diff options
| author | Andrew Geissler <geissonator@yahoo.com> | 2020-04-13 21:39:40 +0300 |
|---|---|---|
| committer | Andrew Geissler <geissonator@yahoo.com> | 2020-05-05 16:30:44 +0300 |
| commit | 82c905dc58a36aeae40b1b273a12f63fb1973cf4 (patch) | |
| tree | 38caf00263451b5036435cdc36e035b25d32e623 /meta-openembedded/meta-oe/recipes-kernel | |
| parent | 83ecb75644b3d677c274188f9ac0b2374d6f6925 (diff) | |
| download | openbmc-82c905dc58a36aeae40b1b273a12f63fb1973cf4.tar.xz | |
meta-openembedded and poky: subtree updates
Squash of the following due to dependencies among them
and OpenBMC changes:
meta-openembedded: subtree update:d0748372d2..9201611135
meta-openembedded: subtree update:9201611135..17fd382f34
poky: subtree update:9052e5b32a..2e11d97b6c
poky: subtree update:2e11d97b6c..a8544811d7
The change log was too large for the jenkins plugin
to handle therefore it has been removed. Here is
the first and last commit of each subtree:
meta-openembedded:d0748372d2
cppzmq: bump to version 4.6.0
meta-openembedded:17fd382f34
mpv: Remove X11 dependency
poky:9052e5b32a
package_ipk: Remove pointless comment to trigger rebuild
poky:a8544811d7
pbzip2: Fix license warning
Change-Id: If0fc6c37629642ee207a4ca2f7aa501a2c673cd6
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-kernel')
23 files changed, 738 insertions, 63 deletions
diff --git a/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.7.bb b/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.8.bb index 8098d096e..834c92cc4 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.7.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.8.bb @@ -10,7 +10,7 @@ SECTION = "devel" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING3;md5=d32239bcb673463ab874e80d47fae504" -DEPENDS = "zlib readline coreutils-native" +DEPENDS = "zlib readline coreutils-native ncurses-native" S = "${WORKDIR}/git" SRC_URI = "git://github.com/crash-utility/${BPN}.git \ @@ -26,7 +26,7 @@ SRC_URI = "git://github.com/crash-utility/${BPN}.git \ file://0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch \ file://0003-crash-detect-the-sysroot-s-glibc-header-file.patch \ " -SRCREV = "5b0e3777ccbb571678791903e93446ccd0aba03a" +SRCREV = "24f4801f8c8871a2e3e660fe9fa8fdd86bb29876" SRC_URI[gdb.md5sum] = "a9836707337e5f7bf76a009a8904f470" SRC_URI[gdb.sha256sum] = "8070389a5dcc104eb0be483d582729f98ed4d761ad19cedd3f17b5d2502faa36" @@ -38,8 +38,12 @@ inherit gettext BBCLASSEXTEND = "native cross" TARGET_CC_ARCH_append = " ${SELECTED_OPTIMIZATION}" -# crash 7.1.3 and before don't support mips64 -COMPATIBLE_HOST = "^(?!mips64).*" +# crash 7.1.3 and before don't support mips64/riscv64 +COMPATIBLE_HOST_riscv64 = "null" +COMPATIBLE_HOST_riscv32 = "null" +COMPATIBLE_HOST_mipsarchn64 = "null" +COMPATIBLE_HOST_mipsarchn32 = "null" + EXTRA_OEMAKE = 'RPMPKG="${PV}" \ GDB_TARGET="${TARGET_SYS}" \ @@ -49,9 +53,7 @@ EXTRA_OEMAKE = 'RPMPKG="${PV}" \ ' EXTRA_OEMAKE_class-cross = 'RPMPKG="${PV}" \ - GDB_TARGET="${BUILD_SYS} \ - \${GDB_CONF_FLAGS} \ - --target=${TARGET_SYS}" \ + GDB_TARGET="${BUILD_SYS} --target=${TARGET_SYS}" \ GDB_HOST="${BUILD_SYS}" \ GDB_MAKE_JOBS="${PARALLEL_MAKE}" \ ' @@ -59,10 +61,6 @@ EXTRA_OEMAKE_class-cross = 'RPMPKG="${PV}" \ EXTRA_OEMAKE_append_class-native = " LDFLAGS='${BUILD_LDFLAGS}'" EXTRA_OEMAKE_append_class-cross = " LDFLAGS='${BUILD_LDFLAGS}'" -REMOVE_M32 = "sed -i -e 's/#define TARGET_CFLAGS_ARM_ON_X86_64.*/#define TARGET_CFLAGS_ARM_ON_X86_64\t\"TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64\"/g' ${S}/configure.c" - -REMOVE_M32_class-cross = "" - do_configure() { : } @@ -79,7 +77,7 @@ do_compile_prepend() { esac sed -i s/FORCE_DEFINE_ARCH/"${ARCH}"/g ${S}/configure.c - ${REMOVE_M32} + sed -i -e 's/#define TARGET_CFLAGS_ARM_ON_X86_64.*/#define TARGET_CFLAGS_ARM_ON_X86_64\t\"TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64\"/g' ${S}/configure.c sed -i 's/>/>/g' ${S}/Makefile } diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch new file mode 100644 index 000000000..eadfb7ead --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch @@ -0,0 +1,53 @@ +From 24aed93efb30a8f557aedc2f03b6ccec758ccbf4 Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl <chertl@microsoft.com> +Date: Thu, 28 Nov 2019 16:44:18 +0000 +Subject: [PATCH 1/5] fru: Fix buffer overflow in ipmi_spd_print_fru + +Partial fix for CVE-2020-5208, see +https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +The `ipmi_spd_print_fru` function has a similar issue as the one fixed +by the previous commit in `read_fru_area_section`. An initial request is +made to get the `fru.size`, which is used as the size for the allocation +of `spd_data`. Inside a loop, further requests are performed to get the +copy sizes which are not checked before being used as the size for a +copy into the buffer. + +Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/840fb1cbb4fb365cb9797300e3374d4faefcdb10] +CVE: CVE-2020-5208 + +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + lib/dimm_spd.