diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2022-08-22 23:46:06 +0300 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2022-08-22 23:46:57 +0300 |
| commit | 53fdac2b0aee16e297ce86b473c56547ff1330ac (patch) | |
| tree | 2bee75c38a2f8a1c8e1ff5d629a0defab197113f | |
| parent | cb2a94c39eddda6e0df65f98fff97cce711c9134 (diff) | |
| download | openbmc-53fdac2b0aee16e297ce86b473c56547ff1330ac.tar.xz | |
subtree updates
poky: e4b5c35fd4..387ab5f18b:
Alex Kiernan (2):
bind: Remove legacy python3 PACKAGECONFIG code
openssh: Add openssh-sftp-server to openssh RDEPENDS
Alexander Kanavin (16):
gnupg: update 2.3.4 -> 2.3.6
xev: update 1.2.4 -> 1.2.5
xmodmap: update 1.0.10 -> 1.0.11
xf86-input-synaptics: update 1.9.1 -> 1.9.2
encodings: update 1.0.5 -> 1.0.6
font-util: update 1.3.2 -> 1.3.3
xserver-xorg: update 21.1.3 -> 21.1.4
linux-firmware: update 20220610 -> 20220708
libuv: upgrade 1.44.1 -> 1.44.2
log4cplus: upgrade 2.0.7 -> 2.0.8
vala: upgrade 0.56.0 -> 0.56.1
vala: upgrade 0.56.1 -> 0.56.2
webkitgtk: upgrade 2.36.3 -> 2.36.4
xwayland: upgrade 22.1.2 -> 22.1.3
epiphany: upgrade 42.2 -> 42.3
lttng-modules: update 2.13.3 -> 2.13.4
Bruce Ashfield (14):
yocto-bsps: update to v5.10.113
yocto-bsps: update to v5.10.128 and buildpaths fixes
yocto-bsps: update to v5.15.52 and buildpaths fixes
yocto-bsps/5.10: fix buildpaths issue with gen-mach-types
yocto-bsps/5.15: fix buildpaths issue with gen-mach-types
yocto-bsps/5.10: fix buildpaths issue with pnmtologo
yocto-bsps/5.15: fix buildpaths issue with pnmtologo
yocto-bsps: update to v5.15.54
yocto-bsps: update to v5.10.130
linux-yocto/5.10: update to v5.10.135
linux-yocto/5.15: update to v5.15.58
linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge)
linux-yocto/5.15: update to v5.15.59
linux-yocto/5.15: fix reproducibility issues
Dmitry Baryshkov (1):
linux-firwmare: restore WHENCE_CHKSUM variable
He Zhe (1):
lttng-modules: Fix build failure for kernel v5.15.58
Hitendra Prajapati (2):
qemu: CVE-2022-35414 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash
libtirpc: CVE-2021-46828 DoS vulnerability with lots of connections
Joshua Watt (1):
sstatesig: Include all dependencies in SPDX task signatures
Khem Raj (3):
lua: Backport fix for CVE-2022-33099
gcc-runtime: Pass -nostartfiles when building dummy libstdc++.so
libgcc: Fix standalone target builds with usrmerge distro feature
Martin Jansa (2):
kernel.bbclass: pass LD also in savedefconfig
glibc: revert one upstream change to work around broken DEBUG_BUILD build
Mihai Lindner (1):
wic/plugins/rootfs: Fix NameError for 'orig_path'
Ming Liu (2):
rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}
udev-extraconf:mount.sh: fix a umount issue
Mingli Yu (1):
strace: set COMPATIBLE_HOST for riscv32
Naveen (1):
gcc: Backport a fix for gcc bug 105039
Richard Purdie (5):
vim: Upgrade 9.0.0021 -> 9.0.0063
xorg-app: Tweak handling of compression changes in SRC_URI
xwayland: upgrade 22.1.1 -> 22.1.2
base/reproducible: Change Source Date Epoch generation methods
build-appliance-image: Update to kirkstone head revision
Ross Burton (2):
oeqa/runtime: add test that the kernel has CONFIG_PREEMPT_RT enabled
perf: fix reproduciblity in older releases of Linux
Sakib Sajal (3):
dpkg: fix CVE-2022-1664
go: update v1.17.10 -> v1.17.12
git: upgrade v2.35.3 -> v2.35.4
Shruthi Ravichandran (2):
initscripts: run umountnfs as a KILL script
package_manager/ipk: do not pipe stderr to stdout
Steve Sakoman (1):
poky.conf: bump version for 4.0.3
Sundeep KOKKONDA (2):
binutils: stable 2.38 branch updates
glibc : stable 2.35 branch updates
Tom Hochstein (1):
gobject-introspection-data: Disable cache for g-ir-scanner
Yi Zhao (1):
tiff: Security fixes CVE-2022-1354 and CVE-2022-1355
Yue Tao (1):
gnupg: upgrade to 2.3.7 to fix CVE-2022-34903
gr embeter (1):
efivar: fix import functionality
leimaohui (1):
systemd: Added base_bindir into pkg_postinst:udev-hwdb.
wangmy (4):
bind: upgrade 9.18.2 -> 9.18.3
bind: upgrade 9.18.3 -> 9.18.4
mkfontscale: upgrade 1.2.1 -> 1.2.2
xdpyinfo: upgrade 1.3.2 -> 1.3.3
meta-openembedded: a47ef04661..acbe748798:
Akash Hadke (1):
polkit: Add --shell /bin/nologin to polkitd user
Anuj Mittal (1):
yasm: fix buildpaths warning
Armin Kuster (1):
bigbuckbunny-1080p: update SRC_URI
Aryaman Gupta (1):
rsyslog: update 8.2202->8.2206
Chen Qi (1):
catfish: fix buildpaths issue
Davide Gardenal (6):
libplist: ignore patched CVEs
meta-oe: ignore patched CVEs
mongodb: ignore unrelated CVEs
php: ignore patched CVEs
postgresql: ignore unrelated CVE
openjpeg: ignore CVE-2015-1239
Khem Raj (1):
ibus: Swith to use main branch instead of master
Marta Rybczynska (1):
polkit: update patches for musl compilation
Martin Jansa (1):
glmark2: fix compatibility with python-3.11
Mingli Yu (6):
net-snmp: set ac_cv_path_PSPROG
postgresql: Fix the buildpaths issue
freeradius: Fix buildpaths issue
openipmi: Fix buildpaths issue
apache2: Fix the buildpaths issue
frr: fix buildpaths issue
Peter Kjellerstedt (2):
libwebsockets: Avoid absolute paths in *.cmake files in the sysroot
cryptsetup: Add support for building without SSH tokens
Vyacheslav Yurkov (1):
polkit: add udisks2 rule
Wang Mingyu (3):
php: upgrade 8.1.7 -> 8.1.8
ndisc6: upgrade 1.0.5 -> 1.0.6
tracker: upgrade 3.3.0 -> 3.3.1
Yi Zhao (1):
polkit-group-rule-udisks2: fix override syntax in RDEPENDS
Yue Tao (1):
python3-lxml: Security fix CVE-2022-2309
wangmy (4):
stunnel: upgrade 5.63 -> 5.64
stunnel: upgrade 5.64 -> 5.65
redis: upgrade 7.0.2 -> 7.0.4
tracker: upgrade 3.3.1 -> 3.3.2
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I48e5e47f05b456589a0c3106b5a095f1b43780b0
153 files changed, 2075 insertions, 1199 deletions
diff --git a/meta-openembedded/meta-gnome/recipes-gnome/tracker/tracker_3.3.0.bb b/meta-openembedded/meta-gnome/recipes-gnome/tracker/tracker_3.3.2.bb index bb2396af7c..eaa0e065d1 100644 --- a/meta-openembedded/meta-gnome/recipes-gnome/tracker/tracker_3.3.0.bb +++ b/meta-openembedded/meta-gnome/recipes-gnome/tracker/tracker_3.3.2.bb @@ -22,7 +22,7 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase gsettings gobject-introspection vala gtk-doc manpages bash-completion features_check python3native -SRC_URI[archive.sha256sum] = "0706f96fe7f95df42acec812c1de7b4593a0d648321ca83506a9d71e22417bda" +SRC_URI[archive.sha256sum] = "0ed2b98918956d6f16429c607dd8a14c84f4da0a48970fd2eb8c93aba3cf9913" # gobject-introspection is mandatory and cannot be configured REQUIRED_DISTRO_FEATURES = "gobject-introspection-data" diff --git a/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc b/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc index 37a490abe0..bb662f2ec9 100644 --- a/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc +++ b/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc @@ -10,7 +10,7 @@ PV = "1.5.26" DEPENDS = "unicode-ucd" SRC_URI = " \ - git://github.com/ibus/ibus.git;branch=master;protocol=https \ + git://github.com/ibus/ibus.git;branch=main;protocol=https \ file://0001-Do-not-try-to-start-dbus-we-do-not-have-dbus-lauch.patch \ " SRCREV = "6a70ab0338206bd1c7d01a4e1874ea0ee5b3a9d3" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb index b848b820c3..cb919d79e3 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb @@ -3,7 +3,7 @@ LICENSE = "CC-BY-3.0" # http://www.bigbuckbunny.org/index.php/about/ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/CC-BY-3.0;md5=dfa02b5755629022e267f10b9c0a2ab7" -SRC_URI = "https://www.mediaspip.net/IMG/avi/big_buck_bunny_1080p_surround.avi" +SRC_URI = "http://www.peach.themazzone.com/big_buck_bunny_1080p_surround.avi" SRC_URI[md5sum] = "223991c8b33564eb77988a4c13c1c76a" SRC_URI[sha256sum] = "69fe2cfe7154a6e752688e3a0d7d6b07b1605bbaf75b56f6470dc7b4c20c06ea" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch new file mode 100644 index 0000000000..697205efe0 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch @@ -0,0 +1,41 @@ +From cbc64dcf6aa2a1be63f45ea6dd7d2c49b70a0bee Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Wed, 3 Aug 2022 16:44:29 +0800 +Subject: [PATCH] version.c: don't print build flags + +Don't print the build flags to avoid collecting the build environment info. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/main/version.c | 13 ------------- + 1 file changed, 13 deletions(-) + +diff --git a/src/main/version.c b/src/main/version.c +index 62972d9f53..cf81de72c9 100644 +--- a/src/main/version.c ++++ b/src/main/version.c +@@ -589,19 +589,6 @@ void version_print(void) + DEBUG2(" unknown"); + #endif + +- DEBUG2("Compilation flags:"); +-#ifdef BUILT_WITH_CPPFLAGS +- DEBUG2(" cppflags : " BUILT_WITH_CPPFLAGS); +-#endif +-#ifdef BUILT_WITH_CFLAGS +- DEBUG2(" cflags : " BUILT_WITH_CFLAGS); +-#endif +-#ifdef BUILT_WITH_LDFLAGS +- DEBUG2(" ldflags : " BUILT_WITH_LDFLAGS); +-#endif +-#ifdef BUILT_WITH_LIBS +- DEBUG2(" libs : " BUILT_WITH_LIBS); +-#endif + DEBUG2(" "); + } + INFO("FreeRADIUS Version " RADIUSD_VERSION_STRING); +-- +2.25.1 + diff --git a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb index d6477e340e..1407b798b5 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb @@ -32,6 +32,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0 file://radiusd.service \ file://radiusd-volatiles.conf \ file://check-openssl-cmds-in-script-bootstrap.patch \ + file://0001-version.c-don-t-print-build-flags.patch \ " raddbdir="${sysconfdir}/${MLPREFIX}raddb" diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index ceb94109de..96be49b53f 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -73,6 +73,11 @@ SYSTEMD_PACKAGES = "${PN}" SYSTEMD_SERVICE:${PN} = "frr.service" SYSTEMD_AUTO_ENABLE = "disable" +do_compile:prepend () { + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' \ + -e 's#${RECIPE_SYSROOT}##g' ${S}/lib/version.h +} + do_compile:class-native () { oe_runmake clippy-only } diff --git a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb index 5f887b8868..30c0ce74cb 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb @@ -72,6 +72,7 @@ CACHED_CONFIGUREVARS = " \ ac_cv_ETC_MNTTAB=/etc/mtab \ lt_cv_shlibpath_overrides_runpath=yes \ ac_cv_path_UNAMEPROG=${base_bindir}/uname \ + ac_cv_path_PSPROG=${base_bindir}/ps \ ac_cv_file__etc_printcap=no \ NETSNMP_CONFIGURE_OPTIONS= \ " diff --git a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_1.0.6.bb index f5467794e6..6861314a0a 100644 --- a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_1.0.6.bb @@ -5,8 +5,7 @@ HOMEPAGE = "http://www.remlab.net/ndisc6/" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" -PV = "1.0.5" -SRCREV = "b706f5f01aa82aa0db678fffd15a1527f330c507" +SRCREV = "7e314b23329f9c24c4c097b8513673fed7e7158a" SRC_URI = "git://git.remlab.net/git/ndisc6.git;protocol=http;branch=master \ file://0001-autogen-Do-not-symlink-gettext.h-from-build-host.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb index c61303b81e..8625afaa74 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb @@ -85,6 +85,10 @@ do_configure () { done } +do_compile:append () { + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' ${S}/swig/perl/OpenIPMI_wrap.c +} + do_install:append () { echo "SAL: D = $D" echo "SAL: libdir = $libdir" diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch index aeb0bece97..0840cbbd8b 100644 --- a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch +++ b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch @@ -1,3 +1,8 @@ +From 7ff4eba20b5c4fc7365e5ee0dfb775ed29bdd5ce Mon Sep 17 00:00:00 2001 +From: Kai Kang <kai.kang@windriver.com> +Date: Wed, 1 Nov 2017 09:23:41 -0400 +Subject: [PATCH] stunnel: fix compile error when openssl disable des support + Upstream-Status: Pending When openssl disable des support with configure option 'no-des', it doesn't @@ -6,12 +11,17 @@ failed. Fix it by checking macro OPENSSL_NO_DES to use openssl des related library conditionaly. Signed-off-by: Kai Kang <kai.kang@windriver.com> + --- + src/common.h | 2 ++ + src/protocol.c | 6 +++--- + 2 files changed, 5 insertions(+), 3 deletions(-) + diff --git a/src/common.h b/src/common.h -index f7d38b0..bf485af 100644 +index bc37eb5..03ee3e5 100644 --- a/src/common.h +++ b/src/common.h -@@ -478,7 +478,9 @@ extern char *sys_errlist[]; +@@ -486,7 +486,9 @@ extern char *sys_errlist[]; #ifndef OPENSSL_NO_MD4 #include <openssl/md4.h> #endif /* !defined(OPENSSL_NO_MD4) */ @@ -22,19 +32,19 @@ index f7d38b0..bf485af 100644 #include <openssl/dh.h> #if OPENSSL_VERSION_NUMBER<0x10100000L diff --git a/src/protocol.c b/src/protocol.c -index 587df09..8198eb6 100644 +index 804f115..d9b2b50 100644 --- a/src/protocol.c +++ b/src/protocol.c -@@ -67,7 +67,7 @@ NOEXPORT char *imap_server(CLI *, SERVICE_OPTIONS *, const PHASE); +@@ -66,7 +66,7 @@ NOEXPORT char *nntp_client(CLI *, SERVICE_OPTIONS *, const PHASE); NOEXPORT char *ldap_client(CLI *, SERVICE_OPTIONS *, const PHASE); NOEXPORT char *connect_server(CLI *, SERVICE_OPTIONS *, const PHASE); NOEXPORT char *connect_client(CLI *, SERVICE_OPTIONS *, const PHASE); -#ifndef OPENSSL_NO_MD4 +#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES) NOEXPORT void ntlm(CLI *, SERVICE_OPTIONS *); - NOEXPORT char *ntlm1(); + NOEXPORT char *ntlm1(void); NOEXPORT char *ntlm3(char *, char *, char *, char *); -@@ -1332,7 +1332,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { +@@ -1351,7 +1351,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { fd_printf(c, c->remote_fd.fd, "Host: %s", opt->protocol_host); if(opt->protocol_username && opt->protocol_password) { if(!strcasecmp(opt->protocol_authentication, "ntlm")) { @@ -43,7 +53,7 @@ index 587df09..8198eb6 100644 ntlm(c, opt); #else s_log(LOG_ERR, "NTLM authentication is not available"); -@@ -1376,7 +1376,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { +@@ -1395,7 +1395,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { return NULL; } diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.63.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.65.bb index 325737e8c9..ab7ff43223 100644 --- a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.63.bb +++ b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.65.bb @@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ file://fix-openssl-no-des.patch \ " -SRC_URI[sha256sum] = "c74c4e15144a3ae34b8b890bb31c909207301490bd1e51bfaaa5ffeb0a994617" +SRC_URI[sha256sum] = "60c500063bd1feff2877f5726e38278c086f96c178f03f09d264a2012d6bf7fc" inherit autotools bash-completion pkgconfig diff --git a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb index 7ea728aad4..ff4a16e9f2 100644 --- a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb +++ b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb @@ -45,6 +45,12 @@ SRC_URI:append:toolchain-clang = "\ S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2014-8180 \ + CVE-2017-18381 \ + CVE-2017-2665 \ +" + COMPATIBLE_HOST ?= '(x86_64|i.86|powerpc64|arm|aarch64).*-linux' PACKAGECONFIG ??= "tcmalloc system-pcre" diff --git a/meta-openembedded/meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch b/meta-openembedded/meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch new file mode 100644 index 0000000000..c56fa64e58 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch @@ -0,0 +1,76 @@ +From b85ba8c3ff3fb9ae708576ccef03434d2ef73054 Mon Sep 17 00:00:00 2001 +From: Martin Jansa <Martin.Jansa@gmail.com> +Date: Tue, 14 Jun 2022 09:54:18 +0000 +Subject: [PATCH] waflib: fix compatibility with python-3.11 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* https://docs.python.org/3.11/whatsnew/3.11.html#changes-in-the-python-api + + open(), io.open(), codecs.open() and fileinput.FileInput no longer + accept 'U' (“universal newline”) in the file mode. This flag was + deprecated since Python 3.3. In Python 3, the “universal newline” is + used by default when a file is open in text mode. The newline parameter + of open() controls how universal newlines works. (Contributed by Victor + Stinner in bpo-37330.) + +* fixes: +Waf: The wscript in '/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git' is unreadable +Traceback (most recent call last): + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Scripting.py", line 104, in waf_entry_point + set_main_module(os.path.normpath(os.path.join(Context.run_dir,Context.WSCRIPT_FILE))) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Scripting.py", line 135, in set_main_module + Context.g_module=Context.load_module(file_path) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Context.py", line 343, in load_module + code=Utils.readf(path,m='rU',encoding=encoding) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Utils.py", line 117, in readf + f=open(fname,m) + ^^^^^^^^^^^^^ +ValueError: invalid mode: 'rUb' + +Upstream-Status: Submitted [https://github.com/glmark2/glmark2/pull/178] +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> +--- + waflib/ConfigSet.py | 2 +- + waflib/Context.py | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/waflib/ConfigSet.py b/waflib/ConfigSet.py +index 16142a2..87de4ad 100644 +--- a/waflib/ConfigSet.py ++++ b/waflib/ConfigSet.py +@@ -140,7 +140,7 @@ class ConfigSet(object): + Utils.writef(filename,''.join(buf)) + def load(self,filename): + tbl=self.table +- code=Utils.readf(filename,m='rU') ++ code=Utils.readf(filename,m='r') + for m in re_imp.finditer(code): + g=m.group + tbl[g(2)]=eval(g(3)) +diff --git a/waflib/Context.py b/waflib/Context.py +index 8f2cbfb..f3e35ae 100644 +--- a/waflib/Context.py ++++ b/waflib/Context.py +@@ -109,7 +109,7 @@ class Context(ctx): + cache[node]=True + self.pre_recurse(node) + try: +- function_code=node.read('rU',encoding) ++ function_code=node.read('r',encoding) + exec(compile(function_code,node.abspath(),'exec'),self.exec_dict) + finally: + self.post_recurse(node) +@@ -340,7 +340,7 @@ def load_module(path,encoding=None): + pass + module=imp.new_module(WSCRIPT_FILE) + try: +- code=Utils.readf(path,m='rU',encoding=encoding) ++ code=Utils.readf(path,encoding=encoding) + except EnvironmentError: + raise Errors.WafError('Could not read the file %r'%path) + module_dir=os.path.dirname(path) diff --git a/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb b/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb index 1406f68b05..188d4e5bdf 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb @@ -18,7 +18,8 @@ SRC_URI = " \ file://0001-fix-dispmanx-build.patch \ file://0002-run-dispmanx-fullscreen.patch \ file://0001-libmatrix-Include-missing-utility-header.patch \ - " + file://0001-waflib-fix-compatibility-with-python-3.11.patch \ +" SRCREV = "0858b450cd88c84a15b99dda9698d44e7f7e8c70" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb index 2fa24b29b3..28a3e1e77a 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb @@ -11,6 +11,10 @@ SRC_URI = "git://github.com/rakshasa/libtorrent;branch=master;protocol=https \ " SRCREV = "756f70010779927dc0691e1e722ed433d5d295e1" +CVE_CHECK_IGNORE += "\ + CVE-2009-1760 \ +" + PV = "0.13.8" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb b/meta-openembedded/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb index a5fcb8d72d..2a3a4ebd06 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb @@ -41,3 +41,6 @@ RDEPENDS:${PN} += " ${@bb.utils.contains('PACKAGECONFIG', 'libuv', '${PN}-evlib- RDEPENDS:${PN} += " ${@bb.utils.contains('PACKAGECONFIG', 'libev', '${PN}-evlib-ev', '', d)}" RDEPENDS:${PN}-dev += " ${@bb.utils.contains('PACKAGECONFIG', 'static', '${PN}-staticdev', '', d)}" + +# Avoid absolute paths to end up in the sysroot. +SSTATE_SCAN_FILES += "*.cmake" diff --git a/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb b/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb index 8f9f663a33..4f8bbf0358 100644 --- a/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb +++ b/meta-openembedded/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb @@ -14,7 +14,6 @@ DEPENDS = " \ libdevmapper \ popt \ util-linux-libuuid \ - libssh \ " DEPENDS:append:libc-musl = " argp-standalone" @@ -39,6 +38,7 @@ PACKAGECONFIG ??= " \ blkid \ luks-adjust-xts-keysize \ openssl \ + ssh-token \ " PACKAGECONFIG:append:class-target = " \ udev \ @@ -69,6 +69,7 @@ PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss" PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel" PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle" PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1" +PACKAGECONFIG[ssh-token] = "--enable-ssh-token,--disable-ssh-token,libssh" EXTRA_OECONF = "--enable-static" # Building without largefile is not supported by upstream @@ -78,6 +79,14 @@ EXTRA_OECONF += "--disable-static-cryptsetup" # There's no recipe for libargon2 yet EXTRA_OECONF += "--disable-libargon2" +do_install:append() { + # The /usr/lib/cryptsetup directory is always created, even when ssh-token + # is disabled. In that case it is empty and causes a packaging error. Since + # there is no reason to distribute the empty directory, the easiest solution + # is to remove it if it is empty. + rmdir -p --ignore-fail-on-non-empty ${D}${libdir}/${BPN} +} + FILES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}" RDEPENDS:${PN} = " \ diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch new file mode 100644 index 0000000000..101a748776 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch @@ -0,0 +1,110 @@ +From b92eebe8b0760fee7bd55c6c22318620c2c07579 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Mon, 1 Aug 2022 15:44:38 +0800 +Subject: [PATCH] config_info.c: not expose build info + +Don't collect the build information to fix the buildpaths issue. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + configure.ac | 2 +- + src/common/config_info.c | 68 ---------------------------------------- + 2 files changed, 1 insertion(+), 69 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 0eb595b..508487b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -23,7 +23,7 @@ AC_COPYRIGHT([Copyright (c) 1996-2021, PostgreSQL Global Development Group]) + AC_CONFIG_SRCDIR([src/backend/access/common/heaptuple.c]) + AC_CONFIG_AUX_DIR(config) + AC_PREFIX_DEFAULT(/usr/local/pgsql) +-AC_DEFINE_UNQUOTED(CONFIGURE_ARGS, ["$ac_configure_args"], [Saved arguments from configure]) ++AC_DEFINE_UNQUOTED(CONFIGURE_ARGS, ["ac_configure_args"], [Saved arguments from configure]) + + [PG_MAJORVERSION=`expr "$PACKAGE_VERSION" : '\([0-9][0-9]*\)'`] + [PG_MINORVERSION=`expr "$PACKAGE_VERSION" : '.*\.