diff options
30 files changed, 1564 insertions, 249 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1u.bb b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1v.bb index 6e0ad9ac4..5353a9421 100644 --- a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1u.bb +++ b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1v.bb @@ -15,7 +15,7 @@ PV = "1.0+git${SRCPV}" S = "${WORKDIR}/git" -SRCREV = "3f499b24f3bcd66db022074f7e8b4f6ee266a3ae" +SRCREV = "5dae6451aac56bdf5be8dc5f20519da0bc55451a" SRC_URI = "git://github.com/openssl/openssl.git;branch=OpenSSL_1_1_1-stable;protocol=https \ file://run-ptest \ diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus.inc b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus.inc new file mode 100644 index 000000000..27e4bd0c4 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus.inc @@ -0,0 +1,35 @@ +inherit autotools pkgconfig gettext upstream-version-is-even + +LICENSE = "AFL-2.1 | GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \ + file://dbus/dbus.h;beginline=6;endline=20;md5=7755c9d7abccd5dbd25a6a974538bb3c" + +SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \ + file://tmpdir.patch \ + file://dbus-1.init \ + file://clear-guid_from_server-if-send_negotiate_unix_f.patch \ + file://stop_using_selinux_set_mapping.patch \ +" + +SRC_URI[md5sum] = "28d92a7a576f7feec7ddb3bb87b28b43" +SRC_URI[sha256sum] = "9da1e3f2b73f75eec0a9e4509d64be43909d1f2853fe809528a0a53984d76420" + +EXTRA_OECONF = "--disable-xml-docs \ + --disable-doxygen-docs \ + --enable-largefile \ + --with-system-socket=/run/dbus/system_bus_socket \ + " +EXTRA_OECONF:append:class-target = " SYSTEMCTL=${base_bindir}/systemctl" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)} \ + user-session \ + " +PACKAGECONFIG:class-native = "" +PACKAGECONFIG:class-nativesdk = "" + +PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd" +PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm" +PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session" +PACKAGECONFIG[verbose-mode] = "--enable-verbose-mode,,," +PACKAGECONFIG[audit] = "--enable-libaudit,--disable-libaudit,audit" +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux" diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42010.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42010.patch deleted file mode 100644 index d2693ed69..000000000 --- a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42010.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 9d07424e9011e3bbe535e83043d335f3093d2916 Mon Sep 17 00:00:00 2001 -From: Simon McVittie <smcv@collabora.com> -Date: Tue, 13 Sep 2022 15:10:22 +0100 -Subject: [PATCH] dbus-marshal-validate: Check brackets in signature nest -correctly - -In debug builds with assertions enabled, a signature with incorrectly -nested `()` and `{}`, for example `a{i(u}` or `(a{ii)}`, could result -in an assertion failure. - -In production builds without assertions enabled, a signature with -incorrectly nested `()` and `{}` could potentially result in a crash -or incorrect message parsing, although we do not have a concrete example -of either of these failure modes. - -Thanks: Evgeny Vereshchagin -Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/418 -Resolves: CVE-2022-42010 -Signed-off-by: Simon McVittie <smcv@collabora.com> ---- - dbus/dbus-marshal-validate.c | 38 +++++++++++++++++++++++++++++++++++- - 1 file changed, 37 insertions(+), 1 deletion(-) - -diff --git a/dbus/dbus-marshal-validate.c b/dbus/dbus-marshal-validate.c -index 4d492f3f3..ae68414dd 100644 ---- a/dbus/dbus-marshal-validate.c -+++ b/dbus/dbus-marshal-validate.c -@@ -62,6 +62,8 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, - - int element_count; - DBusList *element_count_stack; -+ char opened_brackets[DBUS_MAXIMUM_TYPE_RECURSION_DEPTH * 2 + 1] = { '\0' }; -+ char last_bracket; - - result = DBUS_VALID; - element_count_stack = NULL; -@@ -93,6 +95,10 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, - - while (p != end) - { -+ _dbus_assert (struct_depth + dict_entry_depth >= 0); -+ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); -+ _dbus_assert (opened_brackets[struct_depth + dict_entry_depth] == '\0'); -+ - switch (*p) - { - case DBUS_TYPE_BYTE: -@@ -136,6 +142,10 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, - goto out; - } - -+ _dbus_assert (struct_depth + dict_entry_depth >= 1); -+ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); -+ _dbus_assert (opened_brackets[struct_depth + dict_entry_depth - 1] == '\0'); -+ opened_brackets[struct_depth + dict_entry_depth - 1] = DBUS_STRUCT_BEGIN_CHAR; - break; - - case DBUS_STRUCT_END_CHAR: -@@ -151,9 +161,20 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, - goto out; - } - -+ _dbus_assert (struct_depth + dict_entry_depth >= 1); -+ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); -+ last_bracket = opened_brackets[struct_depth + dict_entry_depth - 1]; -+ -+ if (last_bracket != DBUS_STRUCT_BEGIN_CHAR) -+ { -+ result = DBUS_INVALID_STRUCT_ENDED_BUT_NOT_STARTED; -+ goto out; -+ } -+ - _dbus_list_pop_last (&element_count_stack); - - struct_depth -= 1; -+ opened_brackets[struct_depth + dict_entry_depth] = '\0'; - break; - - case DBUS_DICT_ENTRY_BEGIN_CHAR: -@@ -178,6 +199,10 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, - goto out; - } - -+ _dbus_assert (struct_depth + dict_entry_depth >= 1); -+ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); -+ _dbus_assert (opened_brackets[struct_depth + dict_entry_depth - 1] == '\0'); -+ opened_brackets[struct_depth + dict_entry_depth - 1] = DBUS_DICT_ENTRY_BEGIN_CHAR; - break; - - case DBUS_DICT_ENTRY_END_CHAR: -@@ -186,8 +211,19 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, - result = DBUS_INVALID_DICT_ENTRY_ENDED_BUT_NOT_STARTED; - goto out; - } -- -+ -+ _dbus_assert (struct_depth + dict_entry_depth >= 1); -+ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); -+ last_bracket = opened_brackets[struct_depth + dict_entry_depth - 1]; -+ -+ if (last_bracket != DBUS_DICT_ENTRY_BEGIN_CHAR) -+ { -+ result = DBUS_INVALID_DICT_ENTRY_ENDED_BUT_NOT_STARTED; -+ goto out; -+ } -+ - dict_entry_depth -= 1; -+ opened_brackets[struct_depth + dict_entry_depth] = '\0'; - - element_count = - _DBUS_POINTER_TO_INT (_dbus_list_pop_last (&element_count_stack)); --- -GitLab - diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42011.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42011.patch deleted file mode 100644 index 9284dd666..000000000 --- a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42011.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 079bbf16186e87fb0157adf8951f19864bc2ed69 Mon Sep 17 00:00:00 2001 -From: Simon McVittie <smcv@collabora.com> -Date: Mon, 12 Sep 2022 13:14:18 +0100 -Subject: [PATCH] dbus-marshal-validate: Validate length of arrays of - fixed-length items - -This fast-path previously did not check that the array was made up -of an integer number of items. This could lead to assertion failures -and out-of-bounds accesses during subsequent message processing (which -assumes that the message has already been validated), particularly after -the addition of _dbus_header_remove_unknown_fields(), which makes it -more likely that dbus-daemon will apply non-trivial edits to messages. - -Thanks: Evgeny Vereshchagin -Fixes: e61f13cf "Bug 18064 - more efficient validation for fixed-size type arrays" -Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/413 -Resolves: CVE-2022-42011 -Signed-off-by: Simon McVittie <smcv@collabora.com> ---- - dbus/dbus-marshal-validate.c | 13 ++++++++++++- - 1 file changed, 12 insertions(+), 1 deletion(-) - -diff --git a/dbus/dbus-marshal-validate.c b/dbus/dbus-marshal-validate.c -index ae68414dd..7d0d6cf72 100644 ---- a/dbus/dbus-marshal-validate.c -+++ b/dbus/dbus-marshal-validate.c -@@ -503,13 +503,24 @@ validate_body_helper (DBusTypeReader *reader, - */ - if (dbus_type_is_fixed (array_elem_type)) - { -+ /* Note that fixed-size types all have sizes equal to -+ * their alignments, so this is really the item size. */ -+ alignment = _dbus_type_get_alignment (array_elem_type); -+ _dbus_assert (alignment == 1 || alignment == 2 || -+ alignment == 4 || alignment == 8); -+ -+ /* Because the alignment is a power of 2, this is -+ * equivalent to: (claimed_len % alignment) != 0, -+ * but avoids slower integer division */ -+ if ((claimed_len & (alignment - 1)) != 0) -+ return DBUS_INVALID_ARRAY_LENGTH_INCORRECT; -+ - /* bools need to be handled differently, because they can - * have an invalid value - */ - if (array_elem_type == DBUS_TYPE_BOOLEAN) - { - dbus_uint32_t v; -- alignment = _dbus_type_get_alignment (array_elem_type); - - while (p < array_end) - { --- -GitLab - diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42012.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42012.patch deleted file mode 100644 index 53b0e92ff..000000000 --- a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/CVE-2022-42012.