Compare commits

..

105 Commits

Author SHA1 Message Date
Steve Sakoman
2a848e9507 poky.conf: Bump version for 3.1.10 release
(From meta-yocto rev: eb6e625d72fb49a707b0782e55530b3551f2396f)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-25 18:06:24 +01:00
Steve Sakoman
03aa1fa0e3 documentation: prepare for 3.1.10 release
(From yocto-docs rev: 180d5fcb893e8b2ebcd779d1b07f5c9e8e1bceca)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-25 18:06:24 +01:00
Bruce Ashfield
9b7f1d687d kernel-devsrc: fix 32bit ARM devsrc builds
As a follow up to commit: 0fc66a0b64953 [kernel: provide module.lds
for out of tree builds in v5.10+], we must not only copy module.lds
from its new location, we have to not error when it isn't found in
the old location.

With this tweak, we have coverage on all supported arches for the
new location of module.lds, and backwards compatibility through
kernel versions.

(From OE-Core rev: 9ae339ace9274be71bfd3b5e5da64dceac9fa963)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb940d8af359fa370254bd4c2b36ba26708bb54b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-25 18:06:24 +01:00
Bruce Ashfield
fd7cf4e487 linux-yocto/5.4: update to v5.4.132
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    7c76bd6c36ed Linux 5.4.132
    792d47ca5228 iommu/dma: Fix compile warning in 32-bit builds
    a7f4f0c4e79a scsi: core: Retry I/O for Notify (Enable Spinup) Required error
    4aaace2dc1ad mmc: vub3000: fix control-request direction
    5712b828b8d9 mmc: block: Disable CMDQ on the ioctl path
    90d29149e32c block: return the correct bvec when checking for gaps
    1bfb3a070b58 scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
    00d38f7031d4 perf llvm: Return -ENOMEM when asprintf() fails
    b00da826cab4 selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random
    49496327c290 mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
    4b515fa94894 mm/huge_memory.c: don't discard hugepage if other processes are mapping it
    01be55fb26ce vfio/pci: Handle concurrent vma faults
    9db3800eeadd arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART
    b857ff866c76 serial: mvebu-uart: correctly calculate minimal possible baudrate
    7900c98108b0 serial: mvebu-uart: do not allow changing baudrate when uartclk is not available
    44d36a79dcff powerpc: Offline CPU in stop_this_cpu()
    3189d9749317 leds: ktd2692: Fix an error handling path
    95288e28c7ca leds: as3645a: Fix error return code in as3645a_parse_node()
    f0acb12b9866 configfs: fix memleak in configfs_release_bin_file
    2993c1f9d7b9 ASoC: atmel-i2s: Fix usage of capture and playback at the same time
    0e0ee2cee65c extcon: max8997: Add missing modalias string
    4efa7f728bab extcon: sm5502: Drop invalid register write in sm5502_reg_data
    b1c88a56ef6e phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
    8bc305d146b9 phy: uniphier-pcie: Fix updating phy parameters
    142ab7ff42b6 soundwire: stream: Fix test for DP prepare complete
    5ec1c609d26e scsi: mpt3sas: Fix error return value in _scsih_expander_add()
    35a4e0aee8f3 mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume()
    b1d1cafd6001 of: Fix truncation of memory sizes on 32-bit platforms
    be192ab7b47a ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
    fe9452c9d7ad iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    da8ef748fec2 iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    84c045475ef3 serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
    eea7304dc2e9 staging: mt7621-dts: fix pci address for PCI memory range
    ce2588dc7fea staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
    92538bf2eea8 staging: rtl8712: remove redundant check in r871xu_drv_init
    9f0800bd93ea staging: gdm724x: check for overflow in gdm_lte_netif_rx()
    4500b944d7f8 staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt()
    f848baa0a5b3 iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
    26aa12ef64ee iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
    9275b1eaf04e iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    a79c9b382b7a iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    73e804beb759 iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    02d3b52f6739 iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper
    ac7943a7f4ad eeprom: idt_89hpesx: Restore printing the unsupported fwnode name
    9fc3fbc3af67 eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
    d7e33cc4789b usb: dwc2: Don't reset the core after setting turnaround time
    a95bbfe69031 usb: gadget: f_fs: Fix setting of device and driver data cross-references
    7ba04367b340 ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()'
    6fee286da898 iommu/dma: Fix IOVA reserve dma ranges
    1e38d79d0bfc s390: appldata depends on PROC_SYSCTL
    b6e2d45e3fea visorbus: fix error return code in visorchipset_init()
    540c40c6bb4a fsi/sbefifo: Fix reset timeout
    aa4577259bfb fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE
    d903eee764a4 fsi: occ: Don't accept response from un-initialized OCC
    96c914057aaa fsi: scom: Reset the FSI2PIB engine for any error
    19c8f5307a2e fsi: core: Fix return of error values on failures
    aeed300a2e27 scsi: FlashPoint: Rename si_flags field
    fde1e59110f1 leds: lm3692x: Put fwnode in any case during ->probe()
    08ffeb67e42b leds: lm36274: cosmetic: rename lm36274_data to chip
    a42c6c448c9e leds: lm3532: select regmap I2C API
    329e02d6f22d tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
    7f0b77542e57 firmware: stratix10-svc: Fix a resource leak in an error handling path
    a536c30966c1 char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol()
    6490ed7c4684 mtd: partitions: redboot: seek fis-index-block in the right node
    56c6c7f8ab9b Input: hil_kbd - fix error return code in hil_dev_connect()
    ccba28358397 ASoC: rsnd: tidyup loop on rsnd_adg_clk_query()
    77c61b1b2989 backlight: lm3630a_bl: Put fwnode in error case during ->probe()
    57fd7d8ac921 ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup()
    1dc77b6ca0c5 ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe()
    d89dda5f5652 iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
    994a076be336 iio: cros_ec_sensors: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
    2ab4cf6cc0e8 iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    d746f8664ce5 iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    f35afa38c5ac iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    8fdbcbda4dfb iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    68c8b28305ae iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    9fc6ef022b47 iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    da4dfaed9be8 iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    b40dab164dc3 iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    1c06080fe28b iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    4538e6589cfb iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    acf45f54d192 iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    9fad330311e4 iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    8bfa7ffc49ce iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    121283ad49f4 iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    467502dd7dfc iio: accel: mxc4005: Fix overread of data and alignment issue.
    57a7deaff13d iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls
    3a49b5639437 iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    9f23d0df409a iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    a539e2acccfd iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    39fec8d9ab96 iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
    2e088ed6fac1 iio: adis16400: do not return ints in irq handlers
    8271a443e5e4 iio: adis_buffer: do not return ints in irq handlers
    d3a7e5384b3a mwifiex: re-fix for unaligned accesses
    3a4043f597d0 tty: nozomi: Fix a resource leak in an error handling function
    61f6c18fff3c rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
    fbe80b3ee91f staging: fbtft: Rectify GPIO handling
    e0aef648f5bd MIPS: Fix PKMAP with 32-bit MIPS huge page support
    97704efb93b5 RDMA/mlx5: Don't access NULL-cleared mpi pointer
    eff9dabc0068 net: sched: fix warning in tcindex_alloc_perfect_hash
    92071a2b8f7f net: lwtunnel: handle MTU calculation in forwading
    5c93fc46682c writeback: fix obtain a reference to a freeing memcg css
    71721ddf4aee clk: si5341: Update initialization magic
    f894ba756e86 clk: si5341: Avoid divide errors due to bogus register contents
    80bd119c7d27 clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC
    a7aefa1a173d clk: actions: Fix SD clocks factor table on Owl S500 SoC
    1fbd19a9e23f clk: actions: Fix UART clock dividers on Owl S500 SoC
    305e64cbf855 Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
    4ad77cea016c Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
    2954b193ebb0 Revert "be2net: disable bh with spin_lock in be_process_mcc"
    f6b723ce27ff gve: Fix swapped vars when fetching max queues
    0e8c17fd80f2 bpfilter: Specify the log level for the kmsg message
    482e12bdc5d7 e1000e: Check the PCIm state
    48fa8744989f ipv6: fix out-of-bound access in ip6_parse_tlv()
    3380206e5dc0 ibmvnic: free tx_pool if tso_pool alloc fails
    867a99001718 Revert "ibmvnic: remove duplicate napi_schedule call in open function"
    bbc833fd7dae i40e: Fix autoneg disabling for non-10GBaseT links
    a3465b94ac5f i40e: Fix error handling in i40e_vsi_open
    5e98c708a471 bpf: Do not change gso_size during bpf_skb_change_proto()
    bc54d98bd21d ipv6: exthdrs: do not blindly use init_net
    28db4b5b69f3 net: bcmgenet: Fix attaching to PYH failed on RPi 4B
    946bd84826b8 mac80211: remove iwlwifi specific workaround NDPs of null_response
    cb72c23aa544 ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
    048513280e41 ieee802154: hwsim: Fix memory leak in hwsim_add_one
    9692257004d4 tc-testing: fix list handling
    117e1495a636 net/ipv4: swap flow ports when validating source
    74e76cd6320c vxlan: add missing rcu_read_lock() in neigh_reduce()
    b5bd5b7b7f18 pkt_sched: sch_qfq: fix qfq_change_class() error path
    33f897fe3429 tls: prevent oversized sendfile() hangs by ignoring MSG_MORE
    6fea1a58c914 net: sched: add barrier to ensure correct ordering for lockless qdisc
    e245ea3b5240 vrf: do not push non-ND strict packets with a source LLA through packet taps again
    f264d0873d8d net: ethernet: ezchip: fix error handling
    a10e00299b80 net: ethernet: ezchip: fix UAF in nps_enet_remove
    b7f456df8594 net: ethernet: aeroflex: fix UAF in greth_of_remove
    e21b9e8436ef samples/bpf: Fix the error return code of xdp_redirect's main()
    66e9a01e4c7c RDMA/rxe: Fix qp reference counting for atomic ops
    da4ad14f87f0 netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
    a3f1e8e316bf netfilter: nft_osf: check for TCP packet before further processing
    4759c55ff1d5 netfilter: nft_exthdr: check for IPv6 packet before further processing
    e4db789e937e RDMA/mlx5: Don't add slave port to unaffiliated list
    9b1e991266c4 netlabel: Fix memory leak in netlbl_mgmt_add_common
    9b81edead824 ath10k: Fix an error code in ath10k_add_interface()
    2a8b20d74106 brcmsmac: mac80211_if: Fix a resource leak in an error handling path
    771a8b6da36f brcmfmac: correctly report average RSSI in station info
    4940e54549a5 brcmfmac: fix setting of station info chains bitmask
    18b3b70dd11d ssb: Fix error return code in ssb_bus_scan()
    55ec3e5809e5 wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
    723204726a6a ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
    3986553411f8 wireless: carl9170: fix LEDS build errors & warnings
    b6d2cf68f9b1 ath10k: add missing error return code in ath10k_pci_probe()
    941ce3bd7fb0 ath10k: go to path err_unsupported when chip id is not supported
    5f543705309f tools/bpftool: Fix error return code in do_batch()
    fe5cca105794 drm: qxl: ensure surf.data is ininitialized
    d9721095a5ce RDMA/rxe: Fix failure during driver load
    2adbd7559dfb RDMA/core: Sanitize WQ state received from the userspace
    9cc3eb8abe23 net/sched: act_vlan: Fix modify to allow 0
    0b440951273a ehea: fix error return code in ehea_restart_qps()
    e16bd3365d08 drm/rockchip: dsi: move all lane config except LCDC mux to bind()
    450c25b8a4c9 drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write()
    01f4245ff75f net: ftgmac100: add missing error return code in ftgmac100_probe()
    3858b47c94b9 clk: meson: g12a: fix gp0 and hifi ranges
    3da37783b027 pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities
    4e1cb7fedf68 pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin
    b0a3770ead57 net: pch_gbe: Propagate error from devm_gpio_request_one()
    a9a33de4be2e net: mvpp2: Put fwnode in error case during ->probe()
    f9ad0b5ebacc video: fbdev: imxfb: Fix an error message
    08a7306e1198 xfrm: xfrm_state_mtu should return at least 1280 for ipv6
    a87a201989ec dax: fix ENOMEM handling in grab_mapping_entry()
    6ea84116b3fe ocfs2: fix snprintf() checking
    27d02a4d9dab cpufreq: Make cpufreq_online() call driver->offline() on errors
    3c59143b9a1e ACPI: bgrt: Fix CFI violation
    6d79e36c9ece ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
    7b33b04f85df blk-wbt: make sure throttle is enabled properly
    bcf3f42bda3a blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled()
    1ad25a64c66f extcon: extcon-max8997: Fix IRQ freeing at error path
    258f5c1a5d3d ACPI: sysfs: Fix a buffer overrun problem with description_show()
    dfafa93ae3a7 crypto: nx - Fix RCU warning in nx842_OF_upd_status
    55f5d771a292 spi: spi-sun6i: Fix chipselect/clock bug
    97f32c7f3322 sched/uclamp: Fix uclamp_tg_restrict()
    a3ddf1fb37f9 sched/rt: Fix Deadline utilization tracking during policy change
    3fb53be07fc1 sched/rt: Fix RT utilization tracking during policy change
    fa3f33b20bd9 btrfs: clear log tree recovering status if starting transaction fails
    a0876d9dc1c1 regulator: hi655x: Fix pass wrong pointer to config.driver_data
    032fd28ed559 KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
    a90a2466dde5 hwmon: (max31790) Fix fan speed reporting for fan7..12
    93110513bcfd hwmon: (max31722) Remove non-standard ACPI device IDs
    b585f9ef6a51 media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
    3bf0509d25e0 arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan
    8e6bcc566400 arm64: consistently use reserved_pg_dir
    ccbcdcd4af98 mmc: usdhi6rol0: fix error return code in usdhi6_probe()
    c5d2f917a8f1 crypto: omap-sham - Fix PM reference leak in omap sham ops
    b205574dc682 crypto: nitrox - fix unchecked variable in nitrox_register_interrupts
    d93cbb6e5fe5 media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2()
    6e8ba90bef7c m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning
    e1665624bf9d media: gspca/gl860: fix zero-length control requests
    ffc483de3ecb media: tc358743: Fix error return code in tc358743_probe_of()
    2bca3c0a95fe media: au0828: fix a NULL vs IS_ERR() check
    c04d6687e43e media: exynos4-is: Fix a use after free in isp_video_release
    6c987e7385e1 pata_ep93xx: fix deferred probing
    3eec64b5967e media: rc: i2c: Fix an error message
    6ee810a55965 crypto: ccp - Fix a resource leak in an error handling path
    4020615bd733 evm: fix writing <securityfs>/evm overflow
    550cf816bb11 pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
    8454cfe40841 kbuild: Fix objtool dependency for 'OBJECT_FILES_NON_STANDARD_<obj> := n'
    dcc9f1253ddd kbuild: run the checker after the compiler
    8e5ffc103928 sched/uclamp: Fix locking around cpu_util_update_eff()
    0b199ce65bc3 sched/uclamp: Fix wrong implementation of cpu.uclamp.min
    127035b4595d media: I2C: change 'RST' to "RSET" to fix multiple build errors
    2eccf5160002 pata_rb532_cf: fix deferred probing
    3b0dfab92877 sata_highbank: fix deferred probing
    faeee7a8f684 crypto: ux500 - Fix error return code in hash_hw_final()
    a1fa855e770e crypto: ixp4xx - dma_unmap the correct address
    0c5d94f29775 media: s5p_cec: decrement usage count if disabled
    80af2c9ee1d6 writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
    51fd1f683671 ia64: mca_drv: fix incorrect array size calculation
    a3aab894d971 kthread_worker: fix return value when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
    05bc31902755 block: fix discard request merge
    8978dd251898 cifs: fix missing spinlock around update to ses->status
    4061697e2f17 HID: wacom: Correct base usage for capacitive ExpressKey status bits
    888469c5fa95 ACPI: tables: Add custom DSDT file as makefile prerequisite
    dba9cda5aa99 clocksource: Retry clock read if long delays detected
    0aebb12a574d PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
    f53f229255d6 EDAC/Intel: Do not load EDAC driver when running as a guest
    26c9e398b499 nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst()
    51af155a4327 platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard()
    506a2001b719 block: fix race between adding/removing rq qos and normal IO
    e30d2ecc13d7 ACPI: resources: Add checks for ACPI IRQ override
    2238732f1992 ACPI: bus: Call kobject_put() in acpi_init() error path
    00f3017e04d4 ACPICA: Fix memory leak caused by _CID repair function
    f8c7e8e572d9 fs: dlm: fix memory leak when fenced
    b6c469a850a4 random32: Fix implicit truncation warning in prandom_seed_state()
    0fc251751c73 fs: dlm: cancel work sync othercon
    75b97dcbe956 block_dump: remove block_dump feature in mark_inode_dirty()
    4cee846b30aa ACPI: EC: Make more Asus laptops use ECDT _GPE
    e846c2821c25 lib: vsprintf: Fix handling of number field widths in vsscanf
    865c6e210bd4 hv_utils: Fix passing zero to 'PTR_ERR' warning
    8d64fd2682ae ACPI: processor idle: Fix up C-state latency if not ordered
    e9e2683f1b9c EDAC/ti: Add missing MODULE_DEVICE_TABLE
    9b1b8323871b HID: do not use down_interruptible() when unbinding devices
    17ca23ef05ed media: Fix Media Controller API config checks
    ef5792d3995d regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
    2aff3f51cd22 regulator: mt6358: Fix vdram2 .vsel_mask
    fc31fb6f36cd KVM: s390: get rid of register asm usage
    2ef6cd6e4865 lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage()
    1b45a85262bf locking/lockdep: Fix the dep path printing for backwards BFS
    3ee80fc1f530 btrfs: disable build on platforms having page size 256K
    af4b53f6d3ea btrfs: abort transaction if we fail to update the delayed inode
    504081c415e2 btrfs: fix error handling in __btrfs_update_delayed_inode
    f3d2278a81f7 KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10 processors
    3fea9b708ae3 drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe()
    2e23607e65dc hwmon: (max31790) Fix pwmX_enable attributes
    d284b53193fa hwmon: (max31790) Report correct current pwm duty cycles
    4bb7eeb0a200 media: imx-csi: Skip first few frames from a BT.656 source
    54196d9e77e5 media: siano: fix device register error path
    7434625f944c media: dvb_net: avoid speculation from net slot
    80b9d3becd84 crypto: shash - avoid comparing pointers to exported functions under CFI
    31ef30f8f878 mmc: via-sdmmc: add a check against NULL pointer dereference
    b28d6d2df2b3 mmc: sdhci-sprd: use sdhci_sprd_writew
    1e3ad91cb64c memstick: rtsx_usb_ms: fix UAF
    0ec7eab55b0e media: dvd_usb: memory leak in cinergyt2_fe_attach
    1fc3ec4ac405 Makefile: fix GDB warning with CONFIG_RELR
    0a825797f791 media: st-hva: Fix potential NULL pointer dereferences
    f6f0190d651b media: bt8xx: Fix a missing check bug in bt878_probe
    3790d56daf5f media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
    a70de431f713 media: em28xx: Fix possible memory leak of em28xx struct
    432188f62697 sched/fair: Fix ascii art by relpacing tabs
    dd776d2fdf87 crypto: qat - remove unused macro in FW loader
    bcea3fc8f24d crypto: qat - check return code of qat_hal_rd_rel_reg()
    1580d72ac7fc media: imx: imx7_mipi_csis: Fix logging of only error event counters
    eae27d048ee7 media: pvrusb2: fix warning in pvr2_i2c_core_done
    bb8b5e98b5f5 media: cobalt: fix race condition in setting HPD
    162b85d3cf25 media: cpia2: fix memory leak in cpia2_usb_probe
    5c8c5edb28f3 media: sti: fix obj-$(config) targets
    84ac96486ba7 crypto: nx - add missing MODULE_DEVICE_TABLE
    f4c8a00d61fe hwrng: exynos - Fix runtime PM imbalance on error
    022cf057e443 regulator: uniphier: Add missing MODULE_DEVICE_TABLE
    d6518e028103 spi: omap-100k: Fix the length judgment problem
    afc37630a124 spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages()
    ca5ea7847527 spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
    b413d8654ed6 media: exynos-gsc: fix pm_runtime_get_sync() usage count
    8fece55aeb6d media: sti/bdisp: fix pm_runtime_get_sync() usage count
    ac69e7aea37d media: s5p-jpeg: fix pm_runtime_get_sync() usage count
    f1a8951cf1b4 media: mtk-vcodec: fix PM runtime get logic
    908b6f72a910 media: sh_vou: fix pm_runtime_get_sync() usage count
    948bcdcf7fd9 media: s5p: fix pm_runtime_get_sync() usage count
    4480cacdbc26 media: mdk-mdp: fix pm_runtime_get_sync() usage count
    ef59dbc06d6a spi: Make of_register_spi_device also set the fwnode
    a883c38f1cfa fuse: reject internal errno
    059dd690bfe0 fuse: check connected before queueing on fpq->io
    e72bec922646 fuse: ignore PG_workingset after stealing
    74e9d920f25c evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
    d7dfaf13d24e evm: Execute evm_inode_init_security() only when an HMAC key is loaded
    5c7c5c49d9b8 powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
    9ed57fc5a45b seq_buf: Make trace_seq_putmem_hex() support data longer than 8
    c65755f595cd tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
    acf8494ba567 tracing/histograms: Fix parsing of "sym-offset" modifier
    6707b3d43822 rsi: fix AP mode with WPA failure due to encrypted EAPOL
    5269ac3cf0b5 rsi: Assign beacon rate settings to the correct rate_info descriptor field
    f4b4b121521d ssb: sdio: Don't overwrite const buffer if block_write fails
    96bb095f8536 ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
    e931d9a92576 serial_cs: remove wrong GLOBETROTTER.cis entry
    a3ca189a0018 serial_cs: Add Option International GSM-Ready 56K/ISDN modem
    4bd14de69785 serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
    a945c2ead2c5 serial: mvebu-uart: fix calculation of clock divisor
    202a64ad8f2c iio: ltr501: ltr501_read_ps(): add missing endianness conversion
    aafeedb0996d iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
    a27c940a9042 iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too
    3287635367a4 iio: light: tcs3472: do not free unallocated IRQ
    60684282789e rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
    a470819824b7 s390/cio: dont call css_wait_for_slow_path() inside a lock
    684bddacf155 KVM: PPC: Book3S HV: Workaround high stack usage with clang
    f0d3a4b6d5f7 perf/smmuv3: Don't trample existing events with global filter
    f9c7f2687923 SUNRPC: Should wake up the privileged task firstly.
    d060386ffdbd SUNRPC: Fix the batch tasks count wraparound.
    619c14120c30 mac80211: remove iwlwifi specific workaround that broke sta NDP tx
    1ff563ec86c7 can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path
    12aad0220812 can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after RCU is done
    7bb931d2c8cf can: gw: synchronize rcu operations before removing gw job entry
    70a9116b9e5c can: bcm: delay release of struct bcm_op after synchronize_rcu()
    512286ddc3e8 ext4: use ext4_grp_locked_error in mb_find_extent
    0bae1ea11981 ext4: fix avefreec in find_group_orlov
    8c06b3d02d65 ext4: remove check for zero nr_to_scan in ext4_es_scan()
    a0548187482d ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
    f01fa29e8ea0 ext4: return error code when ext4_fill_flex_info() fails
    ed628b253119 ext4: fix kernel infoleak via ext4_extent_header
    16b795a39f3e ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle
    e3d3cf2e5a7c btrfs: clear defrag status of a root if starting transaction fails
    077f06b648a4 btrfs: send: fix invalid path for unlink operations after parent orphanization
    0ede9e8c5a83 ARM: dts: at91: sama5d4: fix pinctrl muxing
    efdcd77660f8 arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode
    0f382fa359ca Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
    63e68b563649 iov_iter_fault_in_readable() should do nothing in xarray case
    846ae1d87931 copy_page_to_iter(): fix ITER_DISCARD case
    c4868118fab9 ntfs: fix validity check for file name attribute
    87a365a4ddec xhci: solve a double free problem while doing s4
    cc7559e6dd1d usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
    d5b06a79fe89 usb: dwc3: Fix debugfs creation flow
    7941f646a6cd USB: cdc-acm: blacklist Heimann USB Appset device
    8bdef7f21cb6 usb: gadget: eem: fix echo command packet response issue
    11dfef6aba1a net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
    aa6f233b949c Input: usbtouchscreen - fix control-request directions
    d808329ae137 media: dvb-usb: fix wrong definition
    3b4dd159db68 ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
    23d443c5b417 ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
    15f521856e0f ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
    3911b8ff714c ALSA: hda/realtek: Add another ALC236 variant support
    23ca8cf4cba0 ALSA: intel8x0: Fix breakage at ac97 clock measurement
    1908d78a87cf ALSA: usb-audio: scarlett2: Fix wrong resume call
    49e5b37fdd01 ALSA: usb-audio: Fix OOB access at proc output
    5ded94e8516d ALSA: usb-audio: fix rate on Ozone Z90 USB headset

(From OE-Core rev: 6bee4dbf3761e372bd9b40555dc776464e1ced59)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7fd82689d57c11ae517bc15cf0b8c59a4f374376)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-25 18:06:24 +01:00
Bruce Ashfield
f40356d7a1 linux-yocto/5.4: update to v5.4.131
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    e8d9b740a550 Linux 5.4.131
    d2f8a8a07ee3 xen/events: reset active flag for lateeoi events later
    a05499b29a6e KVM: SVM: Call SEV Guest Decommission if ASID binding fails
    58356f448b61 s390/stack: fix possible register corruption with stack switch helper
    abbd42939db6 KVM: SVM: Periodically schedule when unregistering regions on destroy
    8b24c7edc2f2 Linux 5.4.130
    5e8519c4083b RDMA/mlx5: Block FDB rules when not in switchdev mode
    c5fb49e12f2c gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP
    cf5eb8209723 drm/nouveau: fix dma_address check for CPU/GPU sync
    3edfd34f1338 scsi: sr: Return appropriate error code when disk is ejected
    a6c85a8433e0 x86/efi: remove unused variables

(From OE-Core rev: 8c3a582b00842baeea8fdaaa81d641b998fc78a4)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit edfd97ac5a11f46b9f3b905373abe3554f4b85db)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-25 18:06:24 +01:00
Andrej Valek
39395edb4d busybox: add tmpdir option into mktemp applet
- Make mktemp applet compatible with --tmpdir option in ca-certificate
update script.

(From OE-Core rev: 9b83aefa9c4a21d9dc1eea4a6b00af379466a288)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3d969e482d29da29828d1510f106f161d2b3d3c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Richard Purdie
3fc2f0d47a sstate: Drop pseudo exclusion
Now that pseudo-native always includes statx support and we have sanity
checks on pseudo-native to ensure it always contains a minimum feature set,
we no longer need to mark pseudo-native as distro specific. This fixes
eSDK build problems.

[YOCTO #14428]

(From OE-Core rev: d7e87a5851d717da047f552be394d5712efa0402)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3279e43fcb469edb63c7c4eb60fdc565d5751f9d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Richard Purdie
65dc011c8c pseudo: Update to latest version including statx fix
This updates to the latest pseudo version which includes:

 Revert "client: Fix some compiler warnings"
 ports/linux: Always build statx support
 makewrappers: Handle parameters marked as nonnull
 client: Fix some compiler warnings
 wrappers: Avoid -Wcast-function-type warning

In particular, this pseudo version always has statx enabled which means
we can then remove the need to make pseudo-native host distro specific
which fixes an eSDK issue.

(From OE-Core rev: c78d82c60acd8cf1eabc728d614bf4631a96c2ad)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58cc70940ff998be49a9b89e1ad0538242cb7998)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Richard Purdie
09ccbd14b1 pseudo: Add uninative configuration sanity check
When building pseudo-native to work with uninative, we need to ensure the
configuration will work on all supported target systems. This means
"new clone" semantics, xattr and statvfs support in particular. It is
extremely unlikely we'd run on a system without any of these but add
a check just to be sure when uninative is enabled.

(From OE-Core rev: 262b70f94c34762f5879f637dc918e2d5928f2d0)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea5b208ee25752bea6037cd0f3b28da7d2c9905e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Steve Sakoman
3b49f3536e gstreamer-plugins-good: ignore CVE-2021-3497/8 since they are fixed
CPE entries for gst-plugins-good are listed as gstreamer issues
so we need to ignore the false hits for the two CVEs we've patched

(From OE-Core rev: d853e2bde1ea083f8438e8d7a80f041196d2e38d)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Steve Sakoman
f2f6a73bb2 gstreamer-plugins-base: ignore CVE-2021-3522 since it is fixed
CPE entries for gst-plugins-base are listed as gstreamer issues
so we need to ignore the false hit for the CVE we've patched

(From OE-Core rev: f32e90a7f8918aacda61ef6176eb1655742045b4)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Steve Sakoman
7dbdfcf51b bluez: fix CVE-2021-3588
The cli_feat_read_cb() function in src/gatt-database.c does not perform
bounds checks on the 'offset' variable before using it as an index into
an array for reading

https://nvd.nist.gov/vuln/detail/CVE-2021-3588

(From OE-Core rev: 569362f338736a1c85f090909a9893d019bfce5d)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-20 19:05:39 +01:00
Richard Purdie
12725e44c1 report-error: Drop pointless inherit
The base class is always inherited, drop the unneeded inherit.

(From OE-Core rev: cfd74f2bae51413d9c327e0f08ecf751325c2d74)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 837d62c066589e5a12a0bf894ae7b24e8b048665)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Marek Vasut
b29f819eb5 update-rc.d: update SRCREV to pull in fix for non-bash shell support
This pulls in non-bash shell fix for enable/disable command, upstream
commit 8636cf4 ("update-rc.d: Fix enable/disable command"). This way
update-rc.d works with e.g. dash shell again.

(From OE-Core rev: 2a692b74f49952636098427ca523bc1590b9d81c)

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Changqing Li <changqing.li@windriver.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f697332a3a753898183d7c5d2965dd75db9b0a24)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Zoltán Böszörményi
cada971ded tzdata: Allow controlling zoneinfo binary format
tzcode 2020b changed the default format from "-b fat" to "-b slim".
Allow external control for the binary format.

(From OE-Core rev: 1e9393cae53b4de260ec951e7855d74f206730d0)

Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c9e8b716eb71d4526517825eacefb91ab2c1781c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Richard Purdie
9c5de5292f oeqa/selftest/multiprocesslauch: Fix test race
Having two possible failures in multiprocesslauch creates a race where one failure
may occur and stop processes being lanuched meaning the second failure may not
be seen. Rather than having periodic races appearing on the autobuilder, only
have one failure, making the test much more deterministic.

[YOCTO #13054]

(From OE-Core rev: 5df87fc7d3353abb8a8f4a25b544e7927c8b39eb)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 31e9dcda40aae3ce0801580c838928956e1455e3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Richard Purdie
9a4acc8ff3 dwarfsrcfiles: Avoid races over debug-link files
We use dwarfsrcfiles in package.bbclass to list the source files used by a binary.
This is done before they're stripped and linked to debug symbols in separate files.

It is possible a binary may already have a link to separate debug symbols, e.g.
some of the test binaries in lttng-tools ptest. In those cases, the linked binary
may be changed by package.bbclass code whilst dwarfsrcfiles is reading it. That
would result in a rare SIGBUS race causing the binary to fail.

To avoid this, break the debug file search path so no other binaries are found.

Also fix a segfault if no binary is specified while here.

[YOCTO #14400]

(From OE-Core rev: 317e334518c6394ecba4a3fdd4ba18b185822d22)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit efef732859e265533acf16f2f4da3b29d50e0df4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Minjae Kim
e643a5b966 dhcp: fix CVE-2021-25217
A buffer overrun in lease file parsing code
can be used to exploit a common vulnerability shared by dhcpd and dhclient.

reference:
https://www.openwall.com/lists/oss-security/2021/05/26/6
https://kb.isc.org/docs/cve-2021-25217
(From OE-Core rev: 58fa175702f0cd8f00dc5e7938fb55108921d324)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Chen Qi
1fe2f91cf3 busybox: fix CVE-2021-28831
Backport patch to fix CVE-2021-28831.

(From OE-Core rev: e579dbd9a6b2472ca90f411c0b594da9e38c9aca)

(From OE-Core rev: 42098fd740fe3de68a221fcc9c44ead545757461)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Alexander Kanavin
bfbd3253b6 bootchart2: update 0.14.8 -> 0.14.9
(From OE-Core rev: ed7d3e43e9d90b4b7db006758311e0b8b2b5f677)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b4ed68ea38bbdb91729f822a8f1a5fe7e5d2d713)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Steve Sakoman
e1e89ff7d7 glibc: update to lastest 2.31 release HEAD
Includes the following fixes:

4f0a61f753 wordexp: handle overflow in positional parameter number (bug 28011)
8e88c0d888 Fix SXID_ERASE behavior in setuid programs (BZ #27471)
74a4425fae Enhance setuid-tunables test
bb5bb87959 tst-env-setuid: Use support_capture_subprogram_self_sgid
700264179c support: Add capability to fork an sgid child
7fa6d30eea support: Typo and formatting fixes
0de2b69c31 support: Pass environ to child process
0c92f409a7 S390: Also check vector support in memmove ifunc-selector [BZ #27511]

(From OE-Core rev: eb03d3f72472539b10de49a32bdd3c68c34b658e)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Khem Raj
38fe8d0dbd webkitgtk: Upgrade to 2.28.4
This is a bug fix release in the stable 2.28 series.

Fixes several crashes and rendering issues.

backport a patch from master to fix clang11 build error

(From OE-Core rev: 16f345895dfb82475ab4640e608d232c38b072f6)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d38f23f5c34dfb2a2d28b834b0c35b1f7778f85)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Richard Purdie
9ea9c136fe webkitgtk: upgrade 2.28.2 -> 2.28.3
This is a bug fix release in the stable 2.28 series.

- Enable kinetic scrolling with async scrolling.
- Fix web process hangs on large GitHub pages.
- Bubblewrap sandbox should not attempt to bind empty paths.
- Fix threading issues in the media player.
- Fix several crashes and rendering issues.

Remove CVE-2020-13753.patch since fix is included in 2.28.3

(From OE-Core rev: a452fbbdb9646cb2a2f37a680a269b41f4bf215b)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e67e325ba620fe91ef11ab2a1029fbbc54b3c69)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Tim Orling
7fc32e6f3f python3: upgrade 3.8.10 -> 3.8.11
Release Date: June 28, 2021

This is a security release of Python 3.8

Note: The release you're looking at is Python 3.8.11, a security bugfix release
for the legacy 3.8 series. Python 3.9 is now the latest feature release series
of Python 3. Get the latest release of 3.9.x here.

Security content in this release contains three fixes. There's also two fixes
for 3.8.10 regressions. Take a look at the change log for details.

According to the release calendar specified in PEP 569, Python 3.8 is now in
security fixes only stage of its life cycle: 3.8 branch only accepts security
fixes and releases of those are made irregularly in source-only form until
October 2024. Python 3.8 isn't receiving regular bugfixes anymore, and binary
installers are no longer provided for it. Python 3.8.10 was the last full
bugfix release of Python 3.8 with binary installers.

References:
https://docs.python.org/release/3.8.11/whatsnew/changelog.html#python-3-8-11-final

(From OE-Core rev: 1ba51ee2d52ee92bbdede9f2cd2f9ed9ff04ddb6)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-15 15:27:49 +01:00
Richard Purdie
10763296f8 oeqa/selftest/archiver: Allow tests to ignore empty directories
If we tweak sstate to not remove empty directories under conditions
where a race could occur, we see failures from:

"oe-selftest -r archiver.Archiver.test_archiver_filters_by_type archiver.Archiver.test_archiver_filters_by_type_and_name"

since an empty directory is left behind. Update the tests to ignore
empty directories.

(From OE-Core rev: c96bcf97272f243df14598c84a41097746884b65)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 10cda713faea9a348fd278137ac75e4a6d76a71c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:20 +01:00
Florian Amstutz
1f0d813773 devtool: deploy-target: Fix preserving attributes when using --strip
Commit a2db4fa127 added ${WORKDIR}/deploy-* to
PSEUDO_IGNORE_PATHS. This breaks the --strip mode since ${D} is copied to
deploy-target-stripped. Use the directory devtool-deploy-target-stripped
instead.

[YOCTO #14451]

(From OE-Core rev: 9e2c7750f57bd1baa429d2f28a4c836ee57d1bfc)

Signed-off-by: Florian Amstutz <florian.amstutz@scs.ch>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02661f20faf11d0fa2f1874bd423f5d9fa7a31c9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:20 +01:00
Richard Purdie
a235d64226 sstate/staging: Handle directory creation race issue
The sstate code tries to be careful about racing around directory creation.
In particular, the copyhardlinktree code creates the directory tree first
allowing for "already exists" errors and ignoring them, then hardlinks the
files in.

Unfortunately the sstate removal code can race against this since it
will try and remove empty directories. If there is some bad timing,
a newly created directory can be removed before it was populated, leading
to build failures.

We could try and add locking but this would damage performance, we've been
there before. It is also unclear where to actually place locks just based on
the contents of a manifest file which may cover multiple sstate install
locations for a given task.

Instead, lets disable directory removal in the problematic "shared" core
path. This could result in a few more empty directories being left on disk
but those should be harmless and better than locking hurting performance
or rare build races.

[YOCTO #13999]
[YOCTO #14379]

(From OE-Core rev: fa49622521b6386d8031b1e7519f087aa9d99b19)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4f94d9296394bc7ce241439f00df86eb5912875f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Richard Purdie
522be6c4bf oeqa/selftest/runcmd: Tweal test timeouts
Load on the autobuilder meant we see occasionaly timeout issues with these tests.
Slightly increase the test timeouts to better reflect the real world timings we
see.

[YOCTO #14262]

(From OE-Core rev: 102ac28cf41e36c5d619be87ebb33b4af32ec817)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fccd2ade0e345625ed9a4b74a7431b000ce2214f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Michael Ho
608f16d94e sstate.bbclass: fix errors about read-only sstate mirrors
If a read-only sstate mirror is used in conjunction with hash equiv,
then OSError will be raised when an sstate-cache hit is achieved.

This is because sstate_task_postfunc will try to "touch" the symlinks
that point to the read-only sstate mirror when sstate_report_unihash
has changed SSTATE_PKG.

This commit adds an additional exception handler to silently mask read
only rootfs errors thrown during the touch.

The fix is also duplicated to sstate_eventhandler as the code is very
similar but it may not be needed there.

Example of the error:

File: 'exec_python_func() autogenerated', lineno: 2, function: <module>
     0001:
 *** 0002:sstate_task_postfunc(d)
     0003:
File: '/poky/meta/classes/sstate.bbclass', lineno: 774, function: sstate_task_postfunc
     0770:
     0771:    omask = os.umask(0o002)
     0772:    if omask != 0o002:
     0773:       bb.note("Using umask 0o002 (not %0o) for sstate packaging" % omask)
 *** 0774:    sstate_package(shared_state, d)
     0775:    os.umask(omask)
     0776:
     0777:    sstateinst = d.getVar("SSTATE_INSTDIR")
     0778:    d.setVar('SSTATE_FIXMEDIR', shared_state['fixmedir'])
File: '/poky/meta/classes/sstate.bbclass', lineno: 703, function: sstate_package
     0699:    if not os.path.exists(siginfo):
     0700:        bb.siggen.dump_this_task(siginfo, d)
     0701:    else:
     0702:        try:
 *** 0703:            os.utime(siginfo, None)
     0704:        except PermissionError:
     0705:            pass
     0706:
     0707:    return
Exception: OSError: [Errno 30] Read-only file system

(From OE-Core rev: f2360f796016cce93610a080ff07c8047bda6ee8)

Signed-off-by: Michael Ho <Michael.Ho@bmw.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 244b3be0358a66e0cca4016fe26144e3d7323390)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Richard Purdie
95d109b621 package_pkgdata: Avoid task hash mismatches for generic task changes
Add SSTATETASKS to package_prepare_pkgdata[vardepsexclude] since otherwise
the task hashes vary depending upon which packaging backends are enabled
and likely other changes which add/remove unrelated sstate tasks.

(From OE-Core rev: fd94aa40e68189c41ef650d7fc9f4d4da686a4ad)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4011d31d4372639fd72ee0eefae210bf59c90d13)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Richard Purdie
bf53c74e80 perf: Use python3targetconfig to ensure we use target libraries
We've seen some reproducibility issues on the autobuilder in perf where the
size of the python module varies slightly between systems. After some head
scratching and removing the --quiet option to the python module build,
you can see it using -Lrecipe-sysroot-native in the linking commandline
for the module. This means it is linking against the native library
on systems where that works, skipping it and using the target one
otherwise, probably with warnings in logs we've not seen.

The fix is to inherit the python3targetconfig class which ensures
that the target sysroot is used, then the byte differences between
the builds go away and things are sane(r) again.

(From OE-Core rev: 8d625ded4a943fe9f0a8134d66cb2908b1947cae)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8e2b6c042edd9ec76cb8281247604e4f81518780)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Alexander Kanavin
de1578c825 selftest: do not hardcode /tmp/sdk
This races if there are several copies of the test running at the same
time.

[YOCTO #14438]

(From OE-Core rev: deab11848036941771f2b3dc5cdaee83395280b5)

(From OE-Core rev: 969c29c39b0ceb73ace615c478ca4544be803c9a)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit ea707e8726cd7012d101d02e69503b7c98bdaf3e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Richard Purdie
bf8881dac7 kernel-devicetree: Fix interaction when packaging disabled
When packaging is disabled using the nopackages class, ensure we don't
add to PACKAGES. This fixes builds where we have an unpackaged kernel
alongside a packaged kernel.

(From OE-Core rev: 44756b6d92d922873fe1781e2cc1be3031cc5a86)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d6b114cf5a9b22688c0b59a3afc46a07450d87b5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Richard Purdie
1435d708ae kernel: Fix interaction when packaging disabled
When packaging is disabled using the nopackages class, ensure we don't
add to PACKAGES. This fixes builds where we have an unpackaged kernel
alongside a packaged kernel.

