This issue was reported and discusses under [1] which is linked in NVD CVE report.
It was already documented that some parts or libarchive are thread safe and some not.
[2] was now merged to document that also reported function is not thread safe.
So this CVE *now* reports thread race condition for non-thread-safe function.
And as such the CVE report is now invalid.
The issue is still not closed for 2 reasons:
* better document what is and what is not thread safe
* request to public if someone could make these functions thread safe
This should however not invalidate above statment about ignoring this CVE.
[1] https://github.com/libarchive/libarchive/issues/1876
[2] https://github.com/libarchive/libarchive/pull/1875
(From OE-Core rev: d5e7971e12cdc8748be91b4e6408b42fa86b2f15)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport commit mentioned in NVD DB links.
94e1c00176
(From OE-Core rev: 410cdbc70cfba709ec5bef508e772f52514ba28a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Plugins may want to use it (e.g. the layers-setup plugin that would
want to discover writer sub-plugins with it), and so it makes sense
to make tinfoil available a bit eariler.
(Bitbake rev: 41b6684489d0261753344956042be2cc4adb0159)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f6c7523a622f59ddf84a1a196927492bc5fa7a2)
Signed-off-by: Jermain Horsman <jermain.horsman@nedap.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This has been around without being properly documented since 2019 (!!!),
and is nowadays the preferred method for enforcing license restrictions,
especially since meta-gplv2 is officially obsolete.
(From yocto-docs rev: 4dfef81ac6164764c6541e39a9fef81d49227096)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When enabling ipcs and ipcrm configuration into busybox, both tools are
built and then deployed during do_rootfs. These operation lead to below
issue (similar behavior happens for ipcs):
do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
update-alternatives: Error: not linking .../build/tmp/work/board-poky-linux/board-image/1.0-r0/rootfs/usr/bin/ipcrm
to /bin/busybox since .../build/tmp/work/board-poky-linux/board-image/1.0-r0/rootfs/usr/bin/ipcrm exists and is not a link
Binaries enter in conflict with same named util-linux utilities during
do_rootfs step.
Adding ALTERNATIVE_LINK_NAME for both tools fix the issue.
(From OE-Core rev: dc2e760591c5ed3c999222f235484829426c71a7)
Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e4d60408b869c9cc2ccff794d4e271d993ec8a97)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The Text-Template was updated from 1.46 to 1.56
| ERROR: openssl-native-3.1.1-r0 do_configure: PERLEXTERNAL '/build/tmp/work/x86_64-linux/openssl-native/3.1.1-r0/openssl-3.1.1/external/perl/Text-Template-1.46/lib' not found!
(From OE-Core rev: b39e394771e4fa4c9250e11fafe5ef2157089422)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b9a7739b01e31d0cc8358d99255e3e1b02a0a1a8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When upstream change is better to fail or removing the PERL5LIB
if they are not need anymore.
(From OE-Core rev: 14905c6bfdaba3e2e31eaee6c02e20bf7b6669a7)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 337ac1159644678508990927923ef8af30f34cd7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
str.format() doesn't use % notation, update the formatting to work.
assertTrue() is a member of self not a global, and assertTrue(True) will
always pass. Change this to just self.fail() as this is the failure case.
(From OE-Core rev: 05c8af81438d43fd83495cb165c75f43778fea41)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 017f3a0b1265c1a3b69c20bdb56bbf446111977e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Default search in meson would grok /usr/bin for llvm-config and if found
will use it, which might add wrong paths into cflags/ldflags, since we
depend on llvm-native when building gallium support ( thats when
llvm-config is effective), its better to point llvm-config into native
sysroot so it can add correct paths into compiler/linker cmdline
(From OE-Core rev: 8e6b616066ba0f7f452f929dc7c412e620da9101)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cc73360b9728812ed6123e30559b77d8e89cc21c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Wes Tarro <wes.tarro@azuresummit.com> noticed a missing comma in a
preplace() call, add it.
That said, calling replace() with one argument results in a TypeError,
so this is obviously dead code.