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 236f16e444e88a984cf12b09225e0f8efa6c5b44 Mon Sep 17 00:00:00 2001 -From: Simon McVittie <smcv@collabora.com> -Date: Fri, 30 Sep 2022 13:46:31 +0100 -Subject: [PATCH] dbus-marshal-byteswap: Byte-swap Unix fd indexes if needed - -When a D-Bus message includes attached file descriptors, the body of the -message contains unsigned 32-bit indexes pointing into an out-of-band -array of file descriptors. Some D-Bus APIs like GLib's GDBus refer to -these indexes as "handles" for the associated fds (not to be confused -with a Windows HANDLE, which is a kernel object). - -The assertion message removed by this commit is arguably correct up to -a point: fd-passing is only reasonable on a local machine, and no known -operating system allows processes of differing endianness even on a -multi-endian ARM or PowerPC CPU, so it makes little sense for the sender -to specify a byte-order that differs from the byte-order of the recipient. - -However, this doesn't account for the fact that a malicious sender -doesn't have to restrict itself to only doing things that make sense. -On a system with untrusted local users, a message sender could crash -the system dbus-daemon (a denial of service) by sending a message in -the opposite endianness that contains handles to file descriptors. - -Before this commit, if assertions are enabled, attempting to byteswap -a fd index would cleanly crash the message recipient with an assertion -failure. If assertions are disabled, attempting to byteswap a fd index -would silently do nothing without advancing the pointer p, causing the -message's type and the pointer into its contents to go out of sync, which -can result in a subsequent crash (the crash demonstrated by fuzzing was -a use-after-free, but other failure modes might be possible). - -In principle we could resolve this by rejecting wrong-endianness messages -from a local sender, but it's actually simpler and less code to treat -wrong-endianness messages as valid and byteswap them. - -Thanks: Evgeny Vereshchagin -Fixes: ba7daa60 "unix-fd: add basic marshalling code for unix fds" -Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/417 -Resolves: CVE-2022-42012 -Signed-off-by: Simon McVittie <smcv@collabora.com> ---- - dbus/dbus-marshal-byteswap.c | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/dbus/dbus-marshal-byteswap.c b/dbus/dbus-marshal-byteswap.c -index e9de6f02a..9dd1246f9 100644 ---- a/dbus/dbus-marshal-byteswap.c -+++ b/dbus/dbus-marshal-byteswap.c -@@ -62,6 +62,7 @@ byteswap_body_helper (DBusTypeReader *reader, - case DBUS_TYPE_BOOLEAN: - case DBUS_TYPE_INT32: - case DBUS_TYPE_UINT32: -+ case DBUS_TYPE_UNIX_FD: - { - p = _DBUS_ALIGN_ADDRESS (p, 4); - *((dbus_uint32_t*)p) = DBUS_UINT32_SWAP_LE_BE (*((dbus_uint32_t*)p)); -@@ -192,11 +193,6 @@ byteswap_body_helper (DBusTypeReader *reader, - } - break; - -- case DBUS_TYPE_UNIX_FD: -- /* fds can only be passed on a local machine, so byte order must always match */ -- _dbus_assert_not_reached("attempted to byteswap unix fds which makes no sense"); -- break; -- - default: - _dbus_assert_not_reached ("invalid typecode in supposedly-validated signature"); - break; --- -GitLab - diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch new file mode 100644 index 000000000..6bb6d9c82 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch @@ -0,0 +1,104 @@ +From b8f84bd39485d3977625c9a8b8e8cff5d23be56f Mon Sep 17 00:00:00 2001 +From: Roy Li <rongqing.li@windriver.com> +Date: Thu, 27 Feb 2014 09:05:02 +0800 +Subject: [PATCH] dbus: clear guid_from_server if send_negotiate_unix_fd + failed + +Upstream-Status: Submitted + +bus-test dispatch test failed with below information: + ./bus/bus-test: Running message dispatch test + Activating service name='org.freedesktop.DBus.TestSuiteEchoService' + Successfully activated service 'org.freedesktop.DBus.TestSuiteEchoService' + 6363: assertion failed "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0" file "dbus-auth.c" line 1545 function process_ok + ./bus/bus-test(_dbus_print_backtrace+0x29) [0x80cb969] + ./bus/bus-test(_dbus_abort+0x14) [0x80cfb44] + ./bus/bus-test(_dbus_real_assert+0x53) [0x80b52c3] + ./bus/bus-test() [0x80e24da] + ./bus/bus-test(_dbus_auth_do_work+0x388) [0x80e3848] + ./bus/bus-test() [0x80aea49] + ./bus/bus-test() [0x80affde] + ./bus/bus-test(_dbus_transport_handle_watch+0xb1) [0x80ad841] + ./bus/bus-test(_dbus_connection_handle_watch+0x104) [0x8089174] + ./bus/bus-test(dbus_watch_handle+0xd8) [0x80b15e8] + ./bus/bus-test(_dbus_loop_iterate+0x4a9) [0x80d1509] + ./bus/bus-test(bus_test_run_clients_loop+0x5d) [0x808129d] + ./bus/bus-test() [0x806cab0] + ./bus/bus-test() [0x806e0ca] + ./bus/bus-test() [0x806da6f] + ./bus/bus-test(_dbus_test_oom_handling+0x18c) [0x80b5c8c] + ./bus/bus-test() [0x806f723] + ./bus/bus-test(bus_dispatch_test+0x3c) [0x8071aac] + ./bus/bus-test(main+0x1b7) [0x805acc7] + /lib/libc.so.6(__libc_start_main+0xf3) [0x45f919b3] + ./bus/bus-test() [0x805ae39] + +The stack is below: + #0 0xffffe425 in __kernel_vsyscall () + #1 0x45fa62d6 in raise () from /lib/libc.so.6 + #2 0x45fa9653 in abort () from /lib/libc.so.6 + #3 0x080cfb65 in _dbus_abort () at dbus-sysdeps.c:94 + #4 0x080b52c3 in _dbus_real_assert (condition=0, + condition_text=condition_text@entry=0x8117a38 "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0", + file=file@entry=0x8117273 "dbus-auth.c", line=line@entry=1545, + func=func@entry=0x8117f8e <__FUNCTION__.3492> "process_ok") + data=0x8157290) at dbus-connection.c:1515 + #0 0x00000033fee353e9 in raise () from /lib64/libc.so.6 + #1 0x00000033fee38508 in abort () from /lib64/libc.so.6 + #2 0x000000000047d585 in _dbus_abort () at dbus-sysdeps.c:94 + #3 0x0000000000466486 in _dbus_real_assert (condition=<optimized out>, + condition_text=condition_text@entry=0x4c2988 "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0", + file=file@entry=0x4c21a5 "dbus-auth.c", line=line@entry=1546, + func=func@entry=0x4c2fce <__FUNCTION__.3845> "process_ok") + at dbus-internals.c:931 + #4 0x000000000048d424 in process_ok (args_from_ok=0x7fffffffe480, + auth=0x6ff340) at dbus-auth.c:1546 + #5 handle_client_state_waiting_for_data (auth=0x6ff340, + command=<optimized out>, args=0x7fffffffe480) at dbus-auth.c:1996 + #6 0x000000000048e789 in process_command (auth=0x6ff340) at dbus-auth.c:2208 + #7 _dbus_auth_do_work (auth=0x6ff340) at dbus-auth.c:2458 + #8 0x000000000046091d in do_authentication ( + transport=transport@entry=0x6ffaa0, do_reading=do_reading@entry=1, + do_writing=do_writing@entry=0, + auth_completed=auth_completed@entry=0x7fffffffe55c) + at dbus-transport-socket.c:442 + #9 0x0000000000461d08 in socket_handle_watch (transport=0x6ffaa0, + watch=0x6f4190, flags=1) at dbus-transport-socket.c:921 + #10 0x000000000045fa3a in _dbus_transport_handle_watch (transport=0x6ffaa0, + +Once send_negotiate_unix_fd failed, this failure will happen, since +auth->guid_from_server has been set to some value before +send_negotiate_unix_fd. send_negotiate_unix_fd failure will lead to +this auth be handled by process_ok again, but this auth->guid_from_server +is not zero. + +So we should clear auth->guid_from_server if send_negotiate_unix_fd failed + +Signed-off-by: Roy Li <rongqing.li@windriver.com> +--- + dbus/dbus-auth.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c +index d2c37a7..37b45c6 100644 +--- a/dbus/dbus-auth.c ++++ b/dbus/dbus-auth.c +@@ -1571,8 +1571,13 @@ process_ok(DBusAuth *auth, + _dbus_verbose ("Got GUID '%s' from the server\n", + _dbus_string_get_const_data (& DBUS_AUTH_CLIENT (auth)->guid_from_server)); + +- if (auth->unix_fd_possible) +- return send_negotiate_unix_fd(auth); ++ if (auth->unix_fd_possible) { ++ if (!send_negotiate_unix_fd(auth)) { ++ _dbus_string_set_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server, 0); ++ return FALSE; ++ } ++ return TRUE; ++ } + + _dbus_verbose("Not negotiating unix fd passing, since not possible\n"); + return send_begin (auth); +-- +1.7.10.4 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/dbus-1.init b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/dbus-1.init new file mode 100644 index 000000000..90e167e57 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/dbus-1.init @@ -0,0 +1,123 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: dbus +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 1 +# Short-Description: D-Bus systemwide message bus +# Description: D-Bus is a simple interprocess messaging system, used +# for sending messages between applications. +### END INIT INFO +# +# -*- coding: utf-8 -*- +# Debian init.d script for D-BUS +# Copyright © 2003 Colin Walters <walters@debian.org> + +# set -e + +# Source function library. +. /etc/init.d/functions + +DAEMON=@bindir@/dbus-daemon +NAME=dbus +DAEMONUSER=messagebus # must match /usr/share/dbus-1/system.conf +PIDFILE=/var/run/dbus/pid # must match /usr/share/dbus-1/system.conf +UUIDDIR=/var/lib/dbus +DESC="system message bus" +EVENTDIR=/etc/dbus-1/event.d + +test -x $DAEMON || exit 0 + +# Source defaults file; edit that file to configure this script. +ENABLED=1 +PARAMS="" +if [ -e /etc/default/dbus ]; then + . /etc/default/dbus +fi + +test "$ENABLED" != "0" || exit 0 + +start_it_up() +{ + mkdir -p "`dirname $PIDFILE`" + if [ -e $PIDFILE ]; then + PIDDIR=/proc/$(cat $PIDFILE) + if [ -d ${PIDDIR} -a "$(readlink -f ${PIDDIR}/exe)" = "${DAEMON}" ]; then + echo "$DESC already started; not starting." + else + echo "Removing stale PID file $PIDFILE." + rm -f $PIDFILE + fi + fi + + if [ ! -d $UUIDDIR ]; then + mkdir -p $UUIDDIR + chown $DAEMONUSER $UUIDDIR + chgrp $DAEMONUSER $UUIDDIR + fi + + dbus-uuidgen --ensure + + echo -n "Starting $DESC: " + start-stop-daemon -o --start --quiet --pidfile $PIDFILE \ + --user $DAEMONUSER --exec $DAEMON -- --system $PARAMS + echo "$NAME." + if [ -d $EVENTDIR ]; then + run-parts --arg=start $EVENTDIR + fi +} + +shut_it_down() +{ + if [ -d $EVENTDIR ]; then + # TODO: --reverse when busybox supports it + run-parts --arg=stop $EVENTDIR + fi + echo -n "Stopping $DESC: " + start-stop-daemon -o --stop --quiet --pidfile $PIDFILE \ + --user $DAEMONUSER + # We no longer include these arguments so that start-stop-daemon + # can do its job even given that we may have been upgraded. + # We rely on the pidfile being sanely managed + # --exec $DAEMON -- --system $PARAMS + echo "$NAME." + rm -f $PIDFILE +} + +reload_it() +{ + echo -n "Reloading $DESC config: " + dbus-send --print-reply --system --type=method_call \ + --dest=org.freedesktop.DBus \ + / org.freedesktop.DBus.ReloadConfig > /dev/null + # hopefully this is enough time for dbus to reload it's config file. + echo "done." +} + +case "$1" in + start) + start_it_up + ;; + stop) + shut_it_down + ;; + status) + status $DAEMON + exit $? + ;; + reload|force-reload) + reload_it + ;; + restart) + shut_it_down + sleep 1 + start_it_up + ;; + *) + echo "Usage: /etc/init.d/$NAME {start|stop|status|restart|reload|force-reload}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/python-config.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/python-config.patch new file mode 100644 index 000000000..da2f10c72 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/python-config.patch @@ -0,0 +1,34 @@ +When building the dbus-ptest package, we have to enable python. However +checking if the host-system python has the necessary library isn't useful. + +Disable the python module check for cross compiling. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mark Hatle <mark.hatle@windriver.com> + +--- + configure.ac | 7 ------- + 1 file changed, 7 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 80d27b4..becc1cc 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -279,13 +279,6 @@ if test "x$enable_tests" = xyes; then + # full test coverage is required, Python is a hard dependency + AC_MSG_NOTICE([Full test coverage (--enable-tests=yes) requires Python, dbus-python, pygi]) + AM_PATH_PYTHON([2.6]) +- AC_MSG_CHECKING([for Python modules for full test coverage]) +- if "$PYTHON" -c "import dbus, gi.repository.GObject, dbus.mainloop.glib"; then +- AC_MSG_RESULT([yes]) +- else +- AC_MSG_RESULT([no]) +- AC_MSG_ERROR([cannot import dbus, gi.repository.GObject, dbus.mainloop.glib Python modules]) +- fi + else + # --enable-tests not given: do not abort if Python is missing + AM_PATH_PYTHON([2.6], [], [:]) +-- +1.9.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/run-ptest b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/run-ptest new file mode 100755 index 000000000..d3eec0823 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/run-ptest @@ -0,0 +1,35 @@ +#!/bin/sh + +output() { + retcode=$? + if [ $retcode -eq 0 ] + then echo "PASS: $i" + elif [ $retcode -eq 77 ] + then echo "SKIP: $i" + else echo "FAIL: $i" + fi +} + +export DBUS_TEST_HOMEDIR=./test +export XDG_RUNTIME_DIR=./test +export LD_LIBRARY_PATH=@PTEST_PATH@/test/.libs + +files=`ls test/test-*` + +for i in $files +do + #these programs are used by testcase test-bus, don't run here + #additionally, test-names needs to be run under X + if [ $i = "test/test-service" ] \ + || [ $i = "test/test-shell-service" ] \ + || [ $i = "test/test-segfault" ] \ + || [ $i = "test/test-bus" ] \ + || [ $i = "test/test-names" ] + then + continue + fi + + ./$i ./test/data >/dev/null 2>&1 + output +done + diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch new file mode 100644 index 000000000..7035098e4 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch @@ -0,0 +1,148 @@ +From 6072f8b24153d844a3033108a17bcd0c1a967816 Mon Sep 17 00:00:00 2001 +From: Laurent Bigonville <bigon@bigon.be> +Date: Sat, 3 Mar 2018 11:15:23 +0100 +Subject: [PATCH] Stop using selinux_set_mapping() function + +Currently, if the "dbus" security class or the associated AV doesn't +exist, dbus-daemon fails to initialize and exits immediately. Also the +security classes or access vector cannot be reordered in the policy. +This can be a problem for people developing their own policy or trying +to access a machine where, for some reasons, there is not policy defined +at all. + +The code here copy the behaviour of the selinux_check_access() function. +We cannot use this function here as it doesn't allow us to define the +AVC entry reference. + +See the discussion at https://marc.info/?l=selinux&m=152163374332372&w=2 + +Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/198 +--- + bus/selinux.c | 75 ++++++++++++++++++++++++++++----------------------- + 1 file changed, 42 insertions(+), 33 deletions(-) + + +Upstream-Status: Backport +Signed-off-by: Nisha.Parrakat <Nisha.Parrakat@kpit.com> +diff --git a/bus/selinux.c b/bus/selinux.c + +--- a/bus/selinux.c 2021-08-11 14:45:59.048513026 +0000 ++++ b/bus/selinux.c 2021-08-11 14:57:47.144846966 +0000 +@@ -311,24 +311,6 @@ + #endif + } + +-/* +- * Private Flask definitions; the order of these constants must +- * exactly match that of the structure array below! +- */ +-/* security dbus class constants */ +-#define SECCLASS_DBUS 1 +- +-/* dbus's per access vector constants */ +-#define DBUS__ACQUIRE_SVC 1 +-#define DBUS__SEND_MSG 2 +- +-#ifdef HAVE_SELINUX +-static struct security_class_mapping dbus_map[] = { +- { "dbus", { "acquire_svc", "send_msg", NULL } }, +- { NULL } +-}; +-#endif /* HAVE_SELINUX */ +- + /** + * Establish dynamic object class and permission mapping and + * initialize the user space access vector cache (AVC) for D-Bus and set up +@@ -350,13 +332,6 @@ + + _dbus_verbose ("SELinux is enabled in this kernel.\n"); + +- if (selinux_set_mapping (dbus_map) < 0) +- { +- _dbus_warn ("Failed to set up security class mapping (selinux_set_mapping():%s).", +- strerror (errno)); +- return FALSE; +- } +- + avc_entry_ref_init (&aeref); + if (avc_init ("avc", &mem_cb, &log_cb, &thread_cb, &lock_cb) < 0) + { +@@ -421,19 +396,53 @@ + static dbus_bool_t + bus_selinux_check (BusSELinuxID *sender_sid, + BusSELinuxID *override_sid, +- security_class_t target_class, +- access_vector_t requested, ++ const char *target_class, ++ const char *requested, + DBusString *auxdata) + { ++ int saved_errno; ++ security_class_t security_class; ++ access_vector_t requested_access; ++ + if (!selinux_enabled) + return TRUE; + ++ security_class = string_to_security_class (target_class); ++ if (security_class == 0) ++ { ++ saved_errno = errno; ++ log_callback (SELINUX_ERROR, "Unknown class %s", target_class); ++ if (security_deny_unknown () == 0) ++ { ++ return TRUE; ++ } ++ ++ _dbus_verbose ("Unknown class %s\n", target_class); ++ errno = saved_errno; ++ return FALSE; ++ } ++ ++ requested_access = string_to_av_perm (security_class, requested); ++ if (requested_access == 0) ++ { ++ saved_errno = errno; ++ log_callback (SELINUX_ERROR, "Unknown permission %s for class %s", requested, target_class); ++ if (security_deny_unknown () == 0) ++ { ++ return TRUE; ++ } ++ ++ _dbus_verbose ("Unknown permission %s for class %s\n", requested, target_class); ++ errno = saved_errno; ++ return FALSE; ++ } ++ + /* Make the security check. AVC checks enforcing mode here as well. */ + if (avc_has_perm (SELINUX_SID_FROM_BUS (sender_sid), + override_sid ? + SELINUX_SID_FROM_BUS (override_sid) : + bus_sid, +- target_class, requested, &aeref, auxdata) < 0) ++ security_class, requested_access, &aeref, auxdata) < 0) + { + switch (errno) + { +@@ -500,8 +509,8 @@ + + ret = bus_selinux_check (connection_sid, + service_sid, +- SECCLASS_DBUS, +- DBUS__ACQUIRE_SVC, ++ "dbus", ++ "acquire_svc", + &auxdata); + + _dbus_string_free (&auxdata); +@@ -629,8 +638,8 @@ + + ret = bus_selinux_check (sender_sid, + recipient_sid, +- SECCLASS_DBUS, +- DBUS__SEND_MSG, ++ "dbus", ++ "send_msg", + &auxdata); + + _dbus_string_free (&auxdata); diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/tmpdir.patch b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/tmpdir.patch new file mode 100644 index 000000000..bf086e178 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus/tmpdir.patch @@ -0,0 +1,44 @@ +From 5105fedd7fa13dadd2d0d864fb77873b83b79a4b Mon Sep 17 00:00:00 2001 +From: Koen Kooi <koen@dominion.thruhere.net> +Date: Thu, 23 Jun 2011 13:52:09 +0200 +Subject: [PATCH] buildsys: hardcode socketdir to /tmp + +the TMPDIR env var isn't always pointing to the right target path + +Upstream-Status: Inappropriate [embedded] + +Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> + +Original comment: + + avoid to check tmp dir at build time. instead uses hard coded /tmp here + comment added by Kevin Tian <kevin.tian@intel.com> +--- + configure.ac | 11 +---------- + 1 files changed, 1 insertions(+), 10 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 408054b..6d26180 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1483,16 +1483,7 @@ AC_SUBST(TEST_LAUNCH_HELPER_BINARY) + AC_DEFINE_UNQUOTED(DBUS_TEST_LAUNCH_HELPER_BINARY, "$TEST_LAUNCH_HELPER_BINARY", + [Full path to the launch helper test program in the builddir]) + +-#### Find socket directories +-if ! test -z "$TMPDIR" ; then +- DEFAULT_SOCKET_DIR=$TMPDIR +-elif ! test -z "$TEMP" ; then +- DEFAULT_SOCKET_DIR=$TEMP +-elif ! test -z "$TMP" ; then +- DEFAULT_SOCKET_DIR=$TMP +-else +- DEFAULT_SOCKET_DIR=/tmp +-fi ++DEFAULT_SOCKET_DIR=/tmp + + DEFAULT_SOCKET_DIR=`echo $DEFAULT_SOCKET_DIR | sed 's/+/%2B/g'` + +-- +1.6.6.