\([0-9][0-9]*\)'`] +diff --git a/src/common/config_info.c b/src/common/config_info.c +index e72e729..b482c20 100644 +--- a/src/common/config_info.c ++++ b/src/common/config_info.c +@@ -123,74 +123,6 @@ get_configdata(const char *my_exec_path, size_t *configdata_len) + configdata[i].setting = pstrdup(path); + i++; + +- configdata[i].name = pstrdup("CONFIGURE"); +- configdata[i].setting = pstrdup(CONFIGURE_ARGS); +- i++; +- +- configdata[i].name = pstrdup("CC"); +-#ifdef VAL_CC +- configdata[i].setting = pstrdup(VAL_CC); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("CPPFLAGS"); +-#ifdef VAL_CPPFLAGS +- configdata[i].setting = pstrdup(VAL_CPPFLAGS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("CFLAGS"); +-#ifdef VAL_CFLAGS +- configdata[i].setting = pstrdup(VAL_CFLAGS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("CFLAGS_SL"); +-#ifdef VAL_CFLAGS_SL +- configdata[i].setting = pstrdup(VAL_CFLAGS_SL); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LDFLAGS"); +-#ifdef VAL_LDFLAGS +- configdata[i].setting = pstrdup(VAL_LDFLAGS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LDFLAGS_EX"); +-#ifdef VAL_LDFLAGS_EX +- configdata[i].setting = pstrdup(VAL_LDFLAGS_EX); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LDFLAGS_SL"); +-#ifdef VAL_LDFLAGS_SL +- configdata[i].setting = pstrdup(VAL_LDFLAGS_SL); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LIBS"); +-#ifdef VAL_LIBS +- configdata[i].setting = pstrdup(VAL_LIBS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- + configdata[i].name = pstrdup("VERSION"); + configdata[i].setting = pstrdup("PostgreSQL " PG_VERSION); + i++; +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql.inc b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql.inc index 00c0107469..bef33e6bb4 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql.inc +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql.inc @@ -215,6 +215,14 @@ do_install:append() { install -m 0644 ${WORKDIR}/postgresql.service ${D}${systemd_unitdir}/system sed -i -e 's,@BINDIR@,${bindir},g' \ ${D}${systemd_unitdir}/system/postgresql.service + # Remove the build path + if [ -f ${D}${libdir}/${BPN}/pgxs/src/Makefile.global ]; then + sed -i -e 's#${RECIPE_SYSROOT}##g' \ + -e 's#${RECIPE_SYSROOT_NATIVE}##g' \ + -e 's#${WORKDIR}##g' \ + -e 's#${TMPDIR}##g' \ + ${D}${libdir}/${BPN}/pgxs/src/Makefile.global + fi } SSTATE_SCAN_FILES += "Makefile.global" diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb index 01a6ee635e..1daab22f92 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb @@ -8,6 +8,11 @@ SRC_URI += "\ file://0001-Improve-reproducibility.patch \ file://0001-configure.ac-bypass-autoconf-2.69-version-check.patch \ file://remove_duplicate.patch \ + file://0001-config_info.c-not-expose-build-info.patch \ " SRC_URI[sha256sum] = "c23b6237c5231c791511bdc79098617d6852e9e3bdf360efd8b5d15a1a3d8f6a" + +CVE_CHECK_IGNORE += "\ + CVE-2017-8806 \ +" diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.7.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.8.bb index e9e8eccf3a..d5cf7d8b21 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.7.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.8.bb @@ -33,7 +33,13 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "b816753eb005511e695d90945c27093c3236cc73db1262656d9fadd73ead7e9d" +SRC_URI[sha256sum] = "b8815a5a02431453d4261e3598bd1f28516e4c0354f328c12890f257870e4c01" + +CVE_CHECK_IGNORE += "\ + CVE-2007-2728 \ + CVE-2007-3205 \ + CVE-2007-4596 \ +" inherit autotools pkgconfig python3native gettext diff --git a/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb b/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb index e9cb7adb81..df90b629a9 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb @@ -18,6 +18,10 @@ SRC_URI[sha256sum] = "53e15a2b5c1bc80161d42e9f69792a3fa18332b7b771910131004eb520 S = "${WORKDIR}/imap-${PV}" +CVE_CHECK_IGNORE += "\ + CVE-2005-0198 \ +" + PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" PACKAGECONFIG[pam] = ",,libpam" diff --git a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb index b5cd35ab3a..044fcbea74 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -22,3 +22,8 @@ CACHED_CONFIGUREVARS = "CCLD_FOR_BUILD='${CC_FOR_BUILD}'" BBCLASSEXTEND = "native" PARALLEL_MAKE = "" + +do_configure:prepend() { + # Don't include $CC (which includes path to sysroot) in generated header. + sed -i -e "s/^echo \"\/\* generated \$ac_cv_stdint_message \*\/\" >>\$ac_stdint$"// ${S}/m4/ax_create_stdint_h.m4 +} diff --git a/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb b/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb index db4f507b7c..daaff00395 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb @@ -13,6 +13,12 @@ SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https;branch=mast S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2017-5834 \ + CVE-2017-5835 \ + CVE-2017-5836 \ +" + do_install:append () { if [ -e ${D}${libdir}/python*/site-packages/plist/_plist.so ]; then chrpath -d ${D}${libdir}/python*/site-packages/plist/_plist.so diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules b/meta-openembedded/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules new file mode 100644 index 0000000000..2ffa4087a8 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules @@ -0,0 +1,24 @@ +polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + var permission = { + // required for udisks1: + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + // required for udisks2: + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + // required for udisks2 if using udiskie from another seat (e.g. systemd): + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("plugdev")) { + return permission[action.id]; + } +}); diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb new file mode 100644 index 0000000000..db2ed015b4 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Polkit rule to allow non-priviledged users mount/umount block devices via udisks2" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +require polkit-group-rule.inc + +# The file originates from https://github.com/coldfix/udiskie/wiki/Permissions +SRC_URI = "file://50-org.freedesktop.udiskie.rules" + +RDEPENDS:${PN} += "udisks2" + +do_install() { + install -m 0755 ${WORKDIR}/50-org.freedesktop.udiskie.rules ${D}${sysconfdir}/polkit-1/rules.d +} + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM:${PN} = "--system plugdev" diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch index e44e4f6e4a..b8562f8ce2 100644 --- a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch +++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch @@ -1,15 +1,18 @@ -From eaecfb21e1bca42e99321cc731e21dbfc1ea0d0c Mon Sep 17 00:00:00 2001 +From 4af72493cb380ab5ce0dd7c5bcd25a8b5457d770 Mon Sep 17 00:00:00 2001 From: Gustavo Lima Chaves <limachaves@gmail.com> Date: Tue, 25 Jan 2022 09:43:21 +0000 -Subject: [PATCH 3/3] Added support for duktape as JS engine +Subject: [PATCH] Added support for duktape as JS engine Original author: Wu Xiaotian (@yetist) Resurrection author, runaway-killer author: Gustavo Lima Chaves (@limachaves) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> +Upstream-Status: Backport [c7fc4e1b61f0fd82fc697c19c604af7e9fb291a2] +Dropped change to .gitlab-ci.yml and adapted configure.ac due to other +patches in meta-oe. + --- - .gitlab-ci.yml | 1 + buildutil/ax_pthread.m4 | 522 ++++++++ configure.ac | 34 +- docs/man/polkit.xml | 4 +- @@ -23,16 +26,12 @@ Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> .../polkitbackendjsauthority.cpp | 721 +---------- .../etc/polkit-1/rules.d/10-testing.rules | 6 +- .../test-polkitbackendjsauthority.c | 2 +- - 14 files changed, 2399 insertions(+), 678 deletions(-) + 13 files changed, 2398 insertions(+), 678 deletions(-) create mode 100644 buildutil/ax_pthread.m4 create mode 100644 src/polkitbackend/polkitbackendcommon.c create mode 100644 src/polkitbackend/polkitbackendcommon.h create mode 100644 src/polkitbackend/polkitbackendduktapeauthority.c -Upstream-Status: Backport [c7fc4e1b61f0fd82fc697c19c604af7e9fb291a2] -Dropped change to .gitlab-ci.yml and adapted configure.ac due to other -patches in meta-oe. - diff --git a/buildutil/ax_pthread.m4 b/buildutil/ax_pthread.m4 new file mode 100644 index 0000000..9f35d13 @@ -603,7 +602,7 @@ index b625743..bbf4768 100644 +CC="$PTHREAD_CC" +AC_CHECK_FUNCS([pthread_condattr_setclock]) + - AC_CHECK_FUNCS(clearenv fdatasync setnetgrent) + AC_CHECK_FUNCS(clearenv fdatasync) if test "x$GCC" = "xyes"; then @@ -581,6 +598,13 @@ echo " @@ -3458,6 +3457,3 @@ index f97e0e0..2103b17 100644 }, { --- -2.20.1 - diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch index 1a268f2d0d..fa273d4503 100644 --- a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch +++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch @@ -1,36 +1,43 @@ -From 0c1debb380fee7f5b2bc62406e45856dc9c9e1a1 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 22 May 2019 13:18:55 -0700 -Subject: [PATCH] make netgroup support optional +From 7ef2621ab7adcedc099ed39acfb73c6fa835cbc3 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" <AWilcox@Wilcox-Tech.com> +Date: Sun, 15 May 2022 05:04:10 +0000 +Subject: [PATCH] Make netgroup support optional -On at least Linux/musl and Linux/uclibc, netgroup -support is not available. PolKit fails to compile on these systems -for that reason. +On at least Linux/musl and Linux/uclibc, netgroup support is not +available. PolKit fails to compile on these systems for that reason. This change makes netgroup support conditional on the presence of the setnetgrent(3) function which is required for the support to work. If that function is not available on the system, an error will be returned to the administrator if unix-netgroup: is specified in configuration. -Fixes bug 50145. +(sam: rebased for Meson and Duktape.) -Closes polkit/polkit#14. +Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/14 +Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/163 +Closes: https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/52 Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com> -Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Ported back the change in configure.ac (upstream removed autotools +support). + +Upstream-Status: Backport [https://gitlab.freedesktop.org/polkit/polkit/-/commit/b57deee8178190a7ecc75290fa13cf7daabc2c66] +Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> --- - configure.ac | 2 +- - src/polkit/polkitidentity.c | 16 ++++++++++++++++ - src/polkit/polkitunixnetgroup.c | 3 +++ - .../polkitbackendinteractiveauthority.c | 14 ++++++++------ - src/polkitbackend/polkitbackendjsauthority.cpp | 3 +++ - test/polkit/polkitidentitytest.c | 9 ++++++++- - test/polkit/polkitunixnetgrouptest.c | 3 +++ - .../test-polkitbackendjsauthority.c | 2 ++ - 8 files changed, 44 insertions(+), 8 deletions(-) + configure.ac | 2 +- + meson.build | 1 + + src/polkit/polkitidentity.c | 17 +++++++++++++++++ + src/polkit/polkitunixnetgroup.c | 3 +++ + .../polkitbackendinteractiveauthority.c | 14 ++++++++------ + src/polkitbackend/polkitbackendjsauthority.cpp | 2 ++ + test/polkit/polkitidentitytest.c | 8 +++++++- + test/polkit/polkitunixnetgrouptest.c | 2 ++ + .../test-polkitbackendjsauthority.c | 2 ++ + 9 files changed, 43 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac -index b625743..d807086 100644 +index 59858df..5a7fc11 100644 --- a/configure.ac +++ b/configure.ac @@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"], @@ -42,8 +49,20 @@ index b625743..d807086 100644 if test "x$GCC" = "xyes"; then LDFLAGS="-Wl,--as-needed $LDFLAGS" +diff --git a/meson.build b/meson.build +index 733bbff..d840926 100644 +--- a/meson.build ++++ b/meson.build +@@ -82,6 +82,7 @@ config_h.set('_GNU_SOURCE', true) + check_functions = [ + 'clearenv', + 'fdatasync', ++ 'setnetgrent', + ] + + foreach func: check_functions diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c -index 3aa1f7f..10e9c17 100644 +index 3aa1f7f..793f17d 100644 --- a/src/polkit/polkitidentity.c +++ b/src/polkit/polkitidentity.c @@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str, @@ -62,7 +81,7 @@ index 3aa1f7f..10e9c17 100644 } if (identity == NULL && (error != NULL && *error == NULL)) -@@ -344,6 +352,13 @@ polkit_identity_new_for_gvariant (GVariant *variant, +@@ -344,6 +352,14 @@ polkit_identity_new_for_gvariant (GVariant *variant, GVariant *v; const char *name; @@ -73,10 +92,11 @@ index 3aa1f7f..10e9c17 100644 + "Netgroups are not available on this machine"); + goto out; +#else ++ v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error); if (v == NULL) { -@@ -353,6 +368,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, +@@ -353,6 +369,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, name = g_variant_get_string (v, NULL); ret = polkit_unix_netgroup_new (name); g_variant_unref (v); @@ -144,10 +164,10 @@ index 056d9a8..36c2f3d 100644 } diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp -index ca17108..41d8d5c 100644 +index 5027815..bcb040c 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp -@@ -1520,6 +1520,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, +@@ -1524,6 +1524,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, JS::CallArgs args = JS::CallArgsFromVp (argc, vp); @@ -155,28 +175,19 @@ index ca17108..41d8d5c 100644 JS::RootedString usrstr (authority->priv->cx); usrstr = args[0].toString(); user = JS_EncodeStringToUTF8 (cx, usrstr); -@@ -1535,6 +1536,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx, +@@ -1538,6 +1539,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + { is_in_netgroup = true; } - +#endif -+ + ret = true; - args.rval ().setBoolean (is_in_netgroup); diff --git a/test/polkit/polkitidentitytest.c b/test/polkit/polkitidentitytest.c -index e91967b..e829aaa 100644 +index e91967b..2635c4c 100644 --- a/test/polkit/polkitidentitytest.c +++ b/test/polkit/polkitidentitytest.c -@@ -19,6 +19,7 @@ - * Author: Nikki VonHollen <vonhollen@google.com> - */ - -+#include "config.h" - #include "glib.h" - #include <polkit/polkit.h> - #include <polkit/polkitprivate.h> -@@ -145,11 +146,15 @@ struct ComparisonTestData comparison_test_data [] = { +@@ -145,11 +145,15 @@ struct ComparisonTestData comparison_test_data [] = { {"unix-group:root", "unix-group:jane", FALSE}, {"unix-group:jane", "unix-group:jane", TRUE}, @@ -192,7 +203,7 @@ index e91967b..e829aaa 100644 {NULL}, }; -@@ -181,11 +186,13 @@ main (int argc, char *argv[]) +@@ -181,11 +185,13 @@ main (int argc, char *argv[]) g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string); g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string); @@ -208,18 +219,10 @@ index e91967b..e829aaa 100644 add_comparison_tests (); diff --git a/test/polkit/polkitunixnetgrouptest.c b/test/polkit/polkitunixnetgrouptest.c -index 3701ba1..e3352eb 100644 +index 3701ba1..e1d211e 100644 --- a/test/polkit/polkitunixnetgrouptest.c +++ b/test/polkit/polkitunixnetgrouptest.c -@@ -19,6 +19,7 @@ - * Author: Nikki VonHollen <vonhollen@google.com> - */ - -+#include "config.h" - #include "glib.h" - #include <polkit/polkit.h> - #include <string.h> -@@ -69,7 +70,9 @@ int +@@ -69,7 +69,9 @@ int main (int argc, char *argv[]) { g_test_init (&argc, &argv, NULL); diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch new file mode 100644 index 0000000000..12988ad94f --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch @@ -0,0 +1,34 @@ +From 792f8e2151c120ec51b50a4098e4f9642409cbec Mon Sep 17 00:00:00 2001 +From: Marta Rybczynska <rybczynska@gmail.com> +Date: Fri, 29 Jul 2022 11:52:59 +0200 +Subject: [PATCH] Make netgroup support optional + +This patch adds a fragment of the netgroup patch to apply on the duktape-related +code. This change is needed to compile with duktape+musl. + +Upstream-Status: Backport [https://gitlab.freedesktop.org/polkit/polkit/-/commit/b57deee8178190a7ecc75290fa13cf7daabc2c66] +Signed-off-by: Marta Rybczynska <martarybczynska@huawei.com> +--- + src/polkitbackend/polkitbackendduktapeauthority.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/polkitbackend/polkitbackendduktapeauthority.c b/src/polkitbackend/polkitbackendduktapeauthority.c +index c89dbcf..58a5936 100644 +--- a/src/polkitbackend/polkitbackendduktapeauthority.c ++++ b/src/polkitbackend/polkitbackendduktapeauthority.c +@@ -1036,6 +1036,7 @@ js_polkit_user_is_in_netgroup (duk_context *cx) + user = duk_require_string (cx, 0); + netgroup = duk_require_string (cx, 1); + ++#ifdef HAVE_SETNETGRENT + if (innetgr (netgroup, + NULL, /* host */ + user, +@@ -1043,6 +1044,7 @@ js_polkit_user_is_in_netgroup (duk_context *cx) + { + is_in_netgroup = TRUE; + } ++#endif + + duk_push_boolean (cx, is_in_netgroup); + return 1; diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.119.bb index 66bbf735f0..eff80cd43d 100644 --- a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.119.bb +++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.119.bb @@ -24,10 +24,10 @@ PACKAGECONFIG[consolekit] = ",,,consolekit" PAM_SRC_URI = "file://polkit-1_pam.patch" SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - file://0003-make-netgroup-support-optional.patch \ file://0001-pkexec-local-privilege-escalation-CVE-2021-4034.patch \ file://0002-CVE-2021-4115-GHSL-2021-077-fix.patch \ file://0003-Added-support-for-duktape-as-JS-engine.patch \ + file://0004-Make-netgroup-support-optional.patch \ " SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c" @@ -58,7 +58,7 @@ FILES:${PN}:append = " \ FILES:${PN}-examples = "${bindir}/*example*" USERADD_PACKAGES = "${PN}" -USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 polkitd" +USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 --shell /bin/nologin polkitd" SYSTEMD_SERVICE:${PN} = "${BPN}.service" SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.2.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.4.bb index b188278e1c..993ff34b10 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.2.bb +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.4.bb @@ -19,7 +19,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "5e57eafe7d4ac5ecb6a7d64d6b61db775616dbf903293b3fcc660716dbda5eeb" +SRC_URI[sha256sum] = "f0e65fda74c44a3dd4fa9d512d4d4d833dd0939c934e946a5c622a630d057f2f" inherit autotools-brokensep update-rc.d systemd useradd diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.2202.0.bb b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.2206.0.bb index ebb8ecf9bd..a39de3acb5 100644 --- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.2202.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.2206.0.bb @@ -31,7 +31,7 @@ SRC_URI:append:libc-musl = " \ file://0001-Include-sys-time-h.patch \ " -SRC_URI[sha256sum] = "e41308a5a171939b3cbc246e9d4bd30be44e801521e04cd95d051fa3867d6738" +SRC_URI[sha256sum] = "a1377218b26c0767a7a3f67d166d5338af7c24b455d35ec99974e18e6845ba27" UPSTREAM_CHECK_URI = "https://github.com/rsyslog/rsyslog/releases" UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)" diff --git a/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb b/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb index ecbfad394d..a59a5c41df 100644 --- a/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb +++ b/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb @@ -21,6 +21,10 @@ SRCREV = "a181e951376d49a82eef17920c8ebedec80b4823" S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2012-5638 \ +" + DEPENDS = "libaio util-linux" inherit setuptools3 useradd diff --git a/meta-openembedded/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb b/meta-openembedded/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb index 7e00f150d3..4b9ae4758f 100644 --- a/meta-openembedded/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb +++ b/meta-openembedded/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb @@ -32,6 +32,10 @@ SRC_URI = "http://downloads.sourceforge.net/sblim/${BP}.tar.bz2 \ SRC_URI[md5sum] = "28021cdabc73690a94f4f9d57254ce30" SRC_URI[sha256sum] = "634a67b2f7ac3b386a79160eb44413d618e33e4e7fc74ae68b0240484af149dd" +CVE_CHECK_IGNORE += "\ + CVE-2012-3381 \ +" + inherit autotools inherit systemd diff --git a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb index aa597cd8e4..4c51af669c 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb @@ -31,6 +31,10 @@ SRC_URI:append:class-nativesdk = "\ SRC_URI[sha256sum] = "6b16bf990df114195be669773a1dae975dbbffada45e1de2849ddeb5851bb9a8" +CVE_CHECK_IGNORE += "\ + CVE-2014-9157 \ +" + PACKAGECONFIG ??= "librsvg" PACKAGECONFIG[librsvg] = "--with-librsvg,--without-librsvg,librsvg" diff --git a/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb b/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb index 4c17105a99..27dff82df5 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb @@ -6,6 +6,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a80440d1d8f17d041c71c7271d6e06eb" SRC_URI = "git://github.com/jasper-software/jasper.git;protocol=https;branch=master" SRCREV = "fe00207dc10db1d7cc6f2757961c5c6bdfd10973" +CVE_CHECK_IGNORE += "\ + CVE-2015-8751 \ +" + S = "${WORKDIR}/git" inherit cmake diff --git a/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb index f248619ec8..42d2b4efb0 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb @@ -15,6 +15,10 @@ SRC_URI = " \ SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505" S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2015-1239 \ +" + inherit cmake # for multilib diff --git a/meta-openembedded/meta-oe/recipes-support/atop/atop_2.4.0.bb b/meta-openembedded/meta-oe/recipes-support/atop/atop_2.4.0.bb index 35540b3b8f..b1d2abde73 100644 --- a/meta-openembedded/meta-oe/recipes-support/atop/atop_2.4.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/atop/atop_2.4.0.bb @@ -24,6 +24,10 @@ SRC_URI = "http://www.atoptool.nl/download/${BP}.tar.gz \ SRC_URI[md5sum] = "1077da884ed94f2bc3c81ac3ab970436" SRC_URI[sha256sum] = "be1c010a77086b7d98376fce96514afcd73c3f20a8d1fe01520899ff69a73d69" +CVE_CHECK_IGNORE += "\ + CVE-2011-3618 \ +" + do_compile() { oe_runmake all } diff --git a/meta-openembedded/meta-oe/recipes-support/emacs/emacs_27.2.bb b/meta-openembedded/meta-oe/recipes-support/emacs/emacs_27.2.bb index b78dc5e450..4a7e7aba5c 100644 --- a/meta-openembedded/meta-oe/recipes-support/emacs/emacs_27.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/emacs/emacs_27.2.bb @@ -11,6 +11,10 @@ SRC_URI:append:class-target = " file://usemake-docfile-native.patch" SRC_URI[sha256sum] = "b4a7cc4e78e63f378624e0919215b910af5bb2a0afc819fad298272e9f40c1b9" +CVE_CHECK_IGNORE = "\ + CVE-2007-6109 \ +" + PACKAGECONFIG[gnutls] = "--with-gnutls=yes,--with-gnutls=no,gnutls" PACKAGECONFIG[kerberos] = "--with-kerberos=yes,--with-kerberos=no,krb5" PACKAGECONFIG[libgmp] = "--with-libgmp=yes,--with-libgmp=no,gmp" diff --git a/meta-openembedded/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb b/meta-openembedded/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb index 14b1aaf01c..3d8a45786d 100644 --- a/meta-openembedded/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb @@ -15,6 +15,11 @@ SRC_URI = "\ SRC_URI[sha256sum] = "19654ad276b149646371fbdac21bc7620742f2975f7399fed0ffc1a18fbaf603" +CVE_CHECK_IGNORE += "\ + CVE-2010-1624 \ + CVE-2011-3594 \ +" + PACKAGECONFIG ??