diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2021-07-13 20:29:41 +0300 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2021-07-13 20:36:25 +0300 |
| commit | bcc346ef66ded507480d46242dc88c4e73ca2aa7 (patch) | |
| tree | 6a0019a842ca6fa02e0fab5fb928b9504276e58a /poky/meta | |
| parent | e849b5038b885b344296b7c8ba379e340f309935 (diff) | |
| download | openbmc-bcc346ef66ded507480d46242dc88c4e73ca2aa7.tar.xz | |
subtree updates
meta-security: c6b1eec0e5..5050d1267a:
Armin Kuster (1):
tpm-tools: fix build issue
poky: fd33741e27..da0ce760c5:
Alejandro Hernandez Samaniego (1):
baremetal-image: Fix post process command rootfs_update_timestamp
Alexander Kanavin (3):
bind: upgrade 9.16.12 -> 9.16.13
devtool upgrade: rebase override-only patches as well
libgcrypt: upgrade 1.9.2 -> 1.9.3
Andrea Adami (1):
kernel.bbclass: fix do_sizecheck() comparison
Anuj Mittal (1):
curl: fix build when proxy is not enabled in PACKAGECONFIG
Bruce Ashfield (25):
linux-yocto/5.10: update to v5.10.35
linux-yocto/5.4: update to v5.4.117
linux-yocto/5.10: ktypes/standard: disable obsolete crypto options by default
linux-yocto/5.10: update to v5.10.36
linux-yocto/5.4: update to v5.4.118
linux-yocto/5.10: update to v5.10.37
linux-yocto/5.4: update to v5.4.119
linux-yocto/5.10: update to v5.10.38
linux-yocto/5.4: update to v5.4.120
linux-yocto/5.10: update to v5.10.41
linux-yocto/5.4: update to v5.4.123
linux-yocto/5.4: update to v5.4.124
linux-yocto/5.4: update to v5.4.125
linux-yocto/5.10: update to v5.10.42
linux-yocto/5.10: update to v5.10.43
linux-yocto/5.10: cgroup1: fix leaked context root causing sporadic NULL deref in LTP
linux-yocto/5.10: update to v5.10.46
linux-yocto/5.10: features/nft_tables: refresh config options
linux-yocto/5.4: update to v5.4.128
linux-yocto/5.10: rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock
kern-tools: add dropped options to audit output
kern-tools: Kconfiglib: add support for bare 'modules' keyword
kernel-devsrc: adjust NM and OBJTOOL variables for target
lttng-modules: update to v2.12.6
bsps/5.10: update to v5.10.43
Changqing Li (1):
pkgconfig: update SRC_URI
Daniel McGregor (2):
sstate: Ignore sstate signing key
lib/oe/gpg_sign.py: Fix gpg verification
Guillaume Champagne (1):
image-live.bbclass: order do_bootimg after do_rootfs
Harald Brinkmann (1):
bitbake: fetch/svn: Fix parsing revision of SVN repos with redirects
Joshua Watt (1):
classes/reproducible_build: Use atomic rename for SDE file
Kai Kang (2):
valgrind: fix a typo
libx11: fix CVE-2021-31535
Khem Raj (1):
linuxloader: Be aware of riscv32 ldso
Michael Ho (1):
sstate.bbclass: fix errors about read-only sstate mirrors
Ming Liu (1):
uboot-sign.bbclass: fix some install commands
Nikolay Papenkov (1):
flex: correct license information
Peter Kjellerstedt (2):
util-linux.inc: Do not modify BPN
native.bbclass: Do not remove "-native" in the middle of recipe names
Richard Purdie (14):
ltp: Disable problematic tests causing autobuilder hangs
grub2: Add CVE whitelist entries for issues fixed in 2.06
grub: Exclude CVE-2019-14865 from cve-check
cve-extra-exclusions.inc: add exclusion list for intractable CVE's
xinetd: Exclude CVE-2013-4342 from cve-check
bind: upgrade 9.16.13 -> 9.16.15
oeqa/runtime/rpm: Drop log message counting test component
linux-firmware: upgrade 20210315 -> 20210511
lttng-tools: upgrade 2.12.3 -> 2.12.4
perf: Use python3targetconfig to ensure we use target libraries
package_pkgdata: Avoid task hash mismatches for generic task changes
selftest/fetch: Avoid occasional selftest failure from poor temp file name choice
kernel: Fix interaction when packaging disabled
kernel-devicetree: Fix interaction when packaging disabled
Ross Burton (2):
package_rpm: pass XZ_THREADS to rpm
avahi: apply fix for CVE-2021-3468
Sakib Sajal (1):
qemu: Exclude CVE-2020-3550[4/5/6] from cve-check
Scott Weaver (1):
bitbake: fetch2: add check for empty SRC_URI hash string
Stefan Ghinea (1):
boost: fix do_fetch failure
Steve Sakoman (1):
expat: set CVE_PRODUCT
Tony Tascioglu (5):
libxml2: Fix CVE-2021-3518
libxml2: Fix CVE-2021-3541
valgrind: Improve non-deterministic ptest reliability
valgrind: remove buggy ptest from arm64
valgrind: Actually install list of non-deterministic ptests
Trevor Gamblin (5):
bind: upgrade 9.16.15 -> 9.16.16
curl: fix CVE-2021-22890
curl: fix CVE-2021-22876
python3: upgrade 3.9.4 -> 3.9.5
curl: cleanup CVE patches for hardknott
Zqiang (1):
ifupdown: Skip wrong test item
jbouchard (1):
Use the label provided when formating a dos partition
meta-openembedded: cf5bd6a830..c51e79dd85:
Alexander Vickberg (1):
hostapd: fix building with CONFIG_TLS=internal
Andrea Adami (3):
initramfs-kexecboot-image: support cases where machines override IMAGE_FSTYPES
initramfs-debug-image: support cases where machines override IMAGE_FSTYPES
rapidjson: remove stale LIB_INSTALL_DIR
Andreas Müller (1):
libgtop: tidy up recipe
Andrej Kozemcak (1):
squid: upgrade 4.14 -> 4.15
Changqing Li (1):
libgtop: fix do_compile error
Chen Qi (1):
minifi-cpp: set CLEANBROKEN to 1
Geoff Parker (1):
cifs-utils: set ROOTSBINDIR to /usr/sbin if DISTRO_FEATURES has usrmerge
Khem Raj (3):
opencv: Disable tbb on riscv/musl
mongodb: Update to 4.4.6-rc0
mongodb: Change PV to 4.4.6
Leon Anavi (5):
python3-cerberus: Upgrade 1.3.3 -> 1.3.4
python3-robotframework: Upgrade 4.0.1 -> 4.0.2
python3-rfc3339-validator: Upgrade 0.1.3 -> 0.1.4
python3-pymongo: Upgrade 3.11.3 -> 3.11.4
python3-django: Upgrade 3.2.3 -> 3.2.4
Marek Vasut (1):
nss: Fix build on Centos 7
Olivier Georget (1):
libpfm4 4.10.1 : enable arm64 host platform
Ovidiu Panait (1):
libeigen: update LICENSE information
Peter Kjellerstedt (2):
net-snmp: A little clean up
net-snmp: Support building for native
Saul Wold (2):
opencv: remove tbb packageconfig for powerpc
sysdig: disable building for ppc
Sekine Shigeki (2):
add CVE-2011-2411 to allowlist
ntp: add CVE-2016-9312 to allowlist
Stefan Ghinea (1):
thunar: fix CVE-2021-32563
Trevor Gamblin (5):
python3-django: upgrade 2.2.20 -> 2.2.22
python3-django: upgrade 3.2 -> 3.2.2
python3-django: upgrade 2.2.22 -> 2.2.23
python3-django: upgrade 3.2.2 -> 3.2.3
python3-django: upgrade 2.2.23 -> 2.2.24
Yi Zhao (1):
minifi-cpp: set correct python processor directory in configure file
ito-yuichi@fujitsu.com (2):
cyrus-sasl: add CVE-2020-8032 to allowlist
dovecot: add CVE-2016-4983 to allowlist
wangmy (10):
uftrace: Fix a plthook crash on aarch64 with binutils2.35.1 and later versions on aarch64
exiv2: Fix CVE-2021-29457
exiv2: Fix CVE-2021-29458
exiv2: Fix CVE-2021-29463
exiv2: Fix CVE-2021-3482
exiv2: Fix CVE-2021-29464
exiv2: Fix CVE-2021-29470
exiv2: Fix CVE-2021-29473
libsdl: Fix CVE-2019-13616
trace-cmd: Conflict resolution
zangrc (2):
postgresql: upgrade 13.2 -> 13.3
wireshark: upgrade 3.4.5 -> 3.4.6
zhengruoqin (1):
net-snmp: upgrade 5.9 -> 5.9.1
meta-raspberrypi: 11209a4981..064f5404ea:
Andrei Gherzan (1):
layer.conf: Define LAYERDEPENDS
Martin Jansa (3):
linux-raspberrypi: allow to change the yocto-kernel-cache branch with LINUX_RPI_KMETA_BRANCH
linux-raspberrypi-dev: drop protocol=git and add LINUX_RPI_KMETA_BRANCH
linux-raspberrypi-dev: use static SRCREV when not selected with PREFERRED_PROVIDER_virtual/kernel
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I1323b4d2f742e7c82b51f25cb74d2196167da023
Diffstat (limited to 'poky/meta')
76 files changed, 1747 insertions, 890 deletions
diff --git a/poky/meta/classes/baremetal-image.bbclass b/poky/meta/classes/baremetal-image.bbclass index b0f5e885b5..bc888f6223 100644 --- a/poky/meta/classes/baremetal-image.bbclass +++ b/poky/meta/classes/baremetal-image.bbclass @@ -50,6 +50,10 @@ python do_rootfs(){ if os.path.lexists(manifest_link): os.remove(manifest_link) os.symlink(os.path.basename(manifest_name), manifest_link) + # A lot of postprocess commands assume the existence of rootfs/etc + sysconfdir = d.getVar("IMAGE_ROOTFS") + d.getVar('sysconfdir') + bb.utils.mkdirhier(sysconfdir) + execute_pre_post_process(d, d.getVar('ROOTFS_POSTPROCESS_COMMAND')) } diff --git a/poky/meta/classes/image-live.bbclass b/poky/meta/classes/image-live.bbclass index 8b08305cdb..fd876ed8e1 100644 --- a/poky/meta/classes/image-live.bbclass +++ b/poky/meta/classes/image-live.bbclass @@ -261,4 +261,4 @@ python do_bootimg() { do_bootimg[subimages] = "hddimg iso" do_bootimg[imgsuffix] = "." -addtask bootimg before do_image_complete +addtask bootimg before do_image_complete after do_rootfs diff --git a/poky/meta/classes/kernel-devicetree.bbclass b/poky/meta/classes/kernel-devicetree.bbclass index d4f8864200..27a4905ac6 100644 --- a/poky/meta/classes/kernel-devicetree.bbclass +++ b/poky/meta/classes/kernel-devicetree.bbclass @@ -1,8 +1,11 @@ # Support for device tree generation -PACKAGES_append = " \ - ${KERNEL_PACKAGE_NAME}-devicetree \ - ${@[d.getVar('KERNEL_PACKAGE_NAME') + '-image-zimage-bundle', ''][d.getVar('KERNEL_DEVICETREE_BUNDLE') != '1']} \ -" +python () { + if not bb.data.inherits_class('nopackages', d): + d.appendVar("PACKAGES", " ${KERNEL_PACKAGE_NAME}-devicetree") + if d.getVar('KERNEL_DEVICETREE_BUNDLE') == '1': + d.appendVar("PACKAGES", " ${KERNEL_PACKAGE_NAME}-image-zimage-bundle") +} + FILES_${KERNEL_PACKAGE_NAME}-devicetree = "/${KERNEL_IMAGEDEST}/*.dtb /${KERNEL_IMAGEDEST}/*.dtbo" FILES_${KERNEL_PACKAGE_NAME}-image-zimage-bundle = "/${KERNEL_IMAGEDEST}/zImage-*.dtb.bin" diff --git a/poky/meta/classes/kernel.bbclass b/poky/meta/classes/kernel.bbclass index 8693ab86be..846b19663b 100644 --- a/poky/meta/classes/kernel.bbclass +++ b/poky/meta/classes/kernel.bbclass @@ -92,6 +92,8 @@ python __anonymous () { imagedest = d.getVar('KERNEL_IMAGEDEST') for type in types.split(): + if bb.data.inherits_class('nopackages', d): + continue typelower = type.lower() d.appendVar('PACKAGES', ' %s-image-%s' % (kname, typelower)) d.setVar('FILES_' + kname + '-image-' + typelower, '/' + imagedest + '/' + type + '-${KERNEL_VERSION_NAME}' + ' /' + imagedest + '/' + type) @@ -714,7 +716,7 @@ do_sizecheck() { at_least_one_fits= for imageType in ${KERNEL_IMAGETYPES} ; do size=`du -ks ${B}/${KERNEL_OUTPUT_DIR}/$imageType | awk '{print $1}'` - if [ $size -ge ${KERNEL_IMAGE_MAXSIZE} ]; then + if [ $size -gt ${KERNEL_IMAGE_MAXSIZE} ]; then bbwarn "This kernel $imageType (size=$size(K) > ${KERNEL_IMAGE_MAXSIZE}(K)) is too big for your device." else at_least_one_fits=y diff --git a/poky/meta/classes/linuxloader.bbclass b/poky/meta/classes/linuxloader.bbclass index 30925ac87d..1b64be6405 100644 --- a/poky/meta/classes/linuxloader.bbclass +++ b/poky/meta/classes/linuxloader.bbclass @@ -52,6 +52,8 @@ def get_glibc_loader(d): dynamic_loader = "${base_libdir}/ld-linux-aarch64${ARMPKGSFX_ENDIAN_64}.so.1" elif targetarch.startswith("riscv64"): dynamic_loader = "${base_libdir}/ld-linux-riscv64-lp64${@['d', ''][d.getVar('TARGET_FPU') == 'soft']}.so.1" + elif targetarch.startswith("riscv32"): + dynamic_loader = "${base_libdir}/ld-linux-riscv32-ilp32${@['d', ''][d.getVar('TARGET_FPU') == 'soft']}.so.1" return dynamic_loader def get_linuxloader(d): diff --git a/poky/meta/classes/native.bbclass b/poky/meta/classes/native.bbclass index a0838e41b9..561cc23f68 100644 --- a/poky/meta/classes/native.bbclass +++ b/poky/meta/classes/native.bbclass @@ -119,6 +119,7 @@ python native_virtclass_handler () { pn = e.data.getVar("PN") if not pn.endswith("-native"): return + bpn = e.data.getVar("BPN") # Set features here to prevent appends and distro features backfill # from modifying native distro features @@ -146,7 +147,10 @@ python native_virtclass_handler () { elif "-cross-" in dep: newdeps.append(dep.replace("-cross", "-native")) elif not dep.endswith("-native"): - newdeps.append(dep.replace("-native", "") + "-native") + # Replace ${PN} with ${BPN} in the dependency to make sure + # dependencies on, e.g., ${PN}-foo become ${BPN}-foo-native + # rather than ${BPN}-native-foo-native. + newdeps.append(dep.replace(pn, bpn) + "-native") else: newdeps.append(dep) d.setVar(varname, " ".join(newdeps), parsing=True) @@ -166,7 +170,7 @@ python native_virtclass_handler () { if prov.find(pn) != -1: nprovides.append(prov) elif not prov.endswith("-native"): - nprovides.append(prov.replace(prov, prov + "-native")) + nprovides.append(prov + "-native") else: nprovides.append(prov) e.data.setVar("PROVIDES", ' '.join(nprovides)) diff --git a/poky/meta/classes/package_pkgdata.bbclass b/poky/meta/classes/package_pkgdata.bbclass index 18b7ed62e0..a1ea8fc041 100644 --- a/poky/meta/classes/package_pkgdata.bbclass +++ b/poky/meta/classes/package_pkgdata.bbclass @@ -162,6 +162,6 @@ python package_prepare_pkgdata() { } package_prepare_pkgdata[cleandirs] = "${WORKDIR_PKGDATA}" -package_prepare_pkgdata[vardepsexclude] += "MACHINE_ARCH PACKAGE_EXTRA_ARCHS SDK_ARCH BUILD_ARCH SDK_OS BB_TASKDEPDATA" +package_prepare_pkgdata[vardepsexclude] += "MACHINE_ARCH PACKAGE_EXTRA_ARCHS SDK_ARCH BUILD_ARCH SDK_OS BB_TASKDEPDATA SSTATETASKS" diff --git a/poky/meta/classes/package_rpm.bbclass b/poky/meta/classes/package_rpm.bbclass index 84a9a6dd12..86706da842 100644 --- a/poky/meta/classes/package_rpm.bbclass +++ b/poky/meta/classes/package_rpm.bbclass @@ -684,8 +684,8 @@ python do_package_rpm () { cmd = cmd + " --define '_use_internal_dependency_generator 0'" cmd = cmd + " --define '_binaries_in_noarch_packages_terminate_build 0'" cmd = cmd + " --define '_build_id_links none'" - cmd = cmd + " --define '_binary_payload w6T.xzdio'" - cmd = cmd + " --define '_source_payload w6T.xzdio'" + cmd = cmd + " --define '_binary_payload w6T%d.xzdio'" % int(d.getVar("XZ_THREADS")) + cmd = cmd + " --define '_source_payload w6T%d.xzdio'" % int(d.getVar("XZ_THREADS")) cmd = cmd + " --define 'clamp_mtime_to_source_date_epoch 1'" cmd = cmd + " --define 'use_source_date_epoch_as_buildtime 1'" cmd = cmd + " --define '_buildhost reproducible'" diff --git a/poky/meta/classes/reproducible_build.bbclass b/poky/meta/classes/reproducible_build.bbclass index f06e00d70d..1277764fab 100644 --- a/poky/meta/classes/reproducible_build.bbclass +++ b/poky/meta/classes/reproducible_build.bbclass @@ -77,17 +77,16 @@ python create_source_date_epoch_stamp() { import oe.reproducible epochfile = d.getVar('SDE_FILE') - # If it exists we need to regenerate as the sources may have changed - if os.path.isfile(epochfile): - bb.debug(1, "Deleting existing SOURCE_DATE_EPOCH from: %s" % epochfile) - os.remove(epochfile) + tmp_file = "%s.new" % epochfile source_date_epoch = oe.reproducible.get_source_date_epoch(d, d.getVar('S')) bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch) bb.utils.mkdirhier(d.getVar('SDE_DIR')) - with open(epochfile, 'w') as f: + with open(tmp_file, 'w') as f: f.write(str(source_date_epoch)) + + os.rename(tmp_file, epochfile) } def get_source_date_epoch_value(d): @@ -97,7 +96,7 @@ def get_source_date_epoch_value(d): epochfile = d.getVar('SDE_FILE') source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK')) - if os.path.isfile(epochfile): + try: with open(epochfile, 'r') as f: s = f.read() try: @@ -110,7 +109,7 @@ def get_source_date_epoch_value(d): bb.warn("SOURCE_DATE_EPOCH value '%s' is invalid. Reverting to SOURCE_DATE_EPOCH_FALLBACK" % s) source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK')) bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch) - else: + except FileNotFoundError: bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch)) d.setVar('__CACHED_SOURCE_DATE_EPOCH', str(source_date_epoch)) diff --git a/poky/meta/classes/sstate.bbclass b/poky/meta/classes/sstate.bbclass index 79588df2cd..3ab6328f91 100644 --- a/poky/meta/classes/sstate.bbclass +++ b/poky/meta/classes/sstate.bbclass @@ -703,9 +703,15 @@ def sstate_package(ss, d): os.utime(siginfo, None) except PermissionError: pass + except OSError as e: + # Handle read-only file systems gracefully + if e.errno != errno.EROFS: + raise e return +sstate_package[vardepsexclude] += "SSTATE_SIG_KEY" + def pstaging_fetch(sstatefetch, d): import bb.fetch2 @@ -1143,6 +1149,10 @@ python sstate_eventhandler() { os.utime(siginfo, None) except PermissionError: pass + except OSError as e: + # Handle read-only file systems gracefully + if e.errno != errno.EROFS: + raise e } diff --git a/poky/meta/classes/uboot-sign.bbclass b/poky/meta/classes/uboot-sign.bbclass index d11882f90f..ba48f24b10 100644 --- a/poky/meta/classes/uboot-sign.bbclass +++ b/poky/meta/classes/uboot-sign.bbclass @@ -196,10 +196,9 @@ concat_spl_dtb() { # signing, and kernel will deploy UBOOT_DTB_BINARY after signs it. install_helper() { if [ -f "${UBOOT_DTB_BINARY}" ]; then - install -d ${D}${datadir} # UBOOT_DTB_BINARY is a symlink to UBOOT_DTB_IMAGE, so we # need both of them. - install ${UBOOT_DTB_BINARY} ${D}${datadir}/${UBOOT_DTB_IMAGE} + install -Dm 0644 ${UBOOT_DTB_BINARY} ${D}${datadir}/${UBOOT_DTB_IMAGE} ln -sf ${UBOOT_DTB_IMAGE} ${D}${datadir}/${UBOOT_DTB_BINARY} else