(From OE-Core rev: 3a79a210665efae1af6d68e9e923a739c82d800e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9b2e2c8d809e7ca34451ec9702b029a00dfb410b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Currently, some segfaults are reported when running ptest:
mdadm[12333]: segfault at 0 ip 00007fe855924060 sp 00007ffc4d6caf88 error 4 in libc.so.6[7f)
Code: d2 0f 84 b7 0f 00 00 48 83 fa 01 0f 84 b9 0f 00 00 49 89 d3 89 f1 89 f8 48 83 e1 3f 4f
Backport the following upstream commits to fix them:
679bd9508a30 ("DDF: Cleanup validate_geometry_ddf_container()")
2b93288a5650 ("DDF: Fix NULL pointer dereference in validate_geometry_ddf()")
548e9b916f86 ("mdadm/Grow: Fix use after close bug by closing after fork")
9ae62977b51d ("monitor: Avoid segfault when calling NULL get_bad_blocks")
The fixes are part of the "Bug fixes and testing improvments" patchset [1].
[1] https://www.spinics.net/lists/raid/msg70621.html
(From OE-Core rev: 4ea6acbf25ad1b3e910f01d136b53c6353daf0c5)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9585009e3e505b361cd32b14e0e85e77e7822878)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Testcase 07revert-inplace fails if strace is not installed:
...
strace -o /tmp/str ./mdadm -A /dev/md0 --update=revert-reshape /dev/<...>
tests/07revert-inplace: line 40: strace: command not found
Add strace to mdadm-ptest RDEPENDS to make sure the testcase passes even with
a core-image-minimal build.
(From OE-Core rev: 1df8d9d45bb4ff01e30d9ec9ffd0fb822d5f91e9)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7d9386663ac52ab69812867a0823c6055aedbc18)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Trying to run mdadm-ptest in a core-image-minimal build will result in:
root@qemux86-64:~# ptest-runner mdadm
START: ptest-runner
BEGIN: /usr/lib/mdadm/ptest
which: no lsblk in (/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin)
lsblk command not found!
DURATION: 0
END: /usr/lib/mdadm/ptest
2023-06-28T10:14
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Remove util-linux from RRECOMMENDS and only add util-linux-lsblk and
util-linux-losetup to RDEPENDS.
(From OE-Core rev: 898b9add68d9c30c7c90285e659b128289313668)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3004f7589974c135cc82630d980ea281b97ecd83)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The comment specifies how to use the variables but uses the older and
now unsupported override syntax. Let's update to match the newer syntax.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From OE-Core rev: 0a381eea4d50ff1c6e7c7d0d4df62eb581454b48)
(From OE-Core rev: 0e9a70ee3c8f78db746d3cb627c6b212e1b4e4e4)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb64f3fed29b9532e6ddc9a2ba0283d373622d87)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
If the instance name indicated by %i begins with a number, the meaning of the
replacement string "\\1{}".format(instance) is ambiguous.
To indicate group number 1 regardless of the instance name, use "\g<1>".
(From OE-Core rev: 392f60b0aa775ce95c3494ae87551e7954c9925b)
Signed-off-by: Yuta Hayama <hayama@lineo.co.jp>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d18b939fb08b37380ce95934da38e6522392621c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
native and nativesdk classes are special and must be inherited last :
put them at the end of the gathered classes to inherit.
(From OE-Core rev: 2c92780236b25205af0dcf75de2d2ede14132152)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a6614fd800cbe791264aeb102d379ba79bd145c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since explicit debug package creation via ${KERNEL_PACKAGE_NAME}-dbg has
been added to kernel, it has to cover all PACKAGE_DEBUG_SPLIT_STYLE
options. For ex. when the variable "debug-file-directory" package search
path has to be set explicitly, otherwise it will not find any files.
(From OE-Core rev: 9adbda8450c57f49edf85e3b3433304e8ac8267e)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9c39da147683dcaaa244b3ddc4531c4408ad5c9e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* fixes do_configure failure:
checking whether all ucontext.h functions are available... yes
when is deprecated at libxcrypt/4.4.30-r0/git/build-aux/scripts/BuildCommon.pm line 522.