(From OE-Core rev: 6683b784d3258672c8d56c945db02ba37379cbf6)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2522daf22e2c27dd9c7926feda0345978217c6c3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Bruce Ashfield
ba0f8592c8 linux-yocto/5.4: update to v5.4.129
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    82ffbc138a1f Linux 5.4.129
    9011aaab90b8 certs: Move load_system_certificate_list to a common function
    e20b90e4f81b certs: Add EFI_CERT_X509_GUID support for dbx entries
    06ab9df09eb3 x86/efi: move common keyring handler functions to new file
    ac7d3f554472 certs: Add wrapper function to check blacklisted binary hash
    61168eafe024 mm, futex: fix shared futex pgoff on shmem huge page
    a33b70d62552 mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
    e045e9e79d2a mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
    037a1d67d236 mm: page_vma_mapped_walk(): get vma_address_end() earlier
    fa89d536948a mm: page_vma_mapped_walk(): use goto instead of while (1)
    a499febd9935 mm: page_vma_mapped_walk(): add a level of indentation
    b1783bf8c8e4 mm: page_vma_mapped_walk(): crossing page table boundary
    80b2270a14b8 mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
    ef161ccaca70 mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
    4961160272b7 mm: page_vma_mapped_walk(): settle PageHuge on entry
    52e2b20fb5e4 mm: page_vma_mapped_walk(): use page for pvmw->page
    82ee7326af7a mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
    bd4389215227 mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
    b767134ec30a mm/thp: fix page_address_in_vma() on file THP tails
    41432a8a6776 mm/thp: fix vma_address() if virtual address below file offset
    4b0a34e222e5 mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
    bd092a0f1942 mm/thp: make is_huge_zero_pmd() safe and quicker
    4c37d7f269f8 mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
    7ce4b73d349b mm, thp: use head page in __migration_entry_wait()
    68ce37ebe0f2 mm/rmap: use page_not_mapped in try_to_unmap()
    432b61863ac7 mm/rmap: remove unneeded semicolon in page_not_mapped()
    cfe575954ddd mm: add VM_WARN_ON_ONCE_PAGE() macro
    42f11f0fe977 kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
    06ab015d1849 kthread_worker: split code for canceling the delayed work timer
    d77c9c8537db i2c: robotfuzz-osif: fix control-request directions
    bb85717e3797 KVM: do not allow mapping valid but non-reference-counted pages
    d6f751ecccfb nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
    702acfcbfa68 pinctrl: stm32: fix the reported number of GPIO lines per bank
    76c10e10ba7b net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY
    aa00b9780482 net: ll_temac: Add memory-barriers for TX BD access
    d807b93f9bca PCI: Add AMD RS690 quirk to enable 64-bit DMA
    5830f2081d98 recordmcount: Correct st_shndx handling
    70866199220e net: qed: Fix memcpy() overflow of qed_dcbx_params()
    b7168ec176fd KVM: selftests: Fix kvm_check_cap() assertion
    58687d143515 r8169: Avoid memcpy() over-reading of ETH_SS_STATS
    cb4a2e4e224a sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS
    97e0102e1824 r8152: Avoid memcpy() over-reading of ETH_SS_STATS
    f12a5b48bcc8 net/packet: annotate accesses to po->ifindex
    cdcedd3c8683 net/packet: annotate accesses to po->bind
    343406f9c198 net: caif: fix memory leak in ldisc_open
    8707ce86e927 net: phy: dp83867: perform soft reset and retain established link
    9f2d04dfb3c4 inet: annotate date races around sk->sk_txhash
    d40ff07a7b7d ping: Check return value of function 'ping_queue_rcv_skb'
    9df4f031536b net: ethtool: clear heap allocations for ethtool function
    62aed2df294a mac80211: drop multicast fragments
    eb2b1216bc8f net: ipv4: Remove unneed BUG() function
    e0c950d2fddb dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma
    f7b1926c7c5d dmaengine: mediatek: do not issue a new desc if one is still current
    3d995587c3ea dmaengine: mediatek: free the proper desc in desc_free handler
    c09af3877b53 dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
    f2c027a7750f cfg80211: call cfg80211_leave_ocb when switching away from OCB
    78bf3c613148 mac80211_hwsim: drop pending frames on stop
    ae9de9444b54 mac80211: remove warning in ieee80211_get_sband()
    0e486713779a dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc()
    456367b24190 Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
    1442186236ad spi: spi-nxp-fspi: move the register operation after the clock enable
    7bc73260c4b1 MIPS: generic: Update node names to avoid unit addresses
    0855fe6d8835 arm64: link with -z norelro for LLD or aarch64-elf
    3173390b8dbc kbuild: add CONFIG_LD_IS_LLD
    3450f5eb8c9e mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
    48a5449c0be1 ARM: 9081/1: fix gcc-10 thumb2-kernel regression
    4a8e89e0fd0b drm/radeon: wait for moving fence after pinning
    4577708b2a22 drm/nouveau: wait for moving fence after pinning v2
    c77c617e26e2 Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell."
    6bd0da6c9b12 Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue."
    e2dc07ca4e01 module: limit enabling module.sig_enforce

(From OE-Core rev: bcbeef7c6fc55e60d4bb5351e25046705b3b68ea)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d621feee60e71bea68c853626e74669b9d953346)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Bruce Ashfield
50cadddf8b linux-yocto/5.4: update to v5.4.128
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    4037804c5574 Linux 5.4.128
    fd7c4bd58249 usb: dwc3: core: fix kernel panic when do reboot
    d7e403eea007 usb: dwc3: debugfs: Add and remove endpoint dirs dynamically
    5babc3977565 clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940
    aad8f1d88ed6 clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue
    5394080643bc clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support
    c53cc5f9587c ARM: OMAP: replace setup_irq() by request_irq()
    7d266c8a2ae8 KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
    0c2a4178d796 tools headers UAPI: Sync linux/in.h copy with the kernel sources
    7381c4d0bc10 net: fec_ptp: add clock rate zero check
    190ecdf53d67 net: stmmac: disable clocks in stmmac_remove_config_dt()
    4f69c8930674 mm/slub.c: include swab.h
    9ddeea35c47d mm/slub: fix redzoning for small allocations
    c0837e021d90 mm/slub: clarify verification reporting
    79855be6445b net: bridge: fix vlan tunnel dst refcnt when egressing
    a2241e62f6b4 net: bridge: fix vlan tunnel dst null pointer dereference
    b6c0ab11c88f net: ll_temac: Fix TX BD buffer overwrite
    6d120ab4dc39 net: ll_temac: Make sure to free skb when it is completely used
    a32f70e06980 drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue.
    dbde458378ef drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell.
    92e08a5ffae9 cfg80211: avoid double free of PMSR request
    01ade7c84fda cfg80211: make certificate generation more robust
    05b4fdec273b dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
    f3c629b164ca x86/fpu: Reset state for all signal restore failures
    4f1e9bafa195 x86/pkru: Write hardware init value to PKRU when xstate is init
    13c5f1f0798c x86/process: Check PF_KTHREAD and not current->mm for kernel threads
    80c56699cf1a ARCv2: save ABI registers across signal handling
    cbb425f62df9 KVM: x86: Immediately reset the MMU context when the SMM flag is cleared
    58877ce3fecd PCI: Work around Huawei Intelligent NIC VF FLR erratum
    a36d9bdc1917 PCI: Add ACS quirk for Broadcom BCM57414 NIC
    4c90f90a91d7 PCI: aardvark: Fix kernel panic during PIO transfer
    0e888c237754 PCI: aardvark: Don't rely on jiffies while holding spinlock
    f3b600a2b6bc PCI: Mark some NVIDIA GPUs to avoid bus reset
    775c25b7a334 PCI: Mark TI C667X to avoid bus reset
    c7660ab8126e tracing: Do no increment trace_clock_global() by one
    79894a5d75ab tracing: Do not stop recording comms if the trace file is being read
    4ab1152bb778 tracing: Do not stop recording cmdlines when tracing is off
    0061eff74824 usb: core: hub: Disable autosuspend for Cypress CY7C65632
    6f87c0e21ad2 can: mcba_usb: fix memory leak in mcba_usb
    22cba878abf6 can: j1939: fix Use-after-Free, hold skb ref while in use
    776e0d16ac84 can: bcm/raw/isotp: use per module netdevice notifier
    c297559a2a2a can: bcm: fix infoleak in struct bcm_msg_head
    35b651d6bdf3 hwmon: (scpi-hwmon) shows the negative temperature properly
    8ea34be15fb5 radeon: use memcpy_to/fromio for UVD fw upload
    0b445249635d pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled
    d7d307fb3e70 spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd()
    04e5fbe604d3 ASoC: rt5659: Fix the lost powers for the HDA header
    81376d3d5ede regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting
    19f88ca68ccf net: ethernet: fix potential use-after-free in ec_bhf_remove
    63137ea2423c icmp: don't send out ICMP messages with a source address of 0.0.0.0
    c3e6fbc7ba7c bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
    87971d582c66 bnxt_en: Rediscover PHY capabilities after firmware reset
    755da76ec5de cxgb4: fix wrong shift.
    81de2ed06df8 net: cdc_eem: fix tx fixup skb leak
    a49cbb762ef2 net: hamradio: fix memory leak in mkiss_close
    0f868a684376 be2net: Fix an error handling path in 'be_probe()'
    c14c276d7f35 net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock
    3dd2aeac2e96 net: ipv4: fix memory leak in ip_mc_add1_src
    7b18f289fd0b net: fec_ptp: fix issue caused by refactor the fec_devtype
    4252bf6c2b24 net: usb: fix possible use-after-free in smsc75xx_bind
    217395c5ab15 lantiq: net: fix duplicated skb in rx descriptor ring
    5f7acbf602d8 net: cdc_ncm: switch to eth%d interface naming
    3daa97817aa8 ptp: improve max_adj check against unreasonable values
    26b8d10703a9 net: qrtr: fix OOB Read in qrtr_endpoint_post
    8d3de2b47e53 netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
    a670a78fb180 qlcnic: Fix an error handling path in 'qlcnic_probe()'
    b0bb49b0fbc3 net: make get_net_ns return error if NET_NS is disabled
    5d47a84f459c net: stmmac: dwmac1000: Fix extended MAC address registers definition
    c82e4e78094d alx: Fix an error handling path in 'alx_probe()'
    4cefa061fc63 sch_cake: Fix out of bounds when parsing TCP options and header
    6defc77d48ef netfilter: synproxy: Fix out of bounds when parsing TCP options
    ad689fec4498 net/mlx5e: Block offload of outer header csum for UDP tunnels
    946a36f82a0b net/mlx5e: allow TSO on VXLAN over VLAN topologies
    0bb0270832c8 net/mlx5: Consider RoCE cap before init RDMA resources
    4b16118665e9 net/mlx5e: Fix page reclaim for dead peer hairpin
    3c3461ed267b net/mlx5e: Remove dependency in IPsec initialization flows
    2ae0f0a409c8 net/sched: act_ct: handle DNAT tuple collision
    23f3d2779dd6 rtnetlink: Fix regression in bridge VLAN configuration
    5a88477c1c85 udp: fix race between close() and udp_abort()
    cc4c6b19093c net: lantiq: disable interrupt before sheduling NAPI
    2038cd15eacd net: rds: fix memory leak in rds_recvmsg
    cc16e7d36e5c vrf: fix maximum MTU
    398a24447eb6 net: ipv4: fix memory leak in netlbl_cipsov4_add_std
    e7fbd8184fa9 batman-adv: Avoid WARN_ON timing related checks
    bf99ea52970c kvm: LAPIC: Restore guard to prevent illegal APIC register access
    566345aaabac mm/memory-failure: make sure wait for page writeback in memory_failure
    0498165c6fec afs: Fix an IS_ERR() vs NULL check
    2a3f74ca167e dmaengine: stedma40: add missing iounmap() on error in d40_probe()
    10fd28745d8b dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM
    1e3c5c450567 dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM
    a82d4d5e9fe6 Linux 5.4.127
    f7afaf778591 fib: Return the correct errno code
    51cc5ad292da net: Return the correct errno code
    376a703f9dce net/x25: Return the correct errno code
    107140952ecd rtnetlink: Fix missing error code in rtnl_bridge_notify()
    12fa0fdbcd0f drm/amd/display: Allow bandwidth validation for 0 streams.
    8c48345fdc98 net: ipconfig: Don't override command-line hostnames or domains
    c8e4a72b255e nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue()
    655d4dc10a23 nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails
    ed4bee6e1bb7 nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues()
    31ac5531110a scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
    4791b8948741 scsi: qedf: Do not put host in qedf_vport_create() unconditionally
    8034fc4ee9ef ethernet: myri10ge: Fix missing error code in myri10ge_probe()
    ea4a9a34c9b2 scsi: target: core: Fix warning on realtime kernels
    86fd5b27db74 gfs2: Fix use-after-free in gfs2_glock_shrink_scan
    527f70f76742 riscv: Use -mno-relax when using lld linker
    e58f4b5046e0 HID: gt683r: add missing MODULE_DEVICE_TABLE
    50b8e1be15f6 gfs2: Prevent direct-I/O write fallback errors from getting lost
    c8eff6762943 ARM: OMAP2+: Fix build warning when mmc_omap is not built
    e4c3f7a6a3b2 drm/tegra: sor: Do not leak runtime PM reference
    7f5a4b24cdbd HID: usbhid: fix info leak in hid_submit_ctrl
    20fbcfaaa571 HID: Add BUS_VIRTUAL to hid_connect logging
    41b9b39e1b37 HID: multitouch: set Stylus suffix for Stylus-application devices, too
    2173746ed125 HID: quirks: Add quirk for Lenovo optical mouse
    cdf5e4747da9 HID: hid-sensor-hub: Return error for hid_set_field() failure
    1f760c4e655c HID: hid-input: add mapping for emoji picker key
    818bf51031cf HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
    d0f47648b87b net: ieee802154: fix null deref in parse dev addr
    ffe4d2a0684d Linux 5.4.126
    0f8837070136 proc: only require mm_struct for writing
    d63f00ec908b tracing: Correct the length check which causes memory corruption
    7e4e824b109f ftrace: Do not blindly read the ip address in ftrace_bug()
    74430f3f6149 scsi: core: Only put parent device if host state differs from SHOST_CREATED
    e694ddc8f3de scsi: core: Put .shost_dev in failure path if host state changes to RUNNING
    fe7bcd794a53 scsi: core: Fix failure handling of scsi_add_host_with_dma()
    79296e292d67 scsi: core: Fix error handling of scsi_host_alloc()
    8c9400c4855e NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error.
    86377b239e04 NFSv4: Fix second deadlock in nfs4_evict_inode()
    3e3c7ebbfac1 NFS: Fix use-after-free in nfs4_init_client()
    83668ab1dbbf kvm: fix previous commit for 32-bit builds
    0147af30925a perf session: Correct buffer copying when peeking events
    34769f17e47c NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode()
    0057ecef9f32 NFS: Fix a potential NULL dereference in nfs_get_client()
    e3ecd9c09fcc IB/mlx5: Fix initializing CQ fragments buffer
    796d3bd4ac93 KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message
    71c751cbb9e8 sched/fair: Make sure to update tg contrib for blocked load
    26ab08df8656 perf: Fix data race between pin_count increment/decrement
    8aeb339571c6 vmlinux.lds.h: Avoid orphan section with !SMP
    fc57713afaca RDMA/mlx4: Do not map the core_clock page to user space unless enabled
    64f1fb6acc2a RDMA/ipoib: Fix warning caused by destroying non-initial netns
    a0828219185d usb: typec: mux: Fix copy-paste mistake in typec_mux_match
    139af3b2192c regulator: max77620: Use device_set_of_node_from_dev()
    c4e10f92c319 regulator: core: resolve supply for boot-on/always-on regulators
    5ef23506695b usb: fix various gadget panics on 10gbps cabling
    b4903f7fdc48 usb: fix various gadgets null ptr deref on 10gbps cabling.
    191144bcfe3a usb: gadget: eem: fix wrong eem header operation
    cc40404bd0dd USB: serial: cp210x: fix alternate function for CP2102N QFN20
    02fafcf74cde USB: serial: quatech2: fix control-request directions
    eedd4b494538 USB: serial: omninet: add device id for Zyxel Omni 56K Plus
    a2119ad276f1 USB: serial: ftdi_sio: add NovaTech OrionMX product ID
    28b9764eb568 usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
    4fe7635a245b usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path
    9523c42be986 usb: typec: wcove: Use LE to CPU conversion when accessing msg->header
    5e8ca8c79f74 usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling
    366369b89bed usb: dwc3: ep0: fix NULL pointer exception
    c469c8dddc7d usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms
    32c2e6c2e4eb usb: f_ncm: only first packet of aggregate needs to start timer
    0c05a8bc0e76 USB: f_ncm: ncm_bitrate (speed) is unsigned
    4d14a82ef112 cgroup1: don't allow '\n' in renaming
    298499d73d2d btrfs: promote debugging asserts to full-fledged checks in validate_super
    d4b047651fb1 btrfs: return value from btrfs_mark_extent_written() in case of error
    dccd575337ac staging: rtl8723bs: Fix uninitialized variables
    bff1fbf0cf07 kvm: avoid speculation-based attacks from out-of-range memslot accesses
    977d11df7932 drm: Lock pointer access in drm_master_release()
    b246b4c70c12 drm: Fix use-after-free read in drm_getunique()
    b5502580cf95 spi: bcm2835: Fix out-of-bounds access with more than 4 slaves
    a225ee1fe41c x86/boot: Add .text.* to setup.ld
    8c2c1db4f2e4 i2c: mpc: implement erratum A-004447 workaround
    c7f0393a370e i2c: mpc: Make use of i2c_recover_bus()
    3cdbefdd3146 spi: Cleanup on failure of initial setup
    85a7998e7211 spi: Don't have controller clean up spi device before driver unbind
    92350839d329 powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers
    96cea4843b8f powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers
    3e9aa125f69c nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME
    c385af145eb4 bnx2x: Fix missing error code in bnx2x_iov_init_one()
    ece8ad75e318 dm verity: fix require_signatures module_param permissions
    a450b5b6c01d MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER
    eb5c4794b79e nvme-fabrics: decode host pathing error for connect
    70036fb61ea8 net: dsa: microchip: enable phy errata workaround on 9567
    128bb4b0e5d2 net: appletalk: cops: Fix data race in cops_probe1
    19e14481cc7d net: macb: ensure the device is available before accessing GEMGXL control registers
    cd05e1a61a05 scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
    e773147692c6 scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
    1e209effe36c scsi: vmw_pvscsi: Set correct residual data length
    90476c1bfff0 scsi: bnx2fc: Return failure if io_req is already in ABTS processing
    a3842219a69d RDS tcp loopback connection can hang
    3e324774411d net/qla3xxx: fix schedule while atomic in ql_sem_spinlock
    f9e7a38d148e wq: handle VM suspension in stall detection
    92215c1f24c0 cgroup: disable controllers at parse time
    e29d22371de8 net: mdiobus: get rid of a BUG_ON()
    21df0c2e7d19 netlink: disable IRQs for netlink_lock_table()
    e0172831c61a bonding: init notify_work earlier to avoid uninitialized use
    9d7d4649dc1c isdn: mISDN: netjet: Fix crash in nj_probe:
    77b9f527731e spi: sprd: Add missing MODULE_DEVICE_TABLE
    cbeee4ccc1c7 ASoC: sti-sas: add missing MODULE_DEVICE_TABLE
    575ad4ab2057 vfio-ccw: Serialize FSM IDLE state with I/O completion
    02d3f4f0aadb ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
    8a9478cfb21b ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
    02851cb0cae3 usb: cdns3: Fix runtime PM imbalance on error
    f3ed12af6bbb net/nfc/rawsock.c: fix a permission check bug
    3e7c190475d9 spi: Fix spi device unregister flow
    9f9ad67183aa ASoC: max98088: fix ni clock divider calculation
    c9002013ffe0 proc: Track /proc/$pid/attr/ opener mm_struct

(From OE-Core rev: 0a134cc73311cd3b05963273721e54289572d85c)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c48b8526b56530baa50eb78d3870fe252b3ca1f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Bruce Ashfield
3fce24f519 linux-yocto/5.4: update to v5.4.125
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    3909e2374335 Linux 5.4.125
    d99029e6aab6 neighbour: allow NUD_NOARP entries to be forced GCed
    8e0bb29446d1 i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops
    bdc17b2f8264 xen-pciback: redo VF placement in the virtual topology
    defcc2b5e54a lib/lz4: explicitly support in-place decompression
    97e814e6b5cd x86/kvm: Disable all PV features on crash
    9084fe1b3572 x86/kvm: Disable kvmclock on all CPUs on shutdown
    7620a669111b x86/kvm: Teardown PV features on boot CPU as well
    f82030a586a1 KVM: arm64: Fix debug register indexing
    2295e87a5e39 KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode
    0450af01ae7e btrfs: fix unmountable seed device after fstrim
    3b7f3cab1d47 mm/filemap: fix storing to a THP shadow entry
    0a890e220954 XArray: add xas_split
    03a390d8796d XArray: add xa_get_order
    fd8e06a7a723 mm: add thp_order
    f192885f7cee bnxt_en: Remove the setting of dev_port.
    14fd3da3e8d3 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
    6d4da27bd9ef btrfs: fixup error handling in fixup_inode_link_counts
    dad974d2494a btrfs: return errors from btrfs_del_csums in cleanup_ref_head
    0fd9149a82e3 btrfs: fix error handling in btrfs_del_csums
    295859a55549 btrfs: mark ordered extent and inode with error if we fail to finish
    12ca65539b04 x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing
    b0c0d8b5bf94 drm/amdgpu: make sure we unpin the UVD BO
    24c06e5452c3 drm/amdgpu: Don't query CE and UE errors
    5d4c4b06ed9f nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
    cc2edb99ea60 ocfs2: fix data corruption by fallocate
    2cd6eedfa634 pid: take a reference when initializing `cad_pid`
    fe4e0bd4c26c usb: dwc2: Fix build in periphal-only mode
    920697b004e4 ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
    52fc8f05c158 ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators
    2cac47eed455 ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch
    d349ff008cb3 ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx
    0afd601d8e0a ALSA: timer: Fix master timer notification
    d65bc969ec8b HID: multitouch: require Finger field to mark Win8 reports as MT
    368c5d45a87e HID: magicmouse: fix NULL-deref on disconnect
    142d5ca797a9 HID: i2c-hid: Skip ELAN power-on command after reset
    4d94f530cd24 net: caif: fix memory leak in cfusbl_device_notify
    f52f4fd67264 net: caif: fix memory leak in caif_device_notify
    c97cdb70b72d net: caif: add proper error handling
    64824f626c0c net: caif: added cfserl_release function
    b6f97555c71f Bluetooth: use correct lock to prevent UAF of hdev object
    8d3d0ac73a4a Bluetooth: fix the erroneous flush_work() order
    28efacc21d2a tipc: fix unique bearer names sanity check
    9ac67fdf64e0 tipc: add extack messages for bearer/media failure
    0fa160a75748 bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act
    22ea29c39717 ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells
    5b97dd983255 ARM: dts: imx7d-pico: Fix the 'tuning-step' property
    55fa22d1d8b2 ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property
    3a559111bd10 arm64: dts: zii-ultra: fix 12V_MAIN voltage
    f78c28a0dda1 arm64: dts: ls1028a: fix memory node
    3616dd03bc43 i40e: add correct exception tracing for XDP
    adfd6355fc8b i40e: optimize for XDP_REDIRECT in xsk path
    06f667dba42e i2c: qcom-geni: Add shutdown callback for i2c
    de37510ec67d ice: Allow all LLDP packets from PF to Tx
    bafd0a7461f0 ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared
    3583ab29177c ice: write register with correct offset
    7ba7fa78a92d ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
    112533f50c7e ixgbevf: add correct exception tracing for XDP
    b5cc02c6986f ieee802154: fix error return code in ieee802154_llsec_getparams()
    4ca8aa37cb43 ieee802154: fix error return code in ieee802154_add_iface()
    66f3ab065b70 netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
    da8d31e80ff4 netfilter: nft_ct: skip expectations for confirmed conntrack
    14c0381e2639 ACPICA: Clean up context mutex during object deletion
    8e8678936f0d net/sched: act_ct: Fix ct template allocation for zone 0
    385e1861f31b HID: i2c-hid: fix format string mismatch
    279e2136dd21 HID: pidff: fix error return code in hid_pidff_init()
    c8a95cb0c02d ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
    087b803a5b49 vfio/platform: fix module_put call in error flow
    60dcad10e2c7 samples: vfio-mdev: fix error handing in mdpy_fb_probe()
    870973918b2a vfio/pci: zap_vma_ptes() needs MMU
    5da371c3fdfb vfio/pci: Fix error return code in vfio_ecap_init()
    a4ed60297770 efi: cper: fix snprintf() use in cper_dimm_err_location()
    bc8f6647a73c efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared
    2986fdd3211f netfilter: conntrack: unregister ipv4 sockopts on error unwind
    90870b45fc62 hwmon: (dell-smm-hwmon) Fix index values
    0338fa4af9f3 nl80211: validate key indexes for cfg80211_registered_device
    e9487a498753 ALSA: usb: update old-style static const declaration
    aaa41b3094ea net: usb: cdc_ncm: don't spew notifications
    96a40c3fa3d3 btrfs: tree-checker: do not error out if extent ref hash doesn't match

(From OE-Core rev: 9c3b82eec2c9e7263898a812d82089831564cf6d)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ac4206f38bba852b1171419ad72a6e1c75ccec4c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Bruce Ashfield
668cb9b2b8 linux-yocto/5.4: update to v5.4.124
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    70154d2f82a9 Linux 5.4.124
    23c7e3235a3a usb: core: reduce power-on-good delay time of root hub
    241abccc8a33 neighbour: Prevent Race condition in neighbour subsytem
    3c36980ba681 net: hso: bail out on interrupt URB allocation failure
    1bd48a2af84e Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference""
    866648d965f0 net: hns3: check the return of skb_checksum_help()
    72cda5259f5e drivers/net/ethernet: clean up unused assignments
    776fba1486be i915: fix build warning in intel_dp_get_link_status()
    c561d83be40f drm/i915/display: fix compiler warning about array overrun
    e3d5ff235ec5 MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
    86a62df8f4d4 MIPS: alchemy: xxs1500: add gpio-au1000.h header file
    2221f233cc9e sch_dsmark: fix a NULL deref in qdisc_reset()
    a052751302b7 net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88
    162b11831f77 ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be static
    3bfb58517d06 ipv6: record frag_max_size in atomic fragments in input path
    8bb1077448d4 net: lantiq: fix memory corruption in RX ring
    fda8f74d3975 scsi: libsas: Use _safe() loop in sas_resume_port()
    cf20c704a26e ixgbe: fix large MTU request from VF
    7a143b92d1dc bpf: Set mac_len in bpf_skb_change_head
    272729d56b2d ASoC: cs35l33: fix an error code in probe()
    3ee1d6e23108 staging: emxx_udc: fix loop in _nbu2ss_nuke()
    0bf49b3c8d8b cxgb4: avoid accessing registers when clearing filters
    68b5fc6ec52f gve: Correct SKB queue index validation.
    4f4752e4d8db gve: Upgrade memory barrier in poll routine
    821149ee88c2 gve: Add NULL pointer checks when freeing irqs.
    6abd1d1983f2 gve: Update mgmt_msix_idx if num_ntfy changes
    13c4d8986125 gve: Check TX QPL was actually assigned
    37d697759958 mld: fix panic in mld_newpack()
    b0fb74377891 bnxt_en: Include new P5 HV definition in VF check.
    f7b5b4e26bf5 net: bnx2: Fix error return code in bnx2_init_board()
    7a79654b9076 net: hso: check for allocation failure in hso_create_bulk_serial_device()
    48da4c0577fe net: sched: fix tx action reschedule issue with stopped queue
    515e7c595d84 net: sched: fix tx action rescheduling issue during deactivation
    1c25c7621fb7 net: sched: fix packet stuck problem for lockless qdisc
    a04790d104e2 tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
    5c01181700ab openvswitch: meter: fix race when getting now_ms.
    5bfdc481d812 net: mdio: octeon: Fix some double free issues
    2e0fba911ca7 net: mdio: thunder: Fix a double free issue in the .remove function
    20255d41ac56 net: fec: fix the potential memory leak in fec_enet_init()
    41f7f37ddefe net: really orphan skbs tied to closing sk
    694f68527e75 vfio-ccw: Check initialized flag in cp_init()
    d5e4479228b5 ASoC: cs42l42: Regmap must use_single_read/write
    87803141fb3e net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count
    4450f733dc3d net: netcp: Fix an error message
    de2bf5de17be drm/amd/amdgpu: fix a potential deadlock in gpu reset
    7398c2aab4da drm/amdgpu: Fix a use-after-free
    dde2656e0bbb drm/amd/amdgpu: fix refcount leak
    f6d92ebb3eaf drm/amd/display: Disconnect non-DP with no EDID
    63c61d89660a SMB3: incorrect file id in requests compounded with open
    07160b004a0b platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet
    d1dcd53a45e1 platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
    feb5d3618a18 platform/x86: hp-wireless: add AMD's hardware id to the supported list
    0ed102453aa1 btrfs: do not BUG_ON in link_to_fixup_dir
    a10371342903 openrisc: Define memory barrier mb
    fed34fb07c4b scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
    55575c08502f btrfs: return whole extents in fiemap
    a3dea6dc1e14 brcmfmac: properly check for bus register errors
    26fb7a61de4e Revert "brcmfmac: add a check for the status of usb_register"
    d4bab5d15bf5 net: liquidio: Add missing null pointer checks
    6ba750549671 Revert "net: liquidio: fix a NULL pointer dereference"
    d771def6c305 media: gspca: properly check for errors in po1030_probe()
    44b17737b7aa Revert "media: gspca: Check the return value of write_bridge for timeout"
    f6068eadc1d2 media: gspca: mt9m111: Check write_bridge for timeout
    f19375e9a8f2 Revert "media: gspca: mt9m111: Check write_bridge for timeout"
    193c790eccfc media: dvb: Add check on sp8870_readreg return
    2d5e27f0e031 Revert "media: dvb: Add check on sp8870_readreg"
    5b3a68a1cf37 ASoC: cs43130: handle errors in cs43130_probe() properly
    7e4ac4e151f1 Revert "ASoC: cs43130: fix a NULL pointer dereference"
    3aa60a0335ea libertas: register sysfs groups properly
    e0c75f951f81 Revert "libertas: add checks for the return value of sysfs_create_group"
    6c52bc7482e3 dmaengine: qcom_hidma: comment platform_driver_register call
    e829b7253e4d Revert "dmaengine: qcom_hidma: Check for driver register failure"
    4bc94e60d787 isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info
    6b8872d4972f Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
    85b2c436a143 ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
    b74d4ae8f538 Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
    a34338fcaad6 isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
    d3d74e622e63 Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
    5dc20457707b Revert "ALSA: usx2y: Fix potential NULL pointer dereference"
    ea4c563657d7 Revert "ALSA: gus: add a check of the status of snd_ctl_add"
    70bf2a067915 char: hpet: add checks after calling ioremap
    07d2945a3551 Revert "char: hpet: fix a missing check of ioremap"
    b1da7ad9ad58 net: caif: remove BUG_ON(dev == NULL) in caif_xmit
    e8dee217eca8 Revert "net/smc: fix a NULL pointer dereference"
    22049c3d40f0 net: fujitsu: fix potential null-ptr-deref
    ebb533ce35b5 Revert "net: fujitsu: fix a potential NULL pointer dereference"
    e50a9f2548a5 serial: max310x: unregister uart driver in case of failure and abort
    e5d3e4b6104c Revert "serial: max310x: pass return value of spi_register_driver"
    047aefd62220 Revert "ALSA: sb: fix a missing check of snd_ctl_add"
    bec840232fed Revert "media: usb: gspca: add a missed check for goto_low_power"
    e44a9941937d gpio: cadence: Add missing MODULE_DEVICE_TABLE
    e0c7f6cce1cf platform/x86: hp_accel: Avoid invoking _INI to speed up resume
    bd7a3b3ed9e3 perf jevents: Fix getting maximum number of fds
    77ac90814b4e i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
    04cc05e3716a i2c: i801: Don't generate an interrupt on bus reset
    45488e77e014 i2c: s3c2410: fix possible NULL pointer deref on read message after write
    e00da6510b3b net: dsa: sja1105: error out on unsupported PHY mode
    ce5355f140a7 net: dsa: fix a crash if ->get_sset_count() fails
    4fe4e1f48ba1 net: dsa: mt7530: fix VLAN traffic leaks
    15d1cc4b4b58 spi: spi-fsl-dspi: Fix a resource leak in an error handling path
    64d17ec9f1de tipc: skb_linearize the head skb when reassembling msgs
    d1f76dfadaf8 tipc: wait and exit until all work queues are done
    bdd37028a026 Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
    5e01d87b108c net/mlx4: Fix EEPROM dump support
    4fd3213e5354 net/mlx5e: Fix nullptr in add_vlan_push_action()
    df61870c4b1d net/mlx5e: Fix multipath lag activation
    4ce2bf20b4a6 drm/meson: fix shutdown crash when component not probed
    0787efc1a359 NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
    785917316b25 NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
    1fc5f4eb9d31 NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
    e411df81cd86 NFS: fix an incorrect limit in filelayout_decode_layout()
    f76e76555682 fs/nfs: Use fatal_signal_pending instead of signal_pending
    fe201316ac36 Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
    977c34b50e6b spi: spi-geni-qcom: Fix use-after-free on unbind
    b95fb96e6339 net: usb: fix memory leak in smsc75xx_bind
    b94afae0fa7a usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
    6b5bfb8ce56d usb: dwc3: gadget: Properly track pending and queued SG
    2cd572cc45b5 thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
    78e80f9c4e96 USB: serial: pl2303: add device id for ADLINK ND-6530 GC
    f485e4dcbe44 USB: serial: ftdi_sio: add IDs for IDS GmbH Products
    8217f3c7f6cc USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
    eddf691bab0f USB: serial: ti_usb_3410_5052: add startech.com device id
    915452f40e2f serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
    1d8071879a2b serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
    3986ba109dad serial: tegra: Fix a mask operation that is always true
    2c835fede13e USB: usbfs: Don't WARN about excessively large memory allocations
    84af0c28ed1b USB: trancevibrator: fix control-request direction
    bc8b9d8c0465 serial: 8250_pci: handle FL_NOIRQ board flag
    f75a5b9907e8 serial: 8250_pci: Add support for new HPE serial device
    72fa5c26936a iio: adc: ad7793: Add missing error code in ad7793_setup()
    f49149964d24 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
    7e5cac90430c iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
    2c9085b0fa04 iio: adc: ad7768-1: Fix too small buffer passed to iio_push_to_buffers_with_timestamp()
    bd877887e479 iio: gyro: fxas21002c: balance runtime power in error path
    657f6a33f871 staging: iio: cdc: ad7746: avoid overwrite of num_channels
    12fb557863f8 mei: request autosuspend after sending rx flow control
    eb78fa5a3815 thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
    36b5ff1db1a4 misc/uss720: fix memory leak in uss720_probe
    66a2a494ac48 serial: core: fix suspicious security_locked_down() call
    48a9b7957bb2 Documentation: seccomp: Fix user notification documentation
    c7c6a316a887 kgdb: fix gcc-11 warnings harder
    01c57232a1cb selftests/gpio: Fix build when source tree is read only
    d93532a4873d selftests/gpio: Move include of lib.mk up
    1e20cdb93889 selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
    03aeefb46f07 drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
    f0780e96a6e2 drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
    9351c5192b88 drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
    d65ec240b3e4 dm snapshot: properly fix a crash when an origin has no snapshots
    b06fe1124369 ath10k: Validate first subframe of A-MSDU before processing the list
    aee0121afee5 ath10k: Fix TKIP Michael MIC verification for PCIe
    124ce717f6b2 ath10k: drop MPDU which has discard flag set by firmware for SDIO
    405d08dda2f9 ath10k: drop fragments with multicast DA for SDIO
    96d4d82652fa ath10k: drop fragments with multicast DA for PCIe
    6bf449a34c0d ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    cbc470aa3f93 mac80211: extend protection against mixed key and fragment cache attacks
    88664d5e5dc9 mac80211: do not accept/forward invalid EAPOL frames
    bbc06191e36e mac80211: prevent attacks on TKIP/WEP as well
    c8b3a6150dc8 mac80211: check defrag PN against current frame
    1b3774e58e47 mac80211: add fragment cache to sta_info
    fb1b24f94d1c mac80211: drop A-MSDUs on old ciphers
    fa00d4928eaf cfg80211: mitigate A-MSDU aggregation attacks
    5fe9fae1220e mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    14f29a67f404 mac80211: prevent mixed key and fragment cache attacks
    b90cf214e2bb mac80211: assure all fragments are encrypted
    4302a6fdec60 net: hso: fix control-request directions
    60d171c477e9 proc: Check /proc/$pid/attr/ writes against file opener
    7f4d9d2f0be7 perf scripts python: exported-sql-viewer.py: Fix warning display
    cb08c8d591cb perf scripts python: exported-sql-viewer.py: Fix Array TypeError
    9044d06150d0 perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top Calls by elapsed Time report
    21e2eb6a950c perf intel-pt: Fix transaction abort handling
    854216d7ec10 perf intel-pt: Fix sample instruction bytes
    044bbe8b92ab iommu/vt-d: Fix sysfs leak in alloc_iommu()
    aba3c7795f51 NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
    f2a35ade2274 cifs: set server->cipher_type to AES-128-CCM for SMB3.0
    5c81a4e24cf1 ALSA: usb-audio: scarlett2: Improve driver startup messages
    26314d278423 ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
    6fc2850259e6 ALSA: hda/realtek: Headphone volume is controlled by Front mixer

(From OE-Core rev: 6edeff686b4cd644f27b370b36273dec79365af0)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d91ec7d1b47d026149c488cfe1fd0af831b8fad6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Minjae Kim
44f67a8156 gstreamer-plugins-base: fix CVE-2021-3522
Out-of-bounds read in ID3v2 tag parsing

reference:
https://gstreamer.freedesktop.org/security/sa-2021-0001.html
(From OE-Core rev: 8cab9d3dd226e854d40e12df497456adc3d3f81d)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Minjae Kim
25c4eaaa41 rpm: fix CVE-2021-3421
unsigned signature header leads to string injection into an rpm database

reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-3421
d6a86b5e69
(From OE-Core rev: eb1183cac91a9948ac47acc56454b8841764ba72)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Alexander Kanavin
f79cc25500 python3: apply test skipping patch unconditionally
Testing IMAGE_FEATURES from component recipes cannot possibly work;
adjusting the test to soft-fail if needed items are not available
is not trivial, so let's just skip unconditionally for now.

(From OE-Core rev: 68b816cb90badddd0aafa2a5c6633e000cb21a21)

(From OE-Core rev: 0bb221206c55564fd5cfe1d2452a6abe5e86d2c3)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 01b41f7deed48b33b35c84e32ef55de3e63b9bc1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Tim Orling
857a540838 python3: skip tests requiring tools-sdk
Conditionally skip test_ctypes.test_find unless
IMAGE_FEATURES contains 'tools-sdk' as these test
cases require full packagegroup-core-buildessential

Fixes:
AssertionError: Failed ptests:
{'python3': ['test_find_library_with_gcc', 'test_find_library_with_ld']}

(From OE-Core rev: 63bc36dbd93c46be8adf7db00e3fc22897eb1846)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-10 22:46:19 +01:00
Tim Orling
dc29017614 python3-ptest: add newly discovered missing rdeps
Making ptest images based on core-image-minimal uncovered quite a
few missing depenendcies from various recipes, here they are.

(From OE-Core rev: 2cda6242f2f0f6f9c6bdef72bbb271eab7e5e1f5)

(From OE-Core rev: 9423ad8f0f42d249c2fcb1b86ec9abb75854f011)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Backport to Python 3.8.10 (only python3 portion of patch)
Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
64f6b5193a python3: upgrade 3.8.9 -> 3.8.10
Release Date: May 3, 2021

This is the tenth and final regular maintenance release of Python 3.8

Note: The release you're looking at is Python 3.8.10, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

FIXME:
AssertionError: Failed ptests:
{'python3': ['test_record_extensions', 'test_build_ext']}

References:
https://www.python.org/downloads/release/python-3810/
https://docs.python.org/release/3.8.10/whatsnew/changelog.html

(From OE-Core rev: 471d19fa70c4c2b43a039909c9538e2223996335)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
d33bc7136d python3: upgrade 3.8.8 -> 3.8.9
Release Date: April 2, 2021

Note: The release you're looking at is Python 3.8.9, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

* Refresh test_local.py patch for upstream changes
* Add DEPENDS on autoconf-archive:
  - bpo-43617: Improve configure.ac: Check for presence of autoconf-archive
    package and remove our copies of M4 macros.

References:
https://www.python.org/downloads/release/python-389/
https://docs.python.org/release/3.8.9/whatsnew/changelog.html#python-3-8-9
https://bugs.python.org/issue43617

(From OE-Core rev: fe037d895e045c5de7ea834c38d09a1c08d8b8a2)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
d4b4bf172f powertop: fix aclocal error too many loops
Backport configure.ac patches to fix
aclocal: error: too many loops

Adds build dependency on autoconf-archive

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1826935

(From OE-Core rev: 5a7e1e531d70eb41638c247b70791f2f3aea8793)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
2c53b198ed python3: upgrade 3.8.7 -> 3.8.8
Release Date: Feb. 19, 2021

Note: The release you're looking at is Python 3.8.8, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

Notable changes in Python 3.8.8

Earlier Python versions allowed using both ; and & as query parameter
separators in urllib.parse.parse_qs() and urllib.parse.parse_qsl(). Due to
security concerns, and to conform with newer W3C recommendations, this has been
changed to allow only a single separator key, with & as the default. This
change also affects cgi.parse() and cgi.parse_multipart() as they use the
affected functions internally. For more details, please see their respective
documentation. (Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin
in bpo-42967.)

License-Update: update copyright years

Drop patches fixed in 3.8.8:
- CVE-2021-3177

Fixes:
CVE: CVE-2021-3426
CVE: CVE-2021-23336

References:
https://www.python.org/downloads/release/python-388/
https://docs.python.org/release/3.8.8/whatsnew/changelog.html#changelog
https://docs.python.org/3/whatsnew/3.8.html#notable-changes-in-python-3-8-8
https://nvd.nist.gov/vuln/detail/CVE-2021-3177
https://nvd.nist.gov/vuln/detail/CVE-2021-3426

(From OE-Core rev: fdfc3340b58e1af0c231eedaa07358f7d9c6483e)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
9d8c7d39f3 python3: upgrade 3.8.6 -> 3.8.7
Release Date: Dec. 21, 2020

Note: The release you're looking at is Python 3.8.7, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

* Drop patch for CVE-2020-27619 fixed in 3.8.7

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-27619
https://www.python.org/downloads/release/python-387/
https://docs.python.org/release/3.8.7/whatsnew/changelog.html

(From OE-Core rev: a90dde9b1800acf364fa272177945e0a4cbf6560)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
21c37d2441 python3: upgrade 3.8.5 -> 3.8.6
Release Date: Sept. 24, 2020

Note: The release you're looking at is Python 3.8.6, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

References:
https://www.python.org/downloads/release/python-386/
https://docs.python.org/release/3.8.6/whatsnew/changelog.html#changelog

License-Update: PSFv2 -> PSF-2.0 and BSD-0-Clause

Starting with Python 3.8.6, examples, recipes, and other code in
the documentation are dual licensed under the PSF License Version 2
and the Zero-Clause BSD license.