bbwarn "${UBOOT_DTB_BINARY} not found" @@ -209,14 +208,13 @@ install_helper() { # Install SPL dtb and u-boot nodtb to datadir, install_spl_helper() { if [ -f "${SPL_DIR}/${SPL_DTB_BINARY}" ]; then - install -d ${D}${datadir} - install ${SPL_DIR}/${SPL_DTB_BINARY} ${D}${datadir}/${SPL_DTB_IMAGE} + install -Dm 0644 ${SPL_DIR}/${SPL_DTB_BINARY} ${D}${datadir}/${SPL_DTB_IMAGE} ln -sf ${SPL_DTB_IMAGE} ${D}${datadir}/${SPL_DTB_BINARY} else bbwarn "${SPL_DTB_BINARY} not found" fi if [ -f "${UBOOT_NODTB_BINARY}" ] ; then - install ${UBOOT_NODTB_BINARY} ${D}${datadir}/${UBOOT_NODTB_IMAGE} + install -Dm 0644 ${UBOOT_NODTB_BINARY} ${D}${datadir}/${UBOOT_NODTB_IMAGE} ln -sf ${UBOOT_NODTB_IMAGE} ${D}${datadir}/${UBOOT_NODTB_BINARY} else bbwarn "${UBOOT_NODTB_BINARY} not found" diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc new file mode 100644 index 0000000000..561386b706 --- /dev/null +++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc @@ -0,0 +1,45 @@ +# This file contains a list of CVE's where resolution has proven to be impractical +# or there is no reasonable action the Yocto Project can take to resolve the issue. +# It contains all the information we are aware of about an issue and analysis about +# why we believe it can't be fixed/handled. Additional information is welcome through +# patches to the file. +# +# Include this file in your local.conf or distro.conf to exclude these CVE's +# from the cve-check results or add to the bitbake command with: +# -R conf/distro/include/cve-extra-exclusions.inc +# +# The file is not included by default since users should review this data to ensure +# it matches their expectations and usage of the project. +# +# We may also include "in-flight" information about current/ongoing CVE work with +# the aim of sharing that work and ensuring we don't duplicate it. +# + + +# strace https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006 +# CVE is more than 20 years old with no resolution evident +# broken links in CVE database references make resolution impractical +CVE_CHECK_WHITELIST += "CVE-2000-0006" + +# epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238 +# The issue here is spoofing of domain names using characters from other character sets. +# There has been much discussion amongst the epiphany and webkit developers and +# whilst there are improvements about how domains are handled and displayed to the user +# there is unlikely ever to be a single fix to webkit or epiphany which addresses this +# problem. Whitelisted as there isn't any mitigation or fix or way to progress this further +# we can seem to take. +CVE_CHECK_WHITELIST += "CVE-2005-0238" + +# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4756 +# Issue is memory exhaustion via glob() calls, e.g. from within an ftp server +# Best discussion in https://bugzilla.redhat.com/show_bug.cgi?id=681681 +# Upstream don't see it as a security issue, ftp servers shouldn't be passing +# this to libc glob. Exclude as upstream have no plans to add BSD's GLOB_LIMIT or similar +CVE_CHECK_WHITELIST += "CVE-2010-4756" + +# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29509 +# go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29511 +# The encoding/xml package in go can potentially be used for security exploits if not used correctly +# CVE applies to a netapp product as well as flagging a general issue. We don't ship anything +# exposing this interface in an exploitable way +CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511" diff --git a/poky/meta/lib/oe/gpg_sign.py b/poky/meta/lib/oe/gpg_sign.py index 7634d7ef1d..492f096eaa 100644 --- a/poky/meta/lib/oe/gpg_sign.py +++ b/poky/meta/lib/oe/gpg_sign.py @@ -111,7 +111,7 @@ class LocalSigner(object): def verify(self, sig_file): """Verify signature""" - cmd = self.gpg_cmd + [" --verify", "--no-permission-warning"] + cmd = self.gpg_cmd + ["--verify", "--no-permission-warning"] if self.gpg_path: cmd += ["--homedir", self.gpg_path] diff --git a/poky/meta/lib/oeqa/runtime/cases/rpm.py b/poky/meta/lib/oeqa/runtime/cases/rpm.py index 8e18b426f8..7a9d62c003 100644 --- a/poky/meta/lib/oeqa/runtime/cases/rpm.py +++ b/poky/meta/lib/oeqa/runtime/cases/rpm.py @@ -141,13 +141,4 @@ class RpmInstallRemoveTest(OERuntimeTestCase): self.tc.target.run('rm -f %s' % self.dst) - # if using systemd this should ensure all entries are flushed to /var - status, output = self.target.run("journalctl --sync") - # Get the amount of entries in the log file - status, output = self.target.run(check_log_cmd) - msg = 'Failed to get the final size of the log file.' - self.assertEqual(0, status, msg=msg) - # Check that there's enough of them - self.assertGreaterEqual(int(output), 80, - 'Cound not find sufficient amount of rpm entries in /var/log/messages, found {} entries'.format(output)) diff --git a/poky/meta/lib/oeqa/selftest/cases/fetch.py b/poky/meta/lib/oeqa/selftest/cases/fetch.py index 67e85d3e4c..cd15f65129 100644 --- a/poky/meta/lib/oeqa/selftest/cases/fetch.py +++ b/poky/meta/lib/oeqa/selftest/cases/fetch.py @@ -55,25 +55,26 @@ MIRRORS_forcevariable = "git://.*/.* http://downloads.yoctoproject.org/mirror/so class Dependencies(OESelftestTestCase): - def write_recipe(self, content): - f = tempfile.NamedTemporaryFile(mode="wt", suffix=".bb") - f.write(content) - f.flush() + def write_recipe(self, content, tempdir): + f = os.path.join(tempdir, "test.bb") + with open(f, "w") as fd: + fd.write(content) return f def test_dependencies(self): """ Verify that the correct dependencies are generated for specific SRC_URI entries. """ - with bb.tinfoil.Tinfoil() as tinfoil: + + with bb.tinfoil.Tinfoil() as tinfoil, tempfile.TemporaryDirectory(prefix="selftest-fetch") as tempdir: tinfoil.prepare(config_only=False, quiet=2) r = """ LICENSE="CLOSED" SRC_URI="http://example.com/tarball.zip" """ - f = self.write_recipe(textwrap.dedent(r)) - d = tinfoil.parse_recipe_file(f.name) + f = self.write_recipe(textwrap.dedent(r), tempdir) + d = tinfoil.parse_recipe_file(f) self.assertIn("wget-native", d.getVarFlag("do_fetch", "depends")) self.assertIn("unzip-native", d.getVarFlag("do_unpack", "depends")) @@ -82,8 +83,8 @@ class Dependencies(OESelftestTestCase): LICENSE="CLOSED" SRC_URI="https://example.com/tarball;downloadfilename=something.zip" """ - f = self.write_recipe(textwrap.dedent(r)) - d = tinfoil.parse_recipe_file(f.name) + f = self.write_recipe(textwrap.dedent(r), tempdir) + d = tinfoil.parse_recipe_file(f) self.assertIn("wget-native", d.getVarFlag("do_fetch", "depends")) self.assertIn("unzip-native", d.getVarFlag("do_unpack", "depends") or "") @@ -91,8 +92,8 @@ class Dependencies(OESelftestTestCase): LICENSE="CLOSED" SRC_URI="ftp://example.com/tarball.lz" """ - f = self.write_recipe(textwrap.dedent(r)) - d = tinfoil.parse_recipe_file(f.name) + f = self.write_recipe(textwrap.dedent(r), tempdir) + d = tinfoil.parse_recipe_file(f) self.assertIn("wget-native", d.getVarFlag("do_fetch", "depends")) self.assertIn("lzip-native", d.getVarFlag("do_unpack", "depends")) @@ -100,6 +101,6 @@ class Dependencies(OESelftestTestCase): LICENSE="CLOSED" SRC_URI="git://example.com/repo" """ - f = self.write_recipe(textwrap.dedent(r)) - d = tinfoil.parse_recipe_file(f.name) + f = self.write_recipe(textwrap.dedent(r), tempdir) + d = tinfoil.parse_recipe_file(f) self.assertIn("git-native", d.getVarFlag("do_fetch", "depends")) diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc index 6de683ee1c..3c6b434c2d 100644 --- a/poky/meta/recipes-bsp/grub/grub2.inc +++ b/poky/meta/recipes-bsp/grub/grub2.inc @@ -27,6 +27,16 @@ SRC_URI[sha256sum] = "2c87f1f21e2ab50043e6cd9163c08f1b6c3a6171556bf23ff9ed65b074 REALPV = "2.06~rc1" PV = "2.04+${REALPV}" +# Fixed in 2.06~rc1, can be removed for 2.06 final +CVE_CHECK_WHITELIST += "\ + CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-10713 \ + CVE-2020-14372 CVE-2020-15705 CVE-2020-15706 CVE-2020-15707 \ + CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 \ + CVE-2021-3418 CVE-2021-20225 CVE-2021-20233" + +# Applies only to RHEL +CVE_CHECK_WHITELIST += "CVE-2019-14865" + S = "${WORKDIR}/grub-${REALPV}" UPSTREAM_CHECK_URI = "${GNU_MIRROR}/grub" diff --git a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb index 23c0e8d823..a07cdbd03c 100644 --- a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -24,6 +24,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV} file://99avahi-autoipd \ file://initscript.patch \ file://0001-Fix-opening-etc-resolv.conf-error.patch \ + file://handle-hup.patch \ " UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" diff --git a/poky/meta/recipes-connectivity/avahi/files/handle-hup.patch b/poky/meta/recipes-connectivity/avahi/files/handle-hup.patch new file mode 100644 index 0000000000..26632e5443 --- /dev/null +++ b/poky/meta/recipes-connectivity/avahi/files/handle-hup.patch @@ -0,0 +1,41 @@ +CVE: CVE-2021-3468 +Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/330] +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001 +From: Riccardo Schirone <sirmy15@gmail.com> +Date: Fri, 26 Mar 2021 11:50:24 +0100 +Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in + client_work + +If a client fills the input buffer, client_work() disables the +AVAHI_WATCH_IN event, thus preventing the function from executing the +`read` syscall the next times it is called. However, if the client then +terminates the connection, the socket file descriptor receives a HUP +event, which is not handled, thus the kernel keeps marking the HUP event +as occurring. While iterating over the file descriptors that triggered +an event, the client file descriptor will keep having the HUP event and +the client_work() function is always called with AVAHI_WATCH_HUP but +without nothing being done, thus entering an infinite loop. + +See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938 +--- + avahi-daemon/simple-protocol.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c +index 3e0ebb11..6c0274d6 100644 +--- a/avahi-daemon/simple-protocol.c ++++ b/avahi-daemon/simple-protocol.c +@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv + } + } + ++ if (events & AVAHI_WATCH_HUP) { ++ client_free(c); ++ return; ++ } ++ + c->server->poll_api->watch_update( + watch, + (c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) | diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.16/0001-avoid-start-failure-with-bind-user.patch index 8db96ec049..8db96ec049 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/0001-avoid-start-failure-with-bind-user.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/0001-avoid-start-failure-with-bind-user.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.16/0001-named-lwresd-V-and-start-log-hide-build-options.patch index 5bcc16c9b2..5bcc16c9b2 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/0001-named-lwresd-V-and-start-log-hide-build-options.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.16/bind-ensure-searching-for-json-headers-searches-sysr.patch index f9cdc7ca4d..f9cdc7ca4d 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/bind-ensure-searching-for-json-headers-searches-sysr.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.16.16/bind9 index 968679ff7f..968679ff7f 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/bind9 +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/bind9 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.16/conf.patch index aad345f9fc..aad345f9fc 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/conf.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/conf.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.16.16/generate-rndc-key.sh index 633e29c0e6..633e29c0e6 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/generate-rndc-key.sh +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/generate-rndc-key.sh diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.16/init.d-add-support-for-read-only-rootfs.patch index 11db95ede1..11db95ede1 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/init.d-add-support-for-read-only-rootfs.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/init.d-add-support-for-read-only-rootfs.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.16/make-etc-initd-bind-stop-work.patch index 146f3e35db..146f3e35db 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/make-etc-initd-bind-stop-work.patch +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/make-etc-initd-bind-stop-work.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.12/named.service b/poky/meta/recipes-connectivity/bind/bind-9.16.16/named.service index cda56ef015..cda56ef015 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.12/named.service +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.16/named.service diff --git a/poky/meta/recipes-connectivity/bind/bind_9.16.12.bb b/poky/meta/recipes-connectivity/bind/bind_9.16.16.bb index 09f77038fa..27aa6221ba 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.16.12.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.16.16.bb @@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "9914af9311fd349cab441097898d94fb28d0bfd9bf6ed04fe1f97f042644da7f" +SRC_URI[sha256sum] = "6c913902adf878e7dc5e229cea94faefc9d40f44775a30213edd08860f761d7b" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # stay at 9.16 follow the ESV versions divisible by 4 diff --git a/poky/meta/recipes-core/expat/expat_2.2.10.bb b/poky/meta/recipes-core/expat/expat_2.2.10.bb index fa263775b3..a54d832e52 100644 --- a/poky/meta/recipes-core/expat/expat_2.2.10.bb +++ b/poky/meta/recipes-core/expat/expat_2.2.10.bb @@ -25,3 +25,5 @@ do_install_ptest_class-target() { } BBCLASSEXTEND += "native nativesdk" + +CVE_PRODUCT = "expat libexpat" diff --git a/poky/meta/recipes-core/ifupdown/files/0001-ifupdown-skip-wrong-test-case.patch b/poky/meta/recipes-core/ifupdown/files/0001-ifupdown-skip-wrong-test-case.patch new file mode 100644 index 0000000000..c751e4fab0 --- /dev/null +++ b/poky/meta/recipes-core/ifupdown/files/0001-ifupdown-skip-wrong-test-case.patch @@ -0,0 +1,32 @@ +From 98243deface88614e3f332c4a85d04a9abce55ff Mon Sep 17 00:00:00 2001 +From: Zqiang <qiang.zhang@windriver.com> +Date: Mon, 19 Apr 2021 14:15:45 +0800 +Subject: [PATCH] ifupdown: skip wrong test case + +The test parameters of testcase(12-15) file is not right, +it triggers a test failure, these test items are invalid +and are skipped directly. + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Zqiang <qiang.zhang@windriver.com> +--- + tests/testbuild-linux | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/testbuild-linux b/tests/testbuild-linux +index 1181ea0..5f148eb 100755 +--- a/tests/testbuild-linux ++++ b/tests/testbuild-linux +@@ -3,7 +3,7 @@ + dir=tests/linux + + result=true +-for test in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18; do ++for test in 1 2 3 4 5 6 7 8 9 10 11 16 17 18; do + if [ -e $dir/testcase.$test ]; then + args="$(cat $dir/testcase.$test | sed -n 's/^# RUN: //p')" + else +-- +2.17.1 + diff --git a/poky/meta/recipes-core/ifupdown/files/tweak-ptest-script.patch b/poky/meta/recipes-core/ifupdown/files/tweak-ptest-script.patch index d7600cf243..ea88a9086a 100644 --- a/poky/meta/recipes-core/ifupdown/files/tweak-ptest-script.patch +++ b/poky/meta/recipes-core/ifupdown/files/tweak-ptest-script.patch @@ -3,9 +3,12 @@ Tweak tests of ifupdown to make it work with oe-core ptest framework. Upstream-Status: Inappropriate [oe-core specific] Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- + tests/testbuild-linux | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tests/testbuild-linux b/tests/testbuild-linux -index 1181ea0..d5c1814 100755 +index 5f148eb..d9b1698 100755 --- a/tests/testbuild-linux +++ b/tests/testbuild-linux @@ -1,6 +1,7 @@ @@ -16,8 +19,8 @@ index 1181ea0..d5c1814 100755 +dir=$curdir/linux result=true - for test in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18; do -@@ -12,7 +13,7 @@ for test in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18; do + for test in 1 2 3 4 5 6 7 8 9 10 11 16 17 18; do +@@ -12,7 +13,7 @@ for test in 1 2 3 4 5 6 7 8 9 10 11 16 17 18; do echo "Testcase $test: $args" exitcode=0 @@ -26,7 +29,7 @@ index 1181ea0..d5c1814 100755 >$dir/up-res-out.$test 2>$dir/up-res-err.$test || exitcode=$? (echo "exit code: $exitcode"; -@@ -20,7 +21,7 @@ for test in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18; do +@@ -20,7 +21,7 @@ for test in 1 2 3 4 5 6 7 8 9 10 11 16 17 18; do echo "====stderr===="; cat $dir/up-res-err.$test) > $dir/up-res.$test exitcode=0 @@ -35,7 +38,7 @@ index 1181ea0..d5c1814 100755 >$dir/down-res-out.$test 2>$dir/down-res-err.$test || exitcode=$? (echo "exit code: $exitcode"; -@@ -28,9 +29,9 @@ for test in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18; do +@@ -28,9 +29,9 @@ for test in 1 2 3 4 5 6 7 8 9 10 11 16 17 18; do echo "====stderr===="; cat $dir/down-res-err.