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c +index 91ae117..4c9c21d 100644 +--- a/lib/dimm_spd.c ++++ b/lib/dimm_spd.c +@@ -1014,7 +1014,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) + struct ipmi_rq req; + struct fru_info fru; + uint8_t *spd_data, msg_data[4]; +- int len, offset; ++ uint32_t len, offset; + + msg_data[0] = id; + +@@ -1091,6 +1091,13 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) + } + + len = rsp->data[0]; ++ if(rsp->data_len < 1 ++ || len > rsp->data_len - 1 ++ || len > fru.size - offset) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } + memcpy(&spd_data[offset], rsp->data + 1, len); + offset += len; + } while (offset < fru.size); +-- +1.9.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-vulnerabilities.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-vulnerabilities.patch new file mode 100644 index 000000000..b65e3ef1a --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-vulnerabilities.patch @@ -0,0 +1,133 @@ +From e824c23316ae50beb7f7488f2055ac65e8b341f2 Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl <chertl@microsoft.com> +Date: Thu, 28 Nov 2019 16:33:59 +0000 +Subject: [PATCH] fru: Fix buffer overflow vulnerabilities + +Partial fix for CVE-2020-5208, see +https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +The `read_fru_area_section` function only performs size validation of +requested read size, and falsely assumes that the IPMI message will not +respond with more than the requested amount of data; it uses the +unvalidated response size to copy into `frubuf`. If the response is +larger than the request, this can result in overflowing the buffer. + +The same issue affects the `read_fru_area` function. + +Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2] +CVE: CVE-2020-5208 + +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + lib/ipmi_fru.c | 33 +++++++++++++++++++++++++++++++-- + 1 file changed, 31 insertions(+), 2 deletions(-) + +diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c +index c2a139d..2e323ff 100644 +--- a/lib/ipmi_fru.c ++++ b/lib/ipmi_fru.c +@@ -663,7 +663,10 @@ int + read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + uint32_t offset, uint32_t length, uint8_t *frubuf) + { +- uint32_t off = offset, tmp, finish; ++ uint32_t off = offset; ++ uint32_t tmp; ++ uint32_t finish; ++ uint32_t size_left_in_buffer; + struct ipmi_rs * rsp; + struct ipmi_rq req; + uint8_t msg_data[4]; +@@ -676,10 +679,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + + finish = offset + length; + if (finish > fru->size) { ++ memset(frubuf + fru->size, 0, length - fru->size); + finish = fru->size; + lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " + "Adjusting to %d", + offset + length, finish - offset); ++ length = finish - offset; + } + + memset(&req, 0, sizeof(req)); +@@ -715,6 +720,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + } + ++ size_left_in_buffer = length; + do { + tmp = fru->access ? off >> 1 : off; + msg_data[0] = id; +@@ -756,9 +762,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + + tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; ++ if(rsp->data_len < 1 ++ || tmp > rsp->data_len - 1 ++ || tmp > size_left_in_buffer) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } ++ + memcpy(frubuf, rsp->data + 1, tmp); + off += tmp; + frubuf += tmp; ++ size_left_in_buffer -= tmp; + /* sometimes the size returned in the Info command + * is too large. return 0 so higher level function + * still attempts to parse what was returned */ +@@ -791,7 +806,9 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + uint32_t offset, uint32_t length, uint8_t *frubuf) + { + static uint32_t fru_data_rqst_size = 20; +- uint32_t off = offset, tmp, finish; ++ uint32_t off = offset; ++ uint32_t tmp, finish; ++ uint32_t size_left_in_buffer; + struct ipmi_rs * rsp; + struct ipmi_rq req; + uint8_t msg_data[4]; +@@ -804,10 +821,12 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + + finish = offset + length; + if (finish > fru->size) { ++ memset(frubuf + fru->size, 0, length - fru->size); + finish = fru->size; + lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " + "Adjusting to %d", + offset + length, finish - offset); ++ length = finish - offset; + } + + memset(&req, 0, sizeof(req)); +@@ -822,6 +841,8 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + if (fru->access && fru_data_rqst_size > 16) + #endif + fru_data_rqst_size = 16; ++ ++ size_left_in_buffer = length; + do { + tmp = fru->access ? off >> 1 : off; + msg_data[0] = id; +@@ -853,8 +874,16 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + + tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; ++ if(rsp->data_len < 1 ++ || tmp > rsp->data_len - 1 ++ || tmp > size_left_in_buffer) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } + memcpy((frubuf + off)-offset, rsp->data + 1, tmp); + off += tmp; ++ size_left_in_buffer -= tmp; + + /* sometimes the size returned in the Info command + * is too large. return 0 so higher level function +-- +2.17.