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus_%.bbappend b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus_%.bbappend deleted file mode 100644 index af073e92a..000000000 --- a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" -SRC_URI += " \ - file://CVE-2022-42010.patch \ - file://CVE-2022-42011.patch \ - file://CVE-2022-42012.patch \ - " diff --git a/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus_1.12.28.bb b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus_1.12.28.bb new file mode 100644 index 000000000..48947209d --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/dbus/dbus_1.12.28.bb @@ -0,0 +1,153 @@ +SUMMARY = "D-Bus message bus" +DESCRIPTION = "D-Bus is a message bus system, a simple way for applications to talk to one another. In addition to interprocess communication, D-Bus helps coordinate process lifecycle; it makes it simple and reliable to code a \"single instance\" application or daemon, and to launch applications and daemons on demand when their services are needed." +HOMEPAGE = "https://dbus.freedesktop.org" +SECTION = "base" + +require dbus.inc + +DEPENDS = "expat virtual/libintl autoconf-archive" +PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${PN}-ptest', '', d)}" +ALLOW_EMPTY:dbus-ptest = "1" +RDEPENDS:dbus-ptest:class-target = "dbus-test-ptest" +RDEPENDS:${PN} += "${PN}-common ${PN}-tools" +RDEPENDS:${PN}:class-native = "" + +inherit useradd update-rc.d + +INITSCRIPT_NAME = "dbus-1" +INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ." + +python __anonymous() { + if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") +} + +PACKAGES =+ "${PN}-lib ${PN}-common ${PN}-tools" + +USERADD_PACKAGES = "dbus-common" +USERADD_PARAM:dbus-common = "--system --home ${localstatedir}/lib/dbus \ + --no-create-home --shell /bin/false \ + --user-group messagebus" + +CONFFILES:${PN} = "${sysconfdir}/dbus-1/system.conf ${sysconfdir}/dbus-1/session.conf" + +DEBIANNAME:${PN} = "dbus-1" + +OLDPKGNAME = "dbus-x11" +OLDPKGNAME:class-nativesdk = "" + +# for compatibility +RPROVIDES:${PN} = "${OLDPKGNAME}" +RREPLACES:${PN} += "${OLDPKGNAME}" + +FILES:${PN} = "${bindir}/dbus-daemon* \ + ${bindir}/dbus-cleanup-sockets \ + ${bindir}/dbus-launch \ + ${bindir}/dbus-run-session \ + ${libexecdir}/dbus* \ + ${sysconfdir} \ + ${localstatedir} \ + ${systemd_system_unitdir} \ + ${systemd_user_unitdir} \ + ${nonarch_libdir}/tmpfiles.d/dbus.conf \ +" +FILES:${PN}-common = "${sysconfdir}/dbus-1 \ + ${datadir}/dbus-1/services \ + ${datadir}/dbus-1/system-services \ + ${datadir}/dbus-1/session.d \ + ${datadir}/dbus-1/session.conf \ + ${datadir}/dbus-1/system.d \ + ${datadir}/dbus-1/system.conf \ + ${systemd_system_unitdir}/dbus.socket \ + ${systemd_system_unitdir}/sockets.target.wants \ + ${systemd_user_unitdir}/dbus.socket \ + ${systemd_user_unitdir}/sockets.target.wants \ + ${nonarch_libdir}/sysusers.d/dbus.conf \ +" +FILES:${PN}-tools = "${bindir}/dbus-uuidgen \ + ${bindir}/dbus-send \ + ${bindir}/dbus-monitor \ + ${bindir}/dbus-update-activation-environment \ +" +FILES:${PN}-lib = "${libdir}/lib*.so.*" +RRECOMMENDS:${PN}-lib = "${PN}" +FILES:${PN}-dev += "${libdir}/dbus-1.0/include ${bindir}/dbus-test-tool ${datadir}/xml/dbus-1" + +PACKAGE_WRITE_DEPS += "${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','systemd-systemctl-native','',d)}" +pkg_postinst:dbus() { + # If both systemd and sysvinit are enabled, mask the dbus-1 init script + if ${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','true','false',d)}; then + if [ -n "$D" ]; then + OPTS="--root=$D" + fi + systemctl $OPTS mask dbus-1.service + fi + + if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then + /etc/init.d/populate-volatile.sh update + fi +} + + +EXTRA_OECONF += "--disable-tests" + +do_install() { + autotools_do_install + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/init.d + sed 's:@bindir@:${bindir}:' < ${WORKDIR}/dbus-1.init >${WORKDIR}/dbus-1.init.sh + install -m 0755 ${WORKDIR}/dbus-1.init.sh ${D}${sysconfdir}/init.d/dbus-1 + install -d ${D}${sysconfdir}/default/volatiles + echo "d messagebus messagebus 0755 ${localstatedir}/run/dbus none" \ + > ${D}${sysconfdir}/default/volatiles/99_dbus + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + for i in dbus.target.wants sockets.target.wants multi-user.target.wants; do \ + install -d ${D}${systemd_system_unitdir}/$i; done + install -m 0644 ${B}/bus/dbus.service ${B}/bus/dbus.socket ${D}${systemd_system_unitdir}/ + ln -fs ../dbus.socket ${D}${systemd_system_unitdir}/dbus.target.wants/dbus.socket + ln -fs ../dbus.socket ${D}${systemd_system_unitdir}/sockets.target.wants/dbus.socket + ln -fs ../dbus.service ${D}${systemd_system_unitdir}/multi-user.target.wants/dbus.service + fi + + + mkdir -p ${D}${localstatedir}/lib/dbus + + chown messagebus:messagebus ${D}${localstatedir}/lib/dbus + + chown root:messagebus ${D}${libexecdir}/dbus-daemon-launch-helper + chmod 4755 ${D}${libexecdir}/dbus-daemon-launch-helper + + # Remove Red Hat initscript + rm -rf ${D}${sysconfdir}/rc.d + + # Remove empty testexec directory as we don't build tests + rm -rf ${D}${libdir}/dbus-1.0/test + + # Remove /var/run as it is created on startup + rm -rf ${D}${localstatedir}/run +} + +do_install:class-native() { + autotools_do_install + + # dbus-launch has no X support so lets not install it in case the host + # has a more featured and useful version + rm -f ${D}${bindir}/dbus-launch +} + +do_install:class-nativesdk() { + autotools_do_install + + # dbus-launch has no X support so lets not install it in case the host + # has a more featured and useful version + rm -f ${D}${bindir}/dbus-launch + + # Remove /var/run to avoid QA error + rm -rf ${D}${localstatedir}/run +} +BBCLASSEXTEND = "native nativesdk" + +INSANE_SKIP:${PN}-ptest += "build-deps" diff --git a/meta-openbmc-mods/meta-common/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch b/meta-openbmc-mods/meta-common/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch new file mode 100644 index 000000000..152db441b --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch @@ -0,0 +1,32 @@ +From 5cf847b5bef8dc3f9f89bd09dd5af4e6603f393c Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Mon, 27 Aug 2018 16:10:55 +0800 +Subject: [PATCH] libjpeg-turbo: fix package_qa error + +Fix package qa errors like below: +libjpeg.so.62.3.0 contains probably-redundant RPATH /usr/lib [useless-rpaths] +usr/bin/cjpeg contains probably-redundant RPATH /usr/lib + +Upstream-Status: Inappropriate[oe-specific] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + CMakeLists.txt | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 2bc3458..ea3041e 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -191,10 +191,6 @@ endif() + report_option(ENABLE_SHARED "Shared libraries") + report_option(ENABLE_STATIC "Static libraries") + +-if(ENABLE_SHARED) +- set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR}) +-endif() +- + if(WITH_JPEG8 OR WITH_JPEG7) + set(WITH_ARITH_ENC 1) + set(WITH_ARITH_DEC 1) diff --git a/meta-openbmc-mods/meta-common/recipes-graphics/jpeg/libjpeg-turbo_3.0.0.bb b/meta-openbmc-mods/meta-common/recipes-graphics/jpeg/libjpeg-turbo_3.0.0.bb new file mode 100644 index 000000000..839f09ab2 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-graphics/jpeg/libjpeg-turbo_3.0.0.bb @@ -0,0 +1,60 @@ +SUMMARY = "Hardware accelerated JPEG compression/decompression library" +DESCRIPTION = "libjpeg-turbo is a derivative of libjpeg that uses SIMD instructions (MMX, SSE2, NEON) to accelerate baseline JPEG compression and decompression" +HOMEPAGE = "http://libjpeg-turbo.org/" + +LICENSE = "IJG & BSD-3-Clause & Zlib" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2a8e0d8226a102f07ab63ed7fd6ce155" + +DEPENDS:append:x86-64:class-target = " nasm-native" +DEPENDS:append:x86:class-target = " nasm-native" + +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \ + file://0001-libjpeg-turbo-fix-package_qa-error.patch \ + " + +SRC_URI[sha256sum] = "c77c65fcce3d33417b2e90432e7a0eb05f59a7fff884022a9d931775d583bfaa" +UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/libjpeg-turbo/files/" +UPSTREAM_CHECK_REGEX = "/libjpeg-turbo/files/(?P<pver>(\d+[\.