* [OE-core][dunfell 01/11] bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 02/11] go: Security Fix for CVE-2022-2879 Steve Sakoman
` (9 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/monitor/jlink.c?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-connectivity/bluez5/bluez5.inc | 1 +
.../bluez5/bluez5/CVE-2022-3637.patch | 39 +++++++++++++++++++
2 files changed, 40 insertions(+)
create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index 7ad054b3a7..a71d339928 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -58,6 +58,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
file://CVE-2021-3658.patch \
file://CVE-2022-0204.patch \
file://CVE-2022-39176.patch \
+ file://CVE-2022-3637.patch \
"
S = "${WORKDIR}/bluez-${PV}"
diff --git a/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch b/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
new file mode 100644
index 0000000000..4ca60f99d5
--- /dev/null
+++ b/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
@@ -0,0 +1,39 @@
+From b808b2852a0b48c6f9dbb038f932613cea3126c2 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Thu, 27 Oct 2022 09:51:27 +0530
+Subject: [PATCH] CVE-2022-3637
+
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/monitor/jlink.c?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f]
+CVE: CVE-2022-3637
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+
+monitor: Fix crash when using RTT backend
+
+This fix regression introduced by "monitor: Fix memory leaks".
+J-Link shared library is in use if jlink_init() returns 0 and thus
+handle shall not be closed.
+---
+ monitor/jlink.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/monitor/jlink.c b/monitor/jlink.c
+index afa9d93..5bd4aed 100644
+--- a/monitor/jlink.c
++++ b/monitor/jlink.c
+@@ -120,9 +120,12 @@ int jlink_init(void)
+ !jlink.tif_select || !jlink.setspeed ||
+ !jlink.connect || !jlink.getsn ||
+ !jlink.emu_getproductname ||
+- !jlink.rtterminal_control || !jlink.rtterminal_read)
++ !jlink.rtterminal_control || !jlink.rtterminal_read) {
++ dlclose(so);
+ return -EIO;
++ }
+
++ /* don't dlclose(so) here cause symbols from it are in use now */
+ return 0;
+ }
+
+--
+2.25.1
+
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 02/11] go: Security Fix for CVE-2022-2879
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 01/11] bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 03/11] curl: fix CVE-2022-32221 POST following PUT Steve Sakoman
` (8 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Sunil Kumar <sukumar@mvista.com>
archive/tar: limit size of headers
Set a 1MiB limit on special file blocks (PAX headers, GNU long names,
GNU link names), to avoid reading arbitrarily large amounts of data
into memory.
Link: https://github.com/golang/go/commit/0a723816cd2
Signed-off-by: Sunil Kumar <sukumar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-2879.patch | 111 ++++++++++++++++++
2 files changed, 112 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index 3341beb159..e8ff1c4ec9 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -42,6 +42,7 @@ SRC_URI += "\
file://0003-CVE-2022-32190.patch \
file://0004-CVE-2022-32190.patch \
file://CVE-2022-2880.patch \
+ file://CVE-2022-2879.patch \
"
SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch b/meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
new file mode 100644
index 0000000000..ea04a82d16
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
@@ -0,0 +1,111 @@
+From 9d339f1d0f53c4116a7cb4acfa895f31a07212ee Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Fri, 2 Sep 2022 20:45:18 -0700
+Subject: [PATCH] archive/tar: limit size of headers
+
+Set a 1MiB limit on special file blocks (PAX headers, GNU long names,
+GNU link names), to avoid reading arbitrarily large amounts of data
+into memory.
+
+Thanks to Adam Korczynski (ADA Logics) and OSS-Fuzz for reporting
+this issue.
+
+Fixes CVE-2022-2879
+Updates #54853
+Fixes #55926
+
+Change-Id: I85136d6ff1e0af101a112190e027987ab4335680
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1565555
+Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
+Run-TryBot: Roland Shoemaker <bracewell@google.com>
+Reviewed-by: Roland Shoemaker <bracewell@google.com>
+(cherry picked from commit 6ee768cef6b82adf7a90dcf367a1699ef694f3b2)
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1591053
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Reviewed-by: Damien Neil <dneil@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/438498
+TryBot-Result: Gopher Robot <gobot@golang.org>
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Reviewed-by: Carlos Amedee <carlos@golang.org>
+Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
+Run-TryBot: Carlos Amedee <carlos@golang.org>
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/0a723816cd2]
+CVE: CVE-2022-2879
+Signed-off-by: Sunil Kumar <sukumar@mvista.com>
+---
+ src/archive/tar/format.go | 4 ++++
+ src/archive/tar/reader.go | 14 ++++++++++++--
+ src/archive/tar/writer.go | 3 +++
+ 3 files changed, 19 insertions(+), 2 deletions(-)
+
+diff --git a/src/archive/tar/format.go b/src/archive/tar/format.go
+index cfe24a5..6642364 100644
+--- a/src/archive/tar/format.go
++++ b/src/archive/tar/format.go
+@@ -143,6 +143,10 @@ const (
+ blockSize = 512 // Size of each block in a tar stream
+ nameSize = 100 // Max length of the name field in USTAR format
+ prefixSize = 155 // Max length of the prefix field in USTAR format
++
++ // Max length of a special file (PAX header, GNU long name or link).