$test) > $dir/down-res.$test if diff -ub $dir/up.$test $dir/up-res.$test && diff -ub $dir/down.$test $dir/down-res.$test; then @@ -47,3 +50,5 @@ index 1181ea0..d5c1814 100755 result=false fi echo "==========" +-- +2.17.1 diff --git a/poky/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb b/poky/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb index c0a90a3972..0daf50acab 100644 --- a/poky/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb +++ b/poky/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb @@ -13,6 +13,7 @@ SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https \ file://0001-Define-FNM_EXTMATCH-for-musl.patch \ file://0001-Makefile-do-not-use-dpkg-for-determining-OS-type.patch \ file://run-ptest \ + file://0001-ifupdown-skip-wrong-test-case.patch \ ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'file://tweak-ptest-script.patch', '', d)} \ " SRCREV = "c73226073e2b13970ca613b20a13b9c0253bf9da" diff --git a/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch b/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch new file mode 100644 index 0000000000..3d4d3a0237 --- /dev/null +++ b/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0001.patch @@ -0,0 +1,216 @@ +From 0f9817c75b50a77c6aeb8f36801966fdadad229a Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Wed, 10 Jun 2020 16:34:52 +0200 +Subject: [PATCH 1/2] Don't recurse into xi:include children in + xmlXIncludeDoProcess + +Otherwise, nested xi:include nodes might result in a use-after-free +if XML_PARSE_NOXINCNODE is specified. + +Found with libFuzzer and ASan. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/0f9817c75b50a77c6aeb8f36801966fdadad229a] +CVE: CVE-2021-3518 + +This patch brings in the necessary files to allow the 2nd patch that fixes the CVE to be applied. + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + result/XInclude/fallback3.xml | 8 ++++++++ + result/XInclude/fallback3.xml.err | 0 + result/XInclude/fallback3.xml.rdr | 25 +++++++++++++++++++++++++ + result/XInclude/fallback4.xml | 10 ++++++++++ + result/XInclude/fallback4.xml.err | 0 + result/XInclude/fallback4.xml.rdr | 29 +++++++++++++++++++++++++++++ + test/XInclude/docs/fallback3.xml | 9 +++++++++ + test/XInclude/docs/fallback4.xml | 7 +++++++ + xinclude.c | 24 ++++++++++-------------- + 9 files changed, 98 insertions(+), 14 deletions(-) + create mode 100644 result/XInclude/fallback3.xml + create mode 100644 result/XInclude/fallback3.xml.err + create mode 100644 result/XInclude/fallback3.xml.rdr + create mode 100644 result/XInclude/fallback4.xml + create mode 100644 result/XInclude/fallback4.xml.err + create mode 100644 result/XInclude/fallback4.xml.rdr + create mode 100644 test/XInclude/docs/fallback3.xml + create mode 100644 test/XInclude/docs/fallback4.xml + +diff --git a/result/XInclude/fallback3.xml b/result/XInclude/fallback3.xml +new file mode 100644 +index 0000000..b423551 +--- /dev/null ++++ b/result/XInclude/fallback3.xml +@@ -0,0 +1,8 @@ ++<?xml version="1.0"?> ++<a> ++ <doc xml:base="../ents/something.xml"> ++<p>something</p> ++<p>really</p> ++<p>simple</p> ++</doc> ++</a> +diff --git a/result/XInclude/fallback3.xml.err b/result/XInclude/fallback3.xml.err +new file mode 100644 +index 0000000..e69de29 +diff --git a/result/XInclude/fallback3.xml.rdr b/result/XInclude/fallback3.xml.rdr +new file mode 100644 +index 0000000..aa2f137 +--- /dev/null ++++ b/result/XInclude/fallback3.xml.rdr +@@ -0,0 +1,25 @@ ++0 1 a 0 0 ++1 14 #text 0 1 ++ ++1 1 doc 0 0 ++2 14 #text 0 1 ++ ++2 1 p 0 0 ++3 3 #text 0 1 something ++2 15 p 0 0 ++2 14 #text 0 1 ++ ++2 1 p 0 0 ++3 3 #text 0 1 really ++2 15 p 0 0 ++2 14 #text 0 1 ++ ++2 1 p 0 0 ++3 3 #text 0 1 simple ++2 15 p 0 0 ++2 14 #text 0 1 ++ ++1 15 doc 0 0 ++1 14 #text 0 1 ++ ++0 15 a 0 0 +diff --git a/result/XInclude/fallback4.xml b/result/XInclude/fallback4.xml +new file mode 100644 +index 0000000..9883fd5 +--- /dev/null ++++ b/result/XInclude/fallback4.xml +@@ -0,0 +1,10 @@ ++<?xml version="1.0"?> ++<a> ++ ++ <doc xml:base="../ents/something.xml"> ++<p>something</p> ++<p>really</p> ++<p>simple</p> ++</doc> ++ ++</a> +diff --git a/result/XInclude/fallback4.xml.err b/result/XInclude/fallback4.xml.err +new file mode 100644 +index 0000000..e69de29 +diff --git a/result/XInclude/fallback4.xml.rdr b/result/XInclude/fallback4.xml.rdr +new file mode 100644 +index 0000000..628b951 +--- /dev/null ++++ b/result/XInclude/fallback4.xml.rdr +@@ -0,0 +1,29 @@ ++0 1 a 0 0 ++1 14 #text 0 1 ++ ++1 14 #text 0 1 ++ ++1 1 doc 0 0 ++2 14 #text 0 1 ++ ++2 1 p 0 0 ++3 3 #text 0 1 something ++2 15 p 0 0 ++2 14 #text 0 1 ++ ++2 1 p 0 0 ++3 3 #text 0 1 really ++2 15 p 0 0 ++2 14 #text 0 1 ++ ++2 1 p 0 0 ++3 3 #text 0 1 simple ++2 15 p 0 0 ++2 14 #text 0 1 ++ ++1 15 doc 0 0 ++1 14 #text 0 1 ++ ++1 14 #text 0 1 ++ ++0 15 a 0 0 +diff --git a/test/XInclude/docs/fallback3.xml b/test/XInclude/docs/fallback3.xml +new file mode 100644 +index 0000000..0c8b6c9 +--- /dev/null ++++ b/test/XInclude/docs/fallback3.xml +@@ -0,0 +1,9 @@ ++<a> ++ <xi:include href="../ents/something.xml" xmlns:xi="http://www.w3.org/2001/XInclude"> ++ <xi:fallback> ++ <xi:include href="c.xml"> ++ <xi:fallback>There is no c.xml ... </xi:fallback> ++ </xi:include> ++ </xi:fallback> ++ </xi:include> ++</a> +diff --git a/test/XInclude/docs/fallback4.xml b/test/XInclude/docs/fallback4.xml +new file mode 100644 +index 0000000..b500a63 +--- /dev/null ++++ b/test/XInclude/docs/fallback4.xml +@@ -0,0 +1,7 @@ ++<a> ++ <xi:include href="c.xml" xmlns:xi="http://www.w3.org/2001/XInclude"> ++ <xi:fallback> ++ <xi:include href="../ents/something.xml"/> ++ </xi:fallback> ++ </xi:include> ++</a> +diff --git a/xinclude.c b/xinclude.c +index 001e992..6ec5d31 100644 +--- a/xinclude.c ++++ b/xinclude.c +@@ -2382,21 +2382,19 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) { + * First phase: lookup the elements in the document + */ + cur = tree; +- if (xmlXIncludeTestNode(ctxt, cur) == 1) +- xmlXIncludePreProcessNode(ctxt, cur); + while ((cur != NULL) && (cur != tree->parent)) { + /* TODO: need to work on entities -> stack */ +- if ((cur->children != NULL) && +- (cur->children->type != XML_ENTITY_DECL) && +- (cur->children->type != XML_XINCLUDE_START) && +- (cur->children->type != XML_XINCLUDE_END)) { +- cur = cur->children; +- if (xmlXIncludeTestNode(ctxt, cur)) +- xmlXIncludePreProcessNode(ctxt, cur); +- } else if (cur->next != NULL) { ++ if (xmlXIncludeTestNode(ctxt, cur) == 1) { ++ xmlXIncludePreProcessNode(ctxt, cur); ++ } else if ((cur->children != NULL) && ++ (cur->children->type != XML_ENTITY_DECL) && ++ (cur->children->type != XML_XINCLUDE_START) && ++ (cur->children->type != XML_XINCLUDE_END)) { ++ cur = cur->children; ++ continue; ++ } ++ if (cur->next != NULL) { + cur = cur->next; +- if (xmlXIncludeTestNode(ctxt, cur)) +- xmlXIncludePreProcessNode(ctxt, cur); + } else { + if (cur == tree) + break; +@@ -2406,8 +2404,6 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) { + break; /* do */ + if (cur->next != NULL) { + cur = cur->next; +- if (xmlXIncludeTestNode(ctxt, cur)) +- xmlXIncludePreProcessNode(ctxt, cur); + break; /* do */ + } + } while (cur != NULL); +-- +2.23.0 + diff --git a/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch b/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch new file mode 100644 index 0000000000..de5fc0e8cb --- /dev/null +++ b/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3518-0002.patch @@ -0,0 +1,45 @@ +From 1098c30a040e72a4654968547f415be4e4c40fe7 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Thu, 22 Apr 2021 19:26:28 +0200 +Subject: [PATCH 2/2] Fix user-after-free with `xmllint --xinclude --dropdtd` + +The --dropdtd option can leave dangling pointers in entity reference +nodes. Make sure to skip these nodes when processing XIncludes. + +This also avoids scanning entity declarations and even modifying +them inadvertently during XInclude processing. + +Move from a block list to an allow list approach to avoid descending +into other node types that can't contain elements. + +Fixes #237. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7] +CVE: CVE-2021-3518 + +[OP: adjusted context] +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + xinclude.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/xinclude.c b/xinclude.c +index 6ec5d31..b8eebcc 100644 +--- a/xinclude.c ++++ b/xinclude.c +@@ -2387,9 +2387,8 @@ xmlXIncludeDoProcess(xmlXIncludeCtxtPtr ctxt, xmlDocPtr doc, xmlNodePtr tree) { + if (xmlXIncludeTestNode(ctxt, cur) == 1) { + xmlXIncludePreProcessNode(ctxt, cur); + } else if ((cur->children != NULL) && +- (cur->children->type != XML_ENTITY_DECL) && +- (cur->children->type != XML_XINCLUDE_START) && +- (cur->children->type != XML_XINCLUDE_END)) { ++ ((cur->type == XML_DOCUMENT_NODE) || ++ (cur->type == XML_ELEMENT_NODE))) { + cur = cur->children; + continue; + } +-- +2.23.0 + diff --git a/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3541.patch b/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3541.patch new file mode 100644 index 0000000000..3b86278ac4 --- /dev/null +++ b/poky/meta/recipes-core/libxml/libxml2/CVE-2021-3541.patch @@ -0,0 +1,73 @@ +From 8598060bacada41a0eb09d95c97744ff4e428f8e Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Thu, 13 May 2021 14:55:12 +0200 +Subject: [PATCH] Patch for security issue CVE-2021-3541 + +This is relapted to parameter entities expansion and following +the line of the billion laugh attack. Somehow in that path the +counting of parameters was missed and the normal algorithm based +on entities "density" was useless. + +CVE: CVE-2021-3541 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> + +--- + parser.c | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) + +diff --git a/parser.c b/parser.c +index f5e5e169..c9312fa4 100644 +--- a/parser.c ++++ b/parser.c +@@ -140,6 +140,7 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, + xmlEntityPtr ent, size_t replacement) + { + size_t consumed = 0; ++ int i; + + if ((ctxt == NULL) || (ctxt->options & XML_PARSE_HUGE)) + return (0); +@@ -177,6 +178,28 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, + rep = NULL; + } + } ++ ++ /* ++ * Prevent entity exponential check, not just replacement while ++ * parsing the DTD ++ * The check is potentially costly so do that only once in a thousand ++ */ ++ if ((ctxt->instate == XML_PARSER_DTD) && (ctxt->nbentities > 10000) && ++ (ctxt->nbentities % 1024 == 0)) { ++ for (i = 0;i < ctxt->inputNr;i++) { ++ consumed += ctxt->inputTab[i]->consumed + ++ (ctxt->inputTab[i]->cur - ctxt->inputTab[i]->base); ++ } ++ if (ctxt->nbentities > consumed * XML_PARSER_NON_LINEAR) { ++ xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL); ++ ctxt->instate = XML_PARSER_EOF; ++ return (1); ++ } ++ consumed = 0; ++ } ++ ++ ++ + if (replacement != 0) { + if (replacement < XML_MAX_TEXT_LENGTH) + return(0); +@@ -7963,6 +7986,9 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt) + xmlChar start[4]; + xmlCharEncoding enc; + ++ if (xmlParserEntityCheck(ctxt, 0, entity, 0)) ++ return; ++ + if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && + ((ctxt->options & XML_PARSE_NOENT) == 0) && + ((ctxt->options & XML_PARSE_DTDVALID) == 0) && +-- +2.25.1 + diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb index b850164285..ce4f9a3340 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -26,7 +26,10 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://fix-python39.patch \ file://CVE-2021-3517.patch \ file://CVE-2021-3516.patch \ + file://CVE-2021-3518-0001.patch \ + file://CVE-2021-3518-0002.patch \ file://CVE-2021-3537.patch \ + file://CVE-2021-3541.patch \ " SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" diff --git a/poky/meta/recipes-core/util-linux/util-linux.inc b/poky/meta/recipes-core/util-linux/util-linux.inc index cbf6102ee0..6b47f417aa 100644 --- a/poky/meta/recipes-core/util-linux/util-linux.inc +++ b/poky/meta/recipes-core/util-linux/util-linux.inc @@ -27,8 +27,7 @@ LIC_FILES_CHKSUM = "file://README.licensing;md5=0fd5c050c6187d2bf0a4492b7f4e33da FILESEXTRAPATHS_prepend := "${THISDIR}/util-linux:" MAJOR_VERSION = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" -BPN = "util-linux" -SRC_URI = "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${MAJOR_VERSION}/${BP}.tar.xz \ +SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-linux-${PV}.tar.xz \ file://configure-sbindir.patch \ file://runuser.pamd \ file://runuser-l.pamd \ diff --git a/poky/meta/recipes-devtools/flex/flex_2.6.4.bb b/poky/meta/recipes-devtools/flex/flex_2.6.4.bb index 1d43d2228a..54e7e01729 100644 --- a/poky/meta/recipes-devtools/flex/flex_2.6.4.bb +++ b/poky/meta/recipes-devtools/flex/flex_2.6.4.bb @@ -3,12 +3,14 @@ DESCRIPTION = "Flex is a fast lexical analyser generator. Flex is a tool for ge lexical patterns in text." HOMEPAGE = "http://sourceforge.net/projects/flex/" SECTION = "devel" -LICENSE = "BSD-2-Clause" +LICENSE = "BSD-3-Clause & LGPL-2.0+" +LICENSE_${PN}-libfl = "BSD-3-Clause" DEPENDS = "${@bb.utils.contains('PTEST_ENABLED', '1', 'bison-native flex-native', '', d)}" BBCLASSEXTEND = "native nativesdk" -LIC_FILES_CHKSUM = "file://COPYING;md5=e4742cf92e89040b39486a6219b68067" +LIC_FILES_CHKSUM = "file://COPYING;md5=e4742cf92e89040b39486a6219b68067 \ + file://src/gettext.h;beginline=1;endline=17;md5=9c05dda2f58d89b850c399cf22e1a00c" SRC_URI = "https://github.com/westes/flex/releases/download/v${PV}/flex-${PV}.tar.gz \ file://run-ptest \ diff --git a/poky/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb b/poky/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb index 52ef2a9779..7bf68082b2 100644 --- a/poky/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb +++ b/poky/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRCREV = "edf8e6f0ea77ede073f07bff0d2ae1fc7a38103b" PV = "0.29.2+git${SRCPV}" -SRC_URI = "git://anongit.freedesktop.org/pkg-config \ +SRC_URI = "git://gitlab.freedesktop.org/pkg-config/pkg-config.git;branch=master;protocol=https \ file://pkg-config-esdk.in \ file://pkg-config-native.in \ file://fix-glib-configure-libtool-usage.patch \ diff --git a/poky/meta/recipes-devtools/python/python3_3.9.4.bb b/poky/meta/recipes-devtools/python/python3_3.9.5.bb index cb371ceed7..82177f4a18 100644 --- a/poky/meta/recipes-devtools/python/python3_3.9.4.bb +++ b/poky/meta/recipes-devtools/python/python3_3.9.5.bb @@ -38,7 +38,7 @@ SRC_URI_append_class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "4b0e6644a76f8df864ae24ac500a51bbf68bd098f6a173e27d3b61cdca9aa134" +SRC_URI[sha256sum] = "0c5a140665436ec3dbfbb79e2dfb6d192655f26ef4a29aeffcb6d1820d716d83" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index fbda0c9174..3921546df7 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -76,6 +76,15 @@ CVE_CHECK_WHITELIST += "CVE-2007-0998" # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 CVE_CHECK_WHITELIST += "CVE-2018-18438" +# Following CVE's affect ESP (NCR53C90) part of chip STP2000 (Master I/O). +# On Sparc32 it is the NCR89C100 part of the chip. +# On Macintosh Quadra it is NCR53C96. +# Both are not supported by yocto. +# Reference: https://www.openwall.com/lists/oss-security/2021/04/16/3 +CVE_CHECK_WHITELIST += "CVE-2020-35504" +CVE_CHECK_WHITELIST += "CVE-2020-35505" +CVE_CHECK_WHITELIST += "CVE-2020-35506" + COMPATIBLE_HOST_mipsarchn32 = "null" COMPATIBLE_HOST_mipsarchn64 = "null" diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 index 93bfd45a4e..ccbb59cf7e 100644 --- a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 +++ b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 @@ -233,3 +233,4 @@ memcheck/tests/wrapmalloc memcheck/tests/wrapmallocstatic memcheck/tests/writev1 memcheck/tests/xml1 +memcheck/tests/linux/stack_changes diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest b/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest index f37780ef6a..a19944f285 100755 --- a/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest +++ b/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest @@ -31,12 +31,19 @@ if [ "$arch" = "aarch64" ]; then done fi +echo "Run flaky tests using taskset to limit them to a single core." +for i in `cat taskset_nondeterministic_tests`; do + taskset 0x00000001 perl tests/vg_regtest --valgrind=${VALGRIND_BIN} --valgrind-lib=${VALGRIND_LIBEXECDIR} --yocto-ptest $i 2>&1|tee -a ${LOG} + mv $i.vgtest $i.IGNORE +done + + cd ${VALGRIND_LIB}/ptest && ./tests/vg_regtest \ --valgrind=${VALGRIND_BIN} \ --valgrind-lib=${VALGRIND_LIB} \ --yocto-ptest \ gdbserver_tests ${TOOLS} ${EXP_TOOLS} \ - 2>&1|tee ${LOG} + 2>&1|tee -a ${LOG} cd ${VALGRIND_LIB}/ptest && \ ./tests/post_regtest_checks $(pwd) \ @@ -55,6 +62,11 @@ for i in `cat remove-for-all`; do mv $i.IGNORE $i.vgtest; done +echo "Restore flaky and other non-deterministic tests" +for i in `cat taskset_nondeterministic_tests`; do + mv $i.IGNORE $i.vgtest; +done + echo "Failed test details..." failed_tests=`grep FAIL: ${LOG} | awk '{print $2}'` for test in $failed_tests; do diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/taskset_nondeterministic_tests b/poky/meta/recipes-devtools/valgrind/valgrind/taskset_nondeterministic_tests new file mode 100644 index 0000000000..e15100ade7 --- /dev/null +++ b/poky/meta/recipes-devtools/valgrind/valgrind/taskset_nondeterministic_tests @@ -0,0 +1,2 @@ +helgrind/tests/hg05_race2 +helgrind/tests/tc09_bad_unlock diff --git a/poky/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb b/poky/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb index 2b1d185575..b48d96f8a3 100644 --- a/poky/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb +++ b/poky/meta/recipes-devtools/valgrind/valgrind_3.16.1.bb @@ -18,6 +18,7 @@ SRC_URI = "https://sourceware.org/pub/valgrind/valgrind-${PV}.tar.bz2 \ file://run-ptest \ file://remove-for-aarch64 \ file://remove-for-all \ + file://taskset_nondeterministic_tests \ file://0004-Fix-out-of-tree-builds.patch \ file://0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch \ file://0001-Remove-tests-that-fail-to-build-on-some-PPC32-config.patch \ @@ -123,7 +124,7 @@ VALGRINDARCH_mipsel = "mips32" VALGRINDARCH_mips64el = "mips64" VALGRINDARCH_powerpc = "ppc" VALGRINDARCH_powerpc64 = "ppc64" -VALGRINDARCH_powerpc64el = "ppc64le" +VALGRINDARCH_powerpc64le = "ppc64le" INHIBIT_PACKAGE_STRIP_FILES = "${PKGD}${libdir}/valgrind/vgpreload_memcheck-${VALGRINDARCH}-linux.so" @@ -189,6 +190,7 @@ do_install_ptest() { cp ${B}/config.h ${D}${PTEST_PATH} install -D ${WORKDIR}/remove-for-aarch64 ${D}${PTEST_PATH} install -D ${WORKDIR}/remove-for-all ${D}${PTEST_PATH} + install -D ${WORKDIR}/taskset_nondeterministic_tests ${D}${PTEST_PATH} # Add an executable need by none/tests/bigcode mkdir ${D}${PTEST_PATH}/perf diff --git a/poky/meta/recipes-extended/ltp/ltp/disable_hanging_tests.patch b/poky/meta/recipes-extended/ltp/ltp/disable_hanging_tests.patch new file mode 100644 index 0000000000..113ac0fefe --- /dev/null +++ b/poky/meta/recipes-extended/ltp/ltp/disable_hanging_tests.patch @@ -0,0 +1,45 @@ +This patch disables tests which we've found "hang" on our infrastructure. + +cgroup_xattr: +https://autobuilder.yoctoproject.org/typhoon/#/builders/95/builds/1926 (x86) +https://autobuilder.yoctoproject.org/typhoon/#/builders/95/builds/1898 (x86) +https://autobuilder.yoctoproject.org/typhoon/#/builders/95/builds/1916 (x86) + +proc01: +https://autobuilder.yoctoproject.org/typhoon/#/builders/96/builds/1748 (arm) +https://autobuilder.yoctoproject.org/typhoon/#/builders/96/builds/1781 (arm) +(in the latter was trying to read /proc/kmsg) +(the above test looks horrible anyway) + +Upstream-Status: Inappropriate [OE Configuration] +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +Index: git/runtest/controllers +=================================================================== +--- git.orig/runtest/controllers ++++ git/runtest/controllers +@@ -352,8 +352,6 @@ cpuset_memory_spread cpuset_memory_sprea + + cpuset_regression_test cpuset_regression_test.sh + +-cgroup_xattr cgroup_xattr +- + pids_1_1 pids.sh 1 1 0 + pids_1_2 pids.sh 1 2 0 + pids_1_10 pids.sh 1 10 0 +Index: git/runtest/fs +=================================================================== +--- git.orig/runtest/fs ++++ git/runtest/fs +@@ -64,11 +64,6 @@ writetest01 writetest + #Also run the fs_di (Data Integrity tests) + fs_di fs_di -d $TMPDIR + +-# Read every file in /proc. Not likely to crash, but does enough +-# to disturb the kernel. A good kernel latency killer too. +-# Was not sure why it should reside in runtest/crashme and won't get tested ever +-proc01 proc01 -m 128 +- + read_all_dev read_all -d /dev -p -q -r 3 + read_all_proc read_all -d /proc -q -r 3 + read_all_sys read_all -d /sys -q -r 3 diff --git a/poky/meta/recipes-extended/ltp/ltp_20210121.bb b/poky/meta/recipes-extended/ltp/ltp_20210121.bb index d98c9fdc25..17adbf43f0 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20210121.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20210121.bb @@ -42,6 +42,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \ file://0001-open_posix_testsuite-generate-makefiles.sh-Avoid-inc.patch \ file://0002-Makefile-Avoid-wildcard-determinism-issues.patch \ file://0003-syscalls-swapon-swapoff-Move-common-library-to-libs.patch \ + file://disable_hanging_tests.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb index 2787b270fa..69d5b2f83b 100644 --- a/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb +++ b/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb @@ -19,6 +19,9 @@ SRCREV = "6a4af7786630ce48747d9687e2f18f45ea6684c4" S = "${WORKDIR}/git" +# https://github.com/xinetd-org/xinetd/pull/10 is merged into this git tree revision +CVE_CHECK_WHITELIST += "CVE-2013-4342" + inherit autotools update-rc.d systemd pkgconfig SYSTEMD_SERVICE_${PN} = "xinetd.service" diff --git a/poky/meta/recipes-graphics/xorg-lib/libx11/fix-CVE-2021-31535.patch b/poky/meta/recipes-graphics/xorg-lib/libx11/fix-CVE-2021-31535.patch new file mode 100644 index 0000000000..2ec5cc1688 --- /dev/null +++ b/poky/meta/recipes-graphics/xorg-lib/libx11/fix-CVE-2021-31535.patch @@ -0,0 +1,320 @@ +From 8d2e02ae650f00c4a53deb625211a0527126c605 Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@herrb.eu> +Date: Fri, 19 Feb 2021 15:30:39 +0100 +Subject: [PATCH] Reject string longer than USHRT_MAX before sending them on + the wire + +The X protocol uses CARD16 values to represent the length so +this would overflow. + +CVE-2021-31535 + +Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> + +CVE: CVE-2021-31535 +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02a] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- + src/Font.c | 4 +++- + src/FontInfo.c | 3 +++ + src/FontNames.c | 3 +++ + src/GetColor.c | 4 ++++ + src/LoadFont.c | 4 ++++ + src/LookupCol.c | 6 ++++-- + src/ParseCol.c | 3 +++ + src/QuExt.c | 5 +++++ + src/SetFPath.c | 6 ++++++ + src/SetHints.c | 7 +++++++ + src/StNColor.c | 3 +++ + src/StName.c | 7 ++++++- + 12 files changed, 51 insertions(+), 4 deletions(-) + +diff --git a/src/Font.c b/src/Font.c +index d4ebdaca..1cd89cca 100644 +--- a/src/Font.c ++++ b/src/Font.c +@@ -102,6 +102,8 @@ XFontStruct *XLoadQueryFont( + XF86BigfontCodes *extcodes = _XF86BigfontCodes(dpy); + #endif + ++ if (strlen(name) >= USHRT_MAX) ++ return NULL; + if (_XF86LoadQueryLocaleFont(dpy, name, &font_result, (Font *)0)) + return font_result; + LockDisplay(dpy); +@@ -663,7 +665,7 @@ int _XF86LoadQueryLocaleFont( + if (!name) + return 0; + l = (int) strlen(name); +- if (l < 2 || name[l - 1] != '*' || name[l - 2] != '-') ++ if (l < 2 || name[l - 1] != '*' || name[l - 2] != '-' || l >= USHRT_MAX) + return 0; + charset = NULL; + /* next three lines stolen from _XkbGetCharset() */ +diff --git a/src/FontInfo.c b/src/FontInfo.c +index 694efa10..6644b3fa 100644 +--- a/src/FontInfo.c ++++ b/src/FontInfo.c +@@ -58,6 +58,9 @@ XFontStruct **info) /* RETURN */ + register xListFontsReq *req; + int j; + ++ if (strlen(pattern) >= USHRT_MAX) ++ return NULL; ++ + LockDisplay(dpy); + GetReq(ListFontsWithInfo, req); + req->maxNames = maxNames; +diff --git a/src/FontNames.c b/src/FontNames.c +index 30912925..458d80c9 100644 +--- a/src/FontNames.c ++++ b/src/FontNames.c +@@ -51,6 +51,9 @@ int *actualCount) /* RETURN */ + register xListFontsReq *req; + unsigned long rlen = 0; + ++ if (strlen(pattern) >= USHRT_MAX) ++ return NULL; ++ + LockDisplay(dpy); + GetReq(ListFonts, req); + req->maxNames = maxNames; +diff --git a/src/GetColor.c b/src/GetColor.c +index d088497f..c8178067 100644 +--- a/src/GetColor.c ++++ b/src/GetColor.c +@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include <stdio.h> + #include "Xlibint.h" + #include "Xcmsint.h" +@@ -48,6 +49,9 @@ XColor *exact_def) /* RETURN */ + XcmsColor cmsColor_exact; + Status ret; + ++ if (strlen(colorname) >= USHRT_MAX) ++ return (0); ++ + #ifdef XCMS + /* + * Let's Attempt to use Xcms and i18n approach to Parse Color +diff --git a/src/LoadFont.c b/src/LoadFont.c +index 0a3809a8..3996436f 100644 +--- a/src/LoadFont.c ++++ b/src/LoadFont.c +@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include "Xlibint.h" + + Font +@@ -38,6 +39,9 @@ XLoadFont ( + Font fid; + register xOpenFontReq *req; + ++ if (strlen(name) >= USHRT_MAX) ++ return (0); ++ + if (_XF86LoadQueryLocaleFont(dpy, name, (XFontStruct **)0, &fid)) + return fid; + +diff --git a/src/LookupCol.c b/src/LookupCol.c +index 9608d512..cd9b1368 100644 +--- a/src/LookupCol.c ++++ b/src/LookupCol.c +@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include <stdio.h> + #include "Xlibint.h" + #include "Xcmsint.h" +@@ -46,6 +47,9 @@ XLookupColor ( + XcmsCCC ccc; + XcmsColor cmsColor_exact; + ++ n = (int) strlen (spec); ++ if (n >= USHRT_MAX) ++ return 0; + #ifdef XCMS + /* + * Let's Attempt to use Xcms and i18n approach to Parse Color +@@ -77,8 +81,6 @@ XLookupColor ( + * Xcms and i18n methods failed, so lets pass it to the server + * for parsing. + */ +- +- n = (int) strlen (spec); + LockDisplay(dpy); + GetReq (LookupColor, req); + req->cmap = cmap; +diff --git a/src/ParseCol.c b/src/ParseCol.c +index 2691df36..7a84a17b 100644 +--- a/src/ParseCol.c ++++ b/src/ParseCol.c +@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include <stdio.h> + #include "Xlibint.h" + #include "Xcmsint.h" +@@ -47,6 +48,8 @@ XParseColor ( + + if (!spec) return(0); + n = (int) strlen (spec); ++ if (n >= USHRT_MAX) ++ return(0); + if (*spec == '#') { + /* + * RGB +diff --git a/src/QuExt.c b/src/QuExt.c +index 2021dca4..4cb99fcf 100644 +--- a/src/QuExt.c ++++ b/src/QuExt.c +@@ -27,6 +27,8 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> ++#include <stdbool.h> + #include "Xlibint.h" + + Bool +@@ -40,6 +42,9 @@ XQueryExtension( + xQueryExtensionReply rep; + register xQueryExtensionReq *req; + ++ if (strlen(name) >= USHRT_MAX) ++ return false; ++ + LockDisplay(dpy); + GetReq(QueryExtension, req); + req->nbytes = name ? (CARD16) strlen(name) : 0; +diff --git a/src/SetFPath.c b/src/SetFPath.c +index 7d12f18c..13fce49e 100644 +--- a/src/SetFPath.c ++++ b/src/SetFPath.c +@@ -26,6 +26,7 @@ in this Software without prior written authorization from The Open Group. + + #ifdef HAVE_CONFIG_H + #include <config.h> ++#include <limits.h> + #endif + #include "Xlibint.h" + +@@ -49,6 +50,11 @@ XSetFontPath ( + req->nFonts = ndirs; + for (i = 0; i < ndirs; i++) { + n = (int) ((size_t) n + (safestrlen (directories[i]) + 1)); ++ if (n >= USHRT_MAX) { ++ UnlockDisplay(dpy); ++ SyncHandle(); ++ return 0; ++ } + } + nbytes = (n + 3) & ~3; + req->length += nbytes >> 2; +diff --git a/src/SetHints.c b/src/SetHints.c +index e81aa9d3..61cb0684 100644 +--- a/src/SetHints.c ++++ b/src/SetHints.c +@@ -49,6 +49,7 @@ SOFTWARE. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include <X11/Xlibint.h> + #include <X11/Xutil.h> + #include "Xatomtype.h" +@@ -214,6 +215,8 @@ XSetCommand ( + register char *buf, *bp; + for (i = 0, nbytes = 0; i < argc; i++) { + nbytes += safestrlen(argv[i]) + 1; ++ if (nbytes >= USHRT_MAX) ++ return 1; + } + if ((bp = buf = Xmalloc(nbytes))) { + /* copy arguments into single buffer */ +@@ -256,6 +259,8 @@ XSetStandardProperties ( + + if (name != NULL) XStoreName (dpy, w, name); + ++ if (safestrlen(icon_string) >= USHRT_MAX) ++ return 1; + if (icon_string != NULL) { + XChangeProperty (dpy, w, XA_WM_ICON_NAME, XA_STRING, 8, + PropModeReplace, +@@ -298,6 +303,8 @@ XSetClassHint( + + len_nm = safestrlen(classhint->res_name); + len_cl = safestrlen(classhint->res_class); ++ if (len_nm + len_cl >= USHRT_MAX) ++ return 1; + if ((class_string = s = Xmalloc(len_nm + len_cl + 2))) { + if (len_nm) { + strcpy(s, classhint->res_name); +diff --git a/src/StNColor.c b/src/StNColor.c +index 3b50401b..16dc9cbc 100644 +--- a/src/StNColor.c ++++ b/src/StNColor.c +@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include <stdio.h> + #include "Xlibint.h" + #include "Xcmsint.h" +@@ -46,6 +47,8 @@ int flags) /* DoRed, DoGreen, DoBlue */ + XcmsColor cmsColor_exact; + XColor scr_def; + ++ if (strlen(name) >= USHRT_MAX) ++ return 0; + #ifdef XCMS + /* + * Let's Attempt to use Xcms approach to Parse Color +diff --git a/src/StName.c b/src/StName.c +index 58b5a5a6..04bb3aa6 100644 +--- a/src/StName.c ++++ b/src/StName.c +@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group. + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include <limits.h> + #include <X11/Xlibint.h> + #include <X11/Xatom.h> + +@@ -36,7 +37,9 @@ XStoreName ( + Window w, + _Xconst char *name) + { +- return XChangeProperty(dpy, w, XA_WM_NAME, XA_STRING, ++ if (strlen(name) >= USHRT_MAX) ++ return 0; ++ return XChangeProperty(dpy, w, XA_WM_NAME, XA_STRING, /* */ + 8, PropModeReplace, (_Xconst unsigned char *)name, + name ? (int) strlen(name) : 0); + } +@@ -47,6 +50,8 @@ XSetIconName ( + Window w, + _Xconst char *icon_name) + { ++ if (strlen(icon_name) >= USHRT_MAX) ++ return 0; + return XChangeProperty(dpy, w, XA_WM_ICON_NAME, XA_STRING, 8, + PropModeReplace, (_Xconst unsigned char *)icon_name, + icon_name ? (int) strlen(icon_name) : 0); +-- +GitLab + diff --git a/poky/meta/recipes-graphics/xorg-lib/libx11_1.7.0.bb b/poky/meta/recipes-graphics/xorg-lib/libx11_1.7.0.bb index 3faee6e497..c6429cbbac 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libx11_1.7.0.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libx11_1.7.0.bb @@ -11,8 +11,9 @@ FILESEXTRAPATHS =. "${FILE_DIRNAME}/libx11:" PE = "1" SRC_URI += "file://Fix-hanging-issue-in-_XReply.patch \ - file://disable_tests.patch \ - " + file://disable_tests.patch \ + file://fix-CVE-2021-31535.patch \ + " SRC_URI[sha256sum] = "36c8f93b6595437c8cfbc9f08618bcb3041cbd303e140a0013f88e4c2977cb54" diff --git a/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb index 1d900d85fa..e967f485c1 100644 --- a/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb +++ b/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://tools/kgit;beginline=5;endline=9;md5=9c30e971d435e249 DEPENDS = "git-native" -SRCREV = "8f6aaab7f64c6de30d267e31a73f7c3bb30125a9" +SRCREV = "d220b063852245fdd16b9731a395ace525f932d6" PR = "r12" PV = "0.2+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210315.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb index bd1f177209..ed6e78175a 100644 --- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210315.bb +++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb @@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \ file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \ file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \ - file://WHENCE;md5=e21a8cbddc1612bce56f06fe154a0743 \ + file://WHENCE;md5=727d0d4e2d420f41d89d098f6322e779 \ " # These are not common licenses, set NO_GENERIC_LICENSE for them @@ -205,7 +205,7 @@ PE = "1" SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "a2348f03492713dca9aef202496c6e58f5e63ee5bec6a7bdfcf8b18ce7155e70" +SRC_URI[sha256sum] = "2aa6ae8b9808408f9811ac38f00c188e53e984a2b3990254f6c9c02c1ab13417" inherit allarch diff --git a/poky/meta/recipes-kernel/linux/kernel-devsrc.bb b/poky/meta/recipes-kernel/linux/kernel-devsrc.bb index 455c836527..84e99233e6 100644 --- a/poky/meta/recipes-kernel/linux/kernel-devsrc.bb +++ b/poky/meta/recipes-kernel/linux/kernel-devsrc.bb @@ -272,6 +272,8 @@ do_install() { sed -i 's/ifneq "$(CC)" ".*-linux-.*gcc.*$/ifneq "$(CC)" "gcc"/' "$kerneldir/build/include/config/auto.conf.cmd" sed -i 's/ifneq "$(LD)" ".*-linux-.*ld.bfd.*$/ifneq "$(LD)" "ld"/' "$kerneldir/build/include/config/auto.conf.cmd" sed -i 's/ifneq "$(AR)" ".*-linux-.*ar.*$/ifneq "$(AR)" "ar"/' "$kerneldir/build/include/config/auto.conf.cmd" + sed -i 's/ifneq "$(OBJCOPY)" ".*-linux-.*objcopy.*$/ifneq "$(OBJCOPY)" "objcopy"/' "$kerneldir/build/include/config/auto.conf.cmd" + sed -i 's/ifneq "$(NM)" ".*-linux-.*nm.*$/ifneq "$(NM)" "nm"/' "$kerneldir/build/include/config/auto.conf.cmd" sed -i 's/ifneq "$(HOSTCXX)" ".*$/ifneq "$(HOSTCXX)" "g++"/' "$kerneldir/build/include/config/auto.conf.cmd" sed -i 's/ifneq "$(HOSTCC)" ".*$/ifneq "$(HOSTCC)" "gcc"/' "$kerneldir/build/include/config/auto.conf.cmd" sed -i 's/ifneq "$(CC_VERSION_TEXT)".*\(gcc.*\)"/ifneq "$(CC_VERSION_TEXT)" "\1"/' "$kerneldir/build/include/config/auto.conf.cmd" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index 08314ea03e..f511f233b6 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "400fbf5b14a0c88afb7c31d65be56fb9d6214c81" -SRCREV_meta ?= "38eb7ca3f4b59339c57a04c310f20809b198fa91" +SRCREV_machine ?= "4a59bc57b2be77da9394b10eb37067da7d63b7a4" +SRCREV_meta ?