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch new file mode 100644 index 000000000..b8742b1a8 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch @@ -0,0 +1,53 @@ +From 81144cfba131b4ddbfcf9c530274b23bfc7e0ea8 Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl <chertl@microsoft.com> +Date: Thu, 28 Nov 2019 16:51:49 +0000 +Subject: [PATCH 2/5] session: Fix buffer overflow in ipmi_get_session_info + +Partial fix for CVE-2020-5208, see +https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +The `ipmi_get_session_info` function does not properly check the +response `data_len`, which is used as a copy size, allowing stack buffer +overflow. + +Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22] +CVE: CVE-2020-5208 + +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + lib/ipmi_session.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/lib/ipmi_session.c b/lib/ipmi_session.c +index 4855bc4..71bef4c 100644 +--- a/lib/ipmi_session.c ++++ b/lib/ipmi_session.c +@@ -319,8 +319,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, + } + else + { +- memcpy(&session_info, rsp->data, rsp->data_len); +- print_session_info(&session_info, rsp->data_len); ++ memcpy(&session_info, rsp->data, ++ __min(rsp->data_len, sizeof(session_info))); ++ print_session_info(&session_info, ++ __min(rsp->data_len, sizeof(session_info))); + } + break; + +@@ -351,8 +353,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, + break; + } + +- memcpy(&session_info, rsp->data, rsp->data_len); +- print_session_info(&session_info, rsp->data_len); ++ memcpy(&session_info, rsp->data, ++ __min(rsp->data_len, sizeof(session_info))); ++ print_session_info(&session_info, ++ __min(rsp->data_len, sizeof(session_info))); + + } while (i <= session_info.session_slot_count); + break; +-- +1.9.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0003-channel-Fix-buffer-overflow.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0003-channel-Fix-buffer-overflow.patch new file mode 100644 index 000000000..deebd356a --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0003-channel-Fix-buffer-overflow.patch @@ -0,0 +1,69 @@ +From 5057761e30e3a7682edab60f98f631616392ddc6 Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl <chertl@microsoft.com> +Date: Thu, 28 Nov 2019 16:56:38 +0000 +Subject: [PATCH 3/3] channel: Fix buffer overflow +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Partial fix for CVE-2020-5208, see +https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +The `ipmi_get_channel_cipher_suites` function does not properly check +the final response’s `data_len`, which can lead to stack buffer overflow +on the final copy. + +Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/9452be87181a6e83cfcc768b3ed8321763db50e4] +CVE: CVE-2020-5208 + +[Make some changes to apply it] +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + include/ipmitool/ipmi_channel.h | 2 ++ + lib/ipmi_channel.c | 10 ++++++++-- + 2 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/include/ipmitool/ipmi_channel.h b/include/ipmitool/ipmi_channel.h +index b138c26..d7cce5e 100644 +--- a/include/ipmitool/ipmi_channel.h ++++ b/include/ipmitool/ipmi_channel.h +@@ -77,6 +77,8 @@ struct channel_access_t { + uint8_t user_level_auth; + }; + ++#define MAX_CIPHER_SUITE_DATA_LEN 0x10 ++ + /* + * The Get Authentication Capabilities response structure + * From table 22-15 of the IPMI v2.0 spec +diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c +index fab2e54..76ecdcd 100644 +--- a/lib/ipmi_channel.c ++++ b/lib/ipmi_channel.c +@@ -378,7 +378,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, + lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); + return -1; + } +- if (rsp->ccode > 0) { ++ if (rsp->ccode ++ || rsp->data_len < 1 ++ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN) ++ { + lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", + val2str(rsp->ccode, completion_code_vals)); + return -1; +@@ -413,7 +416,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, + lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); + return -1; + } +- if (rsp->ccode > 0) { ++ if (rsp->ccode ++ || rsp->data_len < 1 ++ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN) ++ { + lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", + val2str(rsp->ccode, completion_code_vals)); + return -1; +-- +2.18.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch new file mode 100644 index 000000000..b5ce9e92e --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch @@ -0,0 +1,94 @@ +From e6aa6076f65e71544bd6450d20d943d7baaccb9f Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl <chertl@microsoft.com> +Date: Thu, 28 Nov 2019 17:06:39 +0000 +Subject: [PATCH 4/5] lanp: Fix buffer overflows in get_lan_param_select +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Partial fix for CVE-2020-5208, see +https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +The `get_lan_param_select` function is missing a validation check on the +response’s `data_len`, which it then returns to caller functions, where +stack buffer overflow can occur. + +Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/d45572d71e70840e0d4c50bf48218492b79c1a10] +CVE: CVE-2020-5208 + +[Make some changes to apply it] +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + lib/ipmi_lanp.