= "gnutls consoleui avahi dbus idn nss \ ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtk startup-notification', '', d)} \ " diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch b/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch new file mode 100644 index 0000000000..5ec55dfd2a --- /dev/null +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch @@ -0,0 +1,99 @@ +From 86368e9cf70a0ad23cccd5ee32de847149af0c6f Mon Sep 17 00:00:00 2001 +From: Stefan Behnel <stefan_ml@behnel.de> +Date: Fri, 1 Jul 2022 21:06:10 +0200 +Subject: [PATCH] Fix a crash when incorrect parser input occurs together with + usages of iterwalk() on trees generated by the same parser. + +CVE: CVE-2022-2309 + +Upstream-Status: Backport +[https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f] + +Signed-off-by: Yue Tao <yue.tao@windriver.com> + +--- + src/lxml/apihelpers.pxi | 7 ++++--- + src/lxml/iterparse.pxi | 11 ++++++----- + src/lxml/tests/test_etree.py | 20 ++++++++++++++++++++ + 3 files changed, 30 insertions(+), 8 deletions(-) + +diff --git a/src/lxml/apihelpers.pxi b/src/lxml/apihelpers.pxi +index c1662762..9fae9fb1 100644 +--- a/src/lxml/apihelpers.pxi ++++ b/src/lxml/apihelpers.pxi +@@ -246,9 +246,10 @@ cdef dict _build_nsmap(xmlNode* c_node): + while c_node is not NULL and c_node.type == tree.XML_ELEMENT_NODE: + c_ns = c_node.nsDef + while c_ns is not NULL: +- prefix = funicodeOrNone(c_ns.prefix) +- if prefix not in nsmap: +- nsmap[prefix] = funicodeOrNone(c_ns.href) ++ if c_ns.prefix or c_ns.href: ++ prefix = funicodeOrNone(c_ns.prefix) ++ if prefix not in nsmap: ++ nsmap[prefix] = funicodeOrNone(c_ns.href) + c_ns = c_ns.next + c_node = c_node.parent + return nsmap +diff --git a/src/lxml/iterparse.pxi b/src/lxml/iterparse.pxi +index 138c23a6..a7299da6 100644 +--- a/src/lxml/iterparse.pxi ++++ b/src/lxml/iterparse.pxi +@@ -420,7 +420,7 @@ cdef int _countNsDefs(xmlNode* c_node): + count = 0 + c_ns = c_node.nsDef + while c_ns is not NULL: +- count += 1 ++ count += (c_ns.href is not NULL) + c_ns = c_ns.next + return count + +@@ -431,9 +431,10 @@ cdef int _appendStartNsEvents(xmlNode* c_node, list event_list) except -1: + count = 0 + c_ns = c_node.nsDef + while c_ns is not NULL: +- ns_tuple = (funicode(c_ns.prefix) if c_ns.prefix is not NULL else '', +- funicode(c_ns.href)) +- event_list.append( (u"start-ns", ns_tuple) ) +- count += 1 ++ if c_ns.href: ++ ns_tuple = (funicodeOrEmpty(c_ns.prefix), ++ funicode(c_ns.href)) ++ event_list.append( (u"start-ns", ns_tuple) ) ++ count += 1 + c_ns = c_ns.next + return count +diff --git a/src/lxml/tests/test_etree.py b/src/lxml/tests/test_etree.py +index e5f08469..285313f6 100644 +--- a/src/lxml/tests/test_etree.py ++++ b/src/lxml/tests/test_etree.py +@@ -1460,6 +1460,26 @@ class ETreeOnlyTestCase(HelperTestCase): + [1,2,1,4], + counts) + ++ def test_walk_after_parse_failure(self): ++ # This used to be an issue because libxml2 can leak empty namespaces ++ # between failed parser runs. iterwalk() failed to handle such a tree. ++ try: ++ etree.XML('''<anot xmlns="1">''') ++ except etree.XMLSyntaxError: ++ pass ++ else: ++ assert False, "invalid input did not fail to parse" ++ ++ et = etree.XML('''<root> </root>''') ++ try: ++ ns = next(etree.iterwalk(et, events=('start-ns',))) ++ except StopIteration: ++ # This would be the expected result, because there was no namespace ++ pass ++ else: ++ # This is a bug in libxml2 ++ assert not ns, repr(ns) ++ + def test_itertext_comment_pi(self): + # https://bugs.launchpad.net/lxml/+bug/1844674 + XML = self.etree.XML +-- +2.17.1 + diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb index c4d4df383a..0c78d97abd 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb @@ -20,7 +20,8 @@ DEPENDS += "libxml2 libxslt" SRC_URI[sha256sum] = "f63f62fc60e6228a4ca9abae28228f35e1bd3ce675013d1dfb828688d50c6e23" -SRC_URI += "${PYPI_SRC_URI}" +SRC_URI += "${PYPI_SRC_URI} \ + file://CVE-2022-2309.patch " inherit pkgconfig pypi setuptools3 # {standard input}: Assembler messages: diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch new file mode 100644 index 0000000000..78f23f0f2d --- /dev/null +++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch @@ -0,0 +1,32 @@ +From 5b5eae9cdf3bae91756c717349f2f33a31888f24 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Wed, 3 Aug 2022 12:35:16 +0800 +Subject: [PATCH] make_exports.awk: not expose the path + +Don't print the full path in the comment line. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + build/make_exports.awk | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/build/make_exports.awk b/build/make_exports.awk +index 1cf0568..44d93c5 100644 +--- a/build/make_exports.awk ++++ b/build/make_exports.awk +@@ -47,7 +47,9 @@ function push(line) { + + function do_output() { + printf("/*\n") +- printf(" * %s\n", FILENAME) ++ file = FILENAME ++ sub("([^/]*[/])*", "", file) ++ printf(" * %s\n", file) + printf(" */\n") + + for (i = 0; i < stackptr; i++) { +-- +2.25.1 + diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb index 4b0ed2f622..37d498f52e 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb +++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb @@ -15,6 +15,7 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ file://0007-apache2-allow-to-disable-selinux-support.patch \ file://0008-Fix-perl-install-directory-to-usr-bin.patch \ file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \ + file://0001-make_exports.awk-not-expose-the-path.patch \ " SRC_URI:append:class-target = " \ diff --git a/meta-openembedded/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb b/meta-openembedded/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb index 98cd251d2d..8fe879b816 100644 --- a/meta-openembedded/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb +++ b/meta-openembedded/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb @@ -12,3 +12,12 @@ SRC_URI[sha256sum] = "e9a99a62d10981391508dd43f3cbfa2d50a69bd6b7d1eeef7d30ba4c67 FILES:${PN} += "${datadir}/metainfo" RDEPENDS:${PN} += "python3-pygobject python3-dbus" + +do_install:append() { + # + # Until catfish upstream figures out a way to overcome this buildpath issue, we need to do such adjustments here. + # + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' ${D}${datadir}/applications/org.xfce.Catfish.desktop + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' ${D}${PYTHON_SITEPACKAGES_DIR}/catfish_lib/catfishconfig.py + rm -f ${D}${PYTHON_SITEPACKAGES_DIR}/catfish_lib/__pycache__/catfishconfig.*.pyc +} diff --git a/poky/meta-poky/conf/distro/poky.conf b/poky/meta-poky/conf/distro/poky.conf index 0cea4ce465..50ce6ec36d 100644 --- a/poky/meta-poky/conf/distro/poky.conf +++ b/poky/meta-poky/conf/distro/poky.conf @@ -1,7 +1,7 @@ DISTRO = "poky" DISTRO_NAME = "Poky (Yocto Project Reference Distro)" #DISTRO_VERSION = "3.4+snapshot-${METADATA_REVISION}" -DISTRO_VERSION = "4.0.2" +DISTRO_VERSION = "4.0.3" DISTRO_CODENAME = "kirkstone" SDK_VENDOR = "-pokysdk" SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}" diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend index 4f4ec0f210..bec8319c34 100644 --- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend +++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend @@ -7,17 +7,17 @@ KMACHINE:genericx86 ?= "common-pc" KMACHINE:genericx86-64 ?= "common-pc-64" KMACHINE:beaglebone-yocto ?= "beaglebone" -SRCREV_machine:genericx86 ?= "c0b313d988a16b25c1ee730bfe7393c462ee8a5c" -SRCREV_machine:genericx86-64 ?= "c0b313d988a16b25c1ee730bfe7393c462ee8a5c" -SRCREV_machine:edgerouter ?= "4ab94e777d8b41ee1ee4c279259e9733bc8049b1" -SRCREV_machine:beaglebone-yocto ?= "941cc9c3849f96f7eaf109b1e35e05ba366aca56" +SRCREV_machine:genericx86 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" +SRCREV_machine:genericx86-64 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" +SRCREV_machine:edgerouter ?= "7c9332d91089ee63581be6cd3e7197c9d3e9a883" +SRCREV_machine:beaglebone-yocto ?= "3c44f12b9de336579d00ac0105852f4cbf7e8b7d" COMPATIBLE_MACHINE:genericx86 = "genericx86" COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64" COMPATIBLE_MACHINE:edgerouter = "edgerouter" COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto" -LINUX_VERSION:genericx86 = "5.10.99" -LINUX_VERSION:genericx86-64 = "5.10.99" -LINUX_VERSION:edgerouter = "5.10.63" -LINUX_VERSION:beaglebone-yocto = "5.10.63" +LINUX_VERSION:genericx86 = "5.10.130" +LINUX_VERSION:genericx86-64 = "5.10.130" +LINUX_VERSION:edgerouter = "5.10.130" +LINUX_VERSION:beaglebone-yocto = "5.10.130" diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend index 85d02a46e4..a5c0ecdbd9 100644 --- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend +++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend @@ -7,17 +7,17 @@ KMACHINE:genericx86 ?= "common-pc" KMACHINE:genericx86-64 ?= "common-pc-64" KMACHINE:beaglebone-yocto ?= "beaglebone" -SRCREV_machine:genericx86 ?= "ebfb1822e9f9726d8c587fc0f60cfed43fa0873e" -SRCREV_machine:genericx86-64 ?= "ebfb1822e9f9726d8c587fc0f60cfed43fa0873e" -SRCREV_machine:edgerouter ?= "b978686694c3e41968821d6cc2a2a371fd9c2fb0" -SRCREV_machine:beaglebone-yocto ?= "4c875cf1376178dfab4913aa1350cab50bb093d3" +SRCREV_machine:genericx86 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" +SRCREV_machine:genericx86-64 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" +SRCREV_machine:edgerouter ?= "90f1ee6589264545f548d731c2480b08a007230f" +SRCREV_machine:beaglebone-yocto ?= "9aabbaa89fcb21af7028e814c1f5b61171314d5a" COMPATIBLE_MACHINE:genericx86 = "genericx86" COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64" COMPATIBLE_MACHINE:edgerouter = "edgerouter" COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto" -LINUX_VERSION:genericx86 = "5.15.36" -LINUX_VERSION:genericx86-64 = "5.15.36" -LINUX_VERSION:edgerouter = "5.15.36" -LINUX_VERSION:beaglebone-yocto = "5.15.36" +LINUX_VERSION:genericx86 = "5.15.54" +LINUX_VERSION:genericx86-64 = "5.15.54" +LINUX_VERSION:edgerouter = "5.15.54" +LINUX_VERSION:beaglebone-yocto = "5.15.54" diff --git a/poky/meta/classes/base.bbclass b/poky/meta/classes/base.bbclass index 0cf27fbb91..cb9da78ab6 100644 --- a/poky/meta/classes/base.bbclass +++ b/poky/meta/classes/base.bbclass @@ -208,6 +208,7 @@ addtask do_deploy_source_date_epoch_setscene addtask do_deploy_source_date_epoch before do_configure after do_patch python create_source_date_epoch_stamp() { + # Version: 1 source_date_epoch = oe.reproducible.get_source_date_epoch(d, d.getVar('S')) oe.reproducible.epochfile_write(source_date_epoch, d.getVar('SDE_FILE'), d) } diff --git a/poky/meta/classes/gobject-introspection-data.bbclass b/poky/meta/classes/gobject-introspection-data.bbclass index 2ef684626a..d90cdb4839 100644 --- a/poky/meta/classes/gobject-introspection-data.bbclass +++ b/poky/meta/classes/gobject-introspection-data.bbclass @@ -5,3 +5,8 @@ # so that qemu use can be avoided when necessary. GI_DATA_ENABLED ?= "${@bb.utils.contains('DISTRO_FEATURES', 'gobject-introspection-data', \ bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'True', 'False', d), 'False', d)}" + +do_compile:prepend() { + # This prevents g-ir-scanner from writing cache data to $HOME + export GI_SCANNER_DISABLE_CACHE=1 +} diff --git a/poky/meta/classes/kernel.bbclass b/poky/meta/classes/kernel.bbclass index 8299b394a7..c29bd3d5f3 100644 --- a/poky/meta/classes/kernel.bbclass +++ b/poky/meta/classes/kernel.bbclass @@ -629,7 +629,7 @@ kernel_do_configure() { do_savedefconfig() { bbplain "Saving defconfig to:\n${B}/defconfig" - oe_runmake -C ${B} savedefconfig + oe_runmake -C ${B} LD='${KERNEL_LD}' savedefconfig } do_savedefconfig[nostamp] = "1" addtask savedefconfig after do_configure diff --git a/poky/meta/classes/rootfs-postcommands.bbclass b/poky/meta/classes/rootfs-postcommands.bbclass index fc179613fb..a59d9b5878 100644 --- a/poky/meta/classes/rootfs-postcommands.bbclass +++ b/poky/meta/classes/rootfs-postcommands.bbclass @@ -305,7 +305,7 @@ rootfs_trim_schemas () { } rootfs_check_host_user_contaminated () { - contaminated="${WORKDIR}/host-user-contaminated.txt" + contaminated="${S}/host-user-contaminated.txt" HOST_USER_UID="$(PSEUDO_UNLOAD=1 id -u)" HOST_USER_GID="$(PSEUDO_UNLOAD=1 id -g)" diff --git a/poky/meta/lib/oe/package_manager/ipk/__init__.py b/poky/meta/lib/oe/package_manager/ipk/__init__.py index 4cd3963111..9f60f3abcc 100644 --- a/poky/meta/lib/oe/package_manager/ipk/__init__.py +++ b/poky/meta/lib/oe/package_manager/ipk/__init__.py @@ -102,12 +102,14 @@ class OpkgDpkgPM(PackageManager): This method extracts the common parts for Opkg and Dpkg """ - try: - output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True).decode("utf-8") - except subprocess.CalledProcessError as e: + proc = subprocess.run(cmd, capture_output=True, encoding="utf-8", shell=True) + if proc.returncode: bb.fatal("Unable to list available packages. Command '%s' " - "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8"))) - return opkg_query(output) + "returned %d:\n%s" % (cmd, proc.returncode, proc.stderr)) + elif proc.stderr: + bb.note("Command '%s' returned stderr: %s" % (cmd, proc.stderr)) + + return opkg_query(proc.stdout) def extract(self, pkg, pkg_info): """ @@ -443,15 +445,16 @@ class OpkgPM(OpkgDpkgPM): cmd = "%s %s --noaction install %s " % (self.opkg_cmd, opkg_args, ' '.join(pkgs)) - try: - output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True) - except subprocess.CalledProcessError as e: + proc = subprocess.run(cmd, capture_output=True, encoding="utf-8", shell=True) + if proc.returncode: bb.fatal("Unable to dummy install packages. Command '%s' " - "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8"))) + "returned %d:\n%s" % (cmd, proc.returncode, proc.stderr)) + elif proc.stderr: + bb.note("Command '%s' returned stderr: %s" % (cmd, proc.stderr)) bb.utils.remove(temp_rootfs, True) - return output + return proc.stdout def backup_packaging_data(self): # Save the opkglib for increment ipk image generation diff --git a/poky/meta/lib/oe/reproducible.py b/poky/meta/lib/oe/reproducible.py index 35b8be6d08..2e815df190 100644 --- a/poky/meta/lib/oe/reproducible.py +++ b/poky/meta/lib/oe/reproducible.py @@ -152,7 +152,6 @@ def fixed_source_date_epoch(d): def get_source_date_epoch(d, sourcedir): return ( get_source_date_epoch_from_git(d, sourcedir) or - get_source_date_epoch_from_known_files(d, sourcedir) or get_source_date_epoch_from_youngest_file(d, sourcedir) or fixed_source_date_epoch(d) # Last resort ) diff --git a/poky/meta/lib/oe/sstatesig.py b/poky/meta/lib/oe/sstatesig.py index 7150bd0929..de65244932 100644 --- a/poky/meta/lib/oe/sstatesig.py +++ b/poky/meta/lib/oe/sstatesig.py @@ -24,10 +24,19 @@ def sstate_rundepfilter(siggen, fn, recipename, task, dep, depname, dataCaches): return "/allarch.bbclass" in inherits def isImage(mc, fn): return "/image.bbclass" in " ".join(dataCaches[mc].inherits[fn]) + def isSPDXTask(task): + return task in ("do_create_spdx", "do_create_runtime_spdx") depmc, _, deptaskname, depmcfn = bb.runqueue.split_tid_mcfn(dep) mc, _ = bb.runqueue.split_mc(fn) + # Keep all dependencies between SPDX tasks in the signature. SPDX documents + # are linked together by hashes, which means if a dependent document changes, + # all downstream documents must be re-written (even if they are "safe" + # dependencies). + if isSPDXTask(task) and isSPDXTask(deptaskname): + return True + # (Almost) always include our own inter-task dependencies (unless it comes # from a mcdepends). The exception is the special # do_kernel_configme->do_unpack_and_patch dependency from archiver.bbclass. diff --git a/poky/meta/lib/oeqa/runtime/cases/rt.py b/poky/meta/lib/oeqa/runtime/cases/rt.py new file mode 100644 index 0000000000..849ac1914e --- /dev/null +++ b/poky/meta/lib/oeqa/runtime/cases/rt.py @@ -0,0 +1,17 @@ +# +# SPDX-License-Identifier: MIT +# + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends + +class RtTest(OERuntimeTestCase): + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_is_rt(self): + """ + Check that the kernel has CONFIG_PREEMPT_RT enabled. + """ + status, output = self.target.run("uname -a") + self.assertEqual(status, 0, msg=output) + # Split so we don't get a substring false-positive + self.assertIn("PREEMPT_RT", output.split()) diff --git a/poky/meta/recipes-bsp/efivar/efivar/0001-Fix-invalid-free-in-main.patch b/poky/meta/recipes-bsp/efivar/efivar/0001-Fix-invalid-free-in-main.patch new file mode 100644 index 0000000000..7e63df578e --- /dev/null +++ b/poky/meta/recipes-bsp/efivar/efivar/0001-Fix-invalid-free-in-main.patch @@ -0,0 +1,30 @@ +From 085f027e9e9f1478f68ddda705f83b244ee3bd88 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood <rharwood@redhat.com> +Date: Mon, 18 Apr 2022 13:08:18 -0400 +Subject: [PATCH] Fix invalid free in main() + +data is allocated by mmap() in prepare_data(). + +Resolves: #173 +Signed-off-by: Robbie Harwood <rharwood@redhat.com> +Upstream-Status: Backport +Link: https://github.com/rhboot/efivar/commit/6be2cb1c0139ac177e754b0767abf1ca1533847f +Signed-off-by: Grygorii Tertychnyi <grygorii.tertychnyi@leica-geosystems.com> + +--- + src/efivar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/efivar.c b/src/efivar.c +index 5cd1eb2bc73c..09f85edd0a38 100644 +--- a/src/efivar.c ++++ b/src/efivar.c +@@ -633,7 +633,7 @@ int main(int argc, char *argv[]) + if (sz < 0) + err(1, "Could not import data from \"%s\"", infile); + +- free(data); ++ munmap(data, data_size); + data = NULL; + data_size = 0; + diff --git a/poky/meta/recipes-bsp/efivar/efivar_38.bb b/poky/meta/recipes-bsp/efivar/efivar_38.bb index 53fe20a95b..42625fa041 100644 --- a/poky/meta/recipes-bsp/efivar/efivar_38.bb +++ b/poky/meta/recipes-bsp/efivar/efivar_38.bb @@ -11,6 +11,7 @@ SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=main;protocol=https \ file://0001-docs-do-not-build-efisecdb-manpage.patch \ file://0001-src-Makefile-build-util.c-separately-for-makeguids.patch \ file://efisecdb-fix-build-with-musl-libc.patch \ + file://0001-Fix-invalid-free-in-main.patch \ " SRCREV = "1753149d4176ebfb2b135ac0aaf79340bf0e7a93" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch index ec1bc7b567..ec1bc7b567 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-avoid-start-failure-with-bind-user.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch index 4c10f33f04..4c10f33f04 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch index f1abd179e8..f1abd179e8 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 index 968679ff7f..968679ff7f 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/bind9 +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch index aa3642acec..aa3642acec 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/conf.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh index 633e29c0e6..633e29c0e6 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/generate-rndc-key.sh +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch index 11db95ede1..11db95ede1 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/init.d-add-support-for-read-only-rootfs.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch index 146f3e35db..146f3e35db 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.2/named.service b/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service index cda56ef015..cda56ef015 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.2/named.service +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.2.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb index 1c77aceb9f..c3efaffeda 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.18.2.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb @@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "2e4b38779bba0a23ee634fdf7c525fd9794c41d692bfd83cda25823a2a3ed969" +SRC_URI[sha256sum] = "f277ae50159a00c300eb926a9c5d51953038a936bd8242d6913dfb6eac42761d" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # follow the ESV versions divisible by 2 @@ -46,8 +46,6 @@ EXTRA_OECONF = " --disable-devpoll --disable-auto-validation --enable-epoll \ " LDFLAGS:append = " -lz" -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native setuptools3-base', '', d)} - # dhcp needs .la so keep them REMOVE_LIBTOOL_LA = "0" @@ -67,12 +65,6 @@ do_install:append() { install -d "${D}${sysconfdir}/init.d" install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then - sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ - ${D}${sbindir}/dnssec-coverage \ - ${D}${sbindir}/dnssec-checkds \ - ${D}${sbindir}/dnssec-keymgr - fi # Install systemd related files install -d ${D}${sbindir} @@ -119,9 +111,4 @@ FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" FILES:${PN}-staticdev += "${libdir}/*.la" -PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" -FILES:python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ - ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" - RDEPENDS:${PN}-dev = "" -RDEPENDS:python3-bind = "python3-core python3-ply" diff --git a/poky/meta/recipes-connectivity/libuv/libuv_1.44.1.bb b/poky/meta/recipes-connectivity/libuv/libuv_1.44.2.bb index 4c96d80a65..4c1b8eed56 100644 --- a/poky/meta/recipes-connectivity/libuv/libuv_1.44.1.bb +++ b/poky/meta/recipes-connectivity/libuv/libuv_1.44.2.bb @@ -5,7 +5,7 @@ BUGTRACKER = "https://github.com/libuv/libuv/issues" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=ad93ca1fffe931537fcf64f6fcce084d" -SRCREV = "e8b7eb6908a847ffbe6ab2eec7428e43a0aa53a2" +SRCREV = "0c1fa696aa502eb749c2c4735005f41ba00a27b8" SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index a3a0016ce5..e4446280d9 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_8.9p1.bb @@ -160,7 +160,7 @@ FILES:${PN}-sftp-server = "${libexecdir}/sftp-server" FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" FILES:${PN}-keygen = "${bindir}/ssh-keygen" -RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" +RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen ${PN}-sftp-server" RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" RRECOMMENDS:${PN}-sshd:append:class-target = "\ ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \ diff --git a/poky/meta/recipes-core/glibc/glibc-version.inc b/poky/meta/recipes-core/glibc/glibc-version.inc index 99017ce1d4..ccb41e5af6 100644 --- a/poky/meta/recipes-core/glibc/glibc-version.inc +++ b/poky/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.35/master" PV = "2.35" -SRCREV_glibc ?= "b6aade18a7e5719c942aa2da6cf3157aca993fa4" +SRCREV_glibc ?