++ // This matches the limit used by libarchive.
++ maxSpecialFileSize = 1 << 20
+ )
+
+ // blockPadding computes the number of bytes needed to pad offset up to the
+diff --git a/src/archive/tar/reader.go b/src/archive/tar/reader.go
+index 4f9135b..e996595 100644
+--- a/src/archive/tar/reader.go
++++ b/src/archive/tar/reader.go
+@@ -104,7 +104,7 @@ func (tr *Reader) next() (*Header, error) {
+ continue // This is a meta header affecting the next header
+ case TypeGNULongName, TypeGNULongLink:
+ format.mayOnlyBe(FormatGNU)
+- realname, err := ioutil.ReadAll(tr)
++ realname, err := readSpecialFile(tr)
+ if err != nil {
+ return nil, err
+ }
+@@ -294,7 +294,7 @@ func mergePAX(hdr *Header, paxHdrs map[string]string) (err error) {
+ // parsePAX parses PAX headers.
+ // If an extended header (type 'x') is invalid, ErrHeader is returned
+ func parsePAX(r io.Reader) (map[string]string, error) {
+- buf, err := ioutil.ReadAll(r)
++ buf, err := readSpecialFile(r)
+ if err != nil {
+ return nil, err
+ }
+@@ -827,6 +827,16 @@ func tryReadFull(r io.Reader, b []byte) (n int, err error) {
+ return n, err
+ }
+
++// readSpecialFile is like ioutil.ReadAll except it returns
++// ErrFieldTooLong if more than maxSpecialFileSize is read.
++func readSpecialFile(r io.Reader) ([]byte, error) {
++ buf, err := ioutil.ReadAll(io.LimitReader(r, maxSpecialFileSize+1))
++ if len(buf) > maxSpecialFileSize {
++ return nil, ErrFieldTooLong
++ }
++ return buf, err
++}
++
+ // discard skips n bytes in r, reporting an error if unable to do so.
+ func discard(r io.Reader, n int64) error {
+ // If possible, Seek to the last byte before the end of the data section.
+diff --git a/src/archive/tar/writer.go b/src/archive/tar/writer.go
+index e80498d..893eac0 100644
+--- a/src/archive/tar/writer.go
++++ b/src/archive/tar/writer.go
+@@ -199,6 +199,9 @@ func (tw *Writer) writePAXHeader(hdr *Header, paxHdrs map[string]string) error {
+ flag = TypeXHeader
+ }
+ data := buf.String()
++ if len(data) > maxSpecialFileSize {
++ return ErrFieldTooLong
++ }
+ if err := tw.writeRawFile(name, data, flag, FormatPAX); err != nil || isGlobal {
+ return err // Global headers return here
+ }
+--
+2.7.4
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 03/11] curl: fix CVE-2022-32221 POST following PUT
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 01/11] bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 02/11] go: Security Fix for CVE-2022-2879 Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 04/11] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write Steve Sakoman
` (7 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Vivek Kumbhar <vkumbhar@mvista.com>
Upstream-Status: Backport from https://github.com/curl/curl/commit/a64e3e59938abd7d6
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../curl/curl/CVE-2022-32221.patch | 29 +++++++++++++++++++
meta/recipes-support/curl/curl_7.69.1.bb | 1 +
2 files changed, 30 insertions(+)
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
diff --git a/meta/recipes-support/curl/curl/CVE-2022-32221.patch b/meta/recipes-support/curl/curl/CVE-2022-32221.patch
new file mode 100644
index 0000000000..8e662abd3a
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2022-32221.patch
@@ -0,0 +1,29 @@
+From 75c04a3e75e8e3025a17ca3033ca307da9691cd0 Mon Sep 17 00:00:00 2001
+From: Vivek Kumbhar <vkumbhar@mvista.com>
+Date: Fri, 11 Nov 2022 10:49:58 +0530
+Subject: [PATCH] CVE-2022-32221
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/a64e3e59938abd7d6]
+CVE: CVE-2022-32221
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+
+setopt: when POST is set, reset the 'upload' field.