= "b969f83647833d21d8826c4667492f58895213c3" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.34" +LINUX_VERSION ?= "5.10.46" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index f82c6b335b..3e97058f68 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "b62ae8bedb024e67e7c5cda51840454a4170c858" -SRCREV_meta ?= "b89df7433ea8124d3092805391b78808df4147a7" +SRCREV_machine ?= "f3ac47f313e4ce608b3567c006f61d1d8b820ae2" +SRCREV_meta ?= "78949176d073f5cf04c9e0c4be699e39528f2880" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.4.116" +LINUX_VERSION ?= "5.4.128" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index 8bd674f116..f5ade2992c 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.34" +LINUX_VERSION ?= "5.10.46" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine_qemuarm ?= "bf33b78f5136873b6d2ec6274908cf688341bc9e" -SRCREV_machine ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_meta ?= "38eb7ca3f4b59339c57a04c310f20809b198fa91" +SRCREV_machine_qemuarm ?= "dd1f9602f3e4e9dc177421ba12ce073ad2099a58" +SRCREV_machine ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_meta ?= "b969f83647833d21d8826c4667492f58895213c3" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb index 1c3fe73ae5..2eb5ebdbbd 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.4.116" +LINUX_VERSION ?= "5.4.128" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine_qemuarm ?= "80bd6016a9bdaed4b66ddffffa8c8e62d7c1f8a6" -SRCREV_machine ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_meta ?= "b89df7433ea8124d3092805391b78808df4147a7" +SRCREV_machine_qemuarm ?= "987d6fd6c916297cde5cc7e988c28ef1e458f1cf" +SRCREV_machine ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_meta ?= "78949176d073f5cf04c9e0c4be699e39528f2880" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb index 2e7a452495..dd4aef7f89 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,17 +13,17 @@ KBRANCH_qemux86 ?= "v5.10/standard/base" KBRANCH_qemux86-64 ?= "v5.10/standard/base" KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine_qemuarm ?= "78e8e722eec4434024c5db3e0d59da0b128c7647" -SRCREV_machine_qemuarm64 ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_machine_qemumips ?= "b5c0852a90709e77f7a3d185d1745e6a1f66b77c" -SRCREV_machine_qemuppc ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_machine_qemuriscv64 ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_machine_qemuriscv32 ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_machine_qemux86 ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_machine_qemux86-64 ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_machine_qemumips64 ?= "bf264e264d2141a4fb61d515573c27935e67ecfa" -SRCREV_machine ?= "85c17ad073e9249f261cc550e8ada89a900d7d9a" -SRCREV_meta ?= "38eb7ca3f4b59339c57a04c310f20809b198fa91" +SRCREV_machine_qemuarm ?= "17e89ca08f67fdcbaf0a3ae4c429602f76463923" +SRCREV_machine_qemuarm64 ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_machine_qemumips ?= "bdcaaee7b7ce0e865670a2cee55b1974eb67357b" +SRCREV_machine_qemuppc ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_machine_qemuriscv64 ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_machine_qemuriscv32 ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_machine_qemux86 ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_machine_qemux86-64 ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_machine_qemumips64 ?= "2f11a726a60ad9e8a48de6bc2101a993b461e8d1" +SRCREV_machine ?= "139fe7d68413054f850e206ab749f97a968867a8" +SRCREV_meta ?= "b969f83647833d21d8826c4667492f58895213c3" # remap qemuarm to qemuarma15 for the 5.8 kernel # KMACHINE_qemuarm ?= "qemuarma15" @@ -32,7 +32,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.34" +LINUX_VERSION ?= "5.10.46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb index 5245530229..5a7e9f0a35 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb @@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base" KBRANCH_qemux86-64 ?= "v5.4/standard/base" KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64" -SRCREV_machine_qemuarm ?= "e71df0530eefcac1b3248329e385bcefbad6336e" -SRCREV_machine_qemuarm64 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_machine_qemumips ?= "07445052fdd15e60b30dc5ae9d162c2e6bba47d1" -SRCREV_machine_qemuppc ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_machine_qemuriscv64 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_machine_qemux86 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_machine_qemux86-64 ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_machine_qemumips64 ?= "b36d79d6f2aaf9dadec352f611e7b9becf2b9a55" -SRCREV_machine ?= "ea7a54fa402727f3c4bc4a1904d4a9590e7c8b85" -SRCREV_meta ?= "b89df7433ea8124d3092805391b78808df4147a7" +SRCREV_machine_qemuarm ?= "69874edb0838e4d26002a8d30e14a5e1b355e397" +SRCREV_machine_qemuarm64 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_machine_qemumips ?= "1bfafb3ce048d4a30aca35e847168855980f5dbc" +SRCREV_machine_qemuppc ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_machine_qemuriscv64 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_machine_qemux86 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_machine_qemux86-64 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_machine_qemumips64 ?= "2a0ea1bced3f4b8ebebb19debc19b7930a4924a8" +SRCREV_machine ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011" +SRCREV_meta ?= "78949176d073f5cf04c9e0c4be699e39528f2880" # remap qemuarm to qemuarma15 for the 5.4 kernel # KMACHINE_qemuarm ?= "qemuarma15" @@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" -LINUX_VERSION ?= "5.4.116" +LINUX_VERSION ?= "5.4.128" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-memory-leaks-on-event-destroy.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-memory-leaks-on-event-destroy.patch deleted file mode 100644 index 21da932a75..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0001-Fix-memory-leaks-on-event-destroy.patch +++ /dev/null @@ -1,58 +0,0 @@ -From b3fdf78b15beb940918da1e41eb68e24ba31bb87 Mon Sep 17 00:00:00 2001 -From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Date: Wed, 3 Mar 2021 10:10:16 -0500 -Subject: [PATCH 1/4] Fix: memory leaks on event destroy - -Both filter runtime and event enabler ref objects are owned by the -event, but are not freed upon destruction of the event object, thus -leaking memory. - -Upstream-status: backport - -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: Ice9b1c18b47584838aea2b965494d3c8391f4c84 ---- - lttng-events.c | 7 +++++++ - lttng-events.h | 1 + - 2 files changed, 8 insertions(+) - -diff --git a/lttng-events.c b/lttng-events.c -index f3398adc..984bd341 100644 ---- a/lttng-events.c -+++ b/lttng-events.c -@@ -919,6 +919,8 @@ int _lttng_event_unregister(struct lttng_event *event) - static - void _lttng_event_destroy(struct lttng_event *event) - { -+ struct lttng_enabler_ref *enabler_ref, *tmp_enabler_ref; -+ - switch (event->instrumentation) { - case LTTNG_KERNEL_TRACEPOINT: - lttng_event_put(event->desc); -@@ -944,6 +946,11 @@ void _lttng_event_destroy(struct lttng_event *event) - } - list_del(&event->list); - lttng_destroy_context(event->ctx); -+ lttng_free_event_filter_runtime(event); -+ /* Free event enabler refs */ -+ list_for_each_entry_safe(enabler_ref, tmp_enabler_ref, -+ &event->enablers_ref_head, node) -+ kfree(enabler_ref); - kmem_cache_free(event_cache, event); - } - -diff --git a/lttng-events.h b/lttng-events.h -index 1b9ab167..13b6abf5 100644 ---- a/lttng-events.h -+++ b/lttng-events.h -@@ -716,6 +716,7 @@ int lttng_enabler_attach_bytecode(struct lttng_enabler *enabler, - struct lttng_kernel_filter_bytecode __user *bytecode); - void lttng_enabler_event_link_bytecode(struct lttng_event *event, - struct lttng_enabler *enabler); -+void lttng_free_event_filter_runtime(struct lttng_event *event); - - int lttng_probes_init(void); - --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-filter-interpreter-early-exits-on-uninitialized-.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-filter-interpreter-early-exits-on-uninitialized-.patch deleted file mode 100644 index 609690f05c..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0002-Fix-filter-interpreter-early-exits-on-uninitialized-.patch +++ /dev/null @@ -1,159 +0,0 @@ -From 23a2f61ffc6a656f136fa2044c0c3b8f79766779 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A9r=C3=A9mie=20Galarneau?= - <jeremie.galarneau@efficios.com> -Date: Wed, 3 Mar 2021 18:52:19 -0500 -Subject: [PATCH 2/4] Fix: filter interpreter early-exits on uninitialized - value -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -I observed that syscall filtering on string arguments wouldn't work on -my development machines, both running 5.11.2-arch1-1 (Arch Linux). - -For instance, enabling the tracing of the `openat()` syscall with the -'filename == "/proc/cpuinfo"' filter would not produce events even -though matching events were present in another session that had no -filtering active. The same problem occurred with `execve()`. - -I tried a couple of kernel versions before (5.11.1 and 5.10.13, if -memory serves me well) and I had the same problem. Meanwhile, I couldn't -reproduce the problem on various Debian machines (the LTTng CI) nor on a -fresh Ubuntu 20.04 with both the stock kernel and with an updated 5.11.2 -kernel. - -I built the lttng-modules with the interpreter debugging printout and -saw the following warning: - LTTng: [debug bytecode in /home/jgalar/EfficiOS/src/lttng-modules/src/lttng-bytecode-interpreter.c:bytecode_interpret@1508] Bytecode warning: loading a NULL string. - -After a shedload (yes, a _shed_load) of digging, I figured that the -problem was hidden in plain sight near that logging statement. - -In the `BYTECODE_OP_LOAD_FIELD_REF_USER_STRING` operation, the 'ax' -register's 'user_str' is initialized with the stack value (the user -space string's address in our case). However, a NULL check is performed -against the register's 'str' member. - -I initialy suspected that both members would be part of the same union -and alias each-other, but they are actually contiguous in a structure. - -On the unaffected machines, I could confirm that the `str` member was -uninitialized to a non-zero value causing the condition to evaluate to -false. - -Francis Deslauriers reproduced the problem by initializing the -interpreter stack to zero. - -I am unsure of the exact kernel configuration option that reveals this -issue on Arch Linux, but my kernel has the following option enabled: - -CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL: - Zero-initialize any stack variables that may be passed by reference - and had not already been explicitly initialized. This is intended to - eliminate all classes of uninitialized stack variable exploits and - information exposures. - -I have not tried to build without this enabled as, anyhow, this seems -to be a legitimate issue. - -I have spotted what appears to be an identical problem in -`BYTECODE_OP_LOAD_FIELD_REF_USER_SEQUENCE` and corrected it. However, -I have not exercised that code path. - -The commit that introduced this problem is 5b4ad89. - -The debug print-out of the `BYTECODE_OP_LOAD_FIELD_REF_USER_STRING` -operation is modified to print the user string (truncated to 31 chars). - -Upstream-status: backport - -Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I2da3c31b9e3ce0e1b164cf3d2711c0893cbec273 ---- - lttng-filter-interpreter.c | 41 ++++++++++++++++++++++++++++++++++---- - 1 file changed, 37 insertions(+), 4 deletions(-) - -diff --git a/lttng-filter-interpreter.c b/lttng-filter-interpreter.c -index 5d572437..6e5a5139 100644 ---- a/lttng-filter-interpreter.c -+++ b/lttng-filter-interpreter.c -@@ -22,7 +22,7 @@ LTTNG_STACK_FRAME_NON_STANDARD(lttng_filter_interpret_bytecode); - * to handle user-space read. - */ - static --char get_char(struct estack_entry *reg, size_t offset) -+char get_char(const struct estack_entry *reg, size_t offset) - { - if (unlikely(offset >= reg->u.s.seq_len)) - return '\0'; -@@ -593,6 +593,39 @@ end: - return ret; - } - -+#ifdef DEBUG -+ -+#define DBG_USER_STR_CUTOFF 32 -+ -+/* -+ * In debug mode, print user string (truncated, if necessary). -+ */ -+static inline -+void dbg_load_ref_user_str_printk(const struct estack_entry *user_str_reg) -+{ -+ size_t pos = 0; -+ char last_char; -+ char user_str[DBG_USER_STR_CUTOFF]; -+ -+ pagefault_disable(); -+ do { -+ last_char = get_char(user_str_reg, pos); -+ user_str[pos] = last_char; -+ pos++; -+ } while (last_char != '\0' && pos < sizeof(user_str)); -+ pagefault_enable(); -+ -+ user_str[sizeof(user_str) - 1] = '\0'; -+ dbg_printk("load field ref user string: '%s%s'\n", user_str, -+ last_char != '\0' ? "[...]" : ""); -+} -+#else -+static inline -+void dbg_load_ref_user_str_printk(const struct estack_entry *user_str_reg) -+{ -+} -+#endif -+ - /* - * Return 0 (discard), or raise the 0x1 flag (log event). - * Currently, other flags are kept for future extensions and have no -@@ -1313,7 +1346,7 @@ uint64_t lttng_filter_interpret_bytecode(void *filter_data, - estack_push(stack, top, ax, bx); - estack_ax(stack, top)->u.s.user_str = - *(const char * const *) &filter_stack_data[ref->offset]; -- if (unlikely(!estack_ax(stack, top)->u.s.str)) { -+ if (unlikely(!estack_ax(stack, top)->u.s.user_str)) { - dbg_printk("Filter warning: loading a NULL string.\n"); - ret = -EINVAL; - goto end; -@@ -1322,7 +1355,7 @@ uint64_t lttng_filter_interpret_bytecode(void *filter_data, - estack_ax(stack, top)->u.s.literal_type = - ESTACK_STRING_LITERAL_TYPE_NONE; - estack_ax(stack, top)->u.s.user = 1; -- dbg_printk("ref load string %s\n", estack_ax(stack, top)->u.s.str); -+ dbg_load_ref_user_str_printk(estack_ax(stack, top)); - next_pc += sizeof(struct load_op) + sizeof(struct field_ref); - PO; - } -@@ -1340,7 +1373,7 @@ uint64_t lttng_filter_interpret_bytecode(void *filter_data, - estack_ax(stack, top)->u.s.user_str = - *(const char **) (&filter_stack_data[ref->offset - + sizeof(unsigned long)]); -- if (unlikely(!estack_ax(stack, top)->u.s.str)) { -+ if (unlikely(!estack_ax(stack, top)->u.s.user_str)) { - dbg_printk("Filter warning: loading a NULL sequence.\n"); - ret = -EINVAL; - goto end; --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-mm-tracing-record-slab-name-for-kmem_cache_free-.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-mm-tracing-record-slab-name-for-kmem_cache_free-.patch deleted file mode 100644 index 71f99b80a3..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0003-fix-mm-tracing-record-slab-name-for-kmem_cache_free-.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 49c603ef2dc6969f4454f0d849af00ee24bb7f04 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Thu, 4 Mar 2021 16:50:12 -0500 -Subject: [PATCH 3/4] fix: mm, tracing: record slab name for kmem_cache_free() - (v5.12) - -See upstream commit: - - commit 3544de8ee6e4817278b15fe08658de49abf58954 - Author: Jacob Wen <jian.w.wen@oracle.com> - Date: Wed Feb 24 12:00:55 2021 -0800 - - mm, tracing: record slab name for kmem_cache_free() - - Currently, a trace record generated by the RCU core is as below. - - ... kmem_cache_free: call_site=rcu_core+0x1fd/0x610 ptr=00000000f3b49a66 - - It doesn't tell us what the RCU core has freed. - - This patch adds the slab name to trace_kmem_cache_free(). - The new format is as follows. - - ... kmem_cache_free: call_site=rcu_core+0x1fd/0x610 ptr=0000000037f79c8d name=dentry - ... kmem_cache_free: call_site=rcu_core+0x1fd/0x610 ptr=00000000f78cb7b5 name=sock_inode_cache - ... kmem_cache_free: call_site=rcu_core+0x1fd/0x610 ptr=0000000018768985 name=pool_workqueue - ... kmem_cache_free: call_site=rcu_core+0x1fd/0x610 ptr=000000006a6cb484 name=radix_tree_node - - We can use it to understand what the RCU core is going to free. For - example, some users maybe interested in when the RCU core starts - freeing reclaimable slabs like dentry to reduce memory pressure. - - Link: https://lkml.kernel.org/r/20201216072804.8838-1-jian.w.wen@oracle.com - -Upstream-status: backport - -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I1ee2fc476614cadcc8d3ac5d8feddc7910e1aa3a ---- - instrumentation/events/lttng-module/kmem.h | 27 ++++++++++++++++++++++ - 1 file changed, 27 insertions(+) - -diff --git a/instrumentation/events/lttng-module/kmem.h b/instrumentation/events/lttng-module/kmem.h -index b134620a..d787ea54 100644 ---- a/instrumentation/events/lttng-module/kmem.h -+++ b/instrumentation/events/lttng-module/kmem.h -@@ -87,6 +87,32 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(kmem_alloc_node, kmem_cache_alloc_node, - TP_ARGS(call_site, ptr, bytes_req, bytes_alloc, gfp_flags, node) - ) - -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,12,0)) -+LTTNG_TRACEPOINT_EVENT(kfree, -+ -+ TP_PROTO(unsigned long call_site, const void *ptr), -+ -+ TP_ARGS(call_site, ptr), -+ -+ TP_FIELDS( -+ ctf_integer_hex(unsigned long, call_site, call_site) -+ ctf_integer_hex(const void *, ptr, ptr) -+ ) -+) -+ -+LTTNG_TRACEPOINT_EVENT(kmem_cache_free, -+ -+ TP_PROTO(unsigned long call_site, const void *ptr, const char *name), -+ -+ TP_ARGS(call_site, ptr, name), -+ -+ TP_FIELDS( -+ ctf_integer_hex(unsigned long, call_site, call_site) -+ ctf_integer_hex(const void *, ptr, ptr) -+ ctf_string(name, name) -+ ) -+) -+#else - LTTNG_TRACEPOINT_EVENT_CLASS(kmem_free, - - TP_PROTO(unsigned long call_site, const void *ptr), -@@ -114,6 +140,7 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(kmem_free, kmem_cache_free, - - TP_ARGS(call_site, ptr) - ) -+#endif - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(3,3,0)) - LTTNG_TRACEPOINT_EVENT_MAP(mm_page_free, kmem_mm_page_free, --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0004-Fix-kretprobe-null-ptr-deref-on-session-destroy.