diff options
| author | jmbills <42755197+jmbills@users.noreply.github.com> | 2019-10-25 19:18:16 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-10-25 19:18:16 +0300 |
| commit | 0dbb60593ebb5a62190c0e6cff7f1770493303a2 (patch) | |
| tree | 0df2ce67404dbca3ddc4ee063dbfd9ae455be682 /poky/meta/recipes-bsp | |
| parent | 34a3942845ac3264ce27c648ae5486d302c3e6d8 (diff) | |
| parent | cc9cea46d74d280de03c713c8b555153fd811f09 (diff) | |
| download | openbmc-0dbb60593ebb5a62190c0e6cff7f1770493303a2.tar.xz | |
Merge branch 'intel' into intel2
Diffstat (limited to 'poky/meta/recipes-bsp')
35 files changed, 638 insertions, 431 deletions
diff --git a/poky/meta/recipes-bsp/acpid/acpid.inc b/poky/meta/recipes-bsp/acpid/acpid.inc index 766ed4f89..1e43e7a9d 100644 --- a/poky/meta/recipes-bsp/acpid/acpid.inc +++ b/poky/meta/recipes-bsp/acpid/acpid.inc @@ -1,4 +1,10 @@ SUMMARY = "A daemon for delivering ACPI events" +DESCRIPTION = "ACPID is a completely flexible, totally extensible daemon for \ +delivering ACPI events. It listens on netlink interface (or on the \ +deprecated file /proc/acpi/event), and when an event occurs, executes programs \ +to handle the event. The programs it executes are configured through a set of \ +configuration files, which can be dropped into place by packages or by the \ +admin." HOMEPAGE = "http://sourceforge.net/projects/acpid2" BUGTRACKER = "http://sourceforge.net/p/acpid2/tickets/?source=navbar" SECTION = "base" diff --git a/poky/meta/recipes-bsp/acpid/acpid_2.0.31.bb b/poky/meta/recipes-bsp/acpid/acpid_2.0.32.bb index 407492132..227e4a467 100644 --- a/poky/meta/recipes-bsp/acpid/acpid_2.0.31.bb +++ b/poky/meta/recipes-bsp/acpid/acpid_2.0.32.bb @@ -3,5 +3,5 @@ require acpid.inc LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b \ file://acpid.h;endline=24;md5=324a9cf225ae69ddaad1bf9d942115b5" -SRC_URI[md5sum] = "599dd38681b5917eeeafb58176793952" -SRC_URI[sha256sum] = "fc9dc669ed85d9a1739aa76915e0667c6697c5431160f8dfb253046c6a072cc3" +SRC_URI[md5sum] = "248995264b9d1cd8bdb923d5b190fd44" +SRC_URI[sha256sum] = "f2d2d30b3edc3234bd82f6f7186699a6aa3c85c8d20bc4e30e9b3c68a1ed157e" diff --git a/poky/meta/recipes-bsp/efibootmgr/efibootmgr/97668ae0bce776a36ea2001dea63d376be8274ac.patch b/poky/meta/recipes-bsp/efibootmgr/efibootmgr/97668ae0bce776a36ea2001dea63d376be8274ac.patch new file mode 100644 index 000000000..9525ed8c5 --- /dev/null +++ b/poky/meta/recipes-bsp/efibootmgr/efibootmgr/97668ae0bce776a36ea2001dea63d376be8274ac.patch @@ -0,0 +1,83 @@ +From 97668ae0bce776a36ea2001dea63d376be8274ac Mon Sep 17 00:00:00 2001 +From: Peter Jones <pjones@redhat.com> +Date: Wed, 6 Mar 2019 13:08:33 -0500 +Subject: [PATCH] Make sure PKGS= is propogated into the submake for "make + deps" + +When we're doing make deps with "$(CC) -MF", gcc and clang have different +behavior, both broken in different ways, which we're hitting because of a +missing -I argument for libefivar's includes. On clang, when a header can't +be found, it emits a rule with the header as a prerequisite without a path, +such as efivar.h here: + +efibootmgr.o: efibootmgr.c fix_coverity.h efivar.h efiboot.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/list.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efi.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/unparse_path.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efibootmgr.h \ + error.h + +Then the build that utilizes that rule will fail to find the +prerequisite and tell you something like: + +make[1]: *** No rule to make target 'efivar.h', needed by 'efibootmgr.o'. Stop. +make[1]: Leaving directory '/home/pjones/devel/github.com/efibootmgr/master/src' + +With gcc, when a header can't be found, it emits a rule without that header +as a prerequisite, as such (again with efivar.h): + +efibootmgr.o: efibootmgr.c fix_coverity.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/list.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efi.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/unparse_path.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efi.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efibootmgr.h \ + error.h + +And then your build will fail if you haven't adjusted CFLAGS to tell it +where to find the header. + +Both of these would be better just erroring, but at least gcc's doesn't +insert a *wrong* dependency. + +This patch adds "PKGS=efivar efibootmgr popt" for all deps under src/. +Technically that's overkill, as efibootmgr itself doesn't need popt, but it +doesn't hurt anything to have the extra part there. The resulting +.efibootmgr.d file has the prerequisites expressed correctly: + +efibootmgr.o: efibootmgr.c fix_coverity.h /usr/include/efivar/efivar.h \ + /usr/include/efivar/efiboot.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/list.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efi.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/unparse_path.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efi.h \ + /home/pjones/devel/github.com/efibootmgr/master/src/include/efibootmgr.h \ + error.h + +This fixes the issue described in github PR #96 + +Signed-off-by: Peter Jones <pjones@redhat.com> +Upstream-Status: Backport [https://github.com/rhboot/efibootmgr/commit/97668ae0bce776a36ea2001dea63d376be8274ac] +--- + src/Makefile | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/Makefile b/src/Makefile +index 258bac1..32fa188 100644 +--- a/src/Makefile ++++ b/src/Makefile +@@ -31,8 +31,13 @@ efibootdump : PKGS=efivar efiboot popt + efibootnext : $(call objects-of,$(EFIBOOTNEXT_SOURCES)) + efibootnext : PKGS=efivar efiboot popt + ++deps : PKGS=efivar efiboot popt + deps : $(ALL_SOURCES) +- $(MAKE) -f $(TOPDIR)/Make.deps deps SOURCES="$(ALL_SOURCES)" SUBDIR_CFLAGS="$(SUBDIR_CFLAGS)" ++ $(MAKE) -f $(TOPDIR)/Make.deps \ ++ SOURCES="$(ALL_SOURCES)" \ ++ SUBDIR_CFLAGS="$(SUBDIR_CFLAGS)" \ ++ PKGS="$(PKGS)" \ ++ deps + + clean : + @rm -rfv *.o *.a *.so $(TARGETS) diff --git a/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb b/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb index 0e5a81e31..5d6f200a7 100644 --- a/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb +++ b/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb @@ -12,6 +12,7 @@ COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https \ file://0001-remove-extra-decl.patch \ + file://97668ae0bce776a36ea2001dea63d376be8274ac.patch \ " SRCREV = "e067160ecef8208e1944002e5d50b275733211fb" diff --git a/poky/meta/recipes-bsp/efivar/efivar_37.bb b/poky/meta/recipes-bsp/efivar/efivar_37.bb index c4254c70d..9b95721a4 100644 --- a/poky/meta/recipes-bsp/efivar/efivar_37.bb +++ b/poky/meta/recipes-bsp/efivar/efivar_37.bb @@ -23,7 +23,10 @@ LDFLAGS += "-fuse-ld=bfd" do_compile_prepend() { # Remove when https://github.com/rhboot/efivar/issues/130 is fixed - oe_runmake CFLAGS="${BUILD_CFLAGS}" -C src makeguids + oe_runmake \ + CFLAGS="${BUILD_CFLAGS}" \ + LDFLAGS="${BUILD_LDFLAGS}" \ + -C src makeguids } do_install() { diff --git a/poky/meta/recipes-bsp/formfactor/formfactor_0.0.bb b/poky/meta/recipes-bsp/formfactor/formfactor_0.0.bb index 53cf1cf77..ea1fa4c75 100644 --- a/poky/meta/recipes-bsp/formfactor/formfactor_0.0.bb +++ b/poky/meta/recipes-bsp/formfactor/formfactor_0.0.bb @@ -1,4 +1,7 @@ SUMMARY = "Device formfactor information" +DESCRIPTION = "A formfactor configuration file provides information about the \ +target hardware for which the image is being built and information that the \ +build system cannot obtain from other sources such as the kernel." SECTION = "base" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" diff --git a/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch b/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch index ce3238f3a..6b73878cc 100644 --- a/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch +++ b/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch @@ -1,4 +1,4 @@ -From fb7b827a56b1f92f882d0f5ef130acc968b23293 Mon Sep 17 00:00:00 2001 +From 96d9aa55d29b24e2490d5647a9efc66940fc400f Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Wed, 13 Jan 2016 19:17:31 +0000 Subject: [PATCH] Disable -mfpmath=sse as well when SSE is disabled @@ -22,17 +22,17 @@ cc1: all warnings being treated as errors Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending +Upstream-Status: Pending +--- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 26d2f33..9ce56de 100644 +index 7656f24..0868ea9 100644 --- a/configure.ac +++ b/configure.ac -@@ -783,7 +783,7 @@ fi +@@ -824,7 +824,7 @@ fi if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ) && test "x$platform" != xemu; then # Some toolchains enable these features by default, but they need # registers that aren't set up properly in GRUB. @@ -41,6 +41,3 @@ index 26d2f33..9ce56de 100644 fi # GRUB doesn't use float or doubles at all. Yet some toolchains may decide --- -2.7.0 - diff --git a/poky/meta/recipes-bsp/grub/files/0001-Unset-need_charset_alias-when-building-for-musl.patch b/poky/meta/recipes-bsp/grub/files/0001-Unset-need_charset_alias-when-building-for-musl.patch deleted file mode 100644 index 67dc11549..000000000 --- a/poky/meta/recipes-bsp/grub/files/0001-Unset-need_charset_alias-when-building-for-musl.patch +++ /dev/null @@ -1,30 +0,0 @@ -From b9565dc2fe0c4f7daaec91b7e83bc7313dee2f4a Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 13 Apr 2015 17:02:13 -0700 -Subject: [PATCH] Unset need_charset_alias when building for musl - -localcharset uses ac_cv_gnu_library_2_1 from glibc21.m4 -which actually shoudl be fixed in gnulib and then all downstream -projects will get it eventually. For now we apply the fix to -coreutils - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - lib/gnulib.mk | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: grub-2.00/grub-core/gnulib/Makefile.am -=================================================================== ---- grub-2.00.orig/grub-core/gnulib/Makefile.am -+++ grub-2.00/grub-core/gnulib/Makefile.am -@@ -410,7 +410,7 @@ install-exec-localcharset: all-local - case '$(host_os)' in \ - darwin[56]*) \ - need_charset_alias=true ;; \ -- darwin* | cygwin* | mingw* | pw32* | cegcc*) \ -+ darwin* | cygwin* | mingw* | pw32* | cegcc* | linux-musl*) \ - need_charset_alias=false ;; \ - *) \ - need_charset_alias=true ;; \ diff --git a/poky/meta/recipes-bsp/grub/files/0001-grub-setup-Debug-message-cleanup.patch b/poky/meta/recipes-bsp/grub/files/0001-grub-setup-Debug-message-cleanup.patch deleted file mode 100644 index e01fcdffb..000000000 --- a/poky/meta/recipes-bsp/grub/files/0001-grub-setup-Debug-message-cleanup.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 4e9d9358e0cda6d01020005eb6343e3b69f7201a Mon Sep 17 00:00:00 2001 -From: Cao jin <caoj.fnst@cn.fujitsu.com> -Date: Tue, 3 Jul 2018 18:51:13 +0800 -Subject: [PATCH] grub-setup: Debug message cleanup - -Variable "root" is initialized after root device probing and is null in -current place, so, drop it. - -Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com> -Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> ---- -Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/grub.git/commit/?id=4e9d9358e0cda6d01020005eb6343e3b69f7201a] - - util/setup.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/util/setup.c b/util/setup.c -index 80363075d..9c1e1b7da 100644 ---- a/util/setup.c -+++ b/util/setup.c -@@ -305,9 +305,8 @@ SETUP (const char *dir, - bl.first_block = (struct grub_boot_blocklist *) (core_img - + GRUB_DISK_SECTOR_SIZE - - sizeof (*bl.block)); -- grub_util_info ("root is `%s', dest is `%s'", root, dest); - -- grub_util_info ("Opening dest"); -+ grub_util_info ("Opening dest `%s'", dest); - dest_dev = grub_device_open (dest); - if (! dest_dev) - grub_util_error ("%s", grub_errmsg); --- -2.17.2 (Apple Git-113) - diff --git a/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch b/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch index d5bfaa177..69b04aa56 100644 --- a/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch +++ b/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch @@ -1,4 +1,4 @@ -From b512c77222a8b133d7dd71a0dcef081a921d97d4 Mon Sep 17 00:00:00 2001 +From 8f47ed4aaefba087b6ca76e59c9f832b6a0702bc Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Wed, 13 Jan 2016 19:28:00 +0000 Subject: [PATCH] grub.d/10_linux.in: add oe's kernel name @@ -11,18 +11,19 @@ to util/grub.d/20_linux_xen.in to keep compatibility. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- + Upstream-Status: Inappropriate [OE specific] +--- util/grub.d/10_linux.in | 6 +++--- util/grub.d/20_linux_xen.in | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in -index 859b608..946be5d 100644 +index 4532266..cba2617 100644 --- a/util/grub.d/10_linux.in +++ b/util/grub.d/10_linux.in -@@ -148,12 +148,12 @@ machine=`uname -m` +@@ -164,12 +164,12 @@ machine=`uname -m` case "x$machine" in xi?86 | xx86_64) list= @@ -39,10 +40,10 @@ index 859b608..946be5d 100644 done ;; esac diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in -index f532fb9..1994244 100644 +index 96179ea..98d16ae 100644 --- a/util/grub.d/20_linux_xen.in +++ b/util/grub.d/20_linux_xen.in -@@ -138,7 +138,7 @@ EOF +@@ -154,7 +154,7 @@ EOF } linux_list= @@ -51,6 +52,3 @@ index f532fb9..1994244 100644 if grub_file_is_not_garbage "$i"; then basename=$(basename $i) version=$(echo $basename | sed -e "s,^[^0-9]*-,,g") --- -2.7.0 - diff --git a/poky/meta/recipes-bsp/grub/files/0001-x86-64-Treat-R_X86_64_PLT32-as-R_X86_64_PC32.patch b/poky/meta/recipes-bsp/grub/files/0001-x86-64-Treat-R_X86_64_PLT32-as-R_X86_64_PC32.patch deleted file mode 100644 index 61d58c404..000000000 --- a/poky/meta/recipes-bsp/grub/files/0001-x86-64-Treat-R_X86_64_PLT32-as-R_X86_64_PC32.patch +++ /dev/null @@ -1,76 +0,0 @@ -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 842c390469e2c2e10b5aa36700324cd3bde25875 Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" <hjl.tools@gmail.com> -Date: Sat, 17 Feb 2018 06:47:28 -0800 -Subject: [PATCH] x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32 - -Starting from binutils commit bd7ab16b4537788ad53521c45469a1bdae84ad4a: - -https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=bd7ab16b4537788ad53521c45469a1bdae84ad4a - -x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for -32-bit PC-relative branches. Grub2 should treat R_X86_64_PLT32 as -R_X86_64_PC32. - -Signed-off-by: H.J. Lu <hjl.tools@gmail.com> -Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> ---- - grub-core/efiemu/i386/loadcore64.c | 1 + - grub-core/kern/x86_64/dl.c | 1 + - util/grub-mkimagexx.c | 1 + - util/grub-module-verifier.c | 1 + - 4 files changed, 4 insertions(+) - -diff --git a/grub-core/efiemu/i386/loadcore64.c b/grub-core/efiemu/i386/loadcore64.c -index e49d0b6ff..18facf47f 100644 ---- a/grub-core/efiemu/i386/loadcore64.c -+++ b/grub-core/efiemu/i386/loadcore64.c -@@ -98,6 +98,7 @@ grub_arch_efiemu_relocate_symbols64 (grub_efiemu_segment_t segs, - break; - - case R_X86_64_PC32: -+ case R_X86_64_PLT32: - err = grub_efiemu_write_value (addr, - *addr32 + rel->r_addend - + sym.off -diff --git a/grub-core/kern/x86_64/dl.c b/grub-core/kern/x86_64/dl.c -index 440690673..3a73e6e6c 100644 ---- a/grub-core/kern/x86_64/dl.c -+++ b/grub-core/kern/x86_64/dl.c -@@ -70,6 +70,7 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr, - break; - - case R_X86_64_PC32: -+ case R_X86_64_PLT32: - { - grub_int64_t value; - value = ((grub_int32_t) *addr32) + rel->r_addend + sym->st_value - -diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c -index a2bb05439..39d7efb91 100644 ---- a/util/grub-mkimagexx.c -+++ b/util/grub-mkimagexx.c -@@ -841,6 +841,7 @@ SUFFIX (relocate_addresses) (Elf_Ehdr *e, Elf_Shdr *sections, - break; - - case R_X86_64_PC32: -+ case R_X86_64_PLT32: - { - grub_uint32_t *t32 = (grub_uint32_t *) target; - *t32 = grub_host_to_target64 (grub_target_to_host32 (*t32) -diff --git a/util/grub-module-verifier.c b/util/grub-module-verifier.c -index 9179285a5..a79271f66 100644 ---- a/util/grub-module-verifier.c -+++ b/util/grub-module-verifier.c -@@ -19,6 +19,7 @@ struct grub_module_verifier_arch archs[] = { - -1 - }, (int[]){ - R_X86_64_PC32, -+ R_X86_64_PLT32, - -1 - } - }, --- -2.11.0 - diff --git a/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch b/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch index fc5aa4e31..faa7fde23 100644 --- a/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch +++ b/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch @@ -1,4 +1,4 @@ -From ff8f68cc48fd3c30d55e1d570d51f2e0952c968e Mon Sep 17 00:00:00 2001 +From 72c30928d3d461e0e2d20c5ff33bd96b6991d585 Mon Sep 17 00:00:00 2001 From: Robert Yang <liezhi.yang@windriver.com> Date: Sat, 25 Jan 2014 23:49:44 -0500 Subject: [PATCH] autogen.sh: exclude .pc from po/POTFILES.in @@ -12,23 +12,24 @@ try to read it. Upstream-Status: Inappropriate [OE specific] Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> --- - autogen.sh | 2 +- + autogen.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/autogen.sh b/autogen.sh -index 7424428..843619e 100755 +index ef43270..a7067a7 100755 --- a/autogen.sh +++ b/autogen.sh -@@ -5,7 +5,7 @@ set -e +@@ -13,7 +13,7 @@ fi export LC_COLLATE=C unset LC_ALL --find . -iname '*.[ch]' ! -ipath './grub-core/lib/libgcrypt-grub/*' ! -ipath './build-aux/*' ! -ipath './grub-core/lib/libgcrypt/src/misc.c' ! -ipath './grub-core/lib/libgcrypt/src/global.c' ! -ipath './grub-core/lib/libgcrypt/src/secmem.c' ! -ipath './util/grub-gen-widthspec.c' ! -ipath './util/grub-gen-asciih.c' |sort > po/POTFILES.in -+find . -iname '*.[ch]' ! -ipath './grub-core/lib/libgcrypt-grub/*' ! -ipath './build-aux/*' ! -ipath './grub-core/lib/libgcrypt/src/misc.c' ! -ipath './grub-core/lib/libgcrypt/src/global.c' ! -ipath './grub-core/lib/libgcrypt/src/secmem.c' ! -ipath './util/grub-gen-widthspec.c' ! -ipath './util/grub-gen-asciih.c' ! -path './.pc/*' | sort > po/POTFILES.in +-find . -iname '*.[ch]' ! -ipath './grub-core/lib/libgcrypt-grub/*' ! -ipath './build-aux/*' ! -ipath './grub-core/lib/libgcrypt/src/misc.c' ! -ipath './grub-core/lib/libgcrypt/src/global.c' ! -ipath './grub-core/lib/libgcrypt/src/secmem.c' ! -ipath './util/grub-gen-widthspec.c' ! -ipath './util/grub-gen-asciih.c' ! -ipath './gnulib/*' ! -iname './grub-core/lib/gnulib/*' |sort > po/POTFILES.in ++find . -iname '*.[ch]' ! -ipath './grub-core/lib/libgcrypt-grub/*' ! -ipath './build-aux/*' ! -ipath './grub-core/lib/libgcrypt/src/misc.c' ! -ipath './grub-core/lib/libgcrypt/src/global.c' ! -ipath './grub-core/lib/libgcrypt/src/secmem.c' ! -ipath './util/grub-gen-widthspec.c' ! -ipath './util/grub-gen-asciih.c' ! -ipath './gnulib/*' ! -iname './grub-core/lib/gnulib/*' ! -path './.pc/*' |sort > po/POTFILES.in find util -iname '*.in' ! -name Makefile.in |sort > po/POTFILES-shell.in echo "Importing unicode..." -- -1.7.10.4 +2.7.4 diff --git a/poky/meta/recipes-bsp/grub/files/gcc8.patch b/poky/meta/recipes-bsp/grub/files/gcc8.patch deleted file mode 100644 index fa7331f1b..000000000 --- a/poky/meta/recipes-bsp/grub/files/gcc8.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 563b1da6e6ae7af46cc8354cadb5dab416989f0a Mon Sep 17 00:00:00 2001 -From: Michael Chang <mchang@suse.com> -Date: Mon, 26 Mar 2018 16:52:34 +0800 -Subject: Fix packed-not-aligned error on GCC 8 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When building with GCC 8, there are several errors regarding packed-not-aligned. - -./include/grub/gpt_partition.h:79:1: error: alignment 1 of ‘struct grub_gpt_partentry’ is less than 8 [-Werror=packed-not-aligned] - -This patch fixes the build error by cleaning up the ambiguity of placing -aligned structure in a packed one. In "struct grub_btrfs_time" and "struct -grub_gpt_part_type", the aligned attribute seems to be superfluous, and also -has to be packed, to ensure the structure is bit-to-bit mapped to the format -laid on disk. I think we could blame to copy and paste error here for the -mistake. In "struct efi_variable", we have to use grub_efi_packed_guid_t, as -the name suggests. :) - -Signed-off-by: Michael Chang <mchang@suse.com> -Tested-by: Michael Chang <mchang@suse.com> -Tested-by: Paul Menzel <paulepanter@users.sourceforge.net> -Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> - -Upstream-Status: Backport http://git.savannah.gnu.org/cgit/grub.git/commit/?id=563b1da6e6ae7af46cc8354cadb5dab416989f0a ---- - grub-core/fs/btrfs.c | 2 +- - include/grub/efiemu/runtime.h | 2 +- - include/grub/gpt_partition.h | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c -index 4849c1c..be19544 100644 ---- a/grub-core/fs/btrfs.c -+++ b/grub-core/fs/btrfs.c -@@ -175,7 +175,7 @@ struct grub_btrfs_time - { - grub_int64_t sec; - grub_uint32_t nanosec; --} __attribute__ ((aligned (4))); -+} GRUB_PACKED; - - struct grub_btrfs_inode - { -diff --git a/include/grub/efiemu/runtime.h b/include/grub/efiemu/runtime.h -index 9b6b729..36d2ded 100644 ---- a/include/grub/efiemu/runtime.h -+++ b/include/grub/efiemu/runtime.h -@@ -29,7 +29,7 @@ struct grub_efiemu_ptv_rel - - struct efi_variable - { -- grub_efi_guid_t guid; -+ grub_efi_packed_guid_t guid; - grub_uint32_t namelen; - grub_uint32_t size; - grub_efi_uint32_t attributes; -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 1b32f67..9668a68 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -28,7 +28,7 @@ struct grub_gpt_part_type - grub_uint16_t data2; - grub_uint16_t data3; - grub_uint8_t data4[8]; --} __attribute__ ((aligned(8))); -+} GRUB_PACKED; - typedef struct grub_gpt_part_type grub_gpt_part_type_t; - - #define GRUB_GPT_PARTITION_TYPE_EMPTY \ --- -cgit v1.0-41-gc330 - diff --git a/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch b/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch index ffc2d40d8..26890261b 100644 --- a/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch +++ b/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch @@ -1,13 +1,14 @@ -From 7461a3de38b66edbe2f5593f9bdab9f2704d32bc Mon Sep 17 00:00:00 2001 +From 917133acc701dbc4636165d3b08d15dc5829a06f Mon Sep 17 00:00:00 2001 From: Hongxu Jia <hongxu.jia@windriver.com> Date: Wed, 17 Aug 2016 04:06:34 -0400 Subject: [PATCH] grub module explicitly keeps symbole .module_license While using oe-core toolchain to strip grub module 'all_video.mod', it stripped symbol table: --------------- -root@localhost:~# objdump -t all_video.mod +--------------- +root@localhost:~# objdump -t all_video.mod + all_video.mod: file format elf64-x86-64 SYMBOL TABLE: @@ -43,16 +44,16 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> grub-core/genmod.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: grub-2.02/grub-core/genmod.sh.in -=================================================================== ---- grub-2.02.orig/grub-core/genmod.sh.in -+++ grub-2.02/grub-core/genmod.sh.in -@@ -56,7 +56,7 @@ if test x@TARGET_APPLE_LINKER@ != x1; th +diff --git a/grub-core/genmod.sh.in b/grub-core/genmod.sh.in +index 1250589..dd14308 100644 +--- a/grub-core/genmod.sh.in ++++ b/grub-core/genmod.sh.in +@@ -56,7 +56,7 @@ if test x@TARGET_APPLE_LINKER@ != x1; then if test x@platform@ != xemu; then @TARGET_STRIP@ --strip-unneeded \ -K grub_mod_init -K grub_mod_fini \ - -K _grub_mod_init -K _grub_mod_fini \ + -K _grub_mod_init -K _grub_mod_fini -K .module_license \ -R .note.gnu.gold-version -R .note.GNU-stack \ - -R .note -R .comment -R .ARM.exidx $tmpfile || exit 1 - fi + -R .gnu.build.attributes \ + -R .rel.gnu.build.attributes \ diff --git a/poky/meta/recipes-bsp/grub/grub-bootconf_1.00.bb b/poky/meta/recipes-bsp/grub/grub-bootconf_1.00.bb index 750f8c808..572580313 100644 --- a/poky/meta/recipes-bsp/grub/grub-bootconf_1.00.bb +++ b/poky/meta/recipes-bsp/grub/grub-bootconf_1.00.bb @@ -1,11 +1,16 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" SUMMARY = "Basic grub.cfg for use in EFI systems" +DESCRIPTION = "Grub might require different configuration file for \ +different machines." +HOMEPAGE = "https://www.gnu.org/software/grub/manual/grub/grub.html#Configuration" RPROVIDES_${PN} += "virtual/grub-bootconf" inherit grub-efi-cfg +require conf/image-uefi.conf + S = "${WORKDIR}" GRUB_CFG = "${S}/grub-bootconf" @@ -20,10 +25,8 @@ python do_configure() { do_configure[vardeps] += "APPEND ROOT" do_install() { - install -d ${D}/boot - install -d ${D}/boot/EFI - install -d ${D}/boot/EFI/BOOT - install grub-bootconf ${D}/boot/EFI/BOOT/grub.cfg + install -d ${D}${EFI_FILES_PATH} + install grub-bootconf ${D}${EFI_FILES_PATH}/grub.cfg } -FILES_${PN} = "/boot/EFI/BOOT/grub.cfg" +FILES_${PN} = "${EFI_FILES_PATH}/grub.cfg" diff --git a/poky/meta/recipes-bsp/grub/grub-efi_2.02.bb b/poky/meta/recipes-bsp/grub/grub-efi_2.04.bb index 0028a9b6e..b9d6225d2 100644 --- a/poky/meta/recipes-bsp/grub/grub-efi_2.02.bb +++ b/poky/meta/recipes-bsp/grub/grub-efi_2.04.bb @@ -1,9 +1,11 @@ require grub2.inc +require conf/image-uefi.conf + GRUBPLATFORM = "efi" DEPENDS_append_class-target = " grub-efi-native" -RDEPENDS_${PN}_class-target = "diffutils freetype grub-common virtual/grub-bootconf" +RDEPENDS_${PN}_class-target = "grub-common virtual/grub-bootconf" SRC_URI += " \ file://cfg \ @@ -18,18 +20,15 @@ python __anonymous () { prefix = "" if d.getVar('EFI_PROVIDER') == "grub-efi" else "grub-efi-" if target == "x86_64": grubtarget = 'x86_64' - grubimage = prefix + "bootx64.efi" elif re.match('i.86', target): grubtarget = 'i386' - grubimage = prefix + "bootia32.efi" elif re.match('aarch64', target): grubtarget = 'arm64' - grubimage = prefix + "bootaa64.efi" elif re.match('arm', target): grubtarget = 'arm' - grubimage = prefix + "bootarm.efi" else: raise bb.parse.SkipRecipe("grub-efi is incompatible with target %s" % target) + grubimage = prefix + d.getVar("EFI_BOOT_IMAGE") d.setVar("GRUB_TARGET", grubtarget) d.setVar("GRUB_IMAGE", grubimage) prefix = "grub-efi-" if prefix == "" else "" @@ -45,7 +44,7 @@ do_mkimage() { cd ${B} # Search for the grub.cfg on the local boot media by using the # built in cfg file provided via this recipe - grub-mkimage -c ../cfg -p /EFI/BOOT -d ./grub-core/ \ + grub-mkimage -c ../cfg -p ${EFIDIR} -d ./grub-core/ \ -O ${GRUB_TARGET}-efi -o ./${GRUB_IMAGE_PREFIX}${GRUB_IMAGE} \ ${GRUB_BUILDIN} } @@ -57,10 +56,8 @@ do_mkimage_class-native() { } do_install_append_class-target() { - install -d ${D}/boot - install -d ${D}/boot/EFI - install -d ${D}/boot/EFI/BOOT - install -m 644 ${B}/${GRUB_IMAGE_PREFIX}${GRUB_IMAGE} ${D}/boot/EFI/BOOT/${GRUB_IMAGE} + install -d ${D}${EFI_FILES_PATH} + install -m 644 ${B}/${GRUB_IMAGE_PREFIX}${GRUB_IMAGE} ${D}${EFI_FILES_PATH}/${GRUB_IMAGE} } do_install_class-native() { @@ -81,6 +78,10 @@ do_install_class-target() { {} + } +do_install_append_aarch64() { + rm -rf ${D}/${prefix}/ +} + GRUB_BUILDIN ?= "boot linux ext2 fat serial part_msdos part_gpt normal \ efi_gop iso9660 configfile search loadenv test" @@ -96,14 +97,13 @@ addtask deploy after do_install before do_build FILES_${PN} = "${libdir}/grub/${GRUB_TARGET}-efi \ ${datadir}/grub \ - /boot/EFI/BOOT/${GRUB_IMAGE} \ + ${EFI_FILES_PATH}/${GRUB_IMAGE} \ " +FILES_${PN}_remove_aarch64 = "${libdir}/grub/${GRUB_TARGET}-efi" # 64-bit binaries are expected for the bootloader with an x32 userland INSANE_SKIP_${PN}_append_linux-gnux32 = " arch" INSANE_SKIP_${PN}-dbg_append_linux-gnux32 = " arch" INSANE_SKIP_${PN}_append_linux-muslx32 = " arch" INSANE_SKIP_${PN}-dbg_append_linux-muslx32 = " arch" - -BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc index bac2d7d41..c81def2a1 100644 --- a/poky/meta/recipes-bsp/grub/grub2.inc +++ b/poky/meta/recipes-bsp/grub/grub2.inc @@ -11,20 +11,16 @@ SECTION = "bootloaders" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRC_URI = "https://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ +SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \ - file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ file://autogen.sh-exclude-pc.patch \ file://grub-module-explicitly-keeps-symbole-.module_license.patch \ file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \ - file://gcc8.patch \ - file://0001-x86-64-Treat-R_X86_64_PLT32-as-R_X86_64_PC32.patch \ - file://0001-grub-setup-Debug-message-cleanup.patch \ " -SRC_URI[md5sum] = "1116d1f60c840e6dbd67abbc99acb45d" -SRC_URI[sha256sum] = "660ee136fbcee08858516ed4de2ad87068bfe1b6b8b37896ce3529ff054a726d" +SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934" +SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea" -DEPENDS = "flex-native bison-native" +DEPENDS = "flex-native bison-native gettext-native" COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*)-(linux.