */
- if (YYMAXDEPTH <= yystacksize)
- goto yyexhaustedlab;
-@@ -1357,12 +1375,11 @@ yyparse (void)
- goto yyexhaustedlab;
- YYSTACK_RELOCATE (yyss_alloc, yyss);
- YYSTACK_RELOCATE (yyvs_alloc, yyvs);
--# undef YYSTACK_RELOCATE
-+# undef YYSTACK_RELOCATE
- if (yyss1 != yyssa)
- YYSTACK_FREE (yyss1);
- }
- # endif
--#endif /* no yyoverflow */
-
- yyssp = yyss + yysize - 1;
- yyvsp = yyvs + yysize - 1;
-@@ -1373,19 +1390,18 @@ yyparse (void)
- if (yyss + yystacksize - 1 <= yyssp)
- YYABORT;
- }
--
-- YYDPRINTF ((stderr, "Entering state %d\n", yystate));
-+#endif /* !defined yyoverflow && !defined YYSTACK_RELOCATE */
-
- if (yystate == YYFINAL)
- YYACCEPT;
-
- goto yybackup;
-
-+
- /*-----------.
- | yybackup. |
- `-----------*/
- yybackup:
--
- /* Do appropriate processing given the current state. Read a
- lookahead token if we need one and don't already have one. */
-
-@@ -1443,7 +1459,6 @@ yybackup:
- YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
- *++yyvsp = yylval;
- YY_IGNORE_MAYBE_UNINITIALIZED_END
--
- goto yynewstate;
-
-
-@@ -1458,7 +1473,7 @@ yydefault:
-
-
- /*-----------------------------.
--| yyreduce -- Do a reduction. |
-+| yyreduce -- do a reduction. |
- `-----------------------------*/
- yyreduce:
- /* yyn is the number of a rule to reduce with. */
-@@ -1478,20 +1493,20 @@ yyreduce:
- YY_REDUCE_PRINT (yyn);
- switch (yyn)
- {
-- case 3:
--#line 124 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+ case 3:
-+#line 128 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].b)->top_level(); non_empty_flag = 1; }
--#line 1485 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1500 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 4:
--#line 129 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 133 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[0].b); }
--#line 1491 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1506 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 5:
--#line 131 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 135 "src/preproc/eqn/eqn.ypp"
- {
- list_box *lb = (yyvsp[-1].b)->to_list_box();
- if (!lb)
-@@ -1499,436 +1514,437 @@ yyreduce:
- lb->append((yyvsp[0].b));
- (yyval.b) = lb;
- }
--#line 1503 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1518 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 6:
--#line 142 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 146 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[0].b); }
--#line 1509 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1524 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 7:
--#line 144 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 148 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_mark_box((yyvsp[0].b)); }
--#line 1515 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1530 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 8:
--#line 146 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 150 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_lineup_box((yyvsp[0].b)); }
--#line 1521 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1536 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 9:
--#line 151 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 155 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[0].b); }
--#line 1527 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1542 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 10:
--#line 153 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 157 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_limit_box((yyvsp[-2].b), 0, (yyvsp[0].b)); }
--#line 1533 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1548 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 11:
--#line 155 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 159 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_limit_box((yyvsp[-2].b), (yyvsp[0].b), 0); }
--#line 1539 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1554 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 12:
--#line 157 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 161 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_limit_box((yyvsp[-4].b), (yyvsp[-2].b), (yyvsp[0].b)); }
--#line 1545 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1560 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 13:
--#line 159 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 163 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_limit_box((yyvsp[-4].b), make_limit_box((yyvsp[-2].b), (yyvsp[0].b), 0), 0); }
--#line 1551 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1566 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 14:
--#line 164 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 168 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[0].b); }
--#line 1557 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1572 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 15:
--#line 166 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 170 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_sqrt_box((yyvsp[0].b)); }
--#line 1563 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1578 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 16:
--#line 168 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 172 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_over_box((yyvsp[-2].b), (yyvsp[0].b)); }
--#line 1569 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1584 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 17:
--#line 170 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 174 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_small_over_box((yyvsp[-2].b), (yyvsp[0].b)); }
--#line 1575 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1590 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 18:
--#line 175 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 179 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[0].b); }
--#line 1581 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1596 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 19:
--#line 177 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 181 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_script_box((yyvsp[-2].b), 0, (yyvsp[0].b)); }
--#line 1587 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1602 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 20:
--#line 182 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 186 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[0].b); }
--#line 1593 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1608 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 21:
--#line 184 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 188 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_script_box((yyvsp[-2].b), (yyvsp[0].b), 0); }
--#line 1599 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1614 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 22:
--#line 186 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 190 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_script_box((yyvsp[-4].b), (yyvsp[-2].b), (yyvsp[0].b)); }
--#line 1605 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1620 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 23:
--#line 191 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 195 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = split_text((yyvsp[0].str)); }
--#line 1611 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1626 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 24:
--#line 193 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 197 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new quoted_text_box((yyvsp[0].str)); }
--#line 1617 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1632 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 25:
--#line 195 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 199 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = split_text((yyvsp[0].str)); }
--#line 1623 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1638 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 26:
--#line 197 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 201 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new quoted_text_box((yyvsp[0].str)); }
--#line 1629 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1644 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 27:
--#line 199 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 203 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new half_space_box; }
--#line 1635 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1650 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 28:
--#line 201 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 205 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new space_box; }
--#line 1641 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1656 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 29:
--#line 203 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 207 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new tab_box; }
--#line 1647 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1662 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 30:
--#line 205 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 209 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[-1].b); }
--#line 1653 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1668 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 31:
--#line 207 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 211 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].pb)->set_alignment(CENTER_ALIGN); (yyval.b) = (yyvsp[0].pb); }
--#line 1659 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1674 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 32:
--#line 209 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 213 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].pb)->set_alignment(LEFT_ALIGN); (yyval.b) = (yyvsp[0].pb); }
--#line 1665 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1680 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 33:
--#line 211 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 215 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].pb)->set_alignment(RIGHT_ALIGN); (yyval.b) = (yyvsp[0].pb); }
--#line 1671 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1686 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 34:
--#line 213 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 217 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].pb)->set_alignment(CENTER_ALIGN); (yyval.b) = (yyvsp[0].pb); }
--#line 1677 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1692 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 35:
--#line 215 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 219 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = (yyvsp[-1].mb); }
--#line 1683 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1698 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 36:
--#line 217 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 221 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_delim_box((yyvsp[-3].str), (yyvsp[-2].b), (yyvsp[0].str)); }
--#line 1689 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1704 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 37:
--#line 219 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 223 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_delim_box((yyvsp[-1].str), (yyvsp[0].b), 0); }
--#line 1695 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1710 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 38:
--#line 221 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 225 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_overline_box((yyvsp[-1].b)); }
--#line 1701 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1716 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 39:
--#line 223 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 227 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_underline_box((yyvsp[-1].b)); }
--#line 1707 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1722 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 40:
--#line 225 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 229 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_prime_box((yyvsp[-1].b)); }
--#line 1713 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1728 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 41:
--#line 227 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 231 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_accent_box((yyvsp[-2].b), (yyvsp[0].b)); }
--#line 1719 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1734 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 42:
--#line 229 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 233 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_uaccent_box((yyvsp[-2].b), (yyvsp[0].b)); }
--#line 1725 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1740 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 43:
--#line 231 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 235 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new font_box(strsave(get_grfont()), (yyvsp[0].b)); }
--#line 1731 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1746 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 44:
--#line 233 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 237 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new font_box(strsave(get_gbfont()), (yyvsp[0].b)); }
--#line 1737 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1752 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 45:
--#line 235 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 239 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new font_box(strsave(get_gfont()), (yyvsp[0].b)); }
--#line 1743 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1758 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 46:
--#line 237 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 241 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new fat_box((yyvsp[0].b)); }
--#line 1749 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1764 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 47:
--#line 239 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 243 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new font_box((yyvsp[-1].str), (yyvsp[0].b)); }
--#line 1755 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1770 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 48:
--#line 241 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 245 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new size_box((yyvsp[-1].str), (yyvsp[0].b)); }
--#line 1761 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1776 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 49:
--#line 243 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 247 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new hmotion_box((yyvsp[-1].n), (yyvsp[0].b)); }
--#line 1767 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1782 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 50:
--#line 245 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 249 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new hmotion_box(-(yyvsp[-1].n), (yyvsp[0].b)); }
--#line 1773 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1788 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 51:
--#line 247 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 251 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new vmotion_box((yyvsp[-1].n), (yyvsp[0].b)); }
--#line 1779 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1794 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 52:
--#line 249 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 253 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new vmotion_box(-(yyvsp[-1].n), (yyvsp[0].b)); }
--#line 1785 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1800 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 53:
--#line 251 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 255 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].b)->set_spacing_type((yyvsp[-1].str)); (yyval.b) = (yyvsp[0].b); }
--#line 1791 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1806 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 54:
--#line 253 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 257 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = new vcenter_box((yyvsp[0].b)); }
--#line 1797 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1812 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 55:
--#line 255 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 259 "src/preproc/eqn/eqn.ypp"
- { (yyval.b) = make_special_box((yyvsp[-1].str), (yyvsp[0].b)); }
--#line 1803 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1818 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 56:
--#line 260 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 264 "src/preproc/eqn/eqn.ypp"
- {
- int n;
- if (sscanf((yyvsp[0].str), "%d", &n) == 1)
- (yyval.n) = n;
- a_delete (yyvsp[0].str);
- }
--#line 1814 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1829 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 57:
--#line 270 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 274 "src/preproc/eqn/eqn.ypp"
- { (yyval.pb) = new pile_box((yyvsp[0].b)); }
--#line 1820 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1835 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 58:
--#line 272 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 276 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[-2].pb)->append((yyvsp[0].b)); (yyval.pb) = (yyvsp[-2].pb); }
--#line 1826 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1841 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 59:
--#line 277 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 281 "src/preproc/eqn/eqn.ypp"
- { (yyval.pb) = (yyvsp[-1].pb); }
--#line 1832 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1847 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 60:
--#line 279 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 283 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[-1].pb)->set_space((yyvsp[-3].n)); (yyval.pb) = (yyvsp[-1].pb); }
--#line 1838 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1853 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 61:
--#line 284 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 288 "src/preproc/eqn/eqn.ypp"
- { (yyval.mb) = new matrix_box((yyvsp[0].col)); }
--#line 1844 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1859 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 62:
--#line 286 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 290 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[-1].mb)->append((yyvsp[0].col)); (yyval.mb) = (yyvsp[-1].mb); }
--#line 1850 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1865 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 63:
--#line 291 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 295 "src/preproc/eqn/eqn.ypp"
- { (yyval.col) = new column((yyvsp[0].b)); }
--#line 1856 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1871 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 64:
--#line 293 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 297 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[-2].col)->append((yyvsp[0].b)); (yyval.col) = (yyvsp[-2].col); }
--#line 1862 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1877 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 65:
--#line 298 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 302 "src/preproc/eqn/eqn.ypp"
- { (yyval.col) = (yyvsp[-1].col); }
--#line 1868 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1883 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 66:
--#line 300 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 304 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[-1].col)->set_space((yyvsp[-3].n)); (yyval.col) = (yyvsp[-1].col); }
--#line 1874 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1889 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 67:
--#line 305 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 309 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].col)->set_alignment(CENTER_ALIGN); (yyval.col) = (yyvsp[0].col); }
--#line 1880 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1895 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 68:
--#line 307 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 311 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].col)->set_alignment(LEFT_ALIGN); (yyval.col) = (yyvsp[0].col); }
--#line 1886 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1901 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 69:
--#line 309 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 313 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].col)->set_alignment(RIGHT_ALIGN); (yyval.col) = (yyvsp[0].col); }
--#line 1892 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1907 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 70:
--#line 311 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 315 "src/preproc/eqn/eqn.ypp"
- { (yyvsp[0].col)->set_alignment(CENTER_ALIGN); (yyval.col) = (yyvsp[0].col); }
--#line 1898 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1913 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 71:
--#line 315 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 319 "src/preproc/eqn/eqn.ypp"
- { (yyval.str) = (yyvsp[0].str); }
--#line 1904 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1919 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 72:
--#line 317 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 321 "src/preproc/eqn/eqn.ypp"
- { (yyval.str) = (yyvsp[0].str); }
--#line 1910 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1925 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 73:
--#line 322 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 326 "src/preproc/eqn/eqn.ypp"
- { (yyval.str) = (yyvsp[0].str); }
--#line 1916 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1931 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 74:
--#line 324 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 328 "src/preproc/eqn/eqn.ypp"
- { (yyval.str) = strsave("{"); }
--#line 1922 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1937 "src/preproc/eqn/eqn.cpp"
- break;
-
- case 75:
--#line 326 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1645 */
-+#line 330 "src/preproc/eqn/eqn.ypp"
- { (yyval.str) = strsave("}"); }
--#line 1928 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1943 "src/preproc/eqn/eqn.cpp"
- break;
-
-
--#line 1932 "src/preproc/eqn/eqn.cpp" /* yacc.c:1645 */
-+#line 1947 "src/preproc/eqn/eqn.cpp"
-+
- default: break;
- }
- /* User semantic actions sometimes alter yychar, and that requires
-@@ -2042,12 +2058,10 @@ yyerrlab:
- | yyerrorlab -- error raised explicitly by YYERROR. |
- `---------------------------------------------------*/
- yyerrorlab:
--
-- /* Pacify compilers like GCC when the user code never invokes
-- YYERROR and the label yyerrorlab therefore never appears in user
-- code. */
-- if (/*CONSTCOND*/ 0)
-- goto yyerrorlab;
-+ /* Pacify compilers when the user code never invokes YYERROR and the
-+ label yyerrorlab therefore never appears in user code. */
-+ if (0)
-+ YYERROR;
-
- /* Do not reclaim the symbols of the rule whose action triggered
- this YYERROR. */
-@@ -2109,6 +2123,7 @@ yyacceptlab:
- yyresult = 0;
- goto yyreturn;
-
-+
- /*-----------------------------------.
- | yyabortlab -- YYABORT comes here. |
- `-----------------------------------*/
-@@ -2116,6 +2131,7 @@ yyabortlab:
- yyresult = 1;
- goto yyreturn;
-
-+
- #if !defined yyoverflow || YYERROR_VERBOSE
- /*-------------------------------------------------.
- | yyexhaustedlab -- memory exhaustion comes here. |
-@@ -2126,6 +2142,10 @@ yyexhaustedlab:
- /* Fall through. */
- #endif
-
-+
-+/*-----------------------------------------------------.
-+| yyreturn -- parsing is finished, return the result. |
-+`-----------------------------------------------------*/
- yyreturn:
- if (yychar != YYEMPTY)
- {
-@@ -2155,5 +2175,5 @@ yyreturn:
- #endif
- return yyresult;
- }
--#line 329 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1903 */
-+#line 333 "src/preproc/eqn/eqn.ypp"
-
-diff --git a/src/preproc/eqn/eqn.hpp b/src/preproc/eqn/eqn.hpp
-index 32a32a5..9a092c1 100644
---- a/src/preproc/eqn/eqn.hpp
-+++ b/src/preproc/eqn/eqn.hpp
-@@ -1,8 +1,9 @@
--/* A Bison parser, made by GNU Bison 3.2. */
-+/* A Bison parser, made by GNU Bison 3.4.1. */
-
- /* Bison interface for Yacc-like parsers in C
-
-- Copyright (C) 1984, 1989-1990, 2000-2015, 2018 Free Software Foundation, Inc.
-+ Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2019 Free Software Foundation,
-+ Inc.