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/lib/ipmi_lanp.c b/lib/ipmi_lanp.c +index 060e753..dee21ee 100644 +--- a/lib/ipmi_lanp.c ++++ b/lib/ipmi_lanp.c +@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + /* set new ipaddr */ + memcpy(data+3, temp, 4); + printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert, +@@ -1932,7 +1932,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + /* set new macaddr */ + memcpy(data+7, temp, 6); + printf("Setting LAN Alert %d MAC Address to " +@@ -1947,7 +1947,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "def", 3) == 0 || + strncasecmp(argv[1], "default", 7) == 0) { +@@ -1973,7 +1973,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "on", 2) == 0 || + strncasecmp(argv[1], "yes", 3) == 0) { +@@ -1998,7 +1998,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "pet", 3) == 0) { + printf("Setting LAN Alert %d destination to PET Trap\n", alert); +@@ -2026,7 +2026,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (str2uchar(argv[1], &data[2]) != 0) { + lprintf(LOG_ERR, "Invalid time: %s", argv[1]); +@@ -2042,7 +2042,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (str2uchar(argv[1], &data[3]) != 0) { + lprintf(LOG_ERR, "Invalid retry: %s", argv[1]); +-- +1.9.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0005-fru-sdr-Fix-id_string-buffer-overflows.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0005-fru-sdr-Fix-id_string-buffer-overflows.patch new file mode 100644 index 000000000..cf8b9254c --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0005-fru-sdr-Fix-id_string-buffer-overflows.patch @@ -0,0 +1,142 @@ +From 26e64ca78ae844c5ceedde89531e2924d7d4594c Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl <chertl@microsoft.com> +Date: Thu, 28 Nov 2019 17:13:45 +0000 +Subject: [PATCH 5/5] fru, sdr: Fix id_string buffer overflows + +Final part of the fixes for CVE-2020-5208, see +https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +9 variants of stack buffer overflow when parsing `id_string` field of +SDR records returned from `CMD_GET_SDR` command. + +SDR record structs have an `id_code` field, and an `id_string` `char` +array. + +The length of `id_string` is calculated as `(id_code & 0x1f) + 1`, +which can be larger than expected 16 characters (if `id_code = 0xff`, +then length will be `(0xff & 0x1f) + 1 = 32`). + +In numerous places, this can cause stack buffer overflow when copying +into fixed buffer of size `17` bytes from this calculated length. + +Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/7ccea283dd62a05a320c1921e3d8d71a87772637] +CVE: CVE-2020-5208 + +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + lib/ipmi_fru.c | 2 +- + lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++---------------- + 2 files changed, 25 insertions(+), 17 deletions(-) + +diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c +index b71ea23..1decea2 100644 +--- a/lib/ipmi_fru.c ++++ b/lib/ipmi_fru.c +@@ -3038,7 +3038,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru) + return 0; + + memset(desc, 0, sizeof(desc)); +- memcpy(desc, fru->id_string, fru->id_code & 0x01f); ++ memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc))); + desc[fru->id_code & 0x01f] = 0; + printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id); + +diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c +index fa7b082..175a86f 100644 +--- a/lib/ipmi_sdr.c ++++ b/lib/ipmi_sdr.c +@@ -2113,7 +2113,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf, + return -1; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string); + + if (verbose) { + printf("Sensor ID : %s (0x%x)\n", +@@ -2164,7 +2164,7 @@ ipmi_sdr_print_sensor_mc_locator(struct ipmi_intf *intf, + return -1; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string); + + if (verbose == 0) { + if (csv_output) +@@ -2257,7 +2257,7 @@ ipmi_sdr_print_sensor_generic_locator(struct ipmi_intf *intf, + char desc[17]; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string); + + if (!verbose) { + if (csv_output) +@@ -2314,7 +2314,7 @@ ipmi_sdr_print_sensor_fru_locator(struct ipmi_intf *intf, + char desc[17]; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string); + + if (!verbose) { + if (csv_output) +@@ -2518,35 +2518,43 @@ ipmi_sdr_print_name_from_rawentry(struct ipmi_intf *intf,uint16_t id, + + int rc =0; + char desc[17]; ++ const char *id_string; ++ uint8_t id_code; + memset(desc, ' ', sizeof (desc)); + + switch ( type) { + case SDR_RECORD_TYPE_FULL_SENSOR: + record.full = (struct sdr_record_full_sensor *) raw; +- snprintf(desc, (record.full->id_code & 0x1f) +1, "%s", +- (const char *)record.full->id_string); ++ id_code = record.full->id_code; ++ id_string = record.full->id_string; + break; ++ + case