(From OE-Core rev: 2fd24949d3eda9e89239f63d1c5034b96eb2756f)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
8a0459c8bd python3: upgrade 3.8.4 -> 3.8.5
Release Date: July 20, 2020

Note: The release you're looking at is Python 3.8.5, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

Drop patches fixed in 3.8.5:
- CVE-2019-20907
- CVE-2019-26116

References:
https://nvd.nist.gov/vuln/detail/CVE-2019-20907
https://nvd.nist.gov/vuln/detail/CVE-2020-26116
https://www.python.org/downloads/release/python-385/
https://docs.python.org/release/3.8.5/whatsnew/changelog.html#changelog

(From OE-Core rev: c68cc11071cfa49d9d986bf7a9e6e1dfff514a39)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
2b16173faf python3: upgrade 3.8.3 -> 3.8.4
Release Date: July 13, 2020

Note: The release you're looking at is Python 3.8.4, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

* Drop patch for CVE-2020-14422 fixed in 3.8.4
* Refresh CVE-2021-23336 patch

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-14422
https://www.python.org/downloads/release/python-384/
https://docs.python.org/release/3.8.4/whatsnew/changelog.html#changelog

(From OE-Core rev: c2c6df391a2634e83930219d1b574dbf64066d8a)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Tim Orling
fccee0d4a5 python3: upgrade 3.8.2 -> 3.8.3
Release Date: May 13, 2020

Note: The release you're looking at is Python 3.8.3, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.

Notable changes in Python 3.8.3:

The constant values of future flags in the __future__ module are updated in
order to prevent collision with compiler flags. Previously
PyCF_ALLOW_TOP_LEVEL_AWAIT was clashing with CO_FUTURE_DIVISION.
(Contributed by Batuhan Taskaya in bpo-39562)

* Drop patch for CVE-2020-3492 fixed since 3.8.1

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-8492
https://www.python.org/downloads/release/python-383/
https://docs.python.org/release/3.8.3/whatsnew/changelog.html#changelog

(From OE-Core rev: 2aec1b2b679d607f3b7760b87403aa39465cc1b7)

Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Jasper Orschulko
0d546f90e5 libx11: Fix CVE-2021-31535
https://lists.x.org/archives/xorg-announce/2021-May/003088.html

XLookupColor() and other X libraries function lack proper validation
of the length of their string parameters. If those parameters can be
controlled by an external application (for instance a color name that
can be emitted via a terminal control sequence) it can lead to the
emission of extra X protocol requests to the X server.

(From OE-Core rev: 81d338c6079729b35f55f8889526f0c9a62802fe)

Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Jasper Orschulko
fbb58d5344 libxml2: Fix CVE-2021-3518
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Upstream-Status: Backport [from fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1954243]

(From OE-Core rev: ef2a81a473e7c36a36facb209ca907a7439d36f2)

Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Jasper Orschulko
8a496e9eb9 expat: fix CVE-2013-0340
expat < 4.0 is vulnerable to billion laughs attacks (see
[https://github.com/libexpat/libexpat/issues/34]). This patch backports
the commits b1d039607d3d8a042bf0466bfcc1c0f104e353c8
and 60959f2b491876199879d97c8ed956eabb0c2e73 from upstream.

Additionally, the SRC_URI had to be adjusted due to renaming of the
source archive

(From OE-Core rev: b0b843797321360693172c57f2400b9c56ca51cf)

Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Michael Halstead
11a44f8bba uninative: Upgrade to 3.2 (gcc11 support)
This upgrade builds unnative with gcc11 allowing it to work with newer distros
using gcc 11.

(From OE-Core rev: 6af101983c5e7e9d0d000f9fe64b9bd40792bbc9)

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a1c7b71c109ca68931d098f4149ab8284d56108e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-02 07:44:59 +01:00
Steve Sakoman
43060f59ba Revert "python3: fix CVE-2021-23336"
Causes build failures on autobuilder

This reverts commit 8a59c47ce4c101b2470a06ecf101ca5ab7d1f82e.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-20 09:44:11 +01:00
Richard Purdie
f46f6af1f2 bitbake: cooker: Avoid parser deadlocks
If you make parsing fail (e.g. add something like:

X := "${@d.getVar('MCMACHINES').split()[1]}"

to meson.bbclass, then run "while true; do bitbake -g bash; done"
it will eventually hang. It appears the cancel_join_thread() call the
parsing failure triggers, breaks the results_queue badly enough that it
sits in read() indefintely (called from self.result_queue.get(timeout=0.25)).
The timeout only applies to lock aquisition, not the read call.

I've tried various other approaches such as using cancel_join_thread()
in other places but the only way things don't lock up is to avoid
cancel_join_thread() entirely for results_queue.

I do have a concern that this may adversely affect Ctrl+C handling
but equally, its broken now already and this appears to improve
things.

[YOCTO #14034]

(Bitbake rev: 0e0af15b84e07e6763300dcd092b980086b9b9c4)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 17:06:18 +01:00
Richard Purdie
aa2c6a789a bitbake: cooker: Ensure parser is cleaned up
During cooker shutdown, its possible the parser isn't cleaned up. Fix
this (which may partially explain why threads were left hanging around
at exit).

(Bitbake rev: fe1b57f4d39c287526353387e164c863eb9df421)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 17:06:18 +01:00
Richard Purdie
2dd1b9b305 bitbake: cooker: Explictly shut down the sync thread
Hongxu Jia reported a problem where the bb_cache files were not always being
written out correctly. This was due to the sync thread being terminated
prematurely.

Whilst the preceeding changes mean the exit handler for this thread is now
correctly called since we switch to using sys.exit() instead of os._exit(),
this write can happen after we drop the bitbake lock, leading to potential
races. Avoid that headache by adding in explicit thread join() calls before
we drop the lock (which atexit or Finalize can't do).

(Bitbake rev: 6d2dd16b87ce62086f956912e9a7335b2adfcc94)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 17:06:18 +01:00
Richard Purdie
b31affa946 bitbake: cooker: Ensure parse_quit thread is closed down
Each run through the parser would leak a thread from the queue created to
shut the parser down. Close this down correctly and clean up the code flow
slightly whilst in the area, making sure this thread does shut down correctly
(we don't care if it loses data).

(Bitbake rev: 1dcc4e29dee3fd0dd4d6dc2fc9ccdc5888fcfcf3)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 17:06:18 +01:00
Andrea Adami
f8c304e07a kernel.bbclass: fix do_sizecheck() comparison
The routine do_sizecheck() was historically needed by legacy
devices with limited flash memory.
The lowest extreme is probably with Zaurus collie having exactly
1024*1024 = 1048576 bytes for the kernel partition.

In the years the KERNEL_IMAGE_MAXSIZE has been converted to kilobytes
thus rounded so we have now KERNEL_IMAGE_MAXSIZE_collie = "1024".

The effect is that now the check fails because we hit curiously this
 | WARNING: This kernel zImage (size=1024(K) > 1024(K)) is too big for...
even though zImage is 1047288 bytes (kernel + kexecboot-klibc-initramfs).

Fix this case using test -gt (greater) instead of -ge (greater or equal).

(From OE-Core rev: f5fc716d744745d5c2ea83f0b1d63907cfe04c06)

Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 254ca956d63b4ce6aa294213b60bb943f9f3a9e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 16:59:29 +01:00
Kai Kang
643cb4f639 valgrind: fix a typo
(From OE-Core rev: 061cf0ccd5eb47c080eb833ba1dd25242c55945a)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0478d9b04d6a6d10e439116b23b641a1e2553e26)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 16:59:29 +01:00
Lee Chee Yang
9686281c0b python3: fix CVE-2021-23336
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before
3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable
to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by
using a vector called parameter cloaking. When the attacker can separate query
parameters using a semicolon (;), they can cause a difference in the
interpretation of the request between the proxy (running with default
configuration) and the server. This can result in malicious requests being
cached as completely safe ones, as the proxy would usually not see the
semicolon as a separator, and therefore would not include it in a cache key of
an unkeyed parameter.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-23336
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336

(From OE-Core rev: 8a59c47ce4c101b2470a06ecf101ca5ab7d1f82e)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 16:59:29 +01:00
Lee Chee Yang
7860e4b563 ruby: 2.7.1 -> 2.7.3
This release includes security fixes.

CVE-2021-28965: XML round-trip vulnerability in REXML
CVE-2021-28966: Path traversal in Tempfile on Windows

CVE-2020-25613 fixed in 2.7.2, do drop the patch

release notes for 2.7.2 and 2.7.3
https://www.ruby-lang.org/en/news/2020/10/02/ruby-2-7-2-released/
https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/

(From OE-Core rev: 4de0d54827bc4645b69e5a0043b6f285b0193402)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 16:59:29 +01:00
Lee Chee Yang
1ed30171a6 bind: 9.11.22 -> 9.11.32
updates include fixes for
CVE-2021-25214
CVE-2021-25215
CVE-2021-25216

CVE-2020-8625 fixed in 9.11.28, so drop that patch

(From OE-Core rev: d7e56f1910b7963d8b704107903ecf40e9472d3c)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>

tmp

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 16:59:29 +01:00
Lee Chee Yang
8bc7fc1f90 gstreamer-plugins-good: fix CVE-2021-3497 CVE-2021-3498
(From OE-Core rev: 865ef7d3cdc6645720762153d87771c6c4da31cf)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-19 16:59:29 +01:00
Steve Sakoman
e1960e5d28 poky.conf: Bump version for 3.1.9 release
(From meta-yocto rev: d32ef9380495af0fcdef0b5db6016b2063a46c6e)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-16 10:57:01 +01:00
Steve Sakoman
d4105aa162 poky.conf: Add openSUSE Leap 15.2 as a supported distro
(From meta-yocto rev: a1fdc79a63961ae93b3b068a4d69660fefde4214)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-16 10:57:01 +01:00
Steve Sakoman
c244bea7b8 documentation: prepare for 3.1.9 release
(From yocto-docs rev: 0fadb292429b4147408798ed4c806ba6d9dd81b8)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-16 10:57:01 +01:00
Steve Sakoman
e449a96975 ref-system-requirements.rst: Add openSUSE Leap 15.2 to list of supported distros
(From yocto-docs rev: 6bd018d747eb147e52bb2b8841b65385bc260569)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-16 10:57:01 +01:00
Ovidiu Panait
66b7a5da7e variables: Add documentation for KERNEL_DTC_FLAGS
Add documentation for the newly introduced KERNEL_DTC_FLAGS variable.

(From yocto-docs rev: b7b4718bcff3975aceddb63276abd9a4e00e4039)

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b2d5bf48fe4e76446a38762839865176294a4a3c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-16 10:57:01 +01:00
Ovidiu Panait
26428489f4 kernel-devicetree: Introduce KERNEL_DTC_FLAGS to pass dtc flags
Currently DTC_FLAGS kernel makefile parameter can be specified directly on the
command line by adding it to KERNEL_EXTRA_ARGS. However, this prevents
scripts/Makefile.lib logic from appending flags that silence dtc warnings (all
assignments done from within a makefile, to a variable specified on the command
line, are ignored).

Because of this, the do_compile log is cluttered with dtc warnings that should
only be printed when compiling with W="123":
...
/soc: node has a reg or ranges property, but no unit name
/soc/gpu: missing or empty reg/ranges property
/soc/firmware/gpio: missing or empty reg/ranges property
...

To fix this, introduce the dedicated KERNEL_DTC_FLAGS variable to hold
dtc flags and export DTC_FLAGS in the environment before generating the dtbs
(make allows "+=" operations on variables that come from the environment, so
the warnings are silenced properly).

(From OE-Core rev: 2246b0d7a71c69eb2e89c55991d1387069895466)

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 063b5de86624a42b0aa784db6dddc7552a6dee7f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-11 22:45:27 +01:00
Klaus Heinrich Kiwi
ab6b5e97ce kernel-fitimage: Don't use unit addresses on FIT
Das U-Boot 2021.4-rc1 has the following commit:

    commit 3f04db891a353f4b127ed57279279f851c6b4917
    Author: Simon Glass <sjg@chromium.org>
    Date:   Mon Feb 15 17:08:12 2021 -0700

        image: Check for unit addresses in FITs

        Using unit addresses in a FIT is a security risk. Add a check for
        this and disallow it.

        CVE-2021-27138

Adjust the kernel-fitimage.bbclass accordingly to not use unit
addresses. This changte is required before we can bump U-Boot to 2021.4.

(From OE-Core rev: 14eec2f7c3bbb36de8198989bf772135aa117963)

Signed-off-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Backport for Dunfell]
Signed-off-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-11 22:45:27 +01:00
Bruce Ashfield
ca9cb3f3e6 linux-yocto/5.4: update to v5.4.123
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    103f1dbea1ae Linux 5.4.123
    af2a4426baf7 NFC: nci: fix memory leak in nci_allocate_device
    45aef101ca44 perf unwind: Set userdata for all __report_module() paths
    2960df32bb72 perf unwind: Fix separate debug info files when using elfutils' libdw's unwinder
    f3d9f09b10e3 usb: dwc3: gadget: Enable suspend events
    3173c7c80785 bpf: No need to simulate speculative domain for immediates
    2b3cc41d500a bpf: Fix mask direction swap upon off reg sign change
    2768f9962231 bpf: Wrap aux data inside bpf_sanitize_info container
    67154cff6258 Linux 5.4.122
    f97257cde764 Bluetooth: SMP: Fail if remote and local public keys are identical
    46b4a9c68572 video: hgafb: correctly handle card detect failure during probe
    3c18dc7de2bc nvmet: use new ana_log_size instead the old one
    a6f5ef8c1717 Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
    d3d648163a03 ext4: fix error handling in ext4_end_enable_verity()
    829203752441 nvme-multipath: fix double initialization of ANA state
    2dea1e9ae5cf tty: vt: always invoke vc->vc_sw->con_resize callback
    cf52b24b172e vt: Fix character height handling with VT_RESIZEX
    971b3fb5b9a6 vgacon: Record video mode changes with VT_RESIZEX
    f0c9d29f232a video: hgafb: fix potential NULL pointer dereference
    44fe392e1adc qlcnic: Add null check after calling netdev_alloc_skb
    4914c67f1a62 leds: lp5523: check return value of lp5xx_read and jump to cleanup code
    171b3c1afaeb ics932s401: fix broken handling of errors when word reading fails
    d14cd329d83b net: rtlwifi: properly check for alloc_workqueue() failure
    533ac32a80c0 scsi: ufs: handle cleanup correctly on devm_reset_control_get error
    9e38cf9c3070 net: stmicro: handle clk_prepare() failure during init
    9d59d4364dfb ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
    8f2efd687d19 Revert "niu: fix missing checks of niu_pci_eeprom_read"
    04a064b36576 Revert "qlcnic: Avoid potential NULL pointer dereference"
    6d53d54ff5be Revert "rtlwifi: fix a potential NULL pointer dereference"
    7fb963895513 Revert "media: rcar_drif: fix a memory disclosure"
    6f2e5eb82557 cdrom: gdrom: initialize global variable at init time
    283cd246bcc1 cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
    7e230e5ed8fd Revert "gdrom: fix a memory leak bug"
    6ef6f8cd1d34 Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
    9c24899f1fae Revert "ecryptfs: replace BUG_ON with error handling code"
    a1f0e2bb4975 Revert "video: imsttfb: fix potential NULL pointer dereferences"
    bd2a12549fc2 Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
    5c463887edb3 Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
    1cb9f88cde8c Revert "net: stmicro: fix a missing check of clk_prepare"
    6f2a72774f38 Revert "video: hgafb: fix potential NULL pointer dereference"
    3471a221f308 dm snapshot: fix crash with transient storage and zero chunk size
    198ee66478b3 xen-pciback: reconfigure also from backend watch handler
    f1d3c63c3f12 mmc: sdhci-pci-gli: increase 1.8V regulator wait
    d9e9ec363560 drm/amdgpu: update sdma golden setting for Navi12
    e3be683d5e4e drm/amdgpu: update gc golden setting for Navi12
    1f0495355b60 drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
    c11d59e5edba Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference"
    d55df42ef369 rapidio: handle create_workqueue() failure
    9f2a613e4b0b Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"
    cdd91637d4ef uio_hv_generic: Fix a memory leak in error handling paths
    b0fc59e62bf9 ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
    c4e7ed4fa1b1 ALSA: hda/realtek: Add fixup for HP OMEN laptop
    2331f2592879 ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
    1c783bfa7f8d ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
    be1f7f30b66b ALSA: hda/realtek: reset eapd coeff to default value for alc287
    b2297d1b9511 ALSA: firewire-lib: fix check for the size of isochronous packet payload
    f95aabb6aed4 Revert "ALSA: sb8: add a check for request_region"
    2ed8227ebd84 ALSA: hda: fixup headset for ASUS GU502 laptop
    7ef36d303592 ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
    844faf4a9675 ALSA: usb-audio: Validate MS endpoint descriptors
    c7456fc35dc8 ALSA: firewire-lib: fix calculation for size of IR context payload
    7981c124e34d ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
    f72b96ff7935 ALSA: line6: Fix racy initialization of LINE6 MIDI
    048840df6de8 ALSA: intel8x0: Don't update period unless prepared
    a67a88f9e667 ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency
    34413f21acea cifs: fix memory leak in smb2_copychunk_range
    20197d327560 btrfs: avoid RCU stalls while running delayed iputs
    845c2b9d99b6 locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
    439ce949ee90 nvmet: seset ns->file when open fails
    670d34d54320 ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
    88128a5054f1 RDMA/uverbs: Fix a NULL vs IS_ERR() bug
    6fa78a6b9a3b platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
    6e90ff540a7b platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
    66abc4ef6a8b RDMA/core: Don't access cm_id after its destruction
    73e25a2d51bb RDMA/mlx5: Recover from fatal event in dual port mode
    8d8b8016e0af scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
    07865459eb62 scsi: ufs: core: Increase the usable queue depth
    a62225d951d7 RDMA/rxe: Clear all QP fields if creation failed
    257f132342ea RDMA/siw: Release xarray entry
    a19bb4c0566c RDMA/siw: Properly check send and receive CQ pointers
    a03676848886 openrisc: Fix a memory leak
    50fd584fbbb3 firmware: arm_scpi: Prevent the ternary sign expansion bug
    b239a0365b93 Linux 5.4.121
    b63a8e5b4a25 scripts: switch explicitly to Python 3
    2cbb484788fe tweewide: Fix most Shebang lines
    252495806968 KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    50e5c93ca647 ipv6: remove extra dev_hold() for fallback tunnels
    b811a8a72366 ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    f5ddecb6a195 sit: proper dev_{hold|put} in ndo_[un]init methods
    cca2a2b340a9 ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    084a1858e256 net: stmmac: Do not enable RX FIFO overflow interrupts
    94600a8300c7 lib: stackdepot: turn depot_lock spinlock to raw_spinlock
    5233f4465e22 block: reexpand iov_iter after read/write
    48744773d63e ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
    0ce1a72ac9b0 gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
    b3252a87a811 drm/amd/display: Fix two cursor duplication when using overlay
    6cc777c6acbb bridge: Fix possible races between assigning rx_handler_data and setting IFF_BRIDGE_PORT bit
    c5946eb52b73 scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found
    e39a105abbe5 ceph: fix fscache invalidation
    13bc6bda6a1e scsi: lpfc: Fix illegal memory access on Abort IOCBs
    e69c7c149199 riscv: Workaround mcount name prior to clang-13
    cd3ab0ac0a54 scripts/recordmcount.pl: Fix RISC-V regex for clang
    cfa65174402f ARM: 9075/1: kernel: Fix interrupted SMC calls
    a5923afb6149 um: Disable CONFIG_GCOV with MODULES
    2fe3fbcc53b8 um: Mark all kernel symbols as local
    cec4c3810ba3 Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state
    29da2bab24e9 Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices
    bbd7ba95bb06 ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
    64f8e9526e31 ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
    41dd2ede9536 dmaengine: dw-edma: Fix crash on loading/unloading driver
    b003a4923628 PCI: thunder: Fix compile testing
    a05fb4ac72fb virtio_net: Do not pull payload in skb->head
    0d08bbce231b xsk: Simplify detection of empty and full rings
    323deebaa2d0 pinctrl: ingenic: Improve unreachable code generation
    e57e2dd9bbdd isdn: capi: fix mismatched prototypes
    7958cdd64cdf cxgb4: Fix the -Wmisleading-indentation warning
    acb4faa5f577 usb: sl811-hcd: improve misleading indentation
    eabb93e34425 kgdb: fix gcc-11 warning on indentation
    b806b41bf55d x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes

(From OE-Core rev: 48ac436adb0b186806b2a2d43945d587c50355f0)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 881ed7938f84ba89b9bb20ce8e45ef9d85e80cb8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-11 22:45:27 +01:00
Bruce Ashfield
a4347c1c72 linux-yocto/5.4: update to v5.4.120
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    e05d387ba736 Linux 5.4.120
    7f4ac21468b0 ASoC: rsnd: check all BUSIF status when error
    7f6a9044ff24 nvme: do not try to reconfigure APST when the controller is not live
    aa9d659856b1 clk: exynos7: Mark aclk_fsys1_200 as critical
    baea536cf51f netfilter: conntrack: Make global sysctls readonly in non-init netns
    fb80624f39d3 kobject_uevent: remove warning in init_uevent_argv()
    658e8982f0eb usb: typec: tcpm: Fix error while calculating PPS out values
    718f1c1fdf78 ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
    3c63b72ffba0 ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual address
    b05a28f47582 ARM: 9012/1: move device tree mapping out of linear region
    69e44f71319b ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
    bb4f8ead473a f2fs: fix error handling in f2fs_end_enable_verity()
    7a474350d8de thermal/core/fair share: Lock the thermal zone while looping over instances
    2c44110300b8 MIPS: Avoid handcoded DIVU in `__div64_32' altogether
    2759b770b53e MIPS: Avoid DIVU in `__div64_32' is result would be zero
    02b120493a9c MIPS: Reinstate platform `__div64_32' handler
    64508ebf9391 FDDI: defxx: Make MMIO the configuration default except for EISA
    ecdf893c5aef mm: fix struct page layout on 32-bit systems
    187598fd82cb KVM: x86: Cancel pvclock_gtod_work on module removal
    cdaae487e85b cdc-wdm: untangle a circular dependency between callback and softint
    b1de23dbeca7 iio: tsl2583: Fix division by a zero lux_val
    8229f1d40501 iio: gyro: mpu3050: Fix reported temperature value
    2496ead8b1b1 xhci: Add reset resume quirk for AMD xhci controller.
    de72d8769bcf xhci: Do not use GFP_KERNEL in (potentially) atomic context
    941328f7bda6 usb: dwc3: gadget: Return success always for kick transfer in ep queue
    7f15d999dd61 usb: core: hub: fix race condition about TRSMRCY of resume
    8f536512db87 usb: dwc2: Fix gadget DMA unmap direction
    36399169e6a0 usb: xhci: Increase timeout for HC halt
    68b5f65eaa6a usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
    04904d90a71a usb: dwc3: omap: improve extcon initialization
    f78e2c36609b iomap: fix sub-page uptodate handling
    3c1db90ae0d0 blk-mq: Swap two calls in blk_mq_exit_queue()
    1c4962df9388 nbd: Fix NULL pointer in flush_workqueue
    0b6b4b90b74c kyber: fix out of bounds access when preempted
    dafd4c0b5e83 ACPI: scan: Fix a memory leak in an error handling path
    1648505d1353 hwmon: (occ) Fix poll rate limiting
    fa1547f6e4fb usb: fotg210-hcd: Fix an error message
    57f99e92e2f7 iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
    2b94c23eaf5e drm/i915: Avoid div-by-zero on gen2
    a9b2ac3f6ad1 drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
    f77aa56ad989 mm/hugetlb: fix F_SEAL_FUTURE_WRITE
    b3f1731c6d7f userfaultfd: release page in error path to avoid BUG_ON
    1b8d4206a48c squashfs: fix divide error in calculate_skip()
    c451a6bafb5f hfsplus: prevent corruption in shrinking truncate
    0b4eb172cc12 powerpc/64s: Fix crashes when toggling entry flush barrier
    379ea3a4e34b powerpc/64s: Fix crashes when toggling stf barrier
    9cca6cc73bb9 ARC: mm: PAE: use 40-bit physical page mask
    e242c138ae01 ARC: entry: fix off-by-one error in syscall number validation
    9c1d454726fc i40e: Fix PHY type identifiers for 2.5G and 5G adapters
    7e7b538a9af5 i40e: fix the restart auto-negotiation after FEC modified
    d718c15a2bf9 i40e: Fix use-after-free in i40e_client_subtask()
    c77e2ef18167 netfilter: nftables: avoid overflows in nft_hash_buckets()
    a8cfa7aff11d kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
    043ebbccdde6 sched/fair: Fix unfairness caused by missing load decay
    687f523c134b sched: Fix out-of-bound access in uclamp
    51d3e462ea91 can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
    c8e3c76cc8c5 netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
    ca74d0dbaffa smc: disallow TCP_ULP in smc_setsockopt()
    2f9f92e2ecec net: fix nla_strcmp to handle more then one trailing null character
    6aeba28d1213 ksm: fix potential missing rmap_item for stable_node
    dde73137ce9c mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page()
    262943265d97 mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
    3ddbd4beadfa khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
    1816d1b3272a drm/radeon: Avoid power table parsing memory leaks
    8e0b76725c38 drm/radeon: Fix off-by-one power_state index heap overwrite
    9e3cbdc52318 netfilter: xt_SECMARK: add new revision to fix structure layout
    7a0a9f5cf8b5 sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
    f7f6f0777409 ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
    a04c2a398dc9 sunrpc: Fix misplaced barrier in call_decode
    b8168792c3fb RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
    b1b31948c0af sctp: do asoc update earlier in sctp_sf_do_dupcook_a
    2e99f6871493 net: hns3: disable phy loopback setting in hclge_mac_start_phy
    954ea8a0cfe1 net: hns3: use netif_tx_disable to stop the transmit queue
    c073c2b27285 net: hns3: fix for vxlan gpe tx checksum bug
    56e680c09002 net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet()
    282d8a6a5546 net: hns3: initialize the message content in hclge_get_link_mode()
    ccffcc9f3574 net: hns3: fix incorrect configuration for igu_egu_hw_err
    3dd2cd64466e rtc: ds1307: Fix wday settings for rx8130
    2ad8af2b70e9 ceph: fix inode leak on getattr error in __fh_to_dentry
    b37609ad2277 rtc: fsl-ftm-alarm: add MODULE_TABLE()
    7d1ada9e1096 NFSv4.2 fix handling of sr_eof in SEEK's reply
    89862bd77e9c pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
    ff4d21fb2261 PCI: endpoint: Fix missing destroy_workqueue()
    bdbee0d84520 NFS: Deal correctly with attribute generation counter overflow
    7e16709fc540 NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
    20f9516b8372 rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
    3ed8832aeaa9 ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
    0454a3dc8747 PCI: Release OF node in pci_scan_device()'s error path
    364e8bb8b425 PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
    e150f825ca29 f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
    f49f00dbe3d0 thermal: thermal_of: Fix error return code of thermal_of_populate_bind_params()
    f599960166a0 ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
    44d96d2dc054 ia64: module: fix symbolizer crash on fdescr
    8b88f16d9d30 bnxt_en: Add PCI IDs for Hyper-V VF devices.
    98e1d0fe20ed net: ethernet: mtk_eth_soc: fix RX VLAN offload
    5da6affd9c7e iavf: remove duplicate free resources calls
    40d1cb16a578 powerpc/iommu: Annotate nested lock for lockdep
    d26436a3b913 qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
    9184f2608e89 wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
    78a004cdfd2d wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
    cd06b0786056 drm/amd/display: fixed divide by zero kernel crash during dsc enablement
    eed7287db3a9 powerpc/pseries: Stop calling printk in rtas_stop_self()
    63a42044b9a1 samples/bpf: Fix broken tracex1 due to kprobe argument change
    9f6e107aab14 net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
    3aa4e4d7ccf4 ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
    061868e90062 ASoC: rt286: Generalize support for ALC3263 codec
    56a6218e97db powerpc/smp: Set numa node before updating mask
    dfa2a8d2d8a7 flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
    5f24807c3cba sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
    9fc2c9579415 ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
    f59db26081c0 kconfig: nconf: stop endless search loops
    c262de1777e4 selftests: Set CC to clang in lib.mk if LLVM is set
    2b9ad1fd9dd2 drm/amd/display: Force vsync flip when reconfiguring MPCC
    10ed519fa825 iommu/amd: Remove performance counter pre-initialization test
    82f6753ac96b Revert "iommu/amd: Fix performance counter initialization"
    ae33b2f845fd ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
    d61f2d938135 cuse: prevent clone
    7dac356a65db mt76: mt76x0: disable GTK offloading
    48be573a04f1 pinctrl: samsung: use 'int' for register masks in Exynos
    f88e0fbeff0f mac80211: clear the beacon's CRC after channel switch
    fadf3660a24f i2c: Add I2C_AQ_NO_REP_START adapter quirk
    7ffafbf2537d ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
    98ebeb87b2cf ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
    fae341909d6c Bluetooth: check for zapped sk before connecting
    29e498ff183a net: bridge: when suppression is enabled exclude RARP packets
    a3893726745f Bluetooth: initialize skb_queue_head at l2cap_chan_create()
    ca0dec6564e6 Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
    1ac09b2bdc99 ALSA: bebob: enable to deliver MIDI messages for multiple ports
    e2f577188581 ALSA: rme9652: don't disable if not enabled
    a6f2224be419 ALSA: hdspm: don't disable if not enabled
    4ea252600a7d ALSA: hdsp: don't disable if not enabled
    7900cdfbc1dd i2c: bail out early when RDWR parameters are wrong
    3c0432417fa3 ASoC: rsnd: core: Check convert rate in rsnd_hw_params
    e3564792359d net: stmmac: Set FIFO sizes for ipq806x
    ac740f06bf53 ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
    aee46e847d19 tipc: convert dest node's address to network order
    ccef53a27a24 fs: dlm: fix debugfs dump
    6c799f6c7427 PM: runtime: Fix unpaired parent child_count for force_resume
    18cb19eab713 KVM: x86/mmu: Remove the defunct update_pte() paging hook
    e888d623a420 tpm, tpm_tis: Reserve locality in tpm_tis_resume()
    a0fd39a09e31 tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
    0a60d4be38f0 tpm: fix error return code in tpm2_get_cc_attrs_tbl()

(From OE-Core rev: 94187ff0e669df423209dde52b7aab5ca5063cd0)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d5da1fa69df93d85b7eebbe8d60108eed4e4e6a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-11 22:45:27 +01:00
Lee Chee Yang
3cd9587ba6 gnutls: fix CVE-2021-20231 CVE-2021-20232
(From OE-Core rev: 38a0c77bf576caa3ac54934d141e489599d1b906)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-11 22:45:27 +01:00
Lee Chee Yang
4ad8edab0b libxml: fix CVE-2021-3517 CVE-2021-3537
(From OE-Core rev: f177c0ec321f005dd9ce63aec2d700fd53c993ff)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-11 22:45:27 +01:00
Steve Sakoman
0e7201d43a Revert "busybox: make busybox's syslog.cfg depend on VIRTUAL-RUNTIME_base-utils-syslog"
This reverts commit e990a9ec5d6eaf2c328d61c4de73ea6c270cfa15.

Patch not in master, erroneously applied

(From OE-Core rev: 090452c5284181f18c32dc33887f4dda20c48004)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-08 15:41:04 +01:00
Richard Purdie
0abf682029 linux-firmware: upgrade 20210315 -> 20210511
There were additional links and new firmware versions added but these
were not under any additional licenses.

(From OE-Core rev: b48cfe9148e8f9bbc942899455215e8f9c8e2728)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b0562c526817501a494a3674fed006ba40c8f164)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Changqing Li
f26806d5de pkgconfig: update SRC_URI
The git repo for pkg-config was changed, so update the
SRC_URI accordingly with the new link.

(From OE-Core rev: 9f67246e62aa9e8b0c4a790605c5417336fef70c)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9fd1b9b8282d68213b187ab42fae27e6a3c95b2e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Richard Purdie
94ecd96f90 oeqa/runtime/rpm: Drop log message counting test component
This test is flawed since multiple parts of the system can write to the log
and we obtain different numbers of log messages depending on factors we
can't control.

Drop the log testing component of the test.

[YOCTO #12465]

(From OE-Core rev: fb22cf1891fa8d057348c5270715c45ac3ab9e25)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2ad815dbafda0b90f5164f05d22dbbc26cb53f13)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Guillaume Champagne
b9e8b3cc49 image-live.bbclass: order do_bootimg after do_rootfs
do_bootimg expects IMGDEPLOYDIR to exist, since it stores its artifacts
there. Therefore, do_bootimg should run after do_rootfs because
IMGDEPLOYDIR is created before do_rootfs runs since IMGDEPLOYDIR is
contained in do_rootfs' [cleandirs] varflag.

When do_bootimg depends on ${PN}:do_image_${LIVE_ROOTFS_TYPE},
do_bootimg is correctly ordered after do_rootfs because
do_image_${FSTYPE} tasks are added after do_image and do_image itself is
added after do_rootfs.

However, when do_bootimg doesn't depend on
${PN}:do_image_${LIVE_ROOTFS_TYPE}
(introduced by: 96f47c39f1d17f073243913d524bde84add41d8f), do_bootimg
can run before do_rootfs, thus before IMGDEPLOYDIR is created. To
avoid this situation, do_bootimg is now explicitly ordered after
do_rootfs.

(From OE-Core rev: 4bc93b8ddc7bad210a5816eabd2e3e37b4afa6c1)

Signed-off-by: Guillaume Champagne <champagne.guillaume.c@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 73c21db8e54002b300ba4972cb49c0577acc5406)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Ross Burton
2691f9aa0d package_rpm: pass XZ_THREADS to rpm
By default RPM uses the number of cores as the number of threads to use,
which can result in quite antisocial memory usage.

As we control the macros for compression anyway, we can pass XZ_THREADS
to limit the number of threads if needed.

(From OE-Core rev: b1e9fe67a85be516a0b32e0c91448df87a756e02)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b9c983eb22a9b0771a0454216d1d7cbb5f3f8a16)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Changqing Li
893636b299 unfs3: correct configure option
On some new distro like ubuntu21.04, unfs3-native compile failed with
error: undefined reference to `xdr_uint32', since new distro has new
glibc.

>From glibc 2.27 rpc support is dropped, so unfs3 need to link to
libtirpc.

Here is defination of ac_link:
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'

Depended library should be added into LIBS, not LDFLAGS, otherwise,
gcc may not load the lib since it is before conftest.$ac_ext during
configure. Finally, it results in compile failed.

(From OE-Core rev: 09b9027a9da8b5cf34e1f1c016d9d6bbbe904dcf)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 27867862c1fee6c0e649286500fa1ab015d57faf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Ming Liu
cf233ab626 initramfs-framework:rootfs: fix wrong indentions
(From OE-Core rev: 70df5169758c8264b48ee3884b66c41a82b28fe9)

Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd4d76f43c6ead9f32dece1faa9c9c5da895d9cd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Ming Liu
fc8016d3f9 kernel-fitimage.bbclass: fix a wrong conditional check
It should check if "${UBOOT_SIGN_ENABLE}" equals to "1" instead of
checking if "${UBOOT_SIGN_ENABLE}" is not empty since it could be "0".

(From OE-Core rev: 0d35b7d1de517ceb1bddc9ffe848e3d25030747a)

Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 900949af7fe357ee66065ba150b0b1914e8ca581)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Daniel McGregor
6e53131caf lib/oe/gpg_sign.py: Fix gpg verification
A stray space made it into the command for verifying gpg signatures.
This caused verification to fail, at least on my host. Removing the
space makes it work as expected.

(From OE-Core rev: feec7cdda906aed37212dc05ea9ff1ef871c28da)

Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit af1d948822cbe6ac7ede9cb4e881db8dc780e308)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Daniel McGregor
642d5f4f06 sstate: Ignore sstate signing key
What key is used to sign sstate artefacts should not affect the hash of
the object, otherwise everyone would need to use the same signing key.

(From OE-Core rev: 0bfccdee11866d7f4e6c767127379329cd1dea2d)

Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 57cc9429dba4f9bd23127633dbc1f57dc2d5dd16)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Richard Purdie
73da9ecd05 grub: Exclude CVE-2019-14865 from cve-check
The CVE only applies to RHEL.

(From OE-Core rev: a731386873f9c93c211be30ca8a8f42a9d8d6de3)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8cfc3ebe50facb7e34e778f3e264b26cfae20a04)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Richard Purdie
e308933073 glibc: Add 8GB VM usage cap for usermode test suite
We've noticed that:

MACHINE=qemuarm oe-selftest -r glibc.GlibcSelfTest.test_glibc

ends up with one process growing to about the size of system memory
and triggering the OOM killer. This has been taking out other builds
running on the system on the autobuilders and is one cause of our
intermittent failures.

This was tracked down to:

WORKDIR=XXX/tmp/work/armv7vet2hf-neon-poky-linux-gnueabi/glibc-testsuite/2.33-r0
BUILDDIR=$WORKDIR/build-arm-poky-linux-gnueabi QEMU_SYSROOT=$WORKDIR/recipe-sysroot
QEMU_OPTIONS="$WORKDIR/recipe-sysroot-native/usr/bin/qemu-arm -r 3.2.0" \
$WORKDIR/check-test-wrapper user env GCONV_PATH=$BUILDDIR/iconvdata LOCPATH=$BUILDDIR/localedata LC_ALL=C $BUILDDIR/elf/ld-linux-armhf.so.3 \
    --library-path $BUILDDIR:$BUILDDIR/math:$BUILDDIR/elf:$BUILDDIR/dlfcn:$BUILDDIR/nss:$BUILDDIR/nis:$BUILDDIR/rt:$BUILDDIR/resolv:$BUILDDIR/mathvec:$BUILDDIR/support:$BUILDDIR/nptl \
    $BUILDDIR/nptl/tst-pthread-timedlock-lockloop

although other glibc tests appear to use 16GB of memory before failing
anyway. By capping the VM size to 8GB, we see the same number of failures
but no OOM situations. There may be some issue in qemu or the test which
could be improved to avoid this entirely but this provides a necessary
and useful safeguard to other builds and doensn't appear to make the
situation worse.

On a loaded system OOM may not occur as the test timeout may be triggered
first. An experiment with a 5GB limit showed an additional 7 failures.

(From OE-Core rev: 4926a16d4fc075ea486536427e99dd6dcaace583)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58d4f669bd46805669daf87626350fe9359feca5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Tony Tascioglu
39bd9315d2 libxml2: Add bash dependency for ptests.
Before, running ptests on core-image-minimal would result in
an error due to missing /bin/bash:

   [ -d test   ] || ln -s ../libxml2-2.9.10/test   .
   make: /bin/bash: No such file or directory
   make: *** [Makefile:2105: runtests] Error 127

Changing the Makefile to use /bin/sh results in some of the
tests failing, so I have added the missing dependancy on bash.

(From OE-Core rev: bc1d05429da1101d910b4ccf3de5407ddfbedc92)

Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2e81298c446aec8d7fcf61fd5023ac30350f205)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Tony Tascioglu
73a669d0f9 libxml2: Reformat runtest.patch
Reformatted runtest.patch to allow it to be applied using git am.
This makes it easier to apply the series of patches to the original git repo.

There are no changes to the code of the patch other than the reformat.

Previously, the patch claimed to be a backport, but I have not found an
upstream commit so I've changed the Upstream-Status to pending.