Compilation failed in require at ../git/build-aux/scripts/expand-selected-hashes line 28.
BEGIN failed--compilation aborted at ../git/build-aux/scripts/expand-selected-hashes line 28.
configure: error: bad value 'all' for --enable-hashes
NOTE: The following config.log files may provide further information.
* with this patch backported it works OK:
libxcrypt/4.4.30-r0/git $ perl build-aux/scripts/expand-selected-hashes
usage: expand-selected-hashes hashes.conf names,of,selected,hashes
* similarly do_compile failure:
../git/build-aux/scripts/move-if-change crypt-hashes.h.T crypt-hashes.h
../git/build-aux/scripts/move-if-change crypt-symbol-vers.h.T crypt-symbol-vers.h
given is deprecated at ../git/build-aux/scripts/gen-crypt-h line 41.
Makefile:3818: Makefile.deps: No such file or directory
make: *** [Makefile:3715: crypt.h.stamp] Error 255
* also use master branch instead of develop, the SRCREV exists in both
but stable metadata branches should track stable component branches
libxcrypt/4.4.30-r0/git $ git branch -a --contains d7fe1ac04c326dba7e0440868889d1dccb41a175 | tee
* develop
remotes/origin/HEAD -> origin/develop
remotes/origin/develop
remotes/origin/master
and oe-core master also uses master SRCBRANCH since:
https://git.openembedded.org/openembedded-core/commit/?id=d18e89bd2b46c6e266cc39dbe9fdb6c032f5f1fe
(From OE-Core rev: 54996f24243a10252d3aa70effc9c13db1d507f8)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
* Fix: segmentation fault on filter interpretation in "switch" mode
* Fix: `ip` context is expressed as a base-10 field
* Fix: c99: use __asm__ __volatile__
* Fix: c99: static assert: clang build fails due to multiple typedef
* Fix: Reevaluate LTTNG_UST_TRACEPOINT_DEFINE each time tracepoint.h is included
* Fix: trace events in C++ constructors/destructors
* Fix: trace events in C constructors/destructors
* Fix: use unaligned pointer accesses for lttng_inline_memcpy
(From OE-Core rev: 1361c8f4be21e41db74623dcacc92d8f02e6a2ee)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 656470b4b0db579308d218d1ece77bdacd168d14)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* Noteworthy changes in release 3.10 (2023-05-21) [stable]
** Bug fixes
cmp/diff can again work with file dates past Y2K38
[bug introduced in 3.9]
diff -D no longer fails to output #ifndef lines.
[bug#61193 introduced in 3.9]
Remove the comment addition from the patch body, as it
increases likelyhood of rebase conflicts, and repeats what
the commit says.
(From OE-Core rev: ab9ae300ce3895cdf64d207b5dc281b65c984211)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 925155acc6922f7e9df2afa45e79ad1b2c57ba24)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 21e40166870fadee986fb36be80019d3bcdb69e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an
insufficiently trustworthy search path, leading to remote code
execution if an agent is forwarded to an attacker-controlled system.
(Code in /usr/lib is not necessarily safe for loading into ssh-agent.)
NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-38408
Upstream patches:
892506b1361f2731f5d729ef8a0486099cdf59ce
(From OE-Core rev: 3c01159ab6a843fc922cf779b022c965d4ecd453)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE shouldn't have been filed as the "exploit" is described in the
documentation as how the library behaves.
(From OE-Core rev: 9665121fd9daf1174ec4045071b900de9195b11e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c652f094d86c4efb7ff99accba63b8169493ab18)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Currently, the latest version abseil-cpp contains a new library named "absl_log_internal_format", it's
basic package config(.pc file) as below:
prefix=/usr
exec_prefix=${prefix}
......
Requires: absl_config = 20230125, absl_core_headers = 20230125, absl_log_internal_append_truncated = 20230125,
absl_log_internal_config = 20230125, absl_log_internal_globals = 20230125, absl_log_severity = 20230125,
absl_strings = 20230125, absl_str_format = 20230125, absl_time = 20230125, absl_span = 20230125
......