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
-@@ -170,10 +171,9 @@ extern int yydebug;
-
- /* Value type. */
- #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
--
- union YYSTYPE
- {
--#line 30 "../src/preproc/eqn/eqn.ypp" /* yacc.c:1906 */
-+#line 34 "src/preproc/eqn/eqn.ypp"
-
- char *str;
- box *b;
-@@ -182,9 +182,9 @@ union YYSTYPE
- int n;
- column *col;
-
--#line 186 "src/preproc/eqn/eqn.hpp" /* yacc.c:1906 */
--};
-+#line 186 "src/preproc/eqn/eqn.hpp"
-
-+};
- typedef union YYSTYPE YYSTYPE;
- # define YYSTYPE_IS_TRIVIAL 1
- # define YYSTYPE_IS_DECLARED 1
diff --git a/src/preproc/eqn/eqn.ypp b/src/preproc/eqn/eqn.ypp
index fb318c3..b7b647e 100644
--- a/src/preproc/eqn/eqn.ypp
diff --git a/meta/recipes-extended/groff/groff_1.22.4.bb b/meta/recipes-extended/groff/groff_1.22.4.bb
index 0867452ce7..7bb393e09c 100644
--- a/meta/recipes-extended/groff/groff_1.22.4.bb
+++ b/meta/recipes-extended/groff/groff_1.22.4.bb
@@ -18,6 +18,10 @@ SRC_URI = "${GNU_MIRROR}/groff/groff-${PV}.tar.gz \
SRC_URI[md5sum] = "08fb04335e2f5e73f23ea4c3adbf0c5f"
SRC_URI[sha256sum] = "e78e7b4cb7dec310849004fa88847c44701e8d133b5d4c13057d876c1bad0293"
+# Remove at the next upgrade
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+
DEPENDS = "bison-native"
RDEPENDS_${PN} += "perl sed"
@@ -30,6 +34,13 @@ PARALLEL_MAKE = ""
CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl' ac_cv_path_BASH_PROG='no' PAGE=A4"
+# Delete these generated files since we depend on bison-native
+# and regenerate them. Do it deterministically (always).
+do_configure_prepend() {
+ rm -f ${S}/src/preproc/eqn/eqn.cpp
+ rm -f ${S}/src/preproc/eqn/eqn.hpp
+}
+
do_install_append() {
# Some distros have both /bin/perl and /usr/bin/perl, but we set perl location
# for target as /usr/bin/perl, so fix it to /usr/bin/perl.
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 10/52] df.py: Add feature check for read-only-rootfs
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (8 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 09/52] groff: Fix determinism issue Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 11/52] cve-check.bbclass: add layer to cve log Anuj Mittal
` (41 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Wes Lindauer <wesley.lindauer@gmail.com>
If the target is using a read-only rootfs, the available space on '/'
will be zero. This will cause the test to incorrectly fail and skipping
seems appropriate in this case.
Signed-off-by: Wes Lindauer <wesley.lindauer@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit af1dbea3c9b9b42a3e6803b231e425423d70e210)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/lib/oeqa/runtime/cases/df.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/lib/oeqa/runtime/cases/df.py b/meta/lib/oeqa/runtime/cases/df.py
index 89fd0fb901..bb155c9cf9 100644
--- a/meta/lib/oeqa/runtime/cases/df.py
+++ b/meta/lib/oeqa/runtime/cases/df.py
@@ -4,12 +4,14 @@
from oeqa.runtime.case import OERuntimeTestCase
from oeqa.core.decorator.depends import OETestDepends
+from oeqa.core.decorator.data import skipIfDataVar, skipIfInDataVar
from oeqa.runtime.decorator.package import OEHasPackage
class DfTest(OERuntimeTestCase):
@OETestDepends(['ssh.SSHTest.test_ssh'])
@OEHasPackage(['coreutils', 'busybox'])
+ @skipIfInDataVar('IMAGE_FEATURES', 'read-only-rootfs', 'Test case df requires a writable rootfs')
def test_df(self):
cmd = "df -P / | sed -n '2p' | awk '{print $4}'"
(status,output) = self.target.run(cmd)
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 11/52] cve-check.bbclass: add layer to cve log
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (9 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 10/52] df.py: Add feature check for read-only-rootfs Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 12/52] cve-check: add include/exclude layers Anuj Mittal
` (40 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: akuster <akuster808@gmail.com>
Lets include whcih layer a package belongs to and
add it to the cve logs
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00d965bb42dc427749a4c3985af56ceffff80457)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/cve-check.bbclass | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index ed86403b6b..061af7a276 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -335,6 +335,9 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
"""
cve_file = d.getVar("CVE_CHECK_LOG")
+ fdir_name = d.getVar("FILE_DIRNAME")
+ layer = fdir_name.split("/")[-3]
+
nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
write_string = ""
unpatched_cves = []
@@ -344,6 +347,7 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
is_patched = cve in patched
if is_patched and (d.getVar("CVE_CHECK_REPORT_PATCHED") != "1"):
continue
+ write_string += "LAYER: %s\n" % layer
write_string += "PACKAGE NAME: %s\n" % d.getVar("PN")
write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV"))
write_string += "CVE: %s\n" % cve
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 12/52] cve-check: add include/exclude layers
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (10 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 11/52] cve-check.bbclass: add layer to cve log Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 13/52] go: Update to 1.15.8 Anuj Mittal
` (39 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: akuster <akuster808@gmail.com>
There are times when exluding or including a layer
may be desired. This provide the framwork for that via
two variables. The default is all layers in bblayers.
CVE_CHECK_LAYER_INCLUDELIST
CVE_CHECK_LAYER_EXCLUDELIST
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5fdde65ef58b4c1048839e4f9462b34bab36fc22)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/cve-check.bbclass | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 061af7a276..112ee3379d 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -53,6 +53,13 @@ CVE_CHECK_PN_WHITELIST ?= ""
#
CVE_CHECK_WHITELIST ?= ""
+# Layers to be excluded
+CVE_CHECK_LAYER_EXCLUDELIST ??= ""
+
+# Layers to be included
+CVE_CHECK_LAYER_INCLUDELIST ??= ""
+
+
# set to "alphabetical" for version using single alphabetical character as increament release
CVE_VERSION_SUFFIX ??= ""
@@ -334,10 +341,20 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
CVE manifest if enabled.
"""
+
cve_file = d.getVar("CVE_CHECK_LOG")
fdir_name = d.getVar("FILE_DIRNAME")
layer = fdir_name.split("/")[-3]
+ include_layers = d.getVar("CVE_CHECK_LAYER_INCLUDELIST").split()
+ exclude_layers = d.getVar("CVE_CHECK_LAYER_EXCLUDELIST").split()
+
+ if exclude_layers and layer in exclude_layers:
+ return
+
+ if include_layers and layer not in include_layers:
+ return
+
nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
write_string = ""
unpatched_cves = []
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 13/52] go: Update to 1.15.8
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (11 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 12/52] cve-check: add include/exclude layers Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 14/52] screen: fix CVE-2021-26937 Anuj Mittal
` (38 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2b724599e29808014f5d9c1fdc70d20abab9b3e5)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-devtools/go/go-1.15.inc | 4 ++--
...{go-binary-native_1.15.6.bb => go-binary-native_1.15.8.bb} | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
rename meta/recipes-devtools/go/{go-binary-native_1.15.6.bb => go-binary-native_1.15.8.bb} (83%)
diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes-devtools/go/go-1.15.inc
index abe74e5eb7..7c8190f68c 100644
--- a/meta/recipes-devtools/go/go-1.15.inc
+++ b/meta/recipes-devtools/go/go-1.15.inc
@@ -1,7 +1,7 @@
require go-common.inc
GO_BASEVERSION = "1.15"
-PV = "1.15.6"
+PV = "1.15.8"
FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
@@ -16,4 +16,4 @@ SRC_URI += "\
file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
"
-SRC_URI[main.sha256sum] = "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
+SRC_URI[main.sha256sum] = "540c0ab7781084d124991321ed1458e479982de94454a98afab6acadf38497c2"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.15.6.bb b/meta/recipes-devtools/go/go-binary-native_1.15.8.bb
similarity index 83%
rename from meta/recipes-devtools/go/go-binary-native_1.15.6.bb
rename to meta/recipes-devtools/go/go-binary-native_1.15.8.bb
index 622557ad2b..df697e2781 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.15.6.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.15.8.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
PROVIDES = "go-native"
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "3918e6cc85e7eaaa6f859f1bdbaac772e7a825b0eb423c63d3ae68b21f84b844"
-SRC_URI[go_linux_arm64.sha256sum] = "f87515b9744154ffe31182da9341d0a61eb0795551173d242c8cad209239e492"
+SRC_URI[go_linux_amd64.sha256sum] = "d3379c32a90fdf9382166f8f48034c459a8cc433730bc9476d39d9082c94583b"
+SRC_URI[go_linux_arm64.sha256sum] = "0e31ea4bf53496b0f0809730520dee98c0ae5c530f3701a19df0ba0a327bf3d2"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 14/52] screen: fix CVE-2021-26937
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (12 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 13/52] go: Update to 1.15.8 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 15/52] npm.bbclass: avoid building target nodejs for native npm recipes Anuj Mittal
` (37 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Scott Murray <scott.murray@konsulko.com>
Apply patch from Debian to fix CVE-2021-26937.
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d688cc8672b1830ba10966492ab3f8a12d32e17)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../screen/screen/CVE-2021-26937.patch | 68 +++++++++++++++++++
meta/recipes-extended/screen/screen_4.8.0.bb | 1 +
2 files changed, 69 insertions(+)
create mode 100644 meta/recipes-extended/screen/screen/CVE-2021-26937.patch
diff --git a/meta/recipes-extended/screen/screen/CVE-2021-26937.patch b/meta/recipes-extended/screen/screen/CVE-2021-26937.patch
new file mode 100644
index 0000000000..983b35c1b0
--- /dev/null
+++ b/meta/recipes-extended/screen/screen/CVE-2021-26937.patch
@@ -0,0 +1,68 @@
+Description: [CVE-2021-26937] Fix out of bounds array access
+Author: Michael Schröder <mls@suse.de>
+Bug-Debian: https://bugs.debian.org/982435
+Bug: https://savannah.gnu.org/bugs/?60030
+Bug: https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
+Bug-OSS-Security: https://www.openwall.com/lists/oss-security/2021/02/09/3
+Origin: https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00010.html
+
+CVE: CVE-2021-26937
+Upstream-Status: Pending
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
+
+--- a/encoding.c
++++ b/encoding.c
+@@ -43,7 +43,7 @@
+ # ifdef UTF8
+ static int recode_char __P((int, int, int));
+ static int recode_char_to_encoding __P((int, int));
+-static void comb_tofront __P((int, int));
++static void comb_tofront __P((int));
+ # ifdef DW_CHARS
+ static int recode_char_dw __P((int, int *, int, int));
+ static int recode_char_dw_to_encoding __P((int, int *, int));
+@@ -1263,6 +1263,8 @@
+ {0x30000, 0x3FFFD},
+ };
+
++ if (c >= 0xdf00 && c <= 0xdfff)
++ return 1; /* dw combining sequence */
+ return ((bisearch(c, wide, sizeof(wide) / sizeof(struct interval) - 1)) ||
+ (cjkwidth &&
+ bisearch(c, ambiguous,
+@@ -1330,11 +1332,12 @@
+ }
+
+ static void
+-comb_tofront(root, i)
+-int root, i;
++comb_tofront(i)
++int i;
+ {
+ for (;;)
+ {
++ int root = i >= 0x700 ? 0x801 : 0x800;
+ debug1("bring to front: %x\n", i);
+ combchars[combchars[i]->prev]->next = combchars[i]->next;
+ combchars[combchars[i]->next]->prev = combchars[i]->prev;
+@@ -1396,9 +1399,9 @@
+ {
+ /* full, recycle old entry */
+ if (c1 >= 0xd800 && c1 < 0xe000)
+- comb_tofront(root, c1 - 0xd800);
++ comb_tofront(c1 - 0xd800);
+ i = combchars[root]->prev;
+- if (c1 == i + 0xd800)
++ if (i == 0x800 || i == 0x801 || c1 == i + 0xd800)
+ {
+ /* completely full, can't recycle */
+ debug("utf8_handle_comp: completely full!\n");
+@@ -1422,7 +1425,7 @@
+ mc->font = (i >> 8) + 0xd8;
+ mc->fontx = 0;
+ debug3("combinig char %x %x -> %x\n", c1, c, i + 0xd800);
+- comb_tofront(root, i);
++ comb_tofront(i);
+ }
+
+ #else /* !UTF8 */
diff --git a/meta/recipes-extended/screen/screen_4.8.0.bb b/meta/recipes-extended/screen/screen_4.8.0.bb
index 4772eb6c7a..fe640c262b 100644
--- a/meta/recipes-extended/screen/screen_4.8.0.bb
+++ b/meta/recipes-extended/screen/screen_4.8.0.bb
@@ -21,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
file://0002-comm.h-now-depends-on-term.h.patch \
file://0001-fix-for-multijob-build.patch \
file://0001-Remove-more-compatibility-stuff.patch \
+ file://CVE-2021-26937.patch \
"
SRC_URI[md5sum] = "d276213d3acd10339cd37848b8c4ab1e"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 15/52] npm.bbclass: avoid building target nodejs for native npm recipes
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (13 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 14/52] screen: fix CVE-2021-26937 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 16/52] mtd-utils: Remove duplicate assignments to alternative link names Anuj Mittal
` (36 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Yoann Congal <yoann.congal@smile.fr>
The current recipe unconditionally RDEPENDS on nodejs (the target one).
When building on the "-native recipe" of "BBCLASSEXTEND native" recipe,
the target nodejs is unnecessarily built.
This patch fixes this by only RDEPENDS on nodejs when building for the target.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 92a9a86df9e3bcffb13d2f8b5dcbe7822170f734)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/npm.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/npm.bbclass b/meta/classes/npm.bbclass
index 79f55febcc..55a6985fb0 100644
--- a/meta/classes/npm.bbclass
+++ b/meta/classes/npm.bbclass
@@ -20,7 +20,7 @@
inherit python3native
DEPENDS_prepend = "nodejs-native "
-RDEPENDS_${PN}_prepend = "nodejs "
+RDEPENDS_${PN}_append_class-target = " nodejs"
NPM_INSTALL_DEV ?= "0"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 16/52] mtd-utils: Remove duplicate assignments to alternative link names
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (14 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 15/52] npm.bbclass: avoid building target nodejs for native npm recipes Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 17/52] package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm class Anuj Mittal
` (35 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Thomas Viehweger <patchesThomas.Vie@web.de>
The two duplicate lines are not needed. The existence is confusing.
Signed-off-by: Thomas Viehweger <patchesThomas.Vie@web.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 36bdb4faa90dc18bc020481eba82ee570b968c39)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-devtools/mtd/mtd-utils_git.bb | 2 --
1 file changed, 2 deletions(-)
diff --git a/meta/recipes-devtools/mtd/mtd-utils_git.bb b/meta/recipes-devtools/mtd/mtd-utils_git.bb
index 8d6bbfca3f..ff42219513 100644
--- a/meta/recipes-devtools/mtd/mtd-utils_git.bb
+++ b/meta/recipes-devtools/mtd/mtd-utils_git.bb
@@ -42,11 +42,9 @@ ALTERNATIVE_PRIORITY = "100"
ALTERNATIVE_${PN} = "flashcp flash_eraseall flash_lock flash_unlock nanddump nandwrite"
ALTERNATIVE_${PN}-ubifs = "ubiattach ubidetach ubimkvol ubirename ubirmvol ubirsvol ubiupdatevol"
-ALTERNATIVE_LINK_NAME[flash_eraseall] = "${sbindir}/flash_eraseall"
ALTERNATIVE_LINK_NAME[nandwrite] = "${sbindir}/nandwrite"
ALTERNATIVE_LINK_NAME[nanddump] = "${sbindir}/nanddump"
ALTERNATIVE_LINK_NAME[ubiattach] = "${sbindir}/ubiattach"
-ALTERNATIVE_LINK_NAME[ubiattach] = "${sbindir}/ubiattach"
ALTERNATIVE_LINK_NAME[ubidetach] = "${sbindir}/ubidetach"
ALTERNATIVE_LINK_NAME[ubimkvol] = "${sbindir}/ubimkvol"
ALTERNATIVE_LINK_NAME[ubirename] = "${sbindir}/ubirename"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 17/52] package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm class
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (15 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 16/52] mtd-utils: Remove duplicate assignments to alternative link names Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 18/52] oe/recipeutils: Fix copying patches when BBLAYERS entries are not normalised Anuj Mittal
` (34 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Adding --define 'use_source_date_epoch_as_buildtime 1' to rpmbuild
ensure that the rpm header does have a consistent BUILDTIME tag.
This allows the rpms to be built reproducibly.