*|freebsd.*)' COMPATIBLE_HOST_armv7a = 'null' @@ -45,6 +41,7 @@ EXTRA_OECONF = "--with-platform=${GRUBPLATFORM} \ --enable-liblzma=no \ --enable-libzfs=no \ --enable-largefile \ + --disable-werror \ " PACKAGECONFIG ??= "" @@ -60,15 +57,13 @@ BUILD_CFLAGS = "" BUILD_CXXFLAGS = "" BUILD_LDFLAGS = "" -CFLAGS_append = " -Wno-error" +export PYTHON = "python3" do_configure_prepend() { - # The grub2 configure script uses variables such as TARGET_CFLAGS etc - # for its own purposes. Remove the OE versions from the environment to - # avoid conflicts. - unset TARGET_CPPFLAGS TARGET_CFLAGS TARGET_CXXFLAGS TARGET_LDFLAGS ( cd ${S} ${S}/autogen.sh ) } RDEPENDS_${PN}_class-native = "" + +BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-bsp/grub/grub_2.02.bb b/poky/meta/recipes-bsp/grub/grub_2.04.bb index e0973759f..9232ea812 100644 --- a/poky/meta/recipes-bsp/grub/grub_2.02.bb +++ b/poky/meta/recipes-bsp/grub/grub_2.04.bb @@ -1,7 +1,7 @@ require grub2.inc RDEPENDS_${PN}-common += "${PN}-editenv" -RDEPENDS_${PN} += "diffutils freetype ${PN}-common" +RDEPENDS_${PN} += "${PN}-common" RPROVIDES_${PN}-editenv += "${PN}-efi-editenv" @@ -14,6 +14,10 @@ FILES_${PN}-common = " \ ${datadir}/grub \ " +FILES_${PN}-common_append_aarch64 = " \ + ${libdir}/${BPN} \ +" + do_install_append () { install -d ${D}${sysconfdir}/grub.d # Remove build host references... diff --git a/poky/meta/recipes-bsp/opensbi/files/0002-lib-Create-a-sbi_ipi_data-structure.patch b/poky/meta/recipes-bsp/opensbi/files/0002-lib-Create-a-sbi_ipi_data-structure.patch deleted file mode 100644 index 3c846bde6..000000000 --- a/poky/meta/recipes-bsp/opensbi/files/0002-lib-Create-a-sbi_ipi_data-structure.patch +++ /dev/null @@ -1,128 +0,0 @@ -From 508a27204cbbca0a9430236e56681e5e0d343fb9 Mon Sep 17 00:00:00 2001 -From: Alistair Francis <alistair.francis@wdc.com> -Date: Fri, 8 Mar 2019 11:22:22 -0800 -Subject: [PATCH] lib: Create a sbi_ipi_data structure - -Create a sbi_ipi_data structure that holds unpacked IPI information. At -the same time remove ipi_type from the sbi_scratch struct and use a -fixed offset to access it. - -This structure fits in behind the sbi_scratch structure. - -This fixes https://github.com/riscv/opensbi/issues/81 - -Upstream-Status: Backport [https://github.com/riscv/opensbi/commit/508a27204cbbca0a9430236e56681e5e0d343fb9] -Signed-off-by: Alistair Francis <alistair.francis@wdc.com> ---- - firmware/fw_base.S | 1 - - include/sbi/sbi_scratch.h | 23 ++++++++++++++++------- - lib/sbi_ipi.c | 8 +++++--- - 3 files changed, 21 insertions(+), 11 deletions(-) - -diff --git a/firmware/fw_base.S b/firmware/fw_base.S -index cf2c6a0..69cfc90 100644 ---- a/firmware/fw_base.S -+++ b/firmware/fw_base.S -@@ -183,7 +183,6 @@ _start_warm: - REG_S a4, SBI_SCRATCH_PLATFORM_ADDR_OFFSET(tp) - la a4, _hartid_to_scratch - REG_S a4, SBI_SCRATCH_HARTID_TO_SCRATCH_OFFSET(tp) -- REG_S zero, SBI_SCRATCH_IPI_TYPE_OFFSET(tp) - REG_S zero, SBI_SCRATCH_TMP0_OFFSET(tp) - - /* Setup stack */ -diff --git a/include/sbi/sbi_scratch.h b/include/sbi/sbi_scratch.h -index 8389ef3..70ab384 100644 ---- a/include/sbi/sbi_scratch.h -+++ b/include/sbi/sbi_scratch.h -@@ -28,17 +28,24 @@ - #define SBI_SCRATCH_PLATFORM_ADDR_OFFSET (6 * __SIZEOF_POINTER__) - /** Offset of hartid_to_scratch member in sbi_scratch */ - #define SBI_SCRATCH_HARTID_TO_SCRATCH_OFFSET (7 * __SIZEOF_POINTER__) --/** Offset of ipi_type member in sbi_scratch */ --#define SBI_SCRATCH_IPI_TYPE_OFFSET (8 * __SIZEOF_POINTER__) - /** Offset of tmp0 member in sbi_scratch */ --#define SBI_SCRATCH_TMP0_OFFSET (9 * __SIZEOF_POINTER__) --/** Maximum size of sbi_scratch */ --#define SBI_SCRATCH_SIZE 256 -+#define SBI_SCRATCH_TMP0_OFFSET (8 * __SIZEOF_POINTER__) -+ -+/** sbi_ipi_data is located behind sbi_scratch. This struct is not packed. */ -+/** Offset of ipi_type in sbi_ipi_data */ -+#define SBI_IPI_DATA_IPI_TYPE_OFFSET (15 * __SIZEOF_POINTER__) -+ -+/** Maximum size of sbi_scratch and sbi_ipi_data */ -+#define SBI_SCRATCH_SIZE (32 * __SIZEOF_POINTER__) - - #ifndef __ASSEMBLY__ - - #include <sbi/sbi_types.h> - -+struct sbi_ipi_data { -+ unsigned long ipi_type; -+}; -+ - /** Representation of per-HART scratch space */ - struct sbi_scratch { - /** Start (or base) address of firmware linked to OpenSBI library */ -@@ -57,8 +64,6 @@ struct sbi_scratch { - unsigned long platform_addr; - /** Address of HART ID to sbi_scratch conversion function */ - unsigned long hartid_to_scratch; -- /** IPI type (or flags) */ -- unsigned long ipi_type; - /** Temporary storage */ - unsigned long tmp0; - } __packed; -@@ -71,6 +76,10 @@ struct sbi_scratch { - #define sbi_scratch_thishart_arg1_ptr() \ - ((void *)(sbi_scratch_thishart_ptr()->next_arg1)) - -+/** Get pointer to sbi_ipi_data from sbi_scratch */ -+#define sbi_ipi_data_ptr(scratch) \ -+((struct sbi_ipi_data *)(void*)scratch + SBI_IPI_DATA_IPI_TYPE_OFFSET) -+ - #endif - - #endif -diff --git a/lib/sbi_ipi.c b/lib/sbi_ipi.c -index 0e371d7..e0f2a19 100644 ---- a/lib/sbi_ipi.c -+++ b/lib/sbi_ipi.c -@@ -31,7 +31,7 @@ static int sbi_ipi_send(struct sbi_scratch *scratch, u32 hartid, u32 event) - * trigger the interrupt - */ - remote_scratch = sbi_hart_id_to_scratch(scratch, hartid); -- atomic_raw_set_bit(event, &remote_scratch->ipi_type); -+ atomic_raw_set_bit(event, &sbi_ipi_data_ptr(remote_scratch)->ipi_type); - mb(); - sbi_platform_ipi_send(plat, hartid); - if (event != SBI_IPI_EVENT_SOFT) -@@ -80,7 +80,7 @@ void sbi_ipi_process(struct sbi_scratch *scratch) - sbi_platform_ipi_clear(plat, hartid); - - do { -- ipi_type = scratch->ipi_type; -+ ipi_type = sbi_ipi_data_ptr(scratch)->ipi_type; - rmb(); - ipi_event = __ffs(ipi_type); - switch (ipi_event) { -@@ -97,12 +97,14 @@ void sbi_ipi_process(struct sbi_scratch *scratch) - sbi_hart_hang(); - break; - }; -- ipi_type = atomic_raw_clear_bit(ipi_event, &scratch->ipi_type); -+ ipi_type = atomic_raw_clear_bit(ipi_event, &sbi_ipi_data_ptr(scratch)->ipi_type); - } while(ipi_type > 0); - } - - int sbi_ipi_init(struct sbi_scratch *scratch, bool cold_boot) - { -+ sbi_ipi_data_ptr(scratch)->ipi_type = 0x00; -+ - /* Enable software interrupts */ - csr_set(CSR_MIE, MIP_MSIP); - --- -2.22.0 - diff --git a/poky/meta/recipes-bsp/opensbi/opensbi-payloads.inc b/poky/meta/recipes-bsp/opensbi/opensbi-payloads.inc