+---
+ lib/setopt.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/setopt.c b/lib/setopt.c
+index bebb2e4..4d96f6b 100644
+--- a/lib/setopt.c
++++ b/lib/setopt.c
+@@ -486,6 +486,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
+ }
+ else
+ data->set.httpreq = HTTPREQ_GET;
++ data->set.upload = FALSE;
+ break;
+
+ case CURLOPT_COPYPOSTFIELDS:
+--
+2.25.1
+
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb
index ed37094049..31aa9d7185 100644
--- a/meta/recipes-support/curl/curl_7.69.1.bb
+++ b/meta/recipes-support/curl/curl_7.69.1.bb
@@ -39,6 +39,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \
file://CVE-2022-32207.patch \
file://CVE-2022-32208.patch \
file://CVE-2022-35252.patch \
+ file://CVE-2022-32221.patch \
"
SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42"
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 04/11] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (2 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 03/11] curl: fix CVE-2022-32221 POST following PUT Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 05/11] binutils: stable 2.34 branch updates Steve Sakoman
` (6 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Vivek Kumbhar <vkumbhar@mvista.com>
Upstream-Status: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3638.patch | 80 +++++++++++++++++++
2 files changed, 81 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 28caefef07..764f948a28 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -112,6 +112,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2022-0216-1.patch \
file://CVE-2022-0216-2.patch \
file://CVE-2021-3750.patch \
+ file://CVE-2021-3638.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
new file mode 100644
index 0000000000..6e7af8540a
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
@@ -0,0 +1,80 @@
+From b68d13531d8882ba66994b9f767b6a8f822464f3 Mon Sep 17 00:00:00 2001
+From: Vivek Kumbhar <vkumbhar@mvista.com>
+Date: Fri, 11 Nov 2022 12:43:26 +0530
+Subject: [PATCH] CVE-2021-3638
+
+Upstream-Status: Backport [https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html]
+CVE: CVE-2021-3638
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+
+When building QEMU with DEBUG_ATI defined then running with
+'-device ati-vga,romfile="" -d unimp,guest_errors -trace ati\*'
+we get:
+
+ ati_mm_write 4 0x16c0 DP_CNTL <- 0x1
+ ati_mm_write 4 0x146c DP_GUI_MASTER_CNTL <- 0x2
+ ati_mm_write 4 0x16c8 DP_MIX <- 0xff0000
+ ati_mm_write 4 0x16c4 DP_DATATYPE <- 0x2
+ ati_mm_write 4 0x224 CRTC_OFFSET <- 0x0
+ ati_mm_write 4 0x142c DST_PITCH_OFFSET <- 0xfe00000
+ ati_mm_write 4 0x1420 DST_Y <- 0x3fff
+ ati_mm_write 4 0x1410 DST_HEIGHT <- 0x3fff
+ ati_mm_write 4 0x1588 DST_WIDTH_X <- 0x3fff3fff
+ ati_2d_blt: vram:0x7fff5fa00000 addr:0 ds:0x7fff61273800 stride:2560 bpp:32
+rop:0xff
+ ati_2d_blt: 0 0 0, 0 127 0, (0,0) -> (16383,16383) 16383x16383 > ^
+ ati_2d_blt: pixman_fill(dst:0x7fff5fa00000, stride:254, bpp:8, x:16383,
+y:16383, w:16383, h:16383, xor:0xff000000)
+ Thread 3 "qemu-system-i38" received signal SIGSEGV, Segmentation fault.
+ (gdb) bt
+ #0 0x00007ffff7f62ce0 in sse2_fill.lto_priv () at /lib64/libpixman-1.so.0
+ #1 0x00007ffff7f09278 in pixman_fill () at /lib64/libpixman-1.so.0
+ #2 0x0000555557b5a9af in ati_2d_blt (s=0x631000028800) at
+hw/display/ati_2d.c:196
+ #3 0x0000555557b4b5a2 in ati_mm_write (opaque=0x631000028800, addr=5512,
+data=1073692671, size=4) at hw/display/ati.c:843
+ #4 0x0000555558b90ec4 in memory_region_write_accessor (mr=0x631000039cc0,
+addr=5512, ..., size=4, ...) at softmmu/memory.c:492
+
+Commit 584acf34cb0 ("ati-vga: Fix reverse bit blts") introduced
+the local dst_x and dst_y which adjust the (x, y) coordinates
+depending on the direction in the SRCCOPY ROP3 operation, but
+forgot to address the same issue for the PATCOPY, BLACKNESS and
+WHITENESS operations, which also call pixman_fill().
+
+Fix that now by using the adjusted coordinates in the pixman_fill
+call, and update the related debug printf().
+---
+ hw/display/ati_2d.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
+index 4dc10ea7..692bec91 100644
+--- a/hw/display/ati_2d.c
++++ b/hw/display/ati_2d.c
+@@ -84,7 +84,7 @@ void ati_2d_blt(ATIVGAState *s)
+ DPRINTF("%d %d %d, %d %d %d, (%d,%d) -> (%d,%d) %dx%d %c %c\n",
+ s->regs.src_offset, s->regs.dst_offset, s->regs.default_offset,
+ s->regs.src_pitch, s->regs.dst_pitch, s->regs.default_pitch,
+- s->regs.src_x, s->regs.src_y, s->regs.dst_x, s->regs.dst_y,
++ s->regs.src_x, s->regs.src_y, dst_x, dst_y,
+ s->regs.dst_width, s->regs.dst_height,
+ (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ? '>' : '<'),
+ (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ? 'v' : '^'));
+@@ -180,11 +180,11 @@ void ati_2d_blt(ATIVGAState *s)
+ dst_stride /= sizeof(uint32_t);
+ DPRINTF("pixman_fill(%p, %d, %d, %d, %d, %d, %d, %x)\n",
+ dst_bits, dst_stride, bpp,
+- s->regs.dst_x, s->regs.dst_y,
++ dst_x, dst_y,
+ s->regs.dst_width, s->regs.dst_height,
+ filler);
+ pixman_fill((uint32_t *)dst_bits, dst_stride, bpp,
+- s->regs.dst_x, s->regs.dst_y,
++ dst_x, dst_y,
+ s->regs.dst_width, s->regs.dst_height,
+ filler);
+ if (dst_bits >= s->vga.vram_ptr + s->vga.vbe_start_addr &&
+--
+2.25.1
+
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 05/11] binutils: stable 2.34 branch updates
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (3 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 04/11] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 06/11] glibc : stable 2.31 " Steve Sakoman
` (5 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Below commits on binutils-2.34 stable branch are updated.