= "0e5b239f45992e4b54c6f946ecb0c410afc8bb08" SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/poky/meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch b/poky/meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch new file mode 100644 index 0000000000..2421a63605 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch @@ -0,0 +1,128 @@ +From 6b8959add09e425df262bf9178b39ca35bc4003c Mon Sep 17 00:00:00 2001 +From: Martin Jansa <Martin.Jansa@gmail.com> +Date: Sun, 24 Jul 2022 19:41:41 +0200 +Subject: [PATCH] Revert "Linux: Implement a useful version of _startup_fatal" + +This reverts commit 2d05ba7f8ef979947e910a37ae8115a816eb4d08. +Upstream-Status: Inappropriate [temporary work around] + +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> + +--- + sysdeps/unix/sysv/linux/i386/startup.h | 23 ++++++++++++--- + sysdeps/unix/sysv/linux/ia64/startup.h | 22 --------------- + sysdeps/unix/sysv/linux/startup.h | 39 -------------------------- + 3 files changed, 19 insertions(+), 65 deletions(-) + delete mode 100644 sysdeps/unix/sysv/linux/ia64/startup.h + delete mode 100644 sysdeps/unix/sysv/linux/startup.h + +diff --git a/sysdeps/unix/sysv/linux/i386/startup.h b/sysdeps/unix/sysv/linux/i386/startup.h +index 213805d7d2..67c9310f3a 100644 +--- a/sysdeps/unix/sysv/linux/i386/startup.h ++++ b/sysdeps/unix/sysv/linux/i386/startup.h +@@ -1,5 +1,5 @@ + /* Linux/i386 definitions of functions used by static libc main startup. +- Copyright (C) 2022 Free Software Foundation, Inc. ++ Copyright (C) 2017-2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -16,7 +16,22 @@ + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +-/* Can't use "call *%gs:SYSINFO_OFFSET" during startup. */ +-#define I386_USE_SYSENTER 0 ++#if BUILD_PIE_DEFAULT ++/* Can't use "call *%gs:SYSINFO_OFFSET" during statup in static PIE. */ ++# define I386_USE_SYSENTER 0 + +-#include_next <startup.h> ++# include <sysdep.h> ++# include <abort-instr.h> ++ ++__attribute__ ((__noreturn__)) ++static inline void ++_startup_fatal (const char *message __attribute__ ((unused))) ++{ ++ /* This is only called very early during startup in static PIE. ++ FIXME: How can it be improved? */ ++ ABORT_INSTRUCTION; ++ __builtin_unreachable (); ++} ++#else ++# include_next <startup.h> ++#endif +diff --git a/sysdeps/unix/sysv/linux/ia64/startup.h b/sysdeps/unix/sysv/linux/ia64/startup.h +deleted file mode 100644 +index 77f29f15a2..0000000000 +--- a/sysdeps/unix/sysv/linux/ia64/startup.h ++++ /dev/null +@@ -1,22 +0,0 @@ +-/* Linux/ia64 definitions of functions used by static libc main startup. +- Copyright (C) 2022 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library; if not, see +- <https://www.gnu.org/licenses/>. */ +- +-/* This code is used before the TCB is set up. */ +-#define IA64_USE_NEW_STUB 0 +- +-#include_next <startup.h> +diff --git a/sysdeps/unix/sysv/linux/startup.h b/sysdeps/unix/sysv/linux/startup.h +deleted file mode 100644 +index 39859b404a..0000000000 +--- a/sysdeps/unix/sysv/linux/startup.h ++++ /dev/null +@@ -1,39 +0,0 @@ +-/* Linux definitions of functions used by static libc main startup. +- Copyright (C) 2017-2022 Free Software Foundation, Inc. +- This file is part of the GNU C Library. +- +- The GNU C Library is free software; you can redistribute it and/or +- modify it under the terms of the GNU Lesser General Public +- License as published by the Free Software Foundation; either +- version 2.1 of the License, or (at your option) any later version. +- +- The GNU C Library is distributed in the hope that it will be useful, +- but WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- Lesser General Public License for more details. +- +- You should have received a copy of the GNU Lesser General Public +- License along with the GNU C Library; if not, see +- <https://www.gnu.org/licenses/>. */ +- +-#ifdef SHARED +-# include_next <startup.h> +-#else +-# include <sysdep.h> +- +-/* Avoid a run-time invocation of strlen. */ +-#define _startup_fatal(message) \ +- do \ +- { \ +- size_t __message_length = __builtin_strlen (message); \ +- if (! __builtin_constant_p (__message_length)) \ +- { \ +- extern void _startup_fatal_not_constant (void); \ +- _startup_fatal_not_constant (); \ +- } \ +- INTERNAL_SYSCALL_CALL (write, STDERR_FILENO, (message), \ +- __message_length); \ +- INTERNAL_SYSCALL_CALL (exit_group, 127); \ +- } \ +- while (0) +-#endif /* !SHARED */ diff --git a/poky/meta/recipes-core/glibc/glibc_2.35.bb b/poky/meta/recipes-core/glibc/glibc_2.35.bb index 96fe39c548..df847e76bf 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.35.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.35.bb @@ -48,6 +48,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0022-sysdeps-gnu-configure.ac-Set-libc_cv_rootsbindir-onl.patch \ file://0023-timezone-Make-shell-interpreter-overridable-in-tzsel.patch \ file://0024-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \ + \ + file://0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 398481aef7..7acdd8c2ef 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx" inherit core-image setuptools3 -SRCREV ?= "213f174999a16daee955296162e62fa3386f841d" +SRCREV ?= "60171200800c62820c9275b50c703e53ed6e7b28" SRC_URI = "git://git.yoctoproject.org/poky;branch=kirkstone \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/poky/meta/recipes-core/initscripts/initscripts_1.0.bb b/poky/meta/recipes-core/initscripts/initscripts_1.0.bb index 2244d1b292..7c9d9ca4f1 100644 --- a/poky/meta/recipes-core/initscripts/initscripts_1.0.bb +++ b/poky/meta/recipes-core/initscripts/initscripts_1.0.bb @@ -130,7 +130,7 @@ do_install () { update-rc.d -r ${D} rmnologin.sh start 99 2 3 4 5 . update-rc.d -r ${D} sendsigs start 20 0 6 . update-rc.d -r ${D} urandom start 38 S 0 6 . - update-rc.d -r ${D} umountnfs.sh start 31 0 1 6 . + update-rc.d -r ${D} umountnfs.sh stop 31 0 1 6 . update-rc.d -r ${D} umountfs start 40 0 6 . update-rc.d -r ${D} reboot start 90 6 . update-rc.d -r ${D} halt start 90 0 . diff --git a/poky/meta/recipes-core/systemd/systemd_250.5.bb b/poky/meta/recipes-core/systemd/systemd_250.5.bb index 006b2f86ea..9923312830 100644 --- a/poky/meta/recipes-core/systemd/systemd_250.5.bb +++ b/poky/meta/recipes-core/systemd/systemd_250.5.bb @@ -779,7 +779,7 @@ pkg_prerm:${PN}:libc-glibc () { PACKAGE_WRITE_DEPS += "qemu-native" pkg_postinst:udev-hwdb () { if test -n "$D"; then - $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" base_bindir="${base_bindir}" else udevadm hwdb --update fi diff --git a/poky/meta/recipes-core/udev/udev-extraconf/mount.sh b/poky/meta/recipes-core/udev/udev-extraconf/mount.sh index 43acb3a7a0..b7e86dbc0e 100644 --- a/poky/meta/recipes-core/udev/udev-extraconf/mount.sh +++ b/poky/meta/recipes-core/udev/udev-extraconf/mount.sh @@ -89,7 +89,7 @@ automount_systemd() { rm_dir "$MOUNT_BASE/$name" else logger "mount.sh/automount" "Auto-mount of [$MOUNT_BASE/$name] successful" - touch "/tmp/.automount-$name" + echo "$name" > "/tmp/.automount-$name" fi } diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.38.inc b/poky/meta/recipes-devtools/binutils/binutils-2.38.inc index 742ca86379..eed252976a 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -18,7 +18,7 @@ SRCBRANCH ?= "binutils-2_38-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)" -SRCREV ?= "eed56ee299b9ef8754bb4e53f2e9cf2a7c28c04d" +SRCREV ?= "5c0b4ee406035917d0e50aa138194fab57ae6bf8" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=git" SRC_URI = "\ ${BINUTILS_GIT_URI} \ diff --git a/poky/meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch b/poky/meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch new file mode 100644 index 0000000000..d249d854fb --- /dev/null +++ b/poky/meta/recipes-devtools/dpkg/dpkg/0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch @@ -0,0 +1,328 @@ +From 6d8a6799639f8853a2af1f9036bc70fddbfdd2a2 Mon Sep 17 00:00:00 2001 +From: Guillem Jover <guillem@debian.org> +Date: Tue, 3 May 2022 02:09:32 +0200 +Subject: [PATCH] Dpkg::Source::Archive: Prevent directory traversal for + in-place extracts + +For untrusted v2 and v3 source package formats that include a debian.tar +archive, when we are extracting it, we do that as an in-place extraction, +which can lead to directory traversal situations on specially crafted +orig.tar and debian.tar tarballs. + +GNU tar replaces entries on the filesystem by the entries present on +the tarball, but it will follow symlinks when the symlink pathname +itself is not present as an actual directory on the tarball. + +This means we can create an orig.tar where there's a symlink pointing +out of the source tree root directory, and then a debian.tar that +contains an entry within that symlink as if it was a directory, without +a directory entry for the symlink pathname itself, which will be +extracted following the symlink outside the source tree root. + +This is currently noted as expected in GNU tar documentation. But even +if there was a new extraction mode avoiding this problem we'd need such +new version. Using perl's Archive::Tar would solve the problem, but +switching to such different pure perl implementation, could cause +compatibility or performance issues. + +What we do is when we are requested to perform an in-place extract, we +instead still use a temporary directory, then walk that directory and +remove any matching entry in the destination directory, replicating what +GNU tar would do, but in addition avoiding the directory traversal issue +for symlinks. Which should work with any tar implementation and be safe. + +Reported-by: Max Justicz <max@justi.cz> +Stable-Candidates: 1.18.x 1.19.x 1.20.x +Fixes: commit 0c0057a27fecccab77d2b3cffa9a7d172846f0b4 (1.14.17) +Fixes: CVE-2022-1664 + +CVE: CVE-2022-1664 +Upstream-Status: Backport [7a6c03cb34d4a09f35df2f10779cbf1b70a5200b] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + scripts/Dpkg/Source/Archive.pm | 122 +++++++++++++++++++++++++------- + scripts/t/Dpkg_Source_Archive.t | 110 +++++++++++++++++++++++++++- + 2 files changed, 204 insertions(+), 28 deletions(-) + +diff --git a/scripts/Dpkg/Source/Archive.pm b/scripts/Dpkg/Source/Archive.pm +index 33c181b20..2ddd04af8 100644 +--- a/scripts/Dpkg/Source/Archive.pm ++++ b/scripts/Dpkg/Source/Archive.pm +@@ -21,9 +21,11 @@ use warnings; + our $VERSION = '0.01'; + + use Carp; ++use Errno qw(ENOENT); + use File::Temp qw(tempdir); + use File::Basename qw(basename); + use File::Spec; ++use File::Find; + use Cwd; + + use Dpkg (); +@@ -110,19 +112,13 @@ sub extract { + my %spawn_opts = (wait_child => 1); + + # Prepare destination +- my $tmp; +- if ($opts{in_place}) { +- $spawn_opts{chdir} = $dest; +- $tmp = $dest; # So that fixperms call works +- } else { +- my $template = basename($self->get_filename()) . '.tmp-extract.XXXXX'; +- unless (-e $dest) { +- # Kludge so that realpath works +- mkdir($dest) or syserr(g_('cannot create directory %s'), $dest); +- } +- $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1); +- $spawn_opts{chdir} = $tmp; ++ my $template = basename($self->get_filename()) . '.tmp-extract.XXXXX'; ++ unless (-e $dest) { ++ # Kludge so that realpath works ++ mkdir($dest) or syserr(g_('cannot create directory %s'), $dest); + } ++ my $tmp = tempdir($template, DIR => Cwd::realpath("$dest/.."), CLEANUP => 1); ++ $spawn_opts{chdir} = $tmp; + + # Prepare stuff that handles the input of tar + $self->ensure_open('r', delete_sig => [ 'PIPE' ]); +@@ -145,22 +141,94 @@ sub extract { + # have to be calculated using mount options and other madness. + fixperms($tmp) unless $opts{no_fixperms}; + +- # Stop here if we extracted in-place as there's nothing to move around +- return if $opts{in_place}; +- +- # Rename extracted directory +- opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp); +- my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh); +- closedir($dir_dh); +- my $done = 0; +- erasedir($dest); +- if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { +- rename("$tmp/$entries[0]", $dest) +- or syserr(g_('unable to rename %s to %s'), +- "$tmp/$entries[0]", $dest); ++ # If we are extracting "in-place" do not remove the destination directory. ++ if ($opts{in_place}) { ++ my $canon_basedir = Cwd::realpath($dest); ++ # On Solaris /dev/null points to /devices/pseudo/mm@0:null. ++ my $canon_devnull = Cwd::realpath('/dev/null'); ++ my $check_symlink = sub { ++ my $pathname = shift; ++ my $canon_pathname = Cwd::realpath($pathname); ++ if (not defined $canon_pathname) { ++ return if $! == ENOENT; ++ ++ syserr(g_("pathname '%s' cannot be canonicalized"), $pathname); ++ } ++ return if $canon_pathname eq $canon_devnull; ++ return if $canon_pathname eq $canon_basedir; ++ return if $canon_pathname =~ m{^\Q$canon_basedir/\E}; ++ warning(g_("pathname '%s' points outside source root (to '%s')"), ++ $pathname, $canon_pathname); ++ }; ++ ++ my $move_in_place = sub { ++ my $relpath = File::Spec->abs2rel($File::Find::name, $tmp); ++ my $destpath = File::Spec->catfile($dest, $relpath); ++ ++ my ($mode, $atime, $mtime); ++ lstat $File::Find::name ++ or syserr(g_('cannot get source pathname %s metadata'), $File::Find::name); ++ ((undef) x 2, $mode, (undef) x 5, $atime, $mtime) = lstat _; ++ my $src_is_dir = -d _; ++ ++ my $dest_exists = 1; ++ if (not lstat $destpath) { ++ if ($! == ENOENT) { ++ $dest_exists = 0; ++ } else { ++ syserr(g_('cannot get target pathname %s metadata'), $destpath); ++ } ++ } ++ my $dest_is_dir = -d _; ++ if ($dest_exists) { ++ if ($dest_is_dir && $src_is_dir) { ++ # Refresh the destination directory attributes with the ++ # ones from the tarball. ++ chmod $mode, $destpath ++ or syserr(g_('cannot change directory %s mode'), $File::Find::name); ++ utime $atime, $mtime, $destpath ++ or syserr(g_('cannot change directory %s times'), $File::Find::name); ++ ++ # We should do nothing, and just walk further tree. ++ return; ++ } elsif ($dest_is_dir) { ++ rmdir $destpath ++ or syserr(g_('cannot remove destination directory %s'), $destpath); ++ } else { ++ $check_symlink->($destpath); ++ unlink $destpath ++ or syserr(g_('cannot remove destination file %s'), $destpath); ++ } ++ } ++ # If we are moving a directory, we do not need to walk it. ++ if ($src_is_dir) { ++ $File::Find::prune = 1; ++ } ++ rename $File::Find::name, $destpath ++ or syserr(g_('cannot move %s to %s'), $File::Find::name, $destpath); ++ }; ++ ++ find({ ++ wanted => $move_in_place, ++ no_chdir => 1, ++ dangling_symlinks => 0, ++ }, $tmp); + } else { +- rename($tmp, $dest) +- or syserr(g_('unable to rename %s to %s'), $tmp, $dest); ++ # Rename extracted directory ++ opendir(my $dir_dh, $tmp) or syserr(g_('cannot opendir %s'), $tmp); ++ my @entries = grep { $_ ne '.' && $_ ne '..' } readdir($dir_dh); ++ closedir($dir_dh); ++ ++ erasedir($dest); ++ ++ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) { ++ rename("$tmp/$entries[0]", $dest) ++ or syserr(g_('unable to rename %s to %s'), ++ "$tmp/$entries[0]", $dest); ++ } else { ++ rename($tmp, $dest) ++ or syserr(g_('unable to rename %s to %s'), $tmp, $dest); ++ } + } + erasedir($tmp); + } +diff --git a/scripts/t/Dpkg_Source_Archive.t b/scripts/t/Dpkg_Source_Archive.t +index 7b70da68e..504fbe1d4 100644 +--- a/scripts/t/Dpkg_Source_Archive.t ++++ b/scripts/t/Dpkg_Source_Archive.t +@@ -16,12 +16,120 @@ + use strict; + use warnings; + +-use Test::More tests => 1; ++use Test::More tests => 4; ++use Test::Dpkg qw(:paths); ++ ++use File::Spec; ++use File::Path qw(make_path rmtree); + + BEGIN { + use_ok('Dpkg::Source::Archive'); + } + ++use Dpkg; ++ ++my $tmpdir = test_get_temp_path(); ++ ++rmtree($tmpdir); ++ ++sub test_touch ++{ ++ my ($name, $data) = @_; ++ ++ open my $fh, '>', $name ++ or die "cannot touch file $name\n"; ++ print { $fh } $data if $data; ++ close $fh; ++} ++ ++sub test_path_escape ++{ ++ my $name = shift; ++ ++ my $treedir = File::Spec->rel2abs("$tmpdir/$name-tree"); ++ my $overdir = File::Spec->rel2abs("$tmpdir/$name-overlay"); ++ my $outdir = "$tmpdir/$name-out"; ++ my $expdir = "$tmpdir/$name-exp"; ++ ++ # This is the base directory, where we are going to be extracting stuff ++ # into, which include traps. ++ make_path("$treedir/subdir-a"); ++ test_touch("$treedir/subdir-a/file-a"); ++ test_touch("$treedir/subdir-a/file-pre-a"); ++ make_path("$treedir/subdir-b"); ++ test_touch("$treedir/subdir-b/file-b"); ++ test_touch("$treedir/subdir-b/file-pre-b"); ++ symlink File::Spec->abs2rel($outdir, $treedir), "$treedir/symlink-escape"; ++ symlink File::Spec->abs2rel("$outdir/nonexistent", $treedir), "$treedir/symlink-nonexistent"; ++ symlink "$treedir/file", "$treedir/symlink-within"; ++ test_touch("$treedir/supposed-dir"); ++ ++ # This is the overlay directory, which we'll pack and extract over the ++ # base directory. ++ make_path($overdir); ++ make_path("$overdir/subdir-a/aa"); ++ test_touch("$overdir/subdir-a/aa/file-aa", 'aa'); ++ test_touch("$overdir/subdir-a/file-a", 'a'); ++ make_path("$overdir/subdir-b/bb"); ++ test_touch("$overdir/subdir-b/bb/file-bb", 'bb'); ++ test_touch("$overdir/subdir-b/file-b", 'b'); ++ make_path("$overdir/symlink-escape"); ++ test_touch("$overdir/symlink-escape/escaped-file", 'escaped'); ++ test_touch("$overdir/symlink-nonexistent", 'nonexistent'); ++ make_path("$overdir/symlink-within"); ++ make_path("$overdir/supposed-dir"); ++ test_touch("$overdir/supposed-dir/supposed-file", 'something'); ++ ++ # Generate overlay tar. ++ system($Dpkg::PROGTAR, '-cf', "$overdir.tar", '-C', $overdir, qw( ++ subdir-a subdir-b ++ symlink-escape/escaped-file symlink-nonexistent symlink-within ++ supposed-dir ++ )) == 0 ++ or die "cannot create overlay tar archive\n"; ++ ++ # This is the expected directory, which we'll be comparing against. ++ make_path($expdir); ++ system('cp', '-a', $overdir, $expdir) == 0 ++ or die "cannot copy overlay hierarchy into expected directory\n"; ++ ++ # Store the expected and out reference directories into a tar to compare ++ # its structure against the result reference. ++ system($Dpkg::PROGTAR, '-cf', "$expdir.tar", '-C', $overdir, qw( ++ subdir-a subdir-b ++ symlink-escape/escaped-file symlink-nonexistent symlink-within ++ supposed-dir ++ ), '-C', $treedir, qw( ++ subdir-a/file-pre-a ++ subdir-b/file-pre-b ++ )) == 0 ++ or die "cannot create expected tar archive\n"; ++ ++ # This directory is supposed to remain empty, anything inside implies a ++ # directory traversal. ++ make_path($outdir); ++ ++ my $warnseen; ++ local $SIG{__WARN__} = sub { $warnseen = $_[0] }; ++ ++ # Perform the extraction. ++ my $tar = Dpkg::Source::Archive->new(filename => "$overdir.tar"); ++ $tar->extract($treedir, in_place => 1); ++ ++ # Store the result into a tar to compare its structure against a reference. ++ system($Dpkg::PROGTAR, '-cf', "$treedir.tar", '-C', $treedir, '.'); ++ ++ # Check results ++ ok(length $warnseen && $warnseen =~ m/points outside source root/, ++ 'expected warning seen'); ++ ok(system($Dpkg::PROGTAR, '--compare', '-f', "$expdir.tar", '-C', $treedir) == 0, ++ 'expected directory matches'); ++ ok(! -e "$outdir/escaped-file", ++ 'expected output directory is empty, directory traversal'); ++} ++ ++test_path_escape('in-place'); ++ + # TODO: Add actual test cases. + + 1; +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb b/poky/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb index 681909f0bf..7ef6233ee4 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb +++ b/poky/meta/recipes-devtools/dpkg/dpkg_1.21.4.bb @@ -14,6 +14,7 @@ SRC_URI = "git://salsa.debian.org/dpkg-team/dpkg.git;protocol=https;branch=main file://0001-dpkg-Support-muslx32-build.patch \ file://pager.patch \ file://0001-Add-support-for-riscv32-CPU.patch \ + file://0001-Dpkg-Source-Archive-Prevent-directory-traversal-for-.patch \ " SRC_URI:append:class-native = " file://0001-build.c-ignore-return-of-1-from-tar-cf.patch" diff --git a/poky/meta/recipes-devtools/gcc/gcc-11.3.inc b/poky/meta/recipes-devtools/gcc/gcc-11.3.inc index acbb43a25f..2cebeb2bc8 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-11.3.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-11.3.inc @@ -59,7 +59,7 @@ SRC_URI = "\ file://0027-libatomic-Do-not-enforce-march-on-aarch64.patch \ file://0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch \ file://0029-Fix-install-path-of-linux64.h.patch \ - \ + file://0030-rust-recursion-limit.patch \ file://0001-CVE-2021-42574.patch \ file://0002-CVE-2021-42574.patch \ file://0003-CVE-2021-42574.patch \ diff --git a/poky/meta/recipes-devtools/gcc/gcc-runtime.inc b/poky/meta/recipes-devtools/gcc/gcc-runtime.inc index c85b5888d4..8074bf1025 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-runtime.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-runtime.inc @@ -68,8 +68,7 @@ do_configure () { # libstdc++ isn't built yet so CXX would error not able to find it which breaks stdc++'s configure # tests. Create a dummy empty lib for the purposes of configure. mkdir -p ${WORKDIR}/dummylib - touch ${WORKDIR}/dummylib/dummylib.c - ${CC} ${WORKDIR}/dummylib/dummylib.c -shared -o ${WORKDIR}/dummylib/libstdc++.so + ${CC} -x c /dev/null -nostartfiles -shared -o ${WORKDIR}/dummylib/libstdc++.so for d in libgcc ${RUNTIMETARGET}; do echo "Configuring $d" rm -rf ${B}/${TARGET_SYS}/$d/ diff --git a/poky/meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch b/poky/meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch new file mode 100644 index 0000000000..bbe2f18f6f --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0030-rust-recursion-limit.patch @@ -0,0 +1,92 @@ +From 9234cdca6ee88badfc00297e72f13dac4e540c79 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Fri, 1 Jul 2022 15:58:52 +0100 +Subject: [PATCH] Add a recursion limit to the demangle_const function in the + Rust demangler. + +libiberty/ + PR demangler/105039 + * rust-demangle.c (demangle_const): Add recursion limit. + +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79] +--- + libiberty/rust-demangle.c | 29 ++++++++++++++++++++--------- + 1 file changed, 20 insertions(+), 9 deletions(-) + +diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c +index bb58d900e27..36afcfae278 100644 +--- a/libiberty/rust-demangle.c ++++ b/libiberty/rust-demangle.c +@@ -126,7 +126,7 @@ parse_integer_62 (struct rust_demangler *rdm) + return 0; + + x = 0; +- while (!eat (rdm, '_')) ++ while (!eat (rdm, '_') && !rdm->errored) + { + c = next (rdm); + x *= 62; +@@ -1148,6 +1148,15 @@ demangle_const (struct rust_demangler *rdm) + if (rdm->errored) + return; + ++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT) ++ { ++ ++ rdm->recursion; ++ if (rdm->recursion > RUST_MAX_RECURSION_COUNT) ++ /* FIXME: There ought to be a way to report ++ that the recursion limit has been reached. */ ++ goto fail_return; ++ } ++ + if (eat (rdm, 'B')) + { + backref = parse_integer_62 (rdm); +@@ -1158,7 +1167,7 @@ demangle_const (struct rust_demangler *rdm) + demangle_const (rdm); + rdm->next = old_next; + } +- return; ++ goto pass_return; + } + + ty_tag = next (rdm); +@@ -1167,7 +1176,7 @@ demangle_const (struct rust_demangler *rdm) + /* Placeholder. */ + case 'p': + PRINT ("_"); +- return; ++ goto pass_return; + + /* Unsigned integer types. */ + case 'h': +@@ -1200,18 +1209,20 @@ demangle_const (struct rust_demangler *rdm) + break; + + default: +- rdm->errored = 1; +- return; ++ goto fail_return; + } + +- if (rdm->errored) +- return; +- +- if (rdm->verbose) ++ if (!rdm->errored && rdm->verbose) + { + PRINT (": "); + PRINT (basic_type (ty_tag)); + } ++ ++ fail_return: ++ rdm->errored = 1; ++ pass_return: ++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT) ++ -- rdm->recursion; + } + + static void +-- +2.31.1 + diff --git a/poky/meta/recipes-devtools/gcc/libgcc-common.inc b/poky/meta/recipes-devtools/gcc/libgcc-common.inc index d48dc8b823..31f629acaa 100644 --- a/poky/meta/recipes-devtools/gcc/libgcc-common.inc +++ b/poky/meta/recipes-devtools/gcc/libgcc-common.inc @@ -45,10 +45,14 @@ do_install () { } do_install:append:libc-baremetal () { - rmdir ${D}${base_libdir} + if [ "${base_libdir}" != "${libdir}" ]; then + rmdir ${D}${base_libdir} + fi } do_install:append:libc-newlib () { - rmdir ${D}${base_libdir} + if [ "${base_libdir}" != "${libdir}" ]; then + rmdir ${D}${base_libdir} + fi } # No rpm package is actually created but -dev depends on it, avoid dnf error diff --git a/poky/meta/recipes-devtools/git/git_2.35.3.bb b/poky/meta/recipes-devtools/git/git_2.35.4.bb index 794045c8b7..18f39875db 100644 --- a/poky/meta/recipes-devtools/git/git_2.35.3.bb +++ b/poky/meta/recipes-devtools/git/git_2.35.4.bb @@ -165,4 +165,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \ " EXTRA_OEMAKE += "NO_GETTEXT=1" -SRC_URI[tarball.sha256sum] = "cad708072d5c0b390c71651f5edb44143f00b357766973470bf9adebc0944c03" +SRC_URI[tarball.sha256sum] = "4970108bdc227e2c3687899f8fc7501c54c839dcc42f4d999ac9e3e3f52df583" diff --git a/poky/meta/recipes-devtools/go/go-1.17.10.inc b/poky/meta/recipes-devtools/go/go-1.17.12.inc index e71feb5d02..77a983f9d0 100644 --- a/poky/meta/recipes-devtools/go/go-1.17.10.inc +++ b/poky/meta/recipes-devtools/go/go-1.17.12.inc @@ -17,7 +17,7 @@ SRC_URI += "\ file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \ file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ " -SRC_URI[main.sha256sum] = "299e55af30f15691b015d8dcf8ecae72412412569e5b2ece20361753a456f2f9" +SRC_URI[main.sha256sum] = "0d51b5b3f280c0f01f534598c0219db5878f337da6137a9ee698777413607209" # Upstream don't believe it is a signifiant real world issue and will only # fix in 1.17 onwards where we can drop this. diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.17.10.