SDR_RECORD_TYPE_COMPACT_SENSOR: + record.compact = (struct sdr_record_compact_sensor *) raw ; +- snprintf(desc, (record.compact->id_code & 0x1f) +1, "%s", +- (const char *)record.compact->id_string); ++ id_code = record.compact->id_code; ++ id_string = record.compact->id_string; + break; ++ + case SDR_RECORD_TYPE_EVENTONLY_SENSOR: + record.eventonly = (struct sdr_record_eventonly_sensor *) raw ; +- snprintf(desc, (record.eventonly->id_code & 0x1f) +1, "%s", +- (const char *)record.eventonly->id_string); +- break; ++ id_code = record.eventonly->id_code; ++ id_string = record.eventonly->id_string; ++ break; ++ + case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR: + record.mcloc = (struct sdr_record_mc_locator *) raw ; +- snprintf(desc, (record.mcloc->id_code & 0x1f) +1, "%s", +- (const char *)record.mcloc->id_string); ++ id_code = record.mcloc->id_code; ++ id_string = record.mcloc->id_string; + break; ++ + default: + rc = -1; +- break; +- } ++ } ++ if (!rc) { ++ snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string); ++ } + +- lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); ++ lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); + return rc; + } + +-- +1.9.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb index b7f1aa914..3de9a92a7 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb @@ -24,6 +24,12 @@ DEPENDS = "openssl readline ncurses" SRC_URI = "${SOURCEFORGE_MIRROR}/ipmitool/ipmitool-${PV}.tar.bz2 \ file://0001-Migrate-to-openssl-1.1.patch \ + file://0001-fru-Fix-buffer-overflow-vulnerabilities.patch \ + file://0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch \ + file://0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch \ + file://0003-channel-Fix-buffer-overflow.patch \ + file://0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch \ + file://0005-fru-sdr-Fix-id_string-buffer-overflows.patch \ " SRC_URI[md5sum] = "bab7ea104c7b85529c3ef65c54427aa3" SRC_URI[sha256sum] = "0c1ba3b1555edefb7c32ae8cd6a3e04322056bc087918f07189eeedfc8b81e01" diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil/0001-Prevent-access-times-from-changing-resulting-gzip-md.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil/0001-Prevent-access-times-from-changing-resulting-gzip-md.patch new file mode 100644 index 000000000..78c05ef32 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil/0001-Prevent-access-times-from-changing-resulting-gzip-md.patch @@ -0,0 +1,25 @@ +From da668e5bf1a721797361ab866d09913ee8e157c4 Mon Sep 17 00:00:00 2001 +From: Jeremy Puhlman <jpuhlman@mvista.com> +Date: Sat, 22 Feb 2020 04:37:04 +0000 +Subject: [PATCH] Prevent access times from changing resulting gzip md5sum + +Upstream-Status: Pending +https://github.com/ipmitool/ipmitool/pull/186 +--- + doc/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/doc/Makefile.am b/doc/Makefile.am +index b792762..2c52ce6 100644 +--- a/doc/Makefile.am ++++ b/doc/Makefile.am +@@ -59,5 +59,5 @@ install: + ${INSTALL_DATA_SH} iuser.8 ${manto} + ${INSTALL_DATA_SH} iseltime.8 ${manto} + ${INSTALL_DATA_SH} bmclanpet.mib ${datato} +- cd ${manto}; gzip -f *.8 ++ cd ${manto}; gzip -nf *.8 + +-- +2.13.3 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil_3.1.5.bb b/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil_3.1.5.bb index 3e2634028..d0f3688a2 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil_3.1.5.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/ipmiutil/ipmiutil_3.1.5.bb @@ -21,6 +21,7 @@ PARALLEL_MAKE = "" SRC_URI = "${SOURCEFORGE_MIRROR}/ipmiutil/ipmiutil-${PV}.tar.gz \ file://fix_systemd_path.patch \ + file://0001-Prevent-access-times-from-changing-resulting-gzip-md.patch \ " SRC_URI[md5sum] = "292d6df25cad678bb27e5c8cdc6748f9" SRC_URI[sha256sum] = "58ccdbd5755d7dd72478756715af09e9c73330dfad2b91dbf03d2ac504b301a3" diff --git a/meta-openembedded/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb b/meta-openembedded/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb index 02c56bee6..3687c267e 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb @@ -18,11 +18,16 @@ SRC_URI += "file://run-ptest \ # we will append other kernel selftest in the future # bpf was added in 4.10 with: https://github.com/torvalds/linux/commit/5aa5bd14c5f8660c64ceedf14a549781be47e53d # if you have older kernel than that you need to remove it from PACKAGECONFIG -PACKAGECONFIG ??= "bpf vm" +PACKAGECONFIG ??= "bpf firmware vm" PACKAGECONFIG_remove_x86 = "bpf" PACKAGECONFIG_remove_arm = "bpf" +# host ptrace.h is used to compile BPF target but mips ptrace.h is needed +# progs/loop1.c:21:9: error: incomplete definition of type 'struct user_pt_regs' +# m = PT_REGS_RC(ctx); +PACKAGECONFIG_remove_qemumips = "bpf" PACKAGECONFIG[bpf] = ",,elfutils libcap libcap-ng rsync-native," +PACKAGECONFIG[firmware] = ",,libcap, bash" PACKAGECONFIG[vm] = ",,libcap,libgcc bash" do_patch[depends] += "virtual/kernel:do_shared_workdir" @@ -32,7 +37,7 @@ inherit linux-kernel-base kernel-arch ptest S = "${WORKDIR}/${BP}" TEST_LIST = "\ - ${@bb.utils.filter('PACKAGECONFIG', 'bpf vm', d)} \ + ${@bb.utils.filter('PACKAGECONFIG', 'bpf firmware vm', d)} \ rtc \ " @@ -40,7 +45,7 @@ EXTRA_OEMAKE = '\ CROSS_COMPILE=${TARGET_PREFIX} \ ARCH=${ARCH} \ CC="${CC}" \ - CLANG="clang -fno-stack-protector" \ + CLANG="clang -fno-stack-protector -target ${TARGET_ARCH} ${TOOLCHAIN_OPTIONS}" \ AR="${AR}" \ LD="${LD}" \ DESTDIR="${D}" \ @@ -55,10 +60,13 @@ KERNEL_SELFTEST_SRC ?