\-_]*)+)/" + +PE = "1" + +# Drop-in replacement for jpeg +PROVIDES = "jpeg" +RPROVIDES:${PN} += "jpeg" +RREPLACES:${PN} += "jpeg" +RCONFLICTS:${PN} += "jpeg" + +inherit cmake pkgconfig + +export NASMENV = "--reproducible --debug-prefix-map=${WORKDIR}=/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR}" + +# Add nasm-native dependency consistently for all build arches is hard +EXTRA_OECMAKE:append:class-native = " -DWITH_SIMD=False" +EXTRA_OECMAKE:append:class-nativesdk = " -DWITH_SIMD=False" + +# Work around missing x32 ABI support +EXTRA_OECMAKE:append:class-target = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", "-DWITH_SIMD=False", "", d)}" + +# Work around missing non-floating point ABI support in MIPS +EXTRA_OECMAKE:append:class-target = " ${@bb.utils.contains("MIPSPKGSFX_FPU", "-nf", "-DWITH_SIMD=False", "", d)}" + +EXTRA_OECMAKE:append:class-target:arm = " ${@bb.utils.contains("TUNE_FEATURES", "neon", "", "-DWITH_SIMD=False", d)}" +EXTRA_OECMAKE:append:class-target:armeb = " ${@bb.utils.contains("TUNE_FEATURES", "neon", "", "-DWITH_SIMD=False", d)}" + +# Provide a workaround if Altivec unit is not present in PPC +EXTRA_OECMAKE:append:class-target:powerpc = " ${@bb.utils.contains("TUNE_FEATURES", "altivec", "", "-DWITH_SIMD=False", d)}" +EXTRA_OECMAKE:append:class-target:powerpc64 = " ${@bb.utils.contains("TUNE_FEATURES", "altivec", "", "-DWITH_SIMD=False", d)}" +EXTRA_OECMAKE:append:class-target:powerpc64le = " ${@bb.utils.contains("TUNE_FEATURES", "altivec", "", "-DWITH_SIMD=False", d)}" + +DEBUG_OPTIMIZATION:append:armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" +DEBUG_OPTIMIZATION:append:armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" + +PACKAGES =+ "jpeg-tools libturbojpeg" + +DESCRIPTION:jpeg-tools = "The jpeg-tools package includes client programs to access libjpeg functionality. These tools allow for the compression, decompression, transformation and display of JPEG files and benchmarking of the libjpeg library." +FILES:jpeg-tools = "${bindir}/*" + +DESCRIPTION:libturbojpeg = "A SIMD-accelerated JPEG codec which provides only TurboJPEG APIs" +FILES:libturbojpeg = "${libdir}/libturbojpeg.so.*" + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-3566.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-3566.patch new file mode 100644 index 000000000..a7d91c7c2 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-3566.patch @@ -0,0 +1,127 @@ +From f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 Mon Sep 17 00:00:00 2001 +From: Kuniyuki Iwashima <kuniyu@amazon.com> +Date: Thu, 6 Oct 2022 11:53:49 -0700 +Subject: tcp: Fix data races around icsk->icsk_af_ops. + +setsockopt(IPV6_ADDRFORM) and tcp_v6_connect() change icsk->icsk_af_ops +under lock_sock(), but tcp_(get|set)sockopt() read it locklessly. To +avoid load/store tearing, we need to add READ_ONCE() and WRITE_ONCE() +for the reads and writes. + +Thanks to Eric Dumazet for providing the syzbot report: + +BUG: KCSAN: data-race in tcp_setsockopt / tcp_v6_connect + +write to 0xffff88813c624518 of 8 bytes by task 23936 on cpu 0: +tcp_v6_connect+0x5b3/0xce0 net/ipv6/tcp_ipv6.c:240 +__inet_stream_connect+0x159/0x6d0 net/ipv4/af_inet.c:660 +inet_stream_connect+0x44/0x70 net/ipv4/af_inet.c:724 +__sys_connect_file net/socket.c:1976 [inline] +__sys_connect+0x197/0x1b0 net/socket.c:1993 +__do_sys_connect net/socket.c:2003 [inline] +__se_sys_connect net/socket.c:2000 [inline] +__x64_sys_connect+0x3d/0x50 net/socket.c:2000 +do_syscall_x64 arch/x86/entry/common.c:50 [inline] +do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80 +entry_SYSCALL_64_after_hwframe+0x63/0xcd + +read to 0xffff88813c624518 of 8 bytes by task 23937 on cpu 1: +tcp_setsockopt+0x147/0x1c80 net/ipv4/tcp.c:3789 +sock_common_setsockopt+0x5d/0x70 net/core/sock.c:3585 +__sys_setsockopt+0x212/0x2b0 net/socket.c:2252 +__do_sys_setsockopt net/socket.c:2263 [inline] +__se_sys_setsockopt net/socket.c:2260 [inline] +__x64_sys_setsockopt+0x62/0x70 net/socket.c:2260 +do_syscall_x64 arch/x86/entry/common.c:50 [inline] +do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80 +entry_SYSCALL_64_after_hwframe+0x63/0xcd + +value changed: 0xffffffff8539af68 -> 0xffffffff8539aff8 + +Reported by Kernel Concurrency Sanitizer on: +CPU: 1 PID: 23937 Comm: syz-executor.5 Not tainted +6.0.0-rc4-syzkaller-00331-g4ed9c1e971b1-dirty #0 + +Hardware name: Google Google Compute Engine/Google Compute Engine, +BIOS Google 08/26/2022 + +Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") +Reported-by: syzbot <syzkaller@googlegroups.com> +Reported-by: Eric Dumazet <edumazet@google.com> +Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> +Signed-off-by: Jakub Kicinski <kuba@kernel.org> +--- + net/ipv4/tcp.c | 10 ++++++---- + net/ipv6/ipv6_sockglue.c | 3 ++- + net/ipv6/tcp_ipv6.c | 6 ++++-- + 3 files changed, 12 insertions(+), 7 deletions(-) + +diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c +index f5c336f8b0c8..c86d27d653be 100644 +--- a/net/ipv4/tcp.c ++++ b/net/ipv4/tcp.c +@@ -3652,8 +3652,9 @@ int tcp_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval, + const struct inet_connection_sock *icsk = inet_csk(sk); + + if (level != SOL_TCP) +- return icsk->icsk_af_ops->setsockopt(sk, level, optname, +- optval, optlen); ++ /* Paired with WRITE_ONCE() in do_ipv6_setsockopt() and tcp_v6_connect() */ ++ return READ_ONCE(icsk->icsk_af_ops)->setsockopt(sk, level, optname, ++ optval, optlen); + return do_tcp_setsockopt(sk, level, optname, optval, optlen); + } + EXPORT_SYMBOL(tcp_setsockopt); +@@ -4248,8 +4249,9 @@ int tcp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, + struct inet_connection_sock *icsk = inet_csk(sk); + + if (level != SOL_TCP) +- return icsk->icsk_af_ops->getsockopt(sk, level, optname, +- optval, optlen); ++ /* Paired with WRITE_ONCE() in do_ipv6_setsockopt() and tcp_v6_connect() */ ++ return READ_ONCE(icsk->icsk_af_ops)->getsockopt(sk, level, optname, ++ optval, optlen); + return do_tcp_getsockopt(sk, level, optname, optval, optlen); + } + EXPORT_SYMBOL(tcp_getsockopt); +diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c +index e4bdb09c5586..cd4fd98fb68e 100644 +--- a/net/ipv6/ipv6_sockglue.c ++++ b/net/ipv6/ipv6_sockglue.c +@@ -474,7 +474,8 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, + sock_prot_inuse_add(net, &tcp_prot, 1); + local_bh_enable(); + sk->sk_prot = &tcp_prot; +- icsk->icsk_af_ops = &ipv4_specific; ++ /* Paired with READ_ONCE() in tcp_(get|set)sockopt() */ ++ WRITE_ONCE(icsk->icsk_af_ops, &ipv4_specific); + sk->sk_socket->ops = &inet_stream_ops; + sk->sk_family = PF_INET; + tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); +diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c +index b03dd02c9f13..7844f4dfbee1 100644 +--- a/net/ipv6/tcp_ipv6.c ++++ b/net/ipv6/tcp_ipv6.c +@@ -237,7 +237,8 @@ static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, + sin.sin_port = usin->sin6_port; + sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; + +- icsk->icsk_af_ops = &ipv6_mapped; ++ /* Paired with READ_ONCE() in tcp_(get|set)sockopt() */ ++ WRITE_ONCE(icsk->icsk_af_ops, &ipv6_mapped); + if (sk_is_mptcp(sk)) + mptcpv6_handle_mapped(sk, true); + sk->sk_backlog_rcv = tcp_v4_do_rcv; +@@ -249,7 +250,8 @@ static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, + + if (err) { + icsk->icsk_ext_hdr_len = exthdrlen; +- icsk->icsk_af_ops = &ipv6_specific; ++ /* Paired with READ_ONCE() in tcp_(get|set)sockopt() */ ++ WRITE_ONCE(icsk->icsk_af_ops, &ipv6_specific); + if (sk_is_mptcp(sk)) + mptcpv6_handle_mapped(sk, false); + sk->sk_backlog_rcv = tcp_v6_do_rcv; +-- +2.34.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-2156.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-2156.patch new file mode 100644 index 000000000..3ab2ef7c0 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-2156.patch @@ -0,0 +1,39 @@ +From 4e006c7a6dac0ead4c1bf606000aa90a372fc253 Mon Sep 17 00:00:00 2001 +From: Alexander Aring <aahringo@redhat.com> +Date: Mon, 17 Apr 2023 09:00:52 -0400 +Subject: [PATCH] net: rpl: fix rpl header size calculation + +This patch fixes a missing 8 byte for the header size calculation. The +ipv6_rpl_srh_size() is used to check a skb_pull() on skb->data which +points to skb_transport_header(). Currently we only check on the +calculated addresses fields using CmprI and CmprE fields, see: + +https://www.rfc-editor.org/rfc/rfc6554#section-3 + +there is however a missing 8 byte inside the calculation which stands +for the fields before the addresses field. Those 8 bytes are represented +by sizeof(struct ipv6_rpl_sr_hdr) expression. + +Fixes: 8610c7c6e3bd ("net: ipv6: add support for rpl sr exthdr") +Signed-off-by: Alexander Aring <aahringo@redhat.com> +Reported-by: maxpl0it <maxpl0it@protonmail.com> +Reviewed-by: David Ahern <dsahern@kernel.org> +Signed-off-by: David S. Miller <davem@davemloft.net> +--- + net/ipv6/rpl.