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.17.12.bb index 0f49cebcb7..b034950721 100644 --- a/poky/meta/recipes-devtools/go/go-binary-native_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go-binary-native_1.17.12.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" PROVIDES = "go-native" SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "87fc728c9c731e2f74e4a999ef53cf07302d7ed3504b0839027bd9c10edaa3fd" -SRC_URI[go_linux_arm64.sha256sum] = "649141201efa7195403eb1301b95dc79c5b3e65968986a391da1370521701b0c" +SRC_URI[go_linux_amd64.sha256sum] = "6e5203fbdcade4aa4331e441fd2e1db8444681a6a6c72886a37ddd11caa415d4" +SRC_URI[go_linux_arm64.sha256sum] = "74a4832d0f150a2d768a6781553494ba84152e854ebef743c4092cd9d1f66a9f" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.12.bb index 7ac9449e47..7ac9449e47 100644 --- a/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go-cross-canadian_1.17.12.bb diff --git a/poky/meta/recipes-devtools/go/go-cross_1.17.10.bb b/poky/meta/recipes-devtools/go/go-cross_1.17.12.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/poky/meta/recipes-devtools/go/go-cross_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go-cross_1.17.12.bb diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.17.12.bb index 1857c8a577..1857c8a577 100644 --- a/poky/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go-crosssdk_1.17.12.bb diff --git a/poky/meta/recipes-devtools/go/go-native_1.17.10.bb b/poky/meta/recipes-devtools/go/go-native_1.17.12.bb index 76c0ab73a6..76c0ab73a6 100644 --- a/poky/meta/recipes-devtools/go/go-native_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go-native_1.17.12.bb diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.17.10.bb b/poky/meta/recipes-devtools/go/go-runtime_1.17.12.bb index 63464a1501..63464a1501 100644 --- a/poky/meta/recipes-devtools/go/go-runtime_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go-runtime_1.17.12.bb diff --git a/poky/meta/recipes-devtools/go/go_1.17.10.bb b/poky/meta/recipes-devtools/go/go_1.17.12.bb index 34dc89bb0c..34dc89bb0c 100644 --- a/poky/meta/recipes-devtools/go/go_1.17.10.bb +++ b/poky/meta/recipes-devtools/go/go_1.17.12.bb diff --git a/poky/meta/recipes-devtools/log4cplus/log4cplus_2.0.7.bb b/poky/meta/recipes-devtools/log4cplus/log4cplus_2.0.8.bb index 3798b93f76..bbf4ce6218 100644 --- a/poky/meta/recipes-devtools/log4cplus/log4cplus_2.0.7.bb +++ b/poky/meta/recipes-devtools/log4cplus/log4cplus_2.0.8.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=41e8e060c26822886b592ab4765c756b" SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}-stable/${PV}/${BP}.tar.gz \ " -SRC_URI[sha256sum] = "086451c7e7c582862cbd6c60d87bb6d9d63c4b65321dba85fa71766382f7ec6d" +SRC_URI[sha256sum] = "cdc3c738e00be84d8d03b580816b9f12628ecc1d71e1395080c802615d2d9ced" UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/log4cplus/files/log4cplus-stable/" UPSTREAM_CHECK_REGEX = "log4cplus-stable/(?P<pver>\d+(\.\d+)+)/" diff --git a/poky/meta/recipes-devtools/lua/lua/CVE-2022-33099.patch b/poky/meta/recipes-devtools/lua/lua/CVE-2022-33099.patch new file mode 100644 index 0000000000..fe7b6065c2 --- /dev/null +++ b/poky/meta/recipes-devtools/lua/lua/CVE-2022-33099.patch @@ -0,0 +1,61 @@ +From 42d40581dd919fb134c07027ca1ce0844c670daf Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> +Date: Fri, 20 May 2022 13:14:33 -0300 +Subject: [PATCH] Save stack space while handling errors + +Because error handling (luaG_errormsg) uses slots from EXTRA_STACK, +and some errors can recur (e.g., string overflow while creating an +error message in 'luaG_runerror', or a C-stack overflow before calling +the message handler), the code should use stack slots with parsimony. + +This commit fixes the bug "Lua-stack overflow when C stack overflows +while handling an error". + +CVE: CVE-2022-33099 + +Upstream-Status: Backport [https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + ldebug.c | 5 ++++- + lvm.c | 6 ++++-- + 2 files changed, 8 insertions(+), 3 deletions(-) + +--- a/src/ldebug.c ++++ b/src/ldebug.c +@@ -824,8 +824,11 @@ l_noret luaG_runerror (lua_State *L, con + va_start(argp, fmt); + msg = luaO_pushvfstring(L, fmt, argp); /* format message */ + va_end(argp); +- if (isLua(ci)) /* if Lua function, add source:line information */ ++ if (isLua(ci)) { /* if Lua function, add source:line information */ + luaG_addinfo(L, msg, ci_func(ci)->p->source, getcurrentline(ci)); ++ setobjs2s(L, L->top - 2, L->top - 1); /* remove 'msg' from the stack */ ++ L->top--; ++ } + luaG_errormsg(L); + } + +--- a/src/lvm.c ++++ b/src/lvm.c +@@ -656,8 +656,10 @@ void luaV_concat (lua_State *L, int tota + /* collect total length and number of strings */ + for (n = 1; n < total && tostring(L, s2v(top - n - 1)); n++) { + size_t l = vslen(s2v(top - n - 1)); +- if (l_unlikely(l >= (MAX_SIZE/sizeof(char)) - tl)) ++ if (l_unlikely(l >= (MAX_SIZE/sizeof(char)) - tl)) { ++ L->top = top - total; /* pop strings to avoid wasting stack */ + luaG_runerror(L, "string length overflow"); ++ } + tl += l; + } + if (tl <= LUAI_MAXSHORTLEN) { /* is result a short string? */ +@@ -672,7 +674,7 @@ void luaV_concat (lua_State *L, int tota + setsvalue2s(L, top - n, ts); /* create result */ + } + total -= n-1; /* got 'n' strings to create 1 new */ +- L->top -= n-1; /* popped 'n' strings and pushed one */ ++ L->top = top - (n - 1); /* popped 'n' strings and pushed one */ + } while (total > 1); /* repeat until only 1 result left */ + } + diff --git a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb index 6f2cea5314..0b2e754b31 100644 --- a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb +++ b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb @@ -7,6 +7,7 @@ HOMEPAGE = "http://www.lua.org/" SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ file://CVE-2022-28805.patch \ + file://CVE-2022-33099.patch \ ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'http://www.lua.org/tests/lua-${PV_testsuites}-tests.tar.gz;name=tarballtest file://run-ptest ', '', d)} \ " diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index 63f0569d06..54a68e1730 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -35,6 +35,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://pvrdma.patch \ file://CVE-2021-4206.patch \ file://CVE-2021-4207.patch \ + file://CVE-2022-35414.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch new file mode 100644 index 0000000000..3786497f01 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch @@ -0,0 +1,53 @@ +From ee76e64ee1cb232b77652b21cc94ec6b6c7e4b13 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Wed, 27 Jul 2022 10:49:47 +0530 +Subject: [PATCH] CVE-2022-35414 + +Upstream-Status: Backport [https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c] +CVE: CVE-2022-35414 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + softmmu/physmem.c | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/softmmu/physmem.c b/softmmu/physmem.c +index 3524c04c2..3c467527d 100644 +--- a/softmmu/physmem.c ++++ b/softmmu/physmem.c +@@ -667,7 +667,7 @@ void tcg_iommu_init_notifier_list(CPUState *cpu) + + /* Called from RCU critical section */ + MemoryRegionSection * +-address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, ++address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr orig_addr, + hwaddr *xlat, hwaddr *plen, + MemTxAttrs attrs, int *prot) + { +@@ -676,6 +676,7 @@ address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, + IOMMUMemoryRegionClass *imrc; + IOMMUTLBEntry iotlb; + int iommu_idx; ++ hwaddr addr = orig_addr; + AddressSpaceDispatch *d = + qatomic_rcu_read(&cpu->cpu_ases[asidx].memory_dispatch); + +@@ -720,6 +721,16 @@ address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, + return section; + + translate_fail: ++ /* ++ * We should be given a page-aligned address -- certainly ++ * tlb_set_page_with_attrs() does so. The page offset of xlat ++ * is used to index sections[], and PHYS_SECTION_UNASSIGNED = 0. ++ * The page portion of xlat will be logged by memory_region_access_valid() ++ * when this memory access is rejected, so use the original untranslated ++ * physical address. ++ */ ++ assert((orig_addr & ~TARGET_PAGE_MASK) == 0); ++ *xlat = orig_addr; + return &d->map.sections[PHYS_SECTION_UNASSIGNED]; + } + +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/strace/strace_5.16.bb b/poky/meta/recipes-devtools/strace/strace_5.16.bb index ae19318c20..23ffa25d29 100644 --- a/poky/meta/recipes-devtools/strace/strace_5.16.bb +++ b/poky/meta/recipes-devtools/strace/strace_5.16.bb @@ -19,6 +19,9 @@ SRC_URI[sha256sum] = "dc7db230ff3e57c249830ba94acab2b862da1fcaac55417e9b85041a83 inherit autotools ptest +# Not yet ported to rv32 +COMPATIBLE_HOST:riscv32 = "null" + PACKAGECONFIG:class-target ??= "\ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ " diff --git a/poky/meta/recipes-devtools/vala/vala_0.56.0.bb b/poky/meta/recipes-devtools/vala/vala_0.56.0.bb deleted file mode 100644 index a4d6760f10..0000000000 --- a/poky/meta/recipes-devtools/vala/vala_0.56.0.bb +++ /dev/null @@ -1,3 +0,0 @@ -require ${BPN}.inc - -SRC_URI[sha256sum] = "d92bd13c5630905eeb6a983dcb702204da9731460c2a6e4e39f867996f371040" diff --git a/poky/meta/recipes-devtools/vala/vala_0.56.2.bb b/poky/meta/recipes-devtools/vala/vala_0.56.2.bb new file mode 100644 index 0000000000..08c8ccca1d --- /dev/null +++ b/poky/meta/recipes-devtools/vala/vala_0.56.2.bb @@ -0,0 +1,3 @@ +require ${BPN}.inc + +SRC_URI[sha256sum] = "66c9619bb17859fd1ac3aba0a57970613e38fd2a1ee30541174260c9fb90124c" diff --git a/poky/meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch b/poky/meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch new file mode 100644 index 0000000000..3d5e5b8db9 --- /dev/null +++ b/poky/meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch @@ -0,0 +1,155 @@ +From 3ee23a0a5a8c2261e788acbee67722fcbecbea28 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Wed, 27 Jul 2022 17:34:21 +0530 +Subject: [PATCH] CVE-2021-46828 + +Upstream-Status: Backport [http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed} +CVE: CVE-2021-46828 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + src/svc.c | 17 +++++++++++++- + src/svc_vc.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++- + 2 files changed, 77 insertions(+), 2 deletions(-) + +diff --git a/src/svc.c b/src/svc.c +index 6db164b..3a8709f 100644 +--- a/src/svc.c ++++ b/src/svc.c +@@ -57,7 +57,7 @@ + + #define max(a, b) (a > b ? a : b) + +-static SVCXPRT **__svc_xports; ++SVCXPRT **__svc_xports; + int __svc_maxrec; + + /* +@@ -194,6 +194,21 @@ __xprt_do_unregister (xprt, dolock) + rwlock_unlock (&svc_fd_lock); + } + ++int ++svc_open_fds() ++{ ++ int ix; ++ int nfds = 0; ++ ++ rwlock_rdlock (&svc_fd_lock); ++ for (ix = 0; ix < svc_max_pollfd; ++ix) { ++ if (svc_pollfd[ix].fd != -1) ++ nfds++; ++ } ++ rwlock_unlock (&svc_fd_lock); ++ return (nfds); ++} ++ + /* + * Add a service program to the callout list. + * The dispatch routine will be called when a rpc request for this +diff --git a/src/svc_vc.c b/src/svc_vc.c +index f1d9f00..3dc8a75 100644 +--- a/src/svc_vc.c ++++ b/src/svc_vc.c +@@ -64,6 +64,8 @@ + + + extern rwlock_t svc_fd_lock; ++extern SVCXPRT **__svc_xports; ++extern int svc_open_fds(); + + static SVCXPRT *makefd_xprt(int, u_int, u_int); + static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *); +@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *); + static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in); + static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq, + void *in); ++static int __svc_destroy_idle(int timeout); + + struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */ + u_int sendsize; +@@ -313,13 +316,14 @@ done: + return (xprt); + } + ++ + /*ARGSUSED*/ + static bool_t + rendezvous_request(xprt, msg) + SVCXPRT *xprt; + struct rpc_msg *msg; + { +- int sock, flags; ++ int sock, flags, nfds, cnt; + struct cf_rendezvous *r; + struct cf_conn *cd; + struct sockaddr_storage addr; +@@ -379,6 +383,16 @@ again: + + gettimeofday(&cd->last_recv_time, NULL); + ++ nfds = svc_open_fds(); ++ if (nfds >= (_rpc_dtablesize() / 5) * 4) { ++ /* destroy idle connections */ ++ cnt = __svc_destroy_idle(15); ++ if (cnt == 0) { ++ /* destroy least active */ ++ __svc_destroy_idle(0); ++ } ++ } ++ + return (FALSE); /* there is never an rpc msg to be processed */ + } + +@@ -820,3 +834,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock) + { + return FALSE; + } ++ ++static int ++__svc_destroy_idle(int timeout) ++{ ++ int i, ncleaned = 0; ++ SVCXPRT *xprt, *least_active; ++ struct timeval tv, tdiff, tmax; ++ struct cf_conn *cd; ++ ++ gettimeofday(&tv, NULL); ++ tmax.tv_sec = tmax.tv_usec = 0; ++ least_active = NULL; ++ rwlock_wrlock(&svc_fd_lock); ++ ++ for (i = 0; i <= svc_max_pollfd; i++) { ++ if (svc_pollfd[i].fd == -1) ++ continue; ++ xprt = __svc_xports[i]; ++ if (xprt == NULL || xprt->xp_ops == NULL || ++ xprt->xp_ops->xp_recv != svc_vc_recv) ++ continue; ++ cd = (struct cf_conn *)xprt->xp_p1; ++ if (!cd->nonblock) ++ continue; ++ if (timeout == 0) { ++ timersub(&tv, &cd->last_recv_time, &tdiff); ++ if (timercmp(&tdiff, &tmax, >)) { ++ tmax = tdiff; ++ least_active = xprt; ++ } ++ continue; ++ } ++ if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) { ++ __xprt_unregister_unlocked(xprt); ++ __svc_vc_dodestroy(xprt); ++ ncleaned++; ++ } ++ } ++ if (timeout == 0 && least_active != NULL) { ++ __xprt_unregister_unlocked(least_active); ++ __svc_vc_dodestroy(least_active); ++ ncleaned++; ++ } ++ rwlock_unlock(&svc_fd_lock); ++ return (ncleaned); ++} +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb b/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb index 45b3d2befc..66bc4ecdd1 100644 --- a/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb +++ b/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.2.bb @@ -9,7 +9,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f835cce8852481e4b2bbbdd23b5e47f3 \ PROVIDES = "virtual/librpc" -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2" +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2 \ + file://CVE-2021-46828.patch \ + " UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/libtirpc/files/libtirpc/" UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)/" SRC_URI[sha256sum] = "e24eb88b8ce7db3b7ca6eb80115dd1284abc5ec32a8deccfed2224fc2532b9fd" diff --git a/poky/meta/recipes-gnome/epiphany/epiphany_42.2.bb b/poky/meta/recipes-gnome/epiphany/epiphany_42.3.bb index dc1b34ac92..f9d60ff2a9 100644 --- a/poky/meta/recipes-gnome/epiphany/epiphany_42.2.bb +++ b/poky/meta/recipes-gnome/epiphany/epiphany_42.3.bb @@ -28,7 +28,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@oe.utils.trim_version("${PV}", 1)}/${GN file://migrator.patch \ file://distributor.patch \ " -SRC_URI[archive.sha256sum] = "92c02cf886d10d2ccff5de658e1a420eab31d20bb50e746d430e9535b485192d" +SRC_URI[archive.sha256sum] = "7316d3c6500e825d8e57293fa58047c56727bee16cd6b6ac804ffe5d9b229560" PACKAGECONFIG_SOUP ?= "soup2" PACKAGECONFIG ??= "${PACKAGECONFIG_SOUP}" diff --git a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb index 355e77d107..9a47e908b7 100644 --- a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb +++ b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.72.0.bb @@ -113,9 +113,6 @@ EOF } do_compile:prepend() { - # This prevents g-ir-scanner from writing cache data to $HOME - export GI_SCANNER_DISABLE_CACHE=1 - # Needed to run g-ir unit tests, which won't be able to find the built libraries otherwise export GIR_EXTRA_LIBS_PATH=$B/.libs } diff --git a/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.1.bb b/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.2.bb index 2d0c51a423..cd658ab219 100644 --- a/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.1.bb +++ b/poky/meta/recipes-graphics/xorg-app/mkfontscale_1.2.2.bb @@ -17,5 +17,5 @@ BBCLASSEXTEND = "native" LIC_FILES_CHKSUM = "file://COPYING;md5=99b1e1269aba5179139b9e4380fc0934" -SRC_URI[md5sum] = "215940de158b1a3d8b3f8b442c606e2f" -SRC_URI[sha256sum] = "ca0495eb974a179dd742bfa6199d561bda1c8da4a0c5a667f21fd82aaab6bac7" +SRC_URI_EXT = "xz" +SRC_URI[sha256sum] = "8ae3fb5b1fe7436e1f565060acaa3e2918fe745b0e4979b5593968914fe2d5c4" diff --git a/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.2.bb b/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb index 2d10b7acca..e75a840b7d 100644 --- a/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.2.bb +++ b/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb @@ -14,7 +14,7 @@ PE = "1" SRC_URI += "file://disable-xkb.patch" -SRC_URI[md5sum] = "8809037bd48599af55dad81c508b6b39" -SRC_URI[sha256sum] = "30238ed915619e06ceb41721e5f747d67320555cc38d459e954839c189ccaf51" +SRC_URI_EXT = "xz" +SRC_URI[sha256sum] = "356d5fd62f3e98ee36d6becf1b32d4ab6112d618339fb4b592ccffbd9e0fc206" EXTRA_OECONF = "--disable-xkb" diff --git a/poky/meta/recipes-graphics/xorg-app/xev_1.2.4.bb b/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb index 9407fa65f1..0e3def6eee 100644 --- a/poky/meta/recipes-graphics/xorg-app/xev_1.2.4.bb +++ b/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb @@ -14,4 +14,6 @@ DEPENDS += "libxrandr xorgproto" SRC_URI += "file://diet-x11.patch" -SRC_URI[sha256sum] = "d700e08bfe751ed2dbf802baa204b056d0e49348b6eb3c6f9cb035d8ae4885e2" +SRC_URI[sha256sum] = "c9461a4389714e0f33974f9e75934bdc38d836a0f059b8dc089c7cbf2ce36ec1" + +SRC_URI_EXT = "xz" diff --git a/poky/meta/recipes-graphics/xorg-app/xmodmap_1.0.10.bb b/poky/meta/recipes-graphics/xorg-app/xmodmap_1.0.11.bb index 7dedb03a2b..dc955aa977 100644 --- a/poky/meta/recipes-graphics/xorg-app/xmodmap_1.0.10.bb +++ b/poky/meta/recipes-graphics/xorg-app/xmodmap_1.0.11.bb @@ -12,5 +12,6 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=272c17e96370e1e74773fa22d9989621" PE = "1" -SRC_URI[md5sum] = "51f1d30a525e9903280ffeea2744b1f6" -SRC_URI[sha256sum] = "473f0941d7439d501bb895ff358832b936ec34c749b9704c37a15e11c318487c" +SRC_URI[sha256sum] = "9a2f8168f7b0bc382828847403902cb6bf175e17658b36189eac87edda877e81" + +SRC_URI_EXT = "xz" diff --git a/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc b/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc index 1c64e20aac..5dbe8abe86 100644 --- a/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc +++ b/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc @@ -8,7 +8,8 @@ DEPENDS = "util-macros-native virtual/libx11" # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" -SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.bz2" +SRC_URI_EXT = "bz2" +SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.