c4e78c0868a PR27755, powerpc-ld infinite loop
33973d228c9 gas, arm: PR26858 Fix availability of single precision vmul/vmla in arm mode
0c8652fe288 x86: Update GNU property tests
5c1bd3f52c6 x86: Properly merge -z ibt and -z shstk
93b9bf1651a PowerPC TPREL_HA/LO optimisation
58950a3bfd4 Date update
e3b314d3a61 aarch64: set sh_entsize of .plt to 0
26b6ab7a0e4 S/390: z13: Accept vector alignment hints
7324292cd94 gas: Fix checking for backwards .org with negative offset
463ec189fe9 Prevent a potential use-after-fee memory corruption bug in the linker (for PE format files).
ef2826c0fdb Fix the ARM assembler to generate a Realtime profile for armv8-r.
8524bb5bd28 Re: Fix tight loop on recursively-defined symbols
5768460022b Fix tight loop on recursively-defined symbols
a72427b1ae0 gas: PR 25863: Fix scalar vmul inside it block when assembling for MVE
9f57ab49b32 BFD: Exclude sections with no content from compress check.
aaf3f0599a2 Arm: Fix LSB of GOT for Thumb2 only PLT.
97f92b3e90a Arm: Fix thumb2 PLT branch offsets.
3053d7a163c include: Sync plugin-api.h with GCC
f7aec2b8e09 PR25745, powerpc64-ld overflows string buffer in --stats mode
1b2bf0f65c1 include: Sync plugin-api.h with GCC
5e8619b9597 include: Sync lto-symtab.h and plugin-api.h with GCC
23820109ced plugin: Don't invoke LTO-wrapper
64f5c0afcc4 plugin: Use LDPT_ADD_SYMBOLS_V2 to get symbol type
aaa1e160040 Silence warnings due to plugin API change
e7c0ee5110c Include: Sync lto-symtab.h and plugin-api.h with GCC
b6520be37fd Fix dwarf.c build with GCC 10
a560c29ca5a bfd: Change num_group to unsigned int
3ca4cd1ebde gas, arm: Fix bad backport
b3174859c4b gas, arm: PR25660L Fix vadd/vsub with lt and le condition codes for MVE
de9c1b7cfe6 powerpc64-ld infinite loop
0318fc4e18e Adjust PR25355 testcase
40bfb976274 Re: PR24511, nm should not mark symbols in .init_array as "t"
42b2380cdce Don't call lto-wrapper for ar and ranlib
acc4a8b8ac8 PR25585, PHDR segment not covered by LOAD segment
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.34.inc | 2 +-
.../binutils/binutils/CVE-2020-16593.patch | 4 +-
.../binutils/binutils/CVE-2021-3549.patch | 80 +++++++++----------
3 files changed, 41 insertions(+), 45 deletions(-)
diff --git a/meta/recipes-devtools/binutils/binutils-2.34.inc b/meta/recipes-devtools/binutils/binutils-2.34.inc
index ff0d467132..713e428a3e 100644
--- a/meta/recipes-devtools/binutils/binutils-2.34.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.34.inc
@@ -24,7 +24,7 @@ BRANCH ?= "binutils-2_34-branch"
UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
-SRCREV ?= "d4b50999b3b287b5f984ade2f8734aa8c9359440"
+SRCREV ?= "c4e78c0868a22971680217a41fdb73516a26813d"
BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${BRANCH};protocol=git"
SRC_URI = "\
${BINUTILS_GIT_URI} \
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch b/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch
index cbe4a50507..c7c7829261 100644
--- a/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch
@@ -199,6 +199,6 @@ Index: git/bfd/ChangeLog
+ * dwarf2.c (scan_unit_for_symbols): Wrap overlong lines. Don't
+ strdup(0).
+
- 2020-02-19 H.J. Lu <hongjiu.lu@intel.com>
+ 2021-05-03 Alan Modra <amodra@gmail.com>
- PR binutils/25355
+ PR 27755
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch b/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch
index 4391db340a..5f56dd7696 100644
--- a/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch
@@ -7,31 +7,49 @@ Adds missing sanity checks for avr device info note, to avoid
potential buffer overflows. Uses bfd_malloc_and_get_section for
sanity checking section size.