(From OE-Core rev: 5f01e69b6e7b7f734882a30146cca89dbdb99705)

Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0361d625e1573e846a2f03ed90a8b897bc405160)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Bruce Ashfield
bc7b4fab48 linux-yocto/5.4: update to v5.4.119
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    b82e5721a173 Linux 5.4.119
    6b183fbf18b9 Revert "fdt: Properly handle "no-map" field in the memory region"
    66b8853dfa3c Revert "of/fdt: Make sure no-map does not remove already reserved regions"
    3fe9ee040fb7 sctp: delay auto_asconf init until binding the first addr
    e1bf000709cc Revert "net/sctp: fix race condition in sctp_destroy_sock"
    32e046965fac smp: Fix smp_call_function_single_async prototype
    9884f745108f net: Only allow init netns to set default tcp cong to a restricted algo
    4a83a9deead9 mm/memory-failure: unnecessary amount of unmapping
    de143fb2feac mm/sparse: add the missing sparse_buffer_fini() in error branch
    ba450bba7115 kfifo: fix ternary sign extension bugs
    24c54e0a9747 net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
    07ef3f7bc5c4 net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
    da5b49598a11 RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res
    30b9e92d0b5e RDMA/siw: Fix a use after free in siw_alloc_mr
    55fcdd1258fa net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
    b1523e4ba293 bnxt_en: Fix RX consumer index logic in the error path.
    d1ad9f2f7e2d selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static
    6f92124d7441 net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
    06e03b867d96 arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E
    978170191d3d ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E
    4bfea784ea35 bnxt_en: fix ternary sign extension bug in bnxt_show_temp()
    10ff6ad91e0d powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
    c6af4c1d196e ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
    bf0be675e646 ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
    87fc6b2914e5 net: phy: intel-xway: enable integrated led functions
    57bed78ce64a net: renesas: ravb: Fix a stuck issue when a lot of frames are received
    27a894a9556f net: davinci_emac: Fix incorrect masking of tx and rx error channel
    8d77c9564309 ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails
    59f965ef61d7 RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
    d7ba506b00ea RDMA/cxgb4: add missing qpid increment
    f7368865da57 gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check
    e97aea9f2503 vsock/vmci: log once the failed queue pair allocation
    469135100325 mwl8k: Fix a double Free in mwl8k_probe_hw
    afb735e764ba i2c: sh7760: fix IRQ error path
    da80b35b6e26 rtlwifi: 8821ae: upgrade PHY and RF parameters
    b1b8d90d4550 powerpc/pseries: extract host bridge from pci_bus prior to bus removal
    bdad13dd15e2 MIPS: pci-legacy: stop using of_pci_range_to_resource
    5950c9d7f987 perf beauty: Fix fsconfig generator
    0ff76bd07bc4 drm/i915/gvt: Fix error code in intel_gvt_init_device()
    ecfbcb858007 ASoC: ak5558: correct reset polarity
    c77bf004717d powerpc/xive: Fix xmon command "dxi"
    65b771660f57 i2c: sh7760: add IRQ check
    cb834ff29bdb i2c: jz4780: add IRQ check
    aa90700f953a i2c: emev2: add IRQ check
    45f02a0f8ded i2c: cadence: add IRQ check
    7e1764312440 i2c: sprd: fix reference leak when pm_runtime_get_sync fails
    5f51ddcbfc78 i2c: omap: fix reference leak when pm_runtime_get_sync fails
    815859cb1d23 i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
    4734c4b1d957 i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
    ed016b77012e RDMA/srpt: Fix error return code in srpt_cm_req_recv()
    e1d10b2cc792 net: thunderx: Fix unintentional sign extension issue
    b0d8fa3adc9d cxgb4: Fix unintentional sign extension issues
    05692b952365 IB/hfi1: Fix error return code in parse_platform_config()
    53656a2a0183 RDMA/qedr: Fix error return code in qedr_iw_connect()
    bf365066fbe0 KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
    af5a87a1d413 mt7601u: fix always true expression
    53ada35f2ecc mac80211: bail out if cipher schemes are invalid
    22cb8496f290 powerpc: iommu: fix build when neither PCI or IBMVIO is set
    5aa028a827fe powerpc/perf: Fix PMU constraint check for EBB events
    73f9dccb29e4 powerpc/64s: Fix pte update for kernel memory on radix
    440fead0fc81 liquidio: Fix unintented sign extension of a left shift of a u16
    92626cf41b0e ASoC: simple-card: fix possible uninitialized single_cpu local variable
    e1b01d914c31 ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
    11fa9b38e030 mips: bmips: fix syscon-reboot nodes
    c8f7e2e04724 net: hns3: Limiting the scope of vector_ring_chain variable
    cab33b3b6da8 nfc: pn533: prevent potential memory corruption
    efb0f45b4535 bug: Remove redundant condition check in report_bug
    7628bc544ba8 ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
    3733a64d5828 powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
    fee81285bd09 inet: use bigger hash table for IP ID generation
    318993949423 powerpc/prom: Mark identical_pvr_fixup as __init
    4543fcd6835b powerpc/fadump: Mark fadump_calculate_reserve_size as __init
    e00c5b9eebf0 net: lapbether: Prevent racing when checking whether the netif is running
    f937a0f6ada1 perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars
    1121f5f3d440 HID: plantronics: Workaround for double volume key presses
    59021008b317 drivers/block/null_blk/main: Fix a double free in null_init.
    279749d0d4ef sched/debug: Fix cgroup_path[] serialization
    c01fc0adba30 x86/events/amd/iommu: Fix sysfs type mismatch
    846357609409 HSI: core: fix resource leaks in hsi_add_client_from_dt()
    ff386ac05098 nvme-pci: don't simple map sgl when sgls are disabled
    7e1ab103f63f mfd: stm32-timers: Avoid clearing auto reload register
    e8fe98f6ec69 scsi: ibmvfc: Fix invalid state machine BUG_ON()
    ce8585f979e4 scsi: sni_53c710: Add IRQ check
    1ff0b82c6674 scsi: sun3x_esp: Add IRQ check
    4b94098f0aa7 scsi: jazz_esp: Add IRQ check
    ae0cadd35daf scsi: hisi_sas: Fix IRQ checks
    6adac4efe77d clk: uniphier: Fix potential infinite loop
    e1a5c8594c0e clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE
    6c9bbf98b1d8 clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
    3d81ce0cfb31 vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
    e6707395c839 media: v4l2-ctrls.c: fix race condition in hdl->requests list
    b22867aa3d32 nvme: retrigger ANA log update if group descriptor isn't found
    999d606a820c nvmet-tcp: fix incorrect locking in state_change sk callback
    ced0760eb45a nvme-tcp: block BH in sk state_change sk callback
    4bbae57c7bde ata: libahci_platform: fix IRQ check
    bafcaa016585 sata_mv: add IRQ checks
    782ec39b37bd pata_ipx4xx_cf: fix IRQ check
    af9c0391353d pata_arasan_cf: fix IRQ check
    c66229b36fd3 x86/kprobes: Fix to check non boostable prefixes correctly
    1cfaa6444a5e drm/amdkfd: fix build error with AMD_IOMMU_V2=m
    bfd83cf79b7f media: m88rs6000t: avoid potential out-of-bounds reads on arrays
    7db94692631e media: platform: sunxi: sun6i-csi: fix error return code of sun6i_video_start_streaming()
    1dc1d30ac101 media: aspeed: fix clock handling logic
    d36f9755d1db media: omap4iss: return error code when omap4iss_get() failed
    75c6252e8630 media: vivid: fix assignment of dev->fbuf_out_flags
    6b121dc6807c soc: aspeed: fix a ternary sign expansion bug
    f276d195ce10 xen-blkback: fix compatibility bug with single page rings
    aafb5e38e695 ttyprintk: Add TTY hangup callback.
    ce7b62d85791 usb: dwc2: Fix hibernation between host and device modes.
    6f7ed537ca2d usb: dwc2: Fix host mode hibernation exit with remote wakeup flow.
    e83dcf255a13 Drivers: hv: vmbus: Increase wait time for VMbus unload
    9b47b3a67552 x86/platform/uv: Fix !KEXEC build failure
    9a9ce397336e platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table
    eec90f4b9575 usbip: vudc: fix missing unlock on error in usbip_sockfd_store()
    d3b6b252bab0 node: fix device cleanups in error handling code
    3f605558a4f7 firmware: qcom-scm: Fix QCOM_SCM configuration
    77a1c15145c8 serial: core: return early on unsupported ioctls
    b6803d57f587 tty: fix return value for unsupported ioctls
    932d67b84b4f tty: actually undefine superseded ASYNC flags
    a6fb73f4e009 USB: cdc-acm: fix TIOCGSERIAL implementation
    8abef571fd92 USB: cdc-acm: fix unprivileged TIOCCSERIAL
    9aa155203427 usb: gadget: r8a66597: Add missing null check on return from platform_get_resource
    4a01ad002d2e spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
    eaf03935b859 cpufreq: armada-37xx: Fix determining base CPU frequency
    d33a00f35531 cpufreq: armada-37xx: Fix driver cleanup when registration failed
    4bffea742b66 clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0
    0289edd869ac clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz
    0c793b76066b cpufreq: armada-37xx: Fix the AVS value for load L1
    b671a3277b7c clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock
    3518c6d0178c cpufreq: armada-37xx: Fix setting TBG parent for load levels
    19d16a689793 crypto: qat - Fix a double free in adf_create_ring
    32f5f51a3703 ACPI: CPPC: Replace cppc_attr with kobj_attribute
    726837481c93 soc: qcom: mdt_loader: Detect truncated read of segments
    08b601cb7aef soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
    001c8e83646a spi: Fix use-after-free with devm_spi_alloc_*
    3b0cd47fe1b7 PM / devfreq: Use more accurate returned new_freq as resume_freq
    51a5e5e93c01 staging: greybus: uart: fix unprivileged TIOCCSERIAL
    c751e448b726 staging: rtl8192u: Fix potential infinite loop
    8148375c865f irqchip/gic-v3: Fix OF_BAD_ADDR error handling
    ef8e7bfea99a mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
    f6a90818a320 m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
    870533403ffa soundwire: stream: fix memory leak in stream config error path
    7cd10f8a5a9d memory: pl353: fix mask of ECC page_size config register
    6b18f6ac820e USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
    93615b25c78f usb: gadget: aspeed: fix dma map failure
    c675ead206b7 crypto: qat - fix error path in adf_isr_resource_alloc()
    f3685a9ef29d phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally
    4dc0332faf80 soundwire: bus: Fix device found flag correctly
    3a76ec28824c bus: qcom: Put child node before return
    5880afefe0cb mtd: require write permissions for locking and badblock ioctls
    ff352d27d4ce fotg210-udc: Complete OUT requests on short packets
    0d19ad0706c2 fotg210-udc: Don't DMA more than the buffer can take
    88f1100e523c fotg210-udc: Mask GRP2 interrupts we don't handle
    f580a8046acf fotg210-udc: Remove a dubious condition leading to fotg210_done
    359d1b0ad239 fotg210-udc: Fix EP0 IN requests bigger than two packets
    9a97aa4bbe0f fotg210-udc: Fix DMA on EP0 for length > max packet size
    05ec8192ee4b crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
    2a41049a0e21 crypto: qat - don't release uninitialized resources
    cfd99d250cde usb: gadget: pch_udc: Check for DMA mapping error
    44452b7bd35d usb: gadget: pch_udc: Check if driver is present before calling ->setup()
    23978eb064dc usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
    369428a646b7 x86/microcode: Check for offline CPUs before requesting new microcode
    6b8ff2a35a74 arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding
    cbf784eff5de spi: stm32: drop devres version of spi_register_master
    15ee35be9286 arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges'
    168877a575a5 mtd: rawnand: qcom: Return actual error code instead of -ENODEV
    73744fcb4eb0 mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
    e5b3e69eb36a mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC
    9e612890bb87 mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe()
    d8897f7b2283 regmap: set debugfs_name to NULL after it is freed
    0d2c86076844 usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
    6e666a05e540 serial: stm32: fix tx_empty condition
    12e423331ec9 serial: stm32: fix incorrect characters on console
    6be27923140a ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
    aacfc3bef07b ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
    d788a900f362 ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
    f9b701bc13da ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family
    6cf80f1fc1a9 ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family
    73bc2732108c ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family
    12d9d517a2fe memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
    52189bf0b2a2 usb: gadget: pch_udc: Revert d3cb25a12138 completely
    db699975f72d ovl: fix missing revert_creds() on error path
    a51050108bed Revert "i3c master: fix missing destroy_workqueue() on error in i3c_master_register"
    7d1bc32d6477 KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
    cc6623055f2d KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit
    358264425747 KVM: s390: split kvm_s390_real_to_abs
    45a3ae26fcd9 s390: fix detection of vector enhancements facility 1 vs. vector packed decimal facility
    9ea2c4fd1a72 KVM: s390: fix guarded storage control register handling
    34a6d1d57c71 KVM: s390: split kvm_s390_logical_to_effective
    027de80194fb ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
    1bfa051571ac ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
    9337f5ba5090 ALSA: hda/realtek: Re-order ALC662 quirk table entries
    5f68b0ec9882 ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
    15b414029478 ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
    99aa203c6eb6 ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
    1f1612fc6bea ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries
    65d5b99c1ea9 ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries
    b161e02481d8 ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries
    bd0e9154100c ALSA: hda/realtek: Re-order ALC269 HP quirk table entries
    e97cf247ba44 ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries
    02968e62200a ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
    6d9e8828fa77 ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
    e584e52783a4 drm/amd/display: Reject non-zero src_y and src_x for video planes
    56f2ea0bc2a1 drm/radeon: fix copy of uninitialized variable back to userspace
    4aea3ddac00a drm/panfrost: Don't try to map pages that are already mapped
    debaae7ac45a drm/panfrost: Clear MMU irqs before handling the fault
    6b5aa0cf321c rtw88: Fix array overrun in rtw_get_tx_power_params()
    e5b02c096145 cfg80211: scan: drop entry from hidden_list on overflow
    16b68fb8df43 ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
    af7ea06b3cae md: Fix missing unused status line of /proc/mdstat
    79c1bfae668d md: md_open returns -EBUSY when entering racing area
    adb9bbf1a284 md: factor out a mddev_find_locked helper from mddev_find
    afa4de092663 md: split mddev_find
    acdf531e77f0 md-cluster: fix use-after-free issue when removing rdev
    a72373588ce3 md/bitmap: wait for external bitmap writes to complete during tear down
    45bc83f71b22 misc: vmw_vmci: explicitly initialize vmci_datagram payload
    0f8f75b92ecc misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
    34f6ba8810c3 misc: lis3lv02d: Fix false-positive WARN on various HP models
    8809d87cb86f iio:accel:adis16201: Fix wrong axis assignment that prevents loading
    7cb1f304237a PCI: Allow VPD access for QLogic ISP2722
    f30ded0ba1b6 FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
    8943172edaf7 MIPS: pci-rt2880: fix slot 0 configuration
    cd2e53ad366f MIPS: pci-mt7620: fix PLL lock check
    4dce2a19e76b ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
    79cc386696fb ASoC: samsung: tm2_wm5110: check of of_parse return value
    2b8b8cc94f4d usb: xhci-mtk: improve bandwidth scheduling with TT
    9f0d3e676a25 usb: xhci-mtk: remove or operator for setting schedule parameters
    230bd196536b usb: typec: tcpm: update power supply once partner accepts
    9d7bb10859b9 usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply
    c87bb48ac5c5 usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
    66ca71d28301 staging: fwserial: fix TIOCSSERIAL permission check
    ebb46274e33f tty: moxa: fix TIOCSSERIAL permission check
    d524fb44c657 staging: fwserial: fix TIOCSSERIAL jiffies conversions
    f80f12ee00b8 USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
    f50cad556c28 staging: greybus: uart: fix TIOCSSERIAL jiffies conversions
    3114fedf4020 USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions
    edce32412096 tty: amiserial: fix TIOCSSERIAL permission check
    e503d7bc7bfe tty: moxa: fix TIOCSSERIAL jiffies conversions
    c30b11c74cbb Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL"
    e32352070bca net/nfc: fix use-after-free llcp_sock_bind/connect
    eeec325c9944 bluetooth: eliminate the potential race condition when removing the HCI controller
    119858caf400 hsr: use netdev_err() instead of WARN_ONCE()
    3a826ffa80d5 Bluetooth: verify AMP hci_chan before amp_destroy

(From OE-Core rev: 78c6b1f6df1d90403ba9a731316ce665b27534fe)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4d00220f08e9ec8e421157187794b5701ffc04eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Bruce Ashfield
8394010e56 linux-yocto/5.4: update to v5.4.118
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    16022114de98 Linux 5.4.118
    a992a283c0b7 dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails
    569bae00ebbe dm integrity: fix missing goto in bitmap_flush_interval error handling
    ff8fd1e3b58a dm space map common: fix division bug in sm_ll_find_free_block()
    6fcaa44105aa dm persistent data: packed struct should have an aligned() attribute too
    c64da3294a7d tracing: Restructure trace_clock_global() to never block
    0834094c9a08 tracing: Map all PIDs to command lines
    8768085ba271 rsi: Use resume_noirq for SDIO
    55aa314a1a6c tty: fix memory leak in vc_deallocate
    943131fda33b usb: dwc2: Fix session request interrupt handler
    5bd06fc6b02c usb: dwc3: gadget: Fix START_TRANSFER link state check
    0790fdbf37ee usb: gadget/function/f_fs string table fix for multiple languages
    3b8b63be230f usb: gadget: Fix double free of device descriptor pointers
    efa99087ea69 usb: gadget: dummy_hcd: fix gpf in gadget_setup
    ffe824c0e35a media: staging/intel-ipu3: Fix race condition during set_fmt
    a03fb1e8a110 media: staging/intel-ipu3: Fix set_fmt error handling
    ff792ae52005 media: staging/intel-ipu3: Fix memory leak in imu_fmt
    ae37aee56cad media: dvb-usb: Fix memory leak at error in dvb_usb_device_init()
    e5c27c2ae2f2 media: dvb-usb: Fix use-after-free access
    9185b3b1c143 media: dvbdev: Fix memory leak in dvb_media_device_free()
    92eb134265fa ext4: fix error code in ext4_commit_super
    c599462ab9c3 ext4: do not set SB_ACTIVE in ext4_orphan_cleanup()
    9c61387630a5 ext4: fix check to prevent false positive report of incorrect used inodes
    79c95130a52a kbuild: update config_data.gz only when the content of .config is changed
    19c8c34a8b80 x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported
    8d2be04dbb17 Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op")
    2b040d13b411 jffs2: check the validity of dstlen in jffs2_zlib_compress()
    564b1868f229 Fix misc new gcc warnings
    8aa728568202 security: commoncap: fix -Wstringop-overread warning
    be8db260f482 fuse: fix write deadlock
    dc21b424861a dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences
    6920cef604fa md/raid1: properly indicate failure when ending a failed write request
    5f2d256875a5 crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
    63a25b715633 tpm: vtpm_proxy: Avoid reading host log when using a virtual device
    2f12258b5224 tpm: efi: Use local variable for calculating final log size
    2af501de8f43 intel_th: pci: Add Alder Lake-M support
    ab5d5c9dfd02 powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
    abf3573ef4e7 powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
    077f526fe3cc jffs2: Fix kasan slab-out-of-bounds problem
    ad3f360ef20f Input: ili210x - add missing negation for touch indication on ili210x
    6be0e4b59314 NFSv4: Don't discard segments marked for return in _pnfs_return_layout()
    12ccd59941e3 NFS: Don't discard pNFS layout segments that are marked for return
    504632a3577a ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure
    490ad0a23904 openvswitch: fix stack OOB read while fragmenting IPv4 packets
    9508634b2b18 mlxsw: spectrum_mr: Update egress RIF list before route's action
    27a130638406 f2fs: fix to avoid out-of-bounds memory access
    6c9b98a66d0a ubifs: Only check replay with inode type to judge if inode linked
    310efc95c72c virtiofs: fix memory leak in virtio_fs_probe()
    2b28e26bd776 Makefile: Move -Wno-unused-but-set-variable out of GCC only block
    13a474c01353 arm64/vdso: Discard .note.gnu.property sections in vDSO
    f40bf82bf693 btrfs: fix race when picking most recent mod log operation for an old root
    2bc0131d5be0 ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx
    45392da1bd91 ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops
    ee47a6414950 ALSA: hda/realtek: fix mic boost on Intel NUC 8
    d143cd1f8f6b ALSA: hda/realtek: GA503 use same quirks as GA401
    f2b75e357816 ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8
    2136ecfcf3d9 ALSA: usb-audio: More constifications
    adba683c573d ALSA: usb-audio: Explicitly set up the clock selector
    93588ea2fbd4 ALSA: sb: Fix two use after free in snd_sb_qsound_build
    1666f1ac383f ALSA: hda/conexant: Re-order CX5066 quirk table entries
    b53b72ef83ff ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
    a65181cfd953 s390/archrandom: add parameter check for s390_arch_random_generate
    ef00a39e2c78 scsi: libfc: Fix a format specifier
    02c13900477c mfd: arizona: Fix rumtime PM imbalance on error
    0d0e6dbd5fca scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
    0756818b4d3b scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
    f67fc8095bbe scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response
    82bc134b93b5 drm/amdgpu: fix NULL pointer dereference
    4b65414ea416 amdgpu: avoid incorrect %hu format string
    443fdd7b4bc3 drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
    c49981759450 drm/msm/mdp5: Do not multiply vclk line count by 100
    336e7e758640 drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
    b56ad4febe67 sched/fair: Ignore percpu threads for imbalance pulls
    53995be39f93 media: gscpa/stv06xx: fix memory leak
    3a855efb5426 media: dvb-usb: fix memory leak in dvb_usb_adapter_init
    4ca05c0e04d5 media: platform: sti: Fix runtime PM imbalance in regs_show
    47be6867d2d0 media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
    f6b97476053d media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
    cc265fb8e549 media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
    48304f37ce81 media: adv7604: fix possible use-after-free in adv76xx_remove()
    b76249a0a64e media: tc358743: fix possible use-after-free in tc358743_remove()
    b25324cf16f5 power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove()
    ac22a96c7388 power: supply: generic-adc-battery: fix possible use-after-free in gab_remove()
    e0be54070ba1 clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
    330753d38f26 media: vivid: update EDID
    71b75e6e2410 media: em28xx: fix memory leak
    cfb42c1bcce8 scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg()
    1a22a9fde806 scsi: smartpqi: Add new PCI IDs
    7973764b5454 scsi: smartpqi: Correct request leakage during reset operations
    7d77ac088fd7 ata: ahci: Disable SXS for Hisilicon Kunpeng920
    1f3daf672a13 mmc: sdhci-pci: Add PCI IDs for Intel LKF
    40fdaa2d149b scsi: qla2xxx: Fix use after free in bsg
    2cb8ce1d79d3 drm/vkms: fix misuse of WARN_ON
    3f67d5b6f943 scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
    48425948d2b6 drm/amd/display: fix dml prefetch validation
    cd148571eab0 drm/amd/display: Fix UBSAN warning for not a valid value for type '_Bool'
    e81f4da43b1d drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
    0c0356ef2498 drm/amdkfd: Fix UBSAN shift-out-of-bounds warning
    888b482dbe26 drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
    8d802ad28f9c power: supply: Use IRQF_ONESHOT
    bc73cb52997d media: gspca/sq905.c: fix uninitialized variable
    bec3831f5108 media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
    20065ae0056a extcon: arizona: Fix various races on driver unbind
    32990455bd12 extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged
    22ee443ac784 power: supply: bq27xxx: fix power_avg for newer ICs
    5bc128a16333 media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
    e18cee768a6e media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
    a2e71d2d797d media: ite-cir: check for receive overflow
    78829d2ec594 scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
    a27784943a96 scsi: lpfc: Fix pt2pt connection does not recover after LOGO
    52d2b4370a9d scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
    2b847dc1f662 drm/amd/display: Don't optimize bandwidth before disabling planes
    84b03026cccc drm/amd/display: Check for DSC support instead of ASIC revision
    bbf11337ded8 drm/qxl: release shadow on shutdown
    a7d964da5d17 drm: Added orientation quirk for OneGX1 Pro
    567c83104471 btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
    3260434687cc platform/x86: intel_pmc_core: Don't use global pmcdev in quirks
    229d2c12f1eb crypto: omap-aes - Fix PM reference leak on omap-aes.c
    5c411b92439d crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c
    e6d5c66737a9 crypto: stm32/hash - Fix PM reference leak on stm32-hash.c
    e7138a6d6a4d phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
    349f95248bce intel_th: Consistency and off-by-one fix
    86f4ac7ca448 tty: n_gsm: check error while registering tty devices
    665dbcf35508 usb: core: hub: Fix PM reference leak in usb_port_resume()
    b8035ac2ad08 usb: musb: fix PM reference leak in musb_irq_work()
    972639ed7b90 spi: qup: fix PM reference leak in spi_qup_remove()
    0adc0e0c87ff spi: omap-100k: Fix reference leak to master
    d6aa2fcd8566 spi: dln2: Fix reference leak to master
    99569ac2e97c xhci: fix potential array out of bounds with several interrupters
    99c82db050ae xhci: check control context is valid before dereferencing it.
    6f34d2ab34ed usb: xhci-mtk: support quirk to disable usb2 lpm
    d95748f23084 perf/arm_pmu_platform: Fix error handling
    fe53f8fd64d7 tee: optee: do not check memref size on return from Secure World
    dda2bc82891c x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
    ee68dd4e502f PCI: PM: Do not read power state in pci_enable_device_flags()
    52b4b9d250d4 usb: xhci: Fix port minor revision
    c13c8354fd58 usb: dwc3: gadget: Ignore EP queue requests during bus reset
    9f3c7e0074b7 usb: gadget: f_uac1: validate input parameters
    a10fb8a1c70a usb: gadget: f_uac2: validate input parameters
    a629f6bc034a genirq/matrix: Prevent allocation counter corruption
    1b2207a19664 usb: webcam: Invalid size of Processing Unit Descriptor
    4cc65c749d58 usb: gadget: uvc: add bInterval checking for HS mode
    28da0edb56ae crypto: qat - fix unmap invalid dma address
    69f1a9702d3f crypto: api - check for ERR pointers in crypto_destroy_tfm()
    8ac79bdcc0c4 spi: ath79: remove spi-master setup and cleanup assignment
    4d6a20917fda spi: ath79: always call chipselect function
    e24b9cded4bc staging: wimax/i2400m: fix byte-order issue
    ce64f57a0fe0 bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first
    4928d3b02083 fbdev: zero-fill colormap in fbcmap.c
    1c5cb86cdd7f posix-timers: Preserve return value in clock_adjtime32()
    e07d0fd8d64f intel_th: pci: Add Rocket Lake CPU support
    b6635915a3c3 btrfs: fix metadata extent leak after failure to create subvolume
    93f3339b22ba cifs: Return correct error code from smb2_get_enc_key
    e7ea8e46e3b7 irqchip/gic-v3: Do not enable irqs when handling spurious interrups
    13b0a28e6fef modules: inherit TAINT_PROPRIETARY_MODULE
    cd5a738e28ac modules: return licensing information from find_symbol
    c4698910a9af modules: rename the licence field in struct symsearch to license
    7500d4999431 modules: unexport __module_address
    ad6d414703d7 modules: unexport __module_text_address
    86de29b833e6 modules: mark each_symbol_section static
    79100b191e71 modules: mark find_symbol static
    6e38daf2e5db modules: mark ref_module static
    909a01b95120 mmc: core: Fix hanging on I/O during system suspend for removable cards
    c80524b9e418 mmc: core: Set read only for SD cards with permanent write protect bit
    42998c98ce9f mmc: core: Do a power cycle when the CMD11 fails
    1b45fcf11d28 mmc: block: Issue a cache flush only when it's enabled
    2fb68f705c56 mmc: block: Update ext_csd.cache_ctrl if it was written
    4e438ff2d967 mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers
    698df555cc5f mmc: sdhci: Check for reset prior to DMA address unmap
    0d8941b9b2d3 mmc: uniphier-sd: Fix a resource leak in the remove function
    06e48bb631d3 mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
    21171ede4337 scsi: mpt3sas: Block PCI config access from userspace during reset
    77509a238547 scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
    e45acaddd64b spi: spi-ti-qspi: Free DMA resources
    c57af0be7722 erofs: add unsupported inode i_format check
    49fc21a47e93 mtd: rawnand: atmel: Update ecc_stats.corrected counter
    3ef6813bb3a4 mtd: spinand: core: add missing MODULE_DEVICE_TABLE()
    fd1772305002 ecryptfs: fix kernel panic with null dev_name
    e057164f8731 arm64: dts: mt8173: fix property typo of 'phys' in dsi node
    527edae13d24 arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node
    34ae75d699fd ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld
    0b641b25870f ftrace: Handle commands when closing set_ftrace_filter file
    6a4f786f8eb5 ACPI: custom_method: fix a possible memory leak
    72814a94c38a ACPI: custom_method: fix potential use-after-free issue
    b691331218d0 s390/disassembler: increase ebpf disasm buffer size

(From OE-Core rev: 1eae221b25018bc1007748bf0465ff21cc7af7a5)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4d4609d4bb709db887b5302077f89a14c05b1edc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Bruce Ashfield
66c68fa7b1 linux-yocto/5.4: update to v5.4.117
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    b5dbcd05792a Linux 5.4.117
    0ee3bfc2c31e vfio: Depend on MMU
    b246759284d6 perf/core: Fix unconditional security_locked_down() call
    a1e6a0d1e6cf ovl: allow upperdir inside lowerdir
    8198962021fd scsi: ufs: Unlock on a couple error paths
    91aa2644a3ab platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    164f74391822 USB: Add reset-resume quirk for WD19's Realtek Hub
    5922dfc42ac8 USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
    314192f055d9 ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    6cede11149bf perf ftrace: Fix access to pid in array when setting a pid filter
    ad4659935e11 perf data: Fix error return code in perf_data__create_dir()
    cbc6b467610c iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    c7166a529e2b avoid __memcat_p link failure
    8ba25a9ef9b9 bpf: Fix leakage of uninitialized bpf stack under speculation
    53e0db429b37 bpf: Fix masking negation logic upon negative dst register
    b0c8fe7ef797 iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
    43b515c52942 igb: Enable RSS for Intel I211 Ethernet Controller
    354520d3ea81 net: usb: ax88179_178a: initialize local variables before use
    55714a57f369 ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
    b3041510f0fc ACPI: tables: x86: Reserve memory occupied by ACPI tables
    91b08c5319a5 mips: Do not include hi and lo in clobber list for R6

(From OE-Core rev: 494b2200aea140b5241a181a5a16529df1f17177)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0bb2a057ed02b94e6f12b0508b5d7f4a535b1ca0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Bruce Ashfield
93a1926445 kernel-yocto: provide debug / summary information for metadata
It was mentioned that when developing a BSP, the information about what
definition was used, or what fragments have been applied is not obvious
and requires looking at the code.

With this change, we can trigger a full summary of the meta data gathering
phase when KCONF_AUDIT_LEVEL > 0.

Sample output follows:

   NOTE: do_kernel_metadata: for summary/debug, set KCONF_AUDIT_LEVEL > 0
   NOTE: kernel meta data summary for qemux86-64 (standard):
   NOTE:
   ======================================================================
   NOTE: BSP entry point / definition:
   /build/tmp/work/qemux86_64-poky-linux/linux-yocto/5.10.34+gitAUTOINC+bca3bfbc74_85c17ad073-r0/kernel-meta/bsp/common-pc-64/common-pc-64-standard.scc
   NOTE: Fragments from SRC_URI:
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/xt-checksum.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/ebtables.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/lxc.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/docker.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/cgroup-hugetlb.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/xen.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/kubernetes.scc
   NOTE: KERNEL_FEATURES:  features/nfsd/nfsd-enable.scc
   features/debug/printk.scc features/kernel-sample/kernel-sample.scc
   features/netfilter/netfilter.scc cfg/virtio.scc
   features/drm-bochs/drm-bochs.scc cfg/sound.scc cfg/paravirt_kvm.scc
   features/scsi/scsi-debug.scc features/gpio/mockup.scc
   features/aufs/aufs-enable.scc cfg/fs/flash_fs.scc cfg/virtio.scc
   NOTE: Final scc/cfg list:
   /build/tmp/work/qemux86_64-poky-linux/linux-yocto/5.10.34+gitAUTOINC+bca3bfbc74_85c17ad073-r0/kernel-meta/bsp/common-pc-64/common-pc-64-standard.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/xt-checksum.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/ebtables.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/lxc.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/docker.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/cgroup-hugetlb.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/xen.scc
   /poky/meta-virtualization/recipes-kernel/linux/linux-yocto/kubernetes.scc
   features/nfsd/nfsd-enable.scc features/debug/printk.scc
   features/kernel-sample/kernel-sample.scc
   features/netfilter/netfilter.scc cfg/virtio.scc
   features/drm-bochs/drm-bochs.scc cfg/sound.scc cfg/paravirt_kvm.scc
   features/scsi/scsi-debug.scc features/gpio/mockup.scc
   features/aufs/aufs-enable.scc cfg/fs/flash_fs.scc cfg/virtio.scc

(From OE-Core rev: 8c299837622795408f4e4a9e8c2b3b3d6f409acd)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b95b11e130e91cb7c5e65f0f9a1c655bcbcbc919)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Volker Vogelhuber
1ac6ed0f14 busybox: make busybox's syslog.cfg depend on VIRTUAL-RUNTIME_base-utils-syslog
syslog.cfg is added to the list of sources for busybox
independent of the VIRTUAL-RUNTIME_base-utils-syslog variable. So even
if VIRTUAL-RUNTIME_base-utils-syslog being set e.g. to empty, syslogd will
be enabled. So only include syslog.cfg in SRC_URI if
VIRTUAL-RUNTIME_base-utils-syslog is set to busybox-syslog.

(From OE-Core rev: e990a9ec5d6eaf2c328d61c4de73ea6c270cfa15)

Signed-off-by: Volker Vogelhuber <v.vogelhuber@digitalendoscopy.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Richard Purdie
841ae63034 cve-extra-exclusions.inc: Clean up merged CPE updates
(From OE-Core rev: be30d2754a23ce195e9685872e0e476e1ca42052)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2ba6d58e77430cceeca9db61fdb06882a92e1e7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:56 +01:00
Richard Purdie
fcf6bf0dd1 cve-extra-exclusions: Fix typos
(From OE-Core rev: 43d8d7001402aebc78979f3c86493f0aa15140a4)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d4d4644e7c127e8b88b180635124e8afc905c69e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:55 +01:00
Richard Purdie
7e3dac47e0 cve-extra-exclusions.inc: add exclusion list for intractable CVE's
The preferred methods for CVE resolution are:

1. Version upgrades where possible
2. Patches where not possible
3. Database updates where version info is incorrect
4. Exclusion from checking where it is determined that the CVE
   does not apply to our environment

In some cases none of these methods are possible. For example the
CVE may be decades old with no apparent resolution, and with broken
links that make further research impractical. Some CVEs are vauge
with no specific action the project can take too.

This patch creates a mechanism for users to remove this type of
CVE from the cve-check results via an optional include file.

Based on an initial patch from Steve Sakoman <steve@sakoman.com>
but extended heavily by RP.

(From OE-Core rev: c93d541a84ce4f9ed52b7aee0a59857957ea0380)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cf282ae03db3f09df42dcd110d7086c2d854642c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:55 +01:00
Steve Sakoman
039c303bef expat: set CVE_PRODUCT
Upstream database uses both "expat" and "libexpat" to report CVEs

(From OE-Core rev: f89b497800fb3a3ecd77b7a868a02800b6c86d92)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 706bdcaec5fd7c59d7877bbefa5ed4ce5b4f3da1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:55 +01:00
Sana Kazi
f5882b194b openssh: Add fixes for CVEs reported for openssh
Applied patch for CVE-2020-14145
Link: https://anongit.mindrot.org/openssh.git/patch/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d

Also, whitelisted below CVEs:

1.CVE-2020-15778:
As per upstream, because of the way scp is based on a historical
protocol called rcp which relies on that style of argument passing
and therefore encounters expansion problems. Making changes to how
the scp command line works breaks the pattern used by scp consumers.
Upstream therefore recommends the use of rsync in the place of
scp for better security. https://bugzilla.redhat.com/show_bug.cgi?id=1860487

2.CVE-2008-3844: It was reported in OpenSSH on Red Hat Enterprise Linux
and certain packages may have been compromised. This CVE is not
applicable as our source is OpenBSD.
Links:
https://securitytracker.com/id?1020730
https://www.securityfocus.com/bid/30794

Also, for CVE-2007-2768 no fix is available yet as it's unavoidable
drawback of using one time passwords as per
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2007-2768
Also it is marked as unimportant on debian
https://security-tracker.debian.org/tracker/CVE-2007-2768

Mailed to CPE to update database for CVE-2020-15778, CVE-2008-3844
and CVE-2007-2768. We can upstream CVE-2020-14145 till we recieve
response from CPE.

(From OE-Core rev: 302a6828b380ba20bb244f11f22a5bc273f0e5e7)

Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Nisha Parrakat <nishaparrakat@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:55 +01:00
akash hadke
a59a11eb56 tiff: Add fix for CVE-2020-35521 and CVE-2020-35522
Added fix for CVE-2020-35521 and CVE-2020-35522
Link: b5a935d96b.patch

Added below support patches for CVE-2020-35521 and CVE-2020-35522

1. 001_support_patch_for_CVE-2020-35521_and_CVE-2020-35522.patch
Link: 02875964eb.patch

2. 002_support_patch_for_CVE-2020-35521_and_CVE-2020-35522.patch
Link: ca70b5e702.patch

(From OE-Core rev: 03a65159093e0b2df4bc867c873b5c43721b9a9c)

Signed-off-by: akash hadke <akash.hadke@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:55 +01:00
Ross Burton
0b6e24d0dd cups: whitelist CVE-2021-25317
This CVE relates to bad ownership of /var/log/cups, which we don't have.

(From OE-Core rev: 68ee8fd1ec0f09c6477578de40e1adfc7ba35027)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0792312f3637ec160d2ef90781a8cb1f75b84940)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-03 16:30:55 +01:00
100 changed files with 4520 additions and 1025 deletions

View File

@@ -1636,6 +1636,7 @@ class BBCooker:
return
def post_serve(self):
self.shutdown(force=True)
prserv.serv.auto_shutdown()
if self.hashserv:
self.hashserv.process.terminate()
@@ -1650,6 +1651,7 @@ class BBCooker:
if self.parser:
self.parser.shutdown(clean=not force, force=force)
self.parser.final_cleanup()
def finishcommand(self):
self.state = state.initial
@@ -1931,7 +1933,8 @@ class Parser(multiprocessing.Process):
except queue.Empty:
pass
else:
self.results.cancel_join_thread()
self.results.close()
self.results.join_thread()
break
if pending:
@@ -1940,6 +1943,8 @@ class Parser(multiprocessing.Process):
try:
job = self.jobs.pop()
except IndexError:
self.results.close()
self.results.join_thread()
break
result = self.parse(*job)
# Clear the siggen cache after parsing to control memory usage, its huge
@@ -2015,6 +2020,7 @@ class CookerParser(object):
self.start()
self.haveshutdown = False
self.syncthread = None
def start(self):
self.results = self.load_cached()
@@ -2056,12 +2062,9 @@ class CookerParser(object):
self.total)
bb.event.fire(event, self.cfgdata)
for process in self.processes:
self.parser_quit.put(None)
else:
self.parser_quit.cancel_join_thread()
for process in self.processes:
self.parser_quit.put(None)
for process in self.processes:
self.parser_quit.put(None)
# Cleanup the queue before call process.join(), otherwise there might be
# deadlocks.
@@ -2078,9 +2081,13 @@ class CookerParser(object):
else:
process.join()
self.parser_quit.close()
# Allow data left in the cancel queue to be discarded
self.parser_quit.cancel_join_thread()
sync = threading.Thread(target=self.bb_cache.sync)
self.syncthread = sync
sync.start()
multiprocessing.util.Finalize(None, sync.join, exitpriority=-100)
bb.codeparser.parser_cache_savemerge()
bb.fetch.fetcher_parse_done()
if self.cooker.configuration.profile:
@@ -2094,6 +2101,10 @@ class CookerParser(object):
bb.utils.process_profilelog(profiles, pout = pout)
print("Processed parsing statistics saved to %s" % (pout))
def final_cleanup(self):
if self.syncthread:
self.syncthread.join()
def load_cached(self):
for filename, appends in self.fromcache:
cached, infos = self.bb_cache.load(filename, appends)

View File

@@ -16,7 +16,7 @@ import os
import sys
import datetime
current_version = "3.1.8"
current_version = "3.1.10"
# String used in sidebar
version = 'Version: ' + current_version

View File

@@ -1,11 +1,11 @@
DISTRO : "3.1.8"
DISTRO : "3.1.10"
DISTRO_NAME_NO_CAP : "dunfell"
DISTRO_NAME : "Dunfell"
DISTRO_NAME_NO_CAP_MINUS_ONE : "zeus"
YOCTO_DOC_VERSION : "3.1.8"
YOCTO_DOC_VERSION : "3.1.10"
YOCTO_DOC_VERSION_MINUS_ONE : "3.0.2"
DISTRO_REL_TAG : "yocto-3.1.8"
POKYVERSION : "23.0.8"
DISTRO_REL_TAG : "yocto-3.1.10"
POKYVERSION : "23.0.10"
YOCTO_POKY : "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;"
YOCTO_DL_URL : "https://downloads.yoctoproject.org"
YOCTO_AB_URL : "https://autobuilder.yoctoproject.org"

View File

@@ -67,6 +67,8 @@ distributions:
- OpenSUSE Leap 15.1
- OpenSUSE Leap 15.2
.. note::

View File

@@ -3811,6 +3811,15 @@ system and gives an overview of their function and contents.
KERNEL_ARTIFACT_NAME ?= "${PKGE}-${PKGV}-${PKGR}-${MACHINE}${IMAGE_VERSION_SUFFIX}"
:term:`KERNEL_DTC_FLAGS`
Specifies the ``dtc`` flags that are passed to the Linux kernel build
system when generating the device trees (via ``DTC_FLAGS`` environment
variable).
In order to use this variable, the
:ref:`kernel-devicetree <ref-classes-kernel-devicetree>` class must
be inherited.
:term:`KERNEL_EXTRA_ARGS`
Specifies additional ``make`` command-line arguments the OpenEmbedded
build system passes on when compiling the kernel.