${SRC_URI_EXT}" inherit autotools pkgconfig features_check diff --git a/poky/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb b/poky/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb index 57b43ff28c..0e0347f768 100644 --- a/poky/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb +++ b/poky/meta/recipes-graphics/xorg-app/xrandr_1.5.1.bb @@ -11,8 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fe1608bdb33cf8c62a4438f7d34679b3" DEPENDS += "libxrandr libxrender" PE = "1" -SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.xz" - +SRC_URI_EXT = "xz" SRC_URI[md5sum] = "fe40f7a4fd39dd3a02248d3e0b1972e4" SRC_URI[sha256sum] = "7bc76daf9d72f8aff885efad04ce06b90488a1a169d118dea8a2b661832e8762" diff --git a/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/64bit_time_t_support.patch b/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/64bit_time_t_support.patch deleted file mode 100644 index 4bb7fb3e23..0000000000 --- a/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/64bit_time_t_support.patch +++ /dev/null @@ -1,51 +0,0 @@ -This patch avoids using time field of input_event structure which is not available -on 32bit arches supporting 64bit time_t structs, Patch makes it compatible with new -and keeps old input.h implementation functional as well. - -See https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- a/src/eventcomm.c -+++ b/src/eventcomm.c -@@ -575,10 +575,12 @@ SynapticsReadEvent(InputInfoPtr pInfo, s - ev->type = EV_SYN; - ev->code = SYN_REPORT; - ev->value = 0; -- ev->time = last_event_time; -- } else if (ev->type == EV_SYN) -- last_event_time = ev->time; -- -+ ev->input_event_sec = last_event_time.tv_sec; -+ ev->input_event_usec = last_event_time.tv_usec; -+ } else if (ev->type == EV_SYN) { -+ last_event_time.tv_sec = ev->input_event_sec; -+ last_event_time.tv_usec = ev->input_event_usec; -+ } - return TRUE; - } - -@@ -725,7 +727,7 @@ EventReadHwState(InputInfoPtr pInfo, - case SYN_REPORT: - hw->numFingers = count_fingers(pInfo, comm); - if (proto_data->have_monotonic_clock) -- hw->millis = 1000 * ev.time.tv_sec + ev.time.tv_usec / 1000; -+ hw->millis = 1000 * ev.input_event_sec + ev.input_event_usec / 1000; - else - hw->millis = GetTimeInMillis(); - SynapticsCopyHwState(hwRet, hw); ---- a/src/eventcomm.h -+++ b/src/eventcomm.h -@@ -34,6 +34,11 @@ - #include <xf86Xinput.h> - #include "synproto.h" - -+#ifndef input_event_sec -+#define input_event_sec time.tv_sec -+#define input_event_usec time.tv_usec -+#endif -+ - /* for auto-dev: */ - #define DEV_INPUT_EVENT "/dev/input" - #define EVENT_DEV_NAME "event" diff --git a/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.1.bb b/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.2.bb index 388350c96e..8e446290b2 100644 --- a/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.1.bb +++ b/poky/meta/recipes-graphics/xorg-driver/xf86-input-synaptics_1.9.2.bb @@ -10,9 +10,8 @@ advanced features of the touchpad to become available." LIC_FILES_CHKSUM = "file://COPYING;md5=55aacd3535a741824955c5eb8f061398" -SRC_URI += "file://64bit_time_t_support.patch" - -SRC_URI[md5sum] = "cfb79d3c975151f9bbf30b727c260cb9" -SRC_URI[sha256sum] = "7af83526eff1c76e8b9e1553b34245c203d029028d8044dd9dcf71eef1001576" +SRC_URI[sha256sum] = "b8fa4aab913fc63754bbd6439e020658c412743a055201ddf212760593962c38" DEPENDS += "libxi mtdev libxtst libevdev" + +XORG_DRIVER_COMPRESSOR = ".tar.xz" diff --git a/poky/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch b/poky/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch index ec7c7d80c1..9ee7abe775 100644 --- a/poky/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch +++ b/poky/meta/recipes-graphics/xorg-font/encodings/nocompiler.patch @@ -1,4 +1,4 @@ -From b08c43a0842076e0a94e88ad6456a9326cd7ffc9 Mon Sep 17 00:00:00 2001 +From 0c0790e90a68bf8290da5c0e57142bf7c620f039 Mon Sep 17 00:00:00 2001 From: Richard Purdie <richard.purdie@linuxfoundation.org> Date: Tue, 17 May 2011 23:03:02 +0000 Subject: [PATCH] Improve handling of 'all' architecture recipes and their @@ -21,12 +21,12 @@ RP 17/5/2011 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac -index 622c27b..5ee84ed 100644 +index b80e3de..80208bb 100644 --- a/configure.ac +++ b/configure.ac -@@ -3,12 +3,12 @@ AC_INIT([encodings], [1.0.5], +@@ -3,12 +3,12 @@ AC_INIT([encodings], [1.0.6], [https://gitlab.freedesktop.org/xorg/font/encodings/issues]) - AM_INIT_AUTOMAKE([foreign dist-bzip2]) + AM_INIT_AUTOMAKE([foreign dist-xz]) -# Require xorg-macros: XORG_DEFAULT_OPTIONS m4_ifndef([XORG_MACROS_VERSION], diff --git a/poky/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb b/poky/meta/recipes-graphics/xorg-font/encodings_1.0.6.bb index 8ddbaf24dd..be82414eef 100644 --- a/poky/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb +++ b/poky/meta/recipes-graphics/xorg-font/encodings_1.0.6.bb @@ -7,14 +7,14 @@ require xorg-font-common.inc LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=9da93f2daf2d5572faa2bfaf0dbd9e76" PE = "1" -PR = "r3" DEPENDS = "mkfontscale-native mkfontdir-native font-util-native" RDEPENDS:${PN} = "" SRC_URI += "file://nocompiler.patch" -SRC_URI[md5sum] = "bbae4f247b88ccde0e85ed6a403da22a" -SRC_URI[sha256sum] = "bd96e16143a044b19e87f217cf6a3763a70c561d1076aad6f6d862ec41774a31" +SRC_URI[sha256sum] = "77e301de661f35a622b18f60b555a7e7d8c4d5f43ed41410e830d5ac9084fc26" + +SRC_URI_EXT = "xz" inherit allarch diff --git a/poky/meta/recipes-graphics/xorg-font/font-util_1.3.2.bb b/poky/meta/recipes-graphics/xorg-font/font-util_1.3.3.bb index b3e832756b..64c705770d 100644 --- a/poky/meta/recipes-graphics/xorg-font/font-util_1.3.2.bb +++ b/poky/meta/recipes-graphics/xorg-font/font-util_1.3.3.bb @@ -16,7 +16,8 @@ RDEPENDS:${PN}:class-native = "" BBCLASSEXTEND = "native" -SRC_URI[md5sum] = "3d6adb76fdd072db8c8fae41b40855e8" -SRC_URI[sha256sum] = "3ad880444123ac06a7238546fa38a2a6ad7f7e0cc3614de7e103863616522282" +SRC_URI[sha256sum] = "e791c890779c40056ab63aaed5e031bb6e2890a98418ca09c534e6261a2eebd2" SYSROOT_DIRS_IGNORE:remove = "${datadir}/fonts" + +SRC_URI_EXT = "xz" diff --git a/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc b/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc index 2df23efed4..edf7cf7642 100644 --- a/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc +++ b/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc @@ -9,7 +9,8 @@ RDEPENDS:${PN} = "encodings font-util font-alias" XORG_PN = "${BPN}" -SRC_URI = "${XORG_MIRROR}/individual/font/${XORG_PN}-${PV}.tar.bz2" +SRC_URI_EXT = "bz2" +SRC_URI = "${XORG_MIRROR}/individual/font/${XORG_PN}-${PV}.tar.${SRC_URI_EXT}" S = "${WORKDIR}/${XORG_PN}-${PV}" inherit autotools pkgconfig features_check diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch deleted file mode 100644 index df9332fae7..0000000000 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 12041ad0610f1345d6b9994c32943fd4dd01f65d Mon Sep 17 00:00:00 2001 -From: Olivier Fourdan <ofourdan@redhat.com> -Date: Thu, 20 Jan 2022 10:20:38 +0100 -Subject: [PATCH] render: Fix build with gcc 12 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The xserver fails to compile with the latest gcc 12: - - render/picture.c: In function ‘CreateSolidPicture’: - render/picture.c:874:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds] - 874 | pPicture->pSourcePict->type = SourcePictTypeSolidFill; - | ^~ - render/picture.c:868:45: note: object of size 16 allocated by ‘malloc’ - 868 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - render/picture.c: In function ‘CreateLinearGradientPicture’: - render/picture.c:906:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds] - 906 | pPicture->pSourcePict->linear.type = SourcePictTypeLinear; - | ^~ - render/picture.c:899:45: note: object of size 32 allocated by ‘malloc’ - 899 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - render/picture.c: In function ‘CreateConicalGradientPicture’: - render/picture.c:989:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds] - 989 | pPicture->pSourcePict->conical.type = SourcePictTypeConical; - | ^~ - render/picture.c:982:45: note: object of size 32 allocated by ‘malloc’ - 982 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - cc1: some warnings being treated as errors - ninja: build stopped: subcommand failed. - -This is because gcc 12 has become stricter and raises a warning now. - -Fix the warning/error by allocating enough memory to store the union -struct. - -Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/c6b0dcb82d4db07a2f32c09a8c09c85a5f57248e] -Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> -Acked-by: Michel Dänzer <mdaenzer@redhat.com> -Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1256 ---- - render/picture.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/render/picture.c b/render/picture.c -index afa0d25..2be4b19 100644 ---- a/render/picture.c -+++ b/render/picture.c -@@ -865,7 +865,7 @@ CreateSolidPicture(Picture pid, xRenderColor * color, int *error) - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); -@@ -896,7 +896,7 @@ CreateLinearGradientPicture(Picture pid, xPointFixed * p1, xPointFixed * p2, - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); -@@ -936,7 +936,7 @@ CreateRadialGradientPicture(Picture pid, xPointFixed * inner, - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictRadialGradient)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); -@@ -979,7 +979,7 @@ CreateConicalGradientPicture(Picture pid, xPointFixed * center, xFixed angle, - } - - pPicture->id = pid; -- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient)); -+ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); - if (!pPicture->pSourcePict) { - *error = BadAlloc; - free(pPicture); --- -2.35.1 - diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb index 1f53ab5177..b9cbc9989e 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.3.bb +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.4.bb @@ -1,10 +1,9 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ - file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ - file://0001-render-Fix-build-with-gcc-12.patch \ - " -SRC_URI[sha256sum] = "61d6aad5b6b47a116b960bd7f0cba4ee7e6da95d6bb0b127bde75d7d1acdebe5" + file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ + " +SRC_URI[sha256sum] = "5cc4be8ee47edb58d4a90e603a59d56b40291ad38371b0bd2471fc3cbee1c587" # These extensions are now integrated into the server, so declare the migration # path for in-place upgrades. diff --git a/poky/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb b/poky/meta/recipes-graphics/xwayland/xwayland_22.1.3.bb index b512b9932d..da1b27525d 100644 --- a/poky/meta/recipes-graphics/xwayland/xwayland_22.1.1.bb +++ b/poky/meta/recipes-graphics/xwayland/xwayland_22.1.3.bb @@ -10,7 +10,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=5df87950af51ac2c5822094553ea1880" SRC_URI = "https://www.x.org/archive/individual/xserver/xwayland-${PV}.tar.xz" -SRC_URI[sha256sum] = "f5d0e0ba37e19bb87c62f61da5970bd204939f2120620964bed4cc8495baa657" +SRC_URI[sha256sum] = "a712eb7bce32cd934df36814b5dd046aa670899c16fe98f2afb003578f86a1c5" UPSTREAM_CHECK_REGEX = "xwayland-(?P<pver>\d+(\.(?!90\d)\d+)+)\.tar" diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220708.bb index 78b38df461..91c32e49d6 100644 --- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220610.bb +++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20220708.bb @@ -27,7 +27,6 @@ LICENSE = "\ & Firmware-go7007 \ & Firmware-GPLv2 \ & Firmware-hfi1_firmware \ - & Firmware-i2400m \ & Firmware-i915 \ & Firmware-ibt_firmware \ & Firmware-ice \ @@ -57,7 +56,6 @@ LICENSE = "\ & Firmware-rtlwifi_firmware \ & Firmware-imx-sdma_firmware \ & Firmware-siano \ - & Firmware-tda7706-firmware \ & Firmware-ti-connectivity \ & Firmware-ti-keystone \ & Firmware-ueagle-atm4-firmware \ @@ -69,7 +67,6 @@ LICENSE = "\ & WHENCE \ " -WHENCE_CHKSUM = "385947b278a6646ae4c3d39ba8c9b1bb" LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \ file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \ @@ -92,7 +89,6 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.go7007;md5=c0bb9f6aaaba55b0529ee9b30aa66beb \ file://GPL-2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://LICENSE.hfi1_firmware;md5=5e7b6e586ce7339d12689e49931ad444 \ - file://LICENCE.i2400m;md5=14b901969e23c41881327c0d9e4b7d36 \ file://LICENSE.i915;md5=2b0b2e0d20984affd4490ba2cba02570 \ file://LICENCE.ibt_firmware;md5=fdbee1ddfe0fb7ab0b2fcd6b454a366b \ file://LICENSE.ice;md5=742ab4850f2670792940e6d15c974b2f \ @@ -124,7 +120,6 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.rtlwifi_firmware.txt;md5=00d06cfd3eddd5a2698948ead2ad54a5 \ file://LICENSE.sdma_firmware;md5=51e8c19ecc2270f4b8ea30341ad63ce9 \ file://LICENCE.siano;md5=4556c1bf830067f12ca151ad953ec2a5 \ - file://LICENCE.tda7706-firmware.txt;md5=835997cf5e3c131d0dddd695c7d9103e \ file://LICENCE.ti-connectivity;md5=c5e02be633f1499c109d1652514d85ec \ file://LICENCE.ti-keystone;md5=3a86335d32864b0bef996bee26cc0f2c \ file://LICENCE.ueagle-atm4-firmware;md5=4ed7ea6b507ccc583b9d594417714118 \ @@ -135,6 +130,9 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \ file://WHENCE;md5=${WHENCE_CHKSUM} \ " +# WHENCE checksum is defined separately to ease overriding it if +# class-devupstream is selected. +WHENCE_CHKSUM = "def08711eb23ba967fb7e1f8cff66178" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -160,7 +158,6 @@ NO_GENERIC_LICENSE[Firmware-fw_sst_0f28] = "LICENCE.fw_sst_0f28" NO_GENERIC_LICENSE[Firmware-go7007] = "LICENCE.go7007" NO_GENERIC_LICENSE[Firmware-GPLv2] = "GPL-2" NO_GENERIC_LICENSE[Firmware-hfi1_firmware] = "LICENSE.hfi1_firmware" -NO_GENERIC_LICENSE[Firmware-i2400m] = "LICENCE.i2400m" NO_GENERIC_LICENSE[Firmware-i915] = "LICENSE.i915" NO_GENERIC_LICENSE[Firmware-ibt_firmware] = "LICENCE.ibt_firmware" NO_GENERIC_LICENSE[Firmware-ice] = "LICENSE.ice" @@ -191,7 +188,6 @@ NO_GENERIC_LICENSE[Firmware-ralink-firmware] = "LICENCE.ralink-firmware.txt" NO_GENERIC_LICENSE[Firmware-rtlwifi_firmware] = "LICENCE.rtlwifi_firmware.txt" NO_GENERIC_LICENSE[Firmware-siano] = "LICENCE.siano" NO_GENERIC_LICENSE[Firmware-imx-sdma_firmware] = "LICENSE.sdma_firmware" -NO_GENERIC_LICENSE[Firmware-tda7706-firmware] = "LICENCE.tda7706-firmware.txt" NO_GENERIC_LICENSE[Firmware-ti-connectivity] = "LICENCE.ti-connectivity" NO_GENERIC_LICENSE[Firmware-ti-keystone] = "LICENCE.ti-keystone" NO_GENERIC_LICENSE[Firmware-ueagle-atm4-firmware] = "LICENCE.ueagle-atm4-firmware" @@ -213,7 +209,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "faf3aedf89530e61f4fa1e8c7303dead9127cc24416945647797d079feb12837" +SRC_URI[sha256sum] = "0abec827a035c82bdcabdf82aa37ded247bc682ef05861bd409ea6f477bab81d" inherit allarch @@ -1033,7 +1029,6 @@ LICENSE:${PN} = "\ & Firmware-fw_sst_0f28 \ & Firmware-go7007 \ & Firmware-hfi1_firmware \ - & Firmware-i2400m \ & Firmware-ibt_firmware \ & Firmware-it913x \ & Firmware-IntcSST2 \ @@ -1054,7 +1049,6 @@ LICENSE:${PN} = "\ & Firmware-ralink-firmware \ & Firmware-imx-sdma_firmware \ & Firmware-siano \ - & Firmware-tda7706-firmware \ & Firmware-ti-connectivity \ & Firmware-ti-keystone \ & Firmware-ueagle-atm4-firmware \ diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index 53ccd41033..9387c67cfb 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "63771123b1eea439bea2cf80f9f5682667528d9f" -SRCREV_meta ?= "96ea2660bb97e15f48f4885b9e436f24c3606bd9" +SRCREV_machine ?= "6df690626649ba5430a379f63a5f7b7423ce2e48" +SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.130" +LINUX_VERSION ?= "5.10.135" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index b6e443d4da..32c7db2c74 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "0222cbb8d40318cf5377875017e32eebefa59ab8" -SRCREV_meta ?= "0e3a81a5aefbea03388b1235fbcc3dec278425d0" +SRCREV_machine ?= "13ee019f28013cf8c102a3ffaadfa5e9ae9743e1" +SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.15.54" +LINUX_VERSION ?= "5.15.59" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index 7b3aaa7fa0..d7aa3281cc 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.130" +LINUX_VERSION ?= "5.10.135" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine:qemuarm ?= "bff12aa9748d83efc518e524858913c028f0707a" -SRCREV_machine ?= "5bdf36bd73803640ee495fc6f36b0207993bf62a" -SRCREV_meta ?= "96ea2660bb97e15f48f4885b9e436f24c3606bd9" +SRCREV_machine:qemuarm ?= "3b1c4608c04d645b292f13cc550b5151e032794b" +SRCREV_machine ?= "cbfab86927ad95da60b8d49957ca941df615d877" +SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index aadf014463..8eb138e78b 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.54" +LINUX_VERSION ?= "5.15.59" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "9b1d0e5eb8b08323577f5e2b21cbb2065aba0aa1" -SRCREV_meta ?= "0e3a81a5aefbea03388b1235fbcc3dec278425d0" +SRCREV_machine ?= "86c19d4c40f475e09a076d55391fa66d96a1b3ac" +SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb index d5bf2c9496..73a58e59a0 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,23 +13,23 @@ KBRANCH:qemux86 ?= "v5.10/standard/base" KBRANCH:qemux86-64 ?= "v5.10/standard/base" KBRANCH:qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "8d513bf2294b60cbfa7bfbfab43f7ec458e88de0" -SRCREV_machine:qemuarm64 ?= "f86e70ec0a39fa6cfd5b19a013703345cf9e8d4c" -SRCREV_machine:qemumips ?= "a5c1977699a2733ed4ddd08f1bcc1cbcc1fa8862" -SRCREV_machine:qemuppc ?= "2e52a4c55beaea77e6b99720de58624c416e7569" -SRCREV_machine:qemuriscv64 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" -SRCREV_machine:qemuriscv32 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" -SRCREV_machine:qemux86 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" -SRCREV_machine:qemux86-64 ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" -SRCREV_machine:qemumips64 ?= "37c7c3e8979a2b0eb75bf8ceab7f2b7f12565ceb" -SRCREV_machine ?= "2883e69e202dc7948c99a7828e192b2b42c2d90a" -SRCREV_meta ?= "96ea2660bb97e15f48f4885b9e436f24c3606bd9" +SRCREV_machine:qemuarm ?= "23ab0f8300e7b90fdf1e0be923933d5cfd03b618" +SRCREV_machine:qemuarm64 ?= "5ff1949cbb7ff90ae3e4dc6fd0fd9876ffaab9d2" +SRCREV_machine:qemumips ?= "01c75770046189608bb4ea9977521ec58a15b6bf" +SRCREV_machine:qemuppc ?= "7dd170da9eacb57c6d8eff88ca24b8bf55ab042a" +SRCREV_machine:qemuriscv64 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemuriscv32 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemux86 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemux86-64 ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_machine:qemumips64 ?= "a099189ac94c7218c09f1519ea4222fb2d9070be" +SRCREV_machine ?= "d09b184cbc0321794bda715ab560dec077a048d0" +SRCREV_meta ?= "ed7e0c3bb9464387ba99fedd5ea32bf78ae2fe45" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.130" +LINUX_VERSION ?= "5.10.135" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 4c1d163a1e..083f87727b 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "c284142affccb534122ad93bdcd4774af161d767" -SRCREV_machine:qemuarm64 ?= "c4c194a34c568c17389120608b2ee8a7a988150a" -SRCREV_machine:qemumips ?= "7b446965d9659d312952ef4dedf5b50a493e60c2" -SRCREV_machine:qemuppc ?= "0c2a4ad856c8f0c1b3ca8a38c17e1194f47e4643" -SRCREV_machine:qemuriscv64 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" -SRCREV_machine:qemuriscv32 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" -SRCREV_machine:qemux86 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" -SRCREV_machine:qemux86-64 ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" -SRCREV_machine:qemumips64 ?= "9a8d4e00df67daf224ae62b238c151a3f3f70ae7" -SRCREV_machine ?= "a40d2daf2795d89e3ef8af0413b25190558831ec" -SRCREV_meta ?= "0e3a81a5aefbea03388b1235fbcc3dec278425d0" +SRCREV_machine:qemuarm ?= "c33f2e2ad3fdcc1c9539f80fb51b49f68c544c03" +SRCREV_machine:qemuarm64 ?= "e8a14fadeb24619f20d3caebc01c7f26c49f768a" +SRCREV_machine:qemumips ?= "c5f07eee39e4e03e90de3e71a3f6448fdb73921a" +SRCREV_machine:qemuppc ?= "b5873d3a40b837059a36179174863cb4c7f9e109" +SRCREV_machine:qemuriscv64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemuriscv32 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemux86 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemux86-64 ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_machine:qemumips64 ?= "a6c0767511eed80395777e42d33fdc8405bff2b4" +SRCREV_machine ?= "efe20512212b0e85b5f884b1bfc8fbba2b43541a" +SRCREV_meta ?= "f7f709bf874f85baff9f2fb0ac0341c08399b144" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "843dae1756d9bddee21a96827784791fd97d484e" +SRCREV_machine:class-devupstream ?= "d676d6149a2f4b4d66b8ea0a1dfef30a54cf5750" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.54" +LINUX_VERSION ?= "5.15.59" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch deleted file mode 100644 index e988f7a3d5..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch +++ /dev/null @@ -1,37 +0,0 @@ -From c312bda00d2dc10ce5f6c1189acbefee5c6c8c6c Mon Sep 17 00:00:00 2001 -From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Date: Tue, 29 Mar 2022 16:34:07 -0400 -Subject: [PATCH 01/10] Fix: compaction migratepages event name - -The commit "fix: mm: compaction: fix the migration stats in trace_mm_compaction_migratepages() (v5.17)" - -Triggers this warning: - - LTTng: event provider mismatch: The event name needs to start with provider name + _ + one or more letter, provider: compaction, event name: mm_compaction_migratepages - -Upstream-Status: Backport - -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I01c7485af765084dafb33bf33ae392e60bfbf1e7 ---- - include/instrumentation/events/compaction.h | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/include/instrumentation/events/compaction.h b/include/instrumentation/events/compaction.h -index 340e41f5..15964537 100644 ---- a/include/instrumentation/events/compaction.h -+++ b/include/instrumentation/events/compaction.h -@@ -98,7 +98,9 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE_MAP(compaction_isolate_template, - #endif /* #else #if LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,0,0) */ - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) --LTTNG_TRACEPOINT_EVENT(mm_compaction_migratepages, -+LTTNG_TRACEPOINT_EVENT_MAP(mm_compaction_migratepages, -+ -+ compaction_migratepages, - - TP_PROTO(unsigned long nr_all, - unsigned int nr_succeeded), --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch new file mode 100644 index 0000000000..ca6abea9c0 --- /dev/null +++ b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch @@ -0,0 +1,53 @@ +From d8254360c7f2ff9b3f945e9668d89c0b56b9bd91 Mon Sep 17 00:00:00 2001 +From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +Date: Fri, 29 Jul 2022 15:37:43 -0400 +Subject: [PATCH] fix: net: skb: introduce kfree_skb_reason() (v5.15.58..v5.16) + +See upstream commit : + + commit c504e5c2f9648a1e5c2be01e8c3f59d394192bd3 + Author: Menglong Dong <imagedong@tencent.com> + Date: Sun Jan 9 14:36:26 2022 +0800 + + net: skb: introduce kfree_skb_reason() + + Introduce the interface kfree_skb_reason(), which is able to pass + the reason why the skb is dropped to 'kfree_skb' tracepoint. + + Add the 'reason' field to 'trace_kfree_skb', therefor user can get + more detail information about abnormal skb with 'drop_monitor' or + eBPF. + + All drop reasons are defined in the enum 'skb_drop_reason', and + they will be print as string in 'kfree_skb' tracepoint in format + of 'reason: XXX'. + + ( Maybe the reasons should be defined in a uapi header file, so that + user space can use them? ) + +Upstream-Status: Backport + +Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> +Change-Id: Ib3c039207739dad10f097cf76474e0822e351273 +--- + include/instrumentation/events/skb.h | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/include/instrumentation/events/skb.h b/include/instrumentation/events/skb.h +index 237e54ad..186732ea 100644 +--- a/include/instrumentation/events/skb.h ++++ b/include/instrumentation/events/skb.h +@@ -13,7 +13,9 @@ + /* + * Tracepoint for free an sk_buff: + */ +-#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) ++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0) \ ++ || LTTNG_KERNEL_RANGE(5,15,58, 5,16,0)) ++ + LTTNG_TRACEPOINT_ENUM(skb_drop_reason, + TP_ENUM_VALUES( + ctf_enum_value("NOT_SPECIFIED", SKB_DROP_REASON_NOT_SPECIFIED) +-- +2.17.1 + diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch deleted file mode 100644 index d27cbc314f..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 13e4c978d45237b8780f1de6d404812b3af26a49 Mon Sep 17 00:00:00 2001 -From: He Zhe <zhe.he@windriver.com> -Date: Thu, 2 Jun 2022 06:36:08 +0000 -Subject: [PATCH] fix: random: remove unused tracepoints (v5.10, v5.15) - -The following kernel commit has been back ported to v5.10.119 and v5.15.44. - -commit 14c174633f349cb41ea90c2c0aaddac157012f74 -Author: Jason A. Donenfeld <Jason@zx2c4.com> -Date: Thu Feb 10 16:40:44 2022 +0100 - - random: remove unused tracepoints - - These explicit tracepoints aren't really used and show sign of aging. - It's work to keep these up to date, and before I attempted to keep them - up to date, they weren't up to date, which indicates that they're not - really used. These days there are better ways of introspecting anyway. - -Upstream-Status: Pending - -Signed-off-by: He Zhe <zhe.he@windriver.com> ---- - src/probes/Kbuild | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/probes/Kbuild b/src/probes/Kbuild -index 5478447..31e0ee8 100644 ---- a/src/probes/Kbuild -+++ b/src/probes/Kbuild -@@ -204,7 +204,10 @@ endif - - # Introduced in v3.6, remove in v5.18 - obj-$(CONFIG_LTTNG) += $(shell \ -- if [ \( ! \( $(VERSION) -ge 6 -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) \) \ -+ if [ \( ! \( $(VERSION) -ge 6 \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -eq 15 -a $(SUBLEVEL) -ge 44 \) \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -eq 10 -a $(SUBLEVEL) -ge 119 \) \) \) \ - -a \ - $(VERSION) -ge 4 \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -ge 6 \) \ --- -2.32.0 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch deleted file mode 100644 index b41053b6bc..