index 7828599ce..b9714a7ac 100644 --- a/poky/meta/recipes-bsp/opensbi/opensbi-payloads.inc +++ b/poky/meta/recipes-bsp/opensbi/opensbi-payloads.inc @@ -5,10 +5,7 @@ def riscv_get_extra_oemake_image(d): if sbi_payload is None: return "" - if d.getVar('RISCV_SBI_PAYLOAD'): - return "FW_PAYLOAD_PATH=" + deploy_dir + "/" + sbi_payload - - return "" + return "FW_PAYLOAD_PATH=" + deploy_dir + "/" + sbi_payload def riscv_get_extra_oemake_fdt(d): sbi_fdt_payload = d.getVar('RISCV_SBI_FDT') @@ -17,14 +14,11 @@ def riscv_get_extra_oemake_fdt(d): if sbi_fdt_payload is None: return "" - if d.getVar('RISCV_SBI_PAYLOAD'): - # This is internal to openSBI, not a full path - return "FW_PAYLOAD_FDT=" + sbi_fdt_payload - - return "" + return "FW_PAYLOAD_FDT_PATH=" + deploy_dir + "/" + sbi_fdt_payload def riscv_get_do_compile_depends(d): sbi_payload = d.getVar('RISCV_SBI_PAYLOAD') + sbi_fdt_payload = d.getVar('RISCV_SBI_FDT') if sbi_payload is None: return "" @@ -32,6 +26,14 @@ def riscv_get_do_compile_depends(d): if 'linux' in sbi_payload or 'Image' in sbi_payload: return "virtual/kernel:do_deploy" if 'u-boot.bin' in sbi_payload: - return "virtual/bootloader:do_deploy" + # If we want U-Boot and a FDT then we need to depend on U-Boot and + # the kernel + if sbi_fdt_payload is not None: + return "virtual/bootloader:do_deploy virtual/kernel:do_deploy" + else: + return "virtual/bootloader:do_deploy" + # If we want a custom FDT then we need to depend on the kernel + if sbi_fdt_payload is not None: + return "virtual/kernel:do_deploy" return "" diff --git a/poky/meta/recipes-bsp/opensbi/opensbi_0.3.bb b/poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb index 2b4fb97df..b03043668 100644 --- a/poky/meta/recipes-bsp/opensbi/opensbi_0.3.bb +++ b/poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb @@ -1,17 +1,16 @@ SUMMARY = "RISC-V Open Source Supervisor Binary Interface (OpenSBI)" DESCRIPTION = "OpenSBI aims to provide an open-source and extensible implementation of the RISC-V SBI specification for a platform specific firmware (M-mode) and a general purpose OS, hypervisor or bootloader (S-mode or HS-mode). OpenSBI implementation can be easily extended by RISC-V platform or System-on-Chip vendors to fit a particular hadware configuration." LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=c36118b4f615f9da37635f2a7ac8ccaf" +LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=42dd9555eb177f35150cf9aa240b61e5" DEPENDS += "dtc-native" require opensbi-payloads.inc -inherit autotools-brokensep +inherit autotools-brokensep deploy -SRCREV = "ca20ac0cd4c099006d4eea4d9ac7bd7b58e2ae0f" +SRCREV = "ce228ee0919deb9957192d723eecc8aaae2697c6" SRC_URI = "git://github.com/riscv/opensbi.git \ file://0001-Makefile-Don-t-specify-mabi-or-march.patch \ - file://0002-lib-Create-a-sbi_ipi_data-structure.patch \ " S = "${WORKDIR}/git" @@ -32,18 +31,23 @@ do_install_append() { rm -r ${D}/include rm -r ${D}/platform/${RISCV_SBI_PLAT}/lib rm -r ${D}/platform/${RISCV_SBI_PLAT}/firmware/payloads + rm -r ${D}/lib } do_deploy () { - install -d ${DEPLOY_DIR_IMAGE} - install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.* ${DEPLOY_DIR_IMAGE}/ - install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.* ${DEPLOY_DIR_IMAGE}/ + install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.* ${DEPLOYDIR}/ + install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.* ${DEPLOYDIR}/ + install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_dynamic.* ${DEPLOYDIR}/ } -addtask deploy after do_install +addtask deploy before do_build after do_install FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.*" FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.*" +FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_dynamic.*" + COMPATIBLE_HOST = "(riscv64|riscv32).*" INHIBIT_PACKAGE_STRIP = "1" + +SECURITY_CFLAGS = "" diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch b/poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch new file mode 100644 index 000000000..1a5d1eb99 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch @@ -0,0 +1,69 @@ +From 39a759494f734c4cdc3e2b919671bfb3134b41ae Mon Sep 17 00:00:00 2001 +From: Paul Emge <paulemge@forallsecure.com> +Date: Mon, 8 Jul 2019 16:37:03 -0700 +Subject: [PATCH 1/9] CVE-2019-13103: disk: stop infinite recursion in DOS + Partitions + +part_get_info_extended and print_partition_extended can recurse infinitely +while parsing a self-referential filesystem or one with a silly number of +extended partitions. This patch adds a limit to the number of recursive +partitions. + +Signed-off-by: Paul Emge <paulemge@forallsecure.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=232e2f4fd9a24bf08215ddc8c53ccadffc841fb5] + +CVE: CVE-2019-13103 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + disk/part_dos.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/disk/part_dos.c b/disk/part_dos.c +index 936cee0d36..aae9d95906 100644 +--- a/disk/part_dos.c ++++ b/disk/part_dos.c +@@ -23,6 +23,10 @@ + + #define DOS_PART_DEFAULT_SECTOR 512 + ++/* should this be configurable? It looks like it's not very common at all ++ * to use large numbers of partitions */ ++#define MAX_EXT_PARTS 256 ++ + /* Convert char[4] in little endian format to the host format integer + */ + static inline unsigned int le32_to_int(unsigned char *le32) +@@ -126,6 +130,13 @@ static void print_partition_extended(struct blk_desc *dev_desc, + dos_partition_t *pt; + int i; + ++ /* set a maximum recursion level */ ++ if (part_num > MAX_EXT_PARTS) ++ { ++ printf("** Nested DOS partitions detected, stopping **\n"); ++ return; ++ } ++ + if (blk_dread(dev_desc, ext_part_sector, 1, (ulong *)buffer) != 1) { + printf ("** Can't read partition table on %d:" LBAFU " **\n", + dev_desc->devnum, ext_part_sector); +@@ -191,6 +202,13 @@ static int part_get_info_extended(struct blk_desc *dev_desc, + int i; + int dos_type; + ++ /* set a maximum recursion level */ ++ if (part_num > MAX_EXT_PARTS) ++ { ++ printf("** Nested DOS partitions detected, stopping **\n"); ++ return -1; ++ } ++ + if (blk_dread(dev_desc, ext_part_sector, 1, (ulong *)buffer) != 1) { + printf ("** Can't read partition table on %d:" LBAFU " **\n", + dev_desc->devnum, ext_part_sector); +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch b/poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch new file mode 100644 index 000000000..de122b27d --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch @@ -0,0 +1,49 @@ +From 1d36545e43003f4b1bb3a303a3b468abd482fa2f Mon Sep 17 00:00:00 2001 +From: Paul Emge <paulemge@forallsecure.com> +Date: Mon, 8 Jul 2019 16:37:05 -0700 +Subject: [PATCH 2/9] CVE-2019-13104: ext4: check for underflow in + ext4fs_read_file + +in ext4fs_read_file, it is possible for a broken/malicious file +system to cause a memcpy of a negative number of bytes, which +overflows all memory. This patch fixes the issue by checking for +a negative length. + +Signed-off-by: Paul Emge <paulemge@forallsecure.