- PR 27290
- PR 27293
- PR 27295
- * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting.
- Use bfd_malloc_and_get_section.
- (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity
- check namesz. Return NULL if descsz is too small. Ensure
- string table is terminated.
- (elf32_avr_get_device_info): Formatting. Add note_size param.
- Sanity check note.
- (elf32_avr_dump_mem_usage): Adjust to suit.
+ PR 27290
+ PR 27293
+ PR 27295
+ * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting.
+ Use bfd_malloc_and_get_section.
+ (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity
+ check namesz. Return NULL if descsz is too small. Ensure
+ string table is terminated.
+ (elf32_avr_get_device_info): Formatting. Add note_size param.
+ Sanity check note.
+ (elf32_avr_dump_mem_usage): Adjust to suit.
Upstream-Status: Backport
CVE: CVE-2021-3549
Signed-of-by: Armin Kuster <akuster@mvista.com>
---
- binutils/ChangeLog | 14 +++++++++
- binutils/od-elf32_avr.c | 66 ++++++++++++++++++++++++++---------------
- 2 files changed, 56 insertions(+), 24 deletions(-)
-
-Index: git/binutils/od-elf32_avr.c
-===================================================================
---- git.orig/binutils/od-elf32_avr.c
-+++ git/binutils/od-elf32_avr.c
+diff --git a/binutils/ChangeLog b/binutils/ChangeLog
+index 1e9a96c9bb6..02e5019204e 100644
+--- a/binutils/ChangeLog
++++ b/binutils/ChangeLog
+@@ -1,3 +1,17 @@
++2021-02-11 Alan Modra <amodra@gmail.com>
++
++ PR 27290
++ PR 27293
++ PR 27295
++ * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting.
++ Use bfd_malloc_and_get_section.
++ (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity
++ check namesz. Return NULL if descsz is too small. Ensure
++ string table is terminated.
++ (elf32_avr_get_device_info): Formatting. Add note_size param.
++ Sanity check note.
++ (elf32_avr_dump_mem_usage): Adjust to suit.
++
+ 2020-03-25 H.J. Lu <hongjiu.lu@intel.com>
+
+ * ar.c (main): Update bfd_plugin_set_program_name call.
+diff --git a/binutils/od-elf32_avr.c b/binutils/od-elf32_avr.c
+index 5ec99957fe9..1d32bce918e 100644
+--- a/binutils/od-elf32_avr.c
++++ b/binutils/od-elf32_avr.c
@@ -77,23 +77,29 @@ elf32_avr_filter (bfd *abfd)
return bfd_get_flavour (abfd) == bfd_target_elf_flavour;
}
@@ -70,7 +88,7 @@ Index: git/binutils/od-elf32_avr.c
{
Elf_External_Note *xnp = (Elf_External_Note *) contents;
Elf_Internal_Note in;
-@@ -107,42 +113,54 @@ static char* elf32_avr_get_note_desc (bf
+@@ -107,42 +113,54 @@ static char* elf32_avr_get_note_desc (bfd *abfd, char *contents,
if (in.namesz > contents - in.namedata + size)
return NULL;
@@ -163,25 +181,3 @@ Index: git/binutils/od-elf32_avr.c
}
elf32_avr_get_memory_usage (abfd, &text_usage, &data_usage,
-Index: git/binutils/ChangeLog
-===================================================================
---- git.orig/binutils/ChangeLog
-+++ git/binutils/ChangeLog
-@@ -1,3 +1,17 @@
-+2021-02-11 Alan Modra <amodra@gmail.com>
-+
-+ PR 27290
-+ PR 27293
-+ PR 27295
-+ * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting.
-+ Use bfd_malloc_and_get_section.
-+ (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity
-+ check namesz. Return NULL if descsz is too small. Ensure
-+ string table is terminated.
-+ (elf32_avr_get_device_info): Formatting. Add note_size param.
-+ Sanity check note.
-+ (elf32_avr_dump_mem_usage): Adjust to suit.
-+
- 2020-02-01 Nick Clifton <nickc@redhat.com>
-
- * configure: Regenerate.
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 06/11] glibc : stable 2.31 branch updates.
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (4 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 05/11] binutils: stable 2.34 branch updates Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 07/11] openssl: upgrade 1.1.1q to 1.1.1s Steve Sakoman
` (4 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Below commits on glibc-2.31 stable branch are updated.
d4b7559457 x86-64: Require BMI2 for avx2 functions [BZ #29611]
b8bb48a18d x86-64: Require BMI2 for strchr-avx2.S [BZ #29611]
c8f2a3e803 Add test for bug 29530
e6ae5b25cd Fix memmove call in vfprintf-internal.c:group_number
1dbe841a67 Remove most vfprintf width/precision-dependent allocations (bug 14231, bug 26211).