Normally, the process_pkgconfig() would process variable data before field data in a .pc file, but in the
absl_log_internal_format, the field data in "Requires" section contains "xxxx = xxxx" format, the
process_pkgconfig() treats them as normal variable and using the setVar() in bitbake's data_smart.py
try to process. The absl_log_internal_format field data contains "_append_", this hit the setVar() checking
and finally bitbake stop building and reporting an error as below:
"Variable xxx contains an operation using the old override syntax. Please convert this layer/metadata before attempting to use with a newer bitbake."
This patch move the field data process before variable process to avoid the process_pkgconfig() treat the field
data as variable.
(From OE-Core rev: e7d3e02a624f7ce23d012bb11ad1df2049066b37)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
(cherry picked from commit a73e269d3e591a10bb397b94b82e3fb960112d33)
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
After this change in qemu:
c7e89de132
there is no 'max' cpu model on ppc. Drop it to clean up ppc gcc testsuite failures.
In order for this to work we do need to pull in the alternative cpu option from
QEMU_EXTRAOPTIONS on powerpc.
(From OE-Core rev: 3a1b9f300a796e1216d0094043dba7b0f39ec869)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c447f2b21b20fb2b1829d540af2cc0bf8242700c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Enable branch protection (PAC/BTI) for all aarch64 builds. This was
previously enabled at a global level in the GCC build, but that breaks
the gcc test suite.
(From OE-Core rev: a1119750e9b3b9fae4fa9698d2ea3710a5a73768)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8905639d1cdc5ce809cc5ecd9672f5e86bf8a579)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
By changing the default code generation of GCC we're inadvertently
breaking the GCC test suite, which has ~120K+ more failures when run for
aarch64 compared to x86-64.
This was because the generated code fragments included the BTI
instructions, which the test case wasn't expecting. We can't tell the
tests globally to run without branch protection, as that will break the
tests which also turn it on.
Remove the enabling of branch protection by standard in GCC, we'll
enable it in the tune files instead.
(From OE-Core rev: 759327cf6bd79118bae0c68e63742ae4721471d8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb4b9017db6a893ed054a2d2ad4cc671dec09c42)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updating to the latest korg -stable release that comprises
the following commits:
d54cfc420586 Linux 5.15.120
c06edf13f4cf nubus: Partially revert proc_create_single_data() conversion
6e65fa33edf5 parisc: Delete redundant register definitions in <asm/assembly.h>
b4d8f8900021 drm/amdgpu: Validate VM ioctl flags.
26eb191bf5a0 scripts/tags.sh: Resolve gtags empty index generation
989b4a753c7e perf symbols: Symbol lookup with kcore can fail if multiple segments match stext
87f51cf60e3e Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe"
6a28f3490d3d HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
67ce7724637c HID: wacom: Use ktime_t rather than int when dealing with timestamps
347732317749 bpf: ensure main program has an extable
d874cf9799a9 can: isotp: isotp_sendmsg(): fix return error fix on TX path
27d03d15bb8b x86/smp: Use dedicated cache-line for mwait_play_dead()
d6c745ca4fc5 x86/microcode/AMD: Load late on both threads too
9052349685e9 drm/amdgpu: Set vmbo destroy after pt bo is created
796481bedc3e mm, hwpoison: when copy-on-write hits poison, take page offline
6713b8f11aa0 mm, hwpoison: try to recover from copy-on write faults
b46021ab8304 mptcp: consolidate fallback and non fallback state machine
42ff95b4bd11 mptcp: fix possible divide by zero in recvmsg()
(From OE-Core rev: ab60a67c3effda6364fadcf78edf7792c75bff19)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 51c474534c27ac0739a6373595a49ebbc52c3715)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When building using an SDK, cmake complains that the target
architecture 'cortexa53-crypto' is unknown. The same build in bitbake
uses the target architecture 'aarch64'.
Set CMAKE_SYSTEM_PROCESSOR the same as for bitbake.
(From OE-Core rev: d877d5f07772ec4a05332068ddc03cf387313036)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d32a6225eefce2073a1cd401034b5b4c68351bfe)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