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f16721df6b3d0d3e681d9a1b3393417bd62b6275)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/package_rpm.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes/package_rpm.bbclass b/meta/classes/package_rpm.bbclass
index 53b4700cdd..89b4c6bbfc 100644
--- a/meta/classes/package_rpm.bbclass
+++ b/meta/classes/package_rpm.bbclass
@@ -687,6 +687,7 @@ python do_package_rpm () {
cmd = cmd + " --define '_binary_payload w6T.xzdio'"
cmd = cmd + " --define '_source_payload w6T.xzdio'"
cmd = cmd + " --define 'clamp_mtime_to_source_date_epoch 1'"
+ cmd = cmd + " --define 'use_source_date_epoch_as_buildtime 1'"
cmd = cmd + " --define '_buildhost reproducible'"
if perfiledeps:
cmd = cmd + " --define '__find_requires " + outdepends + "'"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 18/52] oe/recipeutils: Fix copying patches when BBLAYERS entries are not normalised
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (16 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 17/52] package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm class Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 19/52] oeqa/commands: Fix compatibility with python 3.9 Anuj Mittal
` (33 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Andrei Gherzan <andrei.gherzan@huawei.com>
`devtool` uses `copy_recipe_files` for the upgrade operation when
creating the new, workspace recipe. Before handling the copy operations,
the function checks the entry in `SRC_URI` against `FILE` while in turn
uses absolute paths. When BBLAYERS contains entries that are not
normalised, this check will fail resulting in having the recipe in the
workspace without the initial patches.
Signef-off-by: Robert Drab <robert.drab@huawei.com>
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 777fc24ab2c332954b56dac28cd9b3032808828c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/lib/oe/recipeutils.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oe/recipeutils.py b/meta/lib/oe/recipeutils.py
index ef69ef207f..407d168894 100644
--- a/meta/lib/oe/recipeutils.py
+++ b/meta/lib/oe/recipeutils.py
@@ -409,7 +409,7 @@ def copy_recipe_files(d, tgt_dir, whole_dir=False, download=True, all_variants=F
fetch.download()
for pth in fetch.localpaths():
if pth not in localpaths:
- localpaths.append(pth)
+ localpaths.append(os.path.abspath(pth))
uri_values.append(srcuri)
fetch_urls(d)
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 19/52] oeqa/commands: Fix compatibility with python 3.9
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (17 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 18/52] oe/recipeutils: Fix copying patches when BBLAYERS entries are not normalised Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 20/52] wpebackend-fdo: Fix missing .so symlink when using dev package Anuj Mittal
` (32 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Python 3.9 dropped isAlive() so use the preferred is_alive().
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9bb06428cbb2ac0f3d98a1696f050d3393385503)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/lib/oeqa/utils/commands.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/lib/oeqa/utils/commands.py b/meta/lib/oeqa/utils/commands.py
index 8b3e12038d..a71c16ab14 100644
--- a/meta/lib/oeqa/utils/commands.py
+++ b/meta/lib/oeqa/utils/commands.py
@@ -125,11 +125,11 @@ class Command(object):
def stop(self):
for thread in self.threads:
- if thread.isAlive():
+ if thread.is_alive():
self.process.terminate()
# let's give it more time to terminate gracefully before killing it
thread.join(5)
- if thread.isAlive():
+ if thread.is_alive():
self.process.kill()
thread.join()
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 20/52] wpebackend-fdo: Fix missing .so symlink when using dev package
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (18 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 19/52] oeqa/commands: Fix compatibility with python 3.9 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 21/52] linux-firmware: upgrade 20201218 -> 20210208 Anuj Mittal
` (31 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Zbigniew Bodek <zbigniew.bodek@huawei.com>
Problem spotted on dunfell-23.0.4
Normally, unversioned .so is removed from -dev (default) package
however it is still being referred by other agents, such as webkitgtk.
That can be observed while executing i.e. Epiphany Browser.
For instance:
platformInitializeWebProcess()
calls
wpe_loader_init("libWPEBackend-fdo-1.0.so")
as a result one can see:
--------------------
wpe_loader_init could not load the library 'libWPEBackend-fdo-1.0.so':
libWPEBackend-fdo-1.0.so: cannot open shared object file:
No such file or directory
--------------------
"master" branch contains a bumped-up version of webkitgtk
to which this issue does not apply (the code has changed).
Forcefully keep this .so symlink to resolve the problem in dunfell.
Signed-off-by: Zbigniew Bodek <zbigniew.bodek@huawei.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-sato/webkit/wpebackend-fdo_1.7.1.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-sato/webkit/wpebackend-fdo_1.7.1.bb b/meta/recipes-sato/webkit/wpebackend-fdo_1.7.1.bb
index 519762d125..15f4f4276c 100644
--- a/meta/recipes-sato/webkit/wpebackend-fdo_1.7.1.bb
+++ b/meta/recipes-sato/webkit/wpebackend-fdo_1.7.1.bb
@@ -15,3 +15,6 @@ REQUIRED_DISTRO_FEATURES = "opengl"
SRC_URI = "https://wpewebkit.org/releases/${BPN}-${PV}.tar.xz"
SRC_URI[sha256sum] = "9b980a73ea4e3762266c48f81ded56d9dcad4acf32bad9bd05d0dffdd454c6f5"
+FILES_${PN} += "${libdir}/libWPEBackend-fdo-1.0.so"
+FILES_SOLIBSDEV = ""
+INSANE_SKIP_${PN} += "dev-so"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 21/52] linux-firmware: upgrade 20201218 -> 20210208
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (19 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 20/52] wpebackend-fdo: Fix missing .so symlink when using dev package Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 22/52] systemd: Fix importd requirements comment Anuj Mittal
` (30 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
License file had a number of new additions for new firmware but no
new licenses that didn't already exist.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eab46e65feae24311f0ee0cd05b7ebb2e3b07363)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
...{linux-firmware_20201218.bb => linux-firmware_20210208.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20201218.bb => linux-firmware_20210208.bb} (99%)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20201218.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
similarity index 99%
rename from meta/recipes-kernel/linux-firmware/linux-firmware_20201218.bb
rename to meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
index 700a79b118..59ce4d5124 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20201218.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20210208.bb
@@ -128,7 +128,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \
file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \
file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \
- file://WHENCE;md5=03f0fad70b8b557b56084e3090198021 \
+ file://WHENCE;md5=ef0565762eac313c409567b59dff00b2 \
"
# These are not common licenses, set NO_GENERIC_LICENSE for them
@@ -201,7 +201,7 @@ PE = "1"
SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "a1cc1ff72c739f312b095df589e9fd639fc81c3f8f7966377ea35222dc94c04b"
+SRC_URI[sha256sum] = "1bcb1a3944c361507754a7d26ccff40ffc28d1fb93bce711d67da26b33e785b7"
inherit allarch
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 22/52] systemd: Fix importd requirements comment
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (20 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 21/52] linux-firmware: upgrade 20201218 -> 20210208 Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 23/52] openssl: upgrade 1.1.1i -> 1.1.1j Anuj Mittal
` (29 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Vivien Didelot <vdidelot@pbsc.com>
The comment above the importd config states curl, which does not
exist in PACKAGECONFIG. Adding it results in the following error
(and then misleading compilation failures):
WARNING: systemd-1_244.5-r0 do_configure: QA Issue: systemd: invalid PACKAGECONFIG: curl [invalid-packageconfig]
Support for curl is currently enabled through journal-upload:
PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl"
While it might be more appropriate to deprecate "journal-upload"
in favor of a "curl" PACKAGECONFIG entry, simply fix the importd
comment for now by stating upload-journal instead of curl.
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e6a0bced605da58ff43ff06ea6a1d67e84c98d91)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-core/systemd/systemd_246.9.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/systemd/systemd_246.9.bb b/meta/recipes-core/systemd/systemd_246.9.bb
index daee795cc2..6524b8216a 100644
--- a/meta/recipes-core/systemd/systemd_246.9.bb
+++ b/meta/recipes-core/systemd/systemd_246.9.bb
@@ -135,7 +135,7 @@ PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false"
PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false"
PACKAGECONFIG[idn] = "-Didn=true,-Didn=false"
PACKAGECONFIG[ima] = "-Dima=true,-Dima=false"
-# importd requires curl/xz/zlib/bzip2/gcrypt
+# importd requires journal-upload/xz/zlib/bzip2/gcrypt
PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false"
# Update NAT firewall rules
PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 23/52] openssl: upgrade 1.1.1i -> 1.1.1j
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (21 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 22/52] systemd: Fix importd requirements comment Anuj Mittal
@ 2021-03-05 4:20 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 24/52] rsync: Fix a file sorting determinism issue Anuj Mittal
` (28 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:20 UTC (permalink / raw)
To: openembedded-core
From: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a67635ca2c7a016efcf450e4011f2032883e995d)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../openssl/{openssl_1.1.1i.bb => openssl_1.1.1j.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-connectivity/openssl/{openssl_1.1.1i.bb => openssl_1.1.1j.bb} (98%)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1j.bb
similarity index 98%
rename from meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.1j.bb
index 5d22c511aa..f054d2fdba 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1j.bb
@@ -23,7 +23,7 @@ SRC_URI_append_class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
+SRC_URI[sha256sum] = "aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf"
inherit lib_package multilib_header multilib_script ptest
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 24/52] rsync: Fix a file sorting determinism issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (22 preceding siblings ...)
2021-03-05 4:20 ` [gatesgarth][PATCH 23/52] openssl: upgrade 1.1.1i -> 1.1.1j Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 25/52] rsync: Fix group name " Anuj Mittal
` (27 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6b7f395ae2d98363e365d31f5e95ce41a12e5b4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../rsync/files/determism.patch | 28 +++++++++++++++++++
meta/recipes-devtools/rsync/rsync_3.2.3.bb | 1 +
2 files changed, 29 insertions(+)
create mode 100644 meta/recipes-devtools/rsync/files/determism.patch
diff --git a/meta/recipes-devtools/rsync/files/determism.patch b/meta/recipes-devtools/rsync/files/determism.patch
new file mode 100644
index 0000000000..53a4ca7505
--- /dev/null
+++ b/meta/recipes-devtools/rsync/files/determism.patch
@@ -0,0 +1,28 @@
+The Makefile calls awk on a "*.c" glob. The results of this glob are sorted
+but the order depends on the locale settings, particularly whether
+"util.c" and "util2.c" sort before or after each other. In en_US.UTF-8
+they sort one way, in C, they sort the other. The sorting order changes
+the output binaries. The behaviour also changes dependning on whether
+SHELL (/bin/sh) is dash or bash.
+
+Specify a C locale setting to be deterministic.
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Upstream-Status: Pending
+
+Index: rsync-3.2.3/Makefile.in
+===================================================================
+--- rsync-3.2.3.orig/Makefile.in
++++ rsync-3.2.3/Makefile.in
+@@ -26,6 +26,11 @@ MKDIR_P=@MKDIR_P@
+ VPATH=$(srcdir)
+ SHELL=/bin/sh
+
++# We use globbing in commands, need to be deterministic
++unexport LC_ALL
++LC_COLLATE=C
++export LC_COLLATE
++
+ .SUFFIXES:
+ .SUFFIXES: .c .o
+
diff --git a/meta/recipes-devtools/rsync/rsync_3.2.3.bb b/meta/recipes-devtools/rsync/rsync_3.2.3.bb
index 375efa0dea..08778ec908 100644
--- a/meta/recipes-devtools/rsync/rsync_3.2.3.bb
+++ b/meta/recipes-devtools/rsync/rsync_3.2.3.bb
@@ -12,6 +12,7 @@ DEPENDS = "popt"
SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \
file://rsyncd.conf \
file://makefile-no-rebuild.patch \
+ file://determism.patch \
"
SRC_URI[sha256sum] = "becc3c504ceea499f4167a260040ccf4d9f2ef9499ad5683c179a697146ce50e"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 25/52] rsync: Fix group name determinism issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (23 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 24/52] rsync: Fix a file sorting determinism issue Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 26/52] libevdev: Update patch status to backport Anuj Mittal
` (26 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
configure falls back to inspecting the host#s /etc/group for the
nobody/nogroup naming. Pass the correct value to configure to
ensure host differences don't sneak in.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e5f809068b32df32e506f3067cd6086195e03f12)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-devtools/rsync/rsync_3.2.3.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/rsync/rsync_3.2.3.bb b/meta/recipes-devtools/rsync/rsync_3.2.3.bb
index 08778ec908..e6a3a67881 100644
--- a/meta/recipes-devtools/rsync/rsync_3.2.3.bb
+++ b/meta/recipes-devtools/rsync/rsync_3.2.3.bb
@@ -39,7 +39,7 @@ PACKAGECONFIG[zstd] = "--enable-zstd,--disable-zstd,zstd"
CACHED_CONFIGUREVARS += "rsync_cv_can_hardlink_special=yes rsync_cv_can_hardlink_symlink=yes"
EXTRA_OEMAKE = 'STRIP=""'
-EXTRA_OECONF = "--disable-simd --disable-md2man --disable-asm"
+EXTRA_OECONF = "--disable-simd --disable-md2man --disable-asm --with-nobody-group=nogroup"
# rsync 3.0 uses configure.sh instead of configure, and
# makefile checks the existence of configure.sh
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 26/52] libevdev: Update patch status to backport
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (24 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 25/52] rsync: Fix group name " Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 27/52] python3: Fix python interpreter line length for nativesdk Anuj Mittal
` (25 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch was submitted and merged upstream.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 871bce0703ca9d14e5c44f6ee0b66fcb13cfb630)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-support/libevdev/libevdev/determinism.patch | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-support/libevdev/libevdev/determinism.patch b/meta/recipes-support/libevdev/libevdev/determinism.patch
index f6b7fc82d3..71cbd876eb 100644
--- a/meta/recipes-support/libevdev/libevdev/determinism.patch
+++ b/meta/recipes-support/libevdev/libevdev/determinism.patch
@@ -9,7 +9,8 @@ Sort to remove this inconsistency.
RP 2020/2/7
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-Upstream-Status: Pending
+Submitted: https://lists.freedesktop.org/archives/input-tools/2021-February/001560.html
+Upstream-Status: Backport [https://gitlab.freedesktop.org/libevdev/libevdev/-/commit/8d70f449892c6f7659e07bb0f06b8347677bb7d8]
---
libevdev/make-event-names.py | 6 +++---
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 27/52] python3: Fix python interpreter line length for nativesdk
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (25 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 26/52] libevdev: Update patch status to backport Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 28/52] report-error.bbclass: Add layer and bitbake version info to error report Anuj Mittal
` (24 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Mingli Yu <mingli.yu@windriver.com>
Make sure the python interpreter is "#!/usr/bin/env python3" for
nativesdk to avoid the shebang path exceeding the limit when install
the sdk under the directory with long path.
Before:
$ cd ${target_sdk_dir}
$ vi ./sysroots/x86_64-oesdk-linux/usr/bin/2to3
#!${target_sdk_dir}/sysroots/${SDK_SYS}/usr/bin/python3.9
[snip]
After:
$ cd ${target_sdk_dir}
$ vi ./sysroots/x86_64-oesdk-linux/usr/bin/2to3
#!/usr/bin/env python3
[snip]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a748e6098fa7d2ff594319937c7e0cf97700e83a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-devtools/python/python3_3.8.5.bb | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-devtools/python/python3_3.8.5.bb b/meta/recipes-devtools/python/python3_3.8.5.bb
index fb066084bf..fda35a31e2 100644
--- a/meta/recipes-devtools/python/python3_3.8.5.bb
+++ b/meta/recipes-devtools/python/python3_3.8.5.bb
@@ -169,6 +169,10 @@ do_install_append() {
}
do_install_append_class-nativesdk () {
+ # Make sure we use /usr/bin/env python
+ for PYTHSCRIPT in `grep -rIl ${bindir}/python ${D}${bindir}`; do
+ sed -i -e '1s|^#!.*|#!/usr/bin/env python3|' $PYTHSCRIPT
+ done
create_wrapper ${D}${bindir}/python${PYTHON_MAJMIN} TERMINFO_DIRS='${sysconfdir}/terminfo:/etc/terminfo:/usr/share/terminfo:/usr/share/misc/terminfo:/lib/terminfo' PYTHONNOUSERSITE='1'
}
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 28/52] report-error.bbclass: Add layer and bitbake version info to error report
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (26 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 27/52] python3: Fix python interpreter line length for nativesdk Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 29/52] babeltrace2: Fix reproducibility Anuj Mittal
` (23 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Milan Shah <mshah@mvista.com>
Instead of just providing local.conf info, add layer names and their
revisions with bitbake version information into error report
makes it easier to understand and reproduce failed build.