= "Makefile \ " do_compile() { + if [ ${@bb.utils.contains('PACKAGECONFIG', 'bpf', 'True', 'False', d)} = 'True' ]; then if [ ${@bb.utils.contains('DEPENDS', 'clang-native', 'True', 'False', d)} = 'False' ]; then bbwarn "clang >= 6.0 with bpf support is needed with kernel 4.18+ so either install it and add it to HOSTTOOLS, or add clang-native from meta-clang to dependency" fi + fi + for i in ${TEST_LIST} do oe_runmake -C ${S}/tools/testing/selftests/${i} diff --git a/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch/0002-kpatch-build-allow-overriding-of-distro-name.patch b/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch/0002-kpatch-build-allow-overriding-of-distro-name.patch index 603a1475a..0cc368413 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch/0002-kpatch-build-allow-overriding-of-distro-name.patch +++ b/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch/0002-kpatch-build-allow-overriding-of-distro-name.patch @@ -48,10 +48,10 @@ index 39933fc..c0258a2 100755 --skip-cleanup) echo "Skipping cleanup" SKIPCLEANUP=1 -@@ -571,7 +576,7 @@ fi +@@ -613,7 +613,7 @@ fi # Don't check external file. - # shellcheck disable=SC1091 - source /etc/os-release + # shellcheck disable=SC1090 + [[ -f "$RELEASE_FILE" ]] && source "$RELEASE_FILE" -DISTRO="$ID" +DISTRO="${DISTRO:-${ID}}" if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]]; then diff --git a/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch_git.bb b/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch_git.bb index 6326a2538..ba3983e6f 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch_git.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch_git.bb @@ -2,9 +2,9 @@ require kpatch.inc LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRCREV = "2a29bc7dea9a7da12705c7b50315eee1acdd9156" +SRCREV = "0c3c21930895f6582a5c9d9d797f7e11ff41ffb2" -PV = "0.8.0" +PV = "0.9.1" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-kernel/libpfm/libpfm4_4.10.1.bb b/meta-openembedded/meta-oe/recipes-kernel/libpfm/libpfm4_4.10.1.bb index 9b43b4a97..ff56d4804 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/libpfm/libpfm4_4.10.1.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/libpfm/libpfm4_4.10.1.bb @@ -23,6 +23,7 @@ UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/perfmon2/files/libpfm4/" EXTRA_OEMAKE = "DESTDIR=\"${D}\" PREFIX=\"${prefix}\" LIBDIR=\"${libdir}\" LDCONFIG=\"true\"" EXTRA_OEMAKE_append_powerpc = " ARCH=\"powerpc\"" EXTRA_OEMAKE_append_powerpc64 = " ARCH=\"powerpc\" BITMODE=\"64\"" +EXTRA_OEMAKE_append_powerpc64le = " ARCH=\"powerpc\" BITMODE=\"64\"" S = "${WORKDIR}/libpfm-${PV}" diff --git a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch index c0f82f321..ff093a72b 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch +++ b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch @@ -83,7 +83,7 @@ index 1fdb628..5dce589 100644 OBJ_PART=$(patsubst %.c,%.o,$(SRC_PART)) @@ -52,17 +53,17 @@ OBJ_ARCH=$(patsubst %.c,%.o,$(SRC_ARCH)) - LIBS = -ldw -lbz2 -lebl -ldl -lelf -lz + LIBS = -ldw -lbz2 -ldl -lelf -lz ifneq ($(LINKTYPE), dynamic) -LIBS := -static $(LIBS) +LIBS := $(LIBS) @@ -102,7 +102,7 @@ index 1fdb628..5dce589 100644 endif LIBS := -lpthread $(LIBS) -@@ -82,14 +83,14 @@ LIBS := $(LIBS) $(call try-run,\ +@@ -87,14 +88,14 @@ LIBS := $(LIBS) $(call try-run,\ all: makedumpfile $(OBJ_PART): $(SRC_PART) @@ -119,7 +119,7 @@ index 1fdb628..5dce589 100644 echo .TH MAKEDUMPFILE 8 \"$(DATE)\" \"makedumpfile v$(VERSION)\" \"Linux System Administrator\'s Manual\" > temp.8 grep -v "^.TH MAKEDUMPFILE 8" $(VPATH)makedumpfile.8 >> temp.8 mv temp.8 makedumpfile.8 -@@ -100,7 +101,7 @@ makedumpfile: $(SRC_BASE) $(OBJ_PART) $(OBJ_ARCH) +@@ -105,7 +106,7 @@ makedumpfile: $(SRC_BASE) $(OBJ_PART) $(OBJ_ARCH) gzip -c ./makedumpfile.conf.5 > ./makedumpfile.conf.5.gz eppic_makedumpfile.so: extension_eppic.c diff --git a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0003-build-Delete-libebl-from-required-libraries-during-l.patch b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0003-build-Delete-libebl-from-required-libraries-during-l.patch deleted file mode 100644 index 40956434d..000000000 --- a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0003-build-Delete-libebl-from-required-libraries-during-l.