diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-10-05 18:10:57 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-10-05 18:11:45 +0300 |
commit | 00e122a7b3a839f5ce8b819cb1bfe92cf3781eda (patch) | |
tree | c0c5c46b2f5800ed27322d7da083f0cf438b243b /poky/meta/recipes-extended/ltp | |
parent | 7fe5760ae59db49e4b8c350cbc192097ba4e5958 (diff) | |
download | openbmc-00e122a7b3a839f5ce8b819cb1bfe92cf3781eda.tar.xz |
poky: subtree update:81f9e815d3..03d4d9d68f
Adrian Bunk (1):
json-c: Don't --enable-rdrand
Alessio Igor Bogani (2):
wic: Using the right rootfs size during prepare_rootfs
rootfs-postcommands: Avoid use of an hard-coded value
Alexander Kanavin (1):
binutils: drop UPSTREAM_VERSION_UNKNOWN
Alexandre Bard (1):
systemd: Expose resolv-conf alternative only when resolved is built
Andre McCurdy (1):
ffmpeg: enable more verbose build logs
André Draszik (4):
ruby: drop long-merged CVE patches
ruby: configure mis-detects isnan/isinf on musl
ruby: fix non-IPv6 support
packagegroup: fix a comment regarding PACKAGE_ARCH
Bruce Ashfield (6):
linux-yocto/5.2: update to v5.2.13
linux-yocto/4.19: update to v4.19.72
linux-yocto/5.2: update to v5.2.14
linux-yocto/5.2: update to v5.2.16
linux-yocto/5.2: update to v5.2.17
yocto-bsps: update to v5.2.17
Böszörményi Zoltán via Openembedded-core (1):
classes/image-live.bbclass: Don't hardcode cpio.gz
Changqing Li (2):
devtool.py: change to do clean before remove-layer
devtool.py: fix buildclean test
Chen Qi (1):
systemd: fix NFS regression
Dan Tran (1):
unzip: Fix CVE-2019-13232
David Reyna (2):
bitbake: toaster: issues in import layer when clicking 'add layer'
bitbake: toaster: improve warnings when adding dependency to packages
Diego Rondini (2):
initramfs-framework: fix var name
initramfs-framework: support PARTLABEL option
Douglas Royds (1):
icecc: Don't use icecc when INHIBIT_DEFAULT_DEPS is set
He Zhe (1):
ltp: Fix hang of cve test cases
Heiko Schocher (1):
kernel.fitimage.bbclass: remove ramdisk_ctype
Jacob Kroon (1):
bitbake: tests/data: Test combinations of _append together with override
Joe Slater (1):
bash-completion: add image feature
Jonathan Marler (1):
package: Multiple shlib_providers for the same file should error
Joshua Watt (8):
classes/reproducible_build: Move SDE deploy to another directory
oeqa: Test multiconfig parsing
bitbake: cookerdata: Add mc conffiles hashes to cache hash
bitbake: hashserve: Add missing import
bitbake: siggen: Fix attribute error when hashserver fails
bitbake: hashserv: Don't daemonize server process
local.conf.sample: Add Hash Equivalence
classes/reproducible_build: Create SDE destination
Khem Raj (7):
musl: Fix riscv64 CAS functions
qemuriscv: Do not blacklist clang anymore
sdk: Install nativesdk locales for all TCLIBC variants
strace: Upgrade to 5.3
packagegroups: All groups are not allarch
musl: Fix __riscv_mc* containers to match glibc
core-image-sato-sdk-ptest: Remove valgrind ptests for riscv
Konrad Scherer (1):
gen-lockedsig-cache: Replace glob lookup with hash to filename lookup
Lei Maohui (1):
bluez5: update patch to fix do_patch error when PATCHTOOL = "patch".
Li Zhou (1):
shadow: use relaxed usernames for all
Limeng (1):
u-boot: add CVE patches for u-boot
Nathan Rossi (2):
oeqa/core/utils/concurrencytest.py: Handle exceptions and details
oeqa/core/case.py: Encode binary data of log
Niclas Svensson (1):
devtool: finish: Keep patches ordered when updating bbappend
Otavio Salvador (1):
mesa: Add freedreno PACKAGECONFIG option
Peter Kjellerstedt (3):
systemd: Make it build with hwdb disabled
devtool: finish: Add suppport for the --no-clean option
lib/oe/lsb: Make sure the distro ID is always lowercased
Randy MacLeod (1):
ffmpeg: update from 4.2 to 4.2.1
Richard Purdie (17):
Revert "meta-extsdk: Either an sstate task is a proper task or it isn't"
sstatesig: Fix hash equivlanency locked signature issues
oeqa/selftest/signing: Fix for hash equivlance server
lib/sstatesig: Fix class inheritance problems
populate_sdk_ext: Fix for hash equiv
bitbake: runqueue: Fix task migration problems
bitbake: siggen: Ensure setscenetasks list is available to worker context
bitbake: runqueue: Change task migration behaviour for rerunning setscene tasks
bitbake: siggen/runqueue: Fix signature mismatch issues
bitbake: siggen: Avoid writing misleading sigdata files
bitbake: runqueue: Save unihashes more frequently
bitbake: runqueue: Small performance optimisation
bitbake: siggen: Remove full path from unitaskhashes keys
bitbake: tests/runqueue: Fix hashserve shutdown race
base: Improve module import error message
sanity.conf: Bump minimum bitbake version
bitbake: bitbake: Bump verison 1.43.1 -> 1.43.2
Robert Yang (6):
cases/bbtests.py: test_bitbake_g(): Check base-files rather than busybox