View File

@@ -16,7 +16,9 @@
- :yocto_docs:`3.1.5 Documentation </3.1.5>`
- :yocto_docs:`3.1.6 Documentation </3.1.6>`
- :yocto_docs:`3.1.7 Documentation </3.1.7>`
- :yocto_docs:`3.1.7 Documentation </3.1.8>`
- :yocto_docs:`3.1.8 Documentation </3.1.8>`
- :yocto_docs:`3.1.9 Documentation </3.1.9>`
- :yocto_docs:`3.1.10 Documentation </3.1.10>`
==========================
Previous Release Manuals

View File

@@ -3,7 +3,7 @@
var all_versions = {
'dev': 'dev (3.3)',
'3.1.8': '3.1.8',
'3.1.10': '3.1.10',
'3.0.4': '3.0.4',
'2.7.4': '2.7.4',
};

View File

@@ -1,6 +1,6 @@
DISTRO = "poky"
DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
DISTRO_VERSION = "3.1.8"
DISTRO_VERSION = "3.1.10"
DISTRO_CODENAME = "dunfell"
SDK_VENDOR = "-pokysdk"
SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${DATE}', 'snapshot')}"
@@ -67,6 +67,7 @@ SANITY_TESTED_DISTROS ?= " \
debian-9 \n \
debian-10 \n \
opensuseleap-15.1 \n \
opensuseleap-15.2 \n \
"
# add poky sanity bbclass
INHERIT += "poky-sanity"

View File

@@ -261,4 +261,4 @@ python do_bootimg() {
do_bootimg[subimages] = "hddimg iso"
do_bootimg[imgsuffix] = "."
addtask bootimg before do_image_complete
addtask bootimg before do_image_complete after do_rootfs

View File

@@ -1,14 +1,20 @@
# Support for device tree generation
PACKAGES_append = " \
${KERNEL_PACKAGE_NAME}-devicetree \
${@[d.getVar('KERNEL_PACKAGE_NAME') + '-image-zimage-bundle', ''][d.getVar('KERNEL_DEVICETREE_BUNDLE') != '1']} \
"
python () {
if not bb.data.inherits_class('nopackages', d):
d.appendVar("PACKAGES", " ${KERNEL_PACKAGE_NAME}-devicetree")
if d.getVar('KERNEL_DEVICETREE_BUNDLE') == '1':
d.appendVar("PACKAGES", " ${KERNEL_PACKAGE_NAME}-image-zimage-bundle")
}
FILES_${KERNEL_PACKAGE_NAME}-devicetree = "/${KERNEL_IMAGEDEST}/*.dtb /${KERNEL_IMAGEDEST}/*.dtbo"
FILES_${KERNEL_PACKAGE_NAME}-image-zimage-bundle = "/${KERNEL_IMAGEDEST}/zImage-*.dtb.bin"
# Generate kernel+devicetree bundle
KERNEL_DEVICETREE_BUNDLE ?= "0"
# dtc flags passed via DTC_FLAGS env variable
KERNEL_DTC_FLAGS ?= ""
normalize_dtb () {
dtb="$1"
if echo $dtb | grep -q '/dts/'; then
@@ -50,6 +56,10 @@ do_configure_append() {
}
do_compile_append() {
if [ -n "${KERNEL_DTC_FLAGS}" ]; then
export DTC_FLAGS="${KERNEL_DTC_FLAGS}"
fi
for dtbf in ${KERNEL_DEVICETREE}; do
dtb=`normalize_dtb "$dtbf"`
oe_runmake $dtb CC="${KERNEL_CC} $cc_extra " LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS}

View File

@@ -124,7 +124,7 @@ fitimage_emit_section_kernel() {
fi
cat << EOF >> ${1}
kernel@${2} {
kernel-${2} {
description = "Linux kernel";
data = /incbin/("${3}");
type = "kernel";
@@ -133,7 +133,7 @@ fitimage_emit_section_kernel() {
compression = "${4}";
load = <${UBOOT_LOADADDRESS}>;
entry = <${ENTRYPOINT}>;
hash@1 {
hash-1 {
algo = "${kernel_csum}";
};
};
@@ -160,14 +160,14 @@ fitimage_emit_section_dtb() {
dtb_loadline="load = <${UBOOT_DTB_LOADADDRESS}>;"
fi
cat << EOF >> ${1}
fdt@${2} {
fdt-${2} {
description = "Flattened Device Tree blob";
data = /incbin/("${3}");
type = "flat_dt";
arch = "${UBOOT_ARCH}";
compression = "none";
${dtb_loadline}
hash@1 {
hash-1 {
algo = "${dtb_csum}";
};
};
@@ -185,7 +185,7 @@ fitimage_emit_section_setup() {
setup_csum="${FIT_HASH_ALG}"
cat << EOF >> ${1}
setup@${2} {
setup-${2} {
description = "Linux setup.bin";
data = /incbin/("${3}");
type = "x86_setup";
@@ -194,7 +194,7 @@ fitimage_emit_section_setup() {
compression = "none";
load = <0x00090000>;
entry = <0x00090000>;
hash@1 {
hash-1 {
algo = "${setup_csum}";
};
};
@@ -221,7 +221,7 @@ fitimage_emit_section_ramdisk() {
fi
cat << EOF >> ${1}
ramdisk@${2} {
ramdisk-${2} {
description = "${INITRAMFS_IMAGE}";
data = /incbin/("${3}");
type = "ramdisk";
@@ -230,7 +230,7 @@ fitimage_emit_section_ramdisk() {
compression = "none";
${ramdisk_loadline}
${ramdisk_entryline}
hash@1 {
hash-1 {
algo = "${ramdisk_csum}";
};
};
@@ -250,7 +250,7 @@ fitimage_emit_section_config() {
conf_csum="${FIT_HASH_ALG}"
conf_sign_algo="${FIT_SIGN_ALG}"
if [ -n "${UBOOT_SIGN_ENABLE}" ] ; then
if [ "${UBOOT_SIGN_ENABLE}" = "1" ] ; then
conf_sign_keyname="${UBOOT_SIGN_KEYNAME}"
fi
@@ -266,39 +266,39 @@ fitimage_emit_section_config() {
if [ -n "${2}" ]; then
conf_desc="Linux kernel"
sep=", "
kernel_line="kernel = \"kernel@${2}\";"
kernel_line="kernel = \"kernel-${2}\";"
fi
if [ -n "${3}" ]; then
conf_desc="${conf_desc}${sep}FDT blob"
sep=", "
fdt_line="fdt = \"fdt@${3}\";"
fdt_line="fdt = \"fdt-${3}\";"
fi
if [ -n "${4}" ]; then
conf_desc="${conf_desc}${sep}ramdisk"
sep=", "
ramdisk_line="ramdisk = \"ramdisk@${4}\";"
ramdisk_line="ramdisk = \"ramdisk-${4}\";"
fi
if [ -n "${5}" ]; then
conf_desc="${conf_desc}${sep}setup"
setup_line="setup = \"setup@${5}\";"
setup_line="setup = \"setup-${5}\";"
fi
if [ "${6}" = "1" ]; then
default_line="default = \"conf@${3}\";"
default_line="default = \"conf-${3}\";"
fi
cat << EOF >> ${1}
${default_line}
conf@${3} {
conf-${3} {
description = "${6} ${conf_desc}";
${kernel_line}
${fdt_line}
${ramdisk_line}
${setup_line}
hash@1 {
hash-1 {
algo = "${conf_csum}";
};
EOF
@@ -330,7 +330,7 @@ EOF
sign_line="${sign_line};"
cat << EOF >> ${1}
signature@1 {
signature-1 {
algo = "${conf_csum},${conf_sign_algo}";
key-name-hint = "${conf_sign_keyname}";
${sign_line}

View File

@@ -105,6 +105,8 @@ do_kernel_metadata() {
cd ${S}
export KMETA=${KMETA}
bbnote "do_kernel_metadata: for summary/debug, set KCONF_AUDIT_LEVEL > 0"
# if kernel tools are available in-tree, they are preferred
# and are placed on the path before any external tools. Unless
# the external tools flag is set, in that case we do nothing.
@@ -252,6 +254,21 @@ do_kernel_metadata() {
bbfatal_log "Could not generate configuration queue for ${KMACHINE}."
fi
fi
if [ ${KCONF_AUDIT_LEVEL} -gt 0 ]; then
bbnote "kernel meta data summary for ${KMACHINE} (${LINUX_KERNEL_TYPE}):"
bbnote "======================================================================"
if [ -n "${KMETA_EXTERNAL_BSPS}" ]; then
bbnote "Non kernel-cache (external) bsp"
fi
bbnote "BSP entry point / definition: $bsp_definition"
if [ -n "$in_tree_defconfig" ]; then
bbnote "KBUILD_DEFCONFIG: ${KBUILD_DEFCONFIG}"
fi
bbnote "Fragments from SRC_URI: $sccs_from_src_uri"
bbnote "KERNEL_FEATURES: $KERNEL_FEATURES_FINAL"
bbnote "Final scc/cfg list: $sccs_defconfig $bsp_definition $sccs $KERNEL_FEATURES_FINAL"
fi
}
do_patch() {

View File

@@ -91,6 +91,8 @@ python __anonymous () {
imagedest = d.getVar('KERNEL_IMAGEDEST')
for type in types.split():
if bb.data.inherits_class('nopackages', d):
continue
typelower = type.lower()
d.appendVar('PACKAGES', ' %s-image-%s' % (kname, typelower))
d.setVar('FILES_' + kname + '-image-' + typelower, '/' + imagedest + '/' + type + '-${KERNEL_VERSION_NAME}' + ' /' + imagedest + '/' + type)
@@ -680,7 +682,7 @@ do_sizecheck() {
at_least_one_fits=
for imageType in ${KERNEL_IMAGETYPES} ; do
size=`du -ks ${B}/${KERNEL_OUTPUT_DIR}/$imageType | awk '{print $1}'`
if [ $size -ge ${KERNEL_IMAGE_MAXSIZE} ]; then
if [ $size -gt ${KERNEL_IMAGE_MAXSIZE} ]; then
bbwarn "This kernel $imageType (size=$size(K) > ${KERNEL_IMAGE_MAXSIZE}(K)) is too big for your device."
else
at_least_one_fits=y

View File

@@ -162,6 +162,6 @@ python package_prepare_pkgdata() {
}
package_prepare_pkgdata[cleandirs] = "${WORKDIR_PKGDATA}"
package_prepare_pkgdata[vardepsexclude] += "MACHINE_ARCH PACKAGE_EXTRA_ARCHS SDK_ARCH BUILD_ARCH SDK_OS BB_TASKDEPDATA"
package_prepare_pkgdata[vardepsexclude] += "MACHINE_ARCH PACKAGE_EXTRA_ARCHS SDK_ARCH BUILD_ARCH SDK_OS BB_TASKDEPDATA SSTATETASKS"

View File

@@ -678,8 +678,8 @@ python do_package_rpm () {
cmd = cmd + " --define '_use_internal_dependency_generator 0'"
cmd = cmd + " --define '_binaries_in_noarch_packages_terminate_build 0'"
cmd = cmd + " --define '_build_id_links none'"
cmd = cmd + " --define '_binary_payload w6T.xzdio'"
cmd = cmd + " --define '_source_payload w6T.xzdio'"
cmd = cmd + " --define '_binary_payload w6T%d.xzdio'" % int(d.getVar("XZ_THREADS"))
cmd = cmd + " --define '_source_payload w6T%d.xzdio'" % int(d.getVar("XZ_THREADS"))
cmd = cmd + " --define 'clamp_mtime_to_source_date_epoch 1'"
cmd = cmd + " --define 'use_source_date_epoch_as_buildtime 1'"
cmd = cmd + " --define '_buildhost reproducible'"

View File

@@ -6,8 +6,6 @@
#
# Licensed under the MIT license, see COPYING.MIT for details
inherit base
ERR_REPORT_DIR ?= "${LOG_DIR}/error-report"
def errorreport_getdata(e):

View File

@@ -123,8 +123,6 @@ SSTATE_HASHEQUIV_REPORT_TASKDATA[doc] = "Report additional useful data to the \
python () {
if bb.data.inherits_class('native', d):
d.setVar('SSTATE_PKGARCH', d.getVar('BUILD_ARCH', False))
if d.getVar("PN") == "pseudo-native":
d.appendVar('SSTATE_PKGARCH', '_${ORIGNATIVELSBSTRING}')
elif bb.data.inherits_class('crosssdk', d):
d.setVar('SSTATE_PKGARCH', d.expand("${BUILD_ARCH}_${SDK_ARCH}_${SDK_OS}"))
elif bb.data.inherits_class('cross', d):
@@ -483,7 +481,7 @@ def sstate_clean_cachefiles(d):
ss = sstate_state_fromvars(ld, task)
sstate_clean_cachefile(ss, ld)
def sstate_clean_manifest(manifest, d, prefix=None):
def sstate_clean_manifest(manifest, d, canrace=False, prefix=None):
import oe.path
mfile = open(manifest)
@@ -501,7 +499,9 @@ def sstate_clean_manifest(manifest, d, prefix=None):
if entry.endswith("/"):
if os.path.islink(entry[:-1]):
os.remove(entry[:-1])
elif os.path.exists(entry) and len(os.listdir(entry)) == 0:
elif os.path.exists(entry) and len(os.listdir(entry)) == 0 and not canrace:
# Removing directories whilst builds are in progress exposes a race. Only
# do it in contexts where it is safe to do so.
os.rmdir(entry[:-1])
else:
os.remove(entry)
@@ -539,7 +539,7 @@ def sstate_clean(ss, d):
for lock in ss['lockfiles']:
locks.append(bb.utils.lockfile(lock))
sstate_clean_manifest(manifest, d)
sstate_clean_manifest(manifest, d, canrace=True)
for lock in locks:
bb.utils.unlockfile(lock)
@@ -703,9 +703,15 @@ def sstate_package(ss, d):
os.utime(siginfo, None)
except PermissionError:
pass
except OSError as e:
# Handle read-only file systems gracefully
if e.errno != errno.EROFS:
raise e
return
sstate_package[vardepsexclude] += "SSTATE_SIG_KEY"
def pstaging_fetch(sstatefetch, d):
import bb.fetch2
@@ -1139,6 +1145,10 @@ python sstate_eventhandler() {
os.utime(siginfo, None)
except PermissionError:
pass
except OSError as e:
# Handle read-only file systems gracefully
if e.errno != errno.EROFS:
raise e
}

View File

@@ -408,7 +408,7 @@ python extend_recipe_sysroot() {
if os.path.islink(f) and not os.path.exists(f):
bb.note("%s no longer exists, removing from sysroot" % f)
lnk = os.readlink(f.replace(".complete", ""))
sstate_clean_manifest(depdir + "/" + lnk, d, workdir)
sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
os.unlink(f)
os.unlink(f.replace(".complete", ""))
@@ -453,7 +453,7 @@ python extend_recipe_sysroot() {
fl = depdir + "/" + l
bb.note("Task %s no longer depends on %s, removing from sysroot" % (mytaskname, l))
lnk = os.readlink(fl)
sstate_clean_manifest(depdir + "/" + lnk, d, workdir)
sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
os.unlink(fl)
os.unlink(fl + ".complete")
@@ -474,7 +474,7 @@ python extend_recipe_sysroot() {
continue
else:
bb.note("%s exists in sysroot, but is stale (%s vs. %s), removing." % (c, lnk, c + "." + taskhash))
sstate_clean_manifest(depdir + "/" + lnk, d, workdir)
sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
os.unlink(depdir + "/" + c)
if os.path.lexists(depdir + "/" + c + ".complete"):
os.unlink(depdir + "/" + c + ".complete")

View File

@@ -0,0 +1,73 @@
# This file contains a list of CVE's where resolution has proven to be impractical
# or there is no reasonable action the Yocto Project can take to resolve the issue.
# It contains all the information we are aware of about an issue and analysis about
# why we believe it can't be fixed/handled. Additional information is welcome through
# patches to the file.
#
# Include this file in your local.conf or distro.conf to exclude these CVE's
# from the cve-check results or add to the bitbake command with:
# -R conf/distro/include/cve-extra-exclusions.inc
#
# The file is not included by default since users should review this data to ensure
# it matches their expectations and usage of the project.
#
# We may also include "in-flight" information about current/ongoing CVE work with
# the aim of sharing that work and ensuring we don't duplicate it.
#
# strace https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006
# CVE is more than 20 years old with no resolution evident
# broken links in CVE database references make resolution impractical
CVE_CHECK_WHITELIST += "CVE-2000-0006"
# epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238
# The issue here is spoofing of domain names using characters from other character sets.
# There has been much discussion amongst the epiphany and webkit developers and
# whilst there are improvements about how domains are handled and displayed to the user
# there is unlikely ever to be a single fix to webkit or epiphany which addresses this
# problem. Whitelisted as there isn't any mitigation or fix or way to progress this further
# we can seem to take.
CVE_CHECK_WHITELIST += "CVE-2005-0238"
# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4756
# Issue is memory exhaustion via glob() calls, e.g. from within an ftp server
# Best discussion in https://bugzilla.redhat.com/show_bug.cgi?id=681681
# Upstream don't see it as a security issue, ftp servers shouldn't be passing
# this to libc glob. Exclude as upstream have no plans to add BSD's GLOB_LIMIT or similar
CVE_CHECK_WHITELIST += "CVE-2010-4756"
# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29509
# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29511
# The encoding/xml package in go can potentially be used for security exploits if not used correctly
# CVE applies to a netapp product as well as flagging a general issue. We don't ship anything
# exposing this interface in an exploitable way
CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"
#### CPE update pending ####
# groff:groff-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0803
# Appears it was fixed in https://git.savannah.gnu.org/cgit/groff.git/commit/?id=07f95f1674217275ed4612f1dcaa95a88435c6a7
# so from 1.17 onwards. Reported to the database for update by RP 2021/5/9. Update accepted 2021/5/10.
#CVE_CHECK_WHITELIST += "CVE-2000-0803"
#### Upstream still working on ####
# qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255
# There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html
# however qemu maintainers are sure the patch is incorrect and should not be applied.
# flex:flex-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293
# Upstream bug, still open: https://github.com/westes/flex/issues/414
# Causes memory exhaustion so potential DoS but no buffer overflow, low priority
# wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879
# https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
# No response upstream as of 2021/5/12

View File

@@ -8,7 +8,7 @@
UNINATIVE_MAXGLIBCVERSION = "2.33"
UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.1/"
UNINATIVE_CHECKSUM[aarch64] ?= "7fa12b9fe7a95934cc09beb0e8a25ff97179ef3105116015d32548eadd27b024"
UNINATIVE_CHECKSUM[i686] ?= "bbfcdd48336800b5af97e294918c6586a0a8fa903f127f813b0bd5110de8c55c"
UNINATIVE_CHECKSUM[x86_64] ?= "5d0611df544edff6428cef7d871257a91aa6ba1bd92f5365a2df8deb54b6b31e"
UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.2/"
UNINATIVE_CHECKSUM[aarch64] ?= "4f0872cdca2775b637a8a99815ca5c8dd42146abe903a24a50ee0448358c764b"
UNINATIVE_CHECKSUM[i686] ?= "e2eeab92e67263db37d9bb6d4c58579abd1f47ff4cded3171bde572fece124b2"
UNINATIVE_CHECKSUM[x86_64] ?= "3ee8c7d55e2d4c7ae3887cddb97219f97b94efddfeee2e24923c0cb0e8ce84c6"

View File

@@ -111,7 +111,7 @@ class LocalSigner(object):
def verify(self, sig_file):
"""Verify signature"""
cmd = self.gpg_cmd + [" --verify", "--no-permission-warning"]
cmd = self.gpg_cmd + ["--verify", "--no-permission-warning"]
if self.gpg_path:
cmd += ["--homedir", self.gpg_path]

View File

@@ -141,13 +141,4 @@ class RpmInstallRemoveTest(OERuntimeTestCase):
self.tc.target.run('rm -f %s' % self.dst)
# if using systemd this should ensure all entries are flushed to /var
status, output = self.target.run("journalctl --sync")
# Get the amount of entries in the log file
status, output = self.target.run(check_log_cmd)
msg = 'Failed to get the final size of the log file.'
self.assertEqual(0, status, msg=msg)
# Check that there's enough of them
self.assertGreaterEqual(int(output), 80,
'Cound not find sufficient amount of rpm entries in /var/log/messages, found {} entries'.format(output))

View File

@@ -35,11 +35,11 @@ class Archiver(OESelftestTestCase):
src_path = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['TARGET_SYS'])
# Check that include_recipe was included
included_present = len(glob.glob(src_path + '/%s-*' % include_recipe))
included_present = len(glob.glob(src_path + '/%s-*/*' % include_recipe))
self.assertTrue(included_present, 'Recipe %s was not included.' % include_recipe)
# Check that exclude_recipe was excluded
excluded_present = len(glob.glob(src_path + '/%s-*' % exclude_recipe))
excluded_present = len(glob.glob(src_path + '/%s-*/*' % exclude_recipe))
self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % exclude_recipe)
def test_archiver_filters_by_type(self):
@@ -67,11 +67,11 @@ class Archiver(OESelftestTestCase):
src_path_native = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'])
# Check that target_recipe was included
included_present = len(glob.glob(src_path_target + '/%s-*' % target_recipe))
included_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipe))
self.assertTrue(included_present, 'Recipe %s was not included.' % target_recipe)
# Check that native_recipe was excluded
excluded_present = len(glob.glob(src_path_native + '/%s-*' % native_recipe))
excluded_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipe))
self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % native_recipe)
def test_archiver_filters_by_type_and_name(self):
@@ -104,17 +104,17 @@ class Archiver(OESelftestTestCase):
src_path_native = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'])
# Check that target_recipe[0] and native_recipes[1] were included
included_present = len(glob.glob(src_path_target + '/%s-*' % target_recipes[0]))
included_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipes[0]))
self.assertTrue(included_present, 'Recipe %s was not included.' % target_recipes[0])
included_present = len(glob.glob(src_path_native + '/%s-*' % native_recipes[1]))
included_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipes[1]))
self.assertTrue(included_present, 'Recipe %s was not included.' % native_recipes[1])
# Check that native_recipes[0] and target_recipes[1] were excluded
excluded_present = len(glob.glob(src_path_native + '/%s-*' % native_recipes[0]))
excluded_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipes[0]))
self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % native_recipes[0])
excluded_present = len(glob.glob(src_path_target + '/%s-*' % target_recipes[1]))
excluded_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipes[1]))
self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % target_recipes[1])

View File

@@ -64,7 +64,7 @@ class TestMultiprocessLaunch(TestCase):
import bb
def testfunction(item, d):
if item == "2" or item == "1":
if item == "2":
raise KeyError("Invalid number %s" % item)
return "Found %s" % item
@@ -99,5 +99,4 @@ class TestMultiprocessLaunch(TestCase):
# Assert the function prints exceptions
with captured_output() as (out, err):
self.assertRaises(bb.BBHandledException, multiprocess_launch, testfunction, ["1", "2", "3", "4", "5", "6"], d, extraargs=(d,))
self.assertIn("KeyError: 'Invalid number 1'", out.getvalue())
self.assertIn("KeyError: 'Invalid number 2'", out.getvalue())

View File

@@ -27,8 +27,8 @@ class RunCmdTests(OESelftestTestCase):
# The delta is intentionally smaller than the timeout, to detect cases where
# we incorrectly apply the timeout more than once.
TIMEOUT = 5
DELTA = 3
TIMEOUT = 10
DELTA = 8
def test_result_okay(self):
result = runCmd("true")

View File

@@ -14,11 +14,6 @@ from oeqa.core.decorator.data import skipIfNotQemu
class TestExport(OESelftestTestCase):
@classmethod
def tearDownClass(cls):
runCmd("rm -rf /tmp/sdk")
super(TestExport, cls).tearDownClass()
def test_testexport_basic(self):
"""
Summary: Check basic testexport functionality with only ping test enabled.
@@ -95,19 +90,20 @@ class TestExport(OESelftestTestCase):
msg = "Couldn't find SDK tarball: %s" % tarball_path
self.assertEqual(os.path.isfile(tarball_path), True, msg)
# Extract SDK and run tar from SDK
result = runCmd("%s -y -d /tmp/sdk" % tarball_path)
self.assertEqual(0, result.status, "Couldn't extract SDK")
with tempfile.TemporaryDirectory() as tmpdirname:
# Extract SDK and run tar from SDK
result = runCmd("%s -y -d %s" % (tarball_path, tmpdirname))
self.assertEqual(0, result.status, "Couldn't extract SDK")
env_script = result.output.split()[-1]
result = runCmd(". %s; which tar" % env_script, shell=True)
self.assertEqual(0, result.status, "Couldn't setup SDK environment")
is_sdk_tar = True if "/tmp/sdk" in result.output else False
self.assertTrue(is_sdk_tar, "Couldn't setup SDK environment")
env_script = result.output.split()[-1]
result = runCmd(". %s; which tar" % env_script, shell=True)
self.assertEqual(0, result.status, "Couldn't setup SDK environment")
is_sdk_tar = True if tmpdirname in result.output else False
self.assertTrue(is_sdk_tar, "Couldn't setup SDK environment")
tar_sdk = result.output
result = runCmd("%s --version" % tar_sdk)
self.assertEqual(0, result.status, "Couldn't run tar from SDK")
tar_sdk = result.output
result = runCmd("%s --version" % tar_sdk)
self.assertEqual(0, result.status, "Couldn't run tar from SDK")
class TestImage(OESelftestTestCase):

View File

@@ -13,6 +13,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
CVE_PRODUCT = "grub2"
# Applies only to RHEL
CVE_CHECK_WHITELIST += "CVE-2019-14865"
SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \
file://autogen.sh-exclude-pc.patch \

View File

@@ -1,17 +0,0 @@
Upstream-Status: Backporting [https://downloads.isc.org/isc/bind9/9.16.12/patches/CVE-2020-8625.patch]
CVE: CVE-2020-8625
Signed-off-by: Minjae Kim <flowergom@gmail.com>
diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
index e61d1c600f2..753dc8049fa 100644
--- a/lib/dns/spnego.c
+++ b/lib/dns/spnego.c
@@ -848,7 +848,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
return (ASN1_OVERRUN);
}
- data->components = malloc(len * sizeof(*data->components));
+ data->components = malloc((len + 1) * sizeof(*data->components));
if (data->components == NULL) {
return (ENOMEM);
}

View File

@@ -4,7 +4,7 @@ DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system"
SECTION = "console/network"
LICENSE = "ISC & BSD"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=bf39058a7f64b2a934ce14dc9ec1dd45"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=b88e7ca5f21908e1b2720169f6807cf6"
DEPENDS = "openssl libcap zlib"
@@ -19,10 +19,9 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \
file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
file://0001-avoid-start-failure-with-bind-user.patch \
file://CVE-2020-8625.patch \
"
SRC_URI[sha256sum] = "afc6d8015006f1cabf699ff19f517bb8fd9c1811e5231f26baf51c3550262ac9"
SRC_URI[sha256sum] = "cbf8cb4b74dd1452d97c3a2a8c625ea346df8516b4b3508ef07443121a591342"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4

View File

@@ -52,6 +52,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
file://0001-test-gatt-Fix-hung-issue.patch \
file://CVE-2021-3588.patch \
"
S = "${WORKDIR}/bluez-${PV}"

View File

@@ -0,0 +1,34 @@
From 3a40bef49305f8327635b81ac8be52a3ca063d5a Mon Sep 17 00:00:00 2001
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date: Mon, 4 Jan 2021 10:38:31 -0800
Subject: [PATCH] gatt: Fix potential buffer out-of-bound
When client features is read check if the offset is within the cli_feat
bounds.
Fixes: https://github.com/bluez/bluez/issues/70
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=3a40bef49305f8327635b81ac8be52a3ca063d5a]
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+CVE: CVE-2021-3588
---
src/gatt-database.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/gatt-database.c b/src/gatt-database.c
index 90cc4bade..f2d7b5821 100644
--- a/src/gatt-database.c
+++ b/src/gatt-database.c
@@ -1075,6 +1075,11 @@ static void cli_feat_read_cb(struct gatt_db_attribute *attrib,
goto done;
}
+ if (offset >= sizeof(state->cli_feat)) {
+ ecode = BT_ATT_ERROR_INVALID_OFFSET;
+ goto done;
+ }
+
len = sizeof(state->cli_feat) - offset;
value = len ? &state->cli_feat[offset] : NULL;

View File

@@ -0,0 +1,66 @@
From 5a7344b05081d84343a1627e47478f3990b17700 Mon Sep 17 00:00:00 2001
From: Minjae Kim <flowergom@gmail.com>
Date: Thu, 8 Jul 2021 00:08:25 +0000
Subject: [PATCH] ISC has disclosed a vulnerability in ISC DHCP
(CVE-2021-25217)
On May 26, 2021, we (Internet Systems Consortium) disclosed a
vulnerability affecting our ISC DHCP software:
CVE-2021-25217: A buffer overrun in lease file parsing code can be
used to exploit a common vulnerability shared by dhcpd and dhclient
https://kb.isc.org/docs/cve-2021-25217
New versions of ISC DHCP are available from https://www.isc.org/downloads
Operators and package maintainers who prefer to apply patches selectively can
find individual vulnerability-specific patches in the "patches" subdirectory
of the release directories for our two stable release branches (4.4 and 4.1-ESV)
https://downloads.isc.org/isc/dhcp/4.4.2-P1/patches
https://downloads.isc.org/isc/dhcp/4.1-ESV-R16-P1/patches
With the public announcement of this vulnerability, the embargo
period is ended and any updated software packages that have been
prepared may be released.
Upstream-Status: Accepted [https://www.openwall.com/lists/oss-security/2021/05/26/6]
CVE: CVE-2021-25217
Signed-off-by: Minjae Kim <flowergom@gmail.com>
---
common/parse.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/common/parse.c b/common/parse.c
index 386a632..fc7b39c 100644
--- a/common/parse.c
+++ b/common/parse.c
@@ -3,7 +3,7 @@
Common parser code for dhcpd and dhclient. */
/*
- * Copyright (c) 2004-2019 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2021 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 1995-2003 by Internet Software Consortium
*
* This Source Code Form is subject to the terms of the Mozilla Public
@@ -5556,13 +5556,14 @@ int parse_X (cfile, buf, max)
skip_to_semi (cfile);
return 0;
}
- convert_num (cfile, &buf [len], val, 16, 8);
- if (len++ > max) {
+ if (len >= max) {
parse_warn (cfile,
"hexadecimal constant too long.");
skip_to_semi (cfile);
return 0;
}
+ convert_num (cfile, &buf [len], val, 16, 8);
+ len++;
token = peek_token (&val, (unsigned *)0, cfile);
if (token == COLON)
token = next_token (&val,
--
2.17.1

View File

@@ -10,6 +10,7 @@ SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.pat
file://0012-dhcp-correct-the-intention-for-xml2-lib-search.patch \
file://0013-fixup_use_libbind.patch \
file://0001-workaround-busybox-limitation-in-linux-dhclient-script.patch \
file://CVE-2021-25217.patch \
"
SRC_URI[md5sum] = "2afdaf8498dc1edaf3012efdd589b3e1"

View File

@@ -0,0 +1,97 @@
From b3855ff053f5078ec3d3c653cdaedefaa5fc362d Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 18 Sep 2020 05:23:03 +0000
Subject: upstream: tweak the client hostkey preference ordering algorithm to
prefer the default ordering if the user has a key that matches the
best-preference default algorithm.
feedback and ok markus@
OpenBSD-Commit-ID: a92dd7d7520ddd95c0a16786a7519e6d0167d35f
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
---
sshconnect2.c | 41 ++++++++++++++++++++++++++++++++++++++---
1 file changed, 38 insertions(+), 3 deletions(-)
CVE: CVE-2020-14145
Upstream-Status: Backport [https://anongit.mindrot.org/openssh.git/patch/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d]
Comment: Refreshed first hunk
diff --git a/sshconnect2.c b/sshconnect2.c
index 347e348c..f64aae66 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.320 2020/02/06 22:48:23 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.326 2020/09/18 05:23:03 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -102,12 +102,25 @@ verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh)
return 0;
}
+/* Returns the first item from a comma-separated algorithm list */
+static char *
+first_alg(const char *algs)
+{
+ char *ret, *cp;
+
+ ret = xstrdup(algs);
+ if ((cp = strchr(ret, ',')) != NULL)
+ *cp = '\0';
+ return ret;
+}
+
static char *
order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
{
- char *oavail, *avail, *first, *last, *alg, *hostname, *ret;
+ char *oavail = NULL, *avail = NULL, *first = NULL, *last = NULL;
+ char *alg = NULL, *hostname = NULL, *ret = NULL, *best = NULL;
size_t maxlen;
- struct hostkeys *hostkeys;
+ struct hostkeys *hostkeys = NULL;
int ktype;
u_int i;
@@ -119,6 +132,26 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
for (i = 0; i < options.num_system_hostfiles; i++)
load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]);
+ /*
+ * If a plain public key exists that matches the type of the best
+ * preference HostkeyAlgorithms, then use the whole list as is.
+ * Note that we ignore whether the best preference algorithm is a
+ * certificate type, as sshconnect.c will downgrade certs to
+ * plain keys if necessary.
+ */
+ best = first_alg(options.hostkeyalgorithms);
+ if (lookup_key_in_hostkeys_by_type(hostkeys,
+ sshkey_type_plain(sshkey_type_from_name(best)), NULL)) {
+ debug3("%s: have matching best-preference key type %s, "
+ "using HostkeyAlgorithms verbatim", __func__, best);
+ ret = xstrdup(options.hostkeyalgorithms);
+ goto out;
+ }
+
+ /*
+ * Otherwise, prefer the host key algorithms that match known keys
+ * while keeping the ordering of HostkeyAlgorithms as much as possible.
+ */
oavail = avail = xstrdup(options.hostkeyalgorithms);
maxlen = strlen(avail) + 1;
first = xmalloc(maxlen);
@@ -159,6 +192,8 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
if (*first != '\0')
debug3("%s: prefer hostkeyalgs: %s", __func__, first);
+ out:
+ free(best);
free(first);
free(last);
free(hostname);
--
cgit v1.2.3

View File

@@ -24,6 +24,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
file://sshd_check_keys \
file://add-test-support-for-busybox.patch \
file://CVE-2020-14145.patch \
"
SRC_URI[md5sum] = "3076e6413e8dbe56d33848c1054ac091"
SRC_URI[sha256sum] = "43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671"
@@ -35,7 +36,17 @@ CVE_CHECK_WHITELIST += "CVE-2007-2768"
# and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded
CVE_CHECK_WHITELIST += "CVE-2014-9278"
# CVE only applies to some distributed RHEL binaries
# As per upstream, because of the way scp is based on a historical protocol called rcp
# which relies on that style of argument passing and therefore encounters expansion
# problems. Making changes to how the scp command line works breaks the pattern used
# by scp consumers. Upstream therefore recommends the use of rsync in the place of
# scp for better security. https://bugzilla.redhat.com/show_bug.cgi?id=1860487
CVE_CHECK_WHITELIST += "CVE-2020-15778"
# CVE-2008-3844 was reported in OpenSSH on Red Hat Enterprise Linux and
# certain packages may have been compromised. This CVE is not applicable
# as our source is OpenBSD. https://securitytracker.com/id?1020730
# https://www.securityfocus.com/bid/30794
CVE_CHECK_WHITELIST += "CVE-2008-3844"
PAM_SRC_URI = "file://sshd"

View File

@@ -0,0 +1,51 @@
From fe791386ebc270219ca00406c9fdadc5130b64ee Mon Sep 17 00:00:00 2001
From: Samuel Sapalski <samuel.sapalski@nokia.com>
Date: Wed, 3 Mar 2021 16:31:22 +0100
Subject: [PATCH] decompress_gunzip: Fix DoS if gzip is corrupt
On certain corrupt gzip files, huft_build will set the error bit on
the result pointer. If afterwards abort_unzip is called huft_free
might run into a segmentation fault or an invalid pointer to
free(p).
In order to mitigate this, we check in huft_free if the error bit
is set and clear it before the linked list is freed.
Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream-Status: Backport
CVE: CVE-2021-28831
Comment: One hunk from this patch is removed as it was not relevant.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Akash Hadke <Akash.Hadke@kpit.com>
---
archival/libarchive/decompress_gunzip.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c
index eb3b64930..e93cd5005 100644
--- a/archival/libarchive/decompress_gunzip.c
+++ b/archival/libarchive/decompress_gunzip.c
@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = {
* each table.
* t: table to free
*/
+#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
+#define ERR_RET ((huft_t*)(uintptr_t)1)
static void huft_free(huft_t *p)
{
huft_t *q;
+ /*
+ * If 'p' has the error bit set we have to clear it, otherwise we might run
+ * into a segmentation fault or an invalid pointer to free(p)
+ */
+ if (BAD_HUFT(p)) {
+ p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET));
+ }
+
/* Go through linked list, freeing from the malloced (t[-1]) address. */
while (p) {
q = (--p)->v.t;

View File

@@ -0,0 +1,81 @@
From ceb378209f953ea745ed93a8645567196380ce3c Mon Sep 17 00:00:00 2001
From: Andrej Valek <andrej.valek@siemens.com>
Date: Thu, 24 Jun 2021 19:13:22 +0200
Subject: [PATCH] mktemp: add tmpdir option
Make mktemp more compatible with coreutils.
- add "--tmpdir" option
- add long variants for "d,q,u" options
Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2021-June/088932.html]
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
coreutils/mktemp.c | 26 ++++++++++++++++++--------
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/coreutils/mktemp.c b/coreutils/mktemp.c
index 5393320a5..05c6d98c6 100644
--- a/coreutils/mktemp.c
+++ b/coreutils/mktemp.c
@@ -39,16 +39,17 @@
//kbuild:lib-$(CONFIG_MKTEMP) += mktemp.o
//usage:#define mktemp_trivial_usage
-//usage: "[-dt] [-p DIR] [TEMPLATE]"
+//usage: "[-dt] [-p DIR, --tmpdir[=DIR]] [TEMPLATE]"
//usage:#define mktemp_full_usage "\n\n"
//usage: "Create a temporary file with name based on TEMPLATE and print its name.\n"
//usage: "TEMPLATE must end with XXXXXX (e.g. [/dir/]nameXXXXXX).\n"
//usage: "Without TEMPLATE, -t tmp.XXXXXX is assumed.\n"
-//usage: "\n -d Make directory, not file"
-//usage: "\n -q Fail silently on errors"
-//usage: "\n -t Prepend base directory name to TEMPLATE"
-//usage: "\n -p DIR Use DIR as a base directory (implies -t)"
-//usage: "\n -u Do not create anything; print a name"
+//usage: "\n -d Make directory, not file"
+//usage: "\n -q Fail silently on errors"
+//usage: "\n -t Prepend base directory name to TEMPLATE"
+//usage: "\n -p DIR, --tmpdir[=DIR] Use DIR as a base directory (implies -t)"
+//usage: "\n For --tmpdir is a optional one."
+//usage: "\n -u Do not create anything; print a name"
//usage: "\n"
//usage: "\nBase directory is: -p DIR, else $TMPDIR, else /tmp"
//usage:
@@ -72,13 +73,22 @@ int mktemp_main(int argc UNUSED_PARAM, char **argv)
OPT_t = 1 << 2,
OPT_p = 1 << 3,
OPT_u = 1 << 4,
+ OPT_td = 1 << 5,
};
path = getenv("TMPDIR");
if (!path || path[0] == '\0')
path = "/tmp";
- opts = getopt32(argv, "^" "dqtp:u" "\0" "?1"/*1 arg max*/, &path);
+ opts = getopt32long(argv, "^"
+ "dqtp:u\0"
+ "?1" /* 1 arg max */,
+ "directory\0" No_argument "d"
+ "quiet\0" No_argument "q"
+ "dry-run\0" No_argument "u"
+ "tmpdir\0" Optional_argument "\xff"
+ , &path, &path
+ );
chp = argv[optind];
if (!chp) {
@@ -95,7 +105,7 @@ int mktemp_main(int argc UNUSED_PARAM, char **argv)
goto error;
}
#endif
- if (opts & (OPT_t|OPT_p))
+ if (opts & (OPT_t|OPT_p|OPT_td))
chp = concat_path_file(path, chp);
if (opts & OPT_u) {
--
2.11.0

View File

@@ -50,7 +50,9 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
file://busybox-CVE-2018-1000500.patch \
file://0001-hwclock-make-glibc-2.31-compatible.patch \
"
file://0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch \
file://0001-mktemp-add-tmpdir-option.patch \
"
SRC_URI_append_libc-musl = " file://musl.cfg "
SRC_URI[tarball.md5sum] = "70913edaf2263a157393af07565c17f0"

File diff suppressed because it is too large Load Diff

View File

@@ -1,30 +1,27 @@
From 10342e6b600858b091bc7771e454d9e06af06410 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Thu, 2 Nov 2017 18:20:57 +0800
From da433dbe79f2d4d5d7d79869c669594c99c5de9c Mon Sep 17 00:00:00 2001
From: Jasper Orschulko <jasper@fancydomain.eu>
Date: Wed, 16 Jun 2021 19:00:30 +0200
Subject: [PATCH] Add CC tag to build
Add CC tag to build
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
---
Makefile.in | 2 +-
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.in b/Makefile.in
index 9560a95..d444bd6 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -319,7 +319,7 @@ LIBCURRENT = @LIBCURRENT@
LIBOBJS = @LIBOBJS@
LIBREVISION = @LIBREVISION@
LIBS = @LIBS@
-LIBTOOL = @LIBTOOL@
+LIBTOOL = @LIBTOOL@ --tag CC
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
diff --git a/Makefile.am b/Makefile.am
index 5e1d37dd..f7a6dece 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -36,7 +36,7 @@ AUTOMAKE_OPTIONS = \
subdir-objects
ACLOCAL_AMFLAGS = -I m4
-LIBTOOLFLAGS = --verbose
+LIBTOOLFLAGS = --verbose --tag=CC
SUBDIRS = lib # lib goes first to build first
if WITH_EXAMPLES
--
2.7.4
2.32.0

View File

@@ -6,17 +6,17 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"
SRC_URI = "${SOURCEFORGE_MIRROR}/expat/expat-${PV}.tar.bz2 \
SRC_URI = "git://github.com/libexpat/libexpat.git;protocol=https \
file://CVE-2013-0340.patch \
file://libtool-tag.patch \
"
"
SRC_URI[md5sum] = "875a2c2ff3e8eb9e5a5cd62db2033ab5"
SRC_URI[sha256sum] = "f1063084dc4302a427dabcca499c8312b3a32a29b7d2506653ecc8f950a9a237"
SRCREV = "a7bc26b69768f7fb24f0c7976fae24b157b85b13"
inherit autotools lib_package
do_configure_prepend () {
rm -f ${S}/conftools/libtool.m4
}
S = "${WORKDIR}/git/expat"
BBCLASSEXTEND = "native nativesdk"
CVE_PRODUCT = "expat libexpat"

View File

@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.31/master"
PV = "2.31+git${SRCPV}"
SRCREV_glibc ?= "f84949f1c4bbf20e6a1d9a5859cf012cde060ede"
SRCREV_glibc ?= "4f0a61f75385c9a5879cbe7202042e88f692a3c8"
SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"

View File

@@ -2,6 +2,7 @@
import sys
import os
import subprocess
import resource
env = os.environ.copy()
args = sys.argv[1:]
@@ -44,6 +45,14 @@ if targettype == "user":
qemuargs += ["-L", sysroot]
qemuargs += ["-E", "LD_LIBRARY_PATH={}".format(":".join(libpaths))]
command = qemuargs + args
# We've seen qemu-arm using up all system memory for some glibc
# tests e.g. nptl/tst-pthread-timedlock-lockloop
# Cap at 8GB since no test should need more than that
# (5GB adds 7 failures for qemuarm glibc test run)
limit = 8*1024*1024*1024
resource.setrlimit(resource.RLIMIT_AS, (limit, limit))
elif targettype == "ssh":
host = os.environ.get("SSH_HOST", None)
user = os.environ.get("SSH_HOST_USER", None)

View File

@@ -67,8 +67,8 @@ rootfs_run() {
# It is unlikely to change, but keep trying anyway.
# Perhaps we pick a different device next time.
umount $ROOTFS_DIR
fi
fi
fi
fi
debug "Sleeping for $delay second(s) to wait root to settle..."
sleep $delay

View File

@@ -0,0 +1,53 @@
From bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2 Mon Sep 17 00:00:00 2001
From: Joel Hockey <joel.hockey@gmail.com>
Date: Sun, 16 Aug 2020 17:19:35 -0700
Subject: [PATCH] Validate UTF8 in xmlEncodeEntities
Code is currently assuming UTF-8 without validating. Truncated UTF-8
input can cause out-of-bounds array access.
Adds further checks to partial fix in 50f06b3e.
Fixes #178
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2]
CVE: CVE-2021-3517
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
entities.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/entities.c b/entities.c
index 37b99a56..1a8f86f0 100644
--- a/entities.c
+++ b/entities.c
@@ -704,11 +704,25 @@ xmlEncodeEntitiesInternal(xmlDocPtr doc, const xmlChar *input, int attr) {
} else {
/*
* We assume we have UTF-8 input.
+ * It must match either:
+ * 110xxxxx 10xxxxxx
+ * 1110xxxx 10xxxxxx 10xxxxxx
+ * 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * That is:
+ * cur[0] is 11xxxxxx
+ * cur[1] is 10xxxxxx
+ * cur[2] is 10xxxxxx if cur[0] is 111xxxxx
+ * cur[3] is 10xxxxxx if cur[0] is 1111xxxx
+ * cur[0] is not 11111xxx
*/
char buf[11], *ptr;
int val = 0, l = 1;
- if (*cur < 0xC0) {
+ if (((cur[0] & 0xC0) != 0xC0) ||
+ ((cur[1] & 0xC0) != 0x80) ||
+ (((cur[0] & 0xE0) == 0xE0) && ((cur[2] & 0xC0) != 0x80)) ||
+ (((cur[0] & 0xF0) == 0xF0) && ((cur[3] & 0xC0) != 0x80)) ||
+ (((cur[0] & 0xF8) == 0xF8))) {
xmlEntitiesErr(XML_CHECK_NOT_UTF8,
"xmlEncodeEntities: input not UTF-8");
if (doc != NULL)
--
GitLab