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 460851c15e807d1a2515dfb985423f8a6624f4aa Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 8 Jan 2020 19:14:19 -0800 -Subject: [PATCH 3/3] build: Delete libebl from required libraries during link - -This is a static library from elfutils, which is not made available when -static archives are disabled, this can result in link failures e.g. - -aarch64-yoe-linux-musl/9.2.0/ld: cannot find -lebl -collect2: error: ld returned 1 exit status -Makefile:93: recipe for target 'makedumpfile' failed - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 5dce589..c3a4054 100644 ---- a/Makefile -+++ b/Makefile -@@ -51,7 +51,7 @@ OBJ_PART=$(patsubst %.c,%.o,$(SRC_PART)) - SRC_ARCH = arch/arm.c arch/arm64.c arch/x86.c arch/x86_64.c arch/ia64.c arch/ppc64.c arch/s390x.c arch/ppc.c arch/sparc64.c - OBJ_ARCH=$(patsubst %.c,%.o,$(SRC_ARCH)) - --LIBS = -ldw -lbz2 -lebl -ldl -lelf -lz -+LIBS = -ldw -lbz2 -ldl -lelf -lz - ifneq ($(LINKTYPE), dynamic) - LIBS := $(LIBS) - endif --- -2.24.1 - diff --git a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.6.6.bb b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.6.7.bb index 6924e39d6..8d1676a4c 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.6.6.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.6.7.bb @@ -24,10 +24,9 @@ SRC_URI = "\ ${SOURCEFORGE_MIRROR}/makedumpfile/${BPN}-${PV}.tar.gz \ file://0001-makedumpfile-replace-hardcode-CFLAGS.patch \ file://0002-mem_section-Support-only-46-bit-for-MAX_PHYSMEM_BITS.patch \ - file://0003-build-Delete-libebl-from-required-libraries-during-l.patch \ " -SRC_URI[md5sum] = "6fd632b97ad78d9a0a3b0f0989094064" -SRC_URI[sha256sum] = "d007eec05cb14f0155f2d06a0d4dc70d321dbb2aec65fccdce953145c8230324" +SRC_URI[md5sum] = "808ef840ca49ca6bfde77c097cf429f5" +SRC_URI[sha256sum] = "e702fbdf62b4cd829a76e46f3e24eb3fc7501918b85ebdcd8baef4f53d6ee2c8" UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/makedumpfile/files/makedumpfile/" UPSTREAM_CHECK_REGEX = "makedumpfile/(?P<pver>\d+(\.\d+)+)/" diff --git a/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile.inc b/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile.inc index a9ee775d4..0e1e2ed8c 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile.inc +++ b/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile.inc @@ -25,6 +25,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \ file://root-home-dir.patch \ file://0001-Add-rmb-definition-for-NIOS2-architecture.patch \ file://0001-replace-sym_iterator-0-with-sym_iterator.patch \ + file://0001-Use-new-bfd-APIs-from-2.34.patch \ " UPSTREAM_CHECK_REGEX = "oprofile-(?P<pver>\d+(\.\d+)+)/" UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/oprofile/files/oprofile/" diff --git a/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile/0001-Use-new-bfd-APIs-from-2.34.patch b/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile/0001-Use-new-bfd-APIs-from-2.34.patch new file mode 100644 index 000000000..faf56d116 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile/0001-Use-new-bfd-APIs-from-2.34.patch @@ -0,0 +1,79 @@ +From 34745fb066a266ae6bbb15d08466d4d2cb6a2110 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 20 Feb 2020 08:11:04 -0800 +Subject: [PATCH] Use new bfd APIs from 2.34+ + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + libutil++/bfd_support.cpp | 10 +++++----- + opjitconv/create_bfd.c | 6 +++--- + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/libutil++/bfd_support.cpp b/libutil++/bfd_support.cpp +index fa904839..e53a1530 100644 +--- a/libutil++/bfd_support.cpp ++++ b/libutil++/bfd_support.cpp +@@ -137,7 +137,7 @@ static bool get_build_id(bfd * ibfd, unsigned char * build_id) + } + } + +- bfd_size_type buildid_sect_size = bfd_section_size(ibfd, sect); ++ bfd_size_type buildid_sect_size = bfd_section_size(sect); + char * contents = (char *) xmalloc(buildid_sect_size); + errno = 0; + if (!bfd_get_section_contents(ibfd, sect, +@@ -188,7 +188,7 @@ bool get_debug_link_info(bfd * ibfd, string & filename, unsigned long & crc32) + if (sect == NULL) + return false; + +- bfd_size_type debuglink_size = bfd_section_size(ibfd, sect); ++ bfd_size_type debuglink_size = bfd_section_size(sect); + char * contents = (char *) xmalloc(debuglink_size); + cverb << vbfd + << ".gnu_debuglink section has size " << debuglink_size << endl; +@@ -346,7 +346,7 @@ void fixup_linenr(bfd * abfd, asection * section, asymbol ** syms, + // first restrict the search on a sensible range of vma, 16 is + // an intuitive value based on epilog code look + size_t max_search = 16; +- size_t section_size = bfd_section_size(abfd, section); ++ size_t section_size = bfd_section_size(section); + if (pc + max_search > section_size) + max_search = section_size - pc; + +@@ -819,10 +819,10 @@ find_nearest_line(bfd_info const & b, op_bfd_symbol const & sym, + else + pc = (sym.value() + offset) - sym.filepos(); + +- if ((bfd_get_section_flags(abfd, section) & SEC_ALLOC) == 0) ++ if ((bfd_section_flags(section) & SEC_ALLOC) == 0) + goto fail; + +- if (pc >= bfd_section_size(abfd, section)) ++ if (pc >= bfd_section_size(section)) + goto fail; + + ret = bfd_find_nearest_line(abfd, section, syms, pc, &cfilename, +diff --git a/opjitconv/create_bfd.c b/opjitconv/create_bfd.c +index 48db143b..5c0e9152 100644 +--- a/opjitconv/create_bfd.c ++++ b/opjitconv/create_bfd.c +@@ -86,12 +86,12 @@ asection * create_section(bfd * abfd, char const * section_name, + bfd_perror("bfd_make_section"); + goto error; + } +- bfd_set_section_vma(abfd, section, vma); +- if (bfd_set_section_size(abfd, section, size) == FALSE) { ++ bfd_set_section_vma(section, vma); ++ if (bfd_set_section_size(section, size) == FALSE) { + bfd_perror("bfd_set_section_size"); + goto error; + } +- if (bfd_set_section_flags(abfd, section, flags) == FALSE) { ++ if (bfd_set_section_flags(section, flags) == FALSE) { + bfd_perror("bfd_set_section_flags"); + goto error; + } +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile_1.3.0.bb b/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile_1.3.0.bb index 4e5b6ca33..8242a835f 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile_1.3.0.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/oprofile/oprofile_1.3.0.bb @@ -1,6 +1,10 @@ require oprofile.inc +COMPATIBLE_HOST_riscv64 = "null" +COMPATIBLE_HOST_riscv32 = "null" + DEPENDS_append_powerpc64 = " libpfm4" +DEPENDS_append_powerpc64le = " libpfm4" SRC_URI[md5sum] = "bd998df5521ebedae31e71cd3fb6200b" SRC_URI[sha256sum] = "95ded8bde1ec39922f0af015981a67aec63e025a501e4dc04cd65d38f73647e6" diff --git a/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb b/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb index 63a9fa88e..a1378866a 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb @@ -12,11 +12,22 @@ SRC_URI = "git://github.com/intel/pm-graph.git \ " S = "${WORKDIR}/git" +# Apart from the listed RDEPENDS, analyze-suspend depends on some features +# provided by the kernel. These options are: +# - CONFIG_PM_DEBUG=y +# - CONFIG_PM_SLEEP_DEBUG=y +# - CONFIG_FTRACE=y +# - CONFIG_FUNCTION_TRACER=y +# - CONFIG_FUNCTION_GRAPH_TRACER=y + COMPATIBLE_HOST='(i.86|x86_64).*' EXTRA_OEMAKE = "PREFIX=${prefix} DESTDIR=${D} BASELIB=${baselib}" do_install() { oe_runmake install + install -Dm 0755 ${S}/analyze_suspend.py ${D}${bindir}/analyze_suspend.py } RDEPENDS_${PN} += "python3-core python3-threading python3-datetime python3-compression" +RPROVIDES_${PN} = "analyze-suspend" +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-kernel/spidev-test/spidev-test.bb b/meta-openembedded/meta-oe/recipes-kernel/spidev-test/spidev-test.bb new file mode 100644 index 000000000..662630291 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-kernel/spidev-test/spidev-test.bb @@ -0,0 +1,29 @@ +SUMMARY = "Test SPI devices" +DESCRIPTION = "SPI testing utility using the spidev driver" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" +PROVIDES = "virtual/spidev-test" + +inherit bash-completion kernelsrc kernel-arch + +do_populate_lic[depends] += "virtual/kernel:do_patch" + +EXTRA_OEMAKE = "-C ${S}/tools/spi O=${B} CROSS=${TARGET_PREFIX} CC="${CC}" LD="${LD}" AR=${AR} ARCH=${ARCH}" + +do_configure[depends] += "virtual/kernel:do_shared_workdir" + +do_compile() { + oe_runmake +} + +do_install() { + oe_runmake DESTDIR=${D} install +} + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +python do_package_prepend() { + d.setVar('PKGV', d.getVar("KERNEL_VERSION", True).split("-")[0]) +} + +B = "${WORKDIR}/${BPN}-${PV}" diff --git a/meta-openembedded/meta-oe/recipes-kernel/turbostat/turbostat_3.4.bb b/meta-openembedded/meta-oe/recipes-kernel/turbostat/turbostat_3.4.bb index 5f6588de5..60040a47a 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/turbostat/turbostat_3.4.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/turbostat/turbostat_3.4.bb @@ -21,7 +21,7 @@ SRC_URI += "\ " PACKAGE_ARCH = "${MACHINE_ARCH}" -DEPENDS = "virtual/kernel" +DEPENDS = "libcap" # This looks in S, so we better make sure there's # something in the directory. @@ -30,25 +30,28 @@ do_populate_lic[depends] = "${PN}:do_configure" EXTRA_OEMAKE = '\ - CC="${CC}" \ - 'CFLAGS=-Wall -I${STAGING_KERNEL_DIR}/arch/x86/include/uapi ${LDFLAGS}' \ + CC="${CC}" 'CFLAGS=-Wall ${LDFLAGS}' \ ' # If we build under STAGING_KERNEL_DIR, source will not be put # into the dbg rpm. STAGING_KERNEL_DIR will exist by the time # do_configure() is invoked so we can safely copy from it. # +do_configure[depends] += "virtual/kernel:do_shared_workdir" do_configure_prepend() { mkdir -p ${S} cp -r ${STAGING_KERNEL_DIR}/arch/x86/include/asm/msr-index.h ${S} cp -r ${STAGING_KERNEL_DIR}/arch/x86/include/asm/intel-family.h ${S} cp -r ${STAGING_KERNEL_DIR}/include/linux/bits.h ${S} + cp -r ${STAGING_KERNEL_DIR}/include/linux/const.h ${S} cp -r ${STAGING_KERNEL_DIR}/tools/power/x86/turbostat/* ${S} cp -r ${WORKDIR}/COPYING ${S} } do_compile() { sed -i 's#<linux/bits.h>#"bits.h"#' msr-index.h + sed -i 's#<linux/const.h>#"const.h"#' bits.h + sed -i -e 's#<uapi/linux/const.h>#<linux/const.h>#' -e 's#_LINUX_CONST_H#_LINUX_CONST_H_KERNEL#' const.h sed -i 's#MSRHEADER#"msr-index.h"#' turbostat.c sed -i 's#INTEL_FAMILY_HEADER#"intel-family.h"#' turbostat.c sed -i 's#\$(CC) \$(CFLAGS) \$< -o \$(BUILD_OUTPUT)/\$@#\$(CC) \$(CFLAGS) \$(LDFLAGS) \$< -o \$(BUILD_OUTPUT)/\$@#' Makefile |