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=878269dbe74229005dd7f27aca66c554e31dad8e] + +CVE: CVE-2019-13104 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + fs/ext4/ext4fs.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c +index 26db677a1f..c8c8655ed8 100644 +--- a/fs/ext4/ext4fs.c ++++ b/fs/ext4/ext4fs.c +@@ -66,13 +66,15 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + + ext_cache_init(&cache); + +- if (blocksize <= 0) +- return -1; +- + /* Adjust len so it we can't read past the end of the file. */ + if (len + pos > filesize) + len = (filesize - pos); + ++ if (blocksize <= 0 || len <= 0) { ++ ext_cache_fini(&cache); ++ return -1; ++ } ++ + blockcnt = lldiv(((len + pos) + blocksize - 1), blocksize); + + for (i = lldiv(pos, blocksize); i < blockcnt; i++) { +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch b/poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch new file mode 100644 index 000000000..f525147e5 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch @@ -0,0 +1,37 @@ +From 4e937d0de669ee69cf41c20494cbf66c339c3174 Mon Sep 17 00:00:00 2001 +From: Paul Emge <paulemge@forallsecure.com> +Date: Mon, 8 Jul 2019 16:37:04 -0700 +Subject: [PATCH 3/9] CVE-2019-13105: ext4: fix double-free in ext4_cache_read + +ext_cache_read doesn't null cache->buf, after freeing, which results +in a later function double-freeing it. This patch fixes +ext_cache_read to call ext_cache_fini instead of free. + +Signed-off-by: Paul Emge <paulemge@forallsecure.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=6e5a79de658cb1c8012c86e0837379aa6eabd024] + +CVE: CVE-2019-13105 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + fs/ext4/ext4fs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c +index c8c8655ed8..e2b740cac4 100644 +--- a/fs/ext4/ext4fs.c ++++ b/fs/ext4/ext4fs.c +@@ -288,7 +288,7 @@ int ext_cache_read(struct ext_block_cache *cache, lbaint_t block, int size) + if (!cache->buf) + return 0; + if (!ext4fs_devread(block, 0, size, cache->buf)) { +- free(cache->buf); ++ ext_cache_fini(cache); + return 0; + } + cache->block = block; +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch b/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch new file mode 100644 index 000000000..8e1a1a994 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch @@ -0,0 +1,56 @@ +From 1307dabf5422372483f840dda3963f9dbd2e8e6f Mon Sep 17 00:00:00 2001 +From: Paul Emge <paulemge@forallsecure.com> +Date: Mon, 8 Jul 2019 16:37:07 -0700 +Subject: [PATCH 4/9] CVE-2019-13106: ext4: fix out-of-bounds memset + +In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of +the destination memory region. This patch adds a check to disallow +this. + +Signed-off-by: Paul Emge <paulemge@forallsecure.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=e205896c5383c938274262524adceb2775fb03ba] + +CVE: CVE-2019-13106 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + fs/ext4/ext4fs.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c +index e2b740cac4..37b31d9f0f 100644 +--- a/fs/ext4/ext4fs.c ++++ b/fs/ext4/ext4fs.c +@@ -61,6 +61,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + lbaint_t delayed_skipfirst = 0; + lbaint_t delayed_next = 0; + char *delayed_buf = NULL; ++ char *start_buf = buf; + short status; + struct ext_block_cache cache; + +@@ -139,6 +140,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + } + } else { + int n; ++ int n_left; + if (previous_block_number != -1) { + /* spill */ + status = ext4fs_devread(delayed_start, +@@ -153,8 +155,9 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + } + /* Zero no more than `len' bytes. */ + n = blocksize - skipfirst; +- if (n > len) +- n = len; ++ n_left = len - ( buf - start_buf ); ++ if (n > n_left) ++ n = n_left; + memset(buf, 0, n); + } + buf += blocksize - skipfirst; +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch b/poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch new file mode 100644 index 000000000..a19545a2d --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch @@ -0,0 +1,43 @@ +From e8e602f4a4b2aacfb3da32bb8a838be15ea70e7b Mon Sep 17 00:00:00 2001 +From: "liucheng (G)" <liucheng32@huawei.com> +Date: Thu, 29 Aug 2019 13:47:33 +0000 +Subject: [PATCH 5/9] CVE: net: fix unbounded memcpy of UDP packet +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch adds a check to udp_len to fix unbounded memcpy for +CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199. + +Signed-off-by: Cheng Liu <liucheng32@huawei.com> +Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> +Reported-by: Fermín Serna <fermin@semmle.com> +Acked-by: Joe Hershberger <joe.hershberger@ni.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=fe7288069d2e6659117049f7d27e261b550bb725] + +CVE: CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + net/net.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/net/net.c b/net/net.c +index 58b0417cbe..38105f1142 100644 +--- a/net/net.c ++++ b/net/net.c +@@ -1252,6 +1252,9 @@ void net_process_received_packet(uchar *in_packet, int len) + return; + } + ++ if (ntohs(ip->udp_len) < UDP_HDR_SIZE || ntohs(ip->udp_len) > ntohs(ip->ip_len)) ++ return; ++ + debug_cond(DEBUG_DEV_PKT, + "received UDP (to=%pI4, from=%pI4, len=%d)\n", + &dst_ip, &src_ip, len); +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch b/poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch new file mode 100644 index 000000000..04a09e46d --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch @@ -0,0 +1,44 @@ +From 261658ddaf24bb35edd477cf09ec055569fd9894 Mon Sep 17 00:00:00 2001 +From: "liucheng (G)" <liucheng32@huawei.com> +Date: Thu, 29 Aug 2019 13:47:40 +0000 +Subject: [PATCH 6/9] CVE: nfs: fix stack-based buffer overflow in some + nfs_handler reply helper functions +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197, +CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204. + +Signed-off-by: Cheng Liu <liucheng32@huawei.com> +Reported-by: Fermín Serna <fermin@semmle.com> +Acked-by: Joe Hershberger <joe.hershberger@ni.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21] + +CVE: CVE-2019-14197, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, + CVE-2019-14203 and CVE-2019-14204 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + net/nfs.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/net/nfs.c b/net/nfs.c +index d6a7f8e827..b7cf3b3a18 100644 +--- a/net/nfs.c ++++ b/net/nfs.c +@@ -732,6 +732,9 @@ static void nfs_handler(uchar *pkt, unsigned dest, struct in_addr sip, + + debug("%s\n", __func__); + ++ if (len > sizeof(struct rpc_t)) ++ return; ++ + if (dest != nfs_our_port) + return; + +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch b/poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch new file mode 100644 index 000000000..b3e3b72eb --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch @@ -0,0 +1,42 @@ +From fb6dc193bf2685b7574b218f7ca558aa54659e11 Mon Sep 17 00:00:00 2001 +From: "liucheng (G)" <liucheng32@huawei.com> +Date: Thu, 29 Aug 2019 13:47:48 +0000 +Subject: [PATCH 7/9] CVE-2019-14194/CVE-2019-14198: nfs: fix unbounded memcpy + with a failed length check at nfs_read_reply +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch adds a check to rpc_pkt.u.reply.data at nfs_read_reply. + +Signed-off-by: Cheng Liu <liucheng32@huawei.com> +Reported-by: Fermín Serna <fermin@semmle.com> +Acked-by: Joe Hershberger <joe.hershberger@ni.