View File

@@ -0,0 +1,112 @@
From ac82a514e16eb81b4506e2cba1a1ee45b9f025b5 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Wed, 10 Jun 2020 16:34:52 +0200
Subject: [PATCH 1/2] Don't recurse into xi:include children in
xmlXIncludeDoProcess
Otherwise, nested xi:include nodes might result in a use-after-free
if XML_PARSE_NOXINCNODE is specified.
Found with libFuzzer and ASan.
Upstream-Status: Backport [from fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1954243]
The upstream patch 752e5f71d7cea2ca5a7e7c0b8f72ed04ce654be4 has been modified,
as to avoid unnecessary modifications to fallback files.
CVE: CVE-2021-3518
Signed-off-by: Jasper Orschulko <Jasper.Orschulko@iris-sensing.com>
---
xinclude.c | 24 ++++++++++--------------
1 file changed, 10 insertions(+), 14 deletions(-)
diff --git a/xinclude.c b/xinclude.c
index ba850fa5..f260c1a7 100644
--- a/xinclude.c
+++ b/xinclude.c
@@ -2392,21 +2392,19 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
* First phase: lookup the elements in the document
*/
cur = tree;
- if (xmlXIncludeTestNode(ctxt, cur) == 1)
- xmlXIncludePreProcessNode(ctxt, cur);
while ((cur != NULL) && (cur != tree->parent)) {
/* TODO: need to work on entities -> stack */
- if ((cur->children != NULL) &&
- (cur->children->type != XML_ENTITY_DECL) &&
- (cur->children->type != XML_XINCLUDE_START) &&
- (cur->children->type != XML_XINCLUDE_END)) {
- cur = cur->children;
- if (xmlXIncludeTestNode(ctxt, cur))
- xmlXIncludePreProcessNode(ctxt, cur);
- } else if (cur->next != NULL) {
+ if (xmlXIncludeTestNode(ctxt, cur) == 1) {
+ xmlXIncludePreProcessNode(ctxt, cur);
+ } else if ((cur->children != NULL) &&
+ (cur->children->type != XML_ENTITY_DECL) &&
+ (cur->children->type != XML_XINCLUDE_START) &&
+ (cur->children->type != XML_XINCLUDE_END)) {
+ cur = cur->children;
+ continue;
+ }
+ if (cur->next != NULL) {
cur = cur->next;
- if (xmlXIncludeTestNode(ctxt, cur))
- xmlXIncludePreProcessNode(ctxt, cur);
} else {
if (cur == tree)
break;
@@ -2416,8 +2414,6 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
break; /* do */
if (cur->next != NULL) {
cur = cur->next;
- if (xmlXIncludeTestNode(ctxt, cur))
- xmlXIncludePreProcessNode(ctxt, cur);
break; /* do */
}
} while (cur != NULL);
--
2.32.0
From 3ad5ac1e39e3cd42f838c1cd27ffd4e9b79e6121 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Thu, 22 Apr 2021 19:26:28 +0200
Subject: [PATCH 2/2] Fix user-after-free with `xmllint --xinclude --dropdtd`
The --dropdtd option can leave dangling pointers in entity reference
nodes. Make sure to skip these nodes when processing XIncludes.
This also avoids scanning entity declarations and even modifying
them inadvertently during XInclude processing.
Move from a block list to an allow list approach to avoid descending
into other node types that can't contain elements.
Fixes #237.
Upstream-Status: Backport
CVE: CVE-2021-3518
Signed-off-by: Jasper Orschulko <Jasper.Orschulko@iris-sensing.com>
---
xinclude.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/xinclude.c b/xinclude.c
index f260c1a7..d7648529 100644
--- a/xinclude.c
+++ b/xinclude.c
@@ -2397,9 +2397,8 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) {
if (xmlXIncludeTestNode(ctxt, cur) == 1) {
xmlXIncludePreProcessNode(ctxt, cur);
} else if ((cur->children != NULL) &&
- (cur->children->type != XML_ENTITY_DECL) &&
- (cur->children->type != XML_XINCLUDE_START) &&
- (cur->children->type != XML_XINCLUDE_END)) {
+ ((cur->type == XML_DOCUMENT_NODE) ||
+ (cur->type == XML_ELEMENT_NODE))) {
cur = cur->children;
continue;
}
--
2.32.0

View File

@@ -0,0 +1,50 @@
From babe75030c7f64a37826bb3342317134568bef61 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Sat, 1 May 2021 16:53:33 +0200
Subject: [PATCH] Propagate error in xmlParseElementChildrenContentDeclPriv
Check return value of recursive calls to
xmlParseElementChildrenContentDeclPriv and return immediately in case
of errors. Otherwise, struct xmlElementContent could contain unexpected
null pointers, leading to a null deref when post-validating documents
which aren't well-formed and parsed in recovery mode.
Fixes #243.
Upstream-Status: Backport
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61]
CVE: CVE-2021-3537
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
parser.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/parser.c b/parser.c
index b42e6043..73c27edd 100644
--- a/parser.c
+++ b/parser.c
@@ -6208,6 +6208,8 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
SKIP_BLANKS;
cur = ret = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
depth + 1);
+ if (cur == NULL)
+ return(NULL);
SKIP_BLANKS;
GROW;
} else {
@@ -6341,6 +6343,11 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
SKIP_BLANKS;
last = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
depth + 1);
+ if (last == NULL) {
+ if (ret != NULL)
+ xmlFreeDocElementContent(ctxt->myDoc, ret);
+ return(NULL);
+ }
SKIP_BLANKS;
} else {
elem = xmlParseName(ctxt);
--
GitLab

View File

@@ -1,28 +1,33 @@
Add 'install-ptest' rule. Print a standard result line for
each test.
From 6172ccd1e74bc181f5298f19e240234e12876abe Mon Sep 17 00:00:00 2001
From: Tony Tascioglu <tony.tascioglu@windriver.com>
Date: Tue, 11 May 2021 11:57:46 -0400
Subject: [PATCH] Add 'install-ptest' rule.
Print a standard result line for each test.
Signed-off-by: Mihaela Sendrea <mihaela.sendrea@enea.com>
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Upstream-Status: Backport
Upstream-Status: Pending
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
---
Makefile.am | 9 ++++
Makefile.am | 9 +++
runsuite.c | 1 +
runtest.c | 2 +
runxmlconf.c | 1 +
testapi.c | 122 ++++++++++++++++++++++++++++++---------------
testchar.c | 156 +++++++++++++++++++++++++++++++++++++++++-----------------
testapi.c | 122 ++++++++++++++++++++++++++-------------
testchar.c | 156 +++++++++++++++++++++++++++++++++++---------------
testdict.c | 1 +
testlimits.c | 1 +
testrecurse.c | 2 +
9 files changed, 210 insertions(+), 85 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 9c630be..7cfd04b 100644
index 05d1671f..ae622745 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -202,6 +202,15 @@ runxmlconf_LDADD= $(LDADDS)
@@ -198,6 +198,15 @@ runxmlconf_LDADD= $(LDADDS)
#testOOM_DEPENDENCIES = $(DEPS)
#testOOM_LDADD= $(LDADDS)
@@ -39,10 +44,10 @@ index 9c630be..7cfd04b 100644
testchar$(EXEEXT) testdict$(EXEEXT) runxmlconf$(EXEEXT)
[ -d test ] || $(LN_S) $(srcdir)/test .
diff --git a/runsuite.c b/runsuite.c
index aaab13e..9ba2c5d 100644
index d24b5ec3..f7ff2521 100644
--- a/runsuite.c
+++ b/runsuite.c
@@ -1162,6 +1162,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) {
@@ -1147,6 +1147,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) {
if (logfile != NULL)
fclose(logfile);
@@ -51,10 +56,10 @@ index aaab13e..9ba2c5d 100644
}
#else /* !SCHEMAS */
diff --git a/runtest.c b/runtest.c
index addda5c..8ba5d59 100644
index ffa98d04..470f95cb 100644
--- a/runtest.c
+++ b/runtest.c
@@ -4501,6 +4501,7 @@ launchTests(testDescPtr tst) {
@@ -4508,6 +4508,7 @@ launchTests(testDescPtr tst) {
xmlCharEncCloseFunc(ebcdicHandler);
xmlCharEncCloseFunc(eucJpHandler);
@@ -62,7 +67,7 @@ index addda5c..8ba5d59 100644
return(err);
}
@@ -4577,6 +4578,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) {
@@ -4588,6 +4589,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) {
xmlCleanupParser();
xmlMemoryDump();
@@ -71,7 +76,7 @@ index addda5c..8ba5d59 100644
}
diff --git a/runxmlconf.c b/runxmlconf.c
index cef20f4..4f291fb 100644
index 70f61017..e882b3a1 100644
--- a/runxmlconf.c
+++ b/runxmlconf.c
@@ -595,6 +595,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) {
@@ -83,7 +88,7 @@ index cef20f4..4f291fb 100644
}
diff --git a/testapi.c b/testapi.c
index 4a751e2..7ccc066 100644
index ff8b470d..52b51d78 100644
--- a/testapi.c
+++ b/testapi.c
@@ -1246,49 +1246,91 @@ static int
@@ -219,7 +224,7 @@ index 4a751e2..7ccc066 100644
}
diff --git a/testchar.c b/testchar.c
index 0d08792..f555d3b 100644
index 6866a175..7bce0132 100644
--- a/testchar.c
+++ b/testchar.c
@@ -23,7 +23,7 @@ static void errorHandler(void *unused, xmlErrorPtr err) {
@@ -797,7 +802,7 @@ index 0d08792..f555d3b 100644
/*
* Cleanup function for the XML library.
diff --git a/testdict.c b/testdict.c
index 40bebd0..114b934 100644
index 40bebd05..114b9347 100644
--- a/testdict.c
+++ b/testdict.c
@@ -440,5 +440,6 @@ int main(void)
@@ -808,7 +813,7 @@ index 40bebd0..114b934 100644
return(ret);
}
diff --git a/testlimits.c b/testlimits.c
index 68c94db..1584434 100644
index 059116a6..f0bee68d 100644
--- a/testlimits.c
+++ b/testlimits.c
@@ -1634,5 +1634,6 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) {
@@ -819,7 +824,7 @@ index 68c94db..1584434 100644
return(ret);
}
diff --git a/testrecurse.c b/testrecurse.c
index f95ae1c..74c8f8b 100644
index 0cbe25a6..3ecadb40 100644
--- a/testrecurse.c
+++ b/testrecurse.c
@@ -892,6 +892,7 @@ launchTests(testDescPtr tst) {
@@ -838,5 +843,5 @@ index f95ae1c..74c8f8b 100644
return(ret);
}
--
2.7.4
2.25.1

View File

@@ -23,6 +23,9 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
file://CVE-2020-7595.patch \
file://CVE-2019-20388.patch \
file://CVE-2020-24977.patch \
file://CVE-2021-3517.patch \
file://CVE-2021-3537.patch \
file://CVE-2021-3518.patch \
"
SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5"
@@ -42,7 +45,7 @@ inherit autotools pkgconfig binconfig-disabled ptest features_check
inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3native', '', d)}
RDEPENDS_${PN}-ptest += "make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}"
RDEPENDS_${PN}-ptest += "bash make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}"
RDEPENDS_${PN}-python += "${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3-core', '', d)}"

View File

@@ -7,7 +7,7 @@ LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f535425934bb5001f2037d9"
SRC_URI = "git://git.yoctoproject.org/update-rc.d"
SRCREV = "4b150b25b38de688d25cde2b2d22c268ed65a748"
SRCREV = "8636cf478d426b568c1be11dbd9346f67e03adac"
UPSTREAM_CHECK_COMMITS = "1"

View File

@@ -97,8 +97,7 @@ SRC_URI = "git://github.com/xrmx/bootchart.git \
"
S = "${WORKDIR}/git"
SRCREV = "331ada031f1d65f6d934d918f896e1c708c64bf7"
PV .= "+git${SRCPV}"
SRCREV = "868a2afab9da34f32c007d773b77253c93104636"
inherit systemd update-rc.d python3native update-alternatives

View File

@@ -9,6 +9,7 @@
#include <argp.h>
#include <stdio.h>
#include <stdlib.h>
#include <dwarf.h>
#include <elfutils/libdw.h>
@@ -83,13 +84,15 @@ process_cu (Dwarf_Die *cu_die)
int
main (int argc, char **argv)
{
char* args[3];
char* args[5];
int res = 0;
Dwfl *dwfl;
Dwarf_Addr bias;
if (argc != 2)
if (argc != 2) {
fprintf(stderr, "Usage %s <file>", argv[0]);
exit(EXIT_FAILURE);
}
// Pretend "dwarfsrcfiles -e <file>" was given, so we can use standard
// dwfl argp parser to open the file for us and get our Dwfl. Useful
@@ -98,8 +101,12 @@ main (int argc, char **argv)
args[0] = argv[0];
args[1] = "-e";
args[2] = argv[1];
// We don't want to follow debug linked files due to the way OE processes
// files, could race against changes in the linked binary (e.g. objcopy on it)
args[3] = "--debuginfo-path";
args[4] = "/not/exist";
argp_parse (dwfl_standard_argp (), 3, args, 0, NULL, &dwfl);
argp_parse (dwfl_standard_argp (), 5, args, 0, NULL, &dwfl);
Dwarf_Die *cu = NULL;
while ((cu = dwfl_nextcu (dwfl, cu, &bias)) != NULL)

View File

@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
SRCREV = "edf8e6f0ea77ede073f07bff0d2ae1fc7a38103b"
PV = "0.29.2+git${SRCPV}"
SRC_URI = "git://anongit.freedesktop.org/pkg-config \
SRC_URI = "git://gitlab.freedesktop.org/pkg-config/pkg-config.git;branch=master;protocol=https \
file://pkg-config-esdk.in \
file://pkg-config-native.in \
file://fix-glib-configure-libtool-usage.patch \

View File

@@ -112,6 +112,19 @@ do_compile_prepend_class-nativesdk () {
fi
}
do_compile_append_class-native () {
if [ '${@bb.data.inherits_class('uninative', d)}' = 'True' ]; then
for i in PSEUDO_PORT_UNIX_SYNCFS PSEUDO_PORT_UIDS_GENERIC PSEUDO_PORT_LINUX_NEWCLONE PSEUDO_PORT_LINUX_XATTR PSEUDO_PORT_LINUX_STATVFS; do
grep $i.1 ${S}/pseudo_ports.h
if [ $? != 0 ]; then
echo "$i not enabled in pseudo which is incompatible with uninative"
exit 1
fi
done
fi
}
do_install () {
oe_runmake 'DESTDIR=${D}' ${MAKEOPTS} 'LIB=lib/pseudo/lib$(MARK64)' install
}

View File

@@ -6,7 +6,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \
file://fallback-group \
"
SRCREV = "ee24ebec9e5a11dd5208c9be2870f35eab3b9e20"
SRCREV = "b988b0a6b8afd8d459bc9a2528e834f63a3d59b2"
S = "${WORKDIR}/git"
PV = "1.9.0+git${SRCPV}"

View File

@@ -1,248 +0,0 @@
From 0b297d4ff1c0e4480ad33acae793fbaf4bf015b4 Mon Sep 17 00:00:00 2001
From: Victor Stinner <vstinner@python.org>
Date: Thu, 2 Apr 2020 02:52:20 +0200
Subject: [PATCH] bpo-39503: CVE-2020-8492: Fix AbstractBasicAuthHandler
(GH-18284)
Upstream-Status: Backport
(https://github.com/python/cpython/commit/0b297d4ff1c0e4480ad33acae793fbaf4bf015b4)
CVE: CVE-2020-8492
The AbstractBasicAuthHandler class of the urllib.request module uses
an inefficient regular expression which can be exploited by an
attacker to cause a denial of service. Fix the regex to prevent the
catastrophic backtracking. Vulnerability reported by Ben Caller
and Matt Schwager.
AbstractBasicAuthHandler of urllib.request now parses all
WWW-Authenticate HTTP headers and accepts multiple challenges per
header: use the realm of the first Basic challenge.
Co-Authored-By: Serhiy Storchaka <storchaka@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
---
Lib/test/test_urllib2.py | 90 ++++++++++++-------
Lib/urllib/request.py | 69 ++++++++++----
.../2020-03-25-16-02-16.bpo-39503.YmMbYn.rst | 3 +
.../2020-01-30-16-15-29.bpo-39503.B299Yq.rst | 5 ++
4 files changed, 115 insertions(+), 52 deletions(-)
create mode 100644 Misc/NEWS.d/next/Library/2020-03-25-16-02-16.bpo-39503.YmMbYn.rst
create mode 100644 Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst
diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py
index 8abedaac98..e69ac3e213 100644
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1446,40 +1446,64 @@ class HandlerTests(unittest.TestCase):
bypass = {'exclude_simple': True, 'exceptions': []}
self.assertTrue(_proxy_bypass_macosx_sysconf('test', bypass))
- def test_basic_auth(self, quote_char='"'):
- opener = OpenerDirector()
- password_manager = MockPasswordManager()
- auth_handler = urllib.request.HTTPBasicAuthHandler(password_manager)
- realm = "ACME Widget Store"
- http_handler = MockHTTPHandler(
- 401, 'WWW-Authenticate: Basic realm=%s%s%s\r\n\r\n' %
- (quote_char, realm, quote_char))
- opener.add_handler(auth_handler)
- opener.add_handler(http_handler)
- self._test_basic_auth(opener, auth_handler, "Authorization",
- realm, http_handler, password_manager,
- "http://acme.example.com/protected",
- "http://acme.example.com/protected",
- )
-
- def test_basic_auth_with_single_quoted_realm(self):
- self.test_basic_auth(quote_char="'")
-
- def test_basic_auth_with_unquoted_realm(self):
- opener = OpenerDirector()
- password_manager = MockPasswordManager()
- auth_handler = urllib.request.HTTPBasicAuthHandler(password_manager)
- realm = "ACME Widget Store"
- http_handler = MockHTTPHandler(
- 401, 'WWW-Authenticate: Basic realm=%s\r\n\r\n' % realm)
- opener.add_handler(auth_handler)
- opener.add_handler(http_handler)
- with self.assertWarns(UserWarning):
+ def check_basic_auth(self, headers, realm):
+ with self.subTest(realm=realm, headers=headers):
+ opener = OpenerDirector()
+ password_manager = MockPasswordManager()
+ auth_handler = urllib.request.HTTPBasicAuthHandler(password_manager)
+ body = '\r\n'.join(headers) + '\r\n\r\n'
+ http_handler = MockHTTPHandler(401, body)
+ opener.add_handler(auth_handler)
+ opener.add_handler(http_handler)
self._test_basic_auth(opener, auth_handler, "Authorization",
- realm, http_handler, password_manager,
- "http://acme.example.com/protected",
- "http://acme.example.com/protected",
- )
+ realm, http_handler, password_manager,
+ "http://acme.example.com/protected",
+ "http://acme.example.com/protected")
+
+ def test_basic_auth(self):
+ realm = "realm2@example.com"
+ realm2 = "realm2@example.com"
+ basic = f'Basic realm="{realm}"'
+ basic2 = f'Basic realm="{realm2}"'
+ other_no_realm = 'Otherscheme xxx'
+ digest = (f'Digest realm="{realm2}", '
+ f'qop="auth, auth-int", '
+ f'nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", '
+ f'opaque="5ccc069c403ebaf9f0171e9517f40e41"')
+ for realm_str in (
+ # test "quote" and 'quote'
+ f'Basic realm="{realm}"',
+ f"Basic realm='{realm}'",
+
+ # charset is ignored
+ f'Basic realm="{realm}", charset="UTF-8"',
+
+ # Multiple challenges per header
+ f'{basic}, {basic2}',
+ f'{basic}, {other_no_realm}',
+ f'{other_no_realm}, {basic}',
+ f'{basic}, {digest}',
+ f'{digest}, {basic}',
+ ):
+ headers = [f'WWW-Authenticate: {realm_str}']
+ self.check_basic_auth(headers, realm)
+
+ # no quote: expect a warning
+ with support.check_warnings(("Basic Auth Realm was unquoted",
+ UserWarning)):
+ headers = [f'WWW-Authenticate: Basic realm={realm}']
+ self.check_basic_auth(headers, realm)
+
+ # Multiple headers: one challenge per header.
+ # Use the first Basic realm.
+ for challenges in (
+ [basic, basic2],
+ [basic, digest],
+ [digest, basic],
+ ):
+ headers = [f'WWW-Authenticate: {challenge}'
+ for challenge in challenges]
+ self.check_basic_auth(headers, realm)
def test_proxy_basic_auth(self):
opener = OpenerDirector()
diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py
index 7fe50535da..2a3d71554f 100644
--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -937,8 +937,15 @@ class AbstractBasicAuthHandler:
# allow for double- and single-quoted realm values
# (single quotes are a violation of the RFC, but appear in the wild)
- rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+'
- 'realm=(["\']?)([^"\']*)\\2', re.I)
+ rx = re.compile('(?:^|,)' # start of the string or ','
+ '[ \t]*' # optional whitespaces
+ '([^ \t]+)' # scheme like "Basic"
+ '[ \t]+' # mandatory whitespaces
+ # realm=xxx
+ # realm='xxx'
+ # realm="xxx"
+ 'realm=(["\']?)([^"\']*)\\2',
+ re.I)
# XXX could pre-emptively send auth info already accepted (RFC 2617,
# end of section 2, and section 1.2 immediately after "credentials"
@@ -950,27 +957,51 @@ class AbstractBasicAuthHandler:
self.passwd = password_mgr
self.add_password = self.passwd.add_password
+ def _parse_realm(self, header):
+ # parse WWW-Authenticate header: accept multiple challenges per header
+ found_challenge = False
+ for mo in AbstractBasicAuthHandler.rx.finditer(header):
+ scheme, quote, realm = mo.groups()
+ if quote not in ['"', "'"]:
+ warnings.warn("Basic Auth Realm was unquoted",
+ UserWarning, 3)
+
+ yield (scheme, realm)
+
+ found_challenge = True
+
+ if not found_challenge:
+ if header:
+ scheme = header.split()[0]
+ else:
+ scheme = ''
+ yield (scheme, None)
+
def http_error_auth_reqed(self, authreq, host, req, headers):
# host may be an authority (without userinfo) or a URL with an
# authority
- # XXX could be multiple headers
- authreq = headers.get(authreq, None)
+ headers = headers.get_all(authreq)
+ if not headers:
+ # no header found
+ return
- if authreq:
- scheme = authreq.split()[0]
- if scheme.lower() != 'basic':
- raise ValueError("AbstractBasicAuthHandler does not"
- " support the following scheme: '%s'" %
- scheme)
- else:
- mo = AbstractBasicAuthHandler.rx.search(authreq)
- if mo:
- scheme, quote, realm = mo.groups()
- if quote not in ['"',"'"]:
- warnings.warn("Basic Auth Realm was unquoted",
- UserWarning, 2)
- if scheme.lower() == 'basic':
- return self.retry_http_basic_auth(host, req, realm)
+ unsupported = None
+ for header in headers:
+ for scheme, realm in self._parse_realm(header):
+ if scheme.lower() != 'basic':
+ unsupported = scheme
+ continue
+
+ if realm is not None:
+ # Use the first matching Basic challenge.
+ # Ignore following challenges even if they use the Basic
+ # scheme.
+ return self.retry_http_basic_auth(host, req, realm)
+
+ if unsupported is not None:
+ raise ValueError("AbstractBasicAuthHandler does not "
+ "support the following scheme: %r"
+ % (scheme,))
def retry_http_basic_auth(self, host, req, realm):
user, pw = self.passwd.find_user_password(realm, host)
diff --git a/Misc/NEWS.d/next/Library/2020-03-25-16-02-16.bpo-39503.YmMbYn.rst b/Misc/NEWS.d/next/Library/2020-03-25-16-02-16.bpo-39503.YmMbYn.rst
new file mode 100644
index 0000000000..be80ce79d9
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2020-03-25-16-02-16.bpo-39503.YmMbYn.rst
@@ -0,0 +1,3 @@
+:class:`~urllib.request.AbstractBasicAuthHandler` of :mod:`urllib.request`
+now parses all WWW-Authenticate HTTP headers and accepts multiple challenges
+per header: use the realm of the first Basic challenge.
diff --git a/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst b/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst
new file mode 100644
index 0000000000..9f2800581c
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst
@@ -0,0 +1,5 @@
+CVE-2020-8492: The :class:`~urllib.request.AbstractBasicAuthHandler` class of the
+:mod:`urllib.request` module uses an inefficient regular expression which can
+be exploited by an attacker to cause a denial of service. Fix the regex to
+prevent the catastrophic backtracking. Vulnerability reported by Ben Caller
+and Matt Schwager.
--
2.24.1

View File

@@ -0,0 +1,33 @@
From 7a2bddfa437be633bb6945d0e6b7d6f27da870ad Mon Sep 17 00:00:00 2001
From: Tim Orling <timothy.t.orling@intel.com>
Date: Fri, 18 Jun 2021 11:56:50 -0700
Subject: [PATCH] test_ctypes.test_find: skip without tools-sdk
These tests need full packagegroup-core-buildessential, the
easiest way to dynamically check for that is looking for
'tools-sdk' in IMAGE_FEATURES.
Upstream-Status: Inappropriate [oe-specific]
Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
---
Lib/ctypes/test/test_find.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/Lib/ctypes/test/test_find.py b/Lib/ctypes/test/test_find.py
index 92ac184..0d009d1 100644
--- a/Lib/ctypes/test/test_find.py
+++ b/Lib/ctypes/test/test_find.py
@@ -112,10 +112,12 @@ class FindLibraryLinux(unittest.TestCase):
# LD_LIBRARY_PATH)
self.assertEqual(find_library(libname), 'lib%s.so' % libname)
+ @unittest.skip("Needs IMAGE_FEATURES += \"tools-sdk\"")
def test_find_library_with_gcc(self):
with unittest.mock.patch("ctypes.util._findSoname_ldconfig", lambda *args: None):
self.assertNotEqual(find_library('c'), None)
+ @unittest.skip("Needs IMAGE_FEATURES += \"tools-sdk\"")
def test_find_library_with_ld(self):
with unittest.mock.patch("ctypes.util._findSoname_ldconfig", lambda *args: None), \
unittest.mock.patch("ctypes.util._findLib_gcc", lambda *args: None):

View File

@@ -1,6 +1,6 @@
From b94995e0c694ec9561efec0d1a59b323340e6105 Mon Sep 17 00:00:00 2001
From: Mingli Yu <mingli.yu@windriver.com>
Date: Mon, 5 Aug 2019 15:57:39 +0800
From e11787d373baa6d7b0e0d94aff8ccd373203bfb1 Mon Sep 17 00:00:00 2001
From: Tim Orling <ticotimo@gmail.com>
Date: Wed, 16 Jun 2021 07:49:52 -0700
Subject: [PATCH] test_locale.py: correct the test output format
Before this patch:
@@ -24,23 +24,25 @@ Before this patch:
Upstream-Status: Submitted [https://github.com/python/cpython/pull/15132]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Refresh patch for upstream changes in 3.8.9
Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
---
Lib/test/test_locale.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Lib/test/test_locale.py b/Lib/test/test_locale.py
index e2c2178..558d63c 100644
index 39091c0..5050f3d 100644
--- a/Lib/test/test_locale.py
+++ b/Lib/test/test_locale.py
@@ -527,7 +527,7 @@ class TestMiscellaneous(unittest.TestCase):
@@ -563,7 +563,7 @@ class TestMiscellaneous(unittest.TestCase):
self.skipTest('test needs Turkish locale')
loc = locale.getlocale(locale.LC_CTYPE)
if verbose:
- print('testing with %a' % (loc,), end=' ', flush=True)
+ print('testing with %a...' % (loc,), end=' ', flush=True)
locale.setlocale(locale.LC_CTYPE, loc)
self.assertEqual(loc, locale.getlocale(locale.LC_CTYPE))
--
2.7.4
try:
locale.setlocale(locale.LC_CTYPE, loc)
except locale.Error as exc:

View File

@@ -1,44 +0,0 @@
From a06a6bf4e67a50561f6d6fb33534df1d3035ea34 Mon Sep 17 00:00:00 2001
From: Rishi <rishi_devan@mail.com>
Date: Wed, 15 Jul 2020 13:51:00 +0200
Subject: [PATCH] bpo-39017: Avoid infinite loop in the tarfile module
(GH-21454)
Avoid infinite loop when reading specially crafted TAR files using the tarfile module
(CVE-2019-20907).
(cherry picked from commit 5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4)
Co-authored-by: Rishi <rishi_devan@mail.com>
Removed testing 'recursion.tar' tar file due to binary data
Upstream-Status: Backport [https://github.com/python/cpython/commit/c55479556db015f48fc8bbca17f64d3e65598559]
CVE: CVE-2019-20907
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
---
Lib/tarfile.py | 2 ++
.../2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst | 1 +
4 files changed, 10 insertions(+)
create mode 100644 Lib/test/recursion.tar
create mode 100644 Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst
diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index d31b9cbb51d65..7a69e1b1aa544 100755
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -1241,6 +1241,8 @@ def _proc_pax(self, tarfile):
length, keyword = match.groups()
length = int(length)
+ if length == 0:
+ raise InvalidHeaderError("invalid header")
value = buf[match.end(2) + 1:match.start(1) + length - 1]
# Normally, we could just use "utf-8" as the encoding and "strict"
diff --git a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst
new file mode 100644
index 0000000000000..ad26676f8b856
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst
@@ -0,0 +1 @@
+Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907).

View File

@@ -1,77 +0,0 @@
From dc8ce8ead182de46584cc1ed8a8c51d48240cbd5 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
<31488909+miss-islington@users.noreply.github.com>
Date: Mon, 29 Jun 2020 11:12:50 -0700
Subject: [PATCH] bpo-41004: Resolve hash collisions for IPv4Interface and
IPv6Interface (GH-21033)
The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
of generating constant hash values of 32 and 128 respectively causing hash collisions.
The fix uses the hash() function to generate hash values for the objects
instead of XOR operation
(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
Upstream-Status: Backport [https://github.com/python/cpython/commit/dc8ce8ead182de46584cc1ed8a8c51d48240cbd5]
CVE: CVE-2020-14422
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
Lib/ipaddress.py | 4 ++--
Lib/test/test_ipaddress.py | 12 ++++++++++++
.../2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst | 1 +
3 files changed, 15 insertions(+), 2 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
index 873c7644081af..a3a04f7f4b309 100644
--- a/Lib/ipaddress.py
+++ b/Lib/ipaddress.py
@@ -1370,7 +1370,7 @@ def __lt__(self, other):
return False
def __hash__(self):
- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
__reduce__ = _IPAddressBase.__reduce__
@@ -2017,7 +2017,7 @@ def __lt__(self, other):
return False
def __hash__(self):
- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
__reduce__ = _IPAddressBase.__reduce__
diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
index de77111705b69..2eba740e5e7a4 100644
--- a/Lib/test/test_ipaddress.py
+++ b/Lib/test/test_ipaddress.py
@@ -2053,6 +2053,18 @@ def testsixtofour(self):
sixtofouraddr.sixtofour)
self.assertFalse(bad_addr.sixtofour)
+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+ def testV4HashIsNotConstant(self):
+ ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
+ ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
+ self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
+
+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+ def testV6HashIsNotConstant(self):
+ ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
+ ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
+ self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
+
if __name__ == '__main__':
unittest.main()
diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
new file mode 100644
index 0000000000000..1380b31fbe9f4
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
@@ -0,0 +1 @@
+The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).

View File

@@ -1,104 +0,0 @@
From 668d321476d974c4f51476b33aaca870272523bf Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
<31488909+miss-islington@users.noreply.github.com>
Date: Sat, 18 Jul 2020 13:39:12 -0700
Subject: [PATCH] bpo-39603: Prevent header injection in http methods
(GH-18485)
reject control chars in http method in http.client.putrequest to prevent http header injection
(cherry picked from commit 8ca8a2e8fb068863c1138f07e3098478ef8be12e)
Co-authored-by: AMIR <31338382+amiremohamadi@users.noreply.github.com>
Upstream-Status: Backport [https://github.com/python/cpython/commit/668d321476d974c4f51476b33aaca870272523bf]
CVE: CVE-2020-26116
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
Lib/http/client.py | 15 +++++++++++++
Lib/test/test_httplib.py | 22 +++++++++++++++++++
.../2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst | 2 ++
3 files changed, 39 insertions(+)
create mode 100644 Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst
diff --git a/Lib/http/client.py b/Lib/http/client.py
index 019380a720318..c2ad0471bfee5 100644
--- a/Lib/http/client.py
+++ b/Lib/http/client.py
@@ -147,6 +147,10 @@
# _is_allowed_url_pchars_re = re.compile(r"^[/!$&'()*+,;=:@%a-zA-Z0-9._~-]+$")
# We are more lenient for assumed real world compatibility purposes.
+# These characters are not allowed within HTTP method names
+# to prevent http header injection.
+_contains_disallowed_method_pchar_re = re.compile('[\x00-\x1f]')
+
# We always set the Content-Length header for these methods because some
# servers will otherwise respond with a 411
_METHODS_EXPECTING_BODY = {'PATCH', 'POST', 'PUT'}
@@ -1087,6 +1091,8 @@ def putrequest(self, method, url, skip_host=False,
else:
raise CannotSendRequest(self.__state)
+ self._validate_method(method)
+
# Save the method for use later in the response phase
self._method = method
@@ -1177,6 +1183,15 @@ def _encode_request(self, request):
# ASCII also helps prevent CVE-2019-9740.
return request.encode('ascii')
+ def _validate_method(self, method):
+ """Validate a method name for putrequest."""
+ # prevent http header injection
+ match = _contains_disallowed_method_pchar_re.search(method)
+ if match:
+ raise ValueError(
+ f"method can't contain control characters. {method!r} "
+ f"(found at least {match.group()!r})")
+
def _validate_path(self, url):
"""Validate a url for putrequest."""
# Prevent CVE-2019-9740.
diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py
index 8f0e27a1fb836..5a5fcecbc9c15 100644
--- a/Lib/test/test_httplib.py
+++ b/Lib/test/test_httplib.py
@@ -364,6 +364,28 @@ def test_headers_debuglevel(self):
self.assertEqual(lines[3], "header: Second: val2")
+class HttpMethodTests(TestCase):
+ def test_invalid_method_names(self):
+ methods = (
+ 'GET\r',
+ 'POST\n',
+ 'PUT\n\r',
+ 'POST\nValue',
+ 'POST\nHOST:abc',
+ 'GET\nrHost:abc\n',
+ 'POST\rRemainder:\r',
+ 'GET\rHOST:\n',
+ '\nPUT'
+ )
+
+ for method in methods:
+ with self.assertRaisesRegex(
+ ValueError, "method can't contain control characters"):
+ conn = client.HTTPConnection('example.com')
+ conn.sock = FakeSocket(None)
+ conn.request(method=method, url="/")
+
+
class TransferEncodingTest(TestCase):
expected_body = b"It's just a flesh wound"
diff --git a/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst b/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst
new file mode 100644
index 0000000000000..990affc3edd9d
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-02-12-14-17-39.bpo-39603.Gt3RSg.rst
@@ -0,0 +1,2 @@
+Prevent http header injection by rejecting control characters in
+http.client.putrequest(...).

View File

@@ -1,70 +0,0 @@
From 6c6c256df3636ff6f6136820afaefa5a10a3ac33 Mon Sep 17 00:00:00 2001
From: "Miss Skeleton (bot)" <31488909+miss-islington@users.noreply.github.com>
Date: Tue, 6 Oct 2020 05:38:54 -0700
Subject: [PATCH] bpo-41944: No longer call eval() on content received via HTTP
in the CJK codec tests (GH-22566) (GH-22577)
(cherry picked from commit 2ef5caa58febc8968e670e39e3d37cf8eef3cab8)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Upstream-Status: Backport [https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33]
CVE: CVE-2020-27619
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
Lib/test/multibytecodec_support.py | 22 +++++++------------
.../2020-10-05-17-43-46.bpo-41944.rf1dYb.rst | 1 +
2 files changed, 9 insertions(+), 14 deletions(-)
create mode 100644 Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
diff --git a/Lib/test/multibytecodec_support.py b/Lib/test/multibytecodec_support.py
index cca8af67d6d1d..f76c0153f5ecf 100644
--- a/Lib/test/multibytecodec_support.py
+++ b/Lib/test/multibytecodec_support.py
@@ -305,29 +305,23 @@ def test_mapping_file(self):
self._test_mapping_file_plain()
def _test_mapping_file_plain(self):
- unichrs = lambda s: ''.join(map(chr, map(eval, s.split('+'))))
+ def unichrs(s):
+ return ''.join(chr(int(x, 16)) for x in s.split('+'))
+
urt_wa = {}
with self.open_mapping_file() as f:
for line in f:
if not line:
break
- data = line.split('#')[0].strip().split()
+ data = line.split('#')[0].split()
if len(data) != 2:
continue
- csetval = eval(data[0])
- if csetval <= 0x7F:
- csetch = bytes([csetval & 0xff])
- elif csetval >= 0x1000000:
- csetch = bytes([(csetval >> 24), ((csetval >> 16) & 0xff),
- ((csetval >> 8) & 0xff), (csetval & 0xff)])
- elif csetval >= 0x10000:
- csetch = bytes([(csetval >> 16), ((csetval >> 8) & 0xff),
- (csetval & 0xff)])
- elif csetval >= 0x100:
- csetch = bytes([(csetval >> 8), (csetval & 0xff)])
- else:
+ if data[0][:2] != '0x':
+ self.fail(f"Invalid line: {line!r}")
+ csetch = bytes.fromhex(data[0][2:])
+ if len(csetch) == 1 and 0x80 <= csetch[0]:
continue
unich = unichrs(data[1])
diff --git a/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst b/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
new file mode 100644
index 0000000000000..4f9782f1c85af
--- /dev/null
+++ b/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
@@ -0,0 +1 @@
+Tests for CJK codecs no longer call ``eval()`` on content received via HTTP.

View File

@@ -1,191 +0,0 @@
From ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
<31488909+miss-islington@users.noreply.github.com>
Date: Mon, 18 Jan 2021 13:28:52 -0800
Subject: [PATCH] closes bpo-42938: Replace snprintf with Python unicode
formatting in ctypes param reprs. (GH-24248)
(cherry picked from commit 916610ef90a0d0761f08747f7b0905541f0977c7)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
Co-authored-by: Benjamin Peterson <benjamin@python.org>
CVE: CVE-2021-3177
Upstream-Status: Backport [https://github.com/python/cpython/commit/ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
Lib/ctypes/test/test_parameters.py | 43 ++++++++++++++++
.../2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst | 2 +
Modules/_ctypes/callproc.c | 51 +++++++------------
3 files changed, 64 insertions(+), 32 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
diff --git a/Lib/ctypes/test/test_parameters.py b/Lib/ctypes/test/test_parameters.py
index e4c25fd880cef..531894fdec838 100644
--- a/Lib/ctypes/test/test_parameters.py
+++ b/Lib/ctypes/test/test_parameters.py
@@ -201,6 +201,49 @@ def __dict__(self):
with self.assertRaises(ZeroDivisionError):
WorseStruct().__setstate__({}, b'foo')
+ def test_parameter_repr(self):
+ from ctypes import (
+ c_bool,
+ c_char,
+ c_wchar,
+ c_byte,
+ c_ubyte,
+ c_short,
+ c_ushort,
+ c_int,
+ c_uint,
+ c_long,
+ c_ulong,
+ c_longlong,
+ c_ulonglong,
+ c_float,
+ c_double,
+ c_longdouble,
+ c_char_p,
+ c_wchar_p,
+ c_void_p,
+ )
+ self.assertRegex(repr(c_bool.from_param(True)), r"^<cparam '\?' at 0x[A-Fa-f0-9]+>$")
+ self.assertEqual(repr(c_char.from_param(97)), "<cparam 'c' ('a')>")
+ self.assertRegex(repr(c_wchar.from_param('a')), r"^<cparam 'u' at 0x[A-Fa-f0-9]+>$")
+ self.assertEqual(repr(c_byte.from_param(98)), "<cparam 'b' (98)>")
+ self.assertEqual(repr(c_ubyte.from_param(98)), "<cparam 'B' (98)>")
+ self.assertEqual(repr(c_short.from_param(511)), "<cparam 'h' (511)>")
+ self.assertEqual(repr(c_ushort.from_param(511)), "<cparam 'H' (511)>")
+ self.assertRegex(repr(c_int.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
+ self.assertRegex(repr(c_uint.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
+ self.assertRegex(repr(c_long.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
+ self.assertRegex(repr(c_ulong.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
+ self.assertRegex(repr(c_longlong.from_param(20000)), r"^<cparam '[liq]' \(20000\)>$")
+ self.assertRegex(repr(c_ulonglong.from_param(20000)), r"^<cparam '[LIQ]' \(20000\)>$")
+ self.assertEqual(repr(c_float.from_param(1.5)), "<cparam 'f' (1.5)>")
+ self.assertEqual(repr(c_double.from_param(1.5)), "<cparam 'd' (1.5)>")
+ self.assertEqual(repr(c_double.from_param(1e300)), "<cparam 'd' (1e+300)>")
+ self.assertRegex(repr(c_longdouble.from_param(1.5)), r"^<cparam ('d' \(1.5\)|'g' at 0x[A-Fa-f0-9]+)>$")
+ self.assertRegex(repr(c_char_p.from_param(b'hihi')), "^<cparam 'z' \(0x[A-Fa-f0-9]+\)>$")
+ self.assertRegex(repr(c_wchar_p.from_param('hihi')), "^<cparam 'Z' \(0x[A-Fa-f0-9]+\)>$")
+ self.assertRegex(repr(c_void_p.from_param(0x12)), r"^<cparam 'P' \(0x0*12\)>$")
+
################################################################
if __name__ == '__main__':
diff --git a/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
new file mode 100644
index 0000000000000..7df65a156feab
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
@@ -0,0 +1,2 @@
+Avoid static buffers when computing the repr of :class:`ctypes.c_double` and
+:class:`ctypes.c_longdouble` values.
diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
index a9b8675cd951b..de75918d49f37 100644
--- a/Modules/_ctypes/callproc.c
+++ b/Modules/_ctypes/callproc.c
@@ -484,58 +484,47 @@ is_literal_char(unsigned char c)
static PyObject *
PyCArg_repr(PyCArgObject *self)
{
- char buffer[256];
switch(self->tag) {
case 'b':
case 'B':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.b);
- break;
case 'h':
case 'H':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.h);
- break;
case 'i':
case 'I':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.i);
- break;
case 'l':
case 'L':
- sprintf(buffer, "<cparam '%c' (%ld)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%ld)>",
self->tag, self->value.l);
- break;
case 'q':
case 'Q':
- sprintf(buffer,
-#ifdef MS_WIN32
- "<cparam '%c' (%I64d)>",
-#else
- "<cparam '%c' (%lld)>",
-#endif
+ return PyUnicode_FromFormat("<cparam '%c' (%lld)>",
self->tag, self->value.q);
- break;
case 'd':
- sprintf(buffer, "<cparam '%c' (%f)>",
- self->tag, self->value.d);
- break;
- case 'f':
- sprintf(buffer, "<cparam '%c' (%f)>",
- self->tag, self->value.f);
- break;
-
+ case 'f': {
+ PyObject *f = PyFloat_FromDouble((self->tag == 'f') ? self->value.f : self->value.d);
+ if (f == NULL) {
+ return NULL;
+ }
+ PyObject *result = PyUnicode_FromFormat("<cparam '%c' (%R)>", self->tag, f);
+ Py_DECREF(f);
+ return result;
+ }
case 'c':
if (is_literal_char((unsigned char)self->value.c)) {
- sprintf(buffer, "<cparam '%c' ('%c')>",
+ return PyUnicode_FromFormat("<cparam '%c' ('%c')>",
self->tag, self->value.c);
}
else {
- sprintf(buffer, "<cparam '%c' ('\\x%02x')>",
+ return PyUnicode_FromFormat("<cparam '%c' ('\\x%02x')>",
self->tag, (unsigned char)self->value.c);
}
- break;
/* Hm, are these 'z' and 'Z' codes useful at all?
Shouldn't they be replaced by the functionality of c_string
@@ -544,22 +533,20 @@ PyCArg_repr(PyCArgObject *self)
case 'z':
case 'Z':
case 'P':
- sprintf(buffer, "<cparam '%c' (%p)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%p)>",
self->tag, self->value.p);
break;
default:
if (is_literal_char((unsigned char)self->tag)) {
- sprintf(buffer, "<cparam '%c' at %p>",
+ return PyUnicode_FromFormat("<cparam '%c' at %p>",
(unsigned char)self->tag, (void *)self);
}
else {
- sprintf(buffer, "<cparam 0x%02x at %p>",
+ return PyUnicode_FromFormat("<cparam 0x%02x at %p>",
(unsigned char)self->tag, (void *)self);
}
- break;
}
- return PyUnicode_FromString(buffer);
}
static PyMemberDef PyCArgType_members[] = {