expect: Fix configure error for nativesdk
net-tools: Fix installed-vs-shipped for nativesdk
expect: Fix buffer overflow error when build in long path
apr: Check for libtoolize rather than libtool
lttng-ust: Fix for --enable-python-agent
Ross Burton (12):
oeqa/selftest/reproducible: test ipkgs too
distcc: clean up the UI install logic
distcc: use --enable-tcp-insecure instead of --make-me-a-botnet
distcc: split into client and server packages
json-c: clean up recipe
json-c: use GitHub for upstream release checking
bitbake: fetch2/git: refactor check for git-lfs command
bitbake: tests/fetch: add test case for git-lfs handling
python3: move runpy to core
pango: fix the failing testiter test case
opkg: remove redundant systemd inherit
lttng-ust: update patch Signed-off-by
Trevor Gamblin (5):
python3-subunit: ensure runtime dependencies are present
python3-pip: ensure pickle is installed
lighttpd: remove fam as a PACKAGECONFIG option
tiff: fix CVE-2019-14973
opkg: remove pathfinder PACKAGECONFIG option
Wang Quanyang (1):
kexec-tools: fix arm kexec failure for __NR_kexec_file_load
Yi Zhao (1):
python: add tk-lib as runtime dependency for python-tkinter
Change-Id: I0570125d49f7e4bc3bbf70508cbfd7e10bdbc032
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-extended/ltp')
-rw-r--r-- | poky/meta/recipes-extended/ltp/ltp/0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch | 64 | ||||
-rw-r--r-- | poky/meta/recipes-extended/ltp/ltp_20190517.bb | 1 |
2 files changed, 65 insertions, 0 deletions
diff --git a/poky/meta/recipes-extended/ltp/ltp/0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch b/poky/meta/recipes-extended/ltp/ltp/0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch new file mode 100644 index 000000000..cc4008130 --- /dev/null +++ b/poky/meta/recipes-extended/ltp/ltp/0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch @@ -0,0 +1,64 @@ +From e3a8502d0a4f8a44ddd02ca4b2efc097133fb9f7 Mon Sep 17 00:00:00 2001 +From: Mathias Fiedler <mathias.fiedler@aox-tech.de> +Date: Fri, 23 Aug 2019 12:46:48 +0200 +Subject: [PATCH] cve-2017-17052: Avoid unsafe exits in threads + +According to manpage exit(3) calling exit is not thread-safe. +And with glibc 2.28 (and probably also with glibc >=2.27) sometimes +child processes created in fork_thread can get stuck on process exit in +glibc's __run_exit_handlers trying to acquire some lock which was in +locked state while the fork was created. This can happen when exit is +called in mmap_thread concurrently to the fork. +While the main process will still return with PASSED some of its +children are left behind. + +Comparing the source code with the original program as described in the +commit 2b7e8665b4ff51c034c55df3cff76518d1a9ee3a of linux kernel >=4.13 +the exits in mmap_thread and fork_thread should not be necessary to +trigger the original bug. + +Therefore those exit calls are removed. The mmap_thread and fork_thread +should still exit when their corresponding main thread in do_test_fork +calls exit_group. The remaining exit in do_test_fork will be called in +the main thread without any concurrent thread in the same process. + +Signed-off-by: Mathias Fiedler <mathias.fiedler@aox-tech.de> +Acked-by: Cyril Hrubis <chrubis@suse.cz> +Acked-by: Jan Stancek <jstancek@redhat.com> + +Upstream-Status: Backport +[https://github.com/linux-test-project/ltp/commit/9f0b452c1af4bcb54da35711eb3fa77334a350b4] + +CVE: CVE-2017-17052 + +Signed-off-by: He Zhe <zhe.he@windriver.com> +--- + testcases/cve/cve-2017-17052.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/testcases/cve/cve-2017-17052.c b/testcases/cve/cve-2017-17052.c +index d7da7e919..18cd2a6d7 100644 +--- a/testcases/cve/cve-2017-17052.c ++++ b/testcases/cve/cve-2017-17052.c +@@ -58,8 +58,6 @@ static void *mmap_thread(void *arg) + for (;;) { + SAFE_MMAP(NULL, 0x1000000, PROT_READ, + MAP_POPULATE|MAP_ANONYMOUS|MAP_PRIVATE, -1, 0); +- if (*do_exit) +- exit(0); + } + + return arg; +@@ -67,9 +65,6 @@ static void *mmap_thread(void *arg) + + static void *fork_thread(void *arg) + { +- if (*do_exit) +- exit(0); +- + usleep(rand() % 10000); + SAFE_FORK(); + +-- +2.17.1 + diff --git a/poky/meta/recipes-extended/ltp/ltp_20190517.bb b/poky/meta/recipes-extended/ltp/ltp_20190517.bb index e9a588f49..465071560 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20190517.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20190517.bb @@ -48,6 +48,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \ file://0001-cve-meltdown.c-Fix-kernel-symbol-finding.patch \ file://0001-testcases-use-python3-everywhere-to-run-python-scrip.patch \ file://0001-syscall-rt_sigtimedwait01-Fix-wrong-sigset-length-fo.patch \ + file://0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch \ " S = "${WORKDIR}/git" |