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/net/ipv6/rpl.c b/net/ipv6/rpl.c +index 488aec9e1a74f3..d1876f19222552 100644 +--- a/net/ipv6/rpl.c ++++ b/net/ipv6/rpl.c +@@ -32,7 +32,8 @@ static void *ipv6_rpl_segdata_pos(const struct ipv6_rpl_sr_hdr *hdr, int i) + size_t ipv6_rpl_srh_size(unsigned char n, unsigned char cmpri, + unsigned char cmpre) + { +- return (n * IPV6_PFXTAIL_LEN(cmpri)) + IPV6_PFXTAIL_LEN(cmpre); ++ return sizeof(struct ipv6_rpl_sr_hdr) + (n * IPV6_PFXTAIL_LEN(cmpri)) + ++ IPV6_PFXTAIL_LEN(cmpre); + } + + void ipv6_rpl_srh_decompress(struct ipv6_rpl_sr_hdr *outhdr, diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3161.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3161.patch new file mode 100644 index 000000000..11c8cf418 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3161.patch @@ -0,0 +1,52 @@ +From 2b09d5d364986f724f17001ccfe4126b9b43a0be Mon Sep 17 00:00:00 2001 +From: Samuel Thibault <samuel.thibault@ens-lyon.org> +Date: Sun, 29 Jan 2023 16:17:40 +0100 +Subject: [PATCH] fbcon: Check font dimension limits + +blit_x and blit_y are u32, so fbcon currently cannot support fonts +larger than 32x32. + +The 32x32 case also needs shifting an unsigned int, to properly set bit +31, otherwise we get "UBSAN: shift-out-of-bounds in fbcon_set_font", +as reported on: + +http://lore.kernel.org/all/IA1PR07MB98308653E259A6F2CE94A4AFABCE9@IA1PR07MB9830.namprd07.prod.outlook.com +Kernel Branch: 6.2.0-rc5-next-20230124 +Kernel config: https://drive.google.com/file/d/1F-LszDAizEEH0ZX0HcSR06v5q8FPl2Uv/view?usp=sharing +Reproducer: https://drive.google.com/file/d/1mP1jcLBY7vWCNM60OMf-ogw-urQRjNrm/view?usp=sharing + +Reported-by: Sanan Hasanov <sanan.hasanov@Knights.ucf.edu> +Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> +Fixes: 2d2699d98492 ("fbcon: font setting should check limitation of driver") +Cc: stable@vger.kernel.org +Tested-by: Miko Larsson <mikoxyzzz@gmail.com> +Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Signed-off-by: Helge Deller <deller@gmx.de> +--- + drivers/video/fbdev/core/fbcon.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c +index 22bb3892f6bd..74f508ec8d4c 100644 +--- a/drivers/video/fbdev/core/fbcon.c ++++ b/drivers/video/fbdev/core/fbcon.c +@@ -2434,11 +2434,13 @@ static int fbcon_set_font(struct vc_data *vc, struct console_font *font, + * If not this check should be changed to charcount < 256 */ + if (charcount != 256 && charcount != 512) + return -EINVAL; ++ if (font->width > 32 || font->height > 32) ++ return -EINVAL; + + /* Make sure drawing engine can handle the font */ +- if (!(info->pixmap.blit_x & (1 << (font->width - 1))) || +- !(info->pixmap.blit_y & (1 << (font->height - 1)))) +- return -EINVAL; ++ if (!(info->pixmap.blit_x & BIT(font->width - 1)) || ++ !(info->pixmap.blit_y & BIT(font->height - 1))) ++ return -EINVAL; + + /* Make sure driver can handle the font length */ + if (fbcon_invalid_charcount(info, charcount)) +-- +2.34.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3355.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3355.patch new file mode 100644 index 000000000..c09b3c5d8 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3355.patch @@ -0,0 +1,36 @@ +From d839f0811a31322c087a859c2b181e2383daa7be Mon Sep 17 00:00:00 2001 +From: Jiasheng Jiang <jiasheng@iscas.ac.cn> +Date: Mon, 12 Dec 2022 17:11:17 +0800 +Subject: drm/msm/gem: Add check for kmalloc + +Add the check for the return value of kmalloc in order to avoid +NULL pointer dereference in copy_from_user. + +Fixes: 20224d715a88 ("drm/msm/submit: Move copy_from_user ahead of locking bos") +Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> +Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> +Patchwork: https://patchwork.freedesktop.org/patch/514678/ +Link: https://lore.kernel.org/r/20221212091117.43511-1-jiasheng@iscas.ac.cn +Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> +--- + drivers/gpu/drm/msm/msm_gem_submit.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/drivers/gpu/drm/msm/msm_gem_submit.c b/drivers/gpu/drm/msm/msm_gem_submit.c +index 45a3e5cadc7da..7c2cc1262c05d 100644 +--- a/drivers/gpu/drm/msm/msm_gem_submit.c ++++ b/drivers/gpu/drm/msm/msm_gem_submit.c +@@ -209,6 +209,10 @@ static int submit_lookup_cmds(struct msm_gem_submit *submit, + goto out; + } + submit->cmd[i].relocs = kmalloc(sz, GFP_KERNEL); ++ if (!submit->cmd[i].relocs) { ++ ret = -ENOMEM; ++ goto out; ++ } + ret = copy_from_user(submit->cmd[i].relocs, userptr, sz); + if (ret) { + ret = -EFAULT; +-- +cgit + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3357.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3357.patch new file mode 100644 index 000000000..722b71f3a --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2023-3357.patch @@ -0,0 +1,35 @@ +From 53ffa6a9f83b2170c60591da1ead8791d5a42e81 Mon Sep 17 00:00:00 2001 +From: Jiasheng Jiang <jiasheng@iscas.ac.cn> +Date: Tue, 20 Dec 2022 10:49:21 +0800 +Subject: HID: amd_sfh: Add missing check for dma_alloc_coherent + +Add check for the return value of the dma_alloc_coherent since +it may return NULL pointer if allocation fails. + +Fixes: 4b2c53d93a4b ("SFH:Transport Driver to add support of AMD Sensor Fusion Hub (SFH)") +Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> +Acked-by: Basavaraj Natikar <Basavaraj.Natikar@amd.com> +Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> +Link: https://lore.kernel.org/r/20221220024921.21992-1-jiasheng@iscas.ac.cn +--- + drivers/hid/amd-sfh-hid/amd_sfh_client.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/drivers/hid/amd-sfh-hid/amd_sfh_client.c b/drivers/hid/amd-sfh-hid/amd_sfh_client.c +index 8275bba636119..ab125f79408f2 100644 +--- a/drivers/hid/amd-sfh-hid/amd_sfh_client.c ++++ b/drivers/hid/amd-sfh-hid/amd_sfh_client.c +@@ -237,6 +237,10 @@ int amd_sfh_hid_client_init(struct amd_mp2_dev *privdata) + in_data->sensor_virt_addr[i] = dma_alloc_coherent(dev, sizeof(int) * 8, + &cl_data->sensor_dma_addr[i], + GFP_KERNEL); ++ if (!in_data->sensor_virt_addr[i]) { ++ rc = -ENOMEM; ++ goto cleanup; ++ } + cl_data->sensor_sts[i] = SENSOR_DISABLED; + cl_data->sensor_requested_cnt[i] = 0; + cl_data->cur_hid_dev = i; +-- +cgit + diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend index b3b22b408..54ddf246e 100644 --- a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed_%.bbappend @@ -68,6 +68,11 @@ SRC_URI += " \ file://0005-ext4-add-EXT4_INODE_HAS_XATTR_SPACE-macro-in-xattr-h.patch \ file://CVE-2023-2513.patch \ file://CVE-2023-2269.patch \ + file://CVE-2023-2156.patch \ + file://CVE-2023-3355.patch \ + file://CVE-2023-3357.patch \ + file://CVE-2022-3566.patch \ + file://CVE-2023-3161.patch \ " SRC_URI += "${@bb.utils.contains('IMAGE_FSTYPES', 'intel-pfr', 'file://1000-128MB-flashmap-for-PFR.patch', '', d)}" SRC_URI += "${@bb.utils.contains('EXTRA_IMAGE_FEATURES', 'debug-tweaks', 'file://debug.cfg', '', d)}" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd/0002-Add-rate-limiting.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd/0002-Add-rate-limiting.patch new file mode 100644 index 000000000..407ea8bbf --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd/0002-Add-rate-limiting.patch @@ -0,0 +1,287 @@ +From 0a8ecbadb73d597da114d77853793e8642102de9 Mon Sep 17 00:00:00 2001 +From: Jonathan Doman <jonathan.doman@intel.com> +Date: Wed, 26 Apr 2023 11:45:39 -0700 +Subject: [PATCH] Add rate limiting + +A host CPU can write POST codes much faster than the BMC can handle +them, considering all the D-Bus/IPC work required. Ideally `dbus-broker` +would apply backpressure when it gets full of unhandled signals, but its +quota mechanism uses a simple per-user accounting that doesn't +differentiate between all the connections from OpenBMC daemons running +as root. So there is no way to configure it to prevent just `snoopd` +from sending too many messages - instead it will disconnect arbitrary +services leading to mass chaos. + +So without a D-Bus policy mechanism to prevent excess memory usage, +there are 2 different failure cases during a POST code storm: +1. `snoopd` continues to send messages faster than `post-code-manager` + can process them, leading to `dbus-broker` consuming all the system + memory. +2. `snoopd` fills up the D-Bus socket buffer. Once sd-bus fails to send + a message across the socket, it starts queuing messages internally + leading to `snoopd` consuming all the system memory. This only + happens because we get stuck in the `snoopd` read loop during a POST + code storm, and we don't process other events that would allow the + write queue to drain. + +As a workaround, introduce configurable rate limiting to `snoopd`. A new +meson option 'rate-limit' sets the corresponding '--rate-limit' +command-line parameter. These options take an integer value representing +the maximum number of POST codes to process per second. The default +meson option value is 1000, and the value of 0 will disable rate limiting. + +Tested: Ran the POST code stress on host for 30 minutes: +``` +[root@sut ~]# stress-ng --ioport 2 +``` + +Watched BMC process memory usage and CPU usage in `top`, verified that +`post-code-manager`, `dbus-broker`, and `snoopd` each used less than 10% +CPU and 2% memory on AST2600 with 512 MiB of DRAM. + +Change-Id: If03a01e0cd62366d188109bb4dff52958346e1db +Signed-off-by: Jonathan Doman <jonathan.doman@intel.com> +--- + lpcsnoop/snoop.hpp | 1 + + main.cpp | 109 +++++++++++++++++++++++++++++++++++++++++---- + meson.build | 5 +++ + meson_options.txt | 8 ++++ + 4 files changed, 115 insertions(+), 8 deletions(-) + +diff --git a/lpcsnoop/snoop.hpp b/lpcsnoop/snoop.hpp +index 68d51b4..c66e421 100644 +--- a/lpcsnoop/snoop.hpp ++++ b/lpcsnoop/snoop.hpp +@@ -24,4 +24,5 @@ class PostReporter : public PostObject + PostObject(bus, objPath, defer) + { + } ++ unsigned int rateLimit = 0; + }; +diff --git a/main.cpp b/main.cpp +index 764c855..11310ba 100644 +--- a/main.cpp ++++ b/main.cpp +@@ -23,6 +23,7 @@ + #include <systemd/sd-event.h> + #include <unistd.h> + ++#include <chrono> + #include <cstdint> + #include <exception> + #include <iostream> +@@ -31,10 +32,13 @@ + #include <sdeventplus/source/event.hpp> + #include <sdeventplus/source/io.hpp> + #include <sdeventplus/source/signal.hpp> ++#include <sdeventplus/source/time.hpp> ++#include <span> + #include <stdplus/signal.hpp> + #include <thread> + + static size_t codeSize = 1; /* Size of each POST code in bytes */ ++static bool verbose = false; + + static void usage(const char* name) + { +@@ -47,15 +51,76 @@ static void usage(const char* name) + name, codeSize); + } + ++/** ++ * Call once for each POST code received. If the number of POST codes exceeds ++ * the configured rate limit, this function will disable the snoop device IO ++ * source until the end of the 1 second interval, then re-enable it. ++ * ++ * @return Whether the rate limit is exceeded. ++ */ ++bool rateLimit(PostReporter& reporter, sdeventplus::source::IO& ioSource) ++{ ++ if (reporter.rateLimit == 0) ++ { ++ // Rate limiting is disabled. ++ return false; ++ } ++ ++ using Clock = sdeventplus::Clock<sdeventplus::ClockId::Monotonic>; ++ ++ static constexpr std::chrono::seconds rateLimitInterval(1); ++ static unsigned int rateLimitCount = 0; ++ static Clock::time_point rateLimitEndTime; ++ ++ const sdeventplus::Event& event = ioSource.get_event(); ++ ++ if (rateLimitCount == 0) ++ { ++ // Initialize the end time when we start a new interval ++ rateLimitEndTime = Clock(event).now() + rateLimitInterval; ++ } ++ ++ if (++rateLimitCount < reporter.rateLimit) ++ { ++ return false; ++ } ++ ++ rateLimitCount = 0; ++ ++ if (rateLimitEndTime < Clock(event).now()) ++ { ++ return false; ++ } ++ ++ if (verbose) ++ { ++ fprintf(stderr, "Hit POST code rate limit - disabling temporarily\n"); ++ } ++ ++ ioSource.set_enabled(sdeventplus::source::Enabled::Off); ++ sdeventplus::source::Time<sdeventplus::ClockId::Monotonic>( ++ event, rateLimitEndTime, std::chrono::milliseconds(100), ++ [&ioSource](auto&, auto) { ++ if (verbose) ++ { ++ fprintf(stderr, "Reenabling POST code handler\n"); ++ } ++ ioSource.set_enabled(sdeventplus::source::Enabled::On); ++ }) ++ .set_floating(true); ++ return true; ++} ++ + /* + * Callback handling IO event from the POST code fd. i.e. there is new + * POST code available to read. + */ +-void PostCodeEventHandler(sdeventplus::source::IO& s, int postFd, uint32_t, +- PostReporter* reporter, bool verbose) ++void PostCodeEventHandler(PostReporter* reporter, sdeventplus::source::IO& s, ++ int postFd, uint32_t) + { + uint64_t code = 0; + ssize_t readb; ++ + while ((readb = read(postFd, &code, codeSize)) > 0) + { + code = le64toh(code); +@@ -72,6 +137,11 @@ void PostCodeEventHandler(sdeventplus::source::IO& s, int postFd, uint32_t, + // read depends on old data being cleared since it doens't always read + // the full code size + code = 0; ++ ++ if (rateLimit(*reporter, s)) ++ { ++ return; ++ } + } + + if (readb < 0 && (errno == EAGAIN || errno == EWOULDBLOCK)) +@@ -103,6 +173,7 @@ int main(int argc, char* argv[]) + int rc = 0; + int opt; + int postFd = -1; ++ unsigned int rateLimit = 0; + + /* + * These string constants are only used in this method within this object +@@ -115,18 +186,19 @@ int main(int argc, char* argv[]) + const char* snoopDbus = SNOOP_BUSNAME; + + bool deferSignals = true; +- bool verbose = false; + + // clang-format off + static const struct option long_options[] = { + {"bytes", required_argument, NULL, 'b'}, + {"device", optional_argument, NULL, 'd'}, ++ {"rate-limit", optional_argument, NULL, 'r'}, + {"verbose", no_argument, NULL, 'v'}, + {0, 0, 0, 0} + }; + // clang-format on + +- while ((opt = getopt_long(argc, argv, "b:d:v", long_options, NULL)) != -1) ++ while ((opt = getopt_long(argc, argv, "h:b:d:r:v", long_options, NULL)) != ++ -1) + { + switch (opt) + { +@@ -153,6 +225,28 @@ int main(int argc, char* argv[]) + } + + break; ++ case 'r': { ++ int argVal = -1; ++ try ++ { ++ argVal = std::stoi(optarg); ++ } ++ catch (...) ++ { ++ } ++ ++ if (argVal < 1) ++ { ++ fprintf(stderr, "Invalid rate limit '%s'. Must be >= 1.\n", ++ optarg); ++ return EXIT_FAILURE; ++ } ++ ++ rateLimit = static_cast<unsigned int>(argVal); ++ fprintf(stderr, "Rate limiting to %d POST codes per second.\n", ++ argVal); ++ break; ++ } + case 'v': + verbose = true; + break; +@@ -178,11 +272,10 @@ int main(int argc, char* argv[]) + std::optional<sdeventplus::source::IO> reporterSource; + if (postFd > 0) + { ++ reporter.rateLimit = rateLimit; + reporterSource.emplace( +- event, postFd, EPOLLIN | EPOLLET, +- std::bind(PostCodeEventHandler, std::placeholders::_1, +- std::placeholders::_2, std::placeholders::_3, +- &reporter, verbose)); ++ event, postFd, EPOLLIN, ++ std::bind_front(PostCodeEventHandler, &reporter)); + } + // Enable bus to handle incoming IO and bus events + bus.attach_event(event.get(), SD_EVENT_PRIORITY_NORMAL); +diff --git a/meson.build b/meson.build +index 2bafd48..f54ee8c 100644 +--- a/meson.build ++++ b/meson.build +@@ -27,7 +27,12 @@ conf_data.set('SYSTEMD_TARGET', get_option('systemd-target')) + snoopd_args = '-b ' + get_option('post-code-bytes').to_string() + if get_option('snoop-device') != '' + snoopd_args += ' -d /dev/' + get_option('snoop-device') ++ rate_limit = get_option('rate-limit') ++ if rate_limit > 0 ++ snoopd_args += ' --rate-limit=' + rate_limit.to_string() ++ endif + endif ++ + conf_data.set('SNOOPD_ARGS', snoopd_args) + + configure_file( +diff --git a/meson_options.txt b/meson_options.txt +index 763c73e..da151e1 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -20,3 +20,11 @@ option( + option( + 'tests', type: 'feature', description: 'Build tests.', + ) ++option( ++ 'rate-limit', ++ description: 'Maximum number of POST codes to read from snoop device every' ++ + 'second. Value of 0 disables rate limiting.', ++ type: 'integer', ++ min: 0, ++ value: 1000 ++) +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend index 893f410e8..f21e386bd 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/host/phosphor-host-postd_%.bbappend @@ -7,3 +7,4 @@ DEPENDS += " gtest" SRCREV = "6a5e0a1cba979c3c793e794c41481221da9a4e33" SRC_URI += "file://0001-Avoid-negated-postcode-write-to-D-Bus.patch" +SRC_URI += "file://0002-Add-rate-limiting.patch" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0037-Fix-certificate-replacement-URI-response-error-code.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0037-Fix-certificate-replacement-URI-response-error-code.patch new file mode 100644 index 000000000..3d8312961 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/0037-Fix-certificate-replacement-URI-response-error-code.patch @@ -0,0 +1,35 @@ +From 966c2c347b3ab96bcedd362b690e66f39802b660 Mon Sep 17 00:00:00 2001 +From: Manish Baing <manish.baing@intel.com> +Date: Thu, 10 Aug 2023 05:48:48 +0000 +Subject: [PATCH] Fix certificate replacement URI response error code + + +We get 500 Internal Server Error when we try to replace certificate +without providing certificate but expected response is 400 +So fixed the issue by checking for json (body) content before looking +for specific keys and identifying it as 500 Internal Server Error. + +Tested: +Response for attempt to replace certificate without providing +certificate is now 400 (Bad Request response) + +Signed-off-by: Manish Baing <manish.baing@intel.com> +--- + redfish-core/lib/certificate_service.hpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp +index f0891771..fd4836bd 100644 +--- a/redfish-core/lib/certificate_service.hpp ++++ b/redfish-core/lib/certificate_service.hpp +@@ -691,7 +691,6 @@ inline void requestRoutesCertificateActionsReplaceCertificate(App& app) + certificateType)) + { + BMCWEB_LOG_ERROR << "Required parameters are missing"; +- messages::internalError(asyncResp->res); + return; + } + +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend index e3bed9eb0..8db6f9c7c 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb_%.bbappend @@ -32,6 +32,7 @@ SRC_URI += "file://0001-Firmware-update-configuration-changes.patch \ file://0034-Update-odata.type-version-of-redfish-v1-AccountService.patch \ file://0035-Add-MemoryMetrics-schema-file.patch \ file://0036-PCIeFunctions-not-showing-in-Redfish.patch \ + file://0037-Fix-certificate-replacement-URI-response-error-code.patch \ " # OOB Bios Config: diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/pmci/pldmd.bb b/meta-openbmc-mods/meta-common/recipes-phosphor/pmci/pldmd.bb index 2ef0b4e95..a1f3e00c6 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/pmci/pldmd.bb +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/pmci/pldmd.bb @@ -5,7 +5,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" SRC_URI += "git://git@github.com/Intel-BMC/pldmd.git;protocol=ssh;branch=1-release" -SRCREV = "2c3522ec89828d5abed265b4f460e77b4c580ae4" +SRCREV = "49d1cf2c4c581b9f860af826ef7c044ac12b8591" S = "${WORKDIR}/git" diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager/0001-Use-binary-serialization-instead-of-JSON.