5a802723db stdio: Add tests for printf multibyte convertion leak [BZ#25691]
ae7748e67f stdio: Remove memory leak from multibyte convertion [BZ#25691]
174d0b61c7 Linux: Require properly configured /dev/pts for PTYs
0a167374fd Linux: Detect user namespace support in io/tst-getcwd-smallbuff
4ad1659d8c getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)
3319cea99e support: Add helpers to create paths longer than PATH_MAX
f733e291bb support: Fix xclone build failures on ia64 and hppa
43757c70ee support: Add xclone
29d3aeb0e8 Add xchdir to libsupport.
2d7720f316 support: Add create_temp_file_in_dir
183709983d NEWS: Add a bug fix entry for BZ #28896
d385079bd5 x86: Fix TEST_NAME to make it a string in tst-strncmp-rtm.c
7df3ad6560 x86: Test wcscmp RTM in the wcsncmp overflow case [BZ #28896]
fc133fcf49 x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case [BZ #28896]
775c05b28c string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755]
c6b346ec55 x86-64: Test strlen and wcslen with 0 in the RSI register [BZ #28064]
0675185923 x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ #28064]
5db3239baf x86: Black list more Intel CPUs for TSX [BZ #27398]
5b99f172b8 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
70d293a158 NEWS: Add a bug fix entry for BZ #27974
a2be2c0f5d String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974]
489006c3c5 x86: Optimize strlen-evex.S
937f2c783a x86: Fix overflow bug in wcsnlen-sse4_1 and wcsnlen-avx2 [BZ #27974]
0058c73d11 x86-64: Add wcslen optimize for sse4.1
665d0252f1 x86-64: Move strlen.S to multiarch/strlen-vec.S
82ff13e2cc x86-64: Fix an unknown vector operation in memchr-evex.S
539b593a1d x86: Optimize memchr-evex.S
7b37ae60c6 x86: Optimize strlen-avx2.S
0381c1c10d x86: Fix overflow bug with wmemchr-sse2 and wmemchr-avx2 [BZ #27974]
10368cb76b x86: Optimize memchr-avx2.S
66ca40582e test-strnlen.c: Check that strnlen won't go beyond the maximum length
927bcaf892 test-strnlen.c: Initialize wchar_t string with wmemset [BZ #27655]
0d4159c36c x86-64: Require BMI2 for __strlen_evex and __strnlen_evex
c0cbb9345e NEWS: Add a bug fix entry for BZ #27457
e81b975fcc x86-64: Fix ifdef indentation in strlen-evex.S
aa4e48e73c x86-64: Use ZMM16-ZMM31 in AVX512 memmove family functions
ac911d3b57 x86-64: Use ZMM16-ZMM31 in AVX512 memset family functions
20d37de533 x86: Add string/memory function tests in RTM region
fbaa99ed41 x86-64: Add AVX optimized string/memory functions for RTM
096e14f632 x86-64: Add memcmp family functions with 256-bit EVEX
f00fad4e4c x86-64: Add memset family functions with 256-bit EVEX
cf239ddd2e x86-64: Add memmove family functions with 256-bit EVEX
7257ba7bf2 x86-64: Add strcpy family functions with 256-bit EVEX
db9071c0f6 x86-64: Add ifunc-avx2.h functions with 256-bit EVEX
2d612b2c5f x86: Set Prefer_No_VZEROUPPER and add Prefer_AVX2_STRCMP
5b13651085 NEWS: Add a bug fix entry for BZ #28755
5ee8a436ab x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755]
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../glibc/glibc/CVE-2021-33574_1.patch | 26 ++++++++-----------
2 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 68efd09ece..5414297ba1 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.31/master"
PV = "2.31+git${SRCPV}"
-SRCREV_glibc ?= "3ef8be9b89ef98300951741f381eb79126ac029f"
+SRCREV_glibc ?= "d4b75594574ab8a9c2c41209cd8c62aac76b5a04"
SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
index cef0ce54ed..7561e87121 100644
--- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
+++ b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
@@ -11,14 +11,10 @@ CVE: CVE-2021-33574 patch#1
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
- NEWS | 4 ++++
- sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
- 2 files changed, 14 insertions(+), 5 deletions(-)
-
-Index: git/NEWS
-===================================================================
---- git.orig/NEWS
-+++ git/NEWS
+diff --git a/NEWS b/NEWS
+index 8a20d3c4e3..be489243ac 100644
+--- a/NEWS
++++ b/NEWS
@@ -7,6 +7,10 @@ using `glibc' in the "product" field.
\f
Version 2.31.1
@@ -28,12 +24,12 @@ Index: git/NEWS
+ attribute with a non-default affinity mask.