[YOCTO #9700]
Signed-off-by: Milan Shah <mshah@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a5afd7b1857c0012ab6e3d8bbafa67a96ff9e9e0)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/report-error.bbclass | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/classes/report-error.bbclass b/meta/classes/report-error.bbclass
index 1a12db1206..9cb6b0bd31 100644
--- a/meta/classes/report-error.bbclass
+++ b/meta/classes/report-error.bbclass
@@ -6,6 +6,8 @@
#
# Licensed under the MIT license, see COPYING.MIT for details
+inherit base
+
ERR_REPORT_DIR ?= "${LOG_DIR}/error-report"
def errorreport_getdata(e):
@@ -64,6 +66,8 @@ python errorreport_handler () {
data['failures'] = []
data['component'] = " ".join(e.getPkgs())
data['branch_commit'] = str(base_detect_branch(e.data)) + ": " + str(base_detect_revision(e.data))
+ data['bitbake_version'] = e.data.getVar("BB_VERSION")
+ data['layer_version'] = get_layers_branch_rev(e.data)
data['local_conf'] = get_conf_data(e, 'local.conf')
data['auto_conf'] = get_conf_data(e, 'auto.conf')
lock = bb.utils.lockfile(datafile + '.lock')
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 29/52] babeltrace2: Fix reproducibility
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (27 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 28/52] report-error.bbclass: Add layer and bitbake version info to error report Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 30/52] bitbake.conf: Introduce FAKEROOTLOGS variable used by bitbake to print pseudo.log Anuj Mittal
` (22 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
babeltrace2-ptest was referencing the host's python version in it's
makefiles. Whilst this could be fixed, its easier to correct the
python version being found to the target one which works much
more effectively and solves the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 559f16d2fef4f8b04a9db1104b4a5b63f7876c68)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-kernel/lttng/babeltrace2_2.0.3.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/lttng/babeltrace2_2.0.3.bb b/meta/recipes-kernel/lttng/babeltrace2_2.0.3.bb
index c65882581d..32ba75bf36 100644
--- a/meta/recipes-kernel/lttng/babeltrace2_2.0.3.bb
+++ b/meta/recipes-kernel/lttng/babeltrace2_2.0.3.bb
@@ -17,7 +17,7 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>2(\.\d+)+)$"
S = "${WORKDIR}/git"
-inherit autotools pkgconfig ptest
+inherit autotools pkgconfig ptest python3targetconfig
EXTRA_OECONF = "--disable-debug-info"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 30/52] bitbake.conf: Introduce FAKEROOTLOGS variable used by bitbake to print pseudo.log
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (28 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 29/52] babeltrace2: Fix reproducibility Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 31/52] wpa-supplicant: fix CVE-2021-0326 Anuj Mittal
` (21 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com>
Bitbake depends on this variable while looking for pseudo.log file in
case of fakeroot task failure.
Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e8e9e5f62b144828387e20eec2e66fcd61edd0d3)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/conf/bitbake.conf | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 8e0a0ec4b4..b38b1d2964 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -696,6 +696,7 @@ FAKEROOTCMD = "${PSEUDO_SYSROOT}${bindir_native}/pseudo"
FAKEROOTENV = "PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} PSEUDO_PASSWD=${PSEUDO_PASSWD} PSEUDO_NOSYMLINKEXP=1 PSEUDO_IGNORE_PATHS=${@oe.path.canonicalize(d.getVar('PSEUDO_IGNORE_PATHS'))} PSEUDO_DISABLED=0"
FAKEROOTNOENV = "PSEUDO_UNLOAD=1"
FAKEROOTDIRS = "${PSEUDO_LOCALSTATEDIR}"
+FAKEROOTLOGS = "${WORKDIR}/pseudo/pseudo.log"
PREFERRED_PROVIDER_virtual/fakeroot-native ?= "pseudo-native"
##################################################################
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 31/52] wpa-supplicant: fix CVE-2021-0326
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (29 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 30/52] bitbake.conf: Introduce FAKEROOTLOGS variable used by bitbake to print pseudo.log Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 32/52] sstatesig.py: show an error instead of warning when sstate manifest isn't found Anuj Mittal
` (20 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Stefan Ghinea <stefan.ghinea@windriver.com>
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write
due to a missing bounds check. This could lead to remote code execution
if the target device is performing a Wi-Fi Direct search, with no
additional execution privileges needed. User interaction is not needed
for exploitation.Product: AndroidVersions: Android-10 Android-11
Android-8.1 Android-9 Android ID: A-172937525
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-0326
Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e<links_for_CVE_patches>
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b7940edabe100512e8f558cc37f9da836feae74d)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../wpa-supplicant/CVE-2021-0326.patch | 45 +++++++++++++++++++
.../wpa-supplicant/wpa-supplicant_2.9.bb | 1 +
2 files changed, 46 insertions(+)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch
new file mode 100644
index 0000000000..8c90fa3421
--- /dev/null
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-0326.patch
@@ -0,0 +1,45 @@
+From 947272febe24a8f0ea828b5b2f35f13c3821901e Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Mon, 9 Nov 2020 11:43:12 +0200
+Subject: [PATCH] P2P: Fix copying of secondary device types for P2P group
+ client
+
+Parsing and copying of WPS secondary device types list was verifying
+that the contents is not too long for the internal maximum in the case
+of WPS messages, but similar validation was missing from the case of P2P
+group information which encodes this information in a different
+attribute. This could result in writing beyond the memory area assigned
+for these entries and corrupting memory within an instance of struct
+p2p_device. This could result in invalid operations and unexpected
+behavior when trying to free pointers from that corrupted memory.
+
+Upstream-Status: Backport
+CVE: CVE-2021-0326
+
+Reference to upstream patch:
+[https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e]
+
+Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27269
+Fixes: e57ae6e19edf ("P2P: Keep track of secondary device types for peers")
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
+---
+ src/p2p/p2p.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
+index a08ba02..079270f 100644
+--- a/src/p2p/p2p.c
++++ b/src/p2p/p2p.c
+@@ -453,6 +453,8 @@ static void p2p_copy_client_info(struct p2p_device *dev,
+ dev->info.config_methods = cli->config_methods;
+ os_memcpy(dev->info.pri_dev_type, cli->pri_dev_type, 8);
+ dev->info.wps_sec_dev_type_list_len = 8 * cli->num_sec_dev_types;
++ if (dev->info.wps_sec_dev_type_list_len > WPS_SEC_DEV_TYPE_MAX_LEN)
++ dev->info.wps_sec_dev_type_list_len = WPS_SEC_DEV_TYPE_MAX_LEN;
+ os_memcpy(dev->info.wps_sec_dev_type_list, cli->sec_dev_types,
+ dev->info.wps_sec_dev_type_list_len);
+ }
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
index 7cc03fef7d..85ac28d881 100644
--- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
@@ -29,6 +29,7 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \
file://0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
file://0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
file://0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
+ file://CVE-2021-0326.patch \
"
SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190"
SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 32/52] sstatesig.py: show an error instead of warning when sstate manifest isn't found
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (30 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 31/52] wpa-supplicant: fix CVE-2021-0326 Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 33/52] asciidoc: Switch to using the main branch Anuj Mittal
` (19 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <Martin.Jansa@gmail.com>
* not sure if there are some valid use-cases for missing manifest, but
recently I'm seeing increasing number of build failures where something
from native recipe is missing (seen it with pseudo, autoconf, nodejs
recently) and the only indication that something is wrong (before showing
sometimes misleading error like:
recipe-sysroot-native/usr/bin/node: No such file or directory
is this warning:
NOTE: Running task 7844 of 12431 (/meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_12.20.2.bb:do_prepare_recipe_sysroot)
NOTE: recipe nodejs-12.20.2-r0: task do_prepare_recipe_sysroot: Started
WARNING: nodejs-12.20.2-r0 do_prepare_recipe_sysroot: Manifest /BUILD/sstate-control/manifest-x86_64_ubuntu-18.04-nodejs-native.populate_sysroot not found in x86_64 x86_64_ubuntu-18.04 (variant '')?
NOTE: Running task 7845 of 12431 (/meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_12.20.2.bb:do_unpack)
NOTE: recipe nodejs-12.20.2-r0: task do_unpack: Started
WARNING: nodejs-12.20.2-r0 do_prepare_recipe_sysroot: Manifest /BUILD/sstate-control/manifest-x86_64_ubuntu-18.04-nodejs-native.populate_sysroot not found in x86_64 x86_64_ubuntu-18.04 (variant '')?
NOTE: recipe nodejs-12.20.2-r0: task do_prepare_recipe_sysroot: Succeeded
if I rebuild that native dependency, then it gets fixed and I don't
see these failures in clean builds (as without sstate and with empty
TMPDIR), only in incremental builds
* but if there isn't valid reason for missing manifest file, then I think
it would be better to error early (or even bb.fatal())
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 95607a26854d873399d2b9d7e5fcbffc0cbdba4c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/lib/oe/sstatesig.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py
index 31a6140984..0d53132866 100644
--- a/meta/lib/oe/sstatesig.py
+++ b/meta/lib/oe/sstatesig.py
@@ -458,7 +458,7 @@ def find_sstate_manifest(taskdata, taskdata2, taskname, d, multilibcache):
manifest = d2.expand("${SSTATE_MANIFESTS}/manifest-%s-%s.%s" % (pkgarch, taskdata, taskname))
if os.path.exists(manifest):
return manifest, d2
- bb.warn("Manifest %s not found in %s (variant '%s')?" % (manifest, d2.expand(" ".join(pkgarchs)), variant))
+ bb.error("Manifest %s not found in %s (variant '%s')?" % (manifest, d2.expand(" ".join(pkgarchs)), variant))
return None, d2
def OEOuthashBasic(path, sigfile, task, d):
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 33/52] asciidoc: Switch to using the main branch
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (31 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 32/52] sstatesig.py: show an error instead of warning when sstate manifest isn't found Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 34/52] cups: Fix reproducibility issues Anuj Mittal
` (18 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Upstream has renamed the "master" branch to "main".
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 05637733cf89a81fd5d787402f5a917f279a1a0d)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-extended/asciidoc/asciidoc_9.0.2.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/asciidoc/asciidoc_9.0.2.bb b/meta/recipes-extended/asciidoc/asciidoc_9.0.2.bb
index 711bfbfb9b..5fd3832ef9 100644
--- a/meta/recipes-extended/asciidoc/asciidoc_9.0.2.bb
+++ b/meta/recipes-extended/asciidoc/asciidoc_9.0.2.bb
@@ -8,7 +8,7 @@ LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=4e5d1baf6f20559e3bec172226a47e4e \
file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 "
-SRC_URI = "git://github.com/asciidoc/asciidoc-py3;protocol=https \
+SRC_URI = "git://github.com/asciidoc/asciidoc-py3;protocol=https;branch=main \
file://auto-catalogs.patch"
SRCREV = "9a407dc9a497364c91421fd961954eddb565baf1"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 34/52] cups: Fix reproducibility issues
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (32 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 33/52] asciidoc: Switch to using the main branch Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 35/52] cups: fix CVE-2020-10001 Anuj Mittal
` (17 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
configure inspects the host's /etc/group for these configuration
options, fix this to the correct values by using configure options.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f16f9c727569414cd52862dcba18d8e423f4e961)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-extended/cups/cups.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index e7a704134c..4a1177467b 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -54,6 +54,8 @@ EXTRA_OECONF = " \
--enable-debug \
--disable-relro \
--enable-libusb \
+ --with-system-groups=lpadmin \
+ --with-cups-group=lp \
--with-domainsocket=/run/cups/cups.sock \
DSOFLAGS='${LDFLAGS}' \
"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 35/52] cups: fix CVE-2020-10001
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (33 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 34/52] cups: Fix reproducibility issues Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 36/52] gcr: Fix reproducibility issue Anuj Mittal
` (16 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Stefan Ghinea <stefan.ghinea@windriver.com>
A buffer (read) overflow in the ippReadIO function.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-10001
Upstream patches:
https://github.com/OpenPrinting/cups/commit/efbea1742bd30f842fbbfb87a473e5c84f4162f9
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 90eba79bf6f623aa3021eafd0141dad1c3059001)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2020-10001.patch | 74 +++++++++++++++++++
2 files changed, 75 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2020-10001.patch
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 4a1177467b..244c87001f 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -15,6 +15,7 @@ SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.t
file://0004-cups-fix-multilib-install-file-conflicts.patch \
file://volatiles.99_cups \
file://cups-volatiles.conf \
+ file://CVE-2020-10001.patch \
"
UPSTREAM_CHECK_URI = "https://github.com/apple/cups/releases"
diff --git a/meta/recipes-extended/cups/cups/CVE-2020-10001.patch b/meta/recipes-extended/cups/cups/CVE-2020-10001.patch
new file mode 100644
index 0000000000..09a0a5765d
--- /dev/null
+++ b/meta/recipes-extended/cups/cups/CVE-2020-10001.patch
@@ -0,0 +1,74 @@
+From efbea1742bd30f842fbbfb87a473e5c84f4162f9 Mon Sep 17 00:00:00 2001
+From: Michael R Sweet <msweet@msweet.org>
+Date: Mon, 1 Feb 2021 15:02:32 -0500
+Subject: [PATCH] Fix a buffer (read) overflow in ippReadIO (CVE-2020-10001)
+
+Upstream-Status: Backport
+CVE: CVE-2020-10001
+
+Reference to upstream patch:
+[https://github.com/OpenPrinting/cups/commit/efbea1742bd30f842fbbfb87a473e5c84f4162f9]
+
+[SG: Addapted for version 2.3.3]
+Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
+---
+ CHANGES.md | 2 ++
+ cups/ipp.c | 8 +++++---
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/CHANGES.md b/CHANGES.md
+index df72892..5ca12da 100644
+--- a/CHANGES.md
++++ b/CHANGES.md
+@@ -4,6 +4,8 @@ CHANGES - 2.3.3 - 2020-04-24
+ Changes in CUPS v2.3.3
+ ----------------------
+
++- Security: Fixed a buffer (read) overflow in the `ippReadIO` function
++ (CVE-2020-10001)
+ - CVE-2020-3898: The `ppdOpen` function did not handle invalid UI
+ constraint. `ppdcSource::get_resolution` function did not handle
+ invalid resolution strings.
+diff --git a/cups/ipp.c b/cups/ipp.c
+index 3d52934..adbb26f 100644
+--- a/cups/ipp.c
++++ b/cups/ipp.c
+@@ -2866,7 +2866,8 @@ ippReadIO(void *src, /* I - Data source */
+ unsigned char *buffer, /* Data buffer */
+ string[IPP_MAX_TEXT],
+ /* Small string buffer */
+- *bufptr; /* Pointer into buffer */
++ *bufptr, /* Pointer into buffer */
++ *bufend; /* End of buffer */
+ ipp_attribute_t *attr; /* Current attribute */
+ ipp_tag_t tag; /* Current tag */
+ ipp_tag_t value_tag; /* Current value tag */
+@@ -3441,6 +3442,7 @@ ippReadIO(void *src, /* I - Data source */
+ }
+
+ bufptr = buffer;
++ bufend = buffer + n;
+
+ /*
+ * text-with-language and name-with-language are composite
+@@ -3454,7 +3456,7 @@ ippReadIO(void *src, /* I - Data source */
+
+ n = (bufptr[0] << 8) | bufptr[1];
+
+- if ((bufptr + 2 + n) >= (buffer + IPP_BUF_SIZE) || n >= (int)sizeof(string))
++ if ((bufptr + 2 + n + 2) > bufend || n >= (int)sizeof(string))
+ {
+ _cupsSetError(IPP_STATUS_ERROR_INTERNAL,
+ _("IPP language length overflows value."), 1);
+@@ -3481,7 +3483,7 @@ ippReadIO(void *src, /* I - Data source */
+ bufptr += 2 + n;
+ n = (bufptr[0] << 8) | bufptr[1];
+
+- if ((bufptr + 2 + n) >= (buffer + IPP_BUF_SIZE))
++ if ((bufptr + 2 + n) > bufend)
+ {
+ _cupsSetError(IPP_STATUS_ERROR_INTERNAL,
+ _("IPP string length overflows value."), 1);
+--
+2.17.1
+
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 36/52] gcr: Fix reproducibility issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (34 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 35/52] cups: fix CVE-2020-10001 Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 37/52] externalsrc: Pass through npmsw URIs in SRC_URI Anuj Mittal
` (15 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b53133572de9e5bdf77dd44831a86ec34bf41b2c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-gnome/gcr/gcr_3.36.0.bb | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/meta/recipes-gnome/gcr/gcr_3.36.0.bb b/meta/recipes-gnome/gcr/gcr_3.36.0.bb
index ff455a68ec..567ca8b774 100644
--- a/meta/recipes-gnome/gcr/gcr_3.36.0.bb
+++ b/meta/recipes-gnome/gcr/gcr_3.36.0.bb
@@ -11,6 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=55ca817ccb7d5b5b66355690e9abc605"
DEPENDS = "gtk+3 p11-kit glib-2.0 libgcrypt gnupg-native \
${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'libxslt-native', '', d)}"
+CACHED_CONFIGUREVARS += "ac_cv_path_GPG='gpg2'"
+
GNOMEBASEBUILDCLASS = "meson"
GTKDOC_MESON_OPTION = "gtk_doc"
inherit gnomebase gtk-icon-cache gtk-doc features_check upstream-version-is-even vala gobject-introspection gettext mime mime-xdg
@@ -32,3 +34,11 @@ FILES_${PN} += " \
ARM_INSTRUCTION_SET_armv4 = "arm"
ARM_INSTRUCTION_SET_armv5 = "arm"
ARM_INSTRUCTION_SET_armv6 = "arm"
+
+EXTRA_OEMESON += "--cross-file ${WORKDIR}/meson-${PN}.cross"
+do_write_config_append() {
+ cat >${WORKDIR}/meson-${PN}.cross <<EOF
+[binaries]
+gpg2 = '${bindir}/gpg2'
+EOF
+}
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 37/52] externalsrc: Pass through npmsw URIs in SRC_URI
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (35 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 36/52] gcr: Fix reproducibility issue Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 38/52] wic: Warn if an ext filesystem affected by the Y2038 problem is used Anuj Mittal
` (14 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Mike Crowe <mac@mcrowe.com>
NPM shrinkwrap files need to stay in SRC_URI even when using
externalsrc so that npm_do_fetch can run to fetch the required
dependencies.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e889cbecf9a1731b199e57d79a14e574398586bb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/externalsrc.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 64e94e3301..c7b2bf2f49 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -68,6 +68,7 @@ python () {
url_data = fetch.ud[url]
parm = url_data.parm
if (url_data.type == 'file' or
+ url_data.type == 'npmsw' or
'type' in parm and parm['type'] == 'kmeta'):
local_srcuri.append(url)
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 38/52] wic: Warn if an ext filesystem affected by the Y2038 problem is used
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (36 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 37/52] externalsrc: Pass through npmsw URIs in SRC_URI Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 39/52] epiphany: Fix reproducibility issue Anuj Mittal
` (13 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Florian Bezdeka <florian.bezdeka@siemens.com>
We are getting closer and closer to the year 2038 where the 32 bit
time_t overflow will happen. While products (= embedded systems) with an
expected life time of 15 years are still save the situation may change
if your system has to survive the next 20 years.
ext2 and ext3 filesystems are always affected by the time overflow, so
let's warn the user if these filesystems are still being used.
