diff options
Diffstat (limited to 'poky/meta/recipes-bsp')
-rw-r--r-- | poky/meta/recipes-bsp/grub/files/6643507ce30f775008e093580f0c9499dfb2c485.patch | 47 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch | 2 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/grub/files/determinism.patch | 56 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/grub/grub2.inc | 2 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/opensbi/opensbi_0.9.bb (renamed from poky/meta/recipes-bsp/opensbi/opensbi_0.8.bb) | 2 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/u-boot/u-boot-common.inc | 2 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/u-boot/u-boot-tools.inc | 15 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/u-boot/u-boot-tools_2021.01.bb (renamed from poky/meta/recipes-bsp/u-boot/u-boot-tools_2020.10.bb) | 0 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/u-boot/u-boot_2020.10.bb | 5 | ||||
-rw-r--r-- | poky/meta/recipes-bsp/u-boot/u-boot_2021.01.bb | 4 |
10 files changed, 127 insertions, 8 deletions
diff --git a/poky/meta/recipes-bsp/grub/files/6643507ce30f775008e093580f0c9499dfb2c485.patch b/poky/meta/recipes-bsp/grub/files/6643507ce30f775008e093580f0c9499dfb2c485.patch new file mode 100644 index 000000000..8aa209144 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/6643507ce30f775008e093580f0c9499dfb2c485.patch @@ -0,0 +1,47 @@ +From 6643507ce30f775008e093580f0c9499dfb2c485 Mon Sep 17 00:00:00 2001 +From: Simon Hardy <simon.hardy@itdev.co.uk> +Date: Tue, 24 Mar 2020 13:29:12 +0000 +Subject: build: Fix GRUB i386-pc build with Ubuntu gcc + +With recent versions of gcc on Ubuntu a very large lzma_decompress.img file is +output. (e.g. 134479600 bytes instead of 2864.) This causes grub-mkimage to +fail with: "error: Decompressor is too big." + +This seems to be caused by a section .note.gnu.property that is placed at an +offset such that objcopy needs to pad the img file with zeros. + +This issue is present on: +Ubuntu 19.10 with gcc (Ubuntu 8.3.0-26ubuntu1~19.10) 8.3.0 +Ubuntu 19.10 with gcc (Ubuntu 9.2.1-9ubuntu2) 9.2.1 20191008 + +This issue is not present on: +Ubuntu 19.10 with gcc (Ubuntu 7.5.0-3ubuntu1~19.10) 7.5.0 +RHEL 8.0 with gcc 8.3.1 20190507 (Red Hat 8.3.1-4) + +The issue can be fixed by removing the section using objcopy as shown in +this patch. + +Signed-off-by: Simon Hardy <simon.hardy@itdev.co.uk> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> +--- + gentpl.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Upstream-Status: Backport + +diff --git a/gentpl.py b/gentpl.py +index 387588c05..c86550d4f 100644 +--- a/gentpl.py ++++ b/gentpl.py +@@ -766,7 +766,7 @@ def image(defn, platform): + if test x$(TARGET_APPLE_LINKER) = x1; then \ + $(MACHO2IMG) $< $@; \ + else \ +- $(TARGET_OBJCOPY) $(""" + cname(defn) + """_OBJCOPYFLAGS) --strip-unneeded -R .note -R .comment -R .note.gnu.build-id -R .MIPS.abiflags -R .reginfo -R .rel.dyn -R .note.gnu.gold-version -R .ARM.exidx $< $@; \ ++ $(TARGET_OBJCOPY) $(""" + cname(defn) + """_OBJCOPYFLAGS) --strip-unneeded -R .note -R .comment -R .note.gnu.build-id -R .MIPS.abiflags -R .reginfo -R .rel.dyn -R .note.gnu.gold-version -R .note.gnu.property -R .ARM.exidx $< $@; \ + fi + """) + +-- +cgit v1.2.1 + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch index 896a2145d..7214ead9a 100644 --- a/poky/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch @@ -30,7 +30,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> Upstream-Status: Backport -CVE: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 +CVE: CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 Reference to upstream patch: https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3f05d693d1274965ffbe4ba99080dc2c570944c6 diff --git a/poky/meta/recipes-bsp/grub/files/determinism.patch b/poky/meta/recipes-bsp/grub/files/determinism.patch new file mode 100644 index 000000000..3c1f562c7 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/determinism.patch @@ -0,0 +1,56 @@ +The output in moddep.lst generated from syminfo.lst using genmoddep.awk is +not deterministic since the order of the dependencies on each line can vary +depending on how awk sorts the values in the array. + +Be deterministic in the output by sorting the dependencies on each line. + +Also, the output of the SOURCES lines in grub-core/Makefile.core.am, generated +from grub-core/Makefile.core.def with gentpl.py is not deterministic due to +missing sorting of the list used to generate it. Add such a sort. + +Also ensure the generated unidata.c file is deterministic by sorting the +keys of the dict. + +Upstream-Status: Pending +Richard Purdie <richard.purdie@linuxfoundation.org> + +Index: grub-2.04/grub-core/genmoddep.awk +=================================================================== +--- grub-2.04.orig/grub-core/genmoddep.awk ++++ grub-2.04/grub-core/genmoddep.awk +@@ -59,7 +59,9 @@ END { + } + modlist = "" + depcount[mod] = 0 +- for (depmod in uniqmods) { ++ n = asorti(uniqmods, w) ++ for (i = 1; i <= n; i++) { ++ depmod = w[i] + modlist = modlist " " depmod; + inverse_dependencies[depmod] = inverse_dependencies[depmod] " " mod + depcount[mod]++ +Index: grub-2.04/gentpl.py +=================================================================== +--- grub-2.04.orig/gentpl.py ++++ grub-2.04/gentpl.py +@@ -568,6 +568,7 @@ def foreach_platform_value(defn, platfor + for group in RMAP[platform]: + for value in defn.find_all(group + suffix): + r.append(closure(value)) ++ r.sort() + return ''.join(r) + + def platform_conditional(platform, closure): +Index: grub-2.04/util/import_unicode.py +=================================================================== +--- grub-2.04.orig/util/import_unicode.py ++++ grub-2.04/util/import_unicode.py +@@ -174,7 +174,7 @@ infile.close () + + outfile.write ("struct grub_unicode_arabic_shape grub_unicode_arabic_shapes[] = {\n ") + +-for x in arabicsubst: ++for x in sorted(arabicsubst): + try: + if arabicsubst[x]['join'] == "DUAL": + outfile.write ("{0x%x, 0x%x, 0x%x, 0x%x, 0x%x},\n " % (arabicsubst[x][0], arabicsubst[x][1], arabicsubst[x][2], arabicsubst[x][3], arabicsubst[x][4])) diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc index d02010360..f870d41f6 100644 --- a/poky/meta/recipes-bsp/grub/grub2.inc +++ b/poky/meta/recipes-bsp/grub/grub2.inc @@ -27,6 +27,8 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://script-Remove-unused-fields-from-grub_script_functio.patch \ file://CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch \ file://CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch \ + file://6643507ce30f775008e093580f0c9499dfb2c485.patch \ + file://determinism.patch \ " SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934" SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea" diff --git a/poky/meta/recipes-bsp/opensbi/opensbi_0.8.bb b/poky/meta/recipes-bsp/opensbi/opensbi_0.9.bb index 818efac73..9f17258ed 100644 --- a/poky/meta/recipes-bsp/opensbi/opensbi_0.8.bb +++ b/poky/meta/recipes-bsp/opensbi/opensbi_0.9.bb @@ -7,7 +7,7 @@ require opensbi-payloads.inc inherit autotools-brokensep deploy -SRCREV = "a98258d0b537a295f517bbc8d813007336731fa9" +SRCREV = "234ed8e427f4d92903123199f6590d144e0d9351" SRC_URI = "git://github.com/riscv/opensbi.git;branch=master \ file://0001-Makefile-Don-t-specify-mabi-or-march.patch \ " diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc index cbce408a2..5a8035f43 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc +++ b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc @@ -12,7 +12,7 @@ PE = "1" # We use the revision in order to avoid having to fetch it from the # repo during parse -SRCREV = "050acee119b3757fee3bd128f55d720fdd9bb890" +SRCREV = "c4fddedc48f336eabc4ce3f74940e6aa372de18c" SRC_URI = "git://git.denx.de/u-boot.git \ " diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools.inc b/poky/meta/recipes-bsp/u-boot/u-boot-tools.inc index 8ae290acc..4ed936a70 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-tools.inc +++ b/poky/meta/recipes-bsp/u-boot/u-boot-tools.inc @@ -23,6 +23,21 @@ SED_CONFIG_EFI_armeb = '' SED_CONFIG_EFI_aarch64 = '' do_compile () { + # Yes, this is crazy. If you build on a system with git < 2.14 from scratch, the tree will + # be marked as "dirty" and the version will include "-dirty", leading to a reproducibility problem. + # The issue is the inode count for Licnses/README changing due to do_populate_lic hardlinking a + # copy of the file. We avoid this by ensuring the index is updated with a "git diff" before the + # u-boot machinery tries to determine the version. + # + # build$ ../git/scripts/setlocalversion ../git + # "" + # build$ ln ../git/ + # build$ ln ../git/README ../foo + # build$ ../git/scripts/setlocalversion ../git + # ""-dirty + # (i.e. creating a hardlink dirties the index) + cd ${S}; git diff; cd ${B} + oe_runmake -C ${S} sandbox_defconfig O=${B} # Disable CONFIG_CMD_LICENSE, license.h is not used by tools and diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2020.10.bb b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2021.01.bb index ef386f76e..ef386f76e 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2020.10.bb +++ b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2021.01.bb diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2020.10.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2020.10.bb deleted file mode 100644 index 4f5b3e5df..000000000 --- a/poky/meta/recipes-bsp/u-boot/u-boot_2020.10.bb +++ /dev/null @@ -1,5 +0,0 @@ -require u-boot-common.inc -require u-boot.inc - -DEPENDS += "bc-native dtc-native" - diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2021.01.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2021.01.bb new file mode 100644 index 000000000..2eef1e900 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/u-boot_2021.01.bb @@ -0,0 +1,4 @@ +require u-boot-common.inc +require u-boot.inc + +DEPENDS += "bc-native dtc-native python3-setuptools-native" |