View File

@@ -1,10 +1,10 @@
SUMMARY = "The Python Programming Language"
HOMEPAGE = "http://www.python.org"
DESCRIPTION = "Python is a programming language that lets you work more quickly and integrate your systems more effectively."
LICENSE = "PSFv2"
LICENSE = "PSF-2.0 & BSD-0-Clause"
SECTION = "devel/python"
LIC_FILES_CHKSUM = "file://LICENSE;md5=203a6dbc802ee896020a47161e759642"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c22d2438294c784731bf9dd224a467b7"
SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://run-ptest \
@@ -33,12 +33,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0001-configure.ac-fix-LIBPL.patch \
file://0001-python3-Do-not-hardcode-lib-for-distutils.patch \
file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \
file://0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch \
file://CVE-2019-20907.patch \
file://CVE-2020-14422.patch \
file://CVE-2020-26116.patch \
file://CVE-2020-27619.patch \
file://CVE-2021-3177.patch \
file://0001-test_ctypes.test_find-skip-without-tools-sdk.patch \
"
SRC_URI_append_class-native = " \
@@ -47,8 +42,8 @@ SRC_URI_append_class-native = " \
file://0001-Don-t-search-system-for-headers-libraries.patch \
"
SRC_URI[md5sum] = "e9d6ebc92183a177b8e8a58cad5b8d67"
SRC_URI[sha256sum] = "2646e7dc233362f59714c6193017bb2d6f7b38d6ab4a0cb5fbac5c36c4d845df"
SRC_URI[md5sum] = "d9eee4b20155553830a2025e4dcaa7b3"
SRC_URI[sha256sum] = "6af24a66093dd840bcccf371d4044a3027e655cf24591ce26e48022bc79219d9"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
@@ -78,7 +73,7 @@ ALTERNATIVE_LINK_NAME[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config
ALTERNATIVE_TARGET[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config-${MULTILIB_SUFFIX}"
DEPENDS = "bzip2-replacement-native libffi bzip2 openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2"
DEPENDS = "bzip2-replacement-native libffi bzip2 openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2 autoconf-archive"
DEPENDS_append_class-target = " python3-native"
DEPENDS_append_class-nativesdk = " python3-native"
@@ -337,6 +332,7 @@ PACKAGES =+ "libpython3 libpython3-staticdev"
FILES_libpython3 = "${libdir}/libpython*.so.*"
FILES_libpython3-staticdev += "${libdir}/python${PYTHON_MAJMIN}/config-${PYTHON_MAJMIN}-*/libpython${PYTHON_MAJMIN}.a"
INSANE_SKIP_${PN}-dev += "dev-elf"
INSANE_SKIP_${PN}-ptest += "dev-deps"
# catch all the rest (unsorted)
PACKAGES += "${PN}-misc"
@@ -352,7 +348,7 @@ FILES_${PN}-man = "${datadir}/man"
# See https://bugs.python.org/issue18748 and https://bugs.python.org/issue37395
RDEPENDS_libpython3_append_libc-glibc = " libgcc"
RDEPENDS_${PN}-ctypes_append_libc-glibc = " ${MLPREFIX}ldconfig"
RDEPENDS_${PN}-ptest = "${PN}-modules ${PN}-tests unzip bzip2 libgcc tzdata-europe coreutils sed"
RDEPENDS_${PN}-ptest = "${PN}-modules ${PN}-tests ${PN}-dev unzip bzip2 libgcc tzdata-europe coreutils sed"
RDEPENDS_${PN}-ptest_append_libc-glibc = " locale-base-tr-tr.iso-8859-9"
RDEPENDS_${PN}-tkinter += "${@bb.utils.contains('PACKAGECONFIG', 'tk', 'tk tk-lib', '', d)}"
RDEPENDS_${PN}-dev = ""

View File

@@ -0,0 +1,362 @@
SUMMARY = "The Python Programming Language"
HOMEPAGE = "http://www.python.org"
DESCRIPTION = "Python is a programming language that lets you work more quickly and integrate your systems more effectively."
LICENSE = "PSF-2.0 & BSD-0-Clause"
SECTION = "devel/python"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c22d2438294c784731bf9dd224a467b7"
SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://run-ptest \
file://create_manifest3.py \
file://get_module_deps3.py \
file://python3-manifest.json \
file://check_build_completeness.py \
file://cgi_py.patch \
file://0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch \
${@bb.utils.contains('PACKAGECONFIG', 'tk', '', 'file://avoid_warning_about_tkinter.patch', d)} \
file://0001-Do-not-use-the-shell-version-of-python-config-that-w.patch \
file://python-config.patch \
file://0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch \
file://0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch \
file://0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch \
file://0001-Lib-sysconfig.py-fix-another-place-where-lib-is-hard.patch \
file://0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch \
file://0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch \
file://crosspythonpath.patch \
file://reformat_sysconfig.py \
file://0001-Use-FLAG_REF-always-for-interned-strings.patch \
file://0001-test_locale.py-correct-the-test-output-format.patch \
file://0017-setup.py-do-not-report-missing-dependencies-for-disa.patch \
file://0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch \
file://0001-Makefile-do-not-compile-.pyc-in-parallel.patch \
file://0001-configure.ac-fix-LIBPL.patch \
file://0001-python3-Do-not-hardcode-lib-for-distutils.patch \
file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \
"
SRC_URI_append_class-native = " \
file://0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch \
file://12-distutils-prefix-is-inside-staging-area.patch \
file://0001-Don-t-search-system-for-headers-libraries.patch \
"
SRC_URI[md5sum] = "5840ba601128f48fee4e7c98fbdac65d"
SRC_URI[sha256sum] = "fb1a1114ebfe9e97199603c6083e20b236a0e007a2c51f29283ffb50c1420fb2"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
CVE_PRODUCT = "python"
# Upstream consider this expected behaviour
CVE_CHECK_WHITELIST += "CVE-2007-4559"
# This is not exploitable when glibc has CVE-2016-10739 fixed.
CVE_CHECK_WHITELIST += "CVE-2019-18348"
# This is windows only issue.
CVE_CHECK_WHITELIST += "CVE-2020-15523"
PYTHON_MAJMIN = "3.8"
S = "${WORKDIR}/Python-${PV}"
BBCLASSEXTEND = "native nativesdk"
inherit autotools pkgconfig qemu ptest multilib_header update-alternatives
MULTILIB_SUFFIX = "${@d.getVar('base_libdir',1).split('/')[-1]}"
ALTERNATIVE_${PN}-dev = "python3-config"
ALTERNATIVE_LINK_NAME[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config"
ALTERNATIVE_TARGET[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config-${MULTILIB_SUFFIX}"
DEPENDS = "bzip2-replacement-native libffi bzip2 openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2 autoconf-archive"
DEPENDS_append_class-target = " python3-native"
DEPENDS_append_class-nativesdk = " python3-native"
EXTRA_OECONF = " --without-ensurepip --enable-shared"
EXTRA_OECONF_append_class-native = " --bindir=${bindir}/${PN}"
export CROSSPYTHONPATH="${STAGING_LIBDIR_NATIVE}/python${PYTHON_MAJMIN}/lib-dynload/"
EXTRANATIVEPATH += "python3-native"
CACHED_CONFIGUREVARS = " \
ac_cv_file__dev_ptmx=yes \
ac_cv_file__dev_ptc=no \
ac_cv_working_tzset=yes \
"
python() {
# PGO currently causes builds to not be reproducible, so disable it for
# now. See YOCTO #13407
if bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', True, False, d) and d.getVar('BUILD_REPRODUCIBLE_BINARIES') != '1':
d.setVar('PACKAGECONFIG_PGO', 'pgo')
else:
d.setVar('PACKAGECONFIG_PGO', '')
}
PACKAGECONFIG_class-target ??= "readline ${PACKAGECONFIG_PGO} gdbm"
PACKAGECONFIG_class-native ??= "readline gdbm"
PACKAGECONFIG_class-nativesdk ??= "readline gdbm"
PACKAGECONFIG[readline] = ",,readline"
# Use profile guided optimisation by running PyBench inside qemu-user
PACKAGECONFIG[pgo] = "--enable-optimizations,,qemu-native"
PACKAGECONFIG[tk] = ",,tk"
PACKAGECONFIG[gdbm] = ",,gdbm"
do_configure_prepend () {
mkdir -p ${B}/Modules
cat > ${B}/Modules/Setup.local << EOF
*disabled*
${@bb.utils.contains('PACKAGECONFIG', 'gdbm', '', '_gdbm _dbm', d)}
${@bb.utils.contains('PACKAGECONFIG', 'readline', '', 'readline', d)}
EOF
}
CPPFLAGS_append = " -I${STAGING_INCDIR}/ncursesw -I${STAGING_INCDIR}/uuid"
EXTRA_OEMAKE = '\
STAGING_LIBDIR=${STAGING_LIBDIR} \
STAGING_INCDIR=${STAGING_INCDIR} \
LIB=${baselib} \
'
do_compile_prepend_class-target() {
if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then
qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_TARGET}', ['${B}', '${STAGING_DIR_TARGET}/${base_libdir}'])}"
cat >pgo-wrapper <<EOF
#!/bin/sh
cd ${B}
$qemu_binary "\$@"
EOF
chmod +x pgo-wrapper
fi
}
do_install_prepend() {
${WORKDIR}/check_build_completeness.py ${T}/log.do_compile
}
do_install_append_class-target() {
oe_multilib_header python${PYTHON_MAJMIN}/pyconfig.h
}
do_install_append_class-native() {
# Make sure we use /usr/bin/env python
for PYTHSCRIPT in `grep -rIl ${bindir}/${PN}/python ${D}${bindir}/${PN}`; do
sed -i -e '1s|^#!.*|#!/usr/bin/env python3|' $PYTHSCRIPT
done
# Add a symlink to the native Python so that scripts can just invoke
# "nativepython" and get the right one without needing absolute paths
# (these often end up too long for the #! parser in the kernel as the
# buffer is 128 bytes long).
ln -s python3-native/python3 ${D}${bindir}/nativepython3
}
do_install_append() {
mkdir -p ${D}${libdir}/python-sysconfigdata
sysconfigfile=`find ${D} -name _sysconfig*.py`
cp $sysconfigfile ${D}${libdir}/python-sysconfigdata/_sysconfigdata.py
sed -i \
-e "s,^ 'LIBDIR'.*, 'LIBDIR': '${STAGING_LIBDIR}'\,,g" \
-e "s,^ 'INCLUDEDIR'.*, 'INCLUDEDIR': '${STAGING_INCDIR}'\,,g" \
-e "s,^ 'CONFINCLUDEDIR'.*, 'CONFINCLUDEDIR': '${STAGING_INCDIR}'\,,g" \
-e "/^ 'INCLDIRSTOMAKE'/{N; s,/usr/include,${STAGING_INCDIR},g}" \
-e "/^ 'INCLUDEPY'/s,/usr/include,${STAGING_INCDIR},g" \
${D}${libdir}/python-sysconfigdata/_sysconfigdata.py
}
do_install_append_class-nativesdk () {
create_wrapper ${D}${bindir}/python${PYTHON_MAJMIN} TERMINFO_DIRS='${sysconfdir}/terminfo:/etc/terminfo:/usr/share/terminfo:/usr/share/misc/terminfo:/lib/terminfo' PYTHONNOUSERSITE='1'
}
SSTATE_SCAN_FILES += "Makefile _sysconfigdata.py"
PACKAGE_PREPROCESS_FUNCS += "py_package_preprocess"
py_package_preprocess () {
# Remove references to buildmachine paths in target Makefile and _sysconfigdata
sed -i -e 's:--sysroot=${STAGING_DIR_TARGET}::g' -e s:'--with-libtool-sysroot=${STAGING_DIR_TARGET}'::g \
-e 's|${DEBUG_PREFIX_MAP}||g' \
-e 's:${HOSTTOOLS_DIR}/::g' \
-e 's:${RECIPE_SYSROOT_NATIVE}::g' \
-e 's:${RECIPE_SYSROOT}::g' \
-e 's:${BASE_WORKDIR}/${MULTIMACH_TARGET_SYS}::g' \
${PKGD}/${libdir}/python${PYTHON_MAJMIN}/config-${PYTHON_MAJMIN}${PYTHON_ABI}*/Makefile \
${PKGD}/${libdir}/python${PYTHON_MAJMIN}/_sysconfigdata*.py \
${PKGD}/${bindir}/python${PYTHON_MAJMIN}-config
# Reformat _sysconfigdata after modifying it so that it remains
# reproducible
for c in ${PKGD}/${libdir}/python${PYTHON_MAJMIN}/_sysconfigdata*.py; do
python3 ${WORKDIR}/reformat_sysconfig.py $c
done
# Recompile _sysconfigdata after modifying it
cd ${PKGD}
sysconfigfile=`find . -name _sysconfigdata_*.py`
${STAGING_BINDIR_NATIVE}/python3-native/python3 \
-c "from py_compile import compile; compile('$sysconfigfile')"
${STAGING_BINDIR_NATIVE}/python3-native/python3 \
-c "from py_compile import compile; compile('$sysconfigfile', optimize=1)"
${STAGING_BINDIR_NATIVE}/python3-native/python3 \
-c "from py_compile import compile; compile('$sysconfigfile', optimize=2)"
cd -
mv ${PKGD}/${bindir}/python${PYTHON_MAJMIN}-config ${PKGD}/${bindir}/python${PYTHON_MAJMIN}-config-${MULTILIB_SUFFIX}
#Remove the unneeded copy of target sysconfig data
rm -rf ${PKGD}/${libdir}/python-sysconfigdata
}
# We want bytecode precompiled .py files (.pyc's) by default
# but the user may set it on their own conf
INCLUDE_PYCS ?= "1"
python(){
import collections, json
filename = os.path.join(d.getVar('THISDIR'), 'python3', 'python3-manifest.json')
# This python changes the datastore based on the contents of a file, so mark
# that dependency.
bb.parse.mark_dependency(d, filename)
with open(filename) as manifest_file:
manifest_str = manifest_file.read()
json_start = manifest_str.find('# EOC') + 6
manifest_file.seek(json_start)
manifest_str = manifest_file.read()
python_manifest = json.loads(manifest_str, object_pairs_hook=collections.OrderedDict)
# First set RPROVIDES for -native case
# Hardcoded since it cant be python3-native-foo, should be python3-foo-native
pn = 'python3'
rprovides = d.getVar('RPROVIDES').split()
# ${PN}-misc-native is not in the manifest
rprovides.append(pn + '-misc-native')
for key in python_manifest:
pypackage = pn + '-' + key + '-native'
if pypackage not in rprovides:
rprovides.append(pypackage)
d.setVar('RPROVIDES_class-native', ' '.join(rprovides))
# Then work on the target
include_pycs = d.getVar('INCLUDE_PYCS')
packages = d.getVar('PACKAGES').split()
pn = d.getVar('PN')
newpackages=[]
for key in python_manifest:
pypackage = pn + '-' + key
if pypackage not in packages:
# We need to prepend, otherwise python-misc gets everything
# so we use a new variable
newpackages.append(pypackage)
# "Build" python's manifest FILES, RDEPENDS and SUMMARY
d.setVar('FILES_' + pypackage, '')
for value in python_manifest[key]['files']:
d.appendVar('FILES_' + pypackage, ' ' + value)
# Add cached files
if include_pycs == '1':
for value in python_manifest[key]['cached']:
d.appendVar('FILES_' + pypackage, ' ' + value)
for value in python_manifest[key]['rdepends']:
# Make it work with or without $PN
if '${PN}' in value:
value=value.split('-', 1)[1]
d.appendVar('RDEPENDS_' + pypackage, ' ' + pn + '-' + value)
for value in python_manifest[key].get('rrecommends', ()):
if '${PN}' in value:
value=value.split('-', 1)[1]
d.appendVar('RRECOMMENDS_' + pypackage, ' ' + pn + '-' + value)
d.setVar('SUMMARY_' + pypackage, python_manifest[key]['summary'])
# Prepending so to avoid python-misc getting everything
packages = newpackages + packages
d.setVar('PACKAGES', ' '.join(packages))
d.setVar('ALLOW_EMPTY_${PN}-modules', '1')
d.setVar('ALLOW_EMPTY_${PN}-pkgutil', '1')
}
# Files needed to create a new manifest
do_create_manifest() {
# This task should be run with every new release of Python.
# We must ensure that PACKAGECONFIG enables everything when creating
# a new manifest, this is to base our new manifest on a complete
# native python build, containing all dependencies, otherwise the task
# wont be able to find the required files.
# e.g. BerkeleyDB is an optional build dependency so it may or may not
# be present, we must ensure it is.
cd ${WORKDIR}
# This needs to be executed by python-native and NOT by HOST's python
nativepython3 create_manifest3.py ${PYTHON_MAJMIN}
cp python3-manifest.json.new ${THISDIR}/python3/python3-manifest.json
}
# bitbake python -c create_manifest
# Make sure we have native python ready when we create a new manifest
addtask do_create_manifest after do_patch do_prepare_recipe_sysroot
# manual dependency additions
RRECOMMENDS_${PN}-core_append_class-nativesdk = " nativesdk-python3-modules"
RRECOMMENDS_${PN}-crypt_append_class-target = " openssl ca-certificates"
RRECOMMENDS_${PN}-crypt_append_class-nativesdk = " openssl ca-certificates"
# For historical reasons PN is empty and provided by python3-modules
FILES_${PN} = ""
RPROVIDES_${PN}-modules = "${PN}"
FILES_${PN}-pydoc += "${bindir}/pydoc${PYTHON_MAJMIN} ${bindir}/pydoc3"
FILES_${PN}-idle += "${bindir}/idle3 ${bindir}/idle${PYTHON_MAJMIN}"
# provide python-pyvenv from python3-venv
RPROVIDES_${PN}-venv += "python3-pyvenv"
# package libpython3
PACKAGES =+ "libpython3 libpython3-staticdev"
FILES_libpython3 = "${libdir}/libpython*.so.*"
FILES_libpython3-staticdev += "${libdir}/python${PYTHON_MAJMIN}/config-${PYTHON_MAJMIN}-*/libpython${PYTHON_MAJMIN}.a"
INSANE_SKIP_${PN}-dev += "dev-elf"
INSANE_SKIP_${PN}-ptest += "dev-deps"
# catch all the rest (unsorted)
PACKAGES += "${PN}-misc"
RDEPENDS_${PN}-misc += "python3-core python3-email python3-codecs python3-pydoc python3-pickle python3-audio"
RDEPENDS_${PN}-modules_append_class-target = " python3-misc"
RDEPENDS_${PN}-modules_append_class-nativesdk = " python3-misc"
FILES_${PN}-misc = "${libdir}/python${PYTHON_MAJMIN} ${libdir}/python${PYTHON_MAJMIN}/lib-dynload"
# catch manpage
PACKAGES += "${PN}-man"
FILES_${PN}-man = "${datadir}/man"
# See https://bugs.python.org/issue18748 and https://bugs.python.org/issue37395
RDEPENDS_libpython3_append_libc-glibc = " libgcc"
RDEPENDS_${PN}-ctypes_append_libc-glibc = " ${MLPREFIX}ldconfig"
RDEPENDS_${PN}-ptest = "${PN}-modules ${PN}-tests ${PN}-dev unzip bzip2 libgcc tzdata-europe coreutils sed"
RDEPENDS_${PN}-ptest_append_libc-glibc = " locale-base-tr-tr.iso-8859-9"
RDEPENDS_${PN}-tkinter += "${@bb.utils.contains('PACKAGECONFIG', 'tk', 'tk tk-lib', '', d)}"
RDEPENDS_${PN}-dev = ""
RDEPENDS_${PN}-tests_append_class-target = " bash"
RDEPENDS_${PN}-tests_append_class-nativesdk = " bash"
# Python's tests contain large numbers of files we don't need in the recipe sysroots
SYSROOT_PREPROCESS_FUNCS += " py3_sysroot_cleanup"
py3_sysroot_cleanup () {
rm -rf ${SYSROOT_DESTDIR}${libdir}/python${PYTHON_MAJMIN}/test
}

View File

@@ -0,0 +1,197 @@
From 1e5b70cab83c95aa138107a38ecda75ff70e8985 Mon Sep 17 00:00:00 2001
From: Minjae Kim <flowergom@gmail.com>
Date: Thu, 24 Jun 2021 01:11:26 +0000
Subject: [PATCH] Be much more careful about copying data from the signature
header
Only look for known tags, and ensure correct type and size where known
before copying over. Bump the old arbitrary 16k count limit to 16M limit
though, it's not inconceivable that a package could have that many files.
While at it, ensure none of these tags exist in the main header,
which would confuse us greatly.
This is optimized for backporting ease, upstream can remove redundancies
and further improve checking later.
Reported and initial patches by Demi Marie Obenour.
Fixes: RhBug:1935049, RhBug:1933867, RhBug:1935035, RhBug:1934125, ...
Fixes: CVE-2021-3421, CVE-2021-20271
Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21]
CVE: CVE-2021-3421
Signed-off-by: Minjae Kim <flowergom@gmail.com>
---
lib/package.c | 115 ++++++++++++++++++++++++--------------------------
lib/rpmtag.h | 4 ++
2 files changed, 58 insertions(+), 61 deletions(-)
diff --git a/lib/package.c b/lib/package.c
index 081123d84e..7c26ea323f 100644
--- a/lib/package.c
+++ b/lib/package.c
@@ -20,76 +20,68 @@
#include "debug.h"
+struct taglate_s {
+ rpmTagVal stag;
+ rpmTagVal xtag;
+ rpm_count_t count;
+} const xlateTags[] = {
+ { RPMSIGTAG_SIZE, RPMTAG_SIGSIZE, 1 },
+ { RPMSIGTAG_PGP, RPMTAG_SIGPGP, 0 },
+ { RPMSIGTAG_MD5, RPMTAG_SIGMD5, 16 },
+ { RPMSIGTAG_GPG, RPMTAG_SIGGPG, 0 },
+ /* { RPMSIGTAG_PGP5, RPMTAG_SIGPGP5, 0 }, */ /* long obsolete, dont use */
+ { RPMSIGTAG_PAYLOADSIZE, RPMTAG_ARCHIVESIZE, 1 },
+ { RPMSIGTAG_FILESIGNATURES, RPMTAG_FILESIGNATURES, 0 },
+ { RPMSIGTAG_FILESIGNATURELENGTH, RPMTAG_FILESIGNATURELENGTH, 1 },
+ { RPMSIGTAG_SHA1, RPMTAG_SHA1HEADER, 1 },
+ { RPMSIGTAG_SHA256, RPMTAG_SHA256HEADER, 1 },
+ { RPMSIGTAG_DSA, RPMTAG_DSAHEADER, 0 },
+ { RPMSIGTAG_RSA, RPMTAG_RSAHEADER, 0 },
+ { RPMSIGTAG_LONGSIZE, RPMTAG_LONGSIGSIZE, 1 },
+ { RPMSIGTAG_LONGARCHIVESIZE, RPMTAG_LONGARCHIVESIZE, 1 },
+ { 0 }
+};
+
/** \ingroup header
* Translate and merge legacy signature tags into header.
* @param h header (dest)
* @param sigh signature header (src)
*/
static
-void headerMergeLegacySigs(Header h, Header sigh)
+rpmTagVal headerMergeLegacySigs(Header h, Header sigh, char **msg)
{
- HeaderIterator hi;
+ const struct taglate_s *xl;
struct rpmtd_s td;
- hi = headerInitIterator(sigh);
- for (; headerNext(hi, &td); rpmtdFreeData(&td))
- {
- switch (td.tag) {
- /* XXX Translate legacy signature tag values. */
- case RPMSIGTAG_SIZE:
- td.tag = RPMTAG_SIGSIZE;
- break;
- case RPMSIGTAG_PGP:
- td.tag = RPMTAG_SIGPGP;
- break;
- case RPMSIGTAG_MD5:
- td.tag = RPMTAG_SIGMD5;
- break;
- case RPMSIGTAG_GPG:
- td.tag = RPMTAG_SIGGPG;
- break;
- case RPMSIGTAG_PGP5:
- td.tag = RPMTAG_SIGPGP5;
- break;
- case RPMSIGTAG_PAYLOADSIZE:
- td.tag = RPMTAG_ARCHIVESIZE;
- break;
- case RPMSIGTAG_SHA1:
- case RPMSIGTAG_SHA256:
- case RPMSIGTAG_DSA:
- case RPMSIGTAG_RSA:
- default:
- if (!(td.tag >= HEADER_SIGBASE && td.tag < HEADER_TAGBASE))
- continue;
- break;
- }
- if (!headerIsEntry(h, td.tag)) {
- switch (td.type) {
- case RPM_NULL_TYPE:
- continue;
- break;
- case RPM_CHAR_TYPE:
- case RPM_INT8_TYPE:
- case RPM_INT16_TYPE:
- case RPM_INT32_TYPE:
- case RPM_INT64_TYPE:
- if (td.count != 1)
- continue;
- break;
- case RPM_STRING_TYPE:
- case RPM_BIN_TYPE:
- if (td.count >= 16*1024)
- continue;
- break;
- case RPM_STRING_ARRAY_TYPE:
- case RPM_I18NSTRING_TYPE:
- continue;
- break;
- }
- (void) headerPut(h, &td, HEADERPUT_DEFAULT);
- }
+ rpmtdReset(&td);
+ for (xl = xlateTags; xl->stag; xl++) {
+ /* There mustn't be one in the main header */
+ if (headerIsEntry(h, xl->xtag))
+ break;
+ if (headerGet(sigh, xl->stag, &td, HEADERGET_RAW|HEADERGET_MINMEM)) {
+ /* Translate legacy tags */
+ if (xl->stag != xl->xtag)
+ td.tag = xl->xtag;
+ /* Ensure type and tag size match expectations */
+ if (td.type != rpmTagGetTagType(td.tag))
+ break;
+ if (td.count < 1 || td.count > 16*1024*1024)
+ break;
+ if (xl->count && td.count != xl->count)
+ break;
+ if (!headerPut(h, &td, HEADERPUT_DEFAULT))
+ break;
+ rpmtdFreeData(&td);
+ }
+ }
+ rpmtdFreeData(&td);
+
+ if (xl->stag) {
+ rasprintf(msg, "invalid signature tag %s (%d)",
+ rpmTagGetName(xl->xtag), xl->xtag);
}
- headerFreeIterator(hi);
+
+ return xl->stag;
}
/**
@@ -337,7 +329,8 @@ rpmRC rpmReadPackageFile(rpmts ts, FD_t fd, const char * fn, Header * hdrp)
goto exit;
/* Append (and remap) signature tags to the metadata. */
- headerMergeLegacySigs(h, sigh);
+ if (headerMergeLegacySigs(h, sigh,&msg))
+ goto exit;
applyRetrofits(h);
/* Bump reference count for return. */
diff --git a/lib/rpmtag.h b/lib/rpmtag.h
index 8c718b31b5..d562572c6f 100644
--- a/lib/rpmtag.h
+++ b/lib/rpmtag.h
@@ -65,6 +65,8 @@ typedef enum rpmTag_e {
RPMTAG_LONGARCHIVESIZE = RPMTAG_SIG_BASE+15, /* l */
/* RPMTAG_SIG_BASE+16 reserved */
RPMTAG_SHA256HEADER = RPMTAG_SIG_BASE+17, /* s */
+ /* RPMTAG_SIG_BASE+18 reserved for RPMSIGTAG_FILESIGNATURES */
+ /* RPMTAG_SIG_BASE+19 reserved for RPMSIGTAG_FILESIGNATURELENGTH */
RPMTAG_NAME = 1000, /* s */
#define RPMTAG_N RPMTAG_NAME /* s */
@@ -422,6 +424,8 @@ typedef enum rpmSigTag_e {
RPMSIGTAG_LONGSIZE = RPMTAG_LONGSIGSIZE, /*!< internal Header+Payload size (64bit) in bytes. */
RPMSIGTAG_LONGARCHIVESIZE = RPMTAG_LONGARCHIVESIZE, /*!< internal uncompressed payload size (64bit) in bytes. */
RPMSIGTAG_SHA256 = RPMTAG_SHA256HEADER,
+ RPMSIGTAG_FILESIGNATURES = RPMTAG_SIG_BASE + 18,
+ RPMSIGTAG_FILESIGNATURELENGTH = RPMTAG_SIG_BASE + 19,
} rpmSigTag;
--
2.17.1

View File

@@ -44,6 +44,7 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.14.x \
file://0001-mono-find-provides-requires-do-not-use-monodis-from-.patch \
file://0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch \
file://0001-rpmplugins.c-call-dlerror-prior-to-dlsym.patch \
file://CVE-2021-3421.patch \
"
PE = "1"

View File

@@ -1,40 +0,0 @@
From 8946bb38b4d87549f0d99ed73c62c41933f97cc7 Mon Sep 17 00:00:00 2001
From: Yusuke Endoh <mame@ruby-lang.org>
Date: Tue, 29 Sep 2020 13:15:58 +0900
Subject: [PATCH] Make it more strict to interpret some headers
Some regexps were too tolerant.
Upstream-Status: Backport
[https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7]
CVE: CVE-2020-25613
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
lib/webrick/httprequest.rb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
index 294bd91..d34eac7 100644
--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -227,9 +227,9 @@ def parse(socket=nil)
raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
end
- if /close/io =~ self["connection"]
+ if /\Aclose\z/io =~ self["connection"]
@keep_alive = false
- elsif /keep-alive/io =~ self["connection"]
+ elsif /\Akeep-alive\z/io =~ self["connection"]
@keep_alive = true
elsif @http_version < "1.1"
@keep_alive = false
@@ -508,7 +508,7 @@ def read_body(socket, block)
return unless socket
if tc = self['transfer-encoding']
case tc
- when /chunked/io then read_chunked(socket, block)
+ when /\Achunked\z/io then read_chunked(socket, block)
else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
end
elsif self['content-length'] || @remaining_size

View File

@@ -6,12 +6,11 @@ SRC_URI += " \
file://remove_has_include_macros.patch \
file://run-ptest \
file://0001-Modify-shebang-of-libexec-y2racc-and-libexec-racc2y.patch \
file://CVE-2020-25613.patch \
file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \
"
SRC_URI[md5sum] = "debb9c325bf65021214451660f46e909"
SRC_URI[sha256sum] = "d418483bdd0000576c1370571121a6eb24582116db0b7bb2005e90e250eae418"
SRC_URI[md5sum] = "72ef97685008981de3ddb748d0dab31f"
SRC_URI[sha256sum] = "8925a95e31d8f2c81749025a52a544ea1d05dad18794e6828709268b92e55338"
PACKAGECONFIG ??= ""
PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"

View File

@@ -36,7 +36,7 @@ BBCLASSEXTEND = "native nativesdk"
inherit autotools
EXTRA_OECONF_append_class-native = " --sbindir=${bindir}"
CFLAGS_append = " -I${STAGING_INCDIR}/tirpc"
LDFLAGS_append = " -ltirpc"
EXTRA_OECONF_append = " LIBS=-ltirpc"
# Turn off these header detects else the inode search
# will walk entire file systems and this is a real problem

View File

@@ -107,7 +107,7 @@ VALGRINDARCH_mipsel = "mips32"
VALGRINDARCH_mips64el = "mips64"
VALGRINDARCH_powerpc = "ppc"
VALGRINDARCH_powerpc64 = "ppc64"
VALGRINDARCH_powerpc64el = "ppc64le"
VALGRINDARCH_powerpc64le = "ppc64le"
INHIBIT_PACKAGE_STRIP_FILES = "${PKGD}${libdir}/valgrind/vgpreload_memcheck-${VALGRINDARCH}-linux.so"

View File

@@ -116,3 +116,7 @@ SYSROOT_PREPROCESS_FUNCS += "cups_sysroot_preprocess"
cups_sysroot_preprocess () {
sed -i ${SYSROOT_DESTDIR}${bindir_crossscripts}/cups-config -e 's:cups_datadir=.*:cups_datadir=${datadir}/cups:' -e 's:cups_serverbin=.*:cups_serverbin=${libexecdir}/cups:'
}
# -25317 concerns /var/log/cups having lp ownership. Our /var/log/cups is
# root:root, so this doesn't apply.
CVE_CHECK_WHITELIST += "CVE-2021-25317"

View File

@@ -19,13 +19,17 @@ TZONES= "africa antarctica asia australasia europe northamerica southamerica \
"
# pacificnew
# "slim" is the default since 2020b
# "fat" is needed by e.g. MariaDB's mysql_tzinfo_to_sql
ZIC_FMT ?= "slim"
do_compile () {
for zone in ${TZONES}; do \
${STAGING_BINDIR_NATIVE}/zic -d ${WORKDIR}${datadir}/zoneinfo -L /dev/null \
${STAGING_BINDIR_NATIVE}/zic -b ${ZIC_FMT} -d ${WORKDIR}${datadir}/zoneinfo -L /dev/null \
${S}/${zone} ; \
${STAGING_BINDIR_NATIVE}/zic -d ${WORKDIR}${datadir}/zoneinfo/posix -L /dev/null \
${STAGING_BINDIR_NATIVE}/zic -b ${ZIC_FMT} -d ${WORKDIR}${datadir}/zoneinfo/posix -L /dev/null \
${S}/${zone} ; \
${STAGING_BINDIR_NATIVE}/zic -d ${WORKDIR}${datadir}/zoneinfo/right -L ${S}/leapseconds \
${STAGING_BINDIR_NATIVE}/zic -b ${ZIC_FMT} -d ${WORKDIR}${datadir}/zoneinfo/right -L ${S}/leapseconds \
${S}/${zone} ; \
done
}

View File

@@ -0,0 +1,333 @@
From 5c539ee6aba5872fcc73aa3d46a4e9a33dc030db Mon Sep 17 00:00:00 2001
From: Matthieu Herrb <matthieu@herrb.eu>
Date: Fri, 19 Feb 2021 15:30:39 +0100
Subject: [PATCH] Reject string longer than USHRT_MAX before sending them on
the wire
The X protocol uses CARD16 values to represent the length so
this would overflow.
CVE-2021-31535
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
https://lists.x.org/archives/xorg-announce/2021-May/003088.html
XLookupColor() and other X libraries function lack proper validation
of the length of their string parameters. If those parameters can be
controlled by an external application (for instance a color name that
can be emitted via a terminal control sequence) it can lead to the
emission of extra X protocol requests to the X server.
Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605]
CVE: CVE-2021-31535
Signed-off-by: Jasper Orschulko <Jasper.Orschulko@iris-sensing.com>
---
src/Font.c | 6 ++++--
src/FontInfo.c | 3 +++
src/FontNames.c | 3 +++
src/GetColor.c | 4 ++++
src/LoadFont.c | 4 ++++
src/LookupCol.c | 6 ++++--
src/ParseCol.c | 5 ++++-
src/QuExt.c | 5 +++++
src/SetFPath.c | 8 +++++++-
src/SetHints.c | 7 +++++++
src/StNColor.c | 3 +++
src/StName.c | 7 ++++++-
12 files changed, 54 insertions(+), 7 deletions(-)
diff --git a/src/Font.c b/src/Font.c
index 09d2ae91..3f468e4b 100644
--- a/src/Font.c
+++ b/src/Font.c
@@ -102,6 +102,8 @@ XFontStruct *XLoadQueryFont(
XF86BigfontCodes *extcodes = _XF86BigfontCodes(dpy);
#endif
+ if (strlen(name) >= USHRT_MAX)
+ return NULL;
if (_XF86LoadQueryLocaleFont(dpy, name, &font_result, (Font *)0))
return font_result;
LockDisplay(dpy);
@@ -662,8 +664,8 @@ int _XF86LoadQueryLocaleFont(
if (!name)
return 0;
- l = strlen(name);
- if (l < 2 || name[l - 1] != '*' || name[l - 2] != '-')
+ l = (int) strlen(name);
+ if (l < 2 || name[l - 1] != '*' || name[l - 2] != '-' || l >= USHRT_MAX)
return 0;
charset = NULL;
/* next three lines stolen from _XkbGetCharset() */
diff --git a/src/FontInfo.c b/src/FontInfo.c
index f870e431..51b48e29 100644
--- a/src/FontInfo.c
+++ b/src/FontInfo.c
@@ -58,6 +58,9 @@ XFontStruct **info) /* RETURN */
register xListFontsReq *req;
int j;
+ if (strlen(pattern) >= USHRT_MAX)
+ return NULL;
+
LockDisplay(dpy);
GetReq(ListFontsWithInfo, req);
req->maxNames = maxNames;
diff --git a/src/FontNames.c b/src/FontNames.c
index b78792d6..4dac4916 100644
--- a/src/FontNames.c
+++ b/src/FontNames.c
@@ -51,6 +51,9 @@ int *actualCount) /* RETURN */
register xListFontsReq *req;
unsigned long rlen = 0;
+ if (strlen(pattern) >= USHRT_MAX)
+ return NULL;
+
LockDisplay(dpy);
GetReq(ListFonts, req);
req->maxNames = maxNames;
diff --git a/src/GetColor.c b/src/GetColor.c
index cd0eb9f6..512ac308 100644
--- a/src/GetColor.c
+++ b/src/GetColor.c
@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <stdio.h>
#include "Xlibint.h"
#include "Xcmsint.h"
@@ -48,6 +49,9 @@ XColor *exact_def) /* RETURN */
XcmsColor cmsColor_exact;
Status ret;
+ if (strlen(colorname) >= USHRT_MAX)
+ return (0);
+
#ifdef XCMS
/*
* Let's Attempt to use Xcms and i18n approach to Parse Color
diff --git a/src/LoadFont.c b/src/LoadFont.c
index f547976b..85735249 100644
--- a/src/LoadFont.c
+++ b/src/LoadFont.c
@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include "Xlibint.h"
Font
@@ -38,6 +39,9 @@ XLoadFont (
Font fid;
register xOpenFontReq *req;
+ if (strlen(name) >= USHRT_MAX)
+ return (0);
+
if (_XF86LoadQueryLocaleFont(dpy, name, (XFontStruct **)0, &fid))
return fid;
diff --git a/src/LookupCol.c b/src/LookupCol.c
index f7f969f5..cd9b1368 100644
--- a/src/LookupCol.c
+++ b/src/LookupCol.c
@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <stdio.h>
#include "Xlibint.h"
#include "Xcmsint.h"
@@ -46,6 +47,9 @@ XLookupColor (
XcmsCCC ccc;
XcmsColor cmsColor_exact;
+ n = (int) strlen (spec);
+ if (n >= USHRT_MAX)
+ return 0;
#ifdef XCMS
/*
* Let's Attempt to use Xcms and i18n approach to Parse Color
@@ -77,8 +81,6 @@ XLookupColor (
* Xcms and i18n methods failed, so lets pass it to the server
* for parsing.
*/
-
- n = strlen (spec);
LockDisplay(dpy);
GetReq (LookupColor, req);
req->cmap = cmap;
diff --git a/src/ParseCol.c b/src/ParseCol.c
index e997b1b8..180132dd 100644
--- a/src/ParseCol.c
+++ b/src/ParseCol.c
@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <stdio.h>
#include "Xlibint.h"
#include "Xcmsint.h"
@@ -46,7 +47,9 @@ XParseColor (
XcmsColor cmsColor;
if (!spec) return(0);
- n = strlen (spec);
+ n = (int) strlen (spec);
+ if (n >= USHRT_MAX)
+ return(0);
if (*spec == '#') {
/*
* RGB
diff --git a/src/QuExt.c b/src/QuExt.c
index 4e230e77..d38a1572 100644
--- a/src/QuExt.c
+++ b/src/QuExt.c
@@ -27,6 +27,8 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
+#include <stdbool.h>
#include "Xlibint.h"
Bool
@@ -40,6 +42,9 @@ XQueryExtension(
xQueryExtensionReply rep;
register xQueryExtensionReq *req;
+ if (strlen(name) >= USHRT_MAX)
+ return false;
+
LockDisplay(dpy);
GetReq(QueryExtension, req);
req->nbytes = name ? strlen(name) : 0;
diff --git a/src/SetFPath.c b/src/SetFPath.c
index 60aaef01..3d8c50cb 100644
--- a/src/SetFPath.c
+++ b/src/SetFPath.c
@@ -26,6 +26,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
+#include <limits.h>
#endif
#include "Xlibint.h"
@@ -48,7 +49,12 @@ XSetFontPath (
GetReq (SetFontPath, req);
req->nFonts = ndirs;
for (i = 0; i < ndirs; i++) {
- n += safestrlen (directories[i]) + 1;
+ n = (int) ((size_t) n + (safestrlen (directories[i]) + 1));
+ if (n >= USHRT_MAX) {
+ UnlockDisplay(dpy);
+ SyncHandle();
+ return 0;
+ }
}
nbytes = (n + 3) & ~3;
req->length += nbytes >> 2;
diff --git a/src/SetHints.c b/src/SetHints.c
index bc46498a..f3d727ec 100644
--- a/src/SetHints.c
+++ b/src/SetHints.c
@@ -49,6 +49,7 @@ SOFTWARE.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <X11/Xlibint.h>
#include <X11/Xutil.h>
#include "Xatomtype.h"
@@ -214,6 +215,8 @@ XSetCommand (
register char *buf, *bp;
for (i = 0, nbytes = 0; i < argc; i++) {
nbytes += safestrlen(argv[i]) + 1;
+ if (nbytes >= USHRT_MAX)
+ return 1;
}
if ((bp = buf = Xmalloc(nbytes))) {
/* copy arguments into single buffer */
@@ -256,6 +259,8 @@ XSetStandardProperties (
if (name != NULL) XStoreName (dpy, w, name);
+ if (safestrlen(icon_string) >= USHRT_MAX)
+ return 1;
if (icon_string != NULL) {
XChangeProperty (dpy, w, XA_WM_ICON_NAME, XA_STRING, 8,
PropModeReplace,
@@ -298,6 +303,8 @@ XSetClassHint(
len_nm = safestrlen(classhint->res_name);
len_cl = safestrlen(classhint->res_class);
+ if (len_nm + len_cl >= USHRT_MAX)
+ return 1;
if ((class_string = s = Xmalloc(len_nm + len_cl + 2))) {
if (len_nm) {
strcpy(s, classhint->res_name);
diff --git a/src/StNColor.c b/src/StNColor.c
index 8b821c3e..ba021958 100644
--- a/src/StNColor.c
+++ b/src/StNColor.c
@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <stdio.h>
#include "Xlibint.h"
#include "Xcmsint.h"
@@ -46,6 +47,8 @@ int flags) /* DoRed, DoGreen, DoBlue */
XcmsColor cmsColor_exact;
XColor scr_def;
+ if (strlen(name) >= USHRT_MAX)
+ return 0;
#ifdef XCMS
/*
* Let's Attempt to use Xcms approach to Parse Color
diff --git a/src/StName.c b/src/StName.c
index b4048bff..5a632d0c 100644
--- a/src/StName.c
+++ b/src/StName.c
@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <X11/Xlibint.h>
#include <X11/Xatom.h>
@@ -36,7 +37,9 @@ XStoreName (
Window w,
_Xconst char *name)
{
- return XChangeProperty(dpy, w, XA_WM_NAME, XA_STRING,
+ if (strlen(name) >= USHRT_MAX)
+ return 0;
+ return XChangeProperty(dpy, w, XA_WM_NAME, XA_STRING, /* */
8, PropModeReplace, (_Xconst unsigned char *)name,
name ? strlen(name) : 0);
}
@@ -47,6 +50,8 @@ XSetIconName (
Window w,
_Xconst char *icon_name)
{
+ if (strlen(icon_name) >= USHRT_MAX)
+ return 0;
return XChangeProperty(dpy, w, XA_WM_ICON_NAME, XA_STRING, 8,
PropModeReplace, (_Xconst unsigned char *)icon_name,
icon_name ? strlen(icon_name) : 0);
--
2.32.0