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager/0001-Use-binary-serialization-instead-of-JSON.patch new file mode 100644 index 000000000..91992e260 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager/0001-Use-binary-serialization-instead-of-JSON.patch @@ -0,0 +1,104 @@ +From 3f362d5e15dd3c20d1026bd814fe52b9793025e5 Mon Sep 17 00:00:00 2001 +From: Jonathan Doman <jonathan.doman@intel.com> +Date: Wed, 23 Nov 2022 15:04:17 -0800 +Subject: [PATCH 1/2] Use binary serialization instead of JSON + +The binary format is much more efficient than JSON in terms of +computational speed and disk space consumption. The former is important +in case the host is sending a constant stream of POST codes. +post-code-manager can fall behind because it takes too long to store +each new POST code on disk, causing D-Bus messages to pile up and +increase memory consumption inside dbus-broker. + +Tested: +Rebooted the host a few times and observed that POST code history is +populated normally in Redfish. After upgrading to this change, old POST +code history stored in JSON format is lost, but remains on disk until it +gets overwritten during subsequent host boots. + +Signed-off-by: Jonathan Doman <jonathan.doman@intel.com> +Change-Id: Id55909a55d950e6e62b78b3333df687b4c582c42 +Signed-off-by: Manish Baing <manish.baing@intel.com> +--- + inc/post_code.hpp | 6 ------ + src/post_code.cpp | 17 ++++++++++++----- + 2 files changed, 12 insertions(+), 11 deletions(-) + +diff --git a/inc/post_code.hpp b/inc/post_code.hpp +index be800f2..3d790b8 100644 +--- a/inc/post_code.hpp ++++ b/inc/post_code.hpp +@@ -18,12 +18,6 @@ + #include <fcntl.h> + #include <unistd.h> + +-#include <cereal/access.hpp> +-#include <cereal/archives/json.hpp> +-#include <cereal/cereal.hpp> +-#include <cereal/types/map.hpp> +-#include <cereal/types/tuple.hpp> +-#include <cereal/types/vector.hpp> + #include <chrono> + #include <filesystem> + #include <fstream> +diff --git a/src/post_code.cpp b/src/post_code.cpp +index 1fcbe55..dfe6ce7 100644 +--- a/src/post_code.cpp ++++ b/src/post_code.cpp +@@ -17,6 +17,13 @@ + + #include "iomanip" + ++#include <cereal/access.hpp> ++#include <cereal/archives/binary.hpp> ++#include <cereal/cereal.hpp> ++#include <cereal/types/map.hpp> ++#include <cereal/types/tuple.hpp> ++#include <cereal/types/vector.hpp> ++ + PostCodeDataHolder* PostCodeDataHolder::instance = 0; + + void PostCode::deleteAll() +@@ -129,18 +136,18 @@ fs::path PostCode::serialize(const std::string& path) + { + fs::path idxPath(path + strCurrentBootCycleIndexName); + std::ofstream osIdx(idxPath.c_str(), std::ios::binary); +- cereal::JSONOutputArchive idxArchive(osIdx); ++ cereal::BinaryOutputArchive idxArchive(osIdx); + idxArchive(currentBootCycleIndex); + + uint16_t count = currentBootCycleCount(); + fs::path cntPath(path + strCurrentBootCycleCountName); + std::ofstream osCnt(cntPath.c_str(), std::ios::binary); +- cereal::JSONOutputArchive cntArchive(osCnt); ++ cereal::BinaryOutputArchive cntArchive(osCnt); + cntArchive(count); + + std::ofstream osPostCodes( + (path + std::to_string(currentBootCycleIndex))); +- cereal::JSONOutputArchive oarchivePostCodes(osPostCodes); ++ cereal::BinaryOutputArchive oarchivePostCodes(osPostCodes); + oarchivePostCodes(postCodes); + } + catch (const cereal::Exception& e) +@@ -163,7 +170,7 @@ bool PostCode::deserialize(const fs::path& path, uint16_t& index) + if (fs::exists(path)) + { + std::ifstream is(path.c_str(), std::ios::in | std::ios::binary); +- cereal::JSONInputArchive iarchive(is); ++ cereal::BinaryInputArchive iarchive(is); + iarchive(index); + return true; + } +@@ -190,7 +197,7 @@ bool PostCode::deserializePostCodes(const fs::path& path, + if (fs::exists(path)) + { + std::ifstream is(path.c_str(), std::ios::in | std::ios::binary); +- cereal::JSONInputArchive iarchive(is); ++ cereal::BinaryInputArchive iarchive(is); + iarchive(codes); + return true; + } +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager/0002-Max-post-code-file-size-per-cycle-setting.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager/0002-Max-post-code-file-size-per-cycle-setting.patch new file mode 100644 index 000000000..679712d54 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager/0002-Max-post-code-file-size-per-cycle-setting.patch @@ -0,0 +1,63 @@ +From 4415432e32ac8cbc6ec59815a9b9893c2d832c07 Mon Sep 17 00:00:00 2001 +From: Bonnie Lo <Bonnie_Lo@wiwynn.com> +Date: Thu, 27 Oct 2022 17:14:55 +0800 +Subject: [PATCH 2/2] Max post code file size per cycle setting + +Let user could set POST code file size per cycle + +The default size is 512 counts + +Reason: +BMC may crash caused by nonstop saving POST code when BIOS has +some unusual behavior like PXE loop +Thus, BMC should set a limit size to prevent this risk + +Test Case: +Manually send POST code to check the POST code file rotation + +Signed-off-by: Bonnie Lo <Bonnie_Lo@wiwynn.com> +Change-Id: Ic7fbafe532a79123e6ae880a8a3506f9c397d933 +--- + meson.build | 1 + + meson_options.txt | 1 + + src/post_code.cpp | 4 ++++ + 3 files changed, 6 insertions(+) + +diff --git a/meson.build b/meson.build +index 2c44f72..632e07e 100644 +--- a/meson.build ++++ b/meson.build +@@ -16,6 +16,7 @@ conf_data = configuration_data() + conf_data.set_quoted('DBUS_OBJECT_NAME', '/xyz/openbmc_project/State/Boot/PostCode0') + conf_data.set_quoted('DBUS_INTF_NAME','xyz.openbmc_project.State.Boot.PostCode') + conf_data.set('MAX_BOOT_CYCLE_COUNT',get_option('max-boot-cycle-count')) ++conf_data.set('MAX_POST_CODE_SIZE_PER_CYCLE',get_option('max-post-code-size-per-cycle')) + + if get_option('bios-post-code-log').enabled() + add_project_arguments('-DENABLE_BIOS_POST_CODE_LOG',language: 'cpp') +diff --git a/meson_options.txt b/meson_options.txt +index c3d63fd..d877b97 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -1,2 +1,3 @@ + option('max-boot-cycle-count', type:'integer', min:1, max: 100, description: 'Maximum boot cycles for which the post codes should be persisted', value:100) + option('bios-post-code-log', type:'feature',description:'bios post code log',value:'disabled') ++option('max-post-code-size-per-cycle', type:'integer', min:64, max: 1024, description: 'Maximum post code file size per cycle', value:512) +diff --git a/src/post_code.cpp b/src/post_code.cpp +index dfe6ce7..8411718 100644 +--- a/src/post_code.cpp ++++ b/src/post_code.cpp +@@ -102,6 +102,10 @@ void PostCode::savePostCodes(postcode_t code) + } + + postCodes.insert(std::make_pair(tsUS, code)); ++ if (postCodes.size() > MAX_POST_CODE_SIZE_PER_CYCLE) ++ { ++ postCodes.erase(postCodes.begin()); ++ } + serialize(fs::path(strPostCodeListPath)); + + #ifdef ENABLE_BIOS_POST_CODE_LOG +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager_git.bbappend b/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager_git.bbappend index f17d24806..3e52f6bde 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager_git.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/state/phosphor-post-code-manager_git.bbappend @@ -1,2 +1,10 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" +PROJECT_SRC_DIR := "${THISDIR}/${PN}" + #SRC_URI = "git://github.com/openbmc/phosphor-post-code-manager.git" SRCREV = "987f91a6536e0330799cc5f4e54740c4023b5ef0" + +SRC_URI += "file://0001-Use-binary-serialization-instead-of-JSON.patch" +SRC_URI += "file://0002-Max-post-code-file-size-per-cycle-setting.patch" + + diff --git a/meta-openbmc-mods/meta-common/recipes-support/curl/curl_8.1.0.bb b/meta-openbmc-mods/meta-common/recipes-support/curl/curl_8.2.0.bb index 0efd0de5c..69597440f 100644 --- a/meta-openbmc-mods/meta-common/recipes-support/curl/curl_8.1.0.bb +++ b/meta-openbmc-mods/meta-common/recipes-support/curl/curl_8.2.0.bb @@ -14,7 +14,7 @@ SRC_URI = " \ file://run-ptest \ file://disable-tests \ " -SRC_URI[sha256sum] = "6bd80ad4f07187015911216ee7185b90d285ac5162aed1bded144f9f93232a3c" +SRC_URI[sha256sum] = "2859ec79e2cd96e976a99493547359b8001af1d1e21f3a3a3b846544ef54500f" # Curl has used many names over the years... CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" |