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 9c5b8de32b5745f3ff31079c02da64595e101bee Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Tue, 17 May 2022 11:46:29 -0400 -Subject: [PATCH] fix: sched/tracing: Append prev_state to tp args instead - (v5.18) - -See upstream commit : - - commit 9c2136be0878c88c53dea26943ce40bb03ad8d8d - Author: Delyan Kratunov <delyank@fb.com> - Date: Wed May 11 18:28:36 2022 +0000 - - sched/tracing: Append prev_state to tp args instead - - Commit fa2c3254d7cf (sched/tracing: Don't re-read p->state when emitting - sched_switch event, 2022-01-20) added a new prev_state argument to the - sched_switch tracepoint, before the prev task_struct pointer. - - This reordering of arguments broke BPF programs that use the raw - tracepoint (e.g. tp_btf programs). The type of the second argument has - changed and existing programs that assume a task_struct* argument - (e.g. for bpf_task_storage access) will now fail to verify. - - If we instead append the new argument to the end, all existing programs - would continue to work and can conditionally extract the prev_state - argument on supported kernel versions. - - -Upstream-Status: Backport - -Change-Id: Ife2ec88a8bea2743562590cbd357068d7773863f -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/sched.h | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/include/instrumentation/events/sched.h b/include/instrumentation/events/sched.h -index 339bec94..c1c3df15 100644 ---- a/include/instrumentation/events/sched.h -+++ b/include/instrumentation/events/sched.h -@@ -356,11 +356,11 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(sched_wakeup_template, sched_wakeup_new, - LTTNG_TRACEPOINT_EVENT(sched_switch, - - TP_PROTO(bool preempt, -- unsigned int prev_state, - struct task_struct *prev, -- struct task_struct *next), -+ struct task_struct *next, -+ unsigned int prev_state), - -- TP_ARGS(preempt, prev_state, prev, next), -+ TP_ARGS(preempt, prev, next, prev_state), - - TP_FIELDS( - ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch deleted file mode 100644 index 00367eebf8..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch +++ /dev/null @@ -1,48 +0,0 @@ -From a7eb2e3d0a4beb1ee80b132927641dd05ef2d542 Mon Sep 17 00:00:00 2001 -From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Date: Mon, 4 Apr 2022 15:49:32 -0400 -Subject: [PATCH 02/10] Fix: tracepoint event: allow same provider and event - name - -Using the same name for the provider (TRACE_SYSTEM) and event name -causes a compilation error because the same identifiers are emitted -twice. - -Fix this by prefixing the provider identifier with -"__provider_event_desc___". - -Upstream-Status: Backport - -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I8cdf8f859e35b8bd5c19737860d12f1ed546dfc2 ---- - include/lttng/tracepoint-event-impl.h | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/include/lttng/tracepoint-event-impl.h b/include/lttng/tracepoint-event-impl.h -index 38b1dc43..dcb22247 100644 ---- a/include/lttng/tracepoint-event-impl.h -+++ b/include/lttng/tracepoint-event-impl.h -@@ -1255,7 +1255,7 @@ static const struct lttng_kernel_event_desc __event_desc___##_map = { \ - #define TP_ID1(_token, _system) _token##_system - #define TP_ID(_token, _system) TP_ID1(_token, _system) - --static const struct lttng_kernel_event_desc * const TP_ID(__event_desc___, TRACE_SYSTEM)[] = { -+static const struct lttng_kernel_event_desc * const TP_ID(__provider_event_desc___, TRACE_SYSTEM)[] = { - #include TRACE_INCLUDE(TRACE_INCLUDE_FILE) - }; - -@@ -1274,8 +1274,8 @@ static const struct lttng_kernel_event_desc * const TP_ID(__event_desc___, TRACE - /* non-const because list head will be modified when registered. */ - static __used struct lttng_kernel_probe_desc TP_ID(__probe_desc___, TRACE_SYSTEM) = { - .provider_name = __stringify(TRACE_SYSTEM), -- .event_desc = TP_ID(__event_desc___, TRACE_SYSTEM), -- .nr_events = ARRAY_SIZE(TP_ID(__event_desc___, TRACE_SYSTEM)), -+ .event_desc = TP_ID(__provider_event_desc___, TRACE_SYSTEM), -+ .nr_events = ARRAY_SIZE(TP_ID(__provider_event_desc___, TRACE_SYSTEM)), - .head = { NULL, NULL }, - .lazy_init_head = { NULL, NULL }, - .lazy = 0, --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch deleted file mode 100644 index afe514de82..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch +++ /dev/null @@ -1,183 +0,0 @@ -From 8e52fd71e693619f7a58de2692e59f0c826e9988 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 13:52:57 -0400 -Subject: [PATCH 03/10] fix: sched/tracing: Don't re-read p->state when - emitting sched_switch event (v5.18) - -See upstream commit : - - commit fa2c3254d7cfff5f7a916ab928a562d1165f17bb - Author: Valentin Schneider <valentin.schneider@arm.com> - Date: Thu Jan 20 16:25:19 2022 +0000 - - sched/tracing: Don't re-read p->state when emitting sched_switch event - - As of commit - - c6e7bd7afaeb ("sched/core: Optimize ttwu() spinning on p->on_cpu") - - the following sequence becomes possible: - - p->__state = TASK_INTERRUPTIBLE; - __schedule() - deactivate_task(p); - ttwu() - READ !p->on_rq - p->__state=TASK_WAKING - trace_sched_switch() - __trace_sched_switch_state() - task_state_index() - return 0; - - TASK_WAKING isn't in TASK_REPORT, so the task appears as TASK_RUNNING in - the trace event. - - Prevent this by pushing the value read from __schedule() down the trace - event. - -Upstream-Status: Backport - -Change-Id: I46743cd006be4b4d573cae2d77df7d6d16744d04 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/sched.h | 88 +++++++++++++++++++++++--- - 1 file changed, 78 insertions(+), 10 deletions(-) - -diff --git a/include/instrumentation/events/sched.h b/include/instrumentation/events/sched.h -index 91953a6f..339bec94 100644 ---- a/include/instrumentation/events/sched.h -+++ b/include/instrumentation/events/sched.h -@@ -20,7 +20,37 @@ - #ifndef _TRACE_SCHED_DEF_ - #define _TRACE_SCHED_DEF_ - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,15,0)) -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+ -+static inline long __trace_sched_switch_state(bool preempt, -+ unsigned int prev_state, -+ struct task_struct *p) -+{ -+ unsigned int state; -+ -+#ifdef CONFIG_SCHED_DEBUG -+ BUG_ON(p != current); -+#endif /* CONFIG_SCHED_DEBUG */ -+ -+ /* -+ * Preemption ignores task state, therefore preempted tasks are always -+ * RUNNING (we will not have dequeued if state != RUNNING). -+ */ -+ if (preempt) -+ return TASK_REPORT_MAX; -+ -+ /* -+ * task_state_index() uses fls() and returns a value from 0-8 range. -+ * Decrement it by 1 (except TASK_RUNNING state i.e 0) before using -+ * it for left shift operation to get the correct task->state -+ * mapping. -+ */ -+ state = __task_state_index(prev_state, p->exit_state); -+ -+ return state ? (1 << (state - 1)) : state; -+} -+ -+#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,15,0)) - - static inline long __trace_sched_switch_state(bool preempt, struct task_struct *p) - { -@@ -321,43 +351,81 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(sched_wakeup_template, sched_wakeup_new, - /* - * Tracepoint for task switches, performed by the scheduler: - */ -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) - LTTNG_TRACEPOINT_EVENT(sched_switch, - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) - TP_PROTO(bool preempt, -- struct task_struct *prev, -- struct task_struct *next), -+ unsigned int prev_state, -+ struct task_struct *prev, -+ struct task_struct *next), - -- TP_ARGS(preempt, prev, next), -+ TP_ARGS(preempt, prev_state, prev, next), -+ -+ TP_FIELDS( -+ ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, prev_tid, prev->pid) -+ ctf_integer(int, prev_prio, prev->prio - MAX_RT_PRIO) -+#ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM -+ ctf_enum(task_state, long, prev_state, __trace_sched_switch_state(preempt, prev_state, prev)) - #else -- TP_PROTO(struct task_struct *prev, -+ ctf_integer(long, prev_state, __trace_sched_switch_state(preempt, prev_state, prev)) -+#endif -+ ctf_array_text(char, next_comm, next->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, next_tid, next->pid) -+ ctf_integer(int, next_prio, next->prio - MAX_RT_PRIO) -+ ) -+) -+ -+#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) -+ -+LTTNG_TRACEPOINT_EVENT(sched_switch, -+ -+ TP_PROTO(bool preempt, -+ struct task_struct *prev, - struct task_struct *next), - -- TP_ARGS(prev, next), --#endif /* #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) */ -+ TP_ARGS(preempt, prev, next), - - TP_FIELDS( - ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) - ctf_integer(pid_t, prev_tid, prev->pid) - ctf_integer(int, prev_prio, prev->prio - MAX_RT_PRIO) --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,4,0)) - #ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM - ctf_enum(task_state, long, prev_state, __trace_sched_switch_state(preempt, prev)) - #else - ctf_integer(long, prev_state, __trace_sched_switch_state(preempt, prev)) - #endif -+ ctf_array_text(char, next_comm, next->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, next_tid, next->pid) -+ ctf_integer(int, next_prio, next->prio - MAX_RT_PRIO) -+ ) -+) -+ - #else -+ -+LTTNG_TRACEPOINT_EVENT(sched_switch, -+ -+ TP_PROTO(struct task_struct *prev, -+ struct task_struct *next), -+ -+ TP_ARGS(prev, next), -+ -+ TP_FIELDS( -+ ctf_array_text(char, prev_comm, prev->comm, TASK_COMM_LEN) -+ ctf_integer(pid_t, prev_tid, prev->pid) -+ ctf_integer(int, prev_prio, prev->prio - MAX_RT_PRIO) - #ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM - ctf_enum(task_state, long, prev_state, __trace_sched_switch_state(prev)) - #else - ctf_integer(long, prev_state, __trace_sched_switch_state(prev)) --#endif - #endif - ctf_array_text(char, next_comm, next->comm, TASK_COMM_LEN) - ctf_integer(pid_t, next_tid, next->pid) - ctf_integer(int, next_prio, next->prio - MAX_RT_PRIO) - ) - ) -+#endif - - /* - * Tracepoint for a task being migrated: --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch deleted file mode 100644 index 9248ffe4ff..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 868e0b6db59159197c2cec3550fa4ad5e6572bc5 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 13:54:59 -0400 -Subject: [PATCH 04/10] fix: block: remove genhd.h (v5.18) - -See upstream commit : - - commit 322cbb50de711814c42fb088f6d31901502c711a - Author: Christoph Hellwig <hch@lst.de> - Date: Mon Jan 24 10:39:13 2022 +0100 - - block: remove genhd.h - - There is no good reason to keep genhd.h separate from the main blkdev.h - header that includes it. So fold the contents of genhd.h into blkdev.h - and remove genhd.h entirely. - -Upstream-Status: Backport - -Change-Id: I7cf2aaa3a4c133320b95f2edde49f790f9515dbd -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/wrapper/genhd.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/include/wrapper/genhd.h b/include/wrapper/genhd.h -index 3c6dbcbe..4a59b68e 100644 ---- a/include/wrapper/genhd.h -+++ b/include/wrapper/genhd.h -@@ -12,7 +12,11 @@ - #ifndef _LTTNG_WRAPPER_GENHD_H - #define _LTTNG_WRAPPER_GENHD_H - -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+#include <linux/blkdev.h> -+#else - #include <linux/genhd.h> -+#endif - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) - #define LTTNG_GENHD_FL_HIDDEN GENHD_FL_HIDDEN --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch deleted file mode 100644 index 0751827613..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 2bc7cb7193124d20aa4e1b5dbad0410bfb97a470 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 14:12:13 -0400 -Subject: [PATCH 05/10] fix: scsi: block: Remove REQ_OP_WRITE_SAME support - (v5.18) - -See upstream commit : - - commit 73bd66d9c834220579c881a3eb020fd8917075d8 - Author: Christoph Hellwig <hch@lst.de> - Date: Wed Feb 9 09:28:28 2022 +0100 - - scsi: block: Remove REQ_OP_WRITE_SAME support - - No more users of REQ_OP_WRITE_SAME or drivers implementing it are left, - so remove the infrastructure. - -Upstream-Status: Backport - -Change-Id: Ifbff71f79f8b590436fc7cb79f82d90c6e033d84 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/block.h | 32 ++++++++++++++++++++++++++ - 1 file changed, 32 insertions(+) - -diff --git a/include/instrumentation/events/block.h b/include/instrumentation/events/block.h -index 3e1104d7..050a59a2 100644 ---- a/include/instrumentation/events/block.h -+++ b/include/instrumentation/events/block.h -@@ -66,6 +66,37 @@ LTTNG_TRACEPOINT_ENUM(block_rq_type, - #define lttng_bio_op(bio) bio_op(bio) - #define lttng_bio_rw(bio) ((bio)->bi_opf) - -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+#ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM -+#define blk_rwbs_ctf_integer(type, rwbs, op, rw, bytes) \ -+ ctf_enum(block_rq_type, type, rwbs, \ -+ ( (op) == REQ_OP_WRITE ? RWBS_FLAG_WRITE : \ -+ ( (op) == REQ_OP_DISCARD ? RWBS_FLAG_DISCARD : \ -+ ( (op) == REQ_OP_SECURE_ERASE ? (RWBS_FLAG_DISCARD | RWBS_FLAG_SECURE) : \ -+ ( (op) == REQ_OP_FLUSH ? RWBS_FLAG_FLUSH : \ -+ ( (op) == REQ_OP_READ ? RWBS_FLAG_READ : \ -+ ( 0 )))))) \ -+ | ((rw) & REQ_RAHEAD ? RWBS_FLAG_RAHEAD : 0) \ -+ | ((rw) & REQ_SYNC ? RWBS_FLAG_SYNC : 0) \ -+ | ((rw) & REQ_META ? RWBS_FLAG_META : 0) \ -+ | ((rw) & REQ_PREFLUSH ? RWBS_FLAG_PREFLUSH : 0) \ -+ | ((rw) & REQ_FUA ? RWBS_FLAG_FUA : 0)) -+#else -+#define blk_rwbs_ctf_integer(type, rwbs, op, rw, bytes) \ -+ ctf_integer(type, rwbs, \ -+ ( (op) == REQ_OP_WRITE ? RWBS_FLAG_WRITE : \ -+ ( (op) == REQ_OP_DISCARD ? RWBS_FLAG_DISCARD : \ -+ ( (op) == REQ_OP_SECURE_ERASE ? (RWBS_FLAG_DISCARD | RWBS_FLAG_SECURE) : \ -+ ( (op) == REQ_OP_FLUSH ? RWBS_FLAG_FLUSH : \ -+ ( (op) == REQ_OP_READ ? RWBS_FLAG_READ : \ -+ ( 0 )))))) \ -+ | ((rw) & REQ_RAHEAD ? RWBS_FLAG_RAHEAD : 0) \ -+ | ((rw) & REQ_SYNC ? RWBS_FLAG_SYNC : 0) \ -+ | ((rw) & REQ_META ? RWBS_FLAG_META : 0) \ -+ | ((rw) & REQ_PREFLUSH ? RWBS_FLAG_PREFLUSH : 0) \ -+ | ((rw) & REQ_FUA ? RWBS_FLAG_FUA : 0)) -+#endif /* CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM */ -+#else - #ifdef CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM - #define blk_rwbs_ctf_integer(type, rwbs, op, rw, bytes) \ - ctf_enum(block_rq_type, type, rwbs, \ -@@ -95,6 +126,7 @@ LTTNG_TRACEPOINT_ENUM(block_rq_type, - | ((rw) & REQ_PREFLUSH ? RWBS_FLAG_PREFLUSH : 0) \ - | ((rw) & REQ_FUA ? RWBS_FLAG_FUA : 0)) - #endif /* CONFIG_LTTNG_EXPERIMENTAL_BITWISE_ENUM */ -+#endif - - #elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(3,1,0)) - --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch deleted file mode 100644 index 9c2f70d4af..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 369d82bb1746447514c877088d7c5fd0f39140f8 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 14:33:42 -0400 -Subject: [PATCH 06/10] fix: random: remove unused tracepoints (v5.18) - -See upstream commit : - - commit 14c174633f349cb41ea90c2c0aaddac157012f74 - Author: Jason A. Donenfeld <Jason@zx2c4.com> - Date: Thu Feb 10 16:40:44 2022 +0100 - - random: remove unused tracepoints - - These explicit tracepoints aren't really used and show sign of aging. - It's work to keep these up to date, and before I attempted to keep them - up to date, they weren't up to date, which indicates that they're not - really used. These days there are better ways of introspecting anyway. - -Upstream-Status: Backport - -Change-Id: I3b8c3e2732e7efdd76ce63204ac53a48784d0df6 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - src/probes/Kbuild | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/probes/Kbuild b/src/probes/Kbuild -index e26b4359..8d6ff0f2 100644 ---- a/src/probes/Kbuild -+++ b/src/probes/Kbuild -@@ -187,8 +187,11 @@ ifneq ($(CONFIG_FRAME_WARN),0) - CFLAGS_lttng-probe-printk.o += -Wframe-larger-than=2200 - endif - -+# Introduced in v3.6, remove in v5.18 - obj-$(CONFIG_LTTNG) += $(shell \ -- if [ $(VERSION) -ge 4 \ -+ if [ \( ! \( $(VERSION) -ge 6 -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) \) \ -+ -a \ -+ $(VERSION) -ge 4 \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -ge 6 \) \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -eq 5 -a $(SUBLEVEL) -ge 2 \) \ - -o \( $(VERSION) -eq 3 -a $(PATCHLEVEL) -eq 4 -a $(SUBLEVEL) -ge 9 \) \ --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch deleted file mode 100644 index effd37ffe1..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 3c46ddc134621dba65030263aa321dd6bdae3ba3 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 15:02:10 -0400 -Subject: [PATCH 07/10] fix: kprobes: Use rethook for kretprobe if possible - (v5.18) - -See upstream commit : - - commit 73f9b911faa74ac5107879de05c9489c419f41bb - Author: Masami Hiramatsu <mhiramat@kernel.org> - Date: Sat Mar 26 11:27:05 2022 +0900 - - kprobes: Use rethook for kretprobe if possible - - Use rethook for kretprobe function return hooking if the arch sets - CONFIG_HAVE_RETHOOK=y. In this case, CONFIG_KRETPROBE_ON_RETHOOK is - set to 'y' automatically, and the kretprobe internal data fields - switches to use rethook. If not, it continues to use kretprobe - specific function return hooks. - -Upstream-Status: Backport - -Change-Id: I2b7670dc04e4769c1e3c372582ad2f555f6d7a66 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/wrapper/kprobes.h | 17 +++++++++++++++++ - src/probes/lttng-kretprobes.c | 2 +- - 2 files changed, 18 insertions(+), 1 deletion(-) - -diff --git a/include/wrapper/kprobes.h b/include/wrapper/kprobes.h -index b546d615..51d32b7c 100644 ---- a/include/wrapper/kprobes.h -+++ b/include/wrapper/kprobes.h -@@ -29,4 +29,21 @@ struct kretprobe *lttng_get_kretprobe(struct kretprobe_instance *ri) - - #endif /* LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0) */ - -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+static inline -+unsigned long lttng_get_kretprobe_retaddr(struct kretprobe_instance *ri) -+{ -+ return get_kretprobe_retaddr(ri); -+} -+ -+#else -+ -+static inline -+unsigned long lttng_get_kretprobe_retaddr(struct kretprobe_instance *ri) -+{ -+ return (unsigned long) ri->ret_addr; -+} -+#endif -+ - #endif /* _LTTNG_WRAPPER_KPROBES_H */ -diff --git a/src/probes/lttng-kretprobes.c b/src/probes/lttng-kretprobes.c -index 5cb2e953..565df739 100644 ---- a/src/probes/lttng-kretprobes.c -+++ b/src/probes/lttng-kretprobes.c -@@ -81,7 +81,7 @@ int _lttng_kretprobes_handler(struct kretprobe_instance *krpi, - int ret; - - payload.ip = (unsigned long) lttng_get_kretprobe(krpi)->kp.addr; -- payload.parent_ip = (unsigned long) krpi->ret_addr; -+ payload.parent_ip = lttng_get_kretprobe_retaddr(krpi); - - lib_ring_buffer_ctx_init(&ctx, event_recorder, sizeof(payload), - lttng_alignof(payload), <tng_probe_ctx); --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch deleted file mode 100644 index 13c504b859..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch +++ /dev/null @@ -1,44 +0,0 @@ -From e8d2f286b5b208ac8870d0a9c167b170e96169b3 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 15:08:48 -0400 -Subject: [PATCH 08/10] fix: scsi: core: Remove <scsi/scsi_request.h> (v5.18) - -See upstream commit : - - commit 26440303310591e29121964ede0048583cb3126d - Author: Christoph Hellwig <hch@lst.de> - Date: Thu Feb 24 18:55:52 2022 +0100 - - scsi: core: Remove <scsi/scsi_request.h> - - This header is empty now except for an include of <linux/blk-mq.h>, so - remove it. - -Upstream-Status: Backport - -Change-Id: Ic8ee3352f1e8bddfcd44c31be9b788db82f183aa -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/block.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/include/instrumentation/events/block.h b/include/instrumentation/events/block.h -index 050a59a2..882e6e08 100644 ---- a/include/instrumentation/events/block.h -+++ b/include/instrumentation/events/block.h -@@ -11,9 +11,9 @@ - #include <linux/trace_seq.h> - #include <lttng/kernel-version.h> - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,11,0)) -+#if LTTNG_KERNEL_RANGE(4,11,0, 5,18,0) - #include <scsi/scsi_request.h> --#endif /* (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,11,0)) */ -+#endif /* LTTNG_KERNEL_RANGE(4,11,0, 5,18,0) */ - - #ifndef _TRACE_BLOCK_DEF_ - #define _TRACE_BLOCK_DEF_ --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch deleted file mode 100644 index 892d3f0d23..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch +++ /dev/null @@ -1,106 +0,0 @@ -From f9208dc00756dfa0a2f191799722030bdf3f793d Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 4 Apr 2022 15:14:01 -0400 -Subject: [PATCH 10/10] fix: mm: compaction: cleanup the compaction trace - events (v5.18) - -See upstream commit : - - commit abd4349ff9b8d242376b67711254221f64f447c7 - Author: Baolin Wang <baolin.wang@linux.alibaba.com> - Date: Tue Mar 22 14:45:56 2022 -0700 - - mm: compaction: cleanup the compaction trace events - - As Steven suggested [1], we should access the pointers from the trace - event to avoid dereferencing them to the tracepoint function when the - tracepoint is disabled. - - [1] https://lkml.org/lkml/2021/11/3/409 - -Upstream-Status: Backport - -Change-Id: I6c08250df8596e8dbc76780ae5d95c899c12e6fe -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - include/instrumentation/events/compaction.h | 17 ++++++++++++++++- - src/probes/Kbuild | 17 ++++++++++++++++- - src/probes/lttng-probe-compaction.c | 5 +++++ - 3 files changed, 37 insertions(+), 2 deletions(-) - -diff --git a/include/instrumentation/events/compaction.h b/include/instrumentation/events/compaction.h -index 15964537..ecae39a8 100644 ---- a/include/instrumentation/events/compaction.h -+++ b/include/instrumentation/events/compaction.h -@@ -97,7 +97,22 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE_MAP(compaction_isolate_template, - - #endif /* #else #if LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(4,0,0) */ - --#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+LTTNG_TRACEPOINT_EVENT_MAP(mm_compaction_migratepages, -+ -+ compaction_migratepages, -+ -+ TP_PROTO(struct compact_control *cc, -+ unsigned int nr_succeeded), -+ -+ TP_ARGS(cc, nr_succeeded), -+ -+ TP_FIELDS( -+ ctf_integer(unsigned long, nr_migrated, nr_succeeded) -+ ctf_integer(unsigned long, nr_failed, cc->nr_migratepages - nr_succeeded) -+ ) -+) -+#elif (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,17,0)) - LTTNG_TRACEPOINT_EVENT_MAP(mm_compaction_migratepages, - - compaction_migratepages, -diff --git a/src/probes/Kbuild b/src/probes/Kbuild -index 8d6ff0f2..54784477 100644 ---- a/src/probes/Kbuild -+++ b/src/probes/Kbuild -@@ -167,7 +167,22 @@ ifneq ($(CONFIG_BTRFS_FS),) - endif # $(wildcard $(btrfs_dep)) - endif # CONFIG_BTRFS_FS - --obj-$(CONFIG_LTTNG) += lttng-probe-compaction.o -+# A dependency on internal header 'mm/internal.h' was introduced in v5.18 -+compaction_dep = $(srctree)/mm/internal.h -+compaction_dep_wildcard = $(wildcard $(compaction_dep)) -+compaction_dep_check = $(shell \ -+if [ \( $(VERSION) -ge 6 \ -+ -o \( $(VERSION) -eq 5 -a $(PATCHLEVEL) -ge 18 \) \) -a \ -+ -z "$(compaction_dep_wildcard)" ] ; then \ -+ echo "warn" ; \ -+else \ -+ echo "ok" ; \ -+fi ;) -+ifeq ($(compaction_dep_check),ok) -+ obj-$(CONFIG_LTTNG) += lttng-probe-compaction.o -+else -+ $(warning Files $(compaction_dep) not found. Probe "compaction" is disabled. Use full kernel source tree to enable it.) -+endif # $(wildcard $(compaction_dep)) - - ifneq ($(CONFIG_EXT4_FS),) - ext4_dep = $(srctree)/fs/ext4/*.h -diff --git a/src/probes/lttng-probe-compaction.c b/src/probes/lttng-probe-compaction.c -index f8ddf384..ffaf45f0 100644 ---- a/src/probes/lttng-probe-compaction.c -+++ b/src/probes/lttng-probe-compaction.c -@@ -10,6 +10,11 @@ - - #include <linux/module.h> - #include <lttng/tracer.h> -+#include <lttng/kernel-version.h> -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,18,0)) -+#include "../mm/internal.h" -+#endif - - /* - * Create the tracepoint static inlines from the kernel to validate that our --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb b/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb index e049bdc6d2..bee2204b42 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.3.