gcc: Fix -fstack-protector issue on aarch64

This series of patches fixes deficiencies in GCC's -fstack-protector implementation for AArch64 when using dynamically allocated stack space. This is CVE-2023-4039. See: https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf for more details. (From OE-Core rev: d411ef9f660c443c00eee9bfbbc8c60c3cd0e92d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-04-21 03:32:12 +02:00 · 2023-09-12 18:24:34 +01:00
parent 669079e7c0
commit d32656ac24
2 changed files with 1507 additions and 0 deletions
--- a/meta/recipes-devtools/gcc/gcc-9.5.inc
+++ b/meta/recipes-devtools/gcc/gcc-9.5.inc
@@ -70,6 +70,7 @@ SRC_URI = "\
           file://0038-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch \
           file://0039-process_alt_operands-Don-t-match-user-defined-regs-o.patch \
           file://0002-libstdc-Fix-inconsistent-noexcept-specific-for-valar.patch \
+           file://CVE-2023-4039.patch \
 "
 S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
 SRC_URI[sha256sum] = "27769f64ef1d4cd5e2be8682c0c93f9887983e6cfd1a927ce5a0a2915a95cf8f"
--- a/meta/recipes-devtools/gcc/gcc-9.5/CVE-2023-4039.patch
+++ b/meta/recipes-devtools/gcc/gcc-9.5/CVE-2023-4039.patch