If ext4 is affected depends on the inode size chosen during filesystem
creation. At least 256 bytes are necessary to be safe. As ext4 is
used very often (and partitions may be created small first and extended
later) this might be an issue for many users.
Some filesystems created during CI runs were already affected by the Y2038
problem. By using `--mkfs-extraopts "-T default"` we tell mke2fs not to
auto-detect the usage type based on the filesystem size. mke2fs will use
the default values for tuning parameters instead. The inode size is one
of these parameters.
Signed-off-by: Florian Bezdeka <florian.bezdeka@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eecbe625558406680121d2a7e84917fea45ea9dc)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
scripts/lib/wic/canned-wks/common.wks.inc | 2 +-
scripts/lib/wic/canned-wks/directdisk-gpt.wks | 2 +-
scripts/lib/wic/canned-wks/mkefidisk.wks | 2 +-
scripts/lib/wic/misc.py | 1 +
scripts/lib/wic/partition.py | 38 +++++++++++++++++++
5 files changed, 42 insertions(+), 3 deletions(-)
diff --git a/scripts/lib/wic/canned-wks/common.wks.inc b/scripts/lib/wic/canned-wks/common.wks.inc
index 89880b417b..4fd29fa8c1 100644
--- a/scripts/lib/wic/canned-wks/common.wks.inc
+++ b/scripts/lib/wic/canned-wks/common.wks.inc
@@ -1,3 +1,3 @@
# This file is included into 3 canned wks files from this directory
part /boot --source bootimg-pcbios --ondisk sda --label boot --active --align 1024
-part / --source rootfs --use-uuid --fstype=ext4 --label platform --align 1024
+part / --source rootfs --use-uuid --fstype=ext4 --mkfs-extraopts "-T default" --label platform --align 1024
diff --git a/scripts/lib/wic/canned-wks/directdisk-gpt.wks b/scripts/lib/wic/canned-wks/directdisk-gpt.wks
index 8d7d8de6ea..cf16c0c30b 100644
--- a/scripts/lib/wic/canned-wks/directdisk-gpt.wks
+++ b/scripts/lib/wic/canned-wks/directdisk-gpt.wks
@@ -4,7 +4,7 @@
part /boot --source bootimg-pcbios --ondisk sda --label boot --active --align 1024
-part / --source rootfs --ondisk sda --fstype=ext4 --label platform --align 1024 --use-uuid
+part / --source rootfs --ondisk sda --fstype=ext4 --mkfs-extraopts "-T default" --label platform --align 1024 --use-uuid
bootloader --ptable gpt --timeout=0 --append="rootwait rootfstype=ext4 video=vesafb vga=0x318 console=tty0 console=ttyS0,115200n8"
diff --git a/scripts/lib/wic/canned-wks/mkefidisk.wks b/scripts/lib/wic/canned-wks/mkefidisk.wks
index 9f534fe184..d1878e23e5 100644
--- a/scripts/lib/wic/canned-wks/mkefidisk.wks
+++ b/scripts/lib/wic/canned-wks/mkefidisk.wks
@@ -4,7 +4,7 @@
part /boot --source bootimg-efi --sourceparams="loader=grub-efi" --ondisk sda --label msdos --active --align 1024
-part / --source rootfs --ondisk sda --fstype=ext4 --label platform --align 1024 --use-uuid
+part / --source rootfs --ondisk sda --fstype=ext4 --mkfs-extraopts "-T default" --label platform --align 1024 --use-uuid
part swap --ondisk sda --size 44 --label swap1 --fstype=swap
diff --git a/scripts/lib/wic/misc.py b/scripts/lib/wic/misc.py
index 75b219cd3f..57c042c503 100644
--- a/scripts/lib/wic/misc.py
+++ b/scripts/lib/wic/misc.py
@@ -26,6 +26,7 @@ logger = logging.getLogger('wic')
# executable -> recipe pairs for exec_native_cmd
NATIVE_RECIPES = {"bmaptool": "bmap-tools",
+ "dumpe2fs": "e2fsprogs",
"grub-mkimage": "grub-efi",
"isohybrid": "syslinux",
"mcopy": "mtools",
diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index e574f40c47..85f9847047 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -298,6 +298,8 @@ class Partition():
mkfs_cmd = "fsck.%s -pvfD %s" % (self.fstype, rootfs)
exec_native_cmd(mkfs_cmd, native_sysroot, pseudo=pseudo)
+ self.check_for_Y2038_problem(rootfs, native_sysroot)
+
def prepare_rootfs_btrfs(self, rootfs, cr_workdir, oe_builddir, rootfs_dir,
native_sysroot, pseudo):
"""
@@ -388,6 +390,8 @@ class Partition():
(self.fstype, extraopts, label_str, self.fsuuid, rootfs)
exec_native_cmd(mkfs_cmd, native_sysroot)
+ self.check_for_Y2038_problem(rootfs, native_sysroot)
+
def prepare_empty_partition_btrfs(self, rootfs, oe_builddir,
native_sysroot):
"""
@@ -449,3 +453,37 @@ class Partition():
mkswap_cmd = "mkswap %s -U %s %s" % (label_str, self.fsuuid, path)
exec_native_cmd(mkswap_cmd, native_sysroot)
+
+ def check_for_Y2038_problem(self, rootfs, native_sysroot):
+ """
+ Check if the filesystem is affected by the Y2038 problem
+ (Y2038 problem = 32 bit time_t overflow in January 2038)
+ """
+ def get_err_str(part):
+ err = "The {} filesystem {} has no Y2038 support."
+ if part.mountpoint:
+ args = [part.fstype, "mounted at %s" % part.mountpoint]
+ elif part.label:
+ args = [part.fstype, "labeled '%s'" % part.label]
+ elif part.part_name:
+ args = [part.fstype, "in partition '%s'" % part.part_name]
+ else:
+ args = [part.fstype, "in partition %s" % part.num]
+ return err.format(*args)
+
+ # ext2 and ext3 are always affected by the Y2038 problem
+ if self.fstype in ["ext2", "ext3"]:
+ logger.warn(get_err_str(self))
+ return
+
+ ret, out = exec_native_cmd("dumpe2fs %s" % rootfs, native_sysroot)
+
+ # if ext4 is affected by the Y2038 problem depends on the inode size
+ for line in out.splitlines():
+ if line.startswith("Inode size:"):
+ size = int(line.split(":")[1].strip())
+ if size < 256:
+ logger.warn("%s Inodes (of size %d) are too small." %
+ (get_err_str(self), size))
+ break
+
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 39/52] epiphany: Fix reproducibility issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (37 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 38/52] wic: Warn if an ext filesystem affected by the Y2038 problem is used Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 40/52] epiphany: Fix distributor contamination from /etc/os-release Anuj Mittal
` (12 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
We don't want to encide BUILD_ROOT into target packages. This is used
for build time tests but in our case those would be on target anyway
do use the target paths.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2818dc90bd62487879e7da2c68357b39282415b0)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../recipes-gnome/epiphany/epiphany_3.36.4.bb | 1 +
.../epiphany/files/migrator.patch | 24 +++++++++++++++++++
2 files changed, 25 insertions(+)
create mode 100644 meta/recipes-gnome/epiphany/files/migrator.patch
diff --git a/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb b/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb
index 4c3b18331a..dcb337f4cb 100644
--- a/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb
+++ b/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb
@@ -13,6 +13,7 @@ REQUIRED_DISTRO_FEATURES = "x11 opengl"
SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@gnome_verdir("${PV}")}/${GNOMEBN}-${PV}.tar.${GNOME_COMPRESS_TYPE};name=archive \
file://0002-help-meson.build-disable-the-use-of-yelp.patch \
+ file://migrator.patch \
"
SRC_URI[archive.sha256sum] = "588a75b1588f5a509c33cf0be6a38a0f4fc1748eeb499a51d991ddef485242bf"
diff --git a/meta/recipes-gnome/epiphany/files/migrator.patch b/meta/recipes-gnome/epiphany/files/migrator.patch
new file mode 100644
index 0000000000..a9a650a64a
--- /dev/null
+++ b/meta/recipes-gnome/epiphany/files/migrator.patch
@@ -0,0 +1,24 @@
+We don't want to encide BUILD_ROOT into target packages. This is used
+for build time tests but in our case those would be on target anyway
+do use the target paths.
+
+Upstream-Status: Pending
+RP 2021/2/25
+
+Index: epiphany-3.38.2/lib/ephy-profile-utils.c
+===================================================================
+--- epiphany-3.38.2.orig/lib/ephy-profile-utils.c
++++ epiphany-3.38.2/lib/ephy-profile-utils.c
+@@ -130,10 +130,10 @@ ephy_profile_utils_do_migration (const c
+ argv[i++] = NULL;
+
+ #if DEVELOPER_MODE
+- argv[0] = BUILD_ROOT "/src/" EPHY_PROFILE_MIGRATOR;
++ argv[0] = PKGLIBEXECDIR "/" EPHY_PROFILE_MIGRATOR;
+ #else
+ if (debug)
+- argv[0] = BUILD_ROOT "/src/" EPHY_PROFILE_MIGRATOR;
++ argv[0] = PKGLIBEXECDIR "/" EPHY_PROFILE_MIGRATOR;
+ #endif
+
+ g_spawn_sync (NULL, (char **)argv, envp, G_SPAWN_SEARCH_PATH,
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 40/52] epiphany: Fix distributor contamination from /etc/os-release
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (38 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 39/52] epiphany: Fix reproducibility issue Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 41/52] image: Add directories to PSEUDO_IGNORE_PATHS Anuj Mittal
` (11 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Set our own distro string rather than using the value from
/etc/os-release.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 77f23ece471e8855bfd8be06951f21cabce25545)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-gnome/epiphany/epiphany_3.36.4.bb | 1 +
.../epiphany/files/distributor.patch | 17 +++++++++++++++++
2 files changed, 18 insertions(+)
create mode 100644 meta/recipes-gnome/epiphany/files/distributor.patch
diff --git a/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb b/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb
index dcb337f4cb..0c22a67bde 100644
--- a/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb
+++ b/meta/recipes-gnome/epiphany/epiphany_3.36.4.bb
@@ -14,6 +14,7 @@ REQUIRED_DISTRO_FEATURES = "x11 opengl"
SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@gnome_verdir("${PV}")}/${GNOMEBN}-${PV}.tar.${GNOME_COMPRESS_TYPE};name=archive \
file://0002-help-meson.build-disable-the-use-of-yelp.patch \
file://migrator.patch \
+ file://distributor.patch \
"
SRC_URI[archive.sha256sum] = "588a75b1588f5a509c33cf0be6a38a0f4fc1748eeb499a51d991ddef485242bf"
diff --git a/meta/recipes-gnome/epiphany/files/distributor.patch b/meta/recipes-gnome/epiphany/files/distributor.patch
new file mode 100644
index 0000000000..b09c9b38d2
--- /dev/null
+++ b/meta/recipes-gnome/epiphany/files/distributor.patch
@@ -0,0 +1,17 @@
+Don't encode the distro from /etc/os-release into the binaries.
+
+Upstream-Status: Pending
+RP 2021/2/26
+
+Index: epiphany-3.38.2/meson.build
+===================================================================
+--- epiphany-3.38.2.orig/meson.build
++++ epiphany-3.38.2/meson.build
+@@ -15,6 +15,7 @@ if r.returncode() == 0
+ else
+ distributor_name = 'GNOME Web'
+ endif
++distributor_name = 'OpenEmbedded'
+
+ prefix = get_option('prefix')
+ datadir = join_paths(prefix, get_option('datadir'))
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 41/52] image: Add directories to PSEUDO_IGNORE_PATHS
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (39 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 40/52] epiphany: Fix distributor contamination from /etc/os-release Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 42/52] populate_sdk: " Anuj Mittal
` (10 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Some paths used in image construction shouldn't be tracked under pseudo
so list these.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9463be2292b942a1072eea88881b9644e55aadb9)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/image.bbclass | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 045f4494c8..6d3d5692da 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -180,6 +180,8 @@ IMAGE_LOCALES_ARCHIVE ?= '1'
# aren't yet available.
PSEUDO_PASSWD = "${IMAGE_ROOTFS}:${STAGING_DIR_NATIVE}"
+PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/intercept_scripts,${WORKDIR}/oe-rootfs-repo"
+
PACKAGE_EXCLUDE ??= ""
PACKAGE_EXCLUDE[type] = "list"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 42/52] populate_sdk: Add directories to PSEUDO_IGNORE_PATHS
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (40 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 41/52] image: Add directories to PSEUDO_IGNORE_PATHS Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 43/52] bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image class Anuj Mittal
` (9 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Some paths used in sdk construction shouldn't be tracked under pseudo
so list these.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 21621e09162ff9e8014a1cfba78d0f2c3746202a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/populate_sdk_base.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass
index 49b1833265..942d3ec091 100644
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -178,7 +178,7 @@ do_populate_sdk[sstate-inputdirs] = "${SDKDEPLOYDIR}"
do_populate_sdk[sstate-outputdirs] = "${SDK_DEPLOY}"
do_populate_sdk[stamp-extra-info] = "${MACHINE_ARCH}${SDKMACHINE}"
-PSEUDO_IGNORE_PATHS .= ",${SDKDEPLOYDIR}"
+PSEUDO_IGNORE_PATHS .= ",${SDKDEPLOYDIR},${WORKDIR}/oe-sdk-repo,${WORKDIR}/sstate-build-populate_sdk"
fakeroot create_sdk_files() {
cp ${COREBASE}/scripts/relocate_sdk.py ${SDK_OUTPUT}/${SDKPATH}/
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 43/52] bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image class
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (41 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 42/52] populate_sdk: " Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 44/52] bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable Anuj Mittal
` (8 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
This path is image specific so we can move to the image class
definition of PSEUDO_IGNORE_PATHS.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 66a8ca0f206434e0b301a8fdc90f062750d6d118)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/classes/image.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 6d3d5692da..60b07de221 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -180,7 +180,7 @@ IMAGE_LOCALES_ARCHIVE ?= '1'