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0004-Fix-kretprobe-null-ptr-deref-on-session-destroy.patch deleted file mode 100644 index 8a839c2b43..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0004-Fix-kretprobe-null-ptr-deref-on-session-destroy.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 92cc3e7f76a545a2cd4828576971f1eea83f4e68 Mon Sep 17 00:00:00 2001 -From: Francis Deslauriers <francis.deslauriers@efficios.com> -Date: Wed, 17 Mar 2021 10:40:56 -0400 -Subject: [PATCH 4/4] Fix: kretprobe: null ptr deref on session destroy - -The `filter_bytecode_runtime_head` list is currently not initialized for -the return event of the kretprobe. This caused a kernel null ptr -dereference when destroying a session. It can reproduced with the -following commands: - - lttng create - lttng enable-event -k --function=lttng_test_filter_event_write my_event - lttng start - lttng stop - lttng destroy - -Upstream-status: backport - -Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I1162ce8b10dd7237a26331531f048346b984eee7 ---- - lttng-events.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/lttng-events.c b/lttng-events.c -index 984bd341..3450fa40 100644 ---- a/lttng-events.c -+++ b/lttng-events.c -@@ -704,6 +704,8 @@ struct lttng_event *_lttng_event_create(struct lttng_channel *chan, - event_return->enabled = 0; - event_return->registered = 1; - event_return->instrumentation = itype; -+ INIT_LIST_HEAD(&event_return->bytecode_runtime_head); -+ INIT_LIST_HEAD(&event_return->enablers_ref_head); - /* - * Populate lttng_event structure before kretprobe registration. - */ --- -2.19.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0005-fix-block-add-a-disk_uevent-helper-v5.12.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0005-fix-block-add-a-disk_uevent-helper-v5.12.patch deleted file mode 100644 index 3a2280ccdc..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0005-fix-block-add-a-disk_uevent-helper-v5.12.patch +++ /dev/null @@ -1,305 +0,0 @@ -From 17cd2dc91cb82ed342b0da699f2b1a70c1bf6a03 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Mon, 15 Mar 2021 14:54:02 -0400 -Subject: [PATCH 2/4] fix: block: add a disk_uevent helper (v5.12) - -See upstream commit: - - commit bc359d03c7ec1bf3b86d03bafaf6bbb21e6414fd - Author: Christoph Hellwig <hch@lst.de> - Date: Sun Jan 24 11:02:39 2021 +0100 - - block: add a disk_uevent helper - - Add a helper to call kobject_uevent for the disk and all partitions, and - unexport the disk_part_iter_* helpers that are now only used in the core - block code. - -Upstream-status: Backport [2.12.6] - -Change-Id: If6e8797049642ab382d5699660ee1dd734e92c90 -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> ---- - Makefile | 1 + - lttng-statedump-impl.c | 34 +++++++++---- - src/wrapper/genhd.c | 111 +++++++++++++++++++++++++++++++++++++++++ - wrapper/genhd.h | 62 +++++++++++++++++++++++ - 4 files changed, 198 insertions(+), 10 deletions(-) - create mode 100644 src/wrapper/genhd.c - -diff --git a/Makefile b/Makefile -index a9aff3f1..34043cfb 100644 ---- a/Makefile -+++ b/Makefile -@@ -80,6 +80,7 @@ ifneq ($(KERNELRELEASE),) - wrapper/kallsyms.o \ - wrapper/irqdesc.o \ - wrapper/fdtable.o \ -+ wrapper/genhd.o \ - lttng-wrapper-impl.o - - ifneq ($(CONFIG_HAVE_SYSCALL_TRACEPOINTS),) -diff --git a/lttng-statedump-impl.c b/lttng-statedump-impl.c -index 60b937c9..5511c7e8 100644 ---- a/lttng-statedump-impl.c -+++ b/lttng-statedump-impl.c -@@ -250,13 +250,17 @@ int lttng_enumerate_block_devices(struct lttng_session *session) - struct device_type *ptr_disk_type; - struct class_dev_iter iter; - struct device *dev; -+ int ret = 0; - - ptr_block_class = wrapper_get_block_class(); -- if (!ptr_block_class) -- return -ENOSYS; -+ if (!ptr_block_class) { -+ ret = -ENOSYS; -+ goto end; -+ } - ptr_disk_type = wrapper_get_disk_type(); - if (!ptr_disk_type) { -- return -ENOSYS; -+ ret = -ENOSYS; -+ goto end; - } - class_dev_iter_init(&iter, ptr_block_class, NULL, ptr_disk_type); - while ((dev = class_dev_iter_next(&iter))) { -@@ -272,22 +276,32 @@ int lttng_enumerate_block_devices(struct lttng_session *session) - (disk->flags & GENHD_FL_SUPPRESS_PARTITION_INFO)) - continue; - -- disk_part_iter_init(&piter, disk, DISK_PITER_INCL_PART0); -- while ((part = disk_part_iter_next(&piter))) { -+ /* -+ * The original 'disk_part_iter_init' returns void, but our -+ * wrapper can fail to lookup the original symbol. -+ */ -+ if (wrapper_disk_part_iter_init(&piter, disk, DISK_PITER_INCL_PART0) < 0) { -+ ret = -ENOSYS; -+ goto iter_exit; -+ } -+ -+ while ((part = wrapper_disk_part_iter_next(&piter))) { - char name_buf[BDEVNAME_SIZE]; - - if (lttng_get_part_name(disk, part, name_buf) == -ENOSYS) { -- disk_part_iter_exit(&piter); -- class_dev_iter_exit(&iter); -- return -ENOSYS; -+ wrapper_disk_part_iter_exit(&piter); -+ ret = -ENOSYS; -+ goto iter_exit; - } - trace_lttng_statedump_block_device(session, - lttng_get_part_devt(part), name_buf); - } -- disk_part_iter_exit(&piter); -+ wrapper_disk_part_iter_exit(&piter); - } -+iter_exit: - class_dev_iter_exit(&iter); -- return 0; -+end: -+ return ret; - } - - #ifdef CONFIG_INET -diff --git a/src/wrapper/genhd.c b/src/wrapper/genhd.c -new file mode 100644 -index 00000000..a5a6c410 ---- /dev/null -+++ b/src/wrapper/genhd.c -@@ -0,0 +1,111 @@ -+/* SPDX-License-Identifier: (GPL-2.0-only OR LGPL-2.1-only) -+ * -+ * wrapper/genhd.c -+ * -+ * Wrapper around disk_part_iter_(init|next|exit). Using KALLSYMS to get the -+ * addresses when available, else we need to have a kernel that exports this -+ * function to GPL modules. This export was removed in 5.12. -+ * -+ * Copyright (C) 2021 Michael Jeanson <mjeanson@efficios.com> -+ */ -+ -+#include <lttng/kernel-version.h> -+#include <linux/module.h> -+#include <wrapper/genhd.h> -+ -+#if (defined(CONFIG_KALLSYMS) && \ -+ (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,12,0))) -+ -+#include <wrapper/kallsyms.h> -+ -+static -+void (*disk_part_iter_init_sym)(struct disk_part_iter *piter, struct gendisk *disk, -+ unsigned int flags); -+ -+static -+LTTNG_DISK_PART_TYPE *(*disk_part_iter_next_sym)(struct disk_part_iter *piter); -+ -+static -+void (*disk_part_iter_exit_sym)(struct disk_part_iter *piter); -+ -+/* -+ * This wrapper has an 'int' return type instead of the original 'void', to be -+ * able to report the symbol lookup failure to the caller. -+ * -+ * Return 0 on success, -1 on error. -+ */ -+int wrapper_disk_part_iter_init(struct disk_part_iter *piter, struct gendisk *disk, -+ unsigned int flags) -+{ -+ if (!disk_part_iter_init_sym) -+ disk_part_iter_init_sym = (void *) kallsyms_lookup_funcptr("disk_part_iter_init"); -+ -+ if (disk_part_iter_init_sym) { -+ disk_part_iter_init_sym(piter, disk, flags); -+ } else { -+ printk_once(KERN_WARNING "LTTng: disk_part_iter_init symbol lookup failed.\n"); -+ return -1; -+ } -+ return 0; -+} -+EXPORT_SYMBOL_GPL(wrapper_disk_part_iter_init); -+ -+LTTNG_DISK_PART_TYPE *wrapper_disk_part_iter_next(struct disk_part_iter *piter) -+{ -+ if (!disk_part_iter_next_sym) -+ disk_part_iter_next_sym = (void *) kallsyms_lookup_funcptr("disk_part_iter_next"); -+ -+ if (disk_part_iter_next_sym) { -+ return disk_part_iter_next_sym(piter); -+ } else { -+ printk_once(KERN_WARNING "LTTng: disk_part_iter_next symbol lookup failed.\n"); -+ return NULL; -+ } -+} -+EXPORT_SYMBOL_GPL(wrapper_disk_part_iter_next); -+ -+/* -+ * We don't return an error on symbol lookup failure here because there is -+ * nothing the caller can do to cleanup the iterator. -+ */ -+void wrapper_disk_part_iter_exit(struct disk_part_iter *piter) -+{ -+ if (!disk_part_iter_exit_sym) -+ disk_part_iter_exit_sym = (void *) kallsyms_lookup_funcptr("disk_part_iter_exit"); -+ -+ if (disk_part_iter_exit_sym) { -+ disk_part_iter_exit_sym(piter); -+ } else { -+ printk_once(KERN_WARNING "LTTng: disk_part_iter_exit symbol lookup failed.\n"); -+ } -+} -+EXPORT_SYMBOL_GPL(wrapper_disk_part_iter_exit); -+ -+#else -+ -+/* -+ * This wrapper has an 'int' return type instead of the original 'void', so the -+ * kallsyms variant can report the symbol lookup failure to the caller. -+ * -+ * This variant always succeeds and returns 0. -+ */ -+int wrapper_disk_part_iter_init(struct disk_part_iter *piter, struct gendisk *disk, -+ unsigned int flags) -+{ -+ disk_part_iter_init(piter, disk, flags); -+ return 0; -+} -+EXPORT_SYMBOL_GPL(wrapper_disk_part_iter_init); -+ -+LTTNG_DISK_PART_TYPE *wrapper_disk_part_iter_next(struct disk_part_iter *piter) -+{ -+ return disk_part_iter_next(piter); -+} -+EXPORT_SYMBOL_GPL(wrapper_disk_part_iter_next); -+ -+void wrapper_disk_part_iter_exit(struct disk_part_iter *piter) -+{ -+ disk_part_iter_exit(piter); -+} -+EXPORT_SYMBOL_GPL(wrapper_disk_part_iter_exit); -+#endif -diff --git a/wrapper/genhd.h b/wrapper/genhd.h -index 98feb57b..6bae239d 100644 ---- a/wrapper/genhd.h -+++ b/wrapper/genhd.h -@@ -13,6 +13,13 @@ - #define _LTTNG_WRAPPER_GENHD_H - - #include <linux/genhd.h> -+#include <lttng/kernel-version.h> -+ -+#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) -+#define LTTNG_DISK_PART_TYPE struct block_device -+#else -+#define LTTNG_DISK_PART_TYPE struct hd_struct -+#endif - - #ifdef CONFIG_KALLSYMS_ALL - -@@ -94,4 +101,59 @@ struct device_type *wrapper_get_disk_type(void) - - #endif - -+/* -+ * This wrapper has an 'int' return type instead of the original 'void', to be -+ * able to report the symbol lookup failure to the caller. -+ * -+ * Return 0 on success, -1 on error. -+ */ -+int wrapper_disk_part_iter_init(struct disk_part_iter *piter, struct gendisk *disk, -+ unsigned int flags); -+LTTNG_DISK_PART_TYPE *wrapper_disk_part_iter_next(struct disk_part_iter *piter); -+void wrapper_disk_part_iter_exit(struct disk_part_iter *piter); -+ -+/* -+ * Canary function to check for 'disk_part_iter_init()' at compile time. -+ * -+ * From 'include/linux/genhd.h': -+ * -+ * extern void disk_part_iter_init(struct disk_part_iter *piter, -+ * struct gendisk *disk, unsigned int flags); -+ * -+ */ -+static inline -+void __canary__disk_part_iter_init(struct disk_part_iter *piter, struct gendisk *disk, -+ unsigned int flags) -+{ -+ disk_part_iter_init(piter, disk, flags); -+} -+ -+/* -+ * Canary function to check for 'disk_part_iter_next()' at compile time. -+ * -+ * From 'include/linux/genhd.h': -+ * -+ * struct block_device *disk_part_iter_next(struct disk_part_iter *piter); -+ * -+ */ -+static inline -+LTTNG_DISK_PART_TYPE *__canary__disk_part_iter_next(struct disk_part_iter *piter) -+{ -+ return disk_part_iter_next(piter); -+} -+ -+/* -+ * Canary function to check for 'disk_part_iter_exit()' at compile time. -+ * -+ * From 'include/linux/genhd.h': -+ * -+ * extern void disk_part_iter_exit(struct disk_part_iter *piter); -+ * -+ */ -+static inline -+void __canary__disk_part_iter_exit(struct disk_part_iter *piter) -+{ -+ return disk_part_iter_exit(piter); -+} -+ - #endif /* _LTTNG_WRAPPER_GENHD_H */ --- -2.25.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0006-fix-backport-block-add-a-disk_uevent-helper-v5.12.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0006-fix-backport-block-add-a-disk_uevent-helper-v5.12.patch deleted file mode 100644 index e32b3e7a2e..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0006-fix-backport-block-add-a-disk_uevent-helper-v5.12.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 127135b6a45d5fca828815c62308f72de97e5739 Mon Sep 17 00:00:00 2001 -From: Michael Jeanson <mjeanson@efficios.com> -Date: Thu, 15 Apr 2021 13:56:24 -0400 -Subject: [PATCH 3/4] fix backport: block: add a disk_uevent helper (v5.12) - -Upstream-Status: Backport [2.12.6] - -Signed-off-by: Michael Jeanson <mjeanson@efficios.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I717162069990577abe78e5e7fed28816f32b2c84 ---- - {src/wrapper => wrapper}/genhd.c | 2 +- - wrapper/genhd.h | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - rename {src/wrapper => wrapper}/genhd.c (98%) - -diff --git a/src/wrapper/genhd.c b/wrapper/genhd.c -similarity index 98% -rename from src/wrapper/genhd.c -rename to wrapper/genhd.c -index a5a6c410..cbec06f7 100644 ---- a/src/wrapper/genhd.c -+++ b/wrapper/genhd.c -@@ -9,7 +9,7 @@ - * Copyright (C) 2021 Michael Jeanson <mjeanson@efficios.com> - */ - --#include <lttng/kernel-version.h> -+#include <lttng-kernel-version.h> - #include <linux/module.h> - #include <wrapper/genhd.h> - -diff --git a/wrapper/genhd.h b/wrapper/genhd.h -index 6bae239d..1b4a4201 100644 ---- a/wrapper/genhd.h -+++ b/wrapper/genhd.h -@@ -13,7 +13,7 @@ - #define _LTTNG_WRAPPER_GENHD_H - - #include <linux/genhd.h> --#include <lttng/kernel-version.h> -+#include <lttng-kernel-version.h> - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,11,0)) - #define LTTNG_DISK_PART_TYPE struct block_device --- -2.25.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules/0007-fix-mm-tracing-kfree-event-name-mismatching-with-pro.patch b/poky/meta/recipes-kernel/lttng/lttng-modules/0007-fix-mm-tracing-kfree-event-name-mismatching-with-pro.patch deleted file mode 100644 index dfc9427dca..0000000000 --- a/poky/meta/recipes-kernel/lttng/lttng-modules/0007-fix-mm-tracing-kfree-event-name-mismatching-with-pro.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 853d5903a200d8a15b3f38780ddaea5c92fa1a03 Mon Sep 17 00:00:00 2001 -From: He Zhe <zhe.he@windriver.com> -Date: Mon, 19 Apr 2021 09:09:28 +0000 -Subject: [PATCH 4/4] fix: mm, tracing: kfree event name mismatching with - provider kmem (v5.12) - -a8bc8ae5c932 ("fix: mm, tracing: record slab name for kmem_cache_free() (v5.12)") -introduces the following call trace for kfree. This is caused by mismatch -between kfree event and its provider kmem. - -This patch maps kfree to kmem_kfree. - -WARNING: CPU: 2 PID: 42294 at src/lttng-probes.c:81 fixup_lazy_probes+0xb0/0x1b0 [lttng_tracer] -CPU: 2 PID: 42294 Comm: modprobe Tainted: G O 5.12.0-rc6-yoctodev-standard #1 -Hardware name: Intel Corporation JACOBSVILLE/JACOBSVILLE, BIOS JBVLCRB2.86B.0014.P20.2004020248 04/02/2020 -RIP: 0010:fixup_lazy_probes+0xb0/0x1b0 [lttng_tracer] -Code: 75 28 83 c3 01 3b 5d c4 74 22 48 8b 4d d0 48 63 - c3 4c 89 e2 4c 89 f6 48 8b 04 c1 4c 8b 38 4c 89 - ff e8 64 9f 4b de 85 c0 74 c3 <0f> 0b 48 8b 05 bf - f2 1e 00 48 8d 50 e8 48 3d f0 a0 98 c0 75 18 eb -RSP: 0018:ffffb976807bfbe0 EFLAGS: 00010286 -RAX: 00000000ffffffff RBX: 0000000000000004 RCX: 0000000000000004 -RDX: 0000000000000066 RSI: ffffffffc03c10a7 RDI: ffffffffc03c11a1 -RBP: ffffb976807bfc28 R08: 0000000000000000 R09: 0000000000000001 -R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000004 -R13: ffffffffc03c2000 R14: ffffffffc03c10a7 R15: ffffffffc03c11a1 -FS: 00007f0ef9533740(0000) GS:ffffa100faa00000(0000) knlGS:0000000000000000 -CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 -CR2: 0000561e8f0aa000 CR3: 000000015b318000 CR4: 0000000000350ee0 -Call Trace: - lttng_probe_register+0x38/0xe0 [lttng_tracer] - ? __event_probe__module_load+0x520/0x520 [lttng_probe_module] - __lttng_events_init__module+0x15/0x20 [lttng_probe_module] - do_one_initcall+0x68/0x310 - ? kmem_cache_alloc_trace+0x2ad/0x4c0 - ? do_init_module+0x28/0x280 - do_init_module+0x62/0x280 - load_module+0x26e4/0x2920 - ? kernel_read_file+0x22e/0x290 - __do_sys_finit_module+0xb1/0xf0 - __x64_sys_finit_module+0x1a/0x20 - do_syscall_64+0x38/0x50 - entry_SYSCALL_64_after_hwframe+0x44/0xae - -Upstream-Status: Backport [2.12.6] - -Signed-off-by: He Zhe <zhe.he@windriver.com> -Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> -Change-Id: I00e8ee2b8c35f6f8602c88295f5113fbbd139709 ---- - instrumentation/events/lttng-module/kmem.h | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/instrumentation/events/lttng-module/kmem.h b/instrumentation/events/lttng-module/kmem.h -index d787ea54..c9edee61 100644 ---- a/instrumentation/events/lttng-module/kmem.h -+++ b/instrumentation/events/lttng-module/kmem.h -@@ -88,7 +88,9 @@ LTTNG_TRACEPOINT_EVENT_INSTANCE(kmem_alloc_node, kmem_cache_alloc_node, - ) - - #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,12,0)) --LTTNG_TRACEPOINT_EVENT(kfree, -+LTTNG_TRACEPOINT_EVENT_MAP(kfree, -+ -+ kmem_kfree, - - TP_PROTO(unsigned long call_site, const void *ptr), - --- -2.25.1 - diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules_2.12.5.bb b/poky/meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb index 1a01cb0c01..1dff2b05f7 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-modules_2.12.5.