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=aa207cf3a6d68f39d64cd29057a4fb63943e9078] + +CVE: CVE-2019-14194 and CVE-2019-14198 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + net/nfs.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/net/nfs.c b/net/nfs.c +index b7cf3b3a18..11941fad1a 100644 +--- a/net/nfs.c ++++ b/net/nfs.c +@@ -701,6 +701,9 @@ static int nfs_read_reply(uchar *pkt, unsigned len) + &(rpc_pkt.u.reply.data[4 + nfsv3_data_offset]); + } + ++ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + rlen) > len) ++ return -9999; ++ + if (store_block(data_ptr, nfs_offset, rlen)) + return -9999; + +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch b/poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch new file mode 100644 index 000000000..bf9fb0ef5 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch @@ -0,0 +1,42 @@ +From 2236973b8a173ff54ae1ebf8ec2300928e69bd1b Mon Sep 17 00:00:00 2001 +From: "liucheng (G)" <liucheng32@huawei.com> +Date: Thu, 29 Aug 2019 13:47:54 +0000 +Subject: [PATCH 8/9] CVE-2019-14195: nfs: fix unbounded memcpy with + unvalidated length at nfs_readlink_reply +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch adds a check to rpc_pkt.u.reply.data at nfs_readlink_reply. + +Signed-off-by: Cheng Liu <liucheng32@huawei.com> +Reported-by: Fermín Serna <fermin@semmle.com> +Acked-by: Joe Hershberger <joe.hershberger@ni.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=cf3a4f1e86ecdd24f87b615051b49d8e1968c230] + +CVE: CVE-2019-14195 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + net/nfs.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/net/nfs.c b/net/nfs.c +index 11941fad1a..915acd95cf 100644 +--- a/net/nfs.c ++++ b/net/nfs.c +@@ -634,6 +634,9 @@ static int nfs_readlink_reply(uchar *pkt, unsigned len) + /* new path length */ + rlen = ntohl(rpc_pkt.u.reply.data[1 + nfsv3_data_offset]); + ++ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + rlen) > len) ++ return -NFS_RPC_DROP; ++ + if (*((char *)&(rpc_pkt.u.reply.data[2 + nfsv3_data_offset])) != '/') { + int pathlen; + +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch b/poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch new file mode 100644 index 000000000..f06e02529 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch @@ -0,0 +1,48 @@ +From 74c468caa95c86cdb12c4b8073e154c435ac0bf7 Mon Sep 17 00:00:00 2001 +From: "liucheng (G)" <liucheng32@huawei.com> +Date: Thu, 29 Aug 2019 13:48:02 +0000 +Subject: [PATCH 9/9] CVE-2019-14196: nfs: fix unbounded memcpy with a failed + length check at nfs_lookup_reply +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch adds a check to rpc_pkt.u.reply.data at nfs_lookup_reply. + +Signed-off-by: Cheng Liu <liucheng32@huawei.com> +Reported-by: Fermín Serna <fermin@semmle.com> +Acked-by: Joe Hershberger <joe.hershberger@ni.com> + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=5d14ee4e53a81055d34ba280cb8fd90330f22a96] + +CVE: CVE-2019-14196 + +Signed-off-by: Meng Li <Meng.Li@windriver.com> +--- + net/nfs.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/net/nfs.c b/net/nfs.c +index 915acd95cf..89952aeb66 100644 +--- a/net/nfs.c ++++ b/net/nfs.c +@@ -566,11 +566,15 @@ static int nfs_lookup_reply(uchar *pkt, unsigned len) + } + + if (supported_nfs_versions & NFSV2_FLAG) { ++ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + NFS_FHSIZE) > len) ++ return -NFS_RPC_DROP; + memcpy(filefh, rpc_pkt.u.reply.data + 1, NFS_FHSIZE); + } else { /* NFSV3_FLAG */ + filefh3_length = ntohl(rpc_pkt.u.reply.data[1]); + if (filefh3_length > NFS3_FHSIZE) + filefh3_length = NFS3_FHSIZE; ++ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + filefh3_length) > len) ++ return -NFS_RPC_DROP; + memcpy(filefh, rpc_pkt.u.reply.data + 2, filefh3_length); + } + +-- +2.17.1 + diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc index a0212e1b6..f63dfa3b7 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc +++ b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc @@ -1,4 +1,8 @@ HOMEPAGE = "http://www.denx.de/wiki/U-Boot/WebHome" +DESCRIPTION = "U-Boot, a boot loader for Embedded boards based on PowerPC, \ +ARM, MIPS and several other processors, which can be installed in a boot \ +ROM and used to initialize and test the hardware or to download and run \ +application code." SECTION = "bootloaders" DEPENDS += "flex-native bison-native" @@ -8,8 +12,18 @@ PE = "1" # We use the revision in order to avoid having to fetch it from the # repo during parse -SRCREV = "3c99166441bf3ea325af2da83cfe65430b49c066" +SRCREV = "e5aee22e4be75e75a854ab64503fc80598bc2004" -SRC_URI = "git://git.denx.de/u-boot.git" +SRC_URI = "git://git.denx.de/u-boot.git \ + file://0001-CVE-2019-13103.patch \ + file://0002-CVE-2019-13104.patch \ + file://0003-CVE-2019-13105.patch \ + file://0004-CVE-2019-13106.patch \ + file://0005-CVE-2019-14192-14193-14199.patch \ + file://0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch \ + file://0007-CVE-2019-14194-14198.patch \ + file://0008-CVE-2019-14195.patch \ + file://0009-CVE-2019-14196.patch \ +" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.04.bb b/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb index b5ce56847..b5ce56847 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.04.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.04.bb b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.07.bb index bede984ef..bede984ef 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.04.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.07.bb diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2019.04.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb index 02d67c0db..02d67c0db 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot_2019.04.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb diff --git a/poky/meta/recipes-bsp/usbinit/usbinit.bb b/poky/meta/recipes-bsp/usbinit/usbinit.bb index aba44b406..ef98f0bf6 100644 --- a/poky/meta/recipes-bsp/usbinit/usbinit.bb +++ b/poky/meta/recipes-bsp/usbinit/usbinit.bb @@ -1,4 +1,8 @@ SUMMARY = "Initscript for enabling USB gadget Ethernet" +DESCRIPTION = "This module allows ethernet emulation over USB, allowing for \ +all sorts of nifty things like SSH and NFS in one go plus charging over the \ +same wire, at higher speeds than most Wifi connections." +HOMEPAGE = "http://linux-sunxi.org/USB_Gadget/Ethernet" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://${WORKDIR}/COPYING.GPL;md5=751419260aa954499f7abaabaa882bbe" |