# aren't yet available.
PSEUDO_PASSWD = "${IMAGE_ROOTFS}:${STAGING_DIR_NATIVE}"
-PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/intercept_scripts,${WORKDIR}/oe-rootfs-repo"
+PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/intercept_scripts,${WORKDIR}/oe-rootfs-repo,${WORKDIR}/sstate-build-image_complete"
PACKAGE_EXCLUDE ??= ""
PACKAGE_EXCLUDE[type] = "list"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 44/52] bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (42 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 43/52] bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image class Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 45/52] oeqa/pam: Need shadow installed for the tests Anuj Mittal
` (7 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
We've had a lot of concern about the readability of diffs of this
path setting, refactor to avoid long line length.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f3930cba16ccbc4b76ed14187d5586d6479bc59e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/conf/bitbake.conf | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index b38b1d2964..eb282d1741 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -685,7 +685,10 @@ SRC_URI = ""
PSEUDO_LOCALSTATEDIR ?= "${WORKDIR}/pseudo/"
PSEUDO_PASSWD ?= "${STAGING_DIR_TARGET}:${PSEUDO_SYSROOT}"
PSEUDO_SYSROOT = "${COMPONENTS_DIR}/${BUILD_ARCH}/pseudo-native"
-PSEUDO_IGNORE_PATHS = "/usr/,/etc/,/lib,/dev/,/run/,${T},${WORKDIR}/recipe-sysroot,${SSTATE_DIR},${STAMPS_DIR},${WORKDIR}/pkgdata-sysroot,${TMPDIR}/sstate-control,${DEPLOY_DIR},${WORKDIR}/deploy-,${TMPDIR}/buildstats,${WORKDIR}/sstate-build-package_,${WORKDIR}/sstate-install-package_,${WORKDIR}/sstate-build-image_complete,${TMPDIR}/sysroots-components,${BUILDHISTORY_DIR},${TMPDIR}/pkgdata,${TOPDIR}/cache,${COREBASE}/scripts,${CCACHE_DIR}"
+PSEUDO_IGNORE_PATHS = "/usr/,/etc/,/lib,/dev/,/run/,${T},${WORKDIR}/recipe-sysroot,${SSTATE_DIR},${STAMPS_DIR}"
+PSEUDO_IGNORE_PATHS .= ",${TMPDIR}/sstate-control,${TMPDIR}/buildstats,${TMPDIR}/sysroots-components,${TMPDIR}/pkgdata"
+PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/deploy-,${WORKDIR}/sstate-build-package_,${WORKDIR}/sstate-install-package_,${WORKDIR}/pkgdata-sysroot"
+PSEUDO_IGNORE_PATHS .= ",${DEPLOY_DIR},${BUILDHISTORY_DIR},${TOPDIR}/cache,${COREBASE}/scripts,${CCACHE_DIR}"
export PSEUDO_DISABLED = "1"
#export PSEUDO_PREFIX = "${STAGING_DIR_NATIVE}${prefix_native}"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 45/52] oeqa/pam: Need shadow installed for the tests
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (43 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 44/52] bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 46/52] valgrind: Increase timeout duration 30 -> 90 s Anuj Mittal
` (6 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Distros may not use shadow for login manager
secondly login --help returns 1 only with shadow provided login
utility, with busybox it returns normal 0, the testcase clearly
assumes shadow being part of image, therefore add needed
checks to ensure the pre-requisites are met
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0820aeba74869bf6e85b200f39bc610a43ab9a7a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/lib/oeqa/runtime/cases/pam.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/lib/oeqa/runtime/cases/pam.py b/meta/lib/oeqa/runtime/cases/pam.py
index 271a1943e3..a482ded945 100644
--- a/meta/lib/oeqa/runtime/cases/pam.py
+++ b/meta/lib/oeqa/runtime/cases/pam.py
@@ -8,11 +8,14 @@
from oeqa.runtime.case import OERuntimeTestCase
from oeqa.core.decorator.depends import OETestDepends
from oeqa.core.decorator.data import skipIfNotFeature
+from oeqa.runtime.decorator.package import OEHasPackage
class PamBasicTest(OERuntimeTestCase):
@skipIfNotFeature('pam', 'Test requires pam to be in DISTRO_FEATURES')
@OETestDepends(['ssh.SSHTest.test_ssh'])
+ @OEHasPackage(['shadow'])
+ @OEHasPackage(['shadow-base'])
def test_pam(self):
status, output = self.target.run('login --help')
msg = ('login command does not work as expected. '
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 46/52] valgrind: Increase timeout duration 30 -> 90 s
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (44 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 45/52] oeqa/pam: Need shadow installed for the tests Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 47/52] parted: Fix reproducibility issue Anuj Mittal
` (5 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Yi Fan Yu <yifan.yu@windriver.com>
Attempt to fix intermittent failure of `drd/tests/std_list`
Locally tested to take around 45 s on qemuarm64
[YOCTO #14228]
Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit aac00b1c8042e41cd6bb1aea8e3033a1c6dd2b05)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
...Modify-vg_test-wrapper-to-support-PTEST-formats.patch | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-devtools/valgrind/valgrind/0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch b/meta/recipes-devtools/valgrind/valgrind/0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch
index 7985308e41..0c399ef52c 100644
--- a/meta/recipes-devtools/valgrind/valgrind/0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch
+++ b/meta/recipes-devtools/valgrind/valgrind/0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch
@@ -19,6 +19,11 @@ Upstream-Status: Pending
Signed-off-by: Dave Lerner <dave.lerner@windriver.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+
+Increase time limit to 90 s.
+(double of the expected time of drd/tests/std_list on qemuarm64)
+
+Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
---
tests/vg_regtest.in | 75 +++++++++++++++++++++++++++++++++++++++--------------
1 file changed, 55 insertions(+), 20 deletions(-)
@@ -66,7 +71,7 @@ index a441f42..cb05b52 100755
# Since most of the program time is spent in system() calls, need this to
# propagate a Ctrl-C enabling us to quit.
-sub mysystem($)
-+# Enforce 30 seconds limit for the test.
++# Enforce 90 seconds limit for the test.
+# This resume execution of the remaining tests if valgrind hangs.
+sub mysystem($)
{
@@ -76,7 +81,7 @@ index a441f42..cb05b52 100755
+ my $exit_code=0;
+ eval {
+ local $SIG{'ALRM'} = sub { die "timed out\n" };
-+ alarm(30);
++ alarm(90);
+ $exit_code = system($_[0]);
+ alarm (0);
+ ($exit_code == 2) and die "SIGINT\n"; # 2 is SIGINT
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 47/52] parted: Fix reproducibility issue
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (45 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 46/52] valgrind: Increase timeout duration 30 -> 90 s Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 48/52] yocto-uninative.inc: version 2.11 updates glibc to 2.33 Anuj Mittal
` (4 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
We don't use tbe BUILDINFO line of host information in the Makefile
so remove it for reproducibility.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a9742595fa90d4977fdd8129a4fe4932ddb96a18)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-extended/parted/parted_3.3.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-extended/parted/parted_3.3.bb b/meta/recipes-extended/parted/parted_3.3.bb
index ce40c04ad4..915ab05b65 100644
--- a/meta/recipes-extended/parted/parted_3.3.bb
+++ b/meta/recipes-extended/parted/parted_3.3.bb
@@ -42,6 +42,7 @@ do_install_ptest() {
sed -i "s|^abs_srcdir =.*|abs_srcdir = \.|g" $t/tests/Makefile
sed -i "s|^abs_top_srcdir =.*|abs_top_srcdir = \.\.|g" $t/tests/Makefile
sed -i "s|^Makefile:.*|Makefile:|g" $t/tests/Makefile
+ sed -i "/^BUILDINFO.*$/d" $t/tests/Makefile
for i in print-align print-max print-flags dup-clobber duplicate fs-resize; \
do cp ${B}/tests/.libs/$i $t/tests/; \
done
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 48/52] yocto-uninative.inc: version 2.11 updates glibc to 2.33
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (46 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 47/52] parted: Fix reproducibility issue Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 49/52] yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround Anuj Mittal
` (3 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
Support glibc 2.33.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5c7f963d395aa4a94d78c37883488baac471ea43)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/conf/distro/include/yocto-uninative.inc | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index 85336014b1..bc47083978 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,9 @@
# to the distro running on the build machine.
#
-UNINATIVE_MAXGLIBCVERSION = "2.32"
+UNINATIVE_MAXGLIBCVERSION = "2.33"
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.10/"
-UNINATIVE_CHECKSUM[aarch64] ?= "645e5c50b2b48aabb8b10f783a9f94b4b7c5ddc7cfceb5386d43b86d30253202"
-UNINATIVE_CHECKSUM[i686] ?= "233e09b5ff30e15341232a0c16fa8448ff31dccb8f3f3e2ad3948cdac8c4a598"
-UNINATIVE_CHECKSUM[x86_64] ?= "04333677f81990ce2cf55c3bc256cd84a66085d18fc95ccddfab8581e4aec014"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.11/"
+UNINATIVE_CHECKSUM[aarch64] ?= "fa703e25c26eaebb1afd895337b92a24cc5077818e093af74912e53846a117fe"
+UNINATIVE_CHECKSUM[i686] ?= "638901c990ffbe716a34400134a2ad49a1c3104e3b48cdafd6fcd28e9b133294"
+UNINATIVE_CHECKSUM[x86_64] ?= "047ddd78d6b5cabd2a102120e27755a9eaa1d5724c6a8f4007daa3f10ecb6871"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 49/52] yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (47 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 48/52] yocto-uninative.inc: version 2.11 updates glibc to 2.33 Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 50/52] bind: fix CVE-2020-8625 Anuj Mittal
` (2 subsequent siblings)
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 317f8bf320383e81085f5740e202a7edb12932c7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/conf/distro/include/yocto-uninative.inc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index bc47083978..a2a2dd18ec 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -8,7 +8,7 @@
UNINATIVE_MAXGLIBCVERSION = "2.33"
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.11/"
-UNINATIVE_CHECKSUM[aarch64] ?= "fa703e25c26eaebb1afd895337b92a24cc5077818e093af74912e53846a117fe"
-UNINATIVE_CHECKSUM[i686] ?= "638901c990ffbe716a34400134a2ad49a1c3104e3b48cdafd6fcd28e9b133294"
-UNINATIVE_CHECKSUM[x86_64] ?= "047ddd78d6b5cabd2a102120e27755a9eaa1d5724c6a8f4007daa3f10ecb6871"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.0/"
+UNINATIVE_CHECKSUM[aarch64] ?= "1c668909098c5b56132067adc69a249cb771f4560428e5822de903a12d97bf33"
+UNINATIVE_CHECKSUM[i686] ?= "e6cc2fc056234cffa6a2ff084cce27d544ea3f487a62b5e253351cefd4421900"
+UNINATIVE_CHECKSUM[x86_64] ?= "5ec5a9276046e7eceeac749a18b175667384e1f445cd4526300a41404d985a5b"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 50/52] bind: fix CVE-2020-8625
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (48 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 49/52] yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 51/52] python3: fix CVE-2021-23336 Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 52/52] libsdl2: fix CVE-2020-14409 CVE-2020-14410 Anuj Mittal
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Minjae Kim <flowergom@gmail.com>
BIND Operational Notification: Zone journal (.jnl) file incompatibility.
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../bind/bind-9.16.7/CVE-2020-8625.patch | 29 +++++++++++++++++++
meta/recipes-connectivity/bind/bind_9.16.7.bb | 1 +
2 files changed, 30 insertions(+)
create mode 100644 meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch b/meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch
new file mode 100644
index 0000000000..98b8623139
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.7/CVE-2020-8625.patch
@@ -0,0 +1,29 @@
+From 5b671538216af78a0a7ef7464dc52ab2241ea7db Mon Sep 17 00:00:00 2001
+From: Minjae Kim <flowergom@gmail.com>
+Date: Tue, 2 Mar 2021 14:03:49 +0000
+Subject: [PATCH] BIND Operational Notification: Zone journal (.jnl) file
+ incompatibility
+
+Upstream-Status: Backport [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch]
+CVE: CVE-2020-8625
+Signed-off-by: Minjae Kim <flowergom@gmail.com>
+---
+ lib/dns/spnego.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
+index 671838c..82fd49a 100644
+--- a/lib/dns/spnego.c
++++ b/lib/dns/spnego.c
+@@ -846,7 +846,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
+ return (ASN1_OVERRUN);
+ }
+
+- data->components = malloc(len * sizeof(*data->components));
++ data->components = malloc((len + 1) * sizeof(*data->components));
+ if (data->components == NULL) {
+ return (ENOMEM);
+ }
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/bind/bind_9.16.7.bb b/meta/recipes-connectivity/bind/bind_9.16.7.bb
index 5fc2c1d3cd..82c1bb66df 100644
--- a/meta/recipes-connectivity/bind/bind_9.16.7.bb
+++ b/meta/recipes-connectivity/bind/bind_9.16.7.bb
@@ -17,6 +17,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
file://0001-avoid-start-failure-with-bind-user.patch \
+ file://CVE-2020-8625.patch \
"
SRC_URI[sha256sum] = "9f7d1812ebbd26a699f62b6fa8522d5dec57e4bf43af0042a0d60d39ed8314d1"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 51/52] python3: fix CVE-2021-23336
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (49 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 50/52] bind: fix CVE-2020-8625 Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 52/52] libsdl2: fix CVE-2020-14409 CVE-2020-14410 Anuj Mittal
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../python/python3/CVE-2021-23336.patch | 548 ++++++++++++++++++
meta/recipes-devtools/python/python3_3.8.5.bb | 1 +
2 files changed, 549 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2021-23336.patch
diff --git a/meta/recipes-devtools/python/python3/CVE-2021-23336.patch b/meta/recipes-devtools/python/python3/CVE-2021-23336.patch
new file mode 100644
index 0000000000..27893f69fb
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2021-23336.patch
@@ -0,0 +1,548 @@
+From e3110c3cfbb7daa690d54d0eff6c264c870a71bf Mon Sep 17 00:00:00 2001
+From: Senthil Kumaran <senthil@uthcode.com>
+Date: Mon, 15 Feb 2021 10:15:02 -0800
+Subject: [PATCH] [3.8] bpo-42967: only use '&' as a query string separator
+ (GH-24297) (#24529)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* bpo-42967: only use '&' as a query string separator (#24297)
+
+bpo-42967: [security] Address a web cache-poisoning issue reported in
+urllib.parse.parse_qsl().
+
+urllib.parse will only us "&" as query string separator by default
+instead of both ";" and "&" as allowed in earlier versions. An optional
+argument seperator with default value "&" is added to specify the
+separator.
+
+Co-authored-by: Éric Araujo <merwok@netwok.org>
+Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
+Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
+Co-authored-by: Éric Araujo <merwok@netwok.org>
+(cherry picked from commit fcbe0cb04d35189401c0c880ebfb4311e952d776)
+
+* [3.8] bpo-42967: only use '&' as a query string separator (GH-24297)
+
+bpo-42967: [security] Address a web cache-poisoning issue reported in urllib.parse.parse_qsl().
+
+urllib.parse will only us "&" as query string separator by default instead of both ";" and "&" as allowed in earlier versions. An optional argument seperator with default value "&" is added to specify the separator.
+
+Co-authored-by: Éric Araujo <merwok@netwok.org>
+Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
+Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
+Co-authored-by: Éric Araujo <merwok@netwok.org>.
+(cherry picked from commit fcbe0cb04d35189401c0c880ebfb4311e952d776)
+
+Co-authored-by: Adam Goldschmidt <adamgold7@gmail.com>
+
+* Update correct version information.
+
+* fix docs and make logic clearer
+
+Co-authored-by: Adam Goldschmidt <adamgold7@gmail.com>
+Co-authored-by: Fidget-Spinner <28750310+Fidget-Spinner@users.noreply.github.com>
+
+Upstream-Status: Backport [https://github.com/python/cpython/commit/e3110c3cfbb7daa690d54d0eff6c264c870a71bf]
+CVE: CVE-2020-23336
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ Doc/library/cgi.rst | 11 ++-
+ Doc/library/urllib.parse.rst | 22 +++++-
+ Doc/whatsnew/3.6.rst | 13 ++++
+ Doc/whatsnew/3.7.rst | 13 ++++
+ Doc/whatsnew/3.8.rst | 13 ++++
+ Lib/cgi.py | 23 ++++---
+ Lib/test/test_cgi.py | 29 ++++++--
+ Lib/test/test_urlparse.py | 68 +++++++++++++------
+ Lib/urllib/parse.py | 19 ++++--
+ .../2021-02-14-15-59-16.bpo-42967.YApqDS.rst | 1 +
+ 10 files changed, 166 insertions(+), 46 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Security/2021-02-14-15-59-16.bpo-42967.YApqDS.rst
+
+diff --git a/Doc/library/cgi.rst b/Doc/library/cgi.rst
+index 4048592e7361f..880074bed6026 100644
+--- a/Doc/library/cgi.rst
++++ b/Doc/library/cgi.rst
+@@ -277,14 +277,16 @@ These are useful if you want more control, or if you want to employ some of the
+ algorithms implemented in this module in other circumstances.