+
The following bugs are resolved with this release:
+ [14231] stdio-common tests memory requirements
[19519] iconv(1) with -c option hangs on illegal multi-byte sequences
- (CVE-2016-10228)
-Index: git/sysdeps/unix/sysv/linux/mq_notify.c
-===================================================================
---- git.orig/sysdeps/unix/sysv/linux/mq_notify.c
-+++ git/sysdeps/unix/sysv/linux/mq_notify.c
+diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
+index f288bac477..dd47f0b777 100644
+--- a/sysdeps/unix/sysv/linux/mq_notify.c
++++ b/sysdeps/unix/sysv/linux/mq_notify.c
@@ -135,8 +135,11 @@ helper_thread (void *arg)
(void) __pthread_barrier_wait (¬ify_barrier);
}
@@ -48,7 +44,7 @@ Index: git/sysdeps/unix/sysv/linux/mq_notify.c
}
return NULL;
}
-@@ -257,8 +260,7 @@ mq_notify (mqd_t mqdes, const struct sig
+@@ -257,8 +260,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
if (data.attr == NULL)
return -1;
@@ -58,7 +54,7 @@ Index: git/sysdeps/unix/sysv/linux/mq_notify.c
}
/* Construct the new request. */
-@@ -272,7 +274,10 @@ mq_notify (mqd_t mqdes, const struct sig
+@@ -272,7 +274,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
/* If it failed, free the allocated memory. */
if (__glibc_unlikely (retval != 0))
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 07/11] openssl: upgrade 1.1.1q to 1.1.1s
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (5 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 06/11] glibc : stable 2.31 " Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 08/11] externalsrc.bbclass: fix git repo detection Steve Sakoman
` (3 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Alex Kiernan <alex.kiernan@gmail.com>
Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022]
* Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the
certificate data to be signed before signing the certificate.
Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]
* Added a missing header for memcmp that caused compilation failure on
some platforms
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-connectivity/openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} (98%)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1q.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
similarity index 98%
rename from meta/recipes-connectivity/openssl/openssl_1.1.1q.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
index 139b7fe935..6c8f285996 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1q.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
@@ -24,7 +24,7 @@ SRC_URI_append_class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca"
+SRC_URI[sha256sum] = "c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa"
inherit lib_package multilib_header multilib_script ptest
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 08/11] externalsrc.bbclass: fix git repo detection
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (6 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 07/11] openssl: upgrade 1.1.1q to 1.1.1s Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 09/11] externalsrc.bbclass: Remove a trailing slash from ${B} Steve Sakoman
` (2 subsequent siblings)
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <Martin.Jansa@gmail.com>
* fix issue introduced in:
https://git.openembedded.org/openembedded-core/commit/?id=95fbac8dcad6c93f4c9737e9fe13e92ab6befa09
* it added check for s_dir + git-dir (typically '.git') isn't
the same as ${TOPDIR} + git-dir, but due to copy-paste issue
it was just comparing it with s_dir + git-dir again, resulting
in most external repos (where git-dir is '.git') to be processed
as regular directory (not taking advantage of git write-tree).
* normally this wouldn't be an issue, but for big repo with a lot of
files this added a lot of checksums in:
d.setVarFlag('do_compile', 'file-checksums', '${@srctree_hash_files(d)}')
and I mean *a lot, e.g. in chromium build it was 380227 paths
which still wouldn't that bad, but the checksum processing in
siggen.py isn't trivial and just looping through all these
checksums takes very long time (over 1000sec on fast NVME drive
with warm cache) and then
https://git.openembedded.org/bitbake/commit/?id=b4975d2ecf615ac4c240808fbc5a3f879a93846b
made the processing a bit more complicated and the loop in
get_taskhash() function took 6448sec and to make things worse
there was no output from bitbake during that time, so even with -DDD
it looks like this:
DEBUG: virtual/libgles2 resolved to: mesa (langdale/oe-core/meta/recipes-graphics/mesa/mesa_22.2.0.bb)
Bitbake still alive (no events for 600s). Active tasks:
Bitbake still alive (no events for 1200s). Active tasks:
Bitbake still alive (no events for 1800s). Active tasks:
Bitbake still alive (no events for 2400s). Active tasks:
Bitbake still alive (no events for 3000s). Active tasks:
Bitbake still alive (no events for 3600s). Active tasks:
Bitbake still alive (no events for 4200s). Active tasks:
Bitbake still alive (no events for 4800s). Active tasks:
Bitbake still alive (no events for 5400s). Active tasks:
Bitbake still alive (no events for 6000s). Active tasks:
DEBUG: Starting bitbake-worker
without -DDD it will get stuck for almost 2 hours in:
"Initialising tasks..."