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-modules_2.13.4.bb @@ -10,24 +10,14 @@ inherit module include lttng-platforms.inc SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \ - file://0001-Fix-compaction-migratepages-event-name.patch \ - file://0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch \ - file://0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch \ - file://0004-fix-block-remove-genhd.h-v5.18.patch \ - file://0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch \ - file://0006-fix-random-remove-unused-tracepoints-v5.18.patch \ - file://0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch \ - file://0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch \ file://0009-Rename-genhd-wrapper-to-blkdev.patch \ - file://0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch \ - file://0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch \ - file://0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch \ - " + file://0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch \ + " # Use :append here so that the patch is applied also when using devupstream SRC_URI:append = " file://0001-src-Kbuild-change-missing-CONFIG_TRACEPOINTS-to-warn.patch" -SRC_URI[sha256sum] = "7cf1acbb50b84116acc9b4281b81dcc2643d6018bbd1e8514ad1270239896c4b" +SRC_URI[sha256sum] = "6159d00e4e1d59546eec8d4a67e1aa39c1084ceb5e5afeb666eab4b8a5b5a9ee" export INSTALL_MOD_DIR="kernel/lttng-modules" diff --git a/poky/meta/recipes-kernel/perf/perf.bb b/poky/meta/recipes-kernel/perf/perf.bb index 603d3f9eee..95e7eae9fe 100644 --- a/poky/meta/recipes-kernel/perf/perf.bb +++ b/poky/meta/recipes-kernel/perf/perf.bb @@ -227,6 +227,9 @@ do_configure:prepend () { # reproducible. sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(PYTHON_AUTO)),$(notdir $(call get-executable-or-default\,PYTHON\,$(PYTHON_AUTO))),g' \ ${S}/tools/perf/Makefile.config + # The same line is in older releases, but looking explicitly for Python 2 + sed -i -e 's,$(call get-executable-or-default\,PYTHON\,$(PYTHON2)),$(notdir $(call get-executable-or-default\,PYTHON\,$(PYTHON2))),g' \ + ${S}/tools/perf/Makefile.config # likewise with this substitution. Kernels with commit 18f2967418d031a39 # [perf tools: Use Python devtools for version autodetection rather than runtime] diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch new file mode 100644 index 0000000000..71b85cac10 --- /dev/null +++ b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch @@ -0,0 +1,212 @@ +From 87881e093691a35c60b91cafed058ba2dd5d9807 Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Sun, 5 Dec 2021 14:37:46 +0100 +Subject: [PATCH] TIFFReadDirectory: fix OJPEG hack (fixes #319) + +to avoid having the size of the strip arrays inconsistent with the +number of strips returned by TIFFNumberOfStrips(), which may cause +out-ouf-bounds array read afterwards. + +One of the OJPEG hack that alters SamplesPerPixel may influence the +number of strips. Hence compute tif_dir.td_nstrips only afterwards. + +CVE: CVE-2022-1354 + +Upstream-Status: Backport +[https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + libtiff/tif_dirread.c | 162 ++++++++++++++++++++++-------------------- + 1 file changed, 83 insertions(+), 79 deletions(-) + +diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c +index 8f434ef5..14c031d1 100644 +--- a/libtiff/tif_dirread.c ++++ b/libtiff/tif_dirread.c +@@ -3794,50 +3794,7 @@ TIFFReadDirectory(TIFF* tif) + MissingRequired(tif,"ImageLength"); + goto bad; + } +- /* +- * Setup appropriate structures (by strip or by tile) +- */ +- if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS)) { +- tif->tif_dir.td_nstrips = TIFFNumberOfStrips(tif); +- tif->tif_dir.td_tilewidth = tif->tif_dir.td_imagewidth; +- tif->tif_dir.td_tilelength = tif->tif_dir.td_rowsperstrip; +- tif->tif_dir.td_tiledepth = tif->tif_dir.td_imagedepth; +- tif->tif_flags &= ~TIFF_ISTILED; +- } else { +- tif->tif_dir.td_nstrips = TIFFNumberOfTiles(tif); +- tif->tif_flags |= TIFF_ISTILED; +- } +- if (!tif->tif_dir.td_nstrips) { +- TIFFErrorExt(tif->tif_clientdata, module, +- "Cannot handle zero number of %s", +- isTiled(tif) ? "tiles" : "strips"); +- goto bad; +- } +- tif->tif_dir.td_stripsperimage = tif->tif_dir.td_nstrips; +- if (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE) +- tif->tif_dir.td_stripsperimage /= tif->tif_dir.td_samplesperpixel; +- if (!TIFFFieldSet(tif, FIELD_STRIPOFFSETS)) { +-#ifdef OJPEG_SUPPORT +- if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG) && +- (isTiled(tif)==0) && +- (tif->tif_dir.td_nstrips==1)) { +- /* +- * XXX: OJPEG hack. +- * If a) compression is OJPEG, b) it's not a tiled TIFF, +- * and c) the number of strips is 1, +- * then we tolerate the absence of stripoffsets tag, +- * because, presumably, all required data is in the +- * JpegInterchangeFormat stream. +- */ +- TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS); +- } else +-#endif +- { +- MissingRequired(tif, +- isTiled(tif) ? "TileOffsets" : "StripOffsets"); +- goto bad; +- } +- } ++ + /* + * Second pass: extract other information. + */ +@@ -4042,41 +3999,6 @@ TIFFReadDirectory(TIFF* tif) + } /* -- if (!dp->tdir_ignore) */ + } /* -- for-loop -- */ + +- if( tif->tif_mode == O_RDWR && +- tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && +- tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && +- tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && +- tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && +- tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 ) +- { +- /* Directory typically created with TIFFDeferStrileArrayWriting() */ +- TIFFSetupStrips(tif); +- } +- else if( !(tif->tif_flags&TIFF_DEFERSTRILELOAD) ) +- { +- if( tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 ) +- { +- if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripoffset_entry), +- tif->tif_dir.td_nstrips, +- &tif->tif_dir.td_stripoffset_p)) +- { +- goto bad; +- } +- } +- if( tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 ) +- { +- if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripbytecount_entry), +- tif->tif_dir.td_nstrips, +- &tif->tif_dir.td_stripbytecount_p)) +- { +- goto bad; +- } +- } +- } +- + /* + * OJPEG hack: + * - If a) compression is OJPEG, and b) photometric tag is missing, +@@ -4147,6 +4069,88 @@ TIFFReadDirectory(TIFF* tif) + } + } + ++ /* ++ * Setup appropriate structures (by strip or by tile) ++ * We do that only after the above OJPEG hack which alters SamplesPerPixel ++ * and thus influences the number of strips in the separate planarconfig. ++ */ ++ if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS)) { ++ tif->tif_dir.td_nstrips = TIFFNumberOfStrips(tif); ++ tif->tif_dir.td_tilewidth = tif->tif_dir.td_imagewidth; ++ tif->tif_dir.td_tilelength = tif->tif_dir.td_rowsperstrip; ++ tif->tif_dir.td_tiledepth = tif->tif_dir.td_imagedepth; ++ tif->tif_flags &= ~TIFF_ISTILED; ++ } else { ++ tif->tif_dir.td_nstrips = TIFFNumberOfTiles(tif); ++ tif->tif_flags |= TIFF_ISTILED; ++ } ++ if (!tif->tif_dir.td_nstrips) { ++ TIFFErrorExt(tif->tif_clientdata, module, ++ "Cannot handle zero number of %s", ++ isTiled(tif) ? "tiles" : "strips"); ++ goto bad; ++ } ++ tif->tif_dir.td_stripsperimage = tif->tif_dir.td_nstrips; ++ if (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE) ++ tif->tif_dir.td_stripsperimage /= tif->tif_dir.td_samplesperpixel; ++ if (!TIFFFieldSet(tif, FIELD_STRIPOFFSETS)) { ++#ifdef OJPEG_SUPPORT ++ if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG) && ++ (isTiled(tif)==0) && ++ (tif->tif_dir.td_nstrips==1)) { ++ /* ++ * XXX: OJPEG hack. ++ * If a) compression is OJPEG, b) it's not a tiled TIFF, ++ * and c) the number of strips is 1, ++ * then we tolerate the absence of stripoffsets tag, ++ * because, presumably, all required data is in the ++ * JpegInterchangeFormat stream. ++ */ ++ TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS); ++ } else ++#endif ++ { ++ MissingRequired(tif, ++ isTiled(tif) ? "TileOffsets" : "StripOffsets"); ++ goto bad; ++ } ++ } ++ ++ if( tif->tif_mode == O_RDWR && ++ tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 && ++ tif->tif_dir.td_stripoffset_entry.tdir_count == 0 && ++ tif->tif_dir.td_stripoffset_entry.tdir_type == 0 && ++ tif->tif_dir.td_stripoffset_entry.tdir_offset.toff_long8 == 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_count == 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_type == 0 && ++ tif->tif_dir.td_stripbytecount_entry.tdir_offset.toff_long8 == 0 ) ++ { ++ /* Directory typically created with TIFFDeferStrileArrayWriting() */ ++ TIFFSetupStrips(tif); ++ } ++ else if( !(tif->tif_flags&TIFF_DEFERSTRILELOAD) ) ++ { ++ if( tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 ) ++ { ++ if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripoffset_entry), ++ tif->tif_dir.td_nstrips, ++ &tif->tif_dir.td_stripoffset_p)) ++ { ++ goto bad; ++ } ++ } ++ if( tif->tif_dir.td_stripbytecount_entry.tdir_tag != 0 ) ++ { ++ if (!TIFFFetchStripThing(tif,&(tif->tif_dir.td_stripbytecount_entry), ++ tif->tif_dir.td_nstrips, ++ &tif->tif_dir.td_stripbytecount_p)) ++ { ++ goto bad; ++ } ++ } ++ } ++ + /* + * Make sure all non-color channels are extrasamples. + * If it's not the case, define them as such. +-- +2.25.1 + diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch new file mode 100644 index 0000000000..e59f5aad55 --- /dev/null +++ b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch @@ -0,0 +1,62 @@ +From fb1db384959698edd6caeea84e28253d272a0f96 Mon Sep 17 00:00:00 2001 +From: Su_Laus <sulau@freenet.de> +Date: Sat, 2 Apr 2022 22:33:31 +0200 +Subject: [PATCH] tiffcp: avoid buffer overflow in "mode" string (fixes #400) + +CVE: CVE-2022-1355 + +Upstream-Status: Backport +[https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + tools/tiffcp.c | 25 ++++++++++++++++++++----- + 1 file changed, 20 insertions(+), 5 deletions(-) + +diff --git a/tools/tiffcp.c b/tools/tiffcp.c +index fd129bb7..8d944ff6 100644 +--- a/tools/tiffcp.c ++++ b/tools/tiffcp.c +@@ -274,19 +274,34 @@ main(int argc, char* argv[]) + deftilewidth = atoi(optarg); + break; + case 'B': +- *mp++ = 'b'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'b'; *mp = '\0'; ++ } + break; + case 'L': +- *mp++ = 'l'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'l'; *mp = '\0'; ++ } + break; + case 'M': +- *mp++ = 'm'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'm'; *mp = '\0'; ++ } + break; + case 'C': +- *mp++ = 'c'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode) - 1)) ++ { ++ *mp++ = 'c'; *mp = '\0'; ++ } + break; + case '8': +- *mp++ = '8'; *mp = '\0'; ++ if (strlen(mode) < (sizeof(mode)-1)) ++ { ++ *mp++ = '8'; *mp = '\0'; ++ } + break; + case 'x': + pageInSeq = 1; +-- +2.25.1 + diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index c2d4b35d49..149516508f 100644 --- a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -19,6 +19,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://0005-fix-the-FPE-in-tiffcrop-393.patch \ file://0006-fix-heap-buffer-overflow-in-tiffcp-278.patch \ file://0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch \ + file://CVE-2022-1354.patch \ + file://CVE-2022-1355.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.36.4.bb index 83b6f8a6ee..df4ff63121 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.36.3.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.36.4.bb @@ -17,7 +17,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://0001-When-building-introspection-files-do-not-quote-CFLAG.patch \ " -SRC_URI[sha256sum] = "732fcf8c4ec644b8ed28b46ebbd7c1ebab9d9e0afea9bdf5e5d12786afc478d1" +SRC_URI[sha256sum] = "b6bebe1f85a479d968c19e44a4704622ef8cef61636ad1b2406b77d16ae2e2a8" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc diff --git a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch index b58fbfe6f5..c4ede9ea5e 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch @@ -1,4 +1,4 @@ -From bdde1faa774753e29d582d79186e08a38597de9e Mon Sep 17 00:00:00 2001 +From 89b98553084fbefe1ef2c7cbff9e72cf43144c49 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Mon, 22 Jan 2018 18:00:21 +0200 Subject: [PATCH] configure.ac: use a custom value for the location of @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 5cdd316..e5f2d6a 100644 +index d86c60e..65c22b2 100644 --- a/configure.ac +++ b/configure.ac -@@ -1962,7 +1962,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", +@@ -1955,7 +1955,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool]) diff --git a/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch b/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch deleted file mode 100644 index b4106d3620..0000000000 --- a/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 9ace8f1b68ab708c44dce4c0152b975fbceb0398 Mon Sep 17 00:00:00 2001 -From: Saul Wold <sgw@linux.intel.com> -Date: Wed, 16 Aug 2017 11:18:01 +0800 -Subject: [PATCH] dirmngr uses libgpg error - -Upstream-Status: Pending -Signed-off-by: Saul Wold <sgw@linux.intel.com> - -Rebase to 2.1.23 - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> - ---- - dirmngr/Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am -index 77ca3f5..1446775 100644 ---- a/dirmngr/Makefile.am -+++ b/dirmngr/Makefile.am -@@ -86,7 +86,7 @@ endif - dirmngr_LDADD = $(libcommonpth) \ - $(DNSLIBS) $(LIBASSUAN_LIBS) \ - $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(NPTH_LIBS) \ -- $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) $(NETLIBS) -+ $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) $(NETLIBS) $(GPG_ERROR_LIBS) - if USE_LDAP - dirmngr_LDADD += $(ldaplibs) - endif diff --git a/poky/meta/recipes-support/gnupg/gnupg/relocate.patch b/poky/meta/recipes-support/gnupg/gnupg/relocate.patch index 74f48e9582..43999b8a6d 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/relocate.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/relocate.patch @@ -1,4 +1,4 @@ -From 1e34e1d477f843c0ee2f1a3fddc20201f0233e81 Mon Sep 17 00:00:00 2001 +From 89ae4f03307104689e1857d9857d452af6b35ac4 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Wed, 19 Sep 2018 14:44:40 +0100 Subject: [PATCH] Allow the environment to override where gnupg looks for its @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex@linutronix.de> 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/common/homedir.c b/common/homedir.c -index 174d961..f4c25fb 100644 +index 260aeb2..1aeb08d 100644 --- a/common/homedir.c +++ b/common/homedir.c -@@ -1161,7 +1161,7 @@ gnupg_socketdir (void) +@@ -1143,7 +1143,7 @@ gnupg_socketdir (void) if (!name) { unsigned int dummy; @@ -26,7 +26,7 @@ index 174d961..f4c25fb 100644 gpgrt_annotate_leaked_object (name); } -@@ -1193,7 +1193,7 @@ gnupg_sysconfdir (void) +@@ -1175,7 +1175,7 @@ gnupg_sysconfdir (void) if (dir) return dir; else @@ -35,7 +35,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1229,7 +1229,7 @@ gnupg_bindir (void) +@@ -1211,7 +1211,7 @@ gnupg_bindir (void) return name; } else @@ -44,7 +44,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1256,7 +1256,7 @@ gnupg_libexecdir (void) +@@ -1238,7 +1238,7 @@ gnupg_libexecdir (void) return name; } else @@ -53,7 +53,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1286,7 +1286,7 @@ gnupg_libdir (void) +@@ -1268,7 +1268,7 @@ gnupg_libdir (void) return name; } else @@ -62,7 +62,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1317,7 +1317,7 @@ gnupg_datadir (void) +@@ -1299,7 +1299,7 @@ gnupg_datadir (void) return name; } else @@ -71,7 +71,7 @@ index 174d961..f4c25fb 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1349,7 +1349,7 @@ gnupg_localedir (void) +@@ -1331,7 +1331,7 @@ gnupg_localedir (void) return name; } else diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.3.4.bb b/poky/meta/recipes-support/gnupg/gnupg_2.3.7.bb index d27bddb8bd..da2b1c4deb 100644 --- a/poky/meta/recipes-support/gnupg/gnupg_2.3.4.bb +++ b/poky/meta/recipes-support/gnupg/gnupg_2.3.7.bb @@ -16,7 +16,6 @@ inherit autotools gettext texinfo pkgconfig UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ file://0002-use-pkgconfig-instead-of-npth-config.patch \ - file://0003-dirmngr-uses-libgpg-error.patch \ file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \ file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \ " @@ -24,7 +23,7 @@ SRC_URI:append:class-native = " file://0001-configure.ac-use-a-custom-value-for- file://relocate.patch" SRC_URI:append:class-nativesdk = " file://relocate.patch" -SRC_URI[sha256sum] = "f3468ecafb1d7f9ad7b51fd1db7aebf17ceb89d2efa8a05cf2f39b4d405402ae" +SRC_URI[sha256sum] = "ee163a5fb9ec99ffc1b18e65faef8d086800c5713d15a672ab57d3799da83669" EXTRA_OECONF = "--disable-ldap \ --disable-ccid-driver \ diff --git a/poky/meta/recipes-support/vim/files/crosscompile.patch b/poky/meta/recipes-support/vim/files/crosscompile.patch new file mode 100644 index 0000000000..583d3fc7b0 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/crosscompile.patch @@ -0,0 +1,51 @@ +configure.ac: Fix create_timer solaris test for cross compiling + +A runtime test was added for create_timer however this meant cross compiling +would no longer work. Allow a cache value to be specified to allow cross +compiling again. + +Signed-off-by: Richard Purdie richard.purdie@linuxfoundation.org + +Upstream-Status: Submitted [https://github.com/vim/vim/pull/10777] + +Index: git/src/configure.ac +=================================================================== +--- git.orig/src/configure.ac ++++ git/src/configure.ac +@@ -3814,7 +3814,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM( + dnl Check for timer_create. It probably requires the 'rt' library. + dnl Run the program to find out if timer_create(CLOCK_MONOTONIC) actually + dnl works, on Solaris timer_create() exists but fails at runtime. +-AC_MSG_CHECKING([for timer_create]) ++AC_CACHE_CHECK([for timer_create], [vim_cv_timer_create], + save_LIBS="$LIBS" + LIBS="$LIBS -lrt" + AC_RUN_IFELSE([AC_LANG_PROGRAM([ +@@ -3831,7 +3831,7 @@ static void set_flag(union sigval sv) {} + if (timer_create(CLOCK_MONOTONIC, &action, &timer_id) < 0) + exit(1); // cannot create a monotonic timer + ])], +- AC_MSG_RESULT(yes; with -lrt); AC_DEFINE(HAVE_TIMER_CREATE), ++ AC_MSG_NOTICE(timer_create with -lrt); vim_cv_timer_create=yes, + LIBS="$save_LIBS" + AC_RUN_IFELSE([AC_LANG_PROGRAM([ + #include<signal.h> +@@ -3847,8 +3847,16 @@ static void set_flag(union sigval sv) {} + if (timer_create(CLOCK_MONOTONIC, &action, &timer_id) < 0) + exit(1); // cannot create a monotonic timer + ])], +- AC_MSG_RESULT(yes); AC_DEFINE(HAVE_TIMER_CREATE), +- AC_MSG_RESULT(no))) ++ vim_cv_timer_create=yes, ++ vim_cv_timer_create=no), ++ AC_MSG_ERROR(cross-compiling: please set 'vim_cv_timer_create') ++ ) ++) ++ ++if test "x$vim_cv_timer_create" = "xyes" ; then ++ AC_DEFINE(HAVE_TIMER_CREATE) ++fi ++ + + AC_CACHE_CHECK([whether stat() ignores a trailing slash], [vim_cv_stat_ignores_slash], + [ diff --git a/poky/meta/recipes-support/vim/files/racefix.patch b/poky/meta/recipes-support/vim/files/racefix.patch index 1cb8fb442f..34bd37d650 100644 --- a/poky/meta/recipes-support/vim/files/racefix.patch +++ b/poky/meta/recipes-support/vim/files/racefix.patch @@ -1,9 +1,13 @@ +po/Makefile: Avoid race over LINGUAS file + The creation of the LINGUAS file is duplicated for each desktop file -which can lead the commands to race against each other. Rework -the makefile to avoid this as the expense of leaving the file on disk. +which can lead the commands to race against each other. One target might +remove it before another has been able to use it. Rework the makefile to +avoid this as the expense of leaving the file on disk. + +Signed-off-by: Richard Purdie richard.purdie@linuxfoundation.org -Upstream-Status: Pending -RP 2021/2/15 +Upstream-Status: Submitted [https://github.com/vim/vim/pull/10776] Index: git/src/po/Makefile =================================================================== diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc index 7e2c624bc1..31229534e4 100644 --- a/poky/meta/recipes-support/vim/vim.inc +++ b/poky/meta/recipes-support/vim/vim.inc @@ -19,10 +19,11 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ file://racefix.patch \ + file://crosscompile.patch \ " -PV .= ".0021" -SRCREV = "5e59ea54c0c37c2f84770f068d95280069828774" +PV .= ".0063" +SRCREV = "d61efa50f8f5b9d9dcbc136705cc33874f0fdcb3" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" @@ -95,6 +96,10 @@ EXTRA_OECONF = " \ STRIP=/bin/true \ " +# Some host distros don't have it, disable consistently +EXTRA_OECONF:append:class-native = " vim_cv_timer_create=no" +EXTRA_OECONF:append:class-target = " vim_cv_timer_create=yes" + do_install() { autotools_do_install diff --git a/poky/scripts/lib/wic/plugins/source/rootfs.py b/poky/scripts/lib/wic/plugins/source/rootfs.py index 25bb41dd70..fc06312ee4 100644 --- a/poky/scripts/lib/wic/plugins/source/rootfs.py +++ b/poky/scripts/lib/wic/plugins/source/rootfs.py @@ -35,7 +35,7 @@ class RootfsPlugin(SourcePlugin): @staticmethod def __validate_path(cmd, rootfs_dir, path): if os.path.isabs(path): - logger.error("%s: Must be relative: %s" % (cmd, orig_path)) + logger.error("%s: Must be relative: %s" % (cmd, path)) sys.exit(1) # Disallow climbing outside of parent directory using '..', |