+
+
+-.. function:: parse(fp=None, environ=os.environ, keep_blank_values=False, strict_parsing=False)
++.. function:: parse(fp=None, environ=os.environ, keep_blank_values=False, strict_parsing=False, separator="&")
+
+ Parse a query in the environment or from a file (the file defaults to
+- ``sys.stdin``). The *keep_blank_values* and *strict_parsing* parameters are
++ ``sys.stdin``). The *keep_blank_values*, *strict_parsing* and *separator* parameters are
+ passed to :func:`urllib.parse.parse_qs` unchanged.
+
++ .. versionchanged:: 3.8.8
++ Added the *separator* parameter.
+
+-.. function:: parse_multipart(fp, pdict, encoding="utf-8", errors="replace")
++.. function:: parse_multipart(fp, pdict, encoding="utf-8", errors="replace", separator="&")
+
+ Parse input of type :mimetype:`multipart/form-data` (for file uploads).
+ Arguments are *fp* for the input file, *pdict* for a dictionary containing
+@@ -303,6 +305,9 @@ algorithms implemented in this module in other circumstances.
+ Added the *encoding* and *errors* parameters. For non-file fields, the
+ value is now a list of strings, not bytes.
+
++ .. versionchanged:: 3.8.8
++ Added the *separator* parameter.
++
+
+ .. function:: parse_header(string)
+
+diff --git a/Doc/library/urllib.parse.rst b/Doc/library/urllib.parse.rst
+index 25e5cc1a6ce0b..fcad7076e6c77 100644
+--- a/Doc/library/urllib.parse.rst
++++ b/Doc/library/urllib.parse.rst
+@@ -165,7 +165,7 @@ or on combining URL components into a URL string.
+ now raise :exc:`ValueError`.
+
+
+-.. function:: parse_qs(qs, keep_blank_values=False, strict_parsing=False, encoding='utf-8', errors='replace', max_num_fields=None)
++.. function:: parse_qs(qs, keep_blank_values=False, strict_parsing=False, encoding='utf-8', errors='replace', max_num_fields=None, separator='&')
+
+ Parse a query string given as a string argument (data of type
+ :mimetype:`application/x-www-form-urlencoded`). Data are returned as a
+@@ -190,6 +190,9 @@ or on combining URL components into a URL string.
+ read. If set, then throws a :exc:`ValueError` if there are more than
+ *max_num_fields* fields read.
+
++ The optional argument *separator* is the symbol to use for separating the
++ query arguments. It defaults to ``&``.
++
+ Use the :func:`urllib.parse.urlencode` function (with the ``doseq``
+ parameter set to ``True``) to convert such dictionaries into query
+ strings.
+@@ -201,8 +204,14 @@ or on combining URL components into a URL string.
+ .. versionchanged:: 3.8
+ Added *max_num_fields* parameter.
+
++ .. versionchanged:: 3.8.8
++ Added *separator* parameter with the default value of ``&``. Python
++ versions earlier than Python 3.8.8 allowed using both ``;`` and ``&`` as
++ query parameter separator. This has been changed to allow only a single
++ separator key, with ``&`` as the default separator.
++
+
+-.. function:: parse_qsl(qs, keep_blank_values=False, strict_parsing=False, encoding='utf-8', errors='replace', max_num_fields=None)
++.. function:: parse_qsl(qs, keep_blank_values=False, strict_parsing=False, encoding='utf-8', errors='replace', max_num_fields=None, separator='&')
+
+ Parse a query string given as a string argument (data of type
+ :mimetype:`application/x-www-form-urlencoded`). Data are returned as a list of
+@@ -226,6 +235,9 @@ or on combining URL components into a URL string.
+ read. If set, then throws a :exc:`ValueError` if there are more than
+ *max_num_fields* fields read.
+
++ The optional argument *separator* is the symbol to use for separating the
++ query arguments. It defaults to ``&``.
++
+ Use the :func:`urllib.parse.urlencode` function to convert such lists of pairs into
+ query strings.
+
+@@ -235,6 +247,12 @@ or on combining URL components into a URL string.
+ .. versionchanged:: 3.8
+ Added *max_num_fields* parameter.
+
++ .. versionchanged:: 3.8.8
++ Added *separator* parameter with the default value of ``&``. Python
++ versions earlier than Python 3.8.8 allowed using both ``;`` and ``&`` as
++ query parameter separator. This has been changed to allow only a single
++ separator key, with ``&`` as the default separator.
++
+
+ .. function:: urlunparse(parts)
+
+diff --git a/Doc/whatsnew/3.6.rst b/Doc/whatsnew/3.6.rst
+index 85a6657fdfbda..03a877a3d9178 100644
+--- a/Doc/whatsnew/3.6.rst
++++ b/Doc/whatsnew/3.6.rst
+@@ -2443,3 +2443,16 @@ because of the behavior of the socket option ``SO_REUSEADDR`` in UDP. For more
+ details, see the documentation for ``loop.create_datagram_endpoint()``.
+ (Contributed by Kyle Stanley, Antoine Pitrou, and Yury Selivanov in
+ :issue:`37228`.)
++
++Notable changes in Python 3.6.13
++================================
++
++Earlier Python versions allowed using both ``;`` and ``&`` as
++query parameter separators in :func:`urllib.parse.parse_qs` and
++:func:`urllib.parse.parse_qsl`. Due to security concerns, and to conform with
++newer W3C recommendations, this has been changed to allow only a single
++separator key, with ``&`` as the default. This change also affects
++:func:`cgi.parse` and :func:`cgi.parse_multipart` as they use the affected
++functions internally. For more details, please see their respective
++documentation.
++(Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in :issue:`42967`.)
+diff --git a/Doc/whatsnew/3.7.rst b/Doc/whatsnew/3.7.rst
+index 4933cba3990b1..824dc13e0c6fd 100644
+--- a/Doc/whatsnew/3.7.rst
++++ b/Doc/whatsnew/3.7.rst
+@@ -2556,3 +2556,16 @@ because of the behavior of the socket option ``SO_REUSEADDR`` in UDP. For more
+ details, see the documentation for ``loop.create_datagram_endpoint()``.
+ (Contributed by Kyle Stanley, Antoine Pitrou, and Yury Selivanov in
+ :issue:`37228`.)
++
++Notable changes in Python 3.7.10
++================================
++
++Earlier Python versions allowed using both ``;`` and ``&`` as
++query parameter separators in :func:`urllib.parse.parse_qs` and
++:func:`urllib.parse.parse_qsl`. Due to security concerns, and to conform with
++newer W3C recommendations, this has been changed to allow only a single
++separator key, with ``&`` as the default. This change also affects
++:func:`cgi.parse` and :func:`cgi.parse_multipart` as they use the affected
++functions internally. For more details, please see their respective
++documentation.
++(Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in :issue:`42967`.)
+diff --git a/Doc/whatsnew/3.8.rst b/Doc/whatsnew/3.8.rst
+index 1a192800b2f02..632ccc1f2c40a 100644
+--- a/Doc/whatsnew/3.8.rst
++++ b/Doc/whatsnew/3.8.rst
+@@ -2251,3 +2251,16 @@ The constant values of future flags in the :mod:`__future__` module
+ are updated in order to prevent collision with compiler flags. Previously
+ ``PyCF_ALLOW_TOP_LEVEL_AWAIT`` was clashing with ``CO_FUTURE_DIVISION``.
+ (Contributed by Batuhan Taskaya in :issue:`39562`)
++
++Notable changes in Python 3.8.8
++===============================
++
++Earlier Python versions allowed using both ``;`` and ``&`` as
++query parameter separators in :func:`urllib.parse.parse_qs` and
++:func:`urllib.parse.parse_qsl`. Due to security concerns, and to conform with
++newer W3C recommendations, this has been changed to allow only a single
++separator key, with ``&`` as the default. This change also affects
++:func:`cgi.parse` and :func:`cgi.parse_multipart` as they use the affected
++functions internally. For more details, please see their respective
++documentation.
++(Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in :issue:`42967`.)
+diff --git a/Lib/cgi.py b/Lib/cgi.py
+index 77ab703cc0360..1e880e51848af 100755
+--- a/Lib/cgi.py
++++ b/Lib/cgi.py
+@@ -115,7 +115,8 @@ def closelog():
+ # 0 ==> unlimited input
+ maxlen = 0
+
+-def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
++def parse(fp=None, environ=os.environ, keep_blank_values=0,
++ strict_parsing=0, separator='&'):
+ """Parse a query in the environment or from a file (default stdin)
+
+ Arguments, all optional:
+@@ -134,6 +135,9 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
+ strict_parsing: flag indicating what to do with parsing errors.
+ If false (the default), errors are silently ignored.
+ If true, errors raise a ValueError exception.
++
++ separator: str. The symbol to use for separating the query arguments.
++ Defaults to &.
+ """
+ if fp is None:
+ fp = sys.stdin
+@@ -154,7 +158,7 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
+ if environ['REQUEST_METHOD'] == 'POST':
+ ctype, pdict = parse_header(environ['CONTENT_TYPE'])
+ if ctype == 'multipart/form-data':
+- return parse_multipart(fp, pdict)
++ return parse_multipart(fp, pdict, separator=separator)
+ elif ctype == 'application/x-www-form-urlencoded':
+ clength = int(environ['CONTENT_LENGTH'])
+ if maxlen and clength > maxlen:
+@@ -178,10 +182,10 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
+ qs = ""
+ environ['QUERY_STRING'] = qs # XXX Shouldn't, really
+ return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing,
+- encoding=encoding)
++ encoding=encoding, separator=separator)
+
+
+-def parse_multipart(fp, pdict, encoding="utf-8", errors="replace"):
++def parse_multipart(fp, pdict, encoding="utf-8", errors="replace", separator='&'):
+ """Parse multipart input.
+
+ Arguments:
+@@ -205,7 +209,7 @@ def parse_multipart(fp, pdict, encoding="utf-8", errors="replace"):
+ except KeyError:
+ pass
+ fs = FieldStorage(fp, headers=headers, encoding=encoding, errors=errors,
+- environ={'REQUEST_METHOD': 'POST'})
++ environ={'REQUEST_METHOD': 'POST'}, separator=separator)
+ return {k: fs.getlist(k) for k in fs}
+
+ def _parseparam(s):
+@@ -315,7 +319,7 @@ class FieldStorage:
+ def __init__(self, fp=None, headers=None, outerboundary=b'',
+ environ=os.environ, keep_blank_values=0, strict_parsing=0,
+ limit=None, encoding='utf-8', errors='replace',
+- max_num_fields=None):
++ max_num_fields=None, separator='&'):
+ """Constructor. Read multipart/* until last part.
+
+ Arguments, all optional:
+@@ -363,6 +367,7 @@ def __init__(self, fp=None, headers=None, outerboundary=b'',
+ self.keep_blank_values = keep_blank_values
+ self.strict_parsing = strict_parsing
+ self.max_num_fields = max_num_fields
++ self.separator = separator
+ if 'REQUEST_METHOD' in environ:
+ method = environ['REQUEST_METHOD'].upper()
+ self.qs_on_post = None
+@@ -589,7 +594,7 @@ def read_urlencoded(self):
+ query = urllib.parse.parse_qsl(
+ qs, self.keep_blank_values, self.strict_parsing,
+ encoding=self.encoding, errors=self.errors,
+- max_num_fields=self.max_num_fields)
++ max_num_fields=self.max_num_fields, separator=self.separator)
+ self.list = [MiniFieldStorage(key, value) for key, value in query]
+ self.skip_lines()
+
+@@ -605,7 +610,7 @@ def read_multi(self, environ, keep_blank_values, strict_parsing):
+ query = urllib.parse.parse_qsl(
+ self.qs_on_post, self.keep_blank_values, self.strict_parsing,
+ encoding=self.encoding, errors=self.errors,
+- max_num_fields=self.max_num_fields)
++ max_num_fields=self.max_num_fields, separator=self.separator)
+ self.list.extend(MiniFieldStorage(key, value) for key, value in query)
+
+ klass = self.FieldStorageClass or self.__class__
+@@ -649,7 +654,7 @@ def read_multi(self, environ, keep_blank_values, strict_parsing):
+ else self.limit - self.bytes_read
+ part = klass(self.fp, headers, ib, environ, keep_blank_values,
+ strict_parsing, limit,
+- self.encoding, self.errors, max_num_fields)
++ self.encoding, self.errors, max_num_fields, self.separator)
+
+ if max_num_fields is not None:
+ max_num_fields -= 1
+diff --git a/Lib/test/test_cgi.py b/Lib/test/test_cgi.py
+index 101942de947fb..4e1506a6468b9 100644
+--- a/Lib/test/test_cgi.py
++++ b/Lib/test/test_cgi.py
+@@ -53,12 +53,9 @@ def do_test(buf, method):
+ ("", ValueError("bad query field: ''")),
+ ("&", ValueError("bad query field: ''")),
+ ("&&", ValueError("bad query field: ''")),
+- (";", ValueError("bad query field: ''")),
+- (";&;", ValueError("bad query field: ''")),
+ # Should the next few really be valid?