before it finally writes sstate summary like:
"Sstate summary: Wanted 3102 Local 0 Mirrors 0 Missed 3102 Current 1483 (0% match, 32% complete)"
* fix the copy&paste typo to use git work-tree in most cases, but
be aware that this issue still exists for huge local source
trees not in git
[YOCTO #14942]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 9102e5a94b8146cb1da27afbe41d3db999a914ff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/externalsrc.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 291fcf5653..fc20eedf4d 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -207,8 +207,8 @@ def srctree_hash_files(d, srcdir=None):
try:
git_dir = os.path.join(s_dir,
subprocess.check_output(['git', '-C', s_dir, 'rev-parse', '--git-dir'], stderr=subprocess.DEVNULL).decode("utf-8").rstrip())
- top_git_dir = os.path.join(s_dir, subprocess.check_output(['git', '-C', d.getVar("TOPDIR"), 'rev-parse', '--git-dir'],
- stderr=subprocess.DEVNULL).decode("utf-8").rstrip())
+ top_git_dir = os.path.join(d.getVar("TOPDIR"),
+ subprocess.check_output(['git', '-C', d.getVar("TOPDIR"), 'rev-parse', '--git-dir'], stderr=subprocess.DEVNULL).decode("utf-8").rstrip())
if git_dir == top_git_dir:
git_dir = None
except subprocess.CalledProcessError:
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 09/11] externalsrc.bbclass: Remove a trailing slash from ${B}
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (7 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 08/11] externalsrc.bbclass: fix git repo detection Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 10/11] sanity: check for GNU tar specifically Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 11/11] wic: swap partitions are not added to fstab Steve Sakoman
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
The trailing slash in ${B} caused -fdebug-prefix-map=${B}=... to not
match as intended, resulting in ${TMPDIR} ending up in files in
${PN}-dbg when externalsrc was in use, which in turn triggered buildpath
QA warnings.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 9b5031ed5a0d102905fa75acc418246c23df6eef)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/externalsrc.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index fc20eedf4d..3f7f533cc6 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -60,7 +60,7 @@ python () {
if externalsrcbuild:
d.setVar('B', externalsrcbuild)
else:
- d.setVar('B', '${WORKDIR}/${BPN}-${PV}/')
+ d.setVar('B', '${WORKDIR}/${BPN}-${PV}')
local_srcuri = []
fetch = bb.fetch2.Fetch((d.getVar('SRC_URI') or '').split(), d)
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 10/11] sanity: check for GNU tar specifically
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (8 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 09/11] externalsrc.bbclass: Remove a trailing slash from ${B} Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 11/11] wic: swap partitions are not added to fstab Steve Sakoman
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@arm.com>
We need the system tar to be GNU tar, as we reply on --xattrs. Some
distributions may be using libarchive's tar binary, which is definitely
not as featureful, so check for this and abort early with a clear
message instead of later with mysterious errors.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7dd2b1cd1bb10e67485dab8600c0787df6c2eee7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/sanity.bbclass | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
index 37354af9d5..33e5e5952f 100644
--- a/meta/classes/sanity.bbclass
+++ b/meta/classes/sanity.bbclass
@@ -561,6 +561,14 @@ def check_tar_version(sanity_data):
version = result.split()[3]
if LooseVersion(version) < LooseVersion("1.28"):
return "Your version of tar is older than 1.28 and does not have the support needed to enable reproducible builds. Please install a newer version of tar (you could use the project's buildtools-tarball from our last release or use scripts/install-buildtools).\n"
+
+ try:
+ result = subprocess.check_output(["tar", "--help"], stderr=subprocess.STDOUT).decode('utf-8')
+ if "--xattrs" not in result:
+ return "Your tar doesn't support --xattrs, please use GNU tar.\n"
+ except subprocess.CalledProcessError as e:
+ return "Unable to execute tar --help, exit code %d\n%s\n" % (e.returncode, e.output)
+
return None
# We use git parameters and functionality only found in 1.7.8 or later
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread* [OE-core][dunfell 11/11] wic: swap partitions are not added to fstab
2022-11-12 14:09 [OE-core][dunfell 00/11] Patch review Steve Sakoman
` (9 preceding siblings ...)
2022-11-12 14:09 ` [OE-core][dunfell 10/11] sanity: check for GNU tar specifically Steve Sakoman
@ 2022-11-12 14:09 ` Steve Sakoman
10 siblings, 0 replies; 23+ messages in thread
From: Steve Sakoman @ 2022-11-12 14:09 UTC (permalink / raw)
To: openembedded-core
From: ciarancourtney <ciaran.courtney@activeenergy.ie>
- Regression in 7aa678ce804c21dc1dc51b9be442671bc33c4041
Signed-off-by: Ciaran Courtney <ciaran.courtney@activeenergy.ie>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f1243572ad6b6303fe562e4eb7a9826fd51ea3c3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
scripts/lib/wic/plugins/imager/direct.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py
index 2505c13fce..42704d1e10 100644
--- a/scripts/lib/wic/plugins/imager/direct.py
+++ b/scripts/lib/wic/plugins/imager/direct.py
@@ -115,7 +115,7 @@ class DirectPlugin(ImagerPlugin):
updated = False
for part in self.parts:
if not part.realnum or not part.mountpoint \
- or part.mountpoint == "/" or not part.mountpoint.startswith('/'):
+ or part.mountpoint == "/" or not (part.mountpoint.startswith('/') or part.mountpoint == "swap"):
continue
if part.use_uuid:
--
2.25.1
^ permalink raw reply related [flat|nested] 23+ messages in thread