View File

@@ -15,6 +15,7 @@ SRC_URI += "file://Fix-hanging-issue-in-_XReply.patch \
file://libx11-whitespace.patch \
file://CVE-2020-14344.patch \
file://CVE-2020-14363.patch \
file://CVE-2021-31535.patch \
"
SRC_URI[md5sum] = "55adbfb6d4370ecac5e70598c4e7eed2"

View File

@@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \
file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \
file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \
file://WHENCE;md5=e21a8cbddc1612bce56f06fe154a0743 \
file://WHENCE;md5=727d0d4e2d420f41d89d098f6322e779 \
"
# These are not common licenses, set NO_GENERIC_LICENSE for them
@@ -205,7 +205,7 @@ PE = "1"
SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz"
SRC_URI[sha256sum] = "a2348f03492713dca9aef202496c6e58f5e63ee5bec6a7bdfcf8b18ce7155e70"
SRC_URI[sha256sum] = "2aa6ae8b9808408f9811ac38f00c188e53e984a2b3990254f6c9c02c1ab13417"
inherit allarch

View File

@@ -177,7 +177,7 @@ do_install() {
cp -a --parents $SYSCALL_TOOLS $kerneldir/build/
fi
cp -a --parents arch/arm/kernel/module.lds $kerneldir/build/
cp -a --parents arch/arm/kernel/module.lds $kerneldir/build/ 2>/dev/null || :
fi
if [ -d arch/${ARCH}/include ]; then

View File

@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
SRCREV_machine ?= "b62ae8bedb024e67e7c5cda51840454a4170c858"
SRCREV_meta ?= "b89df7433ea8124d3092805391b78808df4147a7"
SRCREV_machine ?= "135b02c845043f37c8eac73607b62b0735286756"
SRCREV_meta ?= "2ff6e592745fd397ec2da205ab02daafbf49351a"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LINUX_VERSION ?= "5.4.116"
LINUX_VERSION ?= "5.4.132"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"

View File

@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
LINUX_VERSION ?= "5.4.116"
LINUX_VERSION ?= "5.4.132"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
SRCREV_machine_qemuarm ?= "80bd6016a9bdaed4b66ddffffa8c8e62d7c1f8a6"
SRCREV_machine ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_meta ?= "b89df7433ea8124d3092805391b78808df4147a7"
SRCREV_machine_qemuarm ?= "629ca595e3eafd1fdc3a3d978d6ed4547b419968"
SRCREV_machine ?= "35abc20f52ebdd41bbe76e6f2d6ee189ab3078f6"
SRCREV_meta ?= "2ff6e592745fd397ec2da205ab02daafbf49351a"
PV = "${LINUX_VERSION}+git${SRCPV}"

View File

@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
SRCREV_machine_qemuarm ?= "e71df0530eefcac1b3248329e385bcefbad6336e"
SRCREV_machine_qemuarm64 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_machine_qemumips ?= "07445052fdd15e60b30dc5ae9d162c2e6bba47d1"
SRCREV_machine_qemuppc ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_machine_qemuriscv64 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_machine_qemux86 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_machine_qemux86-64 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_machine_qemumips64 ?= "b36d79d6f2aaf9dadec352f611e7b9becf2b9a55"
SRCREV_machine ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85"
SRCREV_meta ?= "b89df7433ea8124d3092805391b78808df4147a7"
SRCREV_machine_qemuarm ?= "cf8b645d7a1c268d071bdfe606f01d739afbdb80"
SRCREV_machine_qemuarm64 ?= "8d40ced691b9d211840801614a1031089ed6c2a2"
SRCREV_machine_qemumips ?= "c574c7303a75e700cb7123fc93a7ca7c19c963d6"
SRCREV_machine_qemuppc ?= "5550c64c43f81e6c29abfbc6ce31f44f200644ec"
SRCREV_machine_qemuriscv64 ?= "92705f96294a9c4ac611d3242f20651d5cf6224a"
SRCREV_machine_qemux86 ?= "92705f96294a9c4ac611d3242f20651d5cf6224a"
SRCREV_machine_qemux86-64 ?= "92705f96294a9c4ac611d3242f20651d5cf6224a"
SRCREV_machine_qemumips64 ?= "9cd841f768e0b5a07251df29ba202b5ff2bdf114"
SRCREV_machine ?= "92705f96294a9c4ac611d3242f20651d5cf6224a"
SRCREV_meta ?= "2ff6e592745fd397ec2da205ab02daafbf49351a"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
LINUX_VERSION ?= "5.4.116"
LINUX_VERSION ?= "5.4.132"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"

View File

@@ -45,7 +45,7 @@ PROVIDES = "virtual/perf"
inherit linux-kernel-base kernel-arch manpages
# needed for building the tools/perf Python bindings
inherit ${@bb.utils.contains('PACKAGECONFIG', 'scripting', 'python3native', '', d)}
inherit ${@bb.utils.contains('PACKAGECONFIG', 'scripting', 'python3targetconfig', '', d)}
inherit python3-dir
export PYTHON_SITEPACKAGES_DIR

View File

@@ -0,0 +1,70 @@
From 0d833743954ac1c58773cbf7a78fe0dc8105ae4a Mon Sep 17 00:00:00 2001
From: Joe Konno <joe.konno@linux.intel.com>
Date: Tue, 11 Feb 2020 14:15:42 -0800
Subject: [PATCH] configure.ac: ax_add_fortify_source
Use a maintained autoconf-archive macro to determine whether we need to
add -D_FORTIFY_SOURCE=3D2, or if the underlying OS (or toolchain) has it
baked in.
Signed-off-by: Joe Konno <joe.konno@intel.com>
Fixes:
aclocal: error: too many loops
Upstream-Status: Backport from 2.12
Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
---
configure.ac | 2 +-
m4/gcc_fortify_source_cc.m4 | 29 -----------------------------
2 files changed, 1 insertion(+), 30 deletions(-)
delete mode 100644 m4/gcc_fortify_source_cc.m4
diff --git a/configure.ac b/configure.ac
index d6a15e1..d68369c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -36,7 +36,7 @@ AC_PROG_LIBTOOL
AC_PROG_CC
AC_PROG_INSTALL
AM_PROG_CC_C_O
-GCC_FORTIFY_SOURCE_CC
+AX_ADD_FORTIFY_SOURCE
AX_CXX_COMPILE_STDCXX_11([noext], [mandatory])
# Checks for libraries.
diff --git a/m4/gcc_fortify_source_cc.m4 b/m4/gcc_fortify_source_cc.m4
deleted file mode 100644
index 1206672..0000000
--- a/m4/gcc_fortify_source_cc.m4
+++ /dev/null
@@ -1,29 +0,0 @@
-dnl GCC_FORTIFY_SOURCE_CC
-dnl checks -D_FORTIFY_SOURCE with the C++ compiler, if it exists then
-dnl updates CXXCPP
-AC_DEFUN([GCC_FORTIFY_SOURCE_CC],[
- AC_LANG_ASSERT([C++])
- AS_IF([test "X$CXX" != "X"], [
- AC_MSG_CHECKING([for FORTIFY_SOURCE support])
- fs_old_cxxcpp="$CXXCPP"
- fs_old_cxxflags="$CXXFLAGS"
- CXXCPP="$CXXCPP -D_FORTIFY_SOURCE=2"
- CXXFLAGS="$CXXFLAGS -Werror"
- AC_COMPILE_IFELSE([
- AC_LANG_PROGRAM([[]], [[
- int main(void) {
- #if !(__GNUC_PREREQ (4, 1) )
- #error No FORTIFY_SOURCE support
- #endif
- return 0;
- }
- ]], [
- AC_MSG_RESULT([yes])
- ], [
- AC_MSG_RESULT([no])
- CXXCPP="$fs_old_cxxcpp"
- ])
- ])
- CXXFLAGS="$fs_old_cxxflags"
- ])
-])

View File

@@ -0,0 +1,29 @@
From fbf74492236676e844b021b0dbb45b1ca43a0410 Mon Sep 17 00:00:00 2001
From: David King <amigadave@amigadave.com>
Date: Thu, 15 Apr 2021 11:45:13 +0100
Subject: [PATCH] configure: Use AX_REQUIRE_DEFINED
Require additional macros to be defined early, to avoid an aclocal
"too many loops" error when copying macros.
Upstream-Status: Backport from tip
Signed-off-by: Tim Orling <ticotimo@gmail.com>
---
configure.ac | 3 +++
1 file changed, 3 insertions(+)
diff --git a/configure.ac b/configure.ac
index d68369c..b90831b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,6 +29,9 @@ AM_GNU_GETTEXT([external])
AM_GNU_GETTEXT_VERSION([0.18.2])
m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
+AX_REQUIRE_DEFINED([AX_ADD_FORTIFY_SOURCE])
+AX_REQUIRE_DEFINED([AX_CXX_COMPILE_STDCXX])
+AX_REQUIRE_DEFINED([AX_PTHREAD])
# Checks for programs.
AC_PROG_CPP
AC_PROG_CXX

View File

@@ -2,13 +2,15 @@ SUMMARY = "Power usage tool"
DESCRIPTION = "Linux tool to diagnose issues with power consumption and power management."
HOMEPAGE = "https://01.org/powertop/"
BUGTRACKER = "https://app.devzing.com/powertopbugs/bugzilla"
DEPENDS = "ncurses libnl pciutils"
DEPENDS = "ncurses libnl pciutils autoconf-archive"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e"
SRC_URI = "git://github.com/fenrus75/powertop;protocol=https \
file://0001-wakeup_xxx.h-include-limits.h.patch \
"
file://0001-wakeup_xxx.h-include-limits.h.patch \
file://0002-configure.ac-ax_add_fortify_source.patch \
file://0003-configure-Use-AX_REQUIRE_DEFINED.patch \
"
SRCREV = "e8765b5475b22b7a2b6e9e8a031c68a268a0b0b3"
S = "${WORKDIR}/git"

View File

@@ -0,0 +1,36 @@
From 067e759136904b82bba9c6d1d781c4408dfecfe6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim@centricular.com>
Date: Wed, 3 Mar 2021 01:08:25 +0000
Subject: [PATCH] tag: id3v2: fix frame size check and potential invalid reads
Check the right variable when checking if there's
enough data left to read the frame size.
Closes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/merge_requests/1066>
Upstream-Status: Backport
[https://gstreamer.freedesktop.org/security/sa-2021-0001.html]
CVE: CVE-2021-3522
Signed-off-by: Minjae Kim <flowergom@gmail.com>
---
gst-libs/gst/tag/id3v2frames.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst-libs/gst/tag/id3v2frames.c b/gst-libs/gst/tag/id3v2frames.c
index 8e9f782..f39659b 100644
--- a/gst-libs/gst/tag/id3v2frames.c
+++ b/gst-libs/gst/tag/id3v2frames.c
@@ -109,7 +109,7 @@ id3v2_parse_frame (ID3TagsWorking * work)
if (work->frame_flags & (ID3V2_FRAME_FORMAT_COMPRESSION |
ID3V2_FRAME_FORMAT_DATA_LENGTH_INDICATOR)) {
- if (work->hdr.frame_data_size <= 4)
+ if (frame_data_size <= 4)
return FALSE;
if (ID3V2_VER_MAJOR (work->hdr.version) == 3) {
work->parse_size = GST_READ_UINT32_BE (frame_data);
--
2.17.1

View File

@@ -15,10 +15,15 @@ SRC_URI = " \
file://0003-ssaparse-enhance-SSA-text-lines-parsing.patch \
file://0005-viv-fb-Make-sure-config.h-is-included.patch \
file://0009-glimagesink-Downrank-to-marginal.patch \
file://CVE-2021-3522.patch \
"
SRC_URI[md5sum] = "e3ddb1bae9fb510b49a295f212f1e6e4"
SRC_URI[sha256sum] = "9f02678b0bbbcc9eff107d3bd89d83ce92fec2154cd607c7c8bd34dc7fee491c"
# CPE entries for gst-plugins-base are listed as gstreamer issues
# so we need to ignore the false hit
CVE_CHECK_WHITELIST += "CVE-2021-3522"
S = "${WORKDIR}/gst-plugins-base-${PV}"
DEPENDS += "iso-codes util-linux zlib"

View File

@@ -0,0 +1,207 @@
From 9181191511f9c0be6a89c98b311f49d66bd46dc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 4 Mar 2021 13:05:19 +0200
Subject: [PATCH] matroskademux: Fix extraction of multichannel WavPack
The old code had a couple of issues that all lead to potential memory
safety bugs.
- Use a constant for the Wavpack4Header size instead of using sizeof.
It's written out into the data and not from the struct and who knows
what special alignment/padding requirements some C compilers have.
- gst_buffer_set_size() does not realloc the buffer when setting a
bigger size than allocated, it only allows growing up to the maximum
allocated size. Instead use a GstAdapter to collect all the blocks
and take out everything at once in the end.
- Check that enough data is actually available in the input and
otherwise handle it an error in all cases instead of silently
ignoring it.
Among other things this fixes out of bounds writes because the code
assumed gst_buffer_set_size() can grow the buffer and simply wrote after
the end of the buffer.
Thanks to Natalie Silvanovich for reporting.
Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/issues/859
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/merge_requests/903>
Upstream-Status: Backport
https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/9181191511f9c0be6a89c98b311f49d66bd46dc3?merge_request_iid=903
CVE: CVE-2021-3497
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
gst/matroska/matroska-demux.c | 99 +++++++++++++++++++----------------
gst/matroska/matroska-ids.h | 2 +
2 files changed, 55 insertions(+), 46 deletions(-)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 467815986..0e47ee7b5 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -3851,6 +3851,12 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
guint32 block_samples, tmp;
gsize size = gst_buffer_get_size (*buf);
+ if (size < 4) {
+ GST_ERROR_OBJECT (element, "Too small wavpack buffer");
+ gst_buffer_unmap (*buf, &map);
+ return GST_FLOW_ERROR;
+ }
+
gst_buffer_extract (*buf, 0, &tmp, sizeof (guint32));
block_samples = GUINT32_FROM_LE (tmp);
/* we need to reconstruct the header of the wavpack block */
@@ -3858,10 +3864,10 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
/* -20 because ck_size is the size of the wavpack block -8
* and lace_size is the size of the wavpack block + 12
* (the three guint32 of the header that already are in the buffer) */
- wvh.ck_size = size + sizeof (Wavpack4Header) - 20;
+ wvh.ck_size = size + WAVPACK4_HEADER_SIZE - 20;
/* block_samples, flags and crc are already in the buffer */
- newbuf = gst_buffer_new_allocate (NULL, sizeof (Wavpack4Header) - 12, NULL);
+ newbuf = gst_buffer_new_allocate (NULL, WAVPACK4_HEADER_SIZE - 12, NULL);
gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
data = outmap.data;
@@ -3886,9 +3892,11 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
audiocontext->wvpk_block_index += block_samples;
} else {
guint8 *outdata = NULL;
- guint outpos = 0;
- gsize buf_size, size, out_size = 0;
+ gsize buf_size, size;
guint32 block_samples, flags, crc, blocksize;
+ GstAdapter *adapter;
+
+ adapter = gst_adapter_new ();
gst_buffer_map (*buf, &map, GST_MAP_READ);
buf_data = map.data;
@@ -3897,6 +3905,7 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
if (buf_size < 4) {
GST_ERROR_OBJECT (element, "Too small wavpack buffer");
gst_buffer_unmap (*buf, &map);
+ g_object_unref (adapter);
return GST_FLOW_ERROR;
}
@@ -3918,59 +3927,57 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
data += 4;
size -= 4;
- if (blocksize == 0 || size < blocksize)
- break;
-
- g_assert ((newbuf == NULL) == (outdata == NULL));
+ if (blocksize == 0 || size < blocksize) {
+ GST_ERROR_OBJECT (element, "Too small wavpack buffer");
+ gst_buffer_unmap (*buf, &map);
+ g_object_unref (adapter);
+ return GST_FLOW_ERROR;
+ }
- if (newbuf == NULL) {
- out_size = sizeof (Wavpack4Header) + blocksize;
- newbuf = gst_buffer_new_allocate (NULL, out_size, NULL);
+ g_assert (newbuf == NULL);
- gst_buffer_copy_into (newbuf, *buf,
- GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1);
+ newbuf =
+ gst_buffer_new_allocate (NULL, WAVPACK4_HEADER_SIZE + blocksize,
+ NULL);
+ gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
+ outdata = outmap.data;
+
+ outdata[0] = 'w';
+ outdata[1] = 'v';
+ outdata[2] = 'p';
+ outdata[3] = 'k';
+ outdata += 4;
+
+ GST_WRITE_UINT32_LE (outdata, blocksize + WAVPACK4_HEADER_SIZE - 8);
+ GST_WRITE_UINT16_LE (outdata + 4, wvh.version);
+ GST_WRITE_UINT8 (outdata + 6, wvh.track_no);
+ GST_WRITE_UINT8 (outdata + 7, wvh.index_no);
+ GST_WRITE_UINT32_LE (outdata + 8, wvh.total_samples);
+ GST_WRITE_UINT32_LE (outdata + 12, wvh.block_index);
+ GST_WRITE_UINT32_LE (outdata + 16, block_samples);
+ GST_WRITE_UINT32_LE (outdata + 20, flags);
+ GST_WRITE_UINT32_LE (outdata + 24, crc);
+ outdata += 28;
+
+ memcpy (outdata, data, blocksize);
- outpos = 0;
- gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
- outdata = outmap.data;
- } else {
- gst_buffer_unmap (newbuf, &outmap);
- out_size += sizeof (Wavpack4Header) + blocksize;
- gst_buffer_set_size (newbuf, out_size);
- gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
- outdata = outmap.data;
- }
+ gst_buffer_unmap (newbuf, &outmap);
+ gst_adapter_push (adapter, newbuf);
+ newbuf = NULL;
- outdata[outpos] = 'w';
- outdata[outpos + 1] = 'v';
- outdata[outpos + 2] = 'p';
- outdata[outpos + 3] = 'k';
- outpos += 4;
-
- GST_WRITE_UINT32_LE (outdata + outpos,
- blocksize + sizeof (Wavpack4Header) - 8);
- GST_WRITE_UINT16_LE (outdata + outpos + 4, wvh.version);
- GST_WRITE_UINT8 (outdata + outpos + 6, wvh.track_no);
- GST_WRITE_UINT8 (outdata + outpos + 7, wvh.index_no);
- GST_WRITE_UINT32_LE (outdata + outpos + 8, wvh.total_samples);
- GST_WRITE_UINT32_LE (outdata + outpos + 12, wvh.block_index);
- GST_WRITE_UINT32_LE (outdata + outpos + 16, block_samples);
- GST_WRITE_UINT32_LE (outdata + outpos + 20, flags);
- GST_WRITE_UINT32_LE (outdata + outpos + 24, crc);
- outpos += 28;
-
- memmove (outdata + outpos, data, blocksize);
- outpos += blocksize;
data += blocksize;
size -= blocksize;
}
gst_buffer_unmap (*buf, &map);
- gst_buffer_unref (*buf);
- if (newbuf)
- gst_buffer_unmap (newbuf, &outmap);
+ newbuf = gst_adapter_take_buffer (adapter, gst_adapter_available (adapter));
+ g_object_unref (adapter);
+ gst_buffer_copy_into (newbuf, *buf,
+ GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1);
+ gst_buffer_unref (*buf);
*buf = newbuf;
+
audiocontext->wvpk_block_index += block_samples;
}
diff --git a/gst/matroska/matroska-ids.h b/gst/matroska/matroska-ids.h
index 429213f77..8d4a685a9 100644
--- a/gst/matroska/matroska-ids.h
+++ b/gst/matroska/matroska-ids.h
@@ -688,6 +688,8 @@ typedef struct _Wavpack4Header {
guint32 crc; /* crc for actual decoded data */
} Wavpack4Header;
+#define WAVPACK4_HEADER_SIZE (32)
+
typedef enum {
GST_MATROSKA_TRACK_ENCODING_SCOPE_FRAME = (1<<0),
GST_MATROSKA_TRACK_ENCODING_SCOPE_CODEC_DATA = (1<<1),
--
GitLab

View File

@@ -0,0 +1,44 @@
From 02174790726dd20a5c73ce2002189bf240ad4fe0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Wed, 3 Mar 2021 11:31:52 +0200
Subject: [PATCH] matroskademux: Initialize track context out parameter to NULL
before parsing
Various error return paths don't set it to NULL and callers are only
checking if the pointer is NULL. As it's allocated on the stack this
usually contains random stack memory, and more often than not the memory
of a previously parsed track.
This then causes all kinds of memory corruptions further down the line.
Thanks to Natalie Silvanovich for reporting.
Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/issues/858
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/merge_requests/903>
Upstream-Status: Backport [
https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/02174790726dd20a5c73ce2002189bf240ad4fe0?merge_request_iid=903 ]
CVE: CVE-2021-3498
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
gst/matroska/matroska-demux.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 4d0234743..467815986 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -692,6 +692,8 @@ gst_matroska_demux_parse_stream (GstMatroskaDemux * demux, GstEbmlRead * ebml,
DEBUG_ELEMENT_START (demux, ebml, "TrackEntry");
+ *dest_context = NULL;
+
/* start with the master */
if ((ret = gst_ebml_read_master (ebml, &id)) != GST_FLOW_OK) {
DEBUG_ELEMENT_STOP (demux, ebml, "TrackEntry", ret);
--
GitLab

View File

@@ -8,11 +8,18 @@ SRC_URI = " \
https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-${PV}.tar.xz \
file://0001-qmlgl-ensure-Qt-defines-GLsync-to-fix-compile-on-som.patch \
file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
file://CVE-2021-3497.patch \
file://CVE-2021-3498.patch \
"
SRC_URI[md5sum] = "c79b6c2f8eaadb2bb66615b694db399e"
SRC_URI[sha256sum] = "d3a23a3fe73de673f591b7655494990c9e8a0e22a3c70d6f1dbf50198b29f85f"
# CPE entries for gst-plugins-good are listed as gstreamer issues
# so we need to ignore the false hit
CVE_CHECK_WHITELIST += "CVE-2021-3497"
CVE_CHECK_WHITELIST += "CVE-2021-3498"
S = "${WORKDIR}/gst-plugins-good-${PV}"
LICENSE = "GPLv2+ & LGPLv2.1+"

View File

@@ -0,0 +1,148 @@
From 02875964eba5c4a2ea98c41562835428214adfe7 Mon Sep 17 00:00:00 2001
From: Thomas Bernard <miniupnp@free.fr>
Date: Sat, 7 Mar 2020 13:21:56 +0100
Subject: [PATCH] tiff2rgba: output usage to stdout when using -h
also uses std C EXIT_FAILURE / EXIT_SUCCESS
see #17
Signed-off-by: akash hadke <akash.hadke@kpit.com>
---
tools/tiff2rgba.c | 39 ++++++++++++++++++++++++---------------
1 file changed, 24 insertions(+), 15 deletions(-)
---
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/02875964eba5c4a2ea98c41562835428214adfe7.patch]
---
diff --git a/tools/tiff2rgba.c b/tools/tiff2rgba.c
index 2eb6f6c4..ef643653 100644
--- a/tools/tiff2rgba.c
+++ b/tools/tiff2rgba.c
@@ -39,6 +39,13 @@
#include "tiffiop.h"
#include "tiffio.h"
+#ifndef EXIT_SUCCESS
+#define EXIT_SUCCESS 0
+#endif
+#ifndef EXIT_FAILURE
+#define EXIT_FAILURE 1
+#endif
+
#define streq(a,b) (strcmp(a,b) == 0)
#define CopyField(tag, v) \
if (TIFFGetField(in, tag, &v)) TIFFSetField(out, tag, v)
@@ -68,7 +75,7 @@ main(int argc, char* argv[])
extern char *optarg;
#endif
- while ((c = getopt(argc, argv, "c:r:t:bn8")) != -1)
+ while ((c = getopt(argc, argv, "c:r:t:bn8h")) != -1)
switch (c) {
case 'b':
process_by_block = 1;
@@ -86,7 +93,7 @@ main(int argc, char* argv[])
else if (streq(optarg, "zip"))
compression = COMPRESSION_DEFLATE;
else
- usage(-1);
+ usage(EXIT_FAILURE);
break;
case 'r':
@@ -105,17 +112,20 @@ main(int argc, char* argv[])
bigtiff_output = 1;
break;
+ case 'h':
+ usage(EXIT_SUCCESS);
+ /*NOTREACHED*/
case '?':
- usage(0);
+ usage(EXIT_FAILURE);
/*NOTREACHED*/
}
if (argc - optind < 2)
- usage(-1);
+ usage(EXIT_FAILURE);
out = TIFFOpen(argv[argc-1], bigtiff_output?"w8":"w");
if (out == NULL)
- return (-2);
+ return (EXIT_FAILURE);
for (; optind < argc-1; optind++) {
in = TIFFOpen(argv[optind], "r");
@@ -132,7 +142,7 @@ main(int argc, char* argv[])
}
}
(void) TIFFClose(out);
- return (0);
+ return (EXIT_SUCCESS);
}
static int
@@ -166,7 +176,7 @@ cvt_by_tile( TIFF *in, TIFF *out )
if (tile_width != (rastersize / tile_height) / sizeof( uint32))
{
TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
- exit(-1);
+ exit(EXIT_FAILURE);
}
raster = (uint32*)_TIFFmalloc(rastersize);
if (raster == 0) {
@@ -182,7 +192,7 @@ cvt_by_tile( TIFF *in, TIFF *out )
if (tile_width != wrk_linesize / sizeof (uint32))
{
TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
- exit(-1);
+ exit(EXIT_FAILURE);
}
wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
if (!wrk_line) {
@@ -279,7 +289,7 @@ cvt_by_strip( TIFF *in, TIFF *out )
if (width != (rastersize / rowsperstrip) / sizeof( uint32))
{
TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
- exit(-1);
+ exit(EXIT_FAILURE);
}
raster = (uint32*)_TIFFmalloc(rastersize);
if (raster == 0) {
@@ -295,7 +305,7 @@ cvt_by_strip( TIFF *in, TIFF *out )
if (width != wrk_linesize / sizeof (uint32))
{
TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
- exit(-1);
+ exit(EXIT_FAILURE);
}
wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
if (!wrk_line) {
@@ -528,7 +538,7 @@ tiffcvt(TIFF* in, TIFF* out)
return( cvt_whole_image( in, out ) );
}
-static char* stuff[] = {
+const static char* stuff[] = {
"usage: tiff2rgba [-c comp] [-r rows] [-b] [-n] [-8] input... output",
"where comp is one of the following compression algorithms:",
" jpeg\t\tJPEG encoding",
@@ -547,13 +557,12 @@ static char* stuff[] = {
static void
usage(int code)
{
- char buf[BUFSIZ];
int i;
+ FILE * out = (code == EXIT_SUCCESS) ? stdout : stderr;
- setbuf(stderr, buf);
- fprintf(stderr, "%s\n\n", TIFFGetVersion());
+ fprintf(out, "%s\n\n", TIFFGetVersion());
for (i = 0; stuff[i] != NULL; i++)
- fprintf(stderr, "%s\n", stuff[i]);
+ fprintf(out, "%s\n", stuff[i]);
exit(code);
}
--
GitLab

View File

@@ -0,0 +1,27 @@
From ca70b5e702b9f503333344b2d46691de9feae84e Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Sat, 3 Oct 2020 18:16:27 +0200
Subject: [PATCH] tiff2rgba.c: fix -Wold-style-declaration warning
Signed-off-by: akash hadke <akash.hadke@kpit.com>
---
tools/tiff2rgba.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/ca70b5e702b9f503333344b2d46691de9feae84e.patch]
---
diff --git a/tools/tiff2rgba.c b/tools/tiff2rgba.c
index ef643653..fbc383aa 100644
--- a/tools/tiff2rgba.c
+++ b/tools/tiff2rgba.c
@@ -538,7 +538,7 @@ tiffcvt(TIFF* in, TIFF* out)
return( cvt_whole_image( in, out ) );
}
-const static char* stuff[] = {
+static const char* stuff[] = {
"usage: tiff2rgba [-c comp] [-r rows] [-b] [-n] [-8] input... output",
"where comp is one of the following compression algorithms:",
" jpeg\t\tJPEG encoding",
--
GitLab

View File

@@ -0,0 +1,119 @@
From 98a254f5b92cea22f5436555ff7fceb12afee84d Mon Sep 17 00:00:00 2001
From: Thomas Bernard <miniupnp@free.fr>
Date: Sun, 15 Nov 2020 17:02:51 +0100
Subject: [PATCH 1/2] enforce (configurable) memory limit in tiff2rgba
fixes #207
fixes #209
Signed-off-by: akash hadke <akash.hadke@kpit.com>
---
tools/tiff2rgba.c | 25 +++++++++++++++++++++++--
1 file changed, 23 insertions(+), 2 deletions(-)
---
CVE: CVE-2020-35521
CVE: CVE-2020-35522
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/b5a935d96b21cda0f434230cdf8ca958cd8b4eef.patch]
---
diff --git a/tools/tiff2rgba.c b/tools/tiff2rgba.c
index fbc383aa..764395f6 100644
--- a/tools/tiff2rgba.c
+++ b/tools/tiff2rgba.c
@@ -60,6 +60,10 @@ uint32 rowsperstrip = (uint32) -1;
int process_by_block = 0; /* default is whole image at once */
int no_alpha = 0;
int bigtiff_output = 0;
+#define DEFAULT_MAX_MALLOC (256 * 1024 * 1024)
+/* malloc size limit (in bytes)
+ * disabled when set to 0 */
+static tmsize_t maxMalloc = DEFAULT_MAX_MALLOC;
static int tiffcvt(TIFF* in, TIFF* out);
@@ -75,8 +79,11 @@ main(int argc, char* argv[])
extern char *optarg;
#endif
- while ((c = getopt(argc, argv, "c:r:t:bn8h")) != -1)
+ while ((c = getopt(argc, argv, "c:r:t:bn8hM:")) != -1)
switch (c) {
+ case 'M':
+ maxMalloc = (tmsize_t)strtoul(optarg, NULL, 0) << 20;
+ break;
case 'b':
process_by_block = 1;
break;
@@ -405,6 +412,12 @@ cvt_whole_image( TIFF *in, TIFF *out )
(unsigned long)width, (unsigned long)height);
return 0;
}
+ if (maxMalloc != 0 && (tmsize_t)pixel_count * (tmsize_t)sizeof(uint32) > maxMalloc) {
+ TIFFError(TIFFFileName(in),
+ "Raster size " TIFF_UINT64_FORMAT " over memory limit (" TIFF_UINT64_FORMAT "), try -b option.",
+ (uint64)pixel_count * sizeof(uint32), (uint64)maxMalloc);
+ return 0;
+ }
rowsperstrip = TIFFDefaultStripSize(out, rowsperstrip);
TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, rowsperstrip);
@@ -530,6 +543,13 @@ tiffcvt(TIFF* in, TIFF* out)
TIFFSetField(out, TIFFTAG_SOFTWARE, TIFFGetVersion());
CopyField(TIFFTAG_DOCUMENTNAME, stringv);
+ if (maxMalloc != 0 && TIFFStripSize(in) > maxMalloc)
+ {
+ TIFFError(TIFFFileName(in),
+ "Strip Size " TIFF_UINT64_FORMAT " over memory limit (" TIFF_UINT64_FORMAT ")",
+ (uint64)TIFFStripSize(in), (uint64)maxMalloc);
+ return 0;
+ }
if( process_by_block && TIFFIsTiled( in ) )
return( cvt_by_tile( in, out ) );
else if( process_by_block )
@@ -539,7 +559,7 @@ tiffcvt(TIFF* in, TIFF* out)
}
static const char* stuff[] = {
- "usage: tiff2rgba [-c comp] [-r rows] [-b] [-n] [-8] input... output",
+ "usage: tiff2rgba [-c comp] [-r rows] [-b] [-n] [-8] [-M size] input... output",
"where comp is one of the following compression algorithms:",
" jpeg\t\tJPEG encoding",
" zip\t\tZip/Deflate encoding",
@@ -551,6 +571,7 @@ static const char* stuff[] = {
" -b (progress by block rather than as a whole image)",
" -n don't emit alpha component.",
" -8 write BigTIFF file instead of ClassicTIFF",
+ " -M set the memory allocation limit in MiB. 0 to disable limit",
NULL
};
--
GitLab
From e9e504193ef1f87e9cb5e986586b0cbe3254e421 Mon Sep 17 00:00:00 2001
From: Thomas Bernard <miniupnp@free.fr>
Date: Sun, 15 Nov 2020 17:08:42 +0100
Subject: [PATCH 2/2] tiff2rgba.1: -M option
---
man/tiff2rgba.1 | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/man/tiff2rgba.1 b/man/tiff2rgba.1
index d9c9baae..fe9ebb2c 100644
--- a/man/tiff2rgba.1
+++ b/man/tiff2rgba.1
@@ -87,6 +87,10 @@ Drop the alpha component from the output file, producing a pure RGB file.
Currently this does not work if the
.B \-b
flag is also in effect.
+.TP
+.BI \-M " size"
+Set maximum memory allocation size (in MiB). The default is 256MiB.
+Set to 0 to disable the limit.
.SH "SEE ALSO"
.BR tiff2bw (1),
.BR TIFFReadRGBAImage (3t),
--
GitLab

View File

@@ -12,6 +12,9 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2020-35523.patch \
file://CVE-2020-35524-1.patch \
file://CVE-2020-35524-2.patch \
file://001_support_patch_for_CVE-2020-35521_and_CVE-2020-35522.patch \
file://002_support_patch_for_CVE-2020-35521_and_CVE-2020-35522.patch \
file://CVE-2020-35521_and_CVE-2020-35522.patch \
"
SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424"
SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634"

View File

@@ -0,0 +1,66 @@
From cb929f59b527fe890376e47613dfe1434a320bc0 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 11 Aug 2020 15:44:48 -0700
Subject: [PATCH] [clang 11] fix build errors due to -WWc++11-narrowing
https://bugs.webkit.org/show_bug.cgi?id=211193
Reviewed by Adrian Perez de Castro.
Fixes the following errors,
Source/WebCore/html/MediaElementSession.cpp:1059:9: error: type 'WebCore::RenderMedia *' cannot be narrowed to 'bool' in initializer list [-Wc++11-narrowing]
m_element.renderer(),
^~~~~~~~~~~~~~~~~~~~
Source/WebCore/style/StyleResolver.cpp:106:55: error: type 'const char [4]' cannot be narrowed to 'bool' in initializer list [-Wc++11-narrowing]
m_mediaQueryEvaluator = MediaQueryEvaluator { "all" };
^~~~~
Source/WebCore/style/StyleResolver.cpp:106:55: note: insert an explicit cast to silence this issue
m_mediaQueryEvaluator = MediaQueryEvaluator { "all" };
^~~~~
static_cast<bool>( )
* html/HTMLMediaElement.h:
(WebCore::HTMLMediaElement::hasRenderer const):
MediaElementSession was implicitly casting a pointer to a bool,
which is not allowed with modern Clang checks. Add a helper method
to encapsulate the now required static_cast<bool>.
* html/MediaElementSession.cpp: Use the new helper method to see
if the HTMLMediaElement has an associated renderer.
(WebCore::MediaElementSession::updateMediaUsageIfChanged):
* style/StyleResolver.cpp: This was calling MediaQueryEvaluator {
"all" }; and seemingly expecting to cast a const char[] to a bool,
or maybe String? It's confusing because of the MediaQueryEvaluator
API. If it was implicitly converting to bool then that could be
unintentional. Such casts are not allowed either now. The
MediaQueryEvaluator's default constructor says it returns true for
"all", which appears to be the original intent of this call, so I
replaced it with that.
(WebCore::Style::Resolver::Resolver):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@260951 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Upstream-Status: Backport [https://github.com/WebKit/webkit/commit/c3cf651016e4cdcb4350598d4a586821071f91bf.patch]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Source/WebCore/style/StyleResolver.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Source/WebCore/style/StyleResolver.cpp b/Source/WebCore/style/StyleResolver.cpp
index 8bf371a0..34580ddb 100644
--- a/Source/WebCore/style/StyleResolver.cpp
+++ b/Source/WebCore/style/StyleResolver.cpp
@@ -107,7 +107,7 @@ Resolver::Resolver(Document& document)
if (view)
m_mediaQueryEvaluator = MediaQueryEvaluator { view->mediaType() };
else
- m_mediaQueryEvaluator = MediaQueryEvaluator { "all" };
+ m_mediaQueryEvaluator = MediaQueryEvaluator { };
if (root) {
m_rootDefaultStyle = styleForElement(*root, m_document.renderStyle(), nullptr, RuleMatchingBehavior::MatchOnlyUserAgentRules).renderStyle;
--
2.28.0

View File

@@ -1,15 +0,0 @@
Upstream-Status: Backport [https://trac.webkit.org/changeset/262368/webkit?format=diff&new=262368]
CVE: CVE-2020-13753
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Index: a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
===================================================================
--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp (revision 262367)
+++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp (revision 262368)
@@ -642,5 +642,5 @@
int r;
if (rule.arg)
- r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 1, rule.arg);
+ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 1, *rule.arg);
else
r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 0);

View File

@@ -19,10 +19,9 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
file://cross-compile.patch \
file://0001-Fix-build-with-musl.patch \
file://include_array.patch \
file://CVE-2020-13753.patch \
file://0001-clang-11-fix-build-errors-due-to-WWc-11-narrowing.patch \
"
SRC_URI[md5sum] = "ec0ef870ca37e3a5ebbead2f268a28ec"
SRC_URI[sha256sum] = "b9d23525cfd8d22c37b5d964a9fe9a8ce7583042a2f8d3922e71e6bbc68c30bd"
SRC_URI[sha256sum] = "821952e8c9303ed752f1fb1d4283f612c25249d00d705d2b79c2db1bc49c9464"
inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc

View File

@@ -0,0 +1,67 @@
From 15beb4b193b2714d88107e7dffca781798684e7e Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 29 Jan 2021 14:06:32 +0100
Subject: [PATCH] key_share: avoid use-after-free around realloc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
https://gitlab.com/gnutls/gnutls/-/commit/15beb4b193b2714d88107e7dffca781798684e7e
Upstream-Status: Backport
CVE: CVE-2021-CVE-2021-20231
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
lib/ext/key_share.c | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
index ab8abf8fe6..a8c4bb5cff 100644
--- a/lib/ext/key_share.c
+++ b/lib/ext/key_share.c
@@ -664,14 +664,14 @@ key_share_send_params(gnutls_session_t session,
{
unsigned i;
int ret;
- unsigned char *lengthp;
- unsigned int cur_length;
unsigned int generated = 0;
const gnutls_group_entry_st *group;
const version_entry_st *ver;
/* this extension is only being sent on client side */
if (session->security_parameters.entity == GNUTLS_CLIENT) {
+ unsigned int length_pos;
+
ver = _gnutls_version_max(session);
if (unlikely(ver == NULL || ver->key_shares == 0))
return 0;
@@ -679,16 +679,13 @@ key_share_send_params(gnutls_session_t session,
if (!have_creds_for_tls13(session))
return 0;
- /* write the total length later */
- lengthp = &extdata->data[extdata->length];
+ length_pos = extdata->length;
ret =
_gnutls_buffer_append_prefix(extdata, 16, 0);
if (ret < 0)
return gnutls_assert_val(ret);
- cur_length = extdata->length;
-
if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */
group = get_group(session);
if (unlikely(group == NULL))
@@ -736,7 +733,8 @@ key_share_send_params(gnutls_session_t session,
}
/* copy actual length */
- _gnutls_write_uint16(extdata->length - cur_length, lengthp);
+ _gnutls_write_uint16(extdata->length - length_pos - 2,
+ &extdata->data[length_pos]);
} else { /* server */
ver = get_version(session);
--
GitLab

View File

@@ -0,0 +1,65 @@
From 75a937d97f4fefc6f9b08e3791f151445f551cb3 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 29 Jan 2021 14:06:50 +0100
Subject: [PATCH] pre_shared_key: avoid use-after-free around realloc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
https://gitlab.com/gnutls/gnutls/-/commit/75a937d97f4fefc6f9b08e3791f151445f551cb3
Upstream-Status: Backport
CVE: CVE-2021-CVE-2021-20232
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
lib/ext/pre_shared_key.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
index a042c6488e..380bf39ed5 100644
--- a/lib/ext/pre_shared_key.c
+++ b/lib/ext/pre_shared_key.c
@@ -267,7 +267,7 @@ client_send_params(gnutls_session_t session,
size_t spos;
gnutls_datum_t username = {NULL, 0};
gnutls_datum_t user_key = {NULL, 0}, rkey = {NULL, 0};
- gnutls_datum_t client_hello;
+ unsigned client_hello_len;
unsigned next_idx;
const mac_entry_st *prf_res = NULL;
const mac_entry_st *prf_psk = NULL;
@@ -428,8 +428,7 @@ client_send_params(gnutls_session_t session,
assert(extdata->length >= sizeof(mbuffer_st));
assert(ext_offset >= (ssize_t)sizeof(mbuffer_st));
ext_offset -= sizeof(mbuffer_st);
- client_hello.data = extdata->data+sizeof(mbuffer_st);
- client_hello.size = extdata->length-sizeof(mbuffer_st);
+ client_hello_len = extdata->length-sizeof(mbuffer_st);
next_idx = 0;
@@ -440,6 +439,11 @@ client_send_params(gnutls_session_t session,
}
if (prf_res && rkey.size > 0) {
+ gnutls_datum_t client_hello;
+
+ client_hello.data = extdata->data+sizeof(mbuffer_st);
+ client_hello.size = client_hello_len;
+
ret = compute_psk_binder(session, prf_res,
binders_len, binders_pos,
ext_offset, &rkey, &client_hello, 1,
@@ -474,6 +478,11 @@ client_send_params(gnutls_session_t session,
}
if (prf_psk && user_key.size > 0 && info) {
+ gnutls_datum_t client_hello;
+
+ client_hello.data = extdata->data+sizeof(mbuffer_st);
+ client_hello.size = client_hello_len;
+
ret = compute_psk_binder(session, prf_psk,
binders_len, binders_pos,
ext_offset, &user_key, &client_hello, 0,
--
GitLab

View File

@@ -23,6 +23,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
file://arm_eabi.patch \
file://0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch \
file://CVE-2020-24659.patch \
file://CVE-2021-20231.patch \
file://CVE-2021-20232.patch \
"
SRC_URI[sha256sum] = "5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63"

View File

@@ -168,7 +168,7 @@ def deploy(args, config, basepath, workspace):
if args.strip and not args.dry_run:
# Fakeroot copy to new destination
srcdir = recipe_outdir
recipe_outdir = os.path.join(rd.getVar('WORKDIR'), 'deploy-target-stripped')
recipe_outdir = os.path.join(rd.getVar('WORKDIR'), 'devtool-deploy-target-stripped')
if os.path.isdir(recipe_outdir):
bb.utils.remove(recipe_outdir, True)
exec_fakeroot(rd, "cp -af %s %s" % (os.path.join(srcdir, '.'), recipe_outdir), shell=True)