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb @@ -11,16 +11,9 @@ include lttng-platforms.inc SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \ file://Makefile-Do-not-fail-if-CONFIG_TRACEPOINTS-is-not-en.patch \ - file://0001-Fix-memory-leaks-on-event-destroy.patch \ - file://0002-Fix-filter-interpreter-early-exits-on-uninitialized-.patch \ - file://0003-fix-mm-tracing-record-slab-name-for-kmem_cache_free-.patch \ - file://0004-Fix-kretprobe-null-ptr-deref-on-session-destroy.patch \ - file://0005-fix-block-add-a-disk_uevent-helper-v5.12.patch \ - file://0006-fix-backport-block-add-a-disk_uevent-helper-v5.12.patch \ - file://0007-fix-mm-tracing-kfree-event-name-mismatching-with-pro.patch \ " -SRC_URI[sha256sum] = "c4d1a1b42c728e37b6b7947ae16563a011c4b297311aa04d56f9a1791fb5a30a" +SRC_URI[sha256sum] = "95ac2a2cf92d85d23ffbdaca6a1ec0d7c167211d1e0fb850ab90004a3f475eaa" export INSTALL_MOD_DIR="kernel/lttng-modules" diff --git a/poky/meta/recipes-kernel/lttng/lttng-tools_2.12.3.bb b/poky/meta/recipes-kernel/lttng/lttng-tools_2.12.4.bb index 6132daf1a1..133d7561b8 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-tools_2.12.3.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-tools_2.12.4.bb @@ -15,7 +15,7 @@ include lttng-platforms.inc DEPENDS = "liburcu popt libxml2 util-linux" RDEPENDS_${PN} = "libgcc" RRECOMMENDS_${PN} += "${LTTNGMODULES}" -RDEPENDS_${PN}-ptest += "make perl bash gawk babeltrace procps perl-module-overloading coreutils util-linux kmod ${LTTNGMODULES} sed python3-core" +RDEPENDS_${PN}-ptest += "make perl bash gawk babeltrace procps perl-module-overloading coreutils util-linux kmod ${LTTNGMODULES} sed python3-core grep" RDEPENDS_${PN}-ptest_append_libc-glibc = " glibc-utils" RDEPENDS_${PN}-ptest_append_libc-musl = " musl-utils" # babelstats.pl wants getopt-long @@ -39,7 +39,7 @@ SRC_URI = "https://lttng.org/files/lttng-tools/lttng-tools-${PV}.tar.bz2 \ file://determinism.patch \ " -SRC_URI[sha256sum] = "2890da230edd523fcf497e9eb28133b7606d64fa01bcbffadbfcba42104db153" +SRC_URI[sha256sum] = "d729f8c2373a41194f171aeb0da0a9bb35ac181f31afa7e260786d19a500dea1" inherit autotools ptest pkgconfig useradd python3-dir manpages systemd @@ -69,7 +69,10 @@ do_install_append () { } do_install_ptest () { - for f in Makefile tests/Makefile tests/utils/utils.sh tests/regression/tools/save-load/*.lttng tests/regression/tools/save-load/configuration/load-42*.lttng tests/regression/tools/health/test_health.sh tests/regression/tools/metadata/utils.sh tests/regression/tools/rotation/rotate_utils.sh; do + for f in Makefile tests/Makefile tests/utils/utils.sh tests/regression/tools/save-load/*.lttng \ + tests/regression/tools/save-load/configuration/load-42*.lttng tests/regression/tools/health/test_health.sh \ + tests/regression/tools/metadata/utils.sh tests/regression/tools/rotation/rotate_utils.sh \ + tests/regression/tools/base-path/*.lttng; do install -D "${B}/$f" "${D}${PTEST_PATH}/$f" done diff --git a/poky/meta/recipes-kernel/perf/perf.bb b/poky/meta/recipes-kernel/perf/perf.bb index 28d0c6a2a2..563556c291 100644 --- a/poky/meta/recipes-kernel/perf/perf.bb +++ b/poky/meta/recipes-kernel/perf/perf.bb @@ -48,7 +48,7 @@ PROVIDES = "virtual/perf" inherit linux-kernel-base kernel-arch manpages # needed for building the tools/perf Python bindings -inherit ${@bb.utils.contains('PACKAGECONFIG', 'scripting', 'python3native', '', d)} +inherit ${@bb.utils.contains('PACKAGECONFIG', 'scripting', 'python3targetconfig', '', d)} inherit python3-dir export PYTHON_SITEPACKAGES_DIR diff --git a/poky/meta/recipes-support/boost/boost-1.75.0.inc b/poky/meta/recipes-support/boost/boost-1.75.0.inc index e5a8488c58..bc70c73739 100644 --- a/poky/meta/recipes-support/boost/boost-1.75.0.inc +++ b/poky/meta/recipes-support/boost/boost-1.75.0.inc @@ -11,7 +11,7 @@ BOOST_VER = "${@"_".join(d.getVar("PV").split("."))}" BOOST_MAJ = "${@"_".join(d.getVar("PV").split(".")[0:2])}" BOOST_P = "boost_${BOOST_VER}" -SRC_URI = "https://dl.bintray.com/boostorg/release/${PV}/source/${BOOST_P}.tar.bz2" +SRC_URI = "https://boostorg.jfrog.io/artifactory/main/release/${PV}/source/${BOOST_P}.tar.bz2" SRC_URI[sha256sum] = "953db31e016db7bb207f11432bef7df100516eeb746843fa0486a222e3fd49cb" UPSTREAM_CHECK_URI = "http://www.boost.org/users/download/" diff --git a/poky/meta/recipes-support/curl/curl/0001-vtls-add-isproxy-argument-to-Curl_ssl_get-addsession.patch b/poky/meta/recipes-support/curl/curl/0001-vtls-add-isproxy-argument-to-Curl_ssl_get-addsession.patch new file mode 100644 index 0000000000..1e0e18cf12 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/0001-vtls-add-isproxy-argument-to-Curl_ssl_get-addsession.patch @@ -0,0 +1,517 @@ +From e499142d377b56c7606437d14c99d3cb27aba9fd Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <trevor.gamblin@windriver.com> +Date: Tue, 1 Jun 2021 09:50:20 -0400 +Subject: [PATCH] vtls: add 'isproxy' argument to Curl_ssl_get/addsessionid() + +To make sure we set and extract the correct session. + +Reported-by: Mingtao Yang +Bug: https://curl.se/docs/CVE-2021-22890.html + +CVE: CVE-2021-22890 + +Upstream-Status: Backport +(https://github.com/curl/curl/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844) + +Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> +--- + lib/vtls/bearssl.c | 8 +++++-- + lib/vtls/gtls.c | 12 ++++++---- + lib/vtls/mbedtls.c | 12 ++++++---- + lib/vtls/mesalink.c | 14 ++++++++---- + lib/vtls/openssl.c | 54 +++++++++++++++++++++++++++++++++----------- + lib/vtls/schannel.c | 10 ++++---- + lib/vtls/sectransp.c | 10 ++++---- + lib/vtls/vtls.c | 12 +++++++--- + lib/vtls/vtls.h | 2 ++ + lib/vtls/wolfssl.c | 29 ++++++++++++++---------- + 10 files changed, 112 insertions(+), 51 deletions(-) + +diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c +index 29b08c0e6..0432dfadc 100644 +--- a/lib/vtls/bearssl.c ++++ b/lib/vtls/bearssl.c +@@ -375,7 +375,8 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data, + void *session; + + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, &session, NULL, sockindex)) { ++ if(!Curl_ssl_getsessionid(data, conn, SSL_IS_PROXY() ? TRUE : FALSE, ++ &session, NULL, sockindex)) { + br_ssl_engine_set_session_parameters(&backend->ctx.eng, session); + infof(data, "BearSSL: re-using session ID\n"); + } +@@ -571,10 +572,13 @@ static CURLcode bearssl_connect_step3(struct Curl_easy *data, + br_ssl_engine_get_session_parameters(&backend->ctx.eng, session); + Curl_ssl_sessionid_lock(data); + incache = !(Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, + &oldsession, NULL, sockindex)); + if(incache) + Curl_ssl_delsessionid(data, oldsession); +- ret = Curl_ssl_addsessionid(data, conn, session, 0, sockindex); ++ ret = Curl_ssl_addsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, ++ session, 0, sockindex); + Curl_ssl_sessionid_unlock(data); + if(ret) { + free(session); +diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c +index 3ddee1974..28ca528a6 100644 +--- a/lib/vtls/gtls.c ++++ b/lib/vtls/gtls.c +@@ -733,6 +733,7 @@ gtls_connect_step1(struct Curl_easy *data, + + Curl_ssl_sessionid_lock(data); + if(!Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, + &ssl_sessionid, &ssl_idsize, sockindex)) { + /* we got a session id, use it! */ + gnutls_session_set_data(session, ssl_sessionid, ssl_idsize); +@@ -1292,8 +1293,9 @@ gtls_connect_step3(struct Curl_easy *data, + gnutls_session_get_data(session, connect_sessionid, &connect_idsize); + + Curl_ssl_sessionid_lock(data); +- incache = !(Curl_ssl_getsessionid(data, conn, &ssl_sessionid, NULL, +- sockindex)); ++ incache = !(Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, ++ &ssl_sessionid, NULL, sockindex)); + if(incache) { + /* there was one before in the cache, so instead of risking that the + previous one was rejected, we just kill that and store the new */ +@@ -1301,8 +1303,10 @@ gtls_connect_step3(struct Curl_easy *data, + } + + /* store this session id */ +- result = Curl_ssl_addsessionid(data, conn, connect_sessionid, +- connect_idsize, sockindex); ++ result = Curl_ssl_addsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, ++ connect_sessionid, connect_idsize, ++ sockindex); + Curl_ssl_sessionid_unlock(data); + if(result) { + free(connect_sessionid); +diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c +index fc3a948d1..bd0e0802e 100644 +--- a/lib/vtls/mbedtls.c ++++ b/lib/vtls/mbedtls.c +@@ -463,7 +463,9 @@ mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn, + void *old_session = NULL; + + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, &old_session, NULL, sockindex)) { ++ if(!Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, ++ &old_session, NULL, sockindex)) { + ret = mbedtls_ssl_set_session(&backend->ssl, old_session); + if(ret) { + Curl_ssl_sessionid_unlock(data); +@@ -724,6 +726,7 @@ mbed_connect_step3(struct Curl_easy *data, struct connectdata *conn, + int ret; + mbedtls_ssl_session *our_ssl_sessionid; + void *old_ssl_sessionid = NULL; ++ bool isproxy = SSL_IS_PROXY() ? TRUE : FALSE; + + our_ssl_sessionid = malloc(sizeof(mbedtls_ssl_session)); + if(!our_ssl_sessionid) +@@ -742,11 +745,12 @@ mbed_connect_step3(struct Curl_easy *data, struct connectdata *conn, + + /* If there's already a matching session in the cache, delete it */ + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, &old_ssl_sessionid, NULL, sockindex)) ++ if(!Curl_ssl_getsessionid(data, conn, isproxy, &old_ssl_sessionid, NULL, ++ sockindex)) + Curl_ssl_delsessionid(data, old_ssl_sessionid); + +- retcode = Curl_ssl_addsessionid(data, conn, +- our_ssl_sessionid, 0, sockindex); ++ retcode = Curl_ssl_addsessionid(data, conn, isproxy, our_ssl_sessionid, ++ 0, sockindex); + Curl_ssl_sessionid_unlock(data); + if(retcode) { + mbedtls_ssl_session_free(our_ssl_sessionid); +diff --git a/lib/vtls/mesalink.c b/lib/vtls/mesalink.c +index b6d1005ec..ad807d3ba 100644 +--- a/lib/vtls/mesalink.c ++++ b/lib/vtls/mesalink.c +@@ -261,7 +261,9 @@ mesalink_connect_step1(struct Curl_easy *data, + void *ssl_sessionid = NULL; + + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, &ssl_sessionid, NULL, sockindex)) { ++ if(!Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, ++ &ssl_sessionid, NULL, sockindex)) { + /* we got a session id, use it! */ + if(!SSL_set_session(BACKEND->handle, ssl_sessionid)) { + Curl_ssl_sessionid_unlock(data); +@@ -345,13 +347,14 @@ mesalink_connect_step3(struct connectdata *conn, int sockindex) + bool incache; + SSL_SESSION *our_ssl_sessionid; + void *old_ssl_sessionid = NULL; ++ bool isproxy = SSL_IS_PROXY() ? TRUE : FALSE; + + our_ssl_sessionid = SSL_get_session(BACKEND->handle); + + Curl_ssl_sessionid_lock(data); + incache = +- !(Curl_ssl_getsessionid(data, conn, +- &old_ssl_sessionid, NULL, sockindex)); ++ !(Curl_ssl_getsessionid(data, conn, isproxy, &old_ssl_sessionid, NULL, ++ sockindex)); + if(incache) { + if(old_ssl_sessionid != our_ssl_sessionid) { + infof(data, "old SSL session ID is stale, removing\n"); +@@ -361,8 +364,9 @@ mesalink_connect_step3(struct connectdata *conn, int sockindex) + } + + if(!incache) { +- result = Curl_ssl_addsessionid( +- data, conn, our_ssl_sessionid, 0 /* unknown size */, sockindex); ++ result = ++ Curl_ssl_addsessionid(data, conn, isproxy, our_ssl_sessionid, 0, ++ sockindex); + if(result) { + Curl_ssl_sessionid_unlock(data); + failf(data, "failed to store ssl session"); +diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c +index 784d9f70e..8304264d3 100644 +--- a/lib/vtls/openssl.c ++++ b/lib/vtls/openssl.c +@@ -391,12 +391,23 @@ static int ossl_get_ssl_conn_index(void) + */ + static int ossl_get_ssl_sockindex_index(void) + { +- static int ssl_ex_data_sockindex_index = -1; +- if(ssl_ex_data_sockindex_index < 0) { +- ssl_ex_data_sockindex_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, +- NULL); ++ static int sockindex_index = -1; ++ if(sockindex_index < 0) { ++ sockindex_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); + } +- return ssl_ex_data_sockindex_index; ++ return sockindex_index; ++} ++ ++/* Return an extra data index for proxy boolean. ++ * This index can be used with SSL_get_ex_data() and SSL_set_ex_data(). ++ */ ++static int ossl_get_proxy_index(void) ++{ ++ static int proxy_index = -1; ++ if(proxy_index < 0) { ++ proxy_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); ++ } ++ return proxy_index; + } + + static int passwd_callback(char *buf, int num, int encrypting, +@@ -1172,7 +1183,7 @@ static int ossl_init(void) + + /* Initialize the extra data indexes */ + if(ossl_get_ssl_data_index() < 0 || ossl_get_ssl_conn_index() < 0 || +- ossl_get_ssl_sockindex_index() < 0) ++ ossl_get_ssl_sockindex_index() < 0 || ossl_get_proxy_index() < 0) + return 0; + + return 1; +@@ -2455,8 +2466,10 @@ static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid) + int data_idx = ossl_get_ssl_data_index(); + int connectdata_idx = ossl_get_ssl_conn_index(); + int sockindex_idx = ossl_get_ssl_sockindex_index(); ++ int proxy_idx = ossl_get_proxy_index(); ++ bool isproxy; + +- if(data_idx < 0 || connectdata_idx < 0 || sockindex_idx < 0) ++ if(data_idx < 0 || connectdata_idx < 0 || sockindex_idx < 0 || proxy_idx < 0) + return 0; + + conn = (struct connectdata*) SSL_get_ex_data(ssl, connectdata_idx); +@@ -2469,13 +2482,18 @@ static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid) + sockindex_ptr = (curl_socket_t*) SSL_get_ex_data(ssl, sockindex_idx); + sockindex = (int)(sockindex_ptr - conn->sock); + ++ isproxy = SSL_get_ex_data(ssl, proxy_idx) ? TRUE : FALSE; ++ + if(SSL_SET_OPTION(primary.sessionid)) { + bool incache; + void *old_ssl_sessionid = NULL; + + Curl_ssl_sessionid_lock(data); +- incache = !(Curl_ssl_getsessionid(data, conn, &old_ssl_sessionid, NULL, +- sockindex)); ++ if(isproxy) ++ incache = FALSE; ++ else ++ incache = !(Curl_ssl_getsessionid(data, conn, isproxy, ++ &old_ssl_sessionid, NULL, sockindex)); + if(incache) { + if(old_ssl_sessionid != ssl_sessionid) { + infof(data, "old SSL session ID is stale, removing\n"); +@@ -2485,8 +2503,8 @@ static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid) + } + + if(!incache) { +- if(!Curl_ssl_addsessionid(data, conn, ssl_sessionid, +- 0 /* unknown size */, sockindex)) { ++ if(!Curl_ssl_addsessionid(data, conn, isproxy, ssl_sessionid, ++ 0 /* unknown size */, sockindex)) { + /* the session has been put into the session cache */ + res = 1; + } +@@ -3212,17 +3230,27 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data, + int data_idx = ossl_get_ssl_data_index(); + int connectdata_idx = ossl_get_ssl_conn_index(); + int sockindex_idx = ossl_get_ssl_sockindex_index(); ++ int proxy_idx = ossl_get_proxy_index(); + +- if(data_idx >= 0 && connectdata_idx >= 0 && sockindex_idx >= 0) { ++ if(data_idx >= 0 && connectdata_idx >= 0 && sockindex_idx >= 0 && ++ proxy_idx >= 0) { + /* Store the data needed for the "new session" callback. + * The sockindex is stored as a pointer to an array element. */ + SSL_set_ex_data(backend->handle, data_idx, data); + SSL_set_ex_data(backend->handle, connectdata_idx, conn); + SSL_set_ex_data(backend->handle, sockindex_idx, conn->sock + sockindex); ++#ifndef CURL_DISABLE_PROXY ++ SSL_set_ex_data(backend->handle, proxy_idx, SSL_IS_PROXY() ? (void *) 1: ++ NULL); ++#else ++ SSL_set_ex_data(backend->handle, proxy_idx, NULL); ++#endif ++ + } + + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, &ssl_sessionid, NULL, sockindex)) { ++ if(!Curl_ssl_getsessionid(data, conn, SSL_IS_PROXY() ? TRUE : FALSE, ++ &ssl_sessionid, NULL, sockindex)) { + /* we got a session id, use it! */ + if(!SSL_set_session(backend->handle, ssl_sessionid)) { + Curl_ssl_sessionid_unlock(data); +diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c +index 0668f98f2..bd27ba0bf 100644 +--- a/lib/vtls/schannel.c ++++ b/lib/vtls/schannel.c +@@ -496,6 +496,7 @@ schannel_connect_step1(struct Curl_easy *data, struct connectdata *conn, + if(SSL_SET_OPTION(primary.sessionid)) { + Curl_ssl_sessionid_lock(data); + if(!Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, + (void **)&old_cred, NULL, sockindex)) { + BACKEND->cred = old_cred; + DEBUGF(infof(data, "schannel: re-using existing credential handle\n")); +@@ -1337,8 +1338,9 @@ schannel_connect_step3(struct Curl_easy *data, struct connectdata *conn, + struct ssl_connect_data *connssl = &conn->ssl[sockindex]; + SECURITY_STATUS sspi_status = SEC_E_OK; + CERT_CONTEXT *ccert_context = NULL; ++ bool isproxy = SSL_IS_PROXY(); + #ifdef DEBUGBUILD +- const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : ++ const char * const hostname = isproxy ? conn->http_proxy.host.name : + conn->host.name; + #endif + #ifdef HAS_ALPN +@@ -1414,8 +1416,8 @@ schannel_connect_step3(struct Curl_easy *data, struct connectdata *conn, + struct Curl_schannel_cred *old_cred = NULL; + + Curl_ssl_sessionid_lock(data); +- incache = !(Curl_ssl_getsessionid(data, conn, (void **)&old_cred, NULL, +- sockindex)); ++ incache = !(Curl_ssl_getsessionid(data, conn, isproxy, (void **)&old_cred, ++ NULL, sockindex)); + if(incache) { + if(old_cred != BACKEND->cred) { + DEBUGF(infof(data, +@@ -1426,7 +1428,7 @@ schannel_connect_step3(struct Curl_easy *data, struct connectdata *conn, + } + } + if(!incache) { +- result = Curl_ssl_addsessionid(data, conn, (void *)BACKEND->cred, ++ result = Curl_ssl_addsessionid(data, conn, isproxy, BACKEND->cred, + sizeof(struct Curl_schannel_cred), + sockindex); + if(result) { +diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c +index 9a8f7de8d..6d1ea7e7b 100644 +--- a/lib/vtls/sectransp.c ++++ b/lib/vtls/sectransp.c +@@ -1400,10 +1400,12 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data, + char * const ssl_cert = SSL_SET_OPTION(primary.clientcert); + const struct curl_blob *ssl_cert_blob = SSL_SET_OPTION(primary.cert_blob); + #ifndef CURL_DISABLE_PROXY +- const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : ++ bool isproxy = SSL_IS_PROXY(); ++ const char * const hostname = isproxy ? conn->http_proxy.host.name : + conn->host.name; + const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port; + #else ++ const isproxy = FALSE; + const char * const hostname = conn->host.name; + const long int port = conn->remote_port; + #endif +@@ -1613,7 +1615,7 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data, + #ifdef USE_NGHTTP2 + if(data->set.httpversion >= CURL_HTTP_VERSION_2 + #ifndef CURL_DISABLE_PROXY +- && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) ++ && (!isproxy || !conn->bits.tunnel_proxy) + #endif + ) { + CFArrayAppendValue(alpnArr, CFSTR(NGHTTP2_PROTO_VERSION_ID)); +@@ -1953,7 +1955,7 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data, + size_t ssl_sessionid_len; + + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, (void **)&ssl_sessionid, ++ if(!Curl_ssl_getsessionid(data, conn, isproxy, (void **)&ssl_sessionid, + &ssl_sessionid_len, sockindex)) { + /* we got a session id, use it! */ + err = SSLSetPeerID(backend->ssl_ctx, ssl_sessionid, ssl_sessionid_len); +@@ -1981,7 +1983,7 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data, + return CURLE_SSL_CONNECT_ERROR; + } + +- result = Curl_ssl_addsessionid(data, conn, ssl_sessionid, ++ result = Curl_ssl_addsessionid(data, conn, isproxy, ssl_sessionid, + ssl_sessionid_len, sockindex); + Curl_ssl_sessionid_unlock(data); + if(result) { +diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c +index b8ab7494f..8ccc1f2e4 100644 +--- a/lib/vtls/vtls.c ++++ b/lib/vtls/vtls.c +@@ -367,6 +367,7 @@ void Curl_ssl_sessionid_unlock(struct Curl_easy *data) + */ + bool Curl_ssl_getsessionid(struct Curl_easy *data, + struct connectdata *conn, ++ const bool isProxy, + void **ssl_sessionid, + size_t *idsize, /* set 0 if unknown */ + int sockindex) +@@ -377,7 +378,6 @@ bool Curl_ssl_getsessionid(struct Curl_easy *data, + bool no_match = TRUE; + + #ifndef CURL_DISABLE_PROXY +- const bool isProxy = CONNECT_PROXY_SSL(); + struct ssl_primary_config * const ssl_config = isProxy ? + &conn->proxy_ssl_config : + &conn->ssl_config; +@@ -389,10 +389,15 @@ bool Curl_ssl_getsessionid(struct Curl_easy *data, + struct ssl_primary_config * const ssl_config = &conn->ssl_config; + const char * const name = conn->host.name; + int port = conn->remote_port; +- (void)sockindex; + #endif ++ (void)sockindex; + *ssl_sessionid = NULL; + ++#ifdef CURL_DISABLE_PROXY ++ if(isProxy) ++ return TRUE; ++#endif ++ + DEBUGASSERT(SSL_SET_OPTION(primary.sessionid)); + + if(!SSL_SET_OPTION(primary.sessionid)) +@@ -480,6 +485,7 @@ void Curl_ssl_delsessionid(struct Curl_easy *data, void *ssl_sessionid) + */ + CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, + struct connectdata *conn, ++ bool isProxy, + void *ssl_sessionid, + size_t idsize, + int sockindex) +@@ -492,7 +498,6 @@ CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, + int conn_to_port; + long *general_age; + #ifndef CURL_DISABLE_PROXY +- const bool isProxy = CONNECT_PROXY_SSL(); + struct ssl_primary_config * const ssl_config = isProxy ? + &conn->proxy_ssl_config : + &conn->ssl_config; +@@ -505,6 +510,7 @@ CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, + const char *hostname = conn->host.name; + (void)sockindex; + #endif ++ (void)sockindex; + DEBUGASSERT(SSL_SET_OPTION(primary.sessionid)); + + clone_host = strdup(hostname); +diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h +index 9666682ec..4dc29794c 100644 +--- a/lib/vtls/vtls.h ++++ b/lib/vtls/vtls.h +@@ -222,6 +222,7 @@ void Curl_ssl_sessionid_unlock(struct Curl_easy *data); + */ + bool Curl_ssl_getsessionid(struct Curl_easy *data, + struct connectdata *conn, ++ const bool isproxy, + void **ssl_sessionid, + size_t *idsize, /* set 0 if unknown */ + int sockindex); +@@ -232,6 +233,7 @@ bool Curl_ssl_getsessionid(struct Curl_easy *data, + */ + CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, + struct connectdata *conn, ++ const bool isProxy, + void *ssl_sessionid, + size_t idsize, + int sockindex); +diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c +index e1fa45926..f1b12b1d8 100644 +--- a/lib/vtls/wolfssl.c ++++ b/lib/vtls/wolfssl.c +@@ -516,7 +516,9 @@ wolfssl_connect_step1(struct Curl_easy *data, struct connectdata *conn, + void *ssl_sessionid = NULL; + + Curl_ssl_sessionid_lock(data); +- if(!Curl_ssl_getsessionid(data, conn, &ssl_sessionid, NULL, sockindex)) { ++ if(!Curl_ssl_getsessionid(data, conn, ++ SSL_IS_PROXY() ? TRUE : FALSE, ++ &ssl_sessionid, NULL, sockindex)) { + /* we got a session id, use it! */ + if(!SSL_set_session(backend->handle, ssl_sessionid)) { + char error_buffer[WOLFSSL_MAX_ERROR_SZ]; +@@ -774,21 +776,24 @@ wolfssl_connect_step3(struct Curl_easy *data, struct connectdata *conn, + void *old_ssl_sessionid = NULL; + + our_ssl_sessionid = SSL_get_session(backend->handle); +- +- Curl_ssl_sessionid_lock(data); +- incache = !(Curl_ssl_getsessionid(data, conn, &old_ssl_sessionid, NULL, +- sockindex)); +- if(incache) { +- if(old_ssl_sessionid != our_ssl_sessionid) { +- infof(data, "old SSL session ID is stale, removing\n"); +- Curl_ssl_delsessionid(data, old_ssl_sessionid); +- incache = FALSE; ++ bool isproxy = SSL_IS_PROXY() ? TRUE : FALSE; ++ ++ if(our_ssl_sessionid) { ++ Curl_ssl_sessionid_lock(data); ++ incache = !(Curl_ssl_getsessionid(data, conn, isproxy, ++ &old_ssl_sessionid, NULL, sockindex)); ++ if(incache) { ++ if(old_ssl_sessionid != our_ssl_sessionid) { ++ infof(data, "old SSL session ID is stale, removing\n"); ++ Curl_ssl_delsessionid(data, old_ssl_sessionid); ++ incache = FALSE; ++ } + } + } + + if(!incache) { +- result = Curl_ssl_addsessionid(data, conn, our_ssl_sessionid, +- 0 /* unknown size */, sockindex); ++ result = Curl_ssl_addsessionid(data, conn, isproxy, our_ssl_sessionid, ++ 0, sockindex); + if(result) { + Curl_ssl_sessionid_unlock(data); + failf(data, "failed to store ssl session"); +-- +2.31.1 + diff --git a/poky/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch b/poky/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch new file mode 100644 index 0000000000..c02c9bed68 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch @@ -0,0 +1,155 @@ +From 21f6cf63939111d8d76d3a4c07f2cd2fe6cb78f8 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <trevor.gamblin@windriver.com> +Date: Tue, 1 Jun 2021 09:59:20 -0400 +Subject: [PATCH 2/2] transfer: strip credentials from the auto-referer header + field + +Added test 2081 to verify. + +CVE: CVE-2021-22876 + +Upstream-Status: Backport +(https://github.com/curl/curl/commit/7214288898f5625a6cc196e22a74232eada7861c) + +Bug: https://curl.se/docs/CVE-2021-22876.html + +Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> +--- + lib/transfer.c | 25 ++++++++++++++-- + tests/data/Makefile.inc | 2 +- + tests/data/test2081 | 66 +++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 90 insertions(+), 3 deletions(-) + create mode 100644 tests/data/test2081 + +diff --git a/lib/transfer.c b/lib/transfer.c +index 2f29b29d8..c641a1d47 100644 +--- a/lib/transfer.c ++++ b/lib/transfer.c +@@ -1565,6 +1565,9 @@ CURLcode Curl_follow(struct Curl_easy *data, + data->set.followlocation++; /* count location-followers */ + + if(data->set.http_auto_referer) { ++ CURLU *u; ++ char *referer; ++ + /* We are asked to automatically set the previous URL as the referer + when we get the next URL. We pick the ->url field, which may or may + not be 100% correct */ +@@ -1574,9 +1577,27 @@ CURLcode Curl_follow(struct Curl_easy *data, + data->change.referer_alloc = FALSE; + } + +- data->change.referer = strdup(data->change.url); +- if(!data->change.referer) ++ /* Make a copy of the URL without crenditals and fragment */ ++ u = curl_url(); ++ if(!u) ++ return CURLE_OUT_OF_MEMORY; ++ ++ uc = curl_url_set(u, CURLUPART_URL, data->change.url, 0); ++ if(!uc) ++ uc = curl_url_set(u, CURLUPART_FRAGMENT, NULL, 0); ++ if(!uc) ++ uc = curl_url_set(u, CURLUPART_USER, NULL, 0); ++ if(!uc) ++ uc = curl_url_set(u, CURLUPART_PASSWORD, NULL, 0); ++ if(!uc) ++ uc = curl_url_get(u, CURLUPART_URL, &referer, 0); ++ ++ curl_url_cleanup(u); ++ ++ if(uc || referer == NULL) + return CURLE_OUT_OF_MEMORY; ++ ++ data->change.referer = referer; + data->change.referer_alloc = TRUE; /* yes, free this later */ + } + } +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index 5ebf049b8..e08cfc7ee 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -223,7 +223,7 @@ test2064 test2065 test2066 test2067 test2068 test2069 \ + test2064 test2065 test2066 test2067 test2068 test2069 test2070 \ + test2071 test2072 test2073 test2074 test2075 test2076 test2077 \ + test2078 \ +-test2080 \ ++test2080 test2081\ + test2100 \ + \ + test3000 test3001 test3002 test3003 test3004 test3005 test3006 test3007 \ +diff --git a/tests/data/test2081 b/tests/data/test2081 +new file mode 100644 +index 000000000..7e74f5766 +--- /dev/null ++++ b/tests/data/test2081 +@@ -0,0 +1,66 @@ ++<testcase> ++<info> ++<keywords> ++HTTP ++HTTP GET ++referer ++followlocation ++--write-out ++</keywords> ++</info> ++ ++# Server-side ++<reply> ++<data nocheck="yes"> ++HTTP/1.1 301 This is a weirdo text message swsclose ++Location: data/%TESTNUMBER0002.txt?coolsite=yes ++Content-Length: 62 ++Connection: close ++ ++This server reply is for testing a simple Location: following ++</data> ++</reply> ++ ++# Client-side ++<client> ++<server> ++http ++</server> ++ <name> ++Automatic referrer credential and anchor stripping check ++ </name> ++ <command> ++http://user:pass@%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER#anchor --location --referer ';auto' --write-out '%{referer}\n' ++</command> ++</client> ++ ++# Verify data after the test has been "shot" ++<verify> ++<errorcode> ++52 ++</errorcode> ++<protocol> ++GET /we/want/our/%TESTNUMBER HTTP/1.1 ++Host: %HOSTIP:%HTTPPORT ++Authorization: Basic dXNlcjpwYXNz ++User-Agent: curl/%VERSION ++Accept: */* ++ ++GET /we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 ++Host: %HOSTIP:%HTTPPORT ++Authorization: Basic dXNlcjpwYXNz ++User-Agent: curl/%VERSION ++Accept: */* ++Referer: http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER ++ ++</protocol> ++<stdout> ++HTTP/1.1 301 This is a weirdo text message swsclose ++Location: data/%TESTNUMBER0002.txt?coolsite=yes ++Content-Length: 62 ++Connection: close ++ ++http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER ++</stdout> ++</verify> ++</testcase> +-- +2.31.1 + diff --git a/poky/meta/recipes-support/curl/curl/vtls-fix-addsessionid.patch b/poky/meta/recipes-support/curl/curl/vtls-fix-addsessionid.patch new file mode 100644 index 0000000000..a4b9cb8931 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/vtls-fix-addsessionid.patch @@ -0,0 +1,31 @@ +From 2c26eeef12f0204fb85d6bf40b4e7a1e2ddcdf24 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Mon, 29 Mar 2021 12:50:57 +0200 +Subject: [PATCH] vtls: fix addsessionid for non-proxy builds + +Follow-up to b09c8ee15771c61 +Fixes #6812 +Closes #6811 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/2c26eeef12f0204fb85d6bf40b4e7a1e2ddcdf24] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + lib/vtls/vtls.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c +index 95fd6356285f..2e07df0a0462 100644 +--- a/lib/vtls/vtls.c ++++ b/lib/vtls/vtls.c +@@ -504,11 +504,8 @@ CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, + const char *hostname = isProxy ? conn->http_proxy.host.name : + conn->host.name; + #else +- /* proxy support disabled */ +- const bool isProxy = FALSE; + struct ssl_primary_config * const ssl_config = &conn->ssl_config; + const char *hostname = conn->host.name; +- (void)sockindex; + #endif + (void)sockindex; + DEBUGASSERT(SSL_SET_OPTION(primary.sessionid)); diff --git a/poky/meta/recipes-support/curl/curl/vtls-fix-warning.patch b/poky/meta/recipes-support/curl/curl/vtls-fix-warning.patch new file mode 100644 index 0000000000..113b6fd116 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/vtls-fix-warning.patch @@ -0,0 +1,40 @@ +From b31d9ccfc2da288900e6857ad8d048c612328cac Mon Sep 17 00:00:00 2001 +From: Jay Satiro <raysatiro@yahoo.com> +Date: Sun, 20 Jun 2021 16:42:58 -0400 +Subject: [PATCH] vtls: fix warning due to function prototype mismatch + +b09c8ee changed the function prototype. Caught by Visual Studio. + +Upstream-Status: Backport [https://github.com/curl/curl/commit/b31d9ccfc2da288900e6857ad8d048c612328cac] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + lib/vtls/vtls.c | 2 +- + lib/vtls/vtls.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c +index 82883c9c55e2..fe43703bf8b8 100644 +--- a/lib/vtls/vtls.c ++++ b/lib/vtls/vtls.c +@@ -497,7 +497,7 @@ void Curl_ssl_delsessionid(struct Curl_easy *data, void *ssl_sessionid) + */ + CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, + struct connectdata *conn, +- bool isProxy, ++ const bool isProxy, + void *ssl_sessionid, + size_t idsize, + int sockindex) +diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h +index a0585c9cec4c..f1a9b8033ae5 100644 +--- a/lib/vtls/vtls.h ++++ b/lib/vtls/vtls.h +@@ -247,7 +247,7 @@ void Curl_ssl_sessionid_unlock(struct Curl_easy *data); + */ + bool Curl_ssl_getsessionid(struct Curl_easy *data, + struct connectdata *conn, +- const bool isproxy, ++ const bool isProxy, + void **ssl_sessionid, + size_t *idsize, /* set 0 if unknown */ + int sockindex); diff --git a/poky/meta/recipes-support/curl/curl_7.75.0.bb b/poky/meta/recipes-support/curl/curl_7.75.0.bb index 7666c7b608..f7a8202bc9 100644 --- a/poky/meta/recipes-support/curl/curl_7.75.0.bb +++ b/poky/meta/recipes-support/curl/curl_7.75.0.bb @@ -11,6 +11,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=425f6fdc767cc067518eef9bbdf4ab7b" SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://0001-replace-krb5-config-with-pkg-config.patch \ + file://0001-vtls-add-isproxy-argument-to-Curl_ssl_get-addsession.patch \ + file://0002-transfer-strip-credentials-from-the-auto-referer-hea.patch \ + file://vtls-fix-addsessionid.patch \ + file://vtls-fix-warning.patch \ " SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026" diff --git a/poky/meta/recipes-support/libgcrypt/libgcrypt_1.9.2.bb b/poky/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb index 34735ea5d7..fd3d8e09f2 100644 --- a/poky/meta/recipes-support/libgcrypt/libgcrypt_1.9.2.bb +++ b/poky/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb @@ -14,7 +14,7 @@ LICENSE_dumpsexp-dev = "GPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ file://COPYING.LIB;md5=bbb461211a33b134d42ed5ee802b37ff \ - file://LICENSES;md5=2dae15d91a37cfde72fe9eae75f8ea14 \ + file://LICENSES;md5=42fa35a25e138166cc40588387f9159d \ " DEPENDS = "libgpg-error" @@ -27,7 +27,7 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ file://0004-tests-Makefile.am-fix-undefined-reference-to-pthread.patch \ file://0001-Makefile.am-add-a-missing-space.patch \ " -SRC_URI[sha256sum] = "b2c10d091513b271e47177274607b1ffba3d95b188bbfa8797f948aec9053c5a" +SRC_URI[sha256sum] = "97ebe4f94e2f7e35b752194ce15a0f3c66324e0ff6af26659bbfb5ff2ec328fd" # Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro. CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438" |