+ ("=", {}),
+ ("=&=", {}),
+- ("=;=", {}),
+ # This rest seem to make sense
+ ("=a", {'': ['a']}),
+ ("&=a", ValueError("bad query field: ''")),
+@@ -73,8 +70,6 @@ def do_test(buf, method):
+ ("a=a+b&b=b+c", {'a': ['a b'], 'b': ['b c']}),
+ ("a=a+b&a=b+a", {'a': ['a b', 'b a']}),
+ ("x=1&y=2.0&z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
+- ("x=1;y=2.0&z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
+- ("x=1;y=2.0;z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
+ ("Hbc5161168c542333633315dee1182227:key_store_seqid=400006&cuyer=r&view=bustomer&order_id=0bb2e248638833d48cb7fed300000f1b&expire=964546263&lobale=en-US&kid=130003.300038&ss=env",
+ {'Hbc5161168c542333633315dee1182227:key_store_seqid': ['400006'],
+ 'cuyer': ['r'],
+@@ -201,6 +196,30 @@ def test_strict(self):
+ else:
+ self.assertEqual(fs.getvalue(key), expect_val[0])
+
++ def test_separator(self):
++ parse_semicolon = [
++ ("x=1;y=2.0", {'x': ['1'], 'y': ['2.0']}),
++ ("x=1;y=2.0;z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
++ (";", ValueError("bad query field: ''")),
++ (";;", ValueError("bad query field: ''")),
++ ("=;a", ValueError("bad query field: 'a'")),
++ (";b=a", ValueError("bad query field: ''")),
++ ("b;=a", ValueError("bad query field: 'b'")),
++ ("a=a+b;b=b+c", {'a': ['a b'], 'b': ['b c']}),
++ ("a=a+b;a=b+a", {'a': ['a b', 'b a']}),
++ ]
++ for orig, expect in parse_semicolon:
++ env = {'QUERY_STRING': orig}
++ fs = cgi.FieldStorage(separator=';', environ=env)
++ if isinstance(expect, dict):
++ for key in expect.keys():
++ expect_val = expect[key]
++ self.assertIn(key, fs)
++ if len(expect_val) > 1:
++ self.assertEqual(fs.getvalue(key), expect_val)
++ else:
++ self.assertEqual(fs.getvalue(key), expect_val[0])
++
+ def test_log(self):
+ cgi.log("Testing")
+
+diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
+index 4ae6ed33858ce..90c8d6922629e 100644
+--- a/Lib/test/test_urlparse.py
++++ b/Lib/test/test_urlparse.py
+@@ -32,16 +32,10 @@
+ (b"&a=b", [(b'a', b'b')]),
+ (b"a=a+b&b=b+c", [(b'a', b'a b'), (b'b', b'b c')]),
+ (b"a=1&a=2", [(b'a', b'1'), (b'a', b'2')]),
+- (";", []),
+- (";;", []),
+- (";a=b", [('a', 'b')]),
+- ("a=a+b;b=b+c", [('a', 'a b'), ('b', 'b c')]),
+- ("a=1;a=2", [('a', '1'), ('a', '2')]),
+- (b";", []),
+- (b";;", []),
+- (b";a=b", [(b'a', b'b')]),
+- (b"a=a+b;b=b+c", [(b'a', b'a b'), (b'b', b'b c')]),
+- (b"a=1;a=2", [(b'a', b'1'), (b'a', b'2')]),
++ (";a=b", [(';a', 'b')]),
++ ("a=a+b;b=b+c", [('a', 'a b;b=b c')]),
++ (b";a=b", [(b';a', b'b')]),
++ (b"a=a+b;b=b+c", [(b'a', b'a b;b=b c')]),
+ ]
+
+ # Each parse_qs testcase is a two-tuple that contains
+@@ -68,16 +62,10 @@
+ (b"&a=b", {b'a': [b'b']}),
+ (b"a=a+b&b=b+c", {b'a': [b'a b'], b'b': [b'b c']}),
+ (b"a=1&a=2", {b'a': [b'1', b'2']}),
+- (";", {}),
+- (";;", {}),
+- (";a=b", {'a': ['b']}),
+- ("a=a+b;b=b+c", {'a': ['a b'], 'b': ['b c']}),
+- ("a=1;a=2", {'a': ['1', '2']}),
+- (b";", {}),
+- (b";;", {}),
+- (b";a=b", {b'a': [b'b']}),
+- (b"a=a+b;b=b+c", {b'a': [b'a b'], b'b': [b'b c']}),
+- (b"a=1;a=2", {b'a': [b'1', b'2']}),
++ (";a=b", {';a': ['b']}),
++ ("a=a+b;b=b+c", {'a': ['a b;b=b c']}),
++ (b";a=b", {b';a': [b'b']}),
++ (b"a=a+b;b=b+c", {b'a':[ b'a b;b=b c']}),
+ ]
+
+ class UrlParseTestCase(unittest.TestCase):
+@@ -884,10 +872,46 @@ def test_parse_qsl_encoding(self):
+ def test_parse_qsl_max_num_fields(self):
+ with self.assertRaises(ValueError):
+ urllib.parse.parse_qs('&'.join(['a=a']*11), max_num_fields=10)
+- with self.assertRaises(ValueError):
+- urllib.parse.parse_qs(';'.join(['a=a']*11), max_num_fields=10)
+ urllib.parse.parse_qs('&'.join(['a=a']*10), max_num_fields=10)
+
++ def test_parse_qs_separator(self):
++ parse_qs_semicolon_cases = [
++ (";", {}),
++ (";;", {}),
++ (";a=b", {'a': ['b']}),
++ ("a=a+b;b=b+c", {'a': ['a b'], 'b': ['b c']}),
++ ("a=1;a=2", {'a': ['1', '2']}),
++ (b";", {}),
++ (b";;", {}),
++ (b";a=b", {b'a': [b'b']}),
++ (b"a=a+b;b=b+c", {b'a': [b'a b'], b'b': [b'b c']}),
++ (b"a=1;a=2", {b'a': [b'1', b'2']}),
++ ]
++ for orig, expect in parse_qs_semicolon_cases:
++ with self.subTest(f"Original: {orig!r}, Expected: {expect!r}"):
++ result = urllib.parse.parse_qs(orig, separator=';')
++ self.assertEqual(result, expect, "Error parsing %r" % orig)
++
++
++ def test_parse_qsl_separator(self):
++ parse_qsl_semicolon_cases = [
++ (";", []),
++ (";;", []),
++ (";a=b", [('a', 'b')]),
++ ("a=a+b;b=b+c", [('a', 'a b'), ('b', 'b c')]),
++ ("a=1;a=2", [('a', '1'), ('a', '2')]),
++ (b";", []),
++ (b";;", []),
++ (b";a=b", [(b'a', b'b')]),
++ (b"a=a+b;b=b+c", [(b'a', b'a b'), (b'b', b'b c')]),
++ (b"a=1;a=2", [(b'a', b'1'), (b'a', b'2')]),
++ ]
++ for orig, expect in parse_qsl_semicolon_cases:
++ with self.subTest(f"Original: {orig!r}, Expected: {expect!r}"):
++ result = urllib.parse.parse_qsl(orig, separator=';')
++ self.assertEqual(result, expect, "Error parsing %r" % orig)
++
++
+ def test_urlencode_sequences(self):
+ # Other tests incidentally urlencode things; test non-covered cases:
+ # Sequence and object values.
+diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py
+index 95be7181133b4..0c1c94f5fc986 100644
+--- a/Lib/urllib/parse.py
++++ b/Lib/urllib/parse.py
+@@ -650,7 +650,7 @@ def unquote(string, encoding='utf-8', errors='replace'):
+
+
+ def parse_qs(qs, keep_blank_values=False, strict_parsing=False,
+- encoding='utf-8', errors='replace', max_num_fields=None):
++ encoding='utf-8', errors='replace', max_num_fields=None, separator='&'):
+ """Parse a query given as a string argument.
+
+ Arguments:
+@@ -674,12 +674,15 @@ def parse_qs(qs, keep_blank_values=False, strict_parsing=False,
+ max_num_fields: int. If set, then throws a ValueError if there
+ are more than n fields read by parse_qsl().
+
++ separator: str. The symbol to use for separating the query arguments.
++ Defaults to &.
++
+ Returns a dictionary.
+ """
+ parsed_result = {}
+ pairs = parse_qsl(qs, keep_blank_values, strict_parsing,
+ encoding=encoding, errors=errors,
+- max_num_fields=max_num_fields)
++ max_num_fields=max_num_fields, separator=separator)
+ for name, value in pairs:
+ if name in parsed_result:
+ parsed_result[name].append(value)
+@@ -689,7 +692,7 @@ def parse_qs(qs, keep_blank_values=False, strict_parsing=False,
+
+
+ def parse_qsl(qs, keep_blank_values=False, strict_parsing=False,
+- encoding='utf-8', errors='replace', max_num_fields=None):
++ encoding='utf-8', errors='replace', max_num_fields=None, separator='&'):
+ """Parse a query given as a string argument.
+
+ Arguments:
+@@ -712,19 +715,25 @@ def parse_qsl(qs, keep_blank_values=False, strict_parsing=False,
+ max_num_fields: int. If set, then throws a ValueError
+ if there are more than n fields read by parse_qsl().
+
++ separator: str. The symbol to use for separating the query arguments.
++ Defaults to &.
++
+ Returns a list, as G-d intended.
+ """
+ qs, _coerce_result = _coerce_args(qs)
+
++ if not separator or (not isinstance(separator, (str, bytes))):
++ raise ValueError("Separator must be of type string or bytes.")
++
+ # If max_num_fields is defined then check that the number of fields
+ # is less than max_num_fields. This prevents a memory exhaustion DOS
+ # attack via post bodies with many fields.
+ if max_num_fields is not None:
+- num_fields = 1 + qs.count('&') + qs.count(';')
++ num_fields = 1 + qs.count(separator)
+ if max_num_fields < num_fields:
+ raise ValueError('Max number of fields exceeded')
+
+- pairs = [s2 for s1 in qs.split('&') for s2 in s1.split(';')]
++ pairs = [s1 for s1 in qs.split(separator)]
+ r = []
+ for name_value in pairs:
+ if not name_value and not strict_parsing:
+diff --git a/Misc/NEWS.d/next/Security/2021-02-14-15-59-16.bpo-42967.YApqDS.rst b/Misc/NEWS.d/next/Security/2021-02-14-15-59-16.bpo-42967.YApqDS.rst
+new file mode 100644
+index 0000000000000..f08489b41494e
+--- /dev/null
++++ b/Misc/NEWS.d/next/Security/2021-02-14-15-59-16.bpo-42967.YApqDS.rst
+@@ -0,0 +1 @@
++Fix web cache poisoning vulnerability by defaulting the query args separator to ``&``, and allowing the user to choose a custom separator.
diff --git a/meta/recipes-devtools/python/python3_3.8.5.bb b/meta/recipes-devtools/python/python3_3.8.5.bb
index fda35a31e2..418d35acfe 100644
--- a/meta/recipes-devtools/python/python3_3.8.5.bb
+++ b/meta/recipes-devtools/python/python3_3.8.5.bb
@@ -34,6 +34,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \
file://CVE-2020-27619.patch \
file://CVE-2021-3177.patch \
+ file://CVE-2021-23336.patch \
"
SRC_URI_append_class-native = " \
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
* [gatesgarth][PATCH 52/52] libsdl2: fix CVE-2020-14409 CVE-2020-14410
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
` (50 preceding siblings ...)
2021-03-05 4:21 ` [gatesgarth][PATCH 51/52] python3: fix CVE-2021-23336 Anuj Mittal
@ 2021-03-05 4:21 ` Anuj Mittal
51 siblings, 0 replies; 53+ messages in thread
From: Anuj Mittal @ 2021-03-05 4:21 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../libsdl2/CVE-2020-14409-14410.patch | 79 +++++++++++++++++++
.../libsdl2/libsdl2_2.0.12.bb | 1 +
2 files changed, 80 insertions(+)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2020-14409-14410.patch
diff --git a/meta/recipes-graphics/libsdl2/libsdl2/CVE-2020-14409-14410.patch b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2020-14409-14410.patch
new file mode 100644
index 0000000000..d8fa24bc65
--- /dev/null
+++ b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2020-14409-14410.patch
@@ -0,0 +1,79 @@
+From a7ff6e96155f550a5597621ebeddd03c98aa9294 Mon Sep 17 00:00:00 2001
+From: Sam Lantinga <slouken@libsdl.org>
+Date: Wed, 17 Jun 2020 08:44:45 -0700
+Subject: [PATCH] Fixed overflow in surface pitch calculation
+
+
+Upstream-Status: Backport
+[https://github.com/libsdl-org/SDL/commit/a7ff6e96155f550a5597621ebeddd03c98aa9294]
+CVE: CVE-2020-14409 CVE-2020-14410
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ src/video/SDL_surface.c | 23 +++++++++++++++--------
+ 1 file changed, 15 insertions(+), 8 deletions(-)
+
+diff --git a/src/video/SDL_surface.c b/src/video/SDL_surface.c
+index 085d9ff1e..bff826f7c 100644
+--- a/src/video/SDL_surface.c
++++ b/src/video/SDL_surface.c
+@@ -28,24 +28,23 @@
+ #include "SDL_yuv_c.h"
+
+
+-/* Check to make sure we can safely check multiplication of surface w and pitch and it won't overflow size_t */
+-SDL_COMPILE_TIME_ASSERT(surface_size_assumptions,
+- sizeof(int) == sizeof(Sint32) && sizeof(size_t) >= sizeof(Sint32));
++/* Check to make sure we can safely check multiplication of surface w and pitch and it won't overflow Sint64 */
++SDL_COMPILE_TIME_ASSERT(surface_size_assumptions, sizeof(int) == sizeof(Sint32));
+
+ /* Public routines */
+
+ /*
+ * Calculate the pad-aligned scanline width of a surface
+ */
+-static int
++static Sint64
+ SDL_CalculatePitch(Uint32 format, int width)
+ {
+- int pitch;
++ Sint64 pitch;
+
+ if (SDL_ISPIXELFORMAT_FOURCC(format) || SDL_BITSPERPIXEL(format) >= 8) {
+- pitch = (width * SDL_BYTESPERPIXEL(format));
++ pitch = ((Sint64)width * SDL_BYTESPERPIXEL(format));
+ } else {
+- pitch = ((width * SDL_BITSPERPIXEL(format)) + 7) / 8;
++ pitch = (((Sint64)width * SDL_BITSPERPIXEL(format)) + 7) / 8;
+ }
+ pitch = (pitch + 3) & ~3; /* 4-byte aligning for speed */
+ return pitch;
+@@ -59,11 +58,19 @@ SDL_Surface *
+ SDL_CreateRGBSurfaceWithFormat(Uint32 flags, int width, int height, int depth,
+ Uint32 format)
+ {
++ Sint64 pitch;
+ SDL_Surface *surface;
+
+ /* The flags are no longer used, make the compiler happy */
+ (void)flags;
+
++ pitch = SDL_CalculatePitch(format, width);
++ if (pitch < 0 || pitch > SDL_MAX_SINT32) {
++ /* Overflow... */
++ SDL_OutOfMemory();
++ return NULL;
++ }
++
+ /* Allocate the surface */
+ surface = (SDL_Surface *) SDL_calloc(1, sizeof(*surface));
+ if (surface == NULL) {
+@@ -78,7 +85,7 @@ SDL_CreateRGBSurfaceWithFormat(Uint32 flags, int width, int height, int depth,
+ }
+ surface->w = width;
+ surface->h = height;
+- surface->pitch = SDL_CalculatePitch(format, width);
++ surface->pitch = (int)pitch;
+ SDL_SetClipRect(surface, NULL);
+
+ if (SDL_ISPIXELFORMAT_INDEXED(surface->format->format)) {
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
index 1513746492..639a465567 100644
--- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
+++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
@@ -20,6 +20,7 @@ SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \
file://more-gen-depends.patch \
file://directfb-spurious-curly-brace-missing-e.patch \
file://directfb-renderfillrect-fix.patch \
+ file://CVE-2020-14409-14410.patch \
"
S = "${WORKDIR}/SDL2-${PV}"
--
2.29.2
^ permalink raw reply related [flat|nested] 53+ messages in thread
end of thread, other threads:[~2021-03-05 4:23 UTC | newest]
Thread overview: 53+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-05 4:20 [gatesgarth][PATCH 00/52] review request Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 01/52] local.conf.sample.extended: prefer INIT_MANAGER Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 02/52] rootfs_deb: handle aarch64 SDK_ARCH Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 03/52] xorg-fonts-minimal: Fix reproducibility Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 04/52] xorg-minimal-fonts: Really fix determinism Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 05/52] git: Fix determinism issue Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 06/52] valgrind: Disable ptest nlcontrolc for x86-64 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 07/52] linux-yocto/5.4: update to v5.4.96 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 08/52] linux-yocto/5.4: update to v5.4.98 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 09/52] groff: Fix determinism issue Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 10/52] df.py: Add feature check for read-only-rootfs Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 11/52] cve-check.bbclass: add layer to cve log Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 12/52] cve-check: add include/exclude layers Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 13/52] go: Update to 1.15.8 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 14/52] screen: fix CVE-2021-26937 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 15/52] npm.bbclass: avoid building target nodejs for native npm recipes Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 16/52] mtd-utils: Remove duplicate assignments to alternative link names Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 17/52] package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm class Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 18/52] oe/recipeutils: Fix copying patches when BBLAYERS entries are not normalised Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 19/52] oeqa/commands: Fix compatibility with python 3.9 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 20/52] wpebackend-fdo: Fix missing .so symlink when using dev package Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 21/52] linux-firmware: upgrade 20201218 -> 20210208 Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 22/52] systemd: Fix importd requirements comment Anuj Mittal
2021-03-05 4:20 ` [gatesgarth][PATCH 23/52] openssl: upgrade 1.1.1i -> 1.1.1j Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 24/52] rsync: Fix a file sorting determinism issue Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 25/52] rsync: Fix group name " Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 26/52] libevdev: Update patch status to backport Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 27/52] python3: Fix python interpreter line length for nativesdk Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 28/52] report-error.bbclass: Add layer and bitbake version info to error report Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 29/52] babeltrace2: Fix reproducibility Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 30/52] bitbake.conf: Introduce FAKEROOTLOGS variable used by bitbake to print pseudo.log Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 31/52] wpa-supplicant: fix CVE-2021-0326 Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 32/52] sstatesig.py: show an error instead of warning when sstate manifest isn't found Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 33/52] asciidoc: Switch to using the main branch Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 34/52] cups: Fix reproducibility issues Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 35/52] cups: fix CVE-2020-10001 Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 36/52] gcr: Fix reproducibility issue Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 37/52] externalsrc: Pass through npmsw URIs in SRC_URI Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 38/52] wic: Warn if an ext filesystem affected by the Y2038 problem is used Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 39/52] epiphany: Fix reproducibility issue Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 40/52] epiphany: Fix distributor contamination from /etc/os-release Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 41/52] image: Add directories to PSEUDO_IGNORE_PATHS Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 42/52] populate_sdk: " Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 43/52] bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image class Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 44/52] bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 45/52] oeqa/pam: Need shadow installed for the tests Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 46/52] valgrind: Increase timeout duration 30 -> 90 s Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 47/52] parted: Fix reproducibility issue Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 48/52] yocto-uninative.inc: version 2.11 updates glibc to 2.33 Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 49/52] yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 50/52] bind: fix CVE-2020-8625 Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 51/52] python3: fix CVE-2021-23336 Anuj Mittal
2021-03-05 4:21 ` [gatesgarth][PATCH 52/52] libsdl2: fix CVE-2020-14409 CVE-2020-14410 Anuj Mittal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox