To facilitate a clean backport of the full 10-commit series
addressing the pthread condition variable lost wakeup issue
(BZ#25847) in glibc 2.35, remove the existing 8 patches that
were applied as a partial backport.
The previous partial backport excluded commit:
c36fc50781995e6758cae2b6927839d0157f213c ("nptl: Remove
g_refs from condition variables") based on guidance from
glibc maintainer Florian Weimer(#comment #74)
This exclusion was recommended for stable branches to
avoid altering the layout of pthread_cond_t, which could
introduce ABI incompatibilities. Additionally, the dependent
commit dbc5a50d12eff4cb3f782129029d04b8a76f58e7 was not needed
in the partial backport.
To align with upstream mainline, per maintainer Carlos O'Donell
(comment #75), apply the complete 10-commit series for consistency.
By removing these patches first, we ensure the subsequent
application of the full 10 commits results in cleaner, more
reviewable changes without intermixed conflicts or overlaps.
Removed patches and corresponding upstream commits:
- 0026-PR25847-1.patch: 1db84775f831a1494993ce9c118deaf9537cc50a
- 0026-PR25847-2.patch: 0cc973160c23bb67f895bc887dd6942d29f8fee3
- 0026-PR25847-3.patch: b42cc6af11062c260c7dfa91f1c89891366fed3e
- 0026-PR25847-4.patch: 4f7b051f8ee3feff1b53b27a906f245afaa9cee1
- 0026-PR25847-5.patch: 929a4764ac90382616b6a21f099192b2475da674
- 0026-PR25847-6.patch: ee6c14ed59d480720721aaacc5fb03213dc153da
- 0026-PR25847-7.patch: 4b79e27a5073c02f6bff9aa8f4791230a0ab1867
- 0026-PR25847-8.patch: 91bb902f58264a2fd50fbce8f39a9a290dd23706
Bug reference: https://sourceware.org/bugzilla/show_bug.cgi?id=25847
This change prepares the branch for the full backport in follow-up commits.
(From OE-Core rev: 9881dd70305b87945e9649d744bcbc40a1a7b780)
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Do not build translations when NLS is disabled.
(From OE-Core rev: 83795ef6c3fa12a863cd20b7ec1a2607606987b6)
This change corresponds to upstream d848b454e6
from master .
Since the systemd version are different between master & kirkstone
applied the patch manually
(From OE-Core rev: 4b612ae7cbdc8327765c34d0e64fa8e0564891d4)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: AshishKumar Mishra <emailaddress.ashish@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit mentioning this CVE.
Additionally fix test broken by the CVE fix.
(From OE-Core rev: 137299edbc47e8a57173ef3c22bcb719d48d5302)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The previous fix missed another cherry-pick that fixed building
manpages after the coredump patch. The version-info.xml file doesn't
exist in 250. It was introduced later, so remove the reference to
it.
(From OE-Core rev: 0a383ef579ffe5f5c4ef2c78040540f1332e4ea6)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is a single commit bump containing only CVE fix
$ git log --oneline d80401002011f470d9c6eb604bf734715e9b3a8c..a66bc3941ff298e474d5f02d0c3303401951141f
a66bc3941f posix: Fix double-free after allocation failure in regcomp (bug 33185)
Test results didn't change except newly added test succeeding.
(tst-regcomp-bracket-free)
Also add CVE-2025-0395 ignore which was already included in previous
hash bumps.
Also drop an unreferenced patch.
(From OE-Core rev: 3921549f6420e44a250d06cdef2c9d423fb6e39f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit referencing this CVE from 2.13 branch.
(From OE-Core rev: 9418c88c964dffc21abe6a056db72c3c81e25137)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE patch [1] as mentioned in [2] relies on several patches not yet
available in version 2020.81 we have in kirkstone.
The good folks from Debian did the hard work identifying them as they
have the same version in bullseye release.
The commits were picked from [3] and they have their references to
dropbear upstream commits.
[1] e5a0ef27c2
[2] https://security-tracker.debian.org/tracker/CVE-2025-47203
[3] 7f48e75892
(From OE-Core rev: 91eeffaf14917c7c994a8de794b915231e69c5d6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on glibc-2.35 stable branch are updated.
git log --oneline d2febe7c407665c18cfea1930c65f41899ab3aa3..80401002011f470d9c6eb604bf734715e9b3a8c2
8040100201 Fix error reporting (false negatives) in SGID tests
c6ec750be5 support: Pick group in support_capture_subprogram_self_sgid if UID == 0
c9e44b6467 support: Don't fail on fchown when spawning sgid processes
621c65ccf1 elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
c7ff2bc297 Revert "elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static"
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
08aea7712d support: Add support_record_failure_barrier
901e24b128 support: Use const char * argument in support_capture_subprogram_self_sgid
bff3b0f16c elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
Dropped :
0025-CVE-2025-4802.patch
ed10034f00 elf: Test case for bug 32976 (CVE-2025-4802)
Test results:
Before after diff
PASS 4833 4839 +6
XPASS 6 6 0
FAIL 133 130 -3
XFAIL 16 16 0
UNSUPPORTED 200 197 -3
Following commits improved test results:
8040100201 Fix error reporting (false negatives) in SGID tests
Improved SGID test handling by unifying error reporting and using secure temporary directories.
Replaced non-standard exit codes and fixed premature exits to avoid masking failures.
These changes reduced false negatives, increasing overall test pass rates.
8624f6431b elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
Fixed tst-dlopen-sgid false positives by correctly handling subprocess exit status (bug 32987).
Ensured test fails on abnormal or non-zero child exits.
This commit restores reliability in SGID testing and is the first step toward centralized SGID test error handling.
UNSUPPORTED tests changes
-UNSUPPORTED: elf/tst-env-setuid
-UNSUPPORTED: elf/tst-env-setuid-tunables
-UNSUPPORTED: stdlib/tst-secure-getenv
FAILed tests changes
-FAIL: elf/tst-dlopen-sgid
-FAIL: misc/tst-error1
-FAIL: resolv/tst-resolv-aliases
PASSed tests changes
+PASS: elf/tst-env-setuid
+PASS: elf/tst-env-setuid-tunables
+PASS: stdlib/tst-secure-getenv
+PASS: elf/tst-dlopen-sgid
+PASS: misc/tst-error1
+PASS: resolv/tst-resolv-aliases
(From OE-Core rev: 2ea1d2d9bc6d173a8a586542d47a7f8a443d24c1)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version. And the test case is
also adjusted to avoid using valgrind. valgrind in kirkstone is
reporting errors for coreutils' sort utility with/without this patch.
To avoid ptest failure, we disable valgrind explicitly.
(From OE-Core rev: bb7dbb195b55d9aaa0180906843f5af2dcf7509f)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport patch to fix CVE-2025-5278.
The patch is adjusted to fit 9.0 version.
(From OE-Core rev: 4e55668ef07d99d8c1141c2f4270f43f5b280159)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Patch 0003 is the actual patch to fix CVE.
Patch 0002 is a preparation patch which systemd upstream uses for
all actively maintained branches in preparation for patch 0003.
Patch 0001 is a bug fix patch and is needed to avoid conflict introduced
by patch 0002. Note that patch 0002 claims itself to be of no functional
change, so this patch 0001 is really needed for patch 0002.
Patch 0004 is a compilation fix patch which adds a macro needed by
previous 0002 patch.
(From OE-Core rev: a2e75ca4fa01d5005906fb88d28d52ea951def00)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
During ptest execution, util-linux adds mount entries in /etc/fstab
and runs `mount -a`, which mounts all available entries from
/etc/fstab. This can cause unintended mounts that are unrelated to
the test, leading to incorrect test behavior.
To avoid this, upstream util-linux introduced a mechanism using
CUSTOM_FSTAB,which isolates test-specific fstab entries. Only entries
listed in CUSTOM_FSTAB are mounted during test execution, ensuring
tests do not interfere with or depend on the system's /etc/fstab.
This commit backports below upstream changes to use CUSTOM_FSTAB.
ed3d33faffb1580bd7606aa8d17b6b
(From OE-Core rev: 94747fb63518bf907eb7c09fc2e146e39e235a7d)
Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This reverts commit 7adaec468d.
It does not seem to fix the issue it was supposed to fix.
Additionally it breaks code which decides in full/partial update,
because it manipulates timestamp that code is relying on.
(From OE-Core rev: 25ba9895b98715adb66a06e50f644aea2e2c9eb6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ebc65fdddd7ce51f0f1008baa30d0ae7918ae0bb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A LogNamespace error for systemd v250:
"""
Apr 28 17:44:00 a-rinline2b systemd[467]:
systemd-journald@tester.service: Failed to set up special execution
directory in /var/log: Not a directory
Apr 28 17:44:00 a-rinline2b systemd[467]:
systemd-journald@tester.service: Failed at step LOGS_DIRECTORY spawning
/lib/systemd/systemd-journald: Not a directory
"""
That's because that "/var/log/journal" couldn't be created during
program runtime.
(From OE-Core rev: 8eb185024f9a9e57a9b710c70f09552729558892)
Signed-off-by: Haitao Liu <haitao.liu@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport a patch to fix systemd journal issue about
sd_journal_next not behaving correctly after sd_journal_seek_tail.
(From OE-Core rev: ea59aed1ff7dbfb28d1e2cd55adca80dad2502e2)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit from 2.13 branch as 2.9 branch is unmaintained now.
(From OE-Core rev: 7777